From bfbe471814b64f31867ff4c89ba18620277281fe Mon Sep 17 00:00:00 2001 From: Justin Date: Tue, 15 Apr 2014 21:58:57 -0700 Subject: [PATCH 0001/1291] initial commit, first changes --- running-coreos/cloud-providers/vultr/index.md | 81 +++++++++++++++++++ 1 file changed, 81 insertions(+) create mode 100644 running-coreos/cloud-providers/vultr/index.md diff --git a/running-coreos/cloud-providers/vultr/index.md b/running-coreos/cloud-providers/vultr/index.md new file mode 100644 index 000000000..1cc4965ef --- /dev/null +++ b/running-coreos/cloud-providers/vultr/index.md @@ -0,0 +1,81 @@ +--- +layout: docs +title: Vultr VPS Provider +category: running_coreos +sub_category: cloud_provider +weight: 10 +--- + +# Running CoreOS {{site.brightbox-version}} on a Vultr VPS + +CoreOS is currently in heavy development and actively being tested. These +instructions will walk you through running a single CoreOS node. This guide assumes you have an account at [Vultr.com](http://vultr.com). + + +## List Images + +You can find it by listing all images and grepping for CoreOS: + +``` +$ brightbox images list | grep CoreOS + + id owner type created_on status size name + --------------------------------------------------------------------------------------------------------- + {{site.brightbox-id}} brightbox official 2013-12-15 public 5442 CoreOS {{site.brightbox-version}} (x86_64) + ``` + +## Building Servers + +Before building the cluster, we need to generate a unique identifier for it, which is used by CoreOS to discover and identify nodes. + +You can use any random string so we’ll use the `uuid` tool here to generate one: + +``` +$ TOKEN=`uuid` + +$ echo $TOKEN +53cf11d4-3726-11e3-958f-939d4f7f9688 +``` + +Then build three servers using the image, in the server group we created and specifying the token as the user data: + +``` +$ brightbox servers create -i 3 --type small --name "coreos" --user-data $TOKEN --server-groups grp-cdl6h {{site.brightbox-id}} + +Creating 3 small (typ-8fych) servers with image CoreOS {{site.brightbox-version}} ({{ site.brightbox-id }}) in groups grp-cdl6h with 0.05k of user data + + id status type zone created_on image_id cloud_ip_ids name +-------------------------------------------------------------------------------- + srv-ko2sk creating small gb1-a 2013-10-18 {{ site.brightbox-id }} coreos + srv-vynng creating small gb1-a 2013-10-18 {{ site.brightbox-id }} coreos + srv-7tf5d creating small gb1-a 2013-10-18 {{ site.brightbox-id }} coreos +-------------------------------------------------------------------------------- +``` + +## Accessing the Cluster + +Those servers should take just a minute to build and boot. They automatically install your Brightbox Cloud ssh key on bootup, so you can ssh in straight away as the `core` user. + +If you’ve got ipv6 locally, you can ssh in directly: + +``` +$ ssh core@ipv6.srv-n8uak.gb1.brightbox.com +The authenticity of host 'ipv6.srv-n8uak.gb1.brightbox.com (2a02:1348:17c:423d:24:19ff:fef1:8f6)' can't be established. +RSA key fingerprint is 99:a5:13:60:07:5d:ac:eb:4b:f2:cb:c9:b2:ab:d7:21. +Are you sure you want to continue connecting (yes/no)? yes + +Last login: Thu Oct 17 11:42:04 UTC 2013 from srv-4mhaz.gb1.brightbox.com on pts/0 + ______ ____ _____ + / ____/___ ________ / __ \/ ___/ + / / / __ \/ ___/ _ \/ / / /\__ \ +/ /___/ /_/ / / / __/ /_/ /___/ / +\____/\____/_/ \___/\____//____/ +core@srv-n8uak ~ $ +``` + +If you don’t have ipv6, you’ll need to [create and map a Cloud IP](http://brightbox.com/docs/guides/cli/cloud-ips/) first. + +## Using CoreOS + +Now that you have a cluster bootstrapped it is time to play around. +Check out the [CoreOS Quickstart]({{site.url}}/docs/quickstart) guide or dig into [more specific topics]({{site.url}}/docs). From db69f1852a8de3aac6c5cad56dd6553e84656663 Mon Sep 17 00:00:00 2001 From: Justin Date: Tue, 15 Apr 2014 22:08:22 -0700 Subject: [PATCH 0002/1291] further tweaks, need to add specifics still --- running-coreos/cloud-providers/vultr/index.md | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/running-coreos/cloud-providers/vultr/index.md b/running-coreos/cloud-providers/vultr/index.md index 1cc4965ef..750ec6701 100644 --- a/running-coreos/cloud-providers/vultr/index.md +++ b/running-coreos/cloud-providers/vultr/index.md @@ -39,18 +39,6 @@ $ echo $TOKEN Then build three servers using the image, in the server group we created and specifying the token as the user data: -``` -$ brightbox servers create -i 3 --type small --name "coreos" --user-data $TOKEN --server-groups grp-cdl6h {{site.brightbox-id}} - -Creating 3 small (typ-8fych) servers with image CoreOS {{site.brightbox-version}} ({{ site.brightbox-id }}) in groups grp-cdl6h with 0.05k of user data - - id status type zone created_on image_id cloud_ip_ids name --------------------------------------------------------------------------------- - srv-ko2sk creating small gb1-a 2013-10-18 {{ site.brightbox-id }} coreos - srv-vynng creating small gb1-a 2013-10-18 {{ site.brightbox-id }} coreos - srv-7tf5d creating small gb1-a 2013-10-18 {{ site.brightbox-id }} coreos --------------------------------------------------------------------------------- -``` ## Accessing the Cluster From 5c40ea85785a8a285d028b58afbbb9aabcaccafd Mon Sep 17 00:00:00 2001 From: Justin Date: Tue, 15 Apr 2014 22:19:26 -0700 Subject: [PATCH 0003/1291] added links, further tweaks --- running-coreos/cloud-providers/vultr/index.md | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/running-coreos/cloud-providers/vultr/index.md b/running-coreos/cloud-providers/vultr/index.md index 750ec6701..bc1062ccb 100644 --- a/running-coreos/cloud-providers/vultr/index.md +++ b/running-coreos/cloud-providers/vultr/index.md @@ -6,10 +6,9 @@ sub_category: cloud_provider weight: 10 --- -# Running CoreOS {{site.brightbox-version}} on a Vultr VPS +# Running CoreOS on a Vultr VPS -CoreOS is currently in heavy development and actively being tested. These -instructions will walk you through running a single CoreOS node. This guide assumes you have an account at [Vultr.com](http://vultr.com). +CoreOS is currently in heavy development and actively being tested. These instructions will walk you through running a single CoreOS node. This guide assumes you have an account at [Vultr.com](http://vultr.com). ## List Images @@ -39,20 +38,22 @@ $ echo $TOKEN Then build three servers using the image, in the server group we created and specifying the token as the user data: +[Booting CoreOS with iPXE](http://coreos.com/docs/running-coreos/bare-metal/booting-with-ipxe/) +[iPXE using scripts](http://ipxe.org/embed) -## Accessing the Cluster + +## Accessing the VPS Those servers should take just a minute to build and boot. They automatically install your Brightbox Cloud ssh key on bootup, so you can ssh in straight away as the `core` user. -If you’ve got ipv6 locally, you can ssh in directly: ``` -$ ssh core@ipv6.srv-n8uak.gb1.brightbox.com -The authenticity of host 'ipv6.srv-n8uak.gb1.brightbox.com (2a02:1348:17c:423d:24:19ff:fef1:8f6)' can't be established. +$ ssh core@IP_HERE +The authenticity of host 'IP_HERE (2a02:1348:17c:423d:24:19ff:fef1:8f6)' can't be established. RSA key fingerprint is 99:a5:13:60:07:5d:ac:eb:4b:f2:cb:c9:b2:ab:d7:21. Are you sure you want to continue connecting (yes/no)? yes -Last login: Thu Oct 17 11:42:04 UTC 2013 from srv-4mhaz.gb1.brightbox.com on pts/0 +Last login: Thu Oct 17 11:42:04 UTC 2013 from YOUR_IP on pts/0 ______ ____ _____ / ____/___ ________ / __ \/ ___/ / / / __ \/ ___/ _ \/ / / /\__ \ @@ -61,7 +62,6 @@ Last login: Thu Oct 17 11:42:04 UTC 2013 from srv-4mhaz.gb1.brightbox.com on pts core@srv-n8uak ~ $ ``` -If you don’t have ipv6, you’ll need to [create and map a Cloud IP](http://brightbox.com/docs/guides/cli/cloud-ips/) first. ## Using CoreOS From 6baf1dda330b6b14dca063d800cb141679179133 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Tue, 15 Apr 2014 12:09:39 -0700 Subject: [PATCH 0004/1291] feat(debugging): install debugging tools with toolbox --- .../install-debugging-tools/index.md | 64 +++++++++++++++++++ 1 file changed, 64 insertions(+) create mode 100644 cluster-management/debugging/install-debugging-tools/index.md diff --git a/cluster-management/debugging/install-debugging-tools/index.md b/cluster-management/debugging/install-debugging-tools/index.md new file mode 100644 index 000000000..7ed9fb9a1 --- /dev/null +++ b/cluster-management/debugging/install-debugging-tools/index.md @@ -0,0 +1,64 @@ +--- +layout: docs +slug: guides +title: Install Debugging Tools +category: cluster_management +sub_category: debugging +weight: 7 +--- + +# Install Debugging Tools + +You can use common debugging tools like tcpdump or strace with Toolbox. Using the filesystem of a specified docker container Toolbox will launch a container with full system privileges including access to system PIDs, network interfaces and other global information. Inside of the toolbox, the machine's filesystem is mounted to `/media/root`. + +## Quick Debugging + +By default, Toolbox uses the stock Fedora docker container. To start using it, simply run: + +``` +/usr/bin/toolbox +``` + +You're now in the namespace of Fedora and can install any software you'd like via `yum`. For example, if you'd like to use `tcpdump`: + +``` +[root@srv-3qy0p ~]# yum install tcpdump +[root@srv-3qy0p ~]# tcpdump -i ens3 +tcpdump: verbose output suppressed, use -v or -vv for full protocol decode +listening on ens3, link-type EN10MB (Ethernet), capture size 65535 bytes +``` + +### Specify a Custom Docker Image + +Create a `.toolboxrc` in the user's home folder to use a specific docker image: + +``` +$ cat .toolboxrc +TOOLBOX_DOCKER_IMAGE=index.example.com/debug +TOOLBOX_USER=root +$ /usr/bin/toolbox +Pulling repository index.example.com/debug +... +``` + +## SSH Directly Into A Toolbox + +Advanced users can SSH directly into a toolbox by setting up an `/etc/passwd` entry: + +``` +useradd bob -m -p '*' -s /usr/bin/toolbox +``` + +To test, SSH as bob: + +``` +ssh bob@hostname.example.com + + ______ ____ _____ + / ____/___ ________ / __ \/ ___/ + / / / __ \/ ___/ _ \/ / / /\__ \ +/ /___/ /_/ / / / __/ /_/ /___/ / +\____/\____/_/ \___/\____//____/ +[root@srv-3qy0p ~]# yum install emacs +[root@srv-3qy0p ~]# emacs /media/root/etc/systemd/system/docker.service +``` From c2668073f8b40298c61783ecdea90150e80af79f Mon Sep 17 00:00:00 2001 From: Michael Marineau Date: Wed, 16 Apr 2014 10:41:16 -0700 Subject: [PATCH 0005/1291] churn(libvirt): Rename host from dock0 to coreos0 Makes it sound less dockerish which isn't even a part of this tutorial. --- running-coreos/platforms/libvirt/index.md | 32 +++++++++++------------ 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/running-coreos/platforms/libvirt/index.md b/running-coreos/platforms/libvirt/index.md index 4cc5875df..789bc7ce3 100644 --- a/running-coreos/platforms/libvirt/index.md +++ b/running-coreos/platforms/libvirt/index.md @@ -18,23 +18,23 @@ list][coreos-dev]. ## Download the CoreOS image -In this guide, the example virtual machine we are creating is called dock0 and -all files are stored in /usr/src/dock0. This is not a requirement — feel free +In this guide, the example virtual machine we are creating is called coreos0 and +all files are stored in /usr/src/coreos0. This is not a requirement — feel free to substitute that path if you use another one. We start by downloading the most recent disk image: - mkdir -p /usr/src/dock0 - cd /usr/src/dock0 + mkdir -p /usr/src/coreos0 + cd /usr/src/coreos0 wget http://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_qemu_image.img.bz2 bunzip2 coreos_production_qemu_image.img.bz2 ## Virtual machine configuration -Now create /tmp/dock0.xml with the following contents: +Now create /tmp/coreos0.xml with the following contents: - dock0 + coreos0 1048576 1048576 1 @@ -55,13 +55,13 @@ Now create /tmp/dock0.xml with the following contents: /usr/bin/kvm - + - + @@ -93,15 +93,15 @@ You can change any of these parameters later. Now create the metadata directory and import the XML as new VM into your libvirt instance: - mkdir /usr/src/dock0/metadata - virsh create /tmp/dock0.xml + mkdir /usr/src/coreos0/metadata + virsh create /tmp/coreos0.xml ### Network configuration By default, CoreOS uses DHCP to get its network configuration, but in my libvirt setup, I connect the VMs with a bridge to the host's eth0. -Copy the following script to /usr/src/dock0/metadata/run: +Copy the following script to /usr/src/coreos0/metadata/run: #!/bin/bash cat > /run/systemd/network/10-ens3.network < Date: Wed, 16 Apr 2014 10:48:07 -0700 Subject: [PATCH 0006/1291] churn(libvirt): Move image location under /var Using /usr/src for libvirt images isn't standard, use something that is a little bit more typical. --- running-coreos/platforms/libvirt/index.md | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/running-coreos/platforms/libvirt/index.md b/running-coreos/platforms/libvirt/index.md index 789bc7ce3..7579bd3ef 100644 --- a/running-coreos/platforms/libvirt/index.md +++ b/running-coreos/platforms/libvirt/index.md @@ -19,13 +19,13 @@ list][coreos-dev]. ## Download the CoreOS image In this guide, the example virtual machine we are creating is called coreos0 and -all files are stored in /usr/src/coreos0. This is not a requirement — feel free +all files are stored in /var/lib/libvirt/images/coreos0. This is not a requirement — feel free to substitute that path if you use another one. We start by downloading the most recent disk image: - mkdir -p /usr/src/coreos0 - cd /usr/src/coreos0 + mkdir -p /var/lib/libvirt/images/coreos0 + cd /var/lib/libvirt/images/coreos0 wget http://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_qemu_image.img.bz2 bunzip2 coreos_production_qemu_image.img.bz2 @@ -55,13 +55,13 @@ Now create /tmp/coreos0.xml with the following contents: /usr/bin/kvm - + - + @@ -93,7 +93,7 @@ You can change any of these parameters later. Now create the metadata directory and import the XML as new VM into your libvirt instance: - mkdir /usr/src/coreos0/metadata + mkdir /var/lib/libvirt/images/coreos0/metadata virsh create /tmp/coreos0.xml ### Network configuration @@ -101,7 +101,7 @@ Now create the metadata directory and import the XML as new VM into your libvirt By default, CoreOS uses DHCP to get its network configuration, but in my libvirt setup, I connect the VMs with a bridge to the host's eth0. -Copy the following script to /usr/src/coreos0/metadata/run: +Copy the following script to /var/lib/libvirt/images/coreos0/metadata/run: #!/bin/bash cat > /run/systemd/network/10-ens3.network < Date: Wed, 16 Apr 2014 10:56:33 -0700 Subject: [PATCH 0007/1291] fix(libvirt): Update config for modern qemu times. These days 'qemu-kvm' is preferred over 'kvm' and don't bother locking the VM to the old 0.15 hardware definition. --- running-coreos/platforms/libvirt/index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/running-coreos/platforms/libvirt/index.md b/running-coreos/platforms/libvirt/index.md index 7579bd3ef..93954d797 100644 --- a/running-coreos/platforms/libvirt/index.md +++ b/running-coreos/platforms/libvirt/index.md @@ -39,7 +39,7 @@ Now create /tmp/coreos0.xml with the following contents: 1048576 1 - hvm + hvm @@ -52,7 +52,7 @@ Now create /tmp/coreos0.xml with the following contents: restart restart - /usr/bin/kvm + /usr/bin/qemu-kvm From f42029ff7e68bebc627dc3f0578413aa3eb514e0 Mon Sep 17 00:00:00 2001 From: Michael Marineau Date: Wed, 16 Apr 2014 11:20:29 -0700 Subject: [PATCH 0008/1291] feat(libvirt): Rework documentation around using config drive. --- running-coreos/platforms/libvirt/index.md | 63 +++++++++++++---------- 1 file changed, 36 insertions(+), 27 deletions(-) diff --git a/running-coreos/platforms/libvirt/index.md b/running-coreos/platforms/libvirt/index.md index 93954d797..30e2485ac 100644 --- a/running-coreos/platforms/libvirt/index.md +++ b/running-coreos/platforms/libvirt/index.md @@ -61,7 +61,7 @@ Now create /tmp/coreos0.xml with the following contents: - + @@ -91,43 +91,53 @@ Now create /tmp/coreos0.xml with the following contents: You can change any of these parameters later. -Now create the metadata directory and import the XML as new VM into your libvirt instance: +### Config drive - mkdir /var/lib/libvirt/images/coreos0/metadata - virsh create /tmp/coreos0.xml +Now create a config drive file system to configure CoreOS itself: -### Network configuration + mkdir -p /var/lib/libvirt/images/coreos0/configdrive/openstack/latest + touch /var/lib/libvirt/images/coreos0/configdrive/openstack/latest/user_data -By default, CoreOS uses DHCP to get its network configuration, but in my -libvirt setup, I connect the VMs with a bridge to the host's eth0. +The `user_data` file may contain a script for a [cloud config][cloud-config] +file. We recommend using ssh keys to log into the VM so at a minimum the +contents of `user_data` should look something like this: -Copy the following script to /var/lib/libvirt/images/coreos0/metadata/run: + #config-drive - #!/bin/bash - cat > /run/systemd/network/10-ens3.network < Date: Wed, 16 Apr 2014 11:34:49 -0700 Subject: [PATCH 0009/1291] fix(libvirt): Add missing links --- running-coreos/platforms/libvirt/index.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/running-coreos/platforms/libvirt/index.md b/running-coreos/platforms/libvirt/index.md index 30e2485ac..61be79eb2 100644 --- a/running-coreos/platforms/libvirt/index.md +++ b/running-coreos/platforms/libvirt/index.md @@ -107,6 +107,8 @@ contents of `user_data` should look something like this: ssh_authorized_keys: - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGdByTgSVHq....... +[cloud-config]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config + ### Network configuration By default, CoreOS uses DHCP to get its network configuration. In this @@ -132,6 +134,8 @@ add a [networkd unit][systemd-network] to `user_data`: Gateway=203.0.113.1 DNS=8.8.8.8 +[systemd-network]: http://www.freedesktop.org/software/systemd/man/systemd.network.html + ## Virtual machine startup From 04456759cee30d051a85590abd368ccdb6300788 Mon Sep 17 00:00:00 2001 From: Michael Marineau Date: Wed, 16 Apr 2014 11:42:02 -0700 Subject: [PATCH 0010/1291] feat(openstack): Add note on using config drive. --- running-coreos/platforms/openstack/index.md | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/running-coreos/platforms/openstack/index.md b/running-coreos/platforms/openstack/index.md index a5f08bf23..ec1301d30 100644 --- a/running-coreos/platforms/openstack/index.md +++ b/running-coreos/platforms/openstack/index.md @@ -49,7 +49,12 @@ $ glance image-create --name CoreOS \ ## Cloud-Config -CoreOS allows you to configure machine parameters, launch systemd units on startup and more via cloud-config. Jump over to the [docs to learn about the supported features]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config). We're going to provide our cloud-config to Openstack via the user-data flag. Our cloud-config will also contain SSH keys that will be used to connect to the instance. In order for this to work your OpenStack cloud provider must be running the OpenStack metadata service. +CoreOS allows you to configure machine parameters, launch systemd units on startup and more via cloud-config. Jump over to the [docs to learn about the supported features][cloud-config]. +We're going to provide our cloud-config to Openstack via the user-data flag. Our cloud-config will also contain SSH keys that will be used to connect to the instance. +In order for this to work your OpenStack cloud provider must support [config drive][config-drive] or the OpenStack metadata service. + +[cloud-config]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config +[config-drive]: http://docs.openstack.org/user-guide/content/config-drive.html The most common cloud-config for Openstack looks like: @@ -87,6 +92,8 @@ nova boot \ --security-groups default coreos ``` +To use config drive you may need to add `--config-drive=true` to command above. + Your first CoreOS cluster should now be running. The only thing left to do is find an IP and SSH in. From c0d9fbb03114f365e895a61f45b362e2b2efc525 Mon Sep 17 00:00:00 2001 From: Justin Paine Date: Wed, 16 Apr 2014 16:09:19 -0700 Subject: [PATCH 0011/1291] still need to proof read --- running-coreos/cloud-providers/vultr/index.md | 49 ++++++++++++------- 1 file changed, 30 insertions(+), 19 deletions(-) diff --git a/running-coreos/cloud-providers/vultr/index.md b/running-coreos/cloud-providers/vultr/index.md index bc1062ccb..875657059 100644 --- a/running-coreos/cloud-providers/vultr/index.md +++ b/running-coreos/cloud-providers/vultr/index.md @@ -8,43 +8,54 @@ weight: 10 # Running CoreOS on a Vultr VPS -CoreOS is currently in heavy development and actively being tested. These instructions will walk you through running a single CoreOS node. This guide assumes you have an account at [Vultr.com](http://vultr.com). +CoreOS is currently in heavy development and actively being tested. These instructions will walk you through running a single CoreOS node. This guide assumes you have an account at [Vultr.com](http://vultr.com). This also assumes you have a public + private key combination generated. Here's a helpful guide if you need to generate these keys: [How to set up SSH keys](https://www.digitalocean.com/community/articles/how-to-set-up-ssh-keys--2). -## List Images +## Create the VPS -You can find it by listing all images and grepping for CoreOS: +Create a new VPS (any location, any size of your choice), and then for the "Operating System" selection make sure to select "Custom". Click "Place Order". Once you receive the welcome email the VPS will be ready to use (typically 2-3 minutes at most). +## Create the script + +The simplest option to boot up CoreOS as quickly as possible is to load script that contains the series of commands you'd otherwise need to manually type at the command line. This script needs to be publicly accessible (host is on your server for example). + +A sample script will look like this : + +``` +#!ipxe +set coreos-version dev-channel +set base-url http://storage.core-os.net/coreos/amd64-generic/${coreos-version} +kernel ${base-url}/coreos_production_pxe.vmlinuz root=squashfs: state=tmpfs: sshkey="YOUR_PUBLIC_KEY_HERE" +initrd ${base-url}/coreos_production_pxe_image.cpio.gz +boot ``` -$ brightbox images list | grep CoreOS +Make sure to replace `YOUR_PUBLIC_KEY_HERE` with your actual public key. - id owner type created_on status size name - --------------------------------------------------------------------------------------------------------- - {{site.brightbox-id}} brightbox official 2013-12-15 public 5442 CoreOS {{site.brightbox-version}} (x86_64) - ``` +Additional reading can be found at [Booting CoreOS with iPXE](http://coreos.com/docs/running-coreos/bare-metal/booting-with-ipxe/) and [Embedded scripts for iPXE](http://ipxe.org/embed). -## Building Servers +## Getting CoreOS running -Before building the cluster, we need to generate a unique identifier for it, which is used by CoreOS to discover and identify nodes. +Once you received the email indicating the VPS was ready, click "Manage" for that VPS. Under "Server Actions" Click on "View Console" which will open a new window, and show the iPXE command line prompt. -You can use any random string so we’ll use the `uuid` tool here to generate one: +Type the following commands: ``` -$ TOKEN=`uuid` - -$ echo $TOKEN -53cf11d4-3726-11e3-958f-939d4f7f9688 +iPXE> dhcp ``` +The output should end with "OK". -Then build three servers using the image, in the server group we created and specifying the token as the user data: +then type: -[Booting CoreOS with iPXE](http://coreos.com/docs/running-coreos/bare-metal/booting-with-ipxe/) -[iPXE using scripts](http://ipxe.org/embed) +``` +iPXE> chain http://PATH_TO_YOUR_SCRIPT/script.txt +``` +Make sure to update ```PATH_TO_YOUR_SCRIPT``` with your correct path to script you created earlier. +You'll see several lines fly past on the consoles the kernel is loaded, and then the initrd is loaded. CoreOS will automatically then boot up, and you'll end up at a login prompt. ## Accessing the VPS -Those servers should take just a minute to build and boot. They automatically install your Brightbox Cloud ssh key on bootup, so you can ssh in straight away as the `core` user. +You can now login to CoreOS, assuming the associated private key is in place on your local computer you'll immediately be logged in. You may need to specify the specific location using ```-i LOCATION```. If you need additional details on how to specify the location of your private key file see [here](http://www.cyberciti.biz/faq/force-ssh-client-to-use-given-private-key-identity-file/). ``` From e0ea8c663e42cd741252ab8ccf187e9be9081ed7 Mon Sep 17 00:00:00 2001 From: Justin Paine Date: Wed, 16 Apr 2014 16:36:10 -0700 Subject: [PATCH 0012/1291] Update index.md several wording changes. --- running-coreos/cloud-providers/vultr/index.md | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/running-coreos/cloud-providers/vultr/index.md b/running-coreos/cloud-providers/vultr/index.md index 875657059..b819539e5 100644 --- a/running-coreos/cloud-providers/vultr/index.md +++ b/running-coreos/cloud-providers/vultr/index.md @@ -13,11 +13,11 @@ CoreOS is currently in heavy development and actively being tested. These instr ## Create the VPS -Create a new VPS (any location, any size of your choice), and then for the "Operating System" selection make sure to select "Custom". Click "Place Order". Once you receive the welcome email the VPS will be ready to use (typically 2-3 minutes at most). +Create a new VPS (any location and any size of your choice), and then for the "Operating System" value select "Custom". Click "Place Order". Once you receive the welcome email the VPS will be ready to use (typically less than 2-3 minutes). ## Create the script -The simplest option to boot up CoreOS as quickly as possible is to load script that contains the series of commands you'd otherwise need to manually type at the command line. This script needs to be publicly accessible (host is on your server for example). +The simplest option to boot up CoreOS is to load a script that contains the series of commands you'd otherwise need to manually type at the command line. This script needs to be publicly accessible (host it on your own server -- http://example.com/script.txt for example). Save this script as a text file (.txt extension). A sample script will look like this : @@ -29,13 +29,13 @@ kernel ${base-url}/coreos_production_pxe.vmlinuz root=squashfs: state=tmpfs: ssh initrd ${base-url}/coreos_production_pxe_image.cpio.gz boot ``` -Make sure to replace `YOUR_PUBLIC_KEY_HERE` with your actual public key. +Make sure to replace `YOUR_PUBLIC_KEY_HERE` with your actual public key, it will begin with "ssh-rsa...". Additional reading can be found at [Booting CoreOS with iPXE](http://coreos.com/docs/running-coreos/bare-metal/booting-with-ipxe/) and [Embedded scripts for iPXE](http://ipxe.org/embed). ## Getting CoreOS running -Once you received the email indicating the VPS was ready, click "Manage" for that VPS. Under "Server Actions" Click on "View Console" which will open a new window, and show the iPXE command line prompt. +Once you have received the email indicating the VPS is ready, click "Manage" for that VPS in your Vultr account area. Under "Server Actions" Click on "View Console" which will open a new window, and show the iPXE command prompt. Type the following commands: @@ -47,16 +47,18 @@ The output should end with "OK". then type: ``` -iPXE> chain http://PATH_TO_YOUR_SCRIPT/script.txt +iPXE> chain http://PATH_TO_YOUR_SCRIPT ``` -Make sure to update ```PATH_TO_YOUR_SCRIPT``` with your correct path to script you created earlier. +Make sure to update ```PATH_TO_YOUR_SCRIPT``` with your correct path to script you created earlier. For example, ```http://example.com/script.txt``` -You'll see several lines fly past on the consoles the kernel is loaded, and then the initrd is loaded. CoreOS will automatically then boot up, and you'll end up at a login prompt. +You'll see several lines scroll past on the console as the kernel is loaded, and then the initrd is loaded. CoreOS will automatically then boot up, and you'll end up at a login prompt. ## Accessing the VPS You can now login to CoreOS, assuming the associated private key is in place on your local computer you'll immediately be logged in. You may need to specify the specific location using ```-i LOCATION```. If you need additional details on how to specify the location of your private key file see [here](http://www.cyberciti.biz/faq/force-ssh-client-to-use-given-private-key-identity-file/). +SSH to the IP of your VPS, and specify the "core" user specifically: ```ssh core@IP_HERE``` + ``` $ ssh core@IP_HERE From 0e8ad7d6d22d963c4953ef4f434c19f7892bb248 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Wed, 16 Apr 2014 16:09:38 -0700 Subject: [PATCH 0013/1291] feat(adding-users): guide for adding users --- .../setup/adding-users/index.md | 57 +++++++++++++++++++ 1 file changed, 57 insertions(+) create mode 100644 cluster-management/setup/adding-users/index.md diff --git a/cluster-management/setup/adding-users/index.md b/cluster-management/setup/adding-users/index.md new file mode 100644 index 000000000..9db207860 --- /dev/null +++ b/cluster-management/setup/adding-users/index.md @@ -0,0 +1,57 @@ +--- +layout: docs +title: Adding Users +category: cluster_management +sub_category: setting_up +weight: 7 +--- + +# Adding Users + +You can create user accounts on a CoreOS machine manually with `useradd` or via cloud-config when the machine is created. + +## Add Users via Cloud-Config + +Managing users via cloud-config is preferred because it allows you to use the same configuration across many servers and the cloud-config file can be stored in a repo and versioned. In your cloud-config, you can specify many [different parameters]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/#users) for each user. Here's an example: + +``` +#cloud-config + +users: + - name: elroy + passwd: $6$5s2u6/jR$un0AvWnqilcgaNB3Mkxd5yYv6mTlWfOoCYHZmfi3LDKVltj.E8XNKEcwWm... + groups: + - sudo + - docker + ssh-authorized-keys: + - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC0g+ZTxC7weoIJLUafOgrm+h... +``` + +Check out the entire [Customize with Cloud-Config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/) guide for the full details. + +## Add User Manually + +If you'd like to add a user manually, SSH to the machine and use the `useradd` toll. To create the user `user`, run: + +``` +sudo useradd -p "*" -U -m user1 -G sudo +``` + +The `"*"` creates a user that cannot login with a password but can log in via SSH key. `-U` creates a group for the user, `-G` adds the user to the existing `sudo` group and `-m` creates a home directory. If you'd like to add a password for the user, run: + +``` +$ sudo passwd user1 +New password: +Re-enter new password: +passwd: password changed. +``` + +To assign an SSH key, run: + +``` +update-ssh-keys -u user1 user1.pem +``` + +## Further Reading + +Read the [full cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/) guide to install users and more. \ No newline at end of file From 0d307835fde4da22c1ed3a35ce0224efd342e910 Mon Sep 17 00:00:00 2001 From: Michael Marineau Date: Wed, 16 Apr 2014 18:16:07 -0700 Subject: [PATCH 0014/1291] fix(notes-for-distributors): Complete doc on checking images. Document the preferred name for .DIGESTS.asc files and how to use the file with sha512sum to verify the disk images. --- .../distributors/notes-for-distributors/index.md | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/sdk-distributors/distributors/notes-for-distributors/index.md b/sdk-distributors/distributors/notes-for-distributors/index.md index 61a117b3f..443a9f90c 100644 --- a/sdk-distributors/distributors/notes-for-distributors/index.md +++ b/sdk-distributors/distributors/notes-for-distributors/index.md @@ -14,7 +14,12 @@ Images of CoreOS are hosted at `http://storage.core-os.net/coreos/amd64-usr/`. A If you are importing images for use inside of your environment it is recommended that you import from a URL in the following format `http://storage.core-os.net/coreos/amd64-usr/${CHANNEL}/`. For example to grab the alpha OpenStack version of CoreOS you can import `http://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_openstack_image.img.bz2`. There is a `version.txt` file in this directory which you can use to label the image with a version number as well. -It is recommended that you also verify files using the [CoreOS Image Signing Key][signing-key]. The digests are simply the image URL with `.DIGESTS.asc` appended to it. You can verify the digest with `gpg --verify` after importing the signing key. +It is recommended that you also verify files using the [CoreOS Image Signing Key][signing-key]. The digests are simply the image URL, replacing `_image.img.bz2` with `.DIGESTS.asc`. You can verify the digest with `gpg --verify` after importing the signing key. Then the image itself can be verified based on one of the hashes in `.DIGESTS.asc`. For example: + + wget http://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_openstack_image.img.bz2 + wget http://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_openstack.DIGESTS.asc + gpg --verify coreos_production_openstack.DIGESTS.asc + sha512sum -c coreos_production_openstack.DIGESTS.asc [signing-key]: {{site.url}}/security/image-signing-key From 02e5c456810c409e498756ce864f28626c22ba35 Mon Sep 17 00:00:00 2001 From: Justin Paine Date: Thu, 17 Apr 2014 15:04:49 -0700 Subject: [PATCH 0015/1291] added screenshot, clarify example path for script --- running-coreos/cloud-providers/vultr/index.md | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/running-coreos/cloud-providers/vultr/index.md b/running-coreos/cloud-providers/vultr/index.md index b819539e5..df1078501 100644 --- a/running-coreos/cloud-providers/vultr/index.md +++ b/running-coreos/cloud-providers/vultr/index.md @@ -8,16 +8,23 @@ weight: 10 # Running CoreOS on a Vultr VPS -CoreOS is currently in heavy development and actively being tested. These instructions will walk you through running a single CoreOS node. This guide assumes you have an account at [Vultr.com](http://vultr.com). This also assumes you have a public + private key combination generated. Here's a helpful guide if you need to generate these keys: [How to set up SSH keys](https://www.digitalocean.com/community/articles/how-to-set-up-ssh-keys--2). +CoreOS is currently in heavy development and actively being tested. These instructions will walk you through running a single CoreOS node. This guide assumes: +* You have an account at [Vultr.com](http://vultr.com). +* The location of your iPXE script (referenced later in the guide) is located at ```http://example.com/script.txt``` +* You have a public + private key combination generated. Here's a helpful guide if you need to generate these keys: [How to set up SSH keys](https://www.digitalocean.com/community/articles/how-to-set-up-ssh-keys--2). ## Create the VPS -Create a new VPS (any location and any size of your choice), and then for the "Operating System" value select "Custom". Click "Place Order". Once you receive the welcome email the VPS will be ready to use (typically less than 2-3 minutes). +Create a new VPS (any server type and location of your choice), and then for the "Operating System" select "Custom". Click "Place Order". + +![Any location, any size, custom OS, place order](https://s3.amazonaws.com/f.cl.ly/items/0H0l1w3u0f1F2n203d0I/Screen%20Shot%202014-04-17%20at%202.52.27%20PM.png) + +Once you receive the welcome email the VPS will be ready to use (typically less than 2-3 minutes). ## Create the script -The simplest option to boot up CoreOS is to load a script that contains the series of commands you'd otherwise need to manually type at the command line. This script needs to be publicly accessible (host it on your own server -- http://example.com/script.txt for example). Save this script as a text file (.txt extension). +The simplest option to boot up CoreOS is to load a script that contains the series of commands you'd otherwise need to manually type at the command line. This script needs to be publicly accessible (host this file on your own server). Save this script as a text file (.txt extension). A sample script will look like this : @@ -47,9 +54,8 @@ The output should end with "OK". then type: ``` -iPXE> chain http://PATH_TO_YOUR_SCRIPT +iPXE> chain http://example.com/script.txt ``` -Make sure to update ```PATH_TO_YOUR_SCRIPT``` with your correct path to script you created earlier. For example, ```http://example.com/script.txt``` You'll see several lines scroll past on the console as the kernel is loaded, and then the initrd is loaded. CoreOS will automatically then boot up, and you'll end up at a login prompt. From 2700f7ac91799968f5eeb210e5d3a35cbf4eba4b Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 17 Apr 2014 15:06:04 -0700 Subject: [PATCH 0016/1291] fix(*): remove out of date banners --- .../debugging/prevent-reboot-after-update/index.md | 6 +----- cluster-management/scaling/adding-disk-space/index.md | 6 +----- .../launching/getting-started-with-systemd/index.md | 4 ---- quickstart/index.md | 4 ---- 4 files changed, 2 insertions(+), 18 deletions(-) diff --git a/cluster-management/debugging/prevent-reboot-after-update/index.md b/cluster-management/debugging/prevent-reboot-after-update/index.md index 588c24069..5753bb749 100644 --- a/cluster-management/debugging/prevent-reboot-after-update/index.md +++ b/cluster-management/debugging/prevent-reboot-after-update/index.md @@ -7,10 +7,6 @@ sub_category: debugging weight: 8 --- -
-These instructions have been updated for our new images. -
- # Prevent Reboot After Update This is a temporary workaround to disable auto updates. As we move out of the alpha there will be a nicer method. @@ -58,4 +54,4 @@ sudo systemctl unmask update-engine-reboot-manager.service sudo systemctl start update-engine-reboot-manager.service ``` -Have fun! \ No newline at end of file +Have fun! diff --git a/cluster-management/scaling/adding-disk-space/index.md b/cluster-management/scaling/adding-disk-space/index.md index 0e9af1be3..2f146bd34 100644 --- a/cluster-management/scaling/adding-disk-space/index.md +++ b/cluster-management/scaling/adding-disk-space/index.md @@ -7,10 +7,6 @@ sub_category: scaling weight: 5 --- -
-These instructions have been updated for our new images. -
- # Adding Disk Space to Your CoreOS Machine On a CoreOS machine, the operating system itself is mounted as a read-only partition at `/usr`. The root partition provides read-write storage by default and on a fresh install is mostly blank. The default size of this partition depends on the platform but it is usually between 3GB and 16GB. If more space is required simply extend the virtual machine's disk image and CoreOS will fix the partition table and resize the root partition to fill the disk on the next boot. @@ -65,4 +61,4 @@ image to a VDI image and configuring a new virtual machine with it: ``` VBoxManage clonehd old.vmdk new.vdi --format VDI VBoxManage modifyhd new.vdi --resize 20480 -``` \ No newline at end of file +``` diff --git a/launching-containers/launching/getting-started-with-systemd/index.md b/launching-containers/launching/getting-started-with-systemd/index.md index ab50eb865..2c41247ab 100644 --- a/launching-containers/launching/getting-started-with-systemd/index.md +++ b/launching-containers/launching/getting-started-with-systemd/index.md @@ -7,10 +7,6 @@ sub_category: launching weight: 5 --- -
-These instructions have been updated for our new images. -
- # Getting Started with systemd systemd is an init system that provides many powerful features for starting, stopping and managing processes. Within the CoreOS world, you will almost exclusively use systemd to manage the lifecycle of your Docker containers. diff --git a/quickstart/index.md b/quickstart/index.md index 89364e890..6ca69168c 100644 --- a/quickstart/index.md +++ b/quickstart/index.md @@ -4,10 +4,6 @@ title: CoreOS Quick Start #redirect handled in alias_generator.rb --- -
-These instructions have been updated for our new images. -
- # Quick Start If you don't have a CoreOS machine running, check out the guides on running CoreOS on [Vagrant][vagrant-guide], [Amazon EC2][ec2-guide], [QEMU/KVM][qemu-guide], [VMware][vmware-guide] and [OpenStack][openstack-guide]. With either of these guides you will have a machine up and running in a few minutes. From 91b52aa87e9577879dd17f3dd1f53aa04f44f4ef Mon Sep 17 00:00:00 2001 From: Michael Marineau Date: Thu, 17 Apr 2014 18:29:58 -0700 Subject: [PATCH 0017/1291] fix(bare-metal): First pass at updating PXE and install instructions. Beyond the basic updates to the new images a few changes include: - Removed PXE instructions from the install-to-disk instructions. - Removed instructions to email Carly. - Document using cloud config with coreos-install. --- .../bare-metal/booting-with-pxe/index.md | 62 +++++++++------- .../bare-metal/installing-to-disk/index.md | 71 ++++++------------- 2 files changed, 58 insertions(+), 75 deletions(-) diff --git a/running-coreos/bare-metal/booting-with-pxe/index.md b/running-coreos/bare-metal/booting-with-pxe/index.md index e4a35f6ae..abfb88949 100644 --- a/running-coreos/bare-metal/booting-with-pxe/index.md +++ b/running-coreos/bare-metal/booting-with-pxe/index.md @@ -23,11 +23,14 @@ If you need suggestions on how to set a server up, check out guides for [Debian] ### Setting up pxelinux.cfg -When configuring the CoreOS pxelinux.cfg entry there are are three important kernel parameters: +When configuring the CoreOS pxelinux.cfg there are a few kernel options that may be useful but all are optional: -- **root=squashfs:**: tells CoreOS to run out of the squashfs root provided in the PXE initrd -- **state=tmpfs:**: tells CoreOS to put all state into a tmpfs filesystem instead of searching for a disk labeled "STATE" -- **sshkey**: the given SSH public key will be added to the `core` user's authorized_keys file. Replace the example key below with your own (it is usually in `~/.ssh/id_rsa.pub`) +- **rootfstype=tmpfs**: Use tmpfs for the writable root filesystem. This is the default behavior. +- **rootfstype=btrfs**: Use btrfs in ram for the writable root filesystem. Use this option if you want to use docker without any further configuration. *Experimental* +- **root**: Use a local filesystem for root instead of one of two in-ram options above. The filesystem must be formatted in advance but may be completely blank, it will be initialized on boot. The filesystem may be specified by any of the usual ways including device, label, or UUID; e.g: `root=/dev/sda1`, `root=LABEL=ROOT` or `root=UUID=2c618316-d17a-4688-b43b-aa19d97ea821`. +- **sshkey**: Add the given SSH public key to the `core` user's authorized_keys file. Replace the example key below with your own (it is usually in `~/.ssh/id_rsa.pub`) +- **console**: Enable kernel output and a login prompt on a given tty. The default, `tty0`, generally maps to VGA. Can be used multiple times, e.g. `console=tty0 console=ttyS0` +- **coreos.autologin**: Drop directly to a shell on a given console without prompting for a password. Useful for troubleshooting but use with caution. For any console that doesn't normally get a login prompt by default be sure to combine with the `console` option, e.g. `console=ttyS0 coreos.autologin=ttyS0`. Without any argument it enables access on all consoles. *Experimental* This is an example pxelinux.cfg file that assumes CoreOS is the only option. You should be able to copy this verbatim into `/var/lib/tftpboot/pxelinux.cfg/default` after putting in your own SSH key. @@ -42,26 +45,26 @@ display boot.msg label coreos menu default kernel coreos_production_pxe.vmlinuz - append initrd=coreos_production_pxe_image.cpio.gz root=squashfs: state=tmpfs: sshkey="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAYQC2PxAKTLdczK9+RNsGGPsz0eC2pBlydBEcrbI7LSfiN7Bo5hQQVjki+Xpnp8EEYKpzu6eakL8MJj3E28wT/vNklT1KyMZrXnVhtsmOtBKKG/++odpaavdW2/AU0l7RZiE= coreos pxe demo" + append initrd=coreos_production_pxe_image.cpio.gz sshkey="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAYQC2PxAKTLdczK9+RNsGGPsz0eC2pBlydBEcrbI7LSfiN7Bo5hQQVjki+Xpnp8EEYKpzu6eakL8MJj3E28wT/vNklT1KyMZrXnVhtsmOtBKKG/++odpaavdW2/AU0l7RZiE= coreos pxe demo" ``` -**Other Arguments** - -- **console**: If you need a login prompt to show up on another tty besides the default append a list of console arguments e.g. `console=tty0 console=ttyS0` - ### Download the files In the config above you can see that a Kernel image and a initramfs file is needed. -Download these two files into your tftp root: +Download these two files into your tftp root. +The extra `coreos_production_pxe.DIGESTS.asc` file can be used to [verify the others][verify-notes]. ``` cd /var/lib/tftpboot -wget http://storage.core-os.net/coreos/amd64-generic/dev-channel/coreos_production_pxe.vmlinuz -wget http://storage.core-os.net/coreos/amd64-generic/dev-channel/coreos_production_pxe_image.cpio.gz +wget http://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_pxe.vmlinuz +wget http://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_pxe_image.cpio.gz +wget http://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_pxe.DIGESTS.asc ``` PXE booted machines cannot currently update themselves. -To update to the latest version of CoreOS download these two files again and reboot. +To update to the latest version of CoreOS download/verify these files again and reboot. + +[verify-notes]: {{site.url}}/docs/sdk-distributors/distributors/notes-for-distributors/#importing-images ## Booting the Box @@ -73,9 +76,7 @@ If something goes wrong you can direct questions to the [IRC channel][irc] or [m This is localhost.unknown_domain (Linux x86_64 3.10.10+) 19:53:36 SSH host key: 24:2e:f1:3f:5f:9c:63:e5:8c:17:47:32:f4:09:5d:78 (RSA) SSH host key: ed:84:4d:05:e3:7d:e3:d0:b9:58:90:58:3b:99:3a:4c (DSA) -docker0: 172.17.42.1 fe80::e89f:b5ff:fece:979f -lo: 127.0.0.1 ::1 -eth0: 10.0.2.15 fe80::5054:ff:fe12:3456 +ens0: 10.0.2.15 fe80::5054:ff:fe12:3456 localhost login: ``` @@ -91,19 +92,31 @@ ssh core@10.0.2.15 ## Update Process -Since our upgrade process requires a disk, this image does not have the option to update itself. Instead, the box simply needs to be rebooted and will be running the latest verison, assuming that the image served by the PXE server is regularly updated. +Since our upgrade process requires a disk, this image does not have the option to update itself. Instead, the box simply needs to be rebooted and will be running the latest version, assuming that the image served by the PXE server is regularly updated. ## Installation -CoreOS can be completely installed on disk or run from RAM but store user data on disk. Read more in our [Installing CoreOS guide](/docs/running-coreos/bare-metal/installing-to-disk). +Once booted it is possible to [install CoreOS on a local disk][install-to-disk] or to just use local storage for the writable root filesystem while continuing to boot CoreOS itself via PXE. +If you plan on using Docker we recommend using a local btrfs filesystem but ext4 is also available if supporting Docker is not required. +For example, to setup a btrfs root filesystem on `/dev/sda`: + +``` +cfdisk -z /dev/sda +touch "/usr.squashfs (deleted)" # work around a bug in mkfs.btrfs 3.12 +mkfs.btrfs -L ROOT /dev/sda1 +``` + +And add `root=/dev/sda1` or `root=LABEL=ROOT` to the kernel options as documented above. + +[install-to-disk]: {{site.url}}/docs/running-coreos/bare-metal/installing-to-disk ## Adding a Custom OEM -CoreOS has an [OEM partition][oem] that is used to setup networking, SSH keys, etc on boot. -If you have site specific customizations you need to make the PXE image this is the perfect place to make it. -Simply create a `./usr/share/oem/` directory as described on the [OEM page][oem] and append it to the CPIO: +Similar to the [OEM partition][oem] in CoreOS disk images, PXE images can be customized with a [cloud config][cloud-config] bundled in the initramfs. Simply create a `./usr/share/oem/` directory containing `cloud-config.yml` and append it to the cpio: ``` +mkdir -p usr/share/oem +cp cloud-config.yml ./usr/share/oem gzip -d coreos_production_pxe_image.cpio.gz find usr | cpio -o -A -H newc -O coreos_production_pxe_image.cpio gzip coreos_production_pxe_image.cpio @@ -114,14 +127,15 @@ Confirm the archive looks correct and has your `run` file inside of it: ``` gzip -dc coreos_production_pxe_image.cpio.gz | cpio -it ./ -newroot.squashfs +usr.squashfs usr usr/share usr/share/oem -usr/share/oem/run +usr/share/oem/cloud-config.yml ``` -[oem]: {{site.url}}/docs/oem/ +[oem]: {{site.url}}/docs/sdk-distributors/distributors/notes-for-distributors/#image-customization +[cloud-config]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/ ## Using CoreOS diff --git a/running-coreos/bare-metal/installing-to-disk/index.md b/running-coreos/bare-metal/installing-to-disk/index.md index af3fc7a83..fdf4fbf28 100644 --- a/running-coreos/bare-metal/installing-to-disk/index.md +++ b/running-coreos/bare-metal/installing-to-disk/index.md @@ -9,14 +9,9 @@ weight: 7 # Installing CoreOS to Disk -There are two options for installation on bare metal: +## Install Script -- Use the installer and put a full CoreOS installation on disk -- Set up a STATE partition and only store user data on disk and run CoreOS from RAM - -### Full Installation - -There is a simple installer that will destroy everything on the given target disk. +There is a simple installer that will destroy everything on the given target disk and install CoreOS. Essentially it downloads an image, verifies it with gpg and then copies it bit for bit to disk. The script is self-contained and located [on Github here](https://raw.github.com/coreos/init/master/bin/coreos-install "coreos-install"). @@ -26,69 +21,43 @@ It is already installed if you are booting CoreOS via PXE but you can also use i coreos-install -d /dev/sda ``` -You most likely will want to take your ssh authorized key files over to this new install too. +When running on CoreOS the install script will attempt to install the same version. If you want to ensure you are installing the latest available version use the `-V` option: ``` -mount -o subvol=root /dev/sda9 /mnt/ -cp -Ra ~core/.ssh /mnt/home/core/ +coreos-install -d /dev/sda -V alpha ``` -### STATE Only Installation - -If you want to run CoreOS out of RAM but keep your containers and state on disk you will need to setup a STATE partition. -For now this is a manual process. +## Cloud Config -First, add a single partition to your disk: +By default there isn't a password or any other way to log into a fresh CoreOS system. +The easiest way to configure accounts, add systemd units, and more is via cloud config. +Jump over to the [docs to learn about the supported features][cloud-config]. +As an example this will install a ssh key for the default `core` user: ``` -parted -a optimal /dev/sda -mklabel gpt -mkpart primary 1 100% +#cloud-config + +ssh_authorized_keys: + - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC0g+ZTxC7weoIJLUafOgrm+h... ``` -Next, format the disk and set the label: +Pass this file to `coreos-install` via the `-c` option. +It will be installed to `/var/lib/coreos-install/user_data` and evaluated on every boot. ``` -mkfs.ext4 /dev/sda1 -e2label /dev/sda1 STATE +coreos-install -d /dev/sda -c ~/config ``` -Now you can remove the `state=tmpfs:` line from the PXE parameters and the next time you start the machine it will search for the disk and use it. - -## Hardware Support - -We are still working on the full set of hardware that we will be supporting. -We have most of the common hardware working. -If you run into issues ping on us #coreos or email [Carly][carly-email]. +[cloud-config]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config -[carly-email]: mailto:carly.stoughton+pxehardware@coreos.com +## Manual Tweaks -## Adding a Custom OEM +If cloud config doesn't handle something you need to do or you just want to take a look at the root btrfs filesystem before booting your new install just mount the ninth partition: -CoreOS has an [OEM partition][oem] that is used to setup networking, SSH keys, etc on boot. -If you have site specific customizations you need to make the PXE image this is the perfect place to make it. -Simply create a `./usr/share/oem/` directory as described on the [OEM page][oem] and append it to the CPIO: - -``` -gzip -d coreos_production_pxe_image.cpio.gz -find usr | cpio -o -A -H newc -O coreos_production_pxe_image.cpio -gzip coreos_production_pxe_image.cpio ``` - -Confirm the archive looks correct and has your `run` file inside of it: - -``` -gzip -dc coreos_production_pxe_image.cpio.gz | cpio -it -./ -newroot.squashfs -usr -usr/share -usr/share/oem -usr/share/oem/run +mount -o subvol=root /dev/sda9 /mnt/ ``` -[oem]: {{site.url}}/docs/oem/ - ## Using CoreOS Now that you have a machine booted it is time to play around. From 6ec6b85ddea68946a983e63e6d22f007c8a8bc90 Mon Sep 17 00:00:00 2001 From: Michael Marineau Date: Thu, 17 Apr 2014 19:52:58 -0700 Subject: [PATCH 0018/1291] feat(installing-to-disk): Document all coreos-install options --- running-coreos/bare-metal/installing-to-disk/index.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/running-coreos/bare-metal/installing-to-disk/index.md b/running-coreos/bare-metal/installing-to-disk/index.md index fdf4fbf28..daa35a21f 100644 --- a/running-coreos/bare-metal/installing-to-disk/index.md +++ b/running-coreos/bare-metal/installing-to-disk/index.md @@ -27,6 +27,14 @@ When running on CoreOS the install script will attempt to install the same versi coreos-install -d /dev/sda -V alpha ``` +For reference here are the rest of the `coreos-install` options: + + -d DEVICE Install CoreOS to the given device. + -V VERSION Version to install (e.g. alpha) + -o OEM OEM type to install (e.g. openstack) + -c CLOUD Insert a cloud-init config to be executed on boot. + -t TMPDIR Temporary location with enough space to download images. + ## Cloud Config By default there isn't a password or any other way to log into a fresh CoreOS system. From 3410295ab113989a4e986a70b675561cb05d97ed Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Fri, 18 Apr 2014 10:53:41 -0700 Subject: [PATCH 0019/1291] fix(ipxe): update to usr image and add cloud-config instructions --- .../bare-metal/booting-with-ipxe/index.md | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/running-coreos/bare-metal/booting-with-ipxe/index.md b/running-coreos/bare-metal/booting-with-ipxe/index.md index 73d39b36a..beaff2aa6 100644 --- a/running-coreos/bare-metal/booting-with-ipxe/index.md +++ b/running-coreos/bare-metal/booting-with-ipxe/index.md @@ -21,14 +21,14 @@ To illustrate iPXE in action we will qemu-kvm in this guide. ### Setting up the Boot Script iPXE downloads a boot script from a publicly available URL. -You will need to host this URL somewhere public and replace the example SSH key with your own. +You will need to host this URL somewhere public and replace the example SSH key with your own. You can also run a [custom iPXE server](https://github.com/kelseyhightower/coreos-ipxe-server). ``` #!ipxe -set coreos-version dev-channel -set base-url http://storage.core-os.net/coreos/amd64-generic/${coreos-version} -kernel ${base-url}/coreos_production_pxe.vmlinuz root=squashfs: state=tmpfs: sshkey="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAYQC2PxAKTLdczK9+RNsGGPsz0eC2pBlydBEcrbI7LSfiN7Bo5hQQVjki+Xpnp8EEYKpzu6eakL8MJj3E28wT/vNklT1KyMZrXnVhtsmOtBKKG/++odpaavdW2/AU0l7RZiE= coreos pxe demo" +set coreos-version alpha +set base-url http://storage.core-os.net/coreos/amd64-usr/${coreos-version} +kernel ${base-url}/coreos_production_pxe.vmlinuz sshkey="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAYQC2PxAKTLdczK9+RNsGGPsz0eC2pBlydBEcrbI7LSfiN7Bo5hQQVjki+Xpnp8EEYKpzu6eakL8MJj3E28wT/vNklT1KyMZrXnVhtsmOtBKKG/++odpaavdW2/AU0l7RZiE= coreos pxe demo" initrd ${base-url}/coreos_production_pxe_image.cpio.gz boot ``` @@ -57,7 +57,7 @@ Immediatly iPXE should download your boot script URL and start grabbing the imag ``` ${YOUR_BOOT_URL}... ok -http://storage.core-os.net/coreos/amd64-generic/dev-channel/coreos_production_pxe.vmlinuz... 98% +http://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_pxe.vmlinuz... 98% ``` After a few moments of downloading CoreOS should boot normally. @@ -68,7 +68,11 @@ Since our upgrade process requires a disk, this image does not have the option t ## Installation -CoreOS can be completely installed on disk or run from RAM but store user data on disk. Read more in our [Installing CoreOS guide](/docs/running-coreos/bare-metal/installing-to-disk). +CoreOS can be completely installed on disk or run from RAM but store user data on disk. Read more in our [Installing CoreOS guide]({{site.url}}/docs/running-coreos/bare-metal/booting-with-pxe/#installation). + +## Adding a Custom OEM + +Similar to the [OEM partition][oem] in CoreOS disk images, iPXE images can be customized with a [cloud config][cloud-config] bundled in the initramfs. You can view the [instructions on the PXE docs]({{site.url/docs/bare-metal/booting-with-pxe/#adding-a-custom-oem}}). ## Using CoreOS From 98011cb190b75100eb3bf1ee8fb744ae72716792 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Fri, 18 Apr 2014 11:46:39 -0700 Subject: [PATCH 0020/1291] fix(bare-metal/ipxe): fix broken links --- running-coreos/bare-metal/booting-with-ipxe/index.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/running-coreos/bare-metal/booting-with-ipxe/index.md b/running-coreos/bare-metal/booting-with-ipxe/index.md index beaff2aa6..6e1d6ba3a 100644 --- a/running-coreos/bare-metal/booting-with-ipxe/index.md +++ b/running-coreos/bare-metal/booting-with-ipxe/index.md @@ -74,6 +74,9 @@ CoreOS can be completely installed on disk or run from RAM but store user data o Similar to the [OEM partition][oem] in CoreOS disk images, iPXE images can be customized with a [cloud config][cloud-config] bundled in the initramfs. You can view the [instructions on the PXE docs]({{site.url/docs/bare-metal/booting-with-pxe/#adding-a-custom-oem}}). +[oem]: {{site.url}}/docs/sdk-distributors/distributors/notes-for-distributors/#image-customization +[cloud-config]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/ + ## Using CoreOS Now that you have a machine booted it is time to play around. From 07c17d92d3358fe8484791fc286405ce4e0a6e0d Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Fri, 18 Apr 2014 11:55:05 -0700 Subject: [PATCH 0021/1291] fix(vagrant): update clustering instructions --- running-coreos/platforms/vagrant/index.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/running-coreos/platforms/vagrant/index.md b/running-coreos/platforms/vagrant/index.md index 082a54d4c..2145a8c17 100644 --- a/running-coreos/platforms/vagrant/index.md +++ b/running-coreos/platforms/vagrant/index.md @@ -18,7 +18,7 @@ You can direct questions to the [IRC channel][irc] or [mailing list][coreos-dev] Vagrant is a simple-to-use command line virtual machine manager. There are install packages available for Windows, Linux and OSX. Find the latest installer on the [Vagrant downloads page][vagrant]. Be sure to get -version 1.3.1 or greater. +version 1.5 or greater. [vagrant]: http://www.vagrantup.com/downloads.html @@ -71,7 +71,8 @@ coreos: ## Startup CoreOS -With Vagrant, you can start a single machine or an entire cluster. To start a cluster, edit `NUM_INSTANCES` in the Vagrantfile to three or more. The cluster will be automatically configured if you provided a discovery URL in the cloud-config. +With Vagrant, you can start a single machine or an entire cluster. Launching a CoreOS cluster on Vagrant is as simple as configuring `$num_instances` in a `config.rb` file to 3 (or more!) and running `vagrant up`. +Make sure you provide a fresh discovery URL in your `user-data` if you wish to bootstrap etcd in your cluster. ### Using Vagrant's default VirtualBox Provider From 3a8ef28d09d2b93353ffc4c92b0f97b9b2f765d7 Mon Sep 17 00:00:00 2001 From: Justin Paine Date: Fri, 18 Apr 2014 14:00:49 -0700 Subject: [PATCH 0022/1291] Update index.md Replaced IP_HERE with just IP --- running-coreos/cloud-providers/vultr/index.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/running-coreos/cloud-providers/vultr/index.md b/running-coreos/cloud-providers/vultr/index.md index df1078501..35a4a429b 100644 --- a/running-coreos/cloud-providers/vultr/index.md +++ b/running-coreos/cloud-providers/vultr/index.md @@ -63,16 +63,16 @@ You'll see several lines scroll past on the console as the kernel is loaded, and You can now login to CoreOS, assuming the associated private key is in place on your local computer you'll immediately be logged in. You may need to specify the specific location using ```-i LOCATION```. If you need additional details on how to specify the location of your private key file see [here](http://www.cyberciti.biz/faq/force-ssh-client-to-use-given-private-key-identity-file/). -SSH to the IP of your VPS, and specify the "core" user specifically: ```ssh core@IP_HERE``` +SSH to the IP of your VPS, and specify the "core" user specifically: ```ssh core@IP``` ``` -$ ssh core@IP_HERE -The authenticity of host 'IP_HERE (2a02:1348:17c:423d:24:19ff:fef1:8f6)' can't be established. +$ ssh core@IP +The authenticity of host 'IP (2a02:1348:17c:423d:24:19ff:fef1:8f6)' can't be established. RSA key fingerprint is 99:a5:13:60:07:5d:ac:eb:4b:f2:cb:c9:b2:ab:d7:21. Are you sure you want to continue connecting (yes/no)? yes -Last login: Thu Oct 17 11:42:04 UTC 2013 from YOUR_IP on pts/0 +Last login: Thu Oct 17 11:42:04 UTC 2013 from 127.0.0.1 on pts/0 ______ ____ _____ / ____/___ ________ / __ \/ ___/ / / / __ \/ ___/ _ \/ / / /\__ \ From 2e6295d0ed6a792a08d6f525e900bedcc79759c1 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Tue, 22 Apr 2014 10:02:06 -0700 Subject: [PATCH 0023/1291] fix(vultr): remove provider from title --- running-coreos/cloud-providers/vultr/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/running-coreos/cloud-providers/vultr/index.md b/running-coreos/cloud-providers/vultr/index.md index 35a4a429b..d855a97c4 100644 --- a/running-coreos/cloud-providers/vultr/index.md +++ b/running-coreos/cloud-providers/vultr/index.md @@ -1,6 +1,6 @@ --- layout: docs -title: Vultr VPS Provider +title: Vultr VPS category: running_coreos sub_category: cloud_provider weight: 10 From f615e2a0908718ac15904da61e24291bb45f7ad2 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Tue, 22 Apr 2014 10:32:33 -0700 Subject: [PATCH 0024/1291] fix(ipxe): remove git.io shortener references --- running-coreos/bare-metal/booting-with-ipxe/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/running-coreos/bare-metal/booting-with-ipxe/index.md b/running-coreos/bare-metal/booting-with-ipxe/index.md index 6e1d6ba3a..b6feabb1a 100644 --- a/running-coreos/bare-metal/booting-with-ipxe/index.md +++ b/running-coreos/bare-metal/booting-with-ipxe/index.md @@ -33,7 +33,7 @@ initrd ${base-url}/coreos_production_pxe_image.cpio.gz boot ``` -An easy place to host this boot script is on https://gist.github.com and then shorten the raw URL with http://git.io. +An easy place to host this boot script is on https://gist.github.com. Use the "raw" gist URL, which can be found by clicking the "⟨ ⟩" icon near the top right of the text area. ### Booting iPXE From 38e959d1f59011ca5a92a2d987357fa9c2f43715 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Tue, 22 Apr 2014 11:12:43 -0700 Subject: [PATCH 0025/1291] fix(ipxe): use pastie.org --- running-coreos/bare-metal/booting-with-ipxe/index.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/running-coreos/bare-metal/booting-with-ipxe/index.md b/running-coreos/bare-metal/booting-with-ipxe/index.md index b6feabb1a..2784d9273 100644 --- a/running-coreos/bare-metal/booting-with-ipxe/index.md +++ b/running-coreos/bare-metal/booting-with-ipxe/index.md @@ -33,7 +33,9 @@ initrd ${base-url}/coreos_production_pxe_image.cpio.gz boot ``` -An easy place to host this boot script is on https://gist.github.com. Use the "raw" gist URL, which can be found by clicking the "⟨ ⟩" icon near the top right of the text area. +An easy place to host this boot script is on http://pastie.org. Be sure to reference the "raw" version of script, which is accessed by clicking on the clipboard in the top right. + +Note: the iPXE environment won't open https links, which means you can't use https://gist.github.com to store your script. Bummer, right? ### Booting iPXE From 30496391cbd93870b2266b764b280c63cf60052d Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Tue, 22 Apr 2014 11:19:30 -0700 Subject: [PATCH 0026/1291] fix(ipxe): make links clickable --- running-coreos/bare-metal/booting-with-ipxe/index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/running-coreos/bare-metal/booting-with-ipxe/index.md b/running-coreos/bare-metal/booting-with-ipxe/index.md index 2784d9273..046d24e91 100644 --- a/running-coreos/bare-metal/booting-with-ipxe/index.md +++ b/running-coreos/bare-metal/booting-with-ipxe/index.md @@ -33,9 +33,9 @@ initrd ${base-url}/coreos_production_pxe_image.cpio.gz boot ``` -An easy place to host this boot script is on http://pastie.org. Be sure to reference the "raw" version of script, which is accessed by clicking on the clipboard in the top right. +An easy place to host this boot script is on [http://pastie.org](http://pastie.org). Be sure to reference the "raw" version of script, which is accessed by clicking on the clipboard in the top right. -Note: the iPXE environment won't open https links, which means you can't use https://gist.github.com to store your script. Bummer, right? +Note: the iPXE environment won't open https links, which means you can't use [https://gist.github.com](https://gist.github.com) to store your script. Bummer, right? ### Booting iPXE From 5cb3b197a060070c85ed49a6f57c2beca1fd6b76 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Tue, 22 Apr 2014 10:13:20 -0700 Subject: [PATCH 0027/1291] fix(vagrant): add note about manually adding box --- running-coreos/platforms/vagrant/index.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/running-coreos/platforms/vagrant/index.md b/running-coreos/platforms/vagrant/index.md index 2145a8c17..564ff85cc 100644 --- a/running-coreos/platforms/vagrant/index.md +++ b/running-coreos/platforms/vagrant/index.md @@ -134,6 +134,12 @@ vagrant box remove coreos-alpha vmware_fusion vagrant box remove coreos-alpha virtualbox ``` +If you'd like to download the box separately, you can download the URL contained in the Vagrantfile and add it manually: + +``` +vagrant box add coreos-alpha +``` + ## Using CoreOS Now that you have a machine booted it is time to play around. From 97d587e17ab847eb6bb4a81ba8d3684500facfc4 Mon Sep 17 00:00:00 2001 From: Brian Waldon Date: Tue, 22 Apr 2014 18:08:54 -0700 Subject: [PATCH 0028/1291] doc(coreos-cloudinit): Add note about PXE+coreos-cloudinit --- running-coreos/bare-metal/booting-with-pxe/index.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/running-coreos/bare-metal/booting-with-pxe/index.md b/running-coreos/bare-metal/booting-with-pxe/index.md index abfb88949..445fdf08f 100644 --- a/running-coreos/bare-metal/booting-with-pxe/index.md +++ b/running-coreos/bare-metal/booting-with-pxe/index.md @@ -31,6 +31,9 @@ When configuring the CoreOS pxelinux.cfg there are a few kernel options that may - **sshkey**: Add the given SSH public key to the `core` user's authorized_keys file. Replace the example key below with your own (it is usually in `~/.ssh/id_rsa.pub`) - **console**: Enable kernel output and a login prompt on a given tty. The default, `tty0`, generally maps to VGA. Can be used multiple times, e.g. `console=tty0 console=ttyS0` - **coreos.autologin**: Drop directly to a shell on a given console without prompting for a password. Useful for troubleshooting but use with caution. For any console that doesn't normally get a login prompt by default be sure to combine with the `console` option, e.g. `console=ttyS0 coreos.autologin=ttyS0`. Without any argument it enables access on all consoles. *Experimental* +- **cloud-config-url**: CoreOS will attempt to download a cloud-config document and use it to provision your booted system. See the [coreos-cloudinit-project][cloudinit] for more information. + +[cloudinit]: https://github.com/coreos/coreos-cloudinit This is an example pxelinux.cfg file that assumes CoreOS is the only option. You should be able to copy this verbatim into `/var/lib/tftpboot/pxelinux.cfg/default` after putting in your own SSH key. From ee7823019aece136842f9a2aa753459707294f40 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Wed, 23 Apr 2014 16:56:50 -0700 Subject: [PATCH 0029/1291] fix(launching): update depreciated flags --- .../launching/getting-started-with-systemd/index.md | 6 +++--- .../launching/launching-containers-fleet/index.md | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/launching-containers/launching/getting-started-with-systemd/index.md b/launching-containers/launching/getting-started-with-systemd/index.md index 2c41247ab..845c25cac 100644 --- a/launching-containers/launching/getting-started-with-systemd/index.md +++ b/launching-containers/launching/getting-started-with-systemd/index.md @@ -83,11 +83,11 @@ The full list is located on the [systemd man page](http://www.freedesktop.org/so Let's put a few of these concepts togther to register new units within etcd. Imagine we had another container running that would read these values from etcd and act upon them. -We can use `ExecStart` to either create a container with the `docker run` command or start a pre-existing container with the `docker start -a` command. We need to account for both because you can't issue multiple docker run commands when specifying a `-name`. In either case we must leave the container in the foreground (i.e. don't run with `-d`) so systemd knows the service is running. +We can use `ExecStart` to either create a container with the `docker run` command or start a pre-existing container with the `docker start -a` command. We need to account for both because you can't issue multiple docker run commands when specifying a `--name`. In either case we must leave the container in the foreground (i.e. don't run with `-d`) so systemd knows the service is running. Since our container will be started in `ExecStart`, it makes sense for our etcd command to run as `ExecStartPost` to ensure that our container is started and functioning. -When the service is told to stop, we need to stop the docker container using its `-name` from the run command. We also need to clean up our etcd key when the container exits or the unit is failed by using `ExecStopPost`. +When the service is told to stop, we need to stop the docker container using its `--name` from the run command. We also need to clean up our etcd key when the container exits or the unit is failed by using `ExecStopPost`. ``` [Unit] @@ -96,7 +96,7 @@ After=etcd.service After=docker.service [Service] -ExecStart=/bin/bash -c '/usr/bin/docker start -a apache || /usr/bin/docker run -name apache -p 80:80 coreos/apache /usr/sbin/apache2ctl -D FOREGROUND' +ExecStart=/bin/bash -c '/usr/bin/docker start -a apache || /usr/bin/docker run --name apache -p 80:80 coreos/apache /usr/sbin/apache2ctl -D FOREGROUND' ExecStartPost=/usr/bin/etcdctl set /domains/example.com/10.10.10.123:8081 running ExecStop=/usr/bin/docker stop apache ExecStopPost=/usr/bin/etcdctl rm /domains/example.com/10.10.10.123:8081 diff --git a/launching-containers/launching/launching-containers-fleet/index.md b/launching-containers/launching/launching-containers-fleet/index.md index 5db46f4c5..473fe3192 100644 --- a/launching-containers/launching/launching-containers-fleet/index.md +++ b/launching-containers/launching/launching-containers-fleet/index.md @@ -66,7 +66,7 @@ After=docker.service Requires=docker.service [Service] -ExecStart=/usr/bin/docker run -name apache -p 80:80 coreos/apache /usr/sbin/apache2ctl -D FOREGROUND +ExecStart=/usr/bin/docker run --name apache -p 80:80 coreos/apache /usr/sbin/apache2ctl -D FOREGROUND ExecStop=/usr/bin/docker stop apache [X-Fleet] From 59f1317454150491624a4a630efa0d0d6b3312c1 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Fri, 25 Apr 2014 12:09:01 -0700 Subject: [PATCH 0030/1291] fix(getting-started-etcd): move to correct category --- .../getting-started-with-etcd/index.md | 4 ++-- quickstart/index.md | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) rename {cluster-management/setup => distributed-configuration}/getting-started-with-etcd/index.md (99%) diff --git a/cluster-management/setup/getting-started-with-etcd/index.md b/distributed-configuration/getting-started-with-etcd/index.md similarity index 99% rename from cluster-management/setup/getting-started-with-etcd/index.md rename to distributed-configuration/getting-started-with-etcd/index.md index 16d8075a8..5d9ad1bf4 100644 --- a/cluster-management/setup/getting-started-with-etcd/index.md +++ b/distributed-configuration/getting-started-with-etcd/index.md @@ -2,8 +2,8 @@ layout: docs slug: guides/etcd title: Getting Started with etcd -category: cluster_management -sub_category: setting_up +category: distributed_configuration +sub_category: reading_writing weight: 5 --- diff --git a/quickstart/index.md b/quickstart/index.md index 6ca69168c..db407ef1a 100644 --- a/quickstart/index.md +++ b/quickstart/index.md @@ -37,8 +37,8 @@ curl -L http://127.0.0.1:4001/v1/keys/message If you followed a guide to set up more than one CoreOS machine, you can SSH into another machine and can retrieve this same value. #### More Detailed Information -View Complete Guide -Read etcd API Docs +View Complete Guide +Read etcd API Docs ## Container Management with docker From ba7e87c24f26cc2acab4d5e52af5e5d4a737bb70 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Fri, 25 Apr 2014 13:18:55 -0700 Subject: [PATCH 0031/1291] fix(quickstart): use correct urls --- quickstart/index.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/quickstart/index.md b/quickstart/index.md index db407ef1a..71ff892e7 100644 --- a/quickstart/index.md +++ b/quickstart/index.md @@ -57,7 +57,7 @@ docker run -i -t busybox /bin/sh ``` #### More Detailed Information -View Complete Guide +View Complete Guide Read docker Docs ## Process Management with systemd @@ -110,6 +110,7 @@ sudo systemctl stop hello.service ``` #### More Detailed Information +View Complete Guide Read systemd Website #### Chaos Monkey From 283ef02405f4a566280de8e10db044fc422565f2 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Fri, 25 Apr 2014 14:19:16 -0700 Subject: [PATCH 0032/1291] feat(pxe): add cloud-config example --- .../bare-metal/booting-with-pxe/index.md | 20 +++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) diff --git a/running-coreos/bare-metal/booting-with-pxe/index.md b/running-coreos/bare-metal/booting-with-pxe/index.md index 445fdf08f..838b9d321 100644 --- a/running-coreos/bare-metal/booting-with-pxe/index.md +++ b/running-coreos/bare-metal/booting-with-pxe/index.md @@ -36,7 +36,7 @@ When configuring the CoreOS pxelinux.cfg there are a few kernel options that may [cloudinit]: https://github.com/coreos/coreos-cloudinit This is an example pxelinux.cfg file that assumes CoreOS is the only option. -You should be able to copy this verbatim into `/var/lib/tftpboot/pxelinux.cfg/default` after putting in your own SSH key. +You should be able to copy this verbatim into `/var/lib/tftpboot/pxelinux.cfg/default` after providing a cloud-config URL: ``` default coreos @@ -48,9 +48,25 @@ display boot.msg label coreos menu default kernel coreos_production_pxe.vmlinuz - append initrd=coreos_production_pxe_image.cpio.gz sshkey="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAYQC2PxAKTLdczK9+RNsGGPsz0eC2pBlydBEcrbI7LSfiN7Bo5hQQVjki+Xpnp8EEYKpzu6eakL8MJj3E28wT/vNklT1KyMZrXnVhtsmOtBKKG/++odpaavdW2/AU0l7RZiE= coreos pxe demo" + append initrd=coreos_production_pxe_image.cpio.gz cloud-config-url=http://example.com/pxe-cloud-config.yml ``` +Here's a common cloud-config example which should be located at the URL from above: + +``` +#cloud-config +coreos: + units: + - name: etcd.service + command: start + - name: fleet.service + command: start + ssh_authorized_keys: + - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAYQC2PxAKTLdczK9+RNsGGPsz0eC2pBlydBEcrbI7LSfiN7Bo5hQQVjki+Xpnp8EEYKpzu6eakL8MJj3E28wT/vNklT1KyMZrXnVhtsmOtBKKG/++odpaavdW2/AU0l7RZiE= +``` + +You can view all of the [cloud-config options here]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/). + ### Download the files In the config above you can see that a Kernel image and a initramfs file is needed. From c82283dd47b2c4afbac026f8120cff2381b04038 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Fri, 25 Apr 2014 14:31:19 -0700 Subject: [PATCH 0033/1291] fix(pxe): incorrect indentation of authorized keys --- running-coreos/bare-metal/booting-with-pxe/index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/running-coreos/bare-metal/booting-with-pxe/index.md b/running-coreos/bare-metal/booting-with-pxe/index.md index 838b9d321..e13e0528a 100644 --- a/running-coreos/bare-metal/booting-with-pxe/index.md +++ b/running-coreos/bare-metal/booting-with-pxe/index.md @@ -61,8 +61,8 @@ coreos: command: start - name: fleet.service command: start - ssh_authorized_keys: - - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAYQC2PxAKTLdczK9+RNsGGPsz0eC2pBlydBEcrbI7LSfiN7Bo5hQQVjki+Xpnp8EEYKpzu6eakL8MJj3E28wT/vNklT1KyMZrXnVhtsmOtBKKG/++odpaavdW2/AU0l7RZiE= +ssh_authorized_keys: + - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAYQC2PxAKTLdczK9+RNsGGPsz0eC2pBlydBEcrbI7LSfiN7Bo5hQQVjki+Xpnp8EEYKpzu6eakL8MJj3E28wT/vNklT1KyMZrXnVhtsmOtBKKG/++odpaavdW2/AU0l7RZiE= ``` You can view all of the [cloud-config options here]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/). From 7b24f377f9d8d4a2333c979533745345ea7041c2 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Fri, 25 Apr 2014 16:06:22 -0700 Subject: [PATCH 0034/1291] feat(vmware): add cloud-config details --- running-coreos/platforms/vmware/index.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/running-coreos/platforms/vmware/index.md b/running-coreos/platforms/vmware/index.md index f1c91e5b4..611bbc8de 100644 --- a/running-coreos/platforms/vmware/index.md +++ b/running-coreos/platforms/vmware/index.md @@ -57,6 +57,14 @@ The above step creates the following files in ../coreos/: The last step uploads the files to your ESXi datastore and registers your VM. You can now tweak the VM settings, like memory and virtual cores, then power it on. These instructions were tested to deploy to an ESXi 5.5 host. +## Cloud-Config + +Cloud-config can be specified by attaching a [config-drive]({{site.url}}/docs/cluster-management/setup/cloudinit-config-drive/) with the label `config-2`. This is commonly done through whatever interface allows for attaching cd-roms or new drives. + +Note that the config-drive standard was originally an Openstack feature, which is why you'll see strings containing `openstack`. This filepath needs to be retained, although CoreOS supports config-drive on all platforms. + +For more information on customization that can be done with cloud-config, head on over to the [cloud-config guide]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/). + ## Logging in Networking can take a bit of time to come up under VMware and you will need to From 3a12dc84d951d19962055dff717b0bfec8e9f8b7 Mon Sep 17 00:00:00 2001 From: Jari Sukanen Date: Sat, 26 Apr 2014 10:07:21 +0000 Subject: [PATCH 0035/1291] fix(libvirt): update examples to match new cloud-config --- running-coreos/platforms/libvirt/index.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/running-coreos/platforms/libvirt/index.md b/running-coreos/platforms/libvirt/index.md index 61be79eb2..9364b9303 100644 --- a/running-coreos/platforms/libvirt/index.md +++ b/running-coreos/platforms/libvirt/index.md @@ -62,7 +62,7 @@ Now create /tmp/coreos0.xml with the following contents: - + @@ -102,7 +102,7 @@ The `user_data` file may contain a script for a [cloud config][cloud-config] file. We recommend using ssh keys to log into the VM so at a minimum the contents of `user_data` should look something like this: - #config-drive + #cloud-config ssh_authorized_keys: - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGdByTgSVHq....... @@ -117,7 +117,7 @@ on the host's eth0 and the local network. To configure a static address add a [networkd unit][systemd-network] to `user_data`: - #config-drive + #cloud-config ssh_authorized_keys: - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGdByTgSVHq....... From 6e7198e9458f244a2d987164cbc60f832a83c33d Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Mon, 28 Apr 2014 13:17:48 -0700 Subject: [PATCH 0036/1291] feat(mounting-storage): instructions to use ephemeral storage for docker --- .../setup/mounting-storage/index.md | 45 +++++++++++++++++++ 1 file changed, 45 insertions(+) diff --git a/cluster-management/setup/mounting-storage/index.md b/cluster-management/setup/mounting-storage/index.md index 952e5b5c9..6496436f7 100644 --- a/cluster-management/setup/mounting-storage/index.md +++ b/cluster-management/setup/mounting-storage/index.md @@ -28,6 +28,51 @@ As you can see, it's pretty simple. You specify the attached device and where yo It's important to note that [systemd requires](http://www.freedesktop.org/software/systemd/man/systemd.mount.html) mount units to be named after the "mount point directories they control". In our example above, we want our device mounted at `/media/ephemeral` so it must be named `media-ephemeral.mount`. +## Use Attached Storage for Docker + +Docker containers can be very large and debugging a build process makes it easy to accumulate hundreds of containers. It's advantagous to use attached storage to expand your capacity for container images. Be aware that some cloud providers treat certain disks as ephemeral and you will lose all docker images contained on that disk. + +We're going to bind mount a btrfs device to `/var/lib/docker`, where docker stores images. We can do this on the fly when the machines starts up with a oneshot unit that formats the drive and another one that runs afterwards to mount it. Be sure to hardcode the correct device or look for a device by label: + +``` +#cloud-config +coreos: + units + - name: media-ephemeral.mount + command: start + content: | + [Mount] + What=/dev/xvdb + Where=/media/ephemeral + Type=btrfs + - name: format-ephemeral.service + command: start + content: | + [Unit] + Description=Formats the ephemeral drive + [Service] + Type=oneshot + ExecStart=/usr/sbin/wipefs -f /dev/xvdb + ExecStartPost=/usr/sbin/mkfs.btrfs -f /dev/xvdb + ExecStartPost=/usr/bin/mount -t btrfs /dev/xvdb /media/ephemeral + - name: docker-storage.service + command: start + content: | + [Unit] + Requires=format-ephemeral.service + Description=Mount ephemeral as /var/lib/docker + [Service] + Type=oneshot + ExecStartPre=/usr/bin/systemctl stop docker + ExecStartPre=/usr/bin/rm -rf /var/lib/docker/* + ExecStart=/usr/bin/mkdir -p /media/ephemeral/docker + ExecStart=/usr/bin/mkdir -p /var/lib/docker + ExecStartPost=/usr/bin/mount -o bind /media/ephemeral/docker /var/lib/docker + ExecStartPost=/usr/bin/systemctl start --no-block docker +``` + +Notice that we're starting all three of these units at the same time and using the power of systemd to work out the dependencies for us. In this case, `docker-storage.service` requires `format-ephemeral.service`, ensuring that our storage will always be formatted before it is bind mounted. Docker will refuse to start otherwise. + ## Further Reading Read the [full docs](http://www.freedesktop.org/software/systemd/man/systemd.mount.html) to learn about the available options. Examples specific to [EC2]({{site.url}}/docs/running-coreos/cloud-providers/ec2/#instance-storage), [Google Compute Engine]({{site.url}}/docs/running-coreos/cloud-providers/google-compute-engine/#additional-storage) and [Rackspace Cloud]({{site.url}}/docs/running-coreos/cloud-providers/rackspace/#mount-data-disk) can be used as a starting point. \ No newline at end of file From f3d7039637877dbfe054d5bc4cae12b78eb0515c Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Mon, 28 Apr 2014 13:26:33 -0700 Subject: [PATCH 0037/1291] feat(customizing-docker): link to mounting storage --- .../building/customizing-docker/index.md | 118 +++++++++--------- 1 file changed, 61 insertions(+), 57 deletions(-) diff --git a/launching-containers/building/customizing-docker/index.md b/launching-containers/building/customizing-docker/index.md index e3342b768..6dd81e77f 100644 --- a/launching-containers/building/customizing-docker/index.md +++ b/launching-containers/building/customizing-docker/index.md @@ -10,62 +10,6 @@ weight: 7 The docker systemd unit can be customized by overriding the unit that ships with the default CoreOS settings. Common use-cases for doing this are covered below. -## Enabling the docker Debug Flag - -First, copy the existing unit from the read-only file system into the read/write file system, so we can edit it: - -``` -cp /usr/lib/systemd/system/docker.service /etc/systemd/system/ -``` - -Edit the `ExecStart` line to add the -D flag: - -``` -ExecStart=/usr/bin/docker -d -s=btrfs -r=false -H fd:// -D -``` - -Now lets tell systemd about the new unit and restart docker: - -``` -systemctl daemon-reload -systemctl restart docker -``` - -To test our debugging stream, run a docker command and then read the systemd journal, which should contain the output: - -``` -docker ps -journalctl -u docker -``` - -### Cloud-Config - -If you need to modify a flag across many machines, you can provide the new unit with cloud-config: - -``` -#cloud-config - -coreos: - units: - - name: docker.service - command: restart - content: | - [Unit] - Description=Docker Application Container Engine - Documentation=http://docs.docker.io - After=network.target - Requires=docker-tcp.socket - - [Service] - ExecStartPre=/bin/mount --make-rprivate / - # Run docker but don't have docker automatically restart - # containers. This is a job for systemd and unit files. - ExecStart=/usr/bin/docker -d -s=btrfs -r=false -H fd:// -D - - [Install] - WantedBy=multi-user.target -``` - ## Enable the Remote API on a New Socket Create a file called `/etc/systemd/system/docker-tcp.socket` to make docker available on a tcp socket on port 4243. @@ -124,4 +68,64 @@ coreos: [Service] Type=oneshot ExecStart=/usr/bin/systemctl enable docker-tcp.socket -``` \ No newline at end of file +``` + +## Use Attached Storage for Docker Images + +Docker containers can be very large and debugging a build process makes it easy to accumulate hundreds of containers. It's advantagous to use attached storage to expand your capacity for container images. Check out the guide to [mounting storage to your CoreOS machine]({{site.url}}/docs/cluster-management/setup/mounting-storage/index.md#use-attached-storage-for-docker) for an example of how to bind mount storage into `/var/lib/docker`. + +## Enabling the docker Debug Flag + +First, copy the existing unit from the read-only file system into the read/write file system, so we can edit it: + +``` +cp /usr/lib/systemd/system/docker.service /etc/systemd/system/ +``` + +Edit the `ExecStart` line to add the -D flag: + +``` +ExecStart=/usr/bin/docker -d -s=btrfs -r=false -H fd:// -D +``` + +Now lets tell systemd about the new unit and restart docker: + +``` +systemctl daemon-reload +systemctl restart docker +``` + +To test our debugging stream, run a docker command and then read the systemd journal, which should contain the output: + +``` +docker ps +journalctl -u docker +``` + +### Cloud-Config + +If you need to modify a flag across many machines, you can provide the new unit with cloud-config: + +``` +#cloud-config + +coreos: + units: + - name: docker.service + command: restart + content: | + [Unit] + Description=Docker Application Container Engine + Documentation=http://docs.docker.io + After=network.target + Requires=docker-tcp.socket + + [Service] + ExecStartPre=/bin/mount --make-rprivate / + # Run docker but don't have docker automatically restart + # containers. This is a job for systemd and unit files. + ExecStart=/usr/bin/docker -d -s=btrfs -r=false -H fd:// -D + + [Install] + WantedBy=multi-user.target +``` From 949fbc25de3d59dcd95851549a51f389ce182e3a Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Wed, 30 Apr 2014 13:39:04 -0700 Subject: [PATCH 0038/1291] fix(mounting-storage): simplify units --- .../setup/mounting-storage/index.md | 29 +++++++------------ 1 file changed, 10 insertions(+), 19 deletions(-) diff --git a/cluster-management/setup/mounting-storage/index.md b/cluster-management/setup/mounting-storage/index.md index 6496436f7..fec070187 100644 --- a/cluster-management/setup/mounting-storage/index.md +++ b/cluster-management/setup/mounting-storage/index.md @@ -38,13 +38,6 @@ We're going to bind mount a btrfs device to `/var/lib/docker`, where docker stor #cloud-config coreos: units - - name: media-ephemeral.mount - command: start - content: | - [Mount] - What=/dev/xvdb - Where=/media/ephemeral - Type=btrfs - name: format-ephemeral.service command: start content: | @@ -52,23 +45,21 @@ coreos: Description=Formats the ephemeral drive [Service] Type=oneshot + RemainAfterExit=yes ExecStart=/usr/sbin/wipefs -f /dev/xvdb - ExecStartPost=/usr/sbin/mkfs.btrfs -f /dev/xvdb - ExecStartPost=/usr/bin/mount -t btrfs /dev/xvdb /media/ephemeral - - name: docker-storage.service + ExecStart=/usr/sbin/mkfs.btrfs -f /dev/xvdb + - name: media-ephemeral.mount command: start content: | [Unit] + Description=Mount ephemeral to /var/lib/docker Requires=format-ephemeral.service - Description=Mount ephemeral as /var/lib/docker - [Service] - Type=oneshot - ExecStartPre=/usr/bin/systemctl stop docker - ExecStartPre=/usr/bin/rm -rf /var/lib/docker/* - ExecStart=/usr/bin/mkdir -p /media/ephemeral/docker - ExecStart=/usr/bin/mkdir -p /var/lib/docker - ExecStartPost=/usr/bin/mount -o bind /media/ephemeral/docker /var/lib/docker - ExecStartPost=/usr/bin/systemctl start --no-block docker + Requires=docker.service + Before=docker.service + [Mount] + What=/dev/xvdb + Where=/var/lib/docker + Type=btrfs ``` Notice that we're starting all three of these units at the same time and using the power of systemd to work out the dependencies for us. In this case, `docker-storage.service` requires `format-ephemeral.service`, ensuring that our storage will always be formatted before it is bind mounted. Docker will refuse to start otherwise. From 6267a60b224aa717900338ae01832561ae72df06 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Wed, 30 Apr 2014 15:43:51 -0700 Subject: [PATCH 0039/1291] fix(mounting-storage): correct dependencies --- cluster-management/setup/mounting-storage/index.md | 1 - 1 file changed, 1 deletion(-) diff --git a/cluster-management/setup/mounting-storage/index.md b/cluster-management/setup/mounting-storage/index.md index fec070187..bbff098cc 100644 --- a/cluster-management/setup/mounting-storage/index.md +++ b/cluster-management/setup/mounting-storage/index.md @@ -54,7 +54,6 @@ coreos: [Unit] Description=Mount ephemeral to /var/lib/docker Requires=format-ephemeral.service - Requires=docker.service Before=docker.service [Mount] What=/dev/xvdb From 3e3fb29b844dd3810b23db654e6118c983200217 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Wed, 30 Apr 2014 22:34:52 -0700 Subject: [PATCH 0040/1291] fix(customizing-docker): remove socket dependency --- launching-containers/building/customizing-docker/index.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/launching-containers/building/customizing-docker/index.md b/launching-containers/building/customizing-docker/index.md index 6dd81e77f..50020d4d7 100644 --- a/launching-containers/building/customizing-docker/index.md +++ b/launching-containers/building/customizing-docker/index.md @@ -118,8 +118,6 @@ coreos: Description=Docker Application Container Engine Documentation=http://docs.docker.io After=network.target - Requires=docker-tcp.socket - [Service] ExecStartPre=/bin/mount --make-rprivate / # Run docker but don't have docker automatically restart From dae7c6eed950fd3b98882c1b097b8d9c2c6d5083 Mon Sep 17 00:00:00 2001 From: Michael Marineau Date: Thu, 1 May 2014 09:22:51 -0700 Subject: [PATCH 0041/1291] fix(*): Document using gpg detached signatures instead of DIGESTS As of release 298 we generate .sig files which are much easier to deal with than the oddball DIGESTS format. --- running-coreos/bare-metal/booting-with-pxe/index.md | 7 +++++-- .../distributors/notes-for-distributors/index.md | 7 +++---- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/running-coreos/bare-metal/booting-with-pxe/index.md b/running-coreos/bare-metal/booting-with-pxe/index.md index e13e0528a..7e7b5a55e 100644 --- a/running-coreos/bare-metal/booting-with-pxe/index.md +++ b/running-coreos/bare-metal/booting-with-pxe/index.md @@ -71,13 +71,16 @@ You can view all of the [cloud-config options here]({{site.url}}/docs/cluster-ma In the config above you can see that a Kernel image and a initramfs file is needed. Download these two files into your tftp root. -The extra `coreos_production_pxe.DIGESTS.asc` file can be used to [verify the others][verify-notes]. +The extra `coreos_production_pxe.vmlinuz.sig` and `coreos_production_pxe_image.cpio.gz.sig` files can be used to [verify the downloaded files][verify-notes]. ``` cd /var/lib/tftpboot wget http://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_pxe.vmlinuz +wget http://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_pxe.vmlinuz.sig wget http://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_pxe_image.cpio.gz -wget http://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_pxe.DIGESTS.asc +wget http://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_pxe_image.cpio.gz.sig +gpg --verify coreos_production_pxe.vmlinuz.sig +gpg --verify coreos_production_pxe_image.cpio.gz.sig ``` PXE booted machines cannot currently update themselves. diff --git a/sdk-distributors/distributors/notes-for-distributors/index.md b/sdk-distributors/distributors/notes-for-distributors/index.md index 443a9f90c..90cef1307 100644 --- a/sdk-distributors/distributors/notes-for-distributors/index.md +++ b/sdk-distributors/distributors/notes-for-distributors/index.md @@ -14,12 +14,11 @@ Images of CoreOS are hosted at `http://storage.core-os.net/coreos/amd64-usr/`. A If you are importing images for use inside of your environment it is recommended that you import from a URL in the following format `http://storage.core-os.net/coreos/amd64-usr/${CHANNEL}/`. For example to grab the alpha OpenStack version of CoreOS you can import `http://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_openstack_image.img.bz2`. There is a `version.txt` file in this directory which you can use to label the image with a version number as well. -It is recommended that you also verify files using the [CoreOS Image Signing Key][signing-key]. The digests are simply the image URL, replacing `_image.img.bz2` with `.DIGESTS.asc`. You can verify the digest with `gpg --verify` after importing the signing key. Then the image itself can be verified based on one of the hashes in `.DIGESTS.asc`. For example: +It is recommended that you also verify files using the [CoreOS Image Signing Key][signing-key]. The GPG signature for each image is a detached `.sig` file that must be passed to `gpg --verify`. For example: wget http://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_openstack_image.img.bz2 - wget http://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_openstack.DIGESTS.asc - gpg --verify coreos_production_openstack.DIGESTS.asc - sha512sum -c coreos_production_openstack.DIGESTS.asc + wget http://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_openstack_image.img.bz2.sig + gpg --verify coreos_production_openstack_image.img.bz2.sig [signing-key]: {{site.url}}/security/image-signing-key From d80e929495380018a3c4b11bc3dbcea216037e22 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabr=C3=ADcio=20Godoy?= Date: Wed, 9 Apr 2014 00:17:02 -0300 Subject: [PATCH 0042/1291] Added documentation to VirtualBox platform Added document to run CoreOS on Oracle VirtualBox platform. --- running-coreos/platforms/virtualbox/index.md | 123 +++++++++++++++++++ 1 file changed, 123 insertions(+) create mode 100644 running-coreos/platforms/virtualbox/index.md diff --git a/running-coreos/platforms/virtualbox/index.md b/running-coreos/platforms/virtualbox/index.md new file mode 100644 index 000000000..2047d4679 --- /dev/null +++ b/running-coreos/platforms/virtualbox/index.md @@ -0,0 +1,123 @@ +--- +layout: docs +slug: virtualbox +title: VirtualBox +category: running_coreos +sub_category: platforms +weight: 7 +--- + +# Running CoreOS on VirtualBox + +These instructions will walk you through running CoreOS on Oracle VM VirtualBox. + +## Building the virtual disk + +There is a script that simplify the VDI building. It downloads a bare-metal +image, verifies it with GPG and convert the image to VirtualBox format. + +The script is located at +[Github](https://github.com/coreos/scripts/blob/master/contrib/create-coreos-vdi +"create-coreos-vdi"). +The running host must support VirtualBox tools. + +As first step, you must download and make it executable. + +```sh +wget https://raw.github.com/coreos/scripts/master/contrib/create-coreos-vdi +chmod +x create-coreos-vdi +``` + +To run the script you can specify a destination location and the CoreOS version. + +```sh +./create-coreos-vdi -d /data/VirtualBox/Templates +``` + +If you want a specific version of CoreOS, you can find which versions is +available to download on +[CoreOS storage](http://storage.core-os.net/coreos/amd64-usr/index.html). Then +just specify the desired version to the script. + +```sh +./create-coreos-vdi -V 298.0.0 +``` + +After the script is finished successfully, will be available at the specified +destination location the CoreOS image or at current location. The file name will +be something like "*coreos_production_298.0.0.vdi*". + +## Creating a config-drive + +Cloud-config can be specified by attaching a +[config-drive]({{site.url}}/docs/cluster-management/setup/cloudinit-config-drive/) +with the label `config-2`. This is commonly done through whatever interface +allows for attaching cd-roms or new drives. + +Note that the config-drive standard was originally an Openstack feature, which +is why you'll see strings containing `openstack`. This filepath needs to be +retained, although CoreOS supports config-drive on all platforms. + +For more information on customization that can be done with cloud-config, head +on over to the +[cloud-config guide]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/). + +You need a config-drive to configure at least one SSH key to access the virtual +machine. If you are in hurry you can create a basic config-drive with following +steps. + +```sh +wget https://raw.github.com/coreos/scripts/master/contrib/create-basic-configdrive +chmod +x create-basic-configdrive +./create-basic-configdrive -H my_vm01 -S ~/.ssh/id_rsa.pub +``` + +Will be created an ISO file named `my_vm01.iso` that will configure a virtual +machine to accept your SSH key and set its name to my_vm01. + +## Deploying a new virtual machine on VirtualBox + +I recommend to use the built image as base image. Therefore you should clone the +image for each new virtual machine and set it to desired size. + +```sh +VBoxManage clonehd coreos_production_298.0.0.vdi my_vm01.vdi +# Resize virtual disk to 10 GB +VBoxManage modifyhd my_vm01.vdi --resize 10240 +``` + +At boot time the CoreOS will detect that the volume size changed and will resize +the filesystem according. + +Open VirtualBox Manager and go to menu Machine > New. Type the desired machine +name and choose 'Linux' type and 'Linux 2.6 / 3.x (64 bit)' version. + +Next, choose the desired memory size. I recommend 1 GB for smooth experience. + +Next, choose 'Use an existing virtual hard drive file' and find the new cloned +image. + +Click on 'Create' button to create the virtual machine. + +Next, go to settings from the created virtual machine. Then click on Storage tab +and load the created config-drive into CD/DVD drive. + +Click on 'OK' button and the virtual machine will be ready to be started. + +## Logging in + +Networking can take a bit of time to come up under VirtualBox and you will need +to know the IP in order to connect to it. Press enter a few times at the login +prompt and you see an IP address pop up. + +Now you can login using your private SSH key. + +```sh +ssh core@192.168.56.101 +``` + +## Using CoreOS + +Now that you have a machine booted it is time to play around. +Check out the [CoreOS Quickstart]({{site.url}}/docs/quickstart) guide or dig +into [more specific topics]({{site.url}}/docs). From 69a2af27dbab214b13c6325692f8bd1c4412e1ca Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 17 Apr 2014 16:06:43 -0700 Subject: [PATCH 0043/1291] feat(update-strategies): explain update strategies --- .../setup/update-strategies/index.md | 77 +++++++++++++++++++ 1 file changed, 77 insertions(+) create mode 100644 cluster-management/setup/update-strategies/index.md diff --git a/cluster-management/setup/update-strategies/index.md b/cluster-management/setup/update-strategies/index.md new file mode 100644 index 000000000..4cfa7150a --- /dev/null +++ b/cluster-management/setup/update-strategies/index.md @@ -0,0 +1,77 @@ +--- +layout: docs +title: Update Strategies +category: cluster_management +sub_category: setting_up +weight: 7 +--- + +# Update Strategies + +The overarching goal of CoreOS is to secure the internet's backend infrastructure. We believe that [automatically updating]({{site.url}}/using-coreos/updates) the operating system is one of the best tools to achieve this goal. + +We realize that each CoreOS cluster has a unique tolerance for risk and the operational needs of your applications are complex. In order to meet everyone's needs, there are four update strategies that we have developed based on feedback during our alpha period. + +It's important to note that updates are always downloaded to the passive partition when they become available. A reboot is the last step of the update, where the active and passive partitions are swapped. These strategies control how that reboot occurs: + +| Strategy | Description | +|--------------------|-------------| +| `best-effort` | Default. If etcd is running, `etcd-lock`, otherwise simply `reboot`. | +| `etcd-lock` | Reboot after first taking a distributed lock in etcd. | +| `reboot` | Reboot immediately after an update is applied. | +| `off` | Do not reboot after updates are applied. | + +## Strategy Options + +### Best Effort + +The default setting is for CoreOS to make a `best-effort` to determine if the machine is part of a cluster. Currently this logic is very simple: if etcd has started, assume that the machine is part of a cluster. + +If so, use the `etcd-lock` strategy. + +Otherwise, use the `reboot` strategy. + +### etcd-Lock + +The `etcd-lock` strategy mandates that each machine acquire and hold a reboot lock before it is allowed to reboot. The main goal behind this strategy is to allow for an update to be applied to a cluster quickly, without losing the quorum membership in etcd or rapidly reducing capacity for the services running on the cluster. The reboot lock is held until the machine releases it after a successful update. + +The number of machines allowed to reboot simultaneously is configurable via a command line utility: + +``` +$ locksmithctl set-max 4 +Old: 1 +New: 4 +``` + +This setting is stored in etcd so it won't have to be configured for subsequent machines. + +To view the number of available slots and find out which machines in the cluster are holding locks, run: + +``` +$ locksmithctl status +Available: 0 +Max: 1 + +MACHINE ID +69d27b356a94476da859461d3a3bc6fd +``` + +If needed, you can manually clear a lock by providing the machine ID: + +``` +locksmithctl unlock 69d27b356a94476da859461d3a3bc6fd +``` + +### Reboot Immediately + +The `reboot` strategy works exactly how it sounds: the machine is rebooted as soon as the update has been installed to the passive partition. If the applications running on your cluster are highly resilient, this strategy was made for you. + +### Off + +The `off` strategy is also very straightforward. The update will be installed onto the passive partion and await a reboot command to complete the update. We don't recommend this strategy unless you reboot frequently as part of your normal operations workflow + +## Updating PXE/iPXE Machines + +PXE/iPXE machines download a new copy of CoreOS every time they are started thus are dependent on the version of CoreOS they are served. If you don't automatically load new CoreOS images into your PXE/iPXE server, your machines will never have new features or security updates. + +An easy solution to this problem is to use iPXE and reference images [directly from the CoreOS storage site]({{site.url}}/docs/running-coreos/bare-metal/booting-with-ipxe/#setting-up-the-boot-script). The `alpha` URL is automatically pointed to the new version of CoreOS as it is released. \ No newline at end of file From 61ba844eb115744382176816a5af7b2d4e9471b5 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Wed, 7 May 2014 13:29:38 -0700 Subject: [PATCH 0044/1291] fix(update-strategies): add link to cloud-config --- cluster-management/setup/update-strategies/index.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/cluster-management/setup/update-strategies/index.md b/cluster-management/setup/update-strategies/index.md index 4cfa7150a..e69c2b1c7 100644 --- a/cluster-management/setup/update-strategies/index.md +++ b/cluster-management/setup/update-strategies/index.md @@ -23,6 +23,15 @@ It's important to note that updates are always downloaded to the passive partiti ## Strategy Options +The update strategy is defined in [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/#coreos): + +``` +#cloud-config +coreos: + update: + reboot-strategy: best-effort +``` + ### Best Effort The default setting is for CoreOS to make a `best-effort` to determine if the machine is part of a cluster. Currently this logic is very simple: if etcd has started, assume that the machine is part of a cluster. From 05692a0b5daea5b3761e4d81d5ac28e22b3426d5 Mon Sep 17 00:00:00 2001 From: Janusz Lewandowski Date: Thu, 8 May 2014 16:37:24 +0200 Subject: [PATCH 0045/1291] Update Vultr instructions. Vultr now supports automatic iPXE chaining, so there is no need to play with the console any more. Also, add an information about installation to the disk - as the lack of it made me confused. --- running-coreos/cloud-providers/vultr/index.md | 34 ++++++------------- 1 file changed, 11 insertions(+), 23 deletions(-) diff --git a/running-coreos/cloud-providers/vultr/index.md b/running-coreos/cloud-providers/vultr/index.md index d855a97c4..514038a7a 100644 --- a/running-coreos/cloud-providers/vultr/index.md +++ b/running-coreos/cloud-providers/vultr/index.md @@ -14,14 +14,6 @@ CoreOS is currently in heavy development and actively being tested. These instr * The location of your iPXE script (referenced later in the guide) is located at ```http://example.com/script.txt``` * You have a public + private key combination generated. Here's a helpful guide if you need to generate these keys: [How to set up SSH keys](https://www.digitalocean.com/community/articles/how-to-set-up-ssh-keys--2). -## Create the VPS - -Create a new VPS (any server type and location of your choice), and then for the "Operating System" select "Custom". Click "Place Order". - -![Any location, any size, custom OS, place order](https://s3.amazonaws.com/f.cl.ly/items/0H0l1w3u0f1F2n203d0I/Screen%20Shot%202014-04-17%20at%202.52.27%20PM.png) - -Once you receive the welcome email the VPS will be ready to use (typically less than 2-3 minutes). - ## Create the script The simplest option to boot up CoreOS is to load a script that contains the series of commands you'd otherwise need to manually type at the command line. This script needs to be publicly accessible (host this file on your own server). Save this script as a text file (.txt extension). @@ -40,24 +32,18 @@ Make sure to replace `YOUR_PUBLIC_KEY_HERE` with your actual public key, it will Additional reading can be found at [Booting CoreOS with iPXE](http://coreos.com/docs/running-coreos/bare-metal/booting-with-ipxe/) and [Embedded scripts for iPXE](http://ipxe.org/embed). -## Getting CoreOS running +## Create the VPS -Once you have received the email indicating the VPS is ready, click "Manage" for that VPS in your Vultr account area. Under "Server Actions" Click on "View Console" which will open a new window, and show the iPXE command prompt. +Create a new VPS (any server type and location of your choice), and then: -Type the following commands: +1. For the "Operating System" select "Custom", +1. Select iPXE boot, +1. Set the chain URL to the URL of your script (http://example.com/script.txt), +1. Click "Place Order". -``` -iPXE> dhcp -``` -The output should end with "OK". +![Any location, any size, custom OS, iPXE boot, set chain URL, place order](http://s18.postimg.org/5ra9lioeh/vultr.png) -then type: - -``` -iPXE> chain http://example.com/script.txt -``` - -You'll see several lines scroll past on the console as the kernel is loaded, and then the initrd is loaded. CoreOS will automatically then boot up, and you'll end up at a login prompt. +Once you receive the welcome email the VPS will be ready to use (typically less than 2-3 minutes). ## Accessing the VPS @@ -81,8 +67,10 @@ Last login: Thu Oct 17 11:42:04 UTC 2013 from 127.0.0.1 on pts/0 core@srv-n8uak ~ $ ``` - ## Using CoreOS Now that you have a cluster bootstrapped it is time to play around. + +It's currently running from RAM, based on the loaded image. You may want to [install it on the disk]({{site.url}}/docs/running-coreos/bare-metal/installing-to-disk). It's device name is /dev/vda, not sda. + Check out the [CoreOS Quickstart]({{site.url}}/docs/quickstart) guide or dig into [more specific topics]({{site.url}}/docs). From d90b80046906a8ab33c6339c2ff2ee96576452ed Mon Sep 17 00:00:00 2001 From: Jonathan Boulle Date: Thu, 8 May 2014 11:58:01 -0700 Subject: [PATCH 0046/1291] chore(vultr): clean up vultr doc --- running-coreos/cloud-providers/vultr/index.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/running-coreos/cloud-providers/vultr/index.md b/running-coreos/cloud-providers/vultr/index.md index 514038a7a..247077c69 100644 --- a/running-coreos/cloud-providers/vultr/index.md +++ b/running-coreos/cloud-providers/vultr/index.md @@ -36,10 +36,10 @@ Additional reading can be found at [Booting CoreOS with iPXE](http://coreos.com/ Create a new VPS (any server type and location of your choice), and then: -1. For the "Operating System" select "Custom", -1. Select iPXE boot, -1. Set the chain URL to the URL of your script (http://example.com/script.txt), -1. Click "Place Order". +1. For the "Operating System" select "Custom" +2. Select iPXE boot +3. Set the chain URL to the URL of your script (http://example.com/script.txt) +4. Click "Place Order" ![Any location, any size, custom OS, iPXE boot, set chain URL, place order](http://s18.postimg.org/5ra9lioeh/vultr.png) @@ -47,9 +47,9 @@ Once you receive the welcome email the VPS will be ready to use (typically less ## Accessing the VPS -You can now login to CoreOS, assuming the associated private key is in place on your local computer you'll immediately be logged in. You may need to specify the specific location using ```-i LOCATION```. If you need additional details on how to specify the location of your private key file see [here](http://www.cyberciti.biz/faq/force-ssh-client-to-use-given-private-key-identity-file/). +You can now log in to CoreOS using the associated private key on your local computer. You may need to specify its location using ```-i LOCATION```. If you need additional details on how to specify the location of your private key file see [here](http://www.cyberciti.biz/faq/force-ssh-client-to-use-given-private-key-identity-file/). -SSH to the IP of your VPS, and specify the "core" user specifically: ```ssh core@IP``` +SSH to the IP of your VPS, and specify the "core" user: ```ssh core@IP``` ``` @@ -71,6 +71,6 @@ core@srv-n8uak ~ $ Now that you have a cluster bootstrapped it is time to play around. -It's currently running from RAM, based on the loaded image. You may want to [install it on the disk]({{site.url}}/docs/running-coreos/bare-metal/installing-to-disk). It's device name is /dev/vda, not sda. +CoreOS is currently running from RAM, based on the loaded image. You may want to [install it on the disk]({{site.url}}/docs/running-coreos/bare-metal/installing-to-disk). Note that when following these instructions on Vultr, the device name should be `/dev/vda` rather than `/dev/sda`. Check out the [CoreOS Quickstart]({{site.url}}/docs/quickstart) guide or dig into [more specific topics]({{site.url}}/docs). From 6ed4338760b758d7f1110cdce420bb4dfd3cb903 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Wed, 7 May 2014 17:05:28 -0700 Subject: [PATCH 0047/1291] feat(running-coreos): add channel instructions --- .../bare-metal/booting-with-ipxe/index.md | 6 ++ .../bare-metal/booting-with-pxe/index.md | 11 ++-- .../bare-metal/installing-to-disk/index.md | 8 ++- running-coreos/cloud-providers/ec2/index.md | 56 +++++++++++-------- .../google-compute-engine/index.md | 39 ++++++++++--- .../cloud-providers/rackspace/index.md | 38 ++++++++++--- running-coreos/platforms/eucalyptus/index.md | 6 ++ running-coreos/platforms/libvirt/index.md | 6 ++ running-coreos/platforms/openstack/index.md | 6 ++ running-coreos/platforms/qemu/index.md | 10 +++- running-coreos/platforms/vmware/index.md | 6 ++ 11 files changed, 146 insertions(+), 46 deletions(-) diff --git a/running-coreos/bare-metal/booting-with-ipxe/index.md b/running-coreos/bare-metal/booting-with-ipxe/index.md index 046d24e91..b61495c9e 100644 --- a/running-coreos/bare-metal/booting-with-ipxe/index.md +++ b/running-coreos/bare-metal/booting-with-ipxe/index.md @@ -18,6 +18,12 @@ This includes many cloud providers and physical hardware. To illustrate iPXE in action we will qemu-kvm in this guide. +### Choose a Channel + +CoreOS is released into master, alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. + +The channel is selected through the `set coreos-version` below. Simply replace `alpha` with `beta`. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes in each channel. + ### Setting up the Boot Script iPXE downloads a boot script from a publicly available URL. diff --git a/running-coreos/bare-metal/booting-with-pxe/index.md b/running-coreos/bare-metal/booting-with-pxe/index.md index 7e7b5a55e..2d62dc096 100644 --- a/running-coreos/bare-metal/booting-with-pxe/index.md +++ b/running-coreos/bare-metal/booting-with-pxe/index.md @@ -67,7 +67,13 @@ ssh_authorized_keys: You can view all of the [cloud-config options here]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/). -### Download the files +### Choose a Channel + +CoreOS is released into master, alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. + +The channel is selected through the `storage.core-os.net` URLs below. Simply replace `alpha` with `beta`. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes in each channel. + +PXE booted machines cannot currently update themselves. To update to the latest version of CoreOS download/verify these files again and reboot. In the config above you can see that a Kernel image and a initramfs file is needed. Download these two files into your tftp root. @@ -83,9 +89,6 @@ gpg --verify coreos_production_pxe.vmlinuz.sig gpg --verify coreos_production_pxe_image.cpio.gz.sig ``` -PXE booted machines cannot currently update themselves. -To update to the latest version of CoreOS download/verify these files again and reboot. - [verify-notes]: {{site.url}}/docs/sdk-distributors/distributors/notes-for-distributors/#importing-images ## Booting the Box diff --git a/running-coreos/bare-metal/installing-to-disk/index.md b/running-coreos/bare-metal/installing-to-disk/index.md index daa35a21f..cc788d7fc 100644 --- a/running-coreos/bare-metal/installing-to-disk/index.md +++ b/running-coreos/bare-metal/installing-to-disk/index.md @@ -17,11 +17,17 @@ Essentially it downloads an image, verifies it with gpg and then copies it bit f The script is self-contained and located [on Github here](https://raw.github.com/coreos/init/master/bin/coreos-install "coreos-install"). It is already installed if you are booting CoreOS via PXE but you can also use it from other Linux distributions. +## Choose a Channel + +CoreOS is released into master, alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. + +When running on CoreOS the install script will attempt to install the same version (and channel) by default. + ``` coreos-install -d /dev/sda ``` -When running on CoreOS the install script will attempt to install the same version. If you want to ensure you are installing the latest available version use the `-V` option: +If you want to ensure you are installing the latest available version on a channel, use the `-V` option: ``` coreos-install -d /dev/sda -V alpha diff --git a/running-coreos/cloud-providers/ec2/index.md b/running-coreos/cloud-providers/ec2/index.md index 3b64f19e3..a81c2defb 100644 --- a/running-coreos/cloud-providers/ec2/index.md +++ b/running-coreos/cloud-providers/ec2/index.md @@ -8,22 +8,23 @@ cloud-formation-launch-logo: https://s3.amazonaws.com/cloudformation-examples/cl --- {% capture cf_template %}{{ site.https-s3 }}/dist/aws/coreos-alpha.template{% endcapture %} -# Running CoreOS {{ site.ami-version }} on EC2 +# Running CoreOS {{site.data.alpha-channel.ami-version}} on EC2 The current AMIs for all CoreOS channels and EC2 regions are listed below and updated frequently. Using CloudFormation is the easiest way to launch a cluster, but you can also follow the manual steps at the end of the article. You can direct questions to the [IRC channel][irc] or [mailing list][coreos-dev]. ## Choosing a Channel -CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updates) with different schedules per channel. You can [disable this feature]({{site.url}}/docs/cluster-management/debugging/prevent-reboot-after-update), although we don't recommend it. Release notes can currently be found on [Github](https://github.com/coreos/manifest/releases) but we're researching better options. +CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updates) with different schedules per channel. You can [disable this feature]({{site.url}}/docs/cluster-management/debugging/prevent-reboot-after-update), although we don't recommend it. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes.
-
+
-

The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.ami-version}}.

+

The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

@@ -34,27 +35,36 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat - {% assign pairs = site.amis-all | split: "|" %} - {% for item in pairs %} - - {% assign amis = item | split: "=" %} - {% for item in amis limit:1 offset:0 %} - {% assign region = item %} - {% endfor %} - {% for item in amis limit:1 offset:1 %} - {% assign ami-id = item %} + {% for region in site.data.alpha-channel.amis %} + + + + + {% endfor %} - {% if region == "us-east-1" %} - {% assign ami-us-east-1 = ami-id %} - {% endif %} - + +
{{ region.name }}{{ region.ami-id }}Launch Stack
+
+
+
+

The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.beta-channel}}.

+
+ + + + + + + + + + {% for region in site.data.beta-channel.amis %} - - - + + + - - {% endfor %} + {% endfor %}
EC2 RegionAMI IDCloudFormation
{{ region }}{{ ami-id }}Launch Stack{{ region.name }}{{ region.ami-id }}Launch Stack
diff --git a/running-coreos/cloud-providers/google-compute-engine/index.md b/running-coreos/cloud-providers/google-compute-engine/index.md index 6561b7663..88b379ce2 100644 --- a/running-coreos/cloud-providers/google-compute-engine/index.md +++ b/running-coreos/cloud-providers/google-compute-engine/index.md @@ -6,7 +6,7 @@ weight: 3 title: Google Compute Engine --- -# Running CoreOS {{ site.version-string }} on Google Compute Engine +# Running CoreOS {{ site.alpha-channel }} on Google Compute Engine CoreOS on Google Compute Engine (GCE) is currently in heavy development and actively being tested. The current disk image is listed below and relies on GCE's recently announced [Advanced OS Support][gce-advanced-os]. Each time a new update is released, your machines will [automatically upgrade themselves]({{ site.url }}/using-coreos/updates). @@ -15,13 +15,34 @@ Before proceeding, you will need to [install gcutil][gcutil-documentation] and c [gce-advanced-os]: http://developers.google.com/compute/docs/transition-v1#customkernelbinaries [gcutil-documentation]: https://developers.google.com/compute/docs/gcutil/ -## Image creation - -At the moment CoreOS images are not publicly listed in GCE and must be added to your own account from a raw disk image published in Google Cloud Storage: - -``` -gcutil --project= addimage --description="CoreOS {{ site.version-string }}" coreos-v{{ site.gce-version-id }} gs://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_gce.tar.gz -``` +## Choosing a Channel + +CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updates) with different schedules per channel. You can [disable this feature]({{site.url}}/docs/cluster-management/debugging/prevent-reboot-after-update), although we don't recommend it. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes. + +
+ +
+
+
+

The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

+
+

At the moment CoreOS images are not publicly listed in GCE and must be added to your own account from a raw disk image published in Google Cloud Storage:

+ 
+gcutil --project= addimage --description="CoreOS {{site.alpha-channel}}" coreos-v{{site.alpha-channel | replace:'.','-'}} gs://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_gce.tar.gz
+
+
+
+

The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.beta-channel}}.

+
+

At the moment CoreOS images are not publicly listed in GCE and must be added to your own account from a raw disk image published in Google Cloud Storage:

+ 
+gcutil --project= addimage --description="CoreOS {{site.beta-channel}}" coreos-v{{site.beta-channel | replace:'.','-'}} gs://storage.core-os.net/coreos/amd64-usr/beta/coreos_production_gce.tar.gz
+
+
+
## Cloud-Config @@ -51,7 +72,7 @@ coreos: Create 3 instances from the image above using our cloud-config from `cloud-config.yaml`: ``` -gcutil --project= addinstance --image=coreos-v{{ site.gce-version-id }} --persistent_boot_disk --zone=us-central1-a --machine_type=n1-standard-1 --metadata_from_file=user-data:cloud-config.yaml core1 core2 core3 +gcutil --project= addinstance --image=coreos-v{{ site.beta-channel | replace:'.','-' }} --persistent_boot_disk --zone=us-central1-a --machine_type=n1-standard-1 --metadata_from_file=user-data:cloud-config.yaml core1 core2 core3 ``` ### Additional Storage diff --git a/running-coreos/cloud-providers/rackspace/index.md b/running-coreos/cloud-providers/rackspace/index.md index e96e663f0..ca1932068 100644 --- a/running-coreos/cloud-providers/rackspace/index.md +++ b/running-coreos/cloud-providers/rackspace/index.md @@ -6,23 +6,24 @@ sub_category: cloud_provider weight: 5 --- -# Running CoreOS {{site.rackspace-version}} on Rackspace +# Running CoreOS {{site.data.beta-channel.rackspace-version}} on Rackspace CoreOS is currently in heavy development and actively being tested. These instructions will walk you through running CoreOS on the Rackspace Openstack cloud, which differs slightly from the generic Openstack instructions. There are two ways to launch a CoreOS cluster: launch an entire cluster with Heat or launch machines with Nova. ## Choosing a Channel -CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updates) with different schedules per channel. You can [disable this feature]({{site.url}}/docs/cluster-management/debugging/prevent-reboot-after-update), although we don't recommend it. Release notes can currently be found on [Github](https://github.com/coreos/manifest/releases) but we're researching better options. +CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updates) with different schedules per channel. You can [disable this feature]({{site.url}}/docs/cluster-management/debugging/prevent-reboot-after-update), although we don't recommend it. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes.
-
+
-

The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.rackspace-version}}.

+

The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.data.alpha-channel.rackspace-version}}.

@@ -35,7 +36,28 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat - + + + + +
All Regions{{site.rackspace-image-id}}{{site.data.alpha-channel.rackspace-image-id}}heat-alpha.yaml
+
+
+
+

The beta channel consists of promoted alpha releases. Current version is CoreOS {{{site.data.beta-channel.rackspace-version}}.

+
+ + + + + + + + + + + + @@ -90,7 +112,7 @@ For more general information, check out [mounting storage on CoreOS]({{site.url} ## Launch with Nova -We're going to install `rackspace-novaclient`, upload a keypair and boot the image id `{{site.rackspace-image-id}}`. +We're going to install `rackspace-novaclient`, upload a keypair and boot the image id from above. ### Install Supernova Tool @@ -141,7 +163,7 @@ Check you make sure the key is in your list by running `supernova production key Boot a new server with our new keypair and specify optional cloud-config data. ``` -supernova production boot --image {{site.rackspace-image-id}} --flavor performance1-2 --key-name coreos-key --user-data ~/cloud_config.yml --config-drive true My_CoreOS_Server +supernova production boot --image {{site.data.beta-channel.rackspace-image-id}} --flavor performance1-2 --key-name coreos-key --user-data ~/cloud_config.yml --config-drive true My_CoreOS_Server ``` You should now see the details of your new server in your terminal and it should also show up in the control panel: diff --git a/running-coreos/platforms/eucalyptus/index.md b/running-coreos/platforms/eucalyptus/index.md index 405253479..096e6b71e 100644 --- a/running-coreos/platforms/eucalyptus/index.md +++ b/running-coreos/platforms/eucalyptus/index.md @@ -16,6 +16,12 @@ These instructions will walk you through downloading CoreOS, bundling the image, These steps will download the CoreOS image, uncompress it, convert it from qcow->raw, and then import it into Eucalyptus. In order to convert the image you will need to install ```qemu-img``` with your favorite package manager. +### Choosing a Channel + +CoreOS is released into master, alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. + +The channel is selected through the `storage.core-os.net` below. Simply replace `alpha` with `beta`. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes in each channel. + ``` $ wget -q http://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_openstack_image.img.bz2 $ bunzip2 coreos_production_openstack_image.img.bz2 diff --git a/running-coreos/platforms/libvirt/index.md b/running-coreos/platforms/libvirt/index.md index 9364b9303..aca3c3050 100644 --- a/running-coreos/platforms/libvirt/index.md +++ b/running-coreos/platforms/libvirt/index.md @@ -22,6 +22,12 @@ In this guide, the example virtual machine we are creating is called coreos0 and all files are stored in /var/lib/libvirt/images/coreos0. This is not a requirement — feel free to substitute that path if you use another one. +### Choosing a Channel + +CoreOS is released into master, alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. + +The channel is selected through the `storage.core-os.net` below. Simply replace `alpha` with `beta`. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes in each channel. + We start by downloading the most recent disk image: mkdir -p /var/lib/libvirt/images/coreos0 diff --git a/running-coreos/platforms/openstack/index.md b/running-coreos/platforms/openstack/index.md index ec1301d30..3721f98dc 100644 --- a/running-coreos/platforms/openstack/index.md +++ b/running-coreos/platforms/openstack/index.md @@ -17,6 +17,12 @@ it with the `glance` tool and running your first cluster with the `nova` tool. These steps will download the CoreOS image, uncompress it and then import it into the glance image store. +### Choosing a Channel + +CoreOS is released into master, alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. + +The channel is selected through the `storage.core-os.net` below. Simply replace `alpha` with `beta`. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes in each channel. + ``` $ wget http://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_openstack_image.img.bz2 $ bunzip2 coreos_production_openstack_image.img.bz2 diff --git a/running-coreos/platforms/qemu/index.md b/running-coreos/platforms/qemu/index.md index 0087996c1..d8eda30e4 100644 --- a/running-coreos/platforms/qemu/index.md +++ b/running-coreos/platforms/qemu/index.md @@ -69,7 +69,15 @@ Wiki][qemugen]. Usually this should be sufficient: ## Startup CoreOS Once QEMU is installed you can download and start the latest CoreOS -image. There are two files you need: the disk image (provided in qcow2 +image. + +### Choosing a Channel + +CoreOS is released into master, alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. + +The channel is selected through the `storage.core-os.net` below. Simply replace `alpha` with `beta`. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes in each channel. + +There are two files you need: the disk image (provided in qcow2 format) and the wrapper shell script to start QEMU. mkdir coreos; cd coreos diff --git a/running-coreos/platforms/vmware/index.md b/running-coreos/platforms/vmware/index.md index 611bbc8de..ed7850567 100644 --- a/running-coreos/platforms/vmware/index.md +++ b/running-coreos/platforms/vmware/index.md @@ -18,6 +18,12 @@ If you are familiar with another VMware product you can use these instructions a These steps will download the VMware image and extract the zip file. After that you will need to launch the `coreos_developer_vmware_insecure.vmx` file to create a VM. +### Choosing a Channel + +CoreOS is released into master, alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. + +The channel is selected through the `storage.core-os.net` below. Simply replace `alpha` with `beta`. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes in each channel. + This is a rough sketch that should work on OSX and Linux: ``` From e9e5ac6f360050dc55a8a8c696552d5e9b3dadd9 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 8 May 2014 12:11:01 -0700 Subject: [PATCH 0048/1291] fix(ec2,gce,rax): include additional tabs for switching channels --- running-coreos/cloud-providers/ec2/index.md | 185 +++++++++++++++--- .../google-compute-engine/index.md | 25 ++- .../cloud-providers/rackspace/index.md | 50 +++-- 3 files changed, 210 insertions(+), 50 deletions(-) diff --git a/running-coreos/cloud-providers/ec2/index.md b/running-coreos/cloud-providers/ec2/index.md index a81c2defb..fca4b32ef 100644 --- a/running-coreos/cloud-providers/ec2/index.md +++ b/running-coreos/cloud-providers/ec2/index.md @@ -8,7 +8,7 @@ cloud-formation-launch-logo: https://s3.amazonaws.com/cloudformation-examples/cl --- {% capture cf_template %}{{ site.https-s3 }}/dist/aws/coreos-alpha.template{% endcapture %} -# Running CoreOS {{site.data.alpha-channel.ami-version}} on EC2 +# Running CoreOS on EC2 The current AMIs for all CoreOS channels and EC2 regions are listed below and updated frequently. Using CloudFormation is the easiest way to launch a cluster, but you can also follow the manual steps at the end of the article. You can direct questions to the [IRC channel][irc] or [mailing list][coreos-dev]. @@ -140,7 +140,11 @@ If you would like to create multiple clusters you will need to change the "Stack [us-east-latest-quicklaunch]: https://console.aws.amazon.com/ec2/home?region=us-east-1#launchAmi={{ami-us-east-1}} "{{ami-us-east-1}}" -**TL;DR:** launch three instances of [{{ami-us-east-1}}][us-east-latest-quicklaunch] in **us-east-1** with a security group that has open port 22, 4001, and 7001 and the same "User Data" of each host. SSH uses the `core` user and you have [etcd][etcd-docs] and [docker][docker-docs] to play with. +{% for region in site.data.alpha-channel.amis %} + {% if region.name == 'us-east-1' %} +**TL;DR:** launch three instances of [{{region.ami-id}}](https://console.aws.amazon.com/ec2/home?region={{region.name}}#launchAmi={{region.ami-id}}) in **{{region.name}}** with a security group that has open port 22, 4001, and 7001 and the same "User Data" of each host. SSH uses the `core` user and you have [etcd][etcd-docs] and [docker][docker-docs] to play with. + {% endif %} +{% endfor %} ### Creating the security group @@ -172,37 +176,162 @@ First we need to create a security group to allow CoreOS instances to communicat ### Launching a test cluster -We will be launching three instances, with a few parameters in the User Data, and selecting our security group. - -1. Open the quick launch by clicking [here][us-east-latest-quicklaunch] (shift+click for new tab) - * For reference, the current us-east-1 is: [{{ami-us-east-1}}][us-east-latest-quicklaunch] -2. On the second page of the wizard, launch 3 servers to test our clustering - * Number of instances: 3 - * Click "Continue" -3. Next, we need to specify a discovery URL, which contains a unique token that allows us to find other hosts in our cluster. If you're launching your first machine, generate one at [https://discovery.etcd.io/new](https://discovery.etcd.io/new) and add it to the metadata. You should re-use this key for each machine in the cluster. +
+ +
+
+

We will be launching three instances, with a few parameters in the User Data, and selecting our security group.

+
    +
  1. + {% for region in site.data.alpha-channel.amis %} + {% if region.name == 'us-east-1' %} + Open the quick launch wizard to boot {{region.ami-id}}. + {% endif %} + {% endfor %} +
    2. +
  2. + On the second page of the wizard, launch 3 servers to test our clustering +
      +
    • Number of instances: 3
      • +
    • Click "Continue"
      • +
    +
    3. +
  3. + Next, we need to specify a discovery URL, which contains a unique token that allows us to find other hosts in our cluster. If you're launching your first machine, generate one at https://discovery.etcd.io/new and add it to the metadata. You should re-use this key for each machine in the cluster. +
    4. + 
    +#cloud-config
 
-```
+coreos:
+  etcd:
+    # generate a new token from https://discovery.etcd.io/new
+    discovery: https://discovery.etcd.io/<token>
+    # multi-region and multi-cloud deployments need to use $public_ipv4
+    addr: $private_ipv4:4001
+    peer-addr: $private_ipv4:7001
+  units:
+    - name: etcd.service
+      command: start
+    - name: fleet.service
+      command: start
+
    +
  4. + Back in the EC2 dashboard, paste this information verbatim into the "User Data" field. +
      +
    • Paste link into "User Data"
      • +
    • "Continue"
      • +
    +
    5. +
  5. + Storage Configuration +
      +
    • "Continue"
      • +
    +
    6. +
  6. + Tags +
      +
    • "Continue"
      • +
    +
    7. +
  7. + Create Key Pair +
      +
    • Choose a key of your choice, it will be added in addition to the one in the gist.
      • +
    • "Continue"
      • +
    +
    8. +
  8. + Choose one or more of your existing Security Groups +
      +
    • "coreos-testing" as above.
      • +
    • "Continue"
      • +
    +
    9. +
  9. + Launch! +
    10. +
+
+
+

We will be launching three instances, with a few parameters in the User Data, and selecting our security group.

+
    +
  1. + {% for region in site.data.beta-channel.amis %} + {% if region.name == 'us-east-1' %} + Open the quick launch wizard to boot {{region.ami-id}}. + {% endif %} + {% endfor %} +
    2. +
  2. + On the second page of the wizard, launch 3 servers to test our clustering +
      +
    • Number of instances: 3
      • +
    • Click "Continue"
      • +
    +
    3. +
  3. + Next, we need to specify a discovery URL, which contains a unique token that allows us to find other hosts in our cluster. If you're launching your first machine, generate one at https://discovery.etcd.io/new and add it to the metadata. You should re-use this key for each machine in the cluster. +
    4. + 
     #cloud-config
 
 coreos:
   etcd:
-    discovery_url: https://discovery.etcd.io/
-    fleet:
-        autostart: yes
-```
-4. Back in the EC2 dashboard, paste this information verbatim into the "User Data" field. 
-   * Paste link into "User Data"
-   * "Continue"
-5. Storage Configuration
-   * "Continue"
-6. Tags
-   * "Continue"
-7. Create Key Pair
-   * Choose a key of your choice, it will be added in addition to the one in the gist.
-   * "Continue"
-8. Choose one or more of your existing Security Groups
-   * "coreos-testing" as above.
-9. Launch!
+    # generate a new token from https://discovery.etcd.io/new
+    discovery: https://discovery.etcd.io/<token>
+    # multi-region and multi-cloud deployments need to use $public_ipv4
+    addr: $private_ipv4:4001
+    peer-addr: $private_ipv4:7001
+  units:
+    - name: etcd.service
+      command: start
+    - name: fleet.service
+      command: start
+
    +
  4. + Back in the EC2 dashboard, paste this information verbatim into the "User Data" field. +
      +
    • Paste link into "User Data"
      • +
    • "Continue"
      • +
    +
    5. +
  5. + Storage Configuration +
      +
    • "Continue"
      • +
    +
    6. +
  6. + Tags +
      +
    • "Continue"
      • +
    +
    7. +
  7. + Create Key Pair +
      +
    • Choose a key of your choice, it will be added in addition to the one in the gist.
      • +
    • "Continue"
      • +
    +
    8. +
  8. + Choose one or more of your existing Security Groups +
      +
    • "coreos-testing" as above.
      • +
    • "Continue"
      • +
    +
    9. +
  9. + Launch! +
    10. +
+
+
+
### Automatic Rollback Limitations on EC2 diff --git a/running-coreos/cloud-providers/google-compute-engine/index.md b/running-coreos/cloud-providers/google-compute-engine/index.md index 88b379ce2..15d6c5288 100644 --- a/running-coreos/cloud-providers/google-compute-engine/index.md +++ b/running-coreos/cloud-providers/google-compute-engine/index.md @@ -6,7 +6,7 @@ weight: 3 title: Google Compute Engine --- -# Running CoreOS {{ site.alpha-channel }} on Google Compute Engine +# Running CoreOS on Google Compute Engine CoreOS on Google Compute Engine (GCE) is currently in heavy development and actively being tested. The current disk image is listed below and relies on GCE's recently announced [Advanced OS Support][gce-advanced-os]. Each time a new update is released, your machines will [automatically upgrade themselves]({{ site.url }}/using-coreos/updates). @@ -30,16 +30,14 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat

The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

At the moment CoreOS images are not publicly listed in GCE and must be added to your own account from a raw disk image published in Google Cloud Storage:

- 
-gcutil --project= addimage --description="CoreOS {{site.alpha-channel}}" coreos-v{{site.alpha-channel | replace:'.','-'}} gs://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_gce.tar.gz
+ 
gcutil --project= addimage --description="CoreOS {{site.alpha-channel}}" coreos-v{{site.alpha-channel | replace:'.','-'}} gs://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_gce.tar.gz

The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.beta-channel}}.

At the moment CoreOS images are not publicly listed in GCE and must be added to your own account from a raw disk image published in Google Cloud Storage:

- 
-gcutil --project= addimage --description="CoreOS {{site.beta-channel}}" coreos-v{{site.beta-channel | replace:'.','-'}} gs://storage.core-os.net/coreos/amd64-usr/beta/coreos_production_gce.tar.gz
+ 
gcutil --project= addimage --description="CoreOS {{site.beta-channel}}" coreos-v{{site.beta-channel | replace:'.','-'}} gs://storage.core-os.net/coreos/amd64-usr/beta/coreos_production_gce.tar.gz
@@ -71,9 +69,20 @@ coreos: Create 3 instances from the image above using our cloud-config from `cloud-config.yaml`: -``` -gcutil --project= addinstance --image=coreos-v{{ site.beta-channel | replace:'.','-' }} --persistent_boot_disk --zone=us-central1-a --machine_type=n1-standard-1 --metadata_from_file=user-data:cloud-config.yaml core1 core2 core3 -``` +
+ +
+
+ 
gcutil --project= addinstance --image=coreos-v{{ site.alpha-channel | replace:'.','-' }} --persistent_boot_disk --zone=us-central1-a --machine_type=n1-standard-1 --metadata_from_file=user-data:cloud-config.yaml core1 core2 core3
+
+
+ 
gcutil --project= addinstance --image=coreos-v{{ site.beta-channel | replace:'.','-' }} --persistent_boot_disk --zone=us-central1-a --machine_type=n1-standard-1 --metadata_from_file=user-data:cloud-config.yaml core1 core2 core3
+
+
+
### Additional Storage diff --git a/running-coreos/cloud-providers/rackspace/index.md b/running-coreos/cloud-providers/rackspace/index.md index ca1932068..6d49786be 100644 --- a/running-coreos/cloud-providers/rackspace/index.md +++ b/running-coreos/cloud-providers/rackspace/index.md @@ -6,7 +6,7 @@ sub_category: cloud_provider weight: 5 --- -# Running CoreOS {{site.data.beta-channel.rackspace-version}} on Rackspace +# Running CoreOS on Rackspace CoreOS is currently in heavy development and actively being tested. These instructions will walk you through running CoreOS on the Rackspace Openstack cloud, which differs slightly from the generic Openstack instructions. There are two ways to launch a CoreOS cluster: launch an entire cluster with Heat or launch machines with Nova. @@ -15,7 +15,7 @@ CoreOS is currently in heavy development and actively being tested. These instr CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updates) with different schedules per channel. You can [disable this feature]({{site.url}}/docs/cluster-management/debugging/prevent-reboot-after-update), although we don't recommend it. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes. -
+
  • Beta Channel
  • Alpha Channel
    • @@ -160,11 +160,22 @@ Check you make sure the key is in your list by running `supernova production key ### Boot a Server -Boot a new server with our new keypair and specify optional cloud-config data. - -``` -supernova production boot --image {{site.data.beta-channel.rackspace-image-id}} --flavor performance1-2 --key-name coreos-key --user-data ~/cloud_config.yml --config-drive true My_CoreOS_Server -``` +
    + +
    +
    +

    Boot a new server with our new keypair and specify optional cloud-config data:

    + 
    supernova production boot --image {{site.data.alpha-channel.rackspace-image-id}} --flavor performance1-2 --key-name coreos-key --user-data ~/cloud_config.yml --config-drive true My_CoreOS_Server
    +
    +
    +

    Boot a new server with our new keypair and specify optional cloud-config data:

    + 
    supernova production boot --image {{site.data.beta-channel.rackspace-image-id}} --flavor performance1-2 --key-name coreos-key --user-data ~/cloud_config.yml --config-drive true My_CoreOS_Server
    +
    +
    +
    You should now see the details of your new server in your terminal and it should also show up in the control panel: @@ -226,13 +237,24 @@ source ~/.bash_profile ### Launch the Stack -Launch the stack by providing the specified parameters. This command will reference the local file `data.yml` in the current working directory that contains the cloud-config parameters. `$(< data.yaml)` prints the contents of this file into our heat command: - -``` -heat stack-create Test --template-file https://coreos.com/dist/rackspace/heat-alpha.yaml -P key-name=coreos-key -P flavor='2 GB Performance' -P count=5 -P user-data="$(< data.yaml)" -P name="CoreOS-alpha" -``` - -You can view the [template here]({{site.url}}/dist/rackspace/heat-alpha.yaml). +
    + +
    +
    +

    Launch the stack by providing the specified parameters. This command will reference the local file `data.yml` in the current working directory that contains the cloud-config parameters. `$(< data.yaml)` prints the contents of this file into our heat command:

    + 
    heat stack-create Test --template-file https://coreos.com/dist/rackspace/heat-alpha.yaml -P key-name=coreos-key -P flavor='2 GB Performance' -P count=5 -P user-data="$(< data.yaml)" -P name="CoreOS-alpha"
    +

    You can view the template here.

    +
    +
    +

    Launch the stack by providing the specified parameters. This command will reference the local file `data.yml` in the current working directory that contains the cloud-config parameters. `$(< data.yaml)` prints the contents of this file into our heat command:

    + 
    heat stack-create Test --template-file https://coreos.com/dist/rackspace/heat-beta.yaml -P key-name=coreos-key -P flavor='2 GB Performance' -P count=5 -P user-data="$(< data.yaml)" -P name="CoreOS-beta"
    +

    You can view the template here.

    +
    +
    +
    ## Using CoreOS From a5cefe7b90de0e99f7bbfcaf65bcb7c82f5b0d40 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 8 May 2014 13:11:15 -0700 Subject: [PATCH 0049/1291] fix(bare-metal): improve channel selection info --- .../bare-metal/booting-with-ipxe/index.md | 32 +++++++++++---- .../bare-metal/booting-with-pxe/index.md | 41 +++++++++++++------ .../bare-metal/installing-to-disk/index.md | 34 ++++++++++----- 3 files changed, 76 insertions(+), 31 deletions(-) diff --git a/running-coreos/bare-metal/booting-with-ipxe/index.md b/running-coreos/bare-metal/booting-with-ipxe/index.md index b61495c9e..02b164592 100644 --- a/running-coreos/bare-metal/booting-with-ipxe/index.md +++ b/running-coreos/bare-metal/booting-with-ipxe/index.md @@ -22,22 +22,38 @@ To illustrate iPXE in action we will qemu-kvm in this guide. CoreOS is released into master, alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. -The channel is selected through the `set coreos-version` below. Simply replace `alpha` with `beta`. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes in each channel. - ### Setting up the Boot Script -iPXE downloads a boot script from a publicly available URL. -You will need to host this URL somewhere public and replace the example SSH key with your own. You can also run a [custom iPXE server](https://github.com/kelseyhightower/coreos-ipxe-server). - -``` +
    + +
    +
    +

    iPXE downloads a boot script from a publicly available URL. You will need to host this URL somewhere public and replace the example SSH key with your own. You can also run a custom iPXE server.

    + 
     #!ipxe
 
 set coreos-version alpha
 set base-url http://storage.core-os.net/coreos/amd64-usr/${coreos-version}
 kernel ${base-url}/coreos_production_pxe.vmlinuz sshkey="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAYQC2PxAKTLdczK9+RNsGGPsz0eC2pBlydBEcrbI7LSfiN7Bo5hQQVjki+Xpnp8EEYKpzu6eakL8MJj3E28wT/vNklT1KyMZrXnVhtsmOtBKKG/++odpaavdW2/AU0l7RZiE= coreos pxe demo"
 initrd ${base-url}/coreos_production_pxe_image.cpio.gz
-boot
-```
+boot
    +
    +
    +

    iPXE downloads a boot script from a publicly available URL. You will need to host this URL somewhere public and replace the example SSH key with your own. You can also run a custom iPXE server.

    + 
    +#!ipxe
+
+set coreos-version beta
+set base-url http://storage.core-os.net/coreos/amd64-usr/${coreos-version}
+kernel ${base-url}/coreos_production_pxe.vmlinuz sshkey="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAYQC2PxAKTLdczK9+RNsGGPsz0eC2pBlydBEcrbI7LSfiN7Bo5hQQVjki+Xpnp8EEYKpzu6eakL8MJj3E28wT/vNklT1KyMZrXnVhtsmOtBKKG/++odpaavdW2/AU0l7RZiE= coreos pxe demo"
+initrd ${base-url}/coreos_production_pxe_image.cpio.gz
+boot
    +
    +
    +
    An easy place to host this boot script is on [http://pastie.org](http://pastie.org). Be sure to reference the "raw" version of script, which is accessed by clicking on the clipboard in the top right. diff --git a/running-coreos/bare-metal/booting-with-pxe/index.md b/running-coreos/bare-metal/booting-with-pxe/index.md index 2d62dc096..d6606b3e0 100644 --- a/running-coreos/bare-metal/booting-with-pxe/index.md +++ b/running-coreos/bare-metal/booting-with-pxe/index.md @@ -71,15 +71,18 @@ You can view all of the [cloud-config options here]({{site.url}}/docs/cluster-ma CoreOS is released into master, alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. -The channel is selected through the `storage.core-os.net` URLs below. Simply replace `alpha` with `beta`. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes in each channel. - -PXE booted machines cannot currently update themselves. To update to the latest version of CoreOS download/verify these files again and reboot. - -In the config above you can see that a Kernel image and a initramfs file is needed. -Download these two files into your tftp root. -The extra `coreos_production_pxe.vmlinuz.sig` and `coreos_production_pxe_image.cpio.gz.sig` files can be used to [verify the downloaded files][verify-notes]. - -``` +PXE booted machines cannot currently update themselves when new versions are released to a channel. To update to the latest version of CoreOS download/verify these files again and reboot. + +
    + +
    +
    +

    In the config above you can see that a Kernel image and a initramfs file is needed. Download these two files into your tftp root.

    +

    The coreos_production_pxe.vmlinuz.sig and coreos_production_pxe_image.cpio.gz.sig files can be used to verify the downloaded files.

    + 
     cd /var/lib/tftpboot
 wget http://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_pxe.vmlinuz
 wget http://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_pxe.vmlinuz.sig
@@ -87,9 +90,23 @@ wget http://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_pxe_ima
 wget http://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_pxe_image.cpio.gz.sig
 gpg --verify coreos_production_pxe.vmlinuz.sig
 gpg --verify coreos_production_pxe_image.cpio.gz.sig
-```
-
-[verify-notes]: {{site.url}}/docs/sdk-distributors/distributors/notes-for-distributors/#importing-images
+
    +
    +
    +

    In the config above you can see that a Kernel image and a initramfs file is needed. Download these two files into your tftp root.

    +

    The coreos_production_pxe.vmlinuz.sig and coreos_production_pxe_image.cpio.gz.sig files can be used to verify the downloaded files.

    + 
    +cd /var/lib/tftpboot
+wget http://storage.core-os.net/coreos/amd64-usr/beta/coreos_production_pxe.vmlinuz
+wget http://storage.core-os.net/coreos/amd64-usr/beta/coreos_production_pxe.vmlinuz.sig
+wget http://storage.core-os.net/coreos/amd64-usr/beta/coreos_production_pxe_image.cpio.gz
+wget http://storage.core-os.net/coreos/amd64-usr/beta/coreos_production_pxe_image.cpio.gz.sig
+gpg --verify coreos_production_pxe.vmlinuz.sig
+gpg --verify coreos_production_pxe_image.cpio.gz.sig
+
    +
    +
    +
    ## Booting the Box diff --git a/running-coreos/bare-metal/installing-to-disk/index.md b/running-coreos/bare-metal/installing-to-disk/index.md index cc788d7fc..0000a07a7 100644 --- a/running-coreos/bare-metal/installing-to-disk/index.md +++ b/running-coreos/bare-metal/installing-to-disk/index.md @@ -14,24 +14,36 @@ weight: 7 There is a simple installer that will destroy everything on the given target disk and install CoreOS. Essentially it downloads an image, verifies it with gpg and then copies it bit for bit to disk. -The script is self-contained and located [on Github here](https://raw.github.com/coreos/init/master/bin/coreos-install "coreos-install"). -It is already installed if you are booting CoreOS via PXE but you can also use it from other Linux distributions. +The script is self-contained and located [on Github here](https://raw.github.com/coreos/init/master/bin/coreos-install "coreos-install") and can be run from any Linux distribution. -## Choose a Channel - -CoreOS is released into master, alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. - -When running on CoreOS the install script will attempt to install the same version (and channel) by default. +If you have already booting CoreOS via PXE, the install script is already installed. By default the install script will attempt to install the same version and channel that was PXE-booted: ``` coreos-install -d /dev/sda ``` -If you want to ensure you are installing the latest available version on a channel, use the `-V` option: +## Choose a Channel -``` -coreos-install -d /dev/sda -V alpha -``` +CoreOS is released into master, alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. + +
    + +
    +
    +

    The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

    +

    If you want to ensure you are installing the latest alpha version, use the -V option:

    + 
    coreos-install -d /dev/sda -V alpha
    +
    +
    +

    The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.beta-channel}}.

    +

    If you want to ensure you are installing the latest beta version, use the -V option:

    + 
    coreos-install -d /dev/sda -V beta
    +
    +
    +
    For reference here are the rest of the `coreos-install` options: From 0d7baa5d42d20dcc16f1adc794c82f9c7a3bab60 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 8 May 2014 14:45:31 -0700 Subject: [PATCH 0050/1291] fix(running-coreos): remove references to master channel --- running-coreos/bare-metal/booting-with-ipxe/index.md | 2 +- running-coreos/bare-metal/booting-with-pxe/index.md | 2 +- running-coreos/bare-metal/installing-to-disk/index.md | 2 +- running-coreos/platforms/eucalyptus/index.md | 2 +- running-coreos/platforms/libvirt/index.md | 2 +- running-coreos/platforms/openstack/index.md | 2 +- running-coreos/platforms/qemu/index.md | 2 +- running-coreos/platforms/vmware/index.md | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/running-coreos/bare-metal/booting-with-ipxe/index.md b/running-coreos/bare-metal/booting-with-ipxe/index.md index 02b164592..d8e9847aa 100644 --- a/running-coreos/bare-metal/booting-with-ipxe/index.md +++ b/running-coreos/bare-metal/booting-with-ipxe/index.md @@ -20,7 +20,7 @@ To illustrate iPXE in action we will qemu-kvm in this guide. ### Choose a Channel -CoreOS is released into master, alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. +CoreOS is released into alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. ### Setting up the Boot Script diff --git a/running-coreos/bare-metal/booting-with-pxe/index.md b/running-coreos/bare-metal/booting-with-pxe/index.md index d6606b3e0..02faaa7be 100644 --- a/running-coreos/bare-metal/booting-with-pxe/index.md +++ b/running-coreos/bare-metal/booting-with-pxe/index.md @@ -69,7 +69,7 @@ You can view all of the [cloud-config options here]({{site.url}}/docs/cluster-ma ### Choose a Channel -CoreOS is released into master, alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. +CoreOS is released into alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. PXE booted machines cannot currently update themselves when new versions are released to a channel. To update to the latest version of CoreOS download/verify these files again and reboot. diff --git a/running-coreos/bare-metal/installing-to-disk/index.md b/running-coreos/bare-metal/installing-to-disk/index.md index 0000a07a7..131b14804 100644 --- a/running-coreos/bare-metal/installing-to-disk/index.md +++ b/running-coreos/bare-metal/installing-to-disk/index.md @@ -24,7 +24,7 @@ coreos-install -d /dev/sda ## Choose a Channel -CoreOS is released into master, alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. +CoreOS is released into alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel.
      diff --git a/running-coreos/platforms/eucalyptus/index.md b/running-coreos/platforms/eucalyptus/index.md index 096e6b71e..108b69463 100644 --- a/running-coreos/platforms/eucalyptus/index.md +++ b/running-coreos/platforms/eucalyptus/index.md @@ -18,7 +18,7 @@ In order to convert the image you will need to install ```qemu-img``` with your ### Choosing a Channel -CoreOS is released into master, alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. +CoreOS is released into alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. The channel is selected through the `storage.core-os.net` below. Simply replace `alpha` with `beta`. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes in each channel. diff --git a/running-coreos/platforms/libvirt/index.md b/running-coreos/platforms/libvirt/index.md index aca3c3050..867fb88ab 100644 --- a/running-coreos/platforms/libvirt/index.md +++ b/running-coreos/platforms/libvirt/index.md @@ -24,7 +24,7 @@ to substitute that path if you use another one. ### Choosing a Channel -CoreOS is released into master, alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. +CoreOS is released into alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. The channel is selected through the `storage.core-os.net` below. Simply replace `alpha` with `beta`. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes in each channel. diff --git a/running-coreos/platforms/openstack/index.md b/running-coreos/platforms/openstack/index.md index 3721f98dc..63f5d70d0 100644 --- a/running-coreos/platforms/openstack/index.md +++ b/running-coreos/platforms/openstack/index.md @@ -19,7 +19,7 @@ into the glance image store. ### Choosing a Channel -CoreOS is released into master, alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. +CoreOS is released into alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. The channel is selected through the `storage.core-os.net` below. Simply replace `alpha` with `beta`. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes in each channel. diff --git a/running-coreos/platforms/qemu/index.md b/running-coreos/platforms/qemu/index.md index d8eda30e4..0dee1f641 100644 --- a/running-coreos/platforms/qemu/index.md +++ b/running-coreos/platforms/qemu/index.md @@ -73,7 +73,7 @@ image. ### Choosing a Channel -CoreOS is released into master, alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. +CoreOS is released into alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. The channel is selected through the `storage.core-os.net` below. Simply replace `alpha` with `beta`. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes in each channel. diff --git a/running-coreos/platforms/vmware/index.md b/running-coreos/platforms/vmware/index.md index ed7850567..ead01dcd1 100644 --- a/running-coreos/platforms/vmware/index.md +++ b/running-coreos/platforms/vmware/index.md @@ -20,7 +20,7 @@ you will need to launch the `coreos_developer_vmware_insecure.vmx` file to creat ### Choosing a Channel -CoreOS is released into master, alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. +CoreOS is released into alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. The channel is selected through the `storage.core-os.net` below. Simply replace `alpha` with `beta`. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes in each channel. From ed12f4f0d573c5e24a50814ff093f43f5ce18620 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 8 May 2014 16:31:57 -0700 Subject: [PATCH 0051/1291] feat(cluster-management): explain how to switch channels --- .../setup/switching-channels/index.md | 45 +++++++++++++++++++ 1 file changed, 45 insertions(+) create mode 100644 cluster-management/setup/switching-channels/index.md diff --git a/cluster-management/setup/switching-channels/index.md b/cluster-management/setup/switching-channels/index.md new file mode 100644 index 000000000..c2a4da628 --- /dev/null +++ b/cluster-management/setup/switching-channels/index.md @@ -0,0 +1,45 @@ +--- +layout: docs +title: Switching Release Channels +category: cluster_management +sub_category: setting_up +weight: 5 +--- + +# Switching Release Channels + +CoreOS is released into beta and stable channels. New features and bug fixes are tested in the alpha channel and are promoted bit-for-bit to the beta channel if no additional bugs are found. + +## Create Update Config File + +You can switch machines between channels by creating `/etc/coreos/update.conf`: + +``` +GROUP=beta +``` + +## Restart Update Engine + +The last step is to restart the update engine in order for it to pick up the changed channel: + +``` +sudo systemctl restart update-engine +``` + +## Debugging + +After the update engine is restarted, the machine should check for an update within an hour. You can view the update engine log if you'd like to see the requests that are being made to the update service: + +``` +journalctl -f -u update-engine +``` + +For reference, you can find the current version: + +``` +cat /etc/os-release +``` + +## Release Information + +You can read more about the current releases and channels on the [releases page]({{site.url}}/releases). \ No newline at end of file From c7d8843e36fff34349e830f00fa077c3b9c093c4 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 8 May 2014 17:03:36 -0700 Subject: [PATCH 0052/1291] fix(ec2): use correct name on beta CF stack --- running-coreos/cloud-providers/ec2/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/running-coreos/cloud-providers/ec2/index.md b/running-coreos/cloud-providers/ec2/index.md index fca4b32ef..a002e61ea 100644 --- a/running-coreos/cloud-providers/ec2/index.md +++ b/running-coreos/cloud-providers/ec2/index.md @@ -62,7 +62,7 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat
- + {% endfor %} From deba5d13b140a6f36e314e26558013186f3139ea Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 8 May 2014 18:10:41 -0700 Subject: [PATCH 0053/1291] feat(gce): use public gce image path --- .../google-compute-engine/index.md | 39 ++++--------------- 1 file changed, 8 insertions(+), 31 deletions(-) diff --git a/running-coreos/cloud-providers/google-compute-engine/index.md b/running-coreos/cloud-providers/google-compute-engine/index.md index 15d6c5288..4479241ec 100644 --- a/running-coreos/cloud-providers/google-compute-engine/index.md +++ b/running-coreos/cloud-providers/google-compute-engine/index.md @@ -15,33 +15,6 @@ Before proceeding, you will need to [install gcutil][gcutil-documentation] and c [gce-advanced-os]: http://developers.google.com/compute/docs/transition-v1#customkernelbinaries [gcutil-documentation]: https://developers.google.com/compute/docs/gcutil/ -## Choosing a Channel - -CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updates) with different schedules per channel. You can [disable this feature]({{site.url}}/docs/cluster-management/debugging/prevent-reboot-after-update), although we don't recommend it. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes. - -
- -
-
-
-

The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

-
-

At the moment CoreOS images are not publicly listed in GCE and must be added to your own account from a raw disk image published in Google Cloud Storage:

- 
gcutil --project= addimage --description="CoreOS {{site.alpha-channel}}" coreos-v{{site.alpha-channel | replace:'.','-'}} gs://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_gce.tar.gz
-
-
-
-

The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.beta-channel}}.

-
-

At the moment CoreOS images are not publicly listed in GCE and must be added to your own account from a raw disk image published in Google Cloud Storage:

- 
gcutil --project= addimage --description="CoreOS {{site.beta-channel}}" coreos-v{{site.beta-channel | replace:'.','-'}} gs://storage.core-os.net/coreos/amd64-usr/beta/coreos_production_gce.tar.gz
-
-
-
- ## Cloud-Config CoreOS allows you to configure machine parameters, launch systemd units on startup and more via cloud-config. Jump over to the [docs to learn about the supported features]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config). You can provide cloud-config to CoreOS via the Google Cloud console's metadata field `user-data` or via a flag using `gcutil`. @@ -65,9 +38,9 @@ coreos: command: start ``` -## Instance creation +## Choosing a Channel -Create 3 instances from the image above using our cloud-config from `cloud-config.yaml`: +CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updates) with different schedules per channel. You can [disable this feature]({{site.url}}/docs/cluster-management/debugging/prevent-reboot-after-update), although we don't recommend it. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes.
    @@ -76,10 +49,14 @@ Create 3 instances from the image above using our cloud-config from `cloud-confi
- 
gcutil --project= addinstance --image=coreos-v{{ site.alpha-channel | replace:'.','-' }} --persistent_boot_disk --zone=us-central1-a --machine_type=n1-standard-1 --metadata_from_file=user-data:cloud-config.yaml core1 core2 core3
+

The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

+

Create 3 instances from the image above using our cloud-config from `cloud-config.yaml`:

+ 
gcutil --project= addinstance --image={{site.data.alpha-channel.gce-image-path}} --persistent_boot_disk --zone=us-central1-a --machine_type=n1-standard-1 --metadata_from_file=user-data:cloud-config.yaml core1 core2 core3
- 
gcutil --project= addinstance --image=coreos-v{{ site.beta-channel | replace:'.','-' }} --persistent_boot_disk --zone=us-central1-a --machine_type=n1-standard-1 --metadata_from_file=user-data:cloud-config.yaml core1 core2 core3
+

The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.beta-channel}}.

+

Create 3 instances from the image above using our cloud-config from `cloud-config.yaml`:

+ 
gcutil --project= addinstance --image={{site.data.beta-channel.gce-image-path}} --persistent_boot_disk --zone=us-central1-a --machine_type=n1-standard-1 --metadata_from_file=user-data:cloud-config.yaml core1 core2 core3
From 19abd84d598ecd9a96f9370b9e27142de72dbad1 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 8 May 2014 18:27:41 -0700 Subject: [PATCH 0054/1291] fix(vultr): update incorrect ipxe flags --- running-coreos/cloud-providers/vultr/index.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/running-coreos/cloud-providers/vultr/index.md b/running-coreos/cloud-providers/vultr/index.md index 247077c69..200613668 100644 --- a/running-coreos/cloud-providers/vultr/index.md +++ b/running-coreos/cloud-providers/vultr/index.md @@ -22,9 +22,10 @@ A sample script will look like this : ``` #!ipxe -set coreos-version dev-channel -set base-url http://storage.core-os.net/coreos/amd64-generic/${coreos-version} -kernel ${base-url}/coreos_production_pxe.vmlinuz root=squashfs: state=tmpfs: sshkey="YOUR_PUBLIC_KEY_HERE" + +set coreos-version alpha +set base-url http://storage.core-os.net/coreos/amd64-usr/${coreos-version} +kernel ${base-url}/coreos_production_pxe.vmlinuz sshkey="YOUR_PUBLIC_KEY_HERE" initrd ${base-url}/coreos_production_pxe_image.cpio.gz boot ``` From 24d29fd00cfbfd05257f17fcd3197bbea8f50d3c Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 8 May 2014 18:34:29 -0700 Subject: [PATCH 0055/1291] feat(debugging): remove reboot guide in favor of locksmith guide --- .../prevent-reboot-after-update/index.md | 57 ------------------- 1 file changed, 57 deletions(-) delete mode 100644 cluster-management/debugging/prevent-reboot-after-update/index.md diff --git a/cluster-management/debugging/prevent-reboot-after-update/index.md b/cluster-management/debugging/prevent-reboot-after-update/index.md deleted file mode 100644 index 5753bb749..000000000 --- a/cluster-management/debugging/prevent-reboot-after-update/index.md +++ /dev/null @@ -1,57 +0,0 @@ ---- -layout: docs -slug: guides -title: Prevent Reboot After Update -category: cluster_management -sub_category: debugging -weight: 8 ---- - -# Prevent Reboot After Update - -This is a temporary workaround to disable auto updates. As we move out of the alpha there will be a nicer method. - -There is a single simple script called `update-engine-reboot-manager` that does an automatic reboot after update-engine applies an update to your CoreOS machine. To stop automatic reboots after an update has been applied you need to stop this daemon. - -## Stop Reboots on a Single Machine - -``` -sudo systemctl stop update-engine-reboot-manager.service -sudo systemctl mask update-engine-reboot-manager.service -``` - -## Stop Update Reboots with Cloud-Config - -You can use [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config) to run these commands on newly booted machines: - -``` -#cloud-config - -coreos: - units: - - name: stop-reboot-manager.service - content: | - [Unit] - Description=stop update-engine-reboot-manager - - [Service] - Type=oneshot - ExecStart=/usr/bin/systemctl stop update-engine-reboot-manager.service - ExecStartPost=/usr/bin/systemctl mask update-engine-reboot-manager.service - - [Install] - WantedBy=multi-user.target -``` - -## Applying New Updates - -You can decide to update at any time by rebooting your machine. - -## Restart Update Reboots - -``` -sudo systemctl unmask update-engine-reboot-manager.service -sudo systemctl start update-engine-reboot-manager.service -``` - -Have fun! From 00d294d278ba87544cf5065d567a512857914e59 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 8 May 2014 18:54:38 -0700 Subject: [PATCH 0056/1291] fix(gce): fix unrendered backticks --- running-coreos/cloud-providers/google-compute-engine/index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/running-coreos/cloud-providers/google-compute-engine/index.md b/running-coreos/cloud-providers/google-compute-engine/index.md index 4479241ec..ce1e312e7 100644 --- a/running-coreos/cloud-providers/google-compute-engine/index.md +++ b/running-coreos/cloud-providers/google-compute-engine/index.md @@ -50,12 +50,12 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat

The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

-

Create 3 instances from the image above using our cloud-config from `cloud-config.yaml`:

+

Create 3 instances from the image above using our cloud-config from cloud-config.yaml:

gcutil --project= addinstance --image={{site.data.alpha-channel.gce-image-path}} --persistent_boot_disk --zone=us-central1-a --machine_type=n1-standard-1 --metadata_from_file=user-data:cloud-config.yaml core1 core2 core3

The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.beta-channel}}.

-

Create 3 instances from the image above using our cloud-config from `cloud-config.yaml`:

+

Create 3 instances from the image above using our cloud-config from cloud-config.yaml:

gcutil --project= addinstance --image={{site.data.beta-channel.gce-image-path}} --persistent_boot_disk --zone=us-central1-a --machine_type=n1-standard-1 --metadata_from_file=user-data:cloud-config.yaml core1 core2 core3
From f8796fac8b99b124e0cd23487d5db63e97d5f4bc Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 8 May 2014 20:08:57 -0700 Subject: [PATCH 0057/1291] fix(gce): revert previous instructions --- .../google-compute-engine/index.md | 39 +++++++++++++++---- 1 file changed, 31 insertions(+), 8 deletions(-) diff --git a/running-coreos/cloud-providers/google-compute-engine/index.md b/running-coreos/cloud-providers/google-compute-engine/index.md index ce1e312e7..15d6c5288 100644 --- a/running-coreos/cloud-providers/google-compute-engine/index.md +++ b/running-coreos/cloud-providers/google-compute-engine/index.md @@ -15,6 +15,33 @@ Before proceeding, you will need to [install gcutil][gcutil-documentation] and c [gce-advanced-os]: http://developers.google.com/compute/docs/transition-v1#customkernelbinaries [gcutil-documentation]: https://developers.google.com/compute/docs/gcutil/ +## Choosing a Channel + +CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updates) with different schedules per channel. You can [disable this feature]({{site.url}}/docs/cluster-management/debugging/prevent-reboot-after-update), although we don't recommend it. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes. + +
+ +
+
+
+

The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

+
+

At the moment CoreOS images are not publicly listed in GCE and must be added to your own account from a raw disk image published in Google Cloud Storage:

+ 
gcutil --project= addimage --description="CoreOS {{site.alpha-channel}}" coreos-v{{site.alpha-channel | replace:'.','-'}} gs://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_gce.tar.gz
+
+
+
+

The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.beta-channel}}.

+
+

At the moment CoreOS images are not publicly listed in GCE and must be added to your own account from a raw disk image published in Google Cloud Storage:

+ 
gcutil --project= addimage --description="CoreOS {{site.beta-channel}}" coreos-v{{site.beta-channel | replace:'.','-'}} gs://storage.core-os.net/coreos/amd64-usr/beta/coreos_production_gce.tar.gz
+
+
+
+ ## Cloud-Config CoreOS allows you to configure machine parameters, launch systemd units on startup and more via cloud-config. Jump over to the [docs to learn about the supported features]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config). You can provide cloud-config to CoreOS via the Google Cloud console's metadata field `user-data` or via a flag using `gcutil`. @@ -38,9 +65,9 @@ coreos: command: start ``` -## Choosing a Channel +## Instance creation -CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updates) with different schedules per channel. You can [disable this feature]({{site.url}}/docs/cluster-management/debugging/prevent-reboot-after-update), although we don't recommend it. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes. +Create 3 instances from the image above using our cloud-config from `cloud-config.yaml`:
    @@ -49,14 +76,10 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat
-

The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

-

Create 3 instances from the image above using our cloud-config from cloud-config.yaml:

- 
gcutil --project= addinstance --image={{site.data.alpha-channel.gce-image-path}} --persistent_boot_disk --zone=us-central1-a --machine_type=n1-standard-1 --metadata_from_file=user-data:cloud-config.yaml core1 core2 core3
+ 
gcutil --project= addinstance --image=coreos-v{{ site.alpha-channel | replace:'.','-' }} --persistent_boot_disk --zone=us-central1-a --machine_type=n1-standard-1 --metadata_from_file=user-data:cloud-config.yaml core1 core2 core3
-

The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.beta-channel}}.

-

Create 3 instances from the image above using our cloud-config from cloud-config.yaml:

- 
gcutil --project= addinstance --image={{site.data.beta-channel.gce-image-path}} --persistent_boot_disk --zone=us-central1-a --machine_type=n1-standard-1 --metadata_from_file=user-data:cloud-config.yaml core1 core2 core3
+ 
gcutil --project= addinstance --image=coreos-v{{ site.beta-channel | replace:'.','-' }} --persistent_boot_disk --zone=us-central1-a --machine_type=n1-standard-1 --metadata_from_file=user-data:cloud-config.yaml core1 core2 core3
From 1f72ac86460dc57ac02ffca4d920833cfcd5ff55 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 8 May 2014 20:16:15 -0700 Subject: [PATCH 0058/1291] fix(gce): fix typo --- running-coreos/cloud-providers/google-compute-engine/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/running-coreos/cloud-providers/google-compute-engine/index.md b/running-coreos/cloud-providers/google-compute-engine/index.md index 15d6c5288..529a1427c 100644 --- a/running-coreos/cloud-providers/google-compute-engine/index.md +++ b/running-coreos/cloud-providers/google-compute-engine/index.md @@ -30,7 +30,7 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat

The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

At the moment CoreOS images are not publicly listed in GCE and must be added to your own account from a raw disk image published in Google Cloud Storage:

- 
gcutil --project= addimage --description="CoreOS {{site.alpha-channel}}" coreos-v{{site.alpha-channel | replace:'.','-'}} gs://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_gce.tar.gz
+ 
gcutil --project=<project-id> addimage --description="CoreOS {{site.alpha-channel}}" coreos-v{{site.alpha-channel | replace:'.','-'}} gs://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_gce.tar.gz
From f036ac722bb2099decf8dbefcca470046119ff22 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Fri, 9 May 2014 11:02:32 -0700 Subject: [PATCH 0059/1291] fix(rackspace): use beta heat file --- running-coreos/cloud-providers/rackspace/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/running-coreos/cloud-providers/rackspace/index.md b/running-coreos/cloud-providers/rackspace/index.md index 6d49786be..d43e2dee9 100644 --- a/running-coreos/cloud-providers/rackspace/index.md +++ b/running-coreos/cloud-providers/rackspace/index.md @@ -58,7 +58,7 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat
- +
RegionImage IDHeat Template
All Regions{{site.data.beta-channel.rackspace-image-id}} heat-alpha.yaml
{{ region.name }} {{ region.ami-id }}Launch StackLaunch Stack
All Regions {{site.data.beta-channel.rackspace-image-id}}heat-alpha.yamlheat-beta.yaml
From e8c98b8355aab0137e24ac34a977a8356b12577d Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Fri, 9 May 2014 11:10:21 -0700 Subject: [PATCH 0060/1291] fix(rackspace): remove incorrect beta reference --- .../cloud-providers/rackspace/index.md | 22 ------------------- 1 file changed, 22 deletions(-) diff --git a/running-coreos/cloud-providers/rackspace/index.md b/running-coreos/cloud-providers/rackspace/index.md index d43e2dee9..0ee0206de 100644 --- a/running-coreos/cloud-providers/rackspace/index.md +++ b/running-coreos/cloud-providers/rackspace/index.md @@ -17,7 +17,6 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat
@@ -42,27 +41,6 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat
-
-
-

The beta channel consists of promoted alpha releases. Current version is CoreOS {{{site.data.beta-channel.rackspace-version}}.

-
- - - - - - - - - - - - - - - -
RegionImage IDHeat Template
All Regions{{site.data.beta-channel.rackspace-image-id}}heat-beta.yaml
-
From ea1fb4b1c3ab0f7b0fdee373b88f587af0f8d274 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Fri, 9 May 2014 11:14:40 -0700 Subject: [PATCH 0061/1291] fix(rackspace): correct active tab --- running-coreos/cloud-providers/rackspace/index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/running-coreos/cloud-providers/rackspace/index.md b/running-coreos/cloud-providers/rackspace/index.md index 0ee0206de..22ef13a89 100644 --- a/running-coreos/cloud-providers/rackspace/index.md +++ b/running-coreos/cloud-providers/rackspace/index.md @@ -17,10 +17,10 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat
-
+

The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.data.alpha-channel.rackspace-version}}.

From 593c56e95f00e9749740ba58b112357f233162f4 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Fri, 9 May 2014 15:17:43 -0700 Subject: [PATCH 0062/1291] feat(iso): add ISO guide --- running-coreos/platforms/iso/index.md | 47 +++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) create mode 100644 running-coreos/platforms/iso/index.md diff --git a/running-coreos/platforms/iso/index.md b/running-coreos/platforms/iso/index.md new file mode 100644 index 000000000..6ca6c6837 --- /dev/null +++ b/running-coreos/platforms/iso/index.md @@ -0,0 +1,47 @@ +--- +layout: docs +title: ISO +category: running_coreos +sub_category: platforms +weight: 10 +--- + +# Booting CoreOS from an ISO + +The latest CoreOS ISOs can be downloaded from the image storage site: + +
+ +
+
+
+

The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

+
+ Download Alpha ISO + Browse Storage Site +

+

All of the files necessary to verify the image can be found on the storage site.

+
+
+
+

The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.beta-channel}}.

+
+ Download Beta ISO + Browse Storage Site +

+

All of the files necessary to verify the image can be found on the storage site.

+
+
+
+ +## Known Limitations + +1. Docker will not work out of the box +2. The best strategy for providing [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config) is via [config-drive](https://github.com/coreos/coreos-cloudinit/blob/master/Documentation/config-drive.md). + +## Install to Disk + +The most common use-case for this ISO is to install CoreOS to disk. You can [find those instructions here]({{site.url}}/docs/running-coreos/bare-metal/installing-to-disk). \ No newline at end of file From 3c2d0540c22691f4e538b3537ce0ac0599de93fa Mon Sep 17 00:00:00 2001 From: Alex Date: Wed, 14 May 2014 00:53:19 +0200 Subject: [PATCH 0063/1291] Fixed yaml syntax --- running-coreos/cloud-providers/ec2/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/running-coreos/cloud-providers/ec2/index.md b/running-coreos/cloud-providers/ec2/index.md index a002e61ea..16ea3206a 100644 --- a/running-coreos/cloud-providers/ec2/index.md +++ b/running-coreos/cloud-providers/ec2/index.md @@ -119,7 +119,7 @@ Ephemeral disks and additional EBS volumes attached to instances can be mounted #cloud-config coreos: units: - - name media-ephemeral.mount + - name: media-ephemeral.mount command: start content: | [Mount] From f7535e6200f96dde57d259ab691759998fd17df6 Mon Sep 17 00:00:00 2001 From: Rodrigo Chacon Date: Tue, 13 May 2014 20:25:08 -0300 Subject: [PATCH 0064/1291] ec2: fix CloudFormation beta template URL --- running-coreos/cloud-providers/ec2/index.md | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/running-coreos/cloud-providers/ec2/index.md b/running-coreos/cloud-providers/ec2/index.md index a002e61ea..522d4ac7e 100644 --- a/running-coreos/cloud-providers/ec2/index.md +++ b/running-coreos/cloud-providers/ec2/index.md @@ -6,7 +6,8 @@ sub_category: cloud_provider weight: 1 cloud-formation-launch-logo: https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png --- -{% capture cf_template %}{{ site.https-s3 }}/dist/aws/coreos-alpha.template{% endcapture %} +{% capture cf_alpha_template %}{{ site.https-s3 }}/dist/aws/coreos-alpha.template{% endcapture %} +{% capture cf_beta_template %}{{ site.https-s3 }}/dist/aws/coreos-beta.template{% endcapture %} # Running CoreOS on EC2 @@ -39,7 +40,7 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat {{ region.name }} {{ region.ami-id }} - Launch Stack + Launch Stack {% endfor %} @@ -62,7 +63,7 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat {{ region.name }} {{ region.ami-id }} - Launch Stack + Launch Stack {% endfor %} @@ -134,7 +135,7 @@ For more information about mounting storage, Amazon's [own documentation](http:/ To add more instances to the cluster, just launch more with the same cloud-config, the appropriate security group and the AMI for that region. New instances will join the cluster regardless of region if the security groups are configured correctly. ## Multiple Clusters -If you would like to create multiple clusters you will need to change the "Stack Name". You can find the direct [template file on S3]({{ cf_template }}). +If you would like to create multiple clusters you will need to change the "Stack Name". You can find the direct [template file on S3]({{ cf_beta_template }}). ## Manual setup From b24d90cfe78d5615dc3e6248141b1d86a1d7be17 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Tue, 13 May 2014 16:49:07 -0700 Subject: [PATCH 0065/1291] fix(running-coreos): fix minor yaml typo --- running-coreos/cloud-providers/google-compute-engine/index.md | 2 +- running-coreos/cloud-providers/rackspace/index.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/running-coreos/cloud-providers/google-compute-engine/index.md b/running-coreos/cloud-providers/google-compute-engine/index.md index 529a1427c..32bb14359 100644 --- a/running-coreos/cloud-providers/google-compute-engine/index.md +++ b/running-coreos/cloud-providers/google-compute-engine/index.md @@ -92,7 +92,7 @@ Additional disks attached to instances can be mounted with a `.mount` unit. Each #cloud-config coreos: units: - - name media-backup.mount + - name: media-backup.mount command: start content: | [Mount] diff --git a/running-coreos/cloud-providers/rackspace/index.md b/running-coreos/cloud-providers/rackspace/index.md index 22ef13a89..fec4b08ab 100644 --- a/running-coreos/cloud-providers/rackspace/index.md +++ b/running-coreos/cloud-providers/rackspace/index.md @@ -77,7 +77,7 @@ Certain server flavors have separate system and data disks. To utilize the data #cloud-config coreos: units: - - name media-data.mount + - name: media-data.mount command: start content: | [Mount] From f588f933af2affab2631e6d1febc76ee6cb80038 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Tue, 13 May 2014 16:56:52 -0700 Subject: [PATCH 0066/1291] feat(customizing-docker): configure http proxy for docker --- .../building/customizing-docker/index.md | 48 +++++++++++++++++++ 1 file changed, 48 insertions(+) diff --git a/launching-containers/building/customizing-docker/index.md b/launching-containers/building/customizing-docker/index.md index 50020d4d7..3dd7423d1 100644 --- a/launching-containers/building/customizing-docker/index.md +++ b/launching-containers/building/customizing-docker/index.md @@ -127,3 +127,51 @@ coreos: [Install] WantedBy=multi-user.target ``` + +## Use an HTTP Proxy + +If you're operating in a locked down networking environment, you can specify an HTTP proxy for docker to use via an environment variable. First, copy the existing unit from the read-only file system into the read/write file system, so we can edit it: + +``` +cp /usr/lib/systemd/system/docker.service /etc/systemd/system/ +``` + +Add a line that sets the environment variable in the unit above the `ExecStart` command: + +``` +Environment="HTTP_PROXY=http://proxy.example.com:8080" +``` + +To apply the change, reload the unit and restart docker: + +``` +systemctl daemon-reload +systemctl restart docker +``` + +### Cloud-Config + +The easiest way to use this proxy on all of your machines is via cloud-config: + +``` +#cloud-config + +coreos: + units: + - name: docker.service + command: restart + content: | + [Unit] + Description=Docker Application Container Engine + Documentation=http://docs.docker.io + After=network.target + [Service] + Environment="HTTP_PROXY=http://proxy.example.com:8080" + ExecStartPre=/bin/mount --make-rprivate / + # Run docker but don't have docker automatically restart + # containers. This is a job for systemd and unit files. + ExecStart=/usr/bin/docker -d -s=btrfs -r=false -H fd:// + + [Install] + WantedBy=multi-user.target +``` From a8014a50b5b1a557b68ce324e3f7c85cc94669bf Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Wed, 14 May 2014 12:40:33 -0700 Subject: [PATCH 0067/1291] feat(quickstart): reference cloud-config --- quickstart/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/quickstart/index.md b/quickstart/index.md index 71ff892e7..fc1c5b445 100644 --- a/quickstart/index.md +++ b/quickstart/index.md @@ -20,7 +20,7 @@ ssh core@an.ip.compute-1.amazonaws.com The first building block of CoreOS is service discovery with **etcd** ([docs][etcd-docs]). Data stored in etcd is distributed across all of your machines running CoreOS. For example, each of your app containers can announce itself to a proxy container, which would automatically know which machines should receive traffic. Building service discovery into your application allows you to add more machines and scale your services seamlessly. -The API is easy to use. From a CoreOS machine, you can simply use curl to set and retrieve a key from etcd: +If you used an example [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config) from a guide above, etcd is automatically started on boot. The API is easy to use. From a CoreOS machine, you can simply use curl to set and retrieve a key from etcd: Set a key `message` with value `Hello world`: From aee765fbb65704e22505d789a801c120b255f765 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Wed, 14 May 2014 14:16:48 -0700 Subject: [PATCH 0068/1291] feat(launching-containers): link to units repo --- .../launching/launching-containers-fleet/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/launching-containers/launching/launching-containers-fleet/index.md b/launching-containers/launching/launching-containers-fleet/index.md index 473fe3192..92442a28e 100644 --- a/launching-containers/launching/launching-containers-fleet/index.md +++ b/launching-containers/launching/launching-containers-fleet/index.md @@ -13,7 +13,7 @@ weight: 2 If you're not familiar with systemd units, check out our [Getting Started with systemd]({{site.url}}/docs/launching-containers/launching/getting-started-with-systemd) guide. -This guide assumes you're running `fleetctl` locally from a CoreOS machine that's part of a CoreOS cluster. You can also [control your cluster remotely]({{site.url}}/docs/launching-containers/launching/fleet-using-the-client/#get-up-and-running). +This guide assumes you're running `fleetctl` locally from a CoreOS machine that's part of a CoreOS cluster. You can also [control your cluster remotely]({{site.url}}/docs/launching-containers/launching/fleet-using-the-client/#get-up-and-running). All of the units referenced in this blog post are contained in the [unit-examples](https://github.com/coreos/unit-examples/tree/master/simple-fleet) repository. You can clone this onto your CoreOS box to make unit submission easier. ## Run a Container in the Cluster From 1603e4773e8da0fc786a1499111a32aaeb968c00 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Wed, 14 May 2014 15:07:39 -0700 Subject: [PATCH 0069/1291] fix(customizing-docker): fix broken link --- launching-containers/building/customizing-docker/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/launching-containers/building/customizing-docker/index.md b/launching-containers/building/customizing-docker/index.md index 50020d4d7..5c4cb9baa 100644 --- a/launching-containers/building/customizing-docker/index.md +++ b/launching-containers/building/customizing-docker/index.md @@ -72,7 +72,7 @@ coreos: ## Use Attached Storage for Docker Images -Docker containers can be very large and debugging a build process makes it easy to accumulate hundreds of containers. It's advantagous to use attached storage to expand your capacity for container images. Check out the guide to [mounting storage to your CoreOS machine]({{site.url}}/docs/cluster-management/setup/mounting-storage/index.md#use-attached-storage-for-docker) for an example of how to bind mount storage into `/var/lib/docker`. +Docker containers can be very large and debugging a build process makes it easy to accumulate hundreds of containers. It's advantagous to use attached storage to expand your capacity for container images. Check out the guide to [mounting storage to your CoreOS machine]({{site.url}}/docs/cluster-management/setup/mounting-storage/#use-attached-storage-for-docker) for an example of how to bind mount storage into `/var/lib/docker`. ## Enabling the docker Debug Flag From 66e9700a8658053b97fdf7062f31e383d8284c4a Mon Sep 17 00:00:00 2001 From: Michael Marineau Date: Wed, 14 May 2014 16:01:36 -0700 Subject: [PATCH 0070/1291] fix(pxe): Note difference between tty0 and tty1 tty0 is normally used with the console= option (enable kernel output on the VGA console) but coreos.autologin= should be tty1 or greater since the login getty is on a virtual terminal, not the VGA console itself. --- running-coreos/bare-metal/booting-with-pxe/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/running-coreos/bare-metal/booting-with-pxe/index.md b/running-coreos/bare-metal/booting-with-pxe/index.md index 02faaa7be..206472439 100644 --- a/running-coreos/bare-metal/booting-with-pxe/index.md +++ b/running-coreos/bare-metal/booting-with-pxe/index.md @@ -30,7 +30,7 @@ When configuring the CoreOS pxelinux.cfg there are a few kernel options that may - **root**: Use a local filesystem for root instead of one of two in-ram options above. The filesystem must be formatted in advance but may be completely blank, it will be initialized on boot. The filesystem may be specified by any of the usual ways including device, label, or UUID; e.g: `root=/dev/sda1`, `root=LABEL=ROOT` or `root=UUID=2c618316-d17a-4688-b43b-aa19d97ea821`. - **sshkey**: Add the given SSH public key to the `core` user's authorized_keys file. Replace the example key below with your own (it is usually in `~/.ssh/id_rsa.pub`) - **console**: Enable kernel output and a login prompt on a given tty. The default, `tty0`, generally maps to VGA. Can be used multiple times, e.g. `console=tty0 console=ttyS0` -- **coreos.autologin**: Drop directly to a shell on a given console without prompting for a password. Useful for troubleshooting but use with caution. For any console that doesn't normally get a login prompt by default be sure to combine with the `console` option, e.g. `console=ttyS0 coreos.autologin=ttyS0`. Without any argument it enables access on all consoles. *Experimental* +- **coreos.autologin**: Drop directly to a shell on a given console without prompting for a password. Useful for troubleshooting but use with caution. For any console that doesn't normally get a login prompt by default be sure to combine with the `console` option, e.g. `console=tty0 console=ttyS0 coreos.autologin=tty1 coreos.autologin=ttyS0`. Without any argument it enables access on all consoles. Note that for the VGA console the login prompts are on virtual terminals (`tty1`, `tty2`, etc), not the VGA console itself (`tty0`). - **cloud-config-url**: CoreOS will attempt to download a cloud-config document and use it to provision your booted system. See the [coreos-cloudinit-project][cloudinit] for more information. [cloudinit]: https://github.com/coreos/coreos-cloudinit From b4cb4c18dfc1fc36fbe6733b4fb7282522157259 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 15 May 2014 10:38:36 -0700 Subject: [PATCH 0071/1291] fix(launching-containers): fix typo --- .../launching/launching-containers-fleet/index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/launching-containers/launching/launching-containers-fleet/index.md b/launching-containers/launching/launching-containers-fleet/index.md index 473fe3192..67350111a 100644 --- a/launching-containers/launching/launching-containers-fleet/index.md +++ b/launching-containers/launching/launching-containers-fleet/index.md @@ -107,7 +107,7 @@ X-ConditionMachineOf=apache.1.service This unit has a few interesting properties. First, it uses `BindsTo` to link the unit to our `apache.1.service` unit. When the Apache unit is stopped, this unit will stop as well, causing it to be removed from our `/services/website` directory in `etcd`. A TTL of 60 seconds is also being used here to remove the unit from the directory if our machine suddenly died for some reason. -Second is `%H`, a variable built into systemd, that represents the hostname of the machine running this unit. Variable usage is coverd in our [Getting Started with systemd]({{site.url}}/docs/launching-containers/launching/getting-started-with-systemd/#unit-variables) guide as well as in [systemd documentation](http://www.freedesktop.org/software/systemd/man/systemd.unit.html#Specifiers). +Second is `%H`, a variable built into systemd, that represents the hostname of the machine running this unit. Variable usage is covered in our [Getting Started with systemd]({{site.url}}/docs/launching-containers/launching/getting-started-with-systemd/#unit-variables) guide as well as in [systemd documentation](http://www.freedesktop.org/software/systemd/man/systemd.unit.html#Specifiers). The third is a fleet-specific property called `X-ConditionMachineOf`. This property causes the unit to be placed onto the same machine that `apache.1.service` is running on. @@ -144,4 +144,4 @@ If you're running in the cloud, many services have APIs that can be automated ba #### More Information Example Deployment with fleet fleet Unit Specifications -fleet Configuration \ No newline at end of file +fleet Configuration From ee4c0d40cb9d1ba009fe06b1a85774a8d4117128 Mon Sep 17 00:00:00 2001 From: Hugo Duncan Date: Thu, 15 May 2014 15:44:54 -0400 Subject: [PATCH 0072/1291] Add an example binding docker to localhost port Add an example of binding the port to localhost to prevent external access --- launching-containers/building/customizing-docker/index.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/launching-containers/building/customizing-docker/index.md b/launching-containers/building/customizing-docker/index.md index 5c4cb9baa..0a0c4495e 100644 --- a/launching-containers/building/customizing-docker/index.md +++ b/launching-containers/building/customizing-docker/index.md @@ -70,6 +70,12 @@ coreos: ExecStart=/usr/bin/systemctl enable docker-tcp.socket ``` +To keep access to the port local, replace the `ListenStream` configuration above with: + +``` + ListenStream=127.0.0.1:4243 +``` + ## Use Attached Storage for Docker Images Docker containers can be very large and debugging a build process makes it easy to accumulate hundreds of containers. It's advantagous to use attached storage to expand your capacity for container images. Check out the guide to [mounting storage to your CoreOS machine]({{site.url}}/docs/cluster-management/setup/mounting-storage/#use-attached-storage-for-docker) for an example of how to bind mount storage into `/var/lib/docker`. From 7542182a5c61e040f16f23f163fbb0f02bab4eb5 Mon Sep 17 00:00:00 2001 From: Hugo Duncan Date: Thu, 15 May 2014 17:50:17 -0400 Subject: [PATCH 0073/1291] Add section header --- launching-containers/building/customizing-docker/index.md | 1 + 1 file changed, 1 insertion(+) diff --git a/launching-containers/building/customizing-docker/index.md b/launching-containers/building/customizing-docker/index.md index 0a0c4495e..3ba80cb21 100644 --- a/launching-containers/building/customizing-docker/index.md +++ b/launching-containers/building/customizing-docker/index.md @@ -73,6 +73,7 @@ coreos: To keep access to the port local, replace the `ListenStream` configuration above with: ``` + [Socket] ListenStream=127.0.0.1:4243 ``` From a1b0a9dfe4f935161b8ba1a8a1678248988e5133 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Fri, 16 May 2014 10:12:19 -0700 Subject: [PATCH 0074/1291] fix(running-coreos): bump vagrant/virtualbox requirements --- running-coreos/platforms/vagrant/index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/running-coreos/platforms/vagrant/index.md b/running-coreos/platforms/vagrant/index.md index 564ff85cc..1d038e2af 100644 --- a/running-coreos/platforms/vagrant/index.md +++ b/running-coreos/platforms/vagrant/index.md @@ -18,11 +18,11 @@ You can direct questions to the [IRC channel][irc] or [mailing list][coreos-dev] Vagrant is a simple-to-use command line virtual machine manager. There are install packages available for Windows, Linux and OSX. Find the latest installer on the [Vagrant downloads page][vagrant]. Be sure to get -version 1.5 or greater. +version 1.6.3 or greater. [vagrant]: http://www.vagrantup.com/downloads.html -Vagrant can use either the free Virtualbox provider or the commerical VMware provider. Instructions for both are below. For the Virtualbox provider, version 4.0 or greater is required. +Vagrant can use either the free Virtualbox provider or the commerical VMware provider. Instructions for both are below. For the Virtualbox provider, version 4.3.10 or greater is required. ## Clone Vagrant Repo From 0f0a5d6ac6f069472db7ac981a7570b7fa1d078d Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 17 Apr 2014 13:59:54 -0700 Subject: [PATCH 0075/1291] feat(customizing-docker): dockercfg for authentication --- .../building/customizing-docker/index.md | 55 +++++++++++++++++++ 1 file changed, 55 insertions(+) diff --git a/launching-containers/building/customizing-docker/index.md b/launching-containers/building/customizing-docker/index.md index d4c37b9b0..134236649 100644 --- a/launching-containers/building/customizing-docker/index.md +++ b/launching-containers/building/customizing-docker/index.md @@ -175,3 +175,58 @@ coreos: [Install] WantedBy=multi-user.target ``` + +## Using a dockercfg File for Authentication + +A json file `.dockercfg` can be created in your home directory that holds authentication information for a public or private docker registry. The auth token is a base64 encoded string: `base64(:)`. Here's what an example looks like with credentials for docker's public index and a private index: + +``` +{ + "https://index.docker.io/v1/": { + "auth": "xXxXxXxXxXx=", + "email": "username@example.com" + }, + "https://index.example.com": { + "auth": "XxXxXxXxXxX=", + "email": "username@example.com" + } +} +``` + +The last step is to tell your systemd units to run as the core user in order for docker to use the credentials we just set up. This is done in the service section of the unit: + +``` +[Unit] +Description=My Container +After=docker.service + +[Service] +User=core +ExecStart=/usr/bin/docker run busybox /bin/sh -c "while true; do echo Hello World; sleep 1; done" + +[Install] +WantedBy=multi-user.target +``` + +### Cloud-Config + +Since each machine in your cluster is going to have to pull images, cloud-config is the easiest way to write the config file to disk. + +``` +#cloud-config +write_files: + - path: /home/core/.dockercfg + owner: core:core + permissions: 0644 + content: | + { + "https://index.docker.io/v1/": { + "auth": "xXxXxXxXxXx=", + "email": "username@example.com" + }, + "https://index.example.com": { + "auth": "XxXxXxXxXxX=", + "email": "username@example.com" + } + } +``` \ No newline at end of file From 31c0b4aa78562a7d8e56b0d6ac262453c18c9189 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Fri, 16 May 2014 14:05:16 -0700 Subject: [PATCH 0076/1291] fix(launching-containers): fix invalid yaml --- .../building/customizing-docker/index.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/launching-containers/building/customizing-docker/index.md b/launching-containers/building/customizing-docker/index.md index 134236649..8e3417921 100644 --- a/launching-containers/building/customizing-docker/index.md +++ b/launching-containers/building/customizing-docker/index.md @@ -223,10 +223,10 @@ write_files: "https://index.docker.io/v1/": { "auth": "xXxXxXxXxXx=", "email": "username@example.com" - }, - "https://index.example.com": { - "auth": "XxXxXxXxXxX=", - "email": "username@example.com" - } - } -``` \ No newline at end of file + }, + "https://index.example.com": { + "auth": "XxXxXxXxXxX=", + "email": "username@example.com" + } + } +``` From 85165cbb525e1985311d9a96b86b3d48701cfd67 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Tue, 20 May 2014 14:13:29 -0700 Subject: [PATCH 0077/1291] feat(running-coreos): update GCE to use public image --- .../google-compute-engine/index.md | 37 ++++--------------- 1 file changed, 7 insertions(+), 30 deletions(-) diff --git a/running-coreos/cloud-providers/google-compute-engine/index.md b/running-coreos/cloud-providers/google-compute-engine/index.md index 32bb14359..8614a37d1 100644 --- a/running-coreos/cloud-providers/google-compute-engine/index.md +++ b/running-coreos/cloud-providers/google-compute-engine/index.md @@ -15,33 +15,6 @@ Before proceeding, you will need to [install gcutil][gcutil-documentation] and c [gce-advanced-os]: http://developers.google.com/compute/docs/transition-v1#customkernelbinaries [gcutil-documentation]: https://developers.google.com/compute/docs/gcutil/ -## Choosing a Channel - -CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updates) with different schedules per channel. You can [disable this feature]({{site.url}}/docs/cluster-management/debugging/prevent-reboot-after-update), although we don't recommend it. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes. - -
- -
-
-
-

The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

-
-

At the moment CoreOS images are not publicly listed in GCE and must be added to your own account from a raw disk image published in Google Cloud Storage:

- 
gcutil --project=<project-id> addimage --description="CoreOS {{site.alpha-channel}}" coreos-v{{site.alpha-channel | replace:'.','-'}} gs://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_gce.tar.gz
-
-
-
-

The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.beta-channel}}.

-
-

At the moment CoreOS images are not publicly listed in GCE and must be added to your own account from a raw disk image published in Google Cloud Storage:

- 
gcutil --project= addimage --description="CoreOS {{site.beta-channel}}" coreos-v{{site.beta-channel | replace:'.','-'}} gs://storage.core-os.net/coreos/amd64-usr/beta/coreos_production_gce.tar.gz
-
-
-
- ## Cloud-Config CoreOS allows you to configure machine parameters, launch systemd units on startup and more via cloud-config. Jump over to the [docs to learn about the supported features]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config). You can provide cloud-config to CoreOS via the Google Cloud console's metadata field `user-data` or via a flag using `gcutil`. @@ -65,7 +38,9 @@ coreos: command: start ``` -## Instance creation +## Choosing a Channel + +CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updates) with different schedules per channel. You can [disable this feature]({{site.url}}/docs/cluster-management/debugging/prevent-reboot-after-update), although we don't recommend it. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes. Create 3 instances from the image above using our cloud-config from `cloud-config.yaml`: @@ -76,10 +51,12 @@ Create 3 instances from the image above using our cloud-config from `cloud-confi
- 
gcutil --project= addinstance --image=coreos-v{{ site.alpha-channel | replace:'.','-' }} --persistent_boot_disk --zone=us-central1-a --machine_type=n1-standard-1 --metadata_from_file=user-data:cloud-config.yaml core1 core2 core3
+

The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

+ 
gcutil --project= addinstance --image={{site.data.alpha-channel.gce-image-path}} --persistent_boot_disk --zone=us-central1-a --machine_type=n1-standard-1 --metadata_from_file=user-data:cloud-config.yaml core1 core2 core3
- 
gcutil --project= addinstance --image=coreos-v{{ site.beta-channel | replace:'.','-' }} --persistent_boot_disk --zone=us-central1-a --machine_type=n1-standard-1 --metadata_from_file=user-data:cloud-config.yaml core1 core2 core3
+

The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.beta-channel}}.

+ 
gcutil --project= addinstance --image={{site.data.beta-channel.gce-image-path}} --persistent_boot_disk --zone=us-central1-a --machine_type=n1-standard-1 --metadata_from_file=user-data:cloud-config.yaml core1 core2 core3
From 3eb540f856497d342fb3034ece73078ae016c360 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Wed, 21 May 2014 10:44:44 -0700 Subject: [PATCH 0078/1291] fix(cluster-management): fix incorrect ordering instructions --- .../network-config-with-networkd/index.md | 20 +++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/cluster-management/setup/network-config-with-networkd/index.md b/cluster-management/setup/network-config-with-networkd/index.md index 6c2ed77a0..b678d28fc 100644 --- a/cluster-management/setup/network-config-with-networkd/index.md +++ b/cluster-management/setup/network-config-with-networkd/index.md @@ -33,28 +33,32 @@ sudo systemctl restart systemd-networkd ## Turn Off DHCP -If you'd like to use DHCP on all interfaces except `enp2s0`, create two files that run in order of least specificity. Configure general settings in `10-dhcp.network`: +If you'd like to use DHCP on all interfaces except `enp2s0`, create two files. They'll be checked in their ASCII sort order. Any interfaces matching during earlier files will be ignored during later files. + +#### 10-static.network ``` [Match] -Name=en* +Name=enp2s0 [Network] -DHCP=yes +Address=192.168.0.15/24 +Gateway=192.168.0.1 ``` -Write your static configuration in `20-static.network`: +Put your settings-of-last-resort in `20-dhcp.network`. For example, any interfaces matching `en*` that weren't matched in `10-static.network` will be configured with DHCP: + +#### 20-dhcp.network ``` [Match] -Name=enp2s0 +Name=en* [Network] -Address=192.168.0.15/24 -Gateway=192.168.0.1 +DHCP=yes ``` -To apply the configuration, run `sudo systemctl restart systemd-networkd`. +To apply the configuration, run `sudo systemctl restart systemd-networkd`. Check the status with `systemctl status systemd-networkd` and read the full log with `journalctl -u systemd-networkd`. ## Further Reading From 0308d5f68eb2e4ca939bd8cccd1886fd091d13d8 Mon Sep 17 00:00:00 2001 From: Andy Fraley Date: Wed, 21 May 2014 15:36:17 -0400 Subject: [PATCH 0079/1291] Added -L to curl example Added -L to curl example so curl will follow redirects --- running-coreos/platforms/vmware/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/running-coreos/platforms/vmware/index.md b/running-coreos/platforms/vmware/index.md index ead01dcd1..95c5c0e11 100644 --- a/running-coreos/platforms/vmware/index.md +++ b/running-coreos/platforms/vmware/index.md @@ -27,7 +27,7 @@ The channel is selected through the `storage.core-os.net` below. Simply replace This is a rough sketch that should work on OSX and Linux: ``` -curl -O http://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_vmware_insecure.zip +curl -LO http://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_vmware_insecure.zip unzip coreos_production_vmware_insecure.zip -d coreos_production_vmware_insecure cd coreos_production_vmware_insecure open coreos_production_vmware_insecure.vmx From a9b13ca164999f306f315cdcc47d080296675497 Mon Sep 17 00:00:00 2001 From: Danny Berger Date: Wed, 21 May 2014 13:37:50 -0600 Subject: [PATCH 0080/1291] fix(mounting-storage): rename docker ephemeral .mount to match mount conventions --- cluster-management/setup/mounting-storage/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster-management/setup/mounting-storage/index.md b/cluster-management/setup/mounting-storage/index.md index bbff098cc..3876b16ce 100644 --- a/cluster-management/setup/mounting-storage/index.md +++ b/cluster-management/setup/mounting-storage/index.md @@ -48,7 +48,7 @@ coreos: RemainAfterExit=yes ExecStart=/usr/sbin/wipefs -f /dev/xvdb ExecStart=/usr/sbin/mkfs.btrfs -f /dev/xvdb - - name: media-ephemeral.mount + - name: var-lib-docker.mount command: start content: | [Unit] From 997c2b9bdcae331ea27644f26130b089db06d0a2 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Wed, 21 May 2014 12:59:01 -0700 Subject: [PATCH 0081/1291] fix(cluster-management): link to networkd ordering docs --- cluster-management/setup/network-config-with-networkd/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster-management/setup/network-config-with-networkd/index.md b/cluster-management/setup/network-config-with-networkd/index.md index b678d28fc..a75a62cb1 100644 --- a/cluster-management/setup/network-config-with-networkd/index.md +++ b/cluster-management/setup/network-config-with-networkd/index.md @@ -33,7 +33,7 @@ sudo systemctl restart systemd-networkd ## Turn Off DHCP -If you'd like to use DHCP on all interfaces except `enp2s0`, create two files. They'll be checked in their ASCII sort order. Any interfaces matching during earlier files will be ignored during later files. +If you'd like to use DHCP on all interfaces except `enp2s0`, create two files. They'll be checked in lexical order, as described in the [full network docs](http://www.freedesktop.org/software/systemd/man/systemd-networkd.service.html). Any interfaces matching during earlier files will be ignored during later files. #### 10-static.network From 0a48e00f02c766244f1c6d500d191bcb66b20079 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Wed, 21 May 2014 15:02:13 -0700 Subject: [PATCH 0082/1291] feat(distributed-configuration): doc how to customize etcd unit --- .../customize-etcd-unit/index.md | 108 ++++++++++++++++++ 1 file changed, 108 insertions(+) create mode 100644 distributed-configuration/customize-etcd-unit/index.md diff --git a/distributed-configuration/customize-etcd-unit/index.md b/distributed-configuration/customize-etcd-unit/index.md new file mode 100644 index 000000000..9e6175acf --- /dev/null +++ b/distributed-configuration/customize-etcd-unit/index.md @@ -0,0 +1,108 @@ +--- +layout: docs +title: Customizing the etcd Unit +category: distributed_configuration +sub_category: configuration +forkurl: https://github.com/coreos/etcd/blob/master/Documentation/configuration.md +weight: 5 +--- + +# Customizing the etcd Unit + +The etcd systemd unit can be customized by overriding the unit that ships with the default CoreOS settings. Common use-cases for doing this are covered below. + +## Use Client Certificates + +etcd supports client certificates as a way to provide secure communication between clients ↔ leader and internal traffic between etcd peers in the cluster. Configuring certificates for both scenarios is done through environment varaibles. We can use a systemd drop-in unit to augment the unit that ships with CoreOS. + +This site has a [good reference for how to generate self-signed key pairs](http://www.g-loaded.eu/2005/11/10/be-your-own-ca/) or you could use [etcd-ca](https://github.com/coreos/etcd-ca) to generate certs and keys. + +We need to create our drop-in unit in `/run/systemd/system/etcd.service.d/`. If you run `systemctl status etcd` you can see that CoreOS is already generating a few drop-in units for etcd as part of the OEM and cloudinit processes. To ensure that our drop-in runs after these, we name it `30-certificates.conf` + +#### 30-certificates.conf + +``` +[Service] +# Client Env Vars +Environment=ETCD_CA_FILE=/path/to/CA.pem +Environment=ETCD_CERT_FILE=/path/to/server.crt +Environment=ETCD_KEY_FILE=/path/to/server.key +# Peer Env Vars +Environment=ETCD_PEER_CA_FILE=/path/to/CA.pem +Environment=ETCD_PEER_CERT_FILE=/path/to/peers.crt +Environment=ETCD_PEER_KEY_FILE=/path/to/peers.key +``` + +You'll have to put these files on disk somewhere. To do this on each of your machines, the easiest way is with cloud-config. + +### Cloud-Config + +Cloud-config has a parameter that will place the contents of a file on disk. We're going to use this to add our drop-in unit as well as the certificate files. + +``` +#cloud-config + +write_files: + - path: /run/systemd/system/etcd.service.d/30-certificates.conf + permissions: 0644 + content: | + [Service] + # Client Env Vars + Environment=ETCD_CA_FILE=/path/to/CA.pem + Environment=ETCD_CERT_FILE=/path/to/server.crt + Environment=ETCD_KEY_FILE=/path/to/server.key + # Peer Env Vars + Environment=ETCD_PEER_CA_FILE=/path/to/CA.pem + Environment=ETCD_PEER_CERT_FILE=/path/to/peers.crt + Environment=ETCD_PEER_KEY_FILE=/path/to/peers.key + - path: /path/to/CA.pem + permissions: 0644 + content: | + -----BEGIN CERTIFICATE----- + MIIFNDCCAx6gAwIBAgIBATALBgkqhkiG9w0BAQUwLTEMMAoGA1UEBhMDVVNBMRAw + ...snip... + EtHaxYQRy72yZrte6Ypw57xPRB8sw1DIYjr821Lw05DrLuBYcbyclg== + -----END CERTIFICATE----- + - path: /path/to/server.crt + permissions: 0644 + content: | + -----BEGIN CERTIFICATE----- + MIIFWTCCA0OgAwIBAgIBAjALBgkqhkiG9w0BAQUwLTEMMAoGA1UEBhMDVVNBMRAw + DgYDVQQKEwdldGNkLWNhMQswCQYDVQQLEwJDQTAeFw0xNDA1MjEyMTQ0MjhaFw0y + ...snip... + rdmtCVLOyo2wz/UTzvo7UpuxRrnizBHpytE4u0KgifGp1OOKY+1Lx8XSH7jJIaZB + a3m12FMs3AsSt7mzyZk+bH2WjZLrlUXyrvprI40= + -----END CERTIFICATE----- + - path: /path/to/server.key + permissions: 0644 + content: | + -----BEGIN RSA PRIVATE KEY----- + Proc-Type: 4,ENCRYPTED + DEK-Info: DES-EDE3-CBC,069abc493cd8bda6 + + TBX9mCqvzNMWZN6YQKR2cFxYISFreNk5Q938s5YClnCWz3B6KfwCZtjMlbdqAakj + ...snip... + mgVh2LBerGMbsdsTQ268sDvHKTdD9MDAunZlQIgO2zotARY02MLV/Q5erASYdCxk + -----END RSA PRIVATE KEY----- + - path: /path/to/peers.crt + permissions: 0644 + content: | + -----BEGIN CERTIFICATE----- + VQQLEwJDQTAeFw0xNDA1MjEyMTQ0MjhaFw0yMIIFWTCCA0OgAwIBAgIBAjALBgkq + DgYDVQQKEwdldGNkLWNhMQswCQYDhkiG9w0BAQUwLTEMMAoGA1UEBhMDVVNBMRAw + ...snip... + BHpytE4u0KgifGp1OOKY+1Lx8XSH7jJIaZBrdmtCVLOyo2wz/UTzvo7UpuxRrniz + St7mza3m12FMs3AsyZk+bH2WjZLrlUXyrvprI90= + -----END CERTIFICATE----- + - path: /path/to/peers.key + permissions: 0644 + content: | + -----BEGIN RSA PRIVATE KEY----- + Proc-Type: 4,ENCRYPTED + DEK-Info: DES-EDE3-CBC,069abc493cd8bda6 + + SFreNk5Q938s5YTBX9mCqvzNMWZN6YQKR2cFxYIClnCWz3B6KfwCZtjMlbdqAakj + ...snip... + DvHKTdD9MDAunZlQIgO2zotmgVh2LBerGMbsdsTQ268sARY02MLV/Q5erASYdCxk + -----END RSA PRIVATE KEY----- +``` \ No newline at end of file From 53796b190abf24df0ed6353c83b4c11cc0ad7880 Mon Sep 17 00:00:00 2001 From: Michael Marineau Date: Thu, 22 May 2014 13:39:51 -0700 Subject: [PATCH 0083/1291] fix(installing-to-disk): Document new coreos-install channel option. This replaces -V for selecting channel since it needs to be possible to specify both a version and a channel. Related: https://github.com/coreos/bugs/issues/29 --- running-coreos/bare-metal/installing-to-disk/index.md | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/running-coreos/bare-metal/installing-to-disk/index.md b/running-coreos/bare-metal/installing-to-disk/index.md index 131b14804..ab8d7bdc5 100644 --- a/running-coreos/bare-metal/installing-to-disk/index.md +++ b/running-coreos/bare-metal/installing-to-disk/index.md @@ -34,13 +34,13 @@ CoreOS is released into alpha and beta channels. Releases to each channel serve

The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

-

If you want to ensure you are installing the latest alpha version, use the -V option:

- 
coreos-install -d /dev/sda -V alpha
+

If you want to ensure you are installing the latest alpha version, use the -C option:

+ 
coreos-install -d /dev/sda -C alpha

The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.beta-channel}}.

-

If you want to ensure you are installing the latest beta version, use the -V option:

- 
coreos-install -d /dev/sda -V beta
+

If you want to ensure you are installing the latest beta version, use the -C option:

+ 
coreos-install -d /dev/sda -C beta
@@ -48,7 +48,8 @@ CoreOS is released into alpha and beta channels. Releases to each channel serve For reference here are the rest of the `coreos-install` options: -d DEVICE Install CoreOS to the given device. - -V VERSION Version to install (e.g. alpha) + -V VERSION Version to install (e.g. current) + -C CHANNEL Release channel to use (e.g. beta) -o OEM OEM type to install (e.g. openstack) -c CLOUD Insert a cloud-init config to be executed on boot. -t TMPDIR Temporary location with enough space to download images. From 74a61d4b7cc67778fde8220baad789e4bc49ad26 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 22 May 2014 14:17:38 -0700 Subject: [PATCH 0084/1291] feat(running-coreos): minor GCE tweaks --- .../cloud-providers/google-compute-engine/index.md | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/running-coreos/cloud-providers/google-compute-engine/index.md b/running-coreos/cloud-providers/google-compute-engine/index.md index 8614a37d1..1acd64e10 100644 --- a/running-coreos/cloud-providers/google-compute-engine/index.md +++ b/running-coreos/cloud-providers/google-compute-engine/index.md @@ -8,8 +8,6 @@ title: Google Compute Engine # Running CoreOS on Google Compute Engine -CoreOS on Google Compute Engine (GCE) is currently in heavy development and actively being tested. The current disk image is listed below and relies on GCE's recently announced [Advanced OS Support][gce-advanced-os]. Each time a new update is released, your machines will [automatically upgrade themselves]({{ site.url }}/using-coreos/updates). - Before proceeding, you will need to [install gcutil][gcutil-documentation] and check that your GCE account/project has billing enabled (Settings → Billing). In each command below, be sure to insert your project name in place of ``. [gce-advanced-os]: http://developers.google.com/compute/docs/transition-v1#customkernelbinaries @@ -52,11 +50,11 @@ Create 3 instances from the image above using our cloud-config from `cloud-confi

The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

- 
gcutil --project= addinstance --image={{site.data.alpha-channel.gce-image-path}} --persistent_boot_disk --zone=us-central1-a --machine_type=n1-standard-1 --metadata_from_file=user-data:cloud-config.yaml core1 core2 core3
+ 
gcutil --project=<project-id> addinstance --image={{site.data.alpha-channel.gce-image-path}} --persistent_boot_disk --zone=us-central1-a --machine_type=n1-standard-1 --metadata_from_file=user-data:cloud-config.yaml core1 core2 core3

The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.beta-channel}}.

- 
gcutil --project= addinstance --image={{site.data.beta-channel.gce-image-path}} --persistent_boot_disk --zone=us-central1-a --machine_type=n1-standard-1 --metadata_from_file=user-data:cloud-config.yaml core1 core2 core3
+ 
gcutil --project=<project-id> addinstance --image={{site.data.beta-channel.gce-image-path}} --persistent_boot_disk --zone=us-central1-a --machine_type=n1-standard-1 --metadata_from_file=user-data:cloud-config.yaml core1 core2 core3
From 2de487c4d500a0617f964ea0b48180767e495fb1 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 22 May 2014 14:30:41 -0700 Subject: [PATCH 0085/1291] fix(GCE): tweak device path --- running-coreos/cloud-providers/google-compute-engine/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/running-coreos/cloud-providers/google-compute-engine/index.md b/running-coreos/cloud-providers/google-compute-engine/index.md index 1acd64e10..0afc2c0c4 100644 --- a/running-coreos/cloud-providers/google-compute-engine/index.md +++ b/running-coreos/cloud-providers/google-compute-engine/index.md @@ -71,7 +71,7 @@ coreos: command: start content: | [Mount] - What=/dev/disk/by-id/google-database-backup + What=/dev/disk/by-id/scsi-0Google_PersistentDisk_database-backup Where=/media/backup Type=ext3 ``` From 7023bfb0a3dd7bf0da79a545a97e9dee03c9716e Mon Sep 17 00:00:00 2001 From: Michael Marineau Date: Thu, 22 May 2014 19:11:09 -0700 Subject: [PATCH 0086/1291] fix(sdk): Refresh doc on tagging/building releases. Doesn't cover a number of things that are new but at least what it does cover is no longer incorrect. --- .../sdk/building-production-images/index.md | 80 +++++++++---------- 1 file changed, 38 insertions(+), 42 deletions(-) diff --git a/sdk-distributors/sdk/building-production-images/index.md b/sdk-distributors/sdk/building-production-images/index.md index 50f93a192..1a2ef270a 100644 --- a/sdk-distributors/sdk/building-production-images/index.md +++ b/sdk-distributors/sdk/building-production-images/index.md @@ -22,12 +22,18 @@ repository which is usually organized like so: [coreos-manifest]: https://github.com/coreos/manifest -## Manual Builds +## Tagging Releases The first step of building a release is updating and tagging the release in the manifest git repository. A typical release off of master involves the following steps: + 1. Make sure you are on the master branch: `repo init -b master` + 2. Sync/checkout source, excluding local changes: `repo sync --detach` + 3. In the scripts directory: `./tag_release --push` + +That was far to easy, if you need to do it the hard way try this: + 1. Make sure you are on the master branch: `repo init -b master` 2. Sync/checkout source, excluding local changes: `repo sync --detach` 3. Switch to the somewhat hidden manifests checkout: `cd .repo/manifests` @@ -54,7 +60,10 @@ the following steps: HEAD:build-$BUILD v$BUILD.$BRANCH.$PATCH` If a release branch needs to be updated after master has moved on the -procedure is similar but has a few key differences: +procedure is similar. +Unfortunately since tagging branched releases (not on master) is a bit +tricker to get right the `tag_release` script cannot be used. +The automated build will kick off after updating the `dev-channel` branch. 1. Check out the release instead of master: `repo init -b build-$BUILD -m release.xml` @@ -88,65 +97,52 @@ This will build an image that can be ran under KVM and uses near production values. Note: Add `COREOS_OFFICIAL=1` here if you are making a real release. That will -change the version and enable uploads by default. +change the version to leave off the build id suffix. ``` -./build_image prod +./build_image prod --group alpha ``` The generated production image is bootable as-is by qemu but for a -larger STATE partition or VMware images use `image_to_vm.sh` as -described in the final output of `build_image1`. +larger ROOT partition or VMware images use `image_to_vm.sh` as +described in the final output of `build_image`. ## Automated Builds Automated release builds are triggered by pushes to the `dev-channel` -branch in the manifest repository. When cutting releases off of master -you can skip the long process described above by using the `tag_release` -script: - - 1. Make sure you are on the master branch: `repo init -b master` - 2. Sync/checkout source, excluding local changes: `repo sync --detach` - 3. In the scripts directory: `./tag_release --push` - -That's it! Automated builds will now kick off to generate a new SDK -tarball and disk images for most of our supported platform types. -Unfortunately since tagging branched releases (not on master) requires a -bit more thought use the manual process described above. The automated -build will still kick off after updating the `dev-channel` branch. +branch in the manifest repository. Note: In the future builds will be triggered by pushing new tags instead -of using the `dev-channel` branch. Only using tags will mesh better with -our current plans for adding more release channels. - -## Pushing updates to the dev-channel - -### Manual Builds - -To push an update to the dev channel track on api.core-os.net build a -production images as described above and then use the following tool: +of using the `dev-channel` branch; the branch only exists do to a limitation +of the current buildbot deployment. -``` -COREOS_OFFICIAL=1 ./core_upload_update --track dev-channel --image ../build/images/amd64-usr/latest/coreos_production_image.bin -``` - -### Automated builds +## Pushing updates into roller The automated build host does not have access to production signing keys -so the final signing and push to api.core-os.net must be done elsewhere. -The `au-generator.zip` archive provides the tools required to do this so -a full SDK setup is not required. This does require gsutil to be +so the final signing and push to roller must be done elsewhere. +The `coreos_production_update.zip` archive provides the tools required to +do this so a full SDK setup is not required. This does require gsutil to be installed and configured. +An update payload signed by the insecure development keys is generated +automatically as `coreos_production_update.gz` and +`coreos_production_update.meta`. If needed the raw filesystem image used +to generate the payload is `coreos_production_update.bin.bz2`. +As an example, to publish the insecurely signed payload: ``` -URL=gs://storage.core-os.net/coreos/amd64-usr/0000.0.0 +URL=gs://builds.release.core-os.net/alpha/amd64-usr/321.0.0 cd $(mktemp -d) -gsutil cp $URL/au-generator.zip $URL/coreos_production_image.bin.bz2 ./ -unzip au-generator.zip -bunzip2 coreos_production_image.bin.bz2 -COREOS_OFFICIAL=1 ./core_upload_update --track dev-channel --image coreos_production_image.bin +gsutil -m cp $URL/coreos_production_update* ./ +gpg --verify coreos_production_update.zip.sig +gpg --verify coreos_production_update.gz.sig +gpg --verify coreos_production_update.meta.sig +unzip coreos_production_update.zip + ./core_roller_upload --user @coreos.com --api_key ``` +Note: prefixing the command with a space will avoid recording your API key +into your bash history if `$HISTCONTROL` is `ignorespace` or `ignoreboth`. + ## Tips and Tricks -We've compiled a [list of tips and tricks](/docs/sdk-distributors/sdk/tips-and-tricks) that can make working with the SDK a bit easier. \ No newline at end of file +We've compiled a [list of tips and tricks](/docs/sdk-distributors/sdk/tips-and-tricks) that can make working with the SDK a bit easier. From d1c74dae3459ec49b517cadcca5315cc94738d4f Mon Sep 17 00:00:00 2001 From: Michael Marineau Date: Thu, 22 May 2014 19:33:27 -0700 Subject: [PATCH 0087/1291] fix(*): Update image download URLs --- .../bare-metal/booting-with-ipxe/index.md | 8 +++----- .../bare-metal/booting-with-pxe/index.md | 16 ++++++++-------- running-coreos/cloud-providers/vultr/index.md | 3 +-- running-coreos/platforms/eucalyptus/index.md | 6 +++--- running-coreos/platforms/iso/index.md | 8 ++++---- running-coreos/platforms/libvirt/index.md | 4 ++-- running-coreos/platforms/openstack/index.md | 4 ++-- running-coreos/platforms/qemu/index.md | 6 +++--- running-coreos/platforms/vmware/index.md | 4 ++-- .../distributors/notes-for-distributors/index.md | 8 ++++---- 10 files changed, 32 insertions(+), 35 deletions(-) diff --git a/running-coreos/bare-metal/booting-with-ipxe/index.md b/running-coreos/bare-metal/booting-with-ipxe/index.md index d8e9847aa..7b9ef47ec 100644 --- a/running-coreos/bare-metal/booting-with-ipxe/index.md +++ b/running-coreos/bare-metal/booting-with-ipxe/index.md @@ -35,8 +35,7 @@ CoreOS is released into alpha and beta channels. Releases to each channel serve 
 #!ipxe
 
-set coreos-version alpha
-set base-url http://storage.core-os.net/coreos/amd64-usr/${coreos-version}
+set base-url http://alpha.release.core-os.net/amd64-usr/current
 kernel ${base-url}/coreos_production_pxe.vmlinuz sshkey="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAYQC2PxAKTLdczK9+RNsGGPsz0eC2pBlydBEcrbI7LSfiN7Bo5hQQVjki+Xpnp8EEYKpzu6eakL8MJj3E28wT/vNklT1KyMZrXnVhtsmOtBKKG/++odpaavdW2/AU0l7RZiE= coreos pxe demo"
 initrd ${base-url}/coreos_production_pxe_image.cpio.gz
 boot
@@ -46,8 +45,7 @@ boot 
 #!ipxe
 
-set coreos-version beta
-set base-url http://storage.core-os.net/coreos/amd64-usr/${coreos-version}
+set base-url http://beta.release.core-os.net/amd64-usr/current
 kernel ${base-url}/coreos_production_pxe.vmlinuz sshkey="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAYQC2PxAKTLdczK9+RNsGGPsz0eC2pBlydBEcrbI7LSfiN7Bo5hQQVjki+Xpnp8EEYKpzu6eakL8MJj3E28wT/vNklT1KyMZrXnVhtsmOtBKKG/++odpaavdW2/AU0l7RZiE= coreos pxe demo"
 initrd ${base-url}/coreos_production_pxe_image.cpio.gz
 boot
@@ -81,7 +79,7 @@ Immediatly iPXE should download your boot script URL and start grabbing the imag ``` ${YOUR_BOOT_URL}... ok -http://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_pxe.vmlinuz... 98% +http://alpha.release.core-os.net/amd64-usr/current/coreos_production_pxe.vmlinuz... 98% ``` After a few moments of downloading CoreOS should boot normally. diff --git a/running-coreos/bare-metal/booting-with-pxe/index.md b/running-coreos/bare-metal/booting-with-pxe/index.md index 206472439..645582fec 100644 --- a/running-coreos/bare-metal/booting-with-pxe/index.md +++ b/running-coreos/bare-metal/booting-with-pxe/index.md @@ -84,10 +84,10 @@ PXE booted machines cannot currently update themselves when new versions are rel

The coreos_production_pxe.vmlinuz.sig and coreos_production_pxe_image.cpio.gz.sig files can be used to verify the downloaded files.

 cd /var/lib/tftpboot
-wget http://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_pxe.vmlinuz
-wget http://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_pxe.vmlinuz.sig
-wget http://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_pxe_image.cpio.gz
-wget http://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_pxe_image.cpio.gz.sig
+wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_pxe.vmlinuz
+wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_pxe.vmlinuz.sig
+wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_pxe_image.cpio.gz
+wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_pxe_image.cpio.gz.sig
 gpg --verify coreos_production_pxe.vmlinuz.sig
 gpg --verify coreos_production_pxe_image.cpio.gz.sig
@@ -97,10 +97,10 @@ gpg --verify coreos_production_pxe_image.cpio.gz.sig

The coreos_production_pxe.vmlinuz.sig and coreos_production_pxe_image.cpio.gz.sig files can be used to verify the downloaded files.

 cd /var/lib/tftpboot
-wget http://storage.core-os.net/coreos/amd64-usr/beta/coreos_production_pxe.vmlinuz
-wget http://storage.core-os.net/coreos/amd64-usr/beta/coreos_production_pxe.vmlinuz.sig
-wget http://storage.core-os.net/coreos/amd64-usr/beta/coreos_production_pxe_image.cpio.gz
-wget http://storage.core-os.net/coreos/amd64-usr/beta/coreos_production_pxe_image.cpio.gz.sig
+wget http://beta.release.core-os.net/amd64-usr/current/coreos_production_pxe.vmlinuz
+wget http://beta.release.core-os.net/amd64-usr/current/coreos_production_pxe.vmlinuz.sig
+wget http://beta.release.core-os.net/amd64-usr/current/coreos_production_pxe_image.cpio.gz
+wget http://beta.release.core-os.net/amd64-usr/current/coreos_production_pxe_image.cpio.gz.sig
 gpg --verify coreos_production_pxe.vmlinuz.sig
 gpg --verify coreos_production_pxe_image.cpio.gz.sig
diff --git a/running-coreos/cloud-providers/vultr/index.md b/running-coreos/cloud-providers/vultr/index.md index 200613668..371639321 100644 --- a/running-coreos/cloud-providers/vultr/index.md +++ b/running-coreos/cloud-providers/vultr/index.md @@ -23,8 +23,7 @@ A sample script will look like this : ``` #!ipxe -set coreos-version alpha -set base-url http://storage.core-os.net/coreos/amd64-usr/${coreos-version} +set base-url http://alpha.release.core-os.net/amd64-usr/current kernel ${base-url}/coreos_production_pxe.vmlinuz sshkey="YOUR_PUBLIC_KEY_HERE" initrd ${base-url}/coreos_production_pxe_image.cpio.gz boot diff --git a/running-coreos/platforms/eucalyptus/index.md b/running-coreos/platforms/eucalyptus/index.md index 108b69463..819e26502 100644 --- a/running-coreos/platforms/eucalyptus/index.md +++ b/running-coreos/platforms/eucalyptus/index.md @@ -20,10 +20,10 @@ In order to convert the image you will need to install ```qemu-img``` with your CoreOS is released into alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. -The channel is selected through the `storage.core-os.net` below. Simply replace `alpha` with `beta`. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes in each channel. +The channel is selected based on the URL below. Simply replace `alpha` with `beta`. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes in each channel. ``` -$ wget -q http://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_openstack_image.img.bz2 +$ wget -q http://alpha.release.core-os.net/amd64-usr/current/coreos_production_openstack_image.img.bz2 $ bunzip2 coreos_production_openstack_image.img.bz2 $ qemu-img convert -O raw coreos_production_openstack_image.img coreos_production_openstack_image.raw $ euca-bundle-image -i coreos_production_openstack_image.raw -r x86_64 -d /var/tmp @@ -74,4 +74,4 @@ core@10-0-0-3 ~ $ ## Using CoreOS Now that you have a machine booted it is time to play around. -Check out the [CoreOS Quickstart]({{site.url}}/docs/quickstart) guide or dig into [more specific topics]({{site.url}}/docs). \ No newline at end of file +Check out the [CoreOS Quickstart]({{site.url}}/docs/quickstart) guide or dig into [more specific topics]({{site.url}}/docs). diff --git a/running-coreos/platforms/iso/index.md b/running-coreos/platforms/iso/index.md index 6ca6c6837..17792bbdc 100644 --- a/running-coreos/platforms/iso/index.md +++ b/running-coreos/platforms/iso/index.md @@ -20,8 +20,8 @@ The latest CoreOS ISOs can be downloaded from the image storage site:

The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

- Download Alpha ISO - Browse Storage Site + Download Alpha ISO + Browse Storage Site

All of the files necessary to verify the image can be found on the storage site.

@@ -29,8 +29,8 @@ The latest CoreOS ISOs can be downloaded from the image storage site:

The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.beta-channel}}.

- Download Beta ISO - Browse Storage Site + Download Beta ISO + Browse Storage Site

All of the files necessary to verify the image can be found on the storage site.

diff --git a/running-coreos/platforms/libvirt/index.md b/running-coreos/platforms/libvirt/index.md index 867fb88ab..780ded47a 100644 --- a/running-coreos/platforms/libvirt/index.md +++ b/running-coreos/platforms/libvirt/index.md @@ -26,13 +26,13 @@ to substitute that path if you use another one. CoreOS is released into alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. -The channel is selected through the `storage.core-os.net` below. Simply replace `alpha` with `beta`. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes in each channel. +The channel is selected based on the URL below. Simply replace `alpha` with `beta`. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes in each channel. We start by downloading the most recent disk image: mkdir -p /var/lib/libvirt/images/coreos0 cd /var/lib/libvirt/images/coreos0 - wget http://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_qemu_image.img.bz2 + wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_qemu_image.img.bz2 bunzip2 coreos_production_qemu_image.img.bz2 ## Virtual machine configuration diff --git a/running-coreos/platforms/openstack/index.md b/running-coreos/platforms/openstack/index.md index 63f5d70d0..f34765307 100644 --- a/running-coreos/platforms/openstack/index.md +++ b/running-coreos/platforms/openstack/index.md @@ -21,10 +21,10 @@ into the glance image store. CoreOS is released into alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. -The channel is selected through the `storage.core-os.net` below. Simply replace `alpha` with `beta`. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes in each channel. +The channel is selected based on the URL below. Simply replace `alpha` with `beta`. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes in each channel. ``` -$ wget http://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_openstack_image.img.bz2 +$ wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_openstack_image.img.bz2 $ bunzip2 coreos_production_openstack_image.img.bz2 $ glance image-create --name CoreOS \ --container-format bare \ diff --git a/running-coreos/platforms/qemu/index.md b/running-coreos/platforms/qemu/index.md index 0dee1f641..4ba9628c1 100644 --- a/running-coreos/platforms/qemu/index.md +++ b/running-coreos/platforms/qemu/index.md @@ -75,14 +75,14 @@ image. CoreOS is released into alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. -The channel is selected through the `storage.core-os.net` below. Simply replace `alpha` with `beta`. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes in each channel. +The channel is selected based on the URL below. Simply replace `alpha` with `beta`. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes in each channel. There are two files you need: the disk image (provided in qcow2 format) and the wrapper shell script to start QEMU. mkdir coreos; cd coreos - wget http://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_qemu.sh - wget http://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_qemu_image.img.bz2 -O - | bzcat > coreos_production_qemu_image.img + wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_qemu.sh + wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_qemu_image.img.bz2 -O - | bzcat > coreos_production_qemu_image.img chmod +x coreos_production_qemu.sh Starting is as simple as: diff --git a/running-coreos/platforms/vmware/index.md b/running-coreos/platforms/vmware/index.md index 95c5c0e11..be945a1ac 100644 --- a/running-coreos/platforms/vmware/index.md +++ b/running-coreos/platforms/vmware/index.md @@ -22,12 +22,12 @@ you will need to launch the `coreos_developer_vmware_insecure.vmx` file to creat CoreOS is released into alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. -The channel is selected through the `storage.core-os.net` below. Simply replace `alpha` with `beta`. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes in each channel. +The channel is selected based on the URL below. Simply replace `alpha` with `beta`. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes in each channel. This is a rough sketch that should work on OSX and Linux: ``` -curl -LO http://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_vmware_insecure.zip +curl -LO http://alpha.release.core-os.net/amd64-usr/current/coreos_production_vmware_insecure.zip unzip coreos_production_vmware_insecure.zip -d coreos_production_vmware_insecure cd coreos_production_vmware_insecure open coreos_production_vmware_insecure.vmx diff --git a/sdk-distributors/distributors/notes-for-distributors/index.md b/sdk-distributors/distributors/notes-for-distributors/index.md index 90cef1307..6e0377c87 100644 --- a/sdk-distributors/distributors/notes-for-distributors/index.md +++ b/sdk-distributors/distributors/notes-for-distributors/index.md @@ -10,14 +10,14 @@ weight: 5 ## Importing Images -Images of CoreOS are hosted at `http://storage.core-os.net/coreos/amd64-usr/`. At this URL there are directories for each individual version of CoreOS but also images that have promoted to a channel like master, alpha, beta, etc. +Images of CoreOS alpha releases are hosted at `http://alpha.release.core-os.net/amd64-usr/`. There are directories for releases by version as well as `current` with a copy of the latest version. Similarly, beta releases can be found at `http://beta.release.core-os.net/amd64-usr/`. -If you are importing images for use inside of your environment it is recommended that you import from a URL in the following format `http://storage.core-os.net/coreos/amd64-usr/${CHANNEL}/`. For example to grab the alpha OpenStack version of CoreOS you can import `http://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_openstack_image.img.bz2`. There is a `version.txt` file in this directory which you can use to label the image with a version number as well. +If you are importing images for use inside of your environment it is recommended that you import from the `current` directory. For example to grab the alpha OpenStack version of CoreOS you can import `gs://alpha.release.core-os.net/amd64-usr/current/coreos_production_openstack_image.img.bz2`. There is a `version.txt` file in this directory which you can use to label the image with a version number. It is recommended that you also verify files using the [CoreOS Image Signing Key][signing-key]. The GPG signature for each image is a detached `.sig` file that must be passed to `gpg --verify`. For example: - wget http://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_openstack_image.img.bz2 - wget http://storage.core-os.net/coreos/amd64-usr/alpha/coreos_production_openstack_image.img.bz2.sig + wget gs://alpha.release.core-os.net/amd64-usr/current/coreos_production_openstack_image.img.bz2 + wget gs://alpha.release.core-os.net/amd64-usr/current/coreos_production_openstack_image.img.bz2.sig gpg --verify coreos_production_openstack_image.img.bz2.sig [signing-key]: {{site.url}}/security/image-signing-key From 4a1d9ff53cf05773d80f4cbff1a5930d5b7b2d06 Mon Sep 17 00:00:00 2001 From: Burke Libbey Date: Fri, 23 May 2014 00:30:33 -0400 Subject: [PATCH 0088/1291] fix(building-development-images): Update to reflect reality --- .../sdk/building-development-images/index.md | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/sdk-distributors/sdk/building-development-images/index.md b/sdk-distributors/sdk/building-development-images/index.md index 3695f4aff..8b1f5a182 100644 --- a/sdk-distributors/sdk/building-development-images/index.md +++ b/sdk-distributors/sdk/building-development-images/index.md @@ -22,11 +22,12 @@ start_devserver --port 8080 NOTE: This port will need to be internet accessible. -2. Run /usr/local/bin/gmerge from your VM and ensure that the settings in - `/etc/lsb-release` point to your workstation IP/hostname and port +2. Run `/usr/bin/gmerge` from your VM and ensure that the settings in + `/etc/coreos/update.conf` point to your workstation IP/hostname and port. + You'll need to set `DEVSERVER` and `COREOS_RELEASE_BOARD` (likely `amd64-usr`). ``` -/usr/local/bin/gmerge coreos-base/update_engine +/usr/bin/gmerge coreos-base/update_engine ``` ### Updating an Image with Update Engine @@ -77,4 +78,4 @@ git push bump-go ## Tips and Tricks -We've compiled a [list of tips and tricks](/docs/sdk-distributors/sdk/tips-and-tricks) that can make working with the SDK a bit easier. \ No newline at end of file +We've compiled a [list of tips and tricks](/docs/sdk-distributors/sdk/tips-and-tricks) that can make working with the SDK a bit easier. From 388b871151691ae361d98c306c3a5c55a0c457d0 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Fri, 23 May 2014 12:01:02 -0700 Subject: [PATCH 0089/1291] fix(quickstart): clarity around example config --- quickstart/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/quickstart/index.md b/quickstart/index.md index fc1c5b445..f9d7b832d 100644 --- a/quickstart/index.md +++ b/quickstart/index.md @@ -20,7 +20,7 @@ ssh core@an.ip.compute-1.amazonaws.com The first building block of CoreOS is service discovery with **etcd** ([docs][etcd-docs]). Data stored in etcd is distributed across all of your machines running CoreOS. For example, each of your app containers can announce itself to a proxy container, which would automatically know which machines should receive traffic. Building service discovery into your application allows you to add more machines and scale your services seamlessly. -If you used an example [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config) from a guide above, etcd is automatically started on boot. The API is easy to use. From a CoreOS machine, you can simply use curl to set and retrieve a key from etcd: +If you used an example [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config) from a guide linked in the first paragraph, etcd is automatically started on boot. The API is easy to use. From a CoreOS machine, you can simply use curl to set and retrieve a key from etcd: Set a key `message` with value `Hello world`: From 639b3c88a63d574c0a5b02e1b57d3a65a7783e27 Mon Sep 17 00:00:00 2001 From: Michael Marineau Date: Fri, 23 May 2014 12:02:25 -0700 Subject: [PATCH 0090/1291] fix release doc --- sdk-distributors/sdk/building-production-images/index.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/sdk-distributors/sdk/building-production-images/index.md b/sdk-distributors/sdk/building-production-images/index.md index 1a2ef270a..358a73b25 100644 --- a/sdk-distributors/sdk/building-production-images/index.md +++ b/sdk-distributors/sdk/building-production-images/index.md @@ -32,7 +32,7 @@ the following steps: 2. Sync/checkout source, excluding local changes: `repo sync --detach` 3. In the scripts directory: `./tag_release --push` -That was far to easy, if you need to do it the hard way try this: +That was far too easy, if you need to do it the hard way try this: 1. Make sure you are on the master branch: `repo init -b master` 2. Sync/checkout source, excluding local changes: `repo sync --detach` @@ -113,7 +113,7 @@ Automated release builds are triggered by pushes to the `dev-channel` branch in the manifest repository. Note: In the future builds will be triggered by pushing new tags instead -of using the `dev-channel` branch; the branch only exists do to a limitation +of using the `dev-channel` branch; the branch only exists due to a limitation of the current buildbot deployment. ## Pushing updates into roller @@ -141,7 +141,7 @@ unzip coreos_production_update.zip ``` Note: prefixing the command with a space will avoid recording your API key -into your bash history if `$HISTCONTROL` is `ignorespace` or `ignoreboth`. +in your bash history if `$HISTCONTROL` is `ignorespace` or `ignoreboth`. ## Tips and Tricks From 2590340e1110c23a72c2cff48dd7d49261f65fbf Mon Sep 17 00:00:00 2001 From: Michael Marineau Date: Fri, 23 May 2014 12:05:40 -0700 Subject: [PATCH 0091/1291] fix http urls --- .../distributors/notes-for-distributors/index.md | 6 +++--- sdk-distributors/sdk/building-production-images/index.md | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/sdk-distributors/distributors/notes-for-distributors/index.md b/sdk-distributors/distributors/notes-for-distributors/index.md index 6e0377c87..4e1241894 100644 --- a/sdk-distributors/distributors/notes-for-distributors/index.md +++ b/sdk-distributors/distributors/notes-for-distributors/index.md @@ -12,12 +12,12 @@ weight: 5 Images of CoreOS alpha releases are hosted at `http://alpha.release.core-os.net/amd64-usr/`. There are directories for releases by version as well as `current` with a copy of the latest version. Similarly, beta releases can be found at `http://beta.release.core-os.net/amd64-usr/`. -If you are importing images for use inside of your environment it is recommended that you import from the `current` directory. For example to grab the alpha OpenStack version of CoreOS you can import `gs://alpha.release.core-os.net/amd64-usr/current/coreos_production_openstack_image.img.bz2`. There is a `version.txt` file in this directory which you can use to label the image with a version number. +If you are importing images for use inside of your environment it is recommended that you import from the `current` directory. For example to grab the alpha OpenStack version of CoreOS you can import `http://alpha.release.core-os.net/amd64-usr/current/coreos_production_openstack_image.img.bz2`. There is a `version.txt` file in this directory which you can use to label the image with a version number. It is recommended that you also verify files using the [CoreOS Image Signing Key][signing-key]. The GPG signature for each image is a detached `.sig` file that must be passed to `gpg --verify`. For example: - wget gs://alpha.release.core-os.net/amd64-usr/current/coreos_production_openstack_image.img.bz2 - wget gs://alpha.release.core-os.net/amd64-usr/current/coreos_production_openstack_image.img.bz2.sig + wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_openstack_image.img.bz2 + wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_openstack_image.img.bz2.sig gpg --verify coreos_production_openstack_image.img.bz2.sig [signing-key]: {{site.url}}/security/image-signing-key diff --git a/sdk-distributors/sdk/building-production-images/index.md b/sdk-distributors/sdk/building-production-images/index.md index 358a73b25..9b7c83656 100644 --- a/sdk-distributors/sdk/building-production-images/index.md +++ b/sdk-distributors/sdk/building-production-images/index.md @@ -130,7 +130,7 @@ to generate the payload is `coreos_production_update.bin.bz2`. As an example, to publish the insecurely signed payload: ``` -URL=gs://builds.release.core-os.net/alpha/amd64-usr/321.0.0 +URL=http://builds.release.core-os.net/alpha/amd64-usr/321.0.0 cd $(mktemp -d) gsutil -m cp $URL/coreos_production_update* ./ gpg --verify coreos_production_update.zip.sig From 9519a0a901e0a5b1c0acf6415aa3374b7dba0f30 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Fri, 23 May 2014 12:11:44 -0700 Subject: [PATCH 0092/1291] fix(quickstart): suggest using a cluster --- quickstart/index.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/quickstart/index.md b/quickstart/index.md index f9d7b832d..a46492fd3 100644 --- a/quickstart/index.md +++ b/quickstart/index.md @@ -6,9 +6,11 @@ title: CoreOS Quick Start # Quick Start -If you don't have a CoreOS machine running, check out the guides on running CoreOS on [Vagrant][vagrant-guide], [Amazon EC2][ec2-guide], [QEMU/KVM][qemu-guide], [VMware][vmware-guide] and [OpenStack][openstack-guide]. With either of these guides you will have a machine up and running in a few minutes. +If you don't have a CoreOS machine running, check out the guides on running CoreOS on [Vagrant][vagrant-guide], [Amazon EC2][ec2-guide], [QEMU/KVM][qemu-guide], [VMware][vmware-guide] and [OpenStack][openstack-guide]. With either of these guides you will have a machine up and running in a few minutes. -CoreOS gives you three essential tools: service discovery, container management and process management. Let's try each of them out. +It's highly recommended that you set up a cluster of at least 3 machines — it's not as much fun on a single machine. If you don't want to break the bank, [Vagrant][vagrant-guide] allows you to run an entire cluster on your laptop. For a cluster to be properly bootstrapped, you have to provide cloud-config via user-data, which is covered in each platform's guide. + +CoreOS gives you three essential tools: service discovery, container management and process management. Let's try each of them out. First, connect to a CoreOS machine via SSH as the user `core`. For example, on Amazon, use: From affb9d24f49f4137538dae7a5730652db44753b3 Mon Sep 17 00:00:00 2001 From: Lars Smit Date: Thu, 29 May 2014 11:52:25 +0200 Subject: [PATCH 0093/1291] Fixed spelling error on reading the system log --- cluster-management/debugging/reading-the-system-log/index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cluster-management/debugging/reading-the-system-log/index.md b/cluster-management/debugging/reading-the-system-log/index.md index 9183e0ac5..131674836 100644 --- a/cluster-management/debugging/reading-the-system-log/index.md +++ b/cluster-management/debugging/reading-the-system-log/index.md @@ -26,7 +26,7 @@ Dec 22 00:10:21 localhost kernel: Linux version 3.11.7+ (buildbot@10.10.10.10) ( ... 1000s more lines ``` -## Read Entires for a Specific Service +## Read Entries for a Specific Service Read entries generated by a specific unit: @@ -73,4 +73,4 @@ journalctl -u apache.service -f ``` #### More Information -Getting Started with systemd \ No newline at end of file +Getting Started with systemd From 855fc2dc45021188d76bc8023b0908850adefbb3 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 29 May 2014 10:29:42 -0700 Subject: [PATCH 0094/1291] fix(rackspace): list alpha and beta channels --- .../cloud-providers/rackspace/index.md | 26 +++++++++++++++++-- 1 file changed, 24 insertions(+), 2 deletions(-) diff --git a/running-coreos/cloud-providers/rackspace/index.md b/running-coreos/cloud-providers/rackspace/index.md index fec4b08ab..7613c6312 100644 --- a/running-coreos/cloud-providers/rackspace/index.md +++ b/running-coreos/cloud-providers/rackspace/index.md @@ -17,10 +17,11 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat
-
+

The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.data.alpha-channel.rackspace-version}}.

@@ -41,6 +42,27 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat
+
+
+

The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.data.beta-channel.rackspace-version}}.

+
+ + + + + + + + + + + + + + + +
RegionImage IDHeat Template
All Regions{{site.data.beta-channel.rackspace-image-id}}heat-beta.yaml
+
From 6cc9600d90532f4e51abbf15b435920598534539 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 29 May 2014 17:13:19 -0700 Subject: [PATCH 0095/1291] feat(cluster-management): add syntax highlighting hints --- .../debugging/install-debugging-tools/index.md | 10 +++++----- .../debugging/reading-the-system-log/index.md | 12 ++++++------ .../scaling/adding-disk-space/index.md | 6 +++--- cluster-management/setup/adding-users/index.md | 8 ++++---- cluster-management/setup/mounting-storage/index.md | 4 ++-- .../setup/network-config-with-networkd/index.md | 8 ++++---- cluster-management/setup/switching-channels/index.md | 8 ++++---- cluster-management/setup/update-strategies/index.md | 8 ++++---- 8 files changed, 32 insertions(+), 32 deletions(-) diff --git a/cluster-management/debugging/install-debugging-tools/index.md b/cluster-management/debugging/install-debugging-tools/index.md index 7ed9fb9a1..db8a493c3 100644 --- a/cluster-management/debugging/install-debugging-tools/index.md +++ b/cluster-management/debugging/install-debugging-tools/index.md @@ -15,13 +15,13 @@ You can use common debugging tools like tcpdump or strace with Toolbox. Using th By default, Toolbox uses the stock Fedora docker container. To start using it, simply run: -``` +```sh /usr/bin/toolbox ``` You're now in the namespace of Fedora and can install any software you'd like via `yum`. For example, if you'd like to use `tcpdump`: -``` +```sh [root@srv-3qy0p ~]# yum install tcpdump [root@srv-3qy0p ~]# tcpdump -i ens3 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode @@ -32,7 +32,7 @@ listening on ens3, link-type EN10MB (Ethernet), capture size 65535 bytes Create a `.toolboxrc` in the user's home folder to use a specific docker image: -``` +```sh $ cat .toolboxrc TOOLBOX_DOCKER_IMAGE=index.example.com/debug TOOLBOX_USER=root @@ -45,13 +45,13 @@ Pulling repository index.example.com/debug Advanced users can SSH directly into a toolbox by setting up an `/etc/passwd` entry: -``` +```sh useradd bob -m -p '*' -s /usr/bin/toolbox ``` To test, SSH as bob: -``` +```sh ssh bob@hostname.example.com ______ ____ _____ diff --git a/cluster-management/debugging/reading-the-system-log/index.md b/cluster-management/debugging/reading-the-system-log/index.md index 131674836..8cb2fa30f 100644 --- a/cluster-management/debugging/reading-the-system-log/index.md +++ b/cluster-management/debugging/reading-the-system-log/index.md @@ -13,7 +13,7 @@ weight: 5 ## Read the Entire Journal -``` +```sh $ journalctl -- Logs begin at Fri 2013-12-13 23:43:32 UTC, end at Sun 2013-12-22 12:28:45 UTC. -- @@ -30,7 +30,7 @@ Dec 22 00:10:21 localhost kernel: Linux version 3.11.7+ (buildbot@10.10.10.10) ( Read entries generated by a specific unit: -``` +```sh $ journalctl -u apache.service -- Logs begin at Fri 2013-12-13 23:43:32 UTC, end at Sun 2013-12-22 12:32:52 UTC. -- @@ -42,7 +42,7 @@ Dec 22 12:32:39 localhost docker[9772]: apache2: Could not reliably determine th Using the `--tunnel` flag ([docs](https://github.com/coreos/fleet/blob/master/Documentation/using-the-client.md#from-an-external-host)), you can remotely read the journal for a specific unit started via [fleet]({{site.url}}/using-coreos/clustering/). This command will figure out which machine the unit is currently running on, fetch the journal and output it: -``` +```sh $ fleetctl --tunnel 10.10.10.10 journal apache.service -- Logs begin at Fri 2013-12-13 23:43:32 UTC, end at Sun 2013-12-22 12:32:52 UTC. -- @@ -56,7 +56,7 @@ Dec 22 12:32:39 localhost docker[9772]: apache2: Could not reliably determine th Reading just the entires since the last boot is an easy way to troubleshoot services that are faiing to start properly: -``` +```sh journalctl --boot ``` @@ -64,11 +64,11 @@ journalctl --boot You can tail the entire journal or just a specific service: -``` +```sh journalctl -f ``` -``` +```sh journalctl -u apache.service -f ``` diff --git a/cluster-management/scaling/adding-disk-space/index.md b/cluster-management/scaling/adding-disk-space/index.md index 2f146bd34..390a044b2 100644 --- a/cluster-management/scaling/adding-disk-space/index.md +++ b/cluster-management/scaling/adding-disk-space/index.md @@ -27,7 +27,7 @@ to use. It will work on raw, qcow2, vmdk, and most other formats. The command accepts either an absolute size or a relative size by by adding `+` prefix. Unit suffixes such as `G` or `M` are also supported. -``` +```sh # Increase the disk size by 5GB qemu-img resize coreos_production_qemu_image.img +5G ``` @@ -41,7 +41,7 @@ be the absolute disk size, relative sizes are not supported so be careful to only increase the size, not shrink it. The unit suffixes `Gb` and `Mb` are supported. -``` +```sh # Set the disk size to 20GB vmware-vdiskmanager -x 20Gb coreos_developer_vmware_insecure.vmx ``` @@ -58,7 +58,7 @@ format used for importing/exporting virtual machines. If you have have no other options you can try converting the VMDK disk image to a VDI image and configuring a new virtual machine with it: -``` +```sh VBoxManage clonehd old.vmdk new.vdi --format VDI VBoxManage modifyhd new.vdi --resize 20480 ``` diff --git a/cluster-management/setup/adding-users/index.md b/cluster-management/setup/adding-users/index.md index 9db207860..9f5af65e5 100644 --- a/cluster-management/setup/adding-users/index.md +++ b/cluster-management/setup/adding-users/index.md @@ -14,7 +14,7 @@ You can create user accounts on a CoreOS machine manually with `useradd` or via Managing users via cloud-config is preferred because it allows you to use the same configuration across many servers and the cloud-config file can be stored in a repo and versioned. In your cloud-config, you can specify many [different parameters]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/#users) for each user. Here's an example: -``` +```yaml #cloud-config users: @@ -33,13 +33,13 @@ Check out the entire [Customize with Cloud-Config]({{site.url}}/docs/cluster-man If you'd like to add a user manually, SSH to the machine and use the `useradd` toll. To create the user `user`, run: -``` +```sh sudo useradd -p "*" -U -m user1 -G sudo ``` The `"*"` creates a user that cannot login with a password but can log in via SSH key. `-U` creates a group for the user, `-G` adds the user to the existing `sudo` group and `-m` creates a home directory. If you'd like to add a password for the user, run: -``` +```sh $ sudo passwd user1 New password: Re-enter new password: @@ -48,7 +48,7 @@ passwd: password changed. To assign an SSH key, run: -``` +```sh update-ssh-keys -u user1 user1.pem ``` diff --git a/cluster-management/setup/mounting-storage/index.md b/cluster-management/setup/mounting-storage/index.md index 3876b16ce..8908e652a 100644 --- a/cluster-management/setup/mounting-storage/index.md +++ b/cluster-management/setup/mounting-storage/index.md @@ -10,7 +10,7 @@ weight: 7 Many platforms provide attached storage, but it must be mounted for you to take advantage of it. You can easily do this via [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config) with a `.mount` unit. Here's an example that mounts an [EC2 ephemeral disk]({{site.url}}/docs/running-coreos/cloud-providers/ec2/#instance-storage): -``` +```yaml #cloud-config coreos: @@ -34,7 +34,7 @@ Docker containers can be very large and debugging a build process makes it easy We're going to bind mount a btrfs device to `/var/lib/docker`, where docker stores images. We can do this on the fly when the machines starts up with a oneshot unit that formats the drive and another one that runs afterwards to mount it. Be sure to hardcode the correct device or look for a device by label: -``` +```yaml #cloud-config coreos: units diff --git a/cluster-management/setup/network-config-with-networkd/index.md b/cluster-management/setup/network-config-with-networkd/index.md index a75a62cb1..321acbace 100644 --- a/cluster-management/setup/network-config-with-networkd/index.md +++ b/cluster-management/setup/network-config-with-networkd/index.md @@ -16,7 +16,7 @@ Drop a file in `/etc/systemd/network/` or inject a file on boot via [cloud-confi To configure a static IP on `enp2s0`, create `static.network`: -``` +```ini [Match] Name=enp2s0 @@ -27,7 +27,7 @@ Gateway=192.168.0.1 Place the file in `/etc/systemd/network/`. To apply the configuration, run: -``` +```sh sudo systemctl restart systemd-networkd ``` @@ -37,7 +37,7 @@ If you'd like to use DHCP on all interfaces except `enp2s0`, create two files. T #### 10-static.network -``` +```ini [Match] Name=enp2s0 @@ -50,7 +50,7 @@ Put your settings-of-last-resort in `20-dhcp.network`. For example, any interfac #### 20-dhcp.network -``` +```ini [Match] Name=en* diff --git a/cluster-management/setup/switching-channels/index.md b/cluster-management/setup/switching-channels/index.md index c2a4da628..e30707ce6 100644 --- a/cluster-management/setup/switching-channels/index.md +++ b/cluster-management/setup/switching-channels/index.md @@ -14,7 +14,7 @@ CoreOS is released into beta and stable channels. New features and bug fixes are You can switch machines between channels by creating `/etc/coreos/update.conf`: -``` +```ini GROUP=beta ``` @@ -22,7 +22,7 @@ GROUP=beta The last step is to restart the update engine in order for it to pick up the changed channel: -``` +```sh sudo systemctl restart update-engine ``` @@ -30,13 +30,13 @@ sudo systemctl restart update-engine After the update engine is restarted, the machine should check for an update within an hour. You can view the update engine log if you'd like to see the requests that are being made to the update service: -``` +```sh journalctl -f -u update-engine ``` For reference, you can find the current version: -``` +```sh cat /etc/os-release ``` diff --git a/cluster-management/setup/update-strategies/index.md b/cluster-management/setup/update-strategies/index.md index e69c2b1c7..1fea426f7 100644 --- a/cluster-management/setup/update-strategies/index.md +++ b/cluster-management/setup/update-strategies/index.md @@ -25,7 +25,7 @@ It's important to note that updates are always downloaded to the passive partiti The update strategy is defined in [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/#coreos): -``` +```yaml #cloud-config coreos: update: @@ -46,7 +46,7 @@ The `etcd-lock` strategy mandates that each machine acquire and hold a reboot lo The number of machines allowed to reboot simultaneously is configurable via a command line utility: -``` +```sh $ locksmithctl set-max 4 Old: 1 New: 4 @@ -56,7 +56,7 @@ This setting is stored in etcd so it won't have to be configured for subsequent To view the number of available slots and find out which machines in the cluster are holding locks, run: -``` +```sh $ locksmithctl status Available: 0 Max: 1 @@ -67,7 +67,7 @@ MACHINE ID If needed, you can manually clear a lock by providing the machine ID: -``` +```sh locksmithctl unlock 69d27b356a94476da859461d3a3bc6fd ``` From 453eba2a3914200acd9534fb9ad1eb864caa09cb Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 29 May 2014 17:15:03 -0700 Subject: [PATCH 0096/1291] feat(distributed-configuration): add syntax highlighting hints --- .../customize-etcd-unit/index.md | 4 +- .../getting-started-with-etcd/index.md | 42 +++++++++---------- 2 files changed, 23 insertions(+), 23 deletions(-) diff --git a/distributed-configuration/customize-etcd-unit/index.md b/distributed-configuration/customize-etcd-unit/index.md index 9e6175acf..715dace54 100644 --- a/distributed-configuration/customize-etcd-unit/index.md +++ b/distributed-configuration/customize-etcd-unit/index.md @@ -21,7 +21,7 @@ We need to create our drop-in unit in `/run/systemd/system/etcd.service.d/`. If #### 30-certificates.conf -``` +```ini [Service] # Client Env Vars Environment=ETCD_CA_FILE=/path/to/CA.pem @@ -39,7 +39,7 @@ You'll have to put these files on disk somewhere. To do this on each of your mac Cloud-config has a parameter that will place the contents of a file on disk. We're going to use this to add our drop-in unit as well as the certificate files. -``` +```yaml #cloud-config write_files: diff --git a/distributed-configuration/getting-started-with-etcd/index.md b/distributed-configuration/getting-started-with-etcd/index.md index 5d9ad1bf4..85fd97a07 100644 --- a/distributed-configuration/getting-started-with-etcd/index.md +++ b/distributed-configuration/getting-started-with-etcd/index.md @@ -21,7 +21,7 @@ The HTTP-based API is easy to use. This guide will show both `etcdctl` and `curl From a CoreOS machine, set a key `message` with value `Hello`: -``` +```sh $ etcdctl set /message Hello Hello ``` @@ -33,12 +33,12 @@ $ curl -L -X PUT http://127.0.0.1:4001/v2/keys/message -d value="Hello" Read the value of `message` back: -``` +```sh $ etcdctl get /message Hello ``` -``` +```sh $ curl -L http://127.0.0.1:4001/v2/keys/message {"action":"get","node":{"key":"/message","value":"Hello","modifiedIndex":4,"createdIndex":4}} ``` @@ -47,12 +47,12 @@ If you followed a guide to set up more than one CoreOS machine, you can SSH into To delete the key run: -``` +```sh $ etcdctl rm /message ``` -``` +```sh $ curl -L -X DELETE http://127.0.0.1:4001/v2/keys/message {"action":"delete","node":{"key":"/message","modifiedIndex":19,"createdIndex":4}} ``` @@ -69,26 +69,26 @@ Let's pretend we're setting up a service that consists of a few containers that Directories are automatically created when a key is placed inside. Let's call our directory `foo-service` and create a key with information about a container: -``` +```sh $ etcdctl mkdir /foo-service Cannot print key [/foo-service: Is a directory] $ etcdctl set /foo-service/container1 localhost:1111 localhost:1111 ``` -``` +```sh $ curl -L -X PUT http://127.0.0.1:4001/v2/keys/foo-service/container1 -d value="localhost:1111" {"action":"set","node":{"key":"/foo-service/container1","value":"localhost:1111","modifiedIndex":17,"createdIndex":17}} ``` Read the `foo-service` directory to see the entry: -``` +```sh $ etcdctl ls /foo-service /foo-service/container1 ``` -``` +```sh $ curl -L http://127.0.0.1:4001/v2/keys/foo-service {"action":"get","node":{"key":"/foo-service","dir":true,"nodes":[{"key":"/foo-service/container1","value":"localhost:1111","modifiedIndex":17,"createdIndex":17}],"modifiedIndex":17,"createdIndex":17}} ``` @@ -97,36 +97,36 @@ $ curl -L http://127.0.0.1:4001/v2/keys/foo-service Now let's try watching the `foo-service` directory for changes, just like our proxy would have to. First, open up another shell on a CoreOS host in the cluster. In one window, start watching the directory and in the other window, add another key `container2` with the value `localhost:2222` into the directory. This command shouldn't output anything until the key has changed. Many events can trigger a change, including a new, updated, deleted or expired key. -``` +```sh $ etcdctl watch /foo-service --recursive ``` -``` +```sh $ curl -L http://127.0.0.1:4001/v2/keys/foo-service?wait=true\&recursive=true ``` In the other window, let's pretend a new container has started and announced itself to the proxy by running: -``` +```sh $ etcdctl set /foo-service/container2 localhost:2222 localhost:2222 ``` -``` +```sh $ curl -L -X PUT http://127.0.0.1:4001/v2/keys/foo-service/container2 -d value="localhost:2222" {"action":"set","node":{"key":"/foo-service/container2","value":"localhost:2222","modifiedIndex":23,"createdIndex":23}} ``` In the first window, you should get the notification that the key has changed. In a real application, this would trigger reconfiguration. -``` +```sh $ etcdctl watch /foo-service --recursive localhost:2222 ``` -``` +```sh $ curl -L http://127.0.0.1:4001/v2/keys/foo-service?wait=true\&recursive=true {"action":"set","node":{"key":"/foo-service/container2","value":"localhost:2222","modifiedIndex":23,"createdIndex":23}} ``` @@ -135,12 +135,12 @@ $ curl -L http://127.0.0.1:4001/v2/keys/foo-service?wait=true\&recursive=true etcd can be used as a centralized coordination service and provides `TestAndSet` functionality as the building block of such a service. You must provide the previous value along with your new value. If the previous value matches the current value the operation will succeed. -``` +```sh $ etcdctl set /message "Hi" --swap-with-value "Hello" Hi ``` -``` +```sh $ curl -L -X PUT http://127.0.0.1:4001/v2/keys/message?prevValue=Hello -d value=Hi {"action":"compareAndSwap","node":{"key":"/message","value":"Hi","modifiedIndex":28,"createdIndex":27}} ``` @@ -149,26 +149,26 @@ $ curl -L -X PUT http://127.0.0.1:4001/v2/keys/message?prevValue=Hello -d value= You can optionally set a TTL for a key to expire in a certain number of seconds. Setting a TTL of 20 seconds: -``` +```sh $ etcdctl set /foo "Expiring Soon" --ttl 20 Expiring Soon ``` The `curl` response will contain an absolute timestamp of when the key will expire and a relative number of seconds until that timestamp: -``` +```sh $ curl -L -X PUT http://127.0.0.1:4001/v2/keys/foo?ttl=20 -d value=bar {"action":"set","node":{"key":"/foo","value":"bar","expiration":"2014-02-10T19:54:49.357382223Z","ttl":20,"modifiedIndex":31,"createdIndex":31}} ``` If you request a key that has already expired, you will be returned a 100: -``` +```sh $ etcdctl get /foo Error: 100: Key not found (/foo) [32] ``` -``` +```sh $ curl -L http://127.0.0.1:4001/v2/keys/foo {"errorCode":100,"message":"Key not found","cause":"/foo","index":32} ``` From 25ca380756cd49f35f82d6e4aedb9a62e50390e0 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 29 May 2014 17:19:26 -0700 Subject: [PATCH 0097/1291] feat(launching-containers): add syntax highlighting hints --- .../building/customizing-docker/index.md | 32 +++++++++---------- .../getting-started-with-docker/index.md | 26 +++++++-------- .../getting-started-with-systemd/index.md | 12 +++---- .../launching-containers-fleet/index.md | 18 +++++------ .../launching/overview-of-systemctl/index.md | 14 ++++---- 5 files changed, 51 insertions(+), 51 deletions(-) diff --git a/launching-containers/building/customizing-docker/index.md b/launching-containers/building/customizing-docker/index.md index a0494f876..f3b956e1f 100644 --- a/launching-containers/building/customizing-docker/index.md +++ b/launching-containers/building/customizing-docker/index.md @@ -14,7 +14,7 @@ The docker systemd unit can be customized by overriding the unit that ships with Create a file called `/etc/systemd/system/docker-tcp.socket` to make docker available on a tcp socket on port 4243. -``` +```ini [Unit] Description=Docker Socket for the API @@ -29,7 +29,7 @@ WantedBy=sockets.target Then enable this new socket: -``` +```sh systemctl enable docker-tcp.socket systemctl stop docker systemctl start docker-tcp.socket @@ -41,7 +41,7 @@ docker -H tcp://127.0.0.1:4243 ps To enable the remote API on every CoreOS machine in a cluster, use [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config). We need to provide the new socket file and docker's socket activation support will automatically start using the socket: -``` +```yaml #cloud-config coreos: @@ -72,7 +72,7 @@ coreos: To keep access to the port local, replace the `ListenStream` configuration above with: -``` +```yaml [Socket] ListenStream=127.0.0.1:4243 ``` @@ -85,26 +85,26 @@ Docker containers can be very large and debugging a build process makes it easy First, copy the existing unit from the read-only file system into the read/write file system, so we can edit it: -``` +```sh cp /usr/lib/systemd/system/docker.service /etc/systemd/system/ ``` Edit the `ExecStart` line to add the -D flag: -``` +```ini ExecStart=/usr/bin/docker -d -s=btrfs -r=false -H fd:// -D ``` Now lets tell systemd about the new unit and restart docker: -``` +```sh systemctl daemon-reload systemctl restart docker ``` To test our debugging stream, run a docker command and then read the systemd journal, which should contain the output: -``` +```sh docker ps journalctl -u docker ``` @@ -113,7 +113,7 @@ journalctl -u docker If you need to modify a flag across many machines, you can provide the new unit with cloud-config: -``` +```yaml #cloud-config coreos: @@ -139,19 +139,19 @@ coreos: If you're operating in a locked down networking environment, you can specify an HTTP proxy for docker to use via an environment variable. First, copy the existing unit from the read-only file system into the read/write file system, so we can edit it: -``` +```sh cp /usr/lib/systemd/system/docker.service /etc/systemd/system/ ``` Add a line that sets the environment variable in the unit above the `ExecStart` command: -``` +```ini Environment="HTTP_PROXY=http://proxy.example.com:8080" ``` To apply the change, reload the unit and restart docker: -``` +```sh systemctl daemon-reload systemctl restart docker ``` @@ -160,7 +160,7 @@ systemctl restart docker The easiest way to use this proxy on all of your machines is via cloud-config: -``` +```yaml #cloud-config coreos: @@ -187,7 +187,7 @@ coreos: A json file `.dockercfg` can be created in your home directory that holds authentication information for a public or private docker registry. The auth token is a base64 encoded string: `base64(:)`. Here's what an example looks like with credentials for docker's public index and a private index: -``` +```json { "https://index.docker.io/v1/": { "auth": "xXxXxXxXxXx=", @@ -202,7 +202,7 @@ A json file `.dockercfg` can be created in your home directory that holds authen The last step is to tell your systemd units to run as the core user in order for docker to use the credentials we just set up. This is done in the service section of the unit: -``` +```ini [Unit] Description=My Container After=docker.service @@ -219,7 +219,7 @@ WantedBy=multi-user.target Since each machine in your cluster is going to have to pull images, cloud-config is the easiest way to write the config file to disk. -``` +```yaml #cloud-config write_files: - path: /home/core/.dockercfg diff --git a/launching-containers/building/getting-started-with-docker/index.md b/launching-containers/building/getting-started-with-docker/index.md index 062194d27..f2411cea8 100644 --- a/launching-containers/building/getting-started-with-docker/index.md +++ b/launching-containers/building/getting-started-with-docker/index.md @@ -21,13 +21,13 @@ docker has a [straightforward CLI](http://docs.docker.io/en/latest/reference/com Launching a container is simple as `docker run` + the image name you would like to run + the command to run within the container. If the image doesn't exist on your local machine, docker will attempt to fetch it from the public image registry. Later we'll explore how to use docker with a private registry. It's important to note that containers are designed to stop once the command executed within them has exited. For example, if you ran `/bin/echo hello world` as your command, the container will start, print hello world and then stop: -``` +```sh docker run ubuntu /bin/echo hello world ``` Let's launch an Ubuntu container and install Apache inside of it using the bash prompt: -``` +```sh docker run -t -i ubuntu /bin/bash ``` @@ -45,7 +45,7 @@ It's important to note that you can commit using any username and image name loc Commit the container with the container ID, your username, and the name `apache`: -``` +```sh docker commit 72d468f455ea coreos/apache ``` @@ -55,13 +55,13 @@ The overlay filesystem works similar to git: our image now builds off of the `ub Now we have our Ubuntu container with Apache running in one shell and an image of that container sitting on disk. Let's launch a new container based on that image but set it up to keep running indefinitely. The basic syntax looks like this, but we need to configure a few additional options that we'll fill in as we go: -``` +```sh docker run [options] [image] [process] ``` The first step is to tell docker that we want to run our `coreos/apache` image: -``` +```sh docker run [options] coreos/apache [process] ``` @@ -69,7 +69,7 @@ docker run [options] coreos/apache [process] The most important option is to run the container in detached mode with the `-d` flag. This will output the container ID to show that the command was successful, but nothing else. At any time you can run `docker ps` in the other shell to view a list of the running containers. Our command now looks like: -``` +```sh docker run -d coreos/apache [process] ``` @@ -77,13 +77,13 @@ docker run -d coreos/apache [process] We need to run the apache process in the foreground, since our container will stop when the process specified in the `docker run` command stops. We can do this with a flag `-D` when starting the apache2 process: -``` +```sh /usr/sbin/apache2ctl -D FOREGROUND ``` Let's add that to our command: -``` +```sh docker run -d coreos/apache /usr/sbin/apache2ctl -D FOREGROUND ``` @@ -97,7 +97,7 @@ Instead, create a systemd unit file to make systemd keep that container running. The default apache install will be running on port 80. To give our container access to traffic over port 80, we use the `-p` flag and specify the port on the host that maps to the port inside the container. In our case we want 80 for each, so we include `-p 80:80` in our command: -``` +```sh docker run -d -p 80:80 coreos/apache /usr/sbin/apache2ctl -D FOREGROUND ``` @@ -107,25 +107,25 @@ You can now run this command on your CoreOS host to create the container. You sh Earlier we downloaded the ubuntu image remotely from the docker public registry because it didn't exist on our local machine. We can also push local images to the public registry (or a private registry) very easily with the `push` command: -``` +```sh docker push coreos/apache ``` To push to a private repository the syntax is very similar. First, we must prefix our image with the host running our private registry instead of our username. List images by running `docker images` and insert the correct ID into the `tag` command: -``` +```sh docker tag f455ea72d468 registry.example.com:5000/apache ``` After tagging, the image needs to be pushed to the registry: -``` +```sh docker push registry.example.com:5000/apache ``` Once the image is done uploading, you should be able to start the exact same container on a different CoreOS host by running: -``` +```sh docker run -d -p 80:80 registry.example.com:5000/apache /usr/sbin/apache2ctl -D FOREGROUND ``` diff --git a/launching-containers/launching/getting-started-with-systemd/index.md b/launching-containers/launching/getting-started-with-systemd/index.md index 845c25cac..bb34f5f77 100644 --- a/launching-containers/launching/getting-started-with-systemd/index.md +++ b/launching-containers/launching/getting-started-with-systemd/index.md @@ -23,7 +23,7 @@ Each target is actually a collection of symlinks to our unit files. This is spec On CoreOS, unit files are located within the R/W filesystem at `/etc/systemd/system`. Let's create a simple unit named `hello.service`: -``` +```ini [Unit] Description=My Service After=docker.service @@ -46,14 +46,14 @@ The description shows up in the systemd log and a few other places. Write someth To start a new unit, we need to tell systemd to create the symlink and then start the file: -``` +```sh $ sudo systemctl enable /etc/systemd/system/hello.service $ sudo systemctl start hello.service ``` To verify the unit started, you can see the list of containers running with `docker ps` and read the unit's output with `journalctl`: -``` +```sh $ journalctl -f -u hello.service -- Logs begin at Fri 2014-02-07 00:05:55 UTC. -- Feb 11 17:46:26 localhost docker[23470]: Hello World @@ -89,7 +89,7 @@ Since our container will be started in `ExecStart`, it makes sense for our etcd When the service is told to stop, we need to stop the docker container using its `--name` from the run command. We also need to clean up our etcd key when the container exits or the unit is failed by using `ExecStopPost`. -``` +```ini [Unit] Description=My Advanced Service After=etcd.service @@ -129,13 +129,13 @@ Since systemd is based on symlinks, there are a few interesting tricks you can l In our earlier example we had to hardcode our IP address when registering within etcd: -``` +```ini ExecStartPost=/usr/bin/etcdctl set /domains/example.com/10.10.10.123:8081 running ``` We can enhance this by using `%H` and `%i` to dynamically announce the hostname and port. Specify the port after the `@` by using two unit files named `foo@123.service` and `foo@456.service`: -``` +```ini ExecStartPost=/usr/bin/etcdctl set /domains/example.com/%H:%i running ``` diff --git a/launching-containers/launching/launching-containers-fleet/index.md b/launching-containers/launching/launching-containers-fleet/index.md index 7d6e1797c..c7fc3d185 100644 --- a/launching-containers/launching/launching-containers-fleet/index.md +++ b/launching-containers/launching/launching-containers-fleet/index.md @@ -19,7 +19,7 @@ This guide assumes you're running `fleetctl` locally from a CoreOS machine that' Running a single container is very easy. All you need to do is provide a regular unit file without an `[Install]` section. Let's run the same unit from the [Getting Started with systemd]({{site.url}}/docs/launching-containers/launching/getting-started-with-systemd) guide. First save these contents as `myapp.service` on the CoreOS machine: -``` +```ini [Unit] Description=MyApp After=docker.service @@ -31,13 +31,13 @@ ExecStart=/usr/bin/docker run busybox /bin/sh -c "while true; do echo Hello Worl Run the start command to start up the container on the cluster: -``` +```sh $ fleetctl start myapp.service ``` Now list all of the units in the cluster to see the current status. The unit should have been scheduled to a machine in your cluster: -``` +```sh $ fleetctl list-units UNIT LOAD ACTIVE SUB DESC MACHINE myapp.service loaded active running MyApp c9de9451.../10.10.1.3 @@ -45,7 +45,7 @@ myapp.service loaded active running MyApp c9de9451.../10.10.1.3 You can view all of the machines in the cluster by running `list-machines`: -``` +```sh $ fleetctl list-machines MACHINE IP METADATA 148a18ff-6e95-4cd8-92da-c9de9bb90d5a 10.10.1.1 - @@ -59,7 +59,7 @@ The main benefit of using CoreOS is to have your services run in a highly availa First, let's write a unit file that we'll run two copies of, named `apache.1.service` and `apache.2.service`: -``` +```ini [Unit] Description=My Apache Frontend After=docker.service @@ -75,7 +75,7 @@ X-Conflicts=apache.*.service The `X-Conflicts` attribute tells `fleet` that these two services can't be run on the same machine, giving us high availability. Let's start both units and verify that they're on two different machines: -``` +```sh $ fleetctl start apache.* $ fleetctl list-units UNIT LOAD ACTIVE SUB DESC MACHINE @@ -92,7 +92,7 @@ How do we route requests to these containers? The best strategy is to run a "sid The simplest sidekick example is for [service discovery](https://github.com/coreos/fleet/blob/master/Documentation/service-discovery.md). This unit blindly announces that our container has been started. We'll run one of these for each Apache unit that's already running. Make two copies of the unit called `apache-discovery.1.service` and `apache-discovery.2.service`. Be sure to change all instances of `apache.1.service` to `apache.2.service` when you create the second unit. -``` +```ini [Unit] Description=Announce Apache1 BindsTo=apache.1.service @@ -113,7 +113,7 @@ The third is a fleet-specific property called `X-ConditionMachineOf`. This prope Let's verify that each unit was placed on to the same machine as the Apache service is is bound to: -``` +```sh $ fleetctl start apache-discovery.1.service $ fleetctl list-units UNIT LOAD ACTIVE SUB DESC MACHINE @@ -126,7 +126,7 @@ apache-discovery.2.service loaded active running Announce Apache2 148a18f Now let's verify that the service discovery is working correctly: -``` +```sh $ etcdctl ls /services/ --recursive /services/website /services/website/apache1 diff --git a/launching-containers/launching/overview-of-systemctl/index.md b/launching-containers/launching/overview-of-systemctl/index.md index daa795b3e..231ccb0e8 100644 --- a/launching-containers/launching/overview-of-systemctl/index.md +++ b/launching-containers/launching/overview-of-systemctl/index.md @@ -15,7 +15,7 @@ weight: 5 The first step to troubleshooting with `systemctl` is to find the status of the item in question. If you have multiple `Exec` commands in your service file, you can see which one of them is failing and view the exit code. Here's a failing service that starts a private docker registry in a container: -``` +```sh $ sudo systemctl status custom-registry.service custom-registry.service - Custom Registry Service @@ -43,17 +43,17 @@ You can see that `Process: 10171 ExecStart=/usr/bin/docker` exited with `status= Listing all of the processes running on the box is too much information, but you can pipe the output into grep to find the services you're looking for. Here's all service files and their status: -``` +```sh sudo systemctl list-units | grep .service ``` ## Start or Stop a Service -``` +```sh sudo systemctl start apache.service ``` -``` +```sh sudo systemctl stop apache.service ``` @@ -61,7 +61,7 @@ sudo systemctl stop apache.service This will stop the process immediately: -``` +```sh sudo systemctl kill apache.service ``` @@ -69,13 +69,13 @@ sudo systemctl kill apache.service Restarting a service is as easy as: -``` +```sh sudo systemctl restart apache.service ``` If you're restarting a service after you changed its service file, you will need to reload all of the service files before your changes take effect: -``` +```sh sudo systemctl daemon-reload ``` From f513615a6da710ad9c4efe7614ab6f39a6a7b19b Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 29 May 2014 17:20:12 -0700 Subject: [PATCH 0098/1291] feat(quickstart): add syntax highlighting hints --- quickstart/index.md | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/quickstart/index.md b/quickstart/index.md index a46492fd3..8f085a3f5 100644 --- a/quickstart/index.md +++ b/quickstart/index.md @@ -14,7 +14,7 @@ CoreOS gives you three essential tools: service discovery, container management First, connect to a CoreOS machine via SSH as the user `core`. For example, on Amazon, use: -``` +```sh ssh core@an.ip.compute-1.amazonaws.com ``` @@ -26,13 +26,13 @@ If you used an example [cloud-config]({{site.url}}/docs/cluster-management/setup Set a key `message` with value `Hello world`: -``` +```sh curl -L http://127.0.0.1:4001/v1/keys/message -d value="Hello world" ``` Read the value of `message` back: -``` +```sh curl -L http://127.0.0.1:4001/v1/keys/message ``` @@ -48,13 +48,13 @@ The second building block, **docker** ([docs][docker-docs]), is where your appli Run a command in the container and then stop it: -``` +```sh docker run busybox /bin/echo hello world ``` Open a shell prompt inside the container: -``` +```sh docker run -i -t busybox /bin/sh ``` @@ -68,13 +68,13 @@ The third building block of CoreOS is **systemd** ([docs][systemd-docs]) and it First, you will need to run all of this as `root` since you are modifying system state: -``` +```sh sudo -i ``` Create a file called `/etc/systemd/system/hello.service`: -``` +```ini [Unit] Description=My Service After=docker.service @@ -94,20 +94,20 @@ See the [getting started with systemd]({{site.url}}/docs/launching-containers/la Then run enable and start the unit: -``` +```sh sudo systemctl enable /etc/systemd/system/hello.service sudo systemctl start hello.service ``` Your container is now started and is logging to the systemd journal. You can read the log by running: -``` +```sh journalctl -u hello.service -f ``` To stop the container, run: -``` +```sh sudo systemctl stop hello.service ``` From 77541a8baeb0beebb9d6481d31af85fbb5ea77bf Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 29 May 2014 17:46:06 -0700 Subject: [PATCH 0099/1291] feat(running-coreos): add syntax highlighting hints --- .../bare-metal/booting-with-ipxe/index.md | 20 +- .../bare-metal/booting-with-pxe/index.md | 30 +-- .../bare-metal/installing-to-disk/index.md | 30 +-- .../cloud-providers/brightbox/index.md | 18 +- running-coreos/cloud-providers/ec2/index.md | 4 +- .../google-compute-engine/index.md | 12 +- .../cloud-providers/rackspace/index.md | 14 +- running-coreos/cloud-providers/vultr/index.md | 4 +- running-coreos/platforms/eucalyptus/index.md | 8 +- running-coreos/platforms/libvirt/index.md | 189 ++++++++++-------- running-coreos/platforms/openstack/index.md | 12 +- running-coreos/platforms/qemu/index.md | 59 ++++-- running-coreos/platforms/vagrant/index.md | 18 +- running-coreos/platforms/vmware/index.md | 13 +- 14 files changed, 240 insertions(+), 191 deletions(-) diff --git a/running-coreos/bare-metal/booting-with-ipxe/index.md b/running-coreos/bare-metal/booting-with-ipxe/index.md index 7b9ef47ec..68834b8fa 100644 --- a/running-coreos/bare-metal/booting-with-ipxe/index.md +++ b/running-coreos/bare-metal/booting-with-ipxe/index.md @@ -32,23 +32,25 @@ CoreOS is released into alpha and beta channels. Releases to each channel serve

iPXE downloads a boot script from a publicly available URL. You will need to host this URL somewhere public and replace the example SSH key with your own. You can also run a custom iPXE server.

- 
-#!ipxe
+      

+        
#!ipxe
 
 set base-url http://alpha.release.core-os.net/amd64-usr/current
 kernel ${base-url}/coreos_production_pxe.vmlinuz sshkey="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAYQC2PxAKTLdczK9+RNsGGPsz0eC2pBlydBEcrbI7LSfiN7Bo5hQQVjki+Xpnp8EEYKpzu6eakL8MJj3E28wT/vNklT1KyMZrXnVhtsmOtBKKG/++odpaavdW2/AU0l7RZiE= coreos pxe demo"
 initrd ${base-url}/coreos_production_pxe_image.cpio.gz
-boot

+boot
+

iPXE downloads a boot script from a publicly available URL. You will need to host this URL somewhere public and replace the example SSH key with your own. You can also run a custom iPXE server.

- 
-#!ipxe
+      

+        
#!ipxe
 
 set base-url http://beta.release.core-os.net/amd64-usr/current
 kernel ${base-url}/coreos_production_pxe.vmlinuz sshkey="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAYQC2PxAKTLdczK9+RNsGGPsz0eC2pBlydBEcrbI7LSfiN7Bo5hQQVjki+Xpnp8EEYKpzu6eakL8MJj3E28wT/vNklT1KyMZrXnVhtsmOtBKKG/++odpaavdW2/AU0l7RZiE= coreos pxe demo"
 initrd ${base-url}/coreos_production_pxe_image.cpio.gz
-boot

+boot
+
@@ -63,21 +65,21 @@ Note: the iPXE environment won't open https links, which means you can't use [ht First, download and boot the iPXE image. We will use `qemu-kvm` in this guide but use whatever process you normally use for booting an ISO on your platform. -``` +```sh wget http://boot.ipxe.org/ipxe.iso qemu-kvm -m 1024 ipxe.iso --curses ``` Next press Ctrl+B to get to the iPXE prompt and type in the following commands: -``` +```sh iPXE> dhcp iPXE> chain http://${YOUR_BOOT_URL} ``` Immediatly iPXE should download your boot script URL and start grabbing the images from the CoreOS storage site: -``` +```sh ${YOUR_BOOT_URL}... ok http://alpha.release.core-os.net/amd64-usr/current/coreos_production_pxe.vmlinuz... 98% ``` diff --git a/running-coreos/bare-metal/booting-with-pxe/index.md b/running-coreos/bare-metal/booting-with-pxe/index.md index 645582fec..e159fc324 100644 --- a/running-coreos/bare-metal/booting-with-pxe/index.md +++ b/running-coreos/bare-metal/booting-with-pxe/index.md @@ -38,7 +38,7 @@ When configuring the CoreOS pxelinux.cfg there are a few kernel options that may This is an example pxelinux.cfg file that assumes CoreOS is the only option. You should be able to copy this verbatim into `/var/lib/tftpboot/pxelinux.cfg/default` after providing a cloud-config URL: -``` +```ini default coreos prompt 1 timeout 15 @@ -53,7 +53,7 @@ label coreos Here's a common cloud-config example which should be located at the URL from above: -``` +```yaml #cloud-config coreos: units: @@ -82,28 +82,28 @@ PXE booted machines cannot currently update themselves when new versions are rel

In the config above you can see that a Kernel image and a initramfs file is needed. Download these two files into your tftp root.

The coreos_production_pxe.vmlinuz.sig and coreos_production_pxe_image.cpio.gz.sig files can be used to verify the downloaded files.

- 
-cd /var/lib/tftpboot
+        

+          
cd /var/lib/tftpboot
 wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_pxe.vmlinuz
 wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_pxe.vmlinuz.sig
 wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_pxe_image.cpio.gz
 wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_pxe_image.cpio.gz.sig
 gpg --verify coreos_production_pxe.vmlinuz.sig
-gpg --verify coreos_production_pxe_image.cpio.gz.sig
-      

+gpg --verify coreos_production_pxe_image.cpio.gz.sig
+

In the config above you can see that a Kernel image and a initramfs file is needed. Download these two files into your tftp root.

The coreos_production_pxe.vmlinuz.sig and coreos_production_pxe_image.cpio.gz.sig files can be used to verify the downloaded files.

- 
-cd /var/lib/tftpboot
+        

+          
cd /var/lib/tftpboot
 wget http://beta.release.core-os.net/amd64-usr/current/coreos_production_pxe.vmlinuz
 wget http://beta.release.core-os.net/amd64-usr/current/coreos_production_pxe.vmlinuz.sig
 wget http://beta.release.core-os.net/amd64-usr/current/coreos_production_pxe_image.cpio.gz
 wget http://beta.release.core-os.net/amd64-usr/current/coreos_production_pxe_image.cpio.gz.sig
 gpg --verify coreos_production_pxe.vmlinuz.sig
-gpg --verify coreos_production_pxe_image.cpio.gz.sig
-      

+gpg --verify coreos_production_pxe_image.cpio.gz.sig
+
@@ -114,7 +114,7 @@ After setting up the PXE server as outlined above you can start the target machi The machine should grab the image from the server and boot into CoreOS. If something goes wrong you can direct questions to the [IRC channel][irc] or [mailing list][coreos-dev]. -``` +```sh This is localhost.unknown_domain (Linux x86_64 3.10.10+) 19:53:36 SSH host key: 24:2e:f1:3f:5f:9c:63:e5:8c:17:47:32:f4:09:5d:78 (RSA) SSH host key: ed:84:4d:05:e3:7d:e3:d0:b9:58:90:58:3b:99:3a:4c (DSA) @@ -128,7 +128,7 @@ The IP address for the machine should be printed out to the terminal for conveni If it doesn't show up immediately, press enter a few times and it should show up. Now you can simply SSH in using public key authentication: -``` +```sh ssh core@10.0.2.15 ``` @@ -142,7 +142,7 @@ Once booted it is possible to [install CoreOS on a local disk][install-to-disk] If you plan on using Docker we recommend using a local btrfs filesystem but ext4 is also available if supporting Docker is not required. For example, to setup a btrfs root filesystem on `/dev/sda`: -``` +```sh cfdisk -z /dev/sda touch "/usr.squashfs (deleted)" # work around a bug in mkfs.btrfs 3.12 mkfs.btrfs -L ROOT /dev/sda1 @@ -156,7 +156,7 @@ And add `root=/dev/sda1` or `root=LABEL=ROOT` to the kernel options as documente Similar to the [OEM partition][oem] in CoreOS disk images, PXE images can be customized with a [cloud config][cloud-config] bundled in the initramfs. Simply create a `./usr/share/oem/` directory containing `cloud-config.yml` and append it to the cpio: -``` +```sh mkdir -p usr/share/oem cp cloud-config.yml ./usr/share/oem gzip -d coreos_production_pxe_image.cpio.gz @@ -166,7 +166,7 @@ gzip coreos_production_pxe_image.cpio Confirm the archive looks correct and has your `run` file inside of it: -``` +```sh gzip -dc coreos_production_pxe_image.cpio.gz | cpio -it ./ usr.squashfs diff --git a/running-coreos/bare-metal/installing-to-disk/index.md b/running-coreos/bare-metal/installing-to-disk/index.md index ab8d7bdc5..12db464b7 100644 --- a/running-coreos/bare-metal/installing-to-disk/index.md +++ b/running-coreos/bare-metal/installing-to-disk/index.md @@ -18,7 +18,7 @@ The script is self-contained and located [on Github here](https://raw.github.com If you have already booting CoreOS via PXE, the install script is already installed. By default the install script will attempt to install the same version and channel that was PXE-booted: -``` +```sh coreos-install -d /dev/sda ``` @@ -35,24 +35,30 @@ CoreOS is released into alpha and beta channels. Releases to each channel serve

The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

If you want to ensure you are installing the latest alpha version, use the -C option:

- 
coreos-install -d /dev/sda -C alpha
+
+ 
coreos-install -d /dev/sda -C alpha
+

The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.beta-channel}}.

If you want to ensure you are installing the latest beta version, use the -C option:

- 
coreos-install -d /dev/sda -C beta
+
+ 
coreos-install -d /dev/sda -C beta
+
For reference here are the rest of the `coreos-install` options: - -d DEVICE Install CoreOS to the given device. - -V VERSION Version to install (e.g. current) - -C CHANNEL Release channel to use (e.g. beta) - -o OEM OEM type to install (e.g. openstack) - -c CLOUD Insert a cloud-init config to be executed on boot. - -t TMPDIR Temporary location with enough space to download images. +``` +-d DEVICE Install CoreOS to the given device. +-V VERSION Version to install (e.g. current) +-C CHANNEL Release channel to use (e.g. beta) +-o OEM OEM type to install (e.g. openstack) +-c CLOUD Insert a cloud-init config to be executed on boot. +-t TMPDIR Temporary location with enough space to download images. +``` ## Cloud Config @@ -61,7 +67,7 @@ The easiest way to configure accounts, add systemd units, and more is via cloud Jump over to the [docs to learn about the supported features][cloud-config]. As an example this will install a ssh key for the default `core` user: -``` +```yaml #cloud-config ssh_authorized_keys: @@ -71,7 +77,7 @@ ssh_authorized_keys: Pass this file to `coreos-install` via the `-c` option. It will be installed to `/var/lib/coreos-install/user_data` and evaluated on every boot. -``` +```sh coreos-install -d /dev/sda -c ~/config ``` @@ -81,7 +87,7 @@ coreos-install -d /dev/sda -c ~/config If cloud config doesn't handle something you need to do or you just want to take a look at the root btrfs filesystem before booting your new install just mount the ninth partition: -``` +```sh mount -o subvol=root /dev/sda9 /mnt/ ``` diff --git a/running-coreos/cloud-providers/brightbox/index.md b/running-coreos/cloud-providers/brightbox/index.md index 436bc000e..a42448ad6 100644 --- a/running-coreos/cloud-providers/brightbox/index.md +++ b/running-coreos/cloud-providers/brightbox/index.md @@ -15,7 +15,7 @@ instructions will walk you through running a CoreOS cluster on Brightbox. This g First of all, let’s create a server group to put the new servers into: -``` +```sh $ brightbox groups create -n "coreos" Creating a new server group @@ -28,7 +28,7 @@ Creating a new server group And then create a [firewall policy](http://brightbox.com/docs/guides/cli/firewall/) for the group using its identifier: -``` +```sh $ brightbox firewall-policies create -n "coreos" grp-cdl6h id server_group name @@ -41,7 +41,7 @@ $ brightbox firewall-policies create -n "coreos" grp-cdl6h Now let’s define the firewall rules for this new policy. First we’ll allow ssh access in from anywhere: -``` +```sh $ brightbox firewall-rules create --source any --protocol tcp --dport 22 fwp-dw0n6 id protocol source sport destination dport icmp_type description @@ -52,7 +52,7 @@ $ brightbox firewall-rules create --source any --protocol tcp --dport 22 fwp-dw0 And then we’ll allow the CoreOS etcd ports `7001` and `4001`, allowing access from only the other nodes in the group. -``` +```sh $ brightbox firewall-rules create --source grp-cdl6h --protocol tcp --dport 7001,4001 fwp-dw0n6 id protocol source sport destination dport icmp_type description @@ -64,7 +64,7 @@ $ brightbox firewall-rules create --source grp-cdl6h --protocol tcp --dport 7001 And then allow all outgoing access from the servers in the group: -``` +```sh $ brightbox firewall-rules create --destination any fwp-dw0n6 id protocol source sport destination dport icmp_type description @@ -77,7 +77,7 @@ $ brightbox firewall-rules create --destination any fwp-dw0n6 You can find it by listing all images and grepping for CoreOS: -``` +```sh $ brightbox images list | grep CoreOS id owner type created_on status size name @@ -91,7 +91,7 @@ Before building the cluster, we need to generate a unique identifier for it, whi You can use any random string so we’ll use the `uuid` tool here to generate one: -``` +```sh $ TOKEN=`uuid` $ echo $TOKEN @@ -100,7 +100,7 @@ $ echo $TOKEN Then build three servers using the image, in the server group we created and specifying the token as the user data: -``` +```sh $ brightbox servers create -i 3 --type small --name "coreos" --user-data $TOKEN --server-groups grp-cdl6h {{site.brightbox-id}} Creating 3 small (typ-8fych) servers with image CoreOS {{site.brightbox-version}} ({{ site.brightbox-id }}) in groups grp-cdl6h with 0.05k of user data @@ -119,7 +119,7 @@ Those servers should take just a minute to build and boot. They automatically in If you’ve got ipv6 locally, you can ssh in directly: -``` +```sh $ ssh core@ipv6.srv-n8uak.gb1.brightbox.com The authenticity of host 'ipv6.srv-n8uak.gb1.brightbox.com (2a02:1348:17c:423d:24:19ff:fef1:8f6)' can't be established. RSA key fingerprint is 99:a5:13:60:07:5d:ac:eb:4b:f2:cb:c9:b2:ab:d7:21. diff --git a/running-coreos/cloud-providers/ec2/index.md b/running-coreos/cloud-providers/ec2/index.md index 9858158b9..1e0f3cadc 100644 --- a/running-coreos/cloud-providers/ec2/index.md +++ b/running-coreos/cloud-providers/ec2/index.md @@ -80,7 +80,7 @@ CoreOS allows you to configure machine parameters, launch systemd units on start The most common cloud-config for EC2 looks like: -``` +```yaml #cloud-config coreos: @@ -116,7 +116,7 @@ coreos: Ephemeral disks and additional EBS volumes attached to instances can be mounted with a `.mount` unit. Amazon's block storage devices are attached differently [depending on the instance type](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#InstanceStoreDeviceNames). Here's the cloud-config to mount the first ephemeral disk, `xvdb` on most instance types: -``` +```yaml #cloud-config coreos: units: diff --git a/running-coreos/cloud-providers/google-compute-engine/index.md b/running-coreos/cloud-providers/google-compute-engine/index.md index 0afc2c0c4..466d76789 100644 --- a/running-coreos/cloud-providers/google-compute-engine/index.md +++ b/running-coreos/cloud-providers/google-compute-engine/index.md @@ -19,7 +19,7 @@ CoreOS allows you to configure machine parameters, launch systemd units on start The most common cloud-config for GCE looks like: -``` +```yaml #cloud-config coreos: @@ -63,7 +63,7 @@ Create 3 instances from the image above using our cloud-config from `cloud-confi Additional disks attached to instances can be mounted with a `.mount` unit. Each disk can be accessed via `/dev/disk/by-id/google-`. Here's the cloud-config to mount a disk called `database-backup`: -``` +```yaml #cloud-config coreos: units: @@ -85,13 +85,15 @@ To add more instances to the cluster, just launch more with the same cloud-confi You can log in your CoreOS instances using: - gcutil --project= ssh --ssh_user=core +```sh +gcutil --project= ssh --ssh_user=core +``` ## Modify Existing Cloud-Config To modify an existing instance's cloud-config, read the `metadata-fingerprint` and provide it to the `setinstancemetadata` command along with your new `cloud-config.yaml`: -``` +```sh $ gcutil --project=coreos-gce-testing getinstance core2 INFO: Zone for core2 detected as us-central1-a. @@ -140,7 +142,7 @@ INFO: Zone for core2 detected as us-central1-a. +------------------------+-----------------------------------------------------+ ``` -``` +```sh gcutil --project= setinstancemetadata core2 --metadata_from_file=user-data:cloud-config.yaml --fingerprint="tgFMD53d3kI=" ``` diff --git a/running-coreos/cloud-providers/rackspace/index.md b/running-coreos/cloud-providers/rackspace/index.md index 7613c6312..bf2464033 100644 --- a/running-coreos/cloud-providers/rackspace/index.md +++ b/running-coreos/cloud-providers/rackspace/index.md @@ -72,7 +72,7 @@ CoreOS allows you to configure machine parameters, launch systemd units on start The most common Rackspace cloud-config looks like: -``` +```yaml #cloud-config coreos: @@ -95,7 +95,7 @@ coreos: Certain server flavors have separate system and data disks. To utilize the data disks or a Cloud Block Storage volume, they must be mounted with a `.mount` unit. -``` +```yaml #cloud-config coreos: units: @@ -118,7 +118,7 @@ We're going to install `rackspace-novaclient`, upload a keypair and boot the ima If you don't have `pip` installed, install it by running `sudo easy_install pip`. Now let's use `pip` to install Supernova, a tool that lets you easily switch Rackspace regions. Be sure to install these in the order listed: -``` +```sh sudo pip install keyring sudo pip install rackspace-novaclient sudo pip install supernova @@ -128,7 +128,7 @@ sudo pip install supernova Edit your config file (`~/.supernova`) to store your Rackspace username, API key (referenced as `OS_PASSWORD`) and some other settings. The `OS_TENANT_NAME` should be set to your Rackspace account ID, which is displayed in the upper right-hand corner of the cloud control panel UI. -``` +```ini [production] OS_AUTH_URL = https://identity.api.rackspacecloud.com/v2.0/ OS_USERNAME = username @@ -144,7 +144,7 @@ We're ready to create a keypair then boot a server with it. For this guide, I'm assuming you already have a public key you use for your CoreOS servers. Note that only RSA keypairs are supported. Load the public key to Rackspace: -``` +```sh supernova production keypair-add --pub-key ~/.ssh/coreos.pub coreos-key ``` @@ -220,7 +220,7 @@ First, install the [Heat CLI](https://github.com/openstack/python-heatclient) wi Second, verify that you're exporting your credentials for the CLI to use in your `~/bash_profile`: -``` +```sh export OS_AUTH_URL=https://identity.api.rackspacecloud.com/v2.0/ export OS_USERNAME= export OS_TENANT_ID= @@ -231,7 +231,7 @@ export OS_AUTH_SYSTEM=rackspace If you have credentials already set up for use with the Nova CLI, they may conflict due to oddities in these tools. Re-source your credientials: -``` +```sh source ~/.bash_profile ``` diff --git a/running-coreos/cloud-providers/vultr/index.md b/running-coreos/cloud-providers/vultr/index.md index 371639321..8f9338418 100644 --- a/running-coreos/cloud-providers/vultr/index.md +++ b/running-coreos/cloud-providers/vultr/index.md @@ -20,7 +20,7 @@ The simplest option to boot up CoreOS is to load a script that contains the seri A sample script will look like this : -``` +```ini #!ipxe set base-url http://alpha.release.core-os.net/amd64-usr/current @@ -52,7 +52,7 @@ You can now log in to CoreOS using the associated private key on your local comp SSH to the IP of your VPS, and specify the "core" user: ```ssh core@IP``` -``` +```sh $ ssh core@IP The authenticity of host 'IP (2a02:1348:17c:423d:24:19ff:fef1:8f6)' can't be established. RSA key fingerprint is 99:a5:13:60:07:5d:ac:eb:4b:f2:cb:c9:b2:ab:d7:21. diff --git a/running-coreos/platforms/eucalyptus/index.md b/running-coreos/platforms/eucalyptus/index.md index 819e26502..646bf6cf5 100644 --- a/running-coreos/platforms/eucalyptus/index.md +++ b/running-coreos/platforms/eucalyptus/index.md @@ -22,7 +22,7 @@ CoreOS is released into alpha and beta channels. Releases to each channel serve The channel is selected based on the URL below. Simply replace `alpha` with `beta`. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes in each channel. -``` +```sh $ wget -q http://alpha.release.core-os.net/amd64-usr/current/coreos_production_openstack_image.img.bz2 $ bunzip2 coreos_production_openstack_image.img.bz2 $ qemu-img convert -O raw coreos_production_openstack_image.img coreos_production_openstack_image.raw @@ -40,7 +40,7 @@ emi-E4A33D45 Now generate the ssh key that will be injected into the image for the `core` user and boot it up! -``` +```sh $ euca-create-keypair coreos > core.pem $ euca-run-instances emi-E4A33D45 -k coreos -t m1.medium -g default ... @@ -49,7 +49,7 @@ $ euca-run-instances emi-E4A33D45 -k coreos -t m1.medium -g default Your first CoreOS instance should now be running. The only thing left to do is find the IP and SSH in. -``` +```sh $ euca-describe-instances | grep coreos RESERVATION r-BCF44206 498025213678 group-1380012085 INSTANCE i-22444094 emi-E4A33D45 euca-10-0-1-61.cloud.home euca-172-16-0-56.cloud.internal running coreos 0 @@ -59,7 +59,7 @@ INSTANCE i-22444094 emi-E4A33D45 euca-10-0-1-61.cloud.home Finally SSH into it, note that the user is `core`: -``` +```sh $ chmod 400 core.pem $ ssh -i core.pem core@10.0.1.61 ______ ____ _____ diff --git a/running-coreos/platforms/libvirt/index.md b/running-coreos/platforms/libvirt/index.md index 780ded47a..172e09b84 100644 --- a/running-coreos/platforms/libvirt/index.md +++ b/running-coreos/platforms/libvirt/index.md @@ -30,70 +30,74 @@ The channel is selected based on the URL below. Simply replace `alpha` with `bet We start by downloading the most recent disk image: - mkdir -p /var/lib/libvirt/images/coreos0 - cd /var/lib/libvirt/images/coreos0 - wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_qemu_image.img.bz2 - bunzip2 coreos_production_qemu_image.img.bz2 +```sh +mkdir -p /var/lib/libvirt/images/coreos0 +cd /var/lib/libvirt/images/coreos0 +wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_qemu_image.img.bz2 +bunzip2 coreos_production_qemu_image.img.bz2 +``` ## Virtual machine configuration Now create /tmp/coreos0.xml with the following contents: - - coreos0 - 1048576 - 1048576 - 1 - - hvm - - - - - - - - - destroy - restart - restart - - /usr/bin/qemu-kvm - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +```xml + + coreos0 + 1048576 + 1048576 + 1 + + hvm + + + + + + + + + destroy + restart + restart + + /usr/bin/qemu-kvm + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +``` You can change any of these parameters later. @@ -101,17 +105,21 @@ You can change any of these parameters later. Now create a config drive file system to configure CoreOS itself: - mkdir -p /var/lib/libvirt/images/coreos0/configdrive/openstack/latest - touch /var/lib/libvirt/images/coreos0/configdrive/openstack/latest/user_data +```sh +mkdir -p /var/lib/libvirt/images/coreos0/configdrive/openstack/latest +touch /var/lib/libvirt/images/coreos0/configdrive/openstack/latest/user_data +``` The `user_data` file may contain a script for a [cloud config][cloud-config] file. We recommend using ssh keys to log into the VM so at a minimum the contents of `user_data` should look something like this: - #cloud-config +```yaml +#cloud-config - ssh_authorized_keys: - - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGdByTgSVHq....... +ssh_authorized_keys: + - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGdByTgSVHq....... + ``` [cloud-config]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config @@ -122,23 +130,24 @@ example the VM will be attached directly to the local network via a bridge on the host's eth0 and the local network. To configure a static address add a [networkd unit][systemd-network] to `user_data`: +```yaml +#cloud-config - #cloud-config +ssh_authorized_keys: + - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGdByTgSVHq....... - ssh_authorized_keys: - - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGdByTgSVHq....... +coreos: + units: + - name: 10-ens3.network + content: | + [Match] + MACAddress=52:54:00:fe:b3:c0 - coreos: - units: - - name: 10-ens3.network - content: | - [Match] - MACAddress=52:54:00:fe:b3:c0 - - [Network] - Address=203.0.113.2/24 - Gateway=203.0.113.1 - DNS=8.8.8.8 + [Network] + Address=203.0.113.2/24 + Gateway=203.0.113.1 + DNS=8.8.8.8 +``` [systemd-network]: http://www.freedesktop.org/software/systemd/man/systemd.network.html @@ -147,26 +156,34 @@ add a [networkd unit][systemd-network] to `user_data`: Now import the XML as new VM into your libvirt instance and start it: - virsh create /tmp/coreos0.xml +```sh +virsh create /tmp/coreos0.xml +``` Once the virtual machine has started you can log in via SSH: - ssh core@203.0.113.2 +```sh +ssh core@203.0.113.2 +``` ### SSH Config To simplify this and avoid potential host key errors in the future add the following to `~/.ssh/config`: - Host coreos0 - HostName 203.0.113.2 - User core - StrictHostKeyChecking no - UserKnownHostsFile /dev/null +```ini +Host coreos0 +HostName 203.0.113.2 +User core +StrictHostKeyChecking no +UserKnownHostsFile /dev/null +``` Now you can log in to the virtual machine with: - ssh coreos0 +```sh +ssh coreos0 +``` ## Using CoreOS diff --git a/running-coreos/platforms/openstack/index.md b/running-coreos/platforms/openstack/index.md index f34765307..c18a57bc4 100644 --- a/running-coreos/platforms/openstack/index.md +++ b/running-coreos/platforms/openstack/index.md @@ -23,7 +23,7 @@ CoreOS is released into alpha and beta channels. Releases to each channel serve The channel is selected based on the URL below. Simply replace `alpha` with `beta`. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes in each channel. -``` +```sh $ wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_openstack_image.img.bz2 $ bunzip2 coreos_production_openstack_image.img.bz2 $ glance image-create --name CoreOS \ @@ -64,7 +64,7 @@ In order for this to work your OpenStack cloud provider must support [config dri The most common cloud-config for Openstack looks like: -``` +```yaml #cloud-config coreos: @@ -88,7 +88,7 @@ ssh_authorized_keys: Boot the machines with the `nova` CLI, referencing the image ID from the import step above and your `cloud-config.yaml`: -``` +```sh nova boot \ --user-data ./cloud-config.yaml \ --image cdf3874c-c27f-4816-bc8c-046b240e0edd \ @@ -103,7 +103,7 @@ To use config drive you may need to add `--config-drive=true` to command above. Your first CoreOS cluster should now be running. The only thing left to do is find an IP and SSH in. -``` +```sh $ nova list +--------------------------------------+-----------------+--------+------------+-------------+-------------------+ | ID | Name | Status | Task State | Power State | Networks | @@ -116,7 +116,7 @@ $ nova list Finally SSH into an instance, note that the user is `core`: -``` +```sh $ chmod 400 core.pem $ ssh -i core.pem core@10.0.0.3 ______ ____ _____ @@ -136,7 +136,7 @@ with the others. Example: -``` +```sh nova boot \ --user-data ./cloud-config.yaml \ --image cdf3874c-c27f-4816-bc8c-046b240e0edd \ diff --git a/running-coreos/platforms/qemu/index.md b/running-coreos/platforms/qemu/index.md index 4ba9628c1..5a29feaa9 100644 --- a/running-coreos/platforms/qemu/index.md +++ b/running-coreos/platforms/qemu/index.md @@ -34,7 +34,9 @@ Linux. It should be available on just about any distro. Documentation for [Debian][qemudeb] has more details but to get started all you need is: - sudo apt-get install qemu-system-x86 qemu-utils +```sh +sudo apt-get install qemu-system-x86 qemu-utils +``` [qemudeb]: https://wiki.debian.org/QEMU @@ -42,7 +44,9 @@ all you need is: The Fedora wiki has a [quick howto][qemufed] but the basic install is easy: - sudo yum install qemu-system-x86 qemu-img +```sh +sudo yum install qemu-system-x86 qemu-img +``` [qemufed]: https://fedoraproject.org/wiki/How_to_use_qemu @@ -50,7 +54,9 @@ The Fedora wiki has a [quick howto][qemufed] but the basic install is easy: This is all you need to get started: - sudo pacman -S qemu +```sh +sudo pacman -S qemu +``` More details can be found on [Arch's QEMU wiki page](https://wiki.archlinux.org/index.php/Qemu). @@ -60,8 +66,10 @@ As to be expected Gentoo can be a little more complicated but all the required kernel options and USE flags are covered in the [Gentoo Wiki][qemugen]. Usually this should be sufficient: - echo app-emulation/qemu qemu_softmmu_targets_x86_64 virtfs xattr >> /etc/portage/package.use - emerge -av app-emulation/qemu +```sh +echo app-emulation/qemu qemu_softmmu_targets_x86_64 virtfs xattr >> /etc/portage/package.use +emerge -av app-emulation/qemu +``` [qemugen]: http://wiki.gentoo.org/wiki/QEMU @@ -80,14 +88,18 @@ The channel is selected based on the URL below. Simply replace `alpha` with `bet There are two files you need: the disk image (provided in qcow2 format) and the wrapper shell script to start QEMU. - mkdir coreos; cd coreos - wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_qemu.sh - wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_qemu_image.img.bz2 -O - | bzcat > coreos_production_qemu_image.img - chmod +x coreos_production_qemu.sh +```sh +mkdir coreos; cd coreos +wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_qemu.sh +wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_qemu_image.img.bz2 -O - | bzcat > coreos_production_qemu_image.img +chmod +x coreos_production_qemu.sh +``` Starting is as simple as: - ./coreos_production_qemu.sh -nographic +```sh +./coreos_production_qemu.sh -nographic +``` ### SSH Keys @@ -98,7 +110,9 @@ look for public keys in ssh-agent if available and at the default locations `~/.ssh/id_dsa.pub` or `~/.ssh/id_rsa.pub`. If you need to provide an alternate location use the -a option: - ./coreos_production_qemu.sh -a ~/.ssh/authorized_keys -- -nographic +```sh +./coreos_production_qemu.sh -a ~/.ssh/authorized_keys -- -nographic +``` Note: Options such as `-a` for the wrapper script must be specified before any options for QEMU. To make the separation between the two explicit @@ -107,24 +121,29 @@ you can use `--` but that isn't required. See Once the virtual machine has started you can log in via SSH: - ssh -l core -p 2222 localhost +```sh +ssh -l core -p 2222 localhost +``` ### SSH Config To simplify this and avoid potential host key errors in the future add the following to `~/.ssh/config`: - Host coreos - HostName localhost - Port 2222 - User core - StrictHostKeyChecking no - UserKnownHostsFile /dev/null +```sh +Host coreos +HostName localhost +Port 2222 +User core +StrictHostKeyChecking no +UserKnownHostsFile /dev/null +``` Now you can log in to the virtual machine with: - ssh coreos - +```sh +ssh coreos +``` ## Using CoreOS diff --git a/running-coreos/platforms/vagrant/index.md b/running-coreos/platforms/vagrant/index.md index 1d038e2af..398bedea8 100644 --- a/running-coreos/platforms/vagrant/index.md +++ b/running-coreos/platforms/vagrant/index.md @@ -31,7 +31,7 @@ Now that you have Vagrant installed you can bring up a CoreOS instance. The following commands will clone a repository that contains the CoreOS Vagrantfile. This file tells Vagrant where it can find the latest disk image of CoreOS. Vagrant will download the image the first time you attempt to start the VM. -``` +```sh git clone https://github.com/coreos/coreos-vagrant.git cd coreos-vagrant ``` @@ -42,7 +42,7 @@ CoreOS allows you to configure machine parameters, launch systemd units on start The most common cloud-config for Vagrant looks like: -``` +```yaml #cloud-config coreos: @@ -78,13 +78,13 @@ Make sure you provide a fresh discovery URL in your `user-data` if you wish to b Start the machine(s): -``` +```sh vagrant up ``` List the status of the running machines: -``` +```sh $ vagrant status Current machine states: @@ -99,7 +99,7 @@ VM, run `vagrant status NAME`. Connect to one of the machines: -``` +```sh vagrant ssh core-01 ``` @@ -107,7 +107,7 @@ vagrant ssh core-01 If you have purchased the [VMware Vagrant provider](http://www.vagrantup.com/vmware), run the following commands: -``` +```sh vagrant up --provider vmware_fusion vagrant ssh core-01 ``` @@ -116,7 +116,7 @@ vagrant ssh core-01 Optionally, you can share a folder from your laptop into the virtual machine. This is useful for easily getting code and Dockerfiles into CoreOS. -``` +```ini config.vm.network "private_network", ip: "172.12.8.150" config.vm.synced_folder ".", "/home/core/share", id: "core", :nfs => true, :mount_options => ['nolock,vers=3,udp'] ``` @@ -129,14 +129,14 @@ CoreOS is a rolling release distribution and versions that are out of date will If you want to start from the most up to date version you will need to make sure that you have the latest box file of CoreOS. Simply remove the old box file and Vagrant will download the latest one the next time you `vagrant up`. -``` +```sh vagrant box remove coreos-alpha vmware_fusion vagrant box remove coreos-alpha virtualbox ``` If you'd like to download the box separately, you can download the URL contained in the Vagrantfile and add it manually: -``` +```sh vagrant box add coreos-alpha ``` diff --git a/running-coreos/platforms/vmware/index.md b/running-coreos/platforms/vmware/index.md index be945a1ac..050d6f1ef 100644 --- a/running-coreos/platforms/vmware/index.md +++ b/running-coreos/platforms/vmware/index.md @@ -26,7 +26,7 @@ The channel is selected based on the URL below. Simply replace `alpha` with `bet This is a rough sketch that should work on OSX and Linux: -``` +```sh curl -LO http://alpha.release.core-os.net/amd64-usr/current/coreos_production_vmware_insecure.zip unzip coreos_production_vmware_insecure.zip -d coreos_production_vmware_insecure cd coreos_production_vmware_insecure @@ -37,15 +37,18 @@ open coreos_production_vmware_insecure.vmx * follow the steps above to download and extract the coreos_production_vmware_insecure.zip * download and run the [OVF Tool 3.5.0 installer](https://developercenter.vmware.com/tool/ovf) Requires VMware account login but the download is free. Available for Linux, OSX & Windows for both 32 & 64 bit architectures. * convert VM to OVF from the extract dir -``` + +```sh cd coreos_developer_vmware_insecure mkdir coreos ovftool coreos_production_vmware_insecure.vmx coreos/coreos.insecure.ovf ``` + NOTE: This uses defaults and creates a single core, 1024MB type 4 VM when deployed. To change before deployment, see ovftool --help or manually edit the coreos.insecure.ovf If you do manually edit the OVF file, you will also need to recalculate the SHA1 and update the coreos.insecure.mf accordingly The above step creates the following files in ../coreos/: -``` + +```sh coreos.insecure-disk1.vmdk coreos.insecure.ovf coreos.insecure.mf @@ -83,7 +86,7 @@ In this case the IP is `10.0.1.81`. Now you can login using the shared and insecure private SSH key. -``` +```sh cd coreos_developer_vmware_insecure ssh -i insecure_ssh_key core@10.0.1.81 ``` @@ -94,7 +97,7 @@ We highly recommend that you disable the original insecure OEM SSH key and replace it with your own. This is a simple two step process: first, add your public key, and then remove the original OEM one. -``` +```sh cat ~/.ssh/id_rsa.pub | ssh core@10.0.1.81 -i insecure_ssh_key update-ssh-keys -a user ssh core@10.0.1.81 update-ssh-keys -D oem ``` From 9bd5d105f3aaaa632990205e30ad7276c6d21677 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 29 May 2014 17:48:18 -0700 Subject: [PATCH 0100/1291] feat(sdk-distributors): add syntax highlighting hints --- .../notes-for-distributors/index.md | 8 ++++--- .../sdk/building-development-images/index.md | 16 ++++++------- .../sdk/building-production-images/index.md | 4 ++-- .../sdk/modifying-coreos/index.md | 24 +++++++++---------- sdk-distributors/sdk/tips-and-tricks/index.md | 10 ++++---- 5 files changed, 32 insertions(+), 30 deletions(-) diff --git a/sdk-distributors/distributors/notes-for-distributors/index.md b/sdk-distributors/distributors/notes-for-distributors/index.md index 4e1241894..9bd6a8c55 100644 --- a/sdk-distributors/distributors/notes-for-distributors/index.md +++ b/sdk-distributors/distributors/notes-for-distributors/index.md @@ -16,9 +16,11 @@ If you are importing images for use inside of your environment it is recommended It is recommended that you also verify files using the [CoreOS Image Signing Key][signing-key]. The GPG signature for each image is a detached `.sig` file that must be passed to `gpg --verify`. For example: - wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_openstack_image.img.bz2 - wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_openstack_image.img.bz2.sig - gpg --verify coreos_production_openstack_image.img.bz2.sig +```sh +wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_openstack_image.img.bz2 +wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_openstack_image.img.bz2.sig +gpg --verify coreos_production_openstack_image.img.bz2.sig +``` [signing-key]: {{site.url}}/security/image-signing-key diff --git a/sdk-distributors/sdk/building-development-images/index.md b/sdk-distributors/sdk/building-development-images/index.md index 3695f4aff..3113741e4 100644 --- a/sdk-distributors/sdk/building-development-images/index.md +++ b/sdk-distributors/sdk/building-development-images/index.md @@ -16,7 +16,7 @@ target VM. 1. On your workstation start the dev server inside the SDK chroot: -``` +```sh start_devserver --port 8080 ``` @@ -25,7 +25,7 @@ NOTE: This port will need to be internet accessible. 2. Run /usr/local/bin/gmerge from your VM and ensure that the settings in `/etc/lsb-release` point to your workstation IP/hostname and port -``` +```sh /usr/local/bin/gmerge coreos-base/update_engine ``` @@ -34,26 +34,26 @@ NOTE: This port will need to be internet accessible. If you want to test that an image you built can successfully upgrade a running VM you can use the `--image` argument to the devserver. Here is an example: -``` +```sh start_devserver --image ../build/images/amd64-usr/latest/chromiumos_image.bin ``` From the target virtual machine you run: -``` +```sh update_engine_client -update -omaha_url http://$WORKSTATION_HOSTNAME:8080/update ``` If the update fails you can check the logs of the update engine by running: -``` +```sh journalctl -u update-engine -o cat ``` If you want to download another update you may need to clear the reboot pending status: -``` +```sh update_engine_client -reset_status ``` @@ -63,13 +63,13 @@ There is a utility script called `update_ebuilds` that can pull from Gentoo's CVS tree directly into your local portage-stable tree. Here is an example usage bumping go to the latest version: -``` +```sh ./update_ebuilds --commit dev-lang/go ``` To create a Pull Request after the bump run: -``` +```sh cd ~/trunk/src/third_party/portage-stable git checkout -b 'bump-go' git push bump-go diff --git a/sdk-distributors/sdk/building-production-images/index.md b/sdk-distributors/sdk/building-production-images/index.md index 9b7c83656..7175ad3c2 100644 --- a/sdk-distributors/sdk/building-production-images/index.md +++ b/sdk-distributors/sdk/building-production-images/index.md @@ -99,7 +99,7 @@ values. Note: Add `COREOS_OFFICIAL=1` here if you are making a real release. That will change the version to leave off the build id suffix. -``` +```sh ./build_image prod --group alpha ``` @@ -129,7 +129,7 @@ automatically as `coreos_production_update.gz` and to generate the payload is `coreos_production_update.bin.bz2`. As an example, to publish the insecurely signed payload: -``` +```sh URL=http://builds.release.core-os.net/alpha/amd64-usr/321.0.0 cd $(mktemp -d) gsutil -m cp $URL/coreos_production_update* ./ diff --git a/sdk-distributors/sdk/modifying-coreos/index.md b/sdk-distributors/sdk/modifying-coreos/index.md index ba9547f17..b7a899858 100644 --- a/sdk-distributors/sdk/modifying-coreos/index.md +++ b/sdk-distributors/sdk/modifying-coreos/index.md @@ -38,7 +38,7 @@ System requirements to get started: You also need a proper git setup: -``` +```sh git config --global user.email "you@example.com" git config --global user.name "Your Name" ``` @@ -51,7 +51,7 @@ git config --global user.name "Your Name" repositories that makes up CoreOS. Pull down the code and add it to your path: -``` +```sh git clone https://chromium.googlesource.com/chromium/tools/depot_tools.git export PATH="$PATH":`pwd`/depot_tools ``` @@ -64,20 +64,20 @@ need to reset your $PATH manually each time you open a new shell. Create a project directory. This will hold all of your git repos and the SDK chroot. A few gigs of space will be necessary. -``` +```sh mkdir coreos; cd coreos ``` Initialize the .repo directory with the manifest that describes all of the git repos required to get started. -``` +```sh repo init -u https://github.com/coreos/manifest.git -g minilayout --repo-url https://chromium.googlesource.com/external/repo.git ``` Synchronize all of the required git repos from the manifest. -``` +```sh repo sync ``` @@ -86,7 +86,7 @@ repo sync Download and enter the SDK chroot which contains all of the compilers and tooling. -``` +```sh ./chromite/bin/cros_sdk ``` @@ -96,32 +96,32 @@ entries that are bind mounted into the chroot. Set up the "core" user's password. -``` +```sh ./set_shared_user_password.sh ``` Target amd64-usr for this image: -``` +```sh echo amd64-usr > .default_board ``` Setup a board root filesystem in /build/${BOARD}: -``` +```sh ./setup_board ``` Build all of the target binary packages: -``` +```sh ./build_packages ``` Build an image based on the built binary packages along with the developer overlay: -``` +```sh ./build_image --noenable_rootfs_verification dev ``` @@ -139,7 +139,7 @@ systemd-rest, allows you to stop and start units via HTTP. The other is a small server that you can play with shutting off and on called motd-http. You can try these daemons with: -``` +```sh curl http://127.0.0.1:8000 curl http://127.0.0.1:8080/units/motd-http.service/stop/replace curl http://127.0.0.1:8000 diff --git a/sdk-distributors/sdk/tips-and-tricks/index.md b/sdk-distributors/sdk/tips-and-tricks/index.md index b0c09dfd9..ee19b1780 100644 --- a/sdk-distributors/sdk/tips-and-tricks/index.md +++ b/sdk-distributors/sdk/tips-and-tricks/index.md @@ -20,7 +20,7 @@ weight: 7 Using `repo forall` you can search across all of the git repos at once: -``` +```sh repo forall -c git grep 'CONFIG_EXTRA_FIRMWARE_DIR' ``` @@ -31,7 +31,7 @@ Note: You need git 1.7.10 or newer to use the credential helper Turn on the credential helper and git will save your password in memory for some time: -``` +```sh git config --global credential.helper cache ``` @@ -44,7 +44,7 @@ this. Get a view into what the base system will contain and why it will contain those things with the emerge tree view: -``` +```sh emerge-amd64-usr --emptytree -p -v --tree coreos-base/coreos-dev ``` @@ -53,7 +53,7 @@ emerge-amd64-usr --emptytree -p -v --tree coreos-base/coreos-dev You will be booting lots of VMs with on the fly ssh key generation. Add this in your `$HOME/.ssh/config` to stop the annoying fingerprint warnings. -``` +```ini Host 127.0.0.1 StrictHostKeyChecking no UserKnownHostsFile /dev/null @@ -68,7 +68,7 @@ including loop devices used to contruct CoreOS disk images. If the daemon responsible for this happens to be ``udisks`` then you can disable this behavior with the following udev rule: -``` +```sh echo 'SUBSYSTEM=="block", KERNEL=="ram*|loop*", ENV{UDISKS_PRESENTATION_HIDE}="1", ENV{UDISKS_PRESENTATION_NOPOLICY}="1"' > /etc/udev/rules.d/85-hide-loop.rules udevadm control --reload ``` From 49581150cbbf20b5bc81426d83e9a92d79aa833b Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 29 May 2014 17:54:23 -0700 Subject: [PATCH 0101/1291] fix(running-coreos): remove hints from embedded html for now --- .../bare-metal/booting-with-ipxe/index.md | 14 ++++++-------- .../bare-metal/booting-with-pxe/index.md | 16 ++++++++-------- .../bare-metal/installing-to-disk/index.md | 8 ++------ 3 files changed, 16 insertions(+), 22 deletions(-) diff --git a/running-coreos/bare-metal/booting-with-ipxe/index.md b/running-coreos/bare-metal/booting-with-ipxe/index.md index 68834b8fa..f30538197 100644 --- a/running-coreos/bare-metal/booting-with-ipxe/index.md +++ b/running-coreos/bare-metal/booting-with-ipxe/index.md @@ -32,25 +32,23 @@ CoreOS is released into alpha and beta channels. Releases to each channel serve

iPXE downloads a boot script from a publicly available URL. You will need to host this URL somewhere public and replace the example SSH key with your own. You can also run a custom iPXE server.

-
- 
#!ipxe
+      
+#!ipxe
 
 set base-url http://alpha.release.core-os.net/amd64-usr/current
 kernel ${base-url}/coreos_production_pxe.vmlinuz sshkey="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAYQC2PxAKTLdczK9+RNsGGPsz0eC2pBlydBEcrbI7LSfiN7Bo5hQQVjki+Xpnp8EEYKpzu6eakL8MJj3E28wT/vNklT1KyMZrXnVhtsmOtBKKG/++odpaavdW2/AU0l7RZiE= coreos pxe demo"
 initrd ${base-url}/coreos_production_pxe_image.cpio.gz
-boot

-
+boot

iPXE downloads a boot script from a publicly available URL. You will need to host this URL somewhere public and replace the example SSH key with your own. You can also run a custom iPXE server.

-
- 
#!ipxe
+      
+#!ipxe
 
 set base-url http://beta.release.core-os.net/amd64-usr/current
 kernel ${base-url}/coreos_production_pxe.vmlinuz sshkey="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAYQC2PxAKTLdczK9+RNsGGPsz0eC2pBlydBEcrbI7LSfiN7Bo5hQQVjki+Xpnp8EEYKpzu6eakL8MJj3E28wT/vNklT1KyMZrXnVhtsmOtBKKG/++odpaavdW2/AU0l7RZiE= coreos pxe demo"
 initrd ${base-url}/coreos_production_pxe_image.cpio.gz
-boot

-
+boot
diff --git a/running-coreos/bare-metal/booting-with-pxe/index.md b/running-coreos/bare-metal/booting-with-pxe/index.md index e159fc324..7dc41862e 100644 --- a/running-coreos/bare-metal/booting-with-pxe/index.md +++ b/running-coreos/bare-metal/booting-with-pxe/index.md @@ -82,28 +82,28 @@ PXE booted machines cannot currently update themselves when new versions are rel

In the config above you can see that a Kernel image and a initramfs file is needed. Download these two files into your tftp root.

The coreos_production_pxe.vmlinuz.sig and coreos_production_pxe_image.cpio.gz.sig files can be used to verify the downloaded files.

-
- 
cd /var/lib/tftpboot
+      
+cd /var/lib/tftpboot
 wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_pxe.vmlinuz
 wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_pxe.vmlinuz.sig
 wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_pxe_image.cpio.gz
 wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_pxe_image.cpio.gz.sig
 gpg --verify coreos_production_pxe.vmlinuz.sig
-gpg --verify coreos_production_pxe_image.cpio.gz.sig

-
+gpg --verify coreos_production_pxe_image.cpio.gz.sig +

In the config above you can see that a Kernel image and a initramfs file is needed. Download these two files into your tftp root.

The coreos_production_pxe.vmlinuz.sig and coreos_production_pxe_image.cpio.gz.sig files can be used to verify the downloaded files.

-
- 
cd /var/lib/tftpboot
+      
+cd /var/lib/tftpboot
 wget http://beta.release.core-os.net/amd64-usr/current/coreos_production_pxe.vmlinuz
 wget http://beta.release.core-os.net/amd64-usr/current/coreos_production_pxe.vmlinuz.sig
 wget http://beta.release.core-os.net/amd64-usr/current/coreos_production_pxe_image.cpio.gz
 wget http://beta.release.core-os.net/amd64-usr/current/coreos_production_pxe_image.cpio.gz.sig
 gpg --verify coreos_production_pxe.vmlinuz.sig
-gpg --verify coreos_production_pxe_image.cpio.gz.sig

-
+gpg --verify coreos_production_pxe_image.cpio.gz.sig +
diff --git a/running-coreos/bare-metal/installing-to-disk/index.md b/running-coreos/bare-metal/installing-to-disk/index.md index 12db464b7..1580f2151 100644 --- a/running-coreos/bare-metal/installing-to-disk/index.md +++ b/running-coreos/bare-metal/installing-to-disk/index.md @@ -35,16 +35,12 @@ CoreOS is released into alpha and beta channels. Releases to each channel serve

The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

If you want to ensure you are installing the latest alpha version, use the -C option:

-
- 
coreos-install -d /dev/sda -C alpha
-
+ 
coreos-install -d /dev/sda -C alpha

The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.beta-channel}}.

If you want to ensure you are installing the latest beta version, use the -C option:

-
- 
coreos-install -d /dev/sda -C beta
-
+ 
coreos-install -d /dev/sda -C beta
From 9db448ba95c0b7bdb713c896d1209eca58686482 Mon Sep 17 00:00:00 2001 From: Michael Marineau Date: Fri, 30 May 2014 14:30:20 -0700 Subject: [PATCH 0102/1291] fix(building-development-images): Clean up text a little - no absolute paths - bug fixed so no need to set the board name --- sdk-distributors/sdk/building-development-images/index.md | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/sdk-distributors/sdk/building-development-images/index.md b/sdk-distributors/sdk/building-development-images/index.md index bb5f06a6a..89118a2c5 100644 --- a/sdk-distributors/sdk/building-development-images/index.md +++ b/sdk-distributors/sdk/building-development-images/index.md @@ -20,14 +20,13 @@ target VM. start_devserver --port 8080 ``` -NOTE: This port will need to be internet accessible. +NOTE: This port will need to be Internet accessible if your VM is remote. -2. Run `/usr/bin/gmerge` from your VM and ensure that the settings in +2. Run `gmerge` from your VM and ensure that the `DEVSERVER` setting in `/etc/coreos/update.conf` point to your workstation IP/hostname and port. - You'll need to set `DEVSERVER` and `COREOS_RELEASE_BOARD` (likely `amd64-usr`). ```sh -/usr/bin/gmerge coreos-base/update_engine +gmerge coreos-base/update_engine ``` ### Updating an Image with Update Engine From 9d2b67eb4181e2b6a245b0031fc184b491ca146c Mon Sep 17 00:00:00 2001 From: Cole Gleason Date: Wed, 28 May 2014 15:45:36 -0700 Subject: [PATCH 0103/1291] Remove outdated info on testing image after boot. --- sdk-distributors/sdk/modifying-coreos/index.md | 13 ------------- 1 file changed, 13 deletions(-) diff --git a/sdk-distributors/sdk/modifying-coreos/index.md b/sdk-distributors/sdk/modifying-coreos/index.md index b7a899858..7fdd46ab2 100644 --- a/sdk-distributors/sdk/modifying-coreos/index.md +++ b/sdk-distributors/sdk/modifying-coreos/index.md @@ -133,19 +133,6 @@ a bootable vm will be printed. Run the `image_to_vm.sh` command. Once you build an image you can launch it with KVM (instructions will print out after `image_to_vm.sh` runs). -To demo the general direction we are starting in now the OS starts two -small daemons that you can access over an HTTP interface. The first, -systemd-rest, allows you to stop and start units via HTTP. The other is a -small server that you can play with shutting off and on called -motd-http. You can try these daemons with: - -```sh -curl http://127.0.0.1:8000 -curl http://127.0.0.1:8080/units/motd-http.service/stop/replace -curl http://127.0.0.1:8000 -curl http://127.0.0.1:8080/units/motd-http.service/start/replace -``` - ## Making Changes ### git and repo From e5eaca699ce37c703386b33836e13648b6d2c37b Mon Sep 17 00:00:00 2001 From: bhiles Date: Mon, 2 Jun 2014 11:45:37 -0700 Subject: [PATCH 0104/1291] Add doc link to vagrant clustering explanation --- running-coreos/platforms/vagrant/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/running-coreos/platforms/vagrant/index.md b/running-coreos/platforms/vagrant/index.md index 398bedea8..3dadbec74 100644 --- a/running-coreos/platforms/vagrant/index.md +++ b/running-coreos/platforms/vagrant/index.md @@ -143,4 +143,4 @@ vagrant box add coreos-alpha ## Using CoreOS Now that you have a machine booted it is time to play around. -Check out the [CoreOS Quickstart]({{site.url}}/docs/quickstart) guide or dig into [more specific topics]({{site.url}}/docs). +Check out the [CoreOS Quickstart]({{site.url}}/docs/quickstart) guide, learn about [CoreOS clustering with Vagrant]({{site.url}}/blog/coreos-clustering-with-vagrant/), or dig into [more specific topics]({{site.url}}/docs). From 20d46ee9c5db08937c3c53207517dac65f82d0b5 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Mon, 2 Jun 2014 14:32:59 -0700 Subject: [PATCH 0105/1291] feat(launching-containers): link to new fleet unit doc --- .../launching/launching-containers-fleet/index.md | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/launching-containers/launching/launching-containers-fleet/index.md b/launching-containers/launching/launching-containers-fleet/index.md index c7fc3d185..7c817f0d0 100644 --- a/launching-containers/launching/launching-containers-fleet/index.md +++ b/launching-containers/launching/launching-containers-fleet/index.md @@ -9,9 +9,9 @@ weight: 2 # Launching Containers with fleet -`fleet` is a cluster manager that controls `systemd` at the cluster level. To run your services in the cluster, you must submit regular systemd units combined with a few fleet-specific properties. +`fleet` is a cluster manager that controls `systemd` at the cluster level. To run your services in the cluster, you must submit regular systemd units combined with a few [fleet-specific properties]({{site.url}}/docs/launching-containers/launching/fleet-unit-files/). -If you're not familiar with systemd units, check out our [Getting Started with systemd]({{site.url}}/docs/launching-containers/launching/getting-started-with-systemd) guide. +If you're not familiar with systemd units, check out our [Getting Started with systemd]({{site.url}}/docs/launching-containers/launching/getting-started-with-systemd) guide. This guide assumes you're running `fleetctl` locally from a CoreOS machine that's part of a CoreOS cluster. You can also [control your cluster remotely]({{site.url}}/docs/launching-containers/launching/fleet-using-the-client/#get-up-and-running). All of the units referenced in this blog post are contained in the [unit-examples](https://github.com/coreos/unit-examples/tree/master/simple-fleet) repository. You can clone this onto your CoreOS box to make unit submission easier. @@ -73,7 +73,9 @@ ExecStop=/usr/bin/docker stop apache X-Conflicts=apache.*.service ``` -The `X-Conflicts` attribute tells `fleet` that these two services can't be run on the same machine, giving us high availability. Let's start both units and verify that they're on two different machines: +The `X-Conflicts` attribute tells `fleet` that these two services can't be run on the same machine, giving us high availability. A full list of options for this section can be found in the [fleet units guide]({{site.url}}/docs/launching-containers/launching/fleet-unit-files/). + +Let's start both units and verify that they're on two different machines: ```sh $ fleetctl start apache.* @@ -109,7 +111,7 @@ This unit has a few interesting properties. First, it uses `BindsTo` to link the Second is `%H`, a variable built into systemd, that represents the hostname of the machine running this unit. Variable usage is covered in our [Getting Started with systemd]({{site.url}}/docs/launching-containers/launching/getting-started-with-systemd/#unit-variables) guide as well as in [systemd documentation](http://www.freedesktop.org/software/systemd/man/systemd.unit.html#Specifiers). -The third is a fleet-specific property called `X-ConditionMachineOf`. This property causes the unit to be placed onto the same machine that `apache.1.service` is running on. +The third is a [fleet-specific property]({{site.url}}/docs/launching-containers/launching/fleet-unit-files/) called `X-ConditionMachineOf`. This property causes the unit to be placed onto the same machine that `apache.1.service` is running on. Let's verify that each unit was placed on to the same machine as the Apache service is is bound to: @@ -143,5 +145,5 @@ If you're running in the cloud, many services have APIs that can be automated ba #### More Information Example Deployment with fleet -fleet Unit Specifications +fleet Unit Specifications fleet Configuration From b45a23b1e5837c7222e6e759cc538b0483b4184c Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Tue, 3 Jun 2014 15:56:46 -0700 Subject: [PATCH 0106/1291] fix(running-coreos): fix bad link --- running-coreos/bare-metal/booting-with-ipxe/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/running-coreos/bare-metal/booting-with-ipxe/index.md b/running-coreos/bare-metal/booting-with-ipxe/index.md index f30538197..146171c9e 100644 --- a/running-coreos/bare-metal/booting-with-ipxe/index.md +++ b/running-coreos/bare-metal/booting-with-ipxe/index.md @@ -94,7 +94,7 @@ CoreOS can be completely installed on disk or run from RAM but store user data o ## Adding a Custom OEM -Similar to the [OEM partition][oem] in CoreOS disk images, iPXE images can be customized with a [cloud config][cloud-config] bundled in the initramfs. You can view the [instructions on the PXE docs]({{site.url/docs/bare-metal/booting-with-pxe/#adding-a-custom-oem}}). +Similar to the [OEM partition][oem] in CoreOS disk images, iPXE images can be customized with a [cloud config][cloud-config] bundled in the initramfs. You can view the [instructions on the PXE docs]({{site.url}}/docs/bare-metal/booting-with-pxe/#adding-a-custom-oem). [oem]: {{site.url}}/docs/sdk-distributors/distributors/notes-for-distributors/#image-customization [cloud-config]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/ From 4c7e498ac9aefe0973ffab05afaa2e14a0c5a42a Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Tue, 3 Jun 2014 10:56:58 -0700 Subject: [PATCH 0107/1291] feat(running-coreos): split vagrant clustering and single machine --- running-coreos/platforms/vagrant/index.md | 145 +++++++++++++++++++--- 1 file changed, 126 insertions(+), 19 deletions(-) diff --git a/running-coreos/platforms/vagrant/index.md b/running-coreos/platforms/vagrant/index.md index 3dadbec74..eddc17398 100644 --- a/running-coreos/platforms/vagrant/index.md +++ b/running-coreos/platforms/vagrant/index.md @@ -9,16 +9,13 @@ weight: 5 # Running CoreOS on Vagrant -CoreOS is currently in heavy development and actively being tested. These instructions will bring up a single CoreOS instance under Vagrant. +Running CoreOS with Vagrant is the easiest way to bring up a single machine or virtualize an entire cluster on your laptop. Since the true power of CoreOS can be seen with a cluster, we're going to concentrate on that. Instructions for a single machine can be found [towards the end](#single-machine) of the guide. You can direct questions to the [IRC channel][irc] or [mailing list][coreos-dev]. ## Install Vagrant and Virtualbox -Vagrant is a simple-to-use command line virtual machine manager. There are -install packages available for Windows, Linux and OSX. Find the latest -installer on the [Vagrant downloads page][vagrant]. Be sure to get -version 1.6.3 or greater. +Vagrant is a simple-to-use command line virtual machine manager. There are install packages available for Windows, Linux and OSX. Find the latest installer on the [Vagrant downloads page][vagrant]. Be sure to get version 1.6.3 or greater. [vagrant]: http://www.vagrantup.com/downloads.html @@ -28,19 +25,22 @@ Vagrant can use either the free Virtualbox provider or the commerical VMware pro Now that you have Vagrant installed you can bring up a CoreOS instance. -The following commands will clone a repository that contains the CoreOS Vagrantfile. This file tells -Vagrant where it can find the latest disk image of CoreOS. Vagrant will download the image the first time you attempt to start the VM. +The following commands will clone a repository that contains the CoreOS Vagrantfile. This file tells Vagrant where it can find the latest disk image of CoreOS. Vagrant will download the image the first time you attempt to start the VM. ```sh git clone https://github.com/coreos/coreos-vagrant.git cd coreos-vagrant ``` -## Cloud-Config +## Starting a Cluster -CoreOS allows you to configure machine parameters, launch systemd units on startup and more via cloud-config. Jump over to the [docs to learn about the supported features][cloud-config-docs]. You can provide cloud-config data to your CoreOS Vagrant VM by editing the `user-data` file inside of the cloned directory. +To start our cluster, we need to provide some config parameters in cloud-config format via the `user-data` file and set the number of machines in the cluster in `config.rb`. -The most common cloud-config for Vagrant looks like: +### Cloud-Config + +CoreOS allows you to configure machine parameters, launch systemd units on startup and more via cloud-config. Jump over to the [docs to learn about the supported features][cloud-config-docs]. You can provide cloud-config data to your CoreOS Vagrant VM by editing the `user-data` file inside of the cloned directory. A sample file `user-data.sample` exists as a base and must be renamed to `user-data` for it to be processed. + +Our cluster will use an etcd [discovery URL]({{site.url}}/docs/cluster-management/setup/etcd-cluster-discovery/) to bootstrap the cluster of machines and elect an initial etcd leader. Be sure to replace `` with your own URL from [https://discovery.etcd.io/new](https://discovery.etcd.io/new): ```yaml #cloud-config @@ -48,7 +48,7 @@ The most common cloud-config for Vagrant looks like: coreos: etcd: #generate a new token for each unique cluster from https://discovery.etcd.io/new - #discovery: https://discovery.etcd.io/ + discovery: https://discovery.etcd.io/ addr: $public_ipv4:4001 peer-addr: $public_ipv4:7001 units: @@ -64,17 +64,44 @@ coreos: [Service] Environment=FLEET_PUBLIC_IP=$public_ipv4 ExecStart=/usr/bin/fleet - ``` [cloud-config-docs]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config -## Startup CoreOS - -With Vagrant, you can start a single machine or an entire cluster. Launching a CoreOS cluster on Vagrant is as simple as configuring `$num_instances` in a `config.rb` file to 3 (or more!) and running `vagrant up`. -Make sure you provide a fresh discovery URL in your `user-data` if you wish to bootstrap etcd in your cluster. - -### Using Vagrant's default VirtualBox Provider +### Startup CoreOS + +The `config.rb.sample` file contains a few useful settings about your Vagrant envrionment and most importantly, how many machines you'd like in your cluster. + +CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updates) with different schedules per channel. Select the channel you'd like to use for this cluster below. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes. + +
+ +
+
+

The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

+

Rename the file to config.rb and modify a few lines:

+

config.rb

+ 
# Size of the CoreOS cluster created by Vagrant
+$num_instances=3
+ 
# Official CoreOS channel from which updates should be downloaded
+$update_channel=alpha
+
+
+

The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.beta-channel}}.

+

Rename the file to config.rb then uncomment and modify:

+

config.rb

+ 
# Size of the CoreOS cluster created by Vagrant
+$num_instances=3
+ 
# Official CoreOS channel from which updates should be downloaded
+$update_channel=beta
+
+
+
+ +#### Start Machines Using Vagrant's default VirtualBox Provider Start the machine(s): @@ -103,7 +130,87 @@ Connect to one of the machines: vagrant ssh core-01 ``` -### Using Vagrant's VMware Provider +#### Start Machines Using Vagrant's VMware Provider + +If you have purchased the [VMware Vagrant provider](http://www.vagrantup.com/vmware), run the following commands: + +```sh +vagrant up --provider vmware_fusion +vagrant ssh core-01 +``` + +## Single Machine + +To start a single machine, we need to provide some config parameters in cloud-config format via the `user-data` file. + +### Cloud-Config + +This cloud-config starts etcd and fleet when the machine is booted: + +```yaml +#cloud-config + +coreos: + etcd: + addr: $public_ipv4:4001 + peer-addr: $public_ipv4:7001 + units: + - name: etcd.service + command: start + - name: fleet.service + command: start + runtime: no + content: | + [Unit] + Description=fleet + + [Service] + Environment=FLEET_PUBLIC_IP=$public_ipv4 + ExecStart=/usr/bin/fleet +``` + +### Startup CoreOS + +The `config.rb.sample` file contains a few useful settings about your Vagrant envrionment. We're going to set the CoreOS channel that we'd like the machine to track.

+ +
+ +
+
+

The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

+

Rename the file to config.rb then uncomment and modify:

+

config.rb

+ 
# Official CoreOS channel from which updates should be downloaded
+$update_channel=alpha
+
+
+

The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.beta-channel}}.

+

Rename the file to config.rb then uncomment and modify:

+

config.rb

+ 
# Official CoreOS channel from which updates should be downloaded
+$update_channel=beta
+
+
+
+ +#### Start Machines Using Vagrant's default VirtualBox Provider + +Start the machine(s): + +```sh +vagrant up +``` + +Connect to the machine: + +```sh +vagrant ssh core-01 +``` + +#### Start Machines Using Vagrant's VMware Provider If you have purchased the [VMware Vagrant provider](http://www.vagrantup.com/vmware), run the following commands: From 924d0f93259709ab372f5d209879844427ce6dfe Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Wed, 4 Jun 2014 13:40:46 -0700 Subject: [PATCH 0108/1291] feat(quickstart): remove systemd and add fleet section --- quickstart/index.md | 66 +++++++++++++++++++++++++++------------------ 1 file changed, 40 insertions(+), 26 deletions(-) diff --git a/quickstart/index.md b/quickstart/index.md index 8f085a3f5..d65eb79a6 100644 --- a/quickstart/index.md +++ b/quickstart/index.md @@ -15,7 +15,19 @@ CoreOS gives you three essential tools: service discovery, container management First, connect to a CoreOS machine via SSH as the user `core`. For example, on Amazon, use: ```sh -ssh core@an.ip.compute-1.amazonaws.com +$ ssh -A core@an.ip.compute-1.amazonaws.com +CoreOS (beta) +``` + +The `-A` forwards your ssh-agent to the machine, which is needed for the fleet section of this guide. + +If you're using Vagrant, you'll need to connect a bit differently: + +```sh +$ ssh-add ~/.vagrant.d/insecure_private_key +Identity added: /Users/core/.vagrant.d/insecure_private_key (/Users/core/.vagrant.d/insecure_private_key) +$ vagrant ssh core-01 -- -A +CoreOS (beta) ``` ## Service Discovery with etcd @@ -62,58 +74,60 @@ docker run -i -t busybox /bin/sh View Complete Guide Read docker Docs -## Process Management with systemd +## Process Management with fleet -The third building block of CoreOS is **systemd** ([docs][systemd-docs]) and it is installed on each CoreOS machine. You should use systemd to manage the life cycle of your docker containers. The configuration format for systemd is straightforward. In the example below, the Ubuntu container is set up to print text after each reboot: +The third building block of CoreOS is **fleet**, a distributed init system for your cluster. You should use fleet to manage the life cycle of your docker containers. -First, you will need to run all of this as `root` since you are modifying system state: +Fleet works by receiving [systemd unit files]({{site.url}}/docs/launching-containers/launching/getting-started-with-systemd/) and scheduling them onto machines in the cluster based on declared conflicts and other preferences encoded in the unit file. Using the `fleetctl` tool, you can query the status of a unit, remotely access its logs and more. -```sh -sudo -i -``` +First, let's construct a simple systemd unit that runs a docker container. Save this as `hello.service` in the home directory: -Create a file called `/etc/systemd/system/hello.service`: +#### home.service ```ini [Unit] Description=My Service After=docker.service -Requires=docker.service [Service] -Restart=always -RestartSec=10s ExecStart=/bin/bash -c '/usr/bin/docker start -a hello || /usr/bin/docker run --name hello busybox /bin/sh -c "while true; do echo Hello World; sleep 1; done"' ExecStop=/usr/bin/docker stop -t 1 hello - -[Install] -WantedBy=multi-user.target ``` -See the [getting started with systemd]({{site.url}}/docs/launching-containers/launching/getting-started-with-systemd) page for more information on the format of this file. +The [Getting Started with systemd]({{site.url}}/docs/launching-containers/launching/getting-started-with-systemd) guide explains the format of this file in more detail. -Then run enable and start the unit: +Then start the unit: ```sh -sudo systemctl enable /etc/systemd/system/hello.service -sudo systemctl start hello.service +$ fleetctl start hello.service +Job hello.service launched on 8145ebb7.../172.17.8.105 ``` -Your container is now started and is logging to the systemd journal. You can read the log by running: +Your container has been started somewhere on the cluster. To verify the status, run: ```sh -journalctl -u hello.service -f +$ fleetctl status hello.service +● hello.service - My Service + Loaded: loaded (/run/fleet/units/hello.service; linked-runtime) + Active: active (running) since Wed 2014-06-04 19:04:13 UTC; 44s ago + Main PID: 27503 (bash) + CGroup: /system.slice/hello.service + ├─27503 /bin/bash -c /usr/bin/docker start -a hello || /usr/bin/docker run --name hello busybox /bin/sh -c "while true; do echo Hello World; sleep 1; done" + └─27509 /usr/bin/docker run --name hello busybox /bin/sh -c while true; do echo Hello World; sleep 1; done + +Jun 04 19:04:57 core-01 bash[27503]: Hello World +..snip... +Jun 04 19:05:06 core-01 bash[27503]: Hello World ``` To stop the container, run: ```sh -sudo systemctl stop hello.service +fleetctl destroy hello.service ``` -#### More Detailed Information -View Complete Guide -Read systemd Website +Fleet has many more features that you can explore in the guides below. -#### Chaos Monkey -During our alpha period, Chaos Monkey (i.e. random reboots) is built in and will give you plenty of opportunities to test out systemd. CoreOS machines will automatically reboot after an update is applied unless you [configure them not to]({{site.url}}/docs/cluster-management/debugging/prevent-reboot-after-update). +#### More Detailed Information +View Complete Guide +View Getting Started with systemd Guide From a6f8d334fdc153e460e3a580c99ec65681547c5d Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Wed, 4 Jun 2014 15:47:30 -0700 Subject: [PATCH 0109/1291] feat(launching-containers): document fleet metadata scheduling --- .../launching-containers-fleet/index.md | 56 +++++++++++++++++++ 1 file changed, 56 insertions(+) diff --git a/launching-containers/launching/launching-containers-fleet/index.md b/launching-containers/launching/launching-containers-fleet/index.md index 7c817f0d0..0a0395027 100644 --- a/launching-containers/launching/launching-containers-fleet/index.md +++ b/launching-containers/launching/launching-containers-fleet/index.md @@ -143,6 +143,62 @@ If you're running in the cloud, many services have APIs that can be automated ba +## Schedule Based on Machine Metadata + +Applications with complex and specific requirements can target a subset of the cluster for scheduling via machine metadata. Powerful deployment topologies can be achieved — schedule units based on the machine's region, rack location, disk speed or anything else you can think of. + +Metadata can be provided via [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/#coreos) or a [config file](https://github.com/coreos/fleet/blob/master/Documentation/configuration.md). Here's an example config file: + +```ini +# Comma-delimited key/value pairs that are published to the fleet registry. +# This data can be referenced in unit files to affect scheduling decisions. +# An example could look like: metadata="region=us-west,az=us-west-1" +metadata="platform=metal,provider=rackspace,region=east,disk=ssd" +``` + +Metadata can be viewed in the machine list when configured: + +```sh +$ fleetctl list-machines +MACHINE IP METADATA +29db5063... 172.17.8.101 disk=ssd,platform=metal,provider=rackspace,region=east +ebb97ff7... 172.17.8.102 disk=ssd,platform=cloud,provider=rackspace,region=east +f823e019... 172.17.8.103 disk=ssd,platform=cloud,provider=amazon,region=east +``` + +The unit file for a service that does a lot of disk I/O but doesn't care where it runs could look like: + +```ini +[X-Fleet] +X-ConditionMachineMetadata=disk=ssd +``` + +If you wanted to ensure very high availability you could have 3 unit files that must be scheduled across providers but in the same region: + +```ini +[X-Fleet] +X-Conflicts=webapp* +X-ConditionMachineMetadata=provider=rackspace +X-ConditionMachineMetadata=platform=metal +X-ConditionMachineMetadata=region=east +``` + +```ini +[X-Fleet] +X-Conflicts=webapp* +X-ConditionMachineMetadata=provider=rackspace +X-ConditionMachineMetadata=platform=cloud +X-ConditionMachineMetadata=region=east +``` + +```ini +[X-Fleet] +X-Conflicts=webapp* +X-ConditionMachineMetadata=provider=amazon +X-ConditionMachineMetadata=platform=cloud +X-ConditionMachineMetadata=region=east +``` + #### More Information Example Deployment with fleet fleet Unit Specifications From a4dfbaef8559e969cafe380efb6863aa9bb9e6aa Mon Sep 17 00:00:00 2001 From: Alex Ethier Date: Sat, 7 Jun 2014 22:58:36 -0700 Subject: [PATCH 0110/1291] fix(running-coreos/platforms/vagrant): channel value should be quoted. When defining a CoreOS channel in config.rb, the value should be quoted. --- running-coreos/platforms/vagrant/index.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/running-coreos/platforms/vagrant/index.md b/running-coreos/platforms/vagrant/index.md index eddc17398..48f72632e 100644 --- a/running-coreos/platforms/vagrant/index.md +++ b/running-coreos/platforms/vagrant/index.md @@ -87,7 +87,7 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat 
# Size of the CoreOS cluster created by Vagrant
 $num_instances=3
# Official CoreOS channel from which updates should be downloaded
-$update_channel=alpha
+$update_channel='alpha'

The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.beta-channel}}.

@@ -96,7 +96,7 @@ $update_channel=alpha 
# Size of the CoreOS cluster created by Vagrant
 $num_instances=3
# Official CoreOS channel from which updates should be downloaded
-$update_channel=beta
+$update_channel='beta'
@@ -184,14 +184,14 @@ The `config.rb.sample` file contains a few useful settings about your Vagrant en

Rename the file to config.rb then uncomment and modify:

config.rb

# Official CoreOS channel from which updates should be downloaded
-$update_channel=alpha
+$update_channel='alpha'

The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.beta-channel}}.

Rename the file to config.rb then uncomment and modify:

config.rb

# Official CoreOS channel from which updates should be downloaded
-$update_channel=beta
+$update_channel='beta'
From 0c433566cbd9fef5e8caf531630f39f19178b16b Mon Sep 17 00:00:00 2001 From: Mohammed Naser Date: Mon, 9 Jun 2014 10:28:53 -0400 Subject: [PATCH 0111/1291] Added VEXXHOST Cloud Documentation --- .../cloud-providers/vexxhost/index.md | 158 ++++++++++++++++++ 1 file changed, 158 insertions(+) create mode 100644 running-coreos/cloud-providers/vexxhost/index.md diff --git a/running-coreos/cloud-providers/vexxhost/index.md b/running-coreos/cloud-providers/vexxhost/index.md new file mode 100644 index 000000000..3878fa01f --- /dev/null +++ b/running-coreos/cloud-providers/vexxhost/index.md @@ -0,0 +1,158 @@ +--- +layout: docs +title: VEXXHOST Cloud +category: running_coreos +sub_category: cloud_provider +weight: 5 +--- + +# Running CoreOS on VEXXHOST + +CoreOS is currently in heavy development and actively being tested. The +following instructions will walk you through setting up the `nova` tool with +your appropriate credentials and launching your first cluster using the +CLI tools. + +VEXXHOST is a Canadian OpenStack cloud computing provider based in Canada. In +order to get started, you must have an active account on the VEXXHOST +[public cloud computing][cloud-compute] service. + +[cloud-compute]: http://vexxhost.com/cloud-computing + +### Choosing a Channel + +CoreOS is released into alpha and beta channels. Releases to each channel serve +as a release-candidate for the next channel. For example, a bug-free alpha +release is promoted bit-for-bit to the beta channel. + +CoreOS releases are automatically built and deployed on the VEXXHOST cloud, +therefore it is best to launch your clusters with the following naming pattern: +CoreOS _Channel_ _Version_. For example, the image name of the latest alpha +release will be "CoreOS Alpha {{site.alpha-channel}}". + + +## Cloud-Config + +CoreOS allows you to configure machine parameters, launch systemd units on +startup and more via [cloud-config][cloud-config]. We're going to provide the +`cloud-config` data via the `user-data` flag. + +[cloud-config]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config + +At the moment, you cannot supply the `user-data` using the CloudConsole control +panel therefore you must use the CLI to deploy your cluster on the VEXXHOST +cloud. + +A sample common `cloud-config` file will look something like the following: + +```yaml +#cloud-config + +coreos: + etcd: + # generate a new token for each unique cluster from https://discovery.etcd.io/new + discovery: https://discovery.etcd.io/ + # multi-region and multi-cloud deployments need to use $public_ipv4 + addr: $private_ipv4:4001 + peer-addr: $private_ipv4:7001 + units: + - name: etcd.service + command: start + - name: fleet.service + command: start +``` + +## Launch Cluster + +You will need to install `python-novaclient` which supplies the OpenStack CLI +tools as well as a keypair to use in order to access your CoreOS cluster. + +### Install OpenStack CLI tools + +If you don't have `pip` installed, install it by running `sudo easy_install pip`. +Now let's use `pip` to install `python-novaclient`. + +```sh +$ sudo pip install python-novaclient +``` + +### Add API Credentials + +You will need to have your API credentials configured on the machine that you're +going to be launching your cluster from. The easiest way to do this is by +logging into the CloudConsole control panel and clicking on "API Credentials". + +From there, you must create a file on your system with the contents of the +`openrc` file provided. Once done, you will need to `source` that file in your +shell prior to running any API commands. You can test that everything is running +properly by running the following command: + +```sh +$ source openrc +$ nova credentials +``` + +### Create Keypair + +You can import an existing public key by using the `nova keypair-add` command, +however for this guide, we will be creating a new keypair and storing the +private key for it locally and use it to access our CoreOS cluster. + +```sh +$ nova keypair-add coreos-key > coreos.pem +``` + +### Create Servers + +You should now be ready to launch the servers which will create your CoreOS +cluster using the `nova` CLI command. + +
+ +
+
+

The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

+ 
nova boot --user-data cloud-config.yaml --image "CoreOS Alpha {{site.alpha-channel}}" --key-name coreos-key --flavor nb.2G --num-instances 3 coreos
+
+
+

The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.beta-channel}}.

+ 
nova boot --user-data cloud-config.yaml --image "CoreOS Beta {{site.beta-channel}}" --key-name coreos-key --flavor nb.2G --num-instances 3 coreos
+
+
+
+ +Once that's done, your cluster should be up and running. You can list the +created servers and SSH into a server using your private key. + +```sh +$ nova list ++--------------------------------------+-----------------+--------+------------+-------------+---------------------------------------+ +| ID | Name | Status | Task State | Power State | Networks | ++--------------------------------------+-----------------+--------+------------+-------------+---------------------------------------+ +| a1df1d98-622f-4f3b-adef-cb32f3e2a94d | coreos-a1df1d98 | ACTIVE | None | Running | public=162.253.x.x; private=10.20.x.x | +| db13c6a7-a474-40ff-906e-2447cbf89440 | coreos-db13c6a7 | ACTIVE | None | Running | public=162.253.x.x; private=10.20.x.x | +| f70b739d-9ad8-4b0b-bb74-4d715205ff0b | coreos-f70b739d | ACTIVE | None | Running | public=162.253.x.x; private=10.20.x.x | ++--------------------------------------+-----------------+--------+------------+-------------+---------------------------------------+ +$ nova ssh --login core -i core.pem coreos-a1df1d98 +CoreOS (alpha) +core@a1df1d98-622f-4f3b-adef-cb32f3e2a94d ~ $ +``` + +## Adding More Machines + +Adding new instances to the cluster is as easy as launching more with the same +cloud-config. New instances will join the cluster assuming they can communicate +with the others. + +## Multiple Clusters + +If you would like to create multiple clusters you'll need to generate and use a +new discovery token. Change the token value on the etcd discovery parameter in the cloud-config, and boot new instances. + +## Using CoreOS + +Now that you have instances booted it is time to play around. +Check out the [CoreOS Quickstart]({{site.url}}/docs/quickstart) guide or dig into [more specific topics]({{site.url}}/docs). From c68b8240c6b90e195505c743dd90897318819f1c Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Mon, 9 Jun 2014 11:07:38 -0700 Subject: [PATCH 0112/1291] fix(quickstart): update running CoreOS link targets --- quickstart/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/quickstart/index.md b/quickstart/index.md index d65eb79a6..55cc022ac 100644 --- a/quickstart/index.md +++ b/quickstart/index.md @@ -6,7 +6,7 @@ title: CoreOS Quick Start # Quick Start -If you don't have a CoreOS machine running, check out the guides on running CoreOS on [Vagrant][vagrant-guide], [Amazon EC2][ec2-guide], [QEMU/KVM][qemu-guide], [VMware][vmware-guide] and [OpenStack][openstack-guide]. With either of these guides you will have a machine up and running in a few minutes. +If you don't have a CoreOS machine running, check out the guides on [running CoreOS]({{site.url}}/docs/#running-coreos) on most cloud providers ([EC2]({{site.url}}/docs/running-coreos/cloud-providers/ec2), [Rackspace]({{site.url}}/docs/running-coreos/cloud-providers/rackspace), [GCE]({{site.url}}/docs/running-coreos/cloud-providers/google-compute-engine)), virtualization platforms ([Vagrant]({{site.url}}/docs/running-coreos/platforms/vagrant), [VMware]({{site.url}}/docs/running-coreos/platforms/vmware), [OpenStack]({{site.url}}/docs/running-coreos/platforms/openstack), [QEMU/KVM]({{site.url}}/docs/running-coreos/platforms/qemu)) and bare metal servers ([PXE]({{site.url}}/docs/running-coreos/bare-metal/booting-with-pxe), [iPXE]({{site.url}}/docs/running-coreos/bare-metal/booting-with-ipxe), [ISO]({{site.url}}/docs/running-coreos/platforms/iso), [Installer]({{site.url}}/docs/running-coreos/bare-metal/installing-to-disk)). With any of these guides you will have machines up and running in a few minutes. It's highly recommended that you set up a cluster of at least 3 machines — it's not as much fun on a single machine. If you don't want to break the bank, [Vagrant][vagrant-guide] allows you to run an entire cluster on your laptop. For a cluster to be properly bootstrapped, you have to provide cloud-config via user-data, which is covered in each platform's guide. From 2c2d7831d304ed581ae389f5f137fcce6fe6cc26 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Mon, 9 Jun 2014 13:47:25 -0700 Subject: [PATCH 0113/1291] feat(running-coreos): tweak intro --- running-coreos/cloud-providers/vexxhost/index.md | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/running-coreos/cloud-providers/vexxhost/index.md b/running-coreos/cloud-providers/vexxhost/index.md index 3878fa01f..70fb31ce5 100644 --- a/running-coreos/cloud-providers/vexxhost/index.md +++ b/running-coreos/cloud-providers/vexxhost/index.md @@ -8,18 +8,17 @@ weight: 5 # Running CoreOS on VEXXHOST -CoreOS is currently in heavy development and actively being tested. The -following instructions will walk you through setting up the `nova` tool with -your appropriate credentials and launching your first cluster using the -CLI tools. - VEXXHOST is a Canadian OpenStack cloud computing provider based in Canada. In order to get started, you must have an active account on the VEXXHOST [public cloud computing][cloud-compute] service. +The following instructions will walk you through setting up the `nova` tool with +your appropriate credentials and launching your first cluster using the +CLI tools. + [cloud-compute]: http://vexxhost.com/cloud-computing -### Choosing a Channel +## Choosing a Channel CoreOS is released into alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha @@ -31,7 +30,7 @@ CoreOS _Channel_ _Version_. For example, the image name of the latest alpha release will be "CoreOS Alpha {{site.alpha-channel}}". -## Cloud-Config +### Cloud-Config CoreOS allows you to configure machine parameters, launch systemd units on startup and more via [cloud-config][cloud-config]. We're going to provide the From 8ef5135ea83969e98dbd97895f7a553de9c3c80a Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Tue, 10 Jun 2014 10:13:00 -0700 Subject: [PATCH 0114/1291] fix(quickstart): fix typo --- quickstart/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/quickstart/index.md b/quickstart/index.md index 55cc022ac..57f5646bc 100644 --- a/quickstart/index.md +++ b/quickstart/index.md @@ -82,7 +82,7 @@ Fleet works by receiving [systemd unit files]({{site.url}}/docs/launching-contai First, let's construct a simple systemd unit that runs a docker container. Save this as `hello.service` in the home directory: -#### home.service +#### hello.service ```ini [Unit] From cc5c91e69de39c0f7fe1f3549c946ab993717d53 Mon Sep 17 00:00:00 2001 From: ppickfor Date: Tue, 10 Jun 2014 20:00:31 -0700 Subject: [PATCH 0115/1291] feat(sdk): tips for adding packages How to add new packages to coreos and some tips for working with emerge --- sdk-distributors/sdk/tips-and-tricks/index.md | 45 +++++++++++++++++++ 1 file changed, 45 insertions(+) diff --git a/sdk-distributors/sdk/tips-and-tricks/index.md b/sdk-distributors/sdk/tips-and-tricks/index.md index ee19b1780..45461c1ce 100644 --- a/sdk-distributors/sdk/tips-and-tricks/index.md +++ b/sdk-distributors/sdk/tips-and-tricks/index.md @@ -24,6 +24,51 @@ Using `repo forall` you can search across all of the git repos at once: repo forall -c git grep 'CONFIG_EXTRA_FIRMWARE_DIR' ``` +## Add new upstream package + +Before making modificaions use `repo start` to create a new branch for the changes. + +To add a new package fetch the Gentoo package from upstream and add the package as a dependency of coreos-base/coreos + +If any files in the upstream package will be changed the package can be fetched from upstream Gentoo directly into `src/third_party/coreos-overlay` it may be necessary to create any missing directrories in the path too. + +e.g. +`~/trunk/src/third_party/coreos-overlay $ mkdir -p sys-block/open-iscsi && rsync -av rsync://rsync.gentoo.org/gentoo-portage/sys-block/open-iscsi/ sys-block/open-iscsi/` +The tailing / prevents rsync from creating the directory for the package so you dont end up with `sys-block/open-iscsi/open-iscsi` +Remember to add the new files to git. + +If the new package does not need to be modified the package should be placed in `src/third_party/portage-stable` + +You can use `scripts/update_ebuilds` to fetch packages into `src/third_party/portage-stable` and add the files to git. +You should specify the category and the packagename. +e.g. +`./update_ebuilds sys-block/open-iscsi` + +If the package needs to be modified it must be moved out of `src/third_party/portage-stable` to `src/third_party/coreos-overlay` + +To include the new packaage as a dependency of coreos add the package to the end of the RDEPEND environment variable in `coreos-base/coreos/coreos-0.0.1.ebuild` then increment the revision of coreos by renaming the softlink `git mv coreos-base/coreos/coreos-0.0.1-r237.ebuild coreos-base/coreos/coreos-0.0.1-r238.ebuild` + +The new package will now be built and installed as part of the normal build flow. + +Add and commit the changes to git using Angularjs format see [CONTRIBUTING.md] +[CONTRIBUTING.md]: https://github.com/coreos/etcd/blob/master/CONTRIBUTING.md + +Push the changes to your github fork and create a pull request. + +### Ebuild Tips + +- Manualy merge a package to the chroot to test build `emerge-amd64-usr packagename` +- Manualy unmerge a package `emerge-amd64-usr --unmerge packagename` +- Remove a binary package from the cache `sudo rm /build/amd64-usr/packages/catagory/packagename-version.tbz2` +- recreate the chroot prior to a clean rebuild `./chromite/bin/cros_sdk -r` +- it may be necessary to comment out kernel source checks from the ebuild if the build fails -- as coreos does not yet provide visibility of the configured kernel source at biuld time -- usualy this is not a problem but may lead to warning messages +- Chromeium OS [Portage Build FAQ] +- [Gentoo Development Guide] + + +[Portage Build FAQ]: http://www.chromium.org/chromium-os/how-tos-and-troubleshooting/portage-build-faq +[Gentoo Development Guide]: http://devmanual.gentoo.org/ + ## Caching git https passwords Note: You need git 1.7.10 or newer to use the credential helper From f3b9e2a5e5e5d36a388bad87691005d115141865 Mon Sep 17 00:00:00 2001 From: Brian Clements Date: Thu, 12 Jun 2014 11:57:11 -0700 Subject: [PATCH 0116/1291] Update amazon ec2 cloud-config link in docs. --- sdk-distributors/distributors/notes-for-distributors/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sdk-distributors/distributors/notes-for-distributors/index.md b/sdk-distributors/distributors/notes-for-distributors/index.md index 9bd6a8c55..51e8a74ab 100644 --- a/sdk-distributors/distributors/notes-for-distributors/index.md +++ b/sdk-distributors/distributors/notes-for-distributors/index.md @@ -42,7 +42,7 @@ CoreOS machines running on Amazon EC2 utilize a two-step cloud-config process. F You can find the [code for this process on Github][amazon-github]. End-user instructions for this process can be found on our [Amazon EC2 docs][amazon-cloud-config]. -[amazon-github]: https://github.com/coreos/coreos-overlay/tree/master/coreos-base/oem-ami +[amazon-github]: https://github.com/coreos/coreos-overlay/tree/master/coreos-base/oem-ec2-compat [amazon-user-data-doc]: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AESDG-chapter-instancedata.html#instancedata-user-data-retrieval [amazon-cloud-config]: {{site.url}}/docs/running-coreos/cloud-providers/ec2#cloud-config From 79278fdb6c152032e91672d88ef487e96d55dba8 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 12 Jun 2014 16:57:32 -0700 Subject: [PATCH 0117/1291] feat(running-coreos): clarify cloud-config details --- running-coreos/cloud-providers/ec2/index.md | 4 +++- .../cloud-providers/google-compute-engine/index.md | 4 +++- running-coreos/cloud-providers/rackspace/index.md | 8 ++++++-- 3 files changed, 12 insertions(+), 4 deletions(-) diff --git a/running-coreos/cloud-providers/ec2/index.md b/running-coreos/cloud-providers/ec2/index.md index 1e0f3cadc..4e3881a20 100644 --- a/running-coreos/cloud-providers/ec2/index.md +++ b/running-coreos/cloud-providers/ec2/index.md @@ -76,7 +76,9 @@ CloudFormation will launch a cluster of CoreOS machines with a security and auto ## Cloud-Config -CoreOS allows you to configure machine parameters, launch systemd units on startup and more via cloud-config. Jump over to the [docs to learn about the supported features][cloud-config-docs]. You can provide raw cloud-config data to CoreOS via the Amazon web console or [via the EC2 API][ec2-cloud-config]. Our CloudFormation template supports the most common cloud-config options as well. +CoreOS allows you to configure machine parameters, launch systemd units on startup and more via cloud-config. Jump over to the [docs to learn about the supported features][cloud-config-docs]. Cloud-config is intended to bring up a cluster of machines into a minimal useful state and ideally shouldn't be used to configure anything that isn't standard across many hosts. Once a machine is created on EC2, the cloud-config can only be modified after it is stopped or recreated. + +You can provide raw cloud-config data to CoreOS via the Amazon web console or [via the EC2 API][ec2-cloud-config]. Our CloudFormation template supports the most common cloud-config options as well. The most common cloud-config for EC2 looks like: diff --git a/running-coreos/cloud-providers/google-compute-engine/index.md b/running-coreos/cloud-providers/google-compute-engine/index.md index 466d76789..065d3e6ec 100644 --- a/running-coreos/cloud-providers/google-compute-engine/index.md +++ b/running-coreos/cloud-providers/google-compute-engine/index.md @@ -15,7 +15,9 @@ Before proceeding, you will need to [install gcutil][gcutil-documentation] and c ## Cloud-Config -CoreOS allows you to configure machine parameters, launch systemd units on startup and more via cloud-config. Jump over to the [docs to learn about the supported features]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config). You can provide cloud-config to CoreOS via the Google Cloud console's metadata field `user-data` or via a flag using `gcutil`. +CoreOS allows you to configure machine parameters, launch systemd units on startup and more via cloud-config. Jump over to the [docs to learn about the supported features]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config). Cloud-config is intended to bring up a cluster of machines into a minimal useful state and ideally shouldn't be used to configure anything that isn't standard across many hosts. On GCE, the cloud-config can be modified while the instance is running and will be processed next time the machine boots. + +You can provide cloud-config to CoreOS via the Google Cloud console's metadata field `user-data` or via a flag using `gcutil`. The most common cloud-config for GCE looks like: diff --git a/running-coreos/cloud-providers/rackspace/index.md b/running-coreos/cloud-providers/rackspace/index.md index bf2464033..061e6e13d 100644 --- a/running-coreos/cloud-providers/rackspace/index.md +++ b/running-coreos/cloud-providers/rackspace/index.md @@ -68,7 +68,9 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat ## Cloud-Config -CoreOS allows you to configure machine parameters, launch systemd units on startup and more via cloud-config. Jump over to the [docs to learn about the supported features][cloud-config-docs]. You can provide cloud-config data via both Heat and Nova APIs. You **can not** provide cloud-config via the Control Panel. If you launch machines via the UI, you will have to do all configuration manually. +CoreOS allows you to configure machine parameters, launch systemd units on startup and more via cloud-config. Jump over to the [docs to learn about the supported features][cloud-config-docs]. Cloud-config is intended to bring up a cluster of machines into a minimal useful state and ideally shouldn't be used to configure anything that isn't standard across many hosts. Once a machine is created on Rackspace, the cloud-config can't be modified. + +You can provide cloud-config data via both Heat and Nova APIs. You **cannot** provide cloud-config via the Control Panel. If you launch machines via the UI, you will have to do all configuration manually. The most common Rackspace cloud-config looks like: @@ -93,7 +95,7 @@ coreos: ### Mount Data Disk -Certain server flavors have separate system and data disks. To utilize the data disks or a Cloud Block Storage volume, they must be mounted with a `.mount` unit. +Certain server flavors have separate system and data disks. To utilize the data disks, they must be mounted with a `.mount` unit. Check to make sure the `Where=` parameter accurately reflects the location of the block device: ```yaml #cloud-config @@ -108,6 +110,8 @@ coreos: Type=ext3 ``` +Mounting Cloud Block Storage can be done with a mount unit, but should not be included in cloud-config unless the disk is present on the first boot. + For more general information, check out [mounting storage on CoreOS]({{site.url}}/docs/cluster-management/setup/mounting-storage). ## Launch with Nova From 42a21870caa97cfce56e147bc1a42e8a49760f6d Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 12 Jun 2014 17:35:27 -0700 Subject: [PATCH 0118/1291] fix(running-coreos): stronger warning about docker usage and btrfs --- running-coreos/bare-metal/booting-with-pxe/index.md | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/running-coreos/bare-metal/booting-with-pxe/index.md b/running-coreos/bare-metal/booting-with-pxe/index.md index 7dc41862e..e7d4a400d 100644 --- a/running-coreos/bare-metal/booting-with-pxe/index.md +++ b/running-coreos/bare-metal/booting-with-pxe/index.md @@ -9,7 +9,7 @@ weight: 5 # Booting CoreOS via PXE -CoreOS is currently in heavy development and actively being tested. These instructions will walk you through booting CoreOS via PXE on real or virtual hardware. By default, this will run CoreOS completely out of RAM. CoreOS can also be [installed to disk]({{site.url}}/docs/running-coreos/bare-metal/installing-to-disk). +These instructions will walk you through booting CoreOS via PXE on real or virtual hardware. By default, this will run CoreOS completely out of RAM. CoreOS can also be [installed to disk]({{site.url}}/docs/running-coreos/bare-metal/installing-to-disk). ## Configuring pxelinux @@ -23,10 +23,12 @@ If you need suggestions on how to set a server up, check out guides for [Debian] ### Setting up pxelinux.cfg -When configuring the CoreOS pxelinux.cfg there are a few kernel options that may be useful but all are optional: +When configuring the CoreOS pxelinux.cfg there are a few kernel options that may be useful but all are optional. + +If you plan to use docker, `/var/lib/docker` must have a btrfs filesystem. This is most easily accomplished by using btrfs for the entire root filesystem via `rootfstype=btrfs`, although this option is still experimental. - **rootfstype=tmpfs**: Use tmpfs for the writable root filesystem. This is the default behavior. -- **rootfstype=btrfs**: Use btrfs in ram for the writable root filesystem. Use this option if you want to use docker without any further configuration. *Experimental* +- **rootfstype=btrfs**: Use btrfs in ram for the writable root filesystem. *Experimental* - **root**: Use a local filesystem for root instead of one of two in-ram options above. The filesystem must be formatted in advance but may be completely blank, it will be initialized on boot. The filesystem may be specified by any of the usual ways including device, label, or UUID; e.g: `root=/dev/sda1`, `root=LABEL=ROOT` or `root=UUID=2c618316-d17a-4688-b43b-aa19d97ea821`. - **sshkey**: Add the given SSH public key to the `core` user's authorized_keys file. Replace the example key below with your own (it is usually in `~/.ssh/id_rsa.pub`) - **console**: Enable kernel output and a login prompt on a given tty. The default, `tty0`, generally maps to VGA. Can be used multiple times, e.g. `console=tty0 console=ttyS0` @@ -38,7 +40,7 @@ When configuring the CoreOS pxelinux.cfg there are a few kernel options that may This is an example pxelinux.cfg file that assumes CoreOS is the only option. You should be able to copy this verbatim into `/var/lib/tftpboot/pxelinux.cfg/default` after providing a cloud-config URL: -```ini +```sh default coreos prompt 1 timeout 15 From 2b076304bfb40a1491fc7480b89cbbd25929c0a4 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Fri, 13 Jun 2014 13:48:44 -0700 Subject: [PATCH 0119/1291] feat(cluster-management): clarify updates after switching channels --- .../setup/switching-channels/index.md | 4 ++++ .../setup/switching-channels/update-timeline.png | Bin 0 -> 8665 bytes 2 files changed, 4 insertions(+) create mode 100644 cluster-management/setup/switching-channels/update-timeline.png diff --git a/cluster-management/setup/switching-channels/index.md b/cluster-management/setup/switching-channels/index.md index e30707ce6..99fa397c9 100644 --- a/cluster-management/setup/switching-channels/index.md +++ b/cluster-management/setup/switching-channels/index.md @@ -10,6 +10,10 @@ weight: 5 CoreOS is released into beta and stable channels. New features and bug fixes are tested in the alpha channel and are promoted bit-for-bit to the beta channel if no additional bugs are found. +By design, the CoreOS update engine does not execute downgrades. If you're switching from a channel with a higher CoreOS version than the new channel, your machine won't be updated again until the new channel contains a higher version number. + +![Update Timeline](update-timeline.png) + ## Create Update Config File You can switch machines between channels by creating `/etc/coreos/update.conf`: diff --git a/cluster-management/setup/switching-channels/update-timeline.png b/cluster-management/setup/switching-channels/update-timeline.png new file mode 100644 index 0000000000000000000000000000000000000000..2e2ec35beeac0da1c46274a576df5164e023fd71 GIT binary patch literal 8665 zcmbW72Q=GV{QuMHq^hbYszxKRsl91SCDg1vi;Bi3Mr%a-w5qD8pf)X0Gt{2pc~D!B z){IdzVphb6`H$y$e!t)Opa1Xt&+q(lPS*F_dp~!6?(4okH_}jFn~|QA9smF^LLr*Q z0Ki#$+V74_7igbgRyj`E*Ez&}sL3VTE9BDCceMYPy&;we0D$58>H7?R5_w2_c*{@A z!tb#c%rDTv*BNl{sh6WO??bq+bD)>68-n-2W4Wcq@(;9htf%Q7_&PiI!M!|rP2e8R z06B@f(h_%NbZz9gc3LVxe3qR6@hY3hV_er9>3Gmx=e9n z7Q6niyb|aT__*S)zhvH=qi-EAZe+IgD1H;&Vfo+*>lcjaYP;;m)%s1|wCJ>l_jrel zAGMef)WR{v+mAj+*T8KgfAL)|>v&0A<>^PXyOi`Fg>ESBW^N&&=F*4_MdE=ml}wY3H7+9KRI%(YjSRF@h9KZ+ z_i^x3&jJ9Q*SgpN0FAehCfXw@P4amF;3FSO0swevfMrzebfLP>K=j)#*_t7S5h4QX|+a3e5{LCIu#KITK8kYkJTKpe>lhDIL}8u0WJx zHBBMZ_xelF;k+&nZk@0Et9KZZ>W7Pdn`f3XR*RlPeVRA>c2*c+om98({3lgRVlm{* znx)mz8-!;f`a4W6HPnY5)9YcoSf6x;Sc8T%z1+ElI-#>vRrzLzAHLQ7`00OELO_d5 zD_=3t7>`DSi!#-Dp|Akm+Y7?kQZ@c5D|Q#sr^&RI7bcH!N^{9q#52|(k3h$-m6+*p z##0J1S-)v?PYgSk1ao*JjSO_Vl2RreVFxW-t}-hkQmN5iu%cdfmr>8W6pYRo>~S

_$!USXZS-1|mX0Rf3dQm;?fbeoI;q{o_BXU@wEG zDABwXal-zF&nLXeb(z!r4fF=HcHODMh9;MCCsZUx?gg}3i@rf z6SzMCi4&=X3TZ&q#q^af&MSPIN(rKfscgY+v4CbVe`atyu1+tK$PaBm^_#A-G?#vg zDD{HYV>1vFJ&1eOyRnTcnZ%6{iQiM1m}kVAcd1sc{FHOH)``!YtFPI-YyKvD43bvn zhd0B(aSaR8zj9`XM$*Bfit?uZqudVDu3Yo+)tUL*Q4vjL7Raj)@vNwr)Um6?iRar_ zadiT)Y6Cp!_s{Bkx)*$n7puh)lRYoDqUuxkYp+S|Y)4OB;)9Nhp0uZZl(}ASGB*;~ z4OaCj9b(*E`O*Oo9^HKbU75`+4BG5-*TEm*>M~}CKW}4{w(GwXeyGTFGc5VJ|E9|N z>hgrdFNovWg%_&!VwHpoP-|eHd4_=@CY!jD?%l+LSs!E!yHR>M=~YKRV;*puTgbBC zyu>3TuW`k$GLw0VP{F!($Y#{4XusK52x2M4ph_4X1SkWKKD*itSwSTrO0(%j!0YKo z&{)t8cf9?!eAD)Q?4CgEQM`4 zNg{i+jPwjrE52h~czR1(yswcO(8WXtQsvq;HeCz$A8K;B@9Q(g?`NtHthwA#dk={m zCrOf;hIRf@22Q5$y~u$vDGrO!DkFNuKDKQE{;^h$;7OQOa3EZ!qOa)Dv%6`|7;Ri% zw?*xMvMymWT!2R_zqb-X$Ws-3%lFvCW8jOe_h!bG8vDPte3vEK{){)QtxvjFYaxO< z2{YO_VIi{1`a2gy?lC>`%@-ZzBkdOwLHM1-=AQvF$T!4s9r1KT!~>?mAnN>PU*$Pb zpw<>k>7?ih!w;Q0*bw;8H#$7|U>S(SRC6g^Gk`H-qgDjgO8q@&XC@>yKl(kYU^$W% z;sNSN0BsKhR7ai>va9@)FKpg}n)ieOl&#zd*+bZ+UVANd0d-E_*N0lRvOcsG+Bz?? z9#@d0>DOg3H0KIs0?&@@pR+{#(TG^rfV6;ss%B0nM1RldM5<7vp=;f;X&bcxZ_kVj zkzPn*;-Du6_$WyD;8j8D{Ux6k$Qx0iGdGKXm;|21hoSvlOr^awi=RA%G_51ZCmX-} z{Zujo$3O2DUGtZy|NUw<|L_DolW@XP<&BIh9Lp>X>e9uY^T6PmXYcsiLv>quis$cS zzESv+U@i7$lbq-};j9cIr7D$rBpJ+RdX?Guudp7E*`q1vDN3&Ll_iB4;2Uq>{&;h{ zHwtLW^7f`3is!a?FM7kX0D1B@Oka5+_yXq?zw<{zec^foa5A}ktjy|w$#=4c_bzeI zJ9$KTy!$xa{wMyYF$+1Wja#-NkHvhAv8Oq%ME6P+HrpG#^ZRS)BjmfhI9t@!)G_j& z9voJ5{qn$z&DV3NOapiJz=LUv?XIU4hmL{p%u5Rs;_8;oiM|=&pTQ4wSvRV*axzfJZt(UA^svCqAdu|2!3}?0`WJavmU%Mvot>+DAfHgIhK6 zKGZ76)o^(;m7f9pk6^cxnuWd1Uw18TZpwFo`8Ll{g{ZlluI)@&{F(kl2_c^xG_kOn zt4Q|iZB!wY>QF#uS~?_V&K(OHC+R_VhxXAwpbZYyzdL*@LduW7p*yZ`Eqlg?F<}zz z@lI)n6ZKUyjqM$y;IO7()n2+4@ z&2u9cvFpwQOW06|?Bb#?auCuJmGkCyDJx@8*z(R*Sp{THX71Zf>#-8+h2@8b`r{ZD zEem4L;ZRhtt)p#*WEWDqyyLIluMa4E+_RFLmDr?j#@wo?z$8N$M*%ez` z<2Ee$2esj1`f@~D5l?QFKjTQ3glA)S;jkfsI4m_T(Y$Vip(cgqa`_u5h{Lmau1h?( zRcdAuEPEzAAR5#pX{c&H6Tg^9-l`w&w$}^PGM%l`Id=Sbut0QP{p1(AcY}-RBt5QK z@5k2BPlg``s`k<2N}fHn;JbJ4y||C`nJxHjK!Q?>B5SIGsx0i3Fb#+2c_iMnVoV~Z zTwZj}VKWqlU#PCW_#1v;r2*%B+130(UcZr}y>dM#PCU^y3}G7aS(+nn7&tvIhw;t< zS8u8^lTtn0pe%fU1?dw(JR1=BNYhPEw}(l~YR)hprs>{rXs3P6Gy$gw8p?6LqU`wb z7HY#Z-wc5*c_ZD$lWJRvX-oB3NmL44KxiR-hEinDwC3*AFj`m#7Oh`wdEHjj?6+`u zHsi@CGo9>e@{L8f3P?R`$py7u?4yNOqgIXVA0JH_w8lW;9^7_8`ljZ7;SR|wY8HkH5O3LQlOdOQ$yq{>~qb59%Q15n;`KC&Wfx8_V~c<2Xb|zJR-5n53)`)W)E~>A1^Z6TgoBCr!m&L`hsJXJ-7>SaQbnKhdDqG)M9e#@g8X z0A$oV#s7{|2dcZex@XN{QJUuOX?-D#ZrUoc(PDLlTj#V}Rc^;jv>xwj!J=tauOdi1k? zOw!5YPh}Cl`CfKDJ;ONXA}@|voMNc!(yUk5O3Tc~3H4A>;<#^MmIVwH!hdHsSRwaJ z|BO&SEH*3NV@ezxj2}9X;-j_tMjCgm$p)A!nmshi@id#^qGiU zo1PBsY6SCS6){L8?5xJ6$2U;~NOySR-bUn}XFwN~psL;Dj@LKPYlI_2zX~E8Ny#~h z52PC1o?N8{-NTznH{?cjtO`pji^5CMc>1{ZuYjYs}vnXTGFrB?`x)`%qW?=4vNz1TB>K z;{<~1J$nii!X<4vy8Rq|r^tm8Yc}rA!S>ty>*+ONij~g@VRoMt5$Hi9QVx#?k|^tj zE)BCCZ?xQB4^(FlCFxoNvBQ{hF}p^Er0+73gz0+OnPYKizwUk}`Y2jXt|9{!02vo1 z!Ju0LYrZ&-!f`)1B()mt;RMqKs)9&P-Dm$wYK$OSI8S<*-T@ z$Q)Tncl)Yc@*~-2a+#ZE{fpS`L_gbi(jZbFsGA9pD|L9Jo>lsVk2Dp`#Uwji?(ka1 zC5AG`6IR@iONSfrAt&DS4dGXj1*ua;JF68qd~wmb^%Bm_9yHpI^Z?DXu!j?`Dia?* zz=NT8P$dSDRoQjpeqyjmCz-lFGpKpQ$c<{%$BAtVu7as{p8`3`6U;;5L`M8f)cma&uGB0JE@i4UnptKW5;*RN+_!KUX6cc z*bg8kAx+h~N&=)OWGHR&bvZOuhtKpKk+HDdo?UNl%oI*h-V-KOA&`Mfag~E5eaJlw zDb_9<_g$nEOauv)$6%j4S4i4lWR*Aj6cCe`+Y}z9tSW}x(m!a8*=SPUT3erNXc&$v zM;`5$+>Wiqbl6rti(ABHr0plmd)f7kq>h!?atqi;@^wU^pwTI7k5|l9OA=+q9GQ1? z>uJYdg*Hsh+M7d7s(z`ry8z63_Nfsbub|(Y+Wf>}*!)r7;UG>WKn5!sL90TI``sk-gE_4) zLAmnqBs|ehps&|U$L8KBPVDw4P}8)POM^eT^|>@VUGkW>g}XmA)-k{_3H`cD>xt#y zZ2&HCC(zw$qe&!mw_%NEzK$5uKemvBa9{~4`7!U-fYYnYid$lR&ysPMdfp-)ic5sa zIm712=9_D-PRYJl^by~yRFu7ntZ8yB@--S8S(_)o?dl^~PD;+W)T93as+93A@z%JW z+hc%WMnT$fABUcSu7Rqo+uk>L^IkZ`C2TQ5+`J^D`as|utfx3iTya_$sOE&LGm^Gu zwI3Xbc9O3<`i5rBXj^MPEMs%btu~VHzNWRt)W>r$fM zPe#}*Gt$#PkSzcSwMSwVMM|y$moq?i+cCB-2L<|bu)0w=ro8-@FaYAhj`iAK!<;Ns zP6hW%l<(*8$Tn~N{zm!r8b4Nn2dh&t-4B?sW(6iDD`))Zl75~AT$qaNk8RwZ+6Y}N z*3UqxZC)n1*~cTPJ>$xaN7a-C30)W5UY1BA#6acl4QLYVv15W|ji$wDCk?jD0ARj9Aiq)J(bKuM3^uW761{btkH0L;pHl%2N(#Ms{hRd_S1p z9V!+5X%Hs7HX#%`$Axcvfy}9JIYJ)_qQtS3V$XUKRP}g|9T;ka=Yi~-qmF5ZR)Qz+ ziF3oC-`H$*l!G=v<4faligMWTiCyaRHS@5&QBuVTxg9QMCz_$Oz!Sx$w=(W#Kf)cj zI)vR7$EY0dsj`yHSxF+OCQ-Q6ard6r-E)z49Qlu!Cr7%5VgQm$sQ9Hjq_fZyBRm~y zQ8y@?e=>d|vpHqyLQvB{b@`-5B5lj}ESob!2MXgKkfV^=C^c^C`TAha8uoXD=~Mbh zUgLvKCsEX((;v_?7YKA>DZ1>!007Yh-38hI10AbdZ-~EI6?mY`%c@Ev9Fqb_SSez6 z{U`)@w58JX+L4bY%<*bz?Wdx{KFVn0j}+N2p1)7q-ZeaeTSp8Y9@9fUJDuurKX;}D zuy^2f=ptWn2Kql}4Dymw7#}OZy*0i3gZk-$*1gkAq1vq@ZoXpY>0h5F*gxhAInpS} z)o?JeATj_9&AJE-L)W29-P6wxShWTVGui3Gwfkw3;I{3xCViq6{f!H!0^zn8gS~xU z)eXTbD2YmpySyQddLpgIYd4p7)VmZsX`b`%mgjqE?d`X!Fua=OrM2PnTgd)5wC+(& zkT`MnGw*5FgXGex30YgpVQb zX){eC56A6dJDC)brTj-SME)-trzI&&vkM&6hm?+toHqXLY1`gF>UHq!^TF6Av91Mc z{u_+60zd!cC&_1jdmjoEOQ3+s@`FfAd|08kHJ=}c{O|=pf?2My5%8!9Z3LCq-LFKe zf272qw^>QSU2D{=NYCW7K$-^HIp(FiFH2=zojZvNGtPK^X7Y421RH2|62md6H}k{Y zkl*hO%Bm8Jj0=7Xj^;deZg?f^6RA7V(tgBE?bUh9Jjv-257*w zkhPol`}CWDq}$XNPc%mEu3iENRumN?)j%|aQO7{kaZL(>bhQ3nBeFNz$LIN}^dz79 z9jTK^u0fjTImr`sVp=eqZkz=Xr~?^EfocyKDTd=R?;%#aqzcq9)C&825snonl?ret zP}Jv%!5ImZ1T;2|()<>;jr8%q6LdOf3PS{t_qv--Ej(-IO=Ja>UxTu1;^l#%k4cf{RST%&BD6aFt}mq{GCSqs07D8T zBpm4QV7A~6s)?AM*3FMJwe*am2th|6G=bGS`xc=Ukz<)u#Q5684A9v!hw}7tYG$S; zuBj6yX91-0W$HLDTz8ge09E3?{^e`(*mY^b7?iJf_1mFlcisZ=OmPCm4BT-JFfUPT zJgq;=+Ms%iZmCX`7{ZOfMYpRbkNrUH^w>`kK2*&NvPp9#`e6{B3Y!#>Z>Z&49E@kXG zG#0vV(HM*H)Qf&@Er9XLw$Y8>1fG(bPC}Vy?|^d617gqtK4#E6Eof~}lN<2)5z+v! zWvhVGnz3kT@D~02)dncyenv(;H%G zf(#%0#VGi;)uSjdapD!|eT@-5a^OKgI64~k>CqDBcN-DXv)4{C6JPHIQ^HBzhF^76 z=fz6*KVdT1CG66B@N8||OSLQe6bmgkm)QX5r>+qlnhY5a?44d7i>74;I>Ovtr z^U%_;Y7k}TQ72er&SxVQvHlI=DRb8WsfphfDl@M%#Ch;l-?s!M++25;`WwOY`gWdu z5eFDvC_126XcUS@aD&qk(zQjGI=5Ubnj)TI4$tjp zuK4%1UB50?a}kg*AP^cP%4_P0Xi7(1>~&8%O#d49n_@8pb0XISL0GTX9--FbH?*wz z)YHwm-6ndU!gQ4~q=(#l#o-02<#IRlB$QPXsjhs|xOBBD(VpiFZzB@5L$}^@5wO95 zU!%A&_RV$&yBqydK%a{$>ySA;D}3K>NZj}f!#Q!<2>?OF>4o;D$(Js=^|_CfG+E53 z>Bj)Y{Bc$Iq6&LFO38=))ly8n(+9Lk>4^E7^!KX6 zRc>{5LcSt|KwxlAvD5XyKj)@`H!k~^b}Vnl#l_{?Dw&myr_|cU6XUz?c6doqYKdB z*1PQs;A5VDq3GGq+cQ-d4`2+yQ05|+7pkZ1rAZ=e!!|KsWY6wyh3Td#vafM?*`{P5 ztuou}11NTI^B?Zf&U0R(G&y%5Wx1WPS6U_wuqx8Gs)@rr($T84f#`7>i%|L3{kW*D zCU-c`wQ>KdP3-2UQom)CY;S)>v%b$R5i7UK4*+?NP`;;^x^APgD@UyKG+LyXJ-~Kr zZL5-Iu9lYGtN`?TO2Fw(pLvyO`#WvHODo@fZ-zWBP|1cE`O*l-kBUZ zDvh!;XgmyhzHSFi3io*RXnSEOrt@K*x$^OmknL!0_Gg38XJ3$UfgFI(&mc`Y#Xo2c z5>OdK;|y9rOg1A#%cw2qNvyt}zWyTK|Dnx40)VG_n+N;pPX51&sk!b?#n7@Y-TI%E z(AU=h0PGv&8h15Z(ir)MzP`^$%V?a!aZ+Y@v&g)3@#sU->AwH}3*-GSB7do;J0V3v zI*Ke#H&8HCWKOg__vDk#jm;WXnl2)8MVS^${J&#`{~9q@KD(5nlZy&uHq@{Ye0%S2 zxcGnLjnCp!q8Dx7-qTP%Q$ZW!o0nkKKYHbIRcg@DbE0sHO?8~(?n{zK0XiZB@wjV5z*dMfQyJRo zCcW8;kdN4)xw#xuLX0A@y%o`ls)i`dq!TQ2-bKu=vG^oGtkT}qff8n(GHi3`-ma+^ zvo6ri2{_vwlPLjs{WJ~TfPdTE(wNQO5}T%c6GiZXffra3b5Z(W$JK;N<- zrVw_g1dJ=}(hY3o>j-3b^PYlbP) z#1n=;f7RLIby0;Ze_(KR&rL@LCBd%Ih;{FxGc@14)!e(7LfTj>YKs0K{e5u4vVtpYbC+8AEvxxXIyswHY5fMb}E_ zAKT9y!ai5hAn!`HKk6z7srF@yB{P?dRUWcSFi=53Tj`-4u5IsQ^rJdm1&EIn$ zI8O&HpV*>leHHv^=9xw8g|%}U6j}$`1a>opeix6=qG0Xu98h@>OQFThYMZp=2pJ*x ziy@eGpZfy^+7Kj7A_rB`+>ND!%P6^sb@9F}b9cQ$*%2S~ zVxPM+zgg;hdg=3qDzdpiOizCwD#b&`=B{O_+R%c+wQ(mi>u#oLxyP||RpXamn$N8N z1_b3A7syQI_a|E>B#Wy3es9JDojqZ@z}C}v>0G?_Vk(p0IH?0S#tl$AO8n50Q|uK literal 0 HcmV?d00001 From d0ce6f898d0376e63c1f7f8e3a41523540bb81fa Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Fri, 13 Jun 2014 23:30:47 -0700 Subject: [PATCH 0120/1291] feat(running-coreos): clarify cloud-config handling --- .../bare-metal/installing-to-disk/index.md | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/running-coreos/bare-metal/installing-to-disk/index.md b/running-coreos/bare-metal/installing-to-disk/index.md index 1580f2151..4a81d56ae 100644 --- a/running-coreos/bare-metal/installing-to-disk/index.md +++ b/running-coreos/bare-metal/installing-to-disk/index.md @@ -61,7 +61,10 @@ For reference here are the rest of the `coreos-install` options: By default there isn't a password or any other way to log into a fresh CoreOS system. The easiest way to configure accounts, add systemd units, and more is via cloud config. Jump over to the [docs to learn about the supported features][cloud-config]. -As an example this will install a ssh key for the default `core` user: + +The installation script will process your `cloud-config.yaml` file specified with the `-c` flag and place it onto disk. It will be installed to `/var/lib/coreos-install/user_data` and evaluated on every boot. Cloud-config is not the only supported format for this file — running a script is also available. + +A cloud-config that specifies an SSH key for the `core` but doesn't use any other parameters looks like: ```yaml #cloud-config @@ -70,11 +73,10 @@ ssh_authorized_keys: - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC0g+ZTxC7weoIJLUafOgrm+h... ``` -Pass this file to `coreos-install` via the `-c` option. -It will be installed to `/var/lib/coreos-install/user_data` and evaluated on every boot. +To start the installation script with a reference to our cloud-config file, run: -```sh -coreos-install -d /dev/sda -c ~/config +``` +coreos-install -d /dev/sda -C beta -c ~/cloud-config.yaml ``` [cloud-config]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config From c40db785f23e9590088f2ab24dd1c65326b10c5c Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Sun, 15 Jun 2014 19:30:58 -0700 Subject: [PATCH 0121/1291] fix(running-coreos): fix typo --- running-coreos/bare-metal/installing-to-disk/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/running-coreos/bare-metal/installing-to-disk/index.md b/running-coreos/bare-metal/installing-to-disk/index.md index 4a81d56ae..953af4dc5 100644 --- a/running-coreos/bare-metal/installing-to-disk/index.md +++ b/running-coreos/bare-metal/installing-to-disk/index.md @@ -64,7 +64,7 @@ Jump over to the [docs to learn about the supported features][cloud-config]. The installation script will process your `cloud-config.yaml` file specified with the `-c` flag and place it onto disk. It will be installed to `/var/lib/coreos-install/user_data` and evaluated on every boot. Cloud-config is not the only supported format for this file — running a script is also available. -A cloud-config that specifies an SSH key for the `core` but doesn't use any other parameters looks like: +A cloud-config that specifies an SSH key for the `core` user but doesn't use any other parameters looks like: ```yaml #cloud-config From ce2c7f243bc0b5ca18a3ae913d5d3d9cde80b712 Mon Sep 17 00:00:00 2001 From: Brandon Philips Date: Tue, 17 Jun 2014 14:42:35 -0700 Subject: [PATCH 0122/1291] cluster-management: add an ssh customization section --- .../setup/customizing-sshd/index.md | 39 +++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100644 cluster-management/setup/customizing-sshd/index.md diff --git a/cluster-management/setup/customizing-sshd/index.md b/cluster-management/setup/customizing-sshd/index.md new file mode 100644 index 000000000..b88de5043 --- /dev/null +++ b/cluster-management/setup/customizing-sshd/index.md @@ -0,0 +1,39 @@ +--- +layout: docs +title: Adding Users +category: cluster_management +sub_category: setting_up +weight: 7 +--- + +# Customizing the ssh daemon + +CoreOS defaults to running an OpenSSH daemon. In some cases you may want to customize this daemon's authentication methods or other configuration. This guide will show you how to customize using `cloud-config`. + +## Customizing sshd with Cloud-Config + +In this example we will disable logins for the `root` user, only allow login for the `core` user and disable password based authentication. For more details on what sections can be added to `/etc/ssh/sshd_config` see the [OpenSSH manual][openssh-manual]. + +[openssh-manual]: http://www.openssh.com/cgi-bin/man.cgi?query=sshd_config + +```yaml +#cloud-config + +write_files: + - path: /etc/ssh/sshd_config + permissions: 0600 + owner: root:root + content: | + # Use most defaults for sshd configuration. + UsePrivilegeSeparation sandbox + Subsystem sftp internal-sftp + + PermitRootLogin no + AllowUsers core + PasswordAuthentication no + ChallengeResponseAuthentication no +``` + +## Further Reading + +Read the [full cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/) guide to install users and more. From 9d111937c47860f8dc25e252ecdd271120f3f2c4 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Wed, 18 Jun 2014 09:47:59 -0700 Subject: [PATCH 0123/1291] fix(cluster-management): fix title --- cluster-management/setup/customizing-sshd/index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cluster-management/setup/customizing-sshd/index.md b/cluster-management/setup/customizing-sshd/index.md index b88de5043..9e785a593 100644 --- a/cluster-management/setup/customizing-sshd/index.md +++ b/cluster-management/setup/customizing-sshd/index.md @@ -1,12 +1,12 @@ --- layout: docs -title: Adding Users +title: Customizing the SSH Daemon category: cluster_management sub_category: setting_up weight: 7 --- -# Customizing the ssh daemon +# Customizing the SSH Daemon CoreOS defaults to running an OpenSSH daemon. In some cases you may want to customize this daemon's authentication methods or other configuration. This guide will show you how to customize using `cloud-config`. From 95d439ea98b1a8b43b88cf7a86c1428fe5912970 Mon Sep 17 00:00:00 2001 From: Jonathan Boulle Date: Wed, 18 Jun 2014 12:34:29 -0700 Subject: [PATCH 0124/1291] fix(launching-containers-fleet): add -rm to docker run command --- .../launching/launching-containers-fleet/index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/launching-containers/launching/launching-containers-fleet/index.md b/launching-containers/launching/launching-containers-fleet/index.md index 0a0395027..8f41d2abf 100644 --- a/launching-containers/launching/launching-containers-fleet/index.md +++ b/launching-containers/launching/launching-containers-fleet/index.md @@ -66,8 +66,8 @@ After=docker.service Requires=docker.service [Service] -ExecStart=/usr/bin/docker run --name apache -p 80:80 coreos/apache /usr/sbin/apache2ctl -D FOREGROUND -ExecStop=/usr/bin/docker stop apache +ExecStart=/usr/bin/docker run -rm -name apache -p 80:80 coreos/apache /usr/sbin/apache2ctl -D FOREGROUND +ExecStop=/usr/bin/docker rm -f apache [X-Fleet] X-Conflicts=apache.*.service From 27d1491626c9f0d3a967a668cc535b02995ddc97 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Wed, 18 Jun 2014 23:14:45 -0700 Subject: [PATCH 0125/1291] fix(mounting-storage): run mount unit after formatting unit --- cluster-management/setup/mounting-storage/index.md | 1 + 1 file changed, 1 insertion(+) diff --git a/cluster-management/setup/mounting-storage/index.md b/cluster-management/setup/mounting-storage/index.md index 8908e652a..eed56639c 100644 --- a/cluster-management/setup/mounting-storage/index.md +++ b/cluster-management/setup/mounting-storage/index.md @@ -54,6 +54,7 @@ coreos: [Unit] Description=Mount ephemeral to /var/lib/docker Requires=format-ephemeral.service + After=format-ephemeral.service Before=docker.service [Mount] What=/dev/xvdb From ae7ab96aad103437cbdf27e538d7932d5ea89a58 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Wed, 18 Jun 2014 23:19:29 -0700 Subject: [PATCH 0126/1291] fix(launching-containers-fleet): more complete substitution instructions --- .../launching/launching-containers-fleet/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/launching-containers/launching/launching-containers-fleet/index.md b/launching-containers/launching/launching-containers-fleet/index.md index 8f41d2abf..b5b3747c9 100644 --- a/launching-containers/launching/launching-containers-fleet/index.md +++ b/launching-containers/launching/launching-containers-fleet/index.md @@ -92,7 +92,7 @@ How do we route requests to these containers? The best strategy is to run a "sid ## Run a Simple Sidekick -The simplest sidekick example is for [service discovery](https://github.com/coreos/fleet/blob/master/Documentation/service-discovery.md). This unit blindly announces that our container has been started. We'll run one of these for each Apache unit that's already running. Make two copies of the unit called `apache-discovery.1.service` and `apache-discovery.2.service`. Be sure to change all instances of `apache.1.service` to `apache.2.service` when you create the second unit. +The simplest sidekick example is for [service discovery](https://github.com/coreos/fleet/blob/master/Documentation/service-discovery.md). This unit blindly announces that our container has been started. We'll run one of these for each Apache unit that's already running. Make two copies of the unit called `apache-discovery.1.service` and `apache-discovery.2.service`. Be sure to change all instances of `apache.1.service` to `apache.2.service` and `apache1` to `apache2` when you create the second unit. ```ini [Unit] From 9ed08a2673e9bcef77f2bce6beb7546ad44d6f8e Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Wed, 18 Jun 2014 23:24:04 -0700 Subject: [PATCH 0127/1291] fix(vagrant): forward ssh-agent when connecting to machines --- running-coreos/platforms/vagrant/index.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/running-coreos/platforms/vagrant/index.md b/running-coreos/platforms/vagrant/index.md index 48f72632e..cd3017d57 100644 --- a/running-coreos/platforms/vagrant/index.md +++ b/running-coreos/platforms/vagrant/index.md @@ -127,7 +127,7 @@ VM, run `vagrant status NAME`. Connect to one of the machines: ```sh -vagrant ssh core-01 +vagrant ssh core-01 -- -A ``` #### Start Machines Using Vagrant's VMware Provider @@ -136,7 +136,7 @@ If you have purchased the [VMware Vagrant provider](http://www.vagrantup.com/vmw ```sh vagrant up --provider vmware_fusion -vagrant ssh core-01 +vagrant ssh core-01 -- -A ``` ## Single Machine @@ -207,7 +207,7 @@ vagrant up Connect to the machine: ```sh -vagrant ssh core-01 +vagrant ssh core-01 -- -A ``` #### Start Machines Using Vagrant's VMware Provider @@ -216,7 +216,7 @@ If you have purchased the [VMware Vagrant provider](http://www.vagrantup.com/vmw ```sh vagrant up --provider vmware_fusion -vagrant ssh core-01 +vagrant ssh core-01 -- -A ``` ## Shared Folder Setup From 38e7fd9445bfcce2914554845292dfb7c956c459 Mon Sep 17 00:00:00 2001 From: Jonathan Boulle Date: Wed, 18 Jun 2014 23:39:02 -0700 Subject: [PATCH 0128/1291] fix(vagrant): various clean up to running-on-vagrant --- running-coreos/platforms/vagrant/index.md | 23 +++++++++++------------ 1 file changed, 11 insertions(+), 12 deletions(-) diff --git a/running-coreos/platforms/vagrant/index.md b/running-coreos/platforms/vagrant/index.md index 48f72632e..be08b2c3f 100644 --- a/running-coreos/platforms/vagrant/index.md +++ b/running-coreos/platforms/vagrant/index.md @@ -13,13 +13,13 @@ Running CoreOS with Vagrant is the easiest way to bring up a single machine or v You can direct questions to the [IRC channel][irc] or [mailing list][coreos-dev]. -## Install Vagrant and Virtualbox +## Install Vagrant and VirtualBox Vagrant is a simple-to-use command line virtual machine manager. There are install packages available for Windows, Linux and OSX. Find the latest installer on the [Vagrant downloads page][vagrant]. Be sure to get version 1.6.3 or greater. [vagrant]: http://www.vagrantup.com/downloads.html -Vagrant can use either the free Virtualbox provider or the commerical VMware provider. Instructions for both are below. For the Virtualbox provider, version 4.3.10 or greater is required. +Vagrant can use either the free VirtualBox provider or the commercial VMware provider. Instructions for both are below. For the VirtualBox provider, version 4.3.10 or greater is required. ## Clone Vagrant Repo @@ -38,7 +38,7 @@ To start our cluster, we need to provide some config parameters in cloud-config ### Cloud-Config -CoreOS allows you to configure machine parameters, launch systemd units on startup and more via cloud-config. Jump over to the [docs to learn about the supported features][cloud-config-docs]. You can provide cloud-config data to your CoreOS Vagrant VM by editing the `user-data` file inside of the cloned directory. A sample file `user-data.sample` exists as a base and must be renamed to `user-data` for it to be processed. +CoreOS allows you to configure machine parameters, launch systemd units on start-up and more via cloud-config. Jump over to the [docs to learn about the supported features][cloud-config-docs]. You can provide cloud-config data to your CoreOS Vagrant VM by editing the `user-data` file inside of the cloned directory. A sample file `user-data.sample` exists as a base and must be renamed to `user-data` for it to be processed. Our cluster will use an etcd [discovery URL]({{site.url}}/docs/cluster-management/setup/etcd-cluster-discovery/) to bootstrap the cluster of machines and elect an initial etcd leader. Be sure to replace `` with your own URL from [https://discovery.etcd.io/new](https://discovery.etcd.io/new): @@ -68,9 +68,9 @@ coreos: [cloud-config-docs]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config -### Startup CoreOS +### Start up CoreOS -The `config.rb.sample` file contains a few useful settings about your Vagrant envrionment and most importantly, how many machines you'd like in your cluster. +The `config.rb.sample` file contains a few useful settings about your Vagrant environment and most importantly, how many machines you'd like in your cluster. CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updates) with different schedules per channel. Select the channel you'd like to use for this cluster below. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes. @@ -169,9 +169,9 @@ coreos: ExecStart=/usr/bin/fleet ``` -### Startup CoreOS +### Start up CoreOS -The `config.rb.sample` file contains a few useful settings about your Vagrant envrionment. We're going to set the CoreOS channel that we'd like the machine to track.

+The `config.rb.sample` file contains a few useful settings about your Vagrant environment. We're going to set the CoreOS channel that we'd like the machine to track.

    @@ -196,9 +196,9 @@ $update_channel='beta'
-#### Start Machines Using Vagrant's default VirtualBox Provider +#### Start Machine Using Vagrant's default VirtualBox Provider -Start the machine(s): +Start the machine: ```sh vagrant up @@ -210,7 +210,7 @@ Connect to the machine: vagrant ssh core-01 ``` -#### Start Machines Using Vagrant's VMware Provider +#### Start Machine Using Vagrant's VMware Provider If you have purchased the [VMware Vagrant provider](http://www.vagrantup.com/vmware), run the following commands: @@ -224,7 +224,6 @@ vagrant ssh core-01 Optionally, you can share a folder from your laptop into the virtual machine. This is useful for easily getting code and Dockerfiles into CoreOS. ```ini -config.vm.network "private_network", ip: "172.12.8.150" config.vm.synced_folder ".", "/home/core/share", id: "core", :nfs => true, :mount_options => ['nolock,vers=3,udp'] ``` @@ -234,7 +233,7 @@ After a 'vagrant reload' you will be prompted for your local machine password. CoreOS is a rolling release distribution and versions that are out of date will automatically update. If you want to start from the most up to date version you will need to make sure that you have the latest box file of CoreOS. -Simply remove the old box file and Vagrant will download the latest one the next time you `vagrant up`. +You can do this using `vagrant box update` - or, simply remove the old box file and Vagrant will download the latest one the next time you `vagrant up`. ```sh vagrant box remove coreos-alpha vmware_fusion From b547d1572567f0035255d2f5d9aa77063c7fd1b3 Mon Sep 17 00:00:00 2001 From: Cole Gleason Date: Thu, 19 Jun 2014 12:32:03 -0700 Subject: [PATCH 0129/1291] change docker port to 2375 --- .../building/customizing-docker/index.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/launching-containers/building/customizing-docker/index.md b/launching-containers/building/customizing-docker/index.md index f3b956e1f..b4fd2fedb 100644 --- a/launching-containers/building/customizing-docker/index.md +++ b/launching-containers/building/customizing-docker/index.md @@ -12,14 +12,14 @@ The docker systemd unit can be customized by overriding the unit that ships with ## Enable the Remote API on a New Socket -Create a file called `/etc/systemd/system/docker-tcp.socket` to make docker available on a tcp socket on port 4243. +Create a file called `/etc/systemd/system/docker-tcp.socket` to make docker available on a tcp socket on port 2375. ```ini [Unit] Description=Docker Socket for the API [Socket] -ListenStream=4243 +ListenStream=2375 Service=docker.service BindIPv6Only=both @@ -34,7 +34,7 @@ systemctl enable docker-tcp.socket systemctl stop docker systemctl start docker-tcp.socket systemctl start docker -docker -H tcp://127.0.0.1:4243 ps +docker -H tcp://127.0.0.1:2375 ps ``` ### Cloud-Config @@ -53,7 +53,7 @@ coreos: Description=Docker Socket for the API [Socket] - ListenStream=4243 + ListenStream=2375 Service=docker.service BindIPv6Only=both @@ -74,7 +74,7 @@ To keep access to the port local, replace the `ListenStream` configuration above ```yaml [Socket] - ListenStream=127.0.0.1:4243 + ListenStream=127.0.0.1:2375 ``` ## Use Attached Storage for Docker Images From 8e471a4421f84516a115821151205c60f680accf Mon Sep 17 00:00:00 2001 From: Sukrit Khera Date: Mon, 23 Jun 2014 15:46:22 -0700 Subject: [PATCH 0130/1291] Add "ssh-add" command Add "ssh-add" command for agent forwarding to work. --- quickstart/index.md | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/quickstart/index.md b/quickstart/index.md index 57f5646bc..d83e545ee 100644 --- a/quickstart/index.md +++ b/quickstart/index.md @@ -19,7 +19,12 @@ $ ssh -A core@an.ip.compute-1.amazonaws.com CoreOS (beta) ``` -The `-A` forwards your ssh-agent to the machine, which is needed for the fleet section of this guide. +The `-A` forwards your ssh-agent to the machine, which is needed for the fleet section of this guide. You might have to add your private key on ssh agent running on client machine: + +```sh +$ ssh-add +Identity added: .../.ssh/id_rsa (.../.ssh/id_rsa) +``` If you're using Vagrant, you'll need to connect a bit differently: From 91a56e75ad89ffd26e3a6a835c4356c8945c481b Mon Sep 17 00:00:00 2001 From: c4t3l Date: Mon, 23 Jun 2014 20:18:02 -0500 Subject: [PATCH 0131/1291] Update index.md Cleaned up run on sentence. --- running-coreos/cloud-providers/ec2/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/running-coreos/cloud-providers/ec2/index.md b/running-coreos/cloud-providers/ec2/index.md index 1e0f3cadc..41ef18c6f 100644 --- a/running-coreos/cloud-providers/ec2/index.md +++ b/running-coreos/cloud-providers/ec2/index.md @@ -336,7 +336,7 @@ coreos: ### Automatic Rollback Limitations on EC2 -Amazon EC2 uses Xen paravirtualization which is incompatible with kexec which CoreOS uses to make it possible to rollback a bad update by simply rebooting the virtual machine. +Amazon EC2 uses Xen paravirtualization which is incompatible with kexec. CoreOS uses this to rollback a bad update by simply rebooting the virtual machine. ## Using CoreOS From 10b9a2729b68dfafbc016ec3c331d6d812105239 Mon Sep 17 00:00:00 2001 From: Sukrit Khera Date: Tue, 24 Jun 2014 11:08:09 -0700 Subject: [PATCH 0132/1291] Rewording based on PR comments --- quickstart/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/quickstart/index.md b/quickstart/index.md index d83e545ee..89f6a4c84 100644 --- a/quickstart/index.md +++ b/quickstart/index.md @@ -19,7 +19,7 @@ $ ssh -A core@an.ip.compute-1.amazonaws.com CoreOS (beta) ``` -The `-A` forwards your ssh-agent to the machine, which is needed for the fleet section of this guide. You might have to add your private key on ssh agent running on client machine: +The `-A` forwards your ssh-agent to the machine, which is needed for the fleet section of this guide. If you haven't already done so, you will need to add your private key to the SSH agent running on your client machine - for example: ```sh $ ssh-add From 354d411b5e0b24eb42297b4fbec1b6f4b04eaa46 Mon Sep 17 00:00:00 2001 From: Sukrit Khera Date: Tue, 24 Jun 2014 23:37:20 -0700 Subject: [PATCH 0133/1291] Remove deprecated -name option Change the deprecated option "-name" to "--name". To avoid warning: ``` Warning: '-name' is deprecated, it will be replaced by '--name' soon. See usage. ``` --- .../launching/launching-containers-fleet/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/launching-containers/launching/launching-containers-fleet/index.md b/launching-containers/launching/launching-containers-fleet/index.md index b5b3747c9..a499a3492 100644 --- a/launching-containers/launching/launching-containers-fleet/index.md +++ b/launching-containers/launching/launching-containers-fleet/index.md @@ -66,7 +66,7 @@ After=docker.service Requires=docker.service [Service] -ExecStart=/usr/bin/docker run -rm -name apache -p 80:80 coreos/apache /usr/sbin/apache2ctl -D FOREGROUND +ExecStart=/usr/bin/docker run -rm --name apache -p 80:80 coreos/apache /usr/sbin/apache2ctl -D FOREGROUND ExecStop=/usr/bin/docker rm -f apache [X-Fleet] From 50c7fcab078b0c3e81b7b93a2d613a3f4a3785c2 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Tue, 24 Jun 2014 23:50:07 -0700 Subject: [PATCH 0134/1291] fix(booting-ipxe): fix broken link to PXE instructions --- running-coreos/bare-metal/booting-with-ipxe/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/running-coreos/bare-metal/booting-with-ipxe/index.md b/running-coreos/bare-metal/booting-with-ipxe/index.md index 146171c9e..807835721 100644 --- a/running-coreos/bare-metal/booting-with-ipxe/index.md +++ b/running-coreos/bare-metal/booting-with-ipxe/index.md @@ -94,7 +94,7 @@ CoreOS can be completely installed on disk or run from RAM but store user data o ## Adding a Custom OEM -Similar to the [OEM partition][oem] in CoreOS disk images, iPXE images can be customized with a [cloud config][cloud-config] bundled in the initramfs. You can view the [instructions on the PXE docs]({{site.url}}/docs/bare-metal/booting-with-pxe/#adding-a-custom-oem). +Similar to the [OEM partition][oem] in CoreOS disk images, iPXE images can be customized with a [cloud config][cloud-config] bundled in the initramfs. You can view the [instructions on the PXE docs]({{site.url}}/docs/running-coreos/bare-metal/booting-with-pxe/#adding-a-custom-oem). [oem]: {{site.url}}/docs/sdk-distributors/distributors/notes-for-distributors/#image-customization [cloud-config]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/ From 7f19bb8c46c04dcd12219008f33a11b8be7481d9 Mon Sep 17 00:00:00 2001 From: Ian Babrou Date: Wed, 25 Jun 2014 19:02:17 +0400 Subject: [PATCH 0135/1291] Chromeium -> Chromium typo fix --- sdk-distributors/sdk/tips-and-tricks/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sdk-distributors/sdk/tips-and-tricks/index.md b/sdk-distributors/sdk/tips-and-tricks/index.md index 45461c1ce..7fc57dc8e 100644 --- a/sdk-distributors/sdk/tips-and-tricks/index.md +++ b/sdk-distributors/sdk/tips-and-tricks/index.md @@ -62,7 +62,7 @@ Push the changes to your github fork and create a pull request. - Remove a binary package from the cache `sudo rm /build/amd64-usr/packages/catagory/packagename-version.tbz2` - recreate the chroot prior to a clean rebuild `./chromite/bin/cros_sdk -r` - it may be necessary to comment out kernel source checks from the ebuild if the build fails -- as coreos does not yet provide visibility of the configured kernel source at biuld time -- usualy this is not a problem but may lead to warning messages -- Chromeium OS [Portage Build FAQ] +- Chromium OS [Portage Build FAQ] - [Gentoo Development Guide] From f7e24530664738ffbf7a94c4ed9f9b6ee4e09731 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Wed, 25 Jun 2014 11:16:24 -0700 Subject: [PATCH 0136/1291] fix(rackspace): replace backticks with code tag --- running-coreos/cloud-providers/rackspace/index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/running-coreos/cloud-providers/rackspace/index.md b/running-coreos/cloud-providers/rackspace/index.md index 061e6e13d..a87b923a2 100644 --- a/running-coreos/cloud-providers/rackspace/index.md +++ b/running-coreos/cloud-providers/rackspace/index.md @@ -248,12 +248,12 @@ source ~/.bash_profile
-

Launch the stack by providing the specified parameters. This command will reference the local file `data.yml` in the current working directory that contains the cloud-config parameters. `$(< data.yaml)` prints the contents of this file into our heat command:

+

Launch the stack by providing the specified parameters. This command will reference the local file data.yml in the current working directory that contains the cloud-config parameters. $(< data.yaml) prints the contents of this file into our heat command:

heat stack-create Test --template-file https://coreos.com/dist/rackspace/heat-alpha.yaml -P key-name=coreos-key -P flavor='2 GB Performance' -P count=5 -P user-data="$(< data.yaml)" -P name="CoreOS-alpha"

You can view the template here.

-

Launch the stack by providing the specified parameters. This command will reference the local file `data.yml` in the current working directory that contains the cloud-config parameters. `$(< data.yaml)` prints the contents of this file into our heat command:

+

Launch the stack by providing the specified parameters. This command will reference the local file data.yml in the current working directory that contains the cloud-config parameters. $(< data.yaml) prints the contents of this file into our heat command:

heat stack-create Test --template-file https://coreos.com/dist/rackspace/heat-beta.yaml -P key-name=coreos-key -P flavor='2 GB Performance' -P count=5 -P user-data="$(< data.yaml)" -P name="CoreOS-beta"

You can view the template here.

From 9f4084711aeacca77deec3b611095695360e8cd8 Mon Sep 17 00:00:00 2001 From: Jonathan Boulle Date: Wed, 25 Jun 2014 11:52:25 -0700 Subject: [PATCH 0137/1291] vagrant: add warning about discovery token reuse --- running-coreos/platforms/vagrant/index.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/running-coreos/platforms/vagrant/index.md b/running-coreos/platforms/vagrant/index.md index b96f16916..b30bd4b53 100644 --- a/running-coreos/platforms/vagrant/index.md +++ b/running-coreos/platforms/vagrant/index.md @@ -47,7 +47,8 @@ Our cluster will use an etcd [discovery URL]({{site.url}}/docs/cluster-managemen coreos: etcd: - #generate a new token for each unique cluster from https://discovery.etcd.io/new + # generate a new token for each unique cluster from https://discovery.etcd.io/new + # WARNING: replace each time you 'vagrant destroy' discovery: https://discovery.etcd.io/ addr: $public_ipv4:4001 peer-addr: $public_ipv4:7001 From 58ff6e713670bbdcaf0d0b69d475feaeddf8a3cf Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Sun, 29 Jun 2014 17:38:03 -0700 Subject: [PATCH 0138/1291] feat(*): specify offically supported platforms --- running-coreos/bare-metal/booting-with-ipxe/index.md | 1 + running-coreos/bare-metal/booting-with-pxe/index.md | 1 + running-coreos/bare-metal/installing-to-disk/index.md | 1 + running-coreos/cloud-providers/ec2/index.md | 1 + running-coreos/cloud-providers/google-compute-engine/index.md | 1 + running-coreos/cloud-providers/rackspace/index.md | 1 + running-coreos/platforms/iso/index.md | 1 + running-coreos/platforms/openstack/index.md | 1 + running-coreos/platforms/vagrant/index.md | 1 + 9 files changed, 9 insertions(+) diff --git a/running-coreos/bare-metal/booting-with-ipxe/index.md b/running-coreos/bare-metal/booting-with-ipxe/index.md index 807835721..5e6261dfe 100644 --- a/running-coreos/bare-metal/booting-with-ipxe/index.md +++ b/running-coreos/bare-metal/booting-with-ipxe/index.md @@ -4,6 +4,7 @@ slug: ipxe title: Booting with iPXE category: running_coreos sub_category: bare_metal +supported: true weight: 5 --- diff --git a/running-coreos/bare-metal/booting-with-pxe/index.md b/running-coreos/bare-metal/booting-with-pxe/index.md index e7d4a400d..78b96f395 100644 --- a/running-coreos/bare-metal/booting-with-pxe/index.md +++ b/running-coreos/bare-metal/booting-with-pxe/index.md @@ -4,6 +4,7 @@ slug: pxe title: Booting with PXE category: running_coreos sub_category: bare_metal +supported: true weight: 5 --- diff --git a/running-coreos/bare-metal/installing-to-disk/index.md b/running-coreos/bare-metal/installing-to-disk/index.md index 953af4dc5..88365e0c6 100644 --- a/running-coreos/bare-metal/installing-to-disk/index.md +++ b/running-coreos/bare-metal/installing-to-disk/index.md @@ -4,6 +4,7 @@ slug: pxe title: Installing to Disk category: running_coreos sub_category: bare_metal +supported: true weight: 7 --- diff --git a/running-coreos/cloud-providers/ec2/index.md b/running-coreos/cloud-providers/ec2/index.md index 42c4c39a6..cc2bc7828 100644 --- a/running-coreos/cloud-providers/ec2/index.md +++ b/running-coreos/cloud-providers/ec2/index.md @@ -3,6 +3,7 @@ layout: docs title: Amazon EC2 category: running_coreos sub_category: cloud_provider +supported: true weight: 1 cloud-formation-launch-logo: https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png --- diff --git a/running-coreos/cloud-providers/google-compute-engine/index.md b/running-coreos/cloud-providers/google-compute-engine/index.md index 065d3e6ec..ab7d9b5d9 100644 --- a/running-coreos/cloud-providers/google-compute-engine/index.md +++ b/running-coreos/cloud-providers/google-compute-engine/index.md @@ -2,6 +2,7 @@ layout: docs category: running_coreos sub_category: cloud_provider +supported: true weight: 3 title: Google Compute Engine --- diff --git a/running-coreos/cloud-providers/rackspace/index.md b/running-coreos/cloud-providers/rackspace/index.md index a87b923a2..fa96ed397 100644 --- a/running-coreos/cloud-providers/rackspace/index.md +++ b/running-coreos/cloud-providers/rackspace/index.md @@ -3,6 +3,7 @@ layout: docs title: Rackspace Cloud category: running_coreos sub_category: cloud_provider +supported: true weight: 5 --- diff --git a/running-coreos/platforms/iso/index.md b/running-coreos/platforms/iso/index.md index 17792bbdc..35593eb0d 100644 --- a/running-coreos/platforms/iso/index.md +++ b/running-coreos/platforms/iso/index.md @@ -3,6 +3,7 @@ layout: docs title: ISO category: running_coreos sub_category: platforms +supported: true weight: 10 --- diff --git a/running-coreos/platforms/openstack/index.md b/running-coreos/platforms/openstack/index.md index c18a57bc4..091908b6c 100644 --- a/running-coreos/platforms/openstack/index.md +++ b/running-coreos/platforms/openstack/index.md @@ -3,6 +3,7 @@ layout: docs title: OpenStack category: running_coreos sub_category: platforms +supported: true weight: 5 --- diff --git a/running-coreos/platforms/vagrant/index.md b/running-coreos/platforms/vagrant/index.md index b30bd4b53..c1fc7f287 100644 --- a/running-coreos/platforms/vagrant/index.md +++ b/running-coreos/platforms/vagrant/index.md @@ -4,6 +4,7 @@ slug: vagrant title: Vagrant category: running_coreos sub_category: platforms +supported: true weight: 5 --- From d322cfb710bf8624525c55647a236ae451f88cdb Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Mon, 30 Jun 2014 00:13:27 -0700 Subject: [PATCH 0139/1291] feat(update-strategies): minor text changes --- cluster-management/setup/update-strategies/index.md | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/cluster-management/setup/update-strategies/index.md b/cluster-management/setup/update-strategies/index.md index 1fea426f7..360d5b76c 100644 --- a/cluster-management/setup/update-strategies/index.md +++ b/cluster-management/setup/update-strategies/index.md @@ -34,9 +34,7 @@ coreos: ### Best Effort -The default setting is for CoreOS to make a `best-effort` to determine if the machine is part of a cluster. Currently this logic is very simple: if etcd has started, assume that the machine is part of a cluster. - -If so, use the `etcd-lock` strategy. +The default setting is for CoreOS to make a `best-effort` to determine if the machine is part of a cluster. Currently this logic is very simple: if etcd has started, assume that the machine is part of a cluster and use the `etcd-lock` strategy. Otherwise, use the `reboot` strategy. @@ -73,11 +71,11 @@ locksmithctl unlock 69d27b356a94476da859461d3a3bc6fd ### Reboot Immediately -The `reboot` strategy works exactly how it sounds: the machine is rebooted as soon as the update has been installed to the passive partition. If the applications running on your cluster are highly resilient, this strategy was made for you. +The `reboot` strategy works exactly like it sounds: the machine is rebooted as soon as the update has been installed to the passive partition. If the applications running on your cluster are highly resilient, this strategy was made for you. ### Off -The `off` strategy is also very straightforward. The update will be installed onto the passive partion and await a reboot command to complete the update. We don't recommend this strategy unless you reboot frequently as part of your normal operations workflow +The `off` strategy is also straightforward. The update will be installed onto the passive partion and await a reboot command to complete the update. We don't recommend this strategy unless you reboot frequently as part of your normal operations workflow. ## Updating PXE/iPXE Machines From 66a9c931eae88083fef41932db043855e20a20ac Mon Sep 17 00:00:00 2001 From: rdodev Date: Mon, 30 Jun 2014 09:01:48 -0400 Subject: [PATCH 0140/1291] The account number is no longer displayed in the upper right corner. The use must click on it in order to see it. --- running-coreos/cloud-providers/rackspace/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/running-coreos/cloud-providers/rackspace/index.md b/running-coreos/cloud-providers/rackspace/index.md index fa96ed397..8c8e23a83 100644 --- a/running-coreos/cloud-providers/rackspace/index.md +++ b/running-coreos/cloud-providers/rackspace/index.md @@ -131,7 +131,7 @@ sudo pip install supernova ### Store Account Information -Edit your config file (`~/.supernova`) to store your Rackspace username, API key (referenced as `OS_PASSWORD`) and some other settings. The `OS_TENANT_NAME` should be set to your Rackspace account ID, which is displayed in the upper right-hand corner of the cloud control panel UI. +Edit your config file (`~/.supernova`) to store your Rackspace username, API key (referenced as `OS_PASSWORD`) and some other settings. The `OS_TENANT_NAME` should be set to your Rackspace account ID, which can be found by clicking on your rackspace username in the upper right-hand corner of the cloud control panel UI. ```ini [production] From 2d4862e602206df9fe20e087f4821243b6bd5d4f Mon Sep 17 00:00:00 2001 From: rdodev Date: Mon, 30 Jun 2014 10:11:11 -0400 Subject: [PATCH 0141/1291] Added Control Panel instructions to Rackspace docs --- running-coreos/cloud-providers/rackspace/index.md | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/running-coreos/cloud-providers/rackspace/index.md b/running-coreos/cloud-providers/rackspace/index.md index 8c8e23a83..95b6f2dd0 100644 --- a/running-coreos/cloud-providers/rackspace/index.md +++ b/running-coreos/cloud-providers/rackspace/index.md @@ -261,6 +261,19 @@ source ~/.bash_profile
+## Launch via Control Panel + +You can also launch servers with either the `alpha` and `beta` channel versions via the web-based Control Panel. To do so: + + 1. log into your Rackspace Control Panel + 1. click on 'Severs' + 1. click on 'Create Server' + 1. choose server name and region + 1. click on 'Linux', then on 'CoreOS' and finally choose '(alpha)' or '(beta)' version + 1. choose flavor and use 'Advanced Options' to select SSH Key -- if available + 1. click on 'Create Server' + + ## Using CoreOS Now that you have a machine booted it is time to play around. From f721b91e28a40d7b058a34195d2aa2f6a61f79e4 Mon Sep 17 00:00:00 2001 From: rdodev Date: Mon, 30 Jun 2014 10:18:31 -0400 Subject: [PATCH 0142/1291] Adding screenshot --- running-coreos/cloud-providers/rackspace/index.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/running-coreos/cloud-providers/rackspace/index.md b/running-coreos/cloud-providers/rackspace/index.md index 95b6f2dd0..272553583 100644 --- a/running-coreos/cloud-providers/rackspace/index.md +++ b/running-coreos/cloud-providers/rackspace/index.md @@ -269,7 +269,8 @@ You can also launch servers with either the `alpha` and `beta` channel versions 1. click on 'Severs' 1. click on 'Create Server' 1. choose server name and region - 1. click on 'Linux', then on 'CoreOS' and finally choose '(alpha)' or '(beta)' version + 1. click on 'Linux', then on 'CoreOS' and finally choose '(alpha)' or '(beta)' version + ![Control Panel Selection](http://57711b76b91f5d65a382-e5576ae0d6cf44f41aa69b4e6e0902ca.r62.cf1.rackcdn.com/Screen%20Shot%202014-06-30%20at%209.54.43%20AM.png) 1. choose flavor and use 'Advanced Options' to select SSH Key -- if available 1. click on 'Create Server' From b4361e73ce8a1c83ec6c498805f28b00a7fe64b8 Mon Sep 17 00:00:00 2001 From: rdodev Date: Mon, 30 Jun 2014 12:01:53 -0400 Subject: [PATCH 0143/1291] PR corrections --- running-coreos/cloud-providers/rackspace/index.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/running-coreos/cloud-providers/rackspace/index.md b/running-coreos/cloud-providers/rackspace/index.md index 272553583..d2a44aa22 100644 --- a/running-coreos/cloud-providers/rackspace/index.md +++ b/running-coreos/cloud-providers/rackspace/index.md @@ -131,7 +131,7 @@ sudo pip install supernova ### Store Account Information -Edit your config file (`~/.supernova`) to store your Rackspace username, API key (referenced as `OS_PASSWORD`) and some other settings. The `OS_TENANT_NAME` should be set to your Rackspace account ID, which can be found by clicking on your rackspace username in the upper right-hand corner of the cloud control panel UI. +Edit your config file (`~/.supernova`) to store your Rackspace username, API key (referenced as `OS_PASSWORD`) and some other settings. The `OS_TENANT_NAME` should be set to your Rackspace account ID, which can be found by clicking on your Rackspace username in the upper right-hand corner of the cloud control panel UI. ```ini [production] @@ -266,13 +266,13 @@ source ~/.bash_profile You can also launch servers with either the `alpha` and `beta` channel versions via the web-based Control Panel. To do so: 1. log into your Rackspace Control Panel - 1. click on 'Severs' - 1. click on 'Create Server' - 1. choose server name and region - 1. click on 'Linux', then on 'CoreOS' and finally choose '(alpha)' or '(beta)' version + 2. click on 'Servers' + 3. click on 'Create Server' + 4. choose server name and region + 5. click on 'Linux', then on 'CoreOS' and finally choose '(alpha)' or '(beta)' version ![Control Panel Selection](http://57711b76b91f5d65a382-e5576ae0d6cf44f41aa69b4e6e0902ca.r62.cf1.rackcdn.com/Screen%20Shot%202014-06-30%20at%209.54.43%20AM.png) - 1. choose flavor and use 'Advanced Options' to select SSH Key -- if available - 1. click on 'Create Server' + 6. choose flavor and use 'Advanced Options' to select SSH Key -- if available + 7. click on 'Create Server' ## Using CoreOS From 0a2d0e66b7b4641f373b68f9bc7d95e9db2f2ec1 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Mon, 30 Jun 2014 10:34:27 -0700 Subject: [PATCH 0144/1291] feat(rackspace): add cloud-config note for UI --- .../cloud-providers/rackspace/index.md | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/running-coreos/cloud-providers/rackspace/index.md b/running-coreos/cloud-providers/rackspace/index.md index d2a44aa22..05ccf70bf 100644 --- a/running-coreos/cloud-providers/rackspace/index.md +++ b/running-coreos/cloud-providers/rackspace/index.md @@ -263,16 +263,16 @@ source ~/.bash_profile ## Launch via Control Panel -You can also launch servers with either the `alpha` and `beta` channel versions via the web-based Control Panel. To do so: +You can also launch servers with either the `alpha` and `beta` channel versions via the web-based Control Panel, although you can't provide cloud-config via the UI. To do so: - 1. log into your Rackspace Control Panel - 2. click on 'Servers' - 3. click on 'Create Server' - 4. choose server name and region - 5. click on 'Linux', then on 'CoreOS' and finally choose '(alpha)' or '(beta)' version + 1. Log into your Rackspace Control Panel + 2. Click on 'Servers' + 3. Click on 'Create Server' + 4. Choose server name and region + 5. Click on 'Linux', then on 'CoreOS' and finally choose '(alpha)' or '(beta)' version ![Control Panel Selection](http://57711b76b91f5d65a382-e5576ae0d6cf44f41aa69b4e6e0902ca.r62.cf1.rackcdn.com/Screen%20Shot%202014-06-30%20at%209.54.43%20AM.png) - 6. choose flavor and use 'Advanced Options' to select SSH Key -- if available - 7. click on 'Create Server' + 6. Choose flavor and use 'Advanced Options' to select SSH Key -- if available + 7. Click on 'Create Server' ## Using CoreOS From fe8086d217b3a1a166f2b0f5519f6f5284951465 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Mon, 30 Jun 2014 16:02:48 -0700 Subject: [PATCH 0145/1291] feat(customizing-ssh): instructions for changing the ssh port --- .../setup/customizing-sshd/index.md | 33 ++++++++++++++----- 1 file changed, 25 insertions(+), 8 deletions(-) diff --git a/cluster-management/setup/customizing-sshd/index.md b/cluster-management/setup/customizing-sshd/index.md index 9e785a593..16c9baab8 100644 --- a/cluster-management/setup/customizing-sshd/index.md +++ b/cluster-management/setup/customizing-sshd/index.md @@ -24,14 +24,31 @@ write_files: permissions: 0600 owner: root:root content: | - # Use most defaults for sshd configuration. - UsePrivilegeSeparation sandbox - Subsystem sftp internal-sftp - - PermitRootLogin no - AllowUsers core - PasswordAuthentication no - ChallengeResponseAuthentication no + # Use most defaults for sshd configuration. + UsePrivilegeSeparation sandbox + Subsystem sftp internal-sftp + + PermitRootLogin no + AllowUsers core + PasswordAuthentication no + ChallengeResponseAuthentication no +``` + +## Changing the sshd Port + +CoreOS ships with socket-activated SSH by default. The configuration for this can be found at `/usr/lib/systemd/system/sshd.socket`. We're going to override this in the cloud-config provided at boot: + +```yaml +#cloud-config + +coreos: + units: + - name: sshd.socket + command: restart + content: | + [Socket] + ListenStream=2222 + Accept=yes ``` ## Further Reading From f4d7361802482bb1a2332805ff13c0d12575c536 Mon Sep 17 00:00:00 2001 From: Paul Querna Date: Wed, 2 Jul 2014 10:24:41 -0700 Subject: [PATCH 0146/1291] OpenStack is normally a CamelCase word --- running-coreos/cloud-providers/rackspace/index.md | 2 +- running-coreos/platforms/openstack/index.md | 4 ++-- running-coreos/platforms/vmware/index.md | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/running-coreos/cloud-providers/rackspace/index.md b/running-coreos/cloud-providers/rackspace/index.md index 05ccf70bf..f348f2b2d 100644 --- a/running-coreos/cloud-providers/rackspace/index.md +++ b/running-coreos/cloud-providers/rackspace/index.md @@ -9,7 +9,7 @@ weight: 5 # Running CoreOS on Rackspace -CoreOS is currently in heavy development and actively being tested. These instructions will walk you through running CoreOS on the Rackspace Openstack cloud, which differs slightly from the generic Openstack instructions. There are two ways to launch a CoreOS cluster: launch an entire cluster with Heat or launch machines with Nova. +CoreOS is currently in heavy development and actively being tested. These instructions will walk you through running CoreOS on the Rackspace OpenStack cloud, which differs slightly from the generic OpenStack instructions. There are two ways to launch a CoreOS cluster: launch an entire cluster with Heat or launch machines with Nova. ## Choosing a Channel diff --git a/running-coreos/platforms/openstack/index.md b/running-coreos/platforms/openstack/index.md index 091908b6c..da8318b30 100644 --- a/running-coreos/platforms/openstack/index.md +++ b/running-coreos/platforms/openstack/index.md @@ -57,13 +57,13 @@ $ glance image-create --name CoreOS \ ## Cloud-Config CoreOS allows you to configure machine parameters, launch systemd units on startup and more via cloud-config. Jump over to the [docs to learn about the supported features][cloud-config]. -We're going to provide our cloud-config to Openstack via the user-data flag. Our cloud-config will also contain SSH keys that will be used to connect to the instance. +We're going to provide our cloud-config to OpenStack via the user-data flag. Our cloud-config will also contain SSH keys that will be used to connect to the instance. In order for this to work your OpenStack cloud provider must support [config drive][config-drive] or the OpenStack metadata service. [cloud-config]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config [config-drive]: http://docs.openstack.org/user-guide/content/config-drive.html -The most common cloud-config for Openstack looks like: +The most common cloud-config for OpenStack looks like: ```yaml #cloud-config diff --git a/running-coreos/platforms/vmware/index.md b/running-coreos/platforms/vmware/index.md index 050d6f1ef..76db1a60f 100644 --- a/running-coreos/platforms/vmware/index.md +++ b/running-coreos/platforms/vmware/index.md @@ -70,7 +70,7 @@ The last step uploads the files to your ESXi datastore and registers your VM. Yo Cloud-config can be specified by attaching a [config-drive]({{site.url}}/docs/cluster-management/setup/cloudinit-config-drive/) with the label `config-2`. This is commonly done through whatever interface allows for attaching cd-roms or new drives. -Note that the config-drive standard was originally an Openstack feature, which is why you'll see strings containing `openstack`. This filepath needs to be retained, although CoreOS supports config-drive on all platforms. +Note that the config-drive standard was originally an OpenStack feature, which is why you'll see strings containing `openstack`. This filepath needs to be retained, although CoreOS supports config-drive on all platforms. For more information on customization that can be done with cloud-config, head on over to the [cloud-config guide]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/). From 464441170c49a35aebf03a18fce4913b538a8041 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 3 Jul 2014 10:54:17 -0700 Subject: [PATCH 0147/1291] fix(launching-containers-fleet): typo --- .../launching/launching-containers-fleet/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/launching-containers/launching/launching-containers-fleet/index.md b/launching-containers/launching/launching-containers-fleet/index.md index a499a3492..d41e55b70 100644 --- a/launching-containers/launching/launching-containers-fleet/index.md +++ b/launching-containers/launching/launching-containers-fleet/index.md @@ -113,7 +113,7 @@ Second is `%H`, a variable built into systemd, that represents the hostname of t The third is a [fleet-specific property]({{site.url}}/docs/launching-containers/launching/fleet-unit-files/) called `X-ConditionMachineOf`. This property causes the unit to be placed onto the same machine that `apache.1.service` is running on. -Let's verify that each unit was placed on to the same machine as the Apache service is is bound to: +Let's verify that each unit was placed on to the same machine as the Apache service is bound to: ```sh $ fleetctl start apache-discovery.1.service From 22a6f10c62d9523a390d42d02cb3973be6e51548 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 3 Jul 2014 10:57:39 -0700 Subject: [PATCH 0148/1291] fix(mounting-storage): missing colon in YAML --- cluster-management/setup/mounting-storage/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster-management/setup/mounting-storage/index.md b/cluster-management/setup/mounting-storage/index.md index eed56639c..87282097a 100644 --- a/cluster-management/setup/mounting-storage/index.md +++ b/cluster-management/setup/mounting-storage/index.md @@ -37,7 +37,7 @@ We're going to bind mount a btrfs device to `/var/lib/docker`, where docker stor ```yaml #cloud-config coreos: - units + units: - name: format-ephemeral.service command: start content: | From 258e5a782f4fb5e5d89d14c1ebf53b75f5a415fa Mon Sep 17 00:00:00 2001 From: Michael Marineau Date: Thu, 3 Jul 2014 14:19:57 -0700 Subject: [PATCH 0149/1291] cloud-config: Explicitly state which platforms can use $private_ipv4 --- .../bare-metal/booting-with-pxe/index.md | 2 + .../bare-metal/installing-to-disk/index.md | 2 + .../cloud-providers/brightbox/index.md | 41 +++++++++++++------ running-coreos/cloud-providers/ec2/index.md | 2 + .../google-compute-engine/index.md | 2 + .../cloud-providers/rackspace/index.md | 2 + .../cloud-providers/vexxhost/index.md | 2 + running-coreos/platforms/libvirt/index.md | 2 + running-coreos/platforms/openstack/index.md | 2 + running-coreos/platforms/vagrant/index.md | 2 + running-coreos/platforms/vmware/index.md | 2 + 11 files changed, 49 insertions(+), 12 deletions(-) diff --git a/running-coreos/bare-metal/booting-with-pxe/index.md b/running-coreos/bare-metal/booting-with-pxe/index.md index 78b96f395..716163487 100644 --- a/running-coreos/bare-metal/booting-with-pxe/index.md +++ b/running-coreos/bare-metal/booting-with-pxe/index.md @@ -70,6 +70,8 @@ ssh_authorized_keys: You can view all of the [cloud-config options here]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/). +Note: The `$private_ipv4` and `$public_ipv4` substitution variables referenced in other documents are *not* supported on PXE systems. + ### Choose a Channel CoreOS is released into alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. diff --git a/running-coreos/bare-metal/installing-to-disk/index.md b/running-coreos/bare-metal/installing-to-disk/index.md index 88365e0c6..c79899965 100644 --- a/running-coreos/bare-metal/installing-to-disk/index.md +++ b/running-coreos/bare-metal/installing-to-disk/index.md @@ -74,6 +74,8 @@ ssh_authorized_keys: - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC0g+ZTxC7weoIJLUafOgrm+h... ``` +Note: The `$private_ipv4` and `$public_ipv4` substitution variables referenced in other documents are *not* supported when installing via the `coreos-install` script. + To start the installation script with a reference to our cloud-config file, run: ``` diff --git a/running-coreos/cloud-providers/brightbox/index.md b/running-coreos/cloud-providers/brightbox/index.md index a42448ad6..c28e442fd 100644 --- a/running-coreos/cloud-providers/brightbox/index.md +++ b/running-coreos/cloud-providers/brightbox/index.md @@ -85,23 +85,40 @@ $ brightbox images list | grep CoreOS {{site.brightbox-id}} brightbox official 2013-12-15 public 5442 CoreOS {{site.brightbox-version}} (x86_64) ``` -## Building Servers - -Before building the cluster, we need to generate a unique identifier for it, which is used by CoreOS to discover and identify nodes. +## Cloud-Config + +CoreOS allows you to configure machine parameters, launch systemd units on +startup and more via [cloud-config][cloud-config]. We're going to provide the +`cloud-config` data via the `user-data-file` flag. + +[cloud-config]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config + +A sample common `cloud-config` file will look something like the following: + +```yaml +#cloud-config + +coreos: + etcd: + # generate a new token for each unique cluster from https://discovery.etcd.io/new + discovery: https://discovery.etcd.io/ + addr: $private_ipv4:4001 + peer-addr: $private_ipv4:7001 + units: + - name: etcd.service + command: start + - name: fleet.service + command: start +``` -You can use any random string so we’ll use the `uuid` tool here to generate one: +The `$private_ipv4` and `$public_ipv4` substitution variables are fully supported in cloud-config on Brightbox. -```sh -$ TOKEN=`uuid` - -$ echo $TOKEN -53cf11d4-3726-11e3-958f-939d4f7f9688 -``` +## Building Servers -Then build three servers using the image, in the server group we created and specifying the token as the user data: +Now build three servers using the image, in the server group we created and specifying the cloud-config as the user data: ```sh -$ brightbox servers create -i 3 --type small --name "coreos" --user-data $TOKEN --server-groups grp-cdl6h {{site.brightbox-id}} +$ brightbox servers create -i 3 --type small --name "coreos" --user-data-file ./user-data --server-groups grp-cdl6h {{site.brightbox-id}} Creating 3 small (typ-8fych) servers with image CoreOS {{site.brightbox-version}} ({{ site.brightbox-id }}) in groups grp-cdl6h with 0.05k of user data diff --git a/running-coreos/cloud-providers/ec2/index.md b/running-coreos/cloud-providers/ec2/index.md index cc2bc7828..1d4a9e69f 100644 --- a/running-coreos/cloud-providers/ec2/index.md +++ b/running-coreos/cloud-providers/ec2/index.md @@ -100,6 +100,8 @@ coreos: command: start ``` +The `$private_ipv4` and `$public_ipv4` substitution variables are fully supported in cloud-config on EC2. +
diff --git a/running-coreos/cloud-providers/google-compute-engine/index.md b/running-coreos/cloud-providers/google-compute-engine/index.md index ab7d9b5d9..2eb711050 100644 --- a/running-coreos/cloud-providers/google-compute-engine/index.md +++ b/running-coreos/cloud-providers/google-compute-engine/index.md @@ -39,6 +39,8 @@ coreos: command: start ``` +The `$private_ipv4` and `$public_ipv4` substitution variables are fully supported in cloud-config on GCE. + ## Choosing a Channel CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updates) with different schedules per channel. You can [disable this feature]({{site.url}}/docs/cluster-management/debugging/prevent-reboot-after-update), although we don't recommend it. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes. diff --git a/running-coreos/cloud-providers/rackspace/index.md b/running-coreos/cloud-providers/rackspace/index.md index f348f2b2d..7ad33400b 100644 --- a/running-coreos/cloud-providers/rackspace/index.md +++ b/running-coreos/cloud-providers/rackspace/index.md @@ -92,6 +92,8 @@ coreos: command: start ``` +The `$private_ipv4` and `$public_ipv4` substitution variables are fully supported in cloud-config on Rackspace. + [cloud-config-docs]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config ### Mount Data Disk diff --git a/running-coreos/cloud-providers/vexxhost/index.md b/running-coreos/cloud-providers/vexxhost/index.md index 70fb31ce5..fba18a6ab 100644 --- a/running-coreos/cloud-providers/vexxhost/index.md +++ b/running-coreos/cloud-providers/vexxhost/index.md @@ -61,6 +61,8 @@ coreos: command: start ``` +The `$private_ipv4` and `$public_ipv4` substitution variables are fully supported in cloud-config on VEXXHOST. + ## Launch Cluster You will need to install `python-novaclient` which supplies the OpenStack CLI diff --git a/running-coreos/platforms/libvirt/index.md b/running-coreos/platforms/libvirt/index.md index 172e09b84..2e88ea9e2 100644 --- a/running-coreos/platforms/libvirt/index.md +++ b/running-coreos/platforms/libvirt/index.md @@ -121,6 +121,8 @@ ssh_authorized_keys: - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGdByTgSVHq....... ``` +Note: The `$private_ipv4` and `$public_ipv4` substitution variables referenced in other documents are *not* supported on libvirt. + [cloud-config]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config ### Network configuration diff --git a/running-coreos/platforms/openstack/index.md b/running-coreos/platforms/openstack/index.md index da8318b30..897241c5e 100644 --- a/running-coreos/platforms/openstack/index.md +++ b/running-coreos/platforms/openstack/index.md @@ -85,6 +85,8 @@ ssh_authorized_keys: - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC0g+ZTxC7weoIJLUafOgrm+h... ``` +The `$private_ipv4` and `$public_ipv4` substitution variables are fully supported in cloud-config on most OpenStack deployments. Unfortunately some systems relying on config drive may leave these values undefined. + ## Launch Cluster Boot the machines with the `nova` CLI, referencing the image ID from the import step above and your `cloud-config.yaml`: diff --git a/running-coreos/platforms/vagrant/index.md b/running-coreos/platforms/vagrant/index.md index c1fc7f287..d9758e6fb 100644 --- a/running-coreos/platforms/vagrant/index.md +++ b/running-coreos/platforms/vagrant/index.md @@ -68,6 +68,8 @@ coreos: ExecStart=/usr/bin/fleet ``` +The `$private_ipv4` and `$public_ipv4` substitution variables are fully supported in cloud-config on Vagrant. They will map to the first statically defined private and public networks defined in the Vagrantfile. + [cloud-config-docs]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config ### Start up CoreOS diff --git a/running-coreos/platforms/vmware/index.md b/running-coreos/platforms/vmware/index.md index 76db1a60f..637d59a08 100644 --- a/running-coreos/platforms/vmware/index.md +++ b/running-coreos/platforms/vmware/index.md @@ -74,6 +74,8 @@ Note that the config-drive standard was originally an OpenStack feature, which i For more information on customization that can be done with cloud-config, head on over to the [cloud-config guide]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/). +Note: The `$private_ipv4` and `$public_ipv4` substitution variables referenced in other documents are *not* supported on VMware. + ## Logging in Networking can take a bit of time to come up under VMware and you will need to From f40f152235282c22a20fad7dbdc2ee9c20c481a9 Mon Sep 17 00:00:00 2001 From: kelvinn Date: Sat, 5 Jul 2014 16:58:46 +1000 Subject: [PATCH 0150/1291] Update index.md --- running-coreos/cloud-providers/vultr/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/running-coreos/cloud-providers/vultr/index.md b/running-coreos/cloud-providers/vultr/index.md index 8f9338418..41ff1f5b5 100644 --- a/running-coreos/cloud-providers/vultr/index.md +++ b/running-coreos/cloud-providers/vultr/index.md @@ -38,7 +38,7 @@ Create a new VPS (any server type and location of your choice), and then: 1. For the "Operating System" select "Custom" 2. Select iPXE boot -3. Set the chain URL to the URL of your script (http://example.com/script.txt) +3. Set the chain URL to the URL of your script (http://example.com/script.txt) *Note*: URL must be plain old HTTP, not HTTPS 4. Click "Place Order" ![Any location, any size, custom OS, iPXE boot, set chain URL, place order](http://s18.postimg.org/5ra9lioeh/vultr.png) From 7a6ef642439eb1009b18560b1d8308bf2cb3c30b Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Tue, 8 Jul 2014 10:21:50 -0700 Subject: [PATCH 0151/1291] fix(vagrant): use coreos.fleet for setting IP --- running-coreos/platforms/vagrant/index.md | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/running-coreos/platforms/vagrant/index.md b/running-coreos/platforms/vagrant/index.md index d9758e6fb..2a06d68f8 100644 --- a/running-coreos/platforms/vagrant/index.md +++ b/running-coreos/platforms/vagrant/index.md @@ -53,19 +53,13 @@ coreos: discovery: https://discovery.etcd.io/ addr: $public_ipv4:4001 peer-addr: $public_ipv4:7001 + fleet: + public-ip: $public_ipv4 units: - name: etcd.service command: start - name: fleet.service command: start - runtime: no - content: | - [Unit] - Description=fleet - - [Service] - Environment=FLEET_PUBLIC_IP=$public_ipv4 - ExecStart=/usr/bin/fleet ``` The `$private_ipv4` and `$public_ipv4` substitution variables are fully supported in cloud-config on Vagrant. They will map to the first statically defined private and public networks defined in the Vagrantfile. From c92b10dc130534a3f547c8e5ac4d52ce01bc18b7 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Tue, 8 Jul 2014 15:31:48 -0700 Subject: [PATCH 0152/1291] fix(mounting-storage): remove reference to non-existent unit --- cluster-management/setup/mounting-storage/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster-management/setup/mounting-storage/index.md b/cluster-management/setup/mounting-storage/index.md index 87282097a..bfefa9a7c 100644 --- a/cluster-management/setup/mounting-storage/index.md +++ b/cluster-management/setup/mounting-storage/index.md @@ -62,7 +62,7 @@ coreos: Type=btrfs ``` -Notice that we're starting all three of these units at the same time and using the power of systemd to work out the dependencies for us. In this case, `docker-storage.service` requires `format-ephemeral.service`, ensuring that our storage will always be formatted before it is bind mounted. Docker will refuse to start otherwise. +Notice that we're starting both units at the same time and using the power of systemd to work out the dependencies for us. In this case, `var-lib-docker.mount` requires `format-ephemeral.service`, ensuring that our storage will always be formatted before it is mounted. Docker will refuse to start otherwise. ## Further Reading From f47baa350904712d9e2735fedf14b77c7647060e Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Tue, 8 Jul 2014 10:37:26 -0700 Subject: [PATCH 0153/1291] fix(customize-docker): improve systemd units --- .../building/customizing-docker/index.md | 30 ++++++++----------- 1 file changed, 12 insertions(+), 18 deletions(-) diff --git a/launching-containers/building/customizing-docker/index.md b/launching-containers/building/customizing-docker/index.md index b4fd2fedb..ef9efa695 100644 --- a/launching-containers/building/customizing-docker/index.md +++ b/launching-containers/building/customizing-docker/index.md @@ -12,7 +12,7 @@ The docker systemd unit can be customized by overriding the unit that ships with ## Enable the Remote API on a New Socket -Create a file called `/etc/systemd/system/docker-tcp.socket` to make docker available on a tcp socket on port 2375. +Create a file called `/etc/systemd/system/docker.socket` to make docker available on a TCP socket on port 2375. ```ini [Unit] @@ -20,20 +20,23 @@ Description=Docker Socket for the API [Socket] ListenStream=2375 -Service=docker.service BindIPv6Only=both [Install] WantedBy=sockets.target ``` -Then enable this new socket: +Docker has support for socket activation, which solves a common race condition during start up. If requests are sent over the socket before docker has started, they will be queued in the kernel and processed as soon as docker is ready. + +Since docker is socket-activated and already looking for the socket, all we need to do is restart it after the socket file has been written to disk: + +```sh +systemctl restart docker +``` + +Test that it's working: ```sh -systemctl enable docker-tcp.socket -systemctl stop docker -systemctl start docker-tcp.socket -systemctl start docker docker -H tcp://127.0.0.1:2375 ps ``` @@ -46,28 +49,19 @@ To enable the remote API on every CoreOS machine in a cluster, use [cloud-config coreos: units: - - name: docker-tcp.socket + - name: docker.socket command: start + enable: yes content: | [Unit] Description=Docker Socket for the API [Socket] ListenStream=2375 - Service=docker.service BindIPv6Only=both [Install] WantedBy=sockets.target - - name: enable-docker-tcp.service - command: start - content: | - [Unit] - Description=Enable the Docker Socket for the API - - [Service] - Type=oneshot - ExecStart=/usr/bin/systemctl enable docker-tcp.socket ``` To keep access to the port local, replace the `ListenStream` configuration above with: From 2eb2da4fb631c2c00731d61ffcd35a8d5044ce5a Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Fri, 11 Jul 2014 11:02:08 -0700 Subject: [PATCH 0154/1291] fix(vagrant): update single machine config + updating config note --- running-coreos/platforms/vagrant/index.md | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/running-coreos/platforms/vagrant/index.md b/running-coreos/platforms/vagrant/index.md index 2a06d68f8..675858506 100644 --- a/running-coreos/platforms/vagrant/index.md +++ b/running-coreos/platforms/vagrant/index.md @@ -64,6 +64,8 @@ coreos: The `$private_ipv4` and `$public_ipv4` substitution variables are fully supported in cloud-config on Vagrant. They will map to the first statically defined private and public networks defined in the Vagrantfile. +If you wish to update your cloud-config later on, `vagrant up --provision` must be run to apply the new file. + [cloud-config-docs]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config ### Start up CoreOS @@ -152,19 +154,13 @@ coreos: etcd: addr: $public_ipv4:4001 peer-addr: $public_ipv4:7001 + fleet: + public-ip: $public_ipv4 units: - name: etcd.service command: start - name: fleet.service command: start - runtime: no - content: | - [Unit] - Description=fleet - - [Service] - Environment=FLEET_PUBLIC_IP=$public_ipv4 - ExecStart=/usr/bin/fleet ``` ### Start up CoreOS From b86db9b70b75cb1e9715ce97d500cca7effc5954 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Mon, 14 Jul 2014 11:51:40 -0700 Subject: [PATCH 0155/1291] feat(ec2): list PV and HVM AMIs --- running-coreos/cloud-providers/ec2/index.md | 32 +++++++++++++++------ 1 file changed, 24 insertions(+), 8 deletions(-) diff --git a/running-coreos/cloud-providers/ec2/index.md b/running-coreos/cloud-providers/ec2/index.md index 1d4a9e69f..438d6d8da 100644 --- a/running-coreos/cloud-providers/ec2/index.md +++ b/running-coreos/cloud-providers/ec2/index.md @@ -7,8 +7,9 @@ supported: true weight: 1 cloud-formation-launch-logo: https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png --- -{% capture cf_alpha_template %}{{ site.https-s3 }}/dist/aws/coreos-alpha.template{% endcapture %} -{% capture cf_beta_template %}{{ site.https-s3 }}/dist/aws/coreos-beta.template{% endcapture %} +{% capture cf_alpha_pv_template %}{{ site.https-s3 }}/dist/aws/coreos-alpha-pv.template{% endcapture %} +{% capture cf_alpha_hvm_template %}{{ site.https-s3 }}/dist/aws/coreos-alpha-hvm.template{% endcapture %} +{% capture cf_beta_pv_template %}{{ site.https-s3 }}/dist/aws/coreos-beta-pv.template{% endcapture %} # Running CoreOS on EC2 @@ -32,6 +33,7 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat EC2 Region + AMI Type AMI ID CloudFormation @@ -39,9 +41,15 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat {% for region in site.data.alpha-channel.amis %} - {{ region.name }} - {{ region.ami-id }} - Launch Stack + {{ region.name }} + PV + {{ region.pv }} + Launch Stack + + + HVM + {{ region.hvm }} + Launch Stack {% endfor %} @@ -55,6 +63,7 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat EC2 Region + AMI Type AMI ID CloudFormation @@ -63,9 +72,16 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat {% for region in site.data.beta-channel.amis %} {{ region.name }} - {{ region.ami-id }} - Launch Stack + PV + {{ region.pv }} + Launch Stack + {% endfor %} @@ -140,7 +156,7 @@ For more information about mounting storage, Amazon's [own documentation](http:/ To add more instances to the cluster, just launch more with the same cloud-config, the appropriate security group and the AMI for that region. New instances will join the cluster regardless of region if the security groups are configured correctly. ## Multiple Clusters -If you would like to create multiple clusters you will need to change the "Stack Name". You can find the direct [template file on S3]({{ cf_beta_template }}). +If you would like to create multiple clusters you will need to change the "Stack Name". You can find the direct [template file on S3]({{ cf_beta_pv_template }}). ## Manual setup From d2887d766f413103e64539899cc99297edd7ee27 Mon Sep 17 00:00:00 2001 From: Alex Crawford Date: Mon, 14 Jul 2014 13:17:44 -0700 Subject: [PATCH 0156/1291] cluster-management: Clarify the use of cloud-init with networkd units --- .../setup/network-config-with-networkd/index.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/cluster-management/setup/network-config-with-networkd/index.md b/cluster-management/setup/network-config-with-networkd/index.md index 321acbace..e53a7f4e0 100644 --- a/cluster-management/setup/network-config-with-networkd/index.md +++ b/cluster-management/setup/network-config-with-networkd/index.md @@ -10,7 +10,9 @@ weight: 7 CoreOS machines are preconfigured with [networking customized]({{site.url}}/docs/sdk-distributors/distributors/notes-for-distributors) for each platform. You can write your own networkd units to replace or override the units created for each platform. This article covers a subset of networkd functionality. You can view the [full docs here](http://www.freedesktop.org/software/systemd/man/systemd-networkd.service.html). -Drop a file in `/etc/systemd/network/` or inject a file on boot via [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/#write_files) to override an existing file. Let's take a look at two common situations: using a static IP and turning off DHCP. +Drop a networkd unit in `/etc/systemd/network/` or inject a unit on boot via [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/#coreos) to override an existing unit. Network units injected via the `coreos.units` node in the cloud-config will automatically trigger a networkd reload in order for changes to be applied. Files placed on the filesystem will need to reload networkd afterwards with `sudo systemctl restart systemd-networkd`. + +Let's take a look at two common situations: using a static IP and turning off DHCP. ## Static Networking From a210355d062e284692bb03763113d9b6831c061b Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Mon, 14 Jul 2014 14:20:04 -0700 Subject: [PATCH 0157/1291] fix(vmware): update link location --- running-coreos/platforms/vmware/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/running-coreos/platforms/vmware/index.md b/running-coreos/platforms/vmware/index.md index 637d59a08..e34c2f903 100644 --- a/running-coreos/platforms/vmware/index.md +++ b/running-coreos/platforms/vmware/index.md @@ -35,7 +35,7 @@ open coreos_production_vmware_insecure.vmx ### To deploy on an ESXi/vSphere host, convert the VM to OVF * follow the steps above to download and extract the coreos_production_vmware_insecure.zip -* download and run the [OVF Tool 3.5.0 installer](https://developercenter.vmware.com/tool/ovf) Requires VMware account login but the download is free. Available for Linux, OSX & Windows for both 32 & 64 bit architectures. +* download and run the [OVF Tool 3.5.0 installer](https://developercenter.vmware.com/tool/ovf/3.5.0) Requires VMware account login but the download is free. Available for Linux, OSX & Windows for both 32 & 64 bit architectures. * convert VM to OVF from the extract dir ```sh From 924dde64c6956ec8ac167abac232be1e795c8342 Mon Sep 17 00:00:00 2001 From: Michael Marineau Date: Mon, 14 Jul 2014 15:11:04 -0700 Subject: [PATCH 0158/1291] update-engine: add documentation for using proxies --- .../setup/update-strategies/index.md | 21 ++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/cluster-management/setup/update-strategies/index.md b/cluster-management/setup/update-strategies/index.md index 360d5b76c..22663fc51 100644 --- a/cluster-management/setup/update-strategies/index.md +++ b/cluster-management/setup/update-strategies/index.md @@ -81,4 +81,23 @@ The `off` strategy is also straightforward. The update will be installed onto th PXE/iPXE machines download a new copy of CoreOS every time they are started thus are dependent on the version of CoreOS they are served. If you don't automatically load new CoreOS images into your PXE/iPXE server, your machines will never have new features or security updates. -An easy solution to this problem is to use iPXE and reference images [directly from the CoreOS storage site]({{site.url}}/docs/running-coreos/bare-metal/booting-with-ipxe/#setting-up-the-boot-script). The `alpha` URL is automatically pointed to the new version of CoreOS as it is released. \ No newline at end of file +An easy solution to this problem is to use iPXE and reference images [directly from the CoreOS storage site]({{site.url}}/docs/running-coreos/bare-metal/booting-with-ipxe/#setting-up-the-boot-script). The `alpha` URL is automatically pointed to the new version of CoreOS as it is released. + +## Updating Behind a Proxy + +Public Internet access is required to contact CoreUpdate and download new versions of CoreOS. +If direct access is not available the `update-engine` service may be configured to use a HTTP or SOCKS proxy using curl-compatible environment variables, such as `HTTPS_PROXY` or `ALL_PROXY`. +See [curl's documentation](http://curl.haxx.se/docs/manpage.html#ALLPROXY) for details. + +```yaml +#cloud-config +write_files: + - path: /etc/systemd/system/update-engine.service.d/proxy.conf + content: | + [Service] + Environment=ALL_PROXY=http://proxy.example.com:3128 +coreos: + units: + - name: update-engine.service + command: restart +``` From 9a9189f18d0e5c152a2765bada8c63cedeb6d3d4 Mon Sep 17 00:00:00 2001 From: Ed Rooth Date: Mon, 14 Jul 2014 17:19:33 -0700 Subject: [PATCH 0159/1291] custominzing-docker: rename docker.socket to docker-tcp.socket --- .../building/customizing-docker/index.md | 24 ++++++++++++++----- 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/launching-containers/building/customizing-docker/index.md b/launching-containers/building/customizing-docker/index.md index ef9efa695..02102d871 100644 --- a/launching-containers/building/customizing-docker/index.md +++ b/launching-containers/building/customizing-docker/index.md @@ -12,7 +12,7 @@ The docker systemd unit can be customized by overriding the unit that ships with ## Enable the Remote API on a New Socket -Create a file called `/etc/systemd/system/docker.socket` to make docker available on a TCP socket on port 2375. +Create a file called `/etc/systemd/system/docker-tcp.socket` to make docker available on a TCP socket on port 2375. ```ini [Unit] @@ -21,17 +21,19 @@ Description=Docker Socket for the API [Socket] ListenStream=2375 BindIPv6Only=both +Service=docker.service [Install] WantedBy=sockets.target ``` -Docker has support for socket activation, which solves a common race condition during start up. If requests are sent over the socket before docker has started, they will be queued in the kernel and processed as soon as docker is ready. - -Since docker is socket-activated and already looking for the socket, all we need to do is restart it after the socket file has been written to disk: +Then enable this new socket: ```sh -systemctl restart docker +systemctl enable docker-tcp.socket +systemctl stop docker +systemctl start docker-tcp.socket +systemctl start docker ``` Test that it's working: @@ -49,7 +51,7 @@ To enable the remote API on every CoreOS machine in a cluster, use [cloud-config coreos: units: - - name: docker.socket + - name: docker-tcp.socket command: start enable: yes content: | @@ -59,9 +61,19 @@ coreos: [Socket] ListenStream=2375 BindIPv6Only=both + Service=docker.service [Install] WantedBy=sockets.target + - name: enable-docker-tcp.service + command: start + content: | + [Unit] + Description=Enable the Docker Socket for the API + + [Service] + Type=oneshot + ExecStart=/usr/bin/systemctl enable docker-tcp.socket ``` To keep access to the port local, replace the `ListenStream` configuration above with: From b52a76e668ad5eb02e31bb52ef6f6f1e7fbfe751 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Tue, 15 Jul 2014 17:45:17 -0700 Subject: [PATCH 0160/1291] feat(ec2): add beta HVM AMIs --- running-coreos/cloud-providers/ec2/index.md | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/running-coreos/cloud-providers/ec2/index.md b/running-coreos/cloud-providers/ec2/index.md index 438d6d8da..05422b0c5 100644 --- a/running-coreos/cloud-providers/ec2/index.md +++ b/running-coreos/cloud-providers/ec2/index.md @@ -71,17 +71,16 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat {% for region in site.data.beta-channel.amis %} - {{ region.name }} - PV - {{ region.pv }} - Launch Stack + {{ region.name }} + PV + {{ region.pv }} + Launch Stack - + {% endfor %} From 2bb2c61e743341ad4f94260f764ccd4925c3a7ed Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Wed, 16 Jul 2014 14:46:55 -0700 Subject: [PATCH 0161/1291] fix(ec2): use correct channel name for CF template --- running-coreos/cloud-providers/ec2/index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/running-coreos/cloud-providers/ec2/index.md b/running-coreos/cloud-providers/ec2/index.md index 05422b0c5..fb0de0321 100644 --- a/running-coreos/cloud-providers/ec2/index.md +++ b/running-coreos/cloud-providers/ec2/index.md @@ -74,12 +74,12 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat {{ region.name }} PV {{ region.pv }} - Launch Stack + Launch Stack HVM {{ region.hvm }} - Launch Stack + Launch Stack {% endfor %} From 7422b84286e00f0e30fd72442f79ea2c1e438501 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Wed, 16 Jul 2014 21:41:17 -0700 Subject: [PATCH 0162/1291] fix(ec2): remove unneeded variable --- running-coreos/cloud-providers/ec2/index.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/running-coreos/cloud-providers/ec2/index.md b/running-coreos/cloud-providers/ec2/index.md index fb0de0321..770692067 100644 --- a/running-coreos/cloud-providers/ec2/index.md +++ b/running-coreos/cloud-providers/ec2/index.md @@ -10,6 +10,7 @@ cloud-formation-launch-logo: https://s3.amazonaws.com/cloudformation-examples/cl {% capture cf_alpha_pv_template %}{{ site.https-s3 }}/dist/aws/coreos-alpha-pv.template{% endcapture %} {% capture cf_alpha_hvm_template %}{{ site.https-s3 }}/dist/aws/coreos-alpha-hvm.template{% endcapture %} {% capture cf_beta_pv_template %}{{ site.https-s3 }}/dist/aws/coreos-beta-pv.template{% endcapture %} +{% capture cf_beta_hvm_template %}{{ site.https-s3 }}/dist/aws/coreos-beta-hvm.template{% endcapture %} # Running CoreOS on EC2 @@ -159,8 +160,6 @@ If you would like to create multiple clusters you will need to change the "Stack ## Manual setup -[us-east-latest-quicklaunch]: https://console.aws.amazon.com/ec2/home?region=us-east-1#launchAmi={{ami-us-east-1}} "{{ami-us-east-1}}" - {% for region in site.data.alpha-channel.amis %} {% if region.name == 'us-east-1' %} **TL;DR:** launch three instances of [{{region.ami-id}}](https://console.aws.amazon.com/ec2/home?region={{region.name}}#launchAmi={{region.ami-id}}) in **{{region.name}}** with a security group that has open port 22, 4001, and 7001 and the same "User Data" of each host. SSH uses the `core` user and you have [etcd][etcd-docs] and [docker][docker-docs] to play with. From c46f11ba6cb3b4961d83e6d7b0deb07c029a9c4f Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 17 Jul 2014 11:25:09 -0700 Subject: [PATCH 0163/1291] feat(qemu): add beta and stable tabs --- running-coreos/platforms/qemu/index.md | 41 +++++++++++++++++++------- 1 file changed, 30 insertions(+), 11 deletions(-) diff --git a/running-coreos/platforms/qemu/index.md b/running-coreos/platforms/qemu/index.md index 5a29feaa9..bc798f731 100644 --- a/running-coreos/platforms/qemu/index.md +++ b/running-coreos/platforms/qemu/index.md @@ -81,19 +81,38 @@ image. ### Choosing a Channel -CoreOS is released into alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. - -The channel is selected based on the URL below. Simply replace `alpha` with `beta`. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes in each channel. - -There are two files you need: the disk image (provided in qcow2 -format) and the wrapper shell script to start QEMU. - -```sh -mkdir coreos; cd coreos +CoreOS is released into alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes in each channel. + +
+ +
+
+
+

The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

+
+

There are two files you need: the disk image (provided in qcow2 + format) and the wrapper shell script to start QEMU.

+ 
mkdir coreos; cd coreos
 wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_qemu.sh
 wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_qemu_image.img.bz2 -O - | bzcat > coreos_production_qemu_image.img
-chmod +x coreos_production_qemu.sh
-```
+chmod +x coreos_production_qemu.sh
+
+
+
+

The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.beta-channel}}.

+
+

There are two files you need: the disk image (provided in qcow2 + format) and the wrapper shell script to start QEMU.

+ 
mkdir coreos; cd coreos
+wget http://beta.release.core-os.net/amd64-usr/current/coreos_production_qemu.sh
+wget http://beta.release.core-os.net/amd64-usr/current/coreos_production_qemu_image.img.bz2 -O - | bzcat > coreos_production_qemu_image.img
+chmod +x coreos_production_qemu.sh
+
+
+
Starting is as simple as: From ced93c790569e445c7fcd6ba999b0986ff74a3d4 Mon Sep 17 00:00:00 2001 From: Kyle Kelley Date: Fri, 18 Jul 2014 12:14:54 -0500 Subject: [PATCH 0164/1291] Typo fix --- running-coreos/cloud-providers/rackspace/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/running-coreos/cloud-providers/rackspace/index.md b/running-coreos/cloud-providers/rackspace/index.md index 7ad33400b..e110a9f2c 100644 --- a/running-coreos/cloud-providers/rackspace/index.md +++ b/running-coreos/cloud-providers/rackspace/index.md @@ -236,7 +236,7 @@ export OS_PASSWORD= export OS_AUTH_SYSTEM=rackspace ``` -If you have credentials already set up for use with the Nova CLI, they may conflict due to oddities in these tools. Re-source your credientials: +If you have credentials already set up for use with the Nova CLI, they may conflict due to oddities in these tools. Re-source your credentials: ```sh source ~/.bash_profile From c9bc01a33d9aff025678f7a8ed808362a2e86982 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Sat, 19 Jul 2014 12:51:57 -0700 Subject: [PATCH 0165/1291] feat(getting-started-etcd): more clarity around reading etcd in a container --- .../getting-started-with-etcd/index.md | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/distributed-configuration/getting-started-with-etcd/index.md b/distributed-configuration/getting-started-with-etcd/index.md index 85fd97a07..f8ecf9570 100644 --- a/distributed-configuration/getting-started-with-etcd/index.md +++ b/distributed-configuration/getting-started-with-etcd/index.md @@ -59,7 +59,12 @@ $ curl -L -X DELETE http://127.0.0.1:4001/v2/keys/message ## Reading and Writing from Inside a Container -To read and write to etcd from *within a container* you must use the `docker0` interface which you can find in `ip address show`. It's normally `172.17.42.1` and using it is as easy as replacing `127.0.0.1`. +To read and write to etcd from *within a container* you must use the IP address assigned to the `docker0` interface on the CoreOS host. From the host, run `ip address show` to find this address. It's normally `172.17.42.1` and using it is as easy as replacing `127.0.0.1` while running `curl` in the container: + +``` +$ curl -L http://172.17.42.1:4001/v2/keys/ +{"action":"get","node":{"key":"/","dir":true,"nodes":[{"key":"/coreos.com","dir":true,"modifiedIndex":4,"createdIndex":4}]}} +``` ## Proxy Example From 099235acf2e8cf2cec7d8d9adebcb0f296e0c816 Mon Sep 17 00:00:00 2001 From: Brandon Philips Date: Mon, 21 Jul 2014 11:02:38 -0700 Subject: [PATCH 0166/1291] cluster-management: add ca doc Based on questsions here: https://github.com/coreos/coreos-overlay/issues/327 --- .../adding-certificate-authorities/index.md | 23 +++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 cluster-management/setup/adding-certificate-authorities/index.md diff --git a/cluster-management/setup/adding-certificate-authorities/index.md b/cluster-management/setup/adding-certificate-authorities/index.md new file mode 100644 index 000000000..fb5212a94 --- /dev/null +++ b/cluster-management/setup/adding-certificate-authorities/index.md @@ -0,0 +1,23 @@ +--- +layout: docs +title: Adding Certificate Authorities +category: cluster_management +sub_category: setting_up +weight: 7 +--- + +# Custom Certificate Authorities + +What if we restructured this paragraph to list the reasons first, then have it lead into the steps: + +CoreOS supports custom Certificate Authorities (CAs) in addition to the default list of trusted CAs. Adding your own CA allows you to: + +- Use a corporate wildcard certificate +- Use your own CA to communicate with an installation of CoreUpdate +- Use your own CA to communicate with a private docker registry + +The setup process for any of these use-cases is the same: + +1. Drop the certificate authority PEM file into `/etc/ssl/certs` + +2. Run the `update-ca-certificates` script From f5a5a90edf95bc205ae5485920d5560c14a26723 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Mon, 21 Jul 2014 11:47:49 -0700 Subject: [PATCH 0167/1291] fix(adding CA): remove unneeded line --- .../setup/adding-certificate-authorities/index.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/cluster-management/setup/adding-certificate-authorities/index.md b/cluster-management/setup/adding-certificate-authorities/index.md index fb5212a94..bc453d240 100644 --- a/cluster-management/setup/adding-certificate-authorities/index.md +++ b/cluster-management/setup/adding-certificate-authorities/index.md @@ -8,8 +8,6 @@ weight: 7 # Custom Certificate Authorities -What if we restructured this paragraph to list the reasons first, then have it lead into the steps: - CoreOS supports custom Certificate Authorities (CAs) in addition to the default list of trusted CAs. Adding your own CA allows you to: - Use a corporate wildcard certificate From 0796d89a4c85b15f9db5b6cb9d6b6d0e31aab7d3 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Mon, 21 Jul 2014 12:08:28 -0700 Subject: [PATCH 0168/1291] feat(getting-started-etcd): fetch docker0 ip programmatically --- .../getting-started-with-etcd/index.md | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/distributed-configuration/getting-started-with-etcd/index.md b/distributed-configuration/getting-started-with-etcd/index.md index f8ecf9570..484f3dddc 100644 --- a/distributed-configuration/getting-started-with-etcd/index.md +++ b/distributed-configuration/getting-started-with-etcd/index.md @@ -59,13 +59,21 @@ $ curl -L -X DELETE http://127.0.0.1:4001/v2/keys/message ## Reading and Writing from Inside a Container -To read and write to etcd from *within a container* you must use the IP address assigned to the `docker0` interface on the CoreOS host. From the host, run `ip address show` to find this address. It's normally `172.17.42.1` and using it is as easy as replacing `127.0.0.1` while running `curl` in the container: +To read and write to etcd from *within a container* you must use the IP address assigned to the `docker0` interface on the CoreOS host. From the host, run `ip address show` to find this address. It's normally `172.17.42.1`. + +To read from etcd, replace `127.0.0.1` when running `curl` in the container: ``` $ curl -L http://172.17.42.1:4001/v2/keys/ {"action":"get","node":{"key":"/","dir":true,"nodes":[{"key":"/coreos.com","dir":true,"modifiedIndex":4,"createdIndex":4}]}} ``` +You can also fetch the `docker0` IP programmatically: + +``` +ETCD_ENDPOINT="$(ifconfig docker0 | grep 'inet ' | awk '{ print $2}'):4001" +``` + ## Proxy Example Let's pretend we're setting up a service that consists of a few containers that are behind a proxy container. We can use etcd to announce these containers when they start by creating a directory, having each container write a key within that directory and have the proxy watch the entire directory. We're going to skip creating the containers here but the [docker guide]({{site.url}}/docs/launching-containers/building/getting-started-with-docker) is a good place to start for that. From b4d3d32ea802cba444414ca1e22e5e63bc930b5f Mon Sep 17 00:00:00 2001 From: Aris Pikeas Date: Mon, 21 Jul 2014 21:50:56 -0700 Subject: [PATCH 0169/1291] Add cloudinit mention to Vagrant setup docs --- running-coreos/platforms/vagrant/index.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/running-coreos/platforms/vagrant/index.md b/running-coreos/platforms/vagrant/index.md index 675858506..bad04474c 100644 --- a/running-coreos/platforms/vagrant/index.md +++ b/running-coreos/platforms/vagrant/index.md @@ -64,7 +64,8 @@ coreos: The `$private_ipv4` and `$public_ipv4` substitution variables are fully supported in cloud-config on Vagrant. They will map to the first statically defined private and public networks defined in the Vagrantfile. -If you wish to update your cloud-config later on, `vagrant up --provision` must be run to apply the new file. +Your Vagrantfile should copy your cloud-config file to `/var/lib/coreos-vagrant/vagrantfile-user-data`. The provided Vagrantfile is already configured to do this. `cloudinit` reads `vagrantfile-user-data` on every boot and uses it to create the machine's user-data file. If you wish to update your cloud-config later on, `vagrant up --provision` must be run to apply the new file. + [cloud-config-docs]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config From 1341556732ab0c7a0bc7a0066e2af2431828549b Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 24 Jul 2014 10:55:31 -0700 Subject: [PATCH 0170/1291] feat(rackspace): add OnMetal info --- .../cloud-providers/rackspace/index.md | 22 ++++++++++++++----- 1 file changed, 16 insertions(+), 6 deletions(-) diff --git a/running-coreos/cloud-providers/rackspace/index.md b/running-coreos/cloud-providers/rackspace/index.md index e110a9f2c..d79487fe8 100644 --- a/running-coreos/cloud-providers/rackspace/index.md +++ b/running-coreos/cloud-providers/rackspace/index.md @@ -29,17 +29,22 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat - + - + + + + + +
RegionServer Type Image ID Heat Template
All RegionsCloud Servers {{site.data.alpha-channel.rackspace-image-id}} heat-alpha.yaml
OnMetal{{site.data.alpha-channel.rackspace-onmetal-id}}heat-onmetal-alpha.yaml
@@ -50,14 +55,14 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat - + - + @@ -174,11 +179,13 @@ Check you make sure the key is in your list by running `supernova production key
-

Boot a new server with our new keypair and specify optional cloud-config data:

+

Boot a new Cloud Server with our new keypair and specify optional cloud-config data:

supernova production boot --image {{site.data.alpha-channel.rackspace-image-id}} --flavor performance1-2 --key-name coreos-key --user-data ~/cloud_config.yml --config-drive true My_CoreOS_Server
+

Boot a new OnMetal Server with our new keypair and specify optional cloud-config data:

+ 
supernova production boot --image {{site.data.alpha-channel.rackspace-onmetal-id}} --flavor onmetal-compute1 --key-name coreos-key --user-data ~/cloud_config.yml --config-drive true My_CoreOS_Server
-

Boot a new server with our new keypair and specify optional cloud-config data:

+

Boot a new Cloud Server with our new keypair and specify optional cloud-config data:

supernova production boot --image {{site.data.beta-channel.rackspace-image-id}} --flavor performance1-2 --key-name coreos-key --user-data ~/cloud_config.yml --config-drive true My_CoreOS_Server
@@ -254,6 +261,9 @@ source ~/.bash_profile

Launch the stack by providing the specified parameters. This command will reference the local file data.yml in the current working directory that contains the cloud-config parameters. $(< data.yaml) prints the contents of this file into our heat command:

heat stack-create Test --template-file https://coreos.com/dist/rackspace/heat-alpha.yaml -P key-name=coreos-key -P flavor='2 GB Performance' -P count=5 -P user-data="$(< data.yaml)" -P name="CoreOS-alpha"

You can view the template here.

+

To boot an OnMetal cluster, use a slightly modified template:

+ 
heat stack-create Test --template-file https://coreos.com/dist/rackspace/heat-onmetal-alpha.yaml -P key-name=coreos-key -P flavor='OnMetal Compute v1' -P count=3 -P user-data="$(< data.yaml)" -P name="CoreOS-alpha"
+

You can view the template here.

Launch the stack by providing the specified parameters. This command will reference the local file data.yml in the current working directory that contains the cloud-config parameters. $(< data.yaml) prints the contents of this file into our heat command:

From 91637f7c7bf9d2c876aeb5c963e6ab9682ba6364 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Fri, 25 Jul 2014 00:30:53 -0700 Subject: [PATCH 0171/1291] feat(*): add stable images (git status) --- .../bare-metal/booting-with-ipxe/index.md | 15 ++- .../bare-metal/booting-with-pxe/index.md | 18 ++- .../bare-metal/installing-to-disk/index.md | 10 +- running-coreos/cloud-providers/ec2/index.md | 122 +++++++++++++++++- .../google-compute-engine/index.md | 9 +- running-coreos/platforms/iso/index.md | 14 +- 6 files changed, 171 insertions(+), 17 deletions(-) diff --git a/running-coreos/bare-metal/booting-with-ipxe/index.md b/running-coreos/bare-metal/booting-with-ipxe/index.md index 5e6261dfe..ea1118af1 100644 --- a/running-coreos/bare-metal/booting-with-ipxe/index.md +++ b/running-coreos/bare-metal/booting-with-ipxe/index.md @@ -27,7 +27,8 @@ CoreOS is released into alpha and beta channels. Releases to each channel serve
@@ -41,7 +42,7 @@ kernel ${base-url}/coreos_production_pxe.vmlinuz sshkey="ssh-rsa AAAAB3NzaC1yc2E initrd ${base-url}/coreos_production_pxe_image.cpio.gz boot
-
+

iPXE downloads a boot script from a publicly available URL. You will need to host this URL somewhere public and replace the example SSH key with your own. You can also run a custom iPXE server.

 #!ipxe
@@ -49,6 +50,16 @@ boot
set base-url http://beta.release.core-os.net/amd64-usr/current kernel ${base-url}/coreos_production_pxe.vmlinuz sshkey="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAYQC2PxAKTLdczK9+RNsGGPsz0eC2pBlydBEcrbI7LSfiN7Bo5hQQVjki+Xpnp8EEYKpzu6eakL8MJj3E28wT/vNklT1KyMZrXnVhtsmOtBKKG/++odpaavdW2/AU0l7RZiE= coreos pxe demo" initrd ${base-url}/coreos_production_pxe_image.cpio.gz +boot +
+
+

iPXE downloads a boot script from a publicly available URL. You will need to host this URL somewhere public and replace the example SSH key with your own. You can also run a custom iPXE server.

+ 
+#!ipxe
+
+set base-url http://stable.release.core-os.net/amd64-usr/current
+kernel ${base-url}/coreos_production_pxe.vmlinuz sshkey="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAYQC2PxAKTLdczK9+RNsGGPsz0eC2pBlydBEcrbI7LSfiN7Bo5hQQVjki+Xpnp8EEYKpzu6eakL8MJj3E28wT/vNklT1KyMZrXnVhtsmOtBKKG/++odpaavdW2/AU0l7RZiE= coreos pxe demo"
+initrd ${base-url}/coreos_production_pxe_image.cpio.gz
 boot
diff --git a/running-coreos/bare-metal/booting-with-pxe/index.md b/running-coreos/bare-metal/booting-with-pxe/index.md index 716163487..c6500322e 100644 --- a/running-coreos/bare-metal/booting-with-pxe/index.md +++ b/running-coreos/bare-metal/booting-with-pxe/index.md @@ -80,7 +80,8 @@ PXE booted machines cannot currently update themselves when new versions are rel
@@ -97,7 +98,7 @@ gpg --verify coreos_production_pxe.vmlinuz.sig gpg --verify coreos_production_pxe_image.cpio.gz.sig
-
+

In the config above you can see that a Kernel image and a initramfs file is needed. Download these two files into your tftp root.

The coreos_production_pxe.vmlinuz.sig and coreos_production_pxe_image.cpio.gz.sig files can be used to verify the downloaded files.

@@ -107,6 +108,19 @@ wget http://beta.release.core-os.net/amd64-usr/current/coreos_production_pxe.vml
 wget http://beta.release.core-os.net/amd64-usr/current/coreos_production_pxe_image.cpio.gz
 wget http://beta.release.core-os.net/amd64-usr/current/coreos_production_pxe_image.cpio.gz.sig
 gpg --verify coreos_production_pxe.vmlinuz.sig
+gpg --verify coreos_production_pxe_image.cpio.gz.sig
+
+
+
+

In the config above you can see that a Kernel image and a initramfs file is needed. Download these two files into your tftp root.

+

The coreos_production_pxe.vmlinuz.sig and coreos_production_pxe_image.cpio.gz.sig files can be used to verify the downloaded files.

+ 
+cd /var/lib/tftpboot
+wget http://stable.release.core-os.net/amd64-usr/current/coreos_production_pxe.vmlinuz
+wget http://stable.release.core-os.net/amd64-usr/current/coreos_production_pxe.vmlinuz.sig
+wget http://stable.release.core-os.net/amd64-usr/current/coreos_production_pxe_image.cpio.gz
+wget http://stable.release.core-os.net/amd64-usr/current/coreos_production_pxe_image.cpio.gz.sig
+gpg --verify coreos_production_pxe.vmlinuz.sig
 gpg --verify coreos_production_pxe_image.cpio.gz.sig
diff --git a/running-coreos/bare-metal/installing-to-disk/index.md b/running-coreos/bare-metal/installing-to-disk/index.md index c79899965..9238cd1ed 100644 --- a/running-coreos/bare-metal/installing-to-disk/index.md +++ b/running-coreos/bare-metal/installing-to-disk/index.md @@ -29,7 +29,8 @@ CoreOS is released into alpha and beta channels. Releases to each channel serve
@@ -38,11 +39,16 @@ CoreOS is released into alpha and beta channels. Releases to each channel serve

If you want to ensure you are installing the latest alpha version, use the -C option:

coreos-install -d /dev/sda -C alpha
-
+

The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.beta-channel}}.

If you want to ensure you are installing the latest beta version, use the -C option:

coreos-install -d /dev/sda -C beta
+
+

TThe Stable channel should be used by production clusters. Versions of CoreOS are battle-tested within the Beta and Alpha channels before being promoted. Current version is CoreOS {{site.stable-channel}}.

+

If you want to ensure you are installing the latest stable version, use the -C option:

+ 
coreos-install -d /dev/sda -C stable
+
diff --git a/running-coreos/cloud-providers/ec2/index.md b/running-coreos/cloud-providers/ec2/index.md index 770692067..f9d194574 100644 --- a/running-coreos/cloud-providers/ec2/index.md +++ b/running-coreos/cloud-providers/ec2/index.md @@ -11,6 +11,8 @@ cloud-formation-launch-logo: https://s3.amazonaws.com/cloudformation-examples/cl {% capture cf_alpha_hvm_template %}{{ site.https-s3 }}/dist/aws/coreos-alpha-hvm.template{% endcapture %} {% capture cf_beta_pv_template %}{{ site.https-s3 }}/dist/aws/coreos-beta-pv.template{% endcapture %} {% capture cf_beta_hvm_template %}{{ site.https-s3 }}/dist/aws/coreos-beta-hvm.template{% endcapture %} +{% capture cf_stable_pv_template %}{{ site.https-s3 }}/dist/aws/coreos-stable-pv.template{% endcapture %} +{% capture cf_stable_hvm_template %}{{ site.https-s3 }}/dist/aws/coreos-stable-hvm.template{% endcapture %} # Running CoreOS on EC2 @@ -22,7 +24,8 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat
@@ -56,7 +59,7 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat
RegionServer Type Image ID Heat Template
All RegionsCloud Server {{site.data.beta-channel.rackspace-image-id}} heat-beta.yaml
-
+

The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.beta-channel}}.

@@ -86,6 +89,36 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat
+
+
+

The Stable channel should be used by production clusters. Versions of CoreOS are battle-tested within the Beta and Alpha channels before being promoted. Current version is CoreOS {{site.stable-channel}}.

+
+ + + + + + + + + + + {% for region in site.data.stable-channel.amis %} + + + + + + + + + + + + {% endfor %} + +
EC2 RegionAMI TypeAMI IDCloudFormation
{{ region.name }}PV{{ region.pv }}Launch Stack
HVM{{ region.hvm }}Launch Stack
+
@@ -162,7 +195,7 @@ If you would like to create multiple clusters you will need to change the "Stack {% for region in site.data.alpha-channel.amis %} {% if region.name == 'us-east-1' %} -**TL;DR:** launch three instances of [{{region.ami-id}}](https://console.aws.amazon.com/ec2/home?region={{region.name}}#launchAmi={{region.ami-id}}) in **{{region.name}}** with a security group that has open port 22, 4001, and 7001 and the same "User Data" of each host. SSH uses the `core` user and you have [etcd][etcd-docs] and [docker][docker-docs] to play with. +**TL;DR:** launch three instances of [{{region.pv}}](https://console.aws.amazon.com/ec2/home?region={{region.name}}#launchAmi={{region.pv}}) in **{{region.name}}** with a security group that has open port 22, 4001, and 7001 and the same "User Data" of each host. SSH uses the `core` user and you have [etcd][etcd-docs] and [docker][docker-docs] to play with. {% endif %} {% endfor %} @@ -198,7 +231,8 @@ First we need to create a security group to allow CoreOS instances to communicat
@@ -208,7 +242,7 @@ First we need to create a security group to allow CoreOS instances to communicat
  • {% for region in site.data.alpha-channel.amis %} {% if region.name == 'us-east-1' %} - Open the quick launch wizard to boot {{region.ami-id}}. + Open the quick launch wizard to boot {{region.pv}}. {% endif %} {% endfor %}
    • @@ -276,13 +310,87 @@ coreos:
    -
    +

    We will be launching three instances, with a few parameters in the User Data, and selecting our security group.

    1. {% for region in site.data.beta-channel.amis %} {% if region.name == 'us-east-1' %} - Open the quick launch wizard to boot {{region.ami-id}}. + Open the quick launch wizard to boot {{region.pv}}. + {% endif %} + {% endfor %} +
      2. +
    2. + On the second page of the wizard, launch 3 servers to test our clustering +
        +
      • Number of instances: 3
        • +
      • Click "Continue"
        • +
      +
      3. +
    3. + Next, we need to specify a discovery URL, which contains a unique token that allows us to find other hosts in our cluster. If you're launching your first machine, generate one at https://discovery.etcd.io/new and add it to the metadata. You should re-use this key for each machine in the cluster. +
      4. + 
      +#cloud-config
+
+coreos:
+  etcd:
+    # generate a new token from https://discovery.etcd.io/new
+    discovery: https://discovery.etcd.io/<token>
+    # multi-region and multi-cloud deployments need to use $public_ipv4
+    addr: $private_ipv4:4001
+    peer-addr: $private_ipv4:7001
+  units:
+    - name: etcd.service
+      command: start
+    - name: fleet.service
+      command: start
+
      +
    4. + Back in the EC2 dashboard, paste this information verbatim into the "User Data" field. +
        +
      • Paste link into "User Data"
        • +
      • "Continue"
        • +
      +
      5. +
    5. + Storage Configuration +
        +
      • "Continue"
        • +
      +
      6. +
    6. + Tags +
        +
      • "Continue"
        • +
      +
      7. +
    7. + Create Key Pair +
        +
      • Choose a key of your choice, it will be added in addition to the one in the gist.
        • +
      • "Continue"
        • +
      +
      8. +
    8. + Choose one or more of your existing Security Groups +
        +
      • "coreos-testing" as above.
        • +
      • "Continue"
        • +
      +
      9. +
    9. + Launch! +
      10. +
    +
    +
    +

    We will be launching three instances, with a few parameters in the User Data, and selecting our security group.

    +
      +
    1. + {% for region in site.data.stable-channel.amis %} + {% if region.name == 'us-east-1' %} + Open the quick launch wizard to boot {{region.pv}}. {% endif %} {% endfor %}
      2. diff --git a/running-coreos/cloud-providers/google-compute-engine/index.md b/running-coreos/cloud-providers/google-compute-engine/index.md index 2eb711050..c3d3f833a 100644 --- a/running-coreos/cloud-providers/google-compute-engine/index.md +++ b/running-coreos/cloud-providers/google-compute-engine/index.md @@ -49,7 +49,8 @@ Create 3 instances from the image above using our cloud-config from `cloud-confi
      @@ -57,10 +58,14 @@ Create 3 instances from the image above using our cloud-config from `cloud-confi

      The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

      gcutil --project=<project-id> addinstance --image={{site.data.alpha-channel.gce-image-path}} --persistent_boot_disk --zone=us-central1-a --machine_type=n1-standard-1 --metadata_from_file=user-data:cloud-config.yaml core1 core2 core3
      -
      +

      The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.beta-channel}}.

      gcutil --project=<project-id> addinstance --image={{site.data.beta-channel.gce-image-path}} --persistent_boot_disk --zone=us-central1-a --machine_type=n1-standard-1 --metadata_from_file=user-data:cloud-config.yaml core1 core2 core3
      +
      +

      The Stable channel should be used by production clusters. Versions of CoreOS are battle-tested within the Beta and Alpha channels before being promoted. Current version is CoreOS {{site.stable-channel}}.

      + 
      gcutil --project=<project-id> addinstance --image={{site.data.stable-channel.gce-image-path}} --persistent_boot_disk --zone=us-central1-a --machine_type=n1-standard-1 --metadata_from_file=user-data:cloud-config.yaml core1 core2 core3
      +
      diff --git a/running-coreos/platforms/iso/index.md b/running-coreos/platforms/iso/index.md index 35593eb0d..9b3943469 100644 --- a/running-coreos/platforms/iso/index.md +++ b/running-coreos/platforms/iso/index.md @@ -13,7 +13,8 @@ The latest CoreOS ISOs can be downloaded from the image storage site:
      @@ -26,7 +27,7 @@ The latest CoreOS ISOs can be downloaded from the image storage site:

      All of the files necessary to verify the image can be found on the storage site.

      -
      +

      The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.beta-channel}}.

      @@ -35,6 +36,15 @@ The latest CoreOS ISOs can be downloaded from the image storage site:

      All of the files necessary to verify the image can be found on the storage site.

      +
      +
      +

      The Stable channel should be used by production clusters. Versions of CoreOS are battle-tested within the Beta and Alpha channels before being promoted. Current version is CoreOS {{site.stable-channel}}.

      +
      + Download Stable ISO + Browse Storage Site +

      +

      All of the files necessary to verify the image can be found on the storage site.

      +
      From ddf9ba1a5db8a33fa317ce643bb4b5c1897800f5 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Fri, 25 Jul 2014 11:30:24 -0700 Subject: [PATCH 0172/1291] feat(rackspace): add stable cloud server images --- .../cloud-providers/rackspace/index.md | 47 ++++++++++++++++--- 1 file changed, 40 insertions(+), 7 deletions(-) diff --git a/running-coreos/cloud-providers/rackspace/index.md b/running-coreos/cloud-providers/rackspace/index.md index d79487fe8..9dd6610f2 100644 --- a/running-coreos/cloud-providers/rackspace/index.md +++ b/running-coreos/cloud-providers/rackspace/index.md @@ -18,7 +18,8 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat
      @@ -48,7 +49,7 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat
      -
      +

      The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.data.beta-channel.rackspace-version}}.

      @@ -69,6 +70,27 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat
      +
      +
      +

      The Stable channel should be used by production clusters. Versions of CoreOS are battle-tested within the Beta and Alpha channels before being promoted. Current version is CoreOS {{site.data.stable-channel.rackspace-version}}.

      +
      + + + + + + + + + + + + + + + +
      Server TypeImage IDHeat Template
      Cloud Server{{site.data.stable-channel.rackspace-image-id}}heat-stable.yaml
      +
      @@ -174,7 +196,8 @@ Check you make sure the key is in your list by running `supernova production key
      @@ -184,10 +207,14 @@ Check you make sure the key is in your list by running `supernova production key

      Boot a new OnMetal Server with our new keypair and specify optional cloud-config data:

      supernova production boot --image {{site.data.alpha-channel.rackspace-onmetal-id}} --flavor onmetal-compute1 --key-name coreos-key --user-data ~/cloud_config.yml --config-drive true My_CoreOS_Server
      -
      +

      Boot a new Cloud Server with our new keypair and specify optional cloud-config data:

      supernova production boot --image {{site.data.beta-channel.rackspace-image-id}} --flavor performance1-2 --key-name coreos-key --user-data ~/cloud_config.yml --config-drive true My_CoreOS_Server
      +
      +

      Boot a new Cloud Server with our new keypair and specify optional cloud-config data:

      + 
      supernova production boot --image {{site.data.stable-channel.rackspace-image-id}} --flavor performance1-2 --key-name coreos-key --user-data ~/cloud_config.yml --config-drive true My_CoreOS_Server
      +
      @@ -253,7 +280,8 @@ source ~/.bash_profile
      @@ -262,14 +290,19 @@ source ~/.bash_profile 
      heat stack-create Test --template-file https://coreos.com/dist/rackspace/heat-alpha.yaml -P key-name=coreos-key -P flavor='2 GB Performance' -P count=5 -P user-data="$(< data.yaml)" -P name="CoreOS-alpha"

      You can view the template here.

      To boot an OnMetal cluster, use a slightly modified template:

      - 
      heat stack-create Test --template-file https://coreos.com/dist/rackspace/heat-onmetal-alpha.yaml -P key-name=coreos-key -P flavor='OnMetal Compute v1' -P count=3 -P user-data="$(< data.yaml)" -P name="CoreOS-alpha"
      + 
      heat stack-create Test --template-file https://coreos.com/dist/rackspace/heat-onmetal-alpha.yaml -P key-name=coreos-key -P flavor='2 GB Performance' -P count=3 -P user-data="$(< data.yaml)" -P name="CoreOS-alpha"

      You can view the template here.

      -
      +

      Launch the stack by providing the specified parameters. This command will reference the local file data.yml in the current working directory that contains the cloud-config parameters. $(< data.yaml) prints the contents of this file into our heat command:

      heat stack-create Test --template-file https://coreos.com/dist/rackspace/heat-beta.yaml -P key-name=coreos-key -P flavor='2 GB Performance' -P count=5 -P user-data="$(< data.yaml)" -P name="CoreOS-beta"

      You can view the template here.

      +
      +

      Launch the stack by providing the specified parameters. This command will reference the local file data.yml in the current working directory that contains the cloud-config parameters. $(< data.yaml) prints the contents of this file into our heat command:

      + 
      heat stack-create Test --template-file https://coreos.com/dist/rackspace/heat-stable.yaml -P key-name=coreos-key -P flavor='2 GB Performance' -P count=5 -P user-data="$(< data.yaml)" -P name="CoreOS-stable"
      +

      You can view the template here.

      +
      From 678055c93867b2db84a4355961752c14f7beabd4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Filip=20Dupanovi=C4=87?= Date: Sat, 26 Jul 2014 22:27:51 +0200 Subject: [PATCH 0173/1291] fix(getting-started-with-systemd): address small typo --- .../launching/getting-started-with-systemd/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/launching-containers/launching/getting-started-with-systemd/index.md b/launching-containers/launching/getting-started-with-systemd/index.md index bb34f5f77..5cd3adb42 100644 --- a/launching-containers/launching/getting-started-with-systemd/index.md +++ b/launching-containers/launching/getting-started-with-systemd/index.md @@ -77,7 +77,7 @@ systemd provides a high degree of functionality in your unit files. Here's a cur | ExecReload | Commands that will run when this unit is reloaded via `systemctl reload foo.service` | | ExecStop | Commands that will run when this unit is considered failed or if it is stopped via `systemctl stop foo.service` | | ExecStopPost | Commands that will run after `ExecStop` has completed. | -| RestartSec | The amount of time to sleep before restarting a serivce. Useful to prevent your failed service from attempting to restart itself every 100ms. | +| RestartSec | The amount of time to sleep before restarting a service. Useful to prevent your failed service from attempting to restart itself every 100ms. | The full list is located on the [systemd man page](http://www.freedesktop.org/software/systemd/man/systemd.service.html). From 353b48b529d4adcffd41cabd422cc850e48f650d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Filip=20Dupanovi=C4=87?= Date: Sat, 26 Jul 2014 22:34:18 +0200 Subject: [PATCH 0174/1291] feat(getting-started-with-systemd): reference systemd unit specifiers --- .../launching/getting-started-with-systemd/index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/launching-containers/launching/getting-started-with-systemd/index.md b/launching-containers/launching/getting-started-with-systemd/index.md index 5cd3adb42..981f8587a 100644 --- a/launching-containers/launching/getting-started-with-systemd/index.md +++ b/launching-containers/launching/getting-started-with-systemd/index.md @@ -105,7 +105,7 @@ ExecStopPost=/usr/bin/etcdctl rm /domains/example.com/10.10.10.123:8081 WantedBy=multi-user.target ``` -## Unit Variables +## Unit Specifiers In our last example we had to hardcode our IP address when we announced our container in etcd. That's not scalable and systemd has a few variables built in to help us out. Here's a few of the most useful: @@ -116,7 +116,7 @@ In our last example we had to hardcode our IP address when we announced our cont | `%b` | BootID | Similar to the machine ID, but this value is random and changes on each boot | | `%H` | Hostname | Allows you to run the same unit file across many machines. Useful for service discovery. Example: `/domains/example.com/%H:8081` | -A full list is on the [systemd man page](http://www.freedesktop.org/software/systemd/man/systemd.unit.html). +A full list of specifiers can be found on the [systemd man page](http://www.freedesktop.org/software/systemd/man/systemd.unit.html#Specifiers). ## Instantiated Units From e9c08cb8a630634f04f05039c72b9bd2a9d6bdb5 Mon Sep 17 00:00:00 2001 From: none Date: Sun, 27 Jul 2014 16:53:19 +0100 Subject: [PATCH 0175/1291] Adding stable channel to the vagrant docs --- running-coreos/platforms/vagrant/index.md | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/running-coreos/platforms/vagrant/index.md b/running-coreos/platforms/vagrant/index.md index 675858506..9c863a3b2 100644 --- a/running-coreos/platforms/vagrant/index.md +++ b/running-coreos/platforms/vagrant/index.md @@ -76,7 +76,8 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat
      @@ -97,6 +98,15 @@ $update_channel='alpha' $num_instances=3 
      # Official CoreOS channel from which updates should be downloaded
 $update_channel='beta'
      +
      +
      +

      The stable channel consists of promoted beta releases. Current version is CoreOS {{site.stable-channel}}.

      +

      Rename the file to config.rb then uncomment and modify:

      +

      config.rb

      + 
      # Size of the CoreOS cluster created by Vagrant
+$num_instances=3
      + 
      # Official CoreOS channel from which updates should be downloaded
+$update_channel='stable'
    From 48d0c3baeb4e60ecb7ec67c0b9685a5cc6dad9f1 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Sun, 27 Jul 2014 15:55:30 -0700 Subject: [PATCH 0176/1291] fix(vagrant): minor tweaks to match other platforms --- running-coreos/platforms/vagrant/index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/running-coreos/platforms/vagrant/index.md b/running-coreos/platforms/vagrant/index.md index 9c863a3b2..c434edd5b 100644 --- a/running-coreos/platforms/vagrant/index.md +++ b/running-coreos/platforms/vagrant/index.md @@ -90,7 +90,7 @@ $num_instances=3 
    # Official CoreOS channel from which updates should be downloaded
 $update_channel='alpha'
    -
    +

    The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.beta-channel}}.

    Rename the file to config.rb then uncomment and modify:

    config.rb

    @@ -100,7 +100,7 @@ $num_instances=3 $update_channel='beta'
    -

    The stable channel consists of promoted beta releases. Current version is CoreOS {{site.stable-channel}}.

    +

    The Stable channel should be used by production clusters. Versions of CoreOS are battle-tested within the Beta and Alpha channels before being promoted. Current version is CoreOS {{site.stable-channel}}.

    Rename the file to config.rb then uncomment and modify:

    config.rb

    # Size of the CoreOS cluster created by Vagrant

From 83b3b7b7f629f45197ff41990046247974a1a34f Mon Sep 17 00:00:00 2001
From: c4t3l 
Date: Mon, 28 Jul 2014 11:42:22 -0500
Subject: [PATCH 0177/1291] Update channel definitions

Updated the channel definitions to reflect stable.  Created table to ensure consistency with other install pages.
---
 running-coreos/platforms/libvirt/index.md | 43 ++++++++++++++++++-----
 1 file changed, 34 insertions(+), 9 deletions(-)

diff --git a/running-coreos/platforms/libvirt/index.md b/running-coreos/platforms/libvirt/index.md
index 2e88ea9e2..3688c519a 100644
--- a/running-coreos/platforms/libvirt/index.md
+++ b/running-coreos/platforms/libvirt/index.md
@@ -26,16 +26,41 @@ to substitute that path if you use another one.
 
 CoreOS is released into alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel.
 
-The channel is selected based on the URL below. Simply replace `alpha` with `beta`. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes in each channel.
-
-We start by downloading the most recent disk image:
-
-```sh
+Read the [release notes]({{site.url}}/releases) for specific features and bug fixes in each channel.
+
+
    
+  
+  
    
+    
    
+      
    We start by downloading the most recent disk image:
    
+      
     mkdir -p /var/lib/libvirt/images/coreos0
-cd /var/lib/libvirt/images/coreos0
-wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_qemu_image.img.bz2
-bunzip2 coreos_production_qemu_image.img.bz2
-```
+cd /var/lib/libvirt/coreos0
+wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_qemu_image.img.bz2 -O - | bzcat > coreos_production_qemu_image.img
+      
    
+    
    
+    
    
+      
    We start by downloading the most recent disk image:
    
+      
    +mkdir -p /var/lib/libvirt/images/coreos0
+cd /var/lib/libvirt/coreos0
+wget http://beta.release.core-os.net/amd64-usr/current/coreos_production_qemu_image.img.bz2 -O - | bzcat > coreos_production_qemu_image.img
+      
    
+    
    
+    
    
+      
    We start by downloading the most recent disk image:
    
+      
    +mkdir -p /var/lib/libvirt/images/coreos0
+cd /var/lib/libvirt/coreos0
+wget http://stable.release.core-os.net/amd64-usr/current/coreos_production_qemu_image.img.bz2 -O - | bzcat > coreos_production_qemu_image.img
+      
    
+    
    
+  
    
+
    
 
 ## Virtual machine configuration
 

From 8e4e8370748327de3f2bd0e6d70eb785bb19e099 Mon Sep 17 00:00:00 2001
From: Rob Szumski 
Date: Mon, 28 Jul 2014 10:47:25 -0700
Subject: [PATCH 0178/1291] fix(libvirt): remove extra newlines

---
 running-coreos/platforms/libvirt/index.md | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/running-coreos/platforms/libvirt/index.md b/running-coreos/platforms/libvirt/index.md
index 3688c519a..77752b7a8 100644
--- a/running-coreos/platforms/libvirt/index.md
+++ b/running-coreos/platforms/libvirt/index.md
@@ -40,24 +40,21 @@ Read the [release notes]({{site.url}}/releases) for specific features and bug fi
       
     mkdir -p /var/lib/libvirt/images/coreos0
 cd /var/lib/libvirt/coreos0
-wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_qemu_image.img.bz2 -O - | bzcat > coreos_production_qemu_image.img
-      
    
+wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_qemu_image.img.bz2 -O - | bzcat > coreos_production_qemu_image.img

    We start by downloading the most recent disk image:

     mkdir -p /var/lib/libvirt/images/coreos0
 cd /var/lib/libvirt/coreos0
-wget http://beta.release.core-os.net/amd64-usr/current/coreos_production_qemu_image.img.bz2 -O - | bzcat > coreos_production_qemu_image.img
-
    +wget http://beta.release.core-os.net/amd64-usr/current/coreos_production_qemu_image.img.bz2 -O - | bzcat > coreos_production_qemu_image.img

    We start by downloading the most recent disk image:

     mkdir -p /var/lib/libvirt/images/coreos0
 cd /var/lib/libvirt/coreos0
-wget http://stable.release.core-os.net/amd64-usr/current/coreos_production_qemu_image.img.bz2 -O - | bzcat > coreos_production_qemu_image.img
-
    +wget http://stable.release.core-os.net/amd64-usr/current/coreos_production_qemu_image.img.bz2 -O - | bzcat > coreos_production_qemu_image.img
    From 621eb813484ac8a0953fe07a542a960556012098 Mon Sep 17 00:00:00 2001 From: c4t3l Date: Tue, 29 Jul 2014 14:20:13 -0500 Subject: [PATCH 0179/1291] Update channel definitions Added stable channel definitions for consistency with other pages. --- running-coreos/platforms/qemu/index.md | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/running-coreos/platforms/qemu/index.md b/running-coreos/platforms/qemu/index.md index bc798f731..b61c51ad7 100644 --- a/running-coreos/platforms/qemu/index.md +++ b/running-coreos/platforms/qemu/index.md @@ -81,17 +81,29 @@ image. ### Choosing a Channel -CoreOS is released into alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes in each channel. +CoreOS is released into stable, alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes in each channel.
    +
    +
    +

    The stable channel consists of promoted beta releases. Current version is CoreOS {{site.stable-channel}}.

    +
    +

    There are two files you need: the disk image (provided in qcow2 + format) and the wrapper shell script to start QEMU.

    + 
    mkdir coreos; cd coreos
+wget http://stable.release.core-os.net/amd64-usr/current/coreos_production_qemu.sh
+wget http://stable.release.core-os.net/amd64-usr/current/coreos_production_qemu_image.img.bz2 -O - | bzcat > coreos_production_qemu_image.img
+chmod +x coreos_production_qemu.sh
    +
    -

    The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

    +

    The alpha channel closely tracks master and is released to frequently. Current version is CoreOS {{site.alpha-channel}}.

    There are two files you need: the disk image (provided in qcow2 format) and the wrapper shell script to start QEMU.

    From 1a8a5f277125b324a695bba0e20969b3d1c236fb Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Tue, 29 Jul 2014 15:55:01 -0700 Subject: [PATCH 0180/1291] fix(qemu): fix tab content and update channel description --- running-coreos/platforms/qemu/index.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/running-coreos/platforms/qemu/index.md b/running-coreos/platforms/qemu/index.md index b61c51ad7..f3f3f5437 100644 --- a/running-coreos/platforms/qemu/index.md +++ b/running-coreos/platforms/qemu/index.md @@ -90,9 +90,9 @@ CoreOS is released into stable, alpha and beta channels. Releases to each channe
  • Alpha Channel
    • -
    +
    -

    The stable channel consists of promoted beta releases. Current version is CoreOS {{site.stable-channel}}.

    +

    Versions of CoreOS are battle-tested within the Beta and Alpha channels before being promoted. Current version is CoreOS {{site.stable-channel}}.

    There are two files you need: the disk image (provided in qcow2 format) and the wrapper shell script to start QEMU.

    @@ -112,7 +112,7 @@ wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_qemu.s wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_qemu_image.img.bz2 -O - | bzcat > coreos_production_qemu_image.img chmod +x coreos_production_qemu.sh
    -
    +

    The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.beta-channel}}.

    From bca2db6bf8e742ad547eefd340aaeb83764171f7 Mon Sep 17 00:00:00 2001 From: Chris Cowley Date: Sat, 2 Aug 2014 21:53:07 +0200 Subject: [PATCH 0181/1291] Added section to Quickstart better explaining the discovery token. Makes the Quickstart a little more self-contained. --- quickstart/index.md | 25 ++++++++++++++++++++++++- 1 file changed, 24 insertions(+), 1 deletion(-) diff --git a/quickstart/index.md b/quickstart/index.md index 89f6a4c84..f43b16833 100644 --- a/quickstart/index.md +++ b/quickstart/index.md @@ -39,7 +39,30 @@ CoreOS (beta) The first building block of CoreOS is service discovery with **etcd** ([docs][etcd-docs]). Data stored in etcd is distributed across all of your machines running CoreOS. For example, each of your app containers can announce itself to a proxy container, which would automatically know which machines should receive traffic. Building service discovery into your application allows you to add more machines and scale your services seamlessly. -If you used an example [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config) from a guide linked in the first paragraph, etcd is automatically started on boot. The API is easy to use. From a CoreOS machine, you can simply use curl to set and retrieve a key from etcd: +If you used an example [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config) from a guide linked in the first paragraph, etcd is automatically started on boot. + +A good starting point would be something like: + +``` +#cloud-config + +hostname: coreos0 +ssh_authorized_keys: + - ssh-rsa AAAA... +coreos: + units: + - name: etcd.service + command: start + - name: fleet.service + command: start + etcd: + name: coreos0 + discovery: https://discovery.etcd.io/ +``` + +In order to get the discovery token, visit [https://discovery.etcd.io/new] and you will receive a URL including your token. Paste the whole thing into your cloud-config file. + +The API is easy to use. From a CoreOS machine, you can simply use curl to set and retrieve a key from etcd: Set a key `message` with value `Hello world`: From e6043eccf17ea09463420105570021e118240d80 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Mon, 4 Aug 2014 10:34:37 -0700 Subject: [PATCH 0182/1291] fix(*): update service files --- .../getting-started-with-systemd/index.md | 16 ++++++++++++---- .../launching-containers-fleet/index.md | 14 +++++++++++--- quickstart/index.md | 8 ++++++-- 3 files changed, 29 insertions(+), 9 deletions(-) diff --git a/launching-containers/launching/getting-started-with-systemd/index.md b/launching-containers/launching/getting-started-with-systemd/index.md index 981f8587a..31a64e79e 100644 --- a/launching-containers/launching/getting-started-with-systemd/index.md +++ b/launching-containers/launching/getting-started-with-systemd/index.md @@ -25,12 +25,16 @@ On CoreOS, unit files are located within the R/W filesystem at `/etc/systemd/sys ```ini [Unit] -Description=My Service +Description=MyApp After=docker.service Requires=docker.service [Service] -ExecStart=/usr/bin/docker run busybox /bin/sh -c "while true; do echo Hello World; sleep 1; done" +TimeoutStartSec=0 +ExecStartPre=-/usr/bin/docker kill busybox1 +ExecStartPre=-/usr/bin/docker rm busybox1 +ExecStartPre=/usr/bin/docker pull busybox +ExecStart=/usr/bin/docker run busybox --name busybox1 /bin/sh -c "while true; do echo Hello World; sleep 1; done" [Install] WantedBy=multi-user.target @@ -96,9 +100,13 @@ After=etcd.service After=docker.service [Service] -ExecStart=/bin/bash -c '/usr/bin/docker start -a apache || /usr/bin/docker run --name apache -p 80:80 coreos/apache /usr/sbin/apache2ctl -D FOREGROUND' +TimeoutStartSec=0 +ExecStartPre=-/usr/bin/docker kill apache1 +ExecStartPre=-/usr/bin/docker rm apache1 +ExecStartPre=/usr/bin/docker pull coreos/apache +ExecStart=/usr/bin/docker run --name apache1 -p 80:80 coreos/apache /usr/sbin/apache2ctl -D FOREGROUND ExecStartPost=/usr/bin/etcdctl set /domains/example.com/10.10.10.123:8081 running -ExecStop=/usr/bin/docker stop apache +ExecStop=/usr/bin/docker stop apache1 ExecStopPost=/usr/bin/etcdctl rm /domains/example.com/10.10.10.123:8081 [Install] diff --git a/launching-containers/launching/launching-containers-fleet/index.md b/launching-containers/launching/launching-containers-fleet/index.md index d41e55b70..68540c0d7 100644 --- a/launching-containers/launching/launching-containers-fleet/index.md +++ b/launching-containers/launching/launching-containers-fleet/index.md @@ -26,7 +26,11 @@ After=docker.service Requires=docker.service [Service] -ExecStart=/usr/bin/docker run busybox /bin/sh -c "while true; do echo Hello World; sleep 1; done" +TimeoutStartSec=0 +ExecStartPre=-/usr/bin/docker kill busybox1 +ExecStartPre=-/usr/bin/docker rm busybox1 +ExecStartPre=/usr/bin/docker pull busybox +ExecStart=/usr/bin/docker run busybox --name busybox1 /bin/sh -c "while true; do echo Hello World; sleep 1; done" ``` Run the start command to start up the container on the cluster: @@ -66,8 +70,12 @@ After=docker.service Requires=docker.service [Service] -ExecStart=/usr/bin/docker run -rm --name apache -p 80:80 coreos/apache /usr/sbin/apache2ctl -D FOREGROUND -ExecStop=/usr/bin/docker rm -f apache +TimeoutStartSec=0 +ExecStartPre=-/usr/bin/docker kill apache1 +ExecStartPre=-/usr/bin/docker rm apache1 +ExecStartPre=/usr/bin/docker pull coreos/apache +ExecStart=/usr/bin/docker run -rm --name apache1 -p 80:80 coreos/apache /usr/sbin/apache2ctl -D FOREGROUND +ExecStop=/usr/bin/docker stop apache1 [X-Fleet] X-Conflicts=apache.*.service diff --git a/quickstart/index.md b/quickstart/index.md index 89f6a4c84..8effecd21 100644 --- a/quickstart/index.md +++ b/quickstart/index.md @@ -95,8 +95,12 @@ Description=My Service After=docker.service [Service] -ExecStart=/bin/bash -c '/usr/bin/docker start -a hello || /usr/bin/docker run --name hello busybox /bin/sh -c "while true; do echo Hello World; sleep 1; done"' -ExecStop=/usr/bin/docker stop -t 1 hello +TimeoutStartSec=0 +ExecStartPre=-/usr/bin/docker kill hello +ExecStartPre=-/usr/bin/docker rm hello +ExecStartPre=/usr/bin/docker pull busybox +ExecStart=/usr/bin/docker run --name hello busybox /bin/sh -c "while true; do echo Hello World; sleep 1; done" +ExecStop=/usr/bin/docker stop hello ``` The [Getting Started with systemd]({{site.url}}/docs/launching-containers/launching/getting-started-with-systemd) guide explains the format of this file in more detail. From 69617597e851d04bac78ca62954818e88ee608eb Mon Sep 17 00:00:00 2001 From: coderfi Date: Wed, 6 Aug 2014 11:59:54 -0700 Subject: [PATCH 0183/1291] added Cloud-Config section added warnings about unsupported private_ipv4 and public_ipv4 variables --- running-coreos/cloud-providers/vultr/index.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/running-coreos/cloud-providers/vultr/index.md b/running-coreos/cloud-providers/vultr/index.md index 41ff1f5b5..2186710b3 100644 --- a/running-coreos/cloud-providers/vultr/index.md +++ b/running-coreos/cloud-providers/vultr/index.md @@ -74,3 +74,11 @@ Now that you have a cluster bootstrapped it is time to play around. CoreOS is currently running from RAM, based on the loaded image. You may want to [install it on the disk]({{site.url}}/docs/running-coreos/bare-metal/installing-to-disk). Note that when following these instructions on Vultr, the device name should be `/dev/vda` rather than `/dev/sda`. Check out the [CoreOS Quickstart]({{site.url}}/docs/quickstart) guide or dig into [more specific topics]({{site.url}}/docs). + +## Using Cloud-Config + +Please be sure to check out [Using Cloud-Config](http://coreos.com/docs/cluster-management/setup/cloudinit-cloud-config/). + +In particular, please note that the `$private_ipv4` and `$public_ipv4` variables are NOT supported on `vultr`. + +In other words, you will need to hard code these values into your `cloud-config` file. From 50b006f6890de781cf1652f60d5e5193ebaf6695 Mon Sep 17 00:00:00 2001 From: coderfi Date: Wed, 6 Aug 2014 12:02:48 -0700 Subject: [PATCH 0184/1291] uses site.url macro --- running-coreos/cloud-providers/vultr/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/running-coreos/cloud-providers/vultr/index.md b/running-coreos/cloud-providers/vultr/index.md index 2186710b3..d8cfe012f 100644 --- a/running-coreos/cloud-providers/vultr/index.md +++ b/running-coreos/cloud-providers/vultr/index.md @@ -77,7 +77,7 @@ Check out the [CoreOS Quickstart]({{site.url}}/docs/quickstart) guide or dig int ## Using Cloud-Config -Please be sure to check out [Using Cloud-Config](http://coreos.com/docs/cluster-management/setup/cloudinit-cloud-config/). +Please be sure to check out [Using Cloud-Config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/). In particular, please note that the `$private_ipv4` and `$public_ipv4` variables are NOT supported on `vultr`. From bb6c6dbb34d3a62d673c745cc70b609eff08ee39 Mon Sep 17 00:00:00 2001 From: coderfi Date: Wed, 6 Aug 2014 12:05:30 -0700 Subject: [PATCH 0185/1291] updated cloud-config url --- running-coreos/cloud-providers/vultr/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/running-coreos/cloud-providers/vultr/index.md b/running-coreos/cloud-providers/vultr/index.md index d8cfe012f..ede702095 100644 --- a/running-coreos/cloud-providers/vultr/index.md +++ b/running-coreos/cloud-providers/vultr/index.md @@ -77,7 +77,7 @@ Check out the [CoreOS Quickstart]({{site.url}}/docs/quickstart) guide or dig int ## Using Cloud-Config -Please be sure to check out [Using Cloud-Config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/). +Please be sure to check out [Using Cloud-Config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config). In particular, please note that the `$private_ipv4` and `$public_ipv4` variables are NOT supported on `vultr`. From aeedf9645852866e57fbea06266843043b7bf7d7 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Wed, 6 Aug 2014 13:27:33 -0700 Subject: [PATCH 0186/1291] vultr: add channel tabs and reorg --- running-coreos/cloud-providers/vultr/index.md | 77 ++++++++++++++----- 1 file changed, 59 insertions(+), 18 deletions(-) diff --git a/running-coreos/cloud-providers/vultr/index.md b/running-coreos/cloud-providers/vultr/index.md index ede702095..4a95c8430 100644 --- a/running-coreos/cloud-providers/vultr/index.md +++ b/running-coreos/cloud-providers/vultr/index.md @@ -8,30 +8,79 @@ weight: 10 # Running CoreOS on a Vultr VPS -CoreOS is currently in heavy development and actively being tested. These instructions will walk you through running a single CoreOS node. This guide assumes: +These instructions will walk you through running a single CoreOS node. This guide assumes: * You have an account at [Vultr.com](http://vultr.com). * The location of your iPXE script (referenced later in the guide) is located at ```http://example.com/script.txt``` * You have a public + private key combination generated. Here's a helpful guide if you need to generate these keys: [How to set up SSH keys](https://www.digitalocean.com/community/articles/how-to-set-up-ssh-keys--2). -## Create the script - The simplest option to boot up CoreOS is to load a script that contains the series of commands you'd otherwise need to manually type at the command line. This script needs to be publicly accessible (host this file on your own server). Save this script as a text file (.txt extension). -A sample script will look like this : +## Choosing a Channel + +CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updates) with different schedules per channel. You can [disable this feature]({{site.url}}/docs/cluster-management/debugging/prevent-reboot-after-update), although we don't recommend it. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes. -```ini -#!ipxe +
    + +
    +
    +
    +

    The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.data.alpha-channel.rackspace-version}}.

    +
    +

    A sample script will look like this:

    + +
    #!ipxe
 
 set base-url http://alpha.release.core-os.net/amd64-usr/current
 kernel ${base-url}/coreos_production_pxe.vmlinuz sshkey="YOUR_PUBLIC_KEY_HERE"
 initrd ${base-url}/coreos_production_pxe_image.cpio.gz
-boot
-```
-Make sure to replace `YOUR_PUBLIC_KEY_HERE` with your actual public key, it will begin with "ssh-rsa...".
+boot
    +
    +
    +
    +

    The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.data.beta-channel.rackspace-version}}.

    +
    +

    A sample script will look like this:

    + +
    #!ipxe
+
+set base-url http://beta.release.core-os.net/amd64-usr/current
+kernel ${base-url}/coreos_production_pxe.vmlinuz sshkey="YOUR_PUBLIC_KEY_HERE"
+initrd ${base-url}/coreos_production_pxe_image.cpio.gz
+boot
    +
    +
    +
    +

    The Stable channel should be used by production clusters. Versions of CoreOS are battle-tested within the Beta and Alpha channels before being promoted. Current version is CoreOS {{site.data.stable-channel.rackspace-version}}.

    +
    +

    A sample script will look like this:

    + +
    #!ipxe
+
+set base-url http://stable.release.core-os.net/amd64-usr/current
+kernel ${base-url}/coreos_production_pxe.vmlinuz sshkey="YOUR_PUBLIC_KEY_HERE"
+initrd ${base-url}/coreos_production_pxe_image.cpio.gz
+boot
    +
    +
    +
    + +Make sure to replace `YOUR_PUBLIC_KEY_HERE` with your actual public key, it will begin with `ssh-rsa...`. Additional reading can be found at [Booting CoreOS with iPXE](http://coreos.com/docs/running-coreos/bare-metal/booting-with-ipxe/) and [Embedded scripts for iPXE](http://ipxe.org/embed). +## Using Cloud-Config + +Please be sure to check out [Using Cloud-Config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config). + +In particular, please note that the `$private_ipv4` and `$public_ipv4` variables are NOT supported on `vultr`. + +In other words, you will need to hard code these values into your `cloud-config` file. + ## Create the VPS Create a new VPS (any server type and location of your choice), and then: @@ -73,12 +122,4 @@ Now that you have a cluster bootstrapped it is time to play around. CoreOS is currently running from RAM, based on the loaded image. You may want to [install it on the disk]({{site.url}}/docs/running-coreos/bare-metal/installing-to-disk). Note that when following these instructions on Vultr, the device name should be `/dev/vda` rather than `/dev/sda`. -Check out the [CoreOS Quickstart]({{site.url}}/docs/quickstart) guide or dig into [more specific topics]({{site.url}}/docs). - -## Using Cloud-Config - -Please be sure to check out [Using Cloud-Config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config). - -In particular, please note that the `$private_ipv4` and `$public_ipv4` variables are NOT supported on `vultr`. - -In other words, you will need to hard code these values into your `cloud-config` file. +Check out the [CoreOS Quickstart]({{site.url}}/docs/quickstart) guide or dig into [more specific topics]({{site.url}}/docs). \ No newline at end of file From eb873357bdc878cb7bd1f49564b3d8fde12d0fbc Mon Sep 17 00:00:00 2001 From: gdusbabek Date: Thu, 7 Aug 2014 17:52:15 -0500 Subject: [PATCH 0187/1291] Change order of command line for starting busybox. --- .../launching/getting-started-with-systemd/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/launching-containers/launching/getting-started-with-systemd/index.md b/launching-containers/launching/getting-started-with-systemd/index.md index 31a64e79e..a5d0fd7d8 100644 --- a/launching-containers/launching/getting-started-with-systemd/index.md +++ b/launching-containers/launching/getting-started-with-systemd/index.md @@ -34,7 +34,7 @@ TimeoutStartSec=0 ExecStartPre=-/usr/bin/docker kill busybox1 ExecStartPre=-/usr/bin/docker rm busybox1 ExecStartPre=/usr/bin/docker pull busybox -ExecStart=/usr/bin/docker run busybox --name busybox1 /bin/sh -c "while true; do echo Hello World; sleep 1; done" +ExecStart=/usr/bin/docker run --name busybox1 busybox /bin/sh -c "while true; do echo Hello World; sleep 1; done" [Install] WantedBy=multi-user.target From 9e723745e4ed4d8b0bfb58e0b5326725465fbd8e Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Sun, 10 Aug 2014 18:01:58 -0700 Subject: [PATCH 0188/1291] cluster-discovery: rewrite guide --- .../setup/cluster-discovery/index.md | 145 ++++++++++++++++++ 1 file changed, 145 insertions(+) create mode 100644 cluster-management/setup/cluster-discovery/index.md diff --git a/cluster-management/setup/cluster-discovery/index.md b/cluster-management/setup/cluster-discovery/index.md new file mode 100644 index 000000000..d7b621175 --- /dev/null +++ b/cluster-management/setup/cluster-discovery/index.md @@ -0,0 +1,145 @@ +--- +layout: docs +title: Cluster Discovery +category: cluster_management +sub_category: setting_up +forkurl: https://github.com/coreos/docs/blob/master/cluster-management/setup/cluster-discovery/index.md +weight: 5 +--- + +# CoreOS Cluster Discovery + +## Overview + +CoreOS uses etcd, a service running on each machine, to handle coordination between software running on the cluster. For a group of CoreOS machines to form a cluster, their etcd instances need be connected. + +A discovery service, [https://discovery.etcd.io](https://discovery.etcd.io), is provided as a free service to help connect etcd instances together by storing a list of peer addresses and metadata under a unique address, known as the discovery URL. + +The discovery URL can be provided to each CoreOS machine via [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config), a minimal config tool that's designed to get a machine connected to the network and join the cluster. The rest of this guide will explain what's happening behind the scenes, but if you're trying to get clustered as quickly as possible, all you need to do is provide a _fresh, unique_ discovery token in your cloud-config. + +Boot each one of the machines with identical cloud-config and they should be auotmatically clustered. You can grab a new token from [https://discovery.etcd.io/new](https://discovery.etcd.io/new) at any time. + +A common cloud-config is provided below, but specific guides are provided for each platform's guide. Not all providers support the `$private_ipv4` variable substitution. + +``` +#cloud-config + +coreos: + etcd: + # generate a new token for each unique cluster from https://discovery.etcd.io/new + discovery: https://discovery.etcd.io/ + # multi-region and multi-cloud deployments need to use $public_ipv4 + addr: $private_ipv4:4001 + peer-addr: $private_ipv4:7001 + units: + - name: etcd.service + command: start + - name: fleet.service + command: start +``` + +## New Clusters + +Starting a CoreOS cluster requires one of the new machines to become the first leader of the cluster. The initial leader is stored as metadata with the discovery URL in order to inform the other members of the new cluster. Let's walk through an example with a new 3 machine CoreOS cluster: + +1. 3 machines are booted via a cloud-provider +2. Machine 1 that boots connects to the discovery token and submits its `peer-addr` address `10.10.10.1`. +3. No leader is recorded into the discovery URL metadata, so machine 1 becomes the leader. +4. Machine 2 boots and submits its `peer-addr` address `10.10.10.2`. It also reads back the list of existing peers (only `10.10.10.1`) and attempts to connect to the address listed. +5. Machine 2 is now part of the cluster as a follower. +6. Machine 3 boots and submits its `peer-addr` address `10.10.10.3`. It reads back the list of peers ( `10.10.10.1` and `10.10.10.2`) and selects one of the addresses to try first. If it can connect, the machine joins the cluster and is given a full list of the existing other members of the cluster. +7. The cluster is now bootstrapped with an intial leader and two followers. + +There are two interesting things happening during this process. + +First, each machine is configured with the same discovery URL and etcd figured out what to do. This allows you to load the same cloud-config into an auto-scaling group and it will work whether it is the first or 30th machine in the group. + +Second, machine 3 only needed to use one of the addresses stored in the discovery URL to connect to the cluster, because the rest of the active peers can be obtained after cluster membership through the Raft protocol. + +## Existing Clusters + +If you're already bootstrapped a cluster with a discovery URL, all you need to do is to boot new machines with a cloud-config containing the same URL. After boot, new machines will see that a cluster already exists and attempt to join through one of the addresses stored with the discovery URL. + +Over time, as machines come and go, the discovery URL will eventually contain addresses of peers that are no longer alive. Each entry in the discovery URL has a TTL of 7 days, which should be long enough to make sure no extended outages cause an address to be removed erroneously. There is no harm in having stale peers in the list until they are cleaned up, since an etcd instance only needs to connect to one valid peer in the cluster to join. + +## Common Problems with Cluster Discovery + +### Invalid Cloud-Config + +The most common problem with cluster discovery is using invalid cloud-config, which will prevent the cloud-config from being applied to the machine. Formatting errors are easy to do with YAML. You should always run newly written cloud-config through a [YAML validator](yamllint.com). + +Unfortunately, if you are providing an SSH-key via cloud-config, it can be hard to read the `coreos-cloudinit` log to find out what's wrong. If you're using a cloud provider, you can normally provide an SSH-key via another method which will allow you to log in. If you're running on bare metal, the [coreos.autologin]({{site.url}}/docs/running-coreos/bare-metal/booting-with-pxe/#setting-up-pxelinux.cfg) kernel option will bypass authentication, letting you read the journal. + +Reading the `coreos-cloudinit` log will indicate which line is invalid: + +``` +journalctl -u coreos-cloudinit +``` + +### Stale Tokens + +Another common problem with cluster discovery is attempting to boot a new cluster with a stable discovery URL. As explained above, the intial leader election is recorded into the URL, which inticates that the new etcd instance should be joining an existing cluster. On a stale token, each of the old peer addresses will be used to try to join a cluster but will fail. A new cluster can't be formed by discarding these old addresses, because if an etcd peer was in a network partition, it would look exactly like the described situtation. Because etcd can't ever accurately determined whether a token has been reused or not, it must assume the worst and fail the cluster discovery. + +If you're running into problems with your discovery URL, there are a few sources of information that can help you see what's going on. First, you can open the URL in a browser to see what information etcd is using to bootstrap itself: + +```sh +{ + action: "get", + node: { + key: "/_etcd/registry/506f6c1bc729377252232a0121247119", + dir: true, + nodes: [ + { + key: "/_etcd/registry/506f6c1bc729377252232a0121247119/0d79b4791be9688332cc05367366551e", + value: "http://10.183.202.105:7001", + expiration: "2014-08-17T16:21:37.426001686Z", + ttl: 576008, + modifiedIndex: 72783864, + createdIndex: 72783864 + }, + { + key: "/_etcd/registry/506f6c1bc729377252232a0121247119/c72c63ffce6680737ea2b670456aaacd", + value: "http://10.65.177.56:7001", + expiration: "2014-08-17T12:05:57.717243529Z", + ttl: 560669, + modifiedIndex: 72626400, + createdIndex: 72626400 + }, + { + key: "/_etcd/registry/506f6c1bc729377252232a0121247119/f7a93d1f0cd4d318c9ad0b624afb9cf9", + value: "http://10.29.193.50:7001", + expiration: "2014-08-17T17:18:25.045563473Z", + ttl: 579416, + modifiedIndex: 72821950, + createdIndex: 72821950 + } + ], + modifiedIndex: 69367741, + createdIndex: 69367741 + } +} +``` + +To rule out firewall settings as a source of your issue, ensure that you can curl each of the IPs from machines in your cluster. + +### Communicating with discovery.etcd.io + +If your CoreOS cluster can't communicate out the public internet, [https://discovery.etcd.io](https://discovery.etcd.io) won't work and you'll have to run your own discovery endpoint, which is described later in this document. + +### Setting Peer Addresses Correctly + +Each etcd instance submits the `-peer-addr` of each etcd instance to the configured discovery service. It's important to select an address that *all* peers in the cluster can communicate with. For example, if you're located in two regions of a cloud provider, configuring a private `10.x` address will not work between the two regions, and communication will not be possible between all peers. + +## Running Your Own Discovery Service + +The public discovery service is just an etcd cluster made available to the public internet. Since the discovery service conducts and stores the result of the first leader election, it needs to be consistent. You wouldn't want 2 machines in the same cluster to think they were both the leader. + +Since etcd is designed to this type of leader election, it was an obvious choice to use it for everyone's initial leader election. This means that it's easy to run your own etcd cluster for this purpose. + +If you're interested in how to discovery API works behind the scenes in etcd, read about the [Discovery Protocol](https://github.com/coreos/etcd/blob/master/Documentation/discovery-protocol.md). + +## Lifetime of a Discovery URL + +A discovery URL identifies a single etcd cluster. Do not re-use discovery URLs for new clusters. + +When a machine starts with a new discovery URL the discovery URL will be activated and record the machine's metadata. If you destroy the whole cluster and attempt to bring the cluster back up with the same discovery URL it will fail. This is intentional because all of the registered machines are gone including their logs so there is nothing to recover the killed cluster. From 92e6f029631396076fe2cf1b3cb275568de06f90 Mon Sep 17 00:00:00 2001 From: Aris Pikeas Date: Tue, 12 Aug 2014 11:08:21 -0700 Subject: [PATCH 0189/1291] Use reload instead of up --- running-coreos/platforms/vagrant/index.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/running-coreos/platforms/vagrant/index.md b/running-coreos/platforms/vagrant/index.md index bad04474c..112e85826 100644 --- a/running-coreos/platforms/vagrant/index.md +++ b/running-coreos/platforms/vagrant/index.md @@ -64,7 +64,9 @@ coreos: The `$private_ipv4` and `$public_ipv4` substitution variables are fully supported in cloud-config on Vagrant. They will map to the first statically defined private and public networks defined in the Vagrantfile. -Your Vagrantfile should copy your cloud-config file to `/var/lib/coreos-vagrant/vagrantfile-user-data`. The provided Vagrantfile is already configured to do this. `cloudinit` reads `vagrantfile-user-data` on every boot and uses it to create the machine's user-data file. If you wish to update your cloud-config later on, `vagrant up --provision` must be run to apply the new file. +Your Vagrantfile should copy your cloud-config file to `/var/lib/coreos-vagrant/vagrantfile-user-data`. The provided Vagrantfile is already configured to do this. `cloudinit` reads `vagrantfile-user-data` on every boot and uses it to create the machine's user-data file. + +If you need to update your cloud-config later on, run `vagrant reload --provision` to reboot your VM and apply the new file. [cloud-config-docs]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config From 26e97c630cee645d7d748a8b6de8622dca67f879 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Tue, 12 Aug 2014 16:13:25 -0700 Subject: [PATCH 0190/1291] cluster-discovery: update content --- .../setup/cluster-discovery/index.md | 20 +++++++------------ 1 file changed, 7 insertions(+), 13 deletions(-) diff --git a/cluster-management/setup/cluster-discovery/index.md b/cluster-management/setup/cluster-discovery/index.md index d7b621175..a64a6ac7d 100644 --- a/cluster-management/setup/cluster-discovery/index.md +++ b/cluster-management/setup/cluster-discovery/index.md @@ -11,13 +11,13 @@ weight: 5 ## Overview -CoreOS uses etcd, a service running on each machine, to handle coordination between software running on the cluster. For a group of CoreOS machines to form a cluster, their etcd instances need be connected. +CoreOS uses etcd, a service running on each machine, to handle coordination between software running on the cluster. For a group of CoreOS machines to form a cluster, their etcd instances need to be connected. A discovery service, [https://discovery.etcd.io](https://discovery.etcd.io), is provided as a free service to help connect etcd instances together by storing a list of peer addresses and metadata under a unique address, known as the discovery URL. The discovery URL can be provided to each CoreOS machine via [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config), a minimal config tool that's designed to get a machine connected to the network and join the cluster. The rest of this guide will explain what's happening behind the scenes, but if you're trying to get clustered as quickly as possible, all you need to do is provide a _fresh, unique_ discovery token in your cloud-config. -Boot each one of the machines with identical cloud-config and they should be auotmatically clustered. You can grab a new token from [https://discovery.etcd.io/new](https://discovery.etcd.io/new) at any time. +Boot each one of the machines with identical cloud-config and they should be automatically clustered. You can grab a new token from [https://discovery.etcd.io/new](https://discovery.etcd.io/new) at any time. A common cloud-config is provided below, but specific guides are provided for each platform's guide. Not all providers support the `$private_ipv4` variable substitution. @@ -73,12 +73,12 @@ Unfortunately, if you are providing an SSH-key via cloud-config, it can be hard Reading the `coreos-cloudinit` log will indicate which line is invalid: ``` -journalctl -u coreos-cloudinit +journalctl _EXE=/usr/bin/coreos-cloudinit ``` ### Stale Tokens -Another common problem with cluster discovery is attempting to boot a new cluster with a stable discovery URL. As explained above, the intial leader election is recorded into the URL, which inticates that the new etcd instance should be joining an existing cluster. On a stale token, each of the old peer addresses will be used to try to join a cluster but will fail. A new cluster can't be formed by discarding these old addresses, because if an etcd peer was in a network partition, it would look exactly like the described situtation. Because etcd can't ever accurately determined whether a token has been reused or not, it must assume the worst and fail the cluster discovery. +Another common problem with cluster discovery is attempting to boot a new cluster with a stale discovery URL. As explained above, the intial leader election is recorded into the URL, which inticates that the new etcd instance should be joining an existing cluster. On a stale token, each of the old peer addresses will be used to try to join a cluster but will fail. A new cluster can't be formed by discarding these old addresses, because if an etcd peer was in a network partition, it would look exactly like the described situation. Because etcd can't ever accurately determined whether a token has been reused or not, it must assume the worst and fail the cluster discovery. If you're running into problems with your discovery URL, there are a few sources of information that can help you see what's going on. First, you can open the URL in a browser to see what information etcd is using to bootstrap itself: @@ -124,7 +124,7 @@ To rule out firewall settings as a source of your issue, ensure that you can cur ### Communicating with discovery.etcd.io -If your CoreOS cluster can't communicate out the public internet, [https://discovery.etcd.io](https://discovery.etcd.io) won't work and you'll have to run your own discovery endpoint, which is described later in this document. +If your CoreOS cluster can't communicate out to the public internet, [https://discovery.etcd.io](https://discovery.etcd.io) won't work and you'll have to run your own discovery endpoint, which is described later in this document. ### Setting Peer Addresses Correctly @@ -132,14 +132,8 @@ Each etcd instance submits the `-peer-addr` of each etcd instance to the configu ## Running Your Own Discovery Service -The public discovery service is just an etcd cluster made available to the public internet. Since the discovery service conducts and stores the result of the first leader election, it needs to be consistent. You wouldn't want 2 machines in the same cluster to think they were both the leader. +The public discovery service is just an etcd cluster made available to the public internet. Since the discovery service conducts and stores the result of the first leader election, it needs to be consistent. You wouldn't want two machines in the same cluster to think they were both the leader. Since etcd is designed to this type of leader election, it was an obvious choice to use it for everyone's initial leader election. This means that it's easy to run your own etcd cluster for this purpose. -If you're interested in how to discovery API works behind the scenes in etcd, read about the [Discovery Protocol](https://github.com/coreos/etcd/blob/master/Documentation/discovery-protocol.md). - -## Lifetime of a Discovery URL - -A discovery URL identifies a single etcd cluster. Do not re-use discovery URLs for new clusters. - -When a machine starts with a new discovery URL the discovery URL will be activated and record the machine's metadata. If you destroy the whole cluster and attempt to bring the cluster back up with the same discovery URL it will fail. This is intentional because all of the registered machines are gone including their logs so there is nothing to recover the killed cluster. +If you're interested in how to discovery API works behind the scenes in etcd, read about the [Discovery Protocol](https://github.com/coreos/etcd/blob/master/Documentation/discovery-protocol.md). \ No newline at end of file From abf38495df8b2585a0a59bd577daad5b2ce32e26 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Tue, 12 Aug 2014 16:37:18 -0700 Subject: [PATCH 0191/1291] cluster-discovery: more clarity --- .../setup/cluster-discovery/index.md | 30 ++++++++++++------- 1 file changed, 20 insertions(+), 10 deletions(-) diff --git a/cluster-management/setup/cluster-discovery/index.md b/cluster-management/setup/cluster-discovery/index.md index a64a6ac7d..307750167 100644 --- a/cluster-management/setup/cluster-discovery/index.md +++ b/cluster-management/setup/cluster-discovery/index.md @@ -40,25 +40,25 @@ coreos: ## New Clusters -Starting a CoreOS cluster requires one of the new machines to become the first leader of the cluster. The initial leader is stored as metadata with the discovery URL in order to inform the other members of the new cluster. Let's walk through an example with a new 3 machine CoreOS cluster: +Starting a CoreOS cluster requires one of the new machines to become the first leader of the cluster. The initial leader is stored as metadata with the discovery URL in order to inform the other members of the new cluster. Let's walk through a timeline a new 3 machine CoreOS cluster discovering each other: -1. 3 machines are booted via a cloud-provider -2. Machine 1 that boots connects to the discovery token and submits its `peer-addr` address `10.10.10.1`. +1. All three machines are booted via a cloud-provider with the same cloud-config in the user-data. +2. Machine 1 starts up first. It requests information about the cluster from the discovery token and submits its `peer-addr` address `10.10.10.1`. 3. No leader is recorded into the discovery URL metadata, so machine 1 becomes the leader. 4. Machine 2 boots and submits its `peer-addr` address `10.10.10.2`. It also reads back the list of existing peers (only `10.10.10.1`) and attempts to connect to the address listed. -5. Machine 2 is now part of the cluster as a follower. -6. Machine 3 boots and submits its `peer-addr` address `10.10.10.3`. It reads back the list of peers ( `10.10.10.1` and `10.10.10.2`) and selects one of the addresses to try first. If it can connect, the machine joins the cluster and is given a full list of the existing other members of the cluster. +5. Machine 2 connects to Machine 1 and is now part of the cluster as a follower. +6. Machine 3 boots and submits its `peer-addr` address `10.10.10.3`. It reads back the list of peers ( `10.10.10.1` and `10.10.10.2`) and selects one of the addresses to try first. When it connects to a machine in the cluster, the machine is given a full list of the existing other members of the cluster. 7. The cluster is now bootstrapped with an intial leader and two followers. There are two interesting things happening during this process. First, each machine is configured with the same discovery URL and etcd figured out what to do. This allows you to load the same cloud-config into an auto-scaling group and it will work whether it is the first or 30th machine in the group. -Second, machine 3 only needed to use one of the addresses stored in the discovery URL to connect to the cluster, because the rest of the active peers can be obtained after cluster membership through the Raft protocol. +Second, machine 3 only needed to use one of the addresses stored in the discovery URL to connect to the cluster. Since etcd uses the Raft consensus algorithm, existing machines in the cluster already maintain a list of healty members in order for the algorithm to function properly. This list is given to the new machine and it starts normal operations with each of the other cluster members. ## Existing Clusters -If you're already bootstrapped a cluster with a discovery URL, all you need to do is to boot new machines with a cloud-config containing the same URL. After boot, new machines will see that a cluster already exists and attempt to join through one of the addresses stored with the discovery URL. +If you're already operating a bootstrapped a cluster with a discovery URL, adding new machines to the cluster is very easy. All you need to do is to boot the new machines with a cloud-config containing the same discovery URL. After boot, the new machines will see that a cluster already exists and attempt to join through one of the addresses stored with the discovery URL. Over time, as machines come and go, the discovery URL will eventually contain addresses of peers that are no longer alive. Each entry in the discovery URL has a TTL of 7 days, which should be long enough to make sure no extended outages cause an address to be removed erroneously. There is no harm in having stale peers in the list until they are cleaned up, since an etcd instance only needs to connect to one valid peer in the cluster to join. @@ -66,7 +66,7 @@ Over time, as machines come and go, the discovery URL will eventually contain ad ### Invalid Cloud-Config -The most common problem with cluster discovery is using invalid cloud-config, which will prevent the cloud-config from being applied to the machine. Formatting errors are easy to do with YAML. You should always run newly written cloud-config through a [YAML validator](yamllint.com). +The most common problem with cluster discovery is using invalid cloud-config, which will prevent the cloud-config from being applied to the machine. The YAML format uses indention to represent data hierarchy, which makes it easy to create an invalid cloud-config. You should always run newly written cloud-config through a [YAML validator](yamllint.com). Unfortunately, if you are providing an SSH-key via cloud-config, it can be hard to read the `coreos-cloudinit` log to find out what's wrong. If you're using a cloud provider, you can normally provide an SSH-key via another method which will allow you to log in. If you're running on bare metal, the [coreos.autologin]({{site.url}}/docs/running-coreos/bare-metal/booting-with-pxe/#setting-up-pxelinux.cfg) kernel option will bypass authentication, letting you read the journal. @@ -78,7 +78,11 @@ journalctl _EXE=/usr/bin/coreos-cloudinit ### Stale Tokens -Another common problem with cluster discovery is attempting to boot a new cluster with a stale discovery URL. As explained above, the intial leader election is recorded into the URL, which inticates that the new etcd instance should be joining an existing cluster. On a stale token, each of the old peer addresses will be used to try to join a cluster but will fail. A new cluster can't be formed by discarding these old addresses, because if an etcd peer was in a network partition, it would look exactly like the described situation. Because etcd can't ever accurately determined whether a token has been reused or not, it must assume the worst and fail the cluster discovery. +Another common problem with cluster discovery is attempting to boot a new cluster with a stale discovery URL. As explained above, the intial leader election is recorded into the URL, which inticates that the new etcd instance should be joining an existing cluster. + +If you provide a stale discovery URL, the new machines will attempt to connec to each of the old peer addresses, which will fail since they don't exist, and the bootstrapping process will fail. + +If you're thinking, why can't the new machines just form a new cluster if they're all down. There's a really great reason for this — if an etcd peer was in a network partition, it would look exactly like the "full-down" situation and starting a new cluster would form a split-brain. Since etcd will never be able to determine whether a token has been reused or not, it must assume the worst and abort the cluster discovery. If you're running into problems with your discovery URL, there are a few sources of information that can help you see what's going on. First, you can open the URL in a browser to see what information etcd is using to bootstrap itself: @@ -122,9 +126,15 @@ If you're running into problems with your discovery URL, there are a few sources To rule out firewall settings as a source of your issue, ensure that you can curl each of the IPs from machines in your cluster. +If all of the IPs can be reached, the etcd log can provide more clues: + +``` +journalctl -u etcd +``` + ### Communicating with discovery.etcd.io -If your CoreOS cluster can't communicate out to the public internet, [https://discovery.etcd.io](https://discovery.etcd.io) won't work and you'll have to run your own discovery endpoint, which is described later in this document. +If your CoreOS cluster can't communicate out to the public internet, [https://discovery.etcd.io](https://discovery.etcd.io) won't work and you'll have to run your own discovery endpoint, which is described below. ### Setting Peer Addresses Correctly From 01b4502d479fa7b37959475314434c3e9820d373 Mon Sep 17 00:00:00 2001 From: Joseph Anthony Pasquale Holsten Date: Wed, 13 Aug 2014 01:46:04 +0000 Subject: [PATCH 0192/1291] fleetctl load hello.service before fleetctl start `fleetctl` can't start a service until it has been loaded. Normally, this would go without saying. But since this is the quickstart guide, let's be explicit. --- quickstart/index.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/quickstart/index.md b/quickstart/index.md index 228999a20..1672d21e6 100644 --- a/quickstart/index.md +++ b/quickstart/index.md @@ -128,9 +128,10 @@ ExecStop=/usr/bin/docker stop hello The [Getting Started with systemd]({{site.url}}/docs/launching-containers/launching/getting-started-with-systemd) guide explains the format of this file in more detail. -Then start the unit: +Then load and start the unit: ```sh +$ fleetctl load hello.service $ fleetctl start hello.service Job hello.service launched on 8145ebb7.../172.17.8.105 ``` From 1313a605aa7b9db0cdc25e4a308177fcbf5a3ffd Mon Sep 17 00:00:00 2001 From: Sebastian Fastner Date: Wed, 13 Aug 2014 15:23:52 +0200 Subject: [PATCH 0193/1291] Fix syntax error in docker run command --- .../launching/launching-containers-fleet/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/launching-containers/launching/launching-containers-fleet/index.md b/launching-containers/launching/launching-containers-fleet/index.md index 68540c0d7..ad880405e 100644 --- a/launching-containers/launching/launching-containers-fleet/index.md +++ b/launching-containers/launching/launching-containers-fleet/index.md @@ -30,7 +30,7 @@ TimeoutStartSec=0 ExecStartPre=-/usr/bin/docker kill busybox1 ExecStartPre=-/usr/bin/docker rm busybox1 ExecStartPre=/usr/bin/docker pull busybox -ExecStart=/usr/bin/docker run busybox --name busybox1 /bin/sh -c "while true; do echo Hello World; sleep 1; done" +ExecStart=/usr/bin/docker run --name busybox1 busybox /bin/sh -c "while true; do echo Hello World; sleep 1; done" ``` Run the start command to start up the container on the cluster: From 67d179d0d1bb2842af7f93139a6ea80df760a706 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Wed, 13 Aug 2014 11:54:03 -0700 Subject: [PATCH 0194/1291] systemd: update to reflect unit file changes --- .../launching/getting-started-with-systemd/index.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/launching-containers/launching/getting-started-with-systemd/index.md b/launching-containers/launching/getting-started-with-systemd/index.md index a5d0fd7d8..74cd91f51 100644 --- a/launching-containers/launching/getting-started-with-systemd/index.md +++ b/launching-containers/launching/getting-started-with-systemd/index.md @@ -87,7 +87,11 @@ The full list is located on the [systemd man page](http://www.freedesktop.org/so Let's put a few of these concepts togther to register new units within etcd. Imagine we had another container running that would read these values from etcd and act upon them. -We can use `ExecStart` to either create a container with the `docker run` command or start a pre-existing container with the `docker start -a` command. We need to account for both because you can't issue multiple docker run commands when specifying a `--name`. In either case we must leave the container in the foreground (i.e. don't run with `-d`) so systemd knows the service is running. +We can use `ExecStartPre` to scrub existing conatiner state. The `docker kill` will force any previous copy of this container to stop, which is useful if we restarted the unit but docker didn't stop the container for some reason. The `=-` is systemd syntax to ignore errors for this command. We need to do this because docker will return a non-zero exit code if we try to stop a container that doesn't exist. We don't consider this an error (because we want the container stopped) so we tell systemd to ignore the possible failure. + +`docker rm` will remove the container and `docker pull` will pull down the latest version. You can optionally pull down a specific version as a docker tag: `coreos/apache:1.2.3` + +`ExecStart` is where the container is started from the container image that we pulled above. Since our container will be started in `ExecStart`, it makes sense for our etcd command to run as `ExecStartPost` to ensure that our container is started and functioning. From 6da4a32f263a71f5fede67d989bfab43a1f64931 Mon Sep 17 00:00:00 2001 From: Joseph Anthony Pasquale Holsten Date: Fri, 15 Aug 2014 01:28:22 +0000 Subject: [PATCH 0195/1291] Include output of fleectl load --- quickstart/index.md | 1 + 1 file changed, 1 insertion(+) diff --git a/quickstart/index.md b/quickstart/index.md index 1672d21e6..0b0844d14 100644 --- a/quickstart/index.md +++ b/quickstart/index.md @@ -132,6 +132,7 @@ Then load and start the unit: ```sh $ fleetctl load hello.service +Job hello.service loaded on c72c6ea2.../10.65.174.36 $ fleetctl start hello.service Job hello.service launched on 8145ebb7.../172.17.8.105 ``` From 54baab56eb810cf7e20f2327475084712d894716 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Fri, 15 Aug 2014 09:23:27 -0700 Subject: [PATCH 0196/1291] quickstart: fleetctl output now matches --- quickstart/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/quickstart/index.md b/quickstart/index.md index 0b0844d14..e69a2280f 100644 --- a/quickstart/index.md +++ b/quickstart/index.md @@ -132,7 +132,7 @@ Then load and start the unit: ```sh $ fleetctl load hello.service -Job hello.service loaded on c72c6ea2.../10.65.174.36 +Job hello.service loaded on 8145ebb7.../172.17.8.105 $ fleetctl start hello.service Job hello.service launched on 8145ebb7.../172.17.8.105 ``` From c51b6bb5b744755523158ef80670002a9ff4c844 Mon Sep 17 00:00:00 2001 From: Jon Chen Date: Wed, 20 Aug 2014 12:27:13 -0400 Subject: [PATCH 0197/1291] fix minor typo --- running-coreos/bare-metal/booting-with-ipxe/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/running-coreos/bare-metal/booting-with-ipxe/index.md b/running-coreos/bare-metal/booting-with-ipxe/index.md index ea1118af1..ace54668b 100644 --- a/running-coreos/bare-metal/booting-with-ipxe/index.md +++ b/running-coreos/bare-metal/booting-with-ipxe/index.md @@ -87,7 +87,7 @@ iPXE> dhcp iPXE> chain http://${YOUR_BOOT_URL} ``` -Immediatly iPXE should download your boot script URL and start grabbing the images from the CoreOS storage site: +Immediately iPXE should download your boot script URL and start grabbing the images from the CoreOS storage site: ```sh ${YOUR_BOOT_URL}... ok From f1b8a6250426e1d107076df2d5620fe0540ac48b Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 21 Aug 2014 15:25:33 -0400 Subject: [PATCH 0198/1291] cluster-discovery: add curl block for new URLs --- .../setup/cluster-discovery/index.md | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/cluster-management/setup/cluster-discovery/index.md b/cluster-management/setup/cluster-discovery/index.md index 307750167..70af97c74 100644 --- a/cluster-management/setup/cluster-discovery/index.md +++ b/cluster-management/setup/cluster-discovery/index.md @@ -13,13 +13,16 @@ weight: 5 CoreOS uses etcd, a service running on each machine, to handle coordination between software running on the cluster. For a group of CoreOS machines to form a cluster, their etcd instances need to be connected. -A discovery service, [https://discovery.etcd.io](https://discovery.etcd.io), is provided as a free service to help connect etcd instances together by storing a list of peer addresses and metadata under a unique address, known as the discovery URL. +A discovery service, [https://discovery.etcd.io](https://discovery.etcd.io), is provided as a free service to help connect etcd instances together by storing a list of peer addresses and metadata under a unique address, known as the discovery URL. You can generate them very easily: -The discovery URL can be provided to each CoreOS machine via [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config), a minimal config tool that's designed to get a machine connected to the network and join the cluster. The rest of this guide will explain what's happening behind the scenes, but if you're trying to get clustered as quickly as possible, all you need to do is provide a _fresh, unique_ discovery token in your cloud-config. +``` +$ curl -w "\n" https://discovery.etcd.io/new +https://discovery.etcd.io/6a28e078895c5ec737174db2419bb2f3 +``` -Boot each one of the machines with identical cloud-config and they should be automatically clustered. You can grab a new token from [https://discovery.etcd.io/new](https://discovery.etcd.io/new) at any time. +The discovery URL can be provided to each CoreOS machine via [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config), a minimal config tool that's designed to get a machine connected to the network and join the cluster. The rest of this guide will explain what's happening behind the scenes, but if you're trying to get clustered as quickly as possible, all you need to do is provide a _fresh, unique_ discovery token in your cloud-config. -A common cloud-config is provided below, but specific guides are provided for each platform's guide. Not all providers support the `$private_ipv4` variable substitution. +Boot each one of the machines with identical cloud-config and they should be automatically clustered: ``` #cloud-config @@ -38,13 +41,15 @@ coreos: command: start ``` +Specific documentation are provided for each platform's guide. Not all providers support the $private_ipv4 variable substitution. + ## New Clusters Starting a CoreOS cluster requires one of the new machines to become the first leader of the cluster. The initial leader is stored as metadata with the discovery URL in order to inform the other members of the new cluster. Let's walk through a timeline a new 3 machine CoreOS cluster discovering each other: 1. All three machines are booted via a cloud-provider with the same cloud-config in the user-data. 2. Machine 1 starts up first. It requests information about the cluster from the discovery token and submits its `peer-addr` address `10.10.10.1`. -3. No leader is recorded into the discovery URL metadata, so machine 1 becomes the leader. +3. No state is recorded into the discovery URL metadata, so machine 1 becomes the leader and records the state as `started`. 4. Machine 2 boots and submits its `peer-addr` address `10.10.10.2`. It also reads back the list of existing peers (only `10.10.10.1`) and attempts to connect to the address listed. 5. Machine 2 connects to Machine 1 and is now part of the cluster as a follower. 6. Machine 3 boots and submits its `peer-addr` address `10.10.10.3`. It reads back the list of peers ( `10.10.10.1` and `10.10.10.2`) and selects one of the addresses to try first. When it connects to a machine in the cluster, the machine is given a full list of the existing other members of the cluster. @@ -62,6 +67,8 @@ If you're already operating a bootstrapped a cluster with a discovery URL, addin Over time, as machines come and go, the discovery URL will eventually contain addresses of peers that are no longer alive. Each entry in the discovery URL has a TTL of 7 days, which should be long enough to make sure no extended outages cause an address to be removed erroneously. There is no harm in having stale peers in the list until they are cleaned up, since an etcd instance only needs to connect to one valid peer in the cluster to join. +It's also possible that a discovery URL can contain no existing addresses, because they were all removed after 7 days. This represents a dead cluster and the discovery URL won't work any more and should be discarded. + ## Common Problems with Cluster Discovery ### Invalid Cloud-Config @@ -138,7 +145,7 @@ If your CoreOS cluster can't communicate out to the public internet, [https://di ### Setting Peer Addresses Correctly -Each etcd instance submits the `-peer-addr` of each etcd instance to the configured discovery service. It's important to select an address that *all* peers in the cluster can communicate with. For example, if you're located in two regions of a cloud provider, configuring a private `10.x` address will not work between the two regions, and communication will not be possible between all peers. +Each etcd instance submits the `-peer-addr` of each etcd instance to the configured discovery service. It's important to select an address that *all* peers in the cluster can communicate with. For example, if you're located in two regions of a cloud provider, configuring a private `10.x` address will not work between the two regions, and communication will not be possible between all peers. The `--bindaddr` flag allows you to bind to a specific interface (or all interfaces) to ensure your etcd traffic is routed properly. ## Running Your Own Discovery Service From 9b97a2b1db942b24e873c1614a81ad769ac79388 Mon Sep 17 00:00:00 2001 From: Brian Waldon Date: Fri, 22 Aug 2014 11:29:54 -0700 Subject: [PATCH 0199/1291] sdk: s/modificaions/modifications/ --- sdk-distributors/sdk/tips-and-tricks/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sdk-distributors/sdk/tips-and-tricks/index.md b/sdk-distributors/sdk/tips-and-tricks/index.md index 7fc57dc8e..6f539289b 100644 --- a/sdk-distributors/sdk/tips-and-tricks/index.md +++ b/sdk-distributors/sdk/tips-and-tricks/index.md @@ -26,7 +26,7 @@ repo forall -c git grep 'CONFIG_EXTRA_FIRMWARE_DIR' ## Add new upstream package -Before making modificaions use `repo start` to create a new branch for the changes. +Before making modifications use `repo start` to create a new branch for the changes. To add a new package fetch the Gentoo package from upstream and add the package as a dependency of coreos-base/coreos From 357c344d0a7f9a639be0ba31b97c1af5bf32fd8f Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Tue, 26 Aug 2014 15:17:36 -0400 Subject: [PATCH 0200/1291] launching-containers: add missing ExecStop to unit --- .../launching/launching-containers-fleet/index.md | 1 + 1 file changed, 1 insertion(+) diff --git a/launching-containers/launching/launching-containers-fleet/index.md b/launching-containers/launching/launching-containers-fleet/index.md index ad880405e..1aa846c32 100644 --- a/launching-containers/launching/launching-containers-fleet/index.md +++ b/launching-containers/launching/launching-containers-fleet/index.md @@ -31,6 +31,7 @@ ExecStartPre=-/usr/bin/docker kill busybox1 ExecStartPre=-/usr/bin/docker rm busybox1 ExecStartPre=/usr/bin/docker pull busybox ExecStart=/usr/bin/docker run --name busybox1 busybox /bin/sh -c "while true; do echo Hello World; sleep 1; done" +ExecStop=/usr/bin/docker stop busybox1 ``` Run the start command to start up the container on the cluster: From 06563e8f875c3dc0958c5a3547f5b9a6784aa7d2 Mon Sep 17 00:00:00 2001 From: Jonathan Boulle Date: Tue, 26 Aug 2014 13:37:43 -0700 Subject: [PATCH 0201/1291] launching-containers: update service-discovery link --- .../launching/launching-containers-fleet/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/launching-containers/launching/launching-containers-fleet/index.md b/launching-containers/launching/launching-containers-fleet/index.md index 1aa846c32..5ad83d924 100644 --- a/launching-containers/launching/launching-containers-fleet/index.md +++ b/launching-containers/launching/launching-containers-fleet/index.md @@ -101,7 +101,7 @@ How do we route requests to these containers? The best strategy is to run a "sid ## Run a Simple Sidekick -The simplest sidekick example is for [service discovery](https://github.com/coreos/fleet/blob/master/Documentation/service-discovery.md). This unit blindly announces that our container has been started. We'll run one of these for each Apache unit that's already running. Make two copies of the unit called `apache-discovery.1.service` and `apache-discovery.2.service`. Be sure to change all instances of `apache.1.service` to `apache.2.service` and `apache1` to `apache2` when you create the second unit. +The simplest sidekick example is for [service discovery](https://github.com/coreos/fleet/blob/master/Documentation/examples/service-discovery.md). This unit blindly announces that our container has been started. We'll run one of these for each Apache unit that's already running. Make two copies of the unit called `apache-discovery.1.service` and `apache-discovery.2.service`. Be sure to change all instances of `apache.1.service` to `apache.2.service` and `apache1` to `apache2` when you create the second unit. ```ini [Unit] From a90d31d218840874d072c1ed528fb3f1567b3d1d Mon Sep 17 00:00:00 2001 From: Jonathan Boulle Date: Tue, 26 Aug 2014 14:24:25 -0700 Subject: [PATCH 0202/1291] launching-containers: update more fleet links --- .../launching/launching-containers-fleet/index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/launching-containers/launching/launching-containers-fleet/index.md b/launching-containers/launching/launching-containers-fleet/index.md index 5ad83d924..8dd11a0af 100644 --- a/launching-containers/launching/launching-containers-fleet/index.md +++ b/launching-containers/launching/launching-containers-fleet/index.md @@ -156,7 +156,7 @@ If you're running in the cloud, many services have APIs that can be automated ba Applications with complex and specific requirements can target a subset of the cluster for scheduling via machine metadata. Powerful deployment topologies can be achieved — schedule units based on the machine's region, rack location, disk speed or anything else you can think of. -Metadata can be provided via [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/#coreos) or a [config file](https://github.com/coreos/fleet/blob/master/Documentation/configuration.md). Here's an example config file: +Metadata can be provided via [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/#coreos) or a [config file](https://github.com/coreos/fleet/blob/master/Documentation/deployment-and-configuration.md). Here's an example config file: ```ini # Comma-delimited key/value pairs that are published to the fleet registry. @@ -211,4 +211,4 @@ X-ConditionMachineMetadata=region=east #### More Information Example Deployment with fleet fleet Unit Specifications -fleet Configuration +fleet Configuration From 197342d958b561cb2fb8b6f2cf3e8084883eab75 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Wed, 27 Aug 2014 11:10:45 -0700 Subject: [PATCH 0203/1291] registry: initial commit --- .../configure-machines/index.md | 68 +++++++++++++++++++ 1 file changed, 68 insertions(+) create mode 100644 enterprise-registry/configure-machines/index.md diff --git a/enterprise-registry/configure-machines/index.md b/enterprise-registry/configure-machines/index.md new file mode 100644 index 000000000..1863c7a90 --- /dev/null +++ b/enterprise-registry/configure-machines/index.md @@ -0,0 +1,68 @@ +--- +layout: docs +title: Configure Machines for Enterprise Registry +category: registry +sub_category: usage +forkurl: https://github.com/coreos/docs/blob/master/enterprise-registry/configure-machines/index.md +weight: 5 +--- + +# Configure Machines for Enterprise Registry + +The Enterprise Registry allows you to create teams and user accounts that match your existing business unit organization. A special type of user, a robot account, is designed to be used programatically by deployment systems and other pieces of software. Robot accounts are commonly configured with read-only access to an organizations repositories. + +This guide we will assume you have the DNS record `registry.example.com` configured to point to your Enterprise Registry. + +## Credentials + +Each CoreOS machine needs to be configured with the username and password for a robot account in order to deploy your containers. Docker looks for configured credentials in a `.dockercfg` file located within the user's home directory. You can download this file directly from the Enterprise Registry interface. Let's assume you've created a robot account called `myapp+deployment`. + +Writing the `.dockercfg` can be specified in [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config) with the write_files parameter, or created manually on each machine. + +### Cloud-Config + +A snippet to configure the credentials via write_files looks like: + +```yaml +#cloud-config + +write_files: + - path: /home/root/.dockercfg + permissions: 0644 + content: | + { + "https://registry.example.com/v1/": { + "auth": "cm9ic3p1bXNrajYzUFFXSU9HSkhMUEdNMEISt0ZXN0OkdOWEVHWDRaSFhNUVVSMkI1WE9MM1k1S1R1VET0I1RUZWSVg3TFRJV1I3TFhPMUI=", + "email": "" + } + } +``` + +Each machine booted with this cloud-config should automatically be authenticated with your Enterprise Registry. + +### Manual Login + +To temporarily login to an Enterprise Registry account on a machine, run `docker login`: + +```sh +$ docker login registry.example.com +Login against server at https://registry.example.com/v1/ +Username: myapp+deployment +Password: GNXEGX4Y5J63PQWIOGJHLPGM0B5GUDOBZHXMQUR2B5XOL35EFVIX7LTIWR7LXO1B +Email: myemail@example.com +``` + +## Test Push or Pull + +Now that your machine is authenticated, try pulling one of your repositories. If you haven't pushed a repository into your Enterprise Registry, you will need to tag it with the full name: + +```sh +$ docker tag bf60637a656c registry.domain.com/myapp +$ docker push registry.domain.com/myapp +``` + +If you already have images in your registry, test out a pull: + +```sh +docker pull registry.domain.com/myapp +``` From 5a34b2149f10647be42003ba07e286ec76fc3dba Mon Sep 17 00:00:00 2001 From: Kelsey Hightower Date: Wed, 27 Aug 2014 11:23:57 -0700 Subject: [PATCH 0204/1291] add docs for date and timezone settings --- .../configuring-date-and-timezone/index.md | 140 ++++++++++++++++++ 1 file changed, 140 insertions(+) create mode 100644 cluster-management/setup/configuring-date-and-timezone/index.md diff --git a/cluster-management/setup/configuring-date-and-timezone/index.md b/cluster-management/setup/configuring-date-and-timezone/index.md new file mode 100644 index 000000000..26a17993f --- /dev/null +++ b/cluster-management/setup/configuring-date-and-timezone/index.md @@ -0,0 +1,140 @@ +--- +layout: docs +title: Configuring Date and Timezone +category: cluster_management +sub_category: setting_up +weight: 7 +--- + +# Configuring Date and Timezone + +NTP is used to to keep clocks in sync across machines in a CoreOS cluster. The ntpd service is responsible for keeping each machines local clock in sync with a configured set of time servers. The services will automatically start by default. To check if the ntpd service is running, run the follow command: + +``` +systemctl status ntpd +ntpd.service - Network Time Service + Loaded: loaded (/usr/lib64/systemd/system/ntpd.service; enabled) + Active: active (running) since Tue 2014-08-26 15:10:23 UTC; 4h 23min ago + Main PID: 483 (ntpd) + CGroup: /system.slice/ntpd.service + └─483 /usr/sbin/ntpd -g -n -u ntp:ntp -f /var/lib/ntp/ntp.drift +``` + +## Changing NTP time servers + +The ntpd service can be configured via the /etc/ntp.conf configuration file. By default systems will sync time with NTP servers from ntp.org. If you would like to use a different set of NTP servers edit /etc/ntp.conf: + +``` +# Common pool +server 0.pool.example.com +server 1.pool.example.com +... +``` + +## Viewing the date and timezone settings with timedatectl + +The timedatectl command can be use to view and change timezone settings as well as report the current time. + +``` +timedatectl status + Local time: Tue 2014-08-26 19:29:12 UTC + Universal time: Tue 2014-08-26 19:29:12 UTC + RTC time: Tue 2014-08-26 19:29:12 + Time zone: UTC (UTC, +0000) + NTP enabled: no +NTP synchronized: yes + RTC in local TZ: no + DST active: n/a +``` + +## Changing the system timezone + +Start by listing the available time zones: + +``` +timedatectl list-timezones +Africa/Abidjan +Africa/Accra +Africa/Addis_Ababa +… +``` + +Pick a timezone from the list and set it: + +``` +sudo timedatectl set-timezone America/New_York +``` + +Check the timezone status to view the changes: + +``` +timedatectl + Local time: Tue 2014-08-26 15:44:07 EDT + Universal time: Tue 2014-08-26 19:44:07 UTC + RTC time: Tue 2014-08-26 19:44:07 + Time zone: America/New_York (EDT, -0400) + NTP enabled: yes +NTP synchronized: yes + RTC in local TZ: no + DST active: yes + Last DST change: DST began at + Sun 2014-03-09 01:59:59 EST + Sun 2014-03-09 03:00:00 EDT + Next DST change: DST ends (the clock jumps one hour backwards) at + Sun 2014-11-02 01:59:59 EDT + Sun 2014-11-02 01:00:00 EST +``` + +## CoreOS Recommendations + +### What time should I use? + +To avoid time zone confusion and the complexities of adjusting clocks for daylight saving time it’s recommended that all machines in a CoreOS cluster use Coordinated Universal Time (UTC). + +``` +sudo timedatectl set-timezone UTC +``` + +### Which NTP servers should I sync against? + +Unless you have a highly reliable and precise time server pool you should stick to the default NTP servers from the ntp.org server pool. + +``` +server 0.pool.ntp.org +server 1.pool.ntp.org +server 2.pool.ntp.org +server 3.pool.ntp.org +``` + +## Automating with cloud-config + +The following cloud-config snippet can be used setup and configure NTP and timezone settings: + +``` +#cloud-config + +coreos: + units: + - name: settimezone.service + command: start + content: | + [Unit] + Description=Set the timezone + + [Service] + ExecStart=/usr/bin/timedatectl set-timezone UTC + RemainAfterExit=yes + Type=oneshot +write_files: + - path: /etc/ntp.conf + content: | + # Common pool + server 0.pool.ntp.org + server 1.pool.ntp.org + + # - Allow only time queries, at a limited rate. + # - Allow all local queries (IPv4, IPv6) + restrict default nomodify nopeer noquery limited kod + restrict 127.0.0.1 + restrict [::1] +``` From 73512366a4699651bb5988b5b259e24c9293d5c0 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Wed, 27 Aug 2014 13:40:25 -0700 Subject: [PATCH 0205/1291] config NTP: tweak title to prevent truncation --- cluster-management/setup/configuring-date-and-timezone/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster-management/setup/configuring-date-and-timezone/index.md b/cluster-management/setup/configuring-date-and-timezone/index.md index 26a17993f..525cd2213 100644 --- a/cluster-management/setup/configuring-date-and-timezone/index.md +++ b/cluster-management/setup/configuring-date-and-timezone/index.md @@ -1,6 +1,6 @@ --- layout: docs -title: Configuring Date and Timezone +title: Configuring Date & Timezone (NTP) category: cluster_management sub_category: setting_up weight: 7 From 0eb13b7cb3abe4bbd13d39e62b725a9fc1b86764 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Fri, 29 Aug 2014 19:57:47 -0700 Subject: [PATCH 0206/1291] cluster-discovery: fix broken link to yamllint.com --- cluster-management/setup/cluster-discovery/index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cluster-management/setup/cluster-discovery/index.md b/cluster-management/setup/cluster-discovery/index.md index 70af97c74..7e9092bed 100644 --- a/cluster-management/setup/cluster-discovery/index.md +++ b/cluster-management/setup/cluster-discovery/index.md @@ -73,7 +73,7 @@ It's also possible that a discovery URL can contain no existing addresses, becau ### Invalid Cloud-Config -The most common problem with cluster discovery is using invalid cloud-config, which will prevent the cloud-config from being applied to the machine. The YAML format uses indention to represent data hierarchy, which makes it easy to create an invalid cloud-config. You should always run newly written cloud-config through a [YAML validator](yamllint.com). +The most common problem with cluster discovery is using invalid cloud-config, which will prevent the cloud-config from being applied to the machine. The YAML format uses indention to represent data hierarchy, which makes it easy to create an invalid cloud-config. You should always run newly written cloud-config through a [YAML validator](http://www.yamllint.com). Unfortunately, if you are providing an SSH-key via cloud-config, it can be hard to read the `coreos-cloudinit` log to find out what's wrong. If you're using a cloud provider, you can normally provide an SSH-key via another method which will allow you to log in. If you're running on bare metal, the [coreos.autologin]({{site.url}}/docs/running-coreos/bare-metal/booting-with-pxe/#setting-up-pxelinux.cfg) kernel option will bypass authentication, letting you read the journal. @@ -153,4 +153,4 @@ The public discovery service is just an etcd cluster made available to the publi Since etcd is designed to this type of leader election, it was an obvious choice to use it for everyone's initial leader election. This means that it's easy to run your own etcd cluster for this purpose. -If you're interested in how to discovery API works behind the scenes in etcd, read about the [Discovery Protocol](https://github.com/coreos/etcd/blob/master/Documentation/discovery-protocol.md). \ No newline at end of file +If you're interested in how to discovery API works behind the scenes in etcd, read about the [Discovery Protocol](https://github.com/coreos/etcd/blob/master/Documentation/discovery-protocol.md). From 98d3d89aa098a8aca92dd809a329ff5a55409b7d Mon Sep 17 00:00:00 2001 From: Dennis Benkert Date: Sat, 30 Aug 2014 10:55:08 +0200 Subject: [PATCH 0207/1291] Fixed typo in systemd's "Getting started" guide --- .../launching/getting-started-with-systemd/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/launching-containers/launching/getting-started-with-systemd/index.md b/launching-containers/launching/getting-started-with-systemd/index.md index 74cd91f51..416ab392b 100644 --- a/launching-containers/launching/getting-started-with-systemd/index.md +++ b/launching-containers/launching/getting-started-with-systemd/index.md @@ -85,7 +85,7 @@ systemd provides a high degree of functionality in your unit files. Here's a cur The full list is located on the [systemd man page](http://www.freedesktop.org/software/systemd/man/systemd.service.html). -Let's put a few of these concepts togther to register new units within etcd. Imagine we had another container running that would read these values from etcd and act upon them. +Let's put a few of these concepts together to register new units within etcd. Imagine we had another container running that would read these values from etcd and act upon them. We can use `ExecStartPre` to scrub existing conatiner state. The `docker kill` will force any previous copy of this container to stop, which is useful if we restarted the unit but docker didn't stop the container for some reason. The `=-` is systemd syntax to ignore errors for this command. We need to do this because docker will return a non-zero exit code if we try to stop a container that doesn't exist. We don't consider this an error (because we want the container stopped) so we tell systemd to ignore the possible failure. From 6bc5bd07aa8ede6a11cb273857e9ded4d59d7358 Mon Sep 17 00:00:00 2001 From: Alexandr Morozov Date: Sun, 31 Aug 2014 18:35:25 +0400 Subject: [PATCH 0208/1291] Fix directory to change --- running-coreos/platforms/libvirt/index.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/running-coreos/platforms/libvirt/index.md b/running-coreos/platforms/libvirt/index.md index 77752b7a8..caa2fa9cc 100644 --- a/running-coreos/platforms/libvirt/index.md +++ b/running-coreos/platforms/libvirt/index.md @@ -39,21 +39,21 @@ Read the [release notes]({{site.url}}/releases) for specific features and bug fi

    We start by downloading the most recent disk image:

     mkdir -p /var/lib/libvirt/images/coreos0
-cd /var/lib/libvirt/coreos0
+cd /var/lib/libvirt/images/coreos0
 wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_qemu_image.img.bz2 -O - | bzcat > coreos_production_qemu_image.img

    We start by downloading the most recent disk image:

     mkdir -p /var/lib/libvirt/images/coreos0
-cd /var/lib/libvirt/coreos0
+cd /var/lib/libvirt/images/coreos0
 wget http://beta.release.core-os.net/amd64-usr/current/coreos_production_qemu_image.img.bz2 -O - | bzcat > coreos_production_qemu_image.img

    We start by downloading the most recent disk image:

     mkdir -p /var/lib/libvirt/images/coreos0
-cd /var/lib/libvirt/coreos0
+cd /var/lib/libvirt/images/coreos0
 wget http://stable.release.core-os.net/amd64-usr/current/coreos_production_qemu_image.img.bz2 -O - | bzcat > coreos_production_qemu_image.img
    From 89c3e714ce9c5178813b65b135b92045a26394f2 Mon Sep 17 00:00:00 2001 From: Joseph Schorr Date: Tue, 2 Sep 2014 13:41:24 -0400 Subject: [PATCH 0209/1291] Add enterprise registry setup instructions --- enterprise-registry/initial-setup/index.md | 175 +++++++++++++++++++++ 1 file changed, 175 insertions(+) create mode 100644 enterprise-registry/initial-setup/index.md diff --git a/enterprise-registry/initial-setup/index.md b/enterprise-registry/initial-setup/index.md new file mode 100644 index 000000000..e770b606f --- /dev/null +++ b/enterprise-registry/initial-setup/index.md @@ -0,0 +1,175 @@ +--- +layout: docs +title: Initial Setup of CoreOS Enterprise Registry +category: registry +sub_category: setup +forkurl: https://github.com/coreos/docs/blob/master/enterprise-registry/initial-setup/index.md +weight: 5 +--- + +# Initial Setup of CoreOS Enterprise Registry + +## Introduction + +CoreOS Enterprise Registry requires four components to operate successfully: +- A supported database (MySQL, Postgres) +- A Redis instance (for real-time events) +- A config.yaml file +- The Enterprise Registry image + + +## Preparing the Database + +A MySQL RDBMS or Postgres installation with an empty database is required, and a login with full access to said database. The schema will be created the first time the registry image is run. + +Please have the url for the login and database available in the SQLAlchemy format: + +### For MySQL: +```mysql+pymysql://:@/``` + +### For Postgres: +```postgresql://:@/``` + + +## Setting up Redis + +Redis stores data which must be accessed quickly but doesn’t necessarily require durability guarantees. If you have an existing Redis instance, make sure to accept incoming connections on port 6379 and then feel free to skip this step. + +To run redis, simply pull and run the Quay.io Redis image: + +```sudo docker pull quay.io/quay/redis +sudo docker run -d -p 6379:6379 quay.io/quay/redis``` + +**NOTE**: This host will have to accept incoming connections on port 6379 from the hosts on which the registry will run. + + +## Writing a config.yaml + +CoreOS Enterprise Registry requires a `config.yaml` file. + +Sample configuration can be found below. Any fields marked as `(FILL IN HERE)` are required to be edited. + + # A unique secret key. This should be a UUID or some other secret + # string. + SECRET_KEY: '(FILL IN HERE: secret key)' + + # Should be 'https' if SSL is used and 'http' otherwise. + PREFERRED_URL_SCHEME: '(FILL IN HERE: "https" or "http")' + + # The HTTP host (and optionally the port number) of the location + # where the registry will be accessible on the network. + SERVER_HOSTNAME: '(FILL IN HERE: registry.mycorp.com)' + + # A logo to use for your enterprise + ENTERPRISE_LOGO_URL: '(FILL IN HERE: http://someurl/...)' + + # Settings for SMTP and mailing. This is *required*. + MAIL_PORT: 587 + MAIL_PASSWORD: '(FILL IN HERE: password)' + MAIL_SERVER: '(FILL IN HERE: hostname)' + MAIL_USERNAME: '(FILL IN HERE: username)' + MAIL_USE_TLS: true + + # The database URI for your MySQL or Postgres DB. + DB_URI: '(FILL IN HERE: database uri)' + + # References to the REDIS host setup above. Note that this does + # not include the port, but merely the hostname/ip. + BUILDLOGS_REDIS_HOSTNAME: '(FILL IN HERE: redis host)' + USER_EVENTS_REDIS_HOSTNAME: '(FILL IN HERE: redis host)' + + # The usernames of your super-users, if any. Super users will + # have the ability to view and delete other users. + SUPER_USERS: [] + + # Either 'Database' or 'LDAP'. + # If LDAP, additional configuration is required below. + AUTHENTICATION_TYPE: 'Database' + + # Should always be 'local'. + DISTRIBUTED_STORAGE_PREFERENCE: ['local'] + + # Defines the kind of storage used by the registry: + # LocalStorage: Registry data is stored on a local mounted volume + # + # Required fields: + # storage_path: The path under the mounted volume + # + # S3Storage: Registry data is stored in Amazon S3 + # + # Required fields: + # storage_path: The path under the S3 bucket + # s3_access_key: The S3 access key + # s3_secret_key: The S3 secret key + # s3_bucket: The S3 bucket + # + # GoogleCloudStorage: Registry data is stored in GCS + # + # Required fields: + # storage_path: The path under the GCS bucket + # access_key: The GCS access key + # secret_key: The GCS secret key + # bucket_name: The GCS bucket + # + DISTRIBUTED_STORAGE_CONFIG: + local: + # The name of the storage provider + - LocalStorage + + # Fields, in dictionary form + - {'storage_path': '/datastorage/registry'} + + # LDAP information (only needed if `LDAP` is chosen above). + # LDAP_URI: 'ldap://localhost' + # LDAP_ADMIN_DN: 'cn=admin,dc=devtable,dc=com' + # LDAP_ADMIN_PASSWD: 'secret' + # LDAP_BASE_DN: ['dc=devtable', 'dc=com'] + # LDAP_EMAIL_ATTR: 'mail' + # LDAP_UID_ATTR: 'uid' + # LDAP_USER_RDN: ['ou=People'] + + # Where user files (uploaded build packs, other binary data) + # are stored. + USERFILES_PATH: 'datastorage/userfiles' + USERFILES_TYPE: 'LocalUserfiles' + + # Required constants. + TESTING: false + USE_CDN: false + FEATURE_USER_LOG_ACCESS: true + FEATURE_BUILD_SUPPORT: false + + +## Setting up the directories + +CoreOS Enterprise registry requires a storage directory and a configuration directory containing the `config.yaml`, and, if SSL is used, two files named `ssl.cert` and `ssl.key`: + + mkdir storage + mkdir config + mv config.yaml config/config.yaml + cp my-ssl-cert config/ssl.cert + cp my-ssl-key config/ssl.key + + +## Pulling the CoreOS Enterprise Registry image + +As part of the setup package, a set of pull credentials have been included. To pull the CoreOS Enterprise Registry image, run a `docker login` and then a `docker pull`: + + docker login quay.io + Username: (the username given) + Password: (the password given) + E-mail: (put anything here) + + docker pull quay.io/coreos/registry:latest + + +## Running the CoreOS Enterprise Registry image + +The CoreOS Enterprise Registry is run via a `docker run` call, with the `` and `` being the directories created above. + + docker run -p 443:443 -p 80:80 --privileged=true -v :/conf/stack -v :/datastorage -d quay.io/coreos/registry + + +## Verifying that CoreOS Enterprise Registry is running + +Visit the `/status` endpoint on the registry hostname and verify it returns true for both variables. From fb7007157f452de5e571c021067cbc24c604971e Mon Sep 17 00:00:00 2001 From: Joseph Schorr Date: Tue, 2 Sep 2014 13:43:44 -0400 Subject: [PATCH 0210/1291] See if Github will syntax highlight the yaml block --- enterprise-registry/initial-setup/index.md | 181 +++++++++++---------- 1 file changed, 91 insertions(+), 90 deletions(-) diff --git a/enterprise-registry/initial-setup/index.md b/enterprise-registry/initial-setup/index.md index e770b606f..a548776b3 100644 --- a/enterprise-registry/initial-setup/index.md +++ b/enterprise-registry/initial-setup/index.md @@ -49,96 +49,97 @@ CoreOS Enterprise Registry requires a `config.yaml` file. Sample configuration can be found below. Any fields marked as `(FILL IN HERE)` are required to be edited. - # A unique secret key. This should be a UUID or some other secret - # string. - SECRET_KEY: '(FILL IN HERE: secret key)' - - # Should be 'https' if SSL is used and 'http' otherwise. - PREFERRED_URL_SCHEME: '(FILL IN HERE: "https" or "http")' - - # The HTTP host (and optionally the port number) of the location - # where the registry will be accessible on the network. - SERVER_HOSTNAME: '(FILL IN HERE: registry.mycorp.com)' - - # A logo to use for your enterprise - ENTERPRISE_LOGO_URL: '(FILL IN HERE: http://someurl/...)' - - # Settings for SMTP and mailing. This is *required*. - MAIL_PORT: 587 - MAIL_PASSWORD: '(FILL IN HERE: password)' - MAIL_SERVER: '(FILL IN HERE: hostname)' - MAIL_USERNAME: '(FILL IN HERE: username)' - MAIL_USE_TLS: true - - # The database URI for your MySQL or Postgres DB. - DB_URI: '(FILL IN HERE: database uri)' - - # References to the REDIS host setup above. Note that this does - # not include the port, but merely the hostname/ip. - BUILDLOGS_REDIS_HOSTNAME: '(FILL IN HERE: redis host)' - USER_EVENTS_REDIS_HOSTNAME: '(FILL IN HERE: redis host)' - - # The usernames of your super-users, if any. Super users will - # have the ability to view and delete other users. - SUPER_USERS: [] - - # Either 'Database' or 'LDAP'. - # If LDAP, additional configuration is required below. - AUTHENTICATION_TYPE: 'Database' - - # Should always be 'local'. - DISTRIBUTED_STORAGE_PREFERENCE: ['local'] - - # Defines the kind of storage used by the registry: - # LocalStorage: Registry data is stored on a local mounted volume - # - # Required fields: - # storage_path: The path under the mounted volume - # - # S3Storage: Registry data is stored in Amazon S3 - # - # Required fields: - # storage_path: The path under the S3 bucket - # s3_access_key: The S3 access key - # s3_secret_key: The S3 secret key - # s3_bucket: The S3 bucket - # - # GoogleCloudStorage: Registry data is stored in GCS - # - # Required fields: - # storage_path: The path under the GCS bucket - # access_key: The GCS access key - # secret_key: The GCS secret key - # bucket_name: The GCS bucket - # - DISTRIBUTED_STORAGE_CONFIG: - local: - # The name of the storage provider - - LocalStorage - - # Fields, in dictionary form - - {'storage_path': '/datastorage/registry'} - - # LDAP information (only needed if `LDAP` is chosen above). - # LDAP_URI: 'ldap://localhost' - # LDAP_ADMIN_DN: 'cn=admin,dc=devtable,dc=com' - # LDAP_ADMIN_PASSWD: 'secret' - # LDAP_BASE_DN: ['dc=devtable', 'dc=com'] - # LDAP_EMAIL_ATTR: 'mail' - # LDAP_UID_ATTR: 'uid' - # LDAP_USER_RDN: ['ou=People'] - - # Where user files (uploaded build packs, other binary data) - # are stored. - USERFILES_PATH: 'datastorage/userfiles' - USERFILES_TYPE: 'LocalUserfiles' - - # Required constants. - TESTING: false - USE_CDN: false - FEATURE_USER_LOG_ACCESS: true - FEATURE_BUILD_SUPPORT: false - +```yaml +# A unique secret key. This should be a UUID or some other secret +# string. +SECRET_KEY: '(FILL IN HERE: secret key)' + +# Should be 'https' if SSL is used and 'http' otherwise. +PREFERRED_URL_SCHEME: '(FILL IN HERE: "https" or "http")' + +# The HTTP host (and optionally the port number) of the location +# where the registry will be accessible on the network. +SERVER_HOSTNAME: '(FILL IN HERE: registry.mycorp.com)' + +# A logo to use for your enterprise +ENTERPRISE_LOGO_URL: '(FILL IN HERE: http://someurl/...)' + +# Settings for SMTP and mailing. This is *required*. +MAIL_PORT: 587 +MAIL_PASSWORD: '(FILL IN HERE: password)' +MAIL_SERVER: '(FILL IN HERE: hostname)' +MAIL_USERNAME: '(FILL IN HERE: username)' +MAIL_USE_TLS: true + +# The database URI for your MySQL or Postgres DB. +DB_URI: '(FILL IN HERE: database uri)' + +# References to the REDIS host setup above. Note that this does +# not include the port, but merely the hostname/ip. +BUILDLOGS_REDIS_HOSTNAME: '(FILL IN HERE: redis host)' +USER_EVENTS_REDIS_HOSTNAME: '(FILL IN HERE: redis host)' + +# The usernames of your super-users, if any. Super users will +# have the ability to view and delete other users. +SUPER_USERS: [] + +# Either 'Database' or 'LDAP'. +# If LDAP, additional configuration is required below. +AUTHENTICATION_TYPE: 'Database' + +# Should always be 'local'. +DISTRIBUTED_STORAGE_PREFERENCE: ['local'] + +# Defines the kind of storage used by the registry: +# LocalStorage: Registry data is stored on a local mounted volume +# +# Required fields: +# storage_path: The path under the mounted volume +# +# S3Storage: Registry data is stored in Amazon S3 +# +# Required fields: +# storage_path: The path under the S3 bucket +# s3_access_key: The S3 access key +# s3_secret_key: The S3 secret key +# s3_bucket: The S3 bucket +# +# GoogleCloudStorage: Registry data is stored in GCS +# +# Required fields: +# storage_path: The path under the GCS bucket +# access_key: The GCS access key +# secret_key: The GCS secret key +# bucket_name: The GCS bucket +# +DISTRIBUTED_STORAGE_CONFIG: + local: + # The name of the storage provider + - LocalStorage + + # Fields, in dictionary form + - {'storage_path': '/datastorage/registry'} + +# LDAP information (only needed if `LDAP` is chosen above). +# LDAP_URI: 'ldap://localhost' +# LDAP_ADMIN_DN: 'cn=admin,dc=devtable,dc=com' +# LDAP_ADMIN_PASSWD: 'secret' +# LDAP_BASE_DN: ['dc=devtable', 'dc=com'] +# LDAP_EMAIL_ATTR: 'mail' +# LDAP_UID_ATTR: 'uid' +# LDAP_USER_RDN: ['ou=People'] + +# Where user files (uploaded build packs, other binary data) +# are stored. +USERFILES_PATH: 'datastorage/userfiles' +USERFILES_TYPE: 'LocalUserfiles' + +# Required constants. +TESTING: false +USE_CDN: false +FEATURE_USER_LOG_ACCESS: true +FEATURE_BUILD_SUPPORT: false +``` ## Setting up the directories From 137a3171275a6fafc5582c21b8152300b3a0be48 Mon Sep 17 00:00:00 2001 From: Joseph Schorr Date: Tue, 2 Sep 2014 13:47:18 -0400 Subject: [PATCH 0211/1291] Fix indentation on the Redis pull block --- enterprise-registry/initial-setup/index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/enterprise-registry/initial-setup/index.md b/enterprise-registry/initial-setup/index.md index a548776b3..483302745 100644 --- a/enterprise-registry/initial-setup/index.md +++ b/enterprise-registry/initial-setup/index.md @@ -37,8 +37,8 @@ Redis stores data which must be accessed quickly but doesn’t necessarily requi To run redis, simply pull and run the Quay.io Redis image: -```sudo docker pull quay.io/quay/redis -sudo docker run -d -p 6379:6379 quay.io/quay/redis``` + sudo docker pull quay.io/quay/redis + sudo docker run -d -p 6379:6379 quay.io/quay/redis **NOTE**: This host will have to accept incoming connections on port 6379 from the hosts on which the registry will run. From 6181e676ee9f700c144253c6fd6acdacf2274102 Mon Sep 17 00:00:00 2001 From: Joseph Schorr Date: Tue, 2 Sep 2014 13:48:29 -0400 Subject: [PATCH 0212/1291] Apparently Github doesn't like my tabs --- enterprise-registry/initial-setup/index.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/enterprise-registry/initial-setup/index.md b/enterprise-registry/initial-setup/index.md index 483302745..a3e62d4c1 100644 --- a/enterprise-registry/initial-setup/index.md +++ b/enterprise-registry/initial-setup/index.md @@ -37,8 +37,10 @@ Redis stores data which must be accessed quickly but doesn’t necessarily requi To run redis, simply pull and run the Quay.io Redis image: - sudo docker pull quay.io/quay/redis - sudo docker run -d -p 6379:6379 quay.io/quay/redis +``` +sudo docker pull quay.io/quay/redis +sudo docker run -d -p 6379:6379 quay.io/quay/redis +``` **NOTE**: This host will have to accept incoming connections on port 6379 from the hosts on which the registry will run. From 7abef3bf4080c8391d7646331ea3650ce919862e Mon Sep 17 00:00:00 2001 From: Joseph Schorr Date: Tue, 2 Sep 2014 14:11:06 -0400 Subject: [PATCH 0213/1291] Addressing comments --- enterprise-registry/initial-setup/index.md | 24 ++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/enterprise-registry/initial-setup/index.md b/enterprise-registry/initial-setup/index.md index a3e62d4c1..8e71c1771 100644 --- a/enterprise-registry/initial-setup/index.md +++ b/enterprise-registry/initial-setup/index.md @@ -20,7 +20,7 @@ CoreOS Enterprise Registry requires four components to operate successfully: ## Preparing the Database -A MySQL RDBMS or Postgres installation with an empty database is required, and a login with full access to said database. The schema will be created the first time the registry image is run. +A MySQL RDBMS or Postgres installation with an empty database is required, and a login with full access to said database. The schema will be created the first time the registry image is run. The database install can either be pre-existing or run on CoreOS via a Docker container. Please have the url for the login and database available in the SQLAlchemy format: @@ -45,9 +45,9 @@ sudo docker run -d -p 6379:6379 quay.io/quay/redis **NOTE**: This host will have to accept incoming connections on port 6379 from the hosts on which the registry will run. -## Writing a config.yaml +## Enterprise Registry Config File -CoreOS Enterprise Registry requires a `config.yaml` file. +CoreOS Enterprise Registry requires a `config.yaml` file, that stores database connection information, the storage location of your containers and other important settings. Sample configuration can be found below. Any fields marked as `(FILL IN HERE)` are required to be edited. @@ -143,7 +143,7 @@ FEATURE_USER_LOG_ACCESS: true FEATURE_BUILD_SUPPORT: false ``` -## Setting up the directories +## Setting up the Directories CoreOS Enterprise registry requires a storage directory and a configuration directory containing the `config.yaml`, and, if SSL is used, two files named `ssl.cert` and `ssl.key`: @@ -168,11 +168,23 @@ As part of the setup package, a set of pull credentials have been included. To p ## Running the CoreOS Enterprise Registry image -The CoreOS Enterprise Registry is run via a `docker run` call, with the `` and `` being the directories created above. +The CoreOS Enterprise Registry is run via a `docker run` call, with the `config` and `storage` being the directories created above. - docker run -p 443:443 -p 80:80 --privileged=true -v :/conf/stack -v :/datastorage -d quay.io/coreos/registry + docker run -p 443:443 -p 80:80 --privileged=true -v config:/conf/stack -v storage:/datastorage -d quay.io/coreos/registry ## Verifying that CoreOS Enterprise Registry is running Visit the `/status` endpoint on the registry hostname and verify it returns true for both variables. + + +## Logging in + +### If using database authentication: + +Once the Enterprise Registry is running, new users can be created by clicking the `Sign Up` button. The sign up process will require an e-mail confirmation step, after which repositories, organizations and teams can be setup by the user. + + +### If using LDAP authentication: + +Users should be able to login to the Enterprise Registry directly with their LDAP username and password. \ No newline at end of file From fd4b45c93633926105852fbb70fa2bb076574714 Mon Sep 17 00:00:00 2001 From: Joseph Schorr Date: Tue, 2 Sep 2014 14:40:55 -0400 Subject: [PATCH 0214/1291] Add newline so all doc handlers make the next few lines into a list --- enterprise-registry/initial-setup/index.md | 1 + 1 file changed, 1 insertion(+) diff --git a/enterprise-registry/initial-setup/index.md b/enterprise-registry/initial-setup/index.md index 8e71c1771..34a61aa85 100644 --- a/enterprise-registry/initial-setup/index.md +++ b/enterprise-registry/initial-setup/index.md @@ -12,6 +12,7 @@ weight: 5 ## Introduction CoreOS Enterprise Registry requires four components to operate successfully: + - A supported database (MySQL, Postgres) - A Redis instance (for real-time events) - A config.yaml file From d607b60bcfba6055b3f549342b1b6105f14935d7 Mon Sep 17 00:00:00 2001 From: Joseph Schorr Date: Tue, 2 Sep 2014 14:42:52 -0400 Subject: [PATCH 0215/1291] Make some of the titles shorter since they are displayed in the sidebar --- enterprise-registry/initial-setup/index.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/enterprise-registry/initial-setup/index.md b/enterprise-registry/initial-setup/index.md index 34a61aa85..be8851433 100644 --- a/enterprise-registry/initial-setup/index.md +++ b/enterprise-registry/initial-setup/index.md @@ -155,7 +155,7 @@ CoreOS Enterprise registry requires a storage directory and a configuration dire cp my-ssl-key config/ssl.key -## Pulling the CoreOS Enterprise Registry image +## Pulling the Registry image As part of the setup package, a set of pull credentials have been included. To pull the CoreOS Enterprise Registry image, run a `docker login` and then a `docker pull`: @@ -167,14 +167,14 @@ As part of the setup package, a set of pull credentials have been included. To p docker pull quay.io/coreos/registry:latest -## Running the CoreOS Enterprise Registry image +## Running the Registry The CoreOS Enterprise Registry is run via a `docker run` call, with the `config` and `storage` being the directories created above. docker run -p 443:443 -p 80:80 --privileged=true -v config:/conf/stack -v storage:/datastorage -d quay.io/coreos/registry -## Verifying that CoreOS Enterprise Registry is running +## Verifying the Registry status Visit the `/status` endpoint on the registry hostname and verify it returns true for both variables. From 29a34a6ce6b1bb9afd3ceda5f606151b9bf5d076 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Tue, 2 Sep 2014 13:18:01 -0700 Subject: [PATCH 0216/1291] enterprise-registry: minor title changes --- enterprise-registry/initial-setup/index.md | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/enterprise-registry/initial-setup/index.md b/enterprise-registry/initial-setup/index.md index be8851433..2e196ac25 100644 --- a/enterprise-registry/initial-setup/index.md +++ b/enterprise-registry/initial-setup/index.md @@ -1,15 +1,13 @@ --- layout: docs -title: Initial Setup of CoreOS Enterprise Registry +title: On-Premise Installation category: registry sub_category: setup forkurl: https://github.com/coreos/docs/blob/master/enterprise-registry/initial-setup/index.md weight: 5 --- -# Initial Setup of CoreOS Enterprise Registry - -## Introduction +# On-Premise Installation CoreOS Enterprise Registry requires four components to operate successfully: @@ -188,4 +186,4 @@ Once the Enterprise Registry is running, new users can be created by clicking th ### If using LDAP authentication: -Users should be able to login to the Enterprise Registry directly with their LDAP username and password. \ No newline at end of file +Users should be able to login to the Enterprise Registry directly with their LDAP username and password. From b0c34d1c1374b99fe8126363df37be08f2d7d62c Mon Sep 17 00:00:00 2001 From: Nestor G Pestelos Jr Date: Wed, 3 Sep 2014 19:41:06 -0700 Subject: [PATCH 0217/1291] cluster discovery: fix typo --- cluster-management/setup/cluster-discovery/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster-management/setup/cluster-discovery/index.md b/cluster-management/setup/cluster-discovery/index.md index 7e9092bed..e66e13aad 100644 --- a/cluster-management/setup/cluster-discovery/index.md +++ b/cluster-management/setup/cluster-discovery/index.md @@ -59,7 +59,7 @@ There are two interesting things happening during this process. First, each machine is configured with the same discovery URL and etcd figured out what to do. This allows you to load the same cloud-config into an auto-scaling group and it will work whether it is the first or 30th machine in the group. -Second, machine 3 only needed to use one of the addresses stored in the discovery URL to connect to the cluster. Since etcd uses the Raft consensus algorithm, existing machines in the cluster already maintain a list of healty members in order for the algorithm to function properly. This list is given to the new machine and it starts normal operations with each of the other cluster members. +Second, machine 3 only needed to use one of the addresses stored in the discovery URL to connect to the cluster. Since etcd uses the Raft consensus algorithm, existing machines in the cluster already maintain a list of healthy members in order for the algorithm to function properly. This list is given to the new machine and it starts normal operations with each of the other cluster members. ## Existing Clusters From c43a1b4754c076721c0f4a4932a24bb8e65999ee Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Wed, 3 Sep 2014 18:18:02 -0700 Subject: [PATCH 0218/1291] launching-containers-fleet: update list-units output --- .../launching-containers-fleet/index.md | 29 +++++++++---------- 1 file changed, 14 insertions(+), 15 deletions(-) diff --git a/launching-containers/launching/launching-containers-fleet/index.md b/launching-containers/launching/launching-containers-fleet/index.md index 8dd11a0af..ffac118d8 100644 --- a/launching-containers/launching/launching-containers-fleet/index.md +++ b/launching-containers/launching/launching-containers-fleet/index.md @@ -39,13 +39,12 @@ Run the start command to start up the container on the cluster: ```sh $ fleetctl start myapp.service ``` - -Now list all of the units in the cluster to see the current status. The unit should have been scheduled to a machine in your cluster: +The unit should have been scheduled to a machine in your cluster: ```sh $ fleetctl list-units -UNIT LOAD ACTIVE SUB DESC MACHINE -myapp.service loaded active running MyApp c9de9451.../10.10.1.3 +UNIT MACHINE ACTIVE SUB +myapp.service c9de9451.../10.10.1.3 active running ``` You can view all of the machines in the cluster by running `list-machines`: @@ -89,15 +88,15 @@ Let's start both units and verify that they're on two different machines: ```sh $ fleetctl start apache.* $ fleetctl list-units -UNIT LOAD ACTIVE SUB DESC MACHINE -myapp.service loaded active running MyApp c9de9451.../10.10.1.3 -apache.1.service loaded active running My Apache Frontend 491586a6.../10.10.1.2 -apache.2.service loaded active running My Apache Frontend 148a18ff.../10.10.1.1 +UNIT MACHINE ACTIVE SUB +myapp.service c9de9451.../10.10.1.3 active running +apache.1.service 491586a6.../10.10.1.2 active running +apache.2.service 148a18ff.../10.10.1.1 active running ``` As you can see, the Apache units are now running on two different machines in our cluster. -How do we route requests to these containers? The best strategy is to run a "sidekick" container that performs other duties that are related to our main container but shouldn't be directly built into that application. Examples of common sidekick containers are for service discovery and controlling external services such as cloud load balancers. +How do we route requests to these containers? The best strategy is to run a "sidekick" container that performs other duties that are related to our main container but shouldn't be directly built into that application. Examples of common sidekick containers are for service discovery and controlling external services such as cloud load balancers or DNS. ## Run a Simple Sidekick @@ -127,12 +126,12 @@ Let's verify that each unit was placed on to the same machine as the Apache serv ```sh $ fleetctl start apache-discovery.1.service $ fleetctl list-units -UNIT LOAD ACTIVE SUB DESC MACHINE -myapp.service loaded active running MyApp c9de9451.../10.10.1.3 -apache.1.service loaded active running My Apache Frontend 491586a6.../10.10.1.2 -apache.2.service loaded active running My Apache Frontend 148a18ff.../10.10.1.1 -apache-discovery.1.service loaded active running Announce Apache1 491586a6.../10.10.1.2 -apache-discovery.2.service loaded active running Announce Apache2 148a18ff.../10.10.1.1 +UNIT MACHINE ACTIVE SUB +myapp.service c9de9451.../10.10.1.3 active running +apache.1.service 491586a6.../10.10.1.2 active running +apache.2.service 148a18ff.../10.10.1.1 active running +apache-discovery.1.service 491586a6.../10.10.1.2 active running +apache-discovery.2.service 148a18ff.../10.10.1.1 active running ``` Now let's verify that the service discovery is working correctly: From f3f189ad3cf716cc33e23e2c640154e96cfa7da7 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Wed, 3 Sep 2014 18:14:43 -0700 Subject: [PATCH 0219/1291] launching-containers-fleet: add global units --- .../launching-containers-fleet/index.md | 113 ++++++++++++++---- 1 file changed, 88 insertions(+), 25 deletions(-) diff --git a/launching-containers/launching/launching-containers-fleet/index.md b/launching-containers/launching/launching-containers-fleet/index.md index 8dd11a0af..e59f93246 100644 --- a/launching-containers/launching/launching-containers-fleet/index.md +++ b/launching-containers/launching/launching-containers-fleet/index.md @@ -15,6 +15,40 @@ If you're not familiar with systemd units, check out our [Getting Started with s This guide assumes you're running `fleetctl` locally from a CoreOS machine that's part of a CoreOS cluster. You can also [control your cluster remotely]({{site.url}}/docs/launching-containers/launching/fleet-using-the-client/#get-up-and-running). All of the units referenced in this blog post are contained in the [unit-examples](https://github.com/coreos/unit-examples/tree/master/simple-fleet) repository. You can clone this onto your CoreOS box to make unit submission easier. +## Types of Fleet Units + +Two types of units can be run in your cluster — standard and global units. Standard units are long-running processes that are scheduled onto a single machine. If that machine goes offline, the unit will be migrated onto a new machine and started. + +Global units will be run on all machines in the cluster. These are ideal for common services like monitoring agents or components of higher-level orchestration systems like Kubernetes, Mesos or OpenStack. There are two fleetctl commands to view units in the cluster: `list-unit-files`, which shows the units that fleet knows about and whether or not they are global, and `list-units`, which shows the current state of units actively loaded into machines in the cluster. Here's an example cluster with 3 machines, running both types of units: + +```sh +$ fleetctl list-unit-files +UNIT HASH DSTATE STATE TMACHINE +global-unit.service 8ff68b9 launched launched 3 of 3 +standard-unit.service 7710e8a launched launched 148a18ff.../10.10.1.1 +``` + +You can view all of the machines in the cluster by running `list-machines`: + +```sh +$ fleetctl list-machines +MACHINE IP METADATA +148a18ff-6e95-4cd8-92da-c9de9bb90d5a 10.10.1.1 - +491586a6-508f-4583-a71d-bfc4d146e996 10.10.1.2 - +c9de9451-6a6f-1d80-b7e6-46e996bfc4d1 10.10.1.3 - +``` + +Now when looking at the status of units, we should expect to see 3 copies of global-unit.service - one running on each machine: + +```sh +$ fleetctl list-units +UNIT MACHINE ACTIVE SUB +global-unit.service 148a18ff.../10.10.1.1 active running +global-unit.service 491586a6.../10.10.1.2 active running +global-unit.service c9de9451.../10.10.1.3 active running +standard-unit.service 148a18ff.../10.10.1.1 active running +``` + ## Run a Container in the Cluster Running a single container is very easy. All you need to do is provide a regular unit file without an `[Install]` section. Let's run the same unit from the [Getting Started with systemd]({{site.url}}/docs/launching-containers/launching/getting-started-with-systemd) guide. First save these contents as `myapp.service` on the CoreOS machine: @@ -39,23 +73,12 @@ Run the start command to start up the container on the cluster: ```sh $ fleetctl start myapp.service ``` - -Now list all of the units in the cluster to see the current status. The unit should have been scheduled to a machine in your cluster: +The unit should have been scheduled to a machine in your cluster: ```sh $ fleetctl list-units -UNIT LOAD ACTIVE SUB DESC MACHINE -myapp.service loaded active running MyApp c9de9451.../10.10.1.3 -``` - -You can view all of the machines in the cluster by running `list-machines`: - -```sh -$ fleetctl list-machines -MACHINE IP METADATA -148a18ff-6e95-4cd8-92da-c9de9bb90d5a 10.10.1.1 - -491586a6-508f-4583-a71d-bfc4d146e996 10.10.1.2 - -c9de9451-6a6f-1d80-b7e6-46e996bfc4d1 10.10.1.3 - +UNIT MACHINE ACTIVE SUB +myapp.service c9de9451.../10.10.1.3 active running ``` ## Run a High Availability Service @@ -89,15 +112,15 @@ Let's start both units and verify that they're on two different machines: ```sh $ fleetctl start apache.* $ fleetctl list-units -UNIT LOAD ACTIVE SUB DESC MACHINE -myapp.service loaded active running MyApp c9de9451.../10.10.1.3 -apache.1.service loaded active running My Apache Frontend 491586a6.../10.10.1.2 -apache.2.service loaded active running My Apache Frontend 148a18ff.../10.10.1.1 +UNIT MACHINE ACTIVE SUB +myapp.service c9de9451.../10.10.1.3 active running +apache.1.service 491586a6.../10.10.1.2 active running +apache.2.service 148a18ff.../10.10.1.1 active running ``` As you can see, the Apache units are now running on two different machines in our cluster. -How do we route requests to these containers? The best strategy is to run a "sidekick" container that performs other duties that are related to our main container but shouldn't be directly built into that application. Examples of common sidekick containers are for service discovery and controlling external services such as cloud load balancers. +How do we route requests to these containers? The best strategy is to run a "sidekick" container that performs other duties that are related to our main container but shouldn't be directly built into that application. Examples of common sidekick containers are for service discovery and controlling external services such as cloud load balancers or DNS. ## Run a Simple Sidekick @@ -127,12 +150,12 @@ Let's verify that each unit was placed on to the same machine as the Apache serv ```sh $ fleetctl start apache-discovery.1.service $ fleetctl list-units -UNIT LOAD ACTIVE SUB DESC MACHINE -myapp.service loaded active running MyApp c9de9451.../10.10.1.3 -apache.1.service loaded active running My Apache Frontend 491586a6.../10.10.1.2 -apache.2.service loaded active running My Apache Frontend 148a18ff.../10.10.1.1 -apache-discovery.1.service loaded active running Announce Apache1 491586a6.../10.10.1.2 -apache-discovery.2.service loaded active running Announce Apache2 148a18ff.../10.10.1.1 +UNIT MACHINE ACTIVE SUB +myapp.service c9de9451.../10.10.1.3 active running +apache.1.service 491586a6.../10.10.1.2 active running +apache.2.service 148a18ff.../10.10.1.1 active running +apache-discovery.1.service 491586a6.../10.10.1.2 active running +apache-discovery.2.service 148a18ff.../10.10.1.1 active running ``` Now let's verify that the service discovery is working correctly: @@ -152,6 +175,46 @@ If you're running in the cloud, many services have APIs that can be automated ba +## Run a Global Unit + +As mentioned earlier, global units are useful for running a unit across all of the machines in your cluster. It doesn't differ very much from a regular unit other than a new `X-Fleet` parameter called `Global=true`. Here's an example unit from a [blog post to use Data Dog with CoreOS](https://www.datadoghq.com/2014/08/monitor-coreos-scale-datadog/). You'll need to set an etcd key `ddapikey` before this example will work — more details are in the post. + +```ini +[Unit] +Description=Monitoring Service + +[Service] +TimeoutStartSec=0 +ExecStartPre=-/usr/bin/docker kill dd-agent +ExecStartPre=-/usr/bin/docker rm dd-agent +ExecStartPre=/usr/bin/docker pull dd-agent +ExecStart=/usr/bin/docker run --privileged --name dd-agent -h `hostname` \ +-v /var/run/docker.sock:/var/run/docker.sock \ +-v /proc/mounts:/host/proc/mounts:ro \ +-v /sys/fs/cgroup/:/host/sys/fs/cgroup:ro \ +-e API_KEY=`etcdctl get /ddapikey` \ +datadog/docker-dd-agent + +[X-Fleet] +Global=true +``` + +If we start this unit, it should be running on all 3 of our machines: + +```sh +$ fleetctl start datadog.service +$ fleetctl list-units +UNIT MACHINE ACTIVE SUB +myapp.service c9de9451.../10.10.1.3 active running +apache.1.service 491586a6.../10.10.1.2 active running +apache.2.service 148a18ff.../10.10.1.1 active running +apache-discovery.1.service 491586a6.../10.10.1.2 active running +apache-discovery.2.service 148a18ff.../10.10.1.1 active running +datadog.service 148a18ff.../10.10.1.1 active running +datadog.service 491586a6.../10.10.1.2 active running +datadog.service c9de9451.../10.10.1.3 active running +``` + ## Schedule Based on Machine Metadata Applications with complex and specific requirements can target a subset of the cluster for scheduling via machine metadata. Powerful deployment topologies can be achieved — schedule units based on the machine's region, rack location, disk speed or anything else you can think of. From 18fcdf7ab10ae8870e7a002cda3789bc44fa53f6 Mon Sep 17 00:00:00 2001 From: Alex Malinovich Date: Thu, 4 Sep 2014 18:51:51 -0700 Subject: [PATCH 0220/1291] Fix references to GitHub --- README.md | 2 +- running-coreos/bare-metal/installing-to-disk/index.md | 2 +- sdk-distributors/distributors/notes-for-distributors/index.md | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 5eec20c62..777893b93 100644 --- a/README.md +++ b/README.md @@ -20,6 +20,6 @@ documents as a pull request and follow two guidelines: 2. Add an explanation about the translated document to the top of the file: "These documents were localized into Esperanto by Community Member and last updated on 2014-04-04. If you - find inaccuracies or problems please file an issue on Github." + find inaccuracies or problems please file an issue on GitHub." Thank you for your contributions. diff --git a/running-coreos/bare-metal/installing-to-disk/index.md b/running-coreos/bare-metal/installing-to-disk/index.md index 9238cd1ed..0a990afa5 100644 --- a/running-coreos/bare-metal/installing-to-disk/index.md +++ b/running-coreos/bare-metal/installing-to-disk/index.md @@ -15,7 +15,7 @@ weight: 7 There is a simple installer that will destroy everything on the given target disk and install CoreOS. Essentially it downloads an image, verifies it with gpg and then copies it bit for bit to disk. -The script is self-contained and located [on Github here](https://raw.github.com/coreos/init/master/bin/coreos-install "coreos-install") and can be run from any Linux distribution. +The script is self-contained and located [on GitHub here](https://raw.github.com/coreos/init/master/bin/coreos-install "coreos-install") and can be run from any Linux distribution. If you have already booting CoreOS via PXE, the install script is already installed. By default the install script will attempt to install the same version and channel that was PXE-booted: diff --git a/sdk-distributors/distributors/notes-for-distributors/index.md b/sdk-distributors/distributors/notes-for-distributors/index.md index 51e8a74ab..a077ac1c1 100644 --- a/sdk-distributors/distributors/notes-for-distributors/index.md +++ b/sdk-distributors/distributors/notes-for-distributors/index.md @@ -40,7 +40,7 @@ End-users should be able to provide a cloud-config file to your platform while s CoreOS machines running on Amazon EC2 utilize a two-step cloud-config process. First, a cloud-config file baked into the image runs systemd units that execute scripts to fetch the user-provided SSH key and fetch the [user-provided cloud-config][amazon-cloud-config] from the instance [user-data service][amazon-user-data-doc] on Amazon's internal network. Afterwards, the user-provided cloud-config, specified from either the web console or API, is parsed. -You can find the [code for this process on Github][amazon-github]. End-user instructions for this process can be found on our [Amazon EC2 docs][amazon-cloud-config]. +You can find the [code for this process on GitHub][amazon-github]. End-user instructions for this process can be found on our [Amazon EC2 docs][amazon-cloud-config]. [amazon-github]: https://github.com/coreos/coreos-overlay/tree/master/coreos-base/oem-ec2-compat [amazon-user-data-doc]: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AESDG-chapter-instancedata.html#instancedata-user-data-retrieval @@ -50,7 +50,7 @@ You can find the [code for this process on Github][amazon-github]. End-user inst Rackspace passes configuration data to a VM by mounting [config-drive][config-drive-docs], a special configuration drive containing machine-specific data, to the machine. Like, Amazon EC2, CoreOS images for Rackspace contain a cloud-config file baked into the image that runs units to read from the config-drive. If a user-provided cloud-config file is found, it is parsed. -You can find the [code for this process on Github][rackspace-github]. End-user instructions for this process can be found on our [Rackspace docs][rackspace-cloud-config]. +You can find the [code for this process on GitHub][rackspace-github]. End-user instructions for this process can be found on our [Rackspace docs][rackspace-cloud-config]. [rackspace-github]: https://github.com/coreos/coreos-overlay/tree/master/coreos-base/oem-rackspace [rackspace-cloud-config]: {{site.url}}/docs/running-coreos/cloud-providers/rackspace#cloud-config From 77e54b1fa9458eb05ae7034d1c9932a87eec1d27 Mon Sep 17 00:00:00 2001 From: Alex Crawford Date: Wed, 3 Sep 2014 18:15:38 -0700 Subject: [PATCH 0221/1291] digitalocean: Add documentation --- .../cloud-providers/digitalocean/index.md | 198 ++++++++++++++++++ .../cloud-providers/digitalocean/settings.png | Bin 0 -> 23875 bytes 2 files changed, 198 insertions(+) create mode 100644 running-coreos/cloud-providers/digitalocean/index.md create mode 100644 running-coreos/cloud-providers/digitalocean/settings.png diff --git a/running-coreos/cloud-providers/digitalocean/index.md b/running-coreos/cloud-providers/digitalocean/index.md new file mode 100644 index 000000000..0649630e9 --- /dev/null +++ b/running-coreos/cloud-providers/digitalocean/index.md @@ -0,0 +1,198 @@ +--- +layout: docs +title: DigitalOcean +category: running_coreos +sub_category: cloud_provider +supported: true +weight: 1 +--- + +# Running CoreOS on DigitalOcean + +## Choosing a Channel + +CoreOS is designed to be [updated automatically][update-docs] with different +schedules per channel. You can [disable this feature][reboot-docs], although we +don't recommend it. Read the [release notes][release-notes] for specific +features and bug fixes. + +The following command will create a single droplet. For more details, check out +Launching via the API. + +
    + +
    +
    +
    +

    The alpha channel closely tracks master and frequently has new releases. The newest versions of docker, etcd, and fleet will be available for testing. Current version is CoreOS {{site.data.alpha-channel.do-version}}.

    + Launch CoreOS Droplet

    +

    Launch via DigitalOcean API by specifying $REGION, $SIZE and $SSH_KEY_ID:

    + 
    curl --request POST "https://api.digitalocean.com/v2/droplets" \
+     --header "Content-Type: application/json" \
+     --header "Authorization: Bearer $TOKEN" \
+     --data '{"region":"'"${REGION}"'",
+        "image":"{{site.data.alpha-channel.do-image-path}}",
+        "size":"'"$SIZE"'",
+        "user_data": "'"$(cat ~/cloud-config.yaml)"'",
+        "ssh_keys":["'"$SSH_KEY_ID"'"],
+        "name":"core-1"}'
    +
    +
    +
    +
    +

    CoreOS on DigitalOcean is new! There haven't been any beta images yet.

    +

    Alpha images can be switched to the beta channel.

    +
    +
    +
    +
    +

    CoreOS on DigitalOcean is new! There haven't been any stable images yet.

    +

    Alpha images can be switched to the stable channel.

    +
    +
    +
    +
    + +[update-docs]: {{site.url}}/using-coreos/updates +[reboot-docs]: {{site.url}}/docs/cluster-management/debugging/prevent-reboot-after-update +[release-notes]: {{site.url}}/releases + +## Cloud-Config + +CoreOS allows you to configure machine parameters, launch systemd units on +startup, and more via cloud-config. Jump over to the [docs to learn about the +supported features][cloud-config-docs]. Cloud-config is intended to bring up a +cluster of machines into a minimal useful state and ideally shouldn't be used +to configure anything that isn't standard across many hosts. Once a droplet is +created on DigitalOcean, the cloud-config cannot be modified. + +You can provide raw cloud-config data to CoreOS via the DigitalOcean web +console or via the DigitalOcean API. + +The most common cloud-config for DigitalOcean looks like: + +```yaml +#cloud-config + +coreos: + etcd: + # generate a new token for each unique cluster from https://discovery.etcd.io/new + discovery: https://discovery.etcd.io/ + # multi-region deployments, multi-cloud deployments, and droplets without + # private networking need to use $public_ipv4 + addr: $private_ipv4:4001 + peer-addr: $private_ipv4:7001 + units: + - name: etcd.service + command: start + - name: fleet.service + command: start +``` + +The `$private_ipv4` and `$public_ipv4` substitution variables are fully +supported in cloud-config on DigitalOcean. In order for `$private_ipv4` to be +populated, the droplet must have private networking enabled. + +[do-cloud-config]: https://developers.digitalocean.com/#droplets +[cloud-config-docs]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config + +### Adding More Machines +To add more instances to the cluster, just launch more with the same +cloud-config. New instances will join the cluster regardless of region. + +## Launching Droplets + +### Via the API + +For starters, generate a [Personal Access Token][do-token-settings] and save it +in an environment variable: + +```sh +read TOKEN +# Enter your Personal Access Token +``` + +Upload your SSH key via [DigitalOcean's API][do-keys-docs] or the web console. +Retrieve the SSH key ID via the ["list all keys"][do-list-keys-docs] method: + +```sh +curl --request GET "https://api.digitalocean.com/v2/account/keys" \ + --header "Authorization: Bearer $TOKEN" +``` + +Save the key ID from the previous command in an environment variable: + +```sh +read SSH_KEY_ID +# Enter your SSH key ID +``` + +Create a 512MB droplet with private networking in NYC3 from the CoreOS Alpha +image: + +```sh +curl --request POST "https://api.digitalocean.com/v2/droplets" \ + --header "Content-Type: application/json" \ + --header "Authorization: Bearer $TOKEN" \ + --data '{ + "region":"nyc3", + "image":"{{site.data.alpha-channel.do-image-path}}", + "size":"512mb", + "name":"core-1", + "private_networking":true, + "ssh_keys":['$SSH_KEY_ID'], + "user_data": "'"$(cat cloud-config.yaml)"'" +}' + +``` + +For more details, check out [DigitalOcean's API documentation][do-api-docs]. + +[do-api-docs]: https://developers.digitalocean.com/#droplets +[do-keys-docs]: https://developers.digitalocean.com/#keys +[do-list-keys-docs]: https://developers.digitalocean.com/#list-all-keys +[do-token-settings]: https://cloud.digitalocean.com/settings/applications + +### Via the Web Console + +1. Open the "new droplet" + page in the web console. +2. Give the machine a hostname, select the size, and choose a region.

    +
    +
    + +
    Choosing a CoreOS channel
    +
    +
    +3. Enable User Data and add your cloud-config in the text box.

    +
    +
    + +
    Droplet settings for networking and cloud-config
    +
    +
    +4. Choose your prefered channel of CoreOS.

    +
    +
    + +
    Choosing a CoreOS channel
    +
    +
    +5. Select your SSH keys. + +Note that DigitalOcean is not able to inject a root password into CoreOS images +like it does with other images. You'll need to add your keys via the web +console or add keys or passwords via your cloud-config in order to log in. + +## Using CoreOS + +Now that you have a machine booted it is time to play around. +Check out the [CoreOS Quickstart][quick-start] guide or dig into +[more specific topics][docs]. + +[quick-start]: {{site.url}}/docs/quickstart +[docs]: {{site.url}}/docs diff --git a/running-coreos/cloud-providers/digitalocean/settings.png b/running-coreos/cloud-providers/digitalocean/settings.png new file mode 100644 index 0000000000000000000000000000000000000000..e82264d5bd27fc246288aaf9e9da29e9cd24f34c GIT binary patch literal 23875 zcmd?Rby$^O)HZmK6p&5>Y4iS*WvBtczK{027><+J4k3aC|eslIP2RPK}@WyEsa?04eX4Jtn5v# z9S-0dMIaCg$QyAn6_=#lIcF7>i94P{@%r(^$hM1@h3#5g z?&ni$NoBknf;pkF6ey1ZA70!(PL8}j4?jvPqU-(hg8{n_B^B%y)(rXb&t*vPL=W!_ z6a7EE=u3Ysb5c@LC>kLv1tTMBLPA2Wat_8*9*aN>GJ!Pfg$C2n+{l{gJhh#PVkrj) z?uOfQ?LTHC*)@r;#bGa0C4Qf3uUi3(XF`F?%O7pE6cw?TS5~me$s-!??@0WRp0pe; zwWeofWyN-&`ueoAyfXdt>9xAL`kK(g=Q9)jAc$c_f7qO_cb_aZLW88aU+iyA6q7&Y zwL*uuTprWBdi4s6loZ{-z~BbD5-~V3qWsoCSxM=z6;rgSzaIlkT!kMK8}>4zjp=V9 z6?8)PrO?}*ECHjWwwY8^RQxV452&pb93B}NBdEiAxRimcDKjUBnxCIIJ3HIP-oAi6 zH7kpTnT2H`&-P(n;zkU&c%{ScI;W?nqfXXn51)#pif%w&?@Q!`UhNbgt@n{I>(mjA zkB>8|CZ(oE^u)1I3ki|FdGm&znOXey>P+9n1lifySwmAZ=p;5eT5o^08b9_d!utk( zZ@RpITjBbA4-NuWNf7MiZ^OShdFOFn6&{y%+-AcFQ&UrX&ikY-EiK<7BjL!%$Y5{& z`t{4k$tiZGQ!3)w(sFx<%lR&`oxQ!jg#|hq8rtdR5PZG+MaS`4PbApUy_w3lEF}2& zG$j^uHIDjLR^k20f(*v}mfvEk6mcX+;cHP* zk&=;+>oJ0$)9y<(wODaCNl7GMUtgP(bvfBo5i&5Ka)qmTOmwt=7zyw4Sb_TTAF%sE z?&s(ODZ;OfjcJiEpE27{MbRlxQBb_3V&US#1*YY41LbIGZBhl7KIMNAw7ZqqV9{|vlL!OgRJIyyR* zCv?5r6M3x%Yn`pDs;bfye@X)DcY-i%|{QOI7EP=@Vjs4`zOlw;kf~KY>Y~fjT>QKDBy{l?!S_TK- zeVhX3PfbAqnVy~|;x@%fN=_d7t^XPi5064X;OX7n9hmVqO=~T!ryic3=|x3hkBq5SeT(gO|GLX z)zTCZH6Anph!3%R~HfLVCNGhwhGe$W%JLrFreI1qNrX>LA#{vgqj zp`p+9^}+%Un?6rScqn*y)bi&iCpA!fA;`$cL1oNtZf;;j{URe3@lRtPc7==H6SvVt z%+k`u#YGQn1d*Td^V7tSe8~`f|;>F!NIRSex!Q;{(YuzTxpHN)*~)1 zF5p-yE(xlt?x&mB1k4%~*mcok)%GS3>w);_v&Ck3Llcvqa)~@R&2KdY1O$jgJgRyJ zLc_w~AVEPv^z`)a$}b;W^Tl@=6TNOucJ`ORY8ThnzjSp;CkZ&B0vnpFab(JtPY!-2 z>=t+;;&zGxv03ZJe_w4Uk$zlOR;CC(;B1*a>~^uwQmLb?tPJ^v$|*CDAC1I^Us7H! zku2bN2)sJzw8C;GL$k~n20vamM^aU_wXJ{uzS-t{0o%ZgY3VgC_BAszvvm87e(2rx z!P5SI`1kKPyK}XKRFTq2bX;7@TXsF14|8{(d9~x9Q-^{bTTW zoNUM=z$$?aKOrF@$;`@HT5R@%p3hj9cwRe+OG+}1AU@pe=|=KEQ*;insiB`z)Epcz zzpZlIAwa?)rH?cjFVwVga8Pj`GglqTGKgWgwM_c{{kzPGnuBXnP|#xn7A=2(r%Ti2 zp8`We#Z67=U%h@kRAM02`{M-~5)u+)dBnrEM&<3H%et2CV>1Xd9RXl*X4H;cd>JWp zoO?x`oYgq+Jv#b1uP%UgJ3G78@rA6nguRKpn7}7GH-~-#_z4B3W&k{&u{`WyypcS- zCVD$f^{r;ttt>UjAh;u>3AnIIjadEZU*k3FBy}DIRYuR~(<1H4RV2j-a#1zDE>0ev zF94@wSwEn{!^8W3`9j6UroggC16zmT=Q7Cb{QUgTt(;UWJiO<;0|0d3AOJ{lb7rQe zTRJ+Bs3K7Wo%hA{_0yFc6My`8rLIm0Fefk~LY-eh)qLU?88b8Ux7b)(uOvHH2?>eA zv$LY#p~Kgv-M}<)7kb$acAvl&S5Z#Yq&*m)DOz*!?)Dl59bH^QgJ^%D5!2Gra&vR@ zrLHbHzz7sHv{rzpkpP^*_JtC0yjr$n*4EaZt#L$S)2VAp7IaQ4CKXm4+q zmY44U9&LNNsR%|%10i(TsJy%!tTx(nT3RYjPMp}-SavQhKk%&zL*jV0&J~w|fnjqb zCjx5rF>BRRP3`@AQm_(wpFS~RXTq!x0A7{r32nyDpDKAxzpt*xtf0svHRvY`4lMJ>3w#vfB`;3;4H{SkH-8g7?f#p$oV zVr-5T5CV!rUtSmxfEdfB8{T+#g?6z&=O_K#H#|Ii*fsx0K>-sCXiqiTQV+j?KntKCajYL&Zm%yQV`IMnl>g~Xm z>4zuCzzm3e_d(QALF2a`+#j&-J#39C&dM-v3FLkiBP^M)`c_s}+{;S@SZRJO!voSi z^@EdrLC?zC0m2Cc@}btLXnp*FznFzzxEn~b9D_m9jCx{iY;0b(etD8!TpSS^iVln0 z8~w?zWn@r$`}&3&z3;cJ7-5zj*|8|huDaMBLa0%09y2Qhh)ib^zrCK7)m@5~#KXp4 z5;duO25~}MLV}W;8*d<0R0;(1Wt|?d-BNj zf^*2ak-132%rU}6im^H{1@kB2f>ilod>7bb=mOoWASpmSMtcXS1K5ukrt#t7mH^~x zzRgtMWgI=@f#Y=NEATl||v<7^hE8(+dg;ItXx7$@@LUpNA;Hg}$SrxOU{3 z$7^)m2=;ufyVQ0mdvtvz={R34oAD!X<=48>Mg=|s8~{UlM#fh#miTVs&nCenro zReqq-MH3!D!?m3CXH5G{S{z8%-yZjk(jarH@Y)}5$!033TxTmXm%t+`O3d%b-6%w% zm0T1%B&22;;nxpjV~sr}buJ%Ch^=op8=MT* zM%fwlrwD5=*8}bb7{U+;NC1K#oo$arRlf&Z>IaV{s=dAa8e`$dGLr#GK(tHrnje{( znf<--INzPx1X%duk32v4UB`Etw|bVAEGH+JjwGYpsxS7t_rK zUur`23d{EJTn zAhWSK+g5#FazU>v(UhDl$q=_}c&_`yp2 z&uH3+2u!)Dv&5K~0A$Q(dLZmqxnHnmE2Qdd-G5giKR&|D>vVstx8JtDq&E2}A@#+l z?1;f&eEAY0a=991Zb9ZL zJxb8zFFGJ)D*G(E=Es}NIFzQ(ja){oE6b*##J5jhYWJBShJ}VgARxTP3%m2I52Qwr z@LEyu@)DvEF#8l2vk5ruqPV-e-)xB9ivb#()vz}A#|-x=x2X?X1N715<>leYNh`?7 zA`=rsKwMfGQ4kFX3k!orZ-A(hnQ>d|e6W1FH6kr7?Nd_10T^l+yC}eKXrzavGeeBY@~X#vKsXLc=5ZetTk8hXPcSm%^|#G*i%Hn z;2}+Z$e4>eJ0Vc0OMF6t{$kVT&6&z#zQ#hw_wy^A5hboC#)& zP%EwGUID&?{^ZHh*4ASX?1Jom={AOQne@MWj*|{z4H2&usn^w3j@GqY&sXmKZYHv? zqW3pkvvYH6;U(Z9U}+CKH@CQx6VH5|D?AA6qj{}T$zG;-#0AIey-LM8^(`P3v%SCb z+}zoL<)cIb4!N_JiZT4EvBNi6Cc1cL2VinbD=U5*1F5Y|O%OnvI>EE0foxFK>+({5 zys~+1#CRYj47dVLb8|DGw*H?#!+~Uj-2-ZKRN0@Gm&a$fijpGY8O&=vpQc)%M#N)5 zH2ufyr^@{&UrfjSg2yYbW4q7mySLR=`O>Mt`nCSnZ(Te%zyz<+JY}h@6;6q9L9=jY z4838ydA)-*+1c7ucnCB%nbLw}CqxvpDlRM(eJgPd>EcDZhDnrjkTUZBN%zS#GrGq(cAmz8n7pB%V|8wV5PM#sfY&=wPYw3IkSFGg0;t9*dVf-2}_oLg31%tbrOVjbfgen&2{n=&!3mj&{&;MA>Jq08VdNLpi z2LT8bGZVp}oUI2?aI(Qu5ODwJCsJFCOuA~dyL)>}8yj>OdYqh`-@bqMy}9wQg+zfL z09|m{9E5ASzr)5P7a>*7mTd+y#t|^9jNDulKxzmpb8ZA!0Z%iTtaIgp<;k}1RGdhn zkB^R;0g2-s*drQT5HvzF!VC zGcr(}PttT_-{08yD&~iz-xi1+7!=eD1_J~T8SGlZo|2zAW2rq ztsfd1f}Tz2a@Z`s3?&zR=IZJSh`$6daktY=O2yQ|OL;}WD_cPFMKc}**khG92yCYF zb^K~YS^7(6^YjAU^P zrSos>b4i<`QLMd*wtL5z@d)k?J`TTDm(V!Rqk&KeHX?YbXOin~&P#bBE6!9}$H|nH zlr;MyqO~F4rFxzxKz-_jfaj75IG`*oEiIFb0q0|FKtO_Aoo-PdJ^2D$0N~-*)m1|c z&HCFHxe7#Ky`d%Ia3kPa5v+P0z?iQ zM@N{B=2ID`6CEAB2y{K5oZ(_#1&<#AwEb;1LJJGR{r&y;=fseXFcP|k(XNpZT#$Uc z)YAIl@<_mb9es9omfdua!dBbD!r~C@OAkvW?d7|U53a`@`adPZY;K^o)dq!WX%OK1 zUjYffyI#15=}VJkCYTi#Q@+5Lk5YTw9l&*Ye~x*N)p*qK6Sx2xGO@M}AMZ6>1JiAp zoBOcN+mYX&S9)atbgw++oZtoZaUBpBJx+(Da4vQ|Px^S3_Ed};qOxuTh5)kyarE#n zUFu7a76I@e;>K3 zMbhx+&mX;yA0NRsP$&yto&ZREK*U-E{tg_81VQZOyLVV$(21$~qf%1B0SBN2LK7`5 zEs>B5JLGa8S3yRm1z19f{f2zrfReKEP?fDg^{x3(1|nGaufTDC0yd%)ry0HM#yv4cKX}w{9R$J$B!Q?O*FEm`%!b$fed zVKxd=L}OXBkt{9uWM-~+r?`&d__Dgm#Tf+`{wjGTJ8X|WMnpvH>gw{TuI6_;-+j!+ z#^$g!j0jY+m%x?H+w1+whiBEJI=%vSC?jJi+Ly*%?;sjidBC7mS!YnvUFUX&3TeAn zSK((>HX^>V0b)fw$yjsT>polP50r=$>3gEl$O0;jh|-sfeau0pPL?|#?R2^FZVq0N z@s6HtjUWSzlmdz=IbLn>)K+3QN5~ ztfU5+7>MMOAjMnA6Hsl3WvLGT3oXss0lL=KmnJ)oDTttgKq%EzdiLfIQc4ck+=Ms zm|Rj)Qd&+f=2FwlZOht7O@RKx`g3=k+U>jv05HShplt63kQSOVu6 z%$6fD1R?b5Z0Gmy-`}84IRF{}6Nsj#28a!w0QRnS8~{uZTfaK(P3wa!fS%EQo+b8Ja+>TctgRvQfwcn6GlUVOPJ`vmM>&Cy`kEmH! zS=^%uF^VfHtOr<+f{7WYU0io54WYenMj~PV({s7xYeRr`Uz3x`fQiuBd)EOT3%sR`x2b35Vw9i9$Q4MAH@CO2 zaJ9KvcRT+fW`$EVHXU<9P*-EV@wG5>;w;e<5*aV|rx(lK$gx*Q)6fkfw9%1kn_`25 zksQolI`zSahc$jMZ5vltS1!;)%H`$dHZwpO+JR1GbH1y& zy1EKNwLU;R==DKkjCov2%Cq&}1nP!;ffo;+4wU($Z(ZV<~}_ z4&Ws)IQYBkfrMpR(2D##k-ej%1aKaw-O0~@L{jqc5dl64uu6Ckus?Hi+dUPxD7&e~ zI-xD=`n5cZegq$Csc@JSB>m=%n6xwss8}I5J71t~;Hz$o9^VFqhPDB-(FX#C2wy>A zeM(A76{u8scz7HFxmw8Uh6qMnt>)_(`l+oO%KrRmyFA&5jE@i8+%!#yn}#$2a$&pC zPnMaPNde~a6_cExILg=eQK3%#Q@}dA`uZfq#Nd>al=OhE+OSc=le=GCOdE!&pr8Pj z6Gp>OP*Goj>;@EZ7T4ASnwnmQlJesKQ9WkgeOq82?)k(4aBG|0NsdD8N-%kcZ+s)U z-L?r-JIUN%wVwT)?Uf~DYA_8g?^MPj*QGeSWLB`}ei7;Qef(?Ysqq~kc+$dWrrpsD zla71p@=dCxPIH#>B+L{JshcENVb%Dmk#XL69(mEa>f4 zg{GF)$K|%5!{cL|90sL^LMJ%uftJ|@PZCf!!?|sA+WRrepa+Z`ruT}7h=3%<4^$T< zLy0Jlh}OD^h=}z1llV1iomjLgEb>N6jT`|G1NJTjax3{{0YqSdp=5#tn9qcAV|ZOZ zO;<(nc7W1HiRlm(tX`1FV+nM%1}JvvsTYGC$m$srxjt7SzZVk|Tegn92At$R|y3rNzPzypU$ zjo!*8@nHjYqtpY|o{F9x1(+3qs6eGdGRQy-fbPlXe$I?R$_D`o?;q2lSIeJYluJ1F zd%iI9&;ZK=B-+D^i?1N-{a0=T3lFR1E#KCbdMYG$3K~rmr>9dE78P;09vkur2*}Jj zXaC1G#-_FLH}s-U4XClH9!fUV;4-)noHSa$a&s<@Ail-BcIqk=+q)zP8ih&wOlpNq zU!IV>17(VBEBTnks)B09nTmtp88!RExYjJ&ed>(h+_O)gZUwZURw~romRIN6EVx`` zp$E$4jr?NeQos;lF$2&ySU>?nAB;8u602h1M<`)4i>+wcRvnRhu5|6ld*%4&aE~61 z+cYi2?Aa6j+yV{!ZD^K8{uIcVArO$;wgFc9+i^$jkL3&jC^Y4+$Eu2k3o=H`#G1nc zfvG%7i;a?L$5B5>iFa^odpje=Ryg1UcZ>i?QtGNYuR1K>{s^}x$5s{3<6^%;3cfc@ zD^99XVf%-9JKWy2Sq^Kq=$5-6ODOCyx2%u+VZUJ>am12#zXpRosK#@uc)Xf!&Y`E=^3-VO#D9;?Qi+ouq9Pmm6uZg6-YF7#jpaeV_insA zjf9BD9G%qN^LZuak7-euqCadg_N)p0ob)qwXE;1$+zLv3a#!+hi}RJAUz_)-6_3RY z;@d`Df9;84J5ShJ4k71g!N=ze4SY-b?i=ym4G!{a0i{E#zkh5hQ;SW65>7ZdDXoab zdqU6VL24co%MoD0M8%MNyF*|)o%#6VN(wc&inabZe0*ExbBmMdAQDPSmorARA}uY0 z>D4zjGG3-tH{D1oS@hR|{#Gzsi_IRIj3p{PKo(muR z&5lQa*OaZw)EmzukyQZ~e4#$%MLJzcIODtr6cj#CDbq7E3u=D0AJ1dNdFtRua~x~8 zdlm_GygYlylUheXOUpyhXgMD|lb#M!UuSrVI84^jdv&2t{K#P|q%`G@saIO2+v=EB zE3P%=x2$L&ihOv!$j8C(7^olZRUAJ#oY!TENG4j#;x%^fPZVMv#UBQucwFCpWWI3| z;kj{t0--qER`n>`bicV<2-_Sj`Kh$l-q!JP-Zubhch1aw-$+Bxz|g$b#H3MiOqVr- z^m6HraU`Pn{_=^jY_hM!{d*K;T->&{cKus#FELwNj)otCQc1A}i;;13KbQ*9FB4bU_lb~JA<1W{^-D|dDBcqi?xxL1YIgf8?wIKuQ}39q zPT%5n{odTj-xi}Nfcg9`D{sdPX>6T3@h%vZl(^>bn$_?SFvsidBWVGp|CHBX^u|NC zRMqHUJ~@Ul=7ibnmrIXFNZ8t7Plw{`6WDdVIb2;Po|3kR<-ytY+R|}8B+x(clWv{^ zue$ndNZ`Agx*6yFE@tbOqP+i3L2Bz(!br2y^fR!!nCaZWZ;6$Lzx*Pu&+|$Jf`H@Z zI^|Zl>$U7lq^b7A=2}~XPF8KW#Ka(8_a{F;4iu;2F8%#ZI~hJMdyW1ms6B-}O(f^M zJ4E@8qG9)X$v^}if{-GLY_Q@6NS%a?IpdEPmie(YK#qi^BLy8{G{edx!+P)6UpAgX z8gHVix{;ByX=(9e>E0Ug7BfxjN?a>`=#`a={PE)pkQ<~kbFy;Ol|x`Kl$-5x5ce$r z33+Kd;AC)UsJTL}k&>GaML4O(;AV25?V=GFEIj0NdkQ`WzMoOGAu^rP?&R3e%XlG= zniWweQl=4)2<2M-UhsNkau{box9(fFv+(AZw(Do|bGDb=s(BvXx^`qRT4X!By-^+Vif zlK=htx9e|T`z^AfMyZ8sfRVGQ^;cXG5l*(q9|C4nPP?;+3(DS<%FkbAOCyjsDjy!- z!H>`?;B1ggHj;b2FC)Mt7nRi4r&JmlwizD4Y_yzWRGcr|8YywUhl5^TzkZHGNzH{z z=i#wb-lLs$mSO6RzbECGAZ!nMr9?sj>`}9@kQJAf+H~J@*Im%xry;<+KBE-Y4~5q! z)Ft=~g2lc!$GUZ8)~96{%voZ4EAYPFiEM#YGq~x*1Qh$&Vt4_h&D1$j@vYM87#XE! zmA}YVNI;MHTuT1)2Kra|W+50q(2D?G3@ej$2DRD|ZKmFda(ifILBY)0XGsA*{MLF%+QUe07Z5dWnFmp0~_EZzj_xx+JC?M?_{uc@VhUxISZ zV&VZ|!Kpi4@VR=V7yXGlPcW-;;c`fETMRK3x5{YsIb``<)j&}XK7HgaBwvuftRG8)F z4PB$_S73 zm`D-UIA39e5yKh@`%v<0;#uUbhSPt_me}ZexiWl?&e2umUtuOAP3H1%B>w+;`7(Js z9~MD?)htU&qv+Ikzbc3wkLPj4nMFqb*5$k-Pha8cO1Zs64SD(X+$mo06D=tjX=eBC z`mS%|0MwwhLl+B=G*rORf!(0nFqE8EEr|{oVPd6aXV|yIuAV-LL=ecV`$>U^zus~S z2@bZ|&BS~J%F!Mkj{tJ%o0~uS%KCxBcvPB?-${Aq3TE_F8Ri1;QSs6KW@Q^K*+y@7 z=c;iD;pGjsoEMf_vU+eXTd1iH_bx(~_zh9+1YAkIlZC=5{g9UuB^IcU?>rNX*fc9h z0m8IiY+{oN|HcHUf#nT4?n3j*jDG@H<@@8z%ZiZHamt|ldpSqdWm>kx( zbW^p9482ZjDt}A(+kS`Oba%Hj}g)XlNAz(4CU(2OnW~<_^+Cv;~sUyfSY)=G& z4u$;AY##M^kq%Adfct<>?+*^L)~`?SbHYwf#pUHOoc88Jba@J+7;AH)a3$T`f)~8+ z_ZpvXlZiMG8OtX!%G=xTg#a0TcXBN(b>f#|{yfvfFUrMeHree7!i`Tub^Kb~*5Qh+ z_Y+7DE2I=*&JT}^N9wD9x+ApoJ(@=D7D~q6PHMzmL5)xVu z5e$GF_!R*#cM6PFXMqdN%VSVdQXVQaQ?9-QRoed&TR>^fo|r5-xE5$Q!BJ8etzCof zSk8D#e>Vk_$3B99+8!1O;n%=xOq-TYWark_63Y>5yPbdfVAoW7XbkJ!&YQM;%3{{b z4o0!#9u-Sx>7t_hd*;Z?OzbT0hBg(b7i7+ZPM3`OWHJ#FVbnzLTef`(amG23hxPnk zto10KpUY&?KZ5OicP0WT>Z_~k%XfbC%$gPNsTM}x;FcI{utHO=&_EpJl%Rq_lYQeZ z$bqMPA3p0(et|1k@4Rw2WB~elBtc^o4i4_piZg1INv}%H{83cS$AxCmqr)SE)wQ+s z-?=Cywzg2q69V+j4cf9N9;gqbKXUuOK)u{umTqvMf^-v4aWV=`6>cD|37~m zh$afY?uUm%EqdvL7F-lF=K*&)JQ57}rd|2%`;TBycS(0G%Z9eK!vB;C|K`fCZFbl~ za``|=vVkgt)7aoeUDe`2er89|sN=G-7v&KX#*)wSPd1YAW62YVea!A($c$wCUv2bI zmVg?>JTSy2U5As$vIge)C`~JwiMRf1cBnmpi-8Cf!alBqSwUS%Ml5QBSt3kMJX32t%Z8c*B-D@)efEnun z2E6=dh+1mVQ69tV*0U_Q{=pYAf=2`0^?o5E8~AU$%X8RB5ym<@OdnoDMEtrKCH5?4 zz1DLB;{ho!H#gLlIKhGmUB7}oerCo~TO>)K`Az0>aEgwMtBFYB28o**>MNQxz)bI7 zwpl&w_y81&Yv$q*ga72KYY9JoP|>`=@B6_MlRD6b0EGPC=Cc}9!Y^3lSoSC$9{0_Q zWgJdI6B7iT`g|KN(0_$TK%fS7Elv@(5m>ayT06Db4)0OV+_}A8rU{sNn3i~O0XAIk ztR`2T6_FV#qaS#&5$ZyC9FUY=zGGTja%!1I$Qi|Il99q{E|t3DyJDnd!c%0MX1h|E>de zlLn8uKUt!;l!GjKc7KXr#O#&9^5|9-wjHkSz_k+NeM@m;%f9FJP+3GluU6seC_#eGi|F=&BKn8QkHR=f*;9DibJ{uHAaOcmdibY)&zp+$R-HO0JkqTkzIC?97 z5DX_vgXA9G6lu^22l>Q%6Y6@eq0z@OOnTFK>NVPNR;Rzhrg3#kHCy9_4{T^`j+Ckd zM3Ez1$3g!~pOv`4d3<;x{uD{k*LE_fB6eGdi+d5r9;>_W|0;>Aj4k8h435CM#*$jN zA7iRLUWC$QIOizOJ%N5hL`43X<%q^@IgC(ZJAj?~4HBo5kI2qZQUdT&Z5HE+1OV6R z3bQbP)p~#!KEKQBq~>8B&?9(V%cb#uC>dx_@+D=2PJgT`{u zO-Z!76mF(W`&vO=J@2?X_WFX@+hP)m=IiUHm=lfxIv_%iRyu-DX6qbDyr1z05B{$0 z8esELUFjg2Y!o$?Pi6d7xy$Qgq}wClqL}R&{4UcoSZTxUnUKeGCyROi^}Zi}3z+}~ z;#&6z;_?!aDOVW(q`7lBp8U?@VQjeEcMo#IHzQBGyObE(OGg1&6KEi_ANI)|3nkZ(MG#%59G9(iTMw;}18F zaBW4trqm-uq^GnDtrt{PH`is}Zsol3_GdIJ zEOO9`t0y?FwDQTU(A39RO3EYt85vYdMjmyCt=;4Sz*D=J6`mQ*iMVO`+N{v)27MNZo+-gSNa#M0B60P#TnyhzD z{T2_csB_1TRJsnTnJBAs)IR4@-HuUrlC?-$3A)3a}&=}QhYpcbUTsOT^+dB{J zU24q+p+u#W#Gc|=nZ(;W1&#aEuvZrElfI>oz}q0)Dc zXvAC1#% zqb*bO8O?Q#MypdINJUw1+*=2h2Vi^V5`L$0b644??SG4WuTm41wHLjyV|_$I_AIF{ha$1lV(`vpogKSMgnwv)8wh>FkIZ- z8aY4mp+MoY+vTH`OZ+@Co0s=EMaUBs66gj+IcMD0jj1NYe#|@3ptNNLnpg<2DI=Zs4;qj9oEHrA?!7qU z;6@u$^AkC5S!k>q)uS_ZBmltB^C6_7AHU1p-_{t|{&g|FCx~ywtD5WXrD*J)8jv5rwkwfq-F_p@;Oja23y#k~%>u&s((J_wYFt4e<6e~1+#dXBWs3I9Bn3Fy z0{Q@|9M({gFg7DV-_QFx(!dJKX^N{UuF3K;)x5Bnzy1A^uZgcy1FEY>;f6qh%6Gm2 z*L!u$^uEDPm9Y!ye_j(6(B&2x5b(-Tz0*z2xjunPF+7tdg|HsAFDn_i>V5D zCiNmoH%X+YycOcg1+<&{lTUC($dRe3sbK){?;>?pgV58qlmCoFT&0|-DO&jsJKAUg zll+7jh_W~QKm}8-lI2oX&dknE2c0uGTfpVNU-rt{9(U;z5kF;|v6wo`f0q(2-(Kq< zQA~cmd;ALY4blv+q=K+0FFdJSW(ixuHY?b=$yT*4htAN$=(PjMb zi~AOX3$oDy!v5D%Qpn(nFMv|OIN_0jD6Z&?Zo(oW?Frl+;|?k^B0ot18n zOS;F)JafXU@LVJqZ>tWnI6a+{+YuYEG6~6fvWzF6;Y-?D!AeSie^AIi&gFF$|03bsotbmyrH_x_+!q66{(0DI=};1{ovI{ zDvuj^{o~LCnTdk^<5}d>PK8h7RQs3qfOIcw%A%_keV{u@gNML$g%LOtaC|Wlv($4t z!&J1!siYG?_0auFM7!DT-0W}n1+N%31q4Rj0cAS5w(#WIMfYts!(j0)yr4ypw$_1e(cU*Ioch^Jrk^GAx;%Jd|Skte}3`dAG6u`Z;1IZ;|@FoeRly<^p|GH*9h{T zzkg%pnVIozZG2s*uqYaK10M_*zCK@xzBdEdf}8bTH4HO{c-Qh{i2bF5K!z5V~b?3 z8Gl-Uul=+4fS`H#i8Py~MlF}Q05VJ@Y$enWy=*FtG@nRdDouH9HP_-)`~h&G^9!8m znJNAKUSgZ=eGM~j=YyGu9`#>(*9VDh1}{NiEM?TziM-1%U@>AS)rp=`Si!~l-S>&k z_qElssv3combSrF^xs1wXyZchy9+l~dith*Q77uf8&}Zx&;kw=&DA)y?-Gx&JGDH| z@{W+0XKRhqz56?obARuw*P^JRfdbAy_5Kifa{vA`nXfnlz_VZ@B-k>d^qHt@@V$1) zqoIM16ezypGXNjNS3QA_@~W#yTl$Th1gtTwPE*-qdFeCAY^6UKXYD^w&IC^Uzdv{D z)P_D$DMjSw(jV>Y@cJ_KUMMC+Jwme{MNaduXoh4z{Xa;>L&zb>iQ?kq4Hv{shd8Ad zh8?qPws$Rv&vP= z8X{fk^g_CTD`gY@CyO;h*PF-9*$?L|Zlt54x^%fD!p4qif7=C1=K`hwPflk`0ww#{ zi!iMMG#X%z822e^Hz?s3Y5zKzUi(n#th&e6y*~g;J=e_Ih>0XHv$?k@JTK;N7mE_jdMk?45uc9g{vf$DKH0G!@bK|)KdnZOfpa$pJM zst8GfU!hP0LnD*c(NP494>cb_{mjO0_gvm{q3j+)8-7o!rKQEV;r^5?Y@yOh%2b00 z6%AEyBp=^cHjyeuVg8CfOV%4V>O0KHtiVyNu>$5l=4N4LQFL!^Q~E#&dvbj(Aopto z1Ooh6f4?xn#=!<_@V5G0t+o95PRB^DYkd}_to5kHYJ14jTQ|Lr>CG>cLlR5$w` zoIQVfvfe8O0NL>T@__4Z^7j!T0!Sj|$;f)+If+*~!w?}J97azYelXR;#u+cXCzit4 zjjB#rRRo#aevZ%b4oI$EDhBVe`FxzItP4Kh0J#m{A8YHZ6S#Mm|0S`rc(M&<2PIFLI{Mk9`<(ubcw{x>g6v;$R$}&+W$lTXYiW`P@KL zjCl4~*`yDf2ULf+8Z*|^&Rwl5?_kuPl12DKS643{0PV-H{0N|yZNvWsw^!4spxTpt zBZvPbl!ykvdVbP@rfeuITLQ2w0~>94cqG7pP9BxqbGEpJr|VN<#;u&REFO|;IF{4F z93AM-dR(mANC1RT)R0)_7<#tddEsV9pIX@Gr3bpOhPgQXaT^+ZcOcG`RGdml)*v&} z-y67(G#_Z>yO8DCpUviPl`Ej{sG{oO z?H!bod*f6b%&M9-6gOVR^`7quy1avSHWCCabP9X3qC*XHVTXimr$GyfKb+rJ6j-$( zhvnWj=J0xaPiZX~gOADMWbR|011xzx5O!y>(6zGqwYbiq0ao~1uJhuzbZ|CWDeIO= zA?Ez=&rLTqBhh!!b!+%@4Mu-wQt^{9@iYgd!pRBm>X%H8OmK7L35BG*8NKdj)>&Ha z{Jhl$xq!N+H1<#ydlnCxA>L&DQ((?yEUH}SB!8RbIa`ToHQzw(Wo_~)ghrIP6|`V< zb@!{~&JHf7$sCY?MEk{~{`)YH?>8tnfRc4nUwN_0m5-MdYI(Vk#5Kvkg$Awp`atP~ zJ$rk{_WD4SqifKX(wd?FdiHTWlYFfw9WX%xoH)n_OpFecfpn#{fAbupispLnd(;_q zaG0kGb29?47Mg9#`9fkqn4=f?iB-%}g@S*XI36GeD>+=pDj7Da8;ZO$6c%*Y@&z(A z#0O}8pbelI;EzIz2qFa5jRDHxOk0$o9O&7VzxOQus-r{63>-HF?F)IsZhauVNC3%2 z+rdPUW&q2KliphX7+CC=D;=?>=3@wRWVQM&8!LK-hM7upo$^#cv;)^S#PRM}1STfx z|Lo{01O(Ix-O6lA+KQwzlr#v~ck}9F>(oF;SmG5VwI=4rod2h|^cZaC_BCRBZM!-MK1I^xw2+h)?%mYt6seSti1$#KrEER0?{H^867 z^}%!JyhwXtd;e*EPHo*Oj&q`b!#lP;Y;ec}^ezGp)jT=$6B``s8!x;HobfhTQAV~- zaV&z@X**>r-gjO6TL#)z=UqIXb6U@}tTCyVtn{!Q9xhSe*tbgdmZXM(lerlN_2h_v zj!>XvoDDI0NmeW8$mizg4+qU%h7ckeal{qt)#c^M0CN*G$c)6Ecl`u+ehY;k9_Fh0 z=oQOlLd~IH$KZB`<7Lk>Znf-xROPZ&nkIC0gIM&jAfo16D_%}q+%Q^_+(5GaGa5%6 z!W!YnkL<>y^jW2Mw^z+Ji;y-tS}GBa$9~Afs8*pYeSO&Wnv?S#r8dn%N#Fe`DH$IB z)bajchQowZa%48lV4aevguIP4(pXos@tJp^W2IwB#sW0S?*@XlSA!;>JC`Ly;iQl| z-B4nQp3aBIDj#8_W%ok|XW5AZe*E|$IpgZ)x}u^%)NRPwwPxp^8q~Dp^U`B;x$w8< z?xw%bB6XGH1_ta9c>cDz;l}D>j%On`)Z=qdwUHkiyWoc~%&7?EScV%X3l4AQkcSe6Q?u{%vq^iiKoswLXRL~X&97@go z^-I!A4DPx9l8uAySbiTwkIPfwyRwoE)hgbuNuSE6f?wY49XW4u>RiVqk+-Lt(X8)} zw-X5Gg(64RltsX}t3)*x|5Nc{pZRQqZM%fyaOk2|E zka4`yk4rfs0rQiVmTA##Z{M6QXF^BDXtEF#tb5^|(!KUZ!5USy-RWr9NV-*F#XZ7$ zY&~EC19AsFVLjg$h4nG0sH*Bif9u;gYJDju;br*v&iSX7s65ABU(Y}%T=8pA4{Ww3OH5F;kj-hE-jy~UHJ>Lt&?#%UK?V|BkLP$htZ>v_kqI%=$d{vD6dkQo8gfl?c0=4R9X zypbLNTZkaWjmZ6(a+-#AJr*37VS1mG#6H}WTir?ta{*sdElz}Ge`KZ69zKgD_j({sSMrTnUfRvtGhv72M%5csV%Vs#e?@-aPXy#LlaIfw)|eji z)_WKcHmKIApi>)yGVbc^HE(xMkG`IskJuM@$8%1zA5H&$79m~v^z7_tJ8(&EIWhKI zP-eQb5%>9;kN8Tu2m~|=E!KU^>fcRyRYT{~apA1IB~h4?i1QQ|+*J-!PA||2?I29@ zQw`zO)xQEI zE1w+{0@E2zGu{fr1}lPhL&}B&R;I8!cM!CbmzV2yjL`Z8BOv62^Ye#W>%FHne4x8@ zWtHJEmG>>atLr7b_aOucX-;3riIjjfKH_mUE$WPK%PZ1D0skt0gxN;j@buS6ty8uP z7M2##9<(&Nop5YyhVwN~ATFMn*t2R?Eu)hf`X}eh7bUJMNX?0Z%GR?@6ASw-L5ma; znmS%0=VXWC?_W_pQ&-Vz3tZADx1(Y1rOmgnKb_(_gzmeyb#$(@6ACsNB~TMI)}lZT z?>J2gop8tH>TTf#o%TA8(jYOe!-&pa_wXt6^U`wluoD95;M`lhkqO#{QTX8ffuF(I zwd{xcppu!BK6#hRt0gNn0(#eZxY4x}bd=!OP(}!Y3eDS}9Lm z@w=FBe~;{*CE1t|E-QQ4TrMr|F|qE6d}r*(zM8yE&CdGjgcZtgE1soBMf6L3R#-U zGImL}24hQ>VeHb_WnWt6X0kWd!Qg+o@B9BeZ|>(f=Ecl$T`#WdI}WPwCZdiEeb)n{W3(3IvxSrxd68;=Xw#J5T96fH96)+Q&Vz!vsGexTy_b0u(7-z z{gaNXN*e8fH+=Z;p`!BKq-Mw@PB)eIwK3Jv&ATDGW}C1J7qywBOjF85H7kcO_NT*Zh20K)i=$i3ul!AuH>Ws<}dU7gEZ>9)-*}mjsrMpZ$&|A$zZ2~_W&&I!W zx#n?Zdt))Xtb3hikzR<&yzeA-QBdt67aJS9;38ajAP>e94@+HvaO2NQRHA*1MKcI$ zfi$kyly{{bjdcCd*Guz$88zk+iqwKIrJkChL(+uZ9bTA!#^%OZy4U1k@5O$WjGbWp zU!~axp#Zc9%A*5``Uduk;ju|bb!!JwFKKDj1$vNwrJV1-Ptjf~n)fDqvkR^$@l6jNzEcmSxaHf%b*-w- zbj<*yNW`$DgZGGw)M3KiS&^PqS`Sg}-`yYJ_Qt~kQ|Qz`Er(UUUpL%m46F$$)n)Zw z7&#%VD!mK#zFug&ppwUTO6J^4 z7uzSqsAyS_28NG&phs)SHgGbdy0@#Ow2jq>RO+;=BGcxf0Xf_l5tQKSzb4aAKyL4y z&cRlVf7Ncj?g>IUn3ZG&N>B#1_OQjOI!Xbj@pI!Fph3y&`@y@+4wL(PzO9P*<1NP4 z*0FI}dEY5MC4H#(0bOdhCS79U4(z1%?&}XT~YSr0Mh4L@Kxq+(c+d@jbXAO zOF|<(DFuTe$d;B*LFK9p-ygTUzi>2t9$zq{e=CClxiuM#t| zMjVlfpgH@tKv2x-^}|vvR^0K3$QO-Cx3lBFY;Vr9Ha}(J0+N*0BF-Ul|6&ybJSFwq zOj$`?tiz8`^tJOxb#?A=>(}ko^mhe9-~Kzw1o)_MH7A$9PLi48t@A%hJk94~P&0h2 zroV24CO;dm)B`JE@`;>9h^Wuc&LZDDX9=Dt7wnH~r_P8&g;rEKYL)jJ!n@!s8!0On zAoY1biXKs|r!&qgy6L;yWb|uT&p&FOkt|7F<@DRxB6oGfaq&H7)Lhzll2ffbEM0Me zS-S%AkTE;-BnjKBDRTq~oFt^M*@h6^d_6YlN1{b^NtCya*6$M&HD0X12TcF2k3yN( zk0%5T&)%YAF#3d zZPA)WJqy0mP>PC?D*UneUKD0cEE|Kngq7##cFuOAG(FHw@&Si?jWA}oVR22!+UldT z9K(oV=1U;O(~c;!>{!YTj-@2QH8%M>j$M@pEXV8Y>@46$nVpU`0c{m=9cQql6TuM1 z2qs2qR&;q&xH;?kZ7hG=DMpOY-7DtKM{HF4gGm2*wqw7v_{rE$A?S6h%tO07ed4`e{=G?- z+P$#h+0#UAZoZe#-iy=kTE&2&(6ot5Ry@KwqsNodEvV#d(&1@ZHZ10=!ZPxDg- zKv^GgFP4f@*k8XSb*XWDxsLO2_^WdUrok?jckV=mX=qe&3r4?rbH{sr>?9cmqjop3 zg!&34CBYwSdhGuPH0~|d9?h63ljU5&MMDScX)StzeknTX;poLprE7}!RSGE2_UCW97wnPWkKU~Y&2HtV9mb;1mYB>2`Gly`kYxC!$39v znJziZali3K9RCx1Nb4_44z(@v3%po5jfMH=&m8FQi5)pG3CDbJFk={Oa4FHCVWiJT zBN_+KIfHW7<~jB526dfN%iUe1vgVQNl5tAROw9|A$Gcpag_h_2klB@}XG;$`YaU7c zg&>k~fK;*~XfGgSAT&cUBF(qHExIomkBR>SE=;raPGWz_aX>05%;4_4=Z8*885x~& zy8m_J2Um+15bX!t@R#(5WT_XC+;6#^|EhcM0H`8!BZ8mD9DFv2 zUS;s)qC$w|-5x#i!^`S%He<(ufNB;EnY!MG2tk6_$MD_RN)3{ns^nz~gTkw69}`eq zdR{u@NN}MKU-WWcRR9X#{_}V3Q@upZGOr~uX-&~YzMmIl0Kg?7-D01$=n+2s5`OP+ zA6TIny58GYJ^+mcff{7*45DV8=#;;2nIH<=`PkSp!QJQB(?G6WJ|QTI;YTbmU>#ms z(3j3Why5?ixV-h{OLrTvTP2UJ&x52w8}3}VeGZO&D6rD(lFbxK{NHh=W4MnY#Lpl2 zA*>$;hLX=Tg0^iF(^Ji>wvSnMWN+5Tf{3FZ#Kq?gvUo@y7hPKaWb zS}U-5ntncrgIz06Jd(a{4(h?#^hTyrr@SMmBc2vjwi=M6l!pnru!{CoZEd93aX(=l zD;>tAZ_@3(VqrfPs!ZQ9+4!|fKiczaKQArc?Ucr(W!JADq#VpRY+_<;xy8J@z0u0y z;!-8$d&ik|*(bN!dt2TJHtaR!S>U3+I(KuBlK7rqN8FGZHC5f&t!i$VU}k{cVtU~E zAd7m7qwN9Tf==go)RyxVz%8~EX{-A{HM;h(LYYx>fsvQ^U9w{(F?ddMJg{NB6xVUT z@csK|ixbmXBM4*T&ksgaOTwl!3c+Z;dLZppI`LGq>msFO+&9>KWLH%QJF492(5|av z;purajx=rPzb&8YY>&HZ1JHTIR1gk1%I*j>RbfS8%=4Q$t{-A0p*^3CSCIc3LcBGW z9yrLtca#me`MN>M%Iwa)FGk@Rc5%5d^C+y6G`JntvIGV8*MC^vaJnQB*O3GO>fkCy zm6c(MSinF<<9|x!69?>-R@XU=Rrn6p$lNgGVgCxi2iM_@Web$iaa>{H{aYVCSajC~ zT+uu0@KUPSd0sJm1Euj<`l78IrQ1Gu?-1}bDGnLvmmBfl?7Amx-btIL_NYpsvpkK+ z^h?mR#Bz{Zv;_B!D=vNjf}-m@KcY;!ekzMs^HxAAG;f`3>Z{H#C*@P%Xk$&K*%hMK z`}u(T=<&}`k?N8gs6m2bJF3dmjb($uPbcU*b$hQUcy_=Z;$JiIX zZgH7N4e1NQMGyywGC|xW;YX%+GeTD)KVPgwHA7lAW)}DDBACLMQGiCA60n%z;O@|u zB0TY||FF=X=K#If`uoFZ| zWY#aT4b;dCJ>fXsmdekNq~Vs*;64_w^x99-(mRlVo}H+cb9E~O;z8#&N^(mDBntJu z)d$7Tt^Bev4DcBh)yLNz2F>ao=M|4nbBaV3e>*icuysaJ<50Qd*lcHJ5|zZXT=n&% zrU1pKV$ieuR5LYB%wldKw8LyjM)ng(VV=+JDrp9OMDecZv2iPvB23MEb&_WRR6V-y iBxe`e`b-NogmAV&hvx~~2jGIvaO1j>Ua^jC=>Gw9M=PoT literal 0 HcmV?d00001 From 8e678575b7251776585b361b778c5a81534e0065 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Fri, 5 Sep 2014 11:28:45 -0700 Subject: [PATCH 0222/1291] digitalocean: screenshots --- .../cloud-providers/digitalocean/image.png | Bin 0 -> 36535 bytes .../cloud-providers/digitalocean/size.png | Bin 0 -> 69750 bytes 2 files changed, 0 insertions(+), 0 deletions(-) create mode 100644 running-coreos/cloud-providers/digitalocean/image.png create mode 100644 running-coreos/cloud-providers/digitalocean/size.png diff --git a/running-coreos/cloud-providers/digitalocean/image.png b/running-coreos/cloud-providers/digitalocean/image.png new file mode 100644 index 0000000000000000000000000000000000000000..8a869c3112e0897f512f916ecf0e18ef3b507d84 GIT binary patch literal 36535 zcmcG#Ra_iR^es9#K?1=cSO~#g2X}XOcXxLQ1P|^W+=9EiWpD`|+}-W;_dn;{r~7gr z?(k#i>1nFFt7@;k*4ot(it-YuNCZeA5C~ODQdAiPg0=*<_Yk3h_p{QoT;LCki?Ea` zA|m3-mcl0R@q?qJmJ0}kjPc(u)XbXy3$T;WRZP=W#lhUw!^qhTBxLGfY(^?>X~)Y z>EWrn=*HM~XEn>iEs2#t`lF8~!MGMlj9q1trZvHCS)OpXj%dG_zq=t5(si#_;#XUP zsp5Px5aDJv+q9$kU6oZTB4LRKF&I_|9W;#qBP-zYjzZn`q|AsC3-%T(@=t^&!>3L#U`*E<~5|QJQEis#2Y66=Y|Vk zH%F4}M$b=5)qgG@W;q5kQB_l)pZm-0K_EECB_f6z$mwsrZHS&03p2Ah@96w; zKf5Hj;^2NtL@3402X}nd(e5u~m1FPowP&iJKR$otM{YDvqlkz>~#6ICxyDvXFB zwvaa7u7U#L=6-ws@`{lkT1rnZUB2GGgl+vYU}h#m62{{{sVJ zml#5xX*%#LR4(nkH`!|Yd5_V*8*JST+IG0 z`LpeU#0xT2zEq)%H8?or4Ez$tKew^6#@Vy9=HHA7YLLB}i`drl6A3j+mMw3tv2di? zLk%PBi%t(9F&VO#0>{oSkI%vM{pKD1|lMmV%>+Vbz1W5{AcC?8lFPk`0jbH8!JBzELI<{q{p1bp9k2wa1 zYFe-T8Ln-}cCwzafUG6t_3<cGS;*q?eMlNovvkBQx*~MftNUdvg4#Jnk?$$ni-;CS?u*3HpJ)yv#~! z&$HLQ-84lE3f2UvZbL(DjzxT}n+43fz0;>3WiQe|{Ay zu_j&vP)0Suw0+J0)(KRa7M~Rxhdr>qcklm98=!taLc;$p(4|l44BfM}*8TKy{yIwX z7PD`$@frXgc{#{^UueCF(0G4c(T8e~J+WYX(MyYWfO8i?-PIj03u>t=H4^huni^tF zH!Wx^YTY+>urkUIp%g?_!V22T;u<2mGSy3FtvhmT)q)1)RisOLQmHDT+EdQ|VlBxi zz+kJ?RKr5KqLZR5*w>cNwXt&NQpbJL-Rg=G`OxUUdvx_P&RW{lG_Q~cx_)5GLP$Lh zIm~P}V&t+A=JMBwW0RK}a>YI_=1+M}cI5S|!TBQ4PrSCJ8Rib#N9Phb9-pTMq~I?_ z#?4RyM9_?{-9FMBn8iY)}8r1V1o$?++NNPs_w0p zW%-Ky@jh6ru?S8-#q!W~jJ|Ah=c%o|t?k)VjS}TE4NZ++N1&Psr9$({i90jCLL`fW z2ZOe*0Y;mft;*9(_p8f*-uoNcdl~QZRLn8S-`0KoUVE4+_l}#sh1{IYcB+PzkR4n+q*Q4aDh~}Mn%Z9I9)DLAFBXLUUL=!3S63U2cg(ZKzv+&6sY&;> z;$vKQms7f2Ocw7v1^86YLf&Gm0*UCzk*wbEu>7hI{p0Z!JV7c4F|TV&eMO0*R#m}4 zs1aBg5vmV4|6in{)1d7qqiQC0_);qKlc0iK+7x&`+m+?LGfAXCQ)MZoiA@hSHCgh6 zHhCx%>TJaDaJ!&?W-^~Uc{?4qgvEn``!Iq`G<%hlReS1x%2S9c5nQk6AfxpEQmI{k zd&~KsSJc|tWfH6^&+HrUxuN8R|gswwx8VASBD)o>=~vU4|f)E{if!N{SsX z3{J$x%KGTDyvD*DqmK4C&E;MqbrHvXd^4`PpD{=NMjW# z9CIwv<(>88Ep7`fEWSGzqv5%)*;nIgaG7i3p!N4hkFGn3jn{z`#+S8?x3!QMvw*un zNN3$SAt?IB{q3QBBLZ~ivcNX{lM)LNy%v1jMLYwPzZi`3i za(D7QJlCJav6Zjh>DmPKqxY34a^Q9?LJs#;z&j-S-u`hxz;4ZFv&DD(ryn_inQhL@ zzrNKd6vic3dHMhDQ{C&nPOX`pK`RZ>gEN=Q0i>uW6)PHsdG+!=>KI4O%s4)_T7P|u z9uclop0C$%>O5iyBf4LOu#HZ8xZM{{$bdULff_3r`>$5j!-Jiz5rJe2SV%&A$mi(E24U?}jbi-357(W?ErJbsH9%DT4<1SV+<|M>y(GAfeg;aFN3gBH0wn_LJYR8RzQp%Mw&Ye!E7 zfyf|&BkPZZJeaZM`v_WMCD*w03{)+BOSsVXuaO{ai)O^HE!VL zyV={Dkyt#GEj&{)GLA-aIEa*wWs0j((KT`n>F2=24`nT|zHunw>t&q(+X2Ztr28cV z0^M`OZqxUQ_I?rG?P=Zr&cx={uVUb{Yn|%!%z_v7AP*1%vuhjvp|Mp*eyZtV+lpi zE2qHxqp#>FRlC3DA2&;3g%OAg@;sZtnb|R2Sx%8uMuzKn?Oan9r>ARh7J>qiQ|GIM zHP=U${-!&$vN>CzhBHKDry7Zb6(tn}J6p|PRp+hrmYAt=+QJ4JY0AkrHL+2eB0lhT zuHj2D3#W3R7}a+dpnNl}e)wq){V}(BWZHKNx@T{iWc1QBBj6&oeF7P6z4j<1_YROk zZcp{2Ay-zp4AJx2HeGaJKZhS|);%xm(h8RpSs44}sXnC2B50C6^Gy6$|6NLDM zTTw(^?XyuJdJ5hHJ!v4a+N>LB$_*Q2%UdH&tu{jxt6OYj8QJH|5lac$yu)31M#kp) zN`bkC%j46|u(b9jwwsUdbvDkV5}bHJI6OR4Al<90Q7ak=eO+t&;tBa2S?L&@`9+ZW zXXX5eezlhG32M8pxIRXHnyc&gjdkuk5Z&;KZR-A^qVYk4=UXsz^CS~W$}V2mZ^Bf< zLsk^I1UJs%zTxr@UqabYt{(>%ieMV{YCVG^mjms+rQZG_ z`W?;=l)XL}kXo$4$yt4Sh(CfrrAl_f)zKjTXB$OBtrR1~@eg4HB_MJc#i zdJi+R$iXDnmz@504tkqfK0aSTHy-yX6O5Fgb;0Ruog73eKFAv+7p3UNaFYU3Kt+Yv zitpNnQ??1T0iNJsNn z|6O7Dkx)6Jtl*Ga@X1=SnP+q7=B|EUIiZr~>br~GhjbiR5kW@WXxKn~XG{zv&`zY! zZZZ59(a|4(>LQLqz0u?Keh`%UOgL8M7(srF93dmi2XK8oIV5tJJb7cIg<^06IHi2;9I zH$rMSV|Xtv!UEohyKURh;R6?59bV6IHBgvt)`&!4I(cF6wQgY} zk8#y%VFRIy^2SGJDPx@pGv$l;zVE7COM@(hgi5RG&!_V7m|gooP&gZb_IS2;W{M$4 zZLv>H8~Yy(2*Hj_%Co-TLY}Rn~gj z)AgxYM3MsIqk++P^CjN=Z|un>5H})zwgDE{Ko&Y?*X&xK6t=k>YkrR%MO8z=r1{8< zZ$)1yOPSXmz*{tUbPQMbjf6a_+fD=-87Wx%^muB;f_QjGrvyi*(0O4{3^f5-r+o>~ zB%r0v{I;jT5=hntE*cLkMZDxA(pa=Kh*U65me=>>fJwqqI!T%qHziD0Tzn2yZ`Mjm zNUCRf(e)v4*ldwqOqIQX(dEzqFU)9S!36R#v`jO%4E^*%@YRS<`oU%drVOkd)?*0rL((bVFP zZ)JCA<#2ks15Tl;JGyvCou|KS^#o~atEWpg=2~%oLFC8_D=3G%uAq^IsTYQJR?{PW zmmD&g_FT=|bo3JG6>K`1K%XTu@{*I62s7bGEh+uY^c>I63r<4+)+}(~vSKRb(wc<= zW6Uk4nc2?(3M?MOmvU>>L-`Vxk8&H1-G_^Vv*g9X3&z9!=8)HOjA06Vt2@zXw~&db zs!$>p)-GDAq`2d1YN@H@Rx*r>1h-6QG!tP7#@Nk1>kCwvRh4&K^27m|QnT|C&b$6Y zg@3WfjRjyX%Mh|K4LzUKdts`nT?${e+t?=#qcLike{I8RYexyFmr!Qy)g3IJSbr zpz`pU@_)=m!v7Cu65(3m;`}ENC`7N7ep~W$rLjT2KYn^Mn&$1Ea??vO(@Mb>8#QH#EGR8U z0%a6iWx#`YA@y{~pkPwO;7vy`tkCaeTaL^aBRUupmJz-Ew(4yGqY1L`6K)Hw6m(~i z%Ijs^tdSZwJqzX7m!sfU4OyjM4)oyoVwcloGJxdu#}7G zCE@U-(;mz56dQfA^tZ%OO*)Fmf?_Ml7u~kqx9n$esv^4aD_)3G*7)w#^Q(RH%Bg#y zW257@ylByNmR2`=0KsS_^*J|2YT2jSJj?`5ib6*(`+{TG8 zA}I5qBVys;Jo)lRHShE>p{S{0iwV^vd-+8k6DEu0?86Cdwk&gA%T5Gu&bjF+VUb@J zN$t3;WGa|CeJt=^#3= zeHj!KWXYB>YD#L;z7usq#XoK6#+?lZ2PY;bX5Y-i7_!l#sHT=;*1&i<=342Z68zV; zsnzfXQu^O%6UfDs953aXGi><@>YRnpi*MasFf)p!5<)2`c6{XGzDv2}?4Pc#rABcU(_*k`}_NG8TF%wxABq*#oSph$5!7sGAHeuGsiJZtU!TC ze4vrKtWnb)I&!JLV?4t@M1&?Jgu`$ly<=lzIugEQT2p@Pw8vTKeb*iRTWR!{T&KZ_ z$}~Xcm#XjUl9+@AF&Wr1;62YGNK>ErM(we}_cQ(6WBOc4jw|VsIl1Quwm$=BkxSt+ z=pu&qn}|`2$q4@#-*s+Z)2~_Fzm_8l&MUX3NQ@XX2BIKY+KeT=_MT;Mzr*XAhK9!8 zKD@R1xPa1Ak4e1RIhR%hgGR90! za77Lp*U`nX2rBuu=~f>d9TgN5bgVkb8=a*IwlblFY=cW?x%wGW4l%MUZzL07>#NeD zk)st_bgMH*Q3{eG3&6P1IZi^hsKo_`j@9*7EAV?+r$>zb0 z5EUO}VVCe;zoS68P<#pai#nzHK%UR_+Ij3mR6Pa`psxAO9O?E8-FKrySbcgeeBxQOzZY2k=D$>V33F!whpzQL6gP#wB@$Ex5PiHBs#@2}>bsyT{O+J=@9 zb7%iq&KXboIcoZQZ%aJCwSTK+T5p$#h)7RQ4`j$9F)O64rKP2;%yO;5f>KygQqtb8 zqm-np6{`dhi^54xN%`|qdG(#^Y=8jHG>{?H2L9%X7g=5_W%iIQT4I-Ld;zr|9k%z> z9Wr^ShpDl(=@PWJ{U=D-TjZFwfJ!=n?aZauwmyw^64p$5#p6-k+|1eBA69)F z`V+WOHFfnr)ds3qgMa?~aRg`SbOpO#0DVhKLu2k_p9o*XmMl#j$-*mh3(ySp1d55gL6)7Eh|oInc;3; zw&m2F?5aMt_>+ZCNI20*uBztNzQ)eZ9wcapv!4>x+uM7+582Pi(LB*qQ)_hG>RZlU z5jDaSr%5K@T;(WPcx>r8`E7Muvm@td&VsLm<$y&KmyKhbTwE3^Vl4oN zK^GkG_5$2lvLLmcjm`1lAv0^3>~gE=Xu@*NTBFl9pdDtw5eeIJ1Q%0t#3OtNBL4eX z$vRe<0P#y(b%}CW`uPTrQuJ|t_A}sJG!%#<_I{McmaPXc2YlP3WvrSka2XXQx^i&#jv1^dA=>A*a)(Ej4i4w%=bUzO zdW%{qdR@L=R9G2n5qbi9kX!>DolIIDuN;AZH{XDO_Y?UOX}rY}XwC<2%FrJLrBu@X z4s2e%5pu{9dRhD;F{aE!U*n3{$4WXjY$B)F>?(^{Qe(Dhx1`yIBWtA7g}v(m%Jj`0U%YoV_Hfq^;d%IbEQeOFv!*z{RMkb5jWiK>~S9 zrj=*E(Fr#KNC|5a6Z<+?3Q1m;k#L^%n*k2rf^aR@2w%ASYFx4Zu#=rHFSA7~$co=O zhcgn_jIR3E=RFTUg->Bd(TyPv6d5oe`yH)xNDI1HZB^Ce>SB_zv=wkFCcLcEGC6on zb8BaeFe6tz0iU~*EbaZ$__&z22|$tlPy!NA@Mo?#1-8-3zfQB3lrg&U19g=~c%DG8 zNqznLb=uO^&=Azj+0VqETT@y}g@^L=>d)%};I?k8%8q5Bf2>rKevL=0<0vh5?&=ht z%r#fCDGx`CJNGYh`+456h*gE_Kixw!zGvjiM{WLBI{=}z&&bRuo?lofi6N|KAoxFm;?0-tvm_Vr?R>e&GbW(TT%gExt>HDkI zF;-ebLxT>76*KsE?Q`uL|uOe za;z+c%gGY6is)e*z>hR)^!eJ4b=BrgS-AR#z8zT?P_?burM2vEc0#hRMx>LI6Mevx0d zC+6Q|Z4CHybqI&^9SCFMfXYyHbu|F@lH_EF!d_lpN=nl}vJuHg?`QfLE`kpG>&3Oj zbuak(LfY@P_~Y!4=t1M~k3`%aXR9M4h}A~YWd&3Ra=kF+u6p<0oy2h^U0wcmX_A({aUKa6- zsiUJKB!>^k;8ZNkm*M8j978-uxqILPb+IGl;NPB?|9H+?zG5MLxljLBmp8ldctMk< zo{WyREmtxNMBzr4pPZcBQXa-S&DlJ94&AdHc zQA z(0yd(h$-XIpr8O>C*%ebG*=%#-=7OO??}=l3lm{lSv=**_Hvz_PSm9T5lMn7{iPxe z6Vy{Imw9x2Jk6Bx^zY))w|*wlVU@!{1)Zyt7q`f`V&Uomftpu)m>fu zD%=2*DyJE*3ntxU;c%$3$|x_VlAdM`-17vwxm>Lxg-$EDfQ?aQFz~pN$w_Z9j*u&1 z)bwZeVcXfIr+Srk@_lp7ktbnms-dU0A(Rvlb{Y z`aUAoM09{PC`iHA!j`Ldhptb+q8B+C8D#HL=lK{Xy*d*F=JfXRa!Z>6azNYSJ!XKKU-d4taI?$FkYjjRkVswt#OZy9QsD65;D>l&@gR(r+W?!H?6Cmn zMYQ0?gCEds8-DkXzFjZs=R4zNEK0KBtr0BL@sb^{cPsmUvN6RziIG;T2}@F8^&#?s z470J{q-Ps6>D=F59%ExaUZ?5ku73^gosv)n3A3mX{wtjV04^I;@`n1h!B2!X3zUVKILWe>7b3lEe)Myj|yZzrQ`lOAgS5f44=j z8?mM@Ov2k)Y;EGV{vlsd-`4ij9Pr$%QLP)XF^Y?so9vv|k(t?Y5*{9I;CHK5sW_kr zM5CwT=+o^n@B;A6+d!@x8ANI!RWe(qT3%SV9fHRHW6-#?H?OP3cDYW1#Bc7@eZPpo zQ9W9|pDC7@FGId0KHe%rU0GRKLxb}+Udh^;n{Oe}x1HXNzj%0-W$OfG9#2l5$1k*b z&BYuNa_YlZE{Pw@;ybg4xblj-I#`t-i7YnnR08>WasB1;0Q#)jx@IyZoLmTKolbl1@%eA|m~B5;;?Z7!jhxuP-Ldk?Hkx0H0V6K|m`QE43onYbi(-!x{wgGk_v2gVXT7x zRiaEPL*vS6dAYm0yFCDT0QW$UaMM>xQmas3^EvO7FL8;ia|uHwm7BdS}Jwb!Kq_Z!K%~5M+{HtU2QRV6f-Yjn(WbY#?x2Oi9FOg*BhcGZO;bGh+ik}O4Ht>(!@I_s!uT~pJ-uJi8nS=K04KCpk7 zT!bw{Ov(3lUSnltMTw)deC+z=KXf|pyjNFKgM)@r?fGJ{ybldR>F;3#yoaMBYgwN# zTYC*KA$%Y(pu9MV6Tj+$W6A0z3-j_o>4$Spm6VOQf;W=gm6l1A@XTzap?Ga%OIQlM zd?g+Mdk2hm9bb2;Rk?(=Jij-WWle5+fb1CwHAQOS-`#FjX^Grc;{#j9y!5B=IxN|@J-A!5amNsos@ z6FIZC*6DgUlaPS1NvJceYGRSy5#io za2XaB21Hs}4ZiS5X~VkJcdEz;(Z1+I7L-KXGAZh{d7O;}x{pQdA5rq)#lB||gfe|7 zso|b^d`$5;sr>1R>#T}k4f-M&!~!d*NUfwP4VyVR6Q@Zipl<9{l(f{Tfc?s)hYm1Y%9uw&P}b_dL8ys%o6;n@Cg zv_f;Mzcv5mO}_h8*4uO#VE!e_>$Ec92Ts^TLiN2q-{gODvv({CRY<0XeV(rRla&mI_b9;9? zFy+nz-k&WXIezc2_u2CME)c%d)L+<1IIM{&W*ns%Pl}RcvD*dH2kV_alPRBU7Alup zoJ^FIK7BDQh=lXkQo;fV74WZUXlVC$cgEeLsx-HED-Hs$H?x37IU0vgZc1mq2@eaK zf<*xJGx_r8Zk*@dSl%ep!aOZ3KR_~6q|%Y{2$Gch(5)4Pe-vBTe&p=;1HhD#ne)eeAW)Sc-W2u7$O%=6cL~I+?J!Fw42`WiwleXzj5;7s^hj|tHka7 z#oNzfN)(fdifMqc2jH1d6ZR=pSwv6w^tavnXB%tl6b3zQO-;-CWgzW%7dgt%Mgl<= z56lG*AcxW7$g1azngZ%VE)%;>UNXfDaE{K_+B@|fgoJv3p+@muE!eD6F>WhL!wKOL z5d3X(I|iies(rH*&g?m=$w0mlUIMw@YRl#4jR$crFD}4PgWQtL*!oa_47J=}pKkSQ z?sYbv79OwnJ~vzHj&5jZfv=(}apMyljP&7;l>=#$*ux)ireR zP{IPt{Fj5mxP|$7Y%DBNt!Zmhydm>?FWwx0%>Z_x$GR7S3YYBr>3QLLoZrJW~R#`;iT0kUUlrB}eD=^4 zaI4#*l6M*~)75_zq)8V|h>cvosKQbb1X#e&2=LKUnq{+M!GL`BjedtSqa<(J@op^n zjWLLqu8I95QX<6yQ7Ix>x+>=hen3YGRW>Y@FO7GCE93EmEN2Ha+zW7}ynE%Io~Deb z5_kXpJ*De_(m!Bai@!;);z|;W%!c6PIOmUqj10iRM-u+%BKwwdr>ea>*>B6Pe)WB* z?DGHPay~sh0ltm3wKda_kw1N0Vs3+F`yFwn@imdKq>74)jg5^xU7~&tZPdFQMIr!X z3VgS!PEMBq-~#?Au%=qJJTQb| zg_urhu5r@-0`5ia`nvuJ9%n0MM$k2K%`jOj@#gk9kP+VBUegwmXoH+Je&bV8gpSlr zT)zMSsiC5hXcGo4=;3kSWVh0F-+Au${=D)2--+_`zqDixrY0w2@!5 z^zv_AVMe$2t##b62sP?=VOovq%9hK3EqxVeJ<0&m8y*7S_! zutijL9&k7^Ubp!uMmfvb8NvmA$=i3d~5IuAZJBK(gFj zT~Ah;8PO4K*E?D}ItWEfOkUMmk+Ew`ic-qUzkU1mU&H~lBP!%0{P5#i}%n_*A7tev6-zbCe2={=eb?U;y&p&Z!g?6_u$T;dVa^0#%$` z|EEJGiYO@$kfp8d%j!P={a&U+*UgNKdS2Ya$+U}FO2W3AQKB<1c6z*T;kEm0uhakmA8Ft7ky3G15y zO>42$Y_?9OB>BX5BfKHif=pOJ)`MdUafSi6oawSlCk<^Cr((JiXJMt5P6|FjTY01w zd^}-P8uLKqP0v1-p4uKJL25;iFqNV(A{=y5T^reoujt|#*Q>jP;d-W9=9|Oyl))oh zxF1UnHl2z%C6x9f;4;&Qwh-^6`lT~a^)ms+_j?ZvT2fMyBVn`6B14LqL-(tD=42B< zTmV~5i7S5_S|kl9(n5fzQ8L(VJ`(dj^dU0>CU(G?OKyKi`Q7JJUKlD!kRd4m?@fb!?(VX{lYRyi&}V&D{Z-Y8>aL!sq+Ao7!x@ zMi4j5EQ4$^513{fZ+FelPfr|nf0Lw()`8rIjLQHlI;&ZXg41#6dffZlXoE|q$uzit zKRYMKkNf!dCm3SN;&rhpB$c4cum~7Gyu=W8+|OS`u?7JyNXYNolAoVnUHvh$l`?VE zl1*D#8K}=sq<$A!KD`4dE#RyGR#Zb%le)Tktj-e$muz!g!ExI%Y)`bCoLSG^m&*|Q z5IAYnuZs&4)ea&ia6#L&;q6@1LU#Hf(oiUAE3%J-2q-Xz|zdXowXD3{ikYo zsRY80!+`bn;{Seead9+XL0trBJ~k8+AV&X7_W+Ipp6tLZhZVoy@haVIi0!}o9au_kKobXS%leWRIS%w({CcE* zONE-kU$D2FpN1+goBP;Pmsifl-8Z+$<$wIC?^^pjaACcSGdG`4uV-qfzj(g~G%YD7_^10Z&WJ9$L|Njrl~Qzf$e) z?&dztl}JlV0}<;9Fir_#FVp@o)T9{zhn1ukYYg6}M9}h2CQcuJA}7dsJ)c+zL^bVQ zLj(*oH11bjAct+hBPfr#!KA#;C-u2+Hzh#2zN!#Wh^lZ0c#=NQW1%Tze;})rKfmGh zGXYa3ozo%b&;Ty5t*s4ky@9%Dbv1*S5)&(8cry8i+haiEYyeraLcMBi(ow6;)k;AD z!gJmc@;Wg@JY|gsKkNh)bG3dO3ITTK&fJj{C9?tAklGjpl$sjAT=~FYOPbrC+s7Os z89(jxYzPX?%*;xoNH^x(UI8{2B}#@T&$@{3?2wG=juw|mCRZKWkyQ{P7}?m|98~~tAHWXu<=>d+r1Z8#Bj(iv>T-awYRL5C zn^OxIPN)a-uf!`7JD#k>92@HPcQ5i!+LW`D;M&{jRxdy-sotq7$l4Q7&_P8adEd2p zolrm(uvALOsuh1l87~d}0utvP3JuQLcqi(z<_F=?eil-W)}*WVsp)vNMm}3%Ag(&o+feGd=&!y>;r7QUDO&=R-%k>t_XO{YG2m{^Uq}ooKRsh>O;kiPV;u>JDZ50*BsJN-)yYB7T@+JLSj@;P~ z2*XZ%e0&1$j}VX3zsWiyXdsU@w?$wn8MzdThK zH6_0v+hJN`gDfg)ssSNSHeR=QtOvMWEyj$vNi(srv8ptUz>o@(2ChXp3v`Y_rtPZB zj{u>+UU)t$?XsG`7ek?CE=UbE<=WOwo1LO2OjUgJ^W+^51kV%2B8sq(9g$2eMG9@E z`SY8infohuwKf08K@gLB5IwbXz@F22^IKM#jxoxOvK&I#pfpF#QgqSqbL1?%k5#HgT9T|O`0Qz_d9f4iUWoN zAl5km_33ke2Ba2M4GjUn9qTnj$1Yx_{+1{OdUcnk01{!_ru=}cMEyY$qojw$uZi@Le2=9Z0%k1%OHL&CmW!(_= zauP_g0HvF{jhQ*@_+A9Xt9%BESBq6T7R@V@{Q8AiiAl;@ zDc__rZVD&;dPkjfDH5e95(`C5stJVZ5OSj1)=C=`GWdQIFmP&4Hb)qYWV=^~s;k`s zQ&mMt1)Vc;b6_`;(lj|W)nH8_O8zgP9|1bfV9>R?e?3~~d)u(0B)}<^ElECA4AF?j zEKc96quXZ~A9V{F+88E36>Ki8pgG{)0b9kysaT_i{O+lHbDb!Q>~ZQr|7rHm9jPMa zA1s3tRY(C7j&(WT#)F9YAq)2s%mLIBST2=GRRdps^JE-B2ifG+FRcD+Z0)ZP0>Nb( zU+%{>m@ivKo{2_d%_r zi#nt>=Rp6PVeopSp=AAEQOhB;_xV33^I*F0anda<%gGb9m&=MM#k4(3FqU%4Rw6=H zeYT-UCe_%lGolk1;I*MzJBc=$@oA2@o~@xo}84-g1y& zmtJjl*y!o$!GhawpkUp<|4t^c>DATJ@^GXO<0@Y=8ze}Ig`@{z6Ss3tup1$Z{1+N} zc5B#1FYi*0$Cx`n3Klldl~)eh0wc|}%<&$WD1w-JfVGxpe8$kK5iEpwNn-F!?FkG;1D{8!tE z=>vPsMma+9LoWE^V#G_A;*GoDT?az+A3+X6!0!UCdwqVs(WpNRaIGwWUIGe&H5C;r zb!JiNTa4q*OnAO8m&2U4OMy-1KoLTt>k7M{$^UWO02qU~y&Zi+UUrY4UUJXz zM*2Ua^6=*ACS2|!23-?gg#pS1wT)2pJwD5$7@fM~3v1BPLCEQru# zn$5%cbljAs)nS95E~xJqs1moe5fsXqxJX>u0Pa9m!)8_k!m~Hi?O+VMnnWxiP@=)( zB;yLaERBD*I&*uW9KGXaV$6sUzR-k;8&0InXU-iY#OGmGVAkgFgAKPr&!Xa4v*)xP z+qQSc@&v5z)>bdTU|E_wJUTHC}35?P{;I1j%y7{h_H^Rk}Cai zA>7F2YzDuMG~UNj38_yaaD5nh2qGrZ(wa30&nH_t?K{#&406#mIr}f!7Nz;KvhaA& z%V8g=$kf8>kF`a9$&8Iyh`Z|LqU^eS{dy3dNk~-vL6`E80M)Ir-U2dK7d;v1yv#1{ z4lFEk+7@r%i6iFI*3~_6Z?Bcb*LnrkwE$D_j`979(ap`x;Q8+&UYHlaw1Lq=UjC6V zngNb=Y1Q>a$8nE=j9WvxE8J&hg{gn=J$yOtR#t1QtGfc+-Z>p@8@Z6!8IB(+1Q4|8q6cin=|{ z^&47bqcG2-_CF&9UrbAoygm#Iq>xiH*12GOmDR8YWM8}_te*rZ@3^hJ++)>g7_gHPJ(hVXhNO!k%Bi$X+-J-x3BqXFIrMtV4?(XiC zZa9nI8Rs83&)a7YUoafT-fQ3YT6134=bCqMEnrrF#B$0D3UhTe>{kB`ojvyCNs8~Q zeS_e)^g;Ve`{n~3U9;ZF>M9w_qK;GWCOaA%qHu-zKpXa1rW`&pw@8%9M769-&qD=G zXrgSlEF~wak4D@_T3T8L1_>FY#0ZbDJP#FdrMvrkU~$@c_P_t>nMbT2sF27;@f`|< zs;a8$jI7p&qA}P68J0=VsqfWO3c(=JG%&}0X4l2#>h4WSxo`~r=!g;&pc|z`q}&OK zLyts667?S)NPgZN|9RRF$WE8dIwUqBwA#*ugx;^19t$gjKb;nG%Nhc`MEj96!|b$^ zFpTqa3+xytmoxf3WYJlYqwZ8cI0|}dD#qn zVxaZvKdj@r=&pbcB?ObYtdMt8)$pf{zCva1I%sau;9wO5AFDJExMIZWf>u*dlED^& z2gd;wjs62fgB8E$$8E#nuR^P*J)|dld!V=)0iDg*1`i8Mz#y(}k@^lS7t8QZ(>Xv* zJM(=Gu@+B^SdkK(CknP)F)jnams|FU(o;!!9oGy+Bx^QPOW^XoU{5D^f{ge=B0`YnIeO)zs^ zskPk6jb%|HiGTv6!gN4Zf1s`{@OPsvcLbmVLc}sFDp)wVS@jb>V+y*}Y!-xjltN)4 zNiYuh1N2`ZPJJh#ZhgKX5IpF6#m=03h|pM)3I4hRq!Th)-sEp|;wp_F^iKvyTAoo& zjr<=3GG~R`f&R@9U;NBu{C!&&1+nAe-7x$|28M#RCPeC0%e0wWR_iJ-IXKHB&yOOK9( zE&_67WJn9OcIJ57`MIebHO?`z5ty52d0c_n9DoFT-)h8z;6$#k*vWHTO)Q0w2x4utm380?u+s#6ctD&VUQJikYPv${v3+D zQ#Zv70y{KyKb~G`i3}1(rXw}@mX$itv_4bh-@PS;2vG#kr6`4Yz>|`;-rY6ZAy+C6G zYrRD5E`KTdhX4Bz+9y<_=$SS9gr(X?-{)L`%lzf#<>6uZiQP{QfTK}RcwxrSI7#0-Pi--`Ys$zDCk@d%7Gv(X8YL670XGBEh+ zV_2Z@=&@L((mXIzOecI%=6IMAiK8Rt7y)DeoIX}>y;J+}%aMy{mf#R*#{&Ijbj`v^ zAM;1qiZe6Ue}D}p5A96_z2CofL~#A)a+~MsSQ4=@lxI=*H~`;grDe&ik{_6C6I!sm zC=)bXa>?J&$p;+O)n}q9WgLxTAfpQl2afekdW;YQ?N<|$%_KA7^}Q5Q9~c>5@RVk~ zQVJ=Jzcf+>b;)YL#>0q&9Z+GWqz3O#i6^xj|_`T4aIyNXn0q|-hUzm=`M;t&|N zpY`-?bB-flCx!R-RWtz`3{XR>7*;kmi)DtLP`Zd2jeM2293080UPJWwR6vAGi;PT*X<@AMy4+WYH9%6Jk_9lkc`^`o*%CEak#Wg z;ss`69f`5ghi^M>Y+?9_urOiY*ZN#@+Q99cNi%$* zV-{7VrHqNPNf@{lgKy>X44An7KGZ&ZrrGXL4L)ZVAoy?3xuLPK@ujfuv`X4Oza{b9 zeP?s~qlbDe)D#b4#FCm@>aT?-plFGCUGoYWfEC}-(Xp7+>usp@2q$|5q4nnJWKvc8 zy&2U3eV48zN=jMf81oGY0?B}8VO~Z5`-1>N!Wts}Ch)WYu>QjNB`Qj>BUOEk*ZaX} zn91Su#FL;5x_MskI;W|R*#GzZxjFm#cyI1nE@_M<+KlatO0zc_*GAJHj?16f02U1{ z8Pi6-g<@rM^IERuU*P8Icj6dyOlW!gtWemg?Z+A$skmyH8n$SO_m-b8FX)@yT8n-C zbS^h6%_s_M6XSH#I+-`F4m>Z93rn=Gr;EMtkszvavsqvLhwcYTBBAk|Q&gg8W8d!6 z@Iz$P)DG-E(#2nz8tN*T2OHvXB!2}&#nPWmYRjHt-&@%_p25Le=J+8zWaRMyxoI4X~U3I+Ts zorqJDjBONC2bOO8XPl9DpqA_F>jS!{5gRUIW+q@$nG|j44IAKelykAaWjTI=k#_Y(NBZUdv=tJOX!X>%WfI z31hE5%0LM!YK*t>Kl%IvwBz;lwTg61p9wt|1gcdkdq>YFpKqG9Rp3 zV8Ok^LLugM{F9Z{$#=~EXrwwDC26wU|D!PG3ePIH5J*?F4r7c)SJOlubacQ*_R*fMA5i@n^mZhF>o4cUpR zm&PCrkNi75aDjlS-e)p?Ar~1l%XI94-(1Hpq~b{1rS`XNP^u2) zsM!dRz{*_3vMbRl;`KIL`~OwgH(#2(z&CbhERtDE#)K$f5RHXLBA=g#nOx=mh48$c44?&C(keYkcI5{6g8lP zqF7;I1@0m!N>$C}jUcL$^&#ca{E`C)vFeshT>j*Q8;Q=s%{@0c>HNZj zeg2#jOycB`C)=t_qyEttdQh+ZWU1YSWUO2?D+&p>1HMQCZM)LQu}0 z{P)*cZA=;rJ-5yFC0f0~gK~-jz@Y-{o_w})XlC8gvCK7*F`ZGlhPL(sa47ZM*8+h! zSFBl?lb??~jtQJ#;GZnj+UbKI_V+zk?w8d+e>Ovfp@Rz~+}w5QJa2*czha!IFuGZE z4VnD)-#E7vr*pS+8JDHh{9RWanJ792Eaj<`Fz0`}>E8o#$|&X!u-ZUI;=Fb7CZJ?qM|8PCW%z6(yE?Z}>y;_0(wMwTd9*#mnSVGz0b{Ag##xU%s_coaVmSRG zV)c#S^+)8%-`{_-TTcVW@JA+%RP>VVCxwh#`dDRgC4f{O*YBhPrv@OMj{slLY4N@V zjD~62h#Rn6K@$v!@z78ddLwWV$csq2xz%>A%>qmL=B7^bcR=>*_tMdu_FMo<0@aSd zzprmrsl<=7*q*`Ly!#$OZ5K0*jcgQDWt}WYnOTW_!d`IB6nQc z)|brUXyl^N7y!r*j7q(F$849^Uo0&0T3boSlU%xU69oMPNZNYW$58fh+r_49e2yT85aK&+Fvp z6=)*J@U^?IT zEM~uR^XS-kK^OgL)0QNYM*)GD5WF*yD=@{Aa5cL&jV{FvEgjrA zb#`$vtcuVyfSA7mM$6lq`VpVwdF#>_Gl2wDTp*b7qDaIl(;GzWL*(*-A0*OyP}(|- zcW`{%y;!56*2l&M15y9Uk$jY7UD6(&+r+2zgl#_kPVc6$lSpXyly#y$aRwZrtmeZ+ zz&Hn}{q{*~O^xeBjvT;j-9dJX*^7GEA&gmE3EUYV0T(Rzum<4C!Vu6+r}p(pImarT zPOOV6NrUvEiRQ4aUtYSvvUlLrTBWfT{=`}5$6&C#B!2o>te!bsX{*-3wsUpSj99o? zoXHXSbs2mO;11^wYQ}cP7%45p!ORCRGH@r47HV6cA5X6DAG;}kESEXAd@h}71R2BW z>Cdv;mcFl97lYmzCpTHe(Jz@_5?X9&2dfRQ1Q9uT_ z@mi(YN5N8kdN7DW4!PmOUV(*0EVGh|i|{1;*SFE+(F~FeG=LwG`AzqhGQVtz3 ztzy^rI%1#vpG^I&eHB=*?gJld4Lr3kc$$Eo0rDrndN&U{TCB%}$S!d+GaH7hv~#^b zr_pU8$t7zSo_LkQP;05AQ)j<6mi38QZ@3Eg9skrievrDJM|N>B>csS_pB5lZ!D0Hi zu<}#`ZlG5hic@c8sJIvT_jh-1dOry$>*{_{``Hsox>9RL3Q137r~HEcgju+4_T?2e zn@NgEqWD&(T%zfc;)^Y$ldoBw&W@a>_MUuNLH0*l_J&~bhv~uT@9LmLj*G(~x~PX< z1oZQ@u4M%of*lg*=?Ji2fzJp!4V&3ALr~JhKM`lBGM6oGIj(6}1|h8#eT|ztv=|EL zUu=jJr5(!t@ZSpMM+V%Q>p~$hCTBB;sr4HKh{RVs)lpS=GI+6gVyI5o&vRGW3^+XF zFeVASR|c@Gc{xZ{(y(UcVFWzPP=m0y2Hz_LrGoGgXdNVve!0u@v;NJuB%sm>tcqz( z53NLJR8^Y-^xcX>5Ah2p3St=kNm`ivRUobl@Ggk)A?N|8fZNUiWNhBXAVYA8Nm5jJ zoSOj#!{{#xWEPlu?@WLkoU;@npxwy?bV|TG=O&19M=z0#@-|vkI{nyi0(9E#qwj^d z2EY4H4n>d{9vvM8x)eYgOgyV#(iQ zE}sR3(|3pQ=}B$_?#5_I3LYLF&zlzblDA zm!ecBdK7wZ6*HY-upvR3)+6RJ{?1fnB2Y3RBt@%)R^o0Xm~WxvDvbq)bAgkY`t1*< zYb1I&M>XUpq(@9MCbCX<>tnD2ZsE(>;M|Nr>BRxdl48EZUHzlG?M1`bPM8Xa>*RJUPsly+}=AnA|@rB0YfOZ0Dca55a5x6 z&B_MVEt;vcA9&+#>s`o26PDdLn!n)ojTcu3k1w=IK6d=5w)>^#Dy!t117}ZZQr(*C z=MZX6I5PY7FSoIt>F`BhTJo`z~!d>u-HJXa!E+1D*bDXvqQKyBNWRY9>H$ zBu|{M;R#AR&Lw9R@C6tjf*gWzn2VcRsdnx0FLk{rQxBl2$>*|Sp{!k`x&-HH6vCHt z!3ahFDY`zQ%~scSQG1bi?1Eprbx1bYBo`En2tGGaNCD&^GxqB03KSX5;P3!%0|-X| z9{`aO@d=WtRPGFlm_8uKovgHyMxx*cF*7mwhu{t-kR8+zk?`Bt+SbI?4HKkwZri~uFFfM-YYgl589-5GEnUDPk^ZwFRs!4Cupvn1*O%mMWO z5j~s^Ke6V=F~r9j7GmG;zMybNqoay!1iup!Kr+)^`Ra@?(Z|O!dvu2!PWYcYACR>; zyUWn^a6&Ql6GqrT$k?kY0#|l=3D9KHzo*xxKmK+@U58cWC^y)<7v{Cw#Q( z#3l5O@7YfkR`j5xVk*uAe~cAu+&9~dht&c}`&sTQO zu7C;w-7iRTl(yXMgH+M%($WhCo~(uGMt4eW5b?$7E#tshR~OvA{Dk>y2-vu4ms|-Y z28sCGnSM!Us3pZeiPqp#FMEh54xD^?iHI(Zjv7eRYH{{y@F@20Ie!Q}Yg~D>1tl*C zb4;o0qXu_^?-(=aVYLacsJaaCiE(crpo)8`7O2y_qm}2!$Jgz-5D*b#`u?b)tLVMi z9|lzr;3-XYL(Fi{w6=U-pN}yi^GeOopu=Sp6@gD=*iBzmCF`b1j{_7K0DCYO{&*!s zfq@(-VwQZ-ahEfVI!1e+Zd-c~l+uo}bRxvN!(P7D(0-;ckU0tp0z)*qdwPJA^?6tM z$E_)jiR~2T_n#plA&2wrGt+7(ddkvj-xNg{p+Ep+fL!6A`Q9-yEWN6?``$U&Ld69`7@zC=5VanL0?1ixht@c=^IQahWu4-Gs zvWJt*zmPd#ZJ1Q*pp_6XhDKIa7MMAv1_lNoBnN24WpFyQ_}qg)1gH?(zaf^_h(&Ps z<_wC@A#YX$e5+t^4?;@=WY!xrG=y)$MC220V~TFw8>jJlo_oDf?*ZO8qvJI6vhJ+n zc1ffH=Yy;Oh-n0#8{lM^&@4<$Hi0Y-&K1#-1U0FR+VxX+CnqOk$155Y`b!oC+)2qYEc^ywgn zz}G(buRU;^*LT4AU752EgUpTuIGII1efo4vi19hsbWJF6r(787T?Z-F!mV|N4VN9wo^~(xVhScUaWg1N(KY^wtX1 z?*t5H**HC1X?+GTS|5PmNP))y##R6(jgchs`EI6l8MJB5OxKsOIRDWuh%tpH&_#w*`5XP7pFl|X3s8tGg22ohpjN!`UVQ~Nshp87 z(tJM#wi=%94xB>NGH}iKXwkVMHwPdn!JVh>P5JqIAjZ%I=p`*}ZGgESx85eVY65T0 zL!y@{3{Y6$gPf?O-NkxXi%0@KsKLdWi>L-f@6c2=*z@w)Vf>YoBq>1NsunoA$wP6C zscmhmM1&rn9QFI;KTT8t=HZ~E5iR%CpbA$l+U&sB>~nnVI|+vPfh3)eiLw#l;alSd zUfJg*XpOoUP+{^mB#0cHVA5yb9GU4d3$Zd9N!W?ODa#dj^8JRE0^ybnb}u!MhnJmc zHpBzD5FDJX+ocAxJ&cLEe81JUucQyFh+x9R3r9hl9m#(+3tXIk5h`H=`0S+eVis<; zAdG>I1X8arVj9@5m#eKo@P5FK4EB#gruq5bfqI&Q^N9Zp@xXlr&RcGevp+6-%v)*G zN1cFXy}Z0sQ&$JEZDUHE*f-!p(Hjf=pmva+(e+C}<&T6Nx_U9k&?*HLhGb0g*V1lq41xYMw)v4QXS_oQ;D<8T00+7gULNMto1 zwEsRfHU?7a^hqp;a}BqtPf}ZZ8wBq$n6NioW&?S~yC!3qmMT(mq=#H--Z`L_6gzq6 zH0u0`H6_7>gEW*F?S6xF9CNIoKvUn-nNKtIh*`&$TOG%X?B1<2E}$MxHQfWD@S}UvPhd#oM@ep z>Y3`jg+a&{kBF$N6<#rH7zdn`5VmJ=rC8cf$I|bbDl2z%hN4%D8j}m*VFN6p}v+@(vpff%7L46y zs;xF>Iw0yib#u0yW;6O&0u?%%g8yze%bi!p+}JtrR<|2Zi>1z_2c9RD@2&VL2nVk}pj(a^ z9T8&W36u=zNL@zEva;AnaHHkMk49_+#Ds*&80P_M)Gv(l`1rVva>*$D!KC@Cem+L8 z)l4u(;Oyai1d!^3I;U%vo)4v5o(b7W*xAlDHix_`x5J?OD~GMee{JrgvQ5~vkTLyG z*m_q8R2(CTb)rCj`TsO!yut1G z(HT%|14#boA&av7N$^~&Ivi^wr3|fKQbn=ygiWPs+Ta=HXg8EwN8?{lcT&f_q4kFe zFcNaBc7EPJL#c(%S;=+Jj*k9h4=Amwa-QDC0eRC)U%8&tA+ySbBj8TPnZ^%HO-!73 zl0GqEge(F-AB1(NyIt1dH4fW}9`at7lgA91#ZUlc!WOUBdfkchNuP}S#V~*Tt+8F& zzrJ_K26J>^b45i(r$aXrR8E1r_Qle&FWZc8eyGxt66hI4yn_tTdqBA4Dx^JagS0*% z@C~LuoUPjqNI0AC%$fA8~ytOx3;=^YyB@RO(p$#LBWT?A_Pb#4WR4kYg1jm zLEFAy3V68$u5dqHNKvLhqISRIYZQ4(+mBul4^=r>vdiLUWumE4bjuAzD7eM{;`&qc zMGgWEzMjnBn^G_WfusLW2nlp~9-8x@DtejV0V?_@>$1A^vMYq?868mE0LD{RzmO&r z$S2#rtrL4M0>fCU@BoHfjtPsVzP`SSim|Ry=4(zyI(aOSX?-wwn)Lb9v4nMK^U&mr zZ(&1&R`egB;TWA+J5ARRFnlJQOhQD{W^zjqS0VzkA-GTDIk~v%0I&@TcWq+1gk~FX zD}laKq}F%ZI1qi^vEIxnsWU}RvzO?HFsS_biO`bK(3P-2kpWmsY|sW;SrMTj<_wf) z9^7?xb%FNl8m!+n@b%oo_ox#c%M+=Q{4icZA&=K9tso((`r#L2afqh4naXwmSzbYs z@q7+GGnflePymEQkoE%C4)EwoN`@Q0C_&So`#nS5Z~z4hhN9D3h5G?l+;oXdS_P|j z{exGQIv#RvH)ar8tfDkt)?SnQ^pR}cKO*yaB4en(a=SsSQvM|6a(&n3>9Aw`N3S;@ zAxzz#o}Pn78c8`|f|n6xismcKjjcj<%{U-z^^eEK#eD{}jGEfo;nz>A{R0EUXu-hP zEoH)k0?@r8GqdC162($lMuu4g~kMwnlA!;JG&gPjOrhH zHF@Y3qTYYf^S#}Yq+rPswrmb`nK@VZT{B6bf(6ElKo1nL#IeL#%R!dLxAhrZ-C$Ic zFhdR1AD_3Cd>If3f~e^Sr=p)vBhL>b;236BIm;Yn(#i$J3J?d6fb>^SXom$w0IbD} zwjV>SkSWuq#S7K0xwCv5cJd+<1!R|=B#M`=LuGpltQp&(D?k z^oe-_0KR`WN&cn_jKR`ae2u_wKQx#=+XE8T2swU7SXfWBAPKSGrL!Zs9<>q5w?{zvJeAnKU^b^7OYu#oODlmp?8sS!MAj2zDEe z?YY3Pm8rS85OYzd!;iq7(%?%#2&9h^NREt3IGDogZn@`0-OKv! zun!u4n&NZ*127xt0l-WSFhFn5vHol~ReZbuLKwx|nLLvQ_~u}sh3#C0c=R6-VXv;K zx$_o?7MNnCX6gpBaf<#<$Qv3MtOCN>%s(v05^P2NC&OvBWqp6Ht|Zt0NmjV=u_t0+ zA%HP?VfbM%?_go1uxKguGTGz*Bc8ev|8-?mimGN75kxhdO ztQe6!PJ&FXx2sXVfRzET4`O3$hjCk5+vPIDZzDU&fyP=~avprCM51V{Dk(qJHH}?I z!S2}tOffL3D*?&(u4ISO%wz&8q5x9M37>s0_oqO-)B0Oru;l+$ZZJcaZhxneCP(8Ix@9{@tJLT$teLTh z*m-kv10t`3#y<)QKC7#Pa3@!fS!ED2h$x|yXZe*c7wX@tAWSxS>w^q*>|Q{hq$L3T#0_WFU0lFvLqKbAJ)8P#N~YSayOfd1!ic z)P9J4W^#I(hY0NgvY8#j5N{o~0nPOf@|6(OjUCBGZO6~{+~aWI#ixGs{+*xXtKU6) zXrfdPmy{z;9u=?*yOnRL#e_$MhX*Q48&L1s+Dhzr2>VR3wj3XUy^Sfd zj9wGca=OEcFGWqanXZ`=FVca9opPg)mOa^@le92ppJ z1q2A+)|D;CL~1N2YR2V%O+TfxnJ9a<{NQojZjTUTX0-b3l2!DMQ@RZ0%yEb`>2>vS zX0psyd4e9W8TOW(6Gzs}zW>_jiF^ZvCRkI2sak;Y=0ta}z!=x7+FjUpg>Tqq`jd8@ zy&?F>0w+<}9w9n?NEh&+0^$4nBVXgSL)P8~pMLUNO`gCrk|=n~H}0T4r@#Q^y0ddt zZf+0XD!VvbL&?nKBnU6J0s+%H7m#<(gWJq!q38i)_oqbP+mcI}I|e&HZpz4NC+z$!IyL+JdvNPmMIh0Mx)>1V z9c%xvo}HqIjC&*2oyWBj#|-ZoVz{xs#!UBvLgMAp%zlODPEXG|qdO42wzdX(&kTK3 z&=|&>)&mTo#AqdlHLLS#iEY@yW%tzm%yiz2G|1mcI_KU5|AKyq((}J7Q$1Vts$n`h zR*6}?j18}DgFWuBKh1a(JF$EGt;z{X+v3$cVt^N9A|ranW*-9Mp>~*DX{}+uwt?cj z_yE#93q%UDkE}a9v&_=qn1^QpfbI*TD)P5tMtRe|3)-Du4m=qPRKPgdsF@;fTR(!oxFqkj{eNmpM(E`TGxjs4zO1*I>nu z6`7w8@=#m?0s^%@jYL3+1k}6LR8nZ>n)&?Slp)FF zt7946jPo1k;t=f0oidsDZv$INwy$(ESa9JodeuMtls^@uM4iB9%azs7A9TEWpa{L6z{w z-$A&r&!JAi9^LN4bmG?JVdWNVJR2~-$YXEAVAwt0xX`f$8G@Oed%@K|Sao)dSU%l9 zNk@6GB=R}$0@<0}xR|*vqot(zjyj;DfgWjRWQ zX3*ru<9`_nKnvsJy=HQ24-@?(*~On#>_IuaN`+f_nZae^8-h>t?d^7+{+v_DCCU?X zElaBgClf*54Sy9Yhya7DAH0e!_1WZNOzX?b%QG?z(e4p|dIPjNR|5mcZAhvIqta1sjQRbd2-@(v1Xp{eb1OiLI#+$^n*=Jqi^ zC`Xc<67>gjl_^4?mEBBXpnw8|hc$x~UpW}F1zPF#>-(KQ#$Scf0jh`d!!W@20UdLl zjq~L-B2{`8V2D?)QN)EAH)H`T%(I;{>c%L^6_R5Ke$yTw=^R$zCM8yy0WLHX49nJ} zbN)%pHBF56>22!FV1Vie?8u%S9Th!-Lz3-3DF-c^UqL(@MCT1DDbGd0V+rZ#z~*Mo zD%AmwN09cJoyB|CHBYLh2L1tnwH(IhGQi<#$Kzsa$RobLFlXyd^8?}#j8zNX3hc81tglgO?8n+^HEKl9RB**pGdNBM`=xT}L+@8xDjOYQ= zTC4w!GJ>2QU}S;DEPMbV2x8{o-~jFktzK~jJ5+R{3J`H%q1}2yiImhp7AFzAFcd}A z(4EF(x(O+Xee&PN!xFXA|0o>5Nx10N?thdW`u3^(r3>osKimCn76uMp1JL&%IB@n`nPzTx z^Urj5cY7~Yxr1-GhZ`&At;e80IH!YD( z*W_U-EwCbwVv?a6>L4y&WmT3|>aX;^t_L?I;NF8-KCRGiBc*ILj$r4jq8#*gP@3wI z{SDb5GJQIp9cy~onE=DTetHudE>UKoSoCMpvHlQ;2|Jc1w5~}J3m);~ll?z6qkXVu zWl?+cuzvb_rM3C_`AtpU9HibQ24NZAOnXB*LpvH_9xrcah#l0+EQw8nY94xJ@+%z4 z#qNCIQa>zIIJo#YaONeq&2hB&zoXvS{<38@A04! zVPU`*fJU)aZ#XmXpXjb@@5+P3#K|?7$ck(DJ7%s+hbps@0EK&)HhX(9`dZthKgE>u z??2Yqy2Kq0+zjmzpVt9o1At{$|4fxG@~yfZTb$Y4X_bYMsi6d<3kp8O-xj@%1P*Wy z*j7%V364L zA1(XIbQ-sdpJXcEZ5vd~Y~X%>Fd`6$)FFuF?l2YL1vlHq;)nCScwLe0U3AgJjU3|m z+iVck2NRnyLcnKp{;CFA|T-gX3(b{yqY4?B` z(GI;X3r-Jr3DOT~{iMO>^{N0mUY*KS^q%9y%CJ4z9zmui)U_B%*MzB#`ayG4>p)kc zqj=i$z0;JG0T|BBe}8a}2QvsE{GDfY@HM@2#+@T_8q7Zn z{&Y`t{S=KAzup8F=#=infDnIs*l8*-Ae+|3UD@_aV7L_TZy$K~MDomvliN(eAPLO% z7ePIR2o3yb0{Oo`{Qq49|AeKP044T(g72HPtVC$wsmbU_`KNtOOK-u-CVmaW-jUR} zeVYEN>l2lisZzqt4e!rPrCgETe~UY#UTSkWCG+-`6c>BCY%sjUp#kO5zym zDC?XYc)~`CNK7I~+^`PQiz59K?pd=BMe&V@dAU$hpsS((M?Zk)TFf4%?+4jJ(0{@u zt;qU?n&Cl_V5I)2OrwQ;%_Izi$=)2lg-88n2^EtbY(fX*n0eS&8uSnh*0rI(0<{5e z=#a!3+>=5E8YEbevM~bp+{TXN*U=&@xy(QP*)O=Y;U0G(W6gU7jhkQSF z?fGB$q|L3kFqs^~{nFq`KEU?xz zY>(`rGsj~_tykfQ=f0Ca1{S+vM}4uez)}2L3~UNo7s(R$P1nNPujTUuBaa6Jwl=QH z{u4WyZ|u0wgH@2@<(QJC@&6^dpt>=Z=DCioy04e(c0QN;EgIj)to7ijKyMDiQPcGF zl#c$ipLS(62Kjlev4h9HAiO;kY_e`Ytwn6D@t8b8FM38!DIr~&YkKbOt*t@yndq|E zMQ~^&y%U>A4i0|asxIHd)kxDdU4MS;5;>_~U1}vpPcdR7JI`4U|Da#U3o(lbyp2pn0-F7niWbedwl^A8S_COOcV6k0nY4Dx!cB@t>xs)3F(~{oz ztWRp!($Id@(LSbs{Q8bg$FJ4l3GpC1cIk;XCWD|K9oZ zYe8FZVXa*66{I}Y;e5ORo^pLGgW?^!%wEQK9O-?BDM+^v#zOz03#F?Zr%`CCVz`EM znykfIYzaXaQUFFP;&C4IPSflVogKJ|-n9~w5F34>0;V3W4+7BY|3Zs4k!yQhT zLx*J>Frd^d)e;qwg3a^pTPdbw!!`v0+-obs~O-L-R#^6^>wNKJ*w z^9#;Uu91^KTAE}AgY^EW{j?mbu+(*Bdd<#d%qN#B&4c&Pf8RsKA8V^s=ldf4+#Y&@ zsf06wm@g(P`cG_Z?&fp0<4HXmi^t2mWNMED?)#__bQqK>2GW`ecvv{{ktfaejOep# zYi^!>)if%PP+wLON@F>5TQ~O4QuoczIzR4y(WiFf`XnjnSy6#yEE5SewK1WmDJ=h z2r;zG<1^o>Gt;~_XV?CF`oW)}zcld#W~7e%4hw=(ZTM0f2P{36AM_h-teJaJi3{u1 z{;`qEVkMAko@PDmR$Oe?zz`a9M*p6S6B{O%%w5pWd zZz!L$d&ge1gPr5R*S3-5NB#Ya<>}Q~>?wSqo`6us7KOP9Qc^qx{)c}2G#N*!NqU>V zc&~)-=I_jCqulN9dslqQ0wGATT}JtK{4pYeOKY>r!IEs^z1V z>0MXz7ScHs`2^}y4F?oAk7K8`Mn&E4-zbQs3J^a(z>dJCJ$Nb#|IN>naH_POD24eEp!&J&J=_TFg&(kyW#$#U3=cDr{ z#J;wI&RR`ieiX(V`C(B~vNSdjbqoK714o28{W z#XF|AoE*!e_M(CRjs#OYzvyH^8roHVD@p5A7+{8E?yJ@;RThx=A920qiI;|HBj#i) zv38w`n|;3fCil8o6&Fq_r%lNC&m`5WwtAsKD&=l}$i;6JNcyk@6akXXs%%vWBLpdh zIVVsy&yvu}%5}ClpQCLnf6Ak%u&24QQ@Hj8VsWj&A}`u{+DF<-%b>kkb|koOYm85a zz2PhT4_Q7L9xmYNj!HN(`xS8DyT|o&bw7F&$;XSx7}04ciPpfH{jw-l{NFwZk|9KBPZg6YyBu3B^#k(L#$G!v zf=agQSR>)TUqb zwqrs3ZCAr(k@m$!e#buEzs_|fxm=vx)@L7C;2&85zw|t>k{3p}ZOCCHKS=C6jF;-F zcy6lxd*c&g`g#en8XJfaY`}z0LsJlCbn)z6cf0Mmx8)AzZ8l1Z`|;e&?H;87-sNpw`pdl^BfS|d%>%)P#Q8{-cw$g-bWXMpq!uI~irPe|j^(@^-i!07hu zlk2KABQ&I9m*UV%A#K*T%gv?u728(!@}{6~QFCZs{`V4Q*fxA^v7b;LDIJj*$xg5TyReq~%Ge4bBwZ_n+~tf7xgx>88;F-6sxVN@7^Cjquu_fH zBUYQC&#N<^>xxACPWhDvp-4;h374+v)c)}HtA=Rx^Rl&f>jHa~H4UXj_wf7nvFgiW zQ&kKkV<^N#+Le^>yayu;f;YHPQ<}VU{6=2RNR&#E+?seplc%B z=HAGVR1kXyZIV}_>V9gUO+ese_+Y*CmWwAtRqf8!&ZV0wi{DTjXIMMB%b>3e7Q$kD z-p^0o#_8*{zNUgaGu%e{q+YAi(nf6uakrt!-v9dF*!-cjvyk0vf@J%}BqD8imAX5e z|MUG#-zRzM#YTy=+j+-aF;o$XU^s{|GY5Mh9B6r)3TYYsB7dJnJz5y~{iW6V$=udT zcV4T(ob33VhlAmK0qLQYIzrH=;qcoGo3HxM>j`h|A*xX@rjSinZy}P4wr4%`YORVC+ezh7Tht{PY z3nD^Y&KH9{zxmbPE;dB;r>#uwr$dtVFS&fZcVKJ7TO9aqMvq6Y1(}|CIK8}|^9(B= zHP!P|Ra+`IbbPW-;z`rot|oVP(sunUuDhPynx6#)rk)P-yDne%6PliF#0Pm%Uku+q z1q+OOH*ngI#Jmy&3r_m^&hIY&YDb>(Gvf!lpM8;f1SDasts707a2-@x4*nJJay7*n za1igayL}i#@293SdD0_%IEX!D7On&DyUM>7%Bko43C>|l($zY5c9z1>#`)}Z z>*4MA!A9XGuwAdAW$kfkiV*2LHCXnH=e^~+nH>R+SUh5x zkXUpPA(iK2PU_a0mZxts9NsrPifWJbqB{{m;TXZ-IRLZf&kJ>KE|(286>6^`2@V&B zn+jl96gPI^r8I8@+Ea1*a&v{vwfNlZUOdamL9TBdJT=1^MSg#aZjDXt5<07v(X!n3X2i>30PBhaVnAiW%cn z{aP+B{D@JsC$MJ49XEBzVgI$-2wvrm^6?h$I*V>Yq;&%jU7|#m_Cl;{Tv| z6%$IYl+1O`L1LDUO%nwdP+qOVkRIC`+l94ch^a08CCKa|oLU8;&ZJfj&ERz{Y?r%t4F2`PCu<=mSgu-un{?Qi3ba}G<6^v3Twaj8ilNtiRv z;c~ryz1VUc;EkI(Dts(CN~K%}Bsiw@w24;PEw=i2qouP$h-0ZrW5p%&y$_^}E}M$q z^G^CT+1kynD*Uqg^y%_7r6nmwH|_b%8h1VUEIZjX>qU>?BgPMwN2V;2mFei5^5YHD zt;=TJ60BY5uI{kzzNR^FHA+nKWOFmM?1UbM*KM<#-- zO6NjWIq%!^WySOzK0+NO8XhGSRkF?gNg)Sc_p&`E%lf4lRG9MRc;C&NVKX%)PZ~6)`FyWy zpthf1o51vpKYyNHW?GsDytGC`*vTQZepf9=|J;=FNiIS+&Tj|q&cE|*=BnwytF6xM zmRe_VKUH9PjplbF1_s55*{ah&Pp=SPXKE>Pu3F$-`eWcIDxW&@jz_>fuH-X}g6Hfy z=)b2pO|&^Rq^$us%*N%H)^+*0z)ziHGfjEe^ddKS-_bt=9EIyRvusJU_)pX3!p)P7 zt$ozCTwQz5Y5GQ>Gv@T1&zmvv4FO#r7D>(>AP literal 0 HcmV?d00001 diff --git a/running-coreos/cloud-providers/digitalocean/size.png b/running-coreos/cloud-providers/digitalocean/size.png new file mode 100644 index 0000000000000000000000000000000000000000..4366036a6e9a19602b029213f08789c339a746ef GIT binary patch literal 69750 zcmeEuWmuJMv?j)}wZAjx z&-|J>bLQXdOD}rw_kEuAtaY#ZzSj)jf`Tb7CM1u7a*GxPf|5UIr#FPt(ckv3JN+7^8bxr)7}^G%_ok+s*Vaa#*Qv}_C_eL z4Q=#|o{5;*8@brnTR1#>qrkD+SRMwyhl~8ZH}*z)j%GI2&lJt9j8I-Ou`|73`+a)2 zi-PhDMO^5$qHD_Lw2LRM(f7N5O{(J$X2eP<{O;eo*F>%)cl&`{dq9ZG+_aiZlgCI! z3bp&QK>z!{JkYU2-c@1?o&_8j4oy-ujB~T@kSuIVe}fe+v4+L@4FYLj~3fDeDscG2O( zJCz_Em?$6lrs4dg8RCs1!s*0<=qg_PVJXB6Wm?h2b*9#l&hCmdCg6%iM<7 zasODn8=6TIER?B8o9?mw(#FOnDYtIRxT3DIl8ugzj+J%)WOu>L%nTi$@d=Az7oWx7 zr_o{*X#RpUxHEQ`3=9l(%0GCq2Pda0Bm9ueMf;b>K9*)_Vul-AwM60J;W}Q2 zj}Ya^-*9wX{1XJPIxxEBHLHO8=<(z65+6ElZuh;#ZrWJ$$!aS#HMK(JVjR@lzIQO! z2c2hpFxrNPhbybA)w5RKgy5=e_$8^Nq-11dL@k?^ z!fp|FNM5WwIW@I8H>Yc2B8r+{T3Y($i>;&M!SS(;ia0EunOXjzDTQCx(%$FK&sjQg1&Re{XYR0cTGlRCj}hf{b#+x$Ra0%ZXJ%&JzkhFq&WvHeMyM7? z>6aiym6ZE9-~sAw7uF;K2!9#~mFVB3W|uc!B=@RZW8!ZH6W$oE#kG^cFTY zBzSl~E)i>=I`q4Hd#y}Ob=8zm-3vJHY7CEW2fo3=zMf!WNW7Be0`+Q$;oMo zo+c@`sj+c>e%`n@X~cT{%pV<}!+NULup5VjBps88!_e6H7hA7%+1}9+@eBR-tVn+I z1;v7}u&^eNV`D=@W{fv-xY9$;&d#^)-uGNiG)YNKtuwyZ(7C3iqg(iZz}N94#R*o| z&=8FzzFf_UJQ~i~kWf+@*`97F)oK_W7|?B^hcnt1fSLTlK%{{;duXlNX4V@HB8l-uX=3+0jC%H{cswjsU9NA(>?d@xsW}il1kvPA|zdG4}RF-vZGz^ zxHi}7d%QF2Gv6K@5`xBIVwKbzkLav#pXlHG0ZC<)}ec@MB6ck&Z z!wb!w8@KK};dTAmhvc*YBN!g@l8{PKL4mZw^wh%vmYF3)c85(9+@k$RFSG;6rKkOv&DJm(6h>VPk zh^SVjhm4V!n8@S2X=-Zf`o|yN`ek$6r%#o7ZFfRDAdP&48?UXadxVFV#_hEJGm#a7 z!lwC@iu0uwV>}%$T1+==fhJ?TM9$6kugIbfPDU(Ne&t9KaaevSDA?QEb6<=S{qW(# zPvZ)S97uqZRTe5DB0uIkLVbOG>%QZKE}ieR2zZ@U=H;z~J!TaY6ojy-sHhkk8tOH6 z(9}$M_3SMTu0&3Bs19T@vZzYF2caFAV;heH#_OFns;wqrg?@w+t!!*e4h(#ZjaAat zzPdb~y}sP>vEk7Zc>dfBvf0(u6}db-k*j*g1?iug?0yl#8h+NC=6j%Jhh1w%XZ z*$6T3w7JZBxh!@?B_t%kHX@exAco<=pizDMpMQco<|Fyff-=9zWr+xjh`<@i$1 zA783gvD}6wuz0g?~ZILY@pVLNYS`MEYE0Nl`V79m6)y zIUjmn*t;MfrNza?rKL4Lm_jmf(K<#7Rp9O+Jzgxv$OicPtEJziXJpi_GLIF>3XY6S z=d?+4S~P`?=Cqlas&}$*cR%ZirMo^GYjJmXSEu{bZ3u-UN+JjDnuyzxrp62MH9XrC z1pau1iGjX8&clZdX6q0}qs1C|Z)xxtHM#WLQLPOidj>rqZ@xO)uox@Znr-oE{qT=q z#@`VYoe}dY$O~yQc^(VloR%b0i`;(Jk8g5&vB~Gi7i%}EmySgeywIO%bQ^U@=XJA} zk?Dg7b#QQ~LwxtgsZ#e^_<<=a+n*yDf3!WFO!t%dXLk&>mZoNHS_OQMgPpzUc*cWG znn|a*aXKbalV1|*D*{0T0h#jBp|Po{E)pU_;B+x&eSMuyr6i0*V5S}cmF{ssBD3Cy z(o&`xqm#dXc6WE-hf?C=-90_#lSY)-sEhWeGff_Jw6w%N7rWHyp3#!tG1RhG+YLJr zBm&JQ{luvlr(#u?q!R|6ji0ZbTEc>w6?bH7r4HF zoKYA4;>C-5_wGRlvdF@xG1uXJ0B05fRbC!osZULbx+|fS#TnoTFuvbgv(n51OIGS-Ie%`St8_x=-CNY1FFn3$N{sf<)qKa!ei(OLAq`&FOM>1YpyZ4Y$yHWM++qc@<#MsyaX5=LUl%s2(4Y3?gZ$uu(CGHO6Dt8hX#*Bt$+D4EiG+-xp%`6b!2eR zt}o@~^~H(+#4xYdnWG7S5>ZiqK{<7G_pOPl_qXmk52abl_~n|ZsEnQNuee;$(9noI z!%pa3wwB4Z(z9-_8#?20mT+@-=jP^)i;bnEqN?uIe&XZf6Ovhbmxb%`r{yL5KlBIoSiJ#gY4|u-ulr8emCPRn^Y%A&3n1VrR(U{QUe{ zN(2DCaB!ldqU7Y|^}}^A+WZ0oUAQe*mX?-QR^rprW}uuYT_B6H@?UO%xp`hrQ=5lS zWQqD}B{AB>a(<0zd-Qg9=O@pUdYvC>!4hr#h>pf-(iSlOnP8n}8x|bAdwk49PfyRl z;NWQojV$%#i4Y#LjiKQBS+ftadGmvMl6ZkGyElh zv(Q~0K7h_)?)A|Au4LX2I|m1v|959!e!S3*v9X#3M<>R@@ySUS9jj99re8xt$w^5? z8Z;s6#`oi-s0`GUvj!cNzFBfe=KSjE>2cZ^byB(|J>=5TMJp@^$8b`=$s*if#m zy%OcZ=^C5aj!=96CUq+0aBwAZegI&9%7u@lB|0Vs^UfOx!v>r2lKR@(CALXt3#S4&Q<-0! zouGO;DWxT64ofe86r;ck6{g3V)|vsx#<}fY9qOWrN(AJasEU^St5ZgUN;-nN;rBq$I+}k5A7wN?m^DYxz%Xj}=ty zKDb+^YRQpYr{rv9$p9ziR%W0MkHgXCIFz~PxFL26Kb$Tqhnl~9`}T^5r{UiwZd$1d z4mg}R85x--_rr2)$jfeSZg`-dRJjSnX-dAXO%MDQBL2+JT;M4 z{i#I~dI&UsGCsbhJj5~JUo;2!>oX2ajTL)kuCb*yhF#f01^%lEiNCWWgEps8=` z$B!QeoVR?p{r&uqs52u&4@y<4@pIqSuMmoHadEA_cQsa~9|}_7h}+ri0{Z0Mw!b*p zg{(0!Fi>5WJze7sh)+@RlX~$?nSrQ^mBsm|bO3VQhJ@j{(>>_NVv7GhoSY8h7&N%U ziy=+(xNHw^9NO90jeas?Nt}3uj)sPYj&4AZTUVDjnfaE+kVOqrE)-!cj%bAK({vT6 zEMuiQHZ`9_`a^<)@7=%8NJ~4>;9{d<#C^E}U9Iixw8+K0GWHgii+0waW{dZw4q%x8 zOrlD4E2u8t{n4#T<1)W=5_|j{9NdML1j5pEY&=W3P~d#C0(Q&BX2-ekk!`8wRJoBP zK%mJj(TFE6y)SANX_2tYDJArrs@ZNqWO5qf$H>IQ1wx43Vze?jdv;*pE3&02RMBYp zPKhIKYDyzLA?^QOVSNq7O?y#Kz~iIjrdw+Axb6x$q%OG`s!9PaO1n46dL-{Z2I zZ%4#4AzP4zNC7AU80hH9{9b2PscTljVPVMI8!Ogu0r~{Gf|HXI=;1>NfP;(^~dydQ+BrD_0=V=a5xd?HXz7jwo8o1 zEQXN00XNLR(g2u-d%C>5gxm#Z-`u=Fy*MH$Xkg88y0MVxe^NbixJDew@C(+~B~J8V zMrviMo6F0i0My{p{rvn&h}p8tCUlt{_n*wayK!sA=lT)?QM1Y22|Df3Entx%dH1>= z%JL4{-MeG$UjT*C=X|RMFgmZ}D)yKRK;__v)avJcTy23^fNQQ{Yx+}p@E<;G>tGTT z)7Q@|E!{yj$2u*|4l6PiZdh26Y8A%Pi7Yu=v>4vr-pIvo@^Eo>K7s&<CNBB}~Mi z^G0g~J)UIV7&RkfUw^;NN?+<&iI&AAFSNFgS&ezGP8O_GjuW80sHt&*?L~GI>V)`S zi}r5%`tyJhr;j>BfhdC{Gg)CG3z!(bu&|)RZ>cxG6PRn(q&@2_#KgsQ0u94-nL(gL zPETLoas&Z3_TTwXrlj6wScFQVtBq!FXc(J@8y7?|+6XWLBIueSqYci^rh6E;>*-_-hgF8lOJ%&YJy;zi@jijJRyzT@1?^Imd_`b;FxsH!hRt%Us(fu{ zSEgKeczC#VB4miXf?xSUWOhzYn5d|$#$JAq?2DBx;I!@R%=Xp|uoWv8s>MODZ#0X3 zEh#C<&+kSc3JYuBLaJ0(?$ubQ^UQf`O6pRCuH)5pnH7x?p<{$hfQF^ z@X^uH6e}jMZSbO6>~Hdhl$4bxCMPv!`MdvcrxX+xJ`dUZ`!^^o>=R-MDlFVLfG(?a zqc_NhZ%s{&e7>d1%Qj~CfqvP^>8Vpn#q3B%F+g+xFJU5CinLA+4(J#djY}=!kV4Ko zMo$hu|Ct{PWorI?bl4BX8VXi3v9>Fcm_w-#{12wJFc3*%8mGzx`lrIT=Q8%c{$PSw zgcIs4DTn+`-V@@{{A1*2Sowif$4Dl2j`Y8sr~O|jUYzN2KW!jjlQLu#8ADpo@I-)$)y2a^Y{zJTA1~w|Q{5|-6-G>2sj@(*#PgQFo zbe?3q4f^+Xb+fER?psMKY8|E_iRD+K(}vWJrvJAb^Z#<~|3~z6`(#wleg#ubE|C<# zN&?&om#&X9f-@1*e50RYohixlhQBl43@$o;M|vrE*)ZMex^{8;A(}QM^OJSjn={P4 zBiqK}TkFXdeL7qkL%PZnZd74}%iAMv^E>q$R(W9w-GKJ;o#s< zr;pQ!+x)Qmt$HM8{_Lg1B(X9!4$<*AmdAGOue3q+hGi0)PLbP}>mg#Bcc>$#zf$K9 z@i|*vnCqs0tnSd7@)U_k_BfCVunHV5@jQ=xrNgOcdi>BiSgCSfRP}o z-CioUc|xjG7fWv8N`ry>x$}`4Zcf!W`yAUPYg0Rq+%0W9tGUJ&yzn?C!XxU&sm>^0Y#*2O!xqf; zxtgCPxwf;b$*TL|qMdTITSJXXdJBiz@4Svp`4MGmofN8g%9Zx7=9cGQt{+)3_9k$- zf6w_&E7(=Jq=DthUz7K*Mltn%e>Min$Jp)Gug}$@^=; z*ZMUdCyrsy>u&ky!lTD*5C8HJ@i zm(VwkdN$6V+#?m*JJ_>f`*F?wlJjy8!HR=Q8p(exn>*>7Hhu8|ULuu$(%$cC=LdOm zbDTIT>0%Rm_h@weUeSXLe!mMAu8ZI0R($rOum#_et=(I;^)4oM*NEW$pI_B&3FZBB zwNAq2q{|Sx@sUY)irkpr25i;U>)~2kyIUKwID+lY+oDW(PU^ZV>ox80 z*TvjPKdi55RZfm3Y z$q3W0?!lS9*5}X4uN%_6HI%Lky9^a)gTCTF5Y$#Jt4XeI$P_=_do#f{B5viuxx$DvwEr;~doJ5qN1+2C_kj0ktZ;BZSHM13_Ys zhe%Coj?{rPF^(_(hMB_h|W)axj{ zXmhhkV}=SY-~0M7al@y1&}Ke`$X_@wI^rp>^PaKZpLF9eB`u!A-xWKAR~}z@N1O!3 zW)uF9I!{;8urapwcSfvATH{Sq_+g~%ofOHH`LRDe+s=A_d4}P$*sU~M(hyxzzWZTV zY5Aex#jQY>vkSr5s26@8>n+Bod;&TtMNWS|6oiJphzlZ|w|!gb!koU3(yvzde)$Xj z#k84<`Bw$Q{JOJI6q!q^;m^)pewz<7vJ6`9_p44*!L_L-;mcEPL!D zY{7Qx)KctRTl8mssA{=GvTz9IY8KOq-TN6#NUNO0gDb=*8T_Qw50(>D^QtGG^IW@J zpRkZpn2kA~wGj2XS9G!3|Eg`ZlBA-xVt&A~(%a%+CClYZa(Rm7m*AXoavGmoh9`*n zVv6N4T05>V>VpdxtNUfCW7l2{>~CVLwh>tAu8!(Vvef$4N?PZqrIP6~PuMw{8Z(mX z2?Ah03-*op2}1p`1qVhzk^ReKTdLgTf`&o8m={nKO7Auk_f{@RO$;@Wt0aav|3=%q zk)LU@4dFdG+hiKS7jeqB>|)g<%P80U{XQ1n2Qtz%x~=7f?BS6e?~KqD4c+Y9=Fg%M zcwxTx(BOKfPGv?T-euiTgqR9uiMzt8~5u2RcJ`FRS#nl8>zP6DvkCh z`hC>)C2tTAh44MWtX0{i)4Ldcn=Y`T{K@m=RHfnibeREh_t=?CAZo+k>8SuM!xu}c zc7foQwm)s;Y6#dy`%|jOpV_WlYUyDy(nF?nDp} zu1$IQhsHG>j`ujZu@ibp7hBF{7xBivSN;mw{DB0M%U5c@_Lkk2j{o!m96rv>78?!U zSR09ZpVq?tsGf9xAU4@gEH7+*?D9Qa?i}ZwcDS=#AL&k0Sps(XN@&Z~{v>N^+{?34 zERo3crgKk1QVJ?-GE&21&cdYCqmEG<^*5-&kGYG_`78N-sj&s4IV_oH3aoHSe~;nG zQu=A_UXdJYm#$X+eBVE#ULlZ*J^qXHy1fazVQxLjZC|_4a?{Y+Q%TQGfsRy2M!e(G zTRdz$;s=FlwfYRU84YpN z#J!2mB#uD!%RzfVR5{lar4d_=gn&(Ee6srl@@E@|vJ8j9Z+M}0QO};1AF8A$G+&(S zs93)oab8n0P*_W7CicV5P-)L2IL&?b2Of=y{NzTvx7u~sV$p;L{Ln1HmV`w zVye2JAel4w{(Vxv+RmR}w!dbYYnX6)zd|Mb)YdYVUTNJ}>+??yTW5N+z%RS___eHB!T^dsS7?fj zrDPWEXKLL_o$I-`bW8#t3KDA_Wm%0uD~>{pd(7Zn21biqlCf)#`L5Sn?$h7TF|QXV zx3*@|6YO0l7xl`lLjUQ&ICJ0sqcbx0@sX*lP}7}Qm(dYLTes`1EPWp@npOqLtD=G} zLw}FZjJ0H+Mm`$e&svjr!cz{Wt8YEkp-@ZpT8dps+g#F{E%ChQdhQ{cJK@N_I$Aob zwK!>PhLQ38Jg4QNq7eUa)3qTzso}E5>Lv75u3e4~TWI38JSl1EQe{jylDD?D{J+cK zTh=^qVC8AZRxIWu3Vyq|v_Ue>BQm&q?-gWdlib`mWyK+krOoXTmv65;)=H_r4CZEL z>Z?$ZCc2u+nI{?kuBAKqbukCqGS5cKPA&Z z13_S7LPBo1$r@Nvly5e-5an7%)XDSsq<(q{X%<+>Z|>lClv^HCs>U@LJ%+DQRzb>* z@Y02*5c$=BFY_TWeEct2i~jRU{tK?8|Np1|Tjs6**ULm%@9Sl5ZVuc&O^7^gEHL#f ziJR8yuZGy9hmabTD{8qeSf)g>GH8I+>g(tLA5AqK{J4!7B=QU{WHp(a-RdX>R`pHb zebCd0FzyHj0TE+s8x$V?l+{=Ybf@j2e}G;FZu%seQWESLE+*`M$;rtVKv)K?K_n{* zn=Do$H8mBq50Gj%wzjMosvTDP78e(R$dgUx*t%lJgBK#!ta;FKv@_e{acrF`v$DPp zn#c1fG4NIt78C#<-xhSw#gO7k7AcbfyB-SCn^w$;GGS z3=CFqf%FK_(Y+@s%|Knm6<#|$`}y-{c6RpElxB{+n+XFpn!kQoLQMvEo@(?v(2AAM zYg#UQ!PXI{#i&(Z2^SwFcF;v039h6L1R}JMnvd@i+;?Dk0_9Gfi-SX%0!M9#0ABPJ z4@U=6oKZ}4bePCOt=)pQ`x@njbDbu?>)$!>F@Y`2KQM5%Lga`!DVG5+bju%p(=;g! zh-lEIEv8EpX+b|fKi)}?kH;qGv3lfiCI1`9We(k750~#&m~a`kBDe;$O`m}ce5-S9xdSb;wx7L zmK`aI78HaSsRawoZ*1_G4t%bD<5WFt3*0tnQvrJI`eo_qv#{Yy_HKFpW=YM?Tk5Z0 zzwb802^Ip;h>fihRJqZcpuqz-h!^UwmjM1Gu&0!%ev-)X^?jp)IoGE}fiv#9{pisn z5N?6w+}_^y`v}B2$nzysiJog+CT}eAT_U_Cpvf-`=8^YCFOSLBi$VH%ge@>2f)?`-hV0&Y?8C{lo~6>!v_z_TzBU|Q_v_u zf&|_!%Mcy1DAV?!2VnDqpnZsXyTZ7)eo0*?nZpW%sM4&g1+bai!6F6{Us+k%87yIv z@r=c)W%FA#v-go4uuGg#9U++3RzRyU?7{{KA8A>nmeFkXbn6ItWYcsQ*V58bbpd)C zh`iR!1mGmV!NCD_SzB@N{-|-o1SrTyuosKj89#`Q11? zix4ki2o{P?NC0Dk?cBE;f?e=x4L;iP&#=K62`+$Z3{1>aFhVp$&_#(2|N3Qrb#Xd6 zItoTHP?PN^&62bmoVUP!F+Dwk74YVzq+CKUwRi%cnq;(xn1>+v zbC<+ZSF#Qks!2ONCMG61IXNwj5gV14m$#lUk_UDIG&oOBPf-3i+z(7a$*$AfURq+e z{QY%#c^OP+aLp$tt|hka?)Bj75)=D-cvv-RyZkc|v=y)+RuzH~?RC~*c5d$a;aP1h zSBb5<`b5pFH==wKOt{)^OR-ZqiUqQRgLepLnZ z`@z8hEAhdwFH`2d3ibb55Q6dp4D;7nHHaxLDLj)qg|ZtPdabK*$Db zNNqy{lUjNE#GPVgkNI}69Pa*P?YA8)wz{?4pN`z(q$Ds|B6?|oMSmAKyj5Jy4&oSi z+Ex$8bV!(WUxCgG$L{*5rp0QuITf8P1uQ18oZwZpxK`GH>_kKJ1=hY;*~RG-REf;Y zOmLz=06SlRrS8t1JL(o){rxR&`?)nW$Ka2)eEE-s!esS09@2F6w+#!d#UsCet5&Hu zf#iNX>*E7*SPeL17eUm8^bsRQ(a*atHMu*Kl9B=k49r9_B;-!^_It<2W2S5%m)Cd* zLFl@Eo;u(#OCJRlDA#KMlfiCCvl;wK#$W1qHWnzE>{PsxnvVoc`w~ zWXboc^wy@PtLxaBm>^cBj=qw^J*L+)Fd!$*uB@!As&ZN#$bhn6;(joPIpJ^z8mT2p z8Qa**_AYvr1i;z0Hn+94oim?9tF5n}*$tjz49PqL*D55FVvQPNzJIG2xKmP{5390< z)|5-NwY0R5-vzO}XgY67ZNssCcvvych$pQ|ld&d^9hnasw|Twozz}DbD&qpKIY@PO zyP%Sw&^u(&4kqgnE<`o`^Df9o-V&rlGSyjwCRB+ECQBo2C20kzm zn@V1&w|F;6D1clb;{N$F^hou4uZLL-&wV?G&0og4ov?5-4cwQ^77F#d92C3 zP|flc?e7&OzZ>Dpk?$@q3TLOmMT;|PNE9EvKk_4$y|lQ!y?t@fFjYo$h>i1TA{L-X z8o$>>TiZgciuRggPm5qiEn?#iGL!ieyAHCqG1DW^Zr@}axPA9-Lw!9sype*g2+u^L zJr4y%dq)R2bMiiao{QrN2nc{9zX-vyxcJ+ZKF){%53wcFw1eBm?1vqaS?^=S#rY;8 z*?M;5gGok428h7mjfFz%GRuq%KHYI#DE8CkMu;eKQSQqFIJMv~8XSz$KtptPn!x6Q ztOt%ZD=Vul)fq#UkLtL5r=X^GaoWacgEHbW6rZbH*aCfa zO!vXbLZl0;2-1}fB?$5uyh4IhZp1%OfxNt$7_4Ba-rY@7mIF`Q{_gIdp7Zl_FflbjlIG+bgOYV7@-)s!iFPE3-2%!>9%OXu zkx@vOCFw;V#g87&gKCa++Yy3elV{Wx><$)~ntuQ~q@+B7Nd+t{EQ>#oP{3Pt2^ah4 z&mYbG+c#fB#40PtsTUvZ?b$mxY>&MmDRiSbduw~o{I}l9UYyGiWIQU z8ySIz;tY}vI7O$K8jwvP7FSQ)3obCscpPtoJp#DUSi{j$q z`kBnhL`wR;FyqUY)nuDy@F{|P3%2WJb8rB@%~u4cC5%)6ez^YO!%cs| z2Tz|q#l>xBm(7u{s;m?e5ox~ILyXD^gp2G0hFDx$0w9Es9}h-lII<8BVCw{IlP8mE zZe|7+XGa&874>MSJ_-sj>H@hD>8n>q>`d0!T%H}4HXRWj_jN*uY);lhBCN=wzD%dM zhh!eOU(%H};yiuYYbBSjczxRM15Px!5bz9NTwcP|Oif>LtM2M#%?`=+iRgx82&~|o zo}t3UJXp5Ud0ZIj=p+kA2>+w;0fju7+sQm{BMX2Y@k{$f@M8j`rHT=MhTUaY4q`YI zT(DACdFc%T76-(>zOk{=pDtiGFSOyjo!A3Sh^oa$#1c4df`fy>&0%`n15+O!0NtUO zafB~(ch7kl!cqIx-${d&%aM_vhIYsEy3mk(F7rLmW#l=-e?(HeC z3<4eo;CmN?V4!*tUc1J6`V0Uj6%`eZ;An}K$L_pvj=cDgV_rWi>@VkxYa3w;Dk)+3 zGE^LJj$4|VGAH*!TR;`_&p-c!gYy~k=(Ox#@BqKNJ8RX>6ro%Qer_8xvkbF|!9lP# zw4AH0{Hx=GQyQ>5AQu2FGNNY(?oF+_U~b<+9(Hg6C@M~s2RH{l3>Jd40|QCZ7$c9v zMM|<$Q>TmjlCcHV!AiEiUc2%HdPI-I^^r14$UTNE;yLn+)G&Xf!5BgsE5W1vrdU}+ zPEL=R0Gf@^P(*6eH2BTIMp5$=43e;A)(79dKSX|}%k$qhUG-mS(1R`MO)}N8{ByR= zH0F-V{NCc0#T-b58LL%`uD|zqpXt85g5`4hI-udg;~o6BMKo9{TyTHNnob)1rLXVb zrGrHffPI5>_o_U8KIMs#%cJk$eHb*|%nx`S`4C1I5;qxr?4S>i=^j>){*WdthwBo* zlZz8)gn7qz+;Tf#`E_Ir*f8@Ctj%=^e&{l*(#NHl;~db3WM<2Q1!OJvXYs<=`1jFB z8BQ_3o53IT@0B0<`jh!l8hX@^>gru{k1E;b>GVQKmyRjmQex}!p1lU<6+dFh{`9Ge zK1^EO@qP7dHD91P!^Cbj-|u6CxGor5P1)ud1-=pl{P7-lzMh`Kj59iPZyLA!q2;an z0%K@mqUZAUh*F|PXQ_c(@y(Fv&^nJWp37(U3TRB9RtwclN$&nh9nob;qzQ>eEKOf% zygv`hT^k)$t{C^^e5z|)k=TGBiz=?T|4tTy!##ed=nk|mHb(w}q_{JGY;M)&f!MBH z%9$wT@~{Q`m2YVjX>d<`Pg~m$O`&2mgy>KuP1&WR{q@ZZN~AJAvp%Ql(0_3i=gth% zSs|I*-UXt^KH;sGBMJiVaD_?r1inI)X_vN~yVHaSe)rZLw~x1ZniADSjCM0*>T<_Q zYVm^a8{FET(F@`^#%to=_VI%@|Bpz-%=77Yli!-Ymk;4fR?zENdW1h0{zEwrk!~x% zC$)=c2ZgkM(YDiP(lm)9xwjU9_0P768Vznp$Nc2PARrlfaBDn^65E!WBxb`Bz0g;K z*d&g0xc^ACnQN9T`ks*0UQFwE-kDB4$DoV2r@A*ozOctV!cUUI6A6;}dd_fopjXUm zD5Pn4+yMgu@#*PIIKj7XwhrejKzkWXUYBcYYx(*4 z=2h@x)Y~_qlZB}#c*=k7+&TK2_$q!i=KRQ2G&1DALycV^t4Sa3qephLrN$NGLqiTQ zMl$_LR$N?MR#v5Oq_?-1EUK%wm*Ls7XQZU9Fu8U&39DLH9czalHv3UC`-M`oIB3f_kA0(ElOU-IChnk*1Gt`3yyYU8G|d_pbn&x z*w(<6*wVRj*AF|hn2yJ8RTp>R5zZWa%+y&S1ryT_vco`DnUC0zNHVjs;9vs11f5=Q zUtjeVx}KVHv2tE^Hqv?xJ-0%x)Y_l@_cC9lm;6PsHaQ#oJv*>?&M+gOhE5Rv z!{_>Z7R;(pOj#1c^ax(XYg@GwhQB=erWCI#^HJ#-}q7-D}I#Cy$wqmS7 z%_^s@BqfVc&R@|5nMC5XK&z6=sI5~l{J%ggpCXFy;fk{KmXX^BLA(@6O ziHfu^^a=c$5)CdiU|Z`@>`wtgKtG+KNK1)xPkIR0-1DZ=w=|$P*e$>y&tqoYZ+zUX z9$VX;@@@p-BcpLe*Ulq8qgG>~i~l6XNB3)220gv$;TGzrb@eGxDp#pc*^G^lhleLv z==+i}6H_U4yDs#aDk{f7yMeb>Azv}1Lm$ut8)2P|X`QCbkfVeIn)DEud5^cB>;P7m zrW%?KE1&kltp38(e{Q{`GJEa%u`BkmN?*$5Y0}$2n>!1nmJad2yMe{s+_&}HWymt2 zF-LMSrz8!oeMTMp0APsK1`{3KIdY^DeB0AT`HHmh2zX}bA;1{gsdE$3p*)-_>+Qi? z#4W0+!e0%;CbM2ge~@_7AwgDCgGsni3htdA9t_EN=A^5h}Bm7^$Azi6q`ZM@8$KL=G`pHiA*b= z$lF*?@aA?ACvUX0rVEq`QAy?VKb^nnnw=GRp^H(S_n%&X7sy#0;Mxeo0cqK`_-Ozq zTv!;0No0J<`rDMPM71mv=q+g8EIEeQo)Qu9z+@rBE;QY7ad?SRFdE6q!UDT8HEs2D z+S~RwP7CpBt7sBcgv`8<&x;pH*REgP{}}FYl`Ua45D|wvuvi>Q(^IZ(N-hcpU->TH z@erqe?U#v)z(H>dVcy-~*TYm2$jcUvO!(WAnRj%3Ze!m0MHu}@d;5_K)}@k52k;b} zRuhI>5!-BxP|Q-f?7q*;0JByx&I@_^xk9e3Lk$c+*FlQ}tlo2IZ1p}RT&xJ6$aq;EfdS1(csr*a*yA*eiwhS0xo+AOc(83XOP$Qhyhan@m zf^S-Yfu3FyT=GBxLZ%?V05?0*t1b&S&!}0eYhxpeRF2T`=m~h7>5m7Y8G#O14AwORtvh9Z^YPRTX(ww5<<{C$M0(nbi%_C?^7Dukf@`7clk}`}$8kwHO-;{} zzk2?HdTfNgA3m@VO2a&gia(Gu32|}2CE1jz`U(EY6b=Qt@P`+h)kGzb2q4nX#7bnm zt%Y*3x@rouEc?`_4JryrQQB``c%0_RQi&{TUbyLg|MYr4uU$*5;_9g|D%5=&Yimf< zY|`ldFqVN2M&A`v@t&=kg@U6y}71`X*g4G2(B=86Ob%qXl|#=sRJWVjh~>Nn;?l zY;FHK^z%_ii4g=ubsIuk=-xDQwgxtS0_2+qxHozCe0n|#bBc1bv7z`(+t7!@Ft-p{ zeqrG`&>5~=OS7c!Us2$N6ol+qY?w2!>6xOF?nPyF){i?~IY0>o}u8Qe?|C?c%=ybp13ptk&T^L?u> zObN~L|Jpc&QvxRhqYbhtjH^#1HG%tsm>4L;!-Ipx=tOY*cXiEeG`bzW>STKV@t3(2 zkHeu5g{MPfCk08_lngI}#2?07dNxumM_oDG2WY6msBK^IlGumnd%psG_nZt@cd+z4 zEZQxCgr|{%>2Mn68@Thzo4H%Wv?i-x{ZIKom@z3g-Ro!^kgHvmu~k)dH86QyhAc_B zTbrA?GN}{0svwrC(BMuz$=cks^li1>=|e{)#mW12FKZrML8j%fuVJhwiB_TlVL`}) zhkozg>A{dJAmj-%O5hrR17?#}Kn@lb)ijrsFbW9hP{pXx;{hOr?R1`USs%`ydSaEY z=nhlO0ebF#H{UJHJ!0p`@Hxx(vT54a)@~}H5ooH<$VuJU`-zArSRFJrcn}uxBtT$8$ydwW1;! z1|AMgt|zLlO?C>}vbbul9#5)8@{n$eh>4*pe~>hLFSvB`Q2uiO?mAkP#;NsI9NHtA zftwxE?8G=?sPFwK+MQw!r^}Ad4Za&cylG_<8hgpd%iF-Z;>B8FvYg5)>P>yU!&{Sl zhqLPR9~22R?_O&kP6d_G)-qmudAZO|H&32%*6A2#R+R&T#{}<}qC&&|x=@kx(#ZZp znq`|Rtn0e?wb`0WM8@l21V23-^MFc>OU3nMi8A#1a-_i6Yb6yA7Z-+m009#OxNVko zf=Wk^(|wST-Pov^HHdv%uS%VqjLe-&P6(zT;MA4TOGX>QJ8l3M&n{3i`Lul+tJlMB zFy*a|O7wR$8B3o(rz-;IyPU;Ud5;}qe^LN^s#5Q;Wew1)u62O73~ANfzjm~1pbBeMw!g1?On^7S*3QAknYcHdnFsF07`Z27b#(3FXb*J>>co&a8 zX$R-H`8y)Es=Azns^7mwF*P0?4WQ1xTm3|OOOVC+x>~=N1Mdb3*UOjCG%-DYzV`ku zF#(GqD#`(2-WPaZ166vi2=osFH9L>Gb3g>RtR}8I-&_G+0~-DI>!8NB)e@mFf&OgF9PIOc=MUtC@|*i zec`IHWB>rP*SaA(4h|0}s_pSB&=7+PuwmOX_L$Ryn~3SzhjyCV#`pEO2rz$6^(J8v z{}s27bLEN|k$&Q(#`dB^hnrih0x>(|XHJ}Z2-F!>LYX?F?k&6nXxs;Qa#;>G!|KXj99RbJHw|aUR znv9$T7$Cdv9UNRtKL?A(7bCEU$XuU>3zVKHQ0rSFJCdNAjU6+y%) z^MrDg-hkkTT}nm8ery4u-4hpkdz{;^J>9NE%};ZWyzlX5J{tCj;Ux}LvE^miN4;(M z;N8RYE*0iaQ;Y4fXhfH(T`oWB>*!DmwQlmak-AhFZojGu#4x$iT@kx`rNUgF`$)$t z&8y@-N;d9|ceg(BM%q3(S1@y{KEXxN^cQ(;crA#!%R39auR&=>({r9<+#!vD_V?E} ze&qHn>3GU%7T$P9K@p+Hh0^MP+IdaWi-0LiMd0b<_+Y$oGKMikvijtdmJp_JGf_J2 z;w>7R^0{{mgUQJ^OJ6A{T`a{T=q9CJ(LBG|_Tq_c%E~_|1AIUg^Bmsr z1o&tlL;K{ot%bh$H^VFu3-kzWZJ}{R1?N4-@pL|>yPI-4(U%>2JIP_ZG`P3#a77pp z^f}xdOr4O5FH#RLW-VaAj~JSi7iDQW5O1olX5q{dh8nD1p>($)2BT_yWj-LDr= zkNiF+*x0%S)#WxW9*k>D?z$;>v=9(q#2RKcPz-8CKY12IbB|C@M{0k4MR1rcp=aVH z(Y?}2k4F@3Sqg_g*F?}!vd<9uO$|Yu7b#t$(Wx^6MP)A%)wpWO`_?i{#g!Aw@ZS59 zTqX&Q{Yr4yoaCD$o@d%EXWuv=VQxY4{TC;8Ir7hsPQVb7 zq+WbQ*XdCAJFxJ){`tyU!2P856} zZgs$uOwP>63{^_xBms&d$xb@22y^`KOf%O=Z@*v(Q^xnKb2i#BmGhoClk)at{nbGo zdRz2&OjIM{6Q}*t3-wVm5p~&uNyrIco_fKgu!w@=u=PCTJ9AN8-AhhR7x1JUnR#+B zgf^GW@)7J_)=g5imY+5BXWu*S5Y>9Izqs5fZRIUasj8H9+MSxzdH($FNyz`8?k||) z=-M`1xRKy40fIXOclY3ykl-HN-QC^YU4py2CP2{O?(Xip@8|u#zp$$|H8nLu_f*X= zP4`;Yd0fXrHR)4Ere;bP6qvT&5LSSM?6EtMOW+vS+$tc0*su+HeCD@uf;HJi11dgG zq9VsL5FO=rVZGoIQD|xlH{rU$`$33O$Vb8#GR=LOXugCFQg{2Jr>7qW2q&Zl_TZwZ z^91UX6xbr1JGPNRt0?HX_AtlB;(7(NL9W=_qDs3uEP7}*S@NgZ#fn3(75*wxP9RQq zdEY_zIl^hEw(XMP3 z`$Iv+kmpl4?-5Ju100T!uJ|Y!Vc0|Dd7e>mL0PFN-|b>Uw`YDchtkmcb9BaivK1dH z0lyrEq4N++l4gzxj(`AnQ%0);h~|K^gZ#=$@c#)sW3_4#;oyM%qdwp`9UT6X1%elS zurdmIZoqN9$uW+}C{0V-qfvVbB}SOQGACeqJg#FZdJVH)_Lt$y%D+7v;48EW*bc8` zVy~(sOYIiCy^{HtVgCklgM^ypn~f62vX1$R!&>5o7#-z0Q$rKP7j+`VTo> z$X=hPXtk>TNg}a-4Pz+=Yl?JXVc=WW!<`Gr{`TFwtc_4!Isys^P>`gX#j4BXQyt%~ zi@iYm1gouSplnqzJxjOHt?9F#Je2-4#F;ii$;>Rg1Nc| zU_z93(T+7NQE*va-8C{X0XFpF2Aef5-P|~`$S)JIrpZ~#8P=*TEiF~CXGBpW4coDN zG3p=8=SQxVkw<_PcCS>}+zG_(Z@o@x`9b*clQ3YKeq{bhQ>)|Y=JrgYaa~Pwc44W? z{t6E1X!|QS5I9`I7_G?BJl}EoBKyr{+{<=E?|EJ^N}?V#WYvC%0&Pu;mV&k$zNeh* zpP~qcH@O*$e}HtR?oMiG1o(k#op7VKL5oRervM2_?mSdYnl7}+O=&*E-_f7Df?+IO zzR+1J)y~d8q9tXSQHJ|D$A6e}mlQt;fcXS;}8$vgTvz8yv8W zK3EEeLb|@03PAZX;T{r|18l*qQg%QpUOD%VVTJIMf9nHi{qbI>?jKD*G#a)Xt98q= z$Vb0ZwQmp4P%XcpyfD&e@YqkY2e5DW)N}$pV03b091-POO`)Qrqwp=UMGk}-md`)` z{uBEo5#lid(LyY!rGhAvrdMGzg?l>$Hrpu$6lyk~HzQ>BQmk-Tj6-e1>I43*R=fA> zXA?9^e0&*>8jXqzC)E2x!7tvTm!~iqXPlSWuu|s>>y4dYI19=OEaKiZ(4eyvxWK{; zXx!2z3Ixdp%q&XqdLX?Gmk08k-?rK1?+>IBGLjC7*1BULVI}Sdm#fnyTeVFl zGoE5v=%yDNtQ29W)&A1o_9RTK@=y>#)tDZudcHdC{X$e=H1}$sV=G+Gq&5k8;<fSbVz0Z$8*fq|*Q)Hn_>rq*poKO^=}_@6$3a|p)wb}$?RaRMyyOa60EzQ7=+%WSfXBVII?57B^( zExZ2IY@zl=b5%TR%CM$qfp+Fs@|Kv}KF?6#sK7phH!05mK9J6st={#reAR|RomA1; zkCw%I^+(dUwcL8=`Cp|zqaJRlsi%+M*)?QI=|Pv;-aq1mHs~JafmHc94FN z3A+?=RPJn58jeUaRKokV{8Oi)z(_ky`B%JLcw+U)nOaBrslQI>l`1q}9PdXT&(LKx zp+AQaLxam1>-@!)+hL0V+SDJuy3fV6zEh(KFbfo|zb~XRk&*R*`ipJu^kPsqdD1#% z1=gp2_DhPO{rIfxay{xw)=h8MBMcg2^?Q`HTF?^Nul_c#ce%W5OcyM367o2_cZl0` zy~%V`8?L_@xPJsDgOk=@n!5E?USqmC9ShT@++=R|WAAU7G$`5sC;@>+E0E>{% z>tol;hzF6E`C*+=M7Ho{Hm;+)FJ?)>K!lx zb5)&h>iG5K!*(Ejf*?K*(J-IQU?VC9I{*ogY*aiU&i+jx%DkS#uciuVJ5_t`=P7WX zqO0z{7$XmS+v*|@0`z8^JseqzvPjh>GsP$f zTZ8iCEoT-`xLxCR;R$k43naRY;Eh1r7GG{Iu;xMpQiH^Lv!_XD2^iTj?2ur4;I)|5 z*B8qdoz@x(exL%9;f=(`=J(lLZ_ZN)zHVd}_la`Ix#^l?Oy^SsznZKWCc7Md&;ibh ziSZv}x3fD1Z9x|X0z#ceC51F7>jP^LC-!ONlF<##%?T7{wQ69JXq5&FOlml{6@vh| z^BtMt*j!7V0Z}^d(EPH=z{ZatE&KZbhmgC7qZuxcABISt;|zvvYP5X6^p8s*&gL;I zY%jMk>?V!Kb{o^swZAYu9}R(09R@R7!RHgUf+?Dm(Z9xQq6f9ZMD5_=Sxs@i|KHCr zGm`i>P;Li;-6^94ypG^(B&U|7=&`zZdIhsJx~#2S zWUQ@T#0nOyxIFLEL~n0N;1j#s+SY*ep$CoslvLmac646|90HhnvLPkJ#_FBZfLHge zM8Vg5-oMu6X@oppdjtBfUY^e=is8xJtwOx_iw`xv8>#;W0-43cFoAzLe}3~WvtM7D z45P?6Iy=h}+Rd-PQm5<^G0@x9uPdhg+Hm*k`AurnUf<;K|+D z#Uaw)_Mo&1 zn~IS^xoz`{m&bQY-|O|K{ulU_pL_GWH5W9$liXb@+NF3g_Y_|D6=G(h=JH`AhT-5u zO7S_UDm2G$v#*ET2}|PjIudd5zo^dQe|Cao7{sm3ft;&kDvV10GG-&30+~V)?KEde z(!)Z+ynzmP5S~Rt_^|w+*)=xytD0J=(l0rx8L*4Qewff@U}%Ue5Tre0hy*@&X&?Rv zP5%R}H&t=JQ?NZlqw8PhF+n;V z#M_m@LSLmGaz8VOkbdp8qNet3wr5%7e;n&&AH=!NR(Dg>q!OOkd^|JKc985PJnf zz5h`U44{d&$x2TyVERy^(F#K+MfjLLkH{T8k;+m~SEp1m1IE4O zvuz+)4ASM{j{D%mkt_~m_P_%f^kFTaTGH`p7Yr7o9!TpsVA~?O!hYbLc?lDPohdlS z;mZCyUS`f(2qU5GRRMKJLrV)v;~X6v>ajBuDAd1xjRlcSvG{$rurI8Z3(U*)nfaxl zqO0@$?b*0qohktj>A&s`5YRFQb$i>~RWpa8VqzZ9EKJ$sr@}`N@OeHj-0Hr*zrUu> z67spz+euLCyR1!Z%S(`!RtJ1N@_{wEhn%s1%u)IU(m8ve&Y6B~5G<8j%vFHmUo!km zIjVkUxsn-hLI_UcKl=#zt-UlUh}LFOS@v0`=;& z^I#eRUm_AW4#b9)l=49WQr>E0N?dRsXj}0GP5h`;dd8 zD%TA^*siA|x>~Bvt}btIy1_0V@#s%xRIXA^$Z9ABHVC~E3nV4cUc*P+92e~#WBURm z{EX8z$NLo>^)AR~T2(RULVbT$p#;3Dc<+|BlDWER2xd|rDETzA2~Su#wY;4+^Ck8= z`#*JJ|DjCH4iU+--*_mvjSTD&r~C#jfq@I-E6kqWJG4We{9T5&MG?Z58=2pJA_3N%k&LfoBeF>L8a?Xwh6DB$S(7p`DG_?h4)8}O{qUYuR_ z3u(WO4uix_sgH%zWm%F1f5D6dQdCEA$vbL5>V*C%WUW=A&fQkubq9m|a&S#e4cM%5 zwrtal-AR7;$pm-EkaciqXgq^!LNFErz*ARWLw~i3lLYkCgSV|d?W-qaGiqz_Pp}}3 z+UMRxbUO_A63_cc`Wd+@{g5|18_D4cEK-m=_CaJ5ShEcs%WN8W(J=z!M6e5@1I#0& zOJ+byIIaY&D5n>L2D3#=1!?ItP^8CT2(p+fmlYkc-UgO&lER@zxNq@6)EE5ybxpSc z+uX^!(7?n+1B;o5&+{f?Z$3UQrtR6z)a>ycRa6!p&Ke)SKNKezE`T4#8Z0Y-L$Q44 zFJ(AWHu7lD6W5@-o-9r-2khKvFcSzyCFK2Q4$dIkRjTJ@iNoi+f}QJkiMO7_yKqP$3a~TILJB3nLx?PJw`h;;u(g*V}YTFcED>$M)xX zoA%-%DnH@La(&^3`+vs`nlE@xAkc9BTHn3mXp)$pqu5OE0idD%GjBaD8mgp(!HmGd z3WomjyHtA9(Wx>|lzNht0ATiYCZCVI<_G*BMoFW><~7iQA%gvqb~&il#{9wqb?e!c zY#&t%Z_-HFfd-4TcS9Efv#l%&l;dNYVB9p;Pf--o7|{BPS@dKS6gyE|YYU)BP(dMD zp#-yDL^>X%gXBP*Tfp5>u}N7cBThA$+q&uXi^AF23MCFAZIXwp+vwr=Yr~Jj&0}da zTp%+2jYjcz(;44`(Hl#$5mdZ{(A9>VD(wAyj-M9e{ngb`Z|@x4m+Odp_q)8%m>3^W z$_*A4K|oVF?u*R77Es3wjszv6KFtP@g|f}YQzsakT$K5;HEK+gS!A%5N!A(+f zzFV5_r2?L4D4RDAeeL!HrjKmc{3Me$7P>;;hot`BS}wB&Rk*gsmT zH=hm$+oeEyf3@8OY%TQom7eRUy%xedKqBqjVNrBlncs`vY_re4; zJ}ahh<+UfYW8A`pJKkR<>$CoZ(_IOmps%Q)$*gFNk_$kA~3sD=wVDXi@wp^zYKA zS{&TE2gd%EcP}u0IDQDQlCW$E9|A3g1_lKnXwEDLwo$mb-F_a^bfPrk=tXBi;1g3o zgGQ=Hhb9vdc9vU#gdEG}pZxjH!ig$ObT|LatNgMWAT69fWz%Ak#TC1SZ8`fam1YiGf~T zTTq)XLQIHlY~t=RQ`pj>B|hqI)&6Jfcb1lNoyD?l>^|sMRs8k?Rk1_h?b{xX<0mq` zUFb6Y=SziAmcX_Lyn9HnZQ=dDhyOjVq9fQ#fkNTl@cr+u$0?})#s0tD z{1Maxu-l9InBm(5txY~qa9dCJ|^&*CDqPxuM%&Eq; zdg6%oz?VJ?*{XTXWAm5K9ujsx3SmQ9OdTO{J<$-fG;LHGXLa36jH0}d_ohd=7d%Q3 z4+_C@t-bUC+(c$$TDc`R*X;rYtD!37HoJU>L^mHHhV4*4kPi0h9jP(6@1FB?1w8Yb zIcY*PDElv(u z(oa{@a?nw(az~62e8MZw#w&qyAw6DBjVigdm~a|N((Uu~PxuRn-9OFVF0DN7xtj33o&ux0EzIR|L#*aE z|CY-jGor5flw^K+=6cbXo*Z-F4~7tx0{+}c5*;3Ul0VC?P;Es11(y?Gud~u(QImo z**-IHcb#usEAFM$AKuaS({L@w!J@%7-Y8RNBA6*GnxL? z)^%m|`}w8A;gQl;Tg!>J0(Im{4QkYPyM!~DXn0avKp5}Yg@8LduQ7My;sLDQKJnhK zP0#yT1V#tfRW3W@e9YlMFnWKKVe`Cs2>hyx1o#Rx7#zo)XpzeX4pYdd@h-mB6{Gp* zIsHv<46orUE*ypeY)sYL_i)4)E@%(!fJr4MLkn1)B=ixJw?r zC)|J7I%HLJ5JhxZs**47qpqX*HRJ?LLi3;)dR?86zOT7y@HT1NH zU#d>7)|fZ^7LCXAMJ7LL-P^5AotOwiCNA*{S)Qqxp=Cw-nVW927PrHWp;>OXWbdEv z&O8;NQJ0e$_)Dc)BB9=2N>-ufRTolpM?W@K`zF`O15|B(M? z?W`Wq9rCjCt3G>8kgKw6Fq=W(iAsAP&)dXXY+LfYBf%k0U|}LapJjZqLBF4BqO=gr zCIxfZ=V7C}8)l#wDfDV$p?%l%+ig#Sh<(|zjhE%}{rj7_m!8~_FU>oq2Nxk-l{8@@ z)rjGl&g)x=P#I)?FskfqV%Ca1iOI%qI|U5xI;TO&Q7-7gA}Yxno?4TcOExDExL_^A z!OouG(O5COQi1zm^4ZI)!&-qd!V1BT;C!wAs%`wDB-f_>VlCr5(*_f=;~%{uo+jf< zlaZ?F6`ByvU^GXLPp!G4<8)1na0=A&+`g(4l8kIq$?8s2dbOaN%XSyilE6#!4%}Ml z<2m)Y)l!N`yW~n7L6rrg*K?H1s74^Vfg~S#@%r4$bhH-C!0mM2!A)GJvT+~Y40aON zllv;$#r*^jgm>ceXw6x^S+kDlMTbH|ab@YAGD{6!Z z9Zs0_56bASr4{SHw~O;)o86wmy3I2`_JcgF{l29uIbJoLQ|x}gQG8;oBIB&h@sVhV zsx;x>iakM2R>fQ0nq$6t?Dy2fK2u02Ah4$oArjz5VZ|tc6NXGx^DDN+fc29!Mk&M! zhDucr-0r!O`rJ!<(&U_{uJKtRlb%rMxH9DXW)UjagwJVE_zSsGw;Ir2-Tksh#Nl{o zaa{x*NtFIF(l?0DdFHwM>-ppp6rQ*GbB4)HO|xzW)1dyp$wJkS^lLR{_ZAK%CYCRI zAy&g;Kl7a?4?hjslJVMI6rd`0KV4>WH@xzvaYt9aKbGiz47p2aUwKe_VL-N$m!3;o zN{bM}-}c^&N}|^Fa#DDkA{UIy3$@a0cb46WmA2u3hl60Ir*!_)r^eOA_%D2Y|I;@wDq9C6xw?`qi;~$QwRIYqlWQwydeex0i z{`e;WdkIHS3w^2Ud?tXI+k z=}W(IkC(1&G8VVy*nu(HY05h_-aZ;uj54}sUj9Wyvh^!{4A3)@hlVO0i81<%)krIT zQOPQa=1>oNYCb6Zn;wsH@tE_PwgS63gQj^!LwvL&)dy(qV07-Gi-px%a~uqBJ|oM0 z--b?5VL19*zw2K%Td*?<8w4btn@`=$_g`gQ2${RFzOiWmEhK{uV%lejDRj)ttZ*qC zX1%Pc@I&^YiRe&bg)$h>2#WCWcXma^1LZG<+zuW%&KQY5sCp-G_CKbmK!{AT&-qMV z8~`p>yRC?~gyci=SgRi~sJr0}U@`@q+Eyo%wu>r1SDH>n;rf&uY!qZYMG~{+7G5;0 zArL|6EArR7dTO-%u|yAIK@$57wljMdA2=Gxi=7McuG_VBSnV8;au3Vw%FGqgGLHSF z;~!lxVqyQ0Vq|ETSzUqMO|~{Y{cq$F4sb31RaB%6&SIwLiaGH3#*>rPt5Y)^HGK<< zSe0l#|NdN63QJI8XFqunCz4$@R3FsHtN-r-KA)xXDjL^Ia^=?wWP*0EqQT)IufQiZ zZ>^F@#eb#xEJ3Y7#wect+l-4kKDgkr{v~s1NJdFv;Hp%8P32uexUNHp7&*mMF=tE!E0Zd7oK7hEatwbzU3we+eM+7~ z0nl(0Bnr3=G-M}~K_O$Zlo9(-<`|D%RTXx>U1TgWF~^9cye|E3GqDjC13oL=>d75a zS`oLj4|mdTIEuSw!UE26C6O*_R~tJ$9b=F{iz{z4p+o2UT064Ue>A;?CEM_q5KP=3 z*n7?!;|7v3Cj=NQdbak$*2bH=Lfv__6;l+Q`_y1LqZklhf0T-c6qxDnE6$)OPllTG{ZcI$t^~+jB`3+KVz9n;7X>PC-U*Hq4Yx zk!u$Xw64gNPuraQ*3Vb7osJ!#iOG!YtBNb6V7EKi+TRaxAEj48v1R@5nfOEy_^bi| zDy?8#y1U|ZvMLjTqlwPPIdGCyZ@7Jn!+(g(Jh5xV{Xv>nVsQ)+J`+z z!Z%ya;g-*4LB(9NmCJU z(uFwuS%Vv{#ETLa*ucH$*f{&5h*A(mI0rf*(z5#hjphFqWcATd)38dCGGmJo;28Nk zKtdU{PDqwfU(`4qnN75JS8e)hii~C}@w+Ddgq6i^;=gH@GhIt7jhWsenBVULOHOCi zw@A`mymQ*fJq~?!60$)=*8B6;BOIr9N@$jX5|FIUi;xe$~u0No*T_82JVZqjhZZ{uq-vlzwahrF5=wwIhH9*RJyJ zvg-H!?QKoIvGE&t`hC4v&E>h@3_0HKeo3#UTUAMa+^lx1X7m!NEPt?F^kE3i{qe@s z*&^&&-Y$@L6_LT|y)&Wd!|V3-=xEC1ug$V#B*E#a9M?ZH8l}1U^+Bq`t!*a5EDl!x zm-x}vyee(ck=JL(KP^u;yAI>vY)N7Z_?p`JzEL})A#bIO|9%s%`hz>OeSs=(=goVy zc=viV3Mqc1Z7^$m*JzVSq*rFLIpL$&Ex0Nw8R=IqE32)RH1M(q6Kk|OpK~@+eRc0t zUR{OHZ8o?4UGl*E>h1M*YCgHEtT>O?<(wkaUU83S0B0-35tK|&ApMmB66~E?66U~X4G^?e@X3J4ER}Do-x(lP0(w&oJ zK)>GckI;7aM;7Xg55B>?mGw%_rq|6MTE%h08eMReB;-AwrvAt~oth^lG&eKYCD`8H z7$|b6qdBUwVi}o~`TtyzG9@{P-kZLEd!_YjX(pXdh-yWbkYEja~I2$hwYh3e|Z_aA^!oSz_$PW0Rt}ggZnjK(_ zn^PwAc`u0QQ7=DEFX8Vx$ku1c?0Srd5#nDS@@SQ^Fke3NvhRKP_uFAnb3TWe!OMvg zFtmE5ok6?0%9O?q@_4_VAx$6h-bi<<#2|5HXp`nY~j69rXVCJ=x=u09UQkYA4<4&xt^Z~Jfn^ZO)8C8GCvLwi6+ z7Gm_-+t0zLTd#neRL+&R`3XMt1?rA&EU09hib!VTp@8ifGTE5dJ0E;m+!o32_FMCW zJg8j{d!Y{-ZEV9j-tWs$udq?b`RH}n13$COVVE^5`im#hGS}XX$5A?ndP?Eh_P^XI z{^j@HF;&={)Ad=Ye?J(l?vfid?Xm4+Tu11K19W_=f;0dC>D&%kuLm(DeAU*!2R@Rb z2&>q_(%g?(5kf2l6=EZ(s!;@bM9_(o-x(5sgPgD*=&avE3cs9KYx=1?r|!$L&vs`m z^zH3Lb2L7nbKJz*=em6MH6C_I`WK_NfvxoX@4lLQ{#x4~_5)Vs=8^I8KK9>Udi1HI ziGI`5Xy4CVX~VLuxmv+96fq+WpUNo_*aA8=Gcc%d{h`*ZxDY+?0JMlR`<#~T`Sng; z%2V4+8f;U=gOQWt&kniI$2<(d@8Xd`jo{zKUhr zUH5sJb0#JpV71Qf@;>`qB^enyyO+YT&SC%q!0|`SFe>slGXGvaoS#^y=hgO}s7VdT zn8RvRvSIKjkEws@X=Cbs-+YF+d@rUYa1waod&hK*9xkfK5hTVuxNd$EeJ8i>po1YD zxO~ZD?N4WeftXZPU%Ga8^r`zS9E9eZfVuPNLu7MJ#>kkGM+%lG1`p4QV!T_gArRRE zKyhoB9oFPi5hD6>Lv-+)3cuX%N79SzWOEocUdCBt;6T&gDCpJJ|5mdQ;j(Hvcaq4N zT;K~qw!K4g+nk;6+i7#ka6x3{kgjb+=FN!wHq-MbOIaz+Dx$ugpg(QNoiFW9Lg6ew z-kGiv<5;~!faU!!*vN%~97~%8Bi~{pYA^iFjKzRyxH(5~K9jdp2p}1d-8uVHy9sO@ zo*mMc(D+`3Uo%cYNe;k5`Ra~M=6w^~H5u{Ex0F7{^?ksDC#bw46l6YhZti3x<>s}s zG_T0;>7%Re+_A2FbGrZbD}s$F6+gX=J0IyZD%bJ5l6JLEm9>2^7Z?)%sGkP^YP=w~l!*8<#V&KkZ7=s=!!gUU9{EA}=!v0G+MM z{d^a52MZ9RqGHQK3LgetboZr3Gopqs>^h=)H>x(n9rkqVp>Q=06(Z-^?`sa>!wyFp6PoqXsKr0e# z(z3w>qf980quqU)?YaT2SJ7aSlY;f<0O|Fmp#@|!Qsry`gcGEw{o_Vg`=7XgE&cux z5iZUK1mK-bWFHRrvf+F-n5LF+<$)5uI%x0vQCgQDlqhu}TQ*Ruz;I2ly@|;&sqf(g zg`Seh$-Kg3*b}Ilom0Sb!<1D?L5oT>7sF$nMc4yhdezwTxir zdqib?>4jmC-BH5Yaht|^zCjxsel;&8lM5#lG@+j-f0m(Tiy-ST@-o%;;Q;BQ%aMFa z+^~S(F}}R78mXCm^z<>CshDASXsOI305?pUnxSFai3>DIp6#C~E=L>winbvySQK># zDadWRHeE~4ceIH)m8c9|-yF6qw};=9BG*&>t#9c1jAe|2u0etB*jsRd53tpgv<1or~Y_{{K z@aduDAw+%k8xmo_6w9v)$E4T1w$BRH%VKs-Y#73K076P!OG~Mt`@3w!5H&?#kRe-) ziQ`DE)o@G>LR3WJa#H?XRJ3znMcObMUpHGN*w}y|8yf#@Qcc5Y-o_>XJYQH}w{euc;O$lq6ej<;ph|*ZISVebV*g#&eoT z#>s`WXlTLP4OoCMSs4+)j0E3t`_>4b_Wx%A?o^yCtPbA{cmQ8N-xrtsROvdj*LxYvSH)vj3Y%Z6GGx@W@@IY}eywbs(NDFBTCM?C$uXn(>b zT%+OC9R`ZDK^M}@^v^gg8W&qSV(a66L43XkzlfrVQ7NQ>XCVOK2E+4HQ+-_GhNR78 zH)AqeH0RXdQ4%E+>46jN(4oMnlO5&X&;8htSJiQ0dq)cZXi`C{eLb693Sa7n(B_2V zEZR~vZB?*l=94o8zhfp4T$}7kz(6hgY)ryqQlZGob9*_?iJe;(wm9M{Ewsrtkihz@&@CzYsX(CpS*fZVuCx$gPW+nbr+ARMGO_5L!0>cL6} zD<`A+JL@cy`Dpds`e{Tv?&Efji>-%slvD4v0WDBoyw`rNdMp1)h*rREr10B0!+Oh# zHdxpay6>6m;5FVnscoW5-B%CRXCd&NeR){L`BXL$=}~gyRKRv;CGcbEX|m7n&R9cb zT)I1yBB%u(p1wc4nHs}2S)ZQ&%OC}U(D}pWd}qSUa~4l6NBdBVt2LIb(^K?Pg@1mc zZA#^`OQZS^=ryYctLX5p1l_mijFa#811-#%UEBNTDd)8284so{T8B>asiZltbtB5+ z6wqx%t6fzqrLI<%yfC>o-1mQD@SkEpqL@I?=p~lPNBgjhVhc(u+7etmL8VKOiV%us zY~gy)ruBY>&q}!4RNHGXSa3pLliBB4Eln@AoRwQxv$bT;lBw5k=wYn6W-_{vBpNn!@4(qGr&QYLMLre({6bGH2cYHJ*@vb zM9*UPdMJdSkk=y%>-fPj8Bd$RHcx@4jAP)+qQ}-nV55*XCG}XZb-ebmiW3ba)mq&2 zX{xKk-r-0fOH9~$Y)^ek1N}wj0}EyA``N_YnG_r`+F8BJ>Xq@dz~_JREj?WSvW1-T z#v>-Jmwfy$3B1i7tTff95J4=W#&i2J-t2y~5p>?(J~P$HaNN8|`IrcGPtlTEB>Tv) z)_3go?ac}y2-X_F3_%LZPt_)AvX%%wnEudp0S4-jmW?Kzy&BDrQ@XB_RkseNpvcQ3 z9K7G0&Nu$Vh(9>7K$1mJ?Q6~a4lxeb{orT7^zG`3VA!4>D5M#L@+D6BxK62Av7FO#^iKJ6&<(CP+XhUAE-So_l8u@(q(ExvCp-lR;q>Z; z{I#pyOJ~gJbAi=Os$rs-IDunwC|`2QHYNmlC4>~2OEgs(lU*&-1*L^e`azz!9eILST;|M4%N<*Sa`T1`myYdLKZSCluNRQKYWc6f{{0*b z%Tk_ef8s-x5$163QW?F1Bndo<%uIuNp|W#X`wC5s;;}8?pnpAn8sg}?p{AmF)BF*wgK+2T4~RCn};R=RuW!wHtShXB^{1zeh-uTN0{+U@fklRd8URdvVAFNrT< zK};xNSM~B$KiZ#N>v4gv+1EG>T8&5Zx8**$a2sd>250%wV(n#<=q0q^TE0Sj(l6oY zN~ku9{sVw-{AU6FRdm?T?+YI$1m9NE8P1K*cF=D(Rvx9_WYAthP$QSyj>`KPtGbAe zYJ_c&0P@1Kl;HKfP-4zY<;b-TgY`2EOwj{ZotcGaq8veMG$1ndE;M`4<@Ajqg9I*Z zhK;Es6>S3nh}3atDjeYJ!Y1+jcO!{R-(_+iOrJ@zGd{uSM%z`*21K@aPz4lvpq`Eh z+4%VV^HhT5PH7h!lWCzuT7oR#BiVhDkj<1Zib#<7@Ui2gBc>{kmqJ3HLlU!o|r zLIENp0-XZZ*FD=CeCHk_#cNIXrfI!oB#DbvnQsR(m@tDt&kk%(T~9bvh7V7m0S0xo zIFlgW7AY+7T~hWkjjgty4|tMudoV-1TYZzaup=nQ>iF1sV_4Hp001RKshz&ho9$W0 zDwxnH7_*s=vP$Hg5PC=b6Kb{C&zx11wvo;g z+hsJDF0;3D83sr^CtIjB`8Z#$Rt4jMC9^kwlTO1_4w_#+rbAaTYYw*;j<*NLCm<+> zRcU{3-`NRHzYK_76P+(tydF}g#^B%@o4JLq#`^SY-vDNVH8Sr(uI0JcNGK)upw5dO zOdS~nz|rb7#>(=~`V`jic{*FF8ha;ai-&Bg+^wzXGJq5jmzPS2S^vE*8im5I4jcwoB@us{ zu?@J1KE*ZNy}iTTJ>spSvKICisw-`SgL|Fj{~z&FrG0_q7l!TI10z|whQD|7=WOpU zwo2r{4%X21?*TDgoU-b0(>Vtmc6#wGEEEDrV(NIdO9uKrbk-}h4bjK)P-8;XwQ(7# z%svPRI7rq@v<;a@x-cq2)u}Ze0*DRVV89MiPwoDJ4$^Pn*+X_Dqe7#JO%t*HSkUm< z@+Y(^CEk{36W-&9b26D71{%2@x()_BUFJ*;q~GSG!vn`NydTcw{Y=L*?|aN$L$BV3 zn@*9^=EH4h{9M*b=Sc`T6NBd5{4dRe*v51us&dg?`r3M9-14NvNzUiS?-Hk;JlM7| zhFS$WCPqB1ebO>6s9zD1pOR6CnQTrFpxUW+)H{3Wl}k@zB&$z*C|QF}+^?;V|09WH zik@;XW8T1}*wFS-DqkIkgN)8Qwq#tM#Z>Bh4L5%%j5}jv^{7>1ty0dHBLTMW6Kh_u zzwMGkwtb3im|WUjJUZ`noQ^uVWY3T>G{F9MPxw?_45&QlNM!C*-vCf{gfH9VeolQ@ zc-*#;x8)rP);EF!lU+e75Sco|a`Y!gk)lM(#?;NG(!FRX}9ieu+Y3tiWOSPQ$!*QEf-^i`u3U#o zv^H#5m>vexIy#o=XxszN=J-j#6?kPV*jXr81gv)yjQ6bLj21U-nUM-+*Y2$7hy!lG zg`d8_n{oV0x1F8koCwUVVdIVXf(Or(xe`XCW65gvcRaezbd3Od2?{s>L3cV zKnEFF3y>*`2%~Xv%6wQo8ji=N_$?gQ(=o#;x{-uNruQ^eF~ecv{YvyWP^4SuQBh?@ z!oqV|(0zTEu#K7MeTfP6*XuiNSZxd9rq|<_BHaz#vonH}1cUzb+dx4h!P-Nd$h#&K zH)Z%Zk#p_aE*I*<`QhD*;c4iJ(dY6k-sl~vpT;u3zYe@K_tw-;IN(%VpAoN~nUg?H z)=-Qc)TOIC?5$%-mzwN1!u7yR`{koZ>CQP?lp+@Tj%tjG>c* zV)1Ehwnh6SpGt){E4S65| z%5aDc?DGN{oai?!g58+<`<3K#npaUcOZO*h!tL62>jlc|E$!dY((wbYWW<^-$8st8 zrT=^V293`VX`pSQ(Crz;h)be(tN6{i#n>OtGwU&I=X{;uhLh<>&+&Ho1n0I^IsW(8 zUs$y*Ih|3C6*c39w5v~K4X;ocELCuVf_vg`ev zbge%k-u~X?;4O&1LsEkH<+)?@@G|_|rw-wKlX6!~4i_p`Tm-Ff*|XG@KO43FS4$R( zcis@C2pYv>XLt4Qj*xfe^0|tz@V?G9S}+y)v%M)K2gMlD-#$sCeB& zHyjRN?>fKbT7E8mDM-k6H+}xwIw4e7-BKIH5hC=sWAO2IC!@M^jctoEwt@s2T7*sO zY1+xc9s?(x`0`|`ISRg9r8sbczLK#+kC+@>SAed8NUgVZhC@keNgY&lYg0C6#m?ivIBm% z;y*1Rj|VO3yKpPbxnd~a4O~IDqaWG{UY31-4kM>nq%~d68t~Kx7w`AE)`(n2q~fpx z;YduAjQ^xFxcxy#WG`!pCR!nGb<|Wze2-LW-ML!y1_6*&*4d6E?JI?(l%!^t8#&&U zObL8~k69Th1tvkV`%F=aZq|YEg#qM0>!&ekc6hz6@^z(@Bt|NKxitOwv5=+7S(Ul| z@LJH=wDU4pp4AzE@fD(1|G4QyCaOu^XNTyN$L>k4pwr89q>>|b3uC(Zbj4WZ+l$(A z&b#vfgD<@-90bs7j$F=Ztr&xnx!yGvL+E*IyH^a035m>w2-|+Lo5UeTZovBIVOi86 zdG8TV`MR5qTT*uPGhe$0A)`*^Oo+tL-mbA7v(w!Pc8X*y_6LZ38b*357IIny_-$$h zoiK%w=o}V&d5-y0vHyp)cYdzq`vSE)wv&lDF+cIdwyjArv6G37i6^#g+s?$cZQH)* zd#i4}|G-<-Kb-2*)!nDMcb&c0de(a8lO9?z{j4gwYibHSe{06Ub&hb-fNJzu0?DrO zE8WVvZ>H>so?w;V>n3N97l!9olVkVSU+_AT)tGJ-CY?O9W$zRpP4`bjEAhqgMi^XKvwCv{9jHiP-e zs@#}zUXcKvbv2*!r-P10bRR>SHv`xO-%W|F7oRz)P4Q7^V(F|k}7cLnOu#-XIWBCp8x*YsZE1Eq@7PX`z6 z4y%r%-9#2Gbz?Cw$OvhSE)%4jYeiO_fPH_#lkITmToo?i<#}uz71~-Lviz-2o_cE zhx67mlLFG838+04q15mFwS6$@9+XDA7|F#Z^2iUW>R6mB?L;2tbHD74Y9z3T@#Xzl zm}m9fPVPhd+O2Fnd^LEiG8@U-GV^V0Htzm6ZgqJ+!?)g@-Db})(%=9iU8JwOv1HnG zPj3ieaIeU!oh*@q!lkO@&oj>MMB^Pg>1vc8ngRl>BIt43L<9shW!5C!9~h_ zHX$MDAyS_A^_mfar<`YtebIZnXUBjuH6}rx zN4jqS$r6V1d0W`@mS#*jVFtn1rMoG`UwPVazy%$m3Ah~06OQT}>KY2B=M{b5FT6K9 zqfG`Nx8^9`?RVYp6sohBEGc43Aj##6^=%Sgy5A?tZ6Gju4QBYcZF4$nD?sj~ic6iX zSE@likeWiUWW3810G9-A2HoYzTW6CZh?TF|Xk4{?5DCe>IB@|zz$s0;GsLD%f zOqWa+@mn$$l6(u%YP}ZgTiV34;Mf|Bd`k>B7X{a_<*B7jhtG}i)b?{*p}_@%iF|WK~TiC*)_5R|jLK?BO-Qm1YW9yjsNaTAS zB5hNBY1{tmLtWXR+2;YmyXaP<6_j@Vg7GvuP*r*pJ5%m_5isTRcBVeD4w2DW8p{f$ zJ%7j4J`(hTO?$TH%wZP=c{f+x`*;c=F-4QX#YHi)RbXLL*6wzC-IMa2YIAzk5G7jS zk@FODWo>2E>s%54W?1DjVQte|VN4hLx1+B=^lO`2Bp5&mt&L2;EuRj->Uf8_q^WDO z@rQGb$m8_nzbz=`K~J-rIVOJ-$w|)l)T=Mo&>Qhs@M%ql%Oj?bUbu?r6+w&wbu%d$ zdEIZ_4pWP2c+g>!=e{Rjdfg5$|AHenKou3`-%SioZx8-8P;o#A%Ize6O05(u{m~Xf z2Lv4uE9(LU?mo;!WE044%r;*??4EQ>=qt0beViMbO1%872X)puI`4ObW`q553iH?%^q6@^K!2$Aqs{UXs)dm$zI6-Jgu}bY&PTjdAU-IrEdon8VN~PHQ ziUZj=wjq`~yl�TZ9ljuLHZ#ximTYp)#-nPW?9#wX@%w!F<{7hITOn+gUi=4PQ)4 z>6D^U;BmV+v#1&GAH?tJsSqP)+|R3DT`nC3WqJIZ9tRmkIy&b?ez5gvZCc9S2m23g zRXs6+$-)yltIE9tce+OAOW&ghptS&Cch4x_e+(~#27olyH2ybwFfzx^l5z4Pt!b?6l=h5}48xKL6~b<^?dg#ruA-}9EK`(x$Ld(tYNr=j3$ zhE&7y+DG3m+kE9f#nXdMt&i1Dhq7QW0QP?2{o=XtadV^r_O7yeWK+g$DhhrTCfn`5 zaYMlG`8lxU+V7Q!i3G?o+EsR#%L4$#%hCYf@=8m|@L^?p+ORZ2!!!e}G)SCF%QIr^ zCjLiNVLu{3d2SXj{rvNf&y#Vj54~CjpI28M9VLfDL3fA=4uDF?=j-+`wPAD{CDDC- zeK}#uz`DBinJmz`I)ot^Bb8<#Nk(nchw}Nr4Bm5r^SZ&5Eudp-XMKu15uUcuw7$Mb zh~DXR7&SX2;C6AC`PV{<9t;>!C-gp+_TH-DS=D!}kJ@$4;&Gk?(V(xx5F7z`z%B;* zcVT$$;va$lWO_neB8~|J(7<-L-Nk8Hj%Tc1}fu2+Bx zo}?gz>mUJ0@Hlduq$(N)oaOeFA_rYsYEo6&v_Ku~ayXDsr;cnahgwi2A&(?r>RnFK z+~N#LPMgQk)#@5SyPZpx%7w6fle4(#2fO0ZI#GPruJ|R$1bb4{F!Hn; zjjQBzU;>%ZP!u-5A?L_S*MT>4H<;_!3)vEDV5auuW(*NvK22QtJPisY(DIU_j<8H9 zcgh_&Gw{`N>2%!&NfasAMkM7heU3#&uCC0%|JNBiicTV`%m!LeS+L*JtYv212~Lt-{jQIXlWv$`Q2>CfqlXa2905TZ!R#sbj(A5@9x#*#kuwIY z2<)ahZ7VK!`bj2m;D^=$0ff%F`R{ETR>h9h7R(l7MgT7cA&c;FCN)MxZ;6INTL+6r z^Q5JCJ}J3^jaU#R-{z7v36727u7AEde~>k)4|yEn9!9|49wPc+raYPw8mW)-(rtT) z?ii8R`N+mukri|xrO%t^l-w5|H=i^jsRj2aqzFmSj;cqesr*~KNamiNi`?=$81!ao zFKcoY)&4~&`J24j!+3V>=HaOj%0o|;^IR)70K|;6T7iMEYTLsiSu3x5yvef%YV%8O z4vg{{YA+pUEfWuigq57)g`)nzXp+89*jXke(*2Q1Y@cg}=$ zwt$pVft%p}IQ509yx&kF#>QU*odB^o$VE;zhL}!OMJ=U;u6}OKm3fSA>-@nv-4#zG zL_#6^!1AlYqpm(>61dCWKRYcAi6~d&>8w;$xt9jm`{K|O^!EsncMvtnD@S$(@fgUQ zC|ox)2p{x8>M1>07hTuiw14P=M8tKP;5f<8xnGO$nx_ucAYD1RaM&uQEYBP zSMMhpjJ4dzf3YO8Ncyen`(kWzN^#`D1IFag_T>5K5*Je++gfRY;8z3$I3s#Z7Eh}Q zTo+L;%?cx@$J43#T_n`pT(CK9-G-lD5m9o|q2W=wzY$Y~V*|(7+4(u3ArYUN^cl*U z1CPqs@eYs&zc#1(N3tM>rf9jXw1s8u-h%8o8~OO+A$~_c{$wbNkqXX}REpVCNe(R2 zN>k(UEc-lLF{2Ue@U%4lZM`tKaprI+UeH}B_G>&A%yF(x$G9t}CXnMfWU7jljaR6) zEwrSSa1$W;oGw*QVdDBhv`dCPvGh{#y89KFDxk1u)x0~wKvS){>(1?RGFJ6?skA1QoM@u zgX%9bb-LF`I^a~thJu6)3>GUYD8iW^f74RWR>eIdeqFEGtCm1v!_20@8ri|*;D1kK zSefyCdq_vO_?ZOiiYr2hG|=dhW=b7~Nv_%E#V|HY+t`-Bd+*z%M-c;ZO5x+)@m|jh zkV8&%#w@MQSKJ{qPPV!s-Y(pk85=#Poi9)3Awvp|^XNUI$l_Es2@~3IUC=NZ_a^?(mYkkDF1o#<>P&*EhqaJta~;mhzBkl zi}?^|Qf@UiR;AB7TWx=rqg(5vHrBe7sKZ%J>Q817MJUt8FCK1`p0B^6V0>N3z-tX5W%R7GX=jKH?nM}BGh zV>}`5lJO)|av`5`kTRJxn$=WxqL>E0$5}aIB2^uT`bWea z|8izBS`WvMZaVZ4HZ)g0+eohxYGMf96r`c`sTJf!UQE&sR{-Np|in3 z#^7aUrKjNG;^E*O1(*^Cr0cAHh+x?IMu#~)%+I_M4J~%A-JhR>@=QRRTnNR`j2!y_ zL*oD}O&EAm$vx7TG7XLxLVtqaNn_}*I8TN_uXEZB6b&mxO2>cfu;q zY(k02QP~~p&6Y=Vwfv$g7dTSN{zDfx@bCb592qrmT-o_KTKy$k_JAmI$NRx9^KbS) zXfQ=`v3Nl6)G2rb?r2+ZD@CTs+>Ge7AZhV(``DzJ@AdB`!Vt2vd=Er)h2jJkhk~me z1A(#dfRdWn%fbN2u?0rPW-(GWj-jvCNayEkX``|U z&8&dYLkKF8OMwAWC-<)-G_Lw~(ITq%;}PZ~my1=o!|N3*bD}m2LF^loHYis`a3Dw> z73@ylVdnnRW2co;OPr>|s|Xh4QY9&A8OLgc>#f@1ZuwZYOk%b1-p<{hoUDp!dW@>_ z4`+CgyJ&Z{)!MHw9Z={_q59nU;>*oBLFm9e!6m$4NG=Z^5~qYf>T*n~wkp|6{Cb-x ztUEleSkV6()QF%5>p&EA}_-w9NR;+mI{Y0jkkSqTFVd}hVA?4iqj4)EKYj;wGlsG;M zytcSrV3pJI(u{oPA?m3da4ihyj zwPBKNeDBM%w-5j!)9_df+S9T}>rr@ltqo7U<#h^|QO4)sR^AQNEBew*97q{Udz=|uZn9{8cx>6ujw zl!pG4qT>2`v?Nfi5hgb(^%p@6GiZlRT^|DoWemg&G`+$UiHD=+8uoNrjL`lj(SvWv|iZA zj(=;IpKR^(_-2n-Y}?`UIT0U(DF!Y~cGXmP`TE(-3kd+Df3`ZGPkW7Cv{F&3Mmkn_ z1vZziVmQTu7Hn=bxlHt#iRM|!#6_4KqT46jGSg5T(IG1#f8mSpEq zS7@6t;{!b>kb#&vW|s_@v942Yw}@ysc%ZG;xNvqUF>H4=`r*@Nw)B3Rh-Y`8>%r~L{8fK?QY{n=#e9g{7jgqgT_Y%~wv zlORh{0Ps2bGW_k3Xk7t>LINd%0woxd2a;B2F^&){d6YGZ>7DrYv$XEV3?(}p48OYe zlHK9JdPMc_hKC_bcX1ZRE8+pa#WE{__nqkKB^R^GmDlm5FB-`)YFOKdQ4yA23-!wJ z{8)OLm{#M$VAG%#?BJNZYdtv90?9lQX-qMh4l7frBgLm0gk3W1mYENiAMw7{qQ6B> z5(l$p(u1;UKi_3E#548c$mj9$Ck}~Gam?@PJL;XSDm>IQ6ps2Uhlt=JCv<5m({xJ8 z54*^&^^D974P`Yw4;r^VUZx8wq@||hW#kNK{$i60VcOlt(6C&op@K_+BErJ41>5$M z)@BXuHqwjzplmB^Ce*QYu2OGO*uVFvoznE6cnHE5jjHH&@;H(Pk9yG6ad3_WGCje7 z%6fAxPl@)ULmZKnh56ZXcFWX(%ZAS%O8v9p5}$7`*g9_;>BOJo0=_$NNF;$I+~0Y) z=NEr}yqDW$?`Ro$n7UX>qeJ;?U_zY?f^h4RjtEq6rEL=^CCFY+Q=5WL8<$vi2}ry{ zg+*58-_MoJr?0wekNmA{><&IqThk?q;Z4V*1AnBZCjRY2711q87ehkAMu>+`m?9t| zW=wVhex^vK>@&-&K6L-y&8^=2HVdf0C_}iz=q&A!Dd1tF?-p1#*Z5D*RRRn0F<3yJ z+&r@HeZnFT4B}$n*eUgW1+w=kWc(|OZo`K@UCR9a(`2cyQ;9PYy77QgiaR*rYt0LV z7l!?_eLw-p21c~WSN}4ZWU6h4z`-pz!(&%7cX3H)G=C-$He0u_pmB#BjK&>P zRI43SUUBKGwp618CGclt$&P#Ue=C6BwDGZtXWF*97CTgLJZ%z@{2l<#r7dlxh0hTN zEgSb_PpsY!au&nW$Pynfbi(K%c1{tPc_aggpV7%>Q&vHT$*0FcBgR{_9^>3IB*;We zH54++!UXGIKs~osM-B&zD%|6_4v&f%x6xr{x>q^D@cN=b1joqdx{zifLnbT&(gjvP zBaxNXl;G6+EK)zmEMsDvOiqEw(dMYzO7_A5H90axNm6>B&pD+>ceCdXahq91FB`|9 ziB}bf4etOIaeY4EzF|?Fqw5ZBpkH(dq(IWYr)F}wO5P>l_B@r8N-r-sRu=V(?yM^7 zbfvfIYx^%98Nd|VaVMf41M%tEgjy3u$d?avOx&|~*ZYAi0UWjY>SNhvKcT4U_UO&C4GKk(=inUT>7 z-?wLwJ}EOZwXFEyH7zW7@&;>d(ei2!{}5B_kgsF=;Ey8T%}TL{?@hX+-B)RA(GOA< z8* zli}pORoczA=3lu1zMgyx-&yIWSys1n)s%L2tZSuW>*x^>c*CRRrzXw0yll7DViJ>v zX}xUJw9Z0n>`iDriBT@gnSMNhau^iOrcwDYtCqfxeYYc0W|v7D(YAUYsokEtLCHR@ z`%GUN8tSMRyIV^$v-7JK4MC#f(4+tSB0@`>W{G{O)5#?NxH>)Eqe5H#93SV0E^IAa z5TLi%#PI)BFywRo{5O||hMabjbyaD4i+)5@)=+ypLIMe`!DXY!`R$2#JId?PI{)+p9jamJiJ6_`dLL*^vC%*2UQ9?2J(O^;2}b zaxiw;_zFH!m-!2`XiLxY{(eOY1&s)se{)WAno?SjqR?2=ly^H)Iep1a+jV=plvDr9 zN?SW^LSk)cMq6FWBy2bgc}WKJ%+_LXBboX5Zsr&Kn<+G;g&VeU7?>Ec$RhAnjKFfr zH+&u~Z6rJ`tyK%cF!8MD-rQUyj^BRBeC=z;C3zLL96oG)bmaXf6}b*-|EkwtXiA;} zzMJJ^`DFL`dwU^Sk9t%A;dZ8pW1;B@8AhV`2zgh!gCrSniF~C@Vo2OR^vVvQcB4PQ{R19Xeh_IxE0lv$*mw}(Z2&Zm94os zZT0mGeB3M%aX%Xu4)%U&6E`foGBdfnik${@y+(fh@OpMLveMXiCdq$XdAyzsd9u## z%9|=--K`!prb->#viD=vfujaE|XI(n%(NJwl<^d0-R8A$NSI@1Sf;t+*`Ac*T% zs9^D0yd-Fn<(_Ftr32C!dRRSwl7K!#&Z7#SUuWaFPn)25^L0XF^I4Ok#RP|d=+s-v z-0OwU@l0LZ?qSp5W|MdUiKF0oQsS76saj_5cnbCpx#nOB{+5sykII7mRjfEj|Cx%d zCMw5Xn2=4*AD#Rx9D|nZ;DUnIm-SnExjRZ} zG`KW%Br=dfA!1afRm&Yl4-q_*1*MOlrOR05w#nm`_g$arL1|C5gH-#u62we2jMg?) zC+3tf{_pv->J^%&`5FK-qPs<70)>2=BidGoK8?VJUo8`$lKYoz8J z+#FG}r&58C%`!j?g;Ww6AX-%Yap?*XMZmo|y{M(jCpu&OSXSxzbp98)_PQ_MU}uIA z%vdT8jf{qomeFV>_~NYYpIsAuyF}YiU!|9vUN{H{ z!x!JJbh?UJ$Djb@#`O7`y6$S;?)IcYfKV+cyFMYQ`OEyP7(bs?Vz7UM03or>YsmKn zikRPFb#p<7Z(V}5>;RwG&3x(-)%U`!n464NT)coB9vwVwp`U_DtKG&`e!Wu1n0L=x z#MVLO9$bT{n38gVTfaVA+dh(w9R*yu10Eke)j0LTOIOG3b}t$qK3oRRaun~6V5sc4 zRx>YCIu?xA$NR$ROQxmq>1-o;F-^5?7t1ne5^RLL+U~V*&zjAWRJGS|Sk{&_o96?F z&Zb4`xRM8UM`t}KRNW(ac8k|hF@8gOa-kJm7T$ZZU2k$$V*%(l?pv}Mc8~u$5_)$o zc%zSLM|75>T|KU8?E?;f zIg6*OiKF*)e7Do|n%vWNRFcxNac33+fXr6Qv)gsHE4TFQZh@i6c255s$0ch6b|^I@ zhU7LKEHMt~erv7PS$$AmyRK2kxoEbn=rQjPBOvM+Y{R1wxc2Rb*Op4ZC-Tpi!@se2 zE>GD+Hwv{I6G|3!B-eS8^#ns+5wxAx;H8=B67j$^1PScG28Pf{9l3QvANeV*K}T|DiJ||5*#{AB>wxWQfu7 zxD4MO0~poB(A|X!aHBf=!b2tP+xcK&6V>ZeGzbZiVT2{CmwdO6^u3;F=&oKbyHi2nR7jr?$Tj)|7INqN{0-FZ&J$DAd>)}w-2X|| zPMY@8dmV}Pb`q}H`l0pXW6X6kp(h-DSJmJapwbub&M2W~eTZKHF{CxolJ-IDD}?1-Te0qWod<}2Ss60PzF zk)XH&T%->lTY4%I`AC>z_SE+S}%lV11=H zm)-?SbJXfajUCx@m23I9m)3gS}C2-y{4F5c|(sY3Ki!PYjl?1MM4m4Lv+j z#<548v+uVSal`HFS!>=N5_1o3Zdc$;eO2r8D{QN%>v%S!;H;VgH|VY zXq`mWHPbMlNT(YgBgz+PQMg<55Z$;wsQM~l%h{DJS3xGhZfvYQD5&WsJ-f~Q3dW9b zga~xVsH?Wm5>4IE9@?graCRCsU7l;NH`A59O!G#FuPg2*wZ`R3owu3rmC{8P zv^%pNccAF!=!;5_341{PUWPRGx8(bttjUlt58{A1?> zx?fY;zqw@iHjg(x@Y~u~v%`w@HUk={U)9`SizDd4MWRyBfIo>`)AR<)c`fcyS6;!8 zo{q9QANK)x+~W<(_~;1I11AQ+_m~z}mv-WyucK%xFQ1a_-co%q`d|qusf3DJpl%l- zBOMN}w{21$(8&N5#A=nc8>eiyNN{e`;Wg1^Fh*IQbzxb`$WV^!*y3l%(3CTtv94Hd zUsJqu`>=?l!;$tt0Ngh&{_N0;Pif`-ZvW?L(nt9^DmQ*8N{xM)iqN)kk{~i-U7^Qa%+yxojMFTawVd89;y<;QI*BOTE8C8Q1M{`M5;{&v{*) zF?x9*5ZR2VW2bkyx+J80$VmLwxS)}swy5x9gM308LZsf&5#0M8C~2(9>nOARcS4H0 z$n+l@4<~0&#hGn61Fao7fEftuKcDJ_p)xD-A$RAiq@g2c?~VbG1j5G6VJjQsu-GFWNl;)rjW(^JysYcP3(W{?0A)X^Pj3|p))u|g-a zd7_34KY2a*z#cn~5br*_>5jfz0`Jju-TMrX(BXOWo1rK$6L{a2Cv?0!m#1lWICL-& z+uE*yOknuWc;!@%u6`G6`?b{@TZUT`k6a7H*pUYqDig1FNli@hvx+(xsacrV#P?08 zRM3);lksq_m1%UVY##siq*2F0MNf@Sx0xwFM>0ulybuIMAB2>|iLD&82Pc|Er{-rB zwbj;`z5mP9udgktDc$I_8R8C(!Kam>Jxe3B%`#Q{V-U;5wbI3{W+Z2z5@L4N)JP8n zOe?xHR@C~wq&=Vs@jsc5Fh!LLz4i7{UD#|O>(vE`R%|seuu_D9AKO*Ay&acEb&+bD zNRH?|URO<=PdsJO8uq?mER9*chKQq$KtqRAuC(y+Fe3_byY4^4y@I7dYAFGJWa`OS3mnUt9mBuNwnI}g&Jp8-({-zmqasE|;Ml zwsui(Q<_M^*2hcv)oiWJ(W$KdlShAxz0tNW7#K6`*1Tgx*EJf7CMdPBB+PawjXW%A zNyuz((qTgc8q{=oyiUEQwp*mlMzz~apBB|PA%aAwg64*#%g_hU?LM z@;2`u{(+^9rmUB|cvw>YSQuloYb1#xDtK5CLsQIs1Y5qx=UU$W>_0j}zI<33STH%( zuBL5V_JgzJsdlWb2dg^F88vmy<>l1_G;;OI$WXaqd4)xX`NnrgUd_eINl>uv1 z(`d9P^2|HJ^~781PI2pP^J%klaOIopTS^O+)KT@@uhz8p#Vh^y2jVS<(7=V=y;K5P zrmoH9v!8Wr=^`rKFE0wn`t)k}mD+JkOkL_0#N(4=b9LkZ?T_2!?C$sC*Czh_Xt`>` z_6ui?TPD|tQ1?`t&W9IYuHQ2Z!#TsY&F$UA^-Xydty`VOQr|d@Jc&+AJl?LgW`B*1 zj5Of1WGx2YrX?-UV_pgNbp@D7<}*<7%o%RCT|6YRGuT_u{4-uU@ITGDrWOcilF9GA ztg5SX$eI^}e4BWY%7=LL|F`;ozeACsgV@MCFgf5g35Bf#?~(K!TR1~H;nK>=ef@x$ znmz2v$dJ`1oLf-V*D_O(mD!Qtxvgd=FDg7`KiBO3xM+@2K8!hVKOy)4+uHVO=w&~T zBbJ`QS0k?BQ9*?aL>;mxzBU>Ecg*zp*8P}Gqkb|$*=bu)o!`(>Vioo?DIT$^SD*K3 zuRaI~Iy@4KDy$lt?U6fa-^39U7^eDqy{*>su5UE!Uz#d1k@6IIIC!TM(Q}r!{AqMk z`axCYZUTila^dpe)Toi1=p+~GzB0nPrM0=D=yWXFwJ1PO#nV?nxrSG6mF^ig7YCyw zjY8C2a2Gv12^uA#i-T#aNtX!?`!`*KXN3#~GtA$JG2|pW2`fzw5_4{lZn8Z)&d)07 z7_E?^|293Rn8$eVXpfE230cA2a6$;`d)i2uXxQp43d+p%Vk9H|iRIEdfkr-mP;-9V z1f6x}@^$w%s-eOOO9Z(=t=s##f%%7zlscJXNOhPlwK#CyYvjbKox(Az{T{C0HM__& zFTfkuV6B@HJ;=WP_^y!EuD-EjgdjNCdj24%e16hO zTU3;`c%9Ux*P4YAY%8(&Hx=42)+C1c$w29Kkaf)UKq` z;7Qw-(b!!Q$;io>S9W-v|D2h)9Zah`yquYz58O;D3wzBfNzo*(|DzaKwRm_Nrro$= zddEKg!f+vXpoZkFWIxB=$!YnzUb3>Ns=mgOmYhDT>T}ZnVrV4_8k2Ql329}c+8$KO zD!V-Cqn7CsEDp-J=-j99DA_HTILTS5=yKknIB1Z)_QdZd$;4ey65Ss|0`8a6QhZj| z?58VjbygD)yN3@lgd3m|&C4M8H^1zO!RSZKpA0zP*xXO-Aptik{f~t^U!S-AZAiPj zJEIsy6)l&SS+!Y$Bup%)n`iu^YR*wV0uoWy>+h9VoFgB`Q)KVYT}zBN>TPDOm^oev4Q@SNN%y+wX`!jOFX&H-fw&B z8g(4%*c`4=L;d1g6L~dsxiBPB0mTF~VSkbs@)4iuW+KqMSkR^O@eF&D*FI6h zJUrUIqq`h5M2wbO4J{TW`x=Qmug4BIrP3$3XSRF}PT4uFCS+k@01M0OC4sMzu03qZ z^|0;*;jpT(y4^7i_=n!wnO=TSq|K$X3<8Y=u49aAWp!3n`KPe9Q9RkZ*?61g@6Y9h z+r{DjhWmXS^0uOx`|wr}RmFdY%JUU-#S+tabj>!QW|U&F<#DYN$|vB51s9 z&�I=;o#iZAZaJCvM@f9fRZ^O0>fS{MQw1d@F%3mYevs0`R4kMKR#{zhRtgKgy z0MK7tMBe-miK{tSNzGO{GO26IUIX}vc2R#heIC?zsdqOFYvJNZp|e#^jOd!W7n|-B zswCe{X;v)G!_rA96O6_AapU9nV%|=R@TgtMmUQ|G4^79z{z%$UwH#sgdY@*V6)=5* z(0Mqgawi}%lAIcUkXwB`7FlaRl)YbkzaA2>Dye#ejb5$JqAj}`Te-gG{JeonbbUY2 ze}7gzIY0=qBG$xR()M_)4w-b|N7H|Q$5uZAy@)moP~Bf=U`gbt;AsYMVY*+_8brFu zut1*;g~00xQ+m18AR)>sV)No!RIqp=!(l8;QyhSb4U#d>v;HfmscWp#GYR*8{=>jI z8XxZ|?v5o!3;QF{{^T~1`x_v*tE(|d)amirko_=n4D5|>iK3GivoPv3DSPG@-QA|< zYfNU=X=g_@ok)cp{y;V^?aWmo#Q7Son)q!bEY)eG7e$ULREIcLYX0>5X(qo|ZU(o# zsZ!0i2l8!C)S>HfsJlfii5h>2hjAJc3eb=ztgYxCq_}Lj5KhDW;V=f+$4og-J=I`4mCkc7nKJP8cA4*9uB$U{O9KxuZ z*g0MXjW1T}pn+Y(J(ak4@pW<}!5GXw7Fzhh_VlRCQ51RoS{v_8!=EZGt}zaW!=G)B zwF~Xp??+R7!{BThx~`@EIEwPbT)&7hT?9T3rUY6R7q(vKvOk|sU*gL(D#s((bopDq zmJ4rlmMf;d`i|!E0suIQWcd!Cd-xz!pawBg6{K;vSt-2f0u+5Oh8?>-Dw{f_eSW=E zA_+S+vo}IgFm2S5q5y_Q7;*9FnUWI2n~OzBIr}C&i%hLrmoe;+0BT_GcDKjC>zVm2eQFLu z1fC6K9M5`|=Law(pb5q?^gma>c6o^DMP#4O_jc=1TZGB!zqB&> zP%FwH}hJH`Q_Q5D* zbv@4;wI30%!TI0ULQa&dct20)#+xznzZ^62$;=}5#nKM&ENrggW;fgP)rkV3kuuWq z(s63)Ku{hC^8m~lx*cju7(M$Y4=ie**x@WpY<{ z_exm{&WlxB)z}_$PP;W*gM`6V7O0&4+XFPt3g6?A3#&R!ke`j3dyhxJ?Q^T^wj{0H zo?SW?lz)WkrIV73B~Jv&K*qUu_8PbiEDI`HJiKPXfQUsZe#$g5zZvtu(%9L&w7*g? zK+RQxg8o5bKYl<1taxIxi%1KTj*d#>cA>q!_(b6uN8k%fBfA=`Uz&Upod4WuN4y9H zMdKXCu2a_yvl2NNtY3lF2)onaeJ$Le-P7bnk%AKl(uAzHzcS;0dgfrDXw#jffnmDy z-`tnMC~0Vjn$c+zsF9Nc%VoCPtdpW^$FrnE>v?!DXH>j$dv&yO#3=UlH9oy1=6kBI z=Isn95{$$02ec9(l`uQ>w7|tM*`Yr&#*{PE&j>E)s;o0I9KihskBRZI#5+{<9O~Dd z@(I8IVNN57@`iFw>uVJ_cIQR}-Ggi`m1fgDaXPB`#RU+40{~=_!i5Xm5*{*TX_SQW zz;v1oCuN|YA=i`U*G>G8adydu4yO;E1Cw9*(35V(>1ONENCqqdlQalAxm8u=JoylD zIp36qs44QBz+Ysknt6TI22_8)q?ND;+y^lo6@qY6Ahp4G?~dvH{iM?h5L7~ilSCH- zJszg&Vaab4oh!qWKh+^~XDunAx#>VzQh81QhoN`I;1AGa(SY$mSU=hq0045?-eH`= zqn43poHo-m7|xLs2=C;9{jSipzqRLH`w-QNeqtSkWisuPD=4XDQTBMH>ji;-%IenMI>pRpcdL|ln*m|E@W94E^ z$_397xE}|J<;SRrc}I0uAueg|wk5L(vezkbciJ~XNIW5678bvrnwXNrlas2ZJUNY1{;iD1avTzdi^CAoPFx($3QC61O_Y{-CyT zeM;KguhrNy>>S&fpQU`Y$N2Aau@}GMt#X3_p(kL_3DWsQm)2EQAg`4>Py;O<2m^`& zfYoGJTGw0*ugEm@cT|?w3GBRC{c`dMSG&q`cyxA-j)-!3eB|Qwk6uu4iCCO>g&d-? z+ekqIx|B}JlZ+Bq4{- zBZ1f33^$I!S~=!9D+33`5VaS!R;QO2_io+5dcL7!S+fH|4zz07oj#`SCEYKB$U3d; zqB3?!n>DsUW;K@hV+6_wVmyivpXaJ3mb|2 z$O=vkfCSgS75e^;4a{hrEgq6@9t81E8D7zyQ#br(Kmmr*RW3We!gUk#($ZQH+jr292`^} zG*Cqx>X;%R=)e2J`EWXVnA!Rk$ZkYVldx(Vye*GCxamnIe}M!v03 zG2EkX@mTNHlHu&Xk~s?6s7r&80Rdi4W<+2C^Pu@&!2wYY6@K8wR=YbQj~XdlzWb#+ z8HH8y+mN_~vD&p+mPblDmN6~JY_VPHXckROJ)Ir^4)J{tJ*v4aVNCc+rN4g} zHVhPlq43#$zKNH=ejCrKOjGcEB?TJ5qfanFpANT5UC?iLOaG2*X6R5UUvjoRdFqLCRBkwC-$ z_QNBF$xBLy!fX8(DlYRoCKjK_wex6-OV0sG#e?Xe zvK8+Y@+QQ#1nT^+2_YL&pKnRu1~Vp0rE={eqDSS!n#*>+%&zz#_PDD8E?Apw2N=I; zI?;Pv5kgA(cS>T4DWOwnCtYYVy2p1&5%5G^NHW$M@l4qBC;xD<9%-sDl*tp7HiT$j zCdotXglG?M(*)LB?b6+S=|OQ!YG&GqW0a|GJ|5S@O)gi{$qX)54dkCcJO_8;wSpVLp`#YnAtg)?2JV%gjxTqNQ0u+D& zzr=(qnwqMrZsuP!^gTAs!{nu9M;WOnWuw4=G?OEzUQujV|mNzbZ}TM1-wbysGkiFhb}xW{_X38Smb-M;XKZ} z^8CG(GGR%GOH{kscN;!^$_Bv0RN7Pa@IFl^kcs*TW?r)_a0i zeiu71E;WdilBCHYHEa>9=ieMJ-%94A(L)!1)Mm5| z2X?+au30b6#O^4if6T{reeT@8U9A*^%PzkS=W~?XNb&#o^Je-|j;&GHQ`~R+(WQmN zX~PspD=A_yurvCyS;yx4cM?Bu|7nY30^5!udOw!AOP7AL1>6_? zt4u#L40>RfKS$VnUck=?}cp`8phjmyH0CCVI!s z+dLx`2jUmajtyI4BD}gtq^E~_P0+;7jyhUq!u#In#(-h%T%?n4qbW^}XEC`7GXaB0 z!M2=v>pG4aurGay_M$f!Hzmd+YFdHu^lYYgn3u-5?A4i#S5z|0D;&i3!6*RC_PZm2G)pk3)A5UN?+Xsm5w3Ek1(zfCwJsb#BN?*UY0qp;g#JfJ4inb z>6~+{O<&h|w=}mGw_9#RA*pe3ZgKn9tXyAei<<`}l)4|hVJHt;KlbhzyeYbBxVp;q zO+H|0u|@LQCa0NURXZ9^X8&qq_P>TWnoQNl-tyYPp6dSA^KSHY#N?`K2C*&KsGUSL z*!d~@AKR92$LOU7#)iyD4417$&^BMiSK&k`Sfib@1a!S{m>~oTsRaJHaKuM zSR%Wn8yxTp^tnd?wN`izVSi9d^&Z%`tqj`LV?fI2TGx&ew}6Ut(fs>GnlMVX-~b`;r# zL6(My69%3uiOH-b`L2=jM)sGHt9lOsJad7kplU#H`0V+~&gbLBEUT3EMO-$p%G=9! zl&K$=3rKkypYTZJjZA}LTrqa@9A2I0YVnktY#REc_ifjxR44Q}EWThx3<6-`U>!cZ z6?m6ppa9XduT71w&ucoS`6UhG^y;uCCy#jEH_gUZ>r+83DO9&(m0LHdLPy%O9%WhnWsHY&Q}gy&VI6s zfaT8fJe_Caw>Z6D3+Z)sAA7{_RvDF@DbFqV=wZCRHd&};5dN}kx28T;@lq+xL#peY!${s=KHEAmIJ~8SfzKe z)z+_Sj^qI_zhk1eLyaun=UIdYD{1s9lq~}{U2PXVZI>*}dtENyTVajz#yomf?TM1A zku9II{lcuKkwz>|D=jAlEwhdhi#AvGUdW|_g%i1v>HpK(TL-oAhu^}10;NccLvbg# zySrO)cP~&}1C*kH;_d`@hvM#5+@ZL;`_1>h_c!zYedo?(cCwq@{p@CUljk|ldCuvE z6cBX;sUA<)UC-2A7v$VuEnzCQSIpRrewDCZ|FfTKAg-m<=5?WQ+ab+f8BN-D{0}cP zElgDHDf@jF6CD7cT4aChH6n4D^ro1lE1Tq{7iB;OuyAtke^HIqO_amT#42g#TiG)KssKv9_L=NzmqO>|N!28mA<;a!UI|O^sLX zPT}9@^vkiR=t<-P1V(*fo-)^gF<&!FKh>dq@8iDB%8B{qWmq_{9Le*=I^%eeq5o}{ zU9`ZH3`7=GmT`{M7S)~owv#NTewN&M6TI3t#OrhJ|8imEe`hr5yIB|Acc5M5G4K)1 zFe&ZF1Q^3?)|Q-H;ggh~XTF`a(ijVs-9yF^UVHfx)A`%O4?zvUfnTRd^ zp-aMlW+D6Ojh?wvSL0!U8*bQ+T!A;ZFrz0f!0PU1ikpv57d(2Ua1z%xd+wek^kiuz zZRaM5<1(XfYq`vIs^RP)KFU7B6{Tso~ z-JR&W?2Uh5Ch-KlQ+$!?96Swa8qL)1!GWE?eLMar{CEoUH|2e&s^dmPyqRGbpl+c9 zL*=DRD6|#-$@p?{GcO8lWSqGGW@LW;tG4r2;s&wf5lc$EyuAGMHmWEYDHtLq(aS^dMt)}LM^a1Tz#OJx|_f>zLFIwv#voPRR zf!go92^CS3LpeE-)!GDHfz0%itZ9>{!!HQFJO45wrqu zINQEvdDW=0fXmHX)@AdT>Yj4}38ap@lgVuV*K#8j0Ki1SI!Xp6_?t$;9uo0j4R^E* zoX8C^zk3gI+Dn@$oJxZ`YSqIR!TV9<(_d5JHU(7uveZJPL6oXplqYepqKL+k*pinm zt4I)_B+~Hcm-KEyt#ogxqF!O3Ql^8fB>)qG;?{JdO(cI+ze9;{PU}nlRgAEcrJnxV zznjZ}L(;@-qw49dHiiN`9+$Q$^nB!NWD^r(DHO>kzV)+)@t~Q%8PtNj;Rw9t79pC0 zDdW4hD{_oac~zZke8 z0~~_N3;Uo_2KvKLV1_S1UCro2$5L|E+ho#P%|k-@bR5K*hzJc{6>BJvJs~L24|+zi z?ZnYy>@pZ)qn~%kBpe(&I5-ZG-p%J)W`lU}S(1XY$`ludF}Kl@dP9-PB`!|_9#e39 zfRHk=`&MJvI<&BGwN^v&r|}t_roxOFo~pQv@YD4Yj!}|$*j4j`De{1}B`%-6GoVt# zJuNA1H}%-Wk&q;Xs~n%bhnje8lJxW}SbzwC3=GWOD~!Or?(PqaOj@)qmtmuZ!)%bl zwFj@ay{_}jUoYn_?2CKc=NbuB*$L$wxFOWZegPoF^OBSI@N-X=p-MjD_(0pKmp%hh znmn?bXGf%UoEc>ks7p(0huDQKZYKSO1WsiqX@PWO3oPGM;`$5B))7C$`GO%swFlQv z=;Iiye*~O$(FK#44O|~^q-+%>)Z><9SYlt+p$Ep^5!_*57pBBUfUTp6C<-`8JL)>l z;BmTQa8w#rFx-U8wva=Jc6sRwcPULt7|X|lf(>Yr^tJC-1rc?A7B!?UruC|^y>isL zib2Czb)bF0<$sIaz0$8FSF(W~J4C8u<~bE@p7562k{ z9oc?R-HnK07HDl1Zxc?`~3iejf@ zlT3N-ofKpZPi@8B%$gIrdNgt(m!^z)#_v?q*LEKEq#~j+BZ&?MtqBPlX*M-bZV$l2 zM}{*zr!i$r*?FoWDn+jh5>{TdFcy4e1q9TP%drIrtZvNA`i$tR$7QAE!|9*ekH=9n zu}}QVMuXyT5>UcQr+xD1>q|OwXa4fNitg%~w`R;vX3LLFh0s^)nI$vYPt?!G8y9`9 z4yWy`=%o+0E2B#KZ5Mmz24 zjk^cmnwXQp?+|GSX#ja9|3g`29UrOrI`8g}37Q>FN@*rxevyOY?<6T59N*M4EM>9U zCK~502U0Rjw>Db-&a*rD($jBQ zmz=y^cgC9rea9Dew9;<(BH;u#sA#(buE!4R2!D&^b}b&n%qZhGuBKyvwgvFaFm5I@ zgg{Y6WLPMR(xH2>=G*fINkD7>5X>;FjR7)X9FN~$0fUj^G0ocR;u*)sLsBxdiMXl2 zfj}grVx8BhXZQEFX524rFUuXFXAvzAqC4C!ecoAg)nkxFwX~F@ zm2(=Q&ba{DZ!!PgdaK?}!$Lkn6cnQ-n|%|pEeb8(6lr&wmtB{93R;U|W3;NL?Th zXC?*#BFP{ayYBgTocmoqCL4lIe}BCH9{ulpo~8QW&+OG|pUWC<_DgH{*leGy-Fuil zU7oeQx4SM@^ZrgEN&7>D|9MBucKzKKMQ;zGJ5S9v1i;zaeNC>@;A6z^4dPS!v2l#m zsIzsUpT*pXyRc}gnm@W8Z=yT%c6kE}hQlu(W4>kR)wB)6`&RBD@2BxUBVRjjn~_^l zOI6n2>4EXp`|j`b_L-WPM+T*#OKA40=BDb)W14kVmRuakAaJkivE8CSIoIpV;$u5$ z(~@F%i`-~;FaG5WeLY`l8}3pAK#B1wWH6n_BYIYPEeJ?g&fDWsgNuJxPQ_`1k2$f3 zuq4nW0DmQ@&RZP!Bm8+>FHq;QG6`n6iIwkvI(?jYg|+jq61jGAszKMSpah3OGgbKA z#PGf1t!Y@^gS0I72e>#L^=GKm9Mst>QLvk`M$Vce9>`g z=Eaz@vT`UEU#Iu>zVNkEUC0N3h=PNxg{7(M-|ehar?Cki*TNwCR+7hAvoFPXI~lc; zo|Jip;)tS%Hm>NrRBqXiH*Y+>&P~GUX|WSqF>4M@EB0zpU+vAO=TFnkBE98p@ymiv z%p#oCrW=X$Ag**(Ruj9IA3q2+t!&>uQkXFkG&#@@H?F>@z+@kXB&0VwFiz-dQ{Q=6 z8u(=xX(wc+ipu`1=_mLrsnh7N@qPMg{ZU5?ZFkq|5=FA^=w|lMr{gfaoN0zn^itIA z^dy-sod5tJ`U^$X=hgq=0(^OjDJ*Q{lA64JDxMB>z0YtN*^CKbHtM`~$zCk_av#m1 zrLUSuXn)gc@OkhiV};~vy7NXaiT_EiJxbu=CAtUV*Lnf60JMS`f{0Qs!OQS=sc}xI z3%UlhrAOjo>D0Y-oNG6Qv%kP`ZQgkLSZ!uTcF3+NnsI2Gz0rQ7SgXciA!88t;~7 zn`kTsD$Qpu+0W|wa8+!5*cLS7yjF!)mMnP&b#9Z{0xf#uP<MQEBc6< zHkV8(h4!+t%a>7bpDo`ne$eZo0kYGHD{3UFj(Zun%*@QJ2c*O#y)PCCwU*^#iPV3N zHkPZ{vj*e6ZRf(uv{5W@VjZ zdoT?dbR=ZNF`{x3{<6%BGM2gUT!oUaapPvLz)cQIDdruQ0AT>ze#WODiF4DDo0mAo z^yF_CgEy2FV1}X5Q3d6z@$tnIGxyfD!>gj*Bzr@n@u@ym&hEppRGV->4riL#@0WjF zXhqS@kJVi(o9+{@V&_l0L7ku(FH@F_V^EEx(|NmKCwna=Flehe(F!AuG^}>4goEKV zi;p7^UQ_~Wd@bg^VuysM$>4A6*>DSXwvR=NovyE+e_Q_pv7&kQWDyW-SXESf-$1O0 z#Y-uNGFr#|H7*W_CgE~2;sHb=ll`WSf9fNUfVCY1{Kny8_SO{V{}-(s5pt7@vvceH ziOjqGO^`tOTsYK25=%_PiLkX6Cs;)#sYa>@oDTcEkVkD0(oORQ*w5lswd)xR<@@AV$19ClFfC&&#{y>aJxNVH^L!eM1Hv z^q;W~hDERm?_PUW%nQ?_*~zW9P1^k7dLG5g>wYy{x13CZwmZB%QZ8C=iG%7#N-UIi z5=QzsN?LmLtH6xylzVQBcKTY%VQ|lnm+=}45=1b>v)wSsqG4HYpcq7XC(F+8{`tQ9 zO5j<@(s}cPqQQH_=}} z-GV1G9^EZa&*i!LN}JrPUqYm{lw{R~`Y|IPD{ls-0$(3O?f{x@-!*5T~@|E&uw+gtdb&uT}AEaqNx|7Sm% z&3WZ%M*n9!=*Aui8rOFJXADi9-Kbhyzl#68&;KT?s?b4KLg8TFL}VT|I(|pO}+r%`z+|KlorOj&?w~2~k9XT-zFWA)7o=Ly&x9**JLucj^+s-!$onu#uktP*6?P z%dL^ha!D~}@0#ZM`vmw_&jkZlDCG$6T-d3wIj1F;huwsBt$!d7Lfw&Di5H;#yquo4 zvJZlhsEK90Oq}B^aiSjdd{4c$2L$wPjQ4?iq)(UH1$k!tuU4I#BOeb0TbrJ(o|FyZ zF{KKaX{&}6qTYTSzkFt!2JK!pn=V2v}Dg^+Hsd`!(DnGaS9@C^t&gn_NJHccf$0%!97$jdNkcrk& zTKw>Fz%0s3m<%oeEeCVP*_ICc$HIuoW%;90R_k{;`o*@w@1kJP;AfI#b=DQG1!j<= zsdxVQOX5$)R(FZw)Eu9uo=5rlPoY7g6~BjQ8JNZ=H&aEnYi6#`NU8AvfH2Zn$kDjP z68djx{QY*($g1H8JFaBQulUh~MlqPMSeXe)S_Z0~5nssGHGo@**U(}Xry~D8Rv#5* zfqnD+PjE&MclPV$qhC>ol}=O1&jlUBkY^n1-`c5QDnkye6jdmNDU*H%JQ`L3&^Dk*zM zGLu}S-xy^iRg#jUyqmUSVeWP>&x09ig93b;7Wv|6vViI;f zvm;Y)rWRAft!2`j7H)npmFULJW^WN>20Rb-il#cY@8IBJJZUTXiI9?x*Ycyp%Xa?v zr-R6;{@p~cufuWvPukmFqTiD0X^kDW8x213O%g~?AYm9%?{hn}-h1L=YUfMP<6xb=3fuyL_HIruXxxciP8^fEy z23gKF_hU=y$c{ReKqGg1P-D;XZ>q1CCgDEw-ZzWEvyh{sp2z}od&f+7#3TE3JAkom z{l2N%arsK3sQ+O%KY4JDkHbiS(fPKWl=GBHg-KEY6Y_mc<3oLBr+R zGx2zs7c+_ad$GwW-~DaTTfelOi;D|6ZAsIqsn2=NQ<*ZEq_a;On2(2F022#4o>xko zK0!$Z&Re%A#Br{^3z-RWy$;m%pLtk`DD8#lXS{hi4E3dO?=zL!Rn<$8wRYKxhtHJ79?}pZy70IF1~YX{H%A1$yAcVB5XMM0f1&Rz{b#U#?qy9S9S>CR7QKG@nclH6*zIJJ-NTjf#JA%6LKSB;SsnMrk_*+*@LiF}l#JvjUB=rr0A#KSKB z6YV0>$i97K$6 zE96MhfRD+pre=y3OJm<_6-A5!ytfBVHqYoj#&o^y`(KYe;t(iOGSwjjz=4RPxq;JH zV>gisQ>6MBu=Nq_)7OPWg>zMygF7sW~naILT)!KSHNXZRKVwh0&JR+qiQQ7?dKTBJn)bb;7BW` zy88SUsgUq-%8eaN7w6LbNOv#3i|uI(5@E{uk+tx{$S8@=)(jsZ9#M@2c4FFZ-N;X9 z3>1drxiN!+Y^I}3Oq>KsJEc@!O0p$O#e>e)=GFHX-C7sx(%^4nB&A4aF^^PFR{oD9 z@9u4GJk-lrSR&Z*Z~I2CLI8#P2EW%5$Mn$!&~}9X2rP_MVxu-YXjdR30B{+Ja!5cV|T)29(OxWrOa% ztY!XMx=h@J>jfG3nKLkk6XKtyJ8Sh5ctTSm-GceezxvzZb9}K67SR+>QSvqoxaKw|55SXBQ`I0) zGE&WWT(L4bIwKreRKLqrf6DC7NNH&Fvv(ek%Cw6>?`jsGeB0@K|8aEE%}s;(_P!`|FY94?K@KAiAma1|2F5__jl1Ky01+V|tm z3NvClTv9?Cusd`OH$_X!J-QE=8m3+1oHOxi*gTNe;`5%@#5sO!UHOodrPcCkc$gJR zEE~-ZkYRq=`Z(D!H9c(ux=}M){RD`+&+dFm{LFmqpZyeyl7|m?!K^@(akU)x$bMo# z7TNjd=zquD>3DK@h|i$JWHiFXTL2_Y~*7|7N5a8sJ{tJt3?3>q?KZR zG&-<9FQK2*ngIZ^4r9AzjYOS>^X>CJx*7{vumJ$FBrThrzq>9pTbRTRDI5TiDd?%9 zz`NY3hDxtq9;~-{5&?E_uy9a+r^K6L4a0Pqn`5hE7j?5y3R8y-kI|Jg$Qdx& zV>PNtt4es>|2<~iWpNhpdNjx3TJv3v98Q#EtSW?p5()qS!M9*X!Ox^Vg`Ky%RSI?( z9WR;ZeV2#;ON5DUA{Y_e{`*yTFaZpI{NH-dJG_?oSd8VPCv?Z48ZY$n&<5yp^=x{! zy2e7v7wIlRv4HVmdZsZs0HBzb|KWMRrSeV_8aWw+vp4!Zx9NY=6yW3G<2eE8WWF6K)H{w#u6p-m9hPzhrkm@yR8W{JDa*DpGeD1aSY9MsP%agf_uM;x@|bfdK7 z4qsWgHWxUwbS;&%bob0vZs`Ei>nnNZ8K{y;Vc|^|a_4c&vRXM72*epp%NImBvk%?%=(;IY$C@HQInxOq2d^9?Y&y_n^hS z1tRZYmH~$*|5w2;3;Tu0WItnq!;rxcbXa^c1c0%Lu_U0DG)PR01rOx`UMGQruidb9 zdSO8_98Jai5aIHhz{j$gG9F#@{@@MgoH{$wk+=qjH9kXEx0}z*hB<(Wl1jSU#a5+k z$5t}#1|{Y{M9?ByW~RpnKpCrLLD4q=G*yVj#mRS&=%yb{KKs3J=#})1(y8Cvg9zVj zb-(jr*JmDDkxaoOK~4dDu95@*#8nXi+TNFm6mV#;k*^&pK&-20@i-s_n61CO4WFJK z4$;t1=YUTOWBPbj+fbhj7Vq%b9r^p~fMRpFDoAh*#)~WyNO!mdZ(~__IfSkyqSKOv zW;}J`I`J6G zWb)^2cqB1!sPbFOJ|3FR+b?1ji4z$JMmRGJ7yl_&h_H$#7G^XsI&D)5-7(giDUcn^ zh=c(Ov9rtflPVy>syNuznOKZ)yDgj88;+(=+s>_$C>H&;MhXquJiA*k68v$sDw+Jg z?4pYG3r$6Y6|oX^9FaB-4|+t#EC;yevRjn7)u?gx>;guBv4~T)|ZLOAKeEwp@LzJDOl7>^4A9-@6o8CL)duDAH&&33d z4Ft>Ti$%s~;DBiu%0#?;Ns?tx?*8CGgX|SaO&A`4m8$-hK;`TS4~~e#WXGfCN=Rw$ohOI= z%JMiU5CGK-b|{yq*fz?-*UuD16T;r--f3ch0IF1Os=2BXK98Em0$gu}sVQ06q`bZDRp)YrNVK4a+;z#A67QF>1uaSX`yk|BzGbM!ViWtNzWyg0cYED?G^6#H#-hA zvV-*W>++4Ke}&)#>??y$X<`oN<-NJmSe)$39wipQjz6OP2vz)yZ zmX0yv_be=+%GA5kFb&^+5D5W_C}`9<*tMjpUMk$rA;(i_RmDrQa|G)X7xm_fVx34*`o2k@Z^srAV3>W&pjM0q8Tfyt(9@tUze}mg`)(h6Mv4pxn-k$3L1AqD5 zzxe*x|Bzii(XrO0nHJdG{5AAfF3|k^-1<0msIrqrKmQ=}gn(GNYOzqOq^^!F%J48V zrAjtZ9r`Z{u90m{tvRwX;&XaB&99jA+N4c|MT^(aR}%mgY)^|=)$vkO^HNph*U#o_ z!H{N2S0pQcaW7^W5W)I+ftv0v;WCDFHO>#=O)E5Z_Z!$0!GhI0pNo1sd1 zaCnj1TaZ)X7~>(*m4XDIxN+Vu?a?=WM|$7QtU-+)$FaBlYkQ;fHAx<{R@Y#mijNPV z6jhj@<1D+Bmu51QQ7C0@n|I5{(nwGqYc%4Wne*nQ=Ax!ztjo^_ijBj-MD_10lh~`( z;9+*vN*p)YZ*;Sw3~pUpMb%#}4C{nIfLkf4TdFaz0)OA`{{CsQlz#fCI)2`l8S%Qs z;SGo}-!ZTAeA;YF~-W%rc{;ThzSRPAou2pTm) zK+7U6e0-d&hXp!L02M=>^~RKr!qEd;Hp{Od)TM-Aie80nGK?A-lY@ zwdWtHYYs$2#9tc>ctG_Ye;d!ceYDfa0q6*MNmht}Zlnt-92l}4@8&jOk+mGpf+rq* zZDhCf1xfwn zE>-$^J02Y2;BqLR;n!0Ps!vnjO*L(LpZKC+0V%{pc);^4waJ+d>w^m55Bc zU^*?5T8ssNZULFO0N`Pke=DhqFY^TSIF-BQfP9O^6DYx!@y_)4^9!pJ&pui?nl_4s z)>%a-jWy8xaJc2_!R}`&w-{oscH*$L2wfEmGN+wm9x#6^wY!qOcWpe5 zQWYgzQ-7tpQ9$59=h??fe6{7u6d=P$7v4F$ytbB{sX|2jOFR%SHDy7C-Sy=vwLDV2 zLhd)|$+$7yg1zD-En%HbsFZZ;3X{j(%|?@zqc?*zi>h6H?0}3I3mOAmLdZVgBWpK) z!x;iEnP`^P)A9!Kfpwfjs_A3-bW2D}t5DmQ01j@bDM*RODJYtzB={}-E7(%ZuxS*N zMatU23zdwaD2h!24PX|eiTGPrItTUoQ_hWQA0xM zBbi^s0CLw-l_4Px9u|_)sJ4o5s{WdtkzloPFgYF4pdI}YcNL={i<37$e>hWR8w(L& zgpNL~)$ow0egU^ABm(slPo692u=;juI4@N;Tg8dt0S17l+3B^g9>~_Z#>d8H3VMDS zK3k6sC0XySMInz&!1qZebQJ6cDI*2ng6)r^^3Lr#lS zHLY2(rmy#-Rju!SEOYJA(+BQXF68z(>puoGAV1shdDzUc?OSI@qqh@xAHQgI zyR=hJ`o}Ldth9DzIBm3K3$tNs;T*9v(IgZp#;V3P0)H3ulF%`;zM4tG>NZ&%H|}To zKQ0cl+rp^5m>Pjo;N*1!sqDvfp_tlLteWC$yjwU*Fsqh9laQ|e+9Cx#o>^sK~~0of359kR_9aQ;2)0+N>g450_2XT zapoYXdb$$v!}=G$$AL>VuWY}IHF|=MBu99TG+w)F=9}M*8@vX;>iP|`@EjPCto>w!Q*;bzguFpF?4caQ04j zZ_@_`ivVQVGplRRUqNI<>L zlGPbe5Rk+CbkOnxryC@fWEG3n2~+as?e&YEf$qic;xp{WKLLO*PO=iB>gMl<+k=w2 zYd%m|d)*;{QWEp)jLT7%N6293^J(XfgNXq+SHyXEx#-Q=@nJvL>TP?!Q`oz)&~~G+ zbOnfk49iruk`a&bIzRPm8{*eHz=>Q#Em!StonVslxFsvs9fl?`GoRa`VlO04rtR82 zXTQiNbg6GSrOZ%Pl1+Ff;CV1KCwe>(h^QL0+5>($-f!>VmBb>e zDrRGTMQA3(_+inzHzu*2O7W41$5vc?oUsVs1AE}%#L@TNDA|uX^`EodJ za&%o3MG+|)`xOE8_P&x<3AM@*li`C30heR;(;70Aq8eEUm!^v(CFT^K^hZKogNXRl z2K0JS;;^DFi$XQ*YV(LMzv@Nrr^6H8>qlz)^rs{@FpuOvKkR z5r^J@Pb%nQVnZ~;ag?%W&4)2!c!BVTdm1~5WI^Caj#SJU{3CkmCtard#h$C!Zii$j zAg9|jdV1;U8;E7YrTF_Z-!HaN!(-0d8XGPGkt@ZsS=~`t!!2LFZ_f>F5$vfFaxOubl_?>ivb0 z@7^}PWP-&mQB^KtlD>mz+>T1u{^b)eO|@@Dumj!0AB8C? zaF%}6>7gVnC@jw@E&vQ1iv+M9xP}xT9NZER{P{b38IS9Dohvl0^4;$+EyV4%zn>}? z9{#JWr6dOV*rk`(;SIm%9a>y}4yjxm<#Riek&HQz65Qk?M?R3VKmdV^6L3`yUe9k^ zrS&?8f{cB+&}=xK_6?v6iPP)DJje?)%x~lkX|;q`JsPs-Zv?u`pXI88cdY|#>?Zs7 zCJIDCJ>^TI@_KX;0FoWDqnrQg()sLR13pO{{8rstg!*%WCvq_z4cf;;pTaOR8eSKo z{e9n#&;Wpcjr6Cro+;vzVPtu$72+n=8{DME#Zq0nbz zVbst5_mYGib8N*vNybrb_+VzC0i<)*Zs0WDSEBTKC(vm|!}a&$u5lZoA7?k_idexS zEcIA`pc)Jm1Tn~;StTqTa=fMt-^=0o-mri{PIh*FM>*Qbun0X`VRBhW8-qHonIxK| zY8*hlM3R&0gE+LCR1pjkU=?$)Kb%dSA@MxupaOXphGe~sM=+j#=>G(5ZfwIVNjB8i z<7M@#v`~p-1w?+n;r^0Qhl5pEM7^C;wryKh9zF?XM<@&lw$Ng1{m3xd5#g9QTe4Uk zig_8*aH|n!EDCLrgfnKBTfqAKIg`(wlFZw`?J$YywH48BaM%B}TN&Gpa&kJpH}n1K zlq-5guiD`_`)mVKi4+N%sCzP=#2U+XcZ8q$zum<%D2|%`u(g%bB!CJZYmFJjTBz!- z+h925vi+QwaIhz}(OO9`v-MRN@RBSHzc)pQ{*~!tby6*dScz4%0(t}q%Brio) z7QNKsbqcjPKn;OQle)fUPgdf-`|^8d&pg#N!@j!JY*nv`Gd}l+4BAfmII|d_+U?JE z{Q*j-oDACpuy`!Y3aWBR#j4*oaLdU|$mhaD>m_b6vDU%H`FF@!YzMz0&Gbqyw2?|gzjD?Gp_lsL}1Xa@^ZeC8suclYma+=VSp|bH3jIU0j z0;r_Nam{K#m701A%tzCD5-J<#y?%O~thWyj^qZsv8G1i;t}IvX>6M!6=pNzJt0s-3 z&Q%c$5nxc^cbA(Ty@a#(QuOlbeDx+qy>cTYe= z36jCXPM8}w2C8DgtHJ{8UFF2>m&#~1Y~|$2Cpt%?DRUk&pM~39E*B0SwchvmlWm*M z{7v8Q;L*vTpiWp&K^nQXCJX*K-|LRrDOQe37dz+azwxA(vBXUBT1wfgD+6ZFl6E|d zS}0uI=5<+5#alutxM%BP7c(vB{N6it)ZZ6)+|>DE;i4yf72>Lck?hVRNxk>IIMefW z$3ip?y=(T*>)2sZY;5kym@6mMt(!q6VyW#khRq3v4 zN(A-$Q41B7vpN3TD%lQq+Kcq0@J(5@`L80OxifFafh zRNcic7)|~_VH!UwkJKib95hx^GW^0xf@jcbGSgON1sZiTu6CIx6=q2O0+F1M?mEdNdyl%7P<8{AgZ z`Ef5^mlg=YfXvT`P|EfMO&x}T_4sZ-V$853rE0f(i$-IWjSn%gc$#CE)RdHxQeS(7PcFtqC6bAtu77>Nnn{w68X0yR#P*%o_B=qYW$WH&R@^tVZhdIUbDJ7yC_ zzm<@2ZQleZH6O|b9&8T4C$_xDNoTZE!8H^R3pCvdkJb?kYC7+CCLEzzv=kM z+8t&D3FP9n#x~Hfaif3BOVL68^yO3LnUKjbw3auzdpk^X;g5u)hO4Nnrq;LViImok zj1;byJO-H7Xh)(in2vtCvOCIPS`nb2k5ScsMyzsdUY?toLO`^ZYPT7z+#1s+OjA^l z1GB8+#Y#>2*7k3q4kPPQ^H8eUh=zmJsiq!R*Ap1AzEsYwxss{HL z;MAFrxc`9-#-SBNhxH>qgb>IIK3e3b^!xo`)TkE)O#=Wx7D=OLVU>op%*7$MJRckc4mw;%(xhGbD0Lj zEu-4DAKF?OY3Z>8SlS#0L3(VMC}h#hw7fcH21(mJ>^9%NF_6*n2ogbwx8MLTQ5EvJ zG;{e{2UgHyTF9YSr<*wkGvl4Z7wVz%j{9`~B4OXFo_d#M)EFJ@I=6-Or?_BahBP%R zY^`KI ziZzyPUdy`Wc+~KqsYKjF=IDuk zbJI)wtLtnZ!hYCZg9whc6zT3G>6YTkzin8vSGO@yQOTls7QGS!NVSvRjrcuIwz;rB z{#cz1w?A`MHG##!LC{{rGZqa*cc;`uz`?D_^B4SBpy&$pp^%Fq9%4(~nA*H=9Jg6mIx zrj7jWFGBg1JDwhPn+$E3gs+-$%}{nv4kvLG`mBsL-VgoSUWdzYg`Hhci;9ZU$1R)n zlXgw+yMbJwPT7*mqT8?0jrMACqq}S`D|=p9>@OBX+bRiepss8;-FqjQ+{&t_#3Ph% za`r1BXi1~HcX{_NA^Qp>W=Oe})b%61EcN#M>ElXFpy{Rsb^-gerdF%zLG7U0r$Nmj z)aCD7_A8ni4cagJ9+A`>XE#JQ@FR2MrMAxDf~?oQ{)}T~zus{dOZi@q-8Qm*t*rg5 ztgZMA2q@pd1&C-~Ap=P1AE5|%;tMQbNX`!iU`_?)Y}dvaK?}&k%>Ngwm7P8|dtwWJ#>d|PI1VAkXv;7K3`|n z*B*|br@IQfZ1Z-*?95F2cDz42($dn3Gy2byW|8~*`|(_|sT3eB=P+rC&l1D&LZ{;fEn^(-Sv)m1Mn$M;1cU$!yq#Xgjhl;ACB Date: Fri, 5 Sep 2014 11:29:26 -0700 Subject: [PATCH 0223/1291] digitalocean: fix typo --- running-coreos/cloud-providers/digitalocean/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/running-coreos/cloud-providers/digitalocean/index.md b/running-coreos/cloud-providers/digitalocean/index.md index 0649630e9..e3b7e743e 100644 --- a/running-coreos/cloud-providers/digitalocean/index.md +++ b/running-coreos/cloud-providers/digitalocean/index.md @@ -175,7 +175,7 @@ For more details, check out [DigitalOcean's API documentation][do-api-docs].
    Droplet settings for networking and cloud-config
    -4. Choose your prefered channel of CoreOS.

    +4. Choose your preferred channel of CoreOS.

    From b759129114128ac2aa6d12c1bed4d5e898a0adae Mon Sep 17 00:00:00 2001 From: Sean Channel Date: Fri, 5 Sep 2014 13:05:52 -0700 Subject: [PATCH 0224/1291] remove extra "T" typo well the page had a shiny "fork-me" button... cheers! --- running-coreos/bare-metal/installing-to-disk/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/running-coreos/bare-metal/installing-to-disk/index.md b/running-coreos/bare-metal/installing-to-disk/index.md index 9238cd1ed..8428504ef 100644 --- a/running-coreos/bare-metal/installing-to-disk/index.md +++ b/running-coreos/bare-metal/installing-to-disk/index.md @@ -45,7 +45,7 @@ CoreOS is released into alpha and beta channels. Releases to each channel serve 
    coreos-install -d /dev/sda -C beta
    -

    TThe Stable channel should be used by production clusters. Versions of CoreOS are battle-tested within the Beta and Alpha channels before being promoted. Current version is CoreOS {{site.stable-channel}}.

    +

    The Stable channel should be used by production clusters. Versions of CoreOS are battle-tested within the Beta and Alpha channels before being promoted. Current version is CoreOS {{site.stable-channel}}.

    If you want to ensure you are installing the latest stable version, use the -C option:

    coreos-install -d /dev/sda -C stable
    From 8c0e934694d097a4e52b0a124e53e6a2464aa512 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Fri, 5 Sep 2014 15:13:08 -0700 Subject: [PATCH 0225/1291] rackspace: fix incorrect link --- running-coreos/cloud-providers/rackspace/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/running-coreos/cloud-providers/rackspace/index.md b/running-coreos/cloud-providers/rackspace/index.md index 9dd6610f2..e0be3d909 100644 --- a/running-coreos/cloud-providers/rackspace/index.md +++ b/running-coreos/cloud-providers/rackspace/index.md @@ -301,7 +301,7 @@ source ~/.bash_profile

    Launch the stack by providing the specified parameters. This command will reference the local file data.yml in the current working directory that contains the cloud-config parameters. $(< data.yaml) prints the contents of this file into our heat command:

    heat stack-create Test --template-file https://coreos.com/dist/rackspace/heat-stable.yaml -P key-name=coreos-key -P flavor='2 GB Performance' -P count=5 -P user-data="$(< data.yaml)" -P name="CoreOS-stable"
    -

    You can view the template here.

    +

    You can view the template here.

    From b174fa5b7de9c22bf3d75ed25271f5180850d465 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?M=C3=A9di-R=C3=A9mi=20Hashim?= Date: Sat, 6 Sep 2014 22:00:08 +0100 Subject: [PATCH 0226/1291] Updated docker urls --- .../building/getting-started-with-docker/index.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/launching-containers/building/getting-started-with-docker/index.md b/launching-containers/building/getting-started-with-docker/index.md index f2411cea8..b78a9eb0d 100644 --- a/launching-containers/building/getting-started-with-docker/index.md +++ b/launching-containers/building/getting-started-with-docker/index.md @@ -39,9 +39,9 @@ After that completes, we need to `commit` these changes to our container with th To find the container ID, open another shell (so the container is still running) and read the ID using `docker ps`. -The image name is in the format of `username/name`. We're going to use `coreos` as our username in this example but you should [sign up for a Docker.IO user account](https://www.docker.io/account/signup/) and use that instead. +The image name is in the format of `username/name`. We're going to use `coreos` as our username in this example but you should [sign up for a Docker.IO user account](https://hub.docker.com/account/signup/) and use that instead. -It's important to note that you can commit using any username and image name locally, but to push an image to the public registry, the username must be a valid [Docker.IO user account](https://www.docker.io/account/signup/). +It's important to note that you can commit using any username and image name locally, but to push an image to the public registry, the username must be a valid [Docker.IO user account](https://hub.docker.com/account/signup/). Commit the container with the container ID, your username, and the name `apache`: @@ -131,5 +131,5 @@ docker run -d -p 80:80 registry.example.com:5000/apache /usr/sbin/apache2ctl -D #### More Information docker Overview -Docker Website -docker's Getting Started Guide +Docker Website +docker's Getting Started Guide From b731d2a0951b8a0d85fe9b9d8e7c49055dfab704 Mon Sep 17 00:00:00 2001 From: Alex Sherwin Date: Sun, 7 Sep 2014 19:52:27 -0400 Subject: [PATCH 0227/1291] fixed inticates typo --- cluster-management/setup/cluster-discovery/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster-management/setup/cluster-discovery/index.md b/cluster-management/setup/cluster-discovery/index.md index e66e13aad..64dd22158 100644 --- a/cluster-management/setup/cluster-discovery/index.md +++ b/cluster-management/setup/cluster-discovery/index.md @@ -85,7 +85,7 @@ journalctl _EXE=/usr/bin/coreos-cloudinit ### Stale Tokens -Another common problem with cluster discovery is attempting to boot a new cluster with a stale discovery URL. As explained above, the intial leader election is recorded into the URL, which inticates that the new etcd instance should be joining an existing cluster. +Another common problem with cluster discovery is attempting to boot a new cluster with a stale discovery URL. As explained above, the intial leader election is recorded into the URL, which indicates that the new etcd instance should be joining an existing cluster. If you provide a stale discovery URL, the new machines will attempt to connec to each of the old peer addresses, which will fail since they don't exist, and the bootstrapping process will fail. From 82bf31135908a25218302d06e93be626b423da11 Mon Sep 17 00:00:00 2001 From: Alex Sherwin Date: Sun, 7 Sep 2014 19:53:50 -0400 Subject: [PATCH 0228/1291] fixed "connec" typo --- cluster-management/setup/cluster-discovery/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster-management/setup/cluster-discovery/index.md b/cluster-management/setup/cluster-discovery/index.md index e66e13aad..fd58ef28c 100644 --- a/cluster-management/setup/cluster-discovery/index.md +++ b/cluster-management/setup/cluster-discovery/index.md @@ -87,7 +87,7 @@ journalctl _EXE=/usr/bin/coreos-cloudinit Another common problem with cluster discovery is attempting to boot a new cluster with a stale discovery URL. As explained above, the intial leader election is recorded into the URL, which inticates that the new etcd instance should be joining an existing cluster. -If you provide a stale discovery URL, the new machines will attempt to connec to each of the old peer addresses, which will fail since they don't exist, and the bootstrapping process will fail. +If you provide a stale discovery URL, the new machines will attempt to connect to each of the old peer addresses, which will fail since they don't exist, and the bootstrapping process will fail. If you're thinking, why can't the new machines just form a new cluster if they're all down. There's a really great reason for this — if an etcd peer was in a network partition, it would look exactly like the "full-down" situation and starting a new cluster would form a split-brain. Since etcd will never be able to determine whether a token has been reused or not, it must assume the worst and abort the cluster discovery. From 015edf96553e2bc933e40d1455e0b7a0555fe808 Mon Sep 17 00:00:00 2001 From: Joseph Schorr Date: Mon, 8 Sep 2014 20:11:13 -0400 Subject: [PATCH 0229/1291] Docker run volume paths have to be absolute --- enterprise-registry/initial-setup/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/enterprise-registry/initial-setup/index.md b/enterprise-registry/initial-setup/index.md index be8851433..d160b64fa 100644 --- a/enterprise-registry/initial-setup/index.md +++ b/enterprise-registry/initial-setup/index.md @@ -171,7 +171,7 @@ As part of the setup package, a set of pull credentials have been included. To p The CoreOS Enterprise Registry is run via a `docker run` call, with the `config` and `storage` being the directories created above. - docker run -p 443:443 -p 80:80 --privileged=true -v config:/conf/stack -v storage:/datastorage -d quay.io/coreos/registry + docker run -p 443:443 -p 80:80 --privileged=true -v /local/path/to/config:/conf/stack -v /local/path/to/storage:/datastorage -d quay.io/coreos/registry ## Verifying the Registry status From 870303b56ed572edcaa211cdbf32db588fa8659e Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Tue, 9 Sep 2014 14:53:16 -0700 Subject: [PATCH 0230/1291] sdk tips: fix overflow into sidebar of site --- sdk-distributors/sdk/tips-and-tricks/index.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/sdk-distributors/sdk/tips-and-tricks/index.md b/sdk-distributors/sdk/tips-and-tricks/index.md index 6f539289b..7e3b2de14 100644 --- a/sdk-distributors/sdk/tips-and-tricks/index.md +++ b/sdk-distributors/sdk/tips-and-tricks/index.md @@ -33,7 +33,11 @@ To add a new package fetch the Gentoo package from upstream and add the package If any files in the upstream package will be changed the package can be fetched from upstream Gentoo directly into `src/third_party/coreos-overlay` it may be necessary to create any missing directrories in the path too. e.g. -`~/trunk/src/third_party/coreos-overlay $ mkdir -p sys-block/open-iscsi && rsync -av rsync://rsync.gentoo.org/gentoo-portage/sys-block/open-iscsi/ sys-block/open-iscsi/` + +```sh +~/trunk/src/third_party/coreos-overlay $ mkdir -p sys-block/open-iscsi && rsync -av rsync://rsync.gentoo.org/gentoo-portage/sys-block/open-iscsi/ sys-block/open-iscsi/ +``` + The tailing / prevents rsync from creating the directory for the package so you dont end up with `sys-block/open-iscsi/open-iscsi` Remember to add the new files to git. From 3cb8de13e892466d9679edc55feebce13768a786 Mon Sep 17 00:00:00 2001 From: Yann ROBERT Date: Wed, 10 Sep 2014 11:30:07 +0200 Subject: [PATCH 0231/1291] fixed 2 typos in cluster-discovery page --- cluster-management/setup/cluster-discovery/index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cluster-management/setup/cluster-discovery/index.md b/cluster-management/setup/cluster-discovery/index.md index ff1696735..85c7f178b 100644 --- a/cluster-management/setup/cluster-discovery/index.md +++ b/cluster-management/setup/cluster-discovery/index.md @@ -63,7 +63,7 @@ Second, machine 3 only needed to use one of the addresses stored in the discover ## Existing Clusters -If you're already operating a bootstrapped a cluster with a discovery URL, adding new machines to the cluster is very easy. All you need to do is to boot the new machines with a cloud-config containing the same discovery URL. After boot, the new machines will see that a cluster already exists and attempt to join through one of the addresses stored with the discovery URL. +If you're already operating a bootstrapped cluster with a discovery URL, adding new machines to the cluster is very easy. All you need to do is to boot the new machines with a cloud-config containing the same discovery URL. After boot, the new machines will see that a cluster already exists and attempt to join through one of the addresses stored with the discovery URL. Over time, as machines come and go, the discovery URL will eventually contain addresses of peers that are no longer alive. Each entry in the discovery URL has a TTL of 7 days, which should be long enough to make sure no extended outages cause an address to be removed erroneously. There is no harm in having stale peers in the list until they are cleaned up, since an etcd instance only needs to connect to one valid peer in the cluster to join. @@ -153,4 +153,4 @@ The public discovery service is just an etcd cluster made available to the publi Since etcd is designed to this type of leader election, it was an obvious choice to use it for everyone's initial leader election. This means that it's easy to run your own etcd cluster for this purpose. -If you're interested in how to discovery API works behind the scenes in etcd, read about the [Discovery Protocol](https://github.com/coreos/etcd/blob/master/Documentation/discovery-protocol.md). +If you're interested in how discovery API works behind the scenes in etcd, read about the [Discovery Protocol](https://github.com/coreos/etcd/blob/master/Documentation/discovery-protocol.md). From 1f18a4de7773801cb38f795362a32c57dd43f2d9 Mon Sep 17 00:00:00 2001 From: Joseph Schorr Date: Wed, 10 Sep 2014 14:35:23 -0400 Subject: [PATCH 0232/1291] Add documentation on the new config for user files and the newly supported storage option --- enterprise-registry/initial-setup/index.md | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/enterprise-registry/initial-setup/index.md b/enterprise-registry/initial-setup/index.md index d160b64fa..5c66b82f9 100644 --- a/enterprise-registry/initial-setup/index.md +++ b/enterprise-registry/initial-setup/index.md @@ -115,6 +115,17 @@ DISTRIBUTED_STORAGE_PREFERENCE: ['local'] # secret_key: The GCS secret key # bucket_name: The GCS bucket # +# RadosGWStorage: Registry data is stored in Ceph Object Gateway (RADOS) +# See: http://ceph.com/docs/master/radosgw/admin/ +# +# Required fields: +# hostname: The hostname at which RADOS is running +# is_secure: Whether to use a secure connection +# storage_path: The path under RADOS +# access_key: The access key +# secret_key: The secret key +# bucket_name: The bucket under RADOS +# DISTRIBUTED_STORAGE_CONFIG: local: # The name of the storage provider @@ -133,9 +144,11 @@ DISTRIBUTED_STORAGE_CONFIG: # LDAP_USER_RDN: ['ou=People'] # Where user files (uploaded build packs, other binary data) -# are stored. -USERFILES_PATH: 'datastorage/userfiles' -USERFILES_TYPE: 'LocalUserfiles' +# are stored. Must match a key under DISTRIBUTED_STORAGE_CONFIG. +USERFILES_LOCATION: 'local' + +# The path under the storage where userfiles are stored. +USERFILES_PATH: 'userfiles/' # Required constants. TESTING: false From de21a7f9f935c83344472c0370042419c9d92ea1 Mon Sep 17 00:00:00 2001 From: Joseph Schorr Date: Wed, 10 Sep 2014 14:42:20 -0400 Subject: [PATCH 0233/1291] Review fixes --- enterprise-registry/initial-setup/index.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/enterprise-registry/initial-setup/index.md b/enterprise-registry/initial-setup/index.md index 5c66b82f9..cca7ad849 100644 --- a/enterprise-registry/initial-setup/index.md +++ b/enterprise-registry/initial-setup/index.md @@ -122,8 +122,8 @@ DISTRIBUTED_STORAGE_PREFERENCE: ['local'] # hostname: The hostname at which RADOS is running # is_secure: Whether to use a secure connection # storage_path: The path under RADOS -# access_key: The access key -# secret_key: The secret key +# access_key: An object gateway user access key +# secret_key: An object gateway user secret key # bucket_name: The bucket under RADOS # DISTRIBUTED_STORAGE_CONFIG: @@ -147,7 +147,8 @@ DISTRIBUTED_STORAGE_CONFIG: # are stored. Must match a key under DISTRIBUTED_STORAGE_CONFIG. USERFILES_LOCATION: 'local' -# The path under the storage where userfiles are stored. +# The path under the storage where user files are stored. If the storage has a storage_path, +# this will be a sub-directory under that path. USERFILES_PATH: 'userfiles/' # Required constants. From 5309ac2d6483ab147c11b0b0dafdbe671a6d6c2f Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 11 Sep 2014 10:45:19 -0700 Subject: [PATCH 0234/1291] rackspace: allow for mixed versions of cloud server and onmetal images --- .../cloud-providers/rackspace/index.md | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/running-coreos/cloud-providers/rackspace/index.md b/running-coreos/cloud-providers/rackspace/index.md index e0be3d909..d8ebe611e 100644 --- a/running-coreos/cloud-providers/rackspace/index.md +++ b/running-coreos/cloud-providers/rackspace/index.md @@ -25,7 +25,13 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat
    -

    The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.data.alpha-channel.rackspace-version}}.

    +

    The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. + {% if site.data.alpha-channel.rackspace-version != site.data.alpha-channel.rackspace-onmetal-version %} + Current version for Cloud Servers is CoreOS {{site.data.alpha-channel.rackspace-version}} and the current version for On Metal servers is {{site.data.alpha-channel.rackspace-onmetal-version}}. + {% elsif site.data.alpha-channel.rackspace-version == site.data.alpha-channel.rackspace-onmetal-version %} + Current version is CoreOS {{site.data.alpha-channel.rackspace-version}}. + {% endif %} +

    @@ -67,6 +73,11 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat + + + + +
    {{site.data.beta-channel.rackspace-image-id}} heat-beta.yaml
    OnMetal{{site.data.beta-channel.rackspace-onmetal-id}}heat-onmetal-beta.yaml
    @@ -88,6 +99,11 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat {{site.data.stable-channel.rackspace-image-id}} heat-stable.yaml + + OnMetal + {{site.data.stable-channel.rackspace-onmetal-id}} + heat-onmetal-stable.yaml +
    From 8a3cbfc79d1151f132bb4dcf706b95230fbad46b Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 11 Sep 2014 10:53:38 -0700 Subject: [PATCH 0235/1291] rackspace: support mixed versions for beta and stable channels --- .../cloud-providers/rackspace/index.md | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/running-coreos/cloud-providers/rackspace/index.md b/running-coreos/cloud-providers/rackspace/index.md index d8ebe611e..a123b610f 100644 --- a/running-coreos/cloud-providers/rackspace/index.md +++ b/running-coreos/cloud-providers/rackspace/index.md @@ -57,7 +57,13 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat
    -

    The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.data.beta-channel.rackspace-version}}.

    +

    The beta channel consists of promoted alpha releases. + {% if site.data.beta-channel.rackspace-version != site.data.beta-channel.rackspace-onmetal-version %} + Current version for Cloud Servers is CoreOS {{site.data.beta-channel.rackspace-version}} and the current version for On Metal servers is {{site.data.beta-channel.rackspace-onmetal-version}}. + {% elsif site.data.beta-channel.rackspace-version == site.data.beta-channel.rackspace-onmetal-version %} + Current version is CoreOS {{site.data.beta-channel.rackspace-version}}. + {% endif %} +

    @@ -83,7 +89,13 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat
    -

    The Stable channel should be used by production clusters. Versions of CoreOS are battle-tested within the Beta and Alpha channels before being promoted. Current version is CoreOS {{site.data.stable-channel.rackspace-version}}.

    +

    The Stable channel should be used by production clusters. Versions of CoreOS are battle-tested within the Beta and Alpha channels before being promoted. + {% if site.data.stable-channel.rackspace-version != site.data.stable-channel.rackspace-onmetal-version %} + Current version for Cloud Servers is CoreOS {{site.data.stable-channel.rackspace-version}} and the current version for On Metal servers is {{site.data.stable-channel.rackspace-onmetal-version}}. + {% elsif site.data.stable-channel.rackspace-version == site.data.stable-channel.rackspace-onmetal-version %} + Current version is CoreOS {{site.data.stable-channel.rackspace-version}}. + {% endif %} +

    From 2c37a2f451d15515c3768938864e71796d4985a5 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 11 Sep 2014 11:07:35 -0700 Subject: [PATCH 0236/1291] rackspace: spell OnMetal correctly --- running-coreos/cloud-providers/rackspace/index.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/running-coreos/cloud-providers/rackspace/index.md b/running-coreos/cloud-providers/rackspace/index.md index a123b610f..09db6f239 100644 --- a/running-coreos/cloud-providers/rackspace/index.md +++ b/running-coreos/cloud-providers/rackspace/index.md @@ -27,7 +27,7 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat

    The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. {% if site.data.alpha-channel.rackspace-version != site.data.alpha-channel.rackspace-onmetal-version %} - Current version for Cloud Servers is CoreOS {{site.data.alpha-channel.rackspace-version}} and the current version for On Metal servers is {{site.data.alpha-channel.rackspace-onmetal-version}}. + Current version for Cloud Servers is CoreOS {{site.data.alpha-channel.rackspace-version}} and the current version for OnMetal servers is {{site.data.alpha-channel.rackspace-onmetal-version}}. {% elsif site.data.alpha-channel.rackspace-version == site.data.alpha-channel.rackspace-onmetal-version %} Current version is CoreOS {{site.data.alpha-channel.rackspace-version}}. {% endif %} @@ -59,7 +59,7 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat

    The beta channel consists of promoted alpha releases. {% if site.data.beta-channel.rackspace-version != site.data.beta-channel.rackspace-onmetal-version %} - Current version for Cloud Servers is CoreOS {{site.data.beta-channel.rackspace-version}} and the current version for On Metal servers is {{site.data.beta-channel.rackspace-onmetal-version}}. + Current version for Cloud Servers is CoreOS {{site.data.beta-channel.rackspace-version}} and the current version for OnMetal servers is {{site.data.beta-channel.rackspace-onmetal-version}}. {% elsif site.data.beta-channel.rackspace-version == site.data.beta-channel.rackspace-onmetal-version %} Current version is CoreOS {{site.data.beta-channel.rackspace-version}}. {% endif %} @@ -91,7 +91,7 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat

    The Stable channel should be used by production clusters. Versions of CoreOS are battle-tested within the Beta and Alpha channels before being promoted. {% if site.data.stable-channel.rackspace-version != site.data.stable-channel.rackspace-onmetal-version %} - Current version for Cloud Servers is CoreOS {{site.data.stable-channel.rackspace-version}} and the current version for On Metal servers is {{site.data.stable-channel.rackspace-onmetal-version}}. + Current version for Cloud Servers is CoreOS {{site.data.stable-channel.rackspace-version}} and the current version for OnMetal servers is {{site.data.stable-channel.rackspace-onmetal-version}}. {% elsif site.data.stable-channel.rackspace-version == site.data.stable-channel.rackspace-onmetal-version %} Current version is CoreOS {{site.data.stable-channel.rackspace-version}}. {% endif %} From b5d2f6cfd62b172d351dbb1395d1d077ce8a6e66 Mon Sep 17 00:00:00 2001 From: Brian Rak Date: Fri, 12 Sep 2014 15:57:59 -0400 Subject: [PATCH 0237/1291] Update Vultr documentation to add additional command line option, correct some links --- running-coreos/cloud-providers/vultr/index.md | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) mode change 100644 => 100755 running-coreos/cloud-providers/vultr/index.md diff --git a/running-coreos/cloud-providers/vultr/index.md b/running-coreos/cloud-providers/vultr/index.md old mode 100644 new mode 100755 index 4a95c8430..e36fd4c24 --- a/running-coreos/cloud-providers/vultr/index.md +++ b/running-coreos/cloud-providers/vultr/index.md @@ -10,9 +10,9 @@ weight: 10 These instructions will walk you through running a single CoreOS node. This guide assumes: -* You have an account at [Vultr.com](http://vultr.com). +* You have an account at [Vultr.com](https://www.vultr.com). * The location of your iPXE script (referenced later in the guide) is located at ```http://example.com/script.txt``` -* You have a public + private key combination generated. Here's a helpful guide if you need to generate these keys: [How to set up SSH keys](https://www.digitalocean.com/community/articles/how-to-set-up-ssh-keys--2). +* You have a public + private key combination generated. Here's a helpful guide if you need to generate these keys: [How to set up SSH keys](https://help.github.com/articles/generating-ssh-keys). The simplest option to boot up CoreOS is to load a script that contains the series of commands you'd otherwise need to manually type at the command line. This script needs to be publicly accessible (host this file on your own server). Save this script as a text file (.txt extension). @@ -36,7 +36,7 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat 

    #!ipxe
 
 set base-url http://alpha.release.core-os.net/amd64-usr/current
-kernel ${base-url}/coreos_production_pxe.vmlinuz sshkey="YOUR_PUBLIC_KEY_HERE"
+kernel ${base-url}/coreos_production_pxe.vmlinuz cloud-config-url=http://169.254.169.254/2014-09-12/coreos-init sshkey="YOUR_PUBLIC_KEY_HERE"
 initrd ${base-url}/coreos_production_pxe_image.cpio.gz
 boot
    @@ -49,7 +49,7 @@ boot 
    #!ipxe
 
 set base-url http://beta.release.core-os.net/amd64-usr/current
-kernel ${base-url}/coreos_production_pxe.vmlinuz sshkey="YOUR_PUBLIC_KEY_HERE"
+kernel ${base-url}/coreos_production_pxe.vmlinuz cloud-config-url=http://169.254.169.254/2014-09-12/coreos-init sshkey="YOUR_PUBLIC_KEY_HERE"
 initrd ${base-url}/coreos_production_pxe_image.cpio.gz
 boot
    @@ -62,7 +62,7 @@ boot 
    #!ipxe
 
 set base-url http://stable.release.core-os.net/amd64-usr/current
-kernel ${base-url}/coreos_production_pxe.vmlinuz sshkey="YOUR_PUBLIC_KEY_HERE"
+kernel ${base-url}/coreos_production_pxe.vmlinuz cloud-config-url=http://169.254.169.254/2014-09-12/coreos-init sshkey="YOUR_PUBLIC_KEY_HERE"
 initrd ${base-url}/coreos_production_pxe_image.cpio.gz
 boot
    @@ -75,11 +75,11 @@ Additional reading can be found at [Booting CoreOS with iPXE](http://coreos.com/ ## Using Cloud-Config -Please be sure to check out [Using Cloud-Config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config). +Please be sure to check out [Using Cloud-Config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config). -In particular, please note that the `$private_ipv4` and `$public_ipv4` variables are NOT supported on `vultr`. +In particular, note that the `$private_ipv4` and `$public_ipv4` variables are only supported on Vultr if you have the 'cloud-config-url' option set on your kernel command line. -In other words, you will need to hard code these values into your `cloud-config` file. +Without this option, you will need to hard code these values into your `cloud-config` file. ## Create the VPS @@ -122,4 +122,4 @@ Now that you have a cluster bootstrapped it is time to play around. CoreOS is currently running from RAM, based on the loaded image. You may want to [install it on the disk]({{site.url}}/docs/running-coreos/bare-metal/installing-to-disk). Note that when following these instructions on Vultr, the device name should be `/dev/vda` rather than `/dev/sda`. -Check out the [CoreOS Quickstart]({{site.url}}/docs/quickstart) guide or dig into [more specific topics]({{site.url}}/docs). \ No newline at end of file +Check out the [CoreOS Quickstart]({{site.url}}/docs/quickstart) guide or dig into [more specific topics]({{site.url}}/docs). From 65d091f3a22e7ae3d31a7f148100d03ae7e9a5ef Mon Sep 17 00:00:00 2001 From: Geoff Hill Date: Mon, 15 Sep 2014 15:25:40 -0700 Subject: [PATCH 0238/1291] Spelling: fix typo: "varaible" Signed-off-by: Geoff Hill --- distributed-configuration/customize-etcd-unit/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/distributed-configuration/customize-etcd-unit/index.md b/distributed-configuration/customize-etcd-unit/index.md index 715dace54..16ce7bd11 100644 --- a/distributed-configuration/customize-etcd-unit/index.md +++ b/distributed-configuration/customize-etcd-unit/index.md @@ -13,7 +13,7 @@ The etcd systemd unit can be customized by overriding the unit that ships with t ## Use Client Certificates -etcd supports client certificates as a way to provide secure communication between clients ↔ leader and internal traffic between etcd peers in the cluster. Configuring certificates for both scenarios is done through environment varaibles. We can use a systemd drop-in unit to augment the unit that ships with CoreOS. +etcd supports client certificates as a way to provide secure communication between clients ↔ leader and internal traffic between etcd peers in the cluster. Configuring certificates for both scenarios is done through environment variables. We can use a systemd drop-in unit to augment the unit that ships with CoreOS. This site has a [good reference for how to generate self-signed key pairs](http://www.g-loaded.eu/2005/11/10/be-your-own-ca/) or you could use [etcd-ca](https://github.com/coreos/etcd-ca) to generate certs and keys. From 550e10f3166890fc660d8b19b24e6d2fd3878cb9 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Mon, 15 Sep 2014 16:54:41 -0700 Subject: [PATCH 0239/1291] launching-containers: warn about detached mode --- .../building/getting-started-with-docker/index.md | 4 +++- .../launching/getting-started-with-systemd/index.md | 2 +- .../launching/launching-containers-fleet/index.md | 2 ++ 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/launching-containers/building/getting-started-with-docker/index.md b/launching-containers/building/getting-started-with-docker/index.md index b78a9eb0d..d05f4644f 100644 --- a/launching-containers/building/getting-started-with-docker/index.md +++ b/launching-containers/building/getting-started-with-docker/index.md @@ -67,12 +67,14 @@ docker run [options] coreos/apache [process] ### Run Container Detached -The most important option is to run the container in detached mode with the `-d` flag. This will output the container ID to show that the command was successful, but nothing else. At any time you can run `docker ps` in the other shell to view a list of the running containers. Our command now looks like: +When running docker containers manually, the most important option is to run the container in detached mode with the `-d` flag. This will output the container ID to show that the command was successful, but nothing else. At any time you can run `docker ps` in the other shell to view a list of the running containers. Our command now looks like: ```sh docker run -d coreos/apache [process] ``` +After you are comfortable with the mechanics of running containers by hand, it's recommeneded to use [systemd units]({{site.url}}/docs/launching-containers/launching/getting-started-with-systemd) and/or [fleet]({{site.url}}/docs/launching-containers/launching/launching-containers-fleet) to run your containers on a cluster of CoreOS machines. + ### Run Apache in Foreground We need to run the apache process in the foreground, since our container will stop when the process specified in the `docker run` command stops. We can do this with a flag `-D` when starting the apache2 process: diff --git a/launching-containers/launching/getting-started-with-systemd/index.md b/launching-containers/launching/getting-started-with-systemd/index.md index 416ab392b..70af026cb 100644 --- a/launching-containers/launching/getting-started-with-systemd/index.md +++ b/launching-containers/launching/getting-started-with-systemd/index.md @@ -44,7 +44,7 @@ The description shows up in the systemd log and a few other places. Write someth `After=docker.service` and `Requires=docker.service` means this unit will only start after `docker.service` is active. You can define as many of these as you want. -`ExecStart=` allows you to specify any command that you'd like to run when this unit is started. +`ExecStart=` allows you to specify any command that you'd like to run when this unit is started. The pid assigned to this process is what systemd will monitor to determine whether the process has crashed or not. Do not run docker containers with `-d` as this will prevent the container from starting as a child of this pid. systemd will think the process has exited and the unit will be stopped. `WantedBy=` is the target that this unit is a part of. diff --git a/launching-containers/launching/launching-containers-fleet/index.md b/launching-containers/launching/launching-containers-fleet/index.md index ffac118d8..ee6675501 100644 --- a/launching-containers/launching/launching-containers-fleet/index.md +++ b/launching-containers/launching/launching-containers-fleet/index.md @@ -34,6 +34,8 @@ ExecStart=/usr/bin/docker run --name busybox1 busybox /bin/sh -c "while true; do ExecStop=/usr/bin/docker stop busybox1 ``` +If you've been running docker commands manually, be sure you don't copy a `docker run` command that starts a container in detached mode (`-d`). Detached mode won't start the container as a child of the unit's pid. This will cause the unit to run for just a few seconds and then exit. + Run the start command to start up the container on the cluster: ```sh From 6bf93fdf4a9da7dc6141c00396a683a3ff6db0ac Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Mon, 15 Sep 2014 18:12:37 -0700 Subject: [PATCH 0240/1291] launching-containers-fleet: remove deprecated X- prefix --- .../launching-containers-fleet/index.md | 34 +++++++++---------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/launching-containers/launching/launching-containers-fleet/index.md b/launching-containers/launching/launching-containers-fleet/index.md index 41fe6f77d..2628fa189 100644 --- a/launching-containers/launching/launching-containers-fleet/index.md +++ b/launching-containers/launching/launching-containers-fleet/index.md @@ -113,10 +113,10 @@ ExecStart=/usr/bin/docker run -rm --name apache1 -p 80:80 coreos/apache /usr/sbi ExecStop=/usr/bin/docker stop apache1 [X-Fleet] -X-Conflicts=apache.*.service +Conflicts=apache.*.service ``` -The `X-Conflicts` attribute tells `fleet` that these two services can't be run on the same machine, giving us high availability. A full list of options for this section can be found in the [fleet units guide]({{site.url}}/docs/launching-containers/launching/fleet-unit-files/). +The `Conflicts` attribute tells `fleet` that these two services can't be run on the same machine, giving us high availability. A full list of options for this section can be found in the [fleet units guide]({{site.url}}/docs/launching-containers/launching/fleet-unit-files/). Let's start both units and verify that they're on two different machines: @@ -147,14 +147,14 @@ ExecStart=/bin/sh -c "while true; do etcdctl set /services/website/apache1 '{ \" ExecStop=/usr/bin/etcdctl rm /services/website/apache1 [X-Fleet] -X-ConditionMachineOf=apache.1.service +ConditionMachineOf=apache.1.service ``` This unit has a few interesting properties. First, it uses `BindsTo` to link the unit to our `apache.1.service` unit. When the Apache unit is stopped, this unit will stop as well, causing it to be removed from our `/services/website` directory in `etcd`. A TTL of 60 seconds is also being used here to remove the unit from the directory if our machine suddenly died for some reason. Second is `%H`, a variable built into systemd, that represents the hostname of the machine running this unit. Variable usage is covered in our [Getting Started with systemd]({{site.url}}/docs/launching-containers/launching/getting-started-with-systemd/#unit-variables) guide as well as in [systemd documentation](http://www.freedesktop.org/software/systemd/man/systemd.unit.html#Specifiers). -The third is a [fleet-specific property]({{site.url}}/docs/launching-containers/launching/fleet-unit-files/) called `X-ConditionMachineOf`. This property causes the unit to be placed onto the same machine that `apache.1.service` is running on. +The third is a [fleet-specific property]({{site.url}}/docs/launching-containers/launching/fleet-unit-files/) called `ConditionMachineOf`. This property causes the unit to be placed onto the same machine that `apache.1.service` is running on. Let's verify that each unit was placed on to the same machine as the Apache service is bound to: @@ -253,33 +253,33 @@ The unit file for a service that does a lot of disk I/O but doesn't care where i ```ini [X-Fleet] -X-ConditionMachineMetadata=disk=ssd +ConditionMachineMetadata=disk=ssd ``` If you wanted to ensure very high availability you could have 3 unit files that must be scheduled across providers but in the same region: ```ini [X-Fleet] -X-Conflicts=webapp* -X-ConditionMachineMetadata=provider=rackspace -X-ConditionMachineMetadata=platform=metal -X-ConditionMachineMetadata=region=east +Conflicts=webapp* +ConditionMachineMetadata=provider=rackspace +ConditionMachineMetadata=platform=metal +ConditionMachineMetadata=region=east ``` ```ini [X-Fleet] -X-Conflicts=webapp* -X-ConditionMachineMetadata=provider=rackspace -X-ConditionMachineMetadata=platform=cloud -X-ConditionMachineMetadata=region=east +Conflicts=webapp* +ConditionMachineMetadata=provider=rackspace +ConditionMachineMetadata=platform=cloud +ConditionMachineMetadata=region=east ``` ```ini [X-Fleet] -X-Conflicts=webapp* -X-ConditionMachineMetadata=provider=amazon -X-ConditionMachineMetadata=platform=cloud -X-ConditionMachineMetadata=region=east +Conflicts=webapp* +ConditionMachineMetadata=provider=amazon +ConditionMachineMetadata=platform=cloud +ConditionMachineMetadata=region=east ``` #### More Information From ff6a8939c7e41db05115f804741dabe81303f31c Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Mon, 15 Sep 2014 22:33:46 -0700 Subject: [PATCH 0241/1291] launching-containers: clarify global units + machine metadata --- .../launching/launching-containers-fleet/index.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/launching-containers/launching/launching-containers-fleet/index.md b/launching-containers/launching/launching-containers-fleet/index.md index 2628fa189..18e0a62ff 100644 --- a/launching-containers/launching/launching-containers-fleet/index.md +++ b/launching-containers/launching/launching-containers-fleet/index.md @@ -226,6 +226,8 @@ datadog.service 491586a6.../10.10.1.2 active running datadog.service c9de9451.../10.10.1.3 active running ``` +Global units can deployed to a subset of matching machines with the `MachineMetadata` parameter, which is explained in the next section. + ## Schedule Based on Machine Metadata Applications with complex and specific requirements can target a subset of the cluster for scheduling via machine metadata. Powerful deployment topologies can be achieved — schedule units based on the machine's region, rack location, disk speed or anything else you can think of. From 8cb82346ab2eb2aa98f4e4c4d80361a65838e6ed Mon Sep 17 00:00:00 2001 From: Jesse White Date: Tue, 16 Sep 2014 09:46:27 -0400 Subject: [PATCH 0242/1291] Fixed Sidekick fleetctl launch command to launch all services. --- .../launching/launching-containers-fleet/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/launching-containers/launching/launching-containers-fleet/index.md b/launching-containers/launching/launching-containers-fleet/index.md index 18e0a62ff..1e8e3f836 100644 --- a/launching-containers/launching/launching-containers-fleet/index.md +++ b/launching-containers/launching/launching-containers-fleet/index.md @@ -159,7 +159,7 @@ The third is a [fleet-specific property]({{site.url}}/docs/launching-containers/ Let's verify that each unit was placed on to the same machine as the Apache service is bound to: ```sh -$ fleetctl start apache-discovery.1.service +$ fleetctl start apache-discovery.*.service $ fleetctl list-units UNIT MACHINE ACTIVE SUB myapp.service c9de9451.../10.10.1.3 active running From 852a4e1ff04d05600de6a907fe1a3a186c6716d9 Mon Sep 17 00:00:00 2001 From: Jesse White Date: Tue, 16 Sep 2014 15:36:04 -0400 Subject: [PATCH 0243/1291] X-Fleet variable requires 'X-' prefix. - The older 'ConditionMachineOf' nomenclature requires 'X-' - Can also be updated to 'MachineOf' from v.0.8.0, but that doesn't match the rest of the documentation. --- .../launching/launching-containers-fleet/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/launching-containers/launching/launching-containers-fleet/index.md b/launching-containers/launching/launching-containers-fleet/index.md index 1e8e3f836..ed03e8ce7 100644 --- a/launching-containers/launching/launching-containers-fleet/index.md +++ b/launching-containers/launching/launching-containers-fleet/index.md @@ -147,7 +147,7 @@ ExecStart=/bin/sh -c "while true; do etcdctl set /services/website/apache1 '{ \" ExecStop=/usr/bin/etcdctl rm /services/website/apache1 [X-Fleet] -ConditionMachineOf=apache.1.service +X-ConditionMachineOf=apache.1.service ``` This unit has a few interesting properties. First, it uses `BindsTo` to link the unit to our `apache.1.service` unit. When the Apache unit is stopped, this unit will stop as well, causing it to be removed from our `/services/website` directory in `etcd`. A TTL of 60 seconds is also being used here to remove the unit from the directory if our machine suddenly died for some reason. From 9a75ca7e2a372a643160a8536d87af9ffbcda6d3 Mon Sep 17 00:00:00 2001 From: Jesse White Date: Tue, 16 Sep 2014 16:21:34 -0400 Subject: [PATCH 0244/1291] Moving X-Fleet variable to 'MachineOf'. --- .../launching/launching-containers-fleet/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/launching-containers/launching/launching-containers-fleet/index.md b/launching-containers/launching/launching-containers-fleet/index.md index ed03e8ce7..655056ead 100644 --- a/launching-containers/launching/launching-containers-fleet/index.md +++ b/launching-containers/launching/launching-containers-fleet/index.md @@ -147,7 +147,7 @@ ExecStart=/bin/sh -c "while true; do etcdctl set /services/website/apache1 '{ \" ExecStop=/usr/bin/etcdctl rm /services/website/apache1 [X-Fleet] -X-ConditionMachineOf=apache.1.service +MachineOf=apache.1.service ``` This unit has a few interesting properties. First, it uses `BindsTo` to link the unit to our `apache.1.service` unit. When the Apache unit is stopped, this unit will stop as well, causing it to be removed from our `/services/website` directory in `etcd`. A TTL of 60 seconds is also being used here to remove the unit from the directory if our machine suddenly died for some reason. From 4e6aeda2c76dc0e1baed5edddc21ec27e7c363e0 Mon Sep 17 00:00:00 2001 From: Isaac Date: Wed, 17 Sep 2014 09:04:34 +1200 Subject: [PATCH 0245/1291] escape JSON in DigitalOcean curl example Fixes invalid JSON error for cloud configs that contain double quotes. --- running-coreos/cloud-providers/digitalocean/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/running-coreos/cloud-providers/digitalocean/index.md b/running-coreos/cloud-providers/digitalocean/index.md index e3b7e743e..4967d4801 100644 --- a/running-coreos/cloud-providers/digitalocean/index.md +++ b/running-coreos/cloud-providers/digitalocean/index.md @@ -145,7 +145,7 @@ curl --request POST "https://api.digitalocean.com/v2/droplets" \ "name":"core-1", "private_networking":true, "ssh_keys":['$SSH_KEY_ID'], - "user_data": "'"$(cat cloud-config.yaml)"'" + "user_data": "'"$(cat cloud-config.yaml | sed 's/"/\\"/g')"'" }' ``` From aaa7567a02e17f9d10ba7c5cc179ab2ead89edaf Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Tue, 16 Sep 2014 14:36:13 -0700 Subject: [PATCH 0246/1291] launching-containers-fleet: update deprecated X-Fleet parameters --- .../launching-containers-fleet/index.md | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/launching-containers/launching/launching-containers-fleet/index.md b/launching-containers/launching/launching-containers-fleet/index.md index abf1b07f0..fde584c2c 100644 --- a/launching-containers/launching/launching-containers-fleet/index.md +++ b/launching-containers/launching/launching-containers-fleet/index.md @@ -156,7 +156,7 @@ This unit has a few interesting properties. First, it uses `BindsTo` to link the Second is `%H`, a variable built into systemd, that represents the hostname of the machine running this unit. Variable usage is covered in our [Getting Started with systemd]({{site.url}}/docs/launching-containers/launching/getting-started-with-systemd/#unit-variables) guide as well as in [systemd documentation](http://www.freedesktop.org/software/systemd/man/systemd.unit.html#Specifiers). -The third is a [fleet-specific property]({{site.url}}/docs/launching-containers/launching/fleet-unit-files/) called `ConditionMachineOf`. This property causes the unit to be placed onto the same machine that `apache.1.service` is running on. +The third is a [fleet-specific property]({{site.url}}/docs/launching-containers/launching/fleet-unit-files/) called `MachineOf`. This property causes the unit to be placed onto the same machine that `apache.1.service` is running on. Let's verify that each unit was placed on to the same machine as the Apache service is bound to: @@ -265,25 +265,25 @@ If you wanted to ensure very high availability you could have 3 unit files that ```ini [X-Fleet] Conflicts=webapp* -ConditionMachineMetadata=provider=rackspace -ConditionMachineMetadata=platform=metal -ConditionMachineMetadata=region=east +MachineMetadata=provider=rackspace +MachineMetadata=platform=metal +MachineMetadata=region=east ``` ```ini [X-Fleet] Conflicts=webapp* -ConditionMachineMetadata=provider=rackspace -ConditionMachineMetadata=platform=cloud -ConditionMachineMetadata=region=east +MachineMetadata=provider=rackspace +MachineMetadata=platform=cloud +MachineMetadata=region=east ``` ```ini [X-Fleet] Conflicts=webapp* -ConditionMachineMetadata=provider=amazon -ConditionMachineMetadata=platform=cloud -ConditionMachineMetadata=region=east +MachineMetadata=provider=amazon +MachineMetadata=platform=cloud +MachineMetadata=region=east ``` #### More Information From e62b56a4e5fa1257e18ed8630abebdf084ee6cf7 Mon Sep 17 00:00:00 2001 From: Jeremy Plichta Date: Thu, 18 Sep 2014 16:02:35 -0600 Subject: [PATCH 0247/1291] change unit file to use /bin/bash so subshell expansion works --- .../launching/launching-containers-fleet/index.md | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/launching-containers/launching/launching-containers-fleet/index.md b/launching-containers/launching/launching-containers-fleet/index.md index fde584c2c..a5a1c3bb8 100644 --- a/launching-containers/launching/launching-containers-fleet/index.md +++ b/launching-containers/launching/launching-containers-fleet/index.md @@ -11,7 +11,7 @@ weight: 2 `fleet` is a cluster manager that controls `systemd` at the cluster level. To run your services in the cluster, you must submit regular systemd units combined with a few [fleet-specific properties]({{site.url}}/docs/launching-containers/launching/fleet-unit-files/). -If you're not familiar with systemd units, check out our [Getting Started with systemd]({{site.url}}/docs/launching-containers/launching/getting-started-with-systemd) guide. +If you're not familiar with systemd units, check out our [Getting Started with systemd]({{site.url}}/docs/launching-containers/launching/getting-started-with-systemd) guide. This guide assumes you're running `fleetctl` locally from a CoreOS machine that's part of a CoreOS cluster. You can also [control your cluster remotely]({{site.url}}/docs/launching-containers/launching/fleet-using-the-client/#get-up-and-running). All of the units referenced in this blog post are contained in the [unit-examples](https://github.com/coreos/unit-examples/tree/master/simple-fleet) repository. You can clone this onto your CoreOS box to make unit submission easier. @@ -200,13 +200,14 @@ Description=Monitoring Service TimeoutStartSec=0 ExecStartPre=-/usr/bin/docker kill dd-agent ExecStartPre=-/usr/bin/docker rm dd-agent -ExecStartPre=/usr/bin/docker pull dd-agent -ExecStart=/usr/bin/docker run --privileged --name dd-agent -h `hostname` \ +ExecStartPre=/usr/bin/docker pull datadog/docker-dd-agent +ExecStart=/usr/bin/bash -c \ +"/usr/bin/docker run --privileged --name dd-agent -h `hostname` \ -v /var/run/docker.sock:/var/run/docker.sock \ -v /proc/mounts:/host/proc/mounts:ro \ -v /sys/fs/cgroup/:/host/sys/fs/cgroup:ro \ -e API_KEY=`etcdctl get /ddapikey` \ -datadog/docker-dd-agent +datadog/docker-dd-agent" [X-Fleet] Global=true From 0e73fab250425ede7b0c959848b97becdf251c5d Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 18 Sep 2014 16:32:01 -0700 Subject: [PATCH 0248/1291] digitalocean: add beta tab --- .../cloud-providers/digitalocean/index.md | 22 ++++++++++++++----- 1 file changed, 16 insertions(+), 6 deletions(-) diff --git a/running-coreos/cloud-providers/digitalocean/index.md b/running-coreos/cloud-providers/digitalocean/index.md index 4967d4801..e6d8e85b1 100644 --- a/running-coreos/cloud-providers/digitalocean/index.md +++ b/running-coreos/cloud-providers/digitalocean/index.md @@ -22,11 +22,11 @@ The following command will create a single droplet. For more details, check out
    -
    +

    The alpha channel closely tracks master and frequently has new releases. The newest versions of docker, etcd, and fleet will be available for testing. Current version is CoreOS {{site.data.alpha-channel.do-version}}.

    Launch CoreOS Droplet

    @@ -42,10 +42,20 @@ The following command will create a single droplet. For more details, check out "name":"core-1"}'
    -
    +
    -

    CoreOS on DigitalOcean is new! There haven't been any beta images yet.

    -

    Alpha images can be switched to the beta channel.

    +

    The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.data.beta-channel.do-version}}.

    + Launch CoreOS Droplet

    +

    Launch via DigitalOcean API by specifying $REGION, $SIZE and $SSH_KEY_ID:

    + 
    curl --request POST "https://api.digitalocean.com/v2/droplets" \
+     --header "Content-Type: application/json" \
+     --header "Authorization: Bearer $TOKEN" \
+     --data '{"region":"'"${REGION}"'",
+        "image":"{{site.data.beta-channel.do-image-path}}",
+        "size":"'"$SIZE"'",
+        "user_data": "'"$(cat ~/cloud-config.yaml)"'",
+        "ssh_keys":["'"$SSH_KEY_ID"'"],
+        "name":"core-1"}'
    From 7919ff32093dc9f7559120aee9d7de8eb04c6b43 Mon Sep 17 00:00:00 2001 From: Chris James Date: Thu, 18 Sep 2014 20:19:54 -0500 Subject: [PATCH 0249/1291] s/conatiner/container/ --- .../launching/getting-started-with-systemd/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/launching-containers/launching/getting-started-with-systemd/index.md b/launching-containers/launching/getting-started-with-systemd/index.md index 70af026cb..89e97117c 100644 --- a/launching-containers/launching/getting-started-with-systemd/index.md +++ b/launching-containers/launching/getting-started-with-systemd/index.md @@ -87,7 +87,7 @@ The full list is located on the [systemd man page](http://www.freedesktop.org/so Let's put a few of these concepts together to register new units within etcd. Imagine we had another container running that would read these values from etcd and act upon them. -We can use `ExecStartPre` to scrub existing conatiner state. The `docker kill` will force any previous copy of this container to stop, which is useful if we restarted the unit but docker didn't stop the container for some reason. The `=-` is systemd syntax to ignore errors for this command. We need to do this because docker will return a non-zero exit code if we try to stop a container that doesn't exist. We don't consider this an error (because we want the container stopped) so we tell systemd to ignore the possible failure. +We can use `ExecStartPre` to scrub existing container state. The `docker kill` will force any previous copy of this container to stop, which is useful if we restarted the unit but docker didn't stop the container for some reason. The `=-` is systemd syntax to ignore errors for this command. We need to do this because docker will return a non-zero exit code if we try to stop a container that doesn't exist. We don't consider this an error (because we want the container stopped) so we tell systemd to ignore the possible failure. `docker rm` will remove the container and `docker pull` will pull down the latest version. You can optionally pull down a specific version as a docker tag: `coreos/apache:1.2.3` From d1cbb87c853fdf9b0df870abe8d3a017174174ee Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Fri, 19 Sep 2014 09:51:11 -0700 Subject: [PATCH 0250/1291] quickstart: fix link formatting --- quickstart/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/quickstart/index.md b/quickstart/index.md index e69a2280f..92b61d442 100644 --- a/quickstart/index.md +++ b/quickstart/index.md @@ -60,7 +60,7 @@ coreos: discovery: https://discovery.etcd.io/ ``` -In order to get the discovery token, visit [https://discovery.etcd.io/new] and you will receive a URL including your token. Paste the whole thing into your cloud-config file. +In order to get the discovery token, visit [https://discovery.etcd.io/new](https://discovery.etcd.io/new) and you will receive a URL including your token. Paste the whole thing into your cloud-config file. The API is easy to use. From a CoreOS machine, you can simply use curl to set and retrieve a key from etcd: From 1fa5d2b1d174546e125b0d51cec4f339728a7b56 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Tue, 23 Sep 2014 14:45:09 -0700 Subject: [PATCH 0251/1291] networkd: add cloud-config example for static networking --- .../network-config-with-networkd/index.md | 31 +++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/cluster-management/setup/network-config-with-networkd/index.md b/cluster-management/setup/network-config-with-networkd/index.md index e53a7f4e0..e38740aa1 100644 --- a/cluster-management/setup/network-config-with-networkd/index.md +++ b/cluster-management/setup/network-config-with-networkd/index.md @@ -33,6 +33,37 @@ Place the file in `/etc/systemd/network/`. To apply the configuration, run: sudo systemctl restart systemd-networkd ``` +### Cloud-Config + +Setting up static networking in your cloud-config can be done by writing out the network unit. Be sure to modify the `[Match]` section with the name of your desired interface, and replace the IPs: + +```yaml +#cloud-config + +coreos: + etcd: + # generate a new token for each unique cluster from https://discovery.etcd.io/new + discovery: https://discovery.etcd.io/ + # multi-region and multi-cloud deployments need to use $public_ipv4 + addr: 10.0.0.101:4001 + peer-addr: 10.0.0.101:7001 + units: + - name: etcd.service + command: start + - name: fleet.service + command: start + - name: 00-eth0.network + runtime: true + content: | + [Match] + Name=eth0 + + [Network] + DNS=1.2.3.4 + Address=10.0.0.101/24 + Gateway=10.0.0.1 +``` + ## Turn Off DHCP If you'd like to use DHCP on all interfaces except `enp2s0`, create two files. They'll be checked in lexical order, as described in the [full network docs](http://www.freedesktop.org/software/systemd/man/systemd-networkd.service.html). Any interfaces matching during earlier files will be ignored during later files. From 2e5650d7c9818a3dc8aaab95f2094fa265fa646e Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Wed, 24 Sep 2014 12:05:19 -0700 Subject: [PATCH 0252/1291] iso: add info about coreos.autologin --- running-coreos/platforms/iso/index.md | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/running-coreos/platforms/iso/index.md b/running-coreos/platforms/iso/index.md index 9b3943469..bee66af20 100644 --- a/running-coreos/platforms/iso/index.md +++ b/running-coreos/platforms/iso/index.md @@ -55,4 +55,10 @@ The latest CoreOS ISOs can be downloaded from the image storage site: ## Install to Disk -The most common use-case for this ISO is to install CoreOS to disk. You can [find those instructions here]({{site.url}}/docs/running-coreos/bare-metal/installing-to-disk). \ No newline at end of file +The most common use-case for this ISO is to install CoreOS to disk. You can [find those instructions here]({{site.url}}/docs/running-coreos/bare-metal/installing-to-disk). + +## Bypass Authentication + +If you need to bypass authentication in order to install, the kernel option `coreos.autologin` allows you to drop directly to a shell on a given console without prompting for a password. Useful for troubleshooting but use with caution. + +For any console that doesn't normally get a login prompt by default be sure to combine with the `console` option, e.g. `console=tty0 console=ttyS0 coreos.autologin=tty1 coreos.autologin=ttyS0`. Without any argument it enables access on all consoles. Note that for the VGA console the login prompts are on virtual terminals (`tty1`, `tty2`, etc), not the VGA console itself (`tty0`). \ No newline at end of file From b97c22f93e8d2866673a70b26098fcc94051b3a4 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Wed, 24 Sep 2014 12:02:16 -0700 Subject: [PATCH 0253/1291] pxe: remove experimental note on btrfs and clarify limitation --- running-coreos/bare-metal/booting-with-pxe/index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/running-coreos/bare-metal/booting-with-pxe/index.md b/running-coreos/bare-metal/booting-with-pxe/index.md index c6500322e..2bcd405eb 100644 --- a/running-coreos/bare-metal/booting-with-pxe/index.md +++ b/running-coreos/bare-metal/booting-with-pxe/index.md @@ -26,10 +26,10 @@ If you need suggestions on how to set a server up, check out guides for [Debian] When configuring the CoreOS pxelinux.cfg there are a few kernel options that may be useful but all are optional. -If you plan to use docker, `/var/lib/docker` must have a btrfs filesystem. This is most easily accomplished by using btrfs for the entire root filesystem via `rootfstype=btrfs`, although this option is still experimental. +If you plan to use docker, `/var/lib/docker` must have a btrfs filesystem. This is most easily accomplished by using btrfs for the entire root filesystem via `rootfstype=btrfs`. - **rootfstype=tmpfs**: Use tmpfs for the writable root filesystem. This is the default behavior. -- **rootfstype=btrfs**: Use btrfs in ram for the writable root filesystem. *Experimental* +- **rootfstype=btrfs**: Use btrfs in RAM for the writable root filesystem. The filesystem will consume more RAM as it grows, up to a max of 50%. The limit isn't currently configurable. - **root**: Use a local filesystem for root instead of one of two in-ram options above. The filesystem must be formatted in advance but may be completely blank, it will be initialized on boot. The filesystem may be specified by any of the usual ways including device, label, or UUID; e.g: `root=/dev/sda1`, `root=LABEL=ROOT` or `root=UUID=2c618316-d17a-4688-b43b-aa19d97ea821`. - **sshkey**: Add the given SSH public key to the `core` user's authorized_keys file. Replace the example key below with your own (it is usually in `~/.ssh/id_rsa.pub`) - **console**: Enable kernel output and a login prompt on a given tty. The default, `tty0`, generally maps to VGA. Can be used multiple times, e.g. `console=tty0 console=ttyS0` From a4e746264858ab2f60dab9479fec90387e4d3df4 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Fri, 26 Sep 2014 14:17:14 -0700 Subject: [PATCH 0254/1291] docs: hardcode broken links --- .../launching-containers-fleet/index.md | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/launching-containers/launching/launching-containers-fleet/index.md b/launching-containers/launching/launching-containers-fleet/index.md index a5a1c3bb8..f5ed89b89 100644 --- a/launching-containers/launching/launching-containers-fleet/index.md +++ b/launching-containers/launching/launching-containers-fleet/index.md @@ -13,7 +13,7 @@ weight: 2 If you're not familiar with systemd units, check out our [Getting Started with systemd]({{site.url}}/docs/launching-containers/launching/getting-started-with-systemd) guide. -This guide assumes you're running `fleetctl` locally from a CoreOS machine that's part of a CoreOS cluster. You can also [control your cluster remotely]({{site.url}}/docs/launching-containers/launching/fleet-using-the-client/#get-up-and-running). All of the units referenced in this blog post are contained in the [unit-examples](https://github.com/coreos/unit-examples/tree/master/simple-fleet) repository. You can clone this onto your CoreOS box to make unit submission easier. +This guide assumes you're running `fleetctl` locally from a CoreOS machine that's part of a CoreOS cluster. You can also [control your cluster remotely](https://coreos.com/docs/launching-containers/launching/fleet-using-the-client/#get-up-and-running). All of the units referenced in this blog post are contained in the [unit-examples](https://github.com/coreos/unit-examples/tree/master/simple-fleet) repository. You can clone this onto your CoreOS box to make unit submission easier. ## Types of Fleet Units @@ -51,7 +51,7 @@ standard-unit.service 148a18ff.../10.10.1.1 active running ## Run a Container in the Cluster -Running a single container is very easy. All you need to do is provide a regular unit file without an `[Install]` section. Let's run the same unit from the [Getting Started with systemd]({{site.url}}/docs/launching-containers/launching/getting-started-with-systemd) guide. First save these contents as `myapp.service` on the CoreOS machine: +Running a single container is very easy. All you need to do is provide a regular unit file without an `[Install]` section. Let's run the same unit from the [Getting Started with systemd](https://coreos.com/docs/launching-containers/launching/getting-started-with-systemd) guide. First save these contents as `myapp.service` on the CoreOS machine: ```ini [Unit] @@ -118,7 +118,7 @@ ExecStop=/usr/bin/docker stop apache1 Conflicts=apache.*.service ``` -The `Conflicts` attribute tells `fleet` that these two services can't be run on the same machine, giving us high availability. A full list of options for this section can be found in the [fleet units guide]({{site.url}}/docs/launching-containers/launching/fleet-unit-files/). +The `Conflicts` attribute tells `fleet` that these two services can't be run on the same machine, giving us high availability. A full list of options for this section can be found in the [fleet units guide](https://coreos.com/docs/launching-containers/launching/fleet-unit-files/). Let's start both units and verify that they're on two different machines: @@ -154,9 +154,9 @@ MachineOf=apache.1.service This unit has a few interesting properties. First, it uses `BindsTo` to link the unit to our `apache.1.service` unit. When the Apache unit is stopped, this unit will stop as well, causing it to be removed from our `/services/website` directory in `etcd`. A TTL of 60 seconds is also being used here to remove the unit from the directory if our machine suddenly died for some reason. -Second is `%H`, a variable built into systemd, that represents the hostname of the machine running this unit. Variable usage is covered in our [Getting Started with systemd]({{site.url}}/docs/launching-containers/launching/getting-started-with-systemd/#unit-variables) guide as well as in [systemd documentation](http://www.freedesktop.org/software/systemd/man/systemd.unit.html#Specifiers). +Second is `%H`, a variable built into systemd, that represents the hostname of the machine running this unit. Variable usage is covered in our [Getting Started with systemd](https://coreos.com/docs/launching-containers/launching/getting-started-with-systemd/#unit-variables) guide as well as in [systemd documentation](http://www.freedesktop.org/software/systemd/man/systemd.unit.html#Specifiers). -The third is a [fleet-specific property]({{site.url}}/docs/launching-containers/launching/fleet-unit-files/) called `MachineOf`. This property causes the unit to be placed onto the same machine that `apache.1.service` is running on. +The third is a [fleet-specific property](https://coreos.com/docs/launching-containers/launching/fleet-unit-files/) called `MachineOf`. This property causes the unit to be placed onto the same machine that `apache.1.service` is running on. Let's verify that each unit was placed on to the same machine as the Apache service is bound to: @@ -235,7 +235,7 @@ Global units can deployed to a subset of matching machines with the `MachineMeta Applications with complex and specific requirements can target a subset of the cluster for scheduling via machine metadata. Powerful deployment topologies can be achieved — schedule units based on the machine's region, rack location, disk speed or anything else you can think of. -Metadata can be provided via [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/#coreos) or a [config file](https://github.com/coreos/fleet/blob/master/Documentation/deployment-and-configuration.md). Here's an example config file: +Metadata can be provided via [cloud-config](https://coreos.com/docs/cluster-management/setup/cloudinit-cloud-config/#coreos) or a [config file](https://github.com/coreos/fleet/blob/master/Documentation/deployment-and-configuration.md). Here's an example config file: ```ini # Comma-delimited key/value pairs that are published to the fleet registry. @@ -288,6 +288,6 @@ MachineMetadata=region=east ``` #### More Information -Example Deployment with fleet -fleet Unit Specifications +Example Deployment with fleet +fleet Unit Specifications fleet Configuration From c42ae11a8621cddb58d619a85cd9d251d54484e6 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Fri, 26 Sep 2014 14:43:32 -0700 Subject: [PATCH 0255/1291] launching-containers-fleet: revert changes --- .../launching-containers-fleet/index.md | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/launching-containers/launching/launching-containers-fleet/index.md b/launching-containers/launching/launching-containers-fleet/index.md index f5ed89b89..a5a1c3bb8 100644 --- a/launching-containers/launching/launching-containers-fleet/index.md +++ b/launching-containers/launching/launching-containers-fleet/index.md @@ -13,7 +13,7 @@ weight: 2 If you're not familiar with systemd units, check out our [Getting Started with systemd]({{site.url}}/docs/launching-containers/launching/getting-started-with-systemd) guide. -This guide assumes you're running `fleetctl` locally from a CoreOS machine that's part of a CoreOS cluster. You can also [control your cluster remotely](https://coreos.com/docs/launching-containers/launching/fleet-using-the-client/#get-up-and-running). All of the units referenced in this blog post are contained in the [unit-examples](https://github.com/coreos/unit-examples/tree/master/simple-fleet) repository. You can clone this onto your CoreOS box to make unit submission easier. +This guide assumes you're running `fleetctl` locally from a CoreOS machine that's part of a CoreOS cluster. You can also [control your cluster remotely]({{site.url}}/docs/launching-containers/launching/fleet-using-the-client/#get-up-and-running). All of the units referenced in this blog post are contained in the [unit-examples](https://github.com/coreos/unit-examples/tree/master/simple-fleet) repository. You can clone this onto your CoreOS box to make unit submission easier. ## Types of Fleet Units @@ -51,7 +51,7 @@ standard-unit.service 148a18ff.../10.10.1.1 active running ## Run a Container in the Cluster -Running a single container is very easy. All you need to do is provide a regular unit file without an `[Install]` section. Let's run the same unit from the [Getting Started with systemd](https://coreos.com/docs/launching-containers/launching/getting-started-with-systemd) guide. First save these contents as `myapp.service` on the CoreOS machine: +Running a single container is very easy. All you need to do is provide a regular unit file without an `[Install]` section. Let's run the same unit from the [Getting Started with systemd]({{site.url}}/docs/launching-containers/launching/getting-started-with-systemd) guide. First save these contents as `myapp.service` on the CoreOS machine: ```ini [Unit] @@ -118,7 +118,7 @@ ExecStop=/usr/bin/docker stop apache1 Conflicts=apache.*.service ``` -The `Conflicts` attribute tells `fleet` that these two services can't be run on the same machine, giving us high availability. A full list of options for this section can be found in the [fleet units guide](https://coreos.com/docs/launching-containers/launching/fleet-unit-files/). +The `Conflicts` attribute tells `fleet` that these two services can't be run on the same machine, giving us high availability. A full list of options for this section can be found in the [fleet units guide]({{site.url}}/docs/launching-containers/launching/fleet-unit-files/). Let's start both units and verify that they're on two different machines: @@ -154,9 +154,9 @@ MachineOf=apache.1.service This unit has a few interesting properties. First, it uses `BindsTo` to link the unit to our `apache.1.service` unit. When the Apache unit is stopped, this unit will stop as well, causing it to be removed from our `/services/website` directory in `etcd`. A TTL of 60 seconds is also being used here to remove the unit from the directory if our machine suddenly died for some reason. -Second is `%H`, a variable built into systemd, that represents the hostname of the machine running this unit. Variable usage is covered in our [Getting Started with systemd](https://coreos.com/docs/launching-containers/launching/getting-started-with-systemd/#unit-variables) guide as well as in [systemd documentation](http://www.freedesktop.org/software/systemd/man/systemd.unit.html#Specifiers). +Second is `%H`, a variable built into systemd, that represents the hostname of the machine running this unit. Variable usage is covered in our [Getting Started with systemd]({{site.url}}/docs/launching-containers/launching/getting-started-with-systemd/#unit-variables) guide as well as in [systemd documentation](http://www.freedesktop.org/software/systemd/man/systemd.unit.html#Specifiers). -The third is a [fleet-specific property](https://coreos.com/docs/launching-containers/launching/fleet-unit-files/) called `MachineOf`. This property causes the unit to be placed onto the same machine that `apache.1.service` is running on. +The third is a [fleet-specific property]({{site.url}}/docs/launching-containers/launching/fleet-unit-files/) called `MachineOf`. This property causes the unit to be placed onto the same machine that `apache.1.service` is running on. Let's verify that each unit was placed on to the same machine as the Apache service is bound to: @@ -235,7 +235,7 @@ Global units can deployed to a subset of matching machines with the `MachineMeta Applications with complex and specific requirements can target a subset of the cluster for scheduling via machine metadata. Powerful deployment topologies can be achieved — schedule units based on the machine's region, rack location, disk speed or anything else you can think of. -Metadata can be provided via [cloud-config](https://coreos.com/docs/cluster-management/setup/cloudinit-cloud-config/#coreos) or a [config file](https://github.com/coreos/fleet/blob/master/Documentation/deployment-and-configuration.md). Here's an example config file: +Metadata can be provided via [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/#coreos) or a [config file](https://github.com/coreos/fleet/blob/master/Documentation/deployment-and-configuration.md). Here's an example config file: ```ini # Comma-delimited key/value pairs that are published to the fleet registry. @@ -288,6 +288,6 @@ MachineMetadata=region=east ``` #### More Information -Example Deployment with fleet -fleet Unit Specifications +Example Deployment with fleet +fleet Unit Specifications fleet Configuration From e605e29483f4c4b588f94ad8c19de4cfd446aead Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Tue, 30 Sep 2014 10:25:09 -0700 Subject: [PATCH 0256/1291] getting-started-docker: fix spelling mistake --- .../building/getting-started-with-docker/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/launching-containers/building/getting-started-with-docker/index.md b/launching-containers/building/getting-started-with-docker/index.md index d05f4644f..1748a8bc1 100644 --- a/launching-containers/building/getting-started-with-docker/index.md +++ b/launching-containers/building/getting-started-with-docker/index.md @@ -73,7 +73,7 @@ When running docker containers manually, the most important option is to run the docker run -d coreos/apache [process] ``` -After you are comfortable with the mechanics of running containers by hand, it's recommeneded to use [systemd units]({{site.url}}/docs/launching-containers/launching/getting-started-with-systemd) and/or [fleet]({{site.url}}/docs/launching-containers/launching/launching-containers-fleet) to run your containers on a cluster of CoreOS machines. +After you are comfortable with the mechanics of running containers by hand, it's recommended to use [systemd units]({{site.url}}/docs/launching-containers/launching/getting-started-with-systemd) and/or [fleet]({{site.url}}/docs/launching-containers/launching/launching-containers-fleet) to run your containers on a cluster of CoreOS machines. ### Run Apache in Foreground From 25abfb812855fa120fba13170ddac96b18e6055f Mon Sep 17 00:00:00 2001 From: Joseph Schorr Date: Thu, 2 Oct 2014 15:30:23 -0400 Subject: [PATCH 0257/1291] Update setup instructions for new Redis config --- enterprise-registry/initial-setup/index.md | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/enterprise-registry/initial-setup/index.md b/enterprise-registry/initial-setup/index.md index b4e09edc5..b718d673e 100644 --- a/enterprise-registry/initial-setup/index.md +++ b/enterprise-registry/initial-setup/index.md @@ -32,7 +32,7 @@ Please have the url for the login and database available in the SQLAlchemy forma ## Setting up Redis -Redis stores data which must be accessed quickly but doesn’t necessarily require durability guarantees. If you have an existing Redis instance, make sure to accept incoming connections on port 6379 and then feel free to skip this step. +Redis stores data which must be accessed quickly but doesn’t necessarily require durability guarantees. If you have an existing Redis instance, make sure to accept incoming connections on port 6379 (or change the port in the config.yaml) and then feel free to skip this step. To run redis, simply pull and run the Quay.io Redis image: @@ -75,10 +75,16 @@ MAIL_USE_TLS: true # The database URI for your MySQL or Postgres DB. DB_URI: '(FILL IN HERE: database uri)' -# References to the REDIS host setup above. Note that this does -# not include the port, but merely the hostname/ip. -BUILDLOGS_REDIS_HOSTNAME: '(FILL IN HERE: redis host)' -USER_EVENTS_REDIS_HOSTNAME: '(FILL IN HERE: redis host)' +# REDIS connection information. The 'host' entry in the dictionary is +# *required* and should refer to the REDIS host setup above. Note that the +# host should *not* include the port. +# +# Additional options: +# port: The port to use when connecting to REDIS. +# password: The password to use when connecting to REDIS. +# +BUILDLOGS_REDIS: {'host': (FILL IN HERE: redis host)'} +USER_EVENTS_REDIS: {'host': '(FILL IN HERE: redis host)'} # The usernames of your super-users, if any. Super users will # have the ability to view and delete other users. From fd9f95d26842e57ebca9e9a13144caff54467131 Mon Sep 17 00:00:00 2001 From: Joseph Schorr Date: Thu, 2 Oct 2014 15:31:06 -0400 Subject: [PATCH 0258/1291] Add missing quote --- enterprise-registry/initial-setup/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/enterprise-registry/initial-setup/index.md b/enterprise-registry/initial-setup/index.md index b718d673e..eea4df970 100644 --- a/enterprise-registry/initial-setup/index.md +++ b/enterprise-registry/initial-setup/index.md @@ -83,7 +83,7 @@ DB_URI: '(FILL IN HERE: database uri)' # port: The port to use when connecting to REDIS. # password: The password to use when connecting to REDIS. # -BUILDLOGS_REDIS: {'host': (FILL IN HERE: redis host)'} +BUILDLOGS_REDIS: {'host': '(FILL IN HERE: redis host)'} USER_EVENTS_REDIS: {'host': '(FILL IN HERE: redis host)'} # The usernames of your super-users, if any. Super users will From ea2efadb50d73dfb42c1aa79d5db481cd0d75531 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 2 Oct 2014 14:01:35 -0700 Subject: [PATCH 0259/1291] cluster-management: add architecture section --- .../setup/cluster-architectures/dev.png | Bin 0 -> 11888 bytes .../setup/cluster-architectures/index.md | 217 ++++++++++++++++++ .../setup/cluster-architectures/laptop.png | Bin 0 -> 6532 bytes .../setup/cluster-architectures/prod.png | Bin 0 -> 28293 bytes .../setup/cluster-architectures/small.png | Bin 0 -> 7254 bytes .../setup/cluster-discovery/index.md | 4 +- .../setup/update-strategies/index.md | 2 +- 7 files changed, 220 insertions(+), 3 deletions(-) create mode 100644 cluster-management/setup/cluster-architectures/dev.png create mode 100644 cluster-management/setup/cluster-architectures/index.md create mode 100644 cluster-management/setup/cluster-architectures/laptop.png create mode 100644 cluster-management/setup/cluster-architectures/prod.png create mode 100644 cluster-management/setup/cluster-architectures/small.png diff --git a/cluster-management/setup/cluster-architectures/dev.png b/cluster-management/setup/cluster-architectures/dev.png new file mode 100644 index 0000000000000000000000000000000000000000..d166d7153de73a349e5ca37faf022c24d1e13707 GIT binary patch literal 11888 zcmcI~bzD^6xAqt)B1jFLLr5wqNFxj-Fmy@h(A}vZ-6-HlNp}k)F`#rK-O}CN@E-jB ze)oOf`?>eOd-n&6;g>7$Ehr4#1u=?JtbXg2~R*=pfz3GH#&62|)k4N0$oMN0j z>07+r71z|6m1O*{Tb0>U^xEN1-D*Ycq)NMM5d;uHa9n$OKoRrkB`Un6?|+00s?$| zd@Q2Szkbda`x5x6s#qIYjYPJ?u&K;I?Ahr4qEI0rp^dbS{Y_{75fK3afkalVxJ>hJ z7Wsr?O5jEH6zD=~QL%0v&%wi(24Qh)8yk6_Uc;1>6xTW-*Nd)rmUb7tCm<~qU0t7r zmM6!v!Otixfo5f;a=W#;X=QGX-oNh5udS_3+vwUfE4ID8U9K-xTwH966mXod4~^7S z1h?kJ2P9;_L-+FZthSlrIp2Qb|9fVJ;^uHwk%6sqU zhX+T;DM@W@Z5<*n2*dfOHcK0CmOd%q4FDaem+BS6oNIKntF5)_Ty5ZRxQvXJSxta760#%r-H68ha?u?HMRKW*s!NwX|w{E>HH-b{lVRG9{ek;47@zZBhI>bYV$hC{k2OkkAQ=k6=O#es;Y4ieb`-})M|q|Z zA(Ma&CnuvQg(jz`>)m$$#Kpz!2~h$T_r1Q5PvRLF9Ss_*@jBgEY>(a@FBjK6`JFCK zK|#^m+Y21MPPRgI?Yk3R0AGP-*Koe_2jx|Heqv}Drh-0W>*nKwnz2PrZO1B98?P$K zc5jRnj(7|o7JXt+aCLQUxH{-|K%UM8V5bUtaMs63gcC|6^i)}m37?D`Lx)F42|e&% z?W}~DkCo^u2<|_`MV(AqZRAto+Duiy@UAqSs?MVdaeT* z5`CqJ-jzKI2lrpRf7~;x?i#^k;k>hP8Em1W-&Uol9AERdva)_RhiP_`-(^tg1Jl#w zsZv7OG#Ps>iTb{Lg5~Aq9D+h`Ra8ECVp;>@U0)o>y6H5-;ed7kHL1X5zw^;lOjvJN zeCsvy+O8Vov6%$Bg>P8Wu7+Mxs{FA4u{-!vzfS1`)NS{t9ucBmqT@05^Fv=>Ut61` zOVF=hzdC{gv$L~hMyoxKH-M(0@1u6jtf)}b9Owj$rlzL$GLgkGc5-quQ!3i_Prb)P zg(>jnuTLNsVZXOs!!yh)Cx#F60W$-A{y2n=)Z~TA2-mSSoGp~-)`jF17t0qr#SSMG zZghT~Bz(TJqB@`1YF0@GTJ7NGUxwyJsT>Dn}{QUaL3YIEpft+d%wiFi+xR_G} z9EPyLinK60+jRF2ia{Y&we)H@o?9wp3gZpVN8VX)6_gw4@pm+C##)?$RTTzUvboh= zBO@jC+;1gX?EBQ!@}tM>5WxjchQZHZ(&MAW+JN`UKqDg~M@B{#b)CYLJpiwUU}0fR zA?-AxooU`Rc%P?>2T$9&{mAaY_B(5CXb?U=M@`-w!bL8%GOF?!hF-jQVY&FV!!(q! z!a`5;$D8~MH3N3y!Q)YC1&LWwHIZLseWf0eii;Ig$GTz!5TbE@EyC2Uy z82Y%Ha&mHjYd0szMm4)-4K=kV{sw@>s`Uzh)n`u-SSNgs2Bgs5w5zyUnOftNSbjp9}aW)=vFp$Turb7}B8S{umo=rMD$ z_Ug++%e>iITSI3n6lRm-hTGWKxSN5(rYxO@a^yG1O7&|TO?`Z>fzGddMR1F?Dsw6- zDjFJY&R5eIG5||fmX|vK-UX~K^XlI=9wULD(t{~I7bAJ&tkrNnj0pHjiP z%8v#D;o^2z5Qd`#;#9m%FfAPUx(Nn>pwMT*0rpnF8TT__Lj!SR{VyLQHEtK3`AxO@ zY(6vjn`(u(#@&e#L*K~uv4T~*cywA4K|}sbs)QB<5nxr+u)cl{S8fbTVl09y2s028gr7Bs3De_8?$x;wYQH_w>Im)Wi0I+#i4Y^Ea+Q!Y zH9URhDc*Q~)h6ZYHtZZ~D9(C1JkcDjbJhdKV8qOXfwgXO{v4^zZw*zl&QuonWpD<8 z#iey@xI`TKdz4jpD5L#g_KD-`N-B>dG|t1| z$ZQfxvvKO~$FC`5x%+)wvJ2Z+8a&I*UDMLf4#Rm%qaSUqfXgrg?zAw(T6q!qQH&T1 zunp&TFDVHR+2F#%LGx*i09M}aRo~-b;RNDPnUhbDKtq3WDkG1=%Z;vXI9<>tLTiQ> ze3mimHM<>nKe2BS2LTA}l!Q=3$NyE*ktetHM@i|X^Ovl?-YLV^Uxi#nB5qlRbM=X1 zx$eYhuTwRavNihEJ%ahWSM^U=P%rx{ES+kj#7!j4O!{oh2rvx2#|cQ{Pi9y;yA%X; zR`IAlK!RAXA_Qlr+L*)Qj#Rnv#Ob)K-w)03Ia|!{EiV#0Eqz#X_<(lyD?Ih;n&h8; zR@jfpo(Oe|`cC1raVnBCiSidi_t+|H_UXW#feK*cO3!ZHa<;&(GJRFpXS}wXSaL-G=g54T z+H7pY!Dj+{2v{xl$Sf*Q4E@}4oZ(t!wQA|`p;pPXfZ**)JSaD5FNl~1Y4FZv{m7U| z_;?M|&P9*xM1mJf0hg2ELr+JtG$~j6-NPFxpT=mtib7;f&IN)>!H*^FUa1;~&}r>^ z5;W?Q95bil(&JFm!>o20^-}gbE2(BVyiFBX{_uHF+*#p}!%1h&ne1Rtqj{m7X__*Y z#PwHMcy@>}D;;h>8LzcLVOKnv_@G9jIK1!e$y2({h|Vu2YHxyGU|ifTbvOH|H13o& zUu(*DZnxg&q~+pVRa${6qC?nFV*=bOPqM`5Iw0YzmLWCAA$t4gk^MsSMGgAbDkv@d z4IwgjJHNH1UE<8xA7@Az;tZvf`G&$(%ThjAUv`(lR_Pre8+MP^tO|_cz*g?2$C!P3JEmnRo_Mx@)y|cBr-|? z3liHF5@I^25j1^WR&qLc_4KLUtHZ^X9>IVQrQ@)cF)#^Q!#Z8fdU$_2t}Z0nj~04%Lb|Abl~2=2 zN3T;8JvQspYq5{%Zc=?&LG;%!^iFtMFFy9A|16Et^)XF5q>4K6TR8eLogqRe+Y+&X zIYK)|iQ1c3T#fc^_gJ`Lx#jcgXuYg|#k5u^SmHQ<?<$LBq*UXp!+ zU4r47_AF&X=4e{DrNV7?&8xrqsOcLw&D+4H@kU%=;!3Veo55a^X?z5hKWvd7#M)>C zM)#9T&U-%W`gmv>5+e-`)*>iV2D&%tgHmw!M)fL1+*W3_Zx*+CVOx5R+y2pGyKWbH z*K2ug4=Bu+!|Mfa?=n~ZfyE4HNh!;-l+O5VKjf# z?Cai~@sEYPoAh%%gg2gd9~(iJ2;VZ~r3u8m=96b2xd}?w!21OC;&%xOb5EW%3sD zi)7y{de+{MHVxp+nCai}d|yL45o0mE?CwQH;<K-#>F=ZEjiNpekC>f!MWQ@P{NfTEiVDZR0>%hrd+)#IMk1Xl%M8Q9RD_*rXBe# zlX797&r@jxkH<^fTQdleOBdZRjN!utJO?_MjE#T(=yOP6R_KI|L-{g_6h83QS->en)S)Hm9g2@;zt?<5FFo!+7jQnV9D5V_o zq^wr^^bd*TeyhIXlZQd`%{5cHcqZW&OZwGp;4Rr`@E>G{c|~4{edkvn4W^h z<0AI>-n4u-%nKEZ?>X!dX=5Dv{awUIan0*C=V%By%y!&Z8kwbIW?H?8ZFO5uaA`C+ zaA4DKwoG0rBm^SCAnVD*$dT+Ld497|8#T3~9Ks<@!_jkv@Vt{J^#bup77j^<-D#`p zN0W2Myi9hQxUxAE{=2#(J;7aK!4v^$ zZGTeYKggAh^iyy6mg`&+O(d5NDrCgq@Ql*cF%-L-@cC(cHO_=h>)gzb<+R+?h~Zz| z6TP;0hA^4LFT~=q{lBF_jHDrf;8ciFb2~LIN0?k#ku*di1E>3(&rnm}en!!`#(o9O zsm4dLHM>d6_E$$|#T&e*0Z7}e9`1cNH97$$@w;)D;`nO56Ew+1bp0A*1)m}>XD8$_ zlJbxTdwJwQOa|->)_F;4S?!;i){7M9R^m5Q_|WCkMKuuHks>z@d~>fJ`vkseTJLXA83}JZcC!@KJ9o~rG|Dpe-yz- zR>&x<_xhDpYEKzP>?8^;lMxfw$4CFUC4XT@GOJTq(I@&hl$pG(lLe}m9in${nGA=~ z_ypP~XF8tMlv1r^^Dqb7wF}588BUX!1aX8nOx~+A_LV?dfdlO)3sZ~-53QLQ^olZw z#Vyv{X%bT5R;v+<^A9-{Fgc~fR-_kulcAozQmr=!BXkJQ^j6iOD?}>+A04UH!QF!D-g5> zobA61>{$%#nMhCR3C+sIfi)`e8HClLG&K!hty*rf6s3S71ZDDmRVgbLmK?c-Kv?;rXZeh%Ej=PJm$27#OLl$0578yr+dIH7?UpR8Q05RcX&oFCt$35cwP_VFGgq??^_Q>>+1) ztWkxZ5KS8@nu99)zSTEjvG$IJz^#v`q3pZ$!RDKlr5KNcO_{(1E~$UXCE75jxgu3q zP?Qa5keAOY{|5N-nghNeQKbVz;(e%)wh5*uIm?m$SFZW#qa!`!F@= z9u?T*0O5i--M8o`4^;vOhLArC9d*|xS^V@aDj2TNx$bY|v>-LZHO`a4x9&RV6 zF}MBUN)#XS<8@o1w{pVFQi~K^sf~6EV||~d31W0sTubR#ZqL?#N}U{G57c*=-Bj8o zm@Wu{5ws8|I+Li+H9Z@=%AU2FNq{9p|IBNyWQ#E0N+R}Cb~aN*Jw1t-!9RA#df(Y} zt7?PpB3~fPF9%3_^4={(fSEaB^*pt}p}or-`o z4>9Cq^*Q8bN7|1$CAJ&W7&DZx|L2m_vccj^*tN0jfc~^T2ZGmMJCh{7YG#uh!~3jt zZ$F&2VeZTqW;|RDc%JWRpOLIg8`X`}o0Tomm938OJDDdj<_&{afgmZDGq;ER9*p;c z5}&3-&4`S}{ZiJ#FH39qj2}tjmuCdF5{2D76lx^513tX5W2EjZ&sD$__l$b+YQI|f z8l{GIs)`81sv#f5LsULMR2qlDVNQ^vhgl+*jeVaf@y#Mq;kWyZn$IVw_%IA5mn~0g zuLlu@4XK5C?FK)W2}ksZFdkNSv1-a5hj+_|cSWuw`|7ud{T1}fSHzGGdgvNel%CL* zw4Yb{uur$8uc_8Korb^I7o~9&h}|V`R(kzPzRj659;j?{)1(C2^8JYIjX8FKe zIG)g0w58?tupo~&o~d=Q(88v3Txbc^kph8!(D%-a$R#Q90qHsI;H=%$5%E8r&^C_y z8CqyHGMu%((toZ_Nxz-xSbw=wXFmFc?^!VI7%m8OBP!{6koqXo5d?ZKX=1t7;7#?< zvjJ*Zq6WMo>~J+RPb_^?E<0a?X9d(Ckesra*Kyx0FrmN745L&`V-1oJa9w4HlPAQ< zRc^Uweaq-YD4<_`$>okA;h(j&wLlfnF~!JQC4I;yc6r25ZaDp=N8D3l)9Toit`snk zI?y^j&uT0k;8-5WBS-vsJL$9c>oK;-m3@gy#0z9Idne}N;_;!KUOvgy+ZZuDy*>1t z&7cgcHWKlmCYK6!HzNV(!vmCr3qeH4hGEDc9$kQNP(A`T*@u2j*}c5$tMg=ynBH4uk$` zo~e+rO;ObFOMe&9RkuIEYB?ZaVRzYhO>dDetwR#8-Sdp}^z=Bq z2t(*+WZgnHTcb{y!J9jsiPyQQenvX~;Ae|$^Lf?bSn0i^p|EWn8Y+k#nawU2vnbAL z=c2FcaURiPFT_=N8FXL&$ZNL_r8qa}K~8gL4_mIGu~})xj{^tJ8s;_s3QsQ%YDESx z^->J4YiO|^tfK0LTbmhw?$^_>p**X*1ctSQZ!7fIT|5%hl7?LV-B01L9o-c*#X%As zi=S7=GBGCIS4fM!>7OJP9k{Z{eW0L&QJ$>LUR>*ZQObWiLX78S$E=O5o3QjHLHDoX z>=2pXaK!#e&OeyU)LnX{8_wy}oSKECNH?<}4Qfv(1IOx4)|P(nmOMsMQGGEV)Q;gJ zHsnDr$bHC|j0oImzEDq?#HKP5c_r?IppN)E+tt11#4;{%5 z??P&e9&#cK$WkE?xKUMx)5I?C5;rK56Qf2HBO!4nt($6BzNW*4?vkHH-y2;zhs=+V zqzPW`Q#5NlGTi}k`M>c46<2$Fq~0UY;7+08{vy~mx&yP$V7yhig@Z6IWHpkEr%Y|R zD-yC^*qzP=r@ustGim#5JzPfJOo(>vcd$I)n6K|PKJQzUvvgu~?{7NE=tRT#F(&cP zCI#u?LuClwQcSDUtCnd`XzAHi+iEJF`fTY<{-2^J$EjHLND=1)w}=60ovSH2%z?Z< z``Hnvsxfi~xc2NOg{P?&-@h~cgM-mEpzw{fodGJAFd=BX*UbR+Usx`e#yx63m%0VFMX-d?1j09356^UE zQ-7bcWsGjqPim~J<*ervY}b@2YxX7MTchjGmyWey-K?2Rns*t}Nh4T3~`UU_?02Em`G-G>u*e_DrR}a+WcXn)D zJl))owQ;813EM!`dBjeV|FKnwWZ~|M&IjHA+L8p)7Bn&2jDIVFLmES zWfNcCt-m%rWVkgmJ0pb}Q`;w_qoV+>aCMX`k|N?KjO*g&#>>k)WnF!D@gT8ry1~aw zUteF+xLI{{XqNzAMC9xNCPCQE9!H)uotO zOsvulELRxEaw1p1U^thhS8xA?c<|M8nGXzwgDmL2{|^- z1ZnL)!uP2B>oc18*SX%{#^zjX5(UOjx{0DD50)mVwDnR+QM(r%X0jb3T&vpH*~ zDOwYq@b|&-7sc_SqE|M-w<$9bkQ+lYLe%P8TLE>4TnJqb@gsyWq!I&RY#NlrA zv?aj^|JDMVJBG1`B4D4i1F=u@;}>j5?@UOQ4^rTgoFfpmM_3S03?hXON}m@ zz^cTeFDn~9nd5A4&whZ&;P(MQBLJhXj|1)s3JQAg_?ZbepPbeqe1jt3MwPUf33GAP zrDv>?^AT#v-c#H6&2#)_2WXZwo(HNcM8mZ%K8dn*lUBm;=wg=FS_MpFBt6g>r-$(t z6P~8j&{$itSX~D;!i%&|m?7TxnM^uv%KYdAV>h#~-<}CJ)4{Iacnb~( zYdL1KLyM!_htNA1B%WR`)?Ld?df&mn@Y|8x`gU48+Zt2K<|3L3<4@)=v4~V-B8@M1 zVUfoM9QIPSnVsJ9zA;adv35*biWbhp@0s^#Y73iQ54F@y8zT{B(js6=K3>Cgt`9I4kHIQ<;{{i&0uF7>={9*L#@MCjRH3C zkMZ@tBa8qe0EO_}>Vi3u#3Ys2BN zY+DjvXg&ECBJL9D{ue3QU#2jDgoJRt-9h0Ig5eR6$38`T5`}!MKhl(c!gZp9Xu=Uv zSK<7V9ph0COvLY>_;A5u9kNKGrz}MS+mV%Kfg|2t`#-!~L|68K9N{ zlo)_rrqnKsG8t`2kXRW8!fNvuPCCFIUK$oTU5Qm$**LRGYDPrHaAtDv8aKyV*}?^j;T=p0>VfWXxt)eTRX8wo`N2 z)!=q2m(bav5FD!&*i#;(6~7Log?JaFfflC!k(8cw?4&Lgs894LOmkHZf8IB~TTF3H z`e6Tt9@Pt94Uu&}^{8bLKAQ^&rt*D#C+Gi{h#Fut2TQVVjAuJNZS;bdXVWcW-)2%f zxdMMn5@rC16v+PWF1~O25%izY%g`FbX7;Srab+6`%s%HBo|z#BMZ2$UN?4SA(Yl-?u`KBXYh*J5yaE_k zuD8ce5j_Q#%No7A;Zkd)HELA8#NYZO9p^qMBJm>f=rTCw{A>gp1Y-9%dn5E;Bewq? zlKa1R9l(gcyGnU)`G~1(0!haR@;5`X4zaKWAoP zaiX{fqGsa=%UI$EGHlVlxv>8ZT4zrLvQ|gncF|2m^dW_~Ebwa2tk{a1-ze@Io{+G|nvT+}(c^7Ix3uLwiM5B;x60 zbai!6D3k+l){P7lIR79z2k^yWB$*uL8whYXJl)fQJVCZa3S| zVVMhL(340zD%?9xl-g29ENz2#l z!}|W!%d^Gk5j2Wt?eQ!cZ8~(W`1y9EAcM&{CkpCDENtxA9}ahw1gP^a>h$JftkL&m z0#!rYwLDK<|&t6@D4;8DbkDWWs9+9JIKDUV6RjlRZUVq;6ihmA9Z zt{q>rh7&a&k7_?9dRc#abBS*w{lcOkEG&#gqeN9*{p9piLtWj~#f4s<&Jurdh8y(r z=)Kr$CdteJqw*rH%I5=x!f9;hpXu&sMjIQRUS6}lm)pSBPDiHvLa+V@5;?YdIALAQ zQQ2y{fPkkW_Hyol4v125VQ=N-BWG-}c_oxe6EGh&&&^Tet{-10GG+;@exhT-K?fug zrT*5JRzG6u&Xd$ji2iWFmN9I^(uF^T=%r3xe!k4-7oE@Bs@C@akLYmwL6cnMvN^gv zg=E7)w;sw`*v>KI9ZO<1XIfz0hp&Ln2-qHBe4j_=qgCIkI|0&;0V7NoU z=h(9BC;`haEsgg2^%w-Q2xbuj$SU022|&r{Kg}7r#wVw3h^+Q1R#r+D9Q5zi)dhtT zM42FV-SiRjuQG7}Ux!LfL&J$Yag+6v3&7@*qV&iDgycstf!;F$zTM_9UD+?3vRA;$2lx@Rp({udr})yxcgJRuE?ZV2~xS>DyMl8xfYqM}2o%?Hi{dt#(?4 zRrObjQX3$rjNu_OZ>QrQ-@n&5J3BosC@2VU4)qF0-f3vSkyB)3WVD;fp3$l(e(&4s zQ-Bhth<1;9Hod$j>*M1S+Kftg|4W@8><4Pc>tCDai76?gHUuPfq1(dG3os;6-|gp{ zfIHe|YWeLAhTqc3kW$_?^}6$@$+vOwg}N?8L_`cE=ADcCU;={t+f*(%Y&hvYs6*<` z!2+KWO>Vm;^|l>)54&i4c?sZ-3=j7t@$R-olEt!}dkY`$YZv7u#zjnn-RObj5>OF! z2EgAM930FeQP%g+X>Dy4PAf$sky%+w!}%&?Jl4`aTA=s&PXg^LNJ&Wn0`2nQdB#q- zh;)>>5$-`$jI~p2rqOXR{l!iER4MX{v-| z9US&AcN<0EedI0~1sNGMu0{vNExH~Xf|SwS%bcWPRB1kt5gUt}Ip7Z1G4b=~JS*)V_UW+P!^>+H^`b9)PG-Z; z@oeZ_m*;z8Z+S=~O-)T%yCq?QemCA)S|qsV*EiRfrvUjaFpcy+Xo)sL_}=1gfNOks zJ{+z=!|%8xZDEl=+4TrSt&l##7$FX@9yK%)C!bXV+rhG9I>vp`hGqgtL^PdDE-Zy6 y1IPgOh4q2W#a|H}*mQ>ep?>{ukiNEWAMmydgmdY(g#q+wkc +
    Laptop development environment with CoreOS VM
    + +| Cost | Great For | Set Up Time | Production | +|------|-----------|-------------|------------| +| Low | Laptop development | Minutes | No | + +If you're developing locally but plan to run containers in production, it helps to mirror that environment locally. This can easily be done by running docker commands on your laptop that control a CoreOS VM in VMWare Fusion or VirtualBox. + +### Configuring Your Laptop + +Start a single CoreOS VM with the docker remote socket enabled in the cloud-config. Once it's running, tell your local docker binary to use the remote port by exporting an environment variable and start running docker commands: + +``` +$ export DOCKER_HOST=tcp://localhost:2375 +$ docker ps +``` + +Here's what the cloud-config looks like: + +```yaml +#cloud-config + +coreos: + units: + - name: docker-tcp.socket + command: start + enable: yes + content: | + [Unit] + Description=Docker Socket for the API + + [Socket] + ListenStream=2375 + BindIPv6Only=both + Service=docker.service + + [Install] + WantedBy=sockets.target + - name: enable-docker-tcp.service + command: start + content: | + [Unit] + Description=Enable the Docker Socket for the API + + [Service] + Type=oneshot + ExecStart=/usr/bin/systemctl enable docker-tcp.socket +``` + +## Small Cluster + +Small CoreOS Cluster Diagram +
    Small CoreOS cluster running etcd on all machines
    + +| Cost | Great For | Set Up Time | Production | +|------|-----------|-------------|------------| +| Low | Small clusters, trying out CoreOS | Minutes | Yes | + +For small clusters between 3-9 machines, running etcd on all of the machines allows for high availability without paying for extra machines that just run etcd. + +Getting started is easy — a single cloud-config can be used to start all machines on a cloud-provider. + +### Configuring the Machines + +Following the guide for each of the [supported platforms]({{site.url}}/docs#running-coreos) will be the easiest way to get started with this architecture. Boot the desired number of machines with the same cloud-config and discovery token. The cloud-config specifies that etcd and fleet will be started on each machine. + +## Easy Development/Testing Cluster + +CoreOS cluster optimized for development and testing +
    CoreOS cluster optimized for development and testing
    + +| Cost | Great For | Set Up Time | Production | +|------|-----------|-------------|------------| +| Low | Development/Testing | Minutes | No | + +When you're first getting started with CoreOS, it's common to frequently tweak your cloud-config which requires booting/rebooting/destroying many machines. Instead of being slowed down and distracted by generating new discovery URLs and bootstrapping etcd, it's easier to start a single etcd node. + +You are now free to boot as many machines as you'd like as test workers that read from the etcd node. All the features of fleet, locksmith and etcdctl will continue to work properly, but will connect to the etcd node instead of using a local etcd instance. Since etcd isn't running on all of the machines, you'll gain a little bit of extra CPU and RAM to play with. + +This environment is now set up to take a beating. Pull the plug on a machine and watch fleet reschedule the units, max out the CPU, etc. + +### Configuration for etcd Role + +Since we're only using a single etcd node, there is no need to include a discovery token. There isn't any high availability for etcd in this configuration, but that's assumed to be OK for development and testing. Boot this machine first so you can configure the rest with it's IP address. + +Here's the cloud-config for the etcd machine: + +```yaml +#cloud-config + +coreos: + units: + - name: etcd.service + command: start +``` + +### Configuration for Worker Role + +This architecture allows you to boot any number of workers, as few as 1 or up to a large cluster for load testing. The notable configuration difference for this role is specifying that fleet should use our etcd machine instead of starting etcd locally. + +Look how simple the cloud-config becomes: + +```yaml +#cloud-config + +coreos: + fleet: + # replace this IP + etcd_servers: "http://10.0.0.1:4001" + units: + - name: fleet.service + command: start +``` + +## Production Cluster with Central Services + +CoreOS cluster optimized for production environments +
    CoreOS cluster separated into central services and workers.
    + +| Cost | Great For | Set Up Time | Production | +|------|-----------|-------------|------------| +| High | Large bare-metal installations | Hours | Yes | + +For large clusters, it's recommended to set aside 3-5 machines to run central services. Once those are set up, you can boot as many workers as your heart desires. Each of the workers will use the distributed etcd cluster on the central machines. + +fleet will be used to bootstrap both the central services and jobs on the worker machines by taking advantage of machine metadata and global units. + +### Configuration for Central Services Role + +Our Central Services machines will run services that support the rest of the cluster. etcd is configured with static networking and a peers list. + +fleet will be started with metadata indicating the role of these machines, which allows us to schedule global units that will only run on these machines with `Global=true` and `MachineMetadata=role=services`. Optionally, set additional machine metadata for availability zones, cabinet number, location, etc. to ensure that each central service machine is distributed correctly across your infrastructure. + +[Managed Linux]({{site.url}}/products/managed-linux) customers can also specify a [CoreUpdate]({{site.url}}/products/coreupdate) group ID which will allow you to attach these machines to a different channel and control updates separately from the worker machines. + +Here's an example cloud-config for one of the central service machines: + +```yaml +#cloud-config + +coreos: + etcd: + # generate a new token for each unique cluster from https://discovery.etcd.io/new + discovery: https://discovery.etcd.io/ + # multi-region and multi-cloud deployments need to use $public_ipv4 + addr: 10.0.0.101:4001 + peer-addr: 10.0.0.101:7001 + fleet: + metadata: "role=services,cabinet=one" + update: + # CoreUpdate group ID for "Production Central Services" + group: 9e98ecae-4623-48c1-9679-423549c44da6 + server: https://customer.update.core-os.net/v1/update/ + units: + - name: etcd.service + command: start + - name: fleet.service + command: start + - name: 00-eth0.network + runtime: true + content: | + [Match] + Name=eth0 + + [Network] + DNS=1.2.3.4 + Address=10.0.0.101/24 + Gateway=10.0.0.1 +``` + +### Configuration for Worker Role + +The worker roles will use DHCP and should be easy to add capacity or autoscaling. + +Similar to the central services machines, fleet will be configured with metadata specifying the role and any additional metadata you wish to set. If not all machines have SSDs or you have a subset of machines with a ton of RAM, it's useful to set metadata for those attributes. + +[Managed Linux]({{site.url}}/products/managed-linux) customers can also specify a [CoreUpdate]({{site.url}}/products/coreupdate) group ID to use a different channel and control updates separately from the central machines. + +Here's an example cloud-config for a worker: + +```yaml +#cloud-config + +coreos: + fleet: + metadata: "role=worker,cabinet=two,disk=spinning" + etcd_servers: "http://10.0.0.1:4001,http://10.0.0.2:4001,http://10.0.0.3:4001,http://10.0.0.4:4001,http://10.0.0.5:4001" + units: + - name: fleet.service + command: start + update: + # CoreUpdate group ID for "Production Workers" + group: f118a298-2a8a-460b-9edd-3a9b49df504e + server: https://customer.update.core-os.net/v1/update/ +``` \ No newline at end of file diff --git a/cluster-management/setup/cluster-architectures/laptop.png b/cluster-management/setup/cluster-architectures/laptop.png new file mode 100644 index 0000000000000000000000000000000000000000..e992d832d5b7fc383e4c2cbcde329746bd7409da GIT binary patch literal 6532 zcma)hbyQSQ_x43m5CQ2Bq`L;mLApbv1qA6Dy1S*j1VK6^L`0-S1f)S?z@Y{hIs^m; zhR*N$et&)6TEE|V_gXV^>3%_Z>kft$)JPXKsG^6!Q98x?W|UL^NYH1v}9u(9y6cXeUV zvv;-u#2^Afkf%a+%=#zb0NQ^8bX{$|d@Vd|09k8SOB)6ydk-65R}V)|26=E z0sz&5s)DSZU*0Y%P>*Ih9|yfStWt`@V1=Z@VV9M)&-)(tgwDl@)%!~?qdlU`3EMQi z++@yvA_-LxTqY^B=Cy+&4IDw96&CQk8hYR^f+FBs;aSUbBB9W}z;(a#2HVPE1urr~ zMSu$H4vP@X_9Vrf{bQ<3*ckdO_=d!H?}-V|`B1*Npf7I0CKh8Pi=r9|E0U;-MNKGU z(7Mhr>lQ z+#cCf#Fm8nO61%wAp|?@`}b!FyI(EP3o>gjETP1(lM- z4-Y7rU#MQDTpny z7-{Y55$)u$UooKLgYzIj%fLVs3Z*hNH8$qXBdq@Psm%Tv1o8+t3TT_#rPz6!l|?7! zq424E92V(N_nx_7n@D0|H%*HzgHyusYkmC=XxrN#KYj#c^7e>Lv(?#Z^mmQ}aBy(I z;LHMdg_D#>+Y9IC=j-j@cfxutiTSd5`1qv!56cYM^*tl?Db<-cbJWXm=!3KpD_BI8 zVe3Cj1tU|B_~VG=es}-p&`mv(D4mXtSWYD%TLG7G%YuY4vMfgRf4aDkbR3tb!QSuw z+vi?!W*EyLI+I`9V_t%q^iM`W%KTL5b?^En?fxZkkP7uaA@NlPAn z5fR(wIcAL+MPBSMbAApAyg<@h!H4VMO)7k)A61C0hPmApD68dWSHi-=0y6k6kY%&$ z6X@#dYAG(!Y5-1*wVVD19kY0Qa|)nO=3En^d|FNX@?14F;kBXHJIJWz()(F9p~ux` z&T~x!0J!coH6H;&A|iOVlexLMQIZ4Jo{~LoC!^qrS?Kk#35e$9svk#V_i`#aZ3ef7cIYT{c{oR~-YkZ)Kst0`-9wQq+CbcQFHg(D%j@Xs z9Me^<#c}kDyB62GyrQDC{rDWSsjRGQ*RlFHy|1qiZ5A33a53NFS;qyb>t1eK@uw@q zN?=*_X`P#$O_wfwCK_$A;&1NCL#7DkIJT>cA^9Uaokr!#vB^89q|q^ z7-x~(ahP6}-n0Bsm{4Cp>)*dlHTn+$dwY9~4|CpFOswb#9KOH18+?5{Jv21*uBtl> zqo6`Umr~K%DlRJO`=NJCK%0ZC(_AZCp4d(&k};9ro&^8?<;6vl>*8lE4!Pn~t%0wf zpw~`9k1-fbzQ*Rv%uMnVaazKdZ-q#C{P>dJh=0Zze+T%WvvnL0<(v53)54(B{7ZAQ z@8!uZU|x@mB(caat$lPqB5wD~3^!JCoYq$Y0s>)CQA%=hXVmwX+wCmy&IlZ^^j>A5 z>a1e?s9u_yE`W~a=hd|*n%j?g8KDJ1hlA)Y^cRsF_2c7XP08a4@EbHVG!dN)irSZ_ z`-Oo-&8~}5%L4;WBFd;1l#4HvmQ0bHoLrl%_v@$bWey%5?6C53Hbz-OI*IHV!kAOM zp3QvT{#deNqy!zjH-XZ3cec@Hh@$F}1Ql@EVP0pb-*tE7;151)O8=_8i%a|EUaNr< zK4aC=IJFu{^IY)O?+?d5T1|%|!6Ll&U{R-c?)uE_o;(rvF~_eF>cUQ4?= zo^K0mUfkE*`1r|j3uDAilB%#{LGZV+p~?NX6a@6X{);?gu)!Wt&ho?LTjP;`4JlMJ zGOHJjb~84f8_gHbpqGaUclk5D_3Nss0rN04Fp&Bk0`va)lvwRcT3XuPo(t&xY2*sn zc}VPGu*&xK_M#&5{Q223{?$7#Mi8oB2&b_e5@-%xv?m6R|^=th&=$-w2!Mu!!Fjn=S~ zaZxC6%cyAcea9k=*LgN)^xZJB_dht3rd)OAGplZl%GFBC(&ro-N-RiP>6})S1X?i;Ih+qodQ))6p%AwbDl$ z?93hRXG~o6*wjo_@}W-t)=SLZ90R10S_7$H-J>q*CldEYzKu zu|x;sA2=?wJ!JP+ zLMT%?nJqc)C==;=uws4bM>J!;V>QjbS6{|oOVDZh z`ue)KxcK2;dtx^0EOCKyo1^CZC)8N<@_pVqi8$G*+^PkFW&!&ZCIl>S@1)_Y=NP-L zme2+bbCTlh$Qb4Q*~aJpnP21N40|`?l@6AE*=jS0gOgF3CcNi3Oq>S2bF?*p7 z(zSR`+g7itrXYsNW`~e)eH<{6`TeUcLFXPl-KA#j{9a-wu>XXxSInJrbD$M;w**(p zC>V~G`GDful%uSL{|K^x5sS-K6OWRz4p-?`%+Ae4O)IC+2|rG97qO;_F5g0~dwYAA zmX^j4J|Srmz(>r?aAZOAN5M8#_tmsk^l_3%?#QwmE~{m?B9W3j@zbNZ5HrWnBTfh6 z-ulx3DT1_w+lQhW)%(} zp@XZl^F1J6!%ieO3h!~!2FiDF66TV4?=cO{(63*!v$H*-&%nJL=|r(Dh_4IcyC%ty ztFw|AIrQcvCD?wL_BaDecLL6i5!z47{&HLG9W70~eeGWw3*fp3xjj}PF(iZ%!o*|| zGQ)y#YwxNH{#>HibG;($sa?HHZtEC5$2*9P$lcT%cz&4H>Q~28e;mni}C8 z^{%P-c)aCCovOq}oTt&Yj;^i{K0b<2iI6M57cY{~0d8(uP&eb(&60F*5dHmw#C3m> zc2>jt8{&L-fn6f?puR!MTp(DwTYC(G1niLo&DtktD zwO7%xj(gaA-45@|ZrLfFBm|!!%P^^b+d|>h8at%@j0rI0$x2Qp1o(4D*fOf>>jnQI zTvHI8GCC$IS$TUmBAt?tX??3Fxss#R*$_)h<}Y8q^jn{rn#y3;jF+Z^x&Z(PfQ*fe zDTSaUS(1WO`1Si=T>m`DKV_kKB;(15>S-i8Sbr@{pRIqrq(JXbg6d}jenI~W1rYU_5(in=n>qlD%Fu3Im*{-WJ!w#?*KK!%wv0`~}k*0KP zGBY!SU_twxWG?Pk%Fi03tvJaHh-{hi&>$rVM-kGJuT8)ETooqX?#>kGoS%MV)|BDE zF4p?=Ga@kmZ#9X4&fW9#tVIl%v4gls2aODHNJrdBc*$k0vge+QhUS zPZ=+skNVmgARHR&Z;83MxgoE=G0^!Sotj2RHI^GeCNiDm^DKWQFKxt@v|o)~BaZ_D zNvX)_?(TMWb_OwU;_qX;djOd%z5!!e%&)%4?bx_}${fuc z+mN&MgAqr5aP{wfqYrKcFnIXH;az#;{~;nd{hJ)pO@*HSL(QBeCql54ED+Vkg8g1(-lF3zZCSF=y72NhH< z3@7B1%aKph5?5uQ&{aRVnsS#m|2_Sqh)cU?t@8AzL=G<}@EFtQ#RO)G76q4V*r`P_ z`)nqs*wjlRt7>ZtO)AG>w(k<+n8&ufh*@oHZ0bGN{vzu=J2+n;w0C+01O$GgP|o~R z8-4=H&Hd6VDPozV$v8~;IZQpIcC^o72vz5c9|W1@%51HH;hUuevvw*-Ueak%4NXGQ z?Sz7#3&y&uTlhxa>A_x8NTmPL&+s>I?nHF*2SyKUc}ZO#A@2RhGBY!Yr}xi;+R-)I zrx10TID+n6kkoShm<4-2NZJRjxi~n`=NrUDGmaNwO;`tgut{xGR`ROjWoNNB2mByylhaixM!`^~g`tJ0K~2 z4r$XfF?rHHx#fk2!>M0AX<7IBn_H(jf26CV+fvx{PNN|YMZ$;LT34SSa8HSkk1thD z!NZZ2D%6C2;Qb3Sh?OjYEEfos)RcWby*Hbg#nh&>(_d)Q-jmq%Tbs3#X6IDq`Z2)x8vFy8u-6KeR-S1n zRBP*G{85&^(Dv~;LDt)OKQl2kHSMt&BGr^2Zg2eX;U3Uam-3~ty)InEEY8f#Lca z`?IaIm8Alvog+axMiQEpmZr_r;opyK87xD{ISUZ{Aq5O8`~Na2s@cPj-^~wh!bzcy z?(TJN>^<|&_Z~?eX}P%U!9z|2-D4smA}A6RKQXW*gYrTtdx4k<796v(cJN*s6jF3_ z1bp*Zc}Wy{FL#+l9c3v5<8T3Qj&BpAMVY+*sw`K+pnP%Q3g)CM5kBvXRrK}i?@f%! zcP~!Mm}Sb-Z_Ewc&@Ut6%Y%)kMuQn3G6j zrk)&zgQnW#js}h7-W6hZ&sTcSjk+@PZ$HAMsH_*9b3#g!W8EJXL?4(T{V+Jj`+Ct- zuQh!Lo-bsp#D>kz8XW*!dHh>ejYc4Rz319?tPf(RPc_R%Mn;hjeTHp4{ry3GCbxO; z4G}i6dr9yl@kU(N^GIXQ%_iX_pG5Wk`cS%92F}|<2?<$r_#c9E^Hh3j8|h0XuPVsV zAnWKlqn=vo;1XoBFY_<{$f%dg_^rogGyA$4t9ZRIfwGdLzD_MW*e08dYFd5wMII;N zchidd@B}%6GyrV)E-s(>gPHSsrGqaTzD$DjpNGP|8UzC1o{9sN+gn>-x3ROM2c??q z-Or#LQ&~x5Fo!-5+TGnffS5P+;p)l>3k&nT~H`%ZA;Qc9@=om^Y+WzM1Ua-hc0p`p@-oP@Mbd{pu?pDF*1S-BtDoY~R2!AxU2j9vjD!_YAUJFHq$#domQZwZ_^N zZ?A$Er?Ic!=g4diH*ocgIjQtTtfk6w0D_@?Vgqk4lHmS>!bc$*Hzr~7@AVXH=7Rt zcRey~jYHaAcQW{(Sk}fyODivgdx5)Y+yUf!8)?liYEsh<)XCE%YVml7Y{u}YbD9a* zO4bFEqS}d)vR#=WEC6l-rxFh>n zUIB$(Dbn-rN?TZi58yBUNu0#-L#H01)oUa{#(Exyfi1Zix9uE*{Bc^Zf4`j2ZMEXt z{T3ARMV#3rN>IU(9vp69kzCH-(hrLgdyi8l&ZRK;kCQItNE+`A$F?5@ccF5M18gSVGako^qr^n?y0y#(J(^rkWF^ zJG%DUm*=^Ucrf@GJQp7q-q z;dS)=wi~U~bz6w|bE2Xml^Ub+X|BCNHDu-o4TF`a1n?=dYJ5)*U|`=3&lCE8gaN8$ zF&j>yoDapG4e_l4lV(GD_WWU5RO+Av@|d+zRNULOsmC#{=p{Bhlj(mGT>mR+_FY)u zfol5S{e82G5PgC4*WzhOg_K6&piJ{D-(^c&RyE?^DOwZfzf^huE2sazNQ^R+^pX7J joTw$?M&P7+C2ei>lq@MdjRE{e1W;AfQ1~oo{^tJx%u$ov literal 0 HcmV?d00001 diff --git a/cluster-management/setup/cluster-architectures/prod.png b/cluster-management/setup/cluster-architectures/prod.png new file mode 100644 index 0000000000000000000000000000000000000000..a55128b4b37260e0d5bef9f748447468a7594e2e GIT binary patch literal 28293 zcmbrm1yoe+`!>4i5a~ur5D;(xB?SZ#k&x~#=?)n>lw!QBmtHpY%{eS0J5&hVoDd zqJbntUn)5#@1(f66RuvL2@UlR?j#OK!^B0}@I;4M)mP-ueZ&nx&6`!x-&KMrdjV$1o_`fAN#QTo@fVxF2>TFHrte4-h6=r^<&zSQ7x z1hN8Aad+3rcLG^8*7$jH-tg^L%yL>DJgRWZ^#gR zYz@UFBpyG09HmP_MD#?b;jG06>2T)fPmQdR4Vb#3V#WJym7%22%T$MrVcLbHp~)i6 zxl@jFHMsdNH<~Ux9ec!9HhQ1mod#tqD=Va7ozZ`<+1c6a%hOX8`D=L*STTd+g8NEMUS6Jk*+hXVn|e7i z#BKF6HYSG7#?sQ#eKk&%%KdliuV25qyTxU9wIADuE6AIxW~#{1Z)V zDgh>&!s6naKQ+yQ4r^~u#p={dOxD3WS}>AMHP79=Xd&0W_$NAPyjDLex3;!)I+o+p z1YAZN3o0rUVJ^QHU$QN=enhLWoF1K?p8i-@Z-9)bpU&%YxYD2ajH43`hwAF2#B0~S z?yGbXgH0NbO{&(~V(Z64F|yO^{BPe}e^#39-BuiGh8}>i2}ZswmVI%)0&l+5hSaLeY zSFod{0BV>{!w-+{qamUFn|&;3;d~G-;71%{)b4-3-f7pKnjb93=aP}_lfB!%J)|_R zoAV;g8tb`lagOm1kwrPi5wO@+Ze{GX(@5@-z_h?@t`=CCnYXH@bR5>ns6CGHpf5Q& zB^p&*b?d28($aAS508$H<^q7(QVMy_RtP{V>+3_GxulxZ9Z5#tfDeGF4}RuidG_q+ zd_4`WYUo4~v5sc-qqNnatUKrEpo_ZsWKy$mhe*xAd|eKr_ua9|+r-lqZMp+Q`Ed3nJf_V)G)3JR$nf7H)~ zN~SGQA$Z#X_$qn^25xR{S1JQ`(r{{_n^7sYfzMnP2fsQz)4rl3lPMtK5fX>^E!Q3& zJMuY1god)hVDa#}+h;jBIj4HgR|j2!3-%9c47;%T22N+}Mq?sgT$rv8rj(VHg^;j$ z{t9Ar4evVoXz$>#T1;y1^09T%O+g34N7upJJYT28>vt>K<$_;~FwJqxN>23y7;}uN8+E=Vu zQ(RhV3!dw-AtF=jLWA-BefQ95)2+!$f8&=gE5KWzVLvdnvC(aEcS#d6y1qC8>jXt6 zB_%~i55K{11?+h}iT3P=n zeYxkj>B0(~c~IHn3`g3aFvppv%Y@;&MlxX8fSs8v(cR~gd3mz{2DN=-Giw687OUx~RPxY!+UWG#-|5adD+aQw=(TRXbWA@&ao< z%asX^wqDP`z}&a@1@+R3#k9W*4fWKkOG|%)Be&##pF%DE?k&}UOt!nv0IyYTJ@+{+ zO;=6rY^P$Vx9i2t*>Y2tv60ae?Qi426z!Xp36Vcw<@x+xWAi%i0}DDUaRDZ|QuY>X zv=iL8FfVVjEgpv8hrwf;J1?Jl-CX(lBD+vA>)z%o7l4xjJlD^e8NqrQ zR^6sqhYuu>xU@7_uWeuxD|#=kez&La!+VF2Uv|c%r8PUO588NaYkHmnGlcQ*z$XjA zcdH+g-fuRptEqnQ%F>cGQS8HA>_v}RZNRvT#x%$H3P>;iM&pdBNaVk7B8!yJVjzR} zaM68rUj2>G;IEDT^tgXNf$Mr-g63~1r#UA78?5i5Iv2gq-*535wh%}BfA@uAz=?rJ z6pW9Li$`;U*pH4Z0x<Nu)8MxrX{RaY{Mpc>yA(uE7(Xy6u;K5u+Ly3DSFbv+pmBF?)s(s=3>ZIifgpw$ zv!PT$fuT#{H5VP23V2gTXAh>Rr1br$VZ!`G;7e|9_tfH)?A>B6p-RwLKc8*>wTF6d zA^x6ANQc2=CZ<~F1A{U&hM3Lk(*+*#Fc5E#p3F{8R_nL>gWZ3u_*JcF(y%KW!F#~C zAUD_4!eXY%BEh{on23dySV}=5I+@d%-2M7)Ye@aEvhfSN$nhG6q25{F1qxU$*x}(}s{3J&-#rrYu+IAw+}*P09UUD7Dn<4@ zR>1Sk)x+Vc2rWkf?d%}s(5x^H8!$d%-kA`5#>i;0(B#q6)00XOCbn$jc|>tatAonc ztWrQ(Tk&@u-Y>xhhf`l~ys>FIU+axyA$g)f&tuN2Q7K+9QO-IuImvKqEOfDvWieR@ zjy?gS%yBP0a0*WQ^HybQPoF+r(S;AS=`6E?B?He^Dc0Jo8yQOj^G`|HHS6x~{(VSr zXP%@V*gIcQwkzl7=XWbj`qE(Z*hq<|5`x56a3zU|%PcPLgqm8I8%Z1QtWm^!B^eu7&C~n} zj=Z!lZ&|{mFTZrk+t=-lm~nu|rV7QbpYtrZj~SFfEm;vSwk}^;S7`_`hDPH&hQY88 z8JpA7TUgF*E9{m#pJ-P97H9@J#a}lkVhRR85zMqC|)>ClPmOpMF zoLbK=f|!XCj0#~clYI?=bLw6^v~EKqSW^eIaSM*SN4j=%xu3w(d&FM{ujA?Mu;iYJqI&~EL1tDKng2m$ z4>c_{(~Lk)fc?F>d`LBN*sb4b>7B=vkGW=ETw5SHb;o>4ejSTXkn#x}mzX2KKlziy z508)F#9~u0S}~blm3J(`*|Y(wY89f-k}?<_8&ng2`AFJ^sXQqWY6E zO=aeD(fxvQf~vx_eM#UVjE%ounrM2K84r+WjW~nE?E81oy2JFkI+vMhEAp_fwY6s_ zQ@T8fZmfaG12jA`LR;d60D;3RmQ_|-I$XhE2)1`myS%8j zR;^@;0t+>DeZlMYI*vuvHD6$Aj^;S#r_4?4`Fq`fg_z|hJMdPF4Ylt?o3xKxF1P>Y_;9_QI?$i zpf0$r=pn{;ZyJNEmu55bs5<~y`*xVVD7^L#l6AG9;DZiYf2blQ{e z$B4bA^R#rwe~*3`(Xk?vkdV;1rhw9c5nI<>G7v+!BqXXTDrSn36@$qsD3sf;_6oZFam;ymd_RZg`bK;#k)i&oIz-v4 zxsa(~lO^Q&10=*2!bN(`nbD)m{bK%;uE9&s372gf6R})EpKZP%KF*czZ`-JFyWht0 zd>CNV=>29^7iq_=W+>&7+^D#>I;_cBxb}x-qCj@<9sQCPOY^yCh$_Ol-GYOZnb~8A zRkON(KT~~RU_hrp!&#q`{KVBm=k7|KQXn}DCbhnz^1Qu1?L#;&e0Yo?-$oH!Jf|os z+QrLyI-cstR0VlMSta$`PWi`KJ1NbVJB=IBL#ovKxYMC>gILN|fXF#_^pW@6|cSBiocl+UUgTA#8BYISJ!i367cYDZEk zswUf|wi%md?VPdIwKWD1IsaZ2tOaA6YeQ)^oaBr$$-IW0SkUmM<5-St0=$O}(z`g` z1O*+W$4(k5W@vAJSZOu}>CHE|fCL(p%}r%wVPYvV>yI}G0FY_m*;LAlV9e;ORbe^5}!9~F&M+gj5(c7G?{wDOeOIGTB#Lm}t z?tl3*gwg+g)az}D49#iG=Tw-An(;oicc`lA;1Pyx$P!RPJUMe7y|B&n#nbqhEr0+R)$ z3BkiWH` zVCX0=N4D`*VQ;zSW)Dn{QVgCT4{QBD|k5{6>nClNl zWbO?e9Q!(gp+J!u9fL_l9(IpL&Apdj7B?9v@tv%jZw(kHr2TyQFRzHy>jn}j)F^G; zYP2f?eMkjgp=bc{+oT6Re{y~RNf{rU`Dy2~ikt!}7va;})Ulg2lHeJJWf(=^oQfF@ zM3MD*Udy^xVO5R^?lJvBI7fsOflznPyy9M}rl{zqbAXDi9}#dnPsdZfLyTMB3Ss*g6&M-4t(YOIx8@k~GQvl@DzRfH;uJg`NC#Gz1ndbJXF1uHb_z<-<(Hq$;4IPk2J6gx0l;e9j+7msLj z3v+!3|Jy}P3ydU%4~6iiKBx4wU$x|ngE*UNi}nHL>NpEm-Xw8>XdE|ION}r4!`!F* zjn#U>Sj4z`!h{Ovth4!Y!-n`ALr4%R6l$0}iCK}hj{m=|dB|vIx_@sVA<=Fn^J^J< zc%*20t&s>$0DI@#6CA3}Ki1EXFf!QZ%}n!FOc}b_(P^~tam4WpEipf6@`LP87{Q{h0*@LuSm48b!#O1sOiSah#-jmf)Q+j zEXgk-IL(_;kb^(}RH*ch zkl~KwFYXHGJWQB!{-c*K>4KIi97p)S&btYCDtsN39r$-Hfw1~_7u(ch<_cn@;CjM% z$@l95^u!+q2d8H~M5M}fWiQ#@N$@UPC`);eO=@Tr=IEsT^0Na&SN}V0n>NN!apKUi zsmgi*iZ_p0)zy>}MDj9G99Npp7WJVPQqf@h#}kvKfhtz-syxRNKaC%a^k|1Z7qNwr zl1TLnCcP=X3y=REgG)@xc2h*#dzxW88TgI&>nQB0kFu1pY{$Nwu2-O@BY*6n(NG+| zRo3zRIg8TIBL;quA)tmDI^KR8o*(U~uVH$fp`5MDvHs@yd>%fE7$L+i`%LC@+2dFh zvAK?XUdfD>XpP0=WIBy5(yp`feB6IWka-r6eKRRl*4f&Aw8ZOV_G#uu$Y!EVsqUgH z&iIr}>*<1V^$3>~mj#1E#)3?a$m%86S6s2@c+9Sn4Ht4K`*nB-mHBN+Tv5?o--iEIOagXC&$vdxK%Jp~ ziWw~&s`ve(lgjubB(Y=gp{Sq67i*y}w25o*_D3>REtkx7W51~Z_WYd-bZ=jws822J5y7VkK@QNaG#e0(~_ zP2>zd=g@%Empn+S3h!>s&;5JenEq&e6@NrUC^J6&lk(;L>60LB*z72?yGsQN<<#m3&bhx?0IM**5*|>56$qkL=$19#Sl~ zUwX*2hsa%2*OKMND9CLLmgy&Z_st{=o~~x&f(3B5S9u_X7H5S2&$iFWf^x0xWjHaZ zJ1FHwM@Rji2m37T-cFKC@P4Q(S5ax)Y0C*=3D;ETg1qTztAeSLu*mOcnn5j@=uZ55 z_<=3v#R7j-(a^rTpNxg zIP&fTIYF6W7lZWY6&V^aQLv}@fj%Z(;gnuy?bM?3UncZ1a7wb!kvV?0>o|}%J1R0Mz}K06N>r$*%;jTR48K<0US@7z-hR(PtRgKHExE!J z(VRCtGJYIE5+@GO14e+&FTLd3&7eVUdeY>(B7uj_Lkpg%n5P6t0g5eQ)O+W~uh)D? zNpFtQZY^hPK@NjwSSZI7?|F;Y=Q~bt67G#=jy%;Pzd1DI`F6j2+a(|zo{thvgyKif z9*qtOyuKIvA&UqbWu_ySHT0Weo|Wp>b9HHwtY|kG_ULYL5z_Vb#h-RWRmZh(y)UTl{D@X;Xjaqz`t zP16Y&pH|KoWnMXIjIbOjKjF^ir!xFZcC8{eVNyB>PU$=4geg@?KcZ$pA9cSn^JnzA zx+2x=Q747X&O&o@Q`3!V^Th-JXzw88+S-;Xx;x}(gGgIjn}~=AfccCR--D6qQYbAlA| zE|KNmZ-|MDdxYM0bA6cr>Ta*w8w6gjyJc~<{j)O-Z2HF!1hstgGlyN0y$%vx0RMwa zr_A6rj@kFc3^}GyvE{Ja*(UumH2`4W9`>;%4Xl-xmaeC|?d{eqq_XROs2BbeoysvT zr3P>ezsF`!I+OXd%8Pa5wPyE&?Yd{*8wUl zaQB=MK;@BNmTDBG1`rYvos(Z(*sv=rD+}G84}m{k!I{o8RyEgv^tuL|+ODSM$df1} zZv8j=FQE|YI%@@lc%uYX^>R>T1Q9SIwgdoc9#@o|7$3)yb_d&sE5iFA91w|s%NjX` z3Kh8?{vJbXyJl$uJNG(-xQA`BSbJMtY~H9$4HFX+;8x_I=&J_{cDdhtd%f@F1#mJ@ z^XlATfZUcpY(aems+-H%ItOq>`UVH9r!9ePXcRetS5ZGAK%gA51NSgKdK4EQPmYDk z_A%iW)dAGK3A&zjSy`|0lsr%C7d&>#x>mUF>2`{iI*cB_$!F!^6-neXyWqg{Bwvb- zi2-ER#X494uiI0vyT|qE-W>8YpAT5o%sDO7(a)0p?{N)DvcItrC-CY=nPCj0Y? zSxUY>sgqYN%*PgPr&jM|1tugW=6~g&qoSgsqeDeZ%&>nlTLo6+kyLzliP2jI#aFLh zIXYHeZSN`bGBTn;0P#d<(PIat-a~%=dcflB&DK#;Qd-{vLTL4==l#?hihjUaP8DgI zl&L+Wqto>~Uj-b@iPp_X|0gyWobQaHF*)vY2Gv05rge!*fyc#W4x{wvN>B*`4m2mt z(-i>s?;OQ8Xl2;1zP)D>SeJHJ=&d2d z0xL$jM;uyPdfEOSTPa6>A_7YhmYI1UNpxA%x zax$TM3ruNZVxma99uzc|4kR*?lD}M<0M5$BR$?5a@e2Bv7NEBF$L{F^x<#YFh=|i; zoZlxKR1(nu;=Bef1K1Vt)lG-JEUAK2-{?f7Z@Wn^ClA&ra5EVDLd)>Bpb67^#H@iq zLFcP%UVzM~0}Q3^^_Hr`T7L#pxvdz}{}=p&==k{T`vY=&0|x!mGz$y;ow<4*Ha44I z--B+Cgl=P!k|?ODn*ky1absmx z>d)lkt`-Le2hU6fueJ(G0R0T0a{_$)4?V&DNbjD6QrTjT`e%O4nox0x4Oh-{sl94G zRY@t$ZBOCc&LoSOacM|z|7BoFSUmdKarG>kY|nqw0$$M)&;fhMZAZA_%M5Qn zEt<(O5vJbU=mvU=M^^&Czh>UGZ`D2w@UulV^OEA?8*%y?(SI6xM$B={U5Y%T@d|EM zXOS^cE{TG|!&8AA0a(v-e*U3kzGqH5KLGpvGOUyz96i;)7u-YgEyGwrNfWb|3o4z@ zqRS2S?O9jsV?|UI3IQa0g-l;Bc&2mpRyRCPArQ~lmQPvLj7^|E$! zs|Q3K8C4cj&r=3B$8t&l*NcPX{@8ab=|IB!dp$}~pw2IT1epbm-I;^o1 zCyk78y;Yj=$}b5sE`QcbHb4T9wpG1x8uTBVBHrF#fq>{YVHh4)&C-=VcbNi#Rp@r! zi-^BD{zv*#>ASS*&RFKg@6QwGoT*z)@#|Jzxh||yTb5{Dd7l3|?ei*aJgk$2H6Ok1 zGpW)BH-V6P1)_QaJ%DaD{YZ3xGuWRoF;m~_K*?eZQ$U0LRAmTLXs*?(jNk2B;Do{U zfUlMYbWQt`^Z9CmY}$(_HaKhe_ZJ^y?Ft*DuD|IO{(Xn0WtL- zFg?`L|McNun_a?vX9Qdk=s`9v-gU(@H=H!s}z&tFErDASsA7%-Jn*L~amG zn^I@fw)=+sAVVeh;$U-eBv3_Db7p*;9%mu0e$N_!Ti{PB7j8+@#TEz)fc^$VFrEnT zzG1oqR8%(rx?cdq?wbgzIE(Ig5n8-2UU&jQ2L}fSpx_eNbc=Iy0fAdJZ3*t6d}iG5 zw%^EjsamMU0Zzx4FJFHC{0Zn^SwPelCU~W9+S{Py4M|W=I{kgMSGJm)#aZQMA&YW zL%f{>*qUdY?@vo^)L)(42Bdu*j(N5mKNK3n82A9!k+sp?cow{{;Rz2T1M`U~@Jh1X zS2P$5K85jqtP@psI{WhStUYKl2R_wst?nSiHUdy{z{geqXJXVBUl*`Xj^!U38hUtW z4=)3xPi!pV$JWS{6m1n1V|LO*0SIbF3R-O|r{(9@+zYOEJGF))(eT|aR(-w$Ql5tt ztI41Cf%q&ErOZL{=C@VV|1&~{03px6IEMYD#9zLB=fx10K! z*QX9HC&`Z2yBOrn2gmU)NO%$bQwib&p-G!{*J3)Ei)i>$lattI!Um^Ud+iQ1cEZ7I z@G9*Ec~#NaaJVT-4wLv!ZCPsl28YB}7ghP~5P#qV0&2Li7`)1#i;K!E*o$W3a>V!V z8NWLoIwK+E=pZ?${}H$DuvD52Xt9vS_f5@{q>&-Uhip4uXQOzbk$w|uWL0tUGenYj z@=LJ#CCSzDdui6Ze`?mHoZji=IWfhijq|3?X{!F%r@mnd`_+?ZN3k!Jnoz9ztg#qP z;n{eD<8|j{bXqbQ56yJ@?>bSCRe|`i>@si4`7H+(5N3b07&}Zkf9^WLX<3?IKx^+jGafy2;$uuPr$^(6>gm(tYCBSr28_#k6@Od7ity z@$BhS!$HoUvOGVT2VfQ2wn6xR@-#)zV>yYk<-fdnY$H29AD!} zc!J&R<`NuUQ{`22mHR5=@WSj^LePt(u1u;Qq z{EW=?uYLp4_bPZh?hS+=4g6uQC>Uv*=EZ<2S>tj|#xi4TI?Wim@=lOqdAhL*q$-X2 zh|m3I_gjzru-e&eny;&`TtSj|I_nUjJ9Kui+=!3J7NJ`I@zP;=d3mnB0sFvpdzBhN zFVy|376FUJ_X`F+GH5tZK)lUJyHaG!=+yFGN8fE|0yz_?5S~37OJV9}1Fp%ClblVb z;nSy2OsZ6zJUlit)zVobgd`-*Hy7JL?E&xt;Je~kTMniHFx*SoQ(=+UQ<7Uy+tiB7<@{5c0-=GG0c7p#RxZ z)Y7NSV)#dFJJbu)$6a}+spiX5R1FQrt)Fhzai6*p2|jzx^K2FM3E~TUHoOe9(M+W{ zt0}?HG%bhXy5t%N`MrgoKgj8XV-I)hejPysCG#uebLtLrjAdY)7YG zvDo~Nd3U5+F(}OoK_UqRO`bCqPxKIJCC}im!vwE5F$1ZL_LIk)TZ`pTb=$-Lw;bg) zHG`fyPIDRkAGp3MLEx7!^d&dWA=J* zuJ_Ck=77O@9VIR7w6fHAbSq=)c+4`$Bm-OAsO#9>mznuEkN{|*%zWq-WXd|P|Be3G zaJ5H9#o;n;D`)8D@-z|WL2ug6>C{5)YM*W1UYjg16VYM4_Vm-^S8k zRz^bn+CH`6hdrul$y+klWyWHEq_bP&0Q)ab^Xr>TEQ?BEcTW%S@q<9h($nJtILr37 zHXvKgmD74+T&1zvgbv|SQ}0vp>`S@3yNil`2ZCil6auFY&u>6OgOrWeli zdb60~po#500?ac#q5m z0mM6yW=*f3PW3;C_te+&@bGY*T3dZ*=d-&4FFO4-L$Ci#EWTL~cwO~-FDLGWa@Nx27dN?2{?~Sn7I*mlF<1I!B9t~bL#E!nCwR_ zl_J3H*GCtqmU!+~P5IlBJxRQgHKHt5;B|2?<7!!$Vq5r3$d_};{P3RwGIiF1c{>W< zY2mj}+K#Qz#-o_~R>KiU)%kO= z)}@a7pAB6d=Lp3yezfPYpSI*)==nVRUP%WjNbpYBG6PaLhL|2W3hVU#i(!wzb)6v+ zYyBa{7fSAI&n_lwb>NzHfB6LHoZzor+I({N^`{h|t@<>%Af<^^+~JJ?WxSqXG@vAQ z!Ka5>oB}S&0)E)^XB%X0uF!WB#r#O-CyHTM4426(rW(QAFh)i|Tr_)~U$ttmveBns zhR8F^LhHZ#h?$KIUZ-V0Kn!)C$b#H-iPsw7VL;2O`1S4P*4EE@xQ&B@gNMiUo!)my z@DvDjc;=lAK_LJ%dpH2K?ulX4)YQDaS{Gu|s>Ow>t!A9o`V&FHm#dTy>I;BRZ8?4e zM<_z*#u)%=0nI?@tTN99V*Ys~fDB^)VrVtgkmu#hg3M>myn=%56!`o(fH1SNvd|hj z4TL9SvT#2~WfoXEaKT-2BZM{zj7>^Rw0 z`t3WAbs>aE1Y#~fu=^u(vz;cki1M5xHN`7IRifhw0a4A{l^1*~fQiw=B)lmhLKP-m zP=uFra_@?2Pc4rbpxR~>`WW%*X3k^NTbr4Y<@$Vox>v=%@(RpuQkx`gYs>u9U8S8M z?t?~3%-O#bE~iS-BEJVhyZ6a5H-)9;zdw+?gK}`tGh&2exqoPjEMn6?1Yn2uQnI#) zY6bg_{YawXx61>={lo}^%$*XOm*O9+@p%G7_)a9H^Q*FTD71g-r6m!s)%=Kjmdqw^ zgNFa+_3QiNAcd|?{q@UW0k5NpT5v`C(FY%~jWRP1hq1Ol3Gh^l@|qvWL-Na;*E%>2_#IXF4y#3e@Y|8HouAIe~6|!Zws9lQVc0W2ugyEyzV~;J@w<+t)+Y^TES^D60#n9h3LkHk3Bl zUp?o0bE)&rhL&}SG{^vBMU$QzSh~=R{Ni4uGp$bkma83-Lb)dzjG4YHX5z;D4-RtG zn#nUm69%06;#j&>{KU5mr@wH3 z4rll3jguNwZ%o;4TSn7v5rLG?bQ(04yuuL#s^3|fl_cdrRy)V}ckAC5<56FxFDLIE z1gR0`*?P33i9zX%Uq+U@3_%sW%#{5TI#-PHA7mJ~>Qk?X_pVU0VTCVz4 z;I^x-D+CyW*-Bq=MEQ|5%yI@4{X%@_9Zyl>M_=y!IThyML*l(fGG?by!8b@&LC6iR zPS?P+W?#YoD=>sGqLAC(-FHG|L{@uzFy$%1A!e=|*)@8{vbuGcvTpM6i!q()S=0Z| z`#Vnz%^aTpNd2PpmXPUNqXD`wUF`)$fBH)p9vBKPY9ub1pPeD@Hbq8&HFETi4&=)( zRQZuooLC$)elaK7X!%yzDwuTU?u2ge{Iz0a29=40b+msarDQZ(X$M6rkomGy%* z?B+Me`ky)R)!S3qq3J%lH(tbP8ThX7d&j4??_bIcGpWTDzxtgTwJQJn`|m9AK;P0RoruARora`Ci^3=n*Xc|Mw_dBZ zNV{Q{Myr-7xsHbGbEF0eCW_VqiTtC(!tR7{$=kHNg&hMW=BNl9iVp!hpp^)z1ppsY z+6eYR*36=za|E-&fzh}pB0YnJUrW4=A@3Z*g!de;vuw0eqWMhBM`f)i6y{isfcs*; zQ#IUTM7hw+pJ%QLyO^-&7#L0T!Q8*q{;G{rMuNog6$&=WdeTQ|KBGdc!Fn~zu=;mp zi!vKCbP9TQ5q>XVfN~5~~>L>Gfsv?bt+Fd5YxjX$NDCSyuR?x6Ge-Yd{HF-aR52WkQb!Jti9GVSF8qfg@n?fekbW0X7V@E#TqdH3~X` zS{(ZQyB!Da_KVgoXcnuxEv`Kbf$uR84)V`B{@G6C78Tv*yBsq)RX~>r1hg&$1rhEl z7{jmcxgc{rRPAbY1Sz2F`B1 zjYC6MH~H#9&K6r9jD}-)dX)QLnmj8bCYio|KXnarBCD95twH)o%L&7yrJ+u?=3nQK zO?cHhJE_6dJJLFag^pOw?@h9zjb5tV`rOQEqQ~p$I?S>WS1*t7Up9=?`;lJsLU=>X z)iSnx1mD>SA#CwEAM^G3bi}5%li>dFflO6PS!Q}9vKT&scaEu#f^B76hF(2soS!_L zxoTHZ8;C;3~8Ko<|_b%FHC)IdAaH0azxfcna98c*U|^&oG+-Gb6zgOxbm2q1iT1_^<~JX_DT z+?p&;XCKmTRZo&bm<|F&WHJ#lkuV;KfhXd5$nh^p9b!djgM|1i;C?Um_Est@ZEsJJ z|2tJiQG9fWo!&fR0$GPGs_jRHo@`fW9IhY2$~iG!CpuI-I3LEw z=s9vCB4u@TKI>Uti0R3b0r2tue)pU6^#S9GWC;LQ`gT5gc%0~!@ZPyvUjP4_PVQz3 zi|!7fyaOZzoJGE1AVF9XNxO&3z0X`E=qV z&Q_@BrDI8aPVEDm1Ii^HAt50yuJ>Rczy&(wP`t;-mFk#9ietcxP`vNB_P-4{!+Px9 zt0%64kif~fA^^ETw~h?x{rcOggSGbkO)r>B7$@`VG}iE%~WkZ$CEK{>qV7@~hkW(&Q+JCYemX;70j z9vIT+k|_Rxo&ho)+Xt$enwM8cLzmX;yw>N3tEm)7Dnc#Yb)vpa^6qs71D@I^5rIsU z`@@(r5|M<Zs`0e_NpxZ1q2Vrx`8x@_8&2533>_x7Nq7VwKBroCwE`! zHQ((jon^*^d)+BjjL(of_tH%6C{9FU7J?nGu~ zV8jFjxIVi~os7ZJ+JNUHo%f_wRaGxhp6{^X>C3f{md)oSsj1UV@*wm<-eRE17`B~B zpOhj4JKs!qk1H`X^(JNC{mr~Vnc9jL zEe8kQT{9@n=~qXRdC;iV;J3^R>8U#b{X0K=ufM-P_K~c>0rK`y_Gb8!SI`H2;F4+i z2#mb2WkVEP22{eKd*Uzk-*QyS*<K)w*q3OY?qIrkQth0eSKj_&LnW%-zE z7dF%>k10j0GLbEpZ;C*9&i2BY6k%G8pq;$qEIrcf`Ue$T*g;_hfqk`<1de6OEw zQ|XY$M2R0qd}H`nrK?brmqBDzTVC{^q9@L+*pK7GKSd9+1r6l=b+}~xQImUVQ|}J> zIF4k9!i}qr!Gb6GwNo-O)Tp!1|FGRgKi;T52Kk++)c^xJ7{0VBXL@Yv{B)Cjfeo5 z`+t5R#^Vtho?z=h!Y1BG;g)HfTi@v~$i)JKyPrk&w>ct_swaSaR4_e#IK{A?7a^gB z&+Udq0sWBS^$R{0Sogp70PWRYl5l9?KbhBnezM@$65-H4sQgUw{WaJZJp`AjN;+i8 z&%vWiqgk;vjOI2{<5=Qp6H#qdQtzA+cRxtQx;HbtatrEaAJohJCug2|XH$len$>BB z88*uNmELrZiaHg4I$=`oZ|ucMpLGCICd|KiQ4$CE834OrA=f=377Bs{j{A-r+%kyJ z6RAgA)0IrCMRuQi?98tRVtLLC?1D)?Q?4iNDjTb2`NgnBt(2D~8{Jff(l&_F`=C=* zXfx&25UFS|56D2`5elncwkyOevN*3PJEZ?wI6~BEvM|<6=_P0!gdiQ~B|ji>2m|e` zz{&8OWxZiq0Fp33q04$6#(UsnvKlgZ9C=^a5$c!!`Dk_?0(n61mP8SYzS%5~rK5f3;U3azd#a%X*1vEAlkM#p+ z2Z&X24apE52sq|LU6nc*Pkj{*juH5 zixdkgwU~mv#PxrkywsyW8r$+U0N#!%mPm0GZ(J z9l;&|hS$Atdjk)()6gJK%+*7t9g>CrpJhb*QeJBRuJk}_RB?1d!f6-iY^oS~0a}=V zV8yfVEG1sPPXR;U()AcUsjggg9b~Pb2OJRs&6HV8qdQ!PxEwd>l~y+D^}a7fV|{Z; zB%O@8JWx21Ac5@K!jQ-09@|^7{d|fsp7sUtn67h5|9;>QAXHU^@d*fU9`NdMC*g^J z9P{_=#1f%UNyTo{@Xg5ipR9>VsiHyddcF3_SFQGyZP<<>1gez|IpmiAlZPj4KM1I{ zSwH-fRHED9%poA)ex@`O*-`1*@>rZA_;a|5=Bm1Jk>o)8>TP4qmhWrIy)Wt{13+}Y zSxzQRV#2L^F-}ySHZ~-o!2F@M;*JMF`wo6uBt9yNquhW>scxa8(jSOxme(}Gp3!I& z{Q)!^XnU=9Kev~W3D+q>^Zx8Kg_bjOSDdO9RTY1%_$K-BZ*Zf5J=m}3w4>uKt_wfvgL*?aP z6!hXbZ1kY@?j(Wo^Ano#znmfP5DjGfPCGznW)9dzV<5n)^McitpB%-1c1l=pn|zpw zEP0@&J`!VcYZITxT2bZdDs|4PI6dos&*3u+kip?j>Q&3?S-4nO*r#O5q^F+lp{}0_jbE%RfHFr|X6stf>Nc)zGyN_*9BL zyE!iMjw7wGup;Qjat`hc{5)fO!=9v;7sTCJ_Wi*ZmzCcC+xS5lO-?L?+U{FhTMLSG zLgYlDf$eneLrFmx`E`(YTYJf~Zn$ALvY}1FCC^@ax_4 zXv##@d`iq!My_y^(@CO>Tx(LlxOm;2B8o@{KHEf!pANLhUy9qS*87}>p5SMKb}NK* z_O7fzTR(lwVDv6+?nM+~bOhU25z*tJ!5u;OZ)N!vGy47i!VS@4(S~gE^r#u!w{Kqa zGjqh5I|h6HaVpEd%$GXMZ!Tr7A}uaJY(vKgBxWLqm_kiH!RANYH$!SMsNa54#Ebg< zCn&x|c3YW5cMABOS5^`a)dqfHPc^DGsI z#`T67F%BIN^?N>FcEU}?!IB3iURe^FOQ~2$VY#jX|R{nWs5NH4$$=QED=>EgJP3S8!_)wh-e!cl+-X|YzyGNnEG5=L8 zI`z>;_-j5=Q8-l7aPQnvDrjhzO@f5uF3FQ6wX`JTY@&HzVib|P1`wKN_oWyMevT8X ze@)Rp=fl47~^BHe7wGTRR; z$C2hRgsI}hp`481BO2hb2dK*Ippsy_%h4{oq5N~b{`f%Wf6D~G97plBoJ0+cOiSce zs+d6)^W3@o%OqS?*z0(fA_uBtEl9LVd?5j<&yczqBtWQ$AKm0-jaZuKDBQI7qwTav zizD5~1(W|yRc9P4B3f4Mf+j=YhdP0It5A=Qntle->66+YguXgReafgBF0bXfHVqru zpAz{P4l^4!HAE#9s;pM6dt&zCf0EQ3TGIS8)34W<+Qjx#G(QjZoFy6-=Lfk4zg8KR?W9_GxvNk4rUb}=XUw?I zLY4X8 zC+AiWp~+Tfu-Rwk!J+`E1IhZj$~ZaoB51V*qLYPLrkum7LOCWbP_5czti+!7Dk`K! zRb1uq;E-x;F)p3D^dn;fl}4kFfhC=^STg?jA5gHkeP@Kzrfg6lLG7=I{+y_sqi%Yi z9&d<+jjhyiwZzQl#=)X1wHIcup6rxLXH0e}1`?A7MkkcK=4?y)td$81M+6Nk`UvdC z6f5HCr2W1U*;@Z1I*Zw^I#e&>ty5U&?J;*8Capx7smRcdH`)*1EGEjs>++A3BaqIN zNF2o^EEZxRd-^^Q3LlYSd`D{&rZ}R3RWhO`)t{!*I431hwSuc*Ed7Ey+{e|UUlJ2S ztIIS7En;W(@usRh{COqEe`{R>X*+P?SicdNh`8W=Y%N|D9ysPofFFrY8 zfL-6`vUReJ&kmmL=6CsvjJwZyp-GP<4)tZGz1UIWSKb`gISh8``q&|=b z*~fli%T({lkd}|>iDDCvu1SJ}VzQfRkE>x$+Y?4m-eG=rwE|EEQ2{_Et>1@a69vMi zVuQMnxLq}DaX+Qf>;AM63a%Bsa$xIPdK_+~>e0VD#X61tM^ob$O(HH_R@Cih`}BwI+_6{dEuz zkNZHbK;6Q=Re`Qb%pM9^G&3_r*TF-*+!1wStQXW0w6!F%`<_=$n(3eO7L&1G4hh-$ z#KSR5Slex{o-*=nz|BJzSmvF2!es5kBH!_p7lP-wE7*{8{pwA1vWCgwUwx;C@$Qh7 z+jdJs>~a=6Z^xUV(h@1^CSB=<$!zB9CZ8V?2+-Rz#F+FIY|ajOZP{;;QpIOhH2!1+ zdX9kW%(!R`n>L08wA8bkmTEC~-NuOEr_?j=zGA))=f3)5-;vUgMRU_40=9F;+FMiR zz%eW5t?`4PBX%L-VRsKGr`^kx9?QgcNvZKgL6eqoqr#CrT|b%$I9W#oxUl zq&g+e8|*z5$cCi|B|#Tl4WcVIEZ!Fu9{6}?L@(339Mo3zCco{AjbEXBV;cN4Tf~g- z!lc=8aa^@-N0xV*1<_4gOWPV6y?Jtxs$l9iQky*o2voo8-5kf&_=T-Zt6=FZr_^L& z1KzqwM`%HaVo!viOjma9gv=xOd3ScLPeZP`?*9A(1>x3_T*!b%2VGCzwjOt)Fs1~R zZVZx`=cd6}$ipv|NfWH~ZO^>^Y+qyzK92G)5B@q=`@qEdKxTOCOTpM^K^=L>VmGEF zXMt{wCpkg0L8Mpd;-=emA4$%)vC;oHRWLAVMF0PQn8o1zKQZ$y|QRlTuWxw#n=2kRrBiH zd!t8E$edtVL~gK|SZZ@a^SAeLwf(WkJ=ADsI*P7*XPW&kue~->m+dKO*wqzqlG{n& zdYa*M@0DGxP5|UyYwa;zOH{UEaQc;qERiX<5hFZXt0JUEYk<@|JC=ts4$5}Y-J8#{ zoO8E2Xoo zWf>PAUqMc;vbs8#oiU2;Op$LS@l3az@Cakr^nNL?S$V{ug2 zNh2PipuA>U^~QFK*gSF{7V7*R2>_*;nVF0Xnsm|UWCHGo`8`X3)URqX_xhRBpYL~? zW@o3SDDXc4d5J76N@@{+Wf`wm0bOj9IW;wvn3x#ICpKS*Bt<3(4@8eime;@XQ|^+c z86!r)DbYMoF0x(*8ER4hvqAD5lxL)FX?~F|=hM^Eej?x3oXWFaG|f_B-eY-)^SF=# zAj`l7F!mFm>e;!v)-*PzJxTTky0h*U8$@!@Z;rRJva&!^Z)s`i1D+lMdq zOPuU&(+a!k<=w=&2z>NzWM?Hn6*4_7C?r(E(mS-+0_q|2*}11sLtQ{breLkF?`yf}@h6@GduUKSX5@p1VNe{?d zKvxCMXa#Kcpi-aBkRlJyNPI(scfw~fb@MxHkg53D^0nS8cz>=WQf^(f> zDj$&akS~cO^c;aiS@T+EVsU7{Z+RdMS_9YfIU99iyU#8~@uK)ajbf++y4U{x$f}_q^5G+d2MpgdZ3Sa-q<3HY>_5d1zl9CeOOH@Jp3$T_z zGRBw6MuJ^-wUZ|3QLhIdv6!y0e>VYd0j`Y~=jRLz3@HkEfF47J+udS*(u=691d6oB zK#$k$*L?{*{{V%Ai5UC~r~X+R##ZidLTl|I)hi--Y;^G*lX`9*)-H zrm@Gw!H^^u9uaY)MH2#N_w{$*|BxmHJJHlj8(6GUmfv;n>XC%pcnra#qP7Q81!14aUx|%<7Xl78gea#>9MC3~`*0h5ENiPj|wxkjDpsOYiYNwVG70 zf;G0ATOAz%y_`gr5=mP!@WiaKrz63>sYamEAj1VEpRIS}BB~wRyJwqUE_@VSZL;)X zAhfmM;^IkRfs^}>lP+9eKXqWZK&s@k9VBZaKr<5$ zlh(pMaX=4mKO2s_}+01^Zyb!h3~iDD7E|pf!{|hx==+gbXMYTU=*a(+1&+ z|I%X(xL$+(f&_$!P@Ds>l8LaSqocbZ0|(m0>IC9uK<7}^ z(C83FXZtjJq4NB~f7wt^n*zGhqzR#4)A*PXb3Mrz98Hlve@Z%YzEYe;6(vDU8#U&w zT(x;vfZ!|`O>X)e0n zMB6eySiJGPi~pmMV3f}B4+~Ub7286olG5F`^rpw{wWk|8L%Y2*(4NeRGeiEu`PnzG zz!a5@K)kRvpeA_MR*7A9;WzO%txqYKZsJO0(EDzWm)^2ra*{n!+=|AI{|wS8T@O5^SH&<7ouDjG8GJ4*LkzP_BPC{h3<=&)duYOlql0NR78KH}a z#$X`AisyR%{Eu_p#>U35$9Lt=Asq`=+ALvS2E;NKDbs1JJ=a$;U5xgPJCx6{FTtN7 z$+d|qIj~7w=J*9rR;-s=-lnP(@i7;Hl~R|X$ngC%hTzV`pyK43M=P%3bi+tjh2a{B zFJB%GGzeZ5`oz;J^_%^HFcysP_}hAJO`N?W)!0VP_l{-!-6KH-rmmyIs0jcgKeT?> zlnT^h&k_*SIzTC`t*v2zi{*T}YZ%kDcyOlYwiIXZ{1gbdU0hr$?r)mk=KMsOcnyMykuHg(~SZc(~$-qGFJ}(y(V!u00;1y~M}u zJ?k$Q`EXF8YKU~vj{Z~zBh#%48HqF8}WqjARw~t)~ zz@&wWifR?qXJTn>>+swBHZWW!B z1LbelxrK$yC)R;MPJF4HpMpwsYKK5D`0H0}eA2Ng$3wNQGod70abXt|&aOSR`Pi2n zsWRD>C&en^Lq#^vy$=}8-M>s*JQ%|)WawbcqC?H%s;5BfiX*(u|LoLMUr>WqU9`b5 zYG`Nx^3nJ@8D+pjHYZJsn|?y51j0C=1O%=~_RGDG3XdFx#Xo-h_>?3zYtxy3W6BK- z-&UA~aRVzcK81i27fw2u?qL+*Sj&+R9pK3JLg=J3WN3-K#f`Czmy4ITy*gwHku*YmoqDY_=A|*wy z9%y^LEfdT6ueYltWL=hwm6cU8oWgJ=C8@dj)%oGuW)QOvcSnSUZB5m3$x`!2Z0)&n zQhk`MvCnFqOWX>57@E`6l&;GFlqmQ3$fhc4Hmi!-Wb6c>rX6PWVlSoUOKyL-Nv{XL;);?njRV* zwD3|)!j@6H*rZCVo}(X2J2(hpKJIinU;HRs_TL?fejxc7KR^Gp4Ps!$kuMcEm~}?c z0nU?|nN(o|DH;B!B@e<)XODPUEa$q0+}zx}Jkz$22LP@Ifpx{W6=RDmv?&Rhwp^e_z||Mp!{+Ru9o7s7hho|cllV)$mBNlG!{Rd0P~G!)oL#aSF=LX_ zPYI$J8I_s#q}3XnOHRT7c+m>Li^2p&)J)Kir+uq|g`o4tbD(r3kLVDjykF;Fg_s1E z+WGaM$0K%ToAl58f{u4)2imIQ&b5!^H9(yu)iA`%$(HCe_58=KFkk)@g0E0nPhC+kVPlFxt?xY7N{;><9G z;-+`GVS0UA>P#~CVe{VDz)cWM=jWc2lCjg)i*|h#E+p# zC}YN>!^DQKF+%0BDtz75Xf8W~tGM^?jwW;MW%$fx^aFLNKAM|G@^Rk2<1&W&jKT9> zvNYpw4x-v;_33rPyHkyl);AUW5=t3Pe}E&ck~8di5ZW{Kc=>|w{2!Iw{UEgmbf4#3 zTw4R;+rbw_8nzv=q>^roJQ-Ya7DwpvA09*LuI3_O5b4;(v&0#)>R+FeE#aCP^>syi zAJ2JWK9n(VT>bFsiAoWy^}MP4TjXd9hpz6;;1BpL-UIK`>r?a%AGeyu{>sSIc(tMW z&W9tT$}DL8zf#v0BNV(G-YKi%#|Bx0%1=q zC&N5BV^zJ(DTpgAao6rI-QZNA$wiwuSvu=FLw3gcWX7snmn>`B^((5TL)#v|j`gfYYJ3oM}^$`&Yo(eLop+52}twkfr0DLHpUNwK?=^@ylOHYSs~p2*r7 z>rsNOywCI8ZLAp#>-IdvFH`o9Hz3S@eL#YFl_P@eKHD8?Tk^Dv=7sQ28ebfc-L1^> z!ku%e2DgFmz#G>jb$*u`|2xKCX%X@N1!fXc7m!SouexY78a8*}ix+V)_9vx(xkV(Q z^$Va(<_XWcb8dn(W`TCB+tV`#e(BqEcvIC}T$>$AKr%cnbXpymdncCTa^XB`@V<>X z@|)+Q>FVx)_T==_<7o)BYf0QD5E*y=QG$PDBE=g~*RsS3HuA)SfqWl5KEB^za-4%7 z-V|UZA*JC?8T2Mf+{6nKf3tP@7dW*D6h0({F<%v=AMvp|^}@`D;D8h{_H=9&y(SB@&bp?=^>h5;Tn=l}f^{Kq?xSS)qNfubhb0##r}VQGyS_m_Z@ z7EdsWYOnHv!igj`KLUhXl-GE8|Lwt-p62u`3tGLN?OLwhH@i;!LLuUKX(iCyrI7m5 z`B0(sft7>z&dw&|wxUbT1q1%Z$|Ms3B`7Gp#1S20FonDWAVuHW+JbRIp;9m~^Ctx? zDMd*^DDZn)B_$-jBqyW20{*!mownkwxPnjHDB_Taa{xpF4yC|j#qzi+uhHALnFxf7nOSGva}Eys<4rBvbr6wnY|v!_ zc}qVT8Fs+UjtM6hz%xFsi!FiKnusgjKeP3=u$U=+D4I-*g4!SorY5lCOWize-#Nj! zdndH5rJYIAtziZTVwVhGLx|3R1I{$qOhZM5i<46n2H;&_m7mTU`9zlkOzk#^Nh{tw z`Iar`yg2{)mfLGXxv5d&L$1`eXG4KrzJlxGC;<{+e88AvC+mjN7i4Gesra2ccLdWAkwtwJE0&esba z74FL1xh*%%&&N-12LdhvaQKUy{68E-U?jmXfC~65_yFmdL}KZZHQywVfxZ%WMwS?7;@9?Pzut5UVh*F z{#T5TuSOq4Qe%RhFW#bxE0NrLMM;0(sEszN^ZR$-$*mGNob(=z<1Ti}$TWyO*l-!OQdd?5^K;V9UMeMR4(*Z~xJ4 zineKHZe_Iz3{!ygY~`Q<7~3=(>;l{3o$YNCs-hb-!yqeY6?_kK0_oK8x;O3q-zl2# zmTprKWO!yq$aI2s$FH=W)rI@60s}%9ER*jhtawM^ z_T1!Z$4_CfIlIKTlZ&fngV){>l!R^#dM`tQhWe+}kf)$4J^?z(?2f*sA)lQlkp`cD^Toea%Uo zg7X3BKptkYEgjrxQgL?WeXOjpYIVg$>y5%bPY;HQ$O@l#l&FS0pHjv$cwFa;vP<%Y&O$~;?G2<P9Krsqz$@|IF zvR|f6eqbkdCeGnZmoEduppj9w&bI>zQ*9Jkspn*|JGi9c9F!5jjDZE=X*%<;go62L z=UjL4P~39;qyQIQh~+Ew1_96Z6?T))UleibUQc{320V3VsMG<|m*o~tHK`Zsg{P1&T<{IqEQI6Q_Nj*6{Jd~4@ zgQoUZjve6PdApOhIb=fkx8=j*ppizu}pLx|agPuXbxv(h1!GCc7 zX7K0$hUvOw#DjnS{M9ivV_4DV?eMiNV3`R_ujFJcj!59p5w+PVeH)`Gw)R-S4d5zk; z)Y^|fdw>~+HdW!N570pdOJsGk-D#cM1%yYhQ4V_u5f+ot!+8C=9zJ$;1@Ud{&bMWy zV;83QNyViO1D2dgAzYKbYQiz~30Ta?2}`&ZOMG}Z{;^3{FO3$1#;6_oT?2Cfu99Hq zJRt+)cxdMD!NEOXAw{IbP3{F)e}Fspb7F#zn>%(i)j-=&3rdkzCfQtHt5Y&FqxU68 z(dab}Xs@{**xB5#uPR!By}Y&i0qFO>D-+_PgQ?&9tViG3$?4grbRn+^iz+?}{8WVw zXKSz|VS^AxULFVv3WDka5rY;sfCkFy`oLmQ9f4l#1ehMd$283?P-rXeuV-bl#OhwT znJmQ4D?h*@Mo=dhI(J)elElgtONwq6g9A!XQF=c`MG?{hz3dLyp(a=gJ~js2$8>7T z%gXG5JM>Nbwq3izO&%st-`FTb8S#Rbmq~00TTwy58*nMv5-dGEFDGZOt2x!LMPL9g z0)Ze1tg2~}0`SmVK`yUZ<#Sw-?lp&_pI=b$Wk+0{5%iWyIUsAiSqlSupR~O#10|Lq z@b9JJQYhj4i;ESdGkt&NXr9l0-hX(_%EE${w$^kpQxR=HQ0+cQ1yIf^G+7k#DoDD( z!ls}+0<0t@_XVa$wxJhNf~Em)qH62A6ma;@bLjtP-%TJf1Uh5Si@~ literal 0 HcmV?d00001 diff --git a/cluster-management/setup/cluster-architectures/small.png b/cluster-management/setup/cluster-architectures/small.png new file mode 100644 index 0000000000000000000000000000000000000000..c64a883aaa9dba532ea9387deb78d7c2f355c71f GIT binary patch literal 7254 zcmb7pXIK<0>YvKLZbHUFHQjhhQ9=Q?sl+OmR`0Xc^h{tTNV{ZFWXn{Ue4Yuih5!jtu?VA z5d9Z*C3$_ntljL_h7|VgsF3|Zn-6l4p?IVMEPl?f>a47bcO1(t9CzLRV0fD6nwy^| zc)XmjHg?Uwz)VaPB1`v9>nB~Op%-6A9CyQ7P9v<=gkW!?rN^W6<9307m zt?LQZNy=*BLV_8V(2)0iCi4pk?(_Z&O@Sd`YeG7@>xje_EV?JQY8s_wWo50cS8F5J z(;mGA9GexUEmKZ)FA-CNgM;j<@v|4iB+O6~Jw5N^^*uqtWH|gGgSfbOnq@lZA%3{6 z(PIKFp|QTcKCIBs|H>oddY74cS5o4B!KZe1Yq9r5-YwhN+oz?bKAE41qTs4`o1^Pm z>x;1}(la;DO-thn%z*}7yxwo)3gj0Mus2GzHG&VV-D;+#rP0vPyjsYzq=gSnSzGF) z@)>=|&fb;XyE;E!AIV*?W`qxYuc(uU1#bC z2cKGIXJuunGWp*D_4oHzyeL0=JB3EmP*dZXq3miU8Hg8ayB7~MxI{#}*N3w~2fyEv zOz)n;#cgQ6JJn51{4Iuv7pz|q#toI`9l?DcI6-pbU(ZU2p((ROqyv?vEnZ$;!otF1 zV`G0Ol9e^PYz$J<)O^Iv4d_A;J~RTobWu^k>lU=DH9DgP9UUD3)cpekwKX+iOwZ0j z;6ruVaIsD?>G2QG&HV5pl83|;^N{eh*Q(kU!r7ho+Uck+OCQ(1hOyY zy^XaBUc9>!?H% z&dbXi&m=Ql)r6@qss*t~NlEeWs9#ls((Rk}|sebJw?ga%Pj*gAjo~T@tMQQ)@1p0#5Q!Y#*hz`n3)-{+D~=c<$t_(j(_9ZA~U$I zCtgUn$-%`n<5CYO_HNpm@7}DDt}dGwwv`zC-rc*xA|i+v&c?>@kd(V1;7i2dnzY2P zZfApLqNDFxn%UL89O&<_cVC#dUY%=sWnf@njF^g}7Y{z_A++3WuP@Pd3waG08wRy#jq&N{HVE3S#*x@8Ci?(Vx{*87?eI`Yw?LRPZ>Nkw^@ zijXuGUhcL78Qu8odLltP)prCURi|Jt+?ZIr$VI7M@y$DkC3=aAnEWWhLC?+#MQr0o z)Rs(+ZyotdFj-p=L{E-_e)s&Cjn}Sk;oZujW>2Ck&rPNESG7{YB%*&LrpC7o9Vd*V z+gpD8T5UV*BuLOn(~@n!?%zewI1aBDY!E{Vkff6?3@>6d?OOs@XLu zmTaSlsH37hpm9$p0!ogvbwj1n8==N5j}3a`8PJ`P5ob?=)V^AX`jeBubUyq_voy0g zC+of{c^O)!`~xcoBiDd?B`nKjYwN^VK>mTm43q4i=QOq(`EaHKu%r*(oy2($JExfI z<)}Y#y%k9 zP*fdkhh24$gg9ZUxn?|{t=h&jldCu?DnMr1ogs6tLU2HC(K(|q{`tv03iK)_G@rfX zF&c5*u7tV_b~$vrtW`1tOkxV9?wQw7md&{HcnyKW<9RvG$TSkKqB=8ve`Z{!p6 z&GA9s;>)o0`Lmr(XD=h*I91D>y?*Gr!(9XEBCVr0q@f;b0Y!Tj5yJ=H7T26jWw>s6 z6<5d3HykwnJVds2kx#sHHYkwMBEC)`y3=|1bG6G&+_%|7mFv_`?%ia$hP{c$S~&r_ z^6Sxxs;aSD+x22>Cf7PmRkeAPgy%tIy5EqzoVe|oL>~9@5>m-Zx_$b)Y3oiow0m*_ z3snfV4mI^BBU|;k-P>uut-i4{e{|ftD`Z{J-P}Bg$g|trf&QZYTG$B^-PhQ2z~s~8 z*vzhq@f)kz-@p$_J?M_JrI&wQzu(_T=ykYL^Jkt8OTs6-g>FRCy;8{afyaXB24OQ@LL_(nLtt4?Mi8w~VWBs}&84W!iQQy2G}P6k859UTIKP-? z#gn5QX*-a?JKIyRk5H{+XPSJn-fNqNqPf~)h=`=sUKgA~-irSC#zc}KhFdm&X&vB} zdYEzB!$4w^E45#M(Sz^yF={eOd#==Iyu9pYK6!##q^zY=CGDPL42WMH)kb5J=`?5) zeu;8Z$vligeJR)0JOC^E&yB;K40X9`?mtn=9`mdTG+jW)x3FU%DGMy&C~mee1}VtF z3k*)}C#n6;N~nOy1=wn9GT^Sa4J^ zB7bh=(bIV`;e~BDe;+2FNRLmYeP!=Wb8D@bckfrfa`u?y=x?h_rkJaH;HMQcRSbik zJ%S>U+-XW$Pg%KQyMrjJm%vuE+h1XIQbLf?yy3-oNU`_LXH^@-gLl>6){!@Fh*9i% zMZJYOvT(wR26UAmOXiy2 zdhwJc%3ox=3moMhTccA7bKA_nue)QbYo)}e6ZC)-OX*CyVLDwg6HN|3W)n4T<2l=Zq{7&lkLIsw)4C-hPvmsN3pNwBukTd1%@Gu`E&+9_y7KYL6) zvcS1A`g2z_mOpqdjthsZ%e2isQikakp|eo!G(Q>|isrJ*aLLFbIj}(942>p@<46%g zH$XA`owS=LXf7*S91wQJvZT!VDyfkO-wojB9;#@63ngT@2aaQ|97bR1b7!BPo~G*I z3l)KQmfqkKW<$E;%pzDk(q>*`?pWMhAerujf>}t})LGOh@4o?&e!nyFEWOZ=32Tqd zQPsx9XD40pkV3mBez#x)oEyaQF{_PmhLw6kI_fQZV9x%s zF8X@uk6psR&aSZkoC>psH#GXsrXMk=_0A?ccWO~Hce9?o1?;eIfW{<_LZlc+l1<}Y~S*pE?TYgFwpv4;DE?TTkZTkwQ0fNC~X>F^VPFnfI!-+aC z5RToRs9Lkspp9_A+H|TlDecwwsG>Dk>^k>oAt!>uvL@mv#L%!dRV{ zXIVLHJ<>Ib7A_c~UR-k-WtWh;gEqu>0GnQ1Ts(H30zekRu$m2OMwCFzd-kC_%{;gX zm=^%JV-ErB2))=S^x2*wXvPZVmdSulak$?bM`eEJAOwK#H9m8oplv^8?ufz5m(4D} zYR1NN{pqR6dr!8}IC93u#!sKd&c>15>lUo)xVdQAZ{LPNhU|`ON1!csLz#=+uj5rH z3O8zMcWb_qf=D|*n{yC~B!crB8ylOv*E5IK#!Iz3`DhAY?Ckil@9Y4&d>T6T)r=mgb(Ju3xe@fC@I*8@RF=4p(=0k3; z)sr7!bq;4s8B`crHq5L#%_9m0HyI>6e)n?@ z?puj&MFKT9GpO&5A$+LbVU#VpAf8$FX4ZQIkm+&&ry)<_$d-A1+IqGWgFqm$FM_Mjb;k??NFc#(T79UE)8(9r@BjV0Iapr=_=(BktTv<9D7u-MrV(I zz*m&w$;ttZQPnOQFCi{>b@q0SF3pS<5Ci7+C%%&;8b>ZDR9 zHvUH8LMuy)Kiwi4T>;p4s2J6UkxjtkjJEVF^vyaqZ~R3p9siBtT05QOODIUB0iyh*Ar3>O;58` zy5M=nhTW?%p-yN?k*TREspooN7>PG61%>JGcb1@~!J$-U!&cV_i`$iUulkabFy>5~ zh`5poo6s;)e{K#Aw=cFyvR9t`xJ-JvAIIxD*dJnepY{vl(&ecE?@|6cr}tNu0xd$= z7oqpveA6&*1*FF;#o=PnHbe$Z6~kjaK;LlWkh*5(M8FS{s$V^9aQF>f ze0+@5I%mEb9cZO4hWMQrbg5G`yK%V10PQ0k2vr?i^jwEm0(hu0Ui-zI6`>X{Ab(Z( z#8ixOlZH<6qBwVLbrB+JIyofg86qwh7_woie9Tycow40Fn~oduEfV4W`K7PsN7y(8<^bIJKz64dR>iZo4F# zaWEK&u}E+ecN`wt^I?!PLq%>OY)Q6Y{P5s)d7gsx)tKC?xLh>3#DTskn~6&2(!7(( zyf{ygaCAo}tkqFW~OJG>)BrIFnzW)?Pd6>)EulK)& zULNN<{kLMcO5cJPnR?CdWe*$?3|!sZCLF|TI$s{6m^dl!)APN`i&3JOX);^sI!+qc4)h1M^&aPQ0acR z_}u_AluTU}ew`lkuUs-LoH52G4Rg!67qv&DK9}x>rMsKs3x?XJ2j$by($oC1@Ya@9#toTnYjTrcKklfxhIO$Ung1fAwC_X;~?CB~DeZSCzd ztk&HYt&L)j%fIY5k|fQ#k1&EvkSA*83Phm93oa?f7I%Z=%OT{2V96Q>)u(ui`u58~ zOk25557Ma)f=OA}LpbjH&Y}o)#S0I>cEoKOD^c{}M!mTi z6b)YJ&^TA1x&BTq!&(>}l6gf2k6;6>4aEK9@a{ERNn#?5xp6F?c5kCQ4BDZ7e^rp} z3ZK?lMPFZGf{4HieSayw@p=OtxF^vnb-xf%F?4-iJ zcFEd!Tg#$jS0PQNK=hzA>~+x6Z0Q*+=)bmAHXVvj*FsbE>JTPWqvM zH@y6dsYbO3EyUrWa_?}7X!)pY&bW$68>|uTgEzb5@+vn!dGEyi+Y;L>ETtXc~)t{!Z6WnK9L?IiuUWMQR7UHa`Zm_qqnlY z%1sir-?W1Pq@{fI6s-VgVELzmW2g!4Eod3J&0LJh^FH@KL7ej~ z(%1X4l57NES8mCa+*9Ct*un$~ovPa~p=UA$y8}asVSl(#rxT&fM_;Ylqp85A!HkbMB(I{vpxh@agsD~9h!`?F$* zZwXGx&ARU^eYI!MeOAY*@C@r~6lki|<>gTJBLA_iebXwfw^T7XYYCc0+29P&_E;BR z2gjBoq(*|UYq*!a@3TamgrnN3Y^uTUV;MBPttBKPOkY5ZNht;fWcIw66_vfCtx7(US(@G|f|k6P3++L@GIJ`g5Fua?i$7bd`g;l2he8K$?@R_Awh z3Rfy;L2h|oWDxfvYpx?PfjAKIh)|pRE!jc(XYGeTO!H+TBA=N_+wyCEU|GR# zI$3v*nZuS}ktHVd%S(HXc7=52Cmz{!nVp={_skws8_pI3&bMhgv&5zGf4pZDZX2tz z8#4VI4hR+1lWBqZ-o=rYh1DU9ozGT4?dI3d-Jeyc7hkI_XjI#ItbVWMQbT_UV=q-!UROU`$>ly% ziPbt^rHc>MOL^3=!3@|ec;AcP-^2N+wJWzM(nNoZPsIXm6oUl9JYekM8Cg`s^;0$} z)I(PFoHu`JIKd$qT0XX}gjHBsgRn5yu5Kk?x5*l*u*U=Ve^JLL&69&Jd?(oumb&|JV`2%EcbgPRGwRJJ=Ne8{;jbDdfKqO6Wn$7i zq`vlY%&?%BHrPKHf?ZOQeHccZAAY0Y@t)X2$ zAho7-WfV0!ZxZt=mZXYS`56bfD1&ZwLCp?>G)AK)k&AU*i)Ptgoq0#rKJGBB*eo;& zpwsl!^Ql+r-6E-V*OyrGh{70LW&^!eSL^SY1(sL?q%Y^NIzeI*A_?dOk|JV^>Ibf} zw&^-mvp)v_SRVJkQ2o&cVu!%Pzw^Yx-UYE@#WrX$U`4@KCe5n)ok8xZ_1lVDv2byr zjVl)|i!N0tv39h77>Pi2*XzLy2qT4sh2v{jg!vXokKW+&zP~5T*5w$46Ah2uQ9%C;k9gv3`#GI_;jH(>%G$biL0?a| zT~D{JdlgSxX<^T#1SqV>?zXmf>+L4#f@5z~iQrb&cI?*F(5UQjfN#BpOzoo42vEtA z@;bfYR`5yKfzlEY6DjJbp|d{_K4=P8 zkI?ENGLTg?zC|cqt{Yg1DfDE*eX@xltTNsRCWp5AEe?0Z*T(a~Hc6b=n z?6}-cRGREZe>i#lv-Y~OH=Nqq$_w-j4z*)2>}VgmhXaaJ@V%oiqD8e=VQ`eZHznXF zkBd_dHs2XcUVGl@9kMrPD5!9jHNlxHpy z85KpboGjUzkWX1Yj&#CH)XW)~BsBfDil^?&MwhZ?0?I!!4}a;S@UWoI@G->63Q;8{ zJNK)^JtQ!wk(z=+EL(9)e7oe*6v1rVfA|th=cRy@Llxfe&!Hx;K;KG%+H1g%M9tEA z06SSY$Aj$sKZ8=}Wj^UZ|2Q9;@a36Zq3`HMatS59g1j??GYfth5DILyuqWT? zanLR^W)Tt`&BVx(|2n?OT%^7P?)Hz5@{#(U2PSb{qQTqui1A%Yb8Y^m5BcXMKD)mA zZpG%>7^K143$PjwYv)dfbGbj?fZCTZU-pRbxN{R-I`=`b=(!hDISWO3h~oB4S*$g2 zVy>9J`ojOAS`V)odc*Iz+A*nouQJxufnq8kOd3UXAkfX-y_^YodwR!tz)?wFJ}Kw+ zObgqr#cAuK!d^rn?aU(}Vfh>Xzwhr&;0wG_zQXJB>9zjB!2$cu_Ewyb22dV7=J3!a zQe?cYIN(MzfaBa6P)=thM*xiZ!(Ai|tI(9tMV?T@Q89J!s6y=UpBn6IF{o(CKNoq7 zF;3ui9=bhS!ATn3fbneT@A9N!VxFYs{AXl-etu(PqtKrNr387+JZW*ZySy}RFpGkQhQ@s@VfhA$ z*c{c2R&rhi9M#_e-kWy?vOisBR!wY=T6ed+t0oR_`mhqMP0|I|SLU`{T~`iglsgQl z$*2^@MlSDoPZ|~DLREcy8bTxR`k{@k8TPTjE+YtnRppvqy z32QZeE0ma5jkbfT^;I%tyriIDYb@a9N{ZA^ynykM0c5eMtiCgx#s*z~8N6;brOzAh zY4c7GrMxNaPo-*`Km23D;z8b#_}Jgn-X8h(2%GJjE!yu95`Mo=s{FReuYLaW>eiOy z#AG!|N;Zn-=z!$uz%+(fwVb+}TbseEzr&~fRM%HHY@+Yb4ZXd4X3s!t~MOXBqB zwJH={&9IX~&Vz&xh}1M|3W$8So&rt2qNOw%q_}~B(?=qLczxxtEi?sH+>0`)Yx1e? zU~5Omk}Oy2;c%Pu=)u2o6DuBT5Z{N(t`Ni^NwIDE(DS?9?QQ<^pYO|^KYGfJgvZ5^ z8j&><|Kowaex+RRIKR!?+UuPUO*$6ZKeZFMG@1KGDv(VLfvFdh2u3>ofqq&rVTCWL zbgFk ztwA6!wfG$dEZ;ChCf@gxhg#zG1z^>2-_>$;^-1**>e?PsSJNrtC`mmwG3f1}>LE)N zpp)aH+>lkM6-(X{AP4gHikHFw5{kRW;}ZdD z#nJ%ofA3~pF#Nv{r&WTIWLkLAWC+$cGH$?Ca*b3WHIV9o2hUi$u9!MDYo0hWD!r{a z@(8wK05i%!+GdvCEiVqZF1z9^ibApZXlrtBXDR+LA-YqmzAQxc4*hS4j6{R zL_yH${z3U@C|c(Iz;}@47_;fL{BS7c5(BP{VmB}iCz4+d3r&2!hzltE5#EjynKAwa z1Mr<(UlrO@tgWp`?mupM5~lrj>ZA@2uDfT{vyz=AEnr50vpB7OwMM|XPT$5|GjS#n z)A*uG1q=(q~o_L=AkFK{oZyWGt!TY#W*y;xzp4+6@%F{uGA; zC&R{Uo7%SOT5Wu4Y9=zbd>)@Vnbpb)+|`mBhn7oIwt6=9QA8T0CIiTBEZYdvXyW0G zvqfr+mv3bnHPbJv!O;QM$cD-M7U+E)-NvmLSG&yut#h==K_w&+2$^xH+Ie?gv@U3~F@Yt5!%R*m7=p_M)RFg;`52J!9VT&$ei zMU!3=L`7^xhEcyk8QlXNQC+b&K>=ZtttU-BwC~D+6BlCF*E`ut*Y*3s|Bo$={pFp~ zJw)NUP?P2X8rU}e$(e!59)Oayv zJK}6AugtYSLj*?e41G=t)CTO^i>$rht}Ly+(8`DY4zpJapu}s zj6{W)P^1OV`eCKb#z@i~4>@F^N`wN~i*V(T|76UC&ZN*w1;7dj2u#MXu-wnc;Qeb>eiZ1#(I#j8qof?rAE%`{D~)V%9yD6~Z6$&in@ zE4szOmb-sHWrxOTgGd{B)41@X$;+?DzM;dfluzj8@rQ|0jY8_zx zv%|?7m`D0A3d^5U8HF==0sHTYTFtJGw_i|Ye$0{nRYP-ev3Tn63WHz#+d$l#X({R<+|dXTuR~a7Ow<*4g*jNis1dp-OUc$)0aT zIH2@s3j~^^R%9>2i-{QglyKL@V(v@%L!hy>Ri=W(Qa9j6UD#Kg__uYHV`iw=jZR6y~wnRh|Dr=EItdEf&n^_dAX^<;&H9S3ME&f?OiI;uNkl2yRQhcM=uvpkp zXA#G*!ksp}eCrWlILDx0%i;F2enC2H*52@RD;JnE?Nx*r=9s+T)7!DtCiD)x7sc<1 z?u8EJ1PsREB*rnUE~EJWK!IO;4$3JDGNZ}|ajR-%g@FSPMyUKj^9Dz`;4 z;cbkG8_N5(>BCO}?Wy*40n4+)w7XDJMkdo*#J{zZ)i5y6>1-89rfNbSqND!y}b-a(?DZywX5`jRN`>Pyj@ZU#f=rzXit=mSi5aF=q| zqirDSWGjZshlLR@m@^px!WIFeg0ZeVA#yJKni-X|cg*hYPup+m_heiI{wLHF zCVi&^ao&g#tV8WH_wL;gDqruZ8fAL*{vawL*0gV>=RA5GGBlX2b5lS=s{7edQo~}9 z`*j~F@0Q6{_vge{a6+sjRdU~xEFfFL`6oDGwhFWt*KXyOzg!(L_~n^ z`=J`D!c2CO?W(5L!LhMa)kpr^giq|=64^1-)4@6poXpIB5#12}tKKMFYnpT(m)(BM zZc;TRYfvmds#}j4>%f1$?bmlK@E1CLR4Cf#Zu6PZ&hK@rt)Qm6=^9QQ5!7W?y<5vE z41a1k_p=^<+DA?N&9YZzK zM1_=y{72pCM@k7(b$t~*wH)O);#pV|UR-?r=9D2+lB&Ao7(_4ff3;^WXEw|Z;+(3g zsGz5%g8{UM0B+W>a| zVCw09we8K^~EeME-DHAQTLCqDV!br zk6|z}dbbE8FvTP(gjZZ&+pC>9!X!oa#9alY9~5F{q;5zmJ@1sfj-`4-4VZI^C-zOu zB%HR$-i6xtFS4AAJsq@$qST5k4r7}?M4}V7Za?SiJ-sBF^h*=}kV(Io-{SdLGw++F zxcW%a=K+Nq_GO!pn%@_}Wl{k_8Fo|lK^-6$%2S!V+5D38 z9s9cO+T-j*fz-}Pk-mk2*A6zpEV^q1+9GdL#FMnC()OLCv;2{VnT3UFyl8eBo!`Sw zs`brOnOe!D22>O|$rAHoWoL(!iEtg`=u0up_zb}s<@UWlr^)dp$CiL)2kmfmK8(zD z+;X()liGi8w!Qy}D+f9S0Kba0CZwoEm?^|V*CQ#fYj|j|G}k5U>xf@zkUE8g09c1H#J`k6 zy}*Vk&XrX16MHDSBe zZmWk<@)mWnaVt6YDv^N)^CsQkjw2P?-k^G(mIeS|3e|wOc8{2d{AYos^{Zru zydwdJ&_q)H$v&DX!<;VaOrHR+52&~zqObZs1H%@fb*o0`{mF~1ta*B`Y}%1q@{9|~ zNY3}dlXaV$y<>$d(kQ7WJ$(|#NDZXz@Bxo~LMYE98nDN=mKR8Qc_VWF?cPY_{wHjR zBCX)%OpSl?EM`Rc<5|G#6BIC(+XSL^z(n?r(|{&vJH#5KK#5%fa;Z#34j;3K#8tlM z7D&94Yy6V))3xw_YD)i$NyYo|l_}s?bd;3h5Cxf_rjLtheCU!6vy z3n@z4dhD8X2yJu-d)O}c{6SRD%a|+$kGg_1MRPOW+sPV|882qq#^V-!=G#iVkk@vG z&r>U29eGni;gSa4hnWj@i57yO>F4y$o2)91j5L+UF)xjo zr=`?NvU!$mvGPN&_49c|Puhn>b)PBP!#Jg!t7h*qT#1hdlqIFKzI=&wIKwy^BQw;n z1lKNqG|OK6Nur^``;&Z(4ok47%{`Ks_sxV9DI)_z^bce#=G+@@T0!!i)VtVk=$BKU zM~aJdt-0ZmKf)(UxkZ#0&xmDvAC`TV1D87_3X|Ut?%1k4Owb zF67F>%L?E@10)!`^7NX=39tg@-^Hh2<0EE!`xbNWixnVhFzD83&~)lkXe9C1({kzK zCo7*e(%Z6ml*-XFJ*oVPcJ;EphZMG;)XfE1YFFsmjw%RW{zkQo+~zSE9L> zwaFEJAA6hGMW#%h;{8x@HWU3dVWfZ&TYqKGGfUqlwDMM77JbZoE!_zU=N~+?vD72; zJY^rbC9=A)$c#@TZb=Uxu*F6!I-@EJ3hv@H2=f>%tZWGv`$9O=6F%*SIlun7Q{xUw z;f|pzB}+!z{dsgVX;TTdqGwbVoif$|Mznv#1lIQd3q~5D!L*Me;_~sfRo^%}o)Fl7n=oVj zfL}D;S?-;QQvGGoXzpl+u=E(*Ecl`=R2S*ZKWcj%%K{C5X3b)r0*)c5dg^mocLC_# z;R!ZGiEs*Rm{T9>ldU|`g@Q7^u6#VMk)9Mag$<~AVB^c1Y=QEa5#8z#N-upP3Bk+`Wm#@VC@jK2jg97WCMME)VNQ_)W zdw~1>=6-M~1OV7UIl|Sj?n8&7}7J}?WO=Q6oMiRdET)k*B z%grzp5r7u%X*!~E##3l9f`fa0@YR)qO5BD=-QQvkfR!)M{^{}aUk0Y@-V~qtFb6~p ztz00<@2)@m)7|60e7~ES;D3rc>*Ek6{U4lK-=cljefK$Gm{Cdk{r~&%|CIrY+S4E^ z{JY_}o+iw*f2R>^+OE1~=kF7eThBk=XuZ-FGQq={b#&H>iExba!^4?-)UK-MS+QT& z_V5Yjo-h8p7XT5_?SLD-NaZ^V7g>+HbgR6k%Q*u>U@ke*B^;sKF02c{ zc6S=b6Yje-j^|quf&ccS4LnNt8ql+aJY4Ge4j<*Z5x%pet)OUxXCEJ5yTK-zXC^x< z*}O^nCeR{@(CJO5&t2a)K?H}2ed}S=w8*ioi-=2*sw#P{)BO`4;q9^g1p)8}(W$kZ zC498!N5vb|R>hY7c#QLCxTLA=>EYw$=x8vS^}WsuX|Rl6`a@qk%v5Ca1NNc0HOL8A>V5?aUQoLabeClGpY~j?d1{j`((NBOA=O z>wXNT7>|vN6d$tMJ9oS|Sn6if=g?8k^aJ5{%_>G5>KBeRsuDmaN=g3ZXVbZJ^az~{ zg^R3pE-v-o${nV8s4763Ha1f>_{)~^gnC~4r@rMzHHi*`>D~wwHiRnMNt!>;4pMo4 z_}6At%gQuZnwy7I$4^US^UesZ^STY5+{!|}PFJ4XMkDFhQy;M17Q@SsG5*MYIZbJ7 z6sZ-L!L1jd=c8Y803x}y&w}{sI_9`GFGiN@mF9HIclh;ljZT*B2@!4jmoz38zdKS% zU7Hh7CVAZl1=rJDT^wCq^Bs^vR{e`MsJ>TCA5WHD^d6ITq}6@E9FPw_|C_OIKGixY z!{`zZyD5Wr7jI@}T*tek_J8QIKY<<|P86%soEnmhn5f2E^_Zx)z z%h!)8=@*yC_rxr>;8I-!Tn_NLKZ)mly*eQYdaxKC%8QY#9I`Zi1LnZ^+4 z6d2W!^aV99b~ocWjMB7v_tX8zByt-&tG=iyDEm2~$ei?VTJfrm&M+xtuT8bl)PR+) z&M5i6Ops1KvV%Y(!8hCiO)LnU~5@lC8s~&7y_x0Na zA8Dpm^)+Ic3ulIb6oZ+AGEe#=$-OsQeFZDG8zXssD{ z8B!z2o`-~4a^KnDQJFAfP@pddz4>pS>z^E$(puONa20^S4_9q`98cj?ODdZ`(iZAF z(!cR;{frjKs5b;+YUhuwJgJXTTac1<0z=>Yf>*;)e+q{bmfs{-XJ=>Y2F2pNug_7 zR1Nvy(>&NOk)c+?VeCG`&r4;Ipyp9xL7Kq(Lr;S=q$54cjVYZxSI^&%*(lZfZM8OH z@{%j1LNOK&N0(uFm{+-<_#p>aN4dVfe`jhSqWp~G0$Y?Ov=e?#_mPht`w1>2I~BCu zpkw7=_@qV%9ZJTw!pfe6411NMk&+T-iv(Zq;{?|K8F|a(uYib9%Q6d>(o_hHqoH5a z#O8*_>~XTOnI=(nN@p`p@^uq%u-mAn-luRGCt+bHJz=snr7`sJ5v3rK4MA|mT^hv{ zV9l>p7%gMvnP^e)nlxWbNwB^!Snh6aS*hD=(Vm)`dPm|V>!nG;yL*dUN5!MMzg(v; zv2X;QLD|7x=6Y@P_b~Q;jBX7<`h1ibn#5U?EjTv{A$E@3T`n(pa=0%{o!Q`4j zeZ6WIhx(c8-rkj#Z*{(Xa->5er~o!n6|M-bUhn+r@u?M}QE>?^9Hz3g;Ol6xl?nx} zXqA+jmp;G_0O!k4n=*Mrd8nvP4?$f1fQ~DJRX*0WnoLOqJN0tE%Eor0>_6{ zN@0g(Tu$|Nl$V-m`s|F#mh|^62o$;*QP)~*rvS0dT_}f!1RzqEvV@d>^!_*)dXFO^ zx;SX3*}x@r$ppOn1^|}XPD0jB)Lqf*2o1|po<=|znmdgqGO2l|ztA&gGbHEkbfRR5 zf{bMW>SNVqGWC|;gx^it?~o7OXRv{F04XZiSR8ZO&>zlu=_#wOZN9#2S(cJeP{j6y z@_*b~zfhn_FQ^)jFy)*UcHpFP$Bw+D=o7>yO!4if1o6p&@ehixpE0Cjn)8FRQJ+58 z%fav*>pdgGz&r8flv}!R9ivF)QuSwJVo6+{x54fVoTrprrb$rJ7P<}n@@Ry4K#;+g zn4vn!AP|2$xi6h<;aErFyO*^-UYrzt*auSR-L$ePwIA2SV^2Yd#T>M3dO(nT<-1+T&aJn#3% zm0qSzHmM)GxT{CnEAD&vTvZJkMLYN$WrJ+1i~wFmwbDcj6{!G#fSjhb8Y@CYPx97S3{kounl9)@w6iK5otqLd$!+vl-F#UrzpmEyT_T{ z>?z#SQg%UAV`6<-tf6a(Z=GI~E@Yr}CrcS3EGwyED&tc-jYxEKhgDpHf4v4wB8`|C z+ap$YEn`$+Br66s)**zs#LZ{iqIh!nD7gC73^ayl2OtklP*Qk+OrA$yG{QF^V+~E} z^2DjqMulx!+Fbx{0z-i6kW7AJ5~xGMwjk%-X9n;CRxX9i{{SAsl&@=3+R79$GcZyz zC_c!A0@TUBigI%#b3T2yl-#*{DwNA07IGot36{}4FpV}DsIvFoG4gt7>WW#6Mt|q; zMF-)b;2F4Q0Qsai)z1)#_;Skl^-b^Re*DI^g7H-9QobANl%v>6prsrs!^;2`t+x-P^nZ0l zk;F5+UT2oGTUH~G8vExM;S4-qO4@vS^Z%I}bFsedY@=4vR<5sU2*#J*cd6hQqP}j~ zH?@@$vwV3Wsz4f$%5WT{;Ffa_9|OH4tj1a%+06gujx-&pE@v8&nL>Wcz3Sgo(RR`= zH!6}kC+E`3I0R#@Da!=IQ>E>ufWOObzBSPQkt!d?F^6BeuGr>bQZ9RURA}9dkabbD ztE{H?&W($fP`9`mF(I8l{<4{uu>2@Xj8%lJ?O0gC_@mI*412|cU}T-BY2`Jtj8?M- zD-Q%+e}|V8q8+uC;>vZ>eTRygG7mtcw9;_n@$vBUGowh!nDTmTXb=a2JWFL!VRn~-$teRBjeyo+(a9wVokBoMZ)oAL$Hri?1$P)bVeqVT-u|j@K7x(Dbf{Km?txEPmiep0Q(;T1$f& zX=z3OxV`t_yI3Sw{w3w9d`giH@LM@I36=DZ!tnTqzY7*)C#S%*O(ks#8_D`9EG|`u zR9crue9qGT7IJf2yQboqYJwOoy;-bD62RL&5K_0=#jMce%B-?l4W7^T8+GFPqC>nM zRd$I-f$Egd!;dr>!ioACO*Nm}59_2a9Gf%KL30Vo;YQxN*@weI<)b%W8i+wtKXzO= zfQcm@53ne;2<@YuXOC03yQk*yQ~a_F_bt|c1#-~u zW)Zk?1HVCAaMkfS&h0Lf`KsBI1}E{M=xHqEL*UPiL&k$|C2hhwa-!K(O6G);-&{XR z85@+b_NY7{^V~VOkW|=ISxDmCM64gJ8U9ElmGFWLd**(?&@aZaO<%QK~yc zzK@Lv!f4ea9yx)RIs8Qx_(uD^D2n&a`lexLo3n0=udUN?yYjCU12w3<45I|T1`qjN zs_LD`+1OI|UW&U|DYM)EV(*>5BYnDl;X!6%YbLfev28mO+cr9wSQFcrq+@o>Nha#p zwr%tDeV+5hde?pag7^GZYhA0WYrAUK-k%~U+qW9lkP=T*A^+rVuG_VW#lW?2Q0Odo z`1E-aR0oRcg|3qjF??^{V|3Bx(ibsgDzBj+6Gz~2czG4@0h#T1W!9m*w2V8{(pNLi zXiSd%n}4^YOpTF`N_!@Qdxv`J>uJj*-*PE6V;WzZ$$UI*+?)&r8XE=I^C@ZJCz~D` z{@imH>Mm#-OfgmyOvW|As;flz1?Ie%EZGekYrO^rYLr-lsjuv?)C)q%zkVALq-VG~iWMH(2>y8B(W`GJy>(%_C5g6s&rX0mucQ$D0?LdwL%RW9% zFcJ)i=jNVDK8n^_mGoTSrB%7u#EXDRxfs?98&84Ota41dTIL%^nJ|Vf|XZrRox^S^+YC`X>Xvbo6F1L{Lg`?4^)5Mx$ zyI&@zSFUcHE&pj?W=jd;J)7aXT#?YGxr{sx4`s%4+;&@XMje+RqD3 z?bUV?jv&2Jv70bO1YfVt$KD~oPOYLA99EI<6*=?8pdjT0&xBu5+u~%^79qE@=q1q7 z53f@8kL!$dUGX5R)`pTAQ)g>yok5Ju5R&T`WkS*igz_s)a13vt^dA-;n+f;0r4#T5%(6+8%&;^|Fj}}TQM(1if1w;KD zjoaG2-Ot?IiH&X=a&krOTDogJ5)s2Ec7D=wx=c$$gO^jv@z1MqLg|lr8LA}VSFJgV z1GVDQ_@>cx>DTLoj>vATjpL$7KIyNcE9pLDtp$UI3K!S)$F{NaoOk@D3OrO%9U;0a zPNLfC={5zq+U@|KK(et-i*miW204Nn$1;8$*I)qaQDm=@vW47b>(habc5vc7xmK(A z;U%1w>L>c!`0jEt$EV5LX#T>wnR5aSUBrwJWbh6pYhjrF$*O@nk|>{f4&i7ui6!(XyqsAa!iuj?n!?0)XH9@Rdd6Moh!KcVgsF6rNVEhDJ*Q@ zG45KeY@@a*`?ae1aG!s4aGj7K+1X+Ut5G<1_j`T&G!GHO7a6IcfswH>I5uSn$p{Z0 z$X+hb4VJp39ce05}KOoS`q7a zEzqqQxZH_OMlm~U(Jg#Q!%PK5tBoMwQ`R9JzXvN9+m0$LffJTYxEHOv9k)@<0CZFQ z@Ay7(5$L`mlGcN^^LCqM?_8-)Y6SR|+M--B$BdI`e6fcGc3MoGano9L)?`l1C#U{V zIUg)|mXitbZaFcj$1f8%?T<|^5>wuAss05u>Y(4XKRR|dm7BA}(PiVI+<)-F-pEX{ zmpnm7>eiDkWgimaCAL^;{`{u3ZHiNIzE3kBR#t5gqjf~*CSll+L}RSq%4r#us2(|Z zMmiMkp^3L(^at0`-My}TdX<*FO^y0%TJyt#=Hl(L@_^^-M|3dnM+v8YEP&+wDcjB6gL~#I6T11qAVg>%#b=5k<&K@m2wGt6+A8H3=!nD71mhhki_A`!k>1(wV{%RB z_N)vDP(95=y|h~B`CLJ)^G9ViS2hz@N_T=^59rmALaQ~VfT>xwpHIM*1$NOE zj?)CxW6D+rzP^X&;_YHGKNr{9G)h8ELQAda%@g7;;X!Ren0*+faN{%tre92eX9L7$ zlpdBB(FLYbw$@6?NtvxqGbJSW^p#Ex&3lp}j)fSCxgdbn-JWE6k&3Cp$XJ4G#3;K) zcqPR>^pN|Yu`5^heM;iOoY!=995m=M_Mu0&QJZ5SG~~`_(+#$H5)Voa32{HOcj?e{ z#?-#15g5B@Dd`5mP9dt%^jox5srV@_3gqPo40G!on8e>##d zOj!g=sC5mX6|i$_t65iYH|j}9<$8%+Cqb82k5KZ470@i zq}n|sSgIezlp1*dch2130jh4{GWz3&Kyf-+e9BkyAWqKtH9tv$Nto`AKD5)aCIedP zxC-jk=;ZgVpZ$wKiBayf=`D~!PQbMt|&c;f`hgTXHwTh8EamGxF>{DUa=UCktJhu+mD9uk@9aUvYwJ~8F)a0&D zJ^C$eJ}&Iz$CalceA1%YV)W*OhLiD=Hmp)XxeeIG&-#JVYYIOkL{#M%QQ+1iP=$K0qwaZ#;PDeZGV+&wyRnD*?jLZI< z$g~_YRGOQb=xD-D%X}Q@kBmxPG^&&{S zGHtF&bf-U?dte!^S%;B_SyP&_6xW?t#JVhIYS-wdBePKp+mkFEOgy=l(K+s+~$^ij=@HB+SOVhu$kwp#hV9azI^6?}(SF?ll= z*SmYvpe9RpAqCg-G*l~I9MEpVtlb7Q8E{(_7cjbuRQ)9Bw<6DuX|6BEz{p$hPT}oa z@0uPPi<|x%=n_R2C0F)i%?T|mS4H2{lAvVIkY3UJ__p?i zJrkmWeMUY!ECNoI)we*MsmvG*4E4-ep)EtcuiWn9)Z{aL-{vQPJtHIahlQ!-!x*gj zjaR9YNY?`zbF>l}r8IbxU*bssxVIR`XX^dB?}OpcWmp=#xN(Qz;fL-xZtG@g=%tp0 zG^2!tiQqL_-bpe71^&c`bF@Jh$d??8tZYZ}@7ftbPx za+*NK=N3&qpo#d3B5wY0NfD2E0(Xp{jH7)QkUOe*mk|QTFEOpA$|^-wz@^6P-{j@T zrTcV8XhUXgqcP?0L*tg-qpr1lJOvN5Rb&Spm@T6(rjvCp{ka21V4>c&XHrc_$;D`T z;D-*eASfIdEVX0}CdM9@#s*thcz2wN)V7NaRM1agO?(2gd5Eh2AB_PlVJt=c^}HVlAAq)sI`WK z76D10=R~Ay759$KwS8(PaU=k#J~5g74#d+XbG4ULMt(*cVyzMz*UK>=e=@ITVvK71 zK+8at^N^oJXmbF)AW=ukB;0@99I>!UYeLA?;)nATMwPo=U3)K?U?y$YM>@jDoucnk z)mZ4H?HhuQ)>MvBG%~7i4U4~g<_PM>zO`Akpi*^3{P2V~ME8LL=PR-*&D8V=bZNr? z>CT2PcFxbG!Y|fz(fMg=sLwC>gPav68p(9ADeUHUGMZx1Gejdc^+!J5r+Q}Ghg56^ z4}(A>ww#|~XiEh;Qf11MPM1SGYo3Jxu&47XQ&m6XMoM%ZS>b=E*OfdJvH+u5xlJ5L zQ?5a(oCgh=&w*KdQJCd5ZpW6mOh0EW`-3H&N{1TD?A#-d4Xa9FK)#_fj9uC3<&nH6 zQH9$MvGkKB^`Qq}NybY23^=rnL;#!8_+K&_#VCi4!Pah{4D+IVpE9nbaZP**#Z+f4 zUCog#O*Q(G1G9A17R-9Bi&w#N)tAV1HRSA*Hnr}nmW%yxl3x}RG)m{lBRWzniC!Lc zS{L9@S1wHGVjHwZbd-}t06k&YeAkbOi#Sbm%u3#3DNm`&3nz8RsOT(L_M)aZ?dMc9 zsebpVljh$eYAaZ*Y~(loq$0O(4t#R+CsZ?8Dz->;1>~ z3c5AS^Ny_Qkf-V<6L$ys$&ECPQ#{s%m9<FlZVTmB19g!5pMP7SIMJb3Y z;y?|Sx5E8=EF^>xQ_Xc!L2ZhkT2WJ`b@;pCx=y_Wv$Dej`RF%>=5vQ|-CC5_q-RrI z;B$ggDXw!`Rm=i@4=m@g2OYOz<54bW2A!>pt94Rfuq!6EB}hL15Re9SkrI6r2f$dw zpq^%LPq$4sW3;8XS{1*@*LNF?8CM)`>#WV7sm{5@N=C0X4Sq}sz~rn7+Kw)eH7Cw2 z#FqMWMXUQ$ur(6u0NV(dj@5TOkIgD&rS{5DSQC=TQ6v_f2ESC_hd>YYkFlRaiF;`$ z_I_=MK*Mb>3vKgWf!5xJzKxg_W=jQY`PPBkmAGI)g@Eb-vxI<}xGWz++r54>tS{tK zkrk`7(@c!(h97Z#=D)8#=#1F>ZxIJnH7jyab1^@`l#Jf*J9l|61Q5MUNuFZBt_tPk z%xa6Gi6F3W4u>G4_Er<}Yvm!)xqkZ~tn38$kUBMaU}Mom*Mu|wkj^?fZ)EEKQWQ-s zLhp$S69Z86HIb1qGn`&~hnrl&zbe#t+@Kw3Yvn)WtZpc5Yn`8j|7S=#>Nc6HZOlyF zUd@$UBEChXWHqOirI5>M#0OvR66aPqJgg$H3~qrqMqDWrP#Typzyo$$M|sp5IJ&G( z4LXgWE3!(|TP#;@*?*^5&!U)9iWJg)6b0m#HkSXK0yfGoRvt@K;wItXEP8!4C$A=} z%D?$h3IeA)*RfSAEtF2p@NpWc%o*J46x!$$rwimSorPFpcG=giFbqIT)!zXkCa0(( zsyemlK3~*w;Ey-FRqrM?eqR1mOYH^8+EcpMP29HEnrMkk>HfMtzCFzCwN}oBdNalH z*wsg#k*six4%1D|i~W$@@$ zdP&_aG5Pl{AjkFtzj@YW%jtZQrN_>U)9GFH!_4lpY}u{?gNl}`F__{&5Z(UlhXVID zsbLy(K*M(xW%a`SZb*lreao_kBJA#2Wf=k{X|k^il3fk+hk{?U0lUw*2|y9Iq(Tuh zi7DA5>z{GW0EI@EN#uulP=%pPKqSf_c=brPQb<4Djwe(xFD)l>_RD_bvVlU=8dSrl z;sxc_+@qXL6E>oXd*wzY~=wS+VVq*hroG=}J<6%(9s^VK~gZJ6ST zU?{9*=d{x3?4+`jSTsc$g-Fj4hOs!D6gsjL#LVxe*yYr-YAip}h+oLc)OLwdx8qqC zoIt_+MHo>b#a$`M4@78vzon$4%XG{H%@C;8LI+CFV%-Xr)R)uTO^Sk}=^ttrsW^25 zAM$5x8d8cfl!`V=lXo081Dp@t%iP#Q4b{@XErk<~qS+WzJnN>~HIrQGy-rdY_;s*V zY&u#jk1EXr8aPWBvn(F6x8Hd1EFYK0JG#jcGjMubH+V_!r3{c z6=a6|bUWnPKYMV>KTTOkg#YdvI(laYy1Q_+al4L&HPL&RyzJES zX1Cr>Uq8SAF&iQMLLb(9gqg;>F_h)R_|sTY0PbQS2WWjK9-#KfU`nfW;cuAz7FH%g z;63TselWQW=d2t-_ZvK`18(dNE0e7405{syrJ1M;BD>zjP!SjApw6MXM*U#gG~ak2 zn%j1BXLq6cFzpitj>!9A$+eyNeiI=akckMFx@}rc9Zt&jaCmgbMEP{ns_UeSsT?p8 zNr&<@v&#ULBi-9w+?nT8%6ko%7iUh!pVHcpJy=stbf4iER_&Zl48(sO{p>bqQ%U*( z9@h44IbRZXw1i&mH2vOWxJ3F!WvOayWdw-@s4H*ly}rNPA>;`M+Y6UXY+6rq;KYnR ztbQuL_p|uS^jn=6YxJ?|uI00w)Y!lvlODUaIRBAEEvR;%os^W8R)iT;-2cA0;pd(oc@?)f$>_QvLJsDG86%!hh>^&ClAyNOr9 zs*TK=WR8-3tCoSarBycHS3u9^n=CtYpTneqc8;Gh&`2F&RD)N&&rD}_OQMoOn8BWL zJwlM5{MZ?zMCmw-;P$;ru@h9RBCwAd`1G;~2fHH;HgDCOwg=Emht2IB9-H(fkUcS& z`Jo2s9>0T;iZAl_v292+EgI<7T)Apcbq6F~KWDFQjyyk*GPs5!-TZNv*#Xft2~x(` z>>g8hkJqdtQ0J3APs~xeb7Vc2CN^yS5Sh^7zM5x%cbVaxVMn1`+H-StYfTe40hE;v zKNqa|yWMcAWyr1IQ}p%?4zxA`RcH~v!NrxwiE&2MZnvCWg~5{qKyuuzUX=}}ind%9 zCR}PgrT!wPhrbJLM+VG8n6a~D@pSN79(zd+-I*_4t&8k3tldqk6@?+$YVvP9m1Xg3 z>}v75mOPV`k!lLd_-@o&K1-F}^|>TD08q$2<~W^03nDEf0r=AuD=9k$TV z*W@%FIuhTZK+B{OOLsH}*4o>{W}VqTNP4R$Lcp0oRoA?#j*1-9nYm^G`?I=+W641m ztnObW22M{zN$p9YEor;2tE7k7%lSEx$s9H22M;_L=Ka}jK9IN536z0sX)?lggWV=Q z=h*PJMljgeRc+i~$bOpTJDqbC}8H-I(mpSd)ax;Gt1jO6=M%J(?7`jjpOTjNeId+Lk zq8KTin~aFiGQ1=C`r{;Xuh8j`zRZ=6q_BgaAsfYsx!KufyRVToH1whL!3KJ$FU&Q< za&m<{TtYs^vn0?TN*>7j9D!xEwRTMYEP}-wABDZZzJCPE&Lo}plIt))kSxral1fRr zb}m&&AZ7lDrE<$J_C~R6FP75JaI`NC8?xwThKgFm&1B z)waU52mqd)fVRZRq>%ifjo?gD-(5mRBB!~a1Vkk_8tEz%{EN9ttnFZ_nYy#w%`cfV z@eaTz^5S!Xh`32qvh5Jk_M4Kth|1kQly`i&wH31KBJ;si`{F*NGT1?Xt?BcY>>}o* z9#^QmTAmzzHNaT5nB`JhQCq0sJNS|W-=CWcI%8bYPc&ttoJg({34BpD zy@T7W{Yhsere4&w@`)#uZUM9P>f}gyq^u`O7B=!qv3W7Nwv1+SK%+Un;h3>xjoP%q z-hNdj1zBTTdFsmZ5n1h2^)Ra0BtnPf3?K81ZI(wjsd!3$7h zpkEu;kK0v^z(moY2}>F2E1?E_eWh4Hn%&(!iL>%=EHp5-mzq)0v^2|6#c$R)n&)mCN0s>jNPl?i&ePEZ1{B1 zgmhxYGX|IZoQqzf%f|M!0v0aT6O)j2YGK%xfuTFjK9vgYBC*f=Ao~F6+NQai-3cT z4Ku0S|NVq_MshNi8XeR>HMjn_Q9t~0J-65`*AQjIG?wb@0WKzxw_w;<3y(_)UKX&j zS6g`5^@&t5e9KQuh9=}Oc0ZVN5V+RuoVdhe7i|bSzc%Fl3T*x!KczD}Q(_xT<@Ep^ z!C{BKw#%iYtoRz!S>f^PGC1~bww2yg&Ng_n47j$^P?IbE#&j<~a)8i{4;`I+1Z@c# zJdkw0*ggM+wX~5fZbpKthVRH`Zw9CeQq0;>_1r!fF*nDBhNd9&?U8{Fura~a`wY!s z=^dQo!7|ME3)Muxu>OTOb_VqQc zPB$M>$Z12>;f3kbW0h^9KSB?x!P9*TXDBiX@^6SbuLX zm^+tfw3;*UXu1an*e1DDssE%JO62}U6$Ao6@zt35^3d-@x9YO` zpZtCyEw!{bh_|S4N%2anGhRd~a`k(gX(!ROeY2#?f_#O~`$~Zh8OCc9*;W}XZ{$UJ z)YMT4Sbb?YZB7G;bfLOzD}9JIHHu$q;yK*IEXi0f>uT&?PyJS&d$X{d}lg8x7kV4H{Br*l&VrV-$b?ylj~Ln3tMCA6;8I zt8V63;EJBNgaWQUvF2U;YC?!gn8-m$m1l_}lrl20SP02G7lBKN7c=liYN~3AR6sFd z*`Ptocuh<3#~C9h65`iIIOL8=)eLL+BwNtRV0ww0Vx8XSnX*No29E13>Nimru0mj9 z^4g462EH`>gvFwVYJE)DB>MG?-Zfl{a_S+F3^1@9{>{b|S_>kI%lchHn+kgPib$@; z3o3KMym5%WOgmBq_vD0=9ilJP%YuEw%xY=2_9w*o#JMXCM_az5o_j98yu8@i|JXgBQpz(cW8>2W83)PE2y8kc11voO!XL8O z43n|3gAk;;4}QOg6F1VJu38}esP~p#hxn0aE48?Xs;UDurvIqWg({qEQGG6xtg;Qp zeS*2zkefdtx+(Wt^moOn{hhlQ1Qn(5{9a+TS(l*X<2!`RLw5j!J`&k@>T-H=wq13r z!-O}f-B>katbsfb6l+ER98`;}HJ6u4o-KFC-|hbDLmemnXELsx#2Lg@r>@Fi$GrYi zabjGI6l^L=K2us=4pYWiQF%a^SRCnCeo$u$E?xiaONbdol_f2aoJ}W{(-AM0Gqs** zevXQH73L~lsz0ULFX@`5D_@9Y6RQp%&X*cXebq;h5^Ba|6z5D4<*ESoXTL?qK`HTzR{WoS-uS006U5|wMe?tBrS^PgC|Jz(3`z9TFAMpbb5$g9k3ne3?O$caJLVP@lXaE6`up-Ro z56u3Wb+ud)(CFYy(qO@VtQLiWf@0P0?S)pO^2aBbAHU55-+kpS5u0+ofC6%(l_}t7`4L_nit&#@q#ylI zQnLlOD{Q>D<}NWP;;r*SoBnZGC;`7AJ>uZIS#A5m#`cmDYNsv6{~`AzNl@iavC_~8 zujrF`%=kxdc4@rkRKE{#b+xf__VT=jBx&eBQ9k_Rt8m_@M=5aB8NP4V?Cb5__}|ln zzq4JGM%1y})dKD5?7tsB^Z(6;mRghKh-ep`1-T~rrWp25N1*@3g=2u=TGu{f6v72I zl;Ao@R8WtblEZmW<2;z)-3tMX4ypfFZB2*P3|hie$=wLD?f>edb^0NWv^g3cx%BU= z3ObVybN7f*wVz=jq{Al&lJSjoPvdF%|Gp6>idV;qWP${$02-5j;^z;CDB79>dMvd6 z7#4-UBzIGA30K_*|D#|*vI;sZLx`vTq&D!c05bd@Ql@b~j22c9*s9ktBcg!vJr#d#UT;lsQh;>!(X2vD>5+jO$k(oEObtuC|+-WQN<5{U6QY z2emRS59qVSxue8F=Iipugvh!cC9EK+mjnT_Nyvpu`$skY6^7=%LSkYi=tE%3-=F8; z{jDFoLjI#l@M(f%?c>6;gf0HRyD3qmXd}hGKtiYxCiA}{J0Q;6>@M$n>d|f9jQ4-I zl%e1giv{C-3-jOULb)S(IBo}#NI?ETlqenvi4WrT|F3KPp-EPa;{V$`S&$4L&qfOJ zo4NmsVBg8t{Vk|pXL}e3evn0)N&I&$_$%r|)J(@53JU_8EUfzv>zm|Z#@#{IX~s5T zN4Rc&cwz92EQSY%+IHX45Nf(Zb7WS`WOqv6CVQ30#jfZZ>C#o0S%3uD;ePWzcFgkm zEk>?`PQk0eSLXa*6Y5`wmo~e$usuySynUI z9TUe&atp;npHc0(3_T4Z>3>zq;S)WwU-rB$v(8QwrFXth@NZXy9qE?323ud>7#qv^ z0Xj>qnyo~A^f{TnUCo9m`Lpezmuri@ESe(EfsER73N#(a0uFi3w)u{2I5XO> zA86s}854ZpD2E?Gtlu0P+{z}hB@)IuM&a&ydaDW<6nR#blhfljEd6#F#QgO2w4g>h z*Wv5cG6-6nPbX)rhRRK&W1^$K0T$2_EKlhyUOViyXY_V%IT&nKiEe4kdEDAx-l`8h z&PQ510B7ZFF-<#D!q(4e}*%&i+9PXfWw*-)ZR| zml>!-%Z0dboy7CuQz$W3ooe~qx2wp}p`qEPdT@b7sWo#cDT#r5j|cpsyhx~bU%42a z?Pu3@(@yM~O-kWB8yYkvK|ko}_FI&B>~|dAU#{XE%y7W({HCzA#l8mn{jWF~VmRL- z^HqG6ynDF9(}Zi+#UeNBG5Afa=r?DkEGs{~+B99el`ZT_g<5Q2oZ5guOj`#;3RRl{ z*00VgBLOTG#%TSI{ovoRIIJk=WvAb{S!Iqk!;k`_3mLBHc+`V=#uk_;LW9}GNt*r@ z;kbwe_4{`1q8pz*^(JWZI=Ec_L^!gy0$p2N_4q^jVXF^(`9 zd-+@RzDLj6Op%TIa#k@Mp4#e^$@iyu)=&wLBU2lXado&<$A!&V`W^v&DhXd-rn}j^ zS0yEa#=k0g`uWY|R}%W-t}^Frl|?amUWZxaU`S2@8U}4 zQMDWvc{P13j(@1*|H^;zI?jj#ySa&WCfk05 zWgC+e*OlOhhxrod`N)|0>e@dh;PJ8@ln8auaG4i+3icK(!j<7bL(^ZIJft-xOI>mp3Qd{fq` z3n|k_R=l`kWu*>4p|tpwbrl$xQUu&2|A6ioPF>>8U|QdO^g060dE5Ne_?e<-(POFh z=IHG8Dzu|`NptFre+IErQbAHDE8XiUn8iMe^YO9p%E*%9`|R4wz}&r8@!{3R0ms^l z=M$kqc1pdpWb4~)D1o$}K}FLLf=m`;mu4%ZKF)c}Fv1%R%oSs{{A;GJscA%ohrs7x z>~uEWuX9X*Eh%@${rVW(=(p#hhr>(A*g!FK8G4GWu_pd`jeBSN9dNbtaU-XDI+H_SrT9 z^7J9`GS$lfcQ?1gtf8IwtZV(p^X}d|h2oV;6wYtw9X=PEJu{7<_MAU6{uZ42k0;;u z0QmMXdTo;J?%i1jjjL~hsc7MmK}(@Uek>%7Koy?aNyEhQ?X8s_iEiL>$iK$5M%Axm~8g=_gY&cL!D)c#4V6OV?Urvti5 zLPEmzVbx&KM8M8iN9PN6@ECR1<|a01nvx;=enI`|Q-gLX-uf2zMmdr9>4UyN3wabP z0s_9@RTsV$TB8fV=}fn(Rq$$Ep@kOz8)Xf4kbx-qQB#d3d{%;9n3yZ?q(ux>{>^&66*>z!b_=I>X%=^Lrs| zD9`jiOg&n!bkAY6auY&%C4%92Sx=IXApoXb)FSB|T1j2_=4Uu6T3YjG=cII~3}5q( zo4=fTVfh~S+(OU1u-TtIQ33eA`bl=r+w0%kpB=9|(^EK#(L`tDoB*zuj<)JCNVk6% zsW}`#N?q5=F?MzUL&2e}wrVS@9?uM}IWpfog_=|y-o_60epkI+wi@}M^o4MXVA}<1 zHDT~ViLgiZth~B+1-Q$G zwwOQqprz_D++o|K%UO>a{K zm4w4`he^?EGWTfSjQGX1gpS?^ugR`GOVP=gHa(pQf5bC+r#Vmpqo%j;eC~0LzBcA(pLJB;bF@9Aypd-e z;AvXp;O;M?X!fE9u`u%b>e#+I#S2h*oInRS*l%&H-4B^M$st{Ez>N}SS-hqBlr5rA zp&r7*_U4|CWBa~%CwIg|{ao4yh1YEaY{(kMvc3Lb@I2`?Witm7h>n zD3(D7>N6>NT|9}fNcn5?<6L$QEssx{kX&%zXFaX2HiSxIcyE7FRP^|Wecch=UoI+g z_Cv>82`^v#sEzg`M>8=3eMB*tH5+esI-M_NBBmuux7-ChS?Brl`P(12ccZbJ56}+- zHMy|Xyi;%(i5*K0Df*2ZqdT1@^x`jFfqX$eLBVL1$JKAgH_pfGa7c9Y%;R;Xx2W+T z&g^6Qyhm>$ab3R{1SQ)Sbs<(vE&umNEli1pzv=4F_AR__4kXraE(fY2~z|886J zX;)uPgRr?8ewAx)M1Rl`;~nX-TF^n6=9kg4_9ohS{_gGu<^IctMbT8oH(dML;zn2? z`7pkxbwvKA99al>1J2eR4fx{`_mlY{nf~mOgerA_!}D>9$~|8Z$sW6pJL**T&b9uy zJS2JOav{j|*RI(AC`E94ZIA>O?40@qy@J?^uH|Lyl<@9(1l}t3eq^)Y6OLBLg}df6 zwj{ChQ|(Eb6_b4bU}4LBK`QZ(v4H0hb7Zf~?oQCv-k(@NoQbmH2bm{2 zCZFrG`ANNam0v|`+vX#@uLV0hDfDCe9m)E|kIm)Uta#IPb+B)>((gN)bPI*dg}%E) z`T)Fvl{hfMX2NE>mu&g;MV*EK(cmGnAxp5|mZc&$MvFuEOxiD0jMHzA;tZ9&$~{hH zU(jS^5GitKUF|2Ddod=@_#Z?4l#Ip|x)T)Mz-5eU7i1cR!3mw#0&+0{7Q>SgGIVX$ zm6P#1#RrOjJ@ToNmQ&+53yarD-jWH9?97@60r_Ooc&sm0G4FD{)#ZcQrFHJD#D}tb zl;JP#x@%VPb%d02Z$ctyGAo@Y;n=t;2St;x`WvOda>TzZdjzO*(&tj>xQpxx|J{>5Y(!tIc;pr{=!NtW zpCO{$IpZ{SpZK;N-no~|!uu*anxt=ARSUfumixPok*2H3STX((=rc20vP0pKvJPppkrWl{P6vUm2?lh3r{qSyg z`sQ%?NQSi*yJJWvn6O>s7Ng^5Wp4#J_NpuWC8FblXz@dtZI0IuEYQQfS;tEFh<>TP z{grwQ(@5tV-=3xP5$WAm`ta&^YdDel8eHfd>6!@5D%J{T0S=)@foHFW^=I-P z^o2TkZ~NHFxD#_Ij!T3k3hP_6JX<<4)^HjZ3{OCyGIOMR$L%7}Y$PP(e7JQ>4sYtPxf!8v*G1}nvVZ-dYdV7qBu#Xn+t0bWB=c1}y@<4{Uo)Gd(Hi>MxL z`h$I{Yh@WiyEE|8oH<&CP7&|f8`bl7g47Q0!!=McEvu|E&bf8$>5u9Z*-5+C>-~^c z`Hg~~@zG~b>=rWXS@F|)-}0^PVkQFjr$Bdy9IDVYf_PSev)9%+HR9wuxjX%a~Y-!if_IUk5+jIX~ z6M2^9A(Bk?%10=XfXZ2sNZE!*&jb$^*jd>SzI>hhj34l3yeKHruDAbqI2xT?`F1}R zc`+;Dyy|mjeb(N1u;NbW+sNfAHI1j57jOI&xT??B!e;F=yL+SVSPxfKu{kR-ehLKg z_LDL!TbX`_j%2_*ofF2kGYHtF7X9AT$;o3zmz7lYdjC4(M6TU#xpt=+p_-xBNi-8w z6Sroa-4FNXX&wwZ(lBR?Ub)zh;b?zaom(ZXu9OpaiEe?GgP~ArP^WJ`ue4SOPC?e}HL4bmedj&LXu#ntJ7_e3THq`SO_z7JwL*tOP+jTufoH~JISx}cUDoS;?$|OUl`NEhuZzb&{(lD%#hTbF_G78BZ ze#bxXOzXC$ErhhX9}+T0^1W6TgUXEkCt{izZwq;5>C)0+#_`@qH11PO#os7QBeyG3 zz@x?^R;AlmHF86fUp-~aGNfg~=p-Szr+wL)y@u&u9lb9-a;{}Fb6vi`#!TCcag6qV zq&nRN5KzCOMSWd;8o})pxIG(F^JP45Vc%B{47b0y@}+OL=Cj?(w=HlwZg#%TDG=|z zrA%CBPWf?DxZ)kMe}tk|8#&!Tx6gAn zw1#Xn^oOkk;pI)($*fijedQMAS$nLYJ=L@DJzs~ASM)PW*!gHSZNhr{?=qYpj9+6# zr^9mI_aCSGZNDQuRm0N7|HX~jk{-Ov%f3BxTqAt>(YlDD??t1(WL%E6_VscQ^8tz~ z!di<=5?|ip+vhdweKoUUkFED_O@bk43|-V(p9-sTmqnb!haci|j@p8mmo_>=i$=q# z>E-n>*17EsFGv;{tY()HR>TnCHO376*S@~4Xss^_|BW{WY00;P8NaI;Fvl3fP)<3z zpFG?~q}{GDYGZP{c&HufuY2eB97(AF$k8@Vhd^6~@5-#*>#tM7SSSQx%X=XEIfG{| zcxv5x;Gq*82O>|*{hlj!>|cZtQ_hEfm09)(CLfUTTIk~Cwj1qa%In-f$E%0U ze%jgC|w9sJjQbPvL5=@9K?Es zKV?64p}bIf^VptK-ud}DCgO?0r+B5!MHFH*NmFK1$#PbB5VD2r=Ee#I%YXpe-%Y;5 zdXFkLDF`%(m%*pw^^#+qzTJ$c_tsKGTF~|DPhp-SpS46G)AT4zDtZbhvUs|B3+oF< z?z7t+@Nt3Dx*cHZD8>C0Zy8?h9Bj>=)_e^wTnf3+zh!54s&u+Q05C^ zYYUZQcrrfoez0{BxALT%OGUV?3;mELt7j5|bN*=e{S2&+eVt^9Oc%9$LjM2_jU&5y zbvQQWQJk4^5*kvQEBpBk&jSMyjh&IZ5X=33ELjP3bm{1_;k1&fMS7dWOos_qm(5=0MOEzbgb@Ep8MC8o3{kq5P-So?d%()-6Mn^tke{boGJOOym+1u;Srxe7)m-Nhf^vfb`z4Li8M7$vflAJEphJIw61naDT|J8I_g)dG&Z?9DyS* z3xNQ));P7EJu%6HzkSR$_PgP=4IUb5#%h%JNX@X0tBNU;F#ztaal42w12r@fr`X;& zBwifj-al(BK8O_!x)|-~iDB!gMwB6ob97G8AU2?jT34W%1@Lsz3Vs$eMpP2PnL_`z z?}~)f<-M&Jyb|8&(!%_r<^mH>`gFBn+W1YsG^lC82}xe$hRc!P0dcwKRG2w})^kHi zPNT^vOG(WDX~I0cZETY|fp@JlRg8J9CywCn^cqS{0!YJwZ^pX{yM{bee-#1Xb^1dIxR)0-_M|Sl%pMXqs(Fv5c+afAm5pz+M`nChEt14*rI5TG)RkZA31k5D4ckJ^ocr zRI{(!)t8=eN!l^VWjn``1wu8Gd>_JVyjxZ5(U&v&W+^AU-c)IwTHm9)If2I>&Bmvf zDazHiyFQsQ{HafNws)+)PYSYq+~}fai)lzdL*$)OGZv(fFlAESVKVir*l-Aq=ogG& z7c$vi5fb7Sa-peQuzWZ^e>N8S&>3r@Rij*$Kb2`Gyc3-Sb1?iV#az7leD5(^Kpq!Y zYVHJbv#_CkjT!O06Du9-ATXuQTchzHN~luaDD5*YfO6JdIN)OTVB{L|Oi8-)OqH`- z!M7?wsI#Flz&J6=jP+6OGym&Kd9#u`F~M*z>(9#3bD9Xd8c86yHC=k!@F(@~9N$~a zmUm&e%Rk|K{WB3$BuDr8Sv0pE>pZa0RL?h{Iw;4Qo(^rzD@BuI{1AuSY~kumpr&h( zqRj6;9@5lYBMvb4ko{Ypc<2ATJ4hQ!xl@w~oEUesw5&xXp9ZO3*7o zubp289dO)wmg!4pO|N~$?DeSe#=)`MNEee+;20qPkW}T>ndEw*zjdZA(M2eregl0* zto1dqI$gWKIsd}_bW^s>Xz;7RU53W%i=5E3pN)~!qR1y)`*bvOto`t)Z0GutaC*Oo z&={&EKDgDXQYmpSh6VNM*a(q0vvZ_xqe@ddfuH3wbG(ls5C7tw!S0d2rm+rsb>2Mn zNBEKfC|NsOeU6NeY6;M-e0jZFp7!(~L#$R?&H?V-yTzRQ%E}ThUd&z12DFMXAF_=435sz`WVIL%Jx}f_6FnT^c^$Q*OIB*#*Vej zUms2`e7@GnMrKDNzHZ)$9mZ*Ya^L2!n{4Wqp~lzsnhfKEYzo^WgnrEa`9e_as=QYP zO0aU&OnU^liw!*ZRn1ptCkqaCzuiCMZXw&T*Q`EGUyUI}!A@@^h#8yix-IF>b<5qI zNwT_{)py-i+!7N@yEWL#^}7++8<3<)%uB-k6+G6(Nd)a95?7iZab=@Z%8&n7d)FD& zR2HpA1_VSQNE@XW2^~jKiZl_VM2Peb4n=xzQbSaf9*Xp)Km_SMp#~5LRisESQUcPO zK!7B?%!t0Xc=LX|zi++#y6fcZv%kIfxA$51-gEBp=_bq0LzF;*_pmLZH4xbacEVtt z5%z2Gfu-TSD&^B0!R_CKTYye^9WH7o@xak6TnpuW8?8>0B*$i() z!px8RMcZ+*Cl(z~1shZM_>p zh899oay@=dsjV4ek#P!4o6M)*^?j6$k?y(+I*T4Hz7f9gQ}R!?K@TAK1!&C{y!eqx zgH=1LgQR8rHkP#tvCUGgCfvAPQmZD|$-y1n$Zxps^2FrM)9#5-aE=|JhnwtK(#pua zoK;;<&xie4r-}tn#rndC#1S?6YkUWLf=<>wggiw+R;uOt8+`_j5azS*CX`A4I`P@O zDoiWYRUnols_qb8p+5ln{C)T&!sixb2GSZx$SHqg4NCmn(QChw&)EgE_yp3EDXTW$ z2%!mBFdxOOzuTah5{Sf?G_H=`qX!A9QhUlsl`oArEb}@rt7pX4X^QOGvnw zaCv&nFMkPZR9RvWzxrPmJtPAtDij|J?DX8;D$E<_Shx4f_UY?hf(sHCj@~ygPHs_% zk@;&klNFqg2)FcK$>LFo*oB{jsrI}OmFo&wVJFmWz;z3Q4&afn6Ui-fns~__vMW|E zce)CRr}-hQ8GttKP}J#{rg!CCU6Z%{u|qOx8W7*UJy23pQ6-F`$BZx{AR@4AQunm7 zX1P;wyknV=y&aNHeu@W~FN3>j&Av&CcPQ0eTwZ1$>qWB>@9-cs_PYI}D71fpb5BRW z7hwuf>fG65Fmpv_*YPgcnJ~zA$iXj3NR@P*=kg%z#8&G(cPjp!3hA2H)zxQ?b8w<# zo!gf|yON)(o5jEr#N3UzL?RtK;V1gf+q*(`?U2>oqBP_(rCCOckfJBiu6% z$4*c7vr0|I8*YUlU=*$KHBo|gz|7it#*eKSKA`{`v3-ZR<%`$s^6tMZk*7R7Of2XQFF^)4GIsoz~#JIkq}J^gP4c zMs>xM<14h^)}(>6-|iZ+Rl8bxn5E7Lt7$aYtOZ`Q#iN0+ti=a|Bs6#dc^C z2c|h6NJi1!9ye*ri<-O6V2gUALgn*(H7Qwi`o`vn|DBt(I>>fWKQxfLmtGgW0)m1y zN9Hz*3;}+45O_a8 zntaO2DW~A}b3h#pXNba5AS1zINj8d#HxB$lYVg;>9OMOxvi;>2!9kk^?$5jQ-XTW& z8AwMN@rTmbd2#}>tI(28yAVa(6tK_(uFRiuS&Bbw^1%!Utu40c`sG+p40d)`XxQZP znF6C#B{JGuM&nMho^22xMA7Z$1X$pEX4CUkO>cSa7kHXIH8FYq9(N2M3`+6*Y&Acj zJeue(#eQmbn$n{We6$u}ylWx~bO$F7rX*$_ddtREd%8cT4#s%uO)u;qY%sMGkw(^f za@ZDs#=dR$`E?rDP^?@8)``Z2Y0;F%7DI*TX}M}d+uWJ|!B%!5o)U(`%7FOAr5U{X zs*p32!v{RtY2H@=3xmEl*Rq~D4Hfpkymlb1Q9Ie>webe&PqmSGjf|YSG;Typs&L8{ z=jf~TLSaHfV@B+b>g)7}I>-yC3Z~0R#FwX_w)DZJ4;`&|jQL@`92-nXTZgqvtyR-V z{k1}&}SXJ9Df0z6FKo^Y% zU2(5n>slHlhVWc<6vu2PeNT-J^zG&*Me3=9)1QjUOiH9N2Uo*t^eHv_c%3gLX|Ea< zrJ+vye9V{B%tPukuXp<7Lm!2{5{ZjJ8m(~;n`+D_6+PzuYzES@dpMMOnE|$D!&q4? z&vRsy(IC7RMt((^ACG?70MvYJ8vgwDe#}lG`&3YS{ej)b0+~PY*ukYzQ@e8Gq)>l( zu)0!vltbCD>9+P zGkj(weGH?)CiYi>{wkxxNQhW7WSwWWJq&atBLc){so1o%O}|Ng7EkZyIJR++SuepE zd4x_(E_M(eVW{Gt9&W?to2PSTo4Qeg=)5Ms48-^h%axD;On2TZYB%ut^adV(FFQ#` z#tJxb)>~A2eVnke6Z&)W^ySJQMn~9}ibEE6z&!Q>+g;y~yoTGE9`RP)Kvqml)r9@K zO1rklbOcQl=iZ{Qxtn;(RTnO*uCei#b-~1ZkFgj=|1hs z=esNW*9X-e*(9nPlz1>M4$gbLC?V^;16vju9JnQ>Q17&VDP9&JSSq1yk$pKzqv~Bz zpu${xj9{-`p$SVBb1yK*-7Wv6%_87>saeR^drB!g<>jD3)oWF>s<>ebftO^O$T`q` zb9)j&4!u)!$JFK!duDyU)w8bf#cBuC_9?9^oXUUg%@Ai0GbBS*AB2JFir z-BFt3XIhKbNR`hZ=Z!-tJCTwMtNCH*7??>jxi``#vlf6Vk3Y5ItQ+T}=P$?&IR4Hb z-spc=QnhWl^&9i+XCwHN5gh|U<#ny!5M#O{k1Dllb7qc|#7`I|9VsE1PC^+d0)cot z@5^|@Sy^BFkSf;`v~DVG=qSLTH#9=GmGAF8(4)8CH#+9Z)p~X9+c%M>_kQhc)ggP1 z;ypD<{ilR9CtGoGJe*&KZU3ZF-CG&a{$yAZ8IhAKV~pz7TFqyy2XLvDC%pdc0tqPv zfTJv=*)ofx{oNM0Juiyy-gu97sAHuzy2x>>L0obzInhj71ohD@x1%118HzN~?Wv9S zvtgRmIKF=9 z4c1`F({RhD;A|i7HS`Hm-Cr+q-=GYQ*|s^)}1#9$(@_$j6=p z-7?%gK2Ti)&#?KEcV2Nb?Sb5DUNp7d5EBe3y}7Z>+qehZ^Fq+O_D09+IE92IDS27W zW3n3$cSZ&`oiI}?nTLLco!{nW8_*FwyC21BXP~;;@rY-qCD!8giN*YG;v? z5I?ROF_A@+x*5VdRg;0+Y%E!xb<@~wiA_M*#mg?0IQ*@TNUkM&z(D+vhRt0@+MUpP z*H`$z#4z`%hFI=?ic(%R&bbzk7J`g?O1_=Y)Is&#ADg4ztW zsUc-E-6^@H7um>TQR^n1GBP%cSD~S*k;vVyIRBS8CvoI`+_3qZ|G6K#ZNcbR`_0vPy48;GCYI^w<=MX2 zx3M9y6)saMQX|yVl>5p(+|PAp;?}D?b*G%rv{`M6T4XhndJm1Y(>&Dp>kVq{SsP~z zmIpRC+?1xGPbytf#-|92rZ+yVz97D~G+q2)xA~H1v&3v2WuDH^~XT z%HLgSxjsD5&G^Of9~aF~N{U#Pv0yuqAH~C!kK_bb)mKgd7|WCI7OCn#kYI!^QRWs^ zNbOR@4!0N!6&O>|z1qpG zsP(!)>PNpHCJ|9Uf2RX*NtRt0GWmi2>toW?!<0-mT8^6xD&rvrv>as-{{~zstsY4w zGsEuB^S3*%l>CqGgmw@T(IQ!w1VC@Ek?=E{-1aMAA`MFVmod*O3@P;^`OwAYi;q0c zOnN|zHO*>}B!y|miOvc4^Wq>J(Pm( zldKdv2FlboOiaVeDt@I5oTStoMZg{HVK5jNyPVo>6(0Go@?@E^fyb*~3iqQBzZV_u z2oRRZQtJC0&Z!X* z%4QAEcGkx$qc*C4cjSqK%4#ivunrq7yau%JloCMfr1OrspUYWc;pDNkJ_5sC9 zzjEit#b>DtoN*&pYN_dd%#gp7C=uJU!|2bj{Zv9kqrg+l?9R&jQ{S0bII&%cj{leV z8OAlzmnuf$i&Bry>ex>u^kgqp!g;lR&dX_;gaLj+0MB+xcNQ>GJKKal`8jnZu*f4m?`ZZY)tx1!oAOn$=`s|u*>T3 zEeph5vJF4a0rkH*FcG>+bDjhDiP0lT Date: Fri, 7 Nov 2014 02:43:08 +0800 Subject: [PATCH 0299/1291] + Added auro for listing --- running-coreos/cloud-providers/auro/index.md | 160 +++++++++++++++++++ 1 file changed, 160 insertions(+) create mode 100644 running-coreos/cloud-providers/auro/index.md diff --git a/running-coreos/cloud-providers/auro/index.md b/running-coreos/cloud-providers/auro/index.md new file mode 100644 index 000000000..028c0dcbf --- /dev/null +++ b/running-coreos/cloud-providers/auro/index.md @@ -0,0 +1,160 @@ +--- +layout: docs +title: AURO Cloud +category: running_coreos +sub_category: cloud_provider +weight: 5 +--- + +# Running CoreOS on AURO + +AURO is a Canadian OpenStack cloud computing provider based in Canada. In +order to get started, you must have an active account on the AURO +[public cloud computing][cloud-compute] service. + +The following instructions will walk you through setting up the `nova` tool with +your appropriate credentials and launching your first cluster using the +CLI tools. + +[cloud-compute]: https://www.auro.io/public_cloud_hosting/product + +## Choosing a Channel + +CoreOS is released into alpha and beta channels. Releases to each channel serve +as a release-candidate for the next channel. For example, a bug-free alpha +release is promoted bit-for-bit to the beta channel. + +CoreOS releases are automatically built and deployed on the AURO cloud, +therefore it is best to launch your clusters with the following naming pattern: +CoreOS _Channel_ _Version_. For example, the image name of the latest alpha +release will be "CoreOS Alpha {{site.alpha-channel}}". + + +### Cloud-Config + +CoreOS allows you to configure machine parameters, launch systemd units on +startup and more via [cloud-config][cloud-config]. We're going to provide the +`cloud-config` data via the `user-data` flag. + +[cloud-config]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config + +At the moment, you cannot supply the `user-data` using the AURO control +panel therefore you must use the CLI to deploy your cluster on the AURO +cloud. + +A sample common `cloud-config` file will look something like the following: + +```yaml +#cloud-config + +coreos: + etcd: + # generate a new token for each unique cluster from https://discovery.etcd.io/new + discovery: https://discovery.etcd.io/ + # multi-region and multi-cloud deployments need to use $public_ipv4 + addr: $private_ipv4:4001 + peer-addr: $private_ipv4:7001 + units: + - name: etcd.service + command: start + - name: fleet.service + command: start +``` + +The `$private_ipv4` and `$public_ipv4` substitution variables are fully supported in cloud-config on AURO. + +## Launch Cluster + +You will need to install `python-novaclient` which supplies the OpenStack CLI +tools as well as a keypair to use in order to access your CoreOS cluster. + +### Install OpenStack CLI tools + +If you don't have `pip` installed, install it by running `sudo easy_install pip`. +Now let's use `pip` to install `python-novaclient`. + +```sh +$ sudo pip install python-novaclient +``` + +### Add API Credentials + +You will need to have your API credentials configured on the machine that you're +going to be launching your cluster from. The easiest way to do this is by +logging into the AURO control panel and in the "Access & Security" section go to +the "API Access" tab and clicking "Download Openstack RC File". + +From there, you must create a file on your system with the contents of the +`-openrc.sh` file provided. Once done, you will need to `source` that file in your +shell prior to running any API commands. You can test that everything is running +properly by running the following command: + +```sh +$ source -openrc.sh +$ nova credentials +``` + +### Create Keypair + +You can import an existing public key by using the `nova keypair-add` command, +however for this guide, we will be creating a new keypair and storing the +private key for it locally and use it to access our CoreOS cluster. + +```sh +$ nova keypair-add coreos-key > coreos.pem +``` + +### Create Servers + +You should now be ready to launch the servers which will create your CoreOS +cluster using the `nova` CLI command. + + + +Once that's done, your cluster should be up and running. You can list the +created servers and SSH into a server using your private key. + +```sh +$ nova list ++--------------------------------------+-----------------+--------+------------+-------------+---------------------------------------+ +| ID | Name | Status | Task State | Power State | Networks | ++--------------------------------------+-----------------+--------+------------+-------------+---------------------------------------+ +| a1df1d98-622f-4f3b-adef-cb32f3e2a94d | coreos-a1df1d98 | ACTIVE | None | Running | public=104.36.x.x; private=172.22.x.x | +| db13c6a7-a474-40ff-906e-2447cbf89440 | coreos-db13c6a7 | ACTIVE | None | Running | public=104.36.x.x; private=172.22.x.x | +| f70b739d-9ad8-4b0b-bb74-4d715205ff0b | coreos-f70b739d | ACTIVE | None | Running | public=104.36.x.x; private=172.22.x.x | ++--------------------------------------+-----------------+--------+------------+-------------+---------------------------------------+ +$ nova ssh --login core -i core.pem coreos-a1df1d98 +CoreOS (alpha) +core@a1df1d98-622f-4f3b-adef-cb32f3e2a94d ~ $ +``` + +## Adding More Machines + +Adding new instances to the cluster is as easy as launching more with the same +cloud-config. New instances will join the cluster assuming they can communicate +with the others. + +## Multiple Clusters + +If you would like to create multiple clusters you'll need to generate and use a +new discovery token. Change the token value on the etcd discovery parameter in the cloud-config, and boot new instances. + +## Using CoreOS + +Now that you have instances booted it is time to play around. +Check out the [CoreOS Quickstart]({{site.url}}/docs/quickstart) guide or dig into [more specific topics]({{site.url}}/docs). From 6b53e147932a72cc30c7687ad522ecb160762249 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 6 Nov 2014 11:26:33 -0800 Subject: [PATCH 0300/1291] enterprise-registry: tweak image display --- enterprise-registry/github-auth/index.md | 13 ++----------- 1 file changed, 2 insertions(+), 11 deletions(-) diff --git a/enterprise-registry/github-auth/index.md b/enterprise-registry/github-auth/index.md index c7221d201..87b9e2534 100644 --- a/enterprise-registry/github-auth/index.md +++ b/enterprise-registry/github-auth/index.md @@ -19,12 +19,7 @@ Enterprise Registry in GitHub or GitHub Enterprise. - Log into GitHub (Enterprise) - Visit the applications page under your organization's settings and click "Register New Application". - -
    -
    - -
    -
    + - Enter your registry's URL as the application URL @@ -33,11 +28,7 @@ Note: If using public GitHub, the URL entered must be accessible by *your users* - Enter `https://{REGISTRY URL HERE}/oauth2/github/callback` as the Authorization callback URL. - Create the application and note down the `Client ID` and `Client Secret`. -
    -
    - -
    -
    + ## Add new configuration From 09d2f92841e317123150b7c63f6e57b8387fd54f Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 6 Nov 2014 11:31:41 -0800 Subject: [PATCH 0301/1291] enterprise-registry: shuffle categories and titles --- enterprise-registry/github-auth/index.md | 2 +- enterprise-registry/initial-setup/index.md | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/enterprise-registry/github-auth/index.md b/enterprise-registry/github-auth/index.md index 87b9e2534..c36437df2 100644 --- a/enterprise-registry/github-auth/index.md +++ b/enterprise-registry/github-auth/index.md @@ -1,6 +1,6 @@ --- layout: docs -title: GitHub Authentication in Enterprise Registry +title: Configure GitHub Authentication category: registry sub_category: setup forkurl: https://github.com/coreos/docs/blob/master/enterprise-registry/github-auth/index.md diff --git a/enterprise-registry/initial-setup/index.md b/enterprise-registry/initial-setup/index.md index 91bd0a104..e016371c5 100644 --- a/enterprise-registry/initial-setup/index.md +++ b/enterprise-registry/initial-setup/index.md @@ -2,7 +2,6 @@ layout: docs title: On-Premise Installation category: registry -sub_category: setup forkurl: https://github.com/coreos/docs/blob/master/enterprise-registry/initial-setup/index.md weight: 5 --- From 17839dd04040b3cfd02641b2802bd1a2bf86d5b9 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 6 Nov 2014 11:39:59 -0800 Subject: [PATCH 0302/1291] openstack: fix network output --- running-coreos/platforms/openstack/index.md | 1 + 1 file changed, 1 insertion(+) diff --git a/running-coreos/platforms/openstack/index.md b/running-coreos/platforms/openstack/index.md index 6288f55b8..5fcf8fcea 100644 --- a/running-coreos/platforms/openstack/index.md +++ b/running-coreos/platforms/openstack/index.md @@ -110,6 +110,7 @@ If you have more than one network, you may have to be explicit in the nova boot ``` You can see the IDs for your configured networks by running + ``` nova network-list +--------------------------------------+---------+------+ From 7e740c1108f272e84dbc44e7933f8d51dba6ccf1 Mon Sep 17 00:00:00 2001 From: nodanaonlyzuul Date: Fri, 7 Nov 2014 21:45:54 -0500 Subject: [PATCH 0303/1291] minor capitalization fixes for Getting Started With Docker --- .../building/getting-started-with-docker/index.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/launching-containers/building/getting-started-with-docker/index.md b/launching-containers/building/getting-started-with-docker/index.md index 1f38f69ed..3d85ec8ba 100644 --- a/launching-containers/building/getting-started-with-docker/index.md +++ b/launching-containers/building/getting-started-with-docker/index.md @@ -9,13 +9,13 @@ weight: 5 # Getting Started with docker -docker is an open-source project that makes creating and managing Linux containers really easy. Containers are like extremely lightweight VMs – they allow code to run in isolation from other containers but safely share the machine’s resources, all without the overhead of a hypervisor. +Docker is an open-source project that makes creating and managing Linux containers really easy. Containers are like extremely lightweight VMs – they allow code to run in isolation from other containers but safely share the machine’s resources, all without the overhead of a hypervisor. -docker containers can boot extremely fast (in milliseconds!) which gives you unprecedented flexibility in managing load across your cluster. For example, instead of running chef on each of your VMs, it’s faster and more reliable to have your build system create a container and launch it on the appropriate number of CoreOS hosts. This guide will show you how to launch a container, install some software on it, commit that container, and optionally launch it on another CoreOS machine. Before starting, make sure you've got at least one CoreOS machine up and running — try it on [Amazon EC2]({{site.url}}/docs/running-coreos/cloud-providers/ec2/) or locally with [Vagrant]({{site.url}}/docs/running-coreos/platforms/vagrant). +Docker containers can boot extremely fast (in milliseconds!) which gives you unprecedented flexibility in managing load across your cluster. For example, instead of running chef on each of your VMs, it’s faster and more reliable to have your build system create a container and launch it on the appropriate number of CoreOS hosts. This guide will show you how to launch a container, install some software on it, commit that container, and optionally launch it on another CoreOS machine. Before starting, make sure you've got at least one CoreOS machine up and running — try it on [Amazon EC2]({{site.url}}/docs/running-coreos/cloud-providers/ec2/) or locally with [Vagrant]({{site.url}}/docs/running-coreos/platforms/vagrant). ## Docker CLI Basics -docker has a [straightforward CLI](http://docs.docker.io/en/latest/reference/commandline/) that allows you to do almost everything you could want to a container. All of these commands use the image id (ex. be29975e0098), the image name (ex. myusername/webapp) and the container id (ex. 72d468f455ea) interchangably depending on the operation you are trying to do. This is confusing at first, so pay special attention to what you're using. +Docker has a [straightforward CLI](http://docs.docker.io/en/latest/reference/commandline/) that allows you to do almost everything you could want to a container. All of these commands use the image id (ex. be29975e0098), the image name (ex. myusername/webapp) and the container id (ex. 72d468f455ea) interchangably depending on the operation you are trying to do. This is confusing at first, so pay special attention to what you're using. ## Launching a Container @@ -132,6 +132,6 @@ docker run -d -p 80:80 registry.example.com:5000/apache /usr/sbin/apache2ctl -D ``` #### More Information -docker Overview +Docker Overview Docker Website docker's Getting Started Guide From a59db2149019d06f6f82637c53460ea231f4ceb9 Mon Sep 17 00:00:00 2001 From: nodanaonlyzuul Date: Fri, 7 Nov 2014 21:47:24 -0500 Subject: [PATCH 0304/1291] Title-Case the title --- .../building/getting-started-with-docker/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/launching-containers/building/getting-started-with-docker/index.md b/launching-containers/building/getting-started-with-docker/index.md index 3d85ec8ba..0a84a10cd 100644 --- a/launching-containers/building/getting-started-with-docker/index.md +++ b/launching-containers/building/getting-started-with-docker/index.md @@ -7,7 +7,7 @@ sub_category: building weight: 5 --- -# Getting Started with docker +# Getting Started with Docker Docker is an open-source project that makes creating and managing Linux containers really easy. Containers are like extremely lightweight VMs – they allow code to run in isolation from other containers but safely share the machine’s resources, all without the overhead of a hypervisor. From bc2e1107ee1a98ed8646cdb7c23e0b730b022c68 Mon Sep 17 00:00:00 2001 From: John McFarlane Date: Sat, 8 Nov 2014 16:20:21 -0800 Subject: [PATCH 0305/1291] Simple sidekick discovery unit(s) were mutating the same path Previously the doc resulted in both units mutating the same path in etcd: "/services/website/apache1" (where the last would win). With this change two files are written. I also added an "@" char as I was getting confused between apache1 (old apache) vs the first apache :) core@core-01 ~ $ etcdctl ls /services/ --recursive /services/website /services/website/apache@1 /services/website/apache@2 --- .../launching/launching-containers-fleet/index.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/launching-containers/launching/launching-containers-fleet/index.md b/launching-containers/launching/launching-containers-fleet/index.md index 5a17d62fb..f77fa6702 100644 --- a/launching-containers/launching/launching-containers-fleet/index.md +++ b/launching-containers/launching/launching-containers-fleet/index.md @@ -148,8 +148,8 @@ BindsTo=apache@%i.service After=apache@%i.service [Service] -ExecStart=/bin/sh -c "while true; do etcdctl set /services/website/apache1 '{ \"host\": \"%H\", \"port\": 80, \"version\": \"52c7248a14\" }' --ttl 60;sleep 45;done" -ExecStop=/usr/bin/etcdctl rm /services/website/apache1 +ExecStart=/bin/sh -c "while true; do etcdctl set /services/website/apache@%i '{ \"host\": \"%H\", \"port\": 80, \"version\": \"52c7248a14\" }' --ttl 60;sleep 45;done" +ExecStop=/usr/bin/etcdctl rm /services/website/apache@%i [X-Fleet] MachineOf=apache@%i.service @@ -183,9 +183,9 @@ Now let's verify that the service discovery is working correctly: ```sh $ etcdctl ls /services/ --recursive /services/website -/services/website/apache1 -/services/website/apache2 -$ etcdctl get /services/website/apache1 +/services/website/apache@1 +/services/website/apache@2 +$ etcdctl get /services/website/apache@1 { "host": "ip-10-182-139-116", "port": 80, "version": "52c7248a14" } ``` From 626e4a0d14a3f30d77be2afb07e2d361e5281274 Mon Sep 17 00:00:00 2001 From: raihanflores Date: Mon, 10 Nov 2014 16:37:46 +0800 Subject: [PATCH 0306/1291] Update index.md Made a few updates for listing. --- running-coreos/cloud-providers/auro/index.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/running-coreos/cloud-providers/auro/index.md b/running-coreos/cloud-providers/auro/index.md index 028c0dcbf..d71e51202 100644 --- a/running-coreos/cloud-providers/auro/index.md +++ b/running-coreos/cloud-providers/auro/index.md @@ -20,7 +20,7 @@ CLI tools. ## Choosing a Channel -CoreOS is released into alpha and beta channels. Releases to each channel serve +CoreOS is released into stable, alpha, and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. @@ -38,9 +38,9 @@ startup and more via [cloud-config][cloud-config]. We're going to provide the [cloud-config]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config -At the moment, you cannot supply the `user-data` using the AURO control -panel therefore you must use the CLI to deploy your cluster on the AURO -cloud. +You are able to supply the `user-data` using the AURO control panel when launching +an instance, in the "Post Creation" tab, as well as using the CLI to deploy your +cluster on the AURO cloud. A sample common `cloud-config` file will look something like the following: From f427a94af5a838697a52fee5312e25f8a4591466 Mon Sep 17 00:00:00 2001 From: stresler Date: Tue, 11 Nov 2014 15:51:41 -0500 Subject: [PATCH 0307/1291] Update index.md Clarifying that you cannot install to the device that you are currently running on. --- running-coreos/bare-metal/installing-to-disk/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/running-coreos/bare-metal/installing-to-disk/index.md b/running-coreos/bare-metal/installing-to-disk/index.md index c034b5f8a..9978cf51e 100644 --- a/running-coreos/bare-metal/installing-to-disk/index.md +++ b/running-coreos/bare-metal/installing-to-disk/index.md @@ -15,7 +15,7 @@ weight: 7 There is a simple installer that will destroy everything on the given target disk and install CoreOS. Essentially it downloads an image, verifies it with gpg and then copies it bit for bit to disk. -The script is self-contained and located [on GitHub here](https://raw.github.com/coreos/init/master/bin/coreos-install "coreos-install") and can be run from any Linux distribution. +The script is self-contained and located [on GitHub here](https://raw.github.com/coreos/init/master/bin/coreos-install "coreos-install") and can be run from any Linux distribution. You cannot install CoreOS to the same device that the current operating system is running from. However, any linux liveCD or alternative boot media should allow CoreOS to install to a non-active device. If you already boot CoreOS via PXE, the install script is already installed. By default the install script will attempt to install the same version and channel that was PXE-booted: From 232e9dd223dad2d063e0a3ebaf6c083f86a2aa11 Mon Sep 17 00:00:00 2001 From: Alex Crawford Date: Fri, 14 Nov 2014 12:06:46 -0800 Subject: [PATCH 0308/1291] azure: add Azure docs --- running-coreos/cloud-providers/azure/index.md | 158 ++++++++++++++++++ 1 file changed, 158 insertions(+) create mode 100644 running-coreos/cloud-providers/azure/index.md diff --git a/running-coreos/cloud-providers/azure/index.md b/running-coreos/cloud-providers/azure/index.md new file mode 100644 index 000000000..3ce50aee6 --- /dev/null +++ b/running-coreos/cloud-providers/azure/index.md @@ -0,0 +1,158 @@ +--- +layout: docs +title: Azure +category: running_coreos +sub_category: cloud_provider +supported: true +weight: 1 +--- + +# Running CoreOS on Azure + +## Choosing a Channel + +CoreOS is designed to be [updated automatically][update-docs] with different +schedules per channel. You can [disable this feature][reboot-docs], although we +don't recommend it. Read the [release notes][release-notes] for specific +features and bug fixes. + +The following command will create a single instance. For more details, check out +Launching via the cross-platform CLI. + +
    + +
    +
    +
    +

    The alpha channel closely tracks master and frequently has new releases. The newest versions of docker, etcd, and fleet will be available for testing. Current version is CoreOS 475.1.0.

    + 
    azure vm create --custom-data=cloud-config.yaml --vm-size=Small --ssh=22 --ssh-cert=path/to/cert --no-ssh-password --vm-name=node-1 --location="West US" my-cloud-service 2b171e93f07c4903bcad35bda10acf22__CoreOS-Alpha-475.1.0 core
    +
    +
    +
    +
    +

    CoreOS on Azure is new! There haven't been any beta images yet.

    +

    Alpha images can be switched to the beta channel.

    +
    +
    +
    +
    +

    CoreOS on Azure is new! There haven't been any stable images yet.

    +

    Alpha images can be switched to the stable channel.

    +
    +
    +
    +
    + +[update-docs]: {{site.url}}/using-coreos/updates +[reboot-docs]: {{site.url}}/docs/cluster-management/debugging/prevent-reboot-after-update +[release-notes]: {{site.url}}/releases + +## Cloud-Config + +CoreOS allows you to configure machine parameters, launch systemd units on +startup, and more via cloud-config. Jump over to the [docs to learn about the +supported features][cloud-config-docs]. Cloud-config is intended to bring up a +cluster of machines into a minimal useful state and ideally shouldn't be used +to configure anything that isn't standard across many hosts. Once an instance +is provisioned on Azure, the cloud-config cannot be modified. + +You can provide raw cloud-config data to CoreOS +via the Azure cross-platform CLI. + +The most common cloud-config for Azure looks like: + +```yaml +#cloud-config + +coreos: + etcd: + # generate a new token for each unique cluster from https://discovery.etcd.io/new + discovery: https://discovery.etcd.io/ + # deployments across multiple cloud services will need to use $public_ipv4 + addr: $private_ipv4:4001 + peer-addr: $private_ipv4:7001 + units: + - name: etcd.service + command: start + - name: fleet.service + command: start +``` + +The `$private_ipv4` and `$public_ipv4` substitution variables are fully +supported in cloud-config on Azure. The private address is the address of the +single network interface of the instance and the public address is the address +of the cloud service to which the instance belongs. + +[cloud-config-docs]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config + +### Adding More Machines +To add more instances to the cluster, just launch more with the same +cloud-config into the same cloud service. Make sure to use the `--connect` +flag with `azure vm create` to add a new instance to your existing cloud +service. + +## Launching Instances + +### Via the Cross-Platform CLI + +Follow the [installation and configuration guides][xplat-cli] for the Azure +Cross-Platform CLI to set up your local installation. This tool can be used to +perform most of the needed tasks. + +Instances on Azure must be connected to a cloud service. Create a new cloud +service with the following command: + +```sh +azure service create my-cloud-service +``` + +All of the instances within a cloud service can connect to one another via +their private network interface. Instances within a cloud service are +effectively NAT'd behind the cloud service's address; the public address. To +allow connections from outside the cloud service, you'll need to create an +endpoint with `azure vm endpoint create`. For now, we'll keep it simple and +only connect to other machines within our cloud-service. + +In order to SSH into your machine, you'll need an x509 certificate. You +probably already have an SSH key, which you can use to generate an x509 +certificate. More detail can be found in [this guide][ssh]. + +Now that you have a cloud service and your keys, create an instance of CoreOS +Alpha 475.1.0, connected to your cloud service: + +```sh +azure vm create --custom-data=cloud-config.yaml --ssh=22 --ssh-cert=path/to/cert --no-ssh-password --vm-name=node-1 --connect=my-cloud-service 2b171e93f07c4903bcad35bda10acf22__CoreOS-Alpha-475.1.0 core +``` + +This will additionally create an endpoint allowing SSH traffic to reach the +newly created instance. If you bring up more machines, you'll need to choose a +different port for each instance. + +Let's create two more instances: + +```sh +azure vm create --custom-data=cloud-config.yaml --ssh=2022 --ssh-cert=path/to/cert --no-ssh-password --vm-name=node-2 --connect=my-cloud-service 2b171e93f07c4903bcad35bda10acf22__CoreOS-Alpha-475.1.0 core +``` + +```sh +azure vm create --custom-data=cloud-config.yaml --ssh=3022 --ssh-cert=path/to/cert --no-ssh-password --vm-name=node-3 --connect=my-cloud-service 2b171e93f07c4903bcad35bda10acf22__CoreOS-Alpha-475.1.0 core +``` + +If you used the recommended cloud-config, you +should have a working, three node cluster. Great job! + +[xplat-cli]: http://azure.microsoft.com/en-us/documentation/articles/xplat-cli/ +[ssh]: http://azure.microsoft.com/en-us/documentation/articles/virtual-machines-linux-use-ssh-key/ + +## Using CoreOS + +Now that you have a machine booted it is time to play around. +Check out the [CoreOS Quickstart][quick-start] guide or dig into +[more specific topics][docs]. + +[quick-start]: {{site.url}}/docs/quickstart +[docs]: {{site.url}}/docs From c9ba057697bb3193e387709252f03717461a8a48 Mon Sep 17 00:00:00 2001 From: Alex Crawford Date: Fri, 14 Nov 2014 12:08:34 -0800 Subject: [PATCH 0309/1291] azure: change version numbers to track releases --- running-coreos/cloud-providers/azure/index.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/running-coreos/cloud-providers/azure/index.md b/running-coreos/cloud-providers/azure/index.md index 3ce50aee6..642fcbbdc 100644 --- a/running-coreos/cloud-providers/azure/index.md +++ b/running-coreos/cloud-providers/azure/index.md @@ -28,8 +28,8 @@ The following command will create a single instance. For more details, check out
    -

    The alpha channel closely tracks master and frequently has new releases. The newest versions of docker, etcd, and fleet will be available for testing. Current version is CoreOS 475.1.0.

    - 
    azure vm create --custom-data=cloud-config.yaml --vm-size=Small --ssh=22 --ssh-cert=path/to/cert --no-ssh-password --vm-name=node-1 --location="West US" my-cloud-service 2b171e93f07c4903bcad35bda10acf22__CoreOS-Alpha-475.1.0 core
    +

    The alpha channel closely tracks master and frequently has new releases. The newest versions of docker, etcd, and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

    + 
    azure vm create --custom-data=cloud-config.yaml --vm-size=Small --ssh=22 --ssh-cert=path/to/cert --no-ssh-password --vm-name=node-1 --location="West US" my-cloud-service 2b171e93f07c4903bcad35bda10acf22__CoreOS-Alpha-{{site.alpha-channel}} core
    @@ -122,10 +122,10 @@ probably already have an SSH key, which you can use to generate an x509 certificate. More detail can be found in [this guide][ssh]. Now that you have a cloud service and your keys, create an instance of CoreOS -Alpha 475.1.0, connected to your cloud service: +Alpha {{site.alpha-channel}}, connected to your cloud service: ```sh -azure vm create --custom-data=cloud-config.yaml --ssh=22 --ssh-cert=path/to/cert --no-ssh-password --vm-name=node-1 --connect=my-cloud-service 2b171e93f07c4903bcad35bda10acf22__CoreOS-Alpha-475.1.0 core +azure vm create --custom-data=cloud-config.yaml --ssh=22 --ssh-cert=path/to/cert --no-ssh-password --vm-name=node-1 --connect=my-cloud-service 2b171e93f07c4903bcad35bda10acf22__CoreOS-Alpha-{{site.alpha-channel}} core ``` This will additionally create an endpoint allowing SSH traffic to reach the @@ -135,11 +135,11 @@ different port for each instance. Let's create two more instances: ```sh -azure vm create --custom-data=cloud-config.yaml --ssh=2022 --ssh-cert=path/to/cert --no-ssh-password --vm-name=node-2 --connect=my-cloud-service 2b171e93f07c4903bcad35bda10acf22__CoreOS-Alpha-475.1.0 core +azure vm create --custom-data=cloud-config.yaml --ssh=2022 --ssh-cert=path/to/cert --no-ssh-password --vm-name=node-2 --connect=my-cloud-service 2b171e93f07c4903bcad35bda10acf22__CoreOS-Alpha-{{site.alpha-channel}} core ``` ```sh -azure vm create --custom-data=cloud-config.yaml --ssh=3022 --ssh-cert=path/to/cert --no-ssh-password --vm-name=node-3 --connect=my-cloud-service 2b171e93f07c4903bcad35bda10acf22__CoreOS-Alpha-475.1.0 core +azure vm create --custom-data=cloud-config.yaml --ssh=3022 --ssh-cert=path/to/cert --no-ssh-password --vm-name=node-3 --connect=my-cloud-service 2b171e93f07c4903bcad35bda10acf22__CoreOS-Alpha-{{site.alpha-channel}} core ``` If you used the recommended cloud-config, you From 366cd80c5f3d94ffb1e3543e8b7e426cc11e7960 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Mon, 17 Nov 2014 11:30:23 -0800 Subject: [PATCH 0310/1291] ISO: improve formatting for kernel options --- running-coreos/platforms/iso/index.md | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/running-coreos/platforms/iso/index.md b/running-coreos/platforms/iso/index.md index bee66af20..ade990941 100644 --- a/running-coreos/platforms/iso/index.md +++ b/running-coreos/platforms/iso/index.md @@ -61,4 +61,10 @@ The most common use-case for this ISO is to install CoreOS to disk. You can [fin If you need to bypass authentication in order to install, the kernel option `coreos.autologin` allows you to drop directly to a shell on a given console without prompting for a password. Useful for troubleshooting but use with caution. -For any console that doesn't normally get a login prompt by default be sure to combine with the `console` option, e.g. `console=tty0 console=ttyS0 coreos.autologin=tty1 coreos.autologin=ttyS0`. Without any argument it enables access on all consoles. Note that for the VGA console the login prompts are on virtual terminals (`tty1`, `tty2`, etc), not the VGA console itself (`tty0`). \ No newline at end of file +For any console that doesn't normally get a login prompt by default be sure to combine with the `console` option: + +``` +console=tty0 console=ttyS0 coreos.autologin=tty1 coreos.autologin=ttyS0 +``` + +Without any argument it enables access on all consoles. Note that for the VGA console the login prompts are on virtual terminals (`tty1`, `tty2`, etc), not the VGA console itself (`tty0`). \ No newline at end of file From 84dae810bfa124e823ba7dd650c14f646044c2d4 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Mon, 17 Nov 2014 11:31:04 -0800 Subject: [PATCH 0311/1291] install-to-disk: mention ISO as a way to install --- running-coreos/bare-metal/installing-to-disk/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/running-coreos/bare-metal/installing-to-disk/index.md b/running-coreos/bare-metal/installing-to-disk/index.md index 9978cf51e..73611ab76 100644 --- a/running-coreos/bare-metal/installing-to-disk/index.md +++ b/running-coreos/bare-metal/installing-to-disk/index.md @@ -15,7 +15,7 @@ weight: 7 There is a simple installer that will destroy everything on the given target disk and install CoreOS. Essentially it downloads an image, verifies it with gpg and then copies it bit for bit to disk. -The script is self-contained and located [on GitHub here](https://raw.github.com/coreos/init/master/bin/coreos-install "coreos-install") and can be run from any Linux distribution. You cannot install CoreOS to the same device that the current operating system is running from. However, any linux liveCD or alternative boot media should allow CoreOS to install to a non-active device. +The script is self-contained and located [on GitHub here](https://raw.github.com/coreos/init/master/bin/coreos-install "coreos-install") and can be run from any Linux distribution. You cannot install CoreOS to the same device that is currently booted. However, the [CoreOS ISO]({{site.url}}/docs/running-coreos/platforms/iso/) or any Linux liveCD will allow CoreOS to install to a non-active device. If you already boot CoreOS via PXE, the install script is already installed. By default the install script will attempt to install the same version and channel that was PXE-booted: From 2565e65138f8cc80b61ee3b63afec112debc5585 Mon Sep 17 00:00:00 2001 From: Alex Crawford Date: Tue, 18 Nov 2014 10:32:00 -0800 Subject: [PATCH 0312/1291] azure: add beta channel --- running-coreos/cloud-providers/azure/index.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/running-coreos/cloud-providers/azure/index.md b/running-coreos/cloud-providers/azure/index.md index 642fcbbdc..3886810e1 100644 --- a/running-coreos/cloud-providers/azure/index.md +++ b/running-coreos/cloud-providers/azure/index.md @@ -26,16 +26,16 @@ The following command will create a single instance. For more details, check out
  • Alpha Channel
    • -
    +

    The alpha channel closely tracks master and frequently has new releases. The newest versions of docker, etcd, and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

    azure vm create --custom-data=cloud-config.yaml --vm-size=Small --ssh=22 --ssh-cert=path/to/cert --no-ssh-password --vm-name=node-1 --location="West US" my-cloud-service 2b171e93f07c4903bcad35bda10acf22__CoreOS-Alpha-{{site.alpha-channel}} core
    -
    +
    -

    CoreOS on Azure is new! There haven't been any beta images yet.

    -

    Alpha images can be switched to the beta channel.

    +

    The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.beta-channel}}.

    + 
    azure vm create --custom-data=cloud-config.yaml --vm-size=Small --ssh=22 --ssh-cert=path/to/cert --no-ssh-password --vm-name=node-1 --location="West US" my-cloud-service 2b171e93f07c4903bcad35bda10acf22__CoreOS-Beta-{{site.beta-channel}} core
    From c73e8dfded85275ea034cf5ff2d000551b9c204c Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Tue, 18 Nov 2014 11:07:02 -0800 Subject: [PATCH 0313/1291] azure: make beta tab default --- running-coreos/cloud-providers/azure/index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/running-coreos/cloud-providers/azure/index.md b/running-coreos/cloud-providers/azure/index.md index 3886810e1..90bbc4b33 100644 --- a/running-coreos/cloud-providers/azure/index.md +++ b/running-coreos/cloud-providers/azure/index.md @@ -22,8 +22,8 @@ The following command will create a single instance. For more details, check out
    From c2509750b3c9f7669d1e0f5f4550103236322018 Mon Sep 17 00:00:00 2001 From: Thomas Suckow Date: Tue, 18 Nov 2014 13:18:07 -0800 Subject: [PATCH 0314/1291] Add power management section --- .../scaling/power-management/index.md | 54 +++++++++++++++++++ 1 file changed, 54 insertions(+) create mode 100644 cluster-management/scaling/power-management/index.md diff --git a/cluster-management/scaling/power-management/index.md b/cluster-management/scaling/power-management/index.md new file mode 100644 index 000000000..f0c2a45d0 --- /dev/null +++ b/cluster-management/scaling/power-management/index.md @@ -0,0 +1,54 @@ +--- +layout: docs +slug: guides/power +title: Power Management +category: cluster_management +sub_category: scaling +weight: 5 +--- + +# Tuning CoreOS Power Management + +## CPU Governor + +By default, CoreOS uses the "performance" CPU governor meaning that the CPU +operates at the maximum frequency regardless of load. This is reasonable for +a system that is under constant load or cannot tolerate increased latency. +On the other hand, if the system is idle much of the time and latency is not +a concern, power savings may be desired. + +Several governors are available: + +| Governor | Description | +|--------------------|-------------| +| `performance` | Default. Operate at the maximum frequency | +| `ondemand` | Dynamically scale frequency at 75% cpu load | +| `conservative` | Dynamically scale frequency at 95% cpu load | +| `powersave` | Operate at the minimum frequency | +| `userspace` | Controlled by a userspace application via the `scaling_setspeed` file | + +The "conservative" governor can be used instead using the following shell commands: +```sh +modprobe cpufreq_conservative +echo "conservative" | tee /sys/devices/system/cpu/cpu*/cpufreq/scaling_governor > /dev/null +``` + +This can be configured with [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/#coreos) as well: +```yaml +coreos: + units: + - name: cpu-governor.service + command: start + runtime: true + content: | + [Unit] + Description=Enable CPU power saving + + [Service] + Type=oneshot + RemainAfterExit=yes + ExecStart=/usr/sbin/modprobe cpufreq_conservative + ExecStart=/usr/bin/sh -c '/usr/bin/echo "conservative" | tee /sys/devices/system/cpu/cpu*/cpufreq/scaling_governor' +``` + +More information on further tuning each governor is available in the [Kernel Documentation](https://www.kernel.org/doc/Documentation/cpu-freq/governors.txt) From 4ad49b0a412d68f6b69bbf1c202b429b5ba04f59 Mon Sep 17 00:00:00 2001 From: Jimmy Zelinskie Date: Fri, 21 Nov 2014 12:29:28 -0500 Subject: [PATCH 0315/1291] add superuser feature flag to example config.yaml --- enterprise-registry/initial-setup/index.md | 1 + 1 file changed, 1 insertion(+) diff --git a/enterprise-registry/initial-setup/index.md b/enterprise-registry/initial-setup/index.md index e016371c5..e4a5f4ca4 100644 --- a/enterprise-registry/initial-setup/index.md +++ b/enterprise-registry/initial-setup/index.md @@ -92,6 +92,7 @@ USER_EVENTS_REDIS: {'host': '(FILL IN HERE: redis host)'} # The usernames of your super-users, if any. Super users will # have the ability to view and delete other users. +FEATURE_SUPER_USERS: false SUPER_USERS: [] # Either 'Database' or 'LDAP'. From 181382a20248aba38eba0f65073bbf4cddfd29c8 Mon Sep 17 00:00:00 2001 From: Jimmy Zelinskie Date: Mon, 24 Nov 2014 15:30:57 -0500 Subject: [PATCH 0316/1291] Add comment for auth-less mailserver. --- enterprise-registry/initial-setup/index.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/enterprise-registry/initial-setup/index.md b/enterprise-registry/initial-setup/index.md index e4a5f4ca4..d414bd9ec 100644 --- a/enterprise-registry/initial-setup/index.md +++ b/enterprise-registry/initial-setup/index.md @@ -66,7 +66,8 @@ SERVER_HOSTNAME: '(FILL IN HERE: registry.mycorp.com)' ENTERPRISE_LOGO_URL: '(FILL IN HERE: http://someurl/...)' # Settings for SMTP and mailing. This is *required*. Note: "localhost" will not work since the -# registry is run inside a container. +# registry is run inside a container. Delete or use null values for username and password if +# you are running an auth-less mailserver. MAIL_PORT: 587 MAIL_PASSWORD: '(FILL IN HERE: password)' MAIL_SERVER: '(FILL IN HERE: hostname)' From 81e12a2f7fb417c465f1c3bf48fe2a1e875410ae Mon Sep 17 00:00:00 2001 From: Joseph Schorr Date: Wed, 26 Nov 2014 17:30:10 -0500 Subject: [PATCH 0317/1291] Add docs on build support setup --- enterprise-registry/build-support/index.md | 57 ++++++++++++++++++++++ 1 file changed, 57 insertions(+) create mode 100644 enterprise-registry/build-support/index.md diff --git a/enterprise-registry/build-support/index.md b/enterprise-registry/build-support/index.md new file mode 100644 index 000000000..da3e08381 --- /dev/null +++ b/enterprise-registry/build-support/index.md @@ -0,0 +1,57 @@ +--- +layout: docs +title: Dockerfile Build Setup +category: registry +sub_category: setup +forkurl: https://github.com/coreos/docs/blob/master/enterprise-registry/build-support/index.md +weight: 5 +--- + +# Dockerfile Build Support + +CoreOS Enterprise Registry supports building Dockerfiles using a set of worker nodes. + +## Change the feature flag + +In the Enteprise Registry `config.yaml`, change the following to enable build support: + +```yaml +FEATURE_BUILD_SUPPORT: false +``` + +to + +```yaml +FEATURE_BUILD_SUPPORT: true +``` + +## Restart Enterprise Registry + +Restart the CoreOS Enterprise Registry to enable building. + +## Setup the build worker(s) + +Select one (or more) machines to be used as your build workers. The machines must have Docker installed and must +not be used for any other work. The following procedure needs to be done everytime a new worker needs to be +added, but it can be automated fairly easily. + +### Download the Build Worker image + +```sh +docker pull quay.io/coreos/build-worker +``` + +### Run the Build Worker image + +`docker run` the image, with `SERVER` being a *websocket URL* to your Enterprise Registry install. For example, +if your Enterprise Registry is located at `somehost.com`, then the `SERVER` will be: + +If SSL is being used: ```wss://somehost.com``` +If SSL is *not* being used: ```ws://somehost.com``` + +```sh +docker run --restart on-failure -e SERVER=wss://myenterprise.host -v /var/run/docker.sock:/var/run/docker.sock quay.io/coreos/build-worker +``` + +The build worker should auto-register with the Enterprise Registry and start building once jobs occur. + From f2cc45e082db972f3fd7ee7e38284427311d6588 Mon Sep 17 00:00:00 2001 From: Joseph Schorr Date: Wed, 26 Nov 2014 17:30:59 -0500 Subject: [PATCH 0318/1291] Better formatting --- enterprise-registry/build-support/index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/enterprise-registry/build-support/index.md b/enterprise-registry/build-support/index.md index da3e08381..0a63b8aca 100644 --- a/enterprise-registry/build-support/index.md +++ b/enterprise-registry/build-support/index.md @@ -46,8 +46,8 @@ docker pull quay.io/coreos/build-worker `docker run` the image, with `SERVER` being a *websocket URL* to your Enterprise Registry install. For example, if your Enterprise Registry is located at `somehost.com`, then the `SERVER` will be: -If SSL is being used: ```wss://somehost.com``` -If SSL is *not* being used: ```ws://somehost.com``` +- If SSL is being used: ```wss://somehost.com``` +- If SSL is *not* being used: ```ws://somehost.com``` ```sh docker run --restart on-failure -e SERVER=wss://myenterprise.host -v /var/run/docker.sock:/var/run/docker.sock quay.io/coreos/build-worker From a2e131bea7467750f728d51cbcb49ece88f9d8b7 Mon Sep 17 00:00:00 2001 From: Joseph Schorr Date: Wed, 26 Nov 2014 17:31:45 -0500 Subject: [PATCH 0319/1291] Fix some of the language --- enterprise-registry/build-support/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/enterprise-registry/build-support/index.md b/enterprise-registry/build-support/index.md index 0a63b8aca..2eed7b7fa 100644 --- a/enterprise-registry/build-support/index.md +++ b/enterprise-registry/build-support/index.md @@ -53,5 +53,5 @@ if your Enterprise Registry is located at `somehost.com`, then the `SERVER` will docker run --restart on-failure -e SERVER=wss://myenterprise.host -v /var/run/docker.sock:/var/run/docker.sock quay.io/coreos/build-worker ``` -The build worker should auto-register with the Enterprise Registry and start building once jobs occur. +The build worker should auto-register with the Enterprise Registry and start building once a job has been queued. From 34068bd46962b47ecb3352fa95caa05f2abf11d6 Mon Sep 17 00:00:00 2001 From: Joseph Schorr Date: Mon, 1 Dec 2014 12:23:27 -0500 Subject: [PATCH 0320/1291] Change the image name to make it more clear --- enterprise-registry/build-support/index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/enterprise-registry/build-support/index.md b/enterprise-registry/build-support/index.md index 2eed7b7fa..ed3daff2c 100644 --- a/enterprise-registry/build-support/index.md +++ b/enterprise-registry/build-support/index.md @@ -38,7 +38,7 @@ added, but it can be automated fairly easily. ### Download the Build Worker image ```sh -docker pull quay.io/coreos/build-worker +docker pull quay.io/coreos/registry-build-worker ``` ### Run the Build Worker image @@ -50,7 +50,7 @@ if your Enterprise Registry is located at `somehost.com`, then the `SERVER` will - If SSL is *not* being used: ```ws://somehost.com``` ```sh -docker run --restart on-failure -e SERVER=wss://myenterprise.host -v /var/run/docker.sock:/var/run/docker.sock quay.io/coreos/build-worker +docker run --restart on-failure -e SERVER=wss://myenterprise.host -v /var/run/docker.sock:/var/run/docker.sock quay.io/coreos/registry-build-worker ``` The build worker should auto-register with the Enterprise Registry and start building once a job has been queued. From c9af30954f2bbe10ba757f0e6a9c3c3c0469c1fe Mon Sep 17 00:00:00 2001 From: Joseph Schorr Date: Mon, 1 Dec 2014 12:33:50 -0500 Subject: [PATCH 0321/1291] Clarify this is a beta and that updating requires pulling a new image --- enterprise-registry/build-support/index.md | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/enterprise-registry/build-support/index.md b/enterprise-registry/build-support/index.md index ed3daff2c..1372a13bb 100644 --- a/enterprise-registry/build-support/index.md +++ b/enterprise-registry/build-support/index.md @@ -11,6 +11,9 @@ weight: 5 CoreOS Enterprise Registry supports building Dockerfiles using a set of worker nodes. +*Note:* This feature is currently in *beta*, so it may encounter issues every so often. Please report +any issues encountered to support so we can fix it ASAP. + ## Change the feature flag In the Enteprise Registry `config.yaml`, change the following to enable build support: @@ -25,9 +28,9 @@ to FEATURE_BUILD_SUPPORT: true ``` -## Restart Enterprise Registry +## Update and Restart Enterprise Registry -Restart the CoreOS Enterprise Registry to enable building. +Pull the latest Enterprise Registry image and restart the CoreOS Enterprise Registry to enable building. ## Setup the build worker(s) @@ -38,7 +41,7 @@ added, but it can be automated fairly easily. ### Download the Build Worker image ```sh -docker pull quay.io/coreos/registry-build-worker +docker pull quay.io/coreos/registry-build-worker:latest ``` ### Run the Build Worker image @@ -50,7 +53,7 @@ if your Enterprise Registry is located at `somehost.com`, then the `SERVER` will - If SSL is *not* being used: ```ws://somehost.com``` ```sh -docker run --restart on-failure -e SERVER=wss://myenterprise.host -v /var/run/docker.sock:/var/run/docker.sock quay.io/coreos/registry-build-worker +docker run --restart on-failure -e SERVER=wss://myenterprise.host -v /var/run/docker.sock:/var/run/docker.sock quay.io/coreos/registry-build-worker:latest ``` The build worker should auto-register with the Enterprise Registry and start building once a job has been queued. From 881e2bc2bc7f844aa7933ff88e9f119c2d1d573f Mon Sep 17 00:00:00 2001 From: Joseph Schorr Date: Mon, 1 Dec 2014 15:20:03 -0500 Subject: [PATCH 0322/1291] Add docs for GitHub-triggered building in the Enterprise Registry --- enterprise-registry/build-support/index.md | 5 ++ enterprise-registry/github-build/index.md | 71 ++++++++++++++++++++++ 2 files changed, 76 insertions(+) create mode 100644 enterprise-registry/github-build/index.md diff --git a/enterprise-registry/build-support/index.md b/enterprise-registry/build-support/index.md index 1372a13bb..64d5153c6 100644 --- a/enterprise-registry/build-support/index.md +++ b/enterprise-registry/build-support/index.md @@ -58,3 +58,8 @@ docker run --restart on-failure -e SERVER=wss://myenterprise.host -v /var/run/do The build worker should auto-register with the Enterprise Registry and start building once a job has been queued. +### Setup GitHub Build (optional) + +If your organization plans to have builds be conducted via pushes to GitHub (or GitHub Enterprise), please continue +with the Setting up Github Build. + diff --git a/enterprise-registry/github-build/index.md b/enterprise-registry/github-build/index.md new file mode 100644 index 000000000..416e9cd9d --- /dev/null +++ b/enterprise-registry/github-build/index.md @@ -0,0 +1,71 @@ +--- +layout: docs +title: GitHub Build +category: registry +sub_category: setup +forkurl: https://github.com/coreos/docs/blob/master/enterprise-registry/github-build/index.md +weight: 5 +--- + +# GitHub Build + +CoreOS Enterprise Registry supports using GitHub or GitHub Enterprise as a trigger to building +images. + +## Initial Setup + +If you have not yet done so, please enable build support in the Enterprise Registry. + +## Create an OAuth Application in GitHub + +The first step in supporting GitHub Build is to create an OAuth Application representing the +Enterprise Registry *for building* in GitHub or GitHub Enterprise. + +*Note:* A *separate* application must be setup for GitHub build, independent of the one used for GitHub Authentication. + +- Log into GitHub (Enterprise) +- Visit the applications page under your organization's settings and click "Register New Application". + + +
    +
    + +
    +
    + +- Enter your registry's URL as the application URL + +Note: If using public GitHub, the URL entered must be accessible by *your users*. It can still be an internal URL. + +- Enter `https://{REGISTRY URL HERE}/oauth2/github/callback` as the Authorization callback URL. +- Create the application and note down the `Client ID` and `Client Secret`. + +
    +
    + +
    +
    + + +## Add new configuration + +In the Enteprise Registry `config.yaml`, add the following section: + +```yaml + +# For GitHub Enterprise building +GITHUB_TRIGGER_CONFIG: { + 'GITHUB_ENDPOINT': '(GITHUB ENTERPRISE ENDPOINT HERE)', + 'CLIENT_ID': '(CLIENT ID)', + 'CLIENT_SECRET': '(CLIENT SECRET)', +} + +# For GitHub.com building +GITHUB_TRIGGER_CONFIG: { + 'GITHUB_ENDPOINT': 'https://github.com/', + 'API_ENDPOINT': 'https://api.github.com/', + 'CLIENT_ID': '(CLIENT ID)', + 'CLIENT_SECRET': '(CLIENT SECRET)', +} +``` + From 84c0bea0dd243aa1169f92748ad9831c0d92d007 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Mon, 1 Dec 2014 15:48:25 -0500 Subject: [PATCH 0323/1291] enterprise-registry: more info about builds --- enterprise-registry/build-support/index.md | 46 ++++++++++++++-------- 1 file changed, 30 insertions(+), 16 deletions(-) diff --git a/enterprise-registry/build-support/index.md b/enterprise-registry/build-support/index.md index 1372a13bb..e7f6aae56 100644 --- a/enterprise-registry/build-support/index.md +++ b/enterprise-registry/build-support/index.md @@ -1,22 +1,22 @@ --- layout: docs -title: Dockerfile Build Setup +title: Automatically build Dockerfiles with Build Workers category: registry sub_category: setup forkurl: https://github.com/coreos/docs/blob/master/enterprise-registry/build-support/index.md weight: 5 --- -# Dockerfile Build Support +# Automatically build Dockerfiles with Build Workers -CoreOS Enterprise Registry supports building Dockerfiles using a set of worker nodes. +CoreOS Enterprise Registry supports building Dockerfiles using a set of worker nodes. Build triggers, such as Github webhooks, can be configured to automatically build new versions of your repositories when new code is committed. This document will walk you through enabling the feature flag and setting up multiple build workers to enable this feature. *Note:* This feature is currently in *beta*, so it may encounter issues every so often. Please report any issues encountered to support so we can fix it ASAP. -## Change the feature flag +## Enable the Feature Flag -In the Enteprise Registry `config.yaml`, change the following to enable build support: +By default, the feature flag to enable build workers is off. In the Enteprise Registry `config.yaml`, change the following to enable build support: ```yaml FEATURE_BUILD_SUPPORT: false @@ -28,17 +28,26 @@ to FEATURE_BUILD_SUPPORT: true ``` -## Update and Restart Enterprise Registry +### Update and Restart Enterprise Registry -Pull the latest Enterprise Registry image and restart the CoreOS Enterprise Registry to enable building. +If you're running an older version of the Enterprise Registry container, pull down a new copy: -## Setup the build worker(s) +```sh +docker pull quay.io/coreos/registry +``` + +During the Enterprise Registry set up process, you were provided credentials to access this image. If your server has these configured, they will be used. If you get an authentication error, you may need to [set up the]({{site.url}}/docs/enterprise-registry/initial-setup/) `.dockercfg` file again. + +To apply the new configuration, restart the container running the registry. -Select one (or more) machines to be used as your build workers. The machines must have Docker installed and must -not be used for any other work. The following procedure needs to be done everytime a new worker needs to be +## Setup the Build Workers + +One or more build workers will communicate with the main registry container to build new containers when triggered. The machines must have Docker installed and must not be used for any other work. The following procedure needs to be done everytime a new worker needs to be added, but it can be automated fairly easily. -### Download the Build Worker image +### Pull the Build Worker Image + +Just like above, pull down the latest copy of the build worker container: ```sh docker pull quay.io/coreos/registry-build-worker:latest @@ -46,15 +55,20 @@ docker pull quay.io/coreos/registry-build-worker:latest ### Run the Build Worker image -`docker run` the image, with `SERVER` being a *websocket URL* to your Enterprise Registry install. For example, -if your Enterprise Registry is located at `somehost.com`, then the `SERVER` will be: +Run this container on each build worker. Since the worker will be orchestrating docker builds, we need to mount in the docker socket. This orchestration will use a large amount of CPU and need to manipulate the docker images on disk — we recommend that dedicated machines be used for this task. + +Use the environment variable `SERVER` to tell the worker how to communitate with the primary Enterprise Registry container. A websocket is used as a data channel, and it was configured when we changed the feature flag above. + +| Security | Websocket Address | +|----------|-------------------| +| Using SSL | ```wss://somehost.com``` | +| Without SSL | ```ws://somehost.com``` -- If SSL is being used: ```wss://somehost.com``` -- If SSL is *not* being used: ```ws://somehost.com``` +Here's what the full command looks like: ```sh docker run --restart on-failure -e SERVER=wss://myenterprise.host -v /var/run/docker.sock:/var/run/docker.sock quay.io/coreos/registry-build-worker:latest ``` -The build worker should auto-register with the Enterprise Registry and start building once a job has been queued. +When the container starts, each build worker will auto-register with the Enterprise Registry and start building containers once a job triggered and it is assigned to a worker. From 2a478780ce626faeadc57afb01875ce10c18367b Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Mon, 1 Dec 2014 16:36:57 -0500 Subject: [PATCH 0324/1291] enterprise-registry: add buider diagram --- enterprise-registry/build-support/index.md | 10 ++++++---- enterprise-registry/build-support/workers.png | Bin 0 -> 12224 bytes 2 files changed, 6 insertions(+), 4 deletions(-) create mode 100644 enterprise-registry/build-support/workers.png diff --git a/enterprise-registry/build-support/index.md b/enterprise-registry/build-support/index.md index e7f6aae56..b8135aff1 100644 --- a/enterprise-registry/build-support/index.md +++ b/enterprise-registry/build-support/index.md @@ -9,14 +9,16 @@ weight: 5 # Automatically build Dockerfiles with Build Workers -CoreOS Enterprise Registry supports building Dockerfiles using a set of worker nodes. Build triggers, such as Github webhooks, can be configured to automatically build new versions of your repositories when new code is committed. This document will walk you through enabling the feature flag and setting up multiple build workers to enable this feature. +CoreOS Enterprise Registry supports building Dockerfiles using a set of worker nodes. Build triggers, such as GitHub webhooks, can be configured to automatically build new versions of your repositories when new code is committed. This document will walk you through enabling the feature flag and setting up multiple build workers to enable this feature. + +Enterprise Registry Build Workers *Note:* This feature is currently in *beta*, so it may encounter issues every so often. Please report any issues encountered to support so we can fix it ASAP. ## Enable the Feature Flag -By default, the feature flag to enable build workers is off. In the Enteprise Registry `config.yaml`, change the following to enable build support: +By default, the feature flag to enable build workers is off. In the Enterprise Registry `config.yaml`, change the following to enable build support: ```yaml FEATURE_BUILD_SUPPORT: false @@ -42,7 +44,7 @@ To apply the new configuration, restart the container running the registry. ## Setup the Build Workers -One or more build workers will communicate with the main registry container to build new containers when triggered. The machines must have Docker installed and must not be used for any other work. The following procedure needs to be done everytime a new worker needs to be +One or more build workers will communicate with the main registry container to build new containers when triggered. The machines must have Docker installed and must not be used for any other work. The following procedure needs to be done every time a new worker needs to be added, but it can be automated fairly easily. ### Pull the Build Worker Image @@ -57,7 +59,7 @@ docker pull quay.io/coreos/registry-build-worker:latest Run this container on each build worker. Since the worker will be orchestrating docker builds, we need to mount in the docker socket. This orchestration will use a large amount of CPU and need to manipulate the docker images on disk — we recommend that dedicated machines be used for this task. -Use the environment variable `SERVER` to tell the worker how to communitate with the primary Enterprise Registry container. A websocket is used as a data channel, and it was configured when we changed the feature flag above. +Use the environment variable `SERVER` to tell the worker how to communicate with the primary Enterprise Registry container. A websocket is used as a data channel, and it was configured when we changed the feature flag above. | Security | Websocket Address | |----------|-------------------| diff --git a/enterprise-registry/build-support/workers.png b/enterprise-registry/build-support/workers.png new file mode 100644 index 0000000000000000000000000000000000000000..2ffc85bf5d39dcd31e5550821271a6bde48213a3 GIT binary patch literal 12224 zcmdUVcTkjHv*wTl2_ga_k`zJmAQ>b|5XlH5Im3{1&Ot;F1SB&sBnd+X$r(g~WMPO7 zdB{2Ea9@6Vx3+HWw_nxPt^H%E8m8Ve{hrj_&vQ<9e^FJICBlD-4+4RRQ#@OyUJ*}N;yM~ zU9BAKpFynbpdc=8PA*O^UTN0CF+hO&PC(tk+||R_847x1=3oMS_SVW7>fzvQO zoqw&V;wuRB3?wK02I2|dp7C;oOa$%jI}mU@3$nfckpByZwjdWR`gn2jCnv4;*_VFE zW2!xD;kd6!&y?V-Lk!ETTi;mw__~4$zZ%l2n`*M{$4>pBikK{g$(blUQ%?Sd12&Mn zmy9pz`SY#O{i-6y(cNetd*sZ9Mr{siWBar~?akbA{@CfnYP!#^P>a#4u&^*q{1JT+ zNe@TJIykUjEMrK3?eaZ`pm;$ZJ$<@bepncSjFo{Sn2$R-U$Y_#u1x!+=eT*^r zHm^*3n}u5_B>Yn&&;^Bg_QTj2puf_89_%Br}@sSzA-K@ zkP-~4-4`VFKJFA0S!1X2l+YNZMcibmJuZT(2@PVM563PV!_t?~{aEp7vWDicLgVZ8 zDq~1^-NvK-Tk-oVw`~!UpXkaHp?qlSX*vDW8oS1UisBF+(M+YVb4AKTtk6XqIo6Ym zZ8Fxy!qkO}0owTIAMH>BiBM5H7##<2U}U|DAmzCy!6p zx6h4!SE=_e%@fbf^1Mfy9}#8D2O40I@YMwi8pF1(LIdaChI~*t+f*bVQ_T;{w!gQ@ z?*qB_Y!QMx|E8}3WN^>^*y!*>|Bh9=#=GMHUG5 zVlCo|+H>HlW5aZLwPmVaJePH!Ud}6Ry*5h`W{3Kf2(4bM@`GTYeo?8D4&b_D9oN_i z$U2}t*}YZE$7|D`$848m5MftTas1KrtydDpA5w-HVEb~r>)gDo%B~Tm=bSG8PUHb~ z1^cFxOSR=S*+j-8b+KvwxPn34mLQjlQzNa$fsz`#+xE*5Z`myRGkB4BTtNiac3s)j zr79OuOzDd@x<=d>J5*~q`zGbQRA0qg#|I7FXuCda*=VSCs2$3kQ(+FL$yi(CzVfBK zD^-L=KjVHTRC@uz`JycYRWp;=ab?_B@fed+H}Uw?d{*OGwp1tLP1WHLx!gteZb_~i&S|Mr{tT|3kXV~RKx6cWH13my)Njn$EV@Hfz<_wn|-*u%=)$6cXi>19ZG2f6LaYxt$6 zp7vvl82G=W=}HFh%{z+p$D?x%c_+6yI;N z7=0_4qCzkdPj@Z7uS%%9_e4lcGYReb127hzq=O^#3gg~eL6Y^q*Y z+4-aLod`ZT$$q?~jI>CuDhY`S3*`TYre%VA!Rz2)v#kr0?D2zQvoba(iSCl&zEg*%VB%2^>)%WQMMvZQs(=$p;5qSm0#Nl zZ@f&!H$bx;tA`jy+T(m}sm7J1KkP0&E{flA1O45%Mfnp+Am)de~6r{)LT+p$r!!aWPO*8rXXL5(hH~1nTVUv;u$0372I2)wI`6 zP*qjc0j~|Xz0n3oo@$in;4F3R(*IzAaK}^N>N_}a9v>f9RaZk5IV`R(j@Q8-bCM+) zL)|<)5RG`GA_u=;{L}Q*y7JF>iSAUj4F&E4>dcmwbU;rP)?=*h+keS*%qL3qrvq-U zL3jU(b!)*U{uUM%mNS5ivf#4w=?|NU(y;TLqqXB&`1!_+xKI}3DIB+22U z1a%K$|^h&BjUUPF=szZwqFA*He z4VWx1KmW*|KW)R=vQt%7q@c*i$Sl93larCz*};qBO)E=FJf*o>2fFTPItx^d9lLJL z*OL=>9UUD(?<3~9%h}UMrF8bd46bfYTM@arA;6G2y1G(_u`CF)Orux%8RZ$-ve8kv z$ltrCxEy^cdzHXq|8N6qA<{|YGuH2`_!upAVYznv!?gQjA`~Z@M)>iMX}j8)$3OJW z{IgFbJU#l_)_NdsP*;{@&zW=*wk9t8vKV0#fG^*Z(DM%u) z%x~Mq_HWgfnMRM$73j#aqg+(!%@XA)h{)k#S|PeSS|xeKKwGEMe4wgETThSLddbet z?l=b?OAE|mY-&nq!J;q`tdIY&L2b#});6c4B$C3=m&?T4!NFk!HCyLox|Vo3IH=5T z_gC7@?KoaV?mK5NRu$GsXom3ReoxeS%pzv}2##BkfH*QXxTMFPezzwmubiS`yHCf9wSNJ!lQni!Y?`Hnq7mronwpyX*Nuwiz@)v!n4(!A6%b%!0C%`^->g#1 zbnlIV_$`~=+2*a8Mu7sTu&}U|jZNQgf0G07uYq9t0Q_Y5GxQ z_1DXI$7c`2@~sGoiFrgssDCIwdx$5RzXqnl!$T%PVmKfxRDE1WEO zKLf}VYgc|AAJ+hSu>#EM`*+~fS~CpTyEiu_{Et&#VGLoVYJ+gkKvjmThi}@u;;0Nd zzoX$WWkm2#qdnBzjr(3)#+6xz^KhDS<7S$u4?piVLj2mQKdR=JVZcFL2K>+SYBmE4 z6yWxe^#-mMGe0wt3&(d}?sB=F6IB*>IlQit=-mBNyWW|x_2#&2s?o!tqt;tjm&)+= zV&cX4RFjvBbeY}G9_0dG(pZru)0QR6Lp;Zg(E^qvp@(>TOK~c16>Tgn!`7sGMUO8w zG+SRUZ!4Iq=9{schARS!Y;JBQiLA1x>gE{|`PJaIDJf1Ye)UR1TE&@)-!{2?Tl%`+ z9`Jw(!+^98MH)(0j%8XeKy^t4GbeCO123FsxkL)_p2#%@Uo?Rk73hupiOlx93Axt5Pcqp>*cIJ`+v* z>^95kKX#|G<$LRVqMmOC^V}v%6>x~E3s*BR7@TeP@!BXrcpi^wV$|(-Q85*_`kdMW zgwP4l&z|TNZG=ne_^wpn0mfv#w8UD!Mhc3uBswxmj63DJdzR zM7!$WK02gFq$;2X%86q_fb1nCSy~rsjkmKY0Y_;9Em_dIAJUCmg zoO@51Dy0zO?+^Bmx|>Pt^MXGrh5As6P^}#?2^AK+)4|>7O_YdPVsVrCZyp^Xe;dU1 z&bcf5VgcUFYs8EF$$jiXF!-sTeXWre&t`Cb z-?Q30=ZGUUq)voha~i2k=BP~7TpO;lMk|8Vty!(rW0KkXDgx==D&1tkz>kt7WnRAG zi>Jei$TsJ==Wn|b(E%K?@e-l>SXUq|Ye96Xa*^6@!OQj?q?8tb!>VNdF8pO*zBd2%L~^F?VpOd6Qd*%>c=_; zP1wp*?J->$UG|zcnHM!m11?eW=K7V>uPbLe+gx6gKT^$K;vfZyV}NmA2R0(SO;fdR z>??1U+f>Nd0rHhvX}c9G2d#AqEl=^B>->Nnx7gNHg3ek#GPbfn4!#P_8{(8=KfuUP zK8a_dt-L`DoRnf4d?;Vy43VehimbT(sGhxs+ro{MaDr|7cG`Mi>~S`*#%GYRdbLx} z-xBKKyJFfj;gcmz%|5NXRtO5vC|{xjUVVjoq9BNS(b$&M^Z@vAC#l~bjANiyzC;ls zAH`EUQVU8DJWcTB8k?a=-VPYvDtlx(%yE4#l@ePLxO^!)^DHS9=((Nu0!7F^c&COCKI$1wa;Ee~&Vt$-MDRhFNPnEpnZwRn1&>S9c%Zj8BnyTI$+ zf;9^DCSpusaiCE?7Y|1U!%Oj@^>94$`5%g?(7D}=)WVO+{9$QrYV&^Zw^I}9)vXZj z?Q+GoFK0dxsjz&yNwVvgT`?3-*|wP^!L^4A=Z`Obz5J!S zX8RV1Dm;LXHlV#H#lKzfTw;)Mn;rBteb0cCw9E@zkM+OymHXMWzS^AEp@vX z^trvpuj{I@-Hw9mc83p1cW`-~<@5x!=yp zRi$J@t~dcyS_#Jjxb^~}EG*m3`>}|D){>R^mX?A7E1|%--MMhmCw3quC8dO&E?`)E z7suUu_e@90Xl<;moioTSPcE-Rul;XJ0EyPHbc$@?lJ_|;FK@>a3M@Wl^Yk(UL>pbI zq$E3Ov`*mk7O#m%v-PJPYSuw}JW>!tCzyx%Dg!ugA!^NHi@)X<@bdAwVKL@CE`PuT z5i>S-0M(=h*eHUi@6Ceb7j2yd%G+%{8s~QDfMHdn@>g6Ktj{$v#Ri)msob#A!Z9LN=71`xt0T+jb_05-mo$@g-canR z0Sz;9wng}Yct+MN1OBbIZ(PD%>tS>@=cP{$zl-jiUV0=uE9NSyKQ=8tYC7-Yw_^|Z zNSeQsxhJG6)yGKrUY)B3U8U4yZLr(1{==3y(8_G);cOR)|I~Pz{nPiY_#&&Pmu$Zh z9Xbo3uBpr8p&S9?%4mB5)u;RprLbt0Uo$Urc8&lGB#kd1K=@hcm=GnVbKcFq>|V$a zH;jz+_JJ=xlVZDJ?Pm@bMrBjWKf9;I=uumccVPFGf51b;02+L{LA+N1yUEg~ga7R% zHSQDm#L>!YJ4lS|> zxGzG^XJW9B?wid}?JVNoK!m_={o-r#)7}U0r+rrN=Q@YnmgxK9iAa_>YgR9Z*TK1~ z1Vs25qGYU;CNKZ;b=z5dFvX^%n z@JrR%mmzo4L)8R8wa1eL=|(wWx))=UY4>?xV1(6`*NXD6c za0c6SC~tob#i!22l02SF5G4M*GUg{%?|O)$3v_@5yA@p8Djm6Iif)Z&W9D-omSW$q z*!si`2pgX){PMb(^waT_q*R=z#waD+?0sfmAIFk$|2q-jSYkX59u*F1uW=QIC;(ID z>1T#apWvUOUT+yUYaug!xi*>QiQ3(WDndLkeyqR@X8Z{tFx)eDtc-BY&sOom#^>#{ zg0{-;hTkavQ%(LnB?XWLk;v5kBeMqbcU5Jqa52T{jBX|tsqc15MZUnGE*Oe*9QVs! zLPw0&&n1J~5ffh}JAESzW0sDH6c=2df7Zy%D<~)s+F&xLe9416fL#wR`=%-=!UVOv zTmEG3t)n}~GAtB-t+>On#8~!!x{r<@DSZ7o!eeiX*0Xr+-9XATIrC;=cX+I3G{s5E4sh7uHr7LD zgwI||z|1;ohK;Wa{XW%81m*?Iymry|614Te<}^(6Gp>_lHd|Lso}L);o=Yff+`5;;n^8B~@COx?d zy(Y=TJ4J#)&SC7t@p_L=ivK)^w+b?(+4;gaDUt$oy)-XiT*DI(T{eH^H;qUg z8;m@`|K9}x#$k~6~wuKaeo&wZ>^ zJ%J0R`7?_DRJ0ozE0T;~s{w_xMAKjk*YBU(d@$&tbgppdkwB@MuP7x(2;c-SbJHmq zt2!X)O*Hu1OJHOCa?AY2UtsY{)W-2%NbQJDKKo-5)}Ka>Y^W#6QA_|>D*odGL5SiDU4lWQS;X+G zr`$5ezXIT0=hW5t`}`_WGQqhKn!L<-D zLqp>yF||d;RQ>U%k)@|7kXD=G6f3u#s=%pK&H0+d_JYiNdu=$|DLR71cd%kW0tnl* zqv>H7fBUR$Y+Ux^$WA>r*4BQ1d6*C{e^U1wX38{$rY{5H7!1e%HXrw2Qgj7o_Q(u! zi_oF{ohgt$mMI~27bPWu^UrBad;(u~Fq_#_`=gb|tXPb#W@x9FanKPG?3@NVw6;B}D8)y6i4GI5ks4^F3^w=q{Or>?~Lw9qg?A=b}AoNl=Gg`>uK{Pu@$XUETrJOH%$%v68BE3*8Jdj zxxA4pQK1W_p{RVyI<$TJO$zb(Y*ROJFXrGorQPO^4O@MQJI3urBkcn>qW#qg&Kwhi ziz0t|^#q&l&f?J+@6Ut#wLZ$+{IpB^sHDNONEiL8%&^ubD=rES=EeGJ1SMr(?u{eE z#PWs{7hBfB^bK+p694Dy{_fCm`082R<_134K(%A#B6G2My6 zZvg!ZP4o4qL?@~EP@zuUl|0cP`93M!#(``qbM?8p%I^4QJk{}oL#WpwSmMb+4BzmY3w_iB* z#f1eZzjVZ@{4-a3k>6Lb>mT-kw@fc*!N6YEt;be`nMIyVEmJsZL$_?MiKpxE9C!3Y ze62lopd|ZhVl))#q4E#$6ww9mP9w3H{8WrYCg(sPVxqfRfRpGhKP&+~^%%(J@w6n} z3sYp#EKacZ;?(M)QgYsD=kV|_SMIV4uhN_0iPDp@p#|v);=ew zX`vEWdc#Gl^8rWjLv7)?OtBVsbRk2Asi3If+hq|^0*3V@VEPuiHv__0)K^AfqG{J~ zN_W~yf1~B^pEf(a(Rv>a3F?7`$Yoe1_y1WF%;gb`CWjUHihxB>&e~2Gjlvg_4%8hE zubh=my2c=6mAMNqkp5`U>@E$|31-b2D|YUw=lPhGEwMj)d2r(oO|XEz8o!kr`o@pxwDYLwT{klEg(%x_a&+o=8B@V}q+A>$GR8elxd)Iyl)4{{VNG!ow z(l%Tm2vOBni>7B}(x56W2-EGP!uwiTe~lfSjUI)Ng+7J1H3~dv6XW_#LvBaOe|;smp*Og(b-x@vVBdxkD79Fl-i6;USIeT;rce3@bO5uLaXs*{HtI(T zJTOwRpi9UN(R)20+b?5&hc8xEj*}zhypS4w#}iY0MVCO&?*it+SiWrn{-_clk55o% zZ^fc=vlV=wSSo>>!tGIiy^tv7E4+WeSNMH!#a;8YH{Je-2i5ZUGF>F zxB6a4(T3%ygJ~%$Z^l{*y~PCltG;SJNL%R1@M|NFSgkPW(JR&AjwV>?+U+oRbcLJF zyr353`Ymknw!W?@Om-8jwk_=}d8e%@mtktUO-;z3y&uk7r}u=My+37Ksc?3Nh&@ht zT#;$^K*q)QYcww96B>la8FljuG&?iPe01T;K0;G3^HmHyj;&ipM?uwqI~3L5tYnIQ zBSuY)zMg$QNSI;jD)O5;Bl?^Xhn=0n%t`zCGIA?Qg(3Bh^KP_w?#L8o*b#d!5 z3I79t9MvxI!8oqeQ6$_H7=!!}pM}G@D|DTT5+UvwW!Nm*w*Hd~T%Vb&z{$RH0wrM1 zSnB<>#012Tg#Q)m>X8bK^7W_E5$;FQHTP9h44{LkC}c!xIM0=`Vi5+LYiLBk8oD9( zux?04FjpZ)Q)6Jcx3J!}F7G3agZtrL^elAy1NpRnJ?#=%h`fQf{cR}qYrYP{xeBu` z^yMsoueD>~dBcE-Us}yv(jQ2Ir)1s6MMijBqgrQNVt?#Ei=Jz7?Fw3KuzW)j z;Ds~+>!^0PT&nPJN5-5ncrZf_egjYH>hC4dOid10Ea_-;X%SnU=Npn#)Lgd3n%-gp z0}~K<>-aa^3RB36#r5|u&cI^2SAY6>YQ5Iuj#r&x(HHVNax0wT--`S~ludwm=brrT zZ=n;{li{N;o&B7!8;^IIw@+|Y9t@9(_d*jG0l0J+QHBZV=?ZQ8LGRO0I57|=_-+h{ zP;9SnAqtDb`X~|=eW-?Zga=w_#HhILjJ&lWmvy18tzN!c#`pDgk1pltMQH0!fw4TkA4J7vFF%+mbkeVi(?mx}hRd+tDF#z! z5eW2`3n&u~uFXf2GtXW3Gpf(N)x5P7tNIa^h0LHn`G-+OuAN*|PGnE^3^YWJg`ok5 zgCGDv_XafQQeSmN0;Lr4QLm@O@x?L_wf)4{gEH7sz%o-&D&_Up(*4Vg7u{zA!h<-$ zw>wYG(Zta%drRLemSg&Jfc}q9U~OL=ei?GNew)h>xoxOqYU`q-T?LL*lz8y$;}TjB zzn(gYi=TihXeEivQFj}2OyeL>l2JB|hSuVS@ZRYxupV;|;Xf?;`~C5vzQ)e~Vo}4y ze^_)*&YK0|JX*j1><}^a{9q^B&vp(aWAz>b;EKoZ(P96SLVb*A>xL;QcUQYFg#IDX zn5}I71Zr|@Or)pIBoUdTH6zodEP7n}Zcg}7J^dU2;IqPzN1+cbu}91JD^#kLl-i-AexDK zz!w+4-#|NYM25@bfpbz_G5w8;cz1*B*-ZLtyWKwYzt5?+T8 z1FVj}Hp2)&$CU6zRVj8)3TDvBmpArjzmMq1zinj$S>1f|vVBRkC zh%gPE#)F~33ON8u7F0^KxH-QcZmMIMrr*PFOCJZjG<4t9LNup+yz z>r>Z=`kh5JG4CJ&Qv$gYAhk*yPxjbxW<)LhY6_Q>_7OW9c#l_gFcR16VgkX;!J6q0 zYj7Hn1;YKR^TFbc4Iew9AtDalEuXd$ZUvnad8Af7EkBTVy7;opB$)vgPg_5s^SkLg z=8e4r1;9&;2FCdJFws}@ZK19w*p>|}`=%JNjX)GW$1*Cqv8*HqP`&W%)`He4-W%f2 zqBo9?UmaRcFaVv3lsl6UD2zdphK?qNcyeWMe1Yr73GMExu#d9yvCJWG{13Onc>@56 zzk5|QaDwu^Krc_1vWb3_WOOJgOdpD*<3J}!S$G~;&^dN4)&roDRFv3{{#d^+?D3SE zW)&C`SDEl&5cVDn=3E?Zh=2&kJoI~Xp!MG(ulq+|9`-7%IHpo|y4Z^R4h=TFvpd*= z%hxDe82XT_H7776Hw3ux<@lz|K;->Z^WS}H$D{+!%s~-SShsXY1&CS24XF?rS zc1r+>{3UeKN_vnhg+$&U#nJa9S`rc<=k;&uMgPnF^#52@`hO|KE1880B(@qNp7CU2 z95>~r{EK4MyZnNU{pcowqfbY?=O7^wN~7%8v$zv5av%rf9dlxU(mIYl{Lj~fx`|^V zodfV6>^8EKo8Cs93_yNKvxB)WDu4T7kw_k#fmtH1q<*Zo$XjIL1r5y^F9fuZX zQm$u-I+>x3Hzh9b@-zOJjXn90-%cnHC@Q4gQgM#oQSW(HW9OlpSWUhvVSn!xM&+33 zw}GEGVL-vBdG!zwLitm(U5DT`PrD2PACmUjXVPySTLfAJmVH(#!j0;fya^WM%Pd(4 zGF5iDp<%|M#jNSlI@K@&>O)mz?V|IoNNb>|lX6%K=A=E!-2*{dOPP0~;OoVFB2x4G4(ig*H-xe0+%)Lm2)@M25 z46dtIhN2vZ=klQ1C4#ul?4p9WN5=EY^J4QK1}EU-^P>iOOy6soX#~x*$D7JQ^*}|a zr`;>2z{Ym#Crp85^?YP~6%B!iK-}zFC}vK3&9?49(~8_24vg<^6oodLl~wS3*4jPf zIyYZXZ2q@!j|(j2$gJ5Cnq;HNFY3QAR*%+d_iOB|g+&DsI;Hm!BIehIpw?=;Mh;(} zHlR>6G4;)Qzt%NO}6iwBKP$~&Ko#`(?}pK(hK-B6NTcfg@^+t4;jJWQEfLA2;g$rx(dx+N5BP zIQCutKJicLQclgEkTt_kt9yCc3laq@r12B(>C3Iswe+#-0JkMzVb#~OS_EEsgk}GD5eL=$tX*gN*aCq4}O&jkpKVy literal 0 HcmV?d00001 From 50ae079adb2bad30a08c7bc73765fd5fa15601a1 Mon Sep 17 00:00:00 2001 From: Jimmy Zelinskie Date: Wed, 3 Dec 2014 13:22:09 -0800 Subject: [PATCH 0325/1291] Warn about repo access for build worker repo. --- enterprise-registry/build-support/index.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/enterprise-registry/build-support/index.md b/enterprise-registry/build-support/index.md index b8135aff1..529ceab14 100644 --- a/enterprise-registry/build-support/index.md +++ b/enterprise-registry/build-support/index.md @@ -49,7 +49,8 @@ added, but it can be automated fairly easily. ### Pull the Build Worker Image -Just like above, pull down the latest copy of the build worker container: +The build worker is currently in beta. To gain access to its repository, please contact support. +Once given access, pull down the latest copy of the image just like any other: ```sh docker pull quay.io/coreos/registry-build-worker:latest From 8d2abb2573dc875f29b725a2052fd04cdf262a23 Mon Sep 17 00:00:00 2001 From: Alex Crawford Date: Wed, 3 Dec 2014 18:48:49 -0800 Subject: [PATCH 0326/1291] Add stable channel to Azure docs --- running-coreos/cloud-providers/azure/index.md | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/running-coreos/cloud-providers/azure/index.md b/running-coreos/cloud-providers/azure/index.md index 90bbc4b33..0eb9410c7 100644 --- a/running-coreos/cloud-providers/azure/index.md +++ b/running-coreos/cloud-providers/azure/index.md @@ -21,8 +21,8 @@ The following command will create a single instance. For more details, check out
    @@ -32,16 +32,17 @@ The following command will create a single instance. For more details, check out 
    azure vm create --custom-data=cloud-config.yaml --vm-size=Small --ssh=22 --ssh-cert=path/to/cert --no-ssh-password --vm-name=node-1 --location="West US" my-cloud-service 2b171e93f07c4903bcad35bda10acf22__CoreOS-Alpha-{{site.alpha-channel}} core
    -
    +

    The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.beta-channel}}.

    azure vm create --custom-data=cloud-config.yaml --vm-size=Small --ssh=22 --ssh-cert=path/to/cert --no-ssh-password --vm-name=node-1 --location="West US" my-cloud-service 2b171e93f07c4903bcad35bda10acf22__CoreOS-Beta-{{site.beta-channel}} core
    -
    +
    -

    CoreOS on Azure is new! There haven't been any stable images yet.

    -

    Alpha images can be switched to the stable channel.

    +
    +

    The Stable channel should be used by production clusters. Versions of CoreOS are battle-tested within the Beta and Alpha channels before being promoted. Current version is CoreOS {{site.data.beta-channel.do-version}}.

    + 
    azure vm create --custom-data=cloud-config.yaml --vm-size=Small --ssh=22 --ssh-cert=path/to/cert --no-ssh-password --vm-name=node-1 --location="West US" my-cloud-service 2b171e93f07c4903bcad35bda10acf22__CoreOS-Stable-{{site.beta-channel}} core
    From ff58e3e8d9f5b669d2e39b17ec9f5c919825a068 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Wed, 3 Dec 2014 18:57:05 -0800 Subject: [PATCH 0327/1291] azure: minor formatting and fix incorrect version number output --- running-coreos/cloud-providers/azure/index.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/running-coreos/cloud-providers/azure/index.md b/running-coreos/cloud-providers/azure/index.md index 0eb9410c7..f04d3d3c7 100644 --- a/running-coreos/cloud-providers/azure/index.md +++ b/running-coreos/cloud-providers/azure/index.md @@ -40,9 +40,8 @@ The following command will create a single instance. For more details, check out
    -
    -

    The Stable channel should be used by production clusters. Versions of CoreOS are battle-tested within the Beta and Alpha channels before being promoted. Current version is CoreOS {{site.data.beta-channel.do-version}}.

    - 
    azure vm create --custom-data=cloud-config.yaml --vm-size=Small --ssh=22 --ssh-cert=path/to/cert --no-ssh-password --vm-name=node-1 --location="West US" my-cloud-service 2b171e93f07c4903bcad35bda10acf22__CoreOS-Stable-{{site.beta-channel}} core
    +

    The Stable channel should be used by production clusters. Versions of CoreOS are battle-tested within the Beta and Alpha channels before being promoted. Current version is CoreOS {{site.stable-channel}}.

    + 
    azure vm create --custom-data=cloud-config.yaml --vm-size=Small --ssh=22 --ssh-cert=path/to/cert --no-ssh-password --vm-name=node-1 --location="West US" my-cloud-service 2b171e93f07c4903bcad35bda10acf22__CoreOS-Stable-{{site.stable-channel}} core
    From a82a1208199353ac52e12f5992c6280cf7197d7b Mon Sep 17 00:00:00 2001 From: Joseph Schorr Date: Thu, 4 Dec 2014 00:29:48 -0500 Subject: [PATCH 0328/1291] Address comments --- enterprise-registry/github-build/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/enterprise-registry/github-build/index.md b/enterprise-registry/github-build/index.md index 416e9cd9d..c8bde754b 100644 --- a/enterprise-registry/github-build/index.md +++ b/enterprise-registry/github-build/index.md @@ -14,7 +14,7 @@ images. ## Initial Setup -If you have not yet done so, please enable build support in the Enterprise Registry. +If you have not yet done so, please enable build support in the Enterprise Registry. ## Create an OAuth Application in GitHub From 1342f6461c4a33db546374576430a94c60ea7c53 Mon Sep 17 00:00:00 2001 From: "Patrick M. Slattery" Date: Thu, 4 Dec 2014 14:16:24 -0500 Subject: [PATCH 0329/1291] Add LDAP settings used for Active Directory --- enterprise-registry/initial-setup/index.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/enterprise-registry/initial-setup/index.md b/enterprise-registry/initial-setup/index.md index d414bd9ec..9c260e67d 100644 --- a/enterprise-registry/initial-setup/index.md +++ b/enterprise-registry/initial-setup/index.md @@ -153,6 +153,16 @@ DISTRIBUTED_STORAGE_CONFIG: # LDAP_UID_ATTR: 'uid' # LDAP_USER_RDN: ['ou=People'] +# If Active Directory is used for LDAP services. +# AUTHENTICATION_TYPE: 'LDAP' +# LDAP_URI: 'ldap://globalcatalog.dev.company.com:3268' +# LDAP_ADMIN_DN: 'cn=service_user,ou=serviceaccounts,dc=dev,dc=company,dc=com' +# LDAP_ADMIN_PASSWD: 'secret' +# LDAP_BASE_DN: ['dc=dev','dc=company','dc=com'] +# LDAP_EMAIL_ATTR: 'mail' +# LDAP_UID_ATTR: 'sAMAccountName' +# LDAP_USER_RDN: ['cn=Users'] + # Where user files (uploaded build packs, other binary data) # are stored. Must match a key under DISTRIBUTED_STORAGE_CONFIG. USERFILES_LOCATION: 'local' From 93be18cfe701c7ef94a328d8e1cc82b42ef0a39b Mon Sep 17 00:00:00 2001 From: "Patrick M. Slattery" Date: Thu, 4 Dec 2014 14:17:39 -0500 Subject: [PATCH 0330/1291] Remove duplicate value --- enterprise-registry/initial-setup/index.md | 1 - 1 file changed, 1 deletion(-) diff --git a/enterprise-registry/initial-setup/index.md b/enterprise-registry/initial-setup/index.md index 9c260e67d..fcd117283 100644 --- a/enterprise-registry/initial-setup/index.md +++ b/enterprise-registry/initial-setup/index.md @@ -154,7 +154,6 @@ DISTRIBUTED_STORAGE_CONFIG: # LDAP_USER_RDN: ['ou=People'] # If Active Directory is used for LDAP services. -# AUTHENTICATION_TYPE: 'LDAP' # LDAP_URI: 'ldap://globalcatalog.dev.company.com:3268' # LDAP_ADMIN_DN: 'cn=service_user,ou=serviceaccounts,dc=dev,dc=company,dc=com' # LDAP_ADMIN_PASSWD: 'secret' From de74e03419ea4ef57d19ab8502f341b4ef706614 Mon Sep 17 00:00:00 2001 From: "Patrick M. Slattery" Date: Thu, 4 Dec 2014 16:20:04 -0500 Subject: [PATCH 0331/1291] MySQL setup and LDAP debugging notes --- enterprise-registry/initial-setup/index.md | 55 ++++++++++++++++++++++ 1 file changed, 55 insertions(+) diff --git a/enterprise-registry/initial-setup/index.md b/enterprise-registry/initial-setup/index.md index fcd117283..f803b0bf9 100644 --- a/enterprise-registry/initial-setup/index.md +++ b/enterprise-registry/initial-setup/index.md @@ -29,6 +29,47 @@ Please have the url for the login and database available in the SQLAlchemy forma ### For Postgres: ```postgresql://:@/``` +### Setting up MySQL +If you don't have an existing MySQL system to host the Enterprise Registry database on then you can run the steps below to create a dedicated MySQL container using the Oracle MySQL verified Docker image from: https://registry.hub.docker.com/_/mysql/ +```shell +docker \ + pull \ + mysql:5.6; +``` + +Edit these values to your liking: +```shell +MYSQL_USER="ucoreos" +MYSQL_DATABASE="ent_reg_db" +MYSQL_CONTAINER_NAME="mysql" +``` +Do not edit these values: +(creates a 32 char password for the MySQL root user and the Enterprise Registery DB user) +```shell +MYSQL_ROOT_PASSWORD=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | sed 1q) +MYSQL_PASSWORD=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | sed 1q) +``` + +Start the MySQL container and create a new DB for the Enterprise registry: +```shell +docker \ + run \ + --detach \ + --env MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD} \ + --env MYSQL_USER=${MYSQL_USER} \ + --env MYSQL_PASSWORD=${MYSQL_PASSWORD} \ + --env MYSQL_DATABASE=${MYSQL_DATABASE} \ + --name ${MYSQL_CONTAINER_NAME} \ + --publish 3306:3306 \ + mysql:5.6; +``` +Wait about 30 seconds for the new DB to be created before testing the connection to the DB, the MySQL container will not respond during the initial DB creation process. + +Run the following command to output the DB URI for the MySQL database: +```shell +echo "DB_URI: 'mysql+pymysql://${MYSQL_USER}:${MYSQL_PASSWORD}@db/${MYSQL_DATABASE}'" +``` +Note: Using Percona v5.6 for the MySQL container is known to not work at this point in time. ## Setting up Redis @@ -224,3 +265,17 @@ Once the Enterprise Registry is running, new users can be created by clicking th ### If using LDAP authentication: Users should be able to login to the Enterprise Registry directly with their LDAP username and password. + +To aid in LDAP debugging you can tail the logs of the Enterprise Registry container from the Docker host as shown below: +``` shell +CONTAINER_ID=$(docker ps | grep "coreos/registry:latest" | awk '{print $1}') +LOG_LOCATION=$(docker inspect -f '{{ index .Volumes "/var/log" }}' ${CONTAINER_ID}) +tail -f ${LOG_LOCATION}/gunicorn_web/* ${LOG_LOCATION}/gunicorn_registry/* ${LOG_LOCATION}/gunicorn_verbs/* +``` + + From 37e878193b4eb39c9d7d2abe476c618e0e0abdb9 Mon Sep 17 00:00:00 2001 From: Joseph Schorr Date: Thu, 4 Dec 2014 23:50:22 +0100 Subject: [PATCH 0332/1291] Fix screenshots --- enterprise-registry/github-build/index.md | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/enterprise-registry/github-build/index.md b/enterprise-registry/github-build/index.md index c8bde754b..16613eccb 100644 --- a/enterprise-registry/github-build/index.md +++ b/enterprise-registry/github-build/index.md @@ -27,11 +27,7 @@ Enterprise Registry *for building* in GitHub or GitHub Enterprise. - Visit the applications page under your organization's settings and click "Register New Application". -
    -
    - -
    -
    +Register Application - Enter your registry's URL as the application URL @@ -40,11 +36,7 @@ Note: If using public GitHub, the URL entered must be accessible by *your users* - Enter `https://{REGISTRY URL HERE}/oauth2/github/callback` as the Authorization callback URL. - Create the application and note down the `Client ID` and `Client Secret`. -
    -
    - -
    -
    +View Application ## Add new configuration From 19391eb86d9c0724f36a0703812168c55a23338b Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 4 Dec 2014 15:36:54 -0800 Subject: [PATCH 0333/1291] enterprise-registry: cross-link --- enterprise-registry/build-support/index.md | 4 ++-- enterprise-registry/github-build/index.md | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/enterprise-registry/build-support/index.md b/enterprise-registry/build-support/index.md index ad98fcafd..f364d9f3d 100644 --- a/enterprise-registry/build-support/index.md +++ b/enterprise-registry/build-support/index.md @@ -1,6 +1,6 @@ --- layout: docs -title: Automatically build Dockerfiles with Build Workers +title: Automatically Build Dockerfiles category: registry sub_category: setup forkurl: https://github.com/coreos/docs/blob/master/enterprise-registry/build-support/index.md @@ -9,7 +9,7 @@ weight: 5 # Automatically build Dockerfiles with Build Workers -CoreOS Enterprise Registry supports building Dockerfiles using a set of worker nodes. Build triggers, such as GitHub webhooks, can be configured to automatically build new versions of your repositories when new code is committed. This document will walk you through enabling the feature flag and setting up multiple build workers to enable this feature. +CoreOS Enterprise Registry supports building Dockerfiles using a set of worker nodes. Build triggers, such as GitHub webhooks ([Setup Instructions]({{site.url}}/docs/enterprise-registry/github-build)), can be configured to automatically build new versions of your repositories when new code is committed. This document will walk you through enabling the feature flag and setting up multiple build workers to enable this feature. Enterprise Registry Build Workers diff --git a/enterprise-registry/github-build/index.md b/enterprise-registry/github-build/index.md index 16613eccb..d9df2fe7e 100644 --- a/enterprise-registry/github-build/index.md +++ b/enterprise-registry/github-build/index.md @@ -1,13 +1,13 @@ --- layout: docs -title: GitHub Build +title: Setup GitHub Build Triggers category: registry sub_category: setup forkurl: https://github.com/coreos/docs/blob/master/enterprise-registry/github-build/index.md weight: 5 --- -# GitHub Build +# Setup GitHub Build Triggers CoreOS Enterprise Registry supports using GitHub or GitHub Enterprise as a trigger to building images. @@ -21,7 +21,7 @@ If you have not yet done so, please Register New Application". From 019ca15be01a02b262eb472382c19e4f037dda09 Mon Sep 17 00:00:00 2001 From: "Patrick M. Slattery" Date: Fri, 5 Dec 2014 11:37:40 -0500 Subject: [PATCH 0334/1291] update "ucoreos" to "coreosuser" --- enterprise-registry/initial-setup/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/enterprise-registry/initial-setup/index.md b/enterprise-registry/initial-setup/index.md index f803b0bf9..5d408cbb7 100644 --- a/enterprise-registry/initial-setup/index.md +++ b/enterprise-registry/initial-setup/index.md @@ -39,7 +39,7 @@ docker \ Edit these values to your liking: ```shell -MYSQL_USER="ucoreos" +MYSQL_USER="coreosuser" MYSQL_DATABASE="ent_reg_db" MYSQL_CONTAINER_NAME="mysql" ``` From 1484223564b75ea408603fa5e54e647829d641d8 Mon Sep 17 00:00:00 2001 From: "Patrick M. Slattery" Date: Fri, 5 Dec 2014 11:39:36 -0500 Subject: [PATCH 0335/1291] services. -> services: --- enterprise-registry/initial-setup/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/enterprise-registry/initial-setup/index.md b/enterprise-registry/initial-setup/index.md index 5d408cbb7..f8cbcde67 100644 --- a/enterprise-registry/initial-setup/index.md +++ b/enterprise-registry/initial-setup/index.md @@ -194,7 +194,7 @@ DISTRIBUTED_STORAGE_CONFIG: # LDAP_UID_ATTR: 'uid' # LDAP_USER_RDN: ['ou=People'] -# If Active Directory is used for LDAP services. +# If Active Directory is used for LDAP services: # LDAP_URI: 'ldap://globalcatalog.dev.company.com:3268' # LDAP_ADMIN_DN: 'cn=service_user,ou=serviceaccounts,dc=dev,dc=company,dc=com' # LDAP_ADMIN_PASSWD: 'secret' From 998c32a247f48ca69f4a784d39ebcadf020a467a Mon Sep 17 00:00:00 2001 From: "Patrick M. Slattery" Date: Fri, 5 Dec 2014 11:48:54 -0500 Subject: [PATCH 0336/1291] Add mysql-container/index.md --- enterprise-registry/mysql-container/index.md | 41 ++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 enterprise-registry/mysql-container/index.md diff --git a/enterprise-registry/mysql-container/index.md b/enterprise-registry/mysql-container/index.md new file mode 100644 index 000000000..0b3858be9 --- /dev/null +++ b/enterprise-registry/mysql-container/index.md @@ -0,0 +1,41 @@ +### Using a dedicated MySQL Docker container +If you don't have an existing MySQL system to host the Enterprise Registry database on then you can run the steps below to create a dedicated MySQL container using the Oracle MySQL verified Docker image from: https://registry.hub.docker.com/_/mysql/ +```shell +docker \ + pull \ + mysql:5.6; +``` + +Edit these values to your liking: +```shell +MYSQL_USER="coreosuser" +MYSQL_DATABASE="ent_reg_db" +MYSQL_CONTAINER_NAME="mysql" +``` +Do not edit these values: +(creates a 32 char password for the MySQL root user and the Enterprise Registery DB user) +```shell +MYSQL_ROOT_PASSWORD=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | sed 1q) +MYSQL_PASSWORD=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | sed 1q) +``` + +Start the MySQL container and create a new DB for the Enterprise registry: +```shell +docker \ + run \ + --detach \ + --env MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD} \ + --env MYSQL_USER=${MYSQL_USER} \ + --env MYSQL_PASSWORD=${MYSQL_PASSWORD} \ + --env MYSQL_DATABASE=${MYSQL_DATABASE} \ + --name ${MYSQL_CONTAINER_NAME} \ + --publish 3306:3306 \ + mysql:5.6; +``` +Wait about 30 seconds for the new DB to be created before testing the connection to the DB, the MySQL container will not respond during the initial DB creation process. + +Run the following command to output the DB URI for the MySQL database: +```shell +echo "DB_URI: 'mysql+pymysql://${MYSQL_USER}:${MYSQL_PASSWORD}@db/${MYSQL_DATABASE}'" +``` +Note: Using Percona v5.6 for the MySQL container is known to not work at this point in time. From c2305d448ca9aef4d65ed641cb94e5da90ec8ef8 Mon Sep 17 00:00:00 2001 From: "Patrick M. Slattery" Date: Fri, 5 Dec 2014 11:59:14 -0500 Subject: [PATCH 0337/1291] Add link to "dedicated MySQL Docker container" doc --- enterprise-registry/initial-setup/index.md | 42 +--------------------- 1 file changed, 1 insertion(+), 41 deletions(-) diff --git a/enterprise-registry/initial-setup/index.md b/enterprise-registry/initial-setup/index.md index f8cbcde67..944bd1238 100644 --- a/enterprise-registry/initial-setup/index.md +++ b/enterprise-registry/initial-setup/index.md @@ -29,47 +29,7 @@ Please have the url for the login and database available in the SQLAlchemy forma ### For Postgres: ```postgresql://:@/``` -### Setting up MySQL -If you don't have an existing MySQL system to host the Enterprise Registry database on then you can run the steps below to create a dedicated MySQL container using the Oracle MySQL verified Docker image from: https://registry.hub.docker.com/_/mysql/ -```shell -docker \ - pull \ - mysql:5.6; -``` - -Edit these values to your liking: -```shell -MYSQL_USER="coreosuser" -MYSQL_DATABASE="ent_reg_db" -MYSQL_CONTAINER_NAME="mysql" -``` -Do not edit these values: -(creates a 32 char password for the MySQL root user and the Enterprise Registery DB user) -```shell -MYSQL_ROOT_PASSWORD=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | sed 1q) -MYSQL_PASSWORD=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | sed 1q) -``` - -Start the MySQL container and create a new DB for the Enterprise registry: -```shell -docker \ - run \ - --detach \ - --env MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD} \ - --env MYSQL_USER=${MYSQL_USER} \ - --env MYSQL_PASSWORD=${MYSQL_PASSWORD} \ - --env MYSQL_DATABASE=${MYSQL_DATABASE} \ - --name ${MYSQL_CONTAINER_NAME} \ - --publish 3306:3306 \ - mysql:5.6; -``` -Wait about 30 seconds for the new DB to be created before testing the connection to the DB, the MySQL container will not respond during the initial DB creation process. - -Run the following command to output the DB URI for the MySQL database: -```shell -echo "DB_URI: 'mysql+pymysql://${MYSQL_USER}:${MYSQL_PASSWORD}@db/${MYSQL_DATABASE}'" -``` -Note: Using Percona v5.6 for the MySQL container is known to not work at this point in time. +If you don't have an existing MySQL system to host the Enterprise Registry database on then you can run the steps in the [Using a dedicated MySQL Docker container]({{site.url}}/docs/enterprise-registry/mysql-container) document. ## Setting up Redis From a88892438571df0a39f76b679b1e2ed04ff4e5fb Mon Sep 17 00:00:00 2001 From: "Patrick M. Slattery" Date: Fri, 5 Dec 2014 12:01:14 -0500 Subject: [PATCH 0338/1291] Update DB name Update DB name from "ent_reg_db" to "enterpriseregistrydb" --- enterprise-registry/mysql-container/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/enterprise-registry/mysql-container/index.md b/enterprise-registry/mysql-container/index.md index 0b3858be9..6fad7cbef 100644 --- a/enterprise-registry/mysql-container/index.md +++ b/enterprise-registry/mysql-container/index.md @@ -9,7 +9,7 @@ docker \ Edit these values to your liking: ```shell MYSQL_USER="coreosuser" -MYSQL_DATABASE="ent_reg_db" +MYSQL_DATABASE="enterpriseregistrydb" MYSQL_CONTAINER_NAME="mysql" ``` Do not edit these values: From 092000076f62fe512cb01a94891d889517104b58 Mon Sep 17 00:00:00 2001 From: "Patrick M. Slattery" Date: Fri, 5 Dec 2014 12:16:52 -0500 Subject: [PATCH 0339/1291] Create provision_mysql.sh --- .../mysql-container/provision_mysql.sh | 39 +++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100644 enterprise-registry/mysql-container/provision_mysql.sh diff --git a/enterprise-registry/mysql-container/provision_mysql.sh b/enterprise-registry/mysql-container/provision_mysql.sh new file mode 100644 index 000000000..0f51bb6ac --- /dev/null +++ b/enterprise-registry/mysql-container/provision_mysql.sh @@ -0,0 +1,39 @@ +#!/bin/bash +# A simple shell script to provision a dedicated MySQL container for the CoreOS Enterprise Registery + +# Edit the following three values to your liking: +MYSQL_USER="coreosuser" +MYSQL_DATABASE="enterpriseregistrydb" +MYSQL_CONTAINER_NAME="mysql" + +# Do not edit these values: +# (creates a 32 char password for the MySQL root user and the Enterprise Registery DB user) +MYSQL_ROOT_PASSWORD=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | sed 1q) +MYSQL_PASSWORD=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | sed 1q) + +echo "Pull the Oracle MySQL verified Docker image from the public Docker registry:: +docker \ + pull \ + mysql:5.6; + +echo "Start the Oracle MySQL container:" +# It will provision a blank database for the Enterprise Registery upon first start. +# This initial provisioning can take up to 30 seconds. +docker \ + run \ + --detach \ + --env MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD} \ + --env MYSQL_USER=${MYSQL_USER} \ + --env MYSQL_PASSWORD=${MYSQL_PASSWORD} \ + --env MYSQL_DATABASE=${MYSQL_DATABASE} \ + --name ${MYSQL_CONTAINER_NAME} \ + --publish 3306:3306 \ + mysql:5.6; + +# Sleep for 30 seconds to allow time for the DB to be provisioned: +sleep 30 + +# Echo the DB_URL that needs to be entered into the config.yaml file +echo "DB_URI: 'mysql+pymysql://${MYSQL_USER}:${MYSQL_PASSWORD}@db/${MYSQL_DATABASE}'" + + From 5aee58b8002a91f209760efc359fbb816cdcdba7 Mon Sep 17 00:00:00 2001 From: "Patrick M. Slattery" Date: Fri, 5 Dec 2014 12:27:04 -0500 Subject: [PATCH 0340/1291] Updated with shell script download info --- enterprise-registry/mysql-container/index.md | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/enterprise-registry/mysql-container/index.md b/enterprise-registry/mysql-container/index.md index 6fad7cbef..92580dc2b 100644 --- a/enterprise-registry/mysql-container/index.md +++ b/enterprise-registry/mysql-container/index.md @@ -38,4 +38,15 @@ Run the following command to output the DB URI for the MySQL database: ```shell echo "DB_URI: 'mysql+pymysql://${MYSQL_USER}:${MYSQL_PASSWORD}@db/${MYSQL_DATABASE}'" ``` + +Alternatively you can download a simple shell script to perform the steps above: +```shell +curl --location {{site.url}}/docs/enterprise-registry/mysql-container/provision_mysql.sh -o /tmp/provision_mysql.sh -# +``` +Then run: +```shell +chmod -c +x /tmp/provision_mysql.sh +/tmp/provision_mysql.sh +``` + Note: Using Percona v5.6 for the MySQL container is known to not work at this point in time. From bb985b4124484ca3e4e1fe2109987a502f081220 Mon Sep 17 00:00:00 2001 From: "Patrick M. Slattery" Date: Fri, 5 Dec 2014 12:32:20 -0500 Subject: [PATCH 0341/1291] Create LDAP debugging file --- enterprise-registry/ldap-logging/index.md | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 enterprise-registry/ldap-logging/index.md diff --git a/enterprise-registry/ldap-logging/index.md b/enterprise-registry/ldap-logging/index.md new file mode 100644 index 000000000..87e01dd61 --- /dev/null +++ b/enterprise-registry/ldap-logging/index.md @@ -0,0 +1,16 @@ +--- +layout: docs +title: LDAP debugging +category: registry +forkurl: https://github.com/coreos/docs/blob/master/enterprise-registry/ldap-logging/index.md +weight: 5 +--- + +# LDAP debugging +To aid in LDAP debugging you can tail the logs of the Enterprise Registry container from the Docker host as shown below: + +```shell +CONTAINER_ID=$(docker ps | grep "coreos/registry:latest" | awk '{print $1}') +LOG_LOCATION=$(docker inspect -f '{{ index .Volumes "/var/log" }}' ${CONTAINER_ID}) +tail -f ${LOG_LOCATION}/gunicorn_web/* ${LOG_LOCATION}/gunicorn_registry/* ${LOG_LOCATION}/gunicorn_verbs/* +``` From 81654c8b04206de0550a78f5c72cdd151ddcd175 Mon Sep 17 00:00:00 2001 From: "Patrick M. Slattery" Date: Fri, 5 Dec 2014 12:33:55 -0500 Subject: [PATCH 0342/1291] Create tail_gunicorn_logs.sh --- enterprise-registry/ldap-logging/tail_gunicorn_logs.sh | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 enterprise-registry/ldap-logging/tail_gunicorn_logs.sh diff --git a/enterprise-registry/ldap-logging/tail_gunicorn_logs.sh b/enterprise-registry/ldap-logging/tail_gunicorn_logs.sh new file mode 100644 index 000000000..14c62179f --- /dev/null +++ b/enterprise-registry/ldap-logging/tail_gunicorn_logs.sh @@ -0,0 +1,6 @@ +#!/bin/bash +# A simple shell script to tail the gunicorn logs of the CoreOS Enterprise Registery container + +CONTAINER_ID=$(docker ps | grep "coreos/registry:latest" | awk '{print $1}') +LOG_LOCATION=$(docker inspect -f '{{ index .Volumes "/var/log" }}' ${CONTAINER_ID}) +tail -f ${LOG_LOCATION}/gunicorn_web/* ${LOG_LOCATION}/gunicorn_registry/* ${LOG_LOCATION}/gunicorn_verbs/* From c96ca565617dbff86f86ec839af6e848caa036c5 Mon Sep 17 00:00:00 2001 From: "Patrick M. Slattery" Date: Fri, 5 Dec 2014 12:38:13 -0500 Subject: [PATCH 0343/1291] Let the user know we are sleeping for 30 seconds --- enterprise-registry/mysql-container/provision_mysql.sh | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/enterprise-registry/mysql-container/provision_mysql.sh b/enterprise-registry/mysql-container/provision_mysql.sh index 0f51bb6ac..ed3369019 100644 --- a/enterprise-registry/mysql-container/provision_mysql.sh +++ b/enterprise-registry/mysql-container/provision_mysql.sh @@ -30,10 +30,8 @@ docker \ --publish 3306:3306 \ mysql:5.6; -# Sleep for 30 seconds to allow time for the DB to be provisioned: +echo "Sleeping for 30 seconds to allow time for the DB to be provisioned:" sleep 30 # Echo the DB_URL that needs to be entered into the config.yaml file echo "DB_URI: 'mysql+pymysql://${MYSQL_USER}:${MYSQL_PASSWORD}@db/${MYSQL_DATABASE}'" - - From 598b08a15fe721f8e57e693d52c387bafeed3b52 Mon Sep 17 00:00:00 2001 From: "Patrick M. Slattery" Date: Fri, 5 Dec 2014 12:41:11 -0500 Subject: [PATCH 0344/1291] To search for users across all OUs and CNs in AD To search for users across all OUs and CNs in AD simply leave the following line commented out: # LDAP_USER_RDN: ['cn=Users'] --- enterprise-registry/initial-setup/index.md | 1 + 1 file changed, 1 insertion(+) diff --git a/enterprise-registry/initial-setup/index.md b/enterprise-registry/initial-setup/index.md index 944bd1238..51052f65a 100644 --- a/enterprise-registry/initial-setup/index.md +++ b/enterprise-registry/initial-setup/index.md @@ -161,6 +161,7 @@ DISTRIBUTED_STORAGE_CONFIG: # LDAP_BASE_DN: ['dc=dev','dc=company','dc=com'] # LDAP_EMAIL_ATTR: 'mail' # LDAP_UID_ATTR: 'sAMAccountName' +# To search for users across all OUs and CNs in AD simply leave the following line commented out: # LDAP_USER_RDN: ['cn=Users'] # Where user files (uploaded build packs, other binary data) From 2c1031175f647dc3d5f4e63c79c87b2501dd85b3 Mon Sep 17 00:00:00 2001 From: "Patrick M. Slattery" Date: Fri, 5 Dec 2014 12:44:28 -0500 Subject: [PATCH 0345/1291] Download tail_gunicorn_logs.sh --- enterprise-registry/ldap-logging/index.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/enterprise-registry/ldap-logging/index.md b/enterprise-registry/ldap-logging/index.md index 87e01dd61..c1befbe84 100644 --- a/enterprise-registry/ldap-logging/index.md +++ b/enterprise-registry/ldap-logging/index.md @@ -14,3 +14,13 @@ CONTAINER_ID=$(docker ps | grep "coreos/registry:latest" | awk '{print $1}') LOG_LOCATION=$(docker inspect -f '{{ index .Volumes "/var/log" }}' ${CONTAINER_ID}) tail -f ${LOG_LOCATION}/gunicorn_web/* ${LOG_LOCATION}/gunicorn_registry/* ${LOG_LOCATION}/gunicorn_verbs/* ``` + +Alternatively you can download a simple shell script to perform the steps above: +```shell +curl --location {{site.url}}/docs/enterprise-registry/ldap-logging/tail_gunicorn_logs.sh -o /tmp/tail_gunicorn_logs.sh -# +``` +Then run: +```shell +chmod -c +x /tmp/tail_gunicorn_logs.sh +/tmp/tail_gunicorn_logs.sh +``` From f3a8ba00ecdcbbaf525b8c19df6bb6631e0819e8 Mon Sep 17 00:00:00 2001 From: "Patrick M. Slattery" Date: Fri, 5 Dec 2014 12:47:32 -0500 Subject: [PATCH 0346/1291] Link to LDAP debugging page --- enterprise-registry/initial-setup/index.md | 14 +------------- 1 file changed, 1 insertion(+), 13 deletions(-) diff --git a/enterprise-registry/initial-setup/index.md b/enterprise-registry/initial-setup/index.md index 51052f65a..e429e8f74 100644 --- a/enterprise-registry/initial-setup/index.md +++ b/enterprise-registry/initial-setup/index.md @@ -227,16 +227,4 @@ Once the Enterprise Registry is running, new users can be created by clicking th Users should be able to login to the Enterprise Registry directly with their LDAP username and password. -To aid in LDAP debugging you can tail the logs of the Enterprise Registry container from the Docker host as shown below: -``` shell -CONTAINER_ID=$(docker ps | grep "coreos/registry:latest" | awk '{print $1}') -LOG_LOCATION=$(docker inspect -f '{{ index .Volumes "/var/log" }}' ${CONTAINER_ID}) -tail -f ${LOG_LOCATION}/gunicorn_web/* ${LOG_LOCATION}/gunicorn_registry/* ${LOG_LOCATION}/gunicorn_verbs/* -``` - - +To aid in LDAP debugging you can [tail the logs of the Enterprise Registry container]({{site.url}}/docs/enterprise-registry/ldap-logging) from the Docker host. From 03a145dfd257f7aeeb84ea6a3a49d3354cfbb0f1 Mon Sep 17 00:00:00 2001 From: Joseph Schorr Date: Mon, 8 Dec 2014 19:46:44 +0200 Subject: [PATCH 0347/1291] Somehow the text about the feature flag got removed. Re-adding. --- enterprise-registry/github-build/index.md | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/enterprise-registry/github-build/index.md b/enterprise-registry/github-build/index.md index d9df2fe7e..b9902a4f1 100644 --- a/enterprise-registry/github-build/index.md +++ b/enterprise-registry/github-build/index.md @@ -38,6 +38,19 @@ Note: If using public GitHub, the URL entered must be accessible by *your users* View Application +## Change the feature flag + +Next, in the Enteprise Registry `config.yaml`, change the following to enable GitHub Build: + +```yaml +FEATURE_GITHUB_BUILD: false +``` + +to + +```yaml +FEATURE_GITHUB_BUILD: true +``` ## Add new configuration From bd7f3016aaf1fc0ac5c64a3527aa306265354325 Mon Sep 17 00:00:00 2001 From: "Patrick M. Slattery" Date: Thu, 11 Dec 2014 10:24:15 -0500 Subject: [PATCH 0348/1291] Generalize the doc --- enterprise-registry/ldap-logging/index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/enterprise-registry/ldap-logging/index.md b/enterprise-registry/ldap-logging/index.md index c1befbe84..6e20e43a7 100644 --- a/enterprise-registry/ldap-logging/index.md +++ b/enterprise-registry/ldap-logging/index.md @@ -6,8 +6,8 @@ forkurl: https://github.com/coreos/docs/blob/master/enterprise-registry/ldap-log weight: 5 --- -# LDAP debugging -To aid in LDAP debugging you can tail the logs of the Enterprise Registry container from the Docker host as shown below: +# Enterprise Registry log debugging +To aid in debugging issues such as LDAP configuration you can tail the logs of the Enterprise Registry container from the Docker host as shown below: ```shell CONTAINER_ID=$(docker ps | grep "coreos/registry:latest" | awk '{print $1}') From 0f2a6446be23d79a7a9d596a492362c9612a2fd7 Mon Sep 17 00:00:00 2001 From: "Patrick M. Slattery" Date: Thu, 11 Dec 2014 10:26:59 -0500 Subject: [PATCH 0349/1291] Rename directory --- enterprise-registry/{ldap-logging => log-debugging}/index.md | 0 .../{ldap-logging => log-debugging}/tail_gunicorn_logs.sh | 0 2 files changed, 0 insertions(+), 0 deletions(-) rename enterprise-registry/{ldap-logging => log-debugging}/index.md (100%) rename enterprise-registry/{ldap-logging => log-debugging}/tail_gunicorn_logs.sh (100%) diff --git a/enterprise-registry/ldap-logging/index.md b/enterprise-registry/log-debugging/index.md similarity index 100% rename from enterprise-registry/ldap-logging/index.md rename to enterprise-registry/log-debugging/index.md diff --git a/enterprise-registry/ldap-logging/tail_gunicorn_logs.sh b/enterprise-registry/log-debugging/tail_gunicorn_logs.sh similarity index 100% rename from enterprise-registry/ldap-logging/tail_gunicorn_logs.sh rename to enterprise-registry/log-debugging/tail_gunicorn_logs.sh From 5c559b752baf85c1eab1ae18f7c1e770b7fb12f7 Mon Sep 17 00:00:00 2001 From: "Patrick M. Slattery" Date: Thu, 11 Dec 2014 10:29:52 -0500 Subject: [PATCH 0350/1291] Update link to log-debugging folder --- enterprise-registry/initial-setup/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/enterprise-registry/initial-setup/index.md b/enterprise-registry/initial-setup/index.md index e429e8f74..61c10479b 100644 --- a/enterprise-registry/initial-setup/index.md +++ b/enterprise-registry/initial-setup/index.md @@ -227,4 +227,4 @@ Once the Enterprise Registry is running, new users can be created by clicking th Users should be able to login to the Enterprise Registry directly with their LDAP username and password. -To aid in LDAP debugging you can [tail the logs of the Enterprise Registry container]({{site.url}}/docs/enterprise-registry/ldap-logging) from the Docker host. +To aid in LDAP debugging you can [tail the logs of the Enterprise Registry container]({{site.url}}/docs/enterprise-registry/log-debugging) from the Docker host. From 0c686763e2b648c852f287f342397637c93e20f8 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 11 Dec 2014 16:54:45 -0800 Subject: [PATCH 0351/1291] enterprise-registry: fix formatting and other nits --- enterprise-registry/initial-setup/index.md | 12 ++++-- enterprise-registry/log-debugging/index.md | 17 +++++---- enterprise-registry/mysql-container/index.md | 40 +++++++++++++------- 3 files changed, 45 insertions(+), 24 deletions(-) diff --git a/enterprise-registry/initial-setup/index.md b/enterprise-registry/initial-setup/index.md index 61c10479b..1cbf1b0e4 100644 --- a/enterprise-registry/initial-setup/index.md +++ b/enterprise-registry/initial-setup/index.md @@ -19,17 +19,21 @@ CoreOS Enterprise Registry requires five components to operate successfully: ## Preparing the Database -A MySQL RDBMS or Postgres installation with an empty database is required, and a login with full access to said database. The schema will be created the first time the registry image is run. The database install can either be pre-existing or run on CoreOS via a Docker container. +A MySQL RDBMS or Postgres installation with an empty database is required, and a login with full access to said database. The schema will be created the first time the registry image is run. The database install can either be pre-existing or run on CoreOS via a [Docker container]({{site.url}}/docs/enterprise-registry/mysql-container). Please have the url for the login and database available in the SQLAlchemy format: ### For MySQL: -```mysql+pymysql://:@/``` + +``` +mysql+pymysql://:@/ +``` ### For Postgres: -```postgresql://:@/``` -If you don't have an existing MySQL system to host the Enterprise Registry database on then you can run the steps in the [Using a dedicated MySQL Docker container]({{site.url}}/docs/enterprise-registry/mysql-container) document. +``` +postgresql://:@/ +``` ## Setting up Redis diff --git a/enterprise-registry/log-debugging/index.md b/enterprise-registry/log-debugging/index.md index 6e20e43a7..38b25c402 100644 --- a/enterprise-registry/log-debugging/index.md +++ b/enterprise-registry/log-debugging/index.md @@ -1,26 +1,29 @@ --- layout: docs -title: LDAP debugging +title: Enterprise Registry Log debugging category: registry -forkurl: https://github.com/coreos/docs/blob/master/enterprise-registry/ldap-logging/index.md weight: 5 --- -# Enterprise Registry log debugging +# Enterprise Registry Log Debugging + To aid in debugging issues such as LDAP configuration you can tail the logs of the Enterprise Registry container from the Docker host as shown below: -```shell +```sh CONTAINER_ID=$(docker ps | grep "coreos/registry:latest" | awk '{print $1}') LOG_LOCATION=$(docker inspect -f '{{ index .Volumes "/var/log" }}' ${CONTAINER_ID}) tail -f ${LOG_LOCATION}/gunicorn_web/* ${LOG_LOCATION}/gunicorn_registry/* ${LOG_LOCATION}/gunicorn_verbs/* ``` Alternatively you can download a simple shell script to perform the steps above: -```shell -curl --location {{site.url}}/docs/enterprise-registry/ldap-logging/tail_gunicorn_logs.sh -o /tmp/tail_gunicorn_logs.sh -# + +```sh +curl --location https://github.com/coreos/docs/blob/master/enterprise-registry/log-debugging/tail_gunicorn_logs.sh -o /tmp/tail_gunicorn_logs.sh -# ``` + Then run: -```shell + +```sh chmod -c +x /tmp/tail_gunicorn_logs.sh /tmp/tail_gunicorn_logs.sh ``` diff --git a/enterprise-registry/mysql-container/index.md b/enterprise-registry/mysql-container/index.md index 92580dc2b..3aefcc5df 100644 --- a/enterprise-registry/mysql-container/index.md +++ b/enterprise-registry/mysql-container/index.md @@ -1,26 +1,36 @@ -### Using a dedicated MySQL Docker container -If you don't have an existing MySQL system to host the Enterprise Registry database on then you can run the steps below to create a dedicated MySQL container using the Oracle MySQL verified Docker image from: https://registry.hub.docker.com/_/mysql/ -```shell -docker \ - pull \ - mysql:5.6; +--- +layout: docs +title: Setting Up a MySQL Docker Container +category: registry +weight: 5 +--- + +# Setting Up a MySQL Docker Container + +If you don't have an existing MySQL system to host the Enterprise Registry database on then you can run the steps below to create a dedicated MySQL container using the Oracle MySQL verified Docker image from https://registry.hub.docker.com/_/mysql/ + +```sh +docker pull mysql:5.6 ``` Edit these values to your liking: -```shell + +```sh MYSQL_USER="coreosuser" MYSQL_DATABASE="enterpriseregistrydb" MYSQL_CONTAINER_NAME="mysql" ``` Do not edit these values: (creates a 32 char password for the MySQL root user and the Enterprise Registery DB user) -```shell + +```sh MYSQL_ROOT_PASSWORD=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | sed 1q) MYSQL_PASSWORD=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | sed 1q) ``` Start the MySQL container and create a new DB for the Enterprise registry: -```shell + +```sh docker \ run \ --detach \ @@ -32,19 +42,23 @@ docker \ --publish 3306:3306 \ mysql:5.6; ``` + Wait about 30 seconds for the new DB to be created before testing the connection to the DB, the MySQL container will not respond during the initial DB creation process. Run the following command to output the DB URI for the MySQL database: -```shell + +```sh echo "DB_URI: 'mysql+pymysql://${MYSQL_USER}:${MYSQL_PASSWORD}@db/${MYSQL_DATABASE}'" ``` Alternatively you can download a simple shell script to perform the steps above: -```shell -curl --location {{site.url}}/docs/enterprise-registry/mysql-container/provision_mysql.sh -o /tmp/provision_mysql.sh -# + +```sh +curl --location https://raw.githubusercontent.com/coreos/docs/master/enterprise-registry/mysql-container/provision_mysql.sh -o /tmp/provision_mysql.sh -# ``` Then run: -```shell + +```sh chmod -c +x /tmp/provision_mysql.sh /tmp/provision_mysql.sh ``` From 5a3580b1e71b9abc9623d706aa1725dedc3f13c8 Mon Sep 17 00:00:00 2001 From: Jimmy Zelinskie Date: Fri, 12 Dec 2014 11:40:57 -0500 Subject: [PATCH 0352/1291] Add comment addressing CORS to S3 config. --- enterprise-registry/initial-setup/index.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/enterprise-registry/initial-setup/index.md b/enterprise-registry/initial-setup/index.md index 1cbf1b0e4..b289a0aae 100644 --- a/enterprise-registry/initial-setup/index.md +++ b/enterprise-registry/initial-setup/index.md @@ -115,6 +115,8 @@ DISTRIBUTED_STORAGE_PREFERENCE: ['local'] # storage_path: The path under the mounted volume # # S3Storage: Registry data is stored in Amazon S3 +# S3 Buckets require CORS with settings similar to: +# https://gist.github.com/jzelinskie/1ceb32a89f650c29eb8d # # Required fields: # storage_path: The path under the S3 bucket From 966d516f268d61d885fb423767b18a16a4bb382c Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Fri, 12 Dec 2014 10:48:15 -0800 Subject: [PATCH 0353/1291] launching-containers: move registry auth to separate doc --- .../building/customizing-docker/index.md | 53 +----------- .../building/registry-authentication/index.md | 85 +++++++++++++++++++ 2 files changed, 87 insertions(+), 51 deletions(-) create mode 100644 launching-containers/building/registry-authentication/index.md diff --git a/launching-containers/building/customizing-docker/index.md b/launching-containers/building/customizing-docker/index.md index 58d6aeecf..44d41596e 100644 --- a/launching-containers/building/customizing-docker/index.md +++ b/launching-containers/building/customizing-docker/index.md @@ -230,55 +230,6 @@ coreos: ## Using a dockercfg File for Authentication -A json file `.dockercfg` can be created in your home directory that holds authentication information for a public or private docker registry. The auth token is a base64 encoded string: `base64(:)`. Here's what an example looks like with credentials for docker's public index and a private index: - -```json -{ - "https://index.docker.io/v1/": { - "auth": "xXxXxXxXxXx=", - "email": "username@example.com" - }, - "https://index.example.com": { - "auth": "XxXxXxXxXxX=", - "email": "username@example.com" - } -} -``` - -The last step is to tell your systemd units to run as the core user in order for docker to use the credentials we just set up. This is done in the service section of the unit: - -```ini -[Unit] -Description=My Container -After=docker.service - -[Service] -User=core -ExecStart=/usr/bin/docker run busybox /bin/sh -c "while true; do echo Hello World; sleep 1; done" - -[Install] -WantedBy=multi-user.target -``` +A json file `.dockercfg` can be created in your home directory that holds authentication information for a public or private docker registry. -### Cloud-Config - -Since each machine in your cluster is going to have to pull images, cloud-config is the easiest way to write the config file to disk. - -```yaml -#cloud-config -write_files: - - path: /home/core/.dockercfg - owner: core:core - permissions: 0644 - content: | - { - "https://index.docker.io/v1/": { - "auth": "xXxXxXxXxXx=", - "email": "username@example.com" - }, - "https://index.example.com": { - "auth": "XxXxXxXxXxX=", - "email": "username@example.com" - } - } -``` +Read more about [registry authentication]({{site.url}}/docs/launching-containers/building/registry-authentication). \ No newline at end of file diff --git a/launching-containers/building/registry-authentication/index.md b/launching-containers/building/registry-authentication/index.md new file mode 100644 index 000000000..41f12fe88 --- /dev/null +++ b/launching-containers/building/registry-authentication/index.md @@ -0,0 +1,85 @@ +--- +layout: docs +title: Using Authentication for a Registry +category: launching_containers +sub_category: building +weight: 7 +--- + +# Using Authentication for a Registry + +A json file `.dockercfg` can be created in your home directory that holds authentication information for a public or private docker registry. The auth token is a base64 encoded string: `base64(:)`. + +## The .dockercfg File + +Here's what an example looks like with credentials for docker's public index and a private index: + + +#### .dockercfg + +```json +{ + "https://index.docker.io/v1/": { + "auth": "xXxXxXxXxXx=", + "email": "username@example.com" + }, + "https://index.example.com": { + "auth": "XxXxXxXxXxX=", + "email": "username@example.com" + } +} +``` + +The last step is to tell your systemd units to run as the `core` user in order for docker to use the credentials we just set up. This is done in the service section of the unit: + +```ini +[Unit] +Description=My Container +After=docker.service + +[Service] +User=core +ExecStart=/usr/bin/docker run busybox /bin/sh -c "while true; do echo Hello World; sleep 1; done" + +[Install] +WantedBy=multi-user.target +``` + +### Cloud-Config + +Since each machine in your cluster is going to have to pull images, cloud-config is the easiest way to write the config file to disk. + +```yaml +#cloud-config +write_files: + - path: /home/core/.dockercfg + owner: core:core + permissions: 0644 + content: | + { + "https://index.docker.io/v1/": { + "auth": "xXxXxXxXxXx=", + "email": "username@example.com" + }, + "https://index.example.com": { + "auth": "XxXxXxXxXxX=", + "email": "username@example.com" + } + } +``` + +## Using a Registry Without SSL Configured + +The default behavior of Docker is to prevent access to registries that aren't using SSL. If you're running a registry behind your firewall without SSL, you need to configure an additional parameter, which whitelists a CIDR range of allowed "insecure" registries. + +The best way to do this is within your cloud-config: + +```yaml +#cloud-config + +write_files: + - path: /etc/systemd/system/docker.service.d/50-insecure-registry.conf + content: | + [Service] + Environment=DOCKER_OPTS='--insecure-registry="10.0.1.0/24"' +``` \ No newline at end of file From 16797c0a87da5901c90ab0544f98fe09c06fa1e9 Mon Sep 17 00:00:00 2001 From: Jimmy Zelinskie Date: Fri, 12 Dec 2014 14:12:13 -0500 Subject: [PATCH 0354/1291] Include comment about CORS generically. This has example CORS configurations for both S3 and GCS. --- enterprise-registry/initial-setup/index.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/enterprise-registry/initial-setup/index.md b/enterprise-registry/initial-setup/index.md index b289a0aae..08e6d78f7 100644 --- a/enterprise-registry/initial-setup/index.md +++ b/enterprise-registry/initial-setup/index.md @@ -115,7 +115,7 @@ DISTRIBUTED_STORAGE_PREFERENCE: ['local'] # storage_path: The path under the mounted volume # # S3Storage: Registry data is stored in Amazon S3 -# S3 Buckets require CORS with settings similar to: +# S3 buckets require CORS with settings similar to: # https://gist.github.com/jzelinskie/1ceb32a89f650c29eb8d # # Required fields: @@ -143,6 +143,8 @@ DISTRIBUTED_STORAGE_PREFERENCE: ['local'] # secret_key: An object gateway user secret key # bucket_name: The bucket under RADOS # +# All non-local storages require CORS settings to allow GETs and PUTs from any origin. +# Examples can be found at https://gist.github.com/jzelinskie/1ceb32a89f650c29eb8d DISTRIBUTED_STORAGE_CONFIG: local: # The name of the storage provider From 71ae7cbdf3349f2e300ed57d5e6cb80ceb19e8b0 Mon Sep 17 00:00:00 2001 From: Jimmy Zelinskie Date: Fri, 12 Dec 2014 14:13:36 -0500 Subject: [PATCH 0355/1291] Remove S3 specific CORS comments --- enterprise-registry/initial-setup/index.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/enterprise-registry/initial-setup/index.md b/enterprise-registry/initial-setup/index.md index 08e6d78f7..9ce18716b 100644 --- a/enterprise-registry/initial-setup/index.md +++ b/enterprise-registry/initial-setup/index.md @@ -115,8 +115,6 @@ DISTRIBUTED_STORAGE_PREFERENCE: ['local'] # storage_path: The path under the mounted volume # # S3Storage: Registry data is stored in Amazon S3 -# S3 buckets require CORS with settings similar to: -# https://gist.github.com/jzelinskie/1ceb32a89f650c29eb8d # # Required fields: # storage_path: The path under the S3 bucket From 2f3dc1d84e9d74c4899a238395622b13fe750b96 Mon Sep 17 00:00:00 2001 From: Jimmy Zelinskie Date: Fri, 12 Dec 2014 15:09:25 -0500 Subject: [PATCH 0356/1291] Reorganize CORS information into a new section. --- enterprise-registry/initial-setup/index.md | 56 ++++++++++++++++++++-- 1 file changed, 53 insertions(+), 3 deletions(-) diff --git a/enterprise-registry/initial-setup/index.md b/enterprise-registry/initial-setup/index.md index 9ce18716b..9ff464502 100644 --- a/enterprise-registry/initial-setup/index.md +++ b/enterprise-registry/initial-setup/index.md @@ -140,9 +140,6 @@ DISTRIBUTED_STORAGE_PREFERENCE: ['local'] # access_key: An object gateway user access key # secret_key: An object gateway user secret key # bucket_name: The bucket under RADOS -# -# All non-local storages require CORS settings to allow GETs and PUTs from any origin. -# Examples can be found at https://gist.github.com/jzelinskie/1ceb32a89f650c29eb8d DISTRIBUTED_STORAGE_CONFIG: local: # The name of the storage provider @@ -234,3 +231,56 @@ Once the Enterprise Registry is running, new users can be created by clicking th Users should be able to login to the Enterprise Registry directly with their LDAP username and password. To aid in LDAP debugging you can [tail the logs of the Enterprise Registry container]({{site.url}}/docs/enterprise-registry/log-debugging) from the Docker host. + +## Ensuring storage is set up correctly + +### If using local storage + +There's nothing left to do! Enjoy a brand new Enterprise Registry! + +### If using a storage service + +When using a storage service, the service must have it's CORS (Cross-Origin Resource Sharing) configuration altered. This is usually done in the service's web console while configuring the settings for a given bucket. Enterprise Registry requires that both GET and PUT methods be accessible from any origin. + +An example Amazon S3 configuration looks like: +``` + + + + * + GET + 3000 + Authorization + + + * + PUT + 3000 + Content-Type + x-amz-acl + origin + + +``` +For more information see [Amazon's CORS documentation](http://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html). + +An example Google Cloud Storage configuration looks like: +``` + + + + + * + + + GET + PUT + + + Content-Type + + 3000 + + +``` +For more information see [Google's CORS documentation](https://cloud.google.com/storage/docs/cross-origin). From d05762a2384b0c5dc1d558fa3d905130cb719044 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Fri, 12 Dec 2014 11:08:06 -0800 Subject: [PATCH 0357/1291] cluster-management: add maint. window details --- .../setup/update-strategies/index.md | 56 +++++++++++++++++++ 1 file changed, 56 insertions(+) diff --git a/cluster-management/setup/update-strategies/index.md b/cluster-management/setup/update-strategies/index.md index fc72a6914..bf78aa871 100644 --- a/cluster-management/setup/update-strategies/index.md +++ b/cluster-management/setup/update-strategies/index.md @@ -101,3 +101,59 @@ coreos: - name: update-engine.service command: restart ``` + +# Auto-Updates with a Maintainence Window + +A timeframe in which to update can be specified by using two systemd units, a very simple service and a timer to run it on your schedule: + +#### update-window.service + +```yaml +[Unit] +Description=Reboot if an update has been downloaded + +[Service] +ExecStart=/usr/bin/bash -c 'if update_engine_client -status | grep NEED_REBOOT; then reboot; fi' +``` + +#### update-window.timer + +```yaml +[Unit] +Description=Reboot if needed at 05:00 daily + +[Timer] +OnCalendar=*-*-* 05:00:00 +``` + +More [information on systemd timers](http://www.freedesktop.org/software/systemd/man/systemd.timer.html) and the available ways you can configure your maintenance window. + +## Cloud-Config + +```yaml +#cloud-config + +coreos: + update: + reboot-strategy: off + units: + - + name: update-window.service + runtime: true + content: | + [Unit] + Description=Reboot if an update has been downloaded + + [Service] + ExecStart=/usr/bin/bash -c 'if update_engine_client -status | grep NEED_REBOOT; then locksmithctl reboot; fi' + - + name: update-window.timer + runtime: true + command: start + content: | + [Unit] + Description=Reboot if needed at 05:00 daily + + [Timer] + OnCalendar=*-*-* 05:00:00 +``` \ No newline at end of file From db50fb831711d2f0a4052ad8e49e61d2a3a98fc0 Mon Sep 17 00:00:00 2001 From: Jimmy Zelinskie Date: Fri, 12 Dec 2014 16:29:14 -0500 Subject: [PATCH 0358/1291] s/it's/its and address the 'why' for CORS existing --- enterprise-registry/initial-setup/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/enterprise-registry/initial-setup/index.md b/enterprise-registry/initial-setup/index.md index 9ff464502..7e1493b08 100644 --- a/enterprise-registry/initial-setup/index.md +++ b/enterprise-registry/initial-setup/index.md @@ -240,7 +240,7 @@ There's nothing left to do! Enjoy a brand new Enterprise Registry! ### If using a storage service -When using a storage service, the service must have it's CORS (Cross-Origin Resource Sharing) configuration altered. This is usually done in the service's web console while configuring the settings for a given bucket. Enterprise Registry requires that both GET and PUT methods be accessible from any origin. +When using a storage service, the service must have its CORS (Cross-Origin Resource Sharing) configuration altered. This is usually done in the service's web console while configuring the settings for a given bucket. Enterprise Registry requires that both GET and PUT methods be accessible from any origin because userfiles (Dockerfiles and archives with Dockerfiles in them) are uploaded directly from the browser to storage. If this is not properly set up, uploading a Dockerfile/archive will yield an Internal Server Error (500) page. An example Amazon S3 configuration looks like: ``` From aafe291203be34ac77077b2545dec55d4ae11d6d Mon Sep 17 00:00:00 2001 From: Jimmy Zelinskie Date: Fri, 12 Dec 2014 18:33:26 -0500 Subject: [PATCH 0359/1291] Refresh log debugging docs This documents how to gzip all the logs before sending a support request and how to tail all of the ER's web workers. --- .../log-debugging/gzip-registry-logs.sh | 3 ++ enterprise-registry/log-debugging/index.md | 41 +++++++++++++++---- .../log-debugging/tail-gunicorn-logs.sh | 3 ++ .../log-debugging/tail_gunicorn_logs.sh | 6 --- 4 files changed, 39 insertions(+), 14 deletions(-) create mode 100644 enterprise-registry/log-debugging/gzip-registry-logs.sh create mode 100644 enterprise-registry/log-debugging/tail-gunicorn-logs.sh delete mode 100644 enterprise-registry/log-debugging/tail_gunicorn_logs.sh diff --git a/enterprise-registry/log-debugging/gzip-registry-logs.sh b/enterprise-registry/log-debugging/gzip-registry-logs.sh new file mode 100644 index 000000000..d58dac7ea --- /dev/null +++ b/enterprise-registry/log-debugging/gzip-registry-logs.sh @@ -0,0 +1,3 @@ +CONTAINER_ID=$(docker ps | grep "coreos/registry" | awk '{print $1}') +LOG_LOCATION=$(docker inspect -f '{{ index .Volumes "/var/log" }}' ${CONTAINER_ID}) +tar -zcvf registry-logs-$(date +%s).tar.gz ${LOG_LOCATION} diff --git a/enterprise-registry/log-debugging/index.md b/enterprise-registry/log-debugging/index.md index 38b25c402..0536de88a 100644 --- a/enterprise-registry/log-debugging/index.md +++ b/enterprise-registry/log-debugging/index.md @@ -7,23 +7,48 @@ weight: 5 # Enterprise Registry Log Debugging -To aid in debugging issues such as LDAP configuration you can tail the logs of the Enterprise Registry container from the Docker host as shown below: +## Personal debugging +When attempting to debug an issue, one should first consult the logs of the web workers running the Enterprise Registry. +This can be obtained in two different ways: manually or via a script. + +Please note that both of these methods assume that they are being executed on the host machine. + +### Manual + +{% raw %} ```sh -CONTAINER_ID=$(docker ps | grep "coreos/registry:latest" | awk '{print $1}') +CONTAINER_ID=$(docker ps | grep "coreos/registry" | awk '{print $1}') LOG_LOCATION=$(docker inspect -f '{{ index .Volumes "/var/log" }}' ${CONTAINER_ID}) -tail -f ${LOG_LOCATION}/gunicorn_web/* ${LOG_LOCATION}/gunicorn_registry/* ${LOG_LOCATION}/gunicorn_verbs/* +tail -f ${LOG_LOCATION}/gunicorn_*/current ``` +{% endraw %} -Alternatively you can download a simple shell script to perform the steps above: +### Script ```sh -curl --location https://github.com/coreos/docs/blob/master/enterprise-registry/log-debugging/tail_gunicorn_logs.sh -o /tmp/tail_gunicorn_logs.sh -# +curl -L -f https://github.com/coreos/docs/blob/master/enterprise-registry/log-debugging/tail-gunicorn-logs.sh | sh +``` + +## Contacting support + +When contacting support, one should always include a copy of the Enterprise Registry's log directory. +This can be obtained in two different ways: manually or via a script. + +Please note that both of these methods assume that they are being executed on the host machine. + +### Manual + +{% raw %} +```sh +CONTAINER_ID=$(docker ps | grep "coreos/registry" | awk '{print $1}') +LOG_LOCATION=$(docker inspect -f '{{ index .Volumes "/var/log" }}' ${CONTAINER_ID}) +tar -zcvf registry-logs-$(date +%s).tar.gz ${LOG_LOCATION} ``` +{% endraw %} -Then run: +### Script ```sh -chmod -c +x /tmp/tail_gunicorn_logs.sh -/tmp/tail_gunicorn_logs.sh +curl -L -f https://github.com/coreos/docs/blob/master/enterprise-registry/log-debugging/gzip-registry-logs.sh | sh ``` diff --git a/enterprise-registry/log-debugging/tail-gunicorn-logs.sh b/enterprise-registry/log-debugging/tail-gunicorn-logs.sh new file mode 100644 index 000000000..80b851fa9 --- /dev/null +++ b/enterprise-registry/log-debugging/tail-gunicorn-logs.sh @@ -0,0 +1,3 @@ +CONTAINER_ID=$(docker ps | grep "coreos/registry" | awk '{print $1}') +LOG_LOCATION=$(docker inspect -f '{{ index .Volumes "/var/log" }}' ${CONTAINER_ID}) +tail -f ${LOG_LOCATION}/gunicorn_*/current diff --git a/enterprise-registry/log-debugging/tail_gunicorn_logs.sh b/enterprise-registry/log-debugging/tail_gunicorn_logs.sh deleted file mode 100644 index 14c62179f..000000000 --- a/enterprise-registry/log-debugging/tail_gunicorn_logs.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/bash -# A simple shell script to tail the gunicorn logs of the CoreOS Enterprise Registery container - -CONTAINER_ID=$(docker ps | grep "coreos/registry:latest" | awk '{print $1}') -LOG_LOCATION=$(docker inspect -f '{{ index .Volumes "/var/log" }}' ${CONTAINER_ID}) -tail -f ${LOG_LOCATION}/gunicorn_web/* ${LOG_LOCATION}/gunicorn_registry/* ${LOG_LOCATION}/gunicorn_verbs/* From f8baf4a54295910dd7d6eeb30dbeea311f34f4a7 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Fri, 12 Dec 2014 17:03:39 -0800 Subject: [PATCH 0360/1291] cluster-management: fix incorrect header size --- cluster-management/setup/update-strategies/index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cluster-management/setup/update-strategies/index.md b/cluster-management/setup/update-strategies/index.md index bf78aa871..a6d301dda 100644 --- a/cluster-management/setup/update-strategies/index.md +++ b/cluster-management/setup/update-strategies/index.md @@ -102,7 +102,7 @@ coreos: command: restart ``` -# Auto-Updates with a Maintainence Window +## Auto-Updates with a Maintainence Window A timeframe in which to update can be specified by using two systemd units, a very simple service and a timer to run it on your schedule: @@ -156,4 +156,4 @@ coreos: [Timer] OnCalendar=*-*-* 05:00:00 -``` \ No newline at end of file +``` From ac825931376f989e114b06a43cc4ebc599ab75ce Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Fri, 12 Dec 2014 17:07:22 -0800 Subject: [PATCH 0361/1291] enterprise-registry: fix incorrect newlines --- enterprise-registry/initial-setup/index.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/enterprise-registry/initial-setup/index.md b/enterprise-registry/initial-setup/index.md index 7e1493b08..718bf5d9d 100644 --- a/enterprise-registry/initial-setup/index.md +++ b/enterprise-registry/initial-setup/index.md @@ -243,6 +243,7 @@ There's nothing left to do! Enjoy a brand new Enterprise Registry! When using a storage service, the service must have its CORS (Cross-Origin Resource Sharing) configuration altered. This is usually done in the service's web console while configuring the settings for a given bucket. Enterprise Registry requires that both GET and PUT methods be accessible from any origin because userfiles (Dockerfiles and archives with Dockerfiles in them) are uploaded directly from the browser to storage. If this is not properly set up, uploading a Dockerfile/archive will yield an Internal Server Error (500) page. An example Amazon S3 configuration looks like: + ``` @@ -262,9 +263,11 @@ An example Amazon S3 configuration looks like: ``` + For more information see [Amazon's CORS documentation](http://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html). An example Google Cloud Storage configuration looks like: + ``` @@ -283,4 +286,5 @@ An example Google Cloud Storage configuration looks like: ``` + For more information see [Google's CORS documentation](https://cloud.google.com/storage/docs/cross-origin). From a7a644fa6d56aff6eebf23821d77ff338517f1c2 Mon Sep 17 00:00:00 2001 From: Jimmy Zelinskie Date: Fri, 12 Dec 2014 20:49:00 -0500 Subject: [PATCH 0362/1291] Remove piping to sh --- enterprise-registry/log-debugging/index.md | 20 ++------------------ 1 file changed, 2 insertions(+), 18 deletions(-) diff --git a/enterprise-registry/log-debugging/index.md b/enterprise-registry/log-debugging/index.md index 0536de88a..71638e727 100644 --- a/enterprise-registry/log-debugging/index.md +++ b/enterprise-registry/log-debugging/index.md @@ -10,12 +10,8 @@ weight: 5 ## Personal debugging When attempting to debug an issue, one should first consult the logs of the web workers running the Enterprise Registry. -This can be obtained in two different ways: manually or via a script. - Please note that both of these methods assume that they are being executed on the host machine. -### Manual - {% raw %} ```sh CONTAINER_ID=$(docker ps | grep "coreos/registry" | awk '{print $1}') @@ -24,21 +20,13 @@ tail -f ${LOG_LOCATION}/gunicorn_*/current ``` {% endraw %} -### Script - -```sh -curl -L -f https://github.com/coreos/docs/blob/master/enterprise-registry/log-debugging/tail-gunicorn-logs.sh | sh -``` +The aforementioned shell commands are also available in script form at https://github.com/coreos/docs/blob/master/enterprise-registry/log-debugging/tail-gunicorn-logs.sh ## Contacting support When contacting support, one should always include a copy of the Enterprise Registry's log directory. -This can be obtained in two different ways: manually or via a script. - Please note that both of these methods assume that they are being executed on the host machine. -### Manual - {% raw %} ```sh CONTAINER_ID=$(docker ps | grep "coreos/registry" | awk '{print $1}') @@ -47,8 +35,4 @@ tar -zcvf registry-logs-$(date +%s).tar.gz ${LOG_LOCATION} ``` {% endraw %} -### Script - -```sh -curl -L -f https://github.com/coreos/docs/blob/master/enterprise-registry/log-debugging/gzip-registry-logs.sh | sh -``` +The aforementioned shell commands are also available in script form at https://github.com/coreos/docs/blob/master/enterprise-registry/log-debugging/gzip-registry-logs.sh From 234d75de5000886a23935f5058a49a5574ea1025 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Mon, 15 Dec 2014 10:16:42 -0800 Subject: [PATCH 0363/1291] cluster-management: fix incorrect header size --- cluster-management/setup/update-strategies/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster-management/setup/update-strategies/index.md b/cluster-management/setup/update-strategies/index.md index a6d301dda..ab89eb409 100644 --- a/cluster-management/setup/update-strategies/index.md +++ b/cluster-management/setup/update-strategies/index.md @@ -128,7 +128,7 @@ OnCalendar=*-*-* 05:00:00 More [information on systemd timers](http://www.freedesktop.org/software/systemd/man/systemd.timer.html) and the available ways you can configure your maintenance window. -## Cloud-Config +### Cloud-Config ```yaml #cloud-config From a012b0c1f59552564fefbcb6dcc142cd9658a98a Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Mon, 15 Dec 2014 12:23:51 -0800 Subject: [PATCH 0364/1291] cluster-management: configure fleetctl on worker machines --- .../setup/cluster-architectures/index.md | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/cluster-management/setup/cluster-architectures/index.md b/cluster-management/setup/cluster-architectures/index.md index 62b5b3e91..399c452a6 100644 --- a/cluster-management/setup/cluster-architectures/index.md +++ b/cluster-management/setup/cluster-architectures/index.md @@ -132,6 +132,14 @@ coreos: units: - name: fleet.service command: start +write_files: + - path: /etc/profile.d/fleetctl.sh + permissions: 0644 + owner: core + content: | + # configure fleetctl to work with our etcd servers set above + export FLEETCTL_ENDPOINT=/var/run/fleet.sock + export FLEETCTL_EXPERIMENTAL_API=true ``` ## Production Cluster with Central Services @@ -214,4 +222,12 @@ coreos: # CoreUpdate group ID for "Production Workers" group: f118a298-2a8a-460b-9edd-3a9b49df504e server: https://customer.update.core-os.net/v1/update/ +write_files: + - path: /etc/profile.d/fleetctl.sh + permissions: 0644 + owner: core + content: | + # configure fleetctl to work with our etcd servers set above + export FLEETCTL_ENDPOINT=/var/run/fleet.sock + export FLEETCTL_EXPERIMENTAL_API=true ``` From a33eaceeb504a1d1f3491de2944297821b913347 Mon Sep 17 00:00:00 2001 From: Jimmy Zelinskie Date: Mon, 15 Dec 2014 16:52:25 -0500 Subject: [PATCH 0365/1291] Add information about tagging triggered builds. --- enterprise-registry/github-build/index.md | 8 ++++++++ enterprise-registry/github-build/new-tag.png | Bin 0 -> 34699 bytes 2 files changed, 8 insertions(+) create mode 100644 enterprise-registry/github-build/new-tag.png diff --git a/enterprise-registry/github-build/index.md b/enterprise-registry/github-build/index.md index b9902a4f1..6d551f377 100644 --- a/enterprise-registry/github-build/index.md +++ b/enterprise-registry/github-build/index.md @@ -74,3 +74,11 @@ GITHUB_TRIGGER_CONFIG: { } ``` +## Tagging a build + +Tagging a build that has been automatically trigged by GitHub can be done on the repository page. +After selecting a given build, the right side of the page displays tag information which when clicked provides a drop-down menu with the option of creating a new tag. + +Create a new tag + +There is currently no ability to automatically tag GitHub triggered builds. diff --git a/enterprise-registry/github-build/new-tag.png b/enterprise-registry/github-build/new-tag.png new file mode 100644 index 0000000000000000000000000000000000000000..e7badeef29448689b82d8984afca622b72680bca GIT binary patch literal 34699 zcmd40Wl$Yaw>F3d2*KUm-Q9w_TX1)GClG?WdvJFM?r?B-cXxM~L*6^zy;CDKzozC? zovQBM%XiE3tQD#tCl2=&`zr_t2%MyZh!O}0s1fjQ4E+Uo7iG{GRf~2r8 zp@O5GsfD!(2#7{dq6d@;s%)L>#P}DDB(j5y_}y=DPUBcVfrpBr#6qHo3J@v^LJHl2 z$V@~Mh)613{t}EaDhh%~F+31HogeKVd=IPqW~Nycm8BjnWi4iwP$2B4O78BAVc7mL zlZO&k;5N466lS)on14V{{gMBG5Dd{!YmZD%qrOJlm|zNOEgWoXb-bIkf7s<+-G^R- zfz*mr7r7;eP6b)dwBNO5b3y5Z*fA0 z>R4&7SwR=tBnc3nEH`(lr(Que{EA35;YX6ysR(m5!l)!+vD~0}K>&HQ#7Dfrs2=*q=w9bVWB-M~ zKobo`81kN*ru+L|)s6behOYCwQB+%O*-$6j7VRVXDx`qF*Cu-tmVNKTCVCS>M_tf| zY0t}<%%c;>iH)sLNVdNKw^DL}Y5x4j%9>>BH{!+}xLlv@yhik2avJX6js3IzSR2u6 zNnY%6f;=Tpw~}JxlEC$?{5F>OJGAUBRuFe){EYc$Ku$#+GrTtmG&f;DEO|inho8jB z55Yi2@IfjCZo)z%)?#xS<+oa1O`Yp)u&o4RZ zlMt-nK7qbD`lz6y(c6MBxul9xlynI&!{`kNd%=u( z{%y`vkHHP*gXja{gY5&e_Ul|wKwSP0#$+c`0;X#OrWmBrFNeNIgKfst6hj%bLZq3{ z@?wM(G+OkL5VRg@VyhV#oDkU_{O%;9lbVN`z(uN4X82&E?$E7Sdvs1@dhFy-nr@x$ zwO+nnpRPC3Ji;B~c%m5!CvsRaX%ZUpGO||b`-oGNC2TIXW{~Eu&5+F;9$+5$PmtGY z*G0PogA13e?nG_a>*xd_^8ML83tK!_d5;&UsHknI!>DSgpr}-+MU<6_&dM?h<;dnR zxe#~(G(^AcBNSwtDkBuXTYWUypCB5HqM6YXK{$rIx#2AGT7l9QuIhsySu z^)aaIs(`8dP_b1BRq0pZD9KV9Q;t`LRXS0KFGf&GR@%tL&(ST+$%`$l`2&-~^<7zd zMwmr5JP$2@F7K{z><^#(ON?t6eBn;sOwLWNbWy9|g5<+bd}#&|I}rkjY-zv5j%?qb zKa+%_y0eI~auT-SdpSu)DF@B_Fh^4c+yfm_t}sxb;?d&~l-ZT>W>^XdMy*HFM)^m% zM(;+2M>{o|G;cKmG_Ez%G}mi$HAOWmG!#{TYCUT9s@L?r#-a={Od3t) z4Fx9F2RcT(hYY%q#ua<6VvMrlW0m7sV(MaU=nuYO;3adbgQycN@KtKsezB!H*FRTY z#ao5tJ>~t)%fySu`^Ib4_Px!u&7$qD&F<;aTgtn`JIMRY8}?QE)%5k{iQ%Rboe)C- z`4WSZYLe_ySV3Y^=(1YBZnGY-E+$qXchV$B(Ll-oZVP%#Y72u{1Bon_FxD{^R578r zt+>;?37MJivCRoXjtH`zI9 zH2E~{m5z)7jn+lzIFhxZzQ#Gtx$Kq$OA(79RVfvtHlg;pcBq!FHr&zBk>Am5S9f@3 zD1C?^$u4v`V=SzAAVB_uOjK$`qsO7Z$ z(R>76?>mq$usRrt^z$k;YI|xnD#2>edbJ(1ig_B!$|JhzZdfi{``4pr3pC*BE>(YL zLl;zMS>_LP!50iG$8;Z>_`Q2~#a?6!(p})d;7lT&Be`T1l)uk>uk*Wc4_6-9q}$Ot zt0=9AY$UT)Z@j8cTsLTncf;`G*g4;C@ADdY=)IT_xb$M2J70g_&)Mn4z*EC}%OuZS zi@qh`JDommS*Vy_o6nneDpN0Me5&c$Ddd0Z08m`ZW51w1r)N>~+h8f+o8ztWxId%< z>YyfEvIRU1Znv*uo+dY|*Dgnp7GkfG*BOfRAUl6}M?tI^b0pi2a{n<_Yb21|`jbn!s-$q+TeN$kwwbCbE zWp0{J!!MJ6SEcE_pyOij(~8mC`tn?7?s?tCtt!3L?p-fR4Gu3yXJpd~FjP=ixV||) z-dWJu;x+nO3LEF$H4a@&jm3=ic+v7brMMF>JsnAe`K% z(8Y9b9}V3mNqHU<2VF~z$I@%jcgb~G6ej0ukZ^Jjc`p>Pt+;LoH+m*+Jk|*t2l!@Cv!KY-TDZ z&I+AU-9l}8FR|D1L#~pq@x!+_I~b9rl`0c+le1s7lR9!eRU604*SFGMTt0BNICik% z*$dh5EXOT}+7lOkIJcHp9Lx2tjeC(i3=n*4ToAZD(?35vr}af$*js6@8pv5Vu93{{ zM(OokDMA82_@c*GheU@m zk@(d2P&o^YW|4l;L}3@yAux3p^gE=;_%!+-0Y9vkg}E18q7R=AFWCMtJ(@3?su<&1 zZ5th1?Azg+A{ic8m>5)8l30$Iir0%TRdISd;<|bsY9A;ar`0h`(RHm&2`7^t4V^-I zjCmqFIX|*Lt3F{s8AJSrM z6%^mBTupVMgfnwJO~SGYzhuIV4?ie1K|j%)w&I?DWZqkI;-MbBu&YPQ>6TkxT})ZU z`C`0W@++=-#SG8)Uf}?fcneS0- zf9wX%4F@V6kXEGC(b&_Ny4-hOygt`fmNN_SD}z1HKip8LWf7gO$bTJG`GQkKoRVAGKy`F5M^w?BsdVansYh1s;$BMFd<- z?W0U}kLzABx~o+5{OG;4ai8X2-sYA19k0XQ5ON4;1Xk2g{7Nd3=3O{UU3VBj$8v@Z zIO?Il1Z(ze&GWM77CA=X<}>eEVV2VIIQlM zZ-yPr@4xpu{apCv7R3;*7t*QIC9AJmtso&)tiC7@L7_xvN%<^E>lA&NCFj5ZL#RmK ztbSdf^6lDHnZbyfg)W_bfNFu*j!vM;ULsby2Ft@L6^L34RGQ063!bg37S$xCBL*m>5qzuEb?_8ItLyLt{oE{nVz5n|B8{BVwgFN=vj7jN#laE zyD9q04EYvW3?(rBFh1*|(`WO%J8CzWs!_>mI&5Z!r3b#*_!tj;tjD;0kbcNvd~ZUB zhuQabs7A}li-bFMMAjvMkys@!@?%aWm6TvvqWTtc87yf7olmm4S4H zs^otkgXoe2_kV@YAIJTEEXNCylmN0w4W96aK@jN~B%k@};R%#T9*6c12&+GqJtz?& zq)N>4A{ZyQUOu@Tq{rsBVsN)^Wk%4XnBiEwxZmFh-6-LQgDVBsCdEJ{y3CX}siIIcVCE7W z6Kq7-3~3UP=WHy6k2zSU>SycKkDQOb9N8Q}VbNk{F}1L~8&eyo8Q~jobqxcShxY+; zp@RDp& z6hjgt5ksa!LnA(kc8Zh=G78sf?5eR!Cd<+)@d^xcs59K9Yk4=S(K6ZH{{1m)AsZUw zeXFcJrwJax{Twv>R#53ie|7H7p>zghiuf_a)F*rzY%ln#NwMY24{8^nE)=sh1*rYv z{d2qIyS;?J3U~g(5uX)9$|W(>9XJ|jBn_ib#oOf9Nb5;S%Z{3m;H&rMWVE8Ec#s&Z z0eGjOlm}&pTgf$No6_P@3V6IxD?JsXfM#Ig>I?-kS zC|X9pVB(wfIGjJ4GMUM{(zp&CR1WH%JP;6{tQr!Z=*UZNdilxO?k9KR^tRAo_f`6t z=8-_$@4iy*VstIpwhK5MLunSy?-o|9#6!SFu%+icc zp+J|v8D~G`_~HmEV6@LWo6J8k>yBRwlSkl%QXHm;1cPOP=G+nAPM3mlHyR`ByL74ciu7Y5`fIu#-MyF6v-~HKF`XqWV>gFfa038 z|D1r6GTWOdk*esVi9bAnFE!m=g&M)-)u#KdXVI`ZenYA<8IVwx@#IojsUcg-k^t=yDrx*zu`UgqwL*^{El{f(uK0XdZs}d&%3Do*3d&wB1xH;74wN1`}&9O zYNP;m47jE7-36)v_GKEflS70D1<^1D9cb}LIsm}=3t^xBALIa zzr%HXt48pK8jF$>nlQ{@l&|JqSZQNCKr+#Jo>IEiaUKl|rh2p2=qLe(@ zH_1JPHHE{X!Gz61#T;HeSl3cVRxR%2?zrrj>Xd$!a+P+SdZh*11SIuk4i4QK;0tE`>`3z+ueA1|`#(G+^x6=8GHLOXR$aj7<6{ z8EvJ8qz1>*@gf}0FV3yZs;1@EDR%|;7O&RFwg=_A3Ajg0W4u)iOZ0o%9x_L6ZmJ{} zTiPwf={NAbAy=x-X=>(EmS%VcDI8EH4-(RV}da z;rVv!8+6I;$w|r4mDN?V?+Wh@&jZKu!P&B95oNJuvSn7CtbQi1$C@OSOXZo`I2sgM z3)<0oogMsj-E~{_iq%uCHCI~CjSm;`odh56?NseYbsm;=b~Nvb9kt9W(Fh@b;6O~R zoo-qQL7Koo*snP_7N|KmIL1l(0hAyQfo>gV)&f?=pp+}m0C4=qSE;85j-(H;!a6{= z=re^d2nZOYg^Gr=hO7*?k(~{_fw7&T3B9|GJ#d@=0>bOg4Lr0laW)`yx3RW$;&$gF z{wKi=JpR1QKuq{g#Mz3ESVLBUP}t7VgpiG%m7bB9|0^LOA+MvcDYue{*ng=5&-jSV zot^Eu85rE$-00m{=yq;zuOTpaWZnW zuy?kwvnBkrYhY;S;><@({ORa_{r(fDiMz#rd$M)DqtE^D=xE>VFjOKfChpDsWr)zw$EtuPx^P z%5S^v2Ld7pA}J!I;tqP+4&$z(`j`Fncf_yJ?qB|-5JE8}KcR`iDhLDQ1OEs%)-N85 ziX!Dy{n-#d?1(uh_l*wo%VQ6NQ*VWwf-U~$BV>Uq2q^@SN;(P?he+rop+pqpSK)K4 zBByF8MJ=padoRrSa_VsQaC(!~u%LU8kUeBvIzBWc>h4Gk6< zE$HIHR;knayRD7)F;l>=gPWH28z?Af`1QE@ZAbv%pquL(H{8M^?hQ?YM z5LJTwe_H#g7TF~)@HSgIuz?$h!E6gZTObcKg$QAdh{*gGR7CDS+VG#2!Cj7&|5?TX zp4ouJD*qEq0|zDA*%#D#{uf2p7trWV_}h(-w~fcAgKV2L7awdiw4kLrvsQX@N<~G* zobm79zke%%!!6)%!f<;TT&?-)w}KvFhAtx%2VO(X?52OUac_9bGNJ!VmPj6u-^fFD zhjkn7IN6Mq)f0iI(cpno>nIB?ha06?2OwF`C^9CL$!whL;*@p*7DYeEe<1B@fWR-p z@8e~|o?KPgCv5e;5A zj6rLtJCw>L&96a_I7b%gfJ=&tq0d>@rQbxuKcD##vfuTahwv8f2B|%IB9Lo%U*R25-YyMg>7BU~9Zi@erT}{5At>T+RH8BVHhSFP+ z8bOcrPJI1e*H@(8LX=A3?4IGHKm`$I-sGe(p=QOwWp22?B;%{MdMWQUrPLoVU~16T z8y$Eb&kLPh1b91L**on|`{_&`*T#35&SgFHa*s4|xB-z5W#QbO_XO{kP}`+ z)(e$*@7KwloV4mnO1b>GfNV_LuuUc`1bkl1)Kqrtbey=l)SgT`O7Tby|MripfXD7P zS_mdzcY)O?6K;>P1OLx9( z3$1ph{)e#=At$?3-ZW_yf$^w9b+D9>nSD5; z6};19(BUIVjBJ`3iPQBog?L-bu3gokyFfbG{`OF@?FxY7{#(Y0iHV8c!C>3#;Gy~wBwZsN!L%f;1_S@zcT-pKJy&!{S`^g^YMs(LU2 z0bn?h=FWERs^jInSI2G5BvEYvC3?vH`S$4XK;R?vWT9%IkXL|$79Ino;{%RKwJ_Hry+l()LQ}d)@c1%oqrCw5`!$qA& zaMHsIi_Tt=+!Zk%#WL1)H!{@A|M83&rYm(Y%d=|)>DtBwzN2I{JDAfR@q~&HN+0_4wiqi~Gmk2BFy&}Qcd^ZoNsV6T2g%S|)%N7|z|e2m+Se;N&qMPx zm*Z-Yd?oOz^Y)Of((Lc3=!yZ@tnplp`10i6j41m`#Q{kC@&-5iLYN%3ElkSW0sh}N zf8*G82_x|R@_D&8m@8GKrV|j*L%J^4tkXumUT&~LyQ0@^(?H@$7f`R#jiktO@3Hx% zIpZQyeUH6$eGeu8LN1$@KiDXn&c0Y{0{brXbuCvk9Mvo_DQO#kW7l`#`@kdZB5tGk zwF&7eB_bM^D**V?{BX&mIU#;cIGV3Wcge*uLkq&vU^}plL?`iQ|p)a>!X8cTZ@Nb&o3B_YJE@*BX|S^H`x7D7PIY5A&!T*;(p)1*s;yY zy6xo+6#J!B9nVsHq>rt=GJx{48}MSHzyV`xdCYZMtq$+zYl+Qll&6W0*9lJ#?b&+S zbaA5{#<$XnAAh zD9C;+Q-qiE1nTb@%mTE2vXOK!od!V>cq7_%zWr^dmAp}eSpI8MMtZQ<-o6P>RQF}L z6S4@3|DbERq1D*?aFWRT`KZVfg+5xQ9FND<`A3v28t{|ZUv1F)XQa<~bR5d-{!|fn zp+Fj=0qMM+h=Um?C?Y&O{0jIA(8StGji{@uTSM&kh{d1L6Mb&_x@&q?fc7%*=>ANC znOToEGdQl0P(rt9rpc-^U}JKw4O5uK#SmFl11=5+kgi&n|J95dxNWVX!y6)$FR2z2 znRv1$VB;>!H_ZSg>xcL_FJn5`FJ!uqGvnYS5&4Y+VWEC94K+&CV72TBQ^nx>{Cb1? z$xdDhzd3tc?Ydea%1Q0`#5sXaodG0bknhgn(0j#Du53CV7~R3@56GpTGh_0NMT6vT z=qvf1nR2$CflSG)*3%0$hCQU*{6X!0*cHoFn_;NsW0*hEu0AYg%tZyelVXBGA}Jd( zI9I|_p)(=Xe~p$I&-14)a#}A|3*phw(9G3zd=wNGQo|*&J>1?pH>N+Gw_bD=BCjjp z^0?9hBCw1~Mg-QquXiOcdk;>R>caAuL}nW8^rTatMX-Y+G!fZ1IkcgLI;o3V!o^gf{UsqzX8gkOD z9q22irOpmUj+zuxPM@~S%dS+3k;hO)(~v;yO^6<|l*PC|$gIBgpw>EB?V5EOp3Q!{ z#$*5e=q?ua8X6g@cJ;lSgy(Xg9$!Ot`O$qkNiU5Dj)63;#7s%=md61plt)*g3~rQ2 za}b9lj~Jqm_ADn^RC;(cMue1%OKrynMl)pb7_7b+MfaS=pytaFEhABwINhTMJ@!4IcUYcqY#bxi?bB>$P;-%{Y(yY0ZF2 ztRCKegI3A%S ze?CK{>?|xWJyvQWB&SNQt~UG_GX6P|dk)n~FK8u2*K9i!eW*N=9U-y4@~A19W;qHa^BGp|$!mcFjf zW6F>(H}7ICZCWwdt?EbGL)77E+9bxgn+q_0y29bH0IdrCeyUxPPRU7!&*79~r{44U z4!Fupzx%qZ*ocFvM8kYf$pVe+A>sl{5dYRDR;Yct1}H;@!zrS}8)co%8;I`cVGPp0 zU9Y;jTbTDtSEpAQyOYw3ZVzU~5G*=VCP%4V4AIG%Wxh_0(G+$?O|dr{P1#cMGM43J zWJG*(I)i*SF@tw;=&f6bTCf77mH`YWos4&6DOg02 zmzXUuEcR|ystw&fYLAv_1|@fDB3w63JMIwAX=MhquL}p)M1FC4QmtoA3rDsRI~94B zfFsaXTg6ult_I3_g$;@~B6=N-)z>4WOrmdN-AE%tAN?G_xbK0om@qhvN7G;=gGsf* zz*${wN=N+W$D293qOzL#NUBzekD$CyKFZqETywIr99oa1`A9fTKp-pavyMr!q_m;r zNT067ff7`DdnOZCqA=v_Jtv%|4rB4bZl_z8dn|C>o^_APr!jb9cuFFg!t-S6Xf^r7UJr|Dt_gC+{ScAL>%uqQ2eneM7M1&wE21RqRImBcCgIvL&ZwgqD_#(M z?IvVD-`~3IHT8n<*iMaxCg*{-V%pUBhCwN-3u;waV(*D1=r7i@o0^ZFCY7G8HZ9bw zs3U4seSd=o1=KZB2JJkbajWIEkDXRSxNbcWX*S+jnzQBx%gv4kM69eJ;L=C#dus2T z9PFo^Wyz(mxXsx3-P_nx=T#`i9^@&inNxIbrY+aY^BS+%89w5l$PnArd#Bn&EJo!6 zF+JmpqlxvU2P;ETf`=+?PJ?<)zq;ZW5$KXP?L$Ms;}W7ALP^ma!11!Hz7F`k1{0el z1NFTI3FrpxIV%F?h{&mA7pvKqfp2>ccwjo^J{k> ziF?!T4JOYsRV|&Vf0!evJFBTO93ufh}^1__r#m2_w=!U!Ap#!;Enc* z-2Z^U4v0usGu*hS5E@05DM$Xt`4J(Gqx~1WlxO|SmHtD{H-rQS7u_loC8&W71v*S1 zIY;+)Ffsq6l03kUz{_|8vLuky|A8bSG+qs0sQe}i|5CKpB9+?YfbosyLJ)4bpf5wK9+i_#PSd~1C6MFfeE{?q$F`0Rc3>UyGo`tAzwkEwzD8v3t~ z1Iz~+i-X{Py6&HEbfA4Y1qqQ)^FQ~61qYk{KTHjb_pIg5pFe6SQ&Uq7)1?2^Q|e*@ z%f;dWh&leJ0?eNk_-1(|@vi~{!07+~wFY=`k}<0>p2nnox-FO1tb4HeejI_7!fJs` zJ|@xMxI~`plK=1KzyrhgYp9qKCF}9Hj~ZGuIir9qMo9+gq~QovJ2BI7r%gk?$OM*zgYISt%oZlK*@R zDsQsNQXj3>HRkDQbw0S;R{rvMayF=lXl?`j2!fT)AX(tbnmUTaPlh6PT+wJaRcLp$ z_fpc7xb3#;Kx2_Tu{~2qM#=R;rbIFIRN=M>Kb&4;j#4`|W-%wwpQ1%!Fw^1VE|6HS zRw?gil%*38fh;V9M%P_*QK;l$c@f2Of$>vAyX7kB&~vFd-F!%O6)SK zQEnhN>W%aeoB1%Wr5tNuFgNn(JXH7NgH~YZ)|QUP9;QRv5T9g(ksK}CH$8{cseD%{ z^C4OPJUlJ-pdagj>IuVPCCYdXN;mGOo3fe4Q2p+V@H_&W6V6?~9t;DpKLljoT`x8O zIfew7(bU#yQzI5U<#VjyKM`Y#iOsOECpLgWt$Q*NYU zgJtrk0O*L}D+7_jdzE90jaG2@xyLx2+2K*8#xU%BUKrD;MT%a^FT`eWcXg(q=P&F~ zdgXqz*6dTe9!3D;ww&V{i#=0kIQrg7#;^k>oPq6q{8_&N4Rg%Jn<4Py1yf1 z5;>4!$(MvuIl*Xeb~IMeQO2PhCYwvG_|vDil8r{kllIv`|simD0_X0C@JFtGxXr=ji#He$cp0 z(9D@p-+p0Gt@2Vj5ob`hi8&aW+fdgEE2TDL)y!TsPtyk!YoHzt24>0+-N;aw~dWui?hwqDQsHYk!N59 z6AcJoPJ#e2tS6EhrOJ_#C3PzIjacPFU`xRrN&_XZ1VR|HnFTlZm=CK?)NgeR(Pc(s ze#$kMjZ~&%3mKM7ZECr-g@ohhGxaMg15<^hiBwcfM2Gu1m_@_8{qN6xGPYaGfoQS&AL&4yAa^# zuZ?*&Yk=9DZ&5znIM8$k_qu&D0`1O(#^ppVnxD!nLa+E{DuWVehkB(DzOm^xeSUjGH zg|q;`EfX68M8%(12IzVTh#z0Dc$!$#$jxQ{z=yRYW|;K~O}bbUGmvz*%%#}mpiV0c zxCj;GAjDIRQk4YO9|B-o3YHcFe;16^jc9aH>#D!XdgOngK+Ooy?JmU&O(f(IPSzrt zPZ^({7qnQLaDq_ZNU6--!x$W!`+3Ok2WIrHq?n_U|s3047{iK!_m&;XPn# zt;Tm};v=jZHLAXVxjHI!xwK+eyl;1oTp5M;a(#`f5#NDt+6$UFRr`F_sQTQ*W2Yvr z{y|lctbP7%n1TC#@^r;+)CHA-8vz~-ACnoXPNIw5{-^(g6=0X<<-U!TMJTT0 zehHga;!W*o@CRU?X>{2X2eq>H)N<;Ku7Nf-p``B6<-|whrZhFg=%V{N5_YOzi5NFN z$&NJL_AAmJecN-cSYJ(}eE%^6dhAD#Y;~fziCbU%2-`(4@3o0;U245U!K34fR!xj| zuqMu0n<*SS4RKU|)059wdO-az`HhgLhiZV7BXD+MkkaYS6q2VS5Y#j3u94TrHng$y zg+~tdJbd9V{XkQ`2KG62ero9BeM$ILP&*vk3j1-0fE$$%qWKy0V@+0AV6N(I&X**J!|ju8Et3 zhFz${G?L=6Xa+$^M_wcc$1*&*Q!sdz>$(k}Q+i9MXBgES1ZcK+*UK0xKSIs7&v_dJ z=mK=TEi=1SU;W2_5ZX^u(Lbu`Q~_QxJs4U8GdO0;U)1Y#VUDzc(m&Y1D$*jB;D|DG z_Y(ghWiPo_E`~M)(tjXi^hVcB;)Ka? z!GGXyIuhd8VtQ57AUQCA3Lr(;QFAIW`2!4LbL`X6%^cDa(9xecp!HQt`i5^RpJ3@T zPP-0n;`C1{@ktT1#tM>teg!^h96*M0I;Jjei~_{WYJouTUe-LztN_g6@{@A3KOKiy zf8sUEPsq=f{Nu|f<5>q%jv5XovjKx`Op~SqM+5GPofwcN{J%ftKY?fe(a6dxYdMoV@~H>T!%FtB7POS zzuzwCc>>Qe^RBWirR6#BrK`8zoHP`R>2l({>Ibayi0z**O^kO{i5MxNeV~-my8+yu zZ4kk(XdqWphbyW$BQCTQI{N}E z##VuXPeH$};7V4R0Lu4eEhOvA=2`sgNlCfWbu`m!VoBSP4MSQ!qifbiJ@(z4;kJUW z!4h_Mlxn=NRx4Mh%^m4%xk1^_GiW54frOu57ptB@r{x#0BXOh|=~O;Eu%WiEPqQYI z6r=dNi$LnK+b-TZWL_zN*krM(0R$&fGRYls9uX^8hch@>fLbgkOYTezuQ}j>+;v{r z5^rTrswDHza1)iAg&O+44SlzVrD?ezMAnfJp$AS}?ODlnADL+1P-gFyNG$;v&*RPo zjhs=QN!8Eu@;6b9+mmyNn&##x8?NA4mO1Ft!|3QyW9yZUyC>Dtmt6>S6C7)^U+P6h z>X-BGa8*C9`yRKdL;(I*+jI4vrVl2TRr{-$TC?pWN*SY@*$?}~chGzqkwhJE?6TWD zb+|kN69cu#M&yiPmv253$jLWD9xK1uM{1eutcY}Y1oA(=Q|vHXzlDW1!DSI(g}Rda zL7YwW;|AA)3HT-cEQ+2jo}`IN*nWa)F%p4dA)4mRl)br)D6kT6#)F8A&>7uYC6L>^ zT1$cfRah|!cJ5;V&uf@3{d#%swWJ|0)rJpntt=J=xTG^wp0`sPH>F6o&_+c^)?T`; zW(IS~71o|4IXOChPI_<8Ru;YktaJ4%n%pkdhgCjXP#L+cu4l(B-OowT&;ucTy!GMH zJ$c}o>2$qOcV<_P=V*u+oF3G_w?mJHQY^PX1t3(>47Wvpl=&F7+YL-S`1}P;F_Tzb$XN7W=$nQw$EU5 zNVh(|hBfOVs>yUBomHl;TrM;;Tkgim{KO-QlZ>~6U(6gfXPdhNOwIc5($Aq zu^qXs^(U|#P5{@QH60SG7Du*Vo+Lvolp2A%H*>eXm-JA#2gubG25g<9THNKhybyPl z&ilu=YIot4-^JlihLjdjEiDh)6J+hO7&HEAex8yS{L7u-t1+4s+q&(ZMD+CIN+b*n z2sx}dPiR8#IE?xr_ZJ&g*ErEJ;8PFl=Z99Y#Hiq2GqTB6^|47t1Qwotd`@%ad((Y* z$q}t6!WBs?1;Ks*1IvS0BAH|Lp&+G%Z+OFU(=QYC{&vr#OT$%IPBBhL zz%nFkR$c5GwN7g<>+c`pIM_Yd@8a`E2Jx_N49qr0`_n_Ox9QBFwgS>4zfHYMCDEv{ zSQew@Jt_4(NA zOdvdUWAfh9%nNVw@bBG42iHu#n*8`!nGyVQ#ucPD{aDn#8-LtwD#e_8P%^_~JflXD zjk!;xXr}IF*Ds0wii|2XrSx9;62g83tWR}YmxclI^1jw&Res#ZlN~NsfSrsZRo2uS z+Kcqr^Xf^-8*lGbNnHhMW*?%W1=LG&SolElv_62CIfaTBLJl}7j#L2vW6mEYRu6j2 zW0B5jI8idzo@HYW<;nPVq}#tB&d6tj%uqyM?(;2Dgq@x1iFfPFCbn;nW;`8t@XCf2 zV_e`F{KnMzh4SR9S+@XEIubJ`V{UQh`NAZtbo^=u% z%4L;;!Hku^U#$x%DQ*Nsw0H#wQGM+3M*e0hruh^@1#dlouMl-;p?*u+9*1cme?s2;=L3T^Ry$Ky1wbLJqDS#8sdxVq=2VA1W7 z7anh1%(lk$Y&6#js`c|8QAxzdhIP{`fbu{!g`YJGoHuqfgw~-*BVnc3{{}tKWiC)u zs}?}O?2Gw5ED%4g)hT_h>ATV3*fb+PvhHs`JFcKkJFY;VqJ{~`!@Y_qHK&x7zc7lR zNl)P;dyhYB2V5Tpa;oHaF4E<;HUyY`79h-S3K+{Gj-j@%e7Br!mN&f(AklrZl$Do| zoqR5^4&v0t+MAnLTEBJ{yqhU~m^n%_*-8H`P`3+PR0@z@S`_o%9Ym@YvzG4DP8~`a zLkIjpx&E9PX5_`k#Q|9Xxw!IsLFf}S{BKmfV{~QB^EN!mWHQ0T6Wg|JJDHdh+qP}nwr!l)wvCC6=j8tV z*Lv6cvCpaAySrM|bzN24+VZ=x$J%t!@We5u)Qs;lnQD@MB=7I})fy^pTMXKxS`^H} zr1oPgQ5*)vtL3UASr@b;KSJ!A`Q2WQ9cET;!U?3uO04>(?KPe@kHN+9XcE2d|pM?Lr7mt#yp0W z0$J)a8l?|Isn1qquzXlaodn=hgQ)QFFv$A_Yz~J_-`074Id4ts)AZvPU#OWa3EfGH zOSGyE$LFMtqdYet=6HfIj973f2FVLn&3$JZf5sxIhnX6y+}e+MU%?$QxKXVyUB20- zrJl!;({M&Dam5ujWX&q?sf$m1GEp#YNuyx&IAtBWD{ ziqyj%vYl^AOWG5piGl-Cpks~LX`t3dc$y>5?Z+(2mCY^yGnY*`eQiyG2?vK&BEAHY z6Tfpt14QOX5AHKe+TjGr~2 zwu_;DIk7w#MM*UxQKQk8#F5aS;4DlR@zEq{<1T+yu`LQ1lFL^@!J?8=PcstOjhn|Y z?=D~ltXc4Y=B8XNPqZu*nC_oT*X+bY8+6kQbWaT-*phBHlI9=t^O5}OE4%}(wBex` z0ARPaL=UG}{~1~ubY1f_H3VS#GmdOlD$5^AFJi12HWuA$h>f_q3%ca6^s>b}23)r1 z6J|aA*mD2TAf6r>>3)07X4%J{*$=|H{YWTz)jl;A`@(B%;g+jde?F2)c#OZOcJPm| z&^UJWC*E92`LjYsI81gtgCJ#gIFm~1Y9fLDoZ^N1lw41*=Bxx;R=9c>uEHn>sGe4@hDohe>5Uz3Wl8m6D1e(Bh7aw#d?D{IM2& zfzVi6L3&*SdwsmdZ~j;4pS{brcUUcPKD;3KN#&|5!I@e^#T#a2SDwkNVAzU_0j$dTdpSwQyCf zL9;^BRZ4*AP#3uZCihA7gB)hM^J9BJcb6vuWz)fS(SXDSzPxHs;J;5Ww?#aE>m0@( zDev0kUa~l-6e-qn7Xy=@9lZrya-cN{EP-acX&3YKL?>=#_@Q|P7yk-1Qd!afPQ;ki zmU!&u!F&vnDT;#nbbrP0l`W`;(7oiYC44LfIZ6W^j{`NE@jbX>$$VgjjV&%Orj025qs`OhsOT@&Vzo6w{H(bMf-; z!WIVoT4I!;j0H0^nVbDDy@xscMMZ*Y%n$43hU!PG7|K|Q#k7A3iQ$T|J@@*lLK^g7 z6H#2}OE*5Dpc(~cav%O}hjXcvbn?Bflu3&&4bHNl54{F8^W)aFH!*5E*9)nPY+lOL zG>Fy(37g6$V3WFd76<+^3}1Q>+FiY!Yk}e=TdPg-mUoRqd$nT z{-;Om&q5DeoSyZEotX(3+`nVCSc98bTT*C~m$juHfQOTd(I3R;3(;jyI?j&A^;F5p z!@Rh~7)89LlMu>bM2wzQA} z?~U!f1wc}RYmgVy#{OK^37wZ^81X_4!0lRO8J|~}NL+Vgl!*#U86B%h;S$Cc7e8MS2%F7WPM^nk*_<)+K_I8ZiGJnVG1+aWl6ZgBH0oUKFGs z_Ex38`I#ZI8sqfj>YY_b9CeB+XduPbkzQ@pQ?mRmW78cxcvz}OUCTj_O2na>UKq`N z=XF;KVAz4_2}9^7<#K|F!w+w%dV*oY?sR^LSq4J_SGQQ-K3in+yA^{*J<<0_G=MN| zoS4(Z{yNkhv^M2Xs4fi&q-30CP;XO=*bH4Jz23s#q!h@WrIK<;I zRx<($rgvwmACBe$b+e^B!sXcc|Whqxsmts*7m;@8)dv`N%YqW;GwM<9? z*qL@mt-aUHB`7p-LnES8k~b&%c)+~&plN-CM<4$?tM6QkXNS6H!MeYwj&H_by(|=8 zo)QUc_8@<>ss=Cb9q}!XQ26 z?aU-YThRxZ^G2!MV?ujwtL;~a=qg*h8@&Hs(YZfv{GeH2-w29*CXWsQ2Of260!zTy)thpf zInyJluvX(Lt*y(yREqT!Ntweu68LvqAMpYr>P;uL!kV@H^t~qx<5?vV6A8!BLyHOT zq0>F{L`{leAf>OY*6%-h6K3CM@~S+;ro)_cByqV}b3?-)fA(*2-6qm!=&Nf3lv z3hln#p?vKV{QS9QdjKo+^Z^OQRQ0CdQdCe2hKb_Dc^VxTr>#0nvTR!S81B~f*fpzs zfY8Szh$+=&)Y!T){Dvy5Aq$H&>14~*_tLI=bLLV5&`JR;&31L<2*}kZO3P~QJ(;EU zH~_lQ(dw1so=5v_?}DT4Op`oE^R88cig-DXsQwO*1bOzztW(A0Q4KmLfu8Yld6!l~ zEvHOh?1Z+{QP&2PqpSlvDx`)N83(4$hI?aGFK#LvbiLcSI;xHBqOQStUN-oclLP=} zF`S9$3+~|CfWJzJIBWD(VMQox_>Xeq=R*nR5f#Dx?o&_6N2CMve1rME;BAw$K4YP~ zzknRQ_)t0ihkMur`V_D4+Z$k^9qam!BP+!H2cYl~68um0wtV@2T&pV~TexXQye3D<(ph7Kq^k`t!Cn6v$!Q;9j zWby?|n0~<$4U`mnUqq*DAs{S4N}CQr4Xj2D1H@XAoP-UzzTks+pxo=eAyV!a%d7B< zyfj-?5+MrgzXu`^Ysv1gAox;H1Jf7QvWlE|{e=a|5&*H5_+;sTFYq8K2#B>vw&yY6 zd|@r(KsnEwy3pw_9Ag&#>ZH0UF*!LuFAo$5t;PStY;H&;2et|08;Gno)JP)48~TKg z&$ob}puV{-kGP0ujXYstVJK2>Z|@)A{sjL+jtD`4F%!Z-p9Xy?|K7N8Vqzj04ULG9 zP=IK_`4`+VE{jj1hra`!sWF=ZZ0kG-$YJ*OwysisMa8ebfB!m`SZd85SpY23;0c<# zLhQZ(r-|@ypC4L4h(c802@CzUPLS#U14Bf7mPCnu*`VQJv4No>jadxB-IFLo{b3@@FCYpyX+ZA@^htKIy3aD{KR{(uMd-s%g#61Q@5}_HZ6rQ9-5I<{(~(jDoTojO*3Y z621;@|oZ%c#x3hhJwcEXs=9%jDuLUz3I2sI3V#X_jnn9)QS=oi4rO{ z-ucIZ)B154f=^16t;t!9-8+MX_+nle-hi`(EVtO#q)rO+5q)F@M)KfxyX3~xe;=$e zp5Px|DfSYPH)JO0;{Z88jn(-RVfH(pf(T1|=0$GImc1GxkxUdU)>aEkeiZsfPF3^7 zhUQ5a37wS=Q>R^BgeO9{cdE7wh)%R|21!-@?RyDH7OEdgUmeY55-lwIwRab$v03sq$E#e6__@Xzd z{oh)`V13^B;7pH~BXN8u5Dj^7jsdpU-UwBBu+mg+EI83{!`T zclic{7;sS{(F5@59V{l8DiV*wqgAiaujEjiu55K!tUf7C9Q;#$no9fDsV4!OPMzH!L_azN7 zc`{2NvN|Nw%qhN1mx7d0L>GQFuu%{m;elC^zK%Abe0HTQ+blpR#+5YUB{x{jFpk@vM}@O;g}2b1Hq=IS*}2M&Dq z)87~Hmt}f?;GLg;1kSJWwMRh^HNzE_Eya5Cq(_a4{537xWiTBW*z-kzJWiU2%tW*n zNFK(UEuyrYk;+Tzqanl>JGF&&b83eS%|x=Dla4KGJ~i`#SK2m9L_~zlsq z5S10TIa77I;1tUkZKJh*ygTGg<0<$&pp|q**?F1Q5#TO~F};HzBTqI(osqG;i^+sd23wy^`pt@Fg-U}O^D3Bksx3cOtfy?vl=w*|50LZY zelKr3A%rl+wt%dqt3MEGl}7?Qc1%9w+?B5 zJl|B#R8%{3JxnADZ}JR5w^OBBo43eUES(NcateUOiKT}=g2f*i9L$x?=80rY@?kNO zSwLTuQL#jt=1F)Xty0RF7djXxI$sjGEiLKN7PLneMh+`KJGGWq=raOyL!xi}8HdD~ zOPJ32EB7?5sQ0Jv00Dk3VcXWMKNs&W_maOCu?}++Ert34h}9K2)0*vwORgp$y(rP} zg7t_%7#xTv_aw!nhlQwld`Fu1W&&P?tZRXg9uoapGUok6s}BTN^N66DVe6_x{YroR zuL@5EuCORWf6Z7W-4__bXMvj$$BJWP17*=%OH8{3N+x+3ygVc-D@64lsGrUFk!ebo zb?dh+V#?9Gpy@EpXBg-ziOG1~d0?)t$q2tO!Y3hnhq+u~m;6>|4z=jYs!ZVgS-cL7 zi94@{nYKt`EU3Ru=p1>3X=y|quV=$}lYtjquEmJ^AP0d%+Om^e@eox<6h9|?t^|pF z)YB$q_o5&%hp?RqE~o~`Qt?%k5%C#_J3>Ti8b0kEWX;FhVpIXEfO~g$b!OvFQKzuN zU{G{|(Xd!iArES@6f!NiJ3T4LcrLY|@~SxUe1&I|WR%10@j;2%fa-psO+?o_5`B5} z%-3MNF8d4$ofui`cX_G+Dct`Wd5xeeUo*&zt8ch{Kx@L!?L* ziM$uW5k|b-q?2}2?4qBc5z`N;33k0dtX=Fg*(m_&nMgE)#Iq8Nv_p$6feX27F)=}| zxdc9|r9UbT+k?#a5kQLO%b+yJX;m<+bwi3O*UFvQ8I$ikUtq;NMDceyG$qL?Af7Nl z8`=7oz;zRvJrz{IP?Gw(MJkz$Sj{^wVCW$z+P*2u!+PcMaz8!CXVAXAasdEs1RtNN*jg=jTgGoH-8A3f zg>{_%k8e&53Ues^cg;pW^Jkd5iatN(1#pY!<3`vjwu3iAW^B?9p@4 z&<1u!Ol`ZEID54aAF0~j^>`}dDY&?d%!5nt8s$%F0aqB%4&%YCybf^3kwUa^!OV;zD$Je2~N+d>vi+3uFk?pptNjTlbQ%+ zta7-IOqa*}=W=r*!?#{ld#aFClrY1&24NW;s64?6u_(8+L+&>;AlPlu}VV!SqF)&sb>X$&d| z@kO%*`Ib2D@;lRej=+gQU#UPv3i-0*JsenpeGgAaFn0orK+=fDB<;kpcH$TIQ4aOt z`HT<+_nW%cjW{!XnJMlh9~~Q8a29g?xskac;W=%0Ck=KNIxf2CchB4Pfpw&!2n`Kw zYIF0DX|4TtD=F=$kVo`B_Nujg{fkocegCnS{pt0UlGNMzXN5nJ=$0T~_OZu&s4D4S z5(6hX}YWcL`08}qLwJ1)h>$NEd0 zW!9*l`}FoH0<~N-*d~=MJ$5|8Ta<$6HcI%)aycTCLA~?j14pkLvp-EnA9y>+S z)dL*v)mKJ}N;uzHM7Os!6JPhmdRy=& zX)#EyR&oO#Bft@>SP{`h|4MzT5^;c%T)Kr5>#wz*K!CcR0N40`*9m8G4cRo?zO($M zNSPr3k*8%;7tM2jNiZj%$vzbx+Pry9@iCeJIRslNkZW{us zqz^Uwd`L&eOxkVjv%`2t{3;~ERSlRrz%(H-5uctOL0;ZyTbzJIdUB7@Tct^>-6?C> zwDfEe380`#PzeR%jv+4iEoUv{qOs9)6Hl_v9Mg^qd=TOJ&u{$|=bleYbYFgQY@d46 zKbTSuVIh>GwMXkp4re$Z4Ae^|L!IrrpYRCZmDt>Nq5L>R@-VlQW!Selx}K}PIj^IH ze+ahgO=l4=6}R)sr%2 zai8`tV6=`yM2CwIB4|`GD>KAaKEQfMMM9Mj`emR+CBox3!%KtaugI|%l_`29-CX4o z6oRHQdUaB3w?3OLg`@ePiQjdlKyYZwfa}KaGm~2xd&fk)TMYBt8!95AAE9WJ>MXn6 z$YRj*K2rogyJX{aJWU}u^{2rqV-`{$sk~mXB$PF^tgOj`1BD=B3 z6_1L$I2GOF6%Jg6ytC}$=f;jrLMkp8Aa92f`uqB(YxPBiyQF&DhV!v?7ZaX2v(eGf zDYB>f`}^++?m61(+ULvVONk)Z`0*I4Gg!`;BB#aaZ>mb@L6#|58`DKJu{lWfp8u7N z6pa=NT=($7vp3Hq?KjLft_zdihFX}j^!W`V`ATE`Se3}yb$ueQrbN_ox%q(*T>WGW z3m7L{vz(%Fxk@<Z6H@gy2EfF;^0%`7DAjAS~%B(R;kq7z>I8I_pl zJw^8m1I^bjMVG<@*&XH(uCr}!52jYEofX7ie>Ltow}?p1+9vlnO#&i3B1fMdFkotg zc?6f4#*#*PNY09`YvTw+Y}sBYgze{2NJVquTN%kK3&rbCflU8`vx zX>64e6ugz{XPGUP6PN~OExgUU$!h6x-xL$7*T@#0hsZQZftw z7VUnAguZ~^lua%RK@+5p7_MWej*$A%isnp=;LjUkPS;@*@A|74#WsuC=@_KbwX_#0VR5IH&#r&` zvp~081;HNv70bc`$!|-KW>JrTUX((P=I_=#L<_o0=T!okeL39o(|F@@@CXV6x84!) z<0~)BhVxcrETJd?Il1`YbBF!WWYSX%zMw9ZN-^xIdJ7Sf`JA!-KnTLA_3pXD`P9tY zhZ(cssL)G;@bbro(>P;tHj6d0%)WtMcwuCyYA55I+(H1MhIYS@_}{cud*Yw`v)6dUAc1DTqZoQsj37kegK(2$N- z=N{dg@fMrF@!zn2$|MeqrJeyc`$R0)MmWLdhmjre#n+$My6m9CC|Kd`ZgIgv?ce^? zk^Ttg77pWDvD_=x52QG$CoDV+7Gm$J-E3ERp8Omebi0ZB21;Kcn}H#!j5A_@GnBIf zxhfbWMT|YHoQ;MaA>;sBnq( z#<;N2?yRD;!m^$(3Wscr1fEWDXP52$!43>3j@sUSsh(?wzi@T=X-rU5!=m1(TDmw%cXLr+=Y^!nL>~cNmxEdgt5s`cZ+v8l0s=JYe z*70^tidT(iV3isith4Ul8;`o1yTiX6*Yr)}_H}Q)jgD$D>o`*MgdfB55g$2>Tl94lAZ! zjm@ZK!&vPP(`xUi5BsftbEG&Mg9|3EcMdx56TQ2#b$|A$xsl;k)t7TsqCl;lju|-r zf}y@bID9g5XcVfIumR((fim*_`h7xvXUtixkf-5l{#)Gi?x%kPp-5s|)uy&Q3>E5n zoAbi>6OID?B#IUC*!u#IXs4}NsefMU7P6^hALR+xai2gSy z7h&>`v&d|!O{CGS)XRQao|U6UFTm#`Y9Jb&uFnhC_fHa>bp7Y(=P=eshfTYNnWOF0 zQ;e~hWYkG%z8~u_oj=2HDY`Fj65r(9+!&Hpm?`p(Y8s8C0fi8md~gm4 zIqAKrREBAqUr6?x9 z{YFLA*v*)f1@F|{1O4OozSgXF9|Xgess!bwibr2!6ly%jzE(jptso2Cd(6TWyKL)o z^IgdlyUjG6v_phRiK3F7K6D()4MJw1)1hs!j$fP_AjQv``CJMc>|x(kCo%0xEPBVV zUKY=xxkV8}ZuAO(S*|&-H%L63Lwlz0!&k*LHZ6){^c|-o4M~@jWJaebrTUjSq`KJd zuo!N+q#-xDK>VKv8o!HOpP>7&$wlu5kLz#D+5XP$DK(#dW659A26Cjqwu~? zV$v2Cz($L!#<@7gOk&45=N=#Eb&Wx{+3e{G?sXM|p5}v)+uUjrJM!n3|$6i&p zY$J|3N|_WA&$+1HDxx?t2vz(Vy?1^Oew_?VS=!z!5$zM?I!WBFX_Io0^2zk;f=z?< z2!^H0G^Sn{p@C4w&4IjNCd}iH3vlWtCzxgh)$Bj`s)UE%jieO|Q)zTbDVrP(7(I>G z*Xv$`Gvb8?a+<4n1_Vc875pxOR!Q9AYC0H`x`Jy%=|du!J2a61su=-@TNQ~%xEtc8 zS^5U>{CR$S{`fYhM9;#_y72+rIj7Qqx7nZ8Mb|}8*0U$H9>CAdsP4WM0TU&-vAcsZ ziK*NC0*9}r+N#5T4W0?l6jjlmjg=BjNjP<=EW(pFACeQIg@&od3q#dp6P!@nTr(<9FI z{)=8=orUkW-P&zceZ4~*cTFKTqdT0$4ktFpb{-l46eXqckq_(vbgAN*{?elu7yac= z6Y;a~&uqVwjzNuLUtU}~U!XU#=d+m=8^?Wy)z-Y>;vrS{v|l5g&%EVu8#_hg@#$a^ z**zgPoep9{w;!4X&l+Xg=~>eFbH1NNeMd~|7Eck5BQmBl7vuS!n! z(>V=^j#d%UNZx!7w`|+9*E$tfJAwdn#w~gaOXl+AO+pJJiP8!g0!L%H`Q=JYe>$An zMI5CB*!P6Edb>4%T?~(C?LRg-dt6J0!tg9z{qz1T!VBqQvH%-VxYU|xO~2CDug8JM zvQCJ-$r@xuNZhV`lkVb?0CX53gTh>cFlDFL=BaUJY1cxE-`%ez;i{t7c#@rAKvs9z z0qGW$Pt>@O=(){!HXm=U_ZLn{qS@ghE9Zsix9r;g;C`&I%>Oxxw6wP>vlZio@%OQf zv*#iq0e>4~@UX9G0^*(~QeZAo*I8(v16bZ`8%{inh1S_~5i8izR&{NfyGc4p*5BSq zwh6t3V@96HEcNOhA+#x0!I0Rw9ugAnTAMwavFr2>hBRuGU2I&HD#GcyntiJAH3e%QH z3y|vXwc;e_<84ELWa+rkO)`H#V5Cbw|4e1K8lT(KoNDUYOuCr)LcxU;pQz6~M`k$T zry-SiZ~Rq1i)!hur0N&KEX7wjMMxA}I6*mjPervDo48M(UuHIJpPA6xImO7A>fpD< zt%&~cEHVFmFF8764UpM%YxA;D8y+^nfCeV@#=3hhm|}Mq8aH)w)xue`=iYGn^2^}^ z{c?QS>p-`n1HmETPwvcU4s`oAc=~+2+$xAGuHBp|N@Jml>590O*PR7!JajsT;b!r?Ef6f3=>$ zKwk`+7a|-5fH?*s)p#F6dqZQieSLU_RM9dG?ptKKUS?8sPKI!w ztl{%@Impir*rt*qA`ggZAm)F75U!ls8jD(`-)jB9*H?iM?@}S?iC;^Kxo0B0#@OS6 z=Sc(N<^@(C&j3#a%b*wJfDin0KKIyVLmc7mpB_I zvct>R2?Y^L1UX36UW&(lt3}X25A<*?K0MtdtMl&V9r^$CR*oTHRr<^Dr7aRg5%9sZ-GKE_s1>Zhq7a93RC z_hAqDd`dQWiuNAvQG~tu&!N~{arY0t<$G4b|5C=}B5bQ%KL1}N<)P>0Pw^Ede4+Ch z=H$_@!+;OsSaU%1gPcv)54gxa=i^KUvNY{VzW{2O&~NFaDe)APl-y>EN5d%>Oj)Z& zTmn)Q|I0Ar|IHrJKAyB!Kb;=h=K01D=-w&G9K^J0;eQv)CKX^WAN&7>SjLMQXeuiQ z2?oQG6R?2Jl`4|1+l^5J3c$m|mDhFUBm}=&Z5Oqh4@lvlbUn@1sl%=JX8!pzf|`gY+`BR@ zPmJm4?7)TN!d{<-?pgXgWn+y)Iy1F~+mmUw38PNWXuDq)N5Bt%1QDiw;1q}6P_KW{ zBO;S7=df4)QMn-K3)f}?y=Un`0osi)+)PZrn>XFcU-sC3It498r>3S-Y^r`5dVRnm z*b*dpb$sV^I`0{hH2$Vmt$zk79W?tEU$BFiYqb_+`LgxPT}aB#*sC(cW&bU)tkSzO z1A3o!h?CPEE4A>nro__#OL z5~LdKfFlOuALTf9kj`m*Mvt-E@be`zMKeTu zmlsU8Th_wArR#Ly<=1w`$^MmnS>XPU1|bQ7Xa7fS2?;MqDJ!&NYQh(2l)b1-0 zbGASZknSHf0nFbBV!dgrI~O1`@G|TuusDH|G0EfNhTW+th=UZ&Eiz#_I2X>cEp+Hb zm0BM#Nvf~vJVBC?ohlsB`a|a*uiyJ!a_U|{FU3d`79$ik)#1MGT^gT-2LrAXH{{B% zPGjr`qRE~yTG|1zbNv2A70Q=s39zuDi=*%^I69ummms`cC{GsfomvsP=mCg6k((w2^M=RqZE5S2K#KJz>2bq&pY}yGs3VaFgt? zW-8$M>8wB14#;)>ecaaCJ#>yET7fOsW%$u83goTSZizJKtVxKjbI%yt+6UBleX4c3=xy2 zguvk$oojYVlkKlXUrusq75?e# z!ei@Fod(lV1A8nY9IcIa`0Fxih~)dvB$J}BjPDx9u`wa;ucRiCMN2l_Z z^Vczj{q?It*72vK)PSr((lIaUze1U(&o$1q<&rX{C|=80&?X3Cvu|q>g0AHA%z)p# za=)0&@i3b)74r&m_<@GjT;(w9pENZ>M98fTw6M>s2NA8B`)8^4v!b}@#ZvVRsQ1kNDm4tdu$&;78m*&Pwc~m!0$rLf@`62J>9Fo(&3yW<1c{@&?Nm*D}sGzJ| z=9-!?aT1w2nZ+iF(tYRa;Tsama@1beQU{si^i(N@6UJD(>B;TQ$)+Gj>k>h5*N0e= z(g{(Tgn@Y1YOC94p{sYI>(pyLI>~Qp#NlgbO!NJi#m_dQdWrhsRbj8}7L@+D*eP6A ziTh+UjeKnF3I!FRsDxxNO#}x1QOCNAM{b=`v1BpVnSh#y*&=+GR|kdKgARkkDdt#A zN2RfSLQn0x=EpesC-g z66?-eo_4_O!h57qchEy_m;r4Ehlgo|%Gjh!lG(3vi%pd*Ive;IV$e(7G-ro=@Ka)5 zlaQs#u?^%$mr$keM;wXb-hPsOPhc_S+0KIR;A)+E`G2TyADe7EE2(HAE;W4CoO@Rr zXPa6jl5#tXl&a^U4!0~uvo)%+cDZj}`|Nx_))KmP6RAoTkGw#T!rR0S+6NW1Kf4@` z>#d+&H^X4U-#=oJ+7Eb^Vt-!y~_3=N6j=xj9rkkL%4FoXe=7Rz3jhDHy_VhxchS1*f0 zQ*{j^S*MY!YXWNU!Xf%mNPDiYQNB1SK+SeY;oT3oqI85%o8#vz0r9L5a4RL1h}rFQ=Pw!4n$L4syNdqhx`&YE|GF@kPWN#boHR-TPfY+l6SEX z1tqf4NAx-5bI;+oLJ!VL?}2_l2I(u!CTZYJ0_s~#w*31?^4M^>3d9f()ppT~mV zG)#;P42DbO^EFq-(7wAUM1br96VQUg`v8p&KfU#%sX)~KdiM<@AiutT4y$?HE?ghx zrT|Sae5o|2bv)OF>o+KC;84t4DFJsfKyH*A^n3W+k_Mb$6 zLqxPq05YWKalI>i%N9>6%OVhg1Yz&x)y2fjJaRCWJORZ%&O*ZI=;$aeGg%&&m`IL| zooNfVK$N~~6<@Ul>hUt6tDupt=7Q+_(*pQ3K2Q+Qs6iJzqRdGKSc6~Q5jxQxw-bAH z##7#gn;qge8_vf2AFre%U7nQ+>KtmYSZtKU#LcE&llwp6vf|zUbxJ?{>BD?DlTnKNHZc@j9wLLaWLgZ-K_LWnk00R5q;M4+`k z0!%N9-@N7JJ}o^nJF5r4U^E)fQH`vLP+~cFe~cb}dyY3eTNJD_5YIh?QBY&o(sn)Y zq0-{e()N1Jq0(T{VzK5aIhr$=EBb!Oo_wyJH}NisH4(^%z6<@?JYk7`WV8HwIEnnZ zT!j1y92Pv^00=e|eIZG{h+2`?*MHqAto%uBkQ{z+drnNkHG5=%5fMzT+rFBvN122a zJ&b=+qRX!)V;(nOm2liGiaK7ac()p%pMP=l7Ck$3dQ1IDm5x@`gvo^=39;J7xMAWR z@>CS;fAqM&Cn%QvS-#c>Onq(?ZhPRo>1wQbua*j2SIl1x7(fDET+&B4@F0k>`KaG@Ou}Z2S-#(vj71 zi&I)cM(5Y=!5;9aLfFFTgq28|MHbh*#Y07@G8xy_)_=1fUoRbXi_IAo;_;SitGKd9q{%j<$x90De{qt^-E#Xy3w{u)tu8{vo@N|6vumg`!`86^Lc zysPLl#-!`~Xc<<}cDq6y8~hIIPDfSc$~0==>?V@sW|q7anRq`cy6}g45nk^4Hn5b$ z4A(|e!MB(7(%;Ve$yJt4pk2;pK!yU`fUNjHt3v2o_&sW%riwT(TlD2fF3(*)I)T9FEx7MaO;u?B)2#XE!*^ZL}BgwIP630HTf}vn@D9V9-Du4%B8gQ8{5Vt#>CufWe zCi~t(2G09Dk9=J(vnn0Gq{FKV<~o-2E)t^SenC26Z2o63S|mot^PW_#zDRY-n<3iu zU@JR?%LL>MeKaJCug)-IFIm_I&+&|t@oVM#D1ugn(u1|+|#GF;3t|OyGp(D+4C{;Duu=0!$)J+6mu*U&3K9lxU>c zC0oqgYhwau)2du?P;4$9`u9HQjmFj&|M|wNU`eB~GYC0a6Efjj*L0ygwp{FrT6LBe zt@HRVSpde;zHN*bp#Nn}(tvoFJJmgnF^?@1NEN}a(d!)mNw2J_-0n>Xno@YXJ~n$b z0v7gbqSb6FPqd}O;7FtRqS1X#Grvu36puTtv~IAeXN<8Tp{jvO86enhLmR>{p{sJH zRVOlKG?qwHpQ>@Lyh^L%h6|}|jJCvi_J}dChf8u0!(|O9NI7>yc=l9m6 zbJ?Xuqf`rruiYnJpkeST%pDlMT0?zgb8HP%%UW2t zZY4jg`!=N*+7qE2!*^kejb_E_0MeI;e%CADPL$&fN=^(wZ-dzLfwC!rvQ47lLXTA4 z^ErNq{=4lQ87>g`687LO|HCyPYUID;T?Vos0<9mh>#=^y;eLa-SPFa{hm(2lrz$-Q z(%0$1h9AQ~!65P8zdUMR;|&Ta5K)^7Y`9ntq;CR(en?)tzie|7^Ft-1R(r2p%0+ao}-_ z@IMPLV!=`B>-eQxhhSSEnF^)n@tJ9xXSb^k-FfJ}as@WP>KEuVfl1ulzBqjoZFKby zGET<~&cNXZU@cY@kow?AGdQMU>b>bXTfn!Sd0Bh?cgSl?;NBKQ2_mZw=tm~W23mVb)c|P2n4q0TuyG31*zKM(U9~; z$)^n1%5`As6j~sm?$!4er0RexlSs07;wEiS2zpF$u-dlZ&AWGgTWrCO1IC031Fzrl zcVFJVeap8ysTdN@E}Stt3LM>fq|N=JqN9D~Z{EB)33wV*Mm?yV3v{3WJ7dHVfh3v# Z>;eL>{!Cy0dJgDPJWp3Ymvv4FO#rb^*E0YB literal 0 HcmV?d00001 From ddb836c1e064da020545dd4277797833ea690925 Mon Sep 17 00:00:00 2001 From: Jimmy Zelinskie Date: Tue, 16 Dec 2014 11:22:13 -0500 Subject: [PATCH 0366/1291] Rewrite tagging paragraph, title-case other titles --- enterprise-registry/github-build/index.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/enterprise-registry/github-build/index.md b/enterprise-registry/github-build/index.md index 6d551f377..af9bc4988 100644 --- a/enterprise-registry/github-build/index.md +++ b/enterprise-registry/github-build/index.md @@ -38,7 +38,7 @@ Note: If using public GitHub, the URL entered must be accessible by *your users* View Application -## Change the feature flag +## Change the Feature Flag Next, in the Enteprise Registry `config.yaml`, change the following to enable GitHub Build: @@ -52,7 +52,7 @@ to FEATURE_GITHUB_BUILD: true ``` -## Add new configuration +## Configure the Feature In the Enteprise Registry `config.yaml`, add the following section: @@ -74,10 +74,10 @@ GITHUB_TRIGGER_CONFIG: { } ``` -## Tagging a build +## Tag an Automated Build -Tagging a build that has been automatically trigged by GitHub can be done on the repository page. -After selecting a given build, the right side of the page displays tag information which when clicked provides a drop-down menu with the option of creating a new tag. +After getting automated builds working, it may be desired to tag a specific build with a name. By default, the last image pushed to a repository will be tagged as `latest`. +Because tagging is [usually done client side](https://docs.docker.com/userguide/dockerimages/#setting-tags-on-an-image) before an image is pushed, it may not be clear how to tag an image that was built and pushed by GitHub. Luckily, there is a interface for doing so on the repository page. After clicking to select a given build on the build graph, the right side of the page displays tag information which when clicked provides a drop-down menu with the option of creating a new tag. Create a new tag From 96b9e85e2a133d3b842c3e4074792cb8112d9b60 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Tue, 16 Dec 2014 10:49:26 -0800 Subject: [PATCH 0367/1291] cluster-management: add etcdctl env vars --- .../setup/cluster-architectures/index.md | 30 +++++++++++++++++-- 1 file changed, 27 insertions(+), 3 deletions(-) diff --git a/cluster-management/setup/cluster-architectures/index.md b/cluster-management/setup/cluster-architectures/index.md index 399c452a6..68579c45d 100644 --- a/cluster-management/setup/cluster-architectures/index.md +++ b/cluster-management/setup/cluster-architectures/index.md @@ -103,7 +103,7 @@ This environment is now set up to take a beating. Pull the plug on a machine and ### Configuration for etcd Role -Since we're only using a single etcd node, there is no need to include a discovery token. There isn't any high availability for etcd in this configuration, but that's assumed to be OK for development and testing. Boot this machine first so you can configure the rest with its IP address. +Since we're only using a single etcd node, there is no need to include a discovery token. There isn't any high availability for etcd in this configuration, but that's assumed to be OK for development and testing. Boot this machine first so you can configure the rest with its IP address, which is specified with the network unit. Here's the cloud-config for the etcd machine: @@ -111,9 +111,21 @@ Here's the cloud-config for the etcd machine: #cloud-config coreos: + etcd: + addr: 10.0.0.101:4001 units: - name: etcd.service command: start + - name: 00-eth0.network + runtime: true + content: | + [Match] + Name=eth0 + + [Network] + DNS=1.2.3.4 + Address=10.0.0.101/24 + Gateway=10.0.0.1 ``` ### Configuration for Worker Role @@ -128,11 +140,17 @@ Look how simple the cloud-config becomes: coreos: fleet: # replace this IP - etcd_servers: "http://10.0.0.1:4001" + etcd_servers: "http://10.0.0.101:4001" units: - name: fleet.service command: start write_files: + - path: /etc/profile.d/etcdctl.sh + permissions: 0644 + owner: core + content: | + # configure etcdctl to work with our etcd servers set above + export ETCDCTL_PEERS="http://10.0.0.101:4001" - path: /etc/profile.d/fleetctl.sh permissions: 0644 owner: core @@ -214,7 +232,7 @@ Here's an example cloud-config for a worker: coreos: fleet: metadata: "role=worker,cabinet=two,disk=spinning" - etcd_servers: "http://10.0.0.1:4001,http://10.0.0.2:4001,http://10.0.0.3:4001,http://10.0.0.4:4001,http://10.0.0.5:4001" + etcd_servers: "http://10.0.0.101:4001,http://10.0.0.102:4001,http://10.0.0.103:4001,http://10.0.0.104:4001,http://10.0.0.105:4001" units: - name: fleet.service command: start @@ -223,6 +241,12 @@ coreos: group: f118a298-2a8a-460b-9edd-3a9b49df504e server: https://customer.update.core-os.net/v1/update/ write_files: + - path: /etc/profile.d/etcdctl.sh + permissions: 0644 + owner: core + content: | + # configure etcdctl to work with our etcd servers set above + export ETCDCTL_PEERS="http://10.0.0.101:4001,http://10.0.0.102:4001,http://10.0.0.103:4001,http://10.0.0.104:4001,http://10.0.0.105:4001" - path: /etc/profile.d/fleetctl.sh permissions: 0644 owner: core From 1570ef816cc2113efc293fe3658beda4dbf6c5d3 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Tue, 16 Dec 2014 11:13:20 -0800 Subject: [PATCH 0368/1291] running-coreos: note that python and pip are required for supernova --- running-coreos/cloud-providers/rackspace/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/running-coreos/cloud-providers/rackspace/index.md b/running-coreos/cloud-providers/rackspace/index.md index 09db6f239..ba4e25b9e 100644 --- a/running-coreos/cloud-providers/rackspace/index.md +++ b/running-coreos/cloud-providers/rackspace/index.md @@ -178,7 +178,7 @@ We're going to install `rackspace-novaclient`, upload a keypair and boot the ima ### Install Supernova Tool -If you don't have `pip` installed, install it by running `sudo easy_install pip`. Now let's use `pip` to install Supernova, a tool that lets you easily switch Rackspace regions. Be sure to install these in the order listed: +The Supernova tool requires Python and `pip`, a Python package manger. If you don't have `pip` installed, install it by running `sudo easy_install pip`. Now let's use `pip` to install Supernova, a tool that lets you easily switch Rackspace regions. Be sure to install these in the order listed: ```sh sudo pip install keyring From 96854d499031a4eec5e8b6ed9f68892288f30e38 Mon Sep 17 00:00:00 2001 From: Jimmy Zelinskie Date: Tue, 16 Dec 2014 16:00:16 -0500 Subject: [PATCH 0369/1291] Add custom contact information. --- enterprise-registry/initial-setup/index.md | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/enterprise-registry/initial-setup/index.md b/enterprise-registry/initial-setup/index.md index 718bf5d9d..489b9dd69 100644 --- a/enterprise-registry/initial-setup/index.md +++ b/enterprise-registry/initial-setup/index.md @@ -70,6 +70,17 @@ SERVER_HOSTNAME: '(FILL IN HERE: registry.mycorp.com)' # A logo to use for your enterprise ENTERPRISE_LOGO_URL: '(FILL IN HERE: http://someurl/...)' +# Contact information for the contact page. +# Supported URL forms: +# email: mailto:some@email.com +# IRC: irc://server:port/channel +# telephone: tel:number +# twitter: https://twitter.com/twitterhandle +# generic URL: http(s)://* +CONTACT_INFO: + - 'mailto:(FILL IN HERE: support@email.com)' + - 'tel:(FILL IN HERE: +1-555-555-5555)' + # Settings for SMTP and mailing. This is *required*. Note: "localhost" will not work since the # registry is run inside a container. Delete or use null values for username and password if # you are running an auth-less mailserver. From f8e71f3fef27cf903375a26e075254ce474f30ac Mon Sep 17 00:00:00 2001 From: Jimmy Zelinskie Date: Tue, 16 Dec 2014 16:29:54 -0500 Subject: [PATCH 0370/1291] Add Log Debugging article to setup subcategory --- enterprise-registry/log-debugging/index.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/enterprise-registry/log-debugging/index.md b/enterprise-registry/log-debugging/index.md index 71638e727..ed656a392 100644 --- a/enterprise-registry/log-debugging/index.md +++ b/enterprise-registry/log-debugging/index.md @@ -1,7 +1,8 @@ --- layout: docs -title: Enterprise Registry Log debugging +title: Enterprise Registry Log Debugging category: registry +sub_category: setup weight: 5 --- From ca38224de5f3763b4597999aead226c7a0ce6607 Mon Sep 17 00:00:00 2001 From: Brandon Philips Date: Wed, 17 Dec 2014 08:08:19 -0800 Subject: [PATCH 0371/1291] ecs: add ecs --- running-coreos/cloud-providers/ecs/index.md | 43 +++++++++++++++++++++ 1 file changed, 43 insertions(+) create mode 100644 running-coreos/cloud-providers/ecs/index.md diff --git a/running-coreos/cloud-providers/ecs/index.md b/running-coreos/cloud-providers/ecs/index.md new file mode 100644 index 000000000..d2889bb62 --- /dev/null +++ b/running-coreos/cloud-providers/ecs/index.md @@ -0,0 +1,43 @@ +--- +layout: docs +title: Amazon ECS +category: running_coreos +sub_category: cloud_provider +supported: true +weight: 1 +--- + +#Amazon ECS on CoreOS + +Today, Amazon officially launched their [EC2 Container Service](http://aws.amazon.com/ecs/). +ECS is a container management service which provides a set of APIs for scheduling container workloads across EC2 clusters. It supports Docker and it runs on CoreOS. + +In order to use ECS on CoreOS, you’ll need to add the “amazon-ecs-agent.service” unit to your existing cloud-config (or just use the cloud-config below in its entirety). +Be sure to replace “your_cluster_name” with an appropriate value or leave it blank to use the default cluster. + +The service listed below pulls the latest official Amazon ECS agent container from the Docker hub when it starts. +If you ever need to update the agent, it’s as simple as restarting amazon-ecs-agent.service. + +```yaml +#cloud-config + +coreos: + units: + - + name: amazon-ecs-agent.service + command: start + runtime: true + content: | + [Unit] + Description=Amazon ECS Agent + After=docker.service + Requires=docker.service + + [Service] + Environment=ECS_CLUSTER=your_cluster_name + ExecStartPre=-/usr/bin/docker kill ecs-agent + ExecStartPre=-/usr/bin/docker rm ecs-agent + ExecStartPre=/usr/bin/docker pull amazon/amazon-ecs-agent + ExecStart=/usr/bin/docker run --name ecs-agent --env=ECS_CLUSTER=${ECS_CLUSTER} --publish=51678:51678 --volume=/var/run/docker.sock:/var/run/docker.sock --volume=/etc/ecs:/etc/ecs amazon/amazon-ecs-agent + ExecStop=/usr/bin/docker stop ecs-agent +``` From a3f58c2b546c1637a6b9dc60b9272bde5be61b87 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Wed, 17 Dec 2014 11:28:36 -0800 Subject: [PATCH 0372/1291] running-coreos: update intro --- running-coreos/cloud-providers/ecs/index.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/running-coreos/cloud-providers/ecs/index.md b/running-coreos/cloud-providers/ecs/index.md index d2889bb62..99c4c293e 100644 --- a/running-coreos/cloud-providers/ecs/index.md +++ b/running-coreos/cloud-providers/ecs/index.md @@ -7,10 +7,9 @@ supported: true weight: 1 --- -#Amazon ECS on CoreOS +# Amazon ECS on CoreOS -Today, Amazon officially launched their [EC2 Container Service](http://aws.amazon.com/ecs/). -ECS is a container management service which provides a set of APIs for scheduling container workloads across EC2 clusters. It supports Docker and it runs on CoreOS. +At re:Invent 2014, AWS launched [Amazon EC2 Container Service (ECS)](http://aws.amazon.com/ecs/). ECS is a container management service which provides a set of APIs for scheduling container workloads across EC2 clusters. It supports Docker and it runs on CoreOS. In order to use ECS on CoreOS, you’ll need to add the “amazon-ecs-agent.service” unit to your existing cloud-config (or just use the cloud-config below in its entirety). Be sure to replace “your_cluster_name” with an appropriate value or leave it blank to use the default cluster. From a32f01566a5c3a5a44f4ba6b78d049c0c7fdfbdd Mon Sep 17 00:00:00 2001 From: Alex Crawford Date: Wed, 17 Dec 2014 11:32:03 -0800 Subject: [PATCH 0373/1291] ecs: fix cloud-config - Only bind to localhost - Add LOGLEVEL variable --- running-coreos/cloud-providers/ecs/index.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/running-coreos/cloud-providers/ecs/index.md b/running-coreos/cloud-providers/ecs/index.md index d2889bb62..dc6924913 100644 --- a/running-coreos/cloud-providers/ecs/index.md +++ b/running-coreos/cloud-providers/ecs/index.md @@ -35,9 +35,10 @@ coreos: [Service] Environment=ECS_CLUSTER=your_cluster_name + Environment=ECS_LOGLEVEL=warn ExecStartPre=-/usr/bin/docker kill ecs-agent ExecStartPre=-/usr/bin/docker rm ecs-agent ExecStartPre=/usr/bin/docker pull amazon/amazon-ecs-agent - ExecStart=/usr/bin/docker run --name ecs-agent --env=ECS_CLUSTER=${ECS_CLUSTER} --publish=51678:51678 --volume=/var/run/docker.sock:/var/run/docker.sock --volume=/etc/ecs:/etc/ecs amazon/amazon-ecs-agent + ExecStart=/usr/bin/docker run --name ecs-agent --env=ECS_CLUSTER=${ECS_CLUSTER} --env=ECS_LOGLEVEL=${ECS_LOGLEVEL} --publish=127.0.0.1:51678:51678 --volume=/var/run/docker.sock:/var/run/docker.sock amazon/amazon-ecs-agent ExecStop=/usr/bin/docker stop ecs-agent ``` From ff2886df594dc2e0849d9cf5bc0c6e44210a8591 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Wed, 17 Dec 2014 11:35:52 -0800 Subject: [PATCH 0374/1291] running-coreos: update title --- running-coreos/cloud-providers/ecs/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/running-coreos/cloud-providers/ecs/index.md b/running-coreos/cloud-providers/ecs/index.md index 99c4c293e..d640c6139 100644 --- a/running-coreos/cloud-providers/ecs/index.md +++ b/running-coreos/cloud-providers/ecs/index.md @@ -1,6 +1,6 @@ --- layout: docs -title: Amazon ECS +title: Amazon EC2 Container Service category: running_coreos sub_category: cloud_provider supported: true From 807482484ecee959ab509815a44efa74156b9473 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 18 Dec 2014 18:23:05 -0800 Subject: [PATCH 0375/1291] launching-containers: stronger message about detached mode within units --- .../building/getting-started-with-docker/index.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/launching-containers/building/getting-started-with-docker/index.md b/launching-containers/building/getting-started-with-docker/index.md index 0a84a10cd..cf024234e 100644 --- a/launching-containers/building/getting-started-with-docker/index.md +++ b/launching-containers/building/getting-started-with-docker/index.md @@ -75,6 +75,8 @@ docker run -d coreos/apache [process] After you are comfortable with the mechanics of running containers by hand, it's recommended to use [systemd units]({{site.url}}/docs/launching-containers/launching/getting-started-with-systemd) and/or [fleet]({{site.url}}/docs/launching-containers/launching/launching-containers-fleet) to run your containers on a cluster of CoreOS machines. +Do not run containers with detached mode inside of systemd unit files. Detached mode prevents your init system, in our case systemd, from monitoring the process that owns the container because detached mode forks it into the background. To prevent this issue, just omit the `-d` flag if you aren't running something manually. + ### Run Apache in Foreground We need to run the apache process in the foreground, since our container will stop when the process specified in the `docker run` command stops. We can do this with a flag `-D` when starting the apache2 process: From 0b4e55e1bdb03fc0eef82850461d9fa5c47a4a1e Mon Sep 17 00:00:00 2001 From: Jimmy Zelinskie Date: Sat, 20 Dec 2014 00:34:12 -0500 Subject: [PATCH 0376/1291] Add avatar generation to example config --- enterprise-registry/initial-setup/index.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/enterprise-registry/initial-setup/index.md b/enterprise-registry/initial-setup/index.md index 489b9dd69..47c6827bc 100644 --- a/enterprise-registry/initial-setup/index.md +++ b/enterprise-registry/initial-setup/index.md @@ -70,6 +70,12 @@ SERVER_HOSTNAME: '(FILL IN HERE: registry.mycorp.com)' # A logo to use for your enterprise ENTERPRISE_LOGO_URL: '(FILL IN HERE: http://someurl/...)' +# Avatar generation +# Possible values: +# local +# gravatar +AVATAR_KIND: 'local' + # Contact information for the contact page. # Supported URL forms: # email: mailto:some@email.com From 9c2558ff4279161c78cdff7b0b401165ff13d38e Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Mon, 22 Dec 2014 18:20:56 -0500 Subject: [PATCH 0377/1291] running-coreos: expand how to use ECS with new and existing clusters --- running-coreos/cloud-providers/ecs/index.md | 56 ++++++++++++++++++--- 1 file changed, 50 insertions(+), 6 deletions(-) diff --git a/running-coreos/cloud-providers/ecs/index.md b/running-coreos/cloud-providers/ecs/index.md index 73ad6703d..14dabcf44 100644 --- a/running-coreos/cloud-providers/ecs/index.md +++ b/running-coreos/cloud-providers/ecs/index.md @@ -7,15 +7,17 @@ supported: true weight: 1 --- -# Amazon ECS on CoreOS +# Running CoreOS with AWS EC2 Container Service -At re:Invent 2014, AWS launched [Amazon EC2 Container Service (ECS)](http://aws.amazon.com/ecs/). ECS is a container management service which provides a set of APIs for scheduling container workloads across EC2 clusters. It supports Docker and it runs on CoreOS. +[Amazon EC2 Container Service (ECS)](http://aws.amazon.com/ecs/) is a container management service which provides a set of APIs for scheduling container workloads across EC2 clusters. It supports CoreOS with Docker containers. -In order to use ECS on CoreOS, you’ll need to add the “amazon-ecs-agent.service” unit to your existing cloud-config (or just use the cloud-config below in its entirety). -Be sure to replace “your_cluster_name” with an appropriate value or leave it blank to use the default cluster. +Your CoreOS machines communicate with ECS via an agent. The agent interacts with docker to start new containers and gather information about running containers. -The service listed below pulls the latest official Amazon ECS agent container from the Docker hub when it starts. -If you ever need to update the agent, it’s as simple as restarting amazon-ecs-agent.service. +## Set Up A New Cluster + +When booting your [CoreOS Machines on EC2]({{site.url}}/docs/running-coreos/cloud-providers/ec2), specify that the ECS agent is started via [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config). + +Be sure to change `ECS_CLUSTER` to the cluster name you've configured via the ECS CLI or leave it empty for the default. Here's a full cloud-config example: ```yaml #cloud-config @@ -41,3 +43,45 @@ coreos: ExecStart=/usr/bin/docker run --name ecs-agent --env=ECS_CLUSTER=${ECS_CLUSTER} --env=ECS_LOGLEVEL=${ECS_LOGLEVEL} --publish=127.0.0.1:51678:51678 --volume=/var/run/docker.sock:/var/run/docker.sock amazon/amazon-ecs-agent ExecStop=/usr/bin/docker stop ecs-agent ``` + +The example above pulls the latest official Amazon ECS agent container from the Docker Hub when the machine starts. If you ever need to update the agent, it’s as simple as restarting the amazon-ecs-agent service or the CoreOS machine. + +If you want to configure SSH keys in order to log in, mount disks or configure other options, see the [full cloud-config documentation]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config). + +## Connect ECS to an Existing Cluster + +Connecting an existing cluster to ECS is simple with [fleet]({{site.url}}/docs/launching-containers/launching/launching-containers-fleet) — the agent can be run as a global unit. The unit looks similar to the example above: + +#### amazon-ecs-agent.service + +```ini +[Unit] +Description=Amazon ECS Agent +After=docker.service +Requires=docker.service + +[Service] +Environment=ECS_CLUSTER=your_cluster_name +Environment=ECS_LOGLEVEL=warn +ExecStartPre=-/usr/bin/docker kill ecs-agent +ExecStartPre=-/usr/bin/docker rm ecs-agent +ExecStartPre=/usr/bin/docker pull amazon/amazon-ecs-agent +ExecStart=/usr/bin/docker run --name ecs-agent --env=ECS_CLUSTER=${ECS_CLUSTER} --env=ECS_LOGLEVEL=${ECS_LOGLEVEL} --publish=127.0.0.1:51678:51678 --volume=/var/run/docker.sock:/var/run/docker.sock amazon/amazon-ecs-agent +ExecStop=/usr/bin/docker stop ecs-agent + +[X-Fleet] +Global=true +``` + +Be sure to change `ECS_CLUSTER` to the cluster name you've configured in the AWS console or leave it empty for the default. + +To run this unit on each machine, all you have to do is submit it to the cluster: + +```sh +$ fleetctl start amazon-ecs-agent.service +Triggered global unit amazon-ecs-agent.service start +``` + +You should see all of your machines show up in the ECS CLI output. + +For more information on using ECS, check out the [official Amazon documentation](http://aws.amazon.com/documentation/ecs/). \ No newline at end of file From 09d52af6b1b606ee024a3a9c2648ba73aab858da Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Fri, 2 Jan 2015 14:03:10 -0500 Subject: [PATCH 0378/1291] cluster-management: fix typo --- cluster-management/setup/update-strategies/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster-management/setup/update-strategies/index.md b/cluster-management/setup/update-strategies/index.md index ab89eb409..9fb265e3a 100644 --- a/cluster-management/setup/update-strategies/index.md +++ b/cluster-management/setup/update-strategies/index.md @@ -102,7 +102,7 @@ coreos: command: restart ``` -## Auto-Updates with a Maintainence Window +## Auto-Updates with a Maintainance Window A timeframe in which to update can be specified by using two systemd units, a very simple service and a timer to run it on your schedule: From b357ebb0ee1c27193bd2479ebcecf4aa39791619 Mon Sep 17 00:00:00 2001 From: Eugene Yakubovich Date: Tue, 9 Dec 2014 16:06:08 -0800 Subject: [PATCH 0379/1291] Added flannel documentation This discusses how to configure and start flannel on CoreOS. --- .../setup/flannel-config/index.md | 115 ++++++++++++++++++ 1 file changed, 115 insertions(+) create mode 100644 cluster-management/setup/flannel-config/index.md diff --git a/cluster-management/setup/flannel-config/index.md b/cluster-management/setup/flannel-config/index.md new file mode 100644 index 000000000..ee62b74cf --- /dev/null +++ b/cluster-management/setup/flannel-config/index.md @@ -0,0 +1,115 @@ +--- +layout: docs +title: Configuring flannel +category: cluster_management +sub_category: setting_up +weight: 10 +--- + +# Configuring flannel for Container Networking + +*Note*: flannel is only available in CoreOS versions 554 and later. + +## Overview + +With Docker, each container is assigned an IP address that can be used to communicate with other containers on the _same_ host. +For communicating over a network, containers are tied to the IP addresses of the host machines and must rely on port-mapping to reach the desired container. +This makes it difficult for applications running inside containers to advertise their external IP and port as that information is not available to them. + +flannel solves the problem by giving each container an IP that can be used for container-to-container communication. It uses packet encapsulation +to create a virtual overlay network that spans the whole cluster. More specifically, flannel gives each host an IP subnet (/24 by default) from which the +Docker daemon is able to allocate IPs to the individual containers. + +flannel uses [etcd](https://coreos.com/using-coreos/etcd/) to store mappings between the virtual IP and host addresses. A `flanneld` daemon runs on each +host and is responsible for watching information in etcd and routing the packets. + +## Configuration + +### Publishing config to etcd +flannel looks up its configuration in etcd. Therefore the first step to getting started with flannel is to publish the configuration to etcd. +By default, flannel looks up its configuration in `/coreos.com/network/config`. At the bare minimum, you must tell flannel an IP range (subnet) that +it should use for the overlay. Here is an example of the minimum flannel configuration: + +```json +{ "Network": "10.1.0.0/16" } +``` + +Use `etcdctl` utility to publish the config: + +```bash +$ etcdctl set /coreos.com/network/config '{ "Network": "10.1.0.0/16" }' +``` + +You can put this into a drop-in for flanneld.service via cloud-config: + +```yaml +#cloud-config + +coreos: + units: + - name: flanneld.service + drop-ins: + - name: 50-network-config.conf + content: | + [Service] + ExecStartPre=/usr/bin/etcdctl set /coreos.com/network/config '{ "Network": "10.1.0.0/16" }' +``` + +This will assign the specified /16 for the entire overlay network. By default, flannel will allocate a /24 to each host. This default, along with the +minimum and maximum subnet IP addresses is overridable in config: + +```json +{ + "Network": "10.1.0.0/16", + "SubnetLen": 28, + "SubnetMin": "10.1.10.0", + "SubnetMax": "10.1.50.0" +} +``` + +This config instructs flannel to allocate /28 subnets to individual hosts and make sure not to issue subnets outside of 10.1.10.0 - 10.1.50.0 range. + +### Firewall +flannel uses UDP port 8285 for sending encapsulated IP packets. Make sure to enable this traffic to pass between the hosts. + +### Enabling flannel via Cloud-Config +The last step is to enable `flanneld.service` in the cloud-config by adding `command: start` directive: + +```yaml +#cloud-config + +coreos: + units: + - name: flanneld.service + drop-ins: + - name: 50-network-config.conf + content: | + [Service] + ExecStartPre=/usr/bin/etcdctl set /coreos.com/network/config '{ "Network": "10.1.0.0/16" }' + command: start +``` + +*Important*: If you are starting other units via cloud-config, `flanneld.service` needs to be listed _before_ any services that run Docker containers. +This includes fleet.service as fleet daemon will start units that may run Docker containers. + +## Under the Hood +To reduce the CoreOS image size, flannel daemon is stored in CoreOS Enterprise Registry as a Docker container and not shipped in the CoreOS image. +For those users wishing not to use flannel, it helps to keep their installation minimal. When `flanneld.service` it started, it pulls the Docker image +from the registry. There is, however, a chicken and the egg problem as flannel configures Docker bridge and Docker is needed to pull down the image. + +In order to work around this, CoreOS is configured to optionally run a second copy of Docker daemon which we call early-docker. Early-docker daemon +is started with `--iptables=false` and containers that it executes need to run with host networking. This prevents Docker from starting `docker0` bridge. + +Here is the sequence of events that happens when `flanneld.service` is started followed by a service that runs a Docker container (e.g. redis server): + +1. `early-docker.service` gets started since it is a dependency of `flanneld.service`. +2. `early-docker.service` launches a Docker on a separate Unix socket -- `/var/run/early-docker.sock`. +3. `flanneld.service` executes `DOCKER_HOST=unix:///var/run/early-docker.sock docker run --net=host quay.io/coreos/flannel:$FLANNEL_VER` (actual invokation is slightly more complex). +4. flanneld starts and writes out `/run/flannel/subnet.env` with the acquired IP subnet information. +5. `ExecStartPost` in `flanneld.service` converts information in `/run/flannel/subnet.env` into Docker daemon command line args (such as `--bip` and `--mtu`), +storing them in `/run/docker_opts.env` +6. `redis.service` gets started which invokes `docker run ...`, triggering socket activation of `docker.service`. +7. `docker.service` sources in `/run/docker_opts.env` (which contains `DOCKER_OPTS`) and starts the Docker daemon with `$DOCKER_OPTS` +8. `redis.service` runs Docker redis container. + +If you would like to learn more about these service files, you can check them out like so: `systemctl cat early-docker.service`. From f8f260c77fabe16e05c0172ceaa6f5999b4d2bcd Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Wed, 7 Jan 2015 15:07:07 -0800 Subject: [PATCH 0380/1291] cluster-management: minor tweaks and note about UDP --- cluster-management/setup/flannel-config/index.md | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/cluster-management/setup/flannel-config/index.md b/cluster-management/setup/flannel-config/index.md index ee62b74cf..0a7b79560 100644 --- a/cluster-management/setup/flannel-config/index.md +++ b/cluster-management/setup/flannel-config/index.md @@ -1,6 +1,6 @@ --- layout: docs -title: Configuring flannel +title: Configuring flannel Networking category: cluster_management sub_category: setting_up weight: 10 @@ -8,7 +8,7 @@ weight: 10 # Configuring flannel for Container Networking -*Note*: flannel is only available in CoreOS versions 554 and later. +*Note*: flannel is only available in [CoreOS versions 554]({{site.url}}/releases/#554.0.0) and later. ## Overview @@ -70,7 +70,8 @@ minimum and maximum subnet IP addresses is overridable in config: This config instructs flannel to allocate /28 subnets to individual hosts and make sure not to issue subnets outside of 10.1.10.0 - 10.1.50.0 range. ### Firewall -flannel uses UDP port 8285 for sending encapsulated IP packets. Make sure to enable this traffic to pass between the hosts. + +flannel uses UDP port 8285 for sending encapsulated IP packets. Make sure to enable this traffic to pass between the hosts. If you find that you can't ping containers across hosts, this port is probably not open. ### Enabling flannel via Cloud-Config The last step is to enable `flanneld.service` in the cloud-config by adding `command: start` directive: @@ -103,7 +104,7 @@ is started with `--iptables=false` and containers that it executes need to run w Here is the sequence of events that happens when `flanneld.service` is started followed by a service that runs a Docker container (e.g. redis server): 1. `early-docker.service` gets started since it is a dependency of `flanneld.service`. -2. `early-docker.service` launches a Docker on a separate Unix socket -- `/var/run/early-docker.sock`. +2. `early-docker.service` launches a Docker on a separate Unix socket — `/var/run/early-docker.sock`. 3. `flanneld.service` executes `DOCKER_HOST=unix:///var/run/early-docker.sock docker run --net=host quay.io/coreos/flannel:$FLANNEL_VER` (actual invokation is slightly more complex). 4. flanneld starts and writes out `/run/flannel/subnet.env` with the acquired IP subnet information. 5. `ExecStartPost` in `flanneld.service` converts information in `/run/flannel/subnet.env` into Docker daemon command line args (such as `--bip` and `--mtu`), From 982c6d97ada459a8f9e0114f30e3a3f48b5a04bc Mon Sep 17 00:00:00 2001 From: Michael Marineau Date: Wed, 7 Jan 2015 17:22:14 -0800 Subject: [PATCH 0381/1291] setup: Add new misc settings page for smaller notes. Adds documentation for: - /etc/modules-load.d - /etc/sysctl.d - /etc/motd.d --- .../setup/other-settings/index.md | 115 ++++++++++++++++++ 1 file changed, 115 insertions(+) create mode 100644 cluster-management/setup/other-settings/index.md diff --git a/cluster-management/setup/other-settings/index.md b/cluster-management/setup/other-settings/index.md new file mode 100644 index 000000000..2aa57d3f0 --- /dev/null +++ b/cluster-management/setup/other-settings/index.md @@ -0,0 +1,115 @@ +--- +layout: docs +title: Tips and Other Settings +category: cluster_management +sub_category: setting_up +weight: 8 +--- + +# Tips and Other Settings + +## Loading Kernel Modules + +Most Linux kernel modules get automatically loaded as-needed but there +are a some situations where this doesn't work. Problems can arise if +there is boot-time dependencies are sensitive to exactly when the module +gets loaded. Module auto-loading can be broken all-together if the +operation requiring the module happens inside of a container. `iptables` +and other netfilter features can easily encounter both of these issues. +To force a module to be loaded early during boot simply list them in a +file under `/etc/modules-load.d`. The file name must end in `.conf`. + +```sh +echo nf_conntrack > /etc/modules-load.d/nf.conf +``` + +These files are processed early during the boot sequence. This means +that updating `modules-load.d` via cloud-config will only take effect on +the next boot unless the `systemd-modules-load` service is also +restarted: + +```yaml +#cloud-config + +write_files: + - path: /etc/modules-load.d/nf.conf + content: nf_conntrack + +coreos: + units: + - name: systemd-modules-load.service + command: restart +``` + +Further details can be found in the systemd man pages: +[modules-load.d(5)](http://www.freedesktop.org/software/systemd/man/modules-load.d.html) +[systemd-modules-load.service(8)](http://www.freedesktop.org/software/systemd/man/systemd-modules-load.service.html) + + +## Tuning sysctl Parameters + +The Linux kernel offers a plethora of knobs under `/proc/sys` to control +the availability of different features and tune performance parameters. +For one-shot changes values can be written directly to the files under +`/proc/sys` but persistent settings must be written to `/etc/sysctl.d`: + +```sh +echo net.netfilter.nf_conntrack_max=131072 > /etc/sysctl.d/nf.conf +sysctl --system +``` + +Some parameters, such as the conntrack one above, are only available +after the module they control has been loaded. To ensure any modules are +loaded in advance use `modules-load.d` as described above. A complete +cloud-config using both would look like: + +```yaml +#cloud-config + +write_files: + - path: /etc/modules-load.d/nf.conf + content: | + nf_conntrack + - path: /etc/sysctl.d/nf.conf + content: | + net.netfilter.nf_conntrack_max=131072 + +coreos: + units: + - name: systemd-modules-load.service + command: restart + - name: systemd-sysctl.service + command: restart +``` + +Further details can be found in the systemd man pages: +[sysctl.d(5)](http://www.freedesktop.org/software/systemd/man/sysctl.d.html) +[systemd-sysctl.service(8)](http://www.freedesktop.org/software/systemd/man/systemd-sysctl.service.html) + + +## Adding Custom Messages to MOTD + +By default when logging in interactively via SSH or a console a brief +message reporting the CoreOS release channel, version, and a list of any +services or other systemd units that have failed. Additional text can be +added by dropping text files into `/etc/motd.d`. The directory may need +to be created first and the file name must end in `.conf`. +CoreOS 555.0.0 or later is required. + +```sh +mkdir -p /etc/motd.d +echo "This machine is dedicated to computing Pi" > /etc/motd.d/pi.conf +``` + +Or via cloud-config: +```yaml +#cloud-config + +write_files: + - path: /etc/motd.d/pi.conf + content: This machine is dedicated to computing Pi +``` + +Note: currently the MOTD is regenerated by a script once a minute to +ensure the list of failed units remains fairly current. This behavior +may change in the future. From c18ceec21e1acbce2e9ba95b1cd3468e6da59199 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Wed, 7 Jan 2015 17:50:54 -0800 Subject: [PATCH 0382/1291] cluster-management: fix markdown syntax --- cluster-management/setup/other-settings/index.md | 1 + 1 file changed, 1 insertion(+) diff --git a/cluster-management/setup/other-settings/index.md b/cluster-management/setup/other-settings/index.md index 2aa57d3f0..38e56934e 100644 --- a/cluster-management/setup/other-settings/index.md +++ b/cluster-management/setup/other-settings/index.md @@ -102,6 +102,7 @@ echo "This machine is dedicated to computing Pi" > /etc/motd.d/pi.conf ``` Or via cloud-config: + ```yaml #cloud-config From 190018cb80b18f7ba19b003b0169907c41ea2421 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Fri, 16 Jan 2015 10:33:40 -0800 Subject: [PATCH 0383/1291] cluster-management: fix broken link --- cluster-management/setup/cluster-discovery/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster-management/setup/cluster-discovery/index.md b/cluster-management/setup/cluster-discovery/index.md index 1f1932b53..1b2a693fd 100644 --- a/cluster-management/setup/cluster-discovery/index.md +++ b/cluster-management/setup/cluster-discovery/index.md @@ -153,4 +153,4 @@ The public discovery service is just an etcd cluster made available to the publi Since etcd is designed to this type of leader election, it was an obvious choice to use it for everyone's initial leader election. This means that it's easy to run your own etcd cluster for this purpose. -If you're interested in how discovery API works behind the scenes in etcd, read about the [Discovery Protocol](https://github.com/coreos/etcd/blob/master/Documentation/discovery-protocol.md). +If you're interested in how discovery API works behind the scenes in etcd, read about [etcd clustering](https://github.com/coreos/etcd/blob/master/Documentation/clustering.md). From 709ad5797a5830c8bbfddf097c860bb7a02d1c25 Mon Sep 17 00:00:00 2001 From: Spencer Brown Date: Sat, 17 Jan 2015 09:32:13 -0600 Subject: [PATCH 0384/1291] Don't call it a "bind mount" when it's not The mount being done in the example is just a regular device mount, not a bind mount. Remove "bind" from the description. --- cluster-management/setup/mounting-storage/index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cluster-management/setup/mounting-storage/index.md b/cluster-management/setup/mounting-storage/index.md index bfefa9a7c..1eec1a950 100644 --- a/cluster-management/setup/mounting-storage/index.md +++ b/cluster-management/setup/mounting-storage/index.md @@ -32,7 +32,7 @@ It's important to note that [systemd requires](http://www.freedesktop.org/softwa Docker containers can be very large and debugging a build process makes it easy to accumulate hundreds of containers. It's advantagous to use attached storage to expand your capacity for container images. Be aware that some cloud providers treat certain disks as ephemeral and you will lose all docker images contained on that disk. -We're going to bind mount a btrfs device to `/var/lib/docker`, where docker stores images. We can do this on the fly when the machines starts up with a oneshot unit that formats the drive and another one that runs afterwards to mount it. Be sure to hardcode the correct device or look for a device by label: +We're going to mount a btrfs device to `/var/lib/docker`, where docker stores images. We can do this on the fly when the machines starts up with a oneshot unit that formats the drive and another one that runs afterwards to mount it. Be sure to hardcode the correct device or look for a device by label: ```yaml #cloud-config @@ -66,4 +66,4 @@ Notice that we're starting both units at the same time and using the power of sy ## Further Reading -Read the [full docs](http://www.freedesktop.org/software/systemd/man/systemd.mount.html) to learn about the available options. Examples specific to [EC2]({{site.url}}/docs/running-coreos/cloud-providers/ec2/#instance-storage), [Google Compute Engine]({{site.url}}/docs/running-coreos/cloud-providers/google-compute-engine/#additional-storage) and [Rackspace Cloud]({{site.url}}/docs/running-coreos/cloud-providers/rackspace/#mount-data-disk) can be used as a starting point. \ No newline at end of file +Read the [full docs](http://www.freedesktop.org/software/systemd/man/systemd.mount.html) to learn about the available options. Examples specific to [EC2]({{site.url}}/docs/running-coreos/cloud-providers/ec2/#instance-storage), [Google Compute Engine]({{site.url}}/docs/running-coreos/cloud-providers/google-compute-engine/#additional-storage) and [Rackspace Cloud]({{site.url}}/docs/running-coreos/cloud-providers/rackspace/#mount-data-disk) can be used as a starting point. From 99aa16f30e599c4168d4ae73bdb3645c2de00b08 Mon Sep 17 00:00:00 2001 From: mm Date: Sat, 17 Jan 2015 20:29:28 -0600 Subject: [PATCH 0385/1291] Spelling fixes --- cluster-management/debugging/reading-the-system-log/index.md | 2 +- cluster-management/setup/cluster-discovery/index.md | 4 ++-- cluster-management/setup/flannel-config/index.md | 2 +- cluster-management/setup/mounting-storage/index.md | 2 +- cluster-management/setup/update-strategies/index.md | 4 ++-- 5 files changed, 7 insertions(+), 7 deletions(-) diff --git a/cluster-management/debugging/reading-the-system-log/index.md b/cluster-management/debugging/reading-the-system-log/index.md index 8cb2fa30f..00cf42a7c 100644 --- a/cluster-management/debugging/reading-the-system-log/index.md +++ b/cluster-management/debugging/reading-the-system-log/index.md @@ -54,7 +54,7 @@ Dec 22 12:32:39 localhost docker[9772]: apache2: Could not reliably determine th ## Read Entries Since Boot -Reading just the entires since the last boot is an easy way to troubleshoot services that are faiing to start properly: +Reading just the entries since the last boot is an easy way to troubleshoot services that are failing to start properly: ```sh journalctl --boot diff --git a/cluster-management/setup/cluster-discovery/index.md b/cluster-management/setup/cluster-discovery/index.md index 1b2a693fd..fba329964 100644 --- a/cluster-management/setup/cluster-discovery/index.md +++ b/cluster-management/setup/cluster-discovery/index.md @@ -53,7 +53,7 @@ Starting a CoreOS cluster requires one of the new machines to become the first l 4. Machine 2 boots and submits its `peer-addr` address `10.10.10.2`. It also reads back the list of existing peers (only `10.10.10.1`) and attempts to connect to the address listed. 5. Machine 2 connects to Machine 1 and is now part of the cluster as a follower. 6. Machine 3 boots and submits its `peer-addr` address `10.10.10.3`. It reads back the list of peers ( `10.10.10.1` and `10.10.10.2`) and selects one of the addresses to try first. When it connects to a machine in the cluster, the machine is given a full list of the existing other members of the cluster. -7. The cluster is now bootstrapped with an intial leader and two followers. +7. The cluster is now bootstrapped with an initial leader and two followers. There are two interesting things happening during this process. @@ -85,7 +85,7 @@ journalctl _EXE=/usr/bin/coreos-cloudinit ### Stale Tokens -Another common problem with cluster discovery is attempting to boot a new cluster with a stale discovery URL. As explained above, the intial leader election is recorded into the URL, which indicates that the new etcd instance should be joining an existing cluster. +Another common problem with cluster discovery is attempting to boot a new cluster with a stale discovery URL. As explained above, the initial leader election is recorded into the URL, which indicates that the new etcd instance should be joining an existing cluster. If you provide a stale discovery URL, the new machines will attempt to connect to each of the old peer addresses, which will fail since they don't exist, and the bootstrapping process will fail. diff --git a/cluster-management/setup/flannel-config/index.md b/cluster-management/setup/flannel-config/index.md index 0a7b79560..6428f57cb 100644 --- a/cluster-management/setup/flannel-config/index.md +++ b/cluster-management/setup/flannel-config/index.md @@ -105,7 +105,7 @@ Here is the sequence of events that happens when `flanneld.service` is started f 1. `early-docker.service` gets started since it is a dependency of `flanneld.service`. 2. `early-docker.service` launches a Docker on a separate Unix socket — `/var/run/early-docker.sock`. -3. `flanneld.service` executes `DOCKER_HOST=unix:///var/run/early-docker.sock docker run --net=host quay.io/coreos/flannel:$FLANNEL_VER` (actual invokation is slightly more complex). +3. `flanneld.service` executes `DOCKER_HOST=unix:///var/run/early-docker.sock docker run --net=host quay.io/coreos/flannel:$FLANNEL_VER` (actual invocation is slightly more complex). 4. flanneld starts and writes out `/run/flannel/subnet.env` with the acquired IP subnet information. 5. `ExecStartPost` in `flanneld.service` converts information in `/run/flannel/subnet.env` into Docker daemon command line args (such as `--bip` and `--mtu`), storing them in `/run/docker_opts.env` diff --git a/cluster-management/setup/mounting-storage/index.md b/cluster-management/setup/mounting-storage/index.md index bfefa9a7c..f550dea86 100644 --- a/cluster-management/setup/mounting-storage/index.md +++ b/cluster-management/setup/mounting-storage/index.md @@ -30,7 +30,7 @@ It's important to note that [systemd requires](http://www.freedesktop.org/softwa ## Use Attached Storage for Docker -Docker containers can be very large and debugging a build process makes it easy to accumulate hundreds of containers. It's advantagous to use attached storage to expand your capacity for container images. Be aware that some cloud providers treat certain disks as ephemeral and you will lose all docker images contained on that disk. +Docker containers can be very large and debugging a build process makes it easy to accumulate hundreds of containers. It's advantageous to use attached storage to expand your capacity for container images. Be aware that some cloud providers treat certain disks as ephemeral and you will lose all docker images contained on that disk. We're going to bind mount a btrfs device to `/var/lib/docker`, where docker stores images. We can do this on the fly when the machines starts up with a oneshot unit that formats the drive and another one that runs afterwards to mount it. Be sure to hardcode the correct device or look for a device by label: diff --git a/cluster-management/setup/update-strategies/index.md b/cluster-management/setup/update-strategies/index.md index 9fb265e3a..fae29417e 100644 --- a/cluster-management/setup/update-strategies/index.md +++ b/cluster-management/setup/update-strategies/index.md @@ -75,7 +75,7 @@ The `reboot` strategy works exactly like it sounds: the machine is rebooted as s ### Off -The `off` strategy is also straightforward. The update will be installed onto the passive partion and await a reboot command to complete the update. We don't recommend this strategy unless you reboot frequently as part of your normal operations workflow. +The `off` strategy is also straightforward. The update will be installed onto the passive partition and await a reboot command to complete the update. We don't recommend this strategy unless you reboot frequently as part of your normal operations workflow. ## Updating PXE/iPXE Machines @@ -102,7 +102,7 @@ coreos: command: restart ``` -## Auto-Updates with a Maintainance Window +## Auto-Updates with a Maintenance Window A timeframe in which to update can be specified by using two systemd units, a very simple service and a timer to run it on your schedule: From d0be296b95d0273c0cee3e994f52eb458bfa4d09 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Tue, 20 Jan 2015 10:50:52 -0800 Subject: [PATCH 0386/1291] launching-containers: remove unneeded unit --- .../building/customizing-docker/index.md | 11 +---------- 1 file changed, 1 insertion(+), 10 deletions(-) diff --git a/launching-containers/building/customizing-docker/index.md b/launching-containers/building/customizing-docker/index.md index 44d41596e..e39bcb06b 100644 --- a/launching-containers/building/customizing-docker/index.md +++ b/launching-containers/building/customizing-docker/index.md @@ -53,7 +53,7 @@ coreos: units: - name: docker-tcp.socket command: start - enable: yes + enable: true content: | [Unit] Description=Docker Socket for the API @@ -65,15 +65,6 @@ coreos: [Install] WantedBy=sockets.target - - name: enable-docker-tcp.service - command: start - content: | - [Unit] - Description=Enable the Docker Socket for the API - - [Service] - Type=oneshot - ExecStart=/usr/bin/systemctl enable docker-tcp.socket ``` To keep access to the port local, replace the `ListenStream` configuration above with: From 6a830ba58ed36ce55a574585d3a595b5200ffc4d Mon Sep 17 00:00:00 2001 From: Jimmy Cuadra Date: Wed, 21 Jan 2015 22:31:16 -0800 Subject: [PATCH 0387/1291] Explain why docker run --rm isn't used for ExecStart. Closes #418. --- .../launching/getting-started-with-systemd/index.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/launching-containers/launching/getting-started-with-systemd/index.md b/launching-containers/launching/getting-started-with-systemd/index.md index 8450c5f38..ec2aaf8bf 100644 --- a/launching-containers/launching/getting-started-with-systemd/index.md +++ b/launching-containers/launching/getting-started-with-systemd/index.md @@ -117,6 +117,8 @@ ExecStopPost=/usr/bin/etcdctl rm /domains/example.com/10.10.10.123:8081 WantedBy=multi-user.target ``` +While it's possible to manage the starting, stopping, and removal of the container in a single `ExecStart` command by using `docker run --rm`, it's a good idea to separate the container's lifecycle into `ExecStartPre`, `ExecStart`, and `ExecStop` options as we've done above. This gives you a chance to inspect the container's state after it stops or fails. + ## Unit Specifiers In our last example we had to hardcode our IP address when we announced our container in etcd. That's not scalable and systemd has a few variables built in to help us out. Here's a few of the most useful: From 58e221c5d3c97c40a477bcecf09c4a86d4d5e265 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Fri, 23 Jan 2015 18:17:07 -0800 Subject: [PATCH 0388/1291] running-coreos: update install script options --- running-coreos/bare-metal/installing-to-disk/index.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/running-coreos/bare-metal/installing-to-disk/index.md b/running-coreos/bare-metal/installing-to-disk/index.md index 73611ab76..01c279c66 100644 --- a/running-coreos/bare-metal/installing-to-disk/index.md +++ b/running-coreos/bare-metal/installing-to-disk/index.md @@ -61,6 +61,8 @@ For reference here are the rest of the `coreos-install` options: -o OEM OEM type to install (e.g. openstack) -c CLOUD Insert a cloud-init config to be executed on boot. -t TMPDIR Temporary location with enough space to download images. +-v Super verbose, for debugging. +-b BASEURL URL to the image mirror ``` ## Cloud Config From 8f1b83958def3ac7521bbd1c0b3fce9f50390dae Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Wed, 28 Jan 2015 13:16:16 -0800 Subject: [PATCH 0389/1291] readme: reference help-wanted tag --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 777893b93..f3b74a079 100644 --- a/README.md +++ b/README.md @@ -2,6 +2,8 @@ These are publicly accessible versions of the documentation on [coreos.com](http://coreos.com/docs/). +Check out the [help-wanted tag](https://github.com/coreos/docs/issues?q=is%3Aopen+label%3Ahelp-wanted) if you're not sure what to help out with. + 1. Fork this repo 2. Send a Pull Request 3. We will get your fix up on [coreos.com](http://coreos.com/docs/) From f77efae60fa42b7d0b29362c73d7e1721e194bc0 Mon Sep 17 00:00:00 2001 From: Alex Malinovich Date: Wed, 28 Jan 2015 14:33:06 -0800 Subject: [PATCH 0390/1291] Fix GitHub capitalization --- enterprise-registry/build-support/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/enterprise-registry/build-support/index.md b/enterprise-registry/build-support/index.md index f364d9f3d..43a4d5ed9 100644 --- a/enterprise-registry/build-support/index.md +++ b/enterprise-registry/build-support/index.md @@ -78,5 +78,5 @@ When the container starts, each build worker will auto-register with the Enterpr ### Setup GitHub Build (optional) If your organization plans to have builds be conducted via pushes to GitHub (or GitHub Enterprise), please continue -with the Setting up Github Build. +with the Setting up GitHub Build. From 57c532e5afb5046c7a086fd28d61856679b9e7cd Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Tue, 3 Feb 2015 17:44:47 -0800 Subject: [PATCH 0391/1291] sdk-distributors: document disk layout --- sdk-distributors/sdk/disk-partitions/index.md | 59 +++++++++++++++++++ 1 file changed, 59 insertions(+) create mode 100644 sdk-distributors/sdk/disk-partitions/index.md diff --git a/sdk-distributors/sdk/disk-partitions/index.md b/sdk-distributors/sdk/disk-partitions/index.md new file mode 100644 index 000000000..66a5d7bcc --- /dev/null +++ b/sdk-distributors/sdk/disk-partitions/index.md @@ -0,0 +1,59 @@ +--- +layout: docs +title: Disk Layout +category: sdk_distributors +sub_category: sdk +weight: 9 +--- + +# CoreOS Disk Layout + +CoreOS is designed to be reliably updated via a [continous stream of updates]({{site.url}}/using-coreos/updates). The operating system has 9 different disk partitions, utilizing a subset of those to make each update safe and enable a roll-back to a previous version if anything goes wrong. + +## Partition Table + +| Number | Label | Description | Partition Type | +|:------:|-------|-------------|----------------| +| 1 | EFI-SYSTEM | Contains the bootloader. | VFAT | +| 2 | BIOS-BOOT | This partition is reserved for future use. | (none) | +| 3 | USR-A | One of two active/passive partitions holding CoreOS. | EXT4 | +| 4 | USR-B | One of two active/passive partitions holding CoreOS. | (empty on first boot) | +| 5 | ROOT-C | This partition is reserved for future use. | (none) | +| 6 | OEM | Stores configuration data specific to an [OEM platform][OEM docs] | EXT4 | +| 7 | OEM-CONFIG | Optional storage for an OEM. | (defined by OEM) | +| 8 | (unused) | This partition is reserved for future use. | (none) | +| 9 | ROOT | Stateful partition for storing persistent data. | EXT4 or BTRFS | + +For more information, [read more about the disk layout][chromium disk format] used by Chromium and ChromeOS, which inspired the layout used by CoreOS. + +[OEM docs]: {{site.url}}/docs/sdk-distributors/distributors/notes-for-distributors +[chromium disk format]: http://www.chromium.org/chromium-os/chromiumos-design-docs/disk-format + +## Mounted Filesystems + +CoreOS is divided into two main filesystems, a read-only `/usr` and a stateful read/write `/`. + +### Read-Only /usr + +The `USR-A` or `USR-B` partitions are interchangeable and one of the two is mounted as a read-only filesystem at `/usr`. After an update, CoreOS will re-configure the GPT priority attribute, instructing the bootloader to boot from the passive (newly updated) partition. Here's an example of the priority flags set on an Amazon EC2 machine: + +``` +$ sudo cgpt show /dev/xvda + start size part contents + 270336 2097152 3 Label: "USR-A" + Type: Alias for coreos-rootfs + UUID: 7130C94A-213A-4E5A-8E26-6CCE9662F132 + Attr: priority=1 tries=0 successful=1 +``` + +CoreOS images ship with the `USR-B` partition empty to reduce the image filesize. The first CoreOS update will populate it and start the normal active/passive scheme. + +The OEM partition is also mounted as read-only at `/usr/share/oem`. + +### Stateful Root + +All stateful data, including container images, is stored within the read/write filesystem mounted at `/`. On first boot, the ROOT partition and filesystem will expand to fill any remaining free space at the end of the drive. + +The data stored on the root partition isn't manipulated by the update process. In return, we do our best to prevent you from modifying the data in /usr. + +Due to the unique disk layout of CoreOS, an `rm -rf /` is an un-supported but valid operation to do a "factory reset". The machine should boot and operate normally afterwards. \ No newline at end of file From e0175e10224f292037bfd3ab3c4fa82e136d20fa Mon Sep 17 00:00:00 2001 From: Charlie McConnell Date: Wed, 11 Feb 2015 17:43:18 -0500 Subject: [PATCH 0392/1291] Update FLEETCTL_ENDPOINT syntax for unix sockets --- cluster-management/setup/cluster-architectures/index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cluster-management/setup/cluster-architectures/index.md b/cluster-management/setup/cluster-architectures/index.md index 68579c45d..e1ea39030 100644 --- a/cluster-management/setup/cluster-architectures/index.md +++ b/cluster-management/setup/cluster-architectures/index.md @@ -156,7 +156,7 @@ write_files: owner: core content: | # configure fleetctl to work with our etcd servers set above - export FLEETCTL_ENDPOINT=/var/run/fleet.sock + export FLEETCTL_ENDPOINT=unix:///var/run/fleet.sock export FLEETCTL_EXPERIMENTAL_API=true ``` @@ -252,6 +252,6 @@ write_files: owner: core content: | # configure fleetctl to work with our etcd servers set above - export FLEETCTL_ENDPOINT=/var/run/fleet.sock + export FLEETCTL_ENDPOINT=unix:///var/run/fleet.sock export FLEETCTL_EXPERIMENTAL_API=true ``` From e44567401e20ecb0430132a57651afeef7100e65 Mon Sep 17 00:00:00 2001 From: Yuya Kusakabe Date: Thu, 12 Feb 2015 14:44:31 +0900 Subject: [PATCH 0393/1291] running-coreos: add niftycloud docs --- .../cloud-providers/niftycloud/JA_JP/index.md | 87 +++++++++++++++++++ .../cloud-providers/niftycloud/index.md | 87 +++++++++++++++++++ 2 files changed, 174 insertions(+) create mode 100644 running-coreos/cloud-providers/niftycloud/JA_JP/index.md create mode 100644 running-coreos/cloud-providers/niftycloud/index.md diff --git a/running-coreos/cloud-providers/niftycloud/JA_JP/index.md b/running-coreos/cloud-providers/niftycloud/JA_JP/index.md new file mode 100644 index 000000000..4b34463ec --- /dev/null +++ b/running-coreos/cloud-providers/niftycloud/JA_JP/index.md @@ -0,0 +1,87 @@ +--- +layout: docs +category: running_coreos +sub_category: cloud_provider +supported: true +weight: 6 +title: NIFTY Cloud +--- + +# ニフティクラウド上でのCoreOSの起動 + +事前に[ニフティクラウド CLI][cli-documentation]をインストールする必要があります。 + +[cli-documentation]: http://cloud.nifty.com/api/cli/ + +## Cloud-Config + +CoreOSはcloud-configにより、マシンのパラメータを設定したり、起動時にsystemdのunitを立ち上げたりすることが可能です。サポートしている機能は[こちら]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config)で確認してください。cloud-configは最小限で有用な状態にクラスターを立ち上げることを目的としており、複数のホストで共通ではない設定をするためには使うべきではありません。ニフティクラウド上では、cloud-configはサーバーの起動中に編集でき、次回起動時に反映されます。 + +[ニフティクラウドCLI][cli-documentation]を使ってcloud-configを設定することができます。 + +最も一般的なcloud-configは下記のようなものです。 + +```yaml +#cloud-config + +coreos: + etcd: + # generate a new token for each unique cluster from https://discovery.etcd.io/new + discovery: https://discovery.etcd.io/ + # multi-region and multi-cloud deployments need to use $public_ipv4 + addr: $private_ipv4:4001 + peer-addr: $private_ipv4:7001 + units: + - name: etcd.service + command: start + - name: fleet.service + command: start +``` + +`$private_ipv4`と`$public_ipv4`という変数はニフティクラウド上のcloud-configでサポートされています。 + +## チャンネルの選択 + +CoreOSはチャンネル毎に別のスケジュールで[自動アップデート]({{site.url}}/using-coreos/updates)されるように設計されています。推奨はしませんが、この機能は[無効にする]({{site.url}}/docs/cluster-management/debugging/prevent-reboot-after-update)こともできます。各機能やバグフィックスについては[リリースノート]({{site.url}}/releases)を読んでください。 + +
    + +
    +
    +

    AlphaチャンネルはMasterをぴったりと追っていて、頻繁にリリースされます。テストのために最新のdockeretcdfleetの利用が可能です。現在のバージョンはCoreOS {{site.alpha-channel}}です。

    +

    $ZONE, $TYPE, $FW_ID and $SSH_KEY_IDを指定し、ニフティクラウドCLIで立ち上げます。

    + 
    nifty-run-instances $(nifty-describe-images --delimiter ',' --image-name "CoreOS Alpha {{site.alpha-channel}}" | awk -F',' '{print $2}') --key $SSH_KEY_ID --availability-zone $ZONE --instance-type $TYPE -g $FW_ID -f cloud-config.yml
    +
    +
    +

    BetaチャンネルはAlphaリリースが昇格されたものです。現在のバージョンはCoreOS {{site.beta-channel}}です。

    +

    $ZONE, $TYPE, $FW_ID and $SSH_KEY_IDを指定し、ニフティクラウドCLIで立ち上げます。

    + 
    nifty-run-instances $(nifty-describe-images --delimiter ',' --image-name "CoreOS Alpha {{site.beta-channel}}" | awk -F',' '{print $2}') --key $SSH_KEY_ID --availability-zone $ZONE --instance-type $TYPE -g $FW_ID -f cloud-config.yml
    +
    +
    +

    プロダクションクラスターではStableチャンネルを使用すべきです。CoreOSの各バージョンは昇格されるまでにBetaとAlphaチャンネルで検証済みです。現在のバージョンはCoreOS {{site.stable-channel}}です。

    +

    $ZONE, $TYPE, $FW_ID and $SSH_KEY_IDを指定し、ニフティクラウドCLIで立ち上げます。

    + 
    nifty-run-instances $(nifty-describe-images --delimiter ',' --image-name "CoreOS Alpha {{site.stable-channel}}" | awk -F',' '{print $2}') --key $SSH_KEY_ID --availability-zone $ZONE --instance-type $TYPE -g $FW_ID -f cloud-config.yml
    +
    +
    +
    + +### サーバーの追加 + +さらにクラスタにサーバーを追加するには、同じcloud-config、適当なファイアウォールグループで立ち上げるだけです。 + +## SSH + +下記のコマンドでログインできます。 + +```sh +ssh core@ -i +``` + +## CoreOSの利用 + +起動済みのマシンを手に入れたら、遊ぶ時間です。 +[CoreOSクイックスタート]({{site.url}}/docs/quickstart)を見るか、[各トピックス]({{site.url}}/docs)を掘り下げましょう。 diff --git a/running-coreos/cloud-providers/niftycloud/index.md b/running-coreos/cloud-providers/niftycloud/index.md new file mode 100644 index 000000000..0f684c89d --- /dev/null +++ b/running-coreos/cloud-providers/niftycloud/index.md @@ -0,0 +1,87 @@ +--- +layout: docs +category: running_coreos +sub_category: cloud_provider +supported: true +weight: 6 +title: NIFTY Cloud +--- + +# Running CoreOS on NIFTY Cloud + +Before proceeding, you will need to [install NIFTY Cloud CLI][cli-documentation]. + +[cli-documentation]: https://translate.google.com/translate?hl=en&sl=ja&tl=en&u=http%3A%2F%2Fcloud.nifty.com%2Fapi%2Fcli%2F + +## Cloud-Config + +CoreOS allows you to configure machine parameters, launch systemd units on startup and more via cloud-config. Jump over to the [docs to learn about the supported features]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config). Cloud-config is intended to bring up a cluster of machines into a minimal useful state and ideally shouldn't be used to configure anything that isn't standard across many hosts. On NIFTY Cloud, the cloud-config can be modified while the instance is running and will be processed next time the machine boots. + +You can provide cloud-config to CoreOS via [NIFTY Cloud CLI][cli-documentation]. + +The most common cloud-config for NIFTY Cloud looks like: + +```yaml +#cloud-config + +coreos: + etcd: + # generate a new token for each unique cluster from https://discovery.etcd.io/new + discovery: https://discovery.etcd.io/ + # multi-region and multi-cloud deployments need to use $public_ipv4 + addr: $private_ipv4:4001 + peer-addr: $private_ipv4:7001 + units: + - name: etcd.service + command: start + - name: fleet.service + command: start +``` + +The `$private_ipv4` and `$public_ipv4` substitution variables are fully supported in cloud-config on NIFTY Cloud. + +## Choosing a Channel + +CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updates) with different schedules per channel. You can [disable this feature]({{site.url}}/docs/cluster-management/debugging/prevent-reboot-after-update), although we don't recommend it. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes. + +
    + +
    +
    +

    The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

    +

    Launch via NIFTY Cloud CLI by specifying $ZONE, $TYPE, $FW_ID and $SSH_KEY_ID:

    + 
    nifty-run-instances $(nifty-describe-images --delimiter ',' --image-name "CoreOS Alpha {{site.alpha-channel}}" | awk -F',' '{print $2}') --key $SSH_KEY_ID --availability-zone $ZONE --instance-type $TYPE -g $FW_ID -f cloud-config.yml
    +
    +
    +

    The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.beta-channel}}.

    +

    Launch via NIFTY Cloud CLI by specifying $ZONE, $TYPE, $FW_ID and $SSH_KEY_ID:

    + 
    nifty-run-instances $(nifty-describe-images --delimiter ',' --image-name "CoreOS Alpha {{site.beta-channel}}" | awk -F',' '{print $2}') --key $SSH_KEY_ID --availability-zone $ZONE --instance-type $TYPE -g $FW_ID -f cloud-config.yml
    +
    +
    +

    The Stable channel should be used by production clusters. Versions of CoreOS are battle-tested within the Beta and Alpha channels before being promoted. Current version is CoreOS {{site.stable-channel}}.

    +

    Launch via NIFTY Cloud CLI by specifying $ZONE, $TYPE, $FW_ID and $SSH_KEY_ID:

    + 
    nifty-run-instances $(nifty-describe-images --delimiter ',' --image-name "CoreOS Alpha {{site.stable-channel}}" | awk -F',' '{print $2}') --key $SSH_KEY_ID --availability-zone $ZONE --instance-type $TYPE -g $FW_ID -f cloud-config.yml
    +
    +
    +
    + +### Adding More Machines + +To add more instances to the cluster, just launch more with the same cloud-config and the appropriate firewall group. + +## SSH + +You can log in your CoreOS instances using: + +```sh +ssh core@ -i +``` + +## Using CoreOS + +Now that you have a machine booted it is time to play around. +Check out the [CoreOS Quickstart]({{site.url}}/docs/quickstart) guide or dig into [more specific topics]({{site.url}}/docs). From 226ea7ade5aa9121c9d74edd25e844f6c22c585d Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 12 Feb 2015 09:53:50 -0500 Subject: [PATCH 0394/1291] cluster-management: fix formatting issues --- cluster-management/scaling/power-management/index.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/cluster-management/scaling/power-management/index.md b/cluster-management/scaling/power-management/index.md index f0c2a45d0..69cf51819 100644 --- a/cluster-management/scaling/power-management/index.md +++ b/cluster-management/scaling/power-management/index.md @@ -28,12 +28,14 @@ Several governors are available: | `userspace` | Controlled by a userspace application via the `scaling_setspeed` file | The "conservative" governor can be used instead using the following shell commands: + ```sh modprobe cpufreq_conservative echo "conservative" | tee /sys/devices/system/cpu/cpu*/cpufreq/scaling_governor > /dev/null ``` This can be configured with [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/#coreos) as well: + ```yaml coreos: units: From 441681bbb3fafa092b4b777d20a317e2eb0e4c9d Mon Sep 17 00:00:00 2001 From: Joseph Schorr Date: Thu, 12 Feb 2015 14:53:20 -0500 Subject: [PATCH 0395/1291] Change ER installation instructions for the new setup tool --- enterprise-registry/initial-setup/index.md | 272 ++---------------- enterprise-registry/mysql-container/index.md | 9 +- .../mysql-container/provision_mysql.sh | 26 +- 3 files changed, 39 insertions(+), 268 deletions(-) mode change 100644 => 100755 enterprise-registry/mysql-container/provision_mysql.sh diff --git a/enterprise-registry/initial-setup/index.md b/enterprise-registry/initial-setup/index.md index 47c6827bc..6e1e08a60 100644 --- a/enterprise-registry/initial-setup/index.md +++ b/enterprise-registry/initial-setup/index.md @@ -8,36 +8,21 @@ weight: 5 # On-Premise Installation -CoreOS Enterprise Registry requires five components to operate successfully: +CoreOS Enterprise Registry requires three components to operate successfully: - A supported database (MySQL, Postgres) - A Redis instance (for real-time events) -- A config.yaml file -- An SMTP server - The Enterprise Registry image +- (optional) An SMTP server ## Preparing the Database A MySQL RDBMS or Postgres installation with an empty database is required, and a login with full access to said database. The schema will be created the first time the registry image is run. The database install can either be pre-existing or run on CoreOS via a [Docker container]({{site.url}}/docs/enterprise-registry/mysql-container). -Please have the url for the login and database available in the SQLAlchemy format: - -### For MySQL: - -``` -mysql+pymysql://:@/ -``` - -### For Postgres: - -``` -postgresql://:@/ -``` - ## Setting up Redis -Redis stores data which must be accessed quickly but doesn’t necessarily require durability guarantees. If you have an existing Redis instance, make sure to accept incoming connections on port 6379 (or change the port in the config.yaml) and then feel free to skip this step. +Redis stores data which must be accessed quickly but doesn’t necessarily require durability guarantees. If you have an existing Redis instance, make sure to accept incoming connections on port 6379 (or change the port in the setup process) and then feel free to skip this step. To run redis, simply pull and run the Quay.io Redis image: @@ -48,260 +33,49 @@ sudo docker run -d -p 6379:6379 quay.io/quay/redis **NOTE**: This host will have to accept incoming connections on port 6379 from the hosts on which the registry will run. +## Downloading the Enterprise Registry image -## Enterprise Registry Config File - -CoreOS Enterprise Registry requires a `config.yaml` file, that stores database connection information, the storage location of your containers and other important settings. - -Sample configuration can be found below. Any fields marked as `(FILL IN HERE)` are required to be edited. - -```yaml -# A unique secret key. This should be a UUID or some other secret -# string. -SECRET_KEY: '(FILL IN HERE: secret key)' - -# Should be 'https' if SSL is used and 'http' otherwise. -PREFERRED_URL_SCHEME: '(FILL IN HERE: "https" or "http")' - -# The HTTP host (and optionally the port number) of the location -# where the registry will be accessible on the network. -SERVER_HOSTNAME: '(FILL IN HERE: registry.mycorp.com)' - -# A logo to use for your enterprise -ENTERPRISE_LOGO_URL: '(FILL IN HERE: http://someurl/...)' - -# Avatar generation -# Possible values: -# local -# gravatar -AVATAR_KIND: 'local' - -# Contact information for the contact page. -# Supported URL forms: -# email: mailto:some@email.com -# IRC: irc://server:port/channel -# telephone: tel:number -# twitter: https://twitter.com/twitterhandle -# generic URL: http(s)://* -CONTACT_INFO: - - 'mailto:(FILL IN HERE: support@email.com)' - - 'tel:(FILL IN HERE: +1-555-555-5555)' - -# Settings for SMTP and mailing. This is *required*. Note: "localhost" will not work since the -# registry is run inside a container. Delete or use null values for username and password if -# you are running an auth-less mailserver. -MAIL_PORT: 587 -MAIL_PASSWORD: '(FILL IN HERE: password)' -MAIL_SERVER: '(FILL IN HERE: hostname)' -MAIL_USERNAME: '(FILL IN HERE: username)' -MAIL_USE_TLS: true - -# To change the mail sender: -# MAIL_DEFAULT_SENDER: '(EMAIL ADDRESS: validated email address)' - -# The database URI for your MySQL or Postgres DB. -DB_URI: '(FILL IN HERE: database uri)' - -# REDIS connection information. The 'host' entry in the dictionary is -# *required* and should refer to the REDIS host setup above. Note that the -# host should *not* include the port. -# -# Additional options: -# port: The port to use when connecting to REDIS. -# password: The password to use when connecting to REDIS. -# -BUILDLOGS_REDIS: {'host': '(FILL IN HERE: redis host)'} -USER_EVENTS_REDIS: {'host': '(FILL IN HERE: redis host)'} - -# The usernames of your super-users, if any. Super users will -# have the ability to view and delete other users. -FEATURE_SUPER_USERS: false -SUPER_USERS: [] - -# Either 'Database' or 'LDAP'. -# If LDAP, additional configuration is required below. -AUTHENTICATION_TYPE: 'Database' - -# Should always be 'local'. -DISTRIBUTED_STORAGE_PREFERENCE: ['local'] - -# Defines the kind of storage used by the registry: -# LocalStorage: Registry data is stored on a local mounted volume -# -# Required fields: -# storage_path: The path under the mounted volume -# -# S3Storage: Registry data is stored in Amazon S3 -# -# Required fields: -# storage_path: The path under the S3 bucket -# s3_access_key: The S3 access key -# s3_secret_key: The S3 secret key -# s3_bucket: The S3 bucket -# -# GoogleCloudStorage: Registry data is stored in GCS -# -# Required fields: -# storage_path: The path under the GCS bucket -# access_key: The GCS access key -# secret_key: The GCS secret key -# bucket_name: The GCS bucket -# -# RadosGWStorage: Registry data is stored in Ceph Object Gateway (RADOS) -# See: http://ceph.com/docs/master/radosgw/admin/ -# -# Required fields: -# hostname: The hostname at which RADOS is running -# is_secure: Whether to use a secure connection -# storage_path: The path under RADOS -# access_key: An object gateway user access key -# secret_key: An object gateway user secret key -# bucket_name: The bucket under RADOS -DISTRIBUTED_STORAGE_CONFIG: - local: - # The name of the storage provider - - LocalStorage - - # Fields, in dictionary form - - {'storage_path': '/datastorage/registry'} - -# LDAP information (only needed if `LDAP` is chosen above). -# LDAP_URI: 'ldap://localhost' -# LDAP_ADMIN_DN: 'cn=admin,dc=devtable,dc=com' -# LDAP_ADMIN_PASSWD: 'secret' -# LDAP_BASE_DN: ['dc=devtable', 'dc=com'] -# LDAP_EMAIL_ATTR: 'mail' -# LDAP_UID_ATTR: 'uid' -# LDAP_USER_RDN: ['ou=People'] - -# If Active Directory is used for LDAP services: -# LDAP_URI: 'ldap://globalcatalog.dev.company.com:3268' -# LDAP_ADMIN_DN: 'cn=service_user,ou=serviceaccounts,dc=dev,dc=company,dc=com' -# LDAP_ADMIN_PASSWD: 'secret' -# LDAP_BASE_DN: ['dc=dev','dc=company','dc=com'] -# LDAP_EMAIL_ATTR: 'mail' -# LDAP_UID_ATTR: 'sAMAccountName' -# To search for users across all OUs and CNs in AD simply leave the following line commented out: -# LDAP_USER_RDN: ['cn=Users'] - -# Where user files (uploaded build packs, other binary data) -# are stored. Must match a key under DISTRIBUTED_STORAGE_CONFIG. -USERFILES_LOCATION: 'local' - -# The path under the storage where user files are stored. If the storage has a storage_path, -# this will be a sub-directory under that path. -USERFILES_PATH: 'userfiles/' - -# Required constants. -TESTING: false -USE_CDN: false -FEATURE_USER_LOG_ACCESS: true -FEATURE_BUILD_SUPPORT: false -``` +After signing up you will receive a `.dockercfg` file containing your credentials to the `quay.io/coreos/registry` repository. +Save this file to your CoreOS machine in `/home/core/.dockercfg` and `/root/.dockercfg`. +You should now be able to execute `docker pull quay.io/coreos/registry` to download the container. ## Setting up the Directories -CoreOS Enterprise registry requires a storage directory and a configuration directory containing the `config.yaml`, and, if SSL is used, two files named `ssl.cert` and `ssl.key`: - - mkdir storage - mkdir config - mv config.yaml config/config.yaml - cp my-ssl-cert config/ssl.cert - cp my-ssl-key config/ssl.key - +CoreOS Enterprise registry requires a storage directory and a configuration directory: -## Accessing the Enterprise Registry Container +``` +mkdir storage +mkdir config +``` -After signing up you will receive a `.dockercfg` file containing your credentials to the `quay.io/coreos/registry` repository. -Save this file to your CoreOS machine in `/home/core/.dockercfg` and `/root/.dockercfg`. -You should now be able to execute `docker pull quay.io/coreos/registry` to download the container. +## Setting up and running the Registry +Run the following command, replacing `/local/path/to/the/config/directory` and `/local/path/to/the/storage/directory` with the absolute +paths to the directories created above: -## Running the Registry +``` +sudo docker run --restart=always -p 443:443 -p 80:80 --privileged=true -v /local/path/to/the/config/directory:/conf/stack -v /local/path/to/the/storage/directory:/datastorage -d quay.io/coreos/registry +``` -The CoreOS Enterprise Registry is run via a `docker run` call, with the `config` and `storage` being the directories created above. +Once started, visit: http://yourhost/setup, wait for the page to load (it may take a minute or two) and follow instructions there to setup the enterprise registry. - docker run -p 443:443 -p 80:80 --privileged=true -v /local/path/to/config:/conf/stack -v /local/path/to/storage:/datastorage -d quay.io/coreos/registry +**NOTE**: The Enterprise Registry will restart itself a few times during this setup process. If the container does not automatically come +back up, simply run the command above again. ## Verifying the Registry status -Visit the `/status` endpoint on the registry hostname and verify. The expected values are: +Visit the `/health/endtoend` endpoint on the registry hostname and verify that the `code` is `200` and `is_testing` is `false`. -Variable Name | Expected Value | Error Description ------------------ | -------------- | ------------------------------------------------------------------ -db_healthy | true | If `false`, then the SQL connection failed. -buildlogs_healthy | true | If `false`, then the Redis connection failed. -is_testing | false | If `true`, then the configuration volume was not mounted properly. - -Note: `is_testing` may be missing from older installations. ## Logging in ### If using database authentication: -Once the Enterprise Registry is running, new users can be created by clicking the `Sign Up` button. The sign up process will require an e-mail confirmation step, after which repositories, organizations and teams can be setup by the user. +Once the Enterprise Registry is running, new users can be created by clicking the `Sign Up` button. If e-mail is enabled, the sign up process will require an e-mail confirmation step, after which repositories, organizations and teams can be setup by the user. ### If using LDAP authentication: Users should be able to login to the Enterprise Registry directly with their LDAP username and password. -To aid in LDAP debugging you can [tail the logs of the Enterprise Registry container]({{site.url}}/docs/enterprise-registry/log-debugging) from the Docker host. - -## Ensuring storage is set up correctly - -### If using local storage - -There's nothing left to do! Enjoy a brand new Enterprise Registry! - -### If using a storage service - -When using a storage service, the service must have its CORS (Cross-Origin Resource Sharing) configuration altered. This is usually done in the service's web console while configuring the settings for a given bucket. Enterprise Registry requires that both GET and PUT methods be accessible from any origin because userfiles (Dockerfiles and archives with Dockerfiles in them) are uploaded directly from the browser to storage. If this is not properly set up, uploading a Dockerfile/archive will yield an Internal Server Error (500) page. - -An example Amazon S3 configuration looks like: - -``` - - - - * - GET - 3000 - Authorization - - - * - PUT - 3000 - Content-Type - x-amz-acl - origin - - -``` - -For more information see [Amazon's CORS documentation](http://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html). - -An example Google Cloud Storage configuration looks like: - -``` - - - - - * - - - GET - PUT - - - Content-Type - - 3000 - - -``` - -For more information see [Google's CORS documentation](https://cloud.google.com/storage/docs/cross-origin). diff --git a/enterprise-registry/mysql-container/index.md b/enterprise-registry/mysql-container/index.md index 3aefcc5df..748b5d8c7 100644 --- a/enterprise-registry/mysql-container/index.md +++ b/enterprise-registry/mysql-container/index.md @@ -10,7 +10,7 @@ weight: 5 If you don't have an existing MySQL system to host the Enterprise Registry database on then you can run the steps below to create a dedicated MySQL container using the Oracle MySQL verified Docker image from https://registry.hub.docker.com/_/mysql/ ```sh -docker pull mysql:5.6 +docker pull mysql:5.7 ``` Edit these values to your liking: @@ -40,16 +40,11 @@ docker \ --env MYSQL_DATABASE=${MYSQL_DATABASE} \ --name ${MYSQL_CONTAINER_NAME} \ --publish 3306:3306 \ - mysql:5.6; + mysql:5.7; ``` Wait about 30 seconds for the new DB to be created before testing the connection to the DB, the MySQL container will not respond during the initial DB creation process. -Run the following command to output the DB URI for the MySQL database: - -```sh -echo "DB_URI: 'mysql+pymysql://${MYSQL_USER}:${MYSQL_PASSWORD}@db/${MYSQL_DATABASE}'" -``` Alternatively you can download a simple shell script to perform the steps above: diff --git a/enterprise-registry/mysql-container/provision_mysql.sh b/enterprise-registry/mysql-container/provision_mysql.sh old mode 100644 new mode 100755 index ed3369019..c9e1b0b81 --- a/enterprise-registry/mysql-container/provision_mysql.sh +++ b/enterprise-registry/mysql-container/provision_mysql.sh @@ -1,5 +1,6 @@ #!/bin/bash # A simple shell script to provision a dedicated MySQL container for the CoreOS Enterprise Registery +set -e # Edit the following three values to your liking: MYSQL_USER="coreosuser" @@ -8,17 +9,13 @@ MYSQL_CONTAINER_NAME="mysql" # Do not edit these values: # (creates a 32 char password for the MySQL root user and the Enterprise Registery DB user) -MYSQL_ROOT_PASSWORD=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | sed 1q) -MYSQL_PASSWORD=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | sed 1q) - -echo "Pull the Oracle MySQL verified Docker image from the public Docker registry:: -docker \ - pull \ - mysql:5.6; +MYSQL_ROOT_PASSWORD=$(cat /dev/urandom | LC_CTYPE=C tr -dc 'a-zA-Z0-9' | fold -w 32 | sed 1q) +MYSQL_PASSWORD=$(cat /dev/urandom | LC_CTYPE=C tr -dc 'a-zA-Z0-9' | fold -w 32 | sed 1q) echo "Start the Oracle MySQL container:" # It will provision a blank database for the Enterprise Registery upon first start. # This initial provisioning can take up to 30 seconds. + docker \ run \ --detach \ @@ -28,10 +25,15 @@ docker \ --env MYSQL_DATABASE=${MYSQL_DATABASE} \ --name ${MYSQL_CONTAINER_NAME} \ --publish 3306:3306 \ - mysql:5.6; + mysql:5.7; -echo "Sleeping for 30 seconds to allow time for the DB to be provisioned:" -sleep 30 +echo "Sleeping for 10 seconds to allow time for the DB to be provisioned:" +for i in `seq 1 10`; +do + echo "." + sleep 1 +done -# Echo the DB_URL that needs to be entered into the config.yaml file -echo "DB_URI: 'mysql+pymysql://${MYSQL_USER}:${MYSQL_PASSWORD}@db/${MYSQL_DATABASE}'" +echo "Database '${MYSQL_DATABASE}' running." +echo " Username: ${MYSQL_USER}" +echo " Password: ${MYSQL_PASSWORD}" \ No newline at end of file From f134b97ffa48f4696a6378958892b4a5b4b0267a Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Fri, 13 Feb 2015 12:26:44 -0500 Subject: [PATCH 0396/1291] running-coreos: tweak display and cross-link --- running-coreos/cloud-providers/niftycloud/JA_JP/index.md | 3 +-- running-coreos/cloud-providers/niftycloud/index.md | 5 ++--- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/running-coreos/cloud-providers/niftycloud/JA_JP/index.md b/running-coreos/cloud-providers/niftycloud/JA_JP/index.md index 4b34463ec..4aeaf7979 100644 --- a/running-coreos/cloud-providers/niftycloud/JA_JP/index.md +++ b/running-coreos/cloud-providers/niftycloud/JA_JP/index.md @@ -2,14 +2,13 @@ layout: docs category: running_coreos sub_category: cloud_provider -supported: true weight: 6 title: NIFTY Cloud --- # ニフティクラウド上でのCoreOSの起動 -事前に[ニフティクラウド CLI][cli-documentation]をインストールする必要があります。 +事前に[ニフティクラウド CLI][cli-documentation]をインストールする必要があります。These instructions are also [available in English](../). [cli-documentation]: http://cloud.nifty.com/api/cli/ diff --git a/running-coreos/cloud-providers/niftycloud/index.md b/running-coreos/cloud-providers/niftycloud/index.md index 0f684c89d..61a390ad3 100644 --- a/running-coreos/cloud-providers/niftycloud/index.md +++ b/running-coreos/cloud-providers/niftycloud/index.md @@ -1,15 +1,14 @@ --- layout: docs category: running_coreos -sub_category: cloud_provider -supported: true +sub_category: none weight: 6 title: NIFTY Cloud --- # Running CoreOS on NIFTY Cloud -Before proceeding, you will need to [install NIFTY Cloud CLI][cli-documentation]. +NIFTY Cloud is a Japanese cloud computing provider. These instructions are also [available in Japaense](JA_JP/). Before proceeding, you will need to [install NIFTY Cloud CLI][cli-documentation]. [cli-documentation]: https://translate.google.com/translate?hl=en&sl=ja&tl=en&u=http%3A%2F%2Fcloud.nifty.com%2Fapi%2Fcli%2F From 6fcba4d0defb612a34fad8ce4ba878e219530159 Mon Sep 17 00:00:00 2001 From: Joseph Schorr Date: Fri, 13 Feb 2015 16:14:36 -0500 Subject: [PATCH 0397/1291] Fix some copy and add some screenshots --- .../initial-setup/container-restart.png | Bin 0 -> 647687 bytes .../initial-setup/db-setup-full.png | Bin 0 -> 477162 bytes enterprise-registry/initial-setup/db-setup.png | Bin 0 -> 166330 bytes enterprise-registry/initial-setup/index.md | 9 +++++++-- 4 files changed, 7 insertions(+), 2 deletions(-) create mode 100644 enterprise-registry/initial-setup/container-restart.png create mode 100644 enterprise-registry/initial-setup/db-setup-full.png create mode 100644 enterprise-registry/initial-setup/db-setup.png diff --git a/enterprise-registry/initial-setup/container-restart.png b/enterprise-registry/initial-setup/container-restart.png new file mode 100644 index 0000000000000000000000000000000000000000..618ae405fda6378cce2b1595210ebae3b5b52242 GIT binary patch literal 647687 zcmeFZeLU0q|3BWvDW?*Z3MH!)r^HBN*j7j7bQG0xIfTPvWo)^eZ8=UMA~~*SJDrk* zv5*#qTwiUKYzT8PTg>Iy#%9}Zy+7~I#rJo0>->KIewo{CUa!~l@w&er&&T8bxOhId z#48SV+qdr9x^CUN?H7MJcWvFeAFbA{+eG_uv+_u?&!->Oty8rPw6(o*(bo3h6%;Zc z@V5WDb-!#cb%DD&UDSkBABlbZ$CDlFk3F@x8l5q+X;aaA_a84FeA>L@;ltsu&`qr0 zA8s;ycih**bG_TP!{M4ObMAY?u3llb{JuQ{8T`{+H3O%hMG=#kx%h8z6+o{ix%t1Z&ZkF#`s@>cZD zu&pawp2X~2w>RlsZ_Dc6us`sd4}uQgf4%M=GdXf8aMRYU5eK`S4#)n8|2yQx*50(} z(E_pGwv5X^!%WrboX(y^_GVcG|M#2eatmklyNMr_D=17b3-?*b)s9bJ98 zm|(YWp+wcq^~n2MZk=<^LUX(_(_=l#$> z1GY6s{Pt7RORco+jh#Jqzf6)$G`8Gef3mGb#GX2|Ve!_9okp2|{Bby$W`F5%yN1g0 zj%(-7?wE{!4Rq$bWLkW>_@_PU{jm|%vDwx0i*bI8-9Kskq&xZOZO&00+ftY3Igu}Z zN+>}6JQbz>afj-mgZF;E-s^Mxx7d<`V)C{+q4bJn~4==NWrpW>4*+*$XE{@h^7+|uDM z(93k)U)7)5eQ5gnCQdcs@wCqMjDu25n*AUC!E|5{&=pY{M?RXnvZl2g@oTlZTw4gw{!ET zxp$R|-`X~BYVCz}W!EZIu6!xF_j<#Q+>JU>8yc|E3^V+FT+!sZHgdw&jPtVaBf`Jd zYuw4U`Jm!wqOyN?y4l+}^&igslpL$|%e~#%$*+y?!=6X)>;8T9$_D>(9p|R#e$_8G zHD~U}T~VVE_NpdX3)c8ee&dtnhFgH2M7w7uZ-bXDy z$6WViCU#JMzP(puCM zkB!_-yyy7dY|*Ax%R2$s!WzG^qFcKcn&{n(9KExGu8m*!bKI!Li$6AwUHn1A^xW~Z zvp*$*&KJAOlUB}rx@dgt;DHa43!pE=CR(c42jHfxolQGVZq+)P9F`1D)<`Z+4sXSnZ#UO4hgX?YT{ou= zZm8N?H5}B|M}7sq!N0+}R()OUoO)HWm~qAX1!cPYF#ONx^vr)|7PSr`#Q?88@xKn0VH4O&3ax4NDq{zV+uDeeB#ta?TmU_L=G&{ehG4`aIN@x=`q*8 z$Ji*$$guRL(Nm^Q>93`F?$wpimDE9pLDNC%pnYWog2bBp;PcgW>W}G!u)Wi_dqD+D z+4dnl)JE7&vBzBaTwt(uD!qbxUhq27zqYP+uU9oWgMlaSz{!1v~hW@$MkCqX`fOMe;uxSR7Mb8GIV;TI2H?0j+mg~w%&OPHRL zo?ShAvu7=8kn~gHQw$St|B>HD?)dncGJP}8KWaf{PG=G`uXUMc!j0H&ZXQQHj9$O0 zm@a2lq*NNeAya7ZrZk9zR<4N$sJ#>aIQ=&gdD;Dw%oo+kAH!t zWXfkOjZ0~q$TVP>G0}-U5HQ!}F$-4q%nMLET(_-OJz6n2F`7PG@ukqOQh2N5>+Cat zG&=q<#4;{FWPr4zj~HO zEX<6y?l^qJ=J~1TN3R>4GQEra8fQ{b-d&zsJ{MBGkTdpZXJx|6ggrZ}4?jA5KCLfp z*w3c5TenxI<>A9rcYyGxL1TCAVUxW8>wuX~in!G+B|Wt`DK@)3JHu4$SL(Oqi`RAp z0IX@KwRFqEw{D^E3F@NLctl(Mls82DW9J^>1=zA^fQw`@aN5FZr<(Ymr zF~qdx;Q7pJq|RS1|2mvDxODleMR9!~>Fa6AZ{s}|ndvVat)K%pQFM-<)2YHA3w3^d zR&ca%)FYOr^*7uZvtM~Q6h9WNgT zz@M0%H_Hpiq31&RV>1l{9=x0APrOq-=A@dCU}^0_R1MdR2WKe4VkdqVY(mm5%is7s z{rEm=8vw5<_q@EN@SGb8k;eGDhn>#uq9NU8UPlg(0}IAKZSzm@-{VipOvr?-G)~1= zL6?nsTnArwV+USLE>8+3EnHU0`frduya}eEa4A+*Or4wJ6;|am6HKzZzOSi|Jcs7F5H39(G4~ zOjv5ysuLKr5NNs9)$SdxYYujgx+Ly@J<&a}EmfTV6Xav>%Ud&6IZ=Yp-alW|6zUV+ zjo8qrlXpK)q2cf81grg#qGk{qZO6cnps2>BpNG$jld7_Yj1S2BW?4-}b4FEJU}Ki| z;=4~DtlkM%ZYYWk%I?Fg(O`k3W&cEQ<;bPlC@Hhq<4$!;we=ilC~DQ?BeE`nH~eha zu&ykuemr(8?iKqEp3UZtgwOc2H`%9-1BS6DqSw|^*PxIpV9a~mwZ+ezz_569+edmi z-H<_xV#;BQwbjKO$62UFZF$t9KU>-oMXEJ;}eEfm}PS>wyn=$*MQ zBM}AjLiW65baiZ|jg#t#Da885xJw5_=%%cfK(PcRmF)hx;7ZuugIAK^zpbks+|uB1 z79MZ7?vjHd-`+n~$ky1|y7~Bd#YQo^>!sS=2lw*VuS;B7_xJwwr=JETnrs6XO+@^> zZq(S=c8}@x4n|0*^ZMk1b9U)sEVk^?I<4*NNEujc-F~SAg0zDRt=Bz@l0|?!bKltp z@4WKWW$FCqiTY0bI`+jtN?qKGIAv9_CFB=3^tyF>kAC}GfAQLpg>~!JlLD{1-gUiv z$;uCT$JpmLq_4km3>ZuCP+R|8^L7_~5@T zxr+cFcD;P%pe+*Rf6(0cl(ETS$ku}g589x93$VI&?!v!^EB^x@zIFF*h!qeR5fNb= zVP=d(!GWeA5C~{;5_s~Yk@5;7bX4$NpGc!%wBCOR`A<3L{Ly}>z>vFv$l!zD0CcyuatsH9e?Won2z)1hwuIB>p z_y?nv_kf%mSIt`C&tg zx`_ezx22b z)tNmnH{AH^fB*Bpb@0FK;Qxm&)LL(X2FyIbVkg%mZ@L-ozfbtZ;S#)re^YM zxBjs~b`{k8QkuD87=XO^>D>3bCgb@TMQDrJ78&hwFW@!1+8|sOElnai&0)N6vliD^l#(x@23aNS7#Ka&D*dhyv#m8C*#<1FdqwyG<9vhm_E;cN8%NQXMR5#;aKS zqg>|XkFhQw@ASIsp5D{%ytcU%e!p^$hdkQ=6autrKZgzfv{ZxStFy(J&A_u=S>+F; z$J}3hKd4s?vfYte6r-a@OU7^yX?ic@CUVO$b_Q-fXr!$u%tIW1x2*cuXY%(-48d=L zJO^;teRZ_rsQG#iVh#m**c-Tl4iXX2o@LEXC$O#)rD7)Sdj($EM7$6y9=0AHMf7OxLEwqUML){1vALvR`A zuYY&!UU;H>Z0HEIZy)ht7Ek==5HJu=fZ5}p9sdveGF5k&ib$Kl-=^_1^W>_)TW zmUMMichC1^4FNwXKH!pRVi_cJo+1l=g;{K`e(eZqb3&EP6;Qw5PJ>-WkKtYMzXs2* zc%f}Fc@)`5s%RueK(mxSU2BM$m&T~F{h|lXq|UMj|41FfUYch{=azkU&NZ4|)ZmAE zjK4I0%pA}q&6c+hk z9@4pqkWSvUgGhU3sTIAj7(X^amgtfKjhr_U=Wi&zS23zwn5jxs2J)Fz+Wk!+k$p zkYYBGS7YV-W{yn;j}1%@be3`P$4k(jO-RSVHjx3VLOL&1?@jeoRLNMQz?R^#Hv*45 zj(dy%_6f5^AH;Y0Zo<2=iF{-931Af1c)JI4XMQiv5X!6DZO1n6_gF}E`!a(qT$HX& z2>qBi`+0M4)=ih}8^MS;SX{;gj6r>8Q{7+4q4|Sni@x7O=x!VEkNSiid*CU=J(AyXDt=8RZ6LWdKpx-`3!)&6@w*CiO_SWjoQf~VY zm52_b8n+~tm43gTo34(20*o`p=zT5^$!TUcc9ELfbQfoJt~{sW*UBr+z2%RpZ74u>X7uIw<8IBoC49o92WQD@Sb# zO$vjYVwDqI^L$>1TNKHw)%HFKAMeFqLJDk(6cAZ|OqYAv6m>Udi?QicnJ$-V1vczH z9G)fYH^WkwFU{688P+aIawqKXt5H6l&*D$Kn=R70YkTJ)t!pv6CcTRP0h+ zu@7bWdUlzwiEL`H-ng4I|9sXm>>)TlPpHk?2)VJ*f^X(PUUqqVBiP(daC_AQHqPj4 z>2v;Whgul>DP&G%87<7X<^e8VJ07uxN2NIl-SQR*3Yh0wf#m}0CUUHr=QeAvxGG@^ zJ$oazh;#y&aDuw<`u3p`h9%W`1%XO8oN!tqzB<}wBzHowUlT>wzZ*fw7j z@MhW!I?++}$~(8_5Bu(iy@MbOV!jm1WA^@oe5cxQ!5DV}YR)UljiA1V<)&}6#sr)Q zH>`i<9an`PMC&BhZ$_|QywgY;c{rZhP#<(%Rsauk~)Oe>a0N2_P3+401(K4n% z>Z+4SNj8$b;!>tckL6&$KYP#Z4l|x!AuoNb(k;2iv1+q6O6 zit3^f|6L_dXYM+d89=D6y3rLQDU3D^fQkAyj+AFwW#PRxZ^N5ap!Ht7X9^db$HCIP-0kpElXp4Wj zi9u?(Z@>w)ysBmR>?hsO^sX2I@%<5FOfQrL6kQuCjg%6*y_Woz(~S-%Al(=R;KGo? zpc6D2tYs1IkCmb-ZaIXTON<4m;*NR}dy)<@pPzZYnjkmtRaF?v^ zFzzTbF@u-%fEM7m)Jd?s{H+v|cfx1Su zg85cL?NFN}8~8@eZU-Q%@PN zL2Iudm}(Pl)p7yeD0QW>BMaxdfGq7mzw*8`h*%uJSSXIlTw|u(=VGnf(uB)KBcx~ zktcTzfx4Z+OH+lT#cSR94@(1GhKl#S?MAM4M7)AC1H4;7S*thZcF{{AQHbxa!y^^D zEycF0&e#m^N#}=`V69V(k&-*B19}%Q! z`+X{%RWi0~=HHlBc!J`0)IgV7-`5XFt42_agU{j&Z7J%#W9@9V!4^=WLg+Xo%Vouh??f|BKo6@>kM@qw7 z@zl1UIkf{kfnb_q z_Wy(Uf!b{;)DssCG7l*Eprh1;o>pb#eIopR$Iw=5e(PX|^+a<=eW&Lq3sXVC@c3Rd z*;oy;{j_v$oFrLXHP(QgK`E=a#{BoUzwxFq_CN3?lPI;^N-l-_;_{{OZc-CNcd>#U zIc`RhbEuX2bJy#$m0Lq{biTX2(h&c$!4LnO_FS=>d%cH8dEc#^*RH2kFY=@OO5X;S z`Z4-S4486dE+GFzbE@M76@$7_R zZUy-=0aR)}p+pEQItszOAX!G472;ooKkStUG8Qkdd5)u@7ufz!wm(5|A@SfF>{tE} z8Eo!2(xK+PNAE*ZCb82|)fGM1-BGaTS^lb1o#BjgumCyM?Tx5jDVsd@4+_<;J#Sg+ z{T?=EP(SB)os$QC1IuReqoihKWqZaK%0>jG<3;pHggmhZ zv1W`vM+=xk_m@fvRul6mf9J92HWc$&XXB+QI3Vf)=nhwOFJ7I`ex0OvG<<*ZWZ7_m zNN-}fv@l<&om6)kNeVA!zY|>}to(!cptf~LFtJ^Fvq~ev7$4}V6OKq}9va4HLHBx}6#JQa$hcKb z{WnGkOk%RI>gIA)1*4WJah`AXUt1(keF z+-lPg+Ew$)ALtrp0!25wHASS9m}b4LErZ3?x$|;uMBQu2Ed|1yCmR_dp3gW->?QU*Ui=XALtc{=2$5r7f*W5h^_eA^3pkaAx0(8dRh*+r z`mC3^vnSITu7ovu2D$__3NO)=OG(GKCicyX@%4&f>$xo@7=%GI;R*LJ?#kUjZrvK!unspJmIvanpskY5a&##;)Nj20XphQ!Er4sxZq* z?%Wf3dEvzlxclZ2uaL~-D%7nWM77|vW1sO<{boH;a5%e=38ZAC92R{O zT^X->;Wnj&;#%qrg|oNlwhv@*4@8j;T}}6vOp)YMimwF7IGc}6kL$H*VYR6F=ZJ6tcRxUveL#sCWq@`Pv_IY5=BZ``|A`?fB z)ny?7RE}PF!qL4XSM+#AKq})P>rX6w%xiBJVZ1c3<`RYuGbt?L|nRngVaXkdYL3Kq8lM^jhXQ({-e06)r*fR~~uASBa16}?) z^-M$YP>gOmBdStR(4#A8b&Z#~+2iN7un?qLLBSq-hqa(!%F+zFN{D zT&s_I;be=wD~KwfO~v_VTc3;1_973Vm!jGoy(Q_6BZ*zvxOf@Lx0i(3P#XqHaIrm6 zMX)OYO?22EIKa7xNCk-nL3eIyF)LB7_IZq-2{x@{&27X(55jmM`JCn&wIB`T<^Oo} zOX^L8#qJ{Qs1;s?K5L1+M8X^V=18>|ut*;Aj_)3GI`Ofn?iPddG#>nuqdTUXn&pDn z*i`-^qse_xNjla~dG*R)#lnjP@HnPPyyp#DfyAr-Wgqk`m{!r3x)#F@_%^|2AFru6 z&e(8gS{}9u4)~>NExA(2O|Hb5>dY8XVuYICG^}VnVUx_CN zA9aL8ZJzei;16-M-Sl3J%qu2nXEfSA8~cTwf?q;%`;km8ZlgV!tpF=za^5K&2K|r~ zt<2JvA(Jr(>hrC5Szj4WSTF7Kmh~w_7WgF#Me6XNJSYM?;qyrTp)73572W&LZL+6S zQZ0FHAbnB)u-dW*!PDU?v%0L$z?OS8{1tA^YtIX z3SZc;F1631US$UI(oENDHwFqV=`!<+q9m8pqzqVxN?V8Hby{6l$Hvuj)hwxkf@z!O zNGR&XWx|>(m7t8Bq*!xH!bbMl)TojsozU@8zm}R8B~(as-OC!4cB)s*+vLVE%+9g} z!8>OuoW%cuWNSlR_Dqd5vP7(qb9g0=IH9JhK$WCz(|s(0yc3@RHPIo(Yb^y%MyTB$ zdDh?TCf1IkQ0;@9}&u8B6OTB$F%^Js=GxNbmCTBx-jV!kM0JGxwpPbc1+P zXWUz*|0uq0pZ&}L|J8cyL8@1g0WC|5KTetQAYoTwW2giJ2Pmj$r*+BB8ZJ>0XBE_L zc42>|V8d7i^siJB1R!bj6Q1oza?C%ZfF!8%1>LS*po%%G0N`>W+6t6R5j6EF?UX?b znIA=O)N&skQp8v~t7LqE(z=N7hM?vavAsWW2TDTc7$ z02qlDC=*X(Mlw2uvyo>NFy9PvAseDmLM6@fMjCml*=XP{-oJ&;>4__;fx}Jo*#DFY zK_`%wb}EDaI-*jls6*-5ztpcuZgN_(>~Sd2zh-c<`yD^KZoz=Q$}wr}RCoCn1~KpJ z;*_kv!XEzcevG;_b5qzjYW?{&uU;VqU}C%KMj@e!a(D^9CbfLL5UHN|v@fFGckC-$ zAwF5hOphQiewh7S##YGKis6kjTNnTue5yQM4UQ&GBt{^qtP%!fn&`Po884iVE>|t3 z#gM5yJg^r5#>myBQGAAC#vsT#A0iha6(T&(4#%;Bh^xx5v#B_-GWwK7{3=jxfwtnxyd$D!BUa3+SN`02>KLFiKKn8wwszZ3hrG5(| zFvuC}28Wo?try)G5G;R$1pBOn=5HY4{HqL{qu94z$;~lH) zzsxJ1{R~zPOFTaF)F%G;q&$ZbRRYmk8%mWV?lgeY^JJp-kN@&$AHZ9K@+k(`%uhUI z&I8QAAxk-UK^$}?4qq8&3L&}zdviPQh(9PUR4Q1(lfNftJHCyrp zS}Mz_wm^@{d%UGp-qJ#-d;%)>o|F53YCA3QKRc84D@}EwWnsgjy4}h+=QSx8oOlQd zN;tqYBg#Ivhf*?2@v%qMRBJo@dUTwVLCpC&cepXi7Y3wgA;w29>Yz2uP-?zQD=9aE zZ}{E0neW|Q3DIO_2$ebK=brQ>T6-BYK&?cxzi)^Ac6{qHul-$=X`m4})|?xnd}4L8^g-NwZpnZ+0ZRYoA5OPD^#kK^MfH`8%O+rR23I#2ljps)^29ftI(U4lkNct zQRVLC>-e@j*0g<8+rQkAXg*&zSvQyzW|+h;lbD-rsYklmZ`wfcfvd=Th4~^(FtF37>aJ)mxKBr8HM@g4*-lY(nGhCnH z$Lzt7UweD2hBCet2+)~$P_d!fDiUX{ZA+%#)~L73r8C%57ta(<=PB5ULK)lcATAQAT7>B z=n6^-*a{V)MCm??DBOTHvCt+p>P0t(+~C2|v>j5$1G(KZ26hgu;MjXhJ^|L4NEy>5 zLLx(OF0>6dyg;h)EpISz3%=FS8hXw((>dm*fg0&JU&vLty)0g>u(|Nfjrt={Q#0=R zyk5zNM}=V4#u0mCOgEx*Kj}3pMy`op)Kp9`aH0z6bQiD`crh{RX^y=P5G-IeOekY; zFT5;td?CHfa<#e1Z$$S5|E}7S==N|^iNSoyPU{GFfv8~Ky?u3)&oIt6KH9z4Jwk21 z$C5|MtYfzDH2-|tJPI!fFVVxGJ?RKFe#{EpPkz0`8Ra{Pl6QAZ=2Aj#nq}!oN>oY| zE(b*Z`MFUGs!@#;{b_E`Q9BXu-APj9+k_q;*~Z)SI@0p`Vn%e!P0#&dk)L`vbZr`zoHQi2^nW-dphTdu@w0GW>$ z-kV+JrEYKIJrCx5ModrP&burIT>{WTMb|Wd4%SN|r-*x|spbLsqP%K2UpD|81%K2} z{q&?7h-Lju2jBU>(boSb4D+iD@T8Xyo`ds&UbWw*zbKglPtOHXL>kr&mx8GcUkx6_ z(EW^7OTWx(9|jtma`VmRp_n4G(XbI)?!r{eIeHwBDM{`-zT}%v>L(11Y}~7Mo7>Ej zmFt#+mFY6IaL8~bbqJ`;4gwpGc(Lp3hQUTmoUclDhmoe1tobn`s^n;Wm=tWwX*t?j zi{{GUz_87=bWFPrBtNx1YN5rQL~-}`Dp}IVOaFptcpuwCSg8dtH@;DF0aW}a=DsXV zdS7RP%*TWOO%}xZpRxwjRzsHJF&uJ=L z+6hvpx$@1Ni@TG;aK301M%~r2JV%2hZi;RYeaqE|sIqb>s=l1`vS3qsBvz~&Ca!dq zCLXw{Uk$sttYHgLTIm{dR;-$)nWeQv&k>XAK5H*n%^yOq+=U$GHEJTTtw9-46uRSW zhv513+f+`Y$Cq%f>it9oQ8DB+w?||*rzz5?s#M2(ofyUsj44Axv6_N!EO+6AZ@gNU z?7|!xJERlcKKb^|>BUwQz28Q3-6(VlDSXU+^%4InbB!?#tKwpF3Qtqqo~15+v;)lIIYRqj(h%0wAp8#V6IW-zkK`JXXb#0Rztx@F#+Fv7 z>%_&N(&N%~OUxHPYq#EP9`GYruEFB9P^)@W{vUv3o$;Q)qKV!tkhBW(cf5K?cUQYr zl>Ew}R7*dK`%b_V% zj(hXtLd_FGLSC*;6p%vzE(vO!5euW%3uxU1FVtINhrcIeT2RWRKoEj&Q>W~vAp3{1 z=Cs8RO*4H)a459*JMW^&zuJ;wh=s6?*&T;h+gp}QQ57UB=L9eM`5SeM zfq%rSv(^7t(Ket*RGdZ(*m|lm)3i{&{i&)W!j)CJ0WhAuM|3r=S9WP6DYpq%4r>-^ z#qEhF@pssg@pAmqyxy$>$k%wN3J4ek@m_#9@zZTfurj%_bu_nA^a!3)>oRv1l|1Ap zdR#%?^kqrGmF~#bntoK~74*xAly`9iO%UVMiV~pw^6Wz0=e@(rPEdiWl+ucUi_Zd{ z;gy1*n8pZiB3KlU`H?i{^*%y4KZA zXHUu}X$xGH_%9nFcMijQw36kO#e>J;0P_bF(PMB7UD;3DoL;Os*~gCUBnE<<)f{^1W0*mXwZ*o&@hpqFa+q(;iKOP$P2;ArGb&4YQU% z^j0gCg$x#ZeQuy;PI)-yElu}UyQ9gC@4z819B0}gs8KB{WUfWp9)o%U@1Nh--FWDN z+5~o@DV`v>)n`T#IU-UKr{84t6PJt9HOqiZS3*pMG2PrczIK^<8dJLS3kd}JdfB@+ z^PMeBFlPNJqLlfjgrB*eU^6&#*^9qy)lPMJlK#%pa(T9?Gro`U4%|DKhlT?nVDbTc z%Y3an=q&)#m$c84brQ=DM0;T+pSLN?i<`r`CR1PHdLX_b$uNL;9Qzvt)L}Lgv7I}* zLoa@jwm4?%5LG#y<0>tzYBS&e#s0RV-AB15--Z@L+~@ZFkVUBhoJmi$1^^GE^#1M@J&^Q7RBVObndup;oAqbXh6& z;}Kq^Izy>-)91Gn5IHnqC8!L7o!+FZGRlM1vzKQZ0|2I$7s#oYMaW4Kfuk*|*^CZJ zNNb8@uPhuYv~d?+Dv|XLPUJqCJ^ID~JI!g~Czb%> zEGwAXkrlI&vg}!0rCivb+-#6~8k5els#8PFWpJJwtEpk7vQZz4DIc&?O-bWVc-5wM8yG}AkdYg8bbL7` zBNmXD_G78eU=4(#QuH>!50f~1kz^IMDDi#N(qX|LhgG24?Ma9V);@|XCp~Utxdl;V z-Fy^4)5EfY?sUBirZ#pw>lxuxIh4f_Fh@Z}NpZGpNJ)&VtmKPXX&op+G}b#YxahJ* zFV2XQQe5g@#-fdStBI$1eT9y74OXb_%-QwnG;sfn-sZM;VJL9Kj+>rt(}ZK)R8uoW zY0d8kKsbNe6%!My@a`B`1*NW8^xQGOHWEu|9p~hQg^~wAoB~GG0OC= zJ}~}7ot;KQRK4-{tR5QWd<;Me+zVM}>2*&CpIaKAA_2~j5*%|jhdDy9mM%<%&aN2Z zczvCXvi|?YhYP)K9-waKi|$=y>)saajPv72-fGV4Ep=QZ`qU##RN}Qj$>K-q095C* z8;s^bXepRH(C_7o`BdoORZDaA3l;Rdvt-Ta2tM%!XR0pT#&bD;Szs64r`19`;^%*1 zSGj+AP4);55!|YZ+2;(BzBEm)ik}%nb5A-zF>lroiyk(NC-^|chxLmNTi)LA zm^90Ryr)~DD*|kk%lk$)Q9w(rRzu7gLhITD5Wm``(D@7aV~m=a3d{B~y~!~ptL6CK z)X67JHWX@1U;zWBM(NiPq-jjVjKoKojQ122(90bG)}h)HX0FzCswiKA*^)Af#N*1{ zgHoE~#-0F@O_i(RqQJ()4&4}T6;eHV)E6sCa{-jYS_PAm*)W`>*I+LYV2V|>oE$a? z2aLiP%>(J^d->u_on_1F7=bGq;(LKSuuq|hQbUo~lePs*8;(A3tu;TP$1;B4C0HvC zu~Q~iktUK3UhY&_xdR0i07jrbZfkY5$xPD4mN#?1hCWBC8Sc$%irV!Jc-_tBJbS}3 zZ1YNTVwV=FaZm%;3Tk}3bU2{j7V0|tG8I9F~pNW>fyNxr5rrD85)d+nyC&oDr?@tUwQoc9l{< z9Q)*@#S>^aS;<~+RsPHw4k0i@JyFr=v3y~x7U-RhG?d=((imey7hlASu4C;)SMLRV8W?Q&=$Qdtc;%?>jfo@qI*#LowD%UnLX)YG28-8_StU9NxK;x z=4=yJGJACX7ZM>-AS&Lngz{IX@pCL!^ofxp9;gqt-A73_OhRgQ8sZIeN%4k$tEpfl zs9>b|*3>U-9VYJo%{Ux!ns`YTZYoP&>>0%eSm~&L365HrY0dQP6Kzk@UGe}Ia{H&# zdPi>9AUcl9cWq-l$56gRWY zOESE`055=se#QDoul?1&Uf(gLtLgG1O6P&&@%w=5@qgw3D+qAG`^AO#k+R9dKxR~7 z6}L-eTPu}oQyeqyX$GPaHg;tb;%7o1wYo=s_=84ZTcSm`&<9rNk0#xG(&MQoAHZ94 zo@I)U!O2^a<7%sBD#!&YWF0aom%!yz120iN3vkkzOFgea&cE9pn1q^Cv{|nb}pS%@*OoYqqHA^ThtKrBlq`-TFqSR-rV& zaK+ab0j}8TR>($QyP(@6I?N?sV=BRktQ72^3+e{3k2zqP_hG`(^yL=oET+^4i?W0c z!IU10c!o24gw_B2c^BZ3HU|YQA@=BM0d78F?Xpo4NyQxTJixqZ+Q~wsy~FyN-x9Z+ zsEO{FB%lhyj8TGiANs08=%606zakI)0ysjg98u?|f5SYziuc$r^az|Wd-@`C zEUAz1wy0rcU3zWiH_*f|@d?RGZD-Ou3gcdX+P*xCcwud}y)o}k!%}owx}6%D9`UeO zm(ofcCYWLWr43h-4qe^CMd{yzFWJBPk+zsuHQV`ZrVgnW!z)x;RkAr%KR7BoyCpU7 zk9IxflFyH@o10TU_t%0-cr7p#s1O#IpG2@hWus|M1W|&yXogFeN{TQp6*oyZA-K2H zXgQmCLFT+qdg-Ndd&)ku_DP&8I1g+BX*g1LG%{MA3LjQ}ZA;LDzQW)cvxDK!Te&?x zU?BHN7ijWVK8(XjYa%S=k5}52P~aB4OWw8Uz&ZfaAbzQ-r%!4Ar>Cnw^}~O@Y_#|> z`>e6JX?kELc5%Ialu={v65fVC=eB&+tOOF~M_NzOGe52DRYjR*!RW_a+dC3|^0|3=Va1@lBIVL7Bn`lQ!fW8zDe4Y!I8 ztOoZlukO;YAECmwQ3!5XZ3J;?RZ2L@Qk@y~Bu|$+`Pw+OuH)zf_vtLHAk}Fuh3tVl zk)1q+HWIaOav<@#*6FE0^j0|w>Y5#CmNDEO0&K7(uj%BBhHZ-Z6F4>nriT!C%_<8P z;wDp9i4HxmENW3(dg*g_Rbqy%JusV~UJ?~G<2}F`w19+krtLjJ7%?+PkHE>=Y^{=| zZ~HwC1^q4r-R#?vM20a-2kb|3Gxxo#0q(MWbaq(TR4YZ_``C68mgI^WU&hFlEC0Zm zZN~AKBAy~L0PI3Ac)P1}^; z*|C`X%6q!lq3EfQsIXwCfBjuwHKsL)Eg3FN8Ey8fAet+iPyBCtIncIj#jha?p|Weho&4PaH>|U)U3lb1<(9;X;LC<>ow*vtJvJbq;9ur7(i|h_;gzrV zn{wQr|L1oB0M{%2x_6lky|OatgN2T%<=GmeMF~fl@vQoD4ludTd51-^if#}p!7OzT zKR4gN$Wj^MP3v403ztUBO|rleQQ{KtD7mq!)1FYb3>wV@bUn7Sr&q_5FAY0WtYpwJ`c@Qzit+ zYv?RI3LiEP#9nBYp!!p**uu_>J?5Q_g8`lnCW7(2wv(Ku7xRPd193>kNYu*XE&|xM z0?2}dj;LT!4|ICdB2gL`#bcGTC!6cq&(rIQE|5s)q=kOYvU0YL(S6e*E|f^?9M zp_$N2P(rI9x22>k5k}*P;lOkXx71A2sc70Z(@Fg z7K*q>(oSSb0>&R!gjzuMPVef+;j3C(lsA;F;_% z9S~Y4HrM!eCdI0iqkdM~#&v=~{us0t{qw7#ENAufPE4SftQ6XlK1l2zOSb%1&&DW+ ze(?UZHk@+2-QoXx&g3A^xnldNoj>NW7OyuD{$amP1FSw?P~te~_?tYcTRSr$U2B2` zlsG>oSFo}sRq9FS4yUZ4?R}0W6vMcTq{LWZ(ZV%v0HDP}#e7sWc7M}aJHKxLnsJ&u ztx%H|C$$2n&{rs=8fn@%_6$>p+OUL?bV;%BUMJ>pb5B!b`%8P7 zW$Jz|_-%l_)R>q$aMec(z5rRr4sjo>I{;x-(wIM`irN134UDp4v|Y6oXQj}pTGWc> zB73IQ=_0xtUb4~6s`u^tX{g)OC#nd_s7>t7Qyh347rcpY?2ysJ&{!}!Rfkz)KIb{c z^!C&j8#tk==k*}LNPNIZ1+~g(Hisebhm19|Qe#f{6xR9qLfP0BcFOv%7^q7W1icP}V!SN^{~cQK_7gln%1q(f z4aES{jjVmDp{Ox_MVN=jb33w~fWv^xc*-8_NVlBpJDALMnZ`YxF6r7_0JL34cYn^Rp#C-yAZj`@KEroAS--llI-J`u(zcO^>}1jJbEsRb!&t=oKM%y#5e{ zu%iN1gNu24h50~KwAp1~CKtA%o|Osga<-qz<1t+eLapPuoy%Ne1h4VqnJ6igv3(W& zV-&4L?{*jBqS#!_NG-ixWBIr*bh^=Q%iQIJqL%FARC96_-P5gz-f-!w;wE?ce?Mk@ zG6Hyx#s$wVFsK$s6jK?dhM*jYl59PAop}- zd~Q13#h$9KASQ-f_{}Q|csKl6EqYJVWGN+7ycelhP&tSaV@!u_%$|xj5?^FRj%EN` zFBL;CS7m!0n3SgTmudXvKGbd_ip&`vsNLq&XpFD2CDmAQ!x|2%&jn1`wXBUYTpI37)ON(S7w5#FwH4LYKGU#s>V>s4 zy0tTXe)xI6TK+_vjTY^FnWIV93=T6f4w8Z`h!`$c((ojL*YN2g2BBvHU3 z3Jk^FA&*g-vi3J>uWW~p5mbY*uwUq@45H+J0O!p5=Y@y{jG`(Ab!9u+8=22*Vmul5 zaWI|;REVeeP_7&2jnb)JLHw*}2D0&z))GkYTh733#h}{ZHXWp;^i`QJt+6m|+t^z8 z^q2MsT0ldvUyHo4i=0tZE&T+Ti0!u(wZL&^>o0vt{>{hQ7a_fDT3^+QRh81|-yJPt zDO+#a$^I@KzfLrZkd|huCX*>%;h!h;T*cdQYF;YLkj6`N`$9D^PAtzVv4jx7=~@ZM z{-IFezsPvk?sG^zC8A0~^_cN4T!L;9y3~mQ=NTf4w|fk_FlBTvJzzE(PmT2ll(LrM z&GSYlsb2xDVg}mVClPT2vBdllD;hccK&!BPu3oMCgKPqsS(GK^<<#2xidJ-nuyiy5 zv(cZ}b2Um7F)#oG5kYRmd_rRGd=M|;+RnRbyD`621LeT{-&VHO19@xLyqDz+IXu2T z-}0(0RxpoIXby}B$+Yi_OR?JF0x!dRh_D!bJ!3SPv(PGX!?iET!nHF54O~B_Tz!{q znxI*KV3xmuwO3!O?MSKRz8}OH7R(Di8ZQ1*OYi+8${om z@!Rh@KmM3V=MTAmAP_sgLDjQp$>>=@)xof=fHQd$^4eu+6axl3FH=?F#d8ZX7@Of*T zN>G2~7QRw)9LkqV8EjvZ38?pLO9gb)G-iFJg~2)tW~AUhh57ZspE~9 z|7-PL%ti4QmC|Owf^~2mhc!do@wmADBZK%Vc9#&q_Y2&enApc8fIo1E2a0~_$4#`j z_Nf<|=+|z*bT^tTZg|OEa`&d~p7)jOFG`qOww%iUTyrErPm+mDZ*&TPWULC_`s5x^4jGs;sOh$A`=BeIM@ww68$@a=zZSRyk zRYpISthwYh2ltRxH{3qFdGd6EOJhZ|h8^xuXcmnj#46@&C1|yu&B>%;Z#vsf84ZZu1 z_GtaJ&=l{Lt6(TIVxaj_Il~f^fMZ@HgRt|yxPl0HjeSp7)l@5H@=|7e4Hbag2zOG% zhul<8E2adou$(D{mO$4f=2>sD759>qNQ!FSKOGTl07MXnw|1em8G~B?>U9(9WW&nQ z<1Dcy799&_uO>;^zvi)+2S-RLz0&>55+*7GPgJY0Ya!@v!*R&E4Pdh!cKklKGC} zE0tkAZzz{~`@M6UoWV_awYgF{FtjzZG9#5fx5c-w#R9s!A?u67zmvDXy<$wVKUz&$|lHggjIYD5vN# zHfC(+v1$@5GYl_ifALQLvCFSmg*Oe#G8Nq!j%&;Ecwr(-^qW@|%KsS#zGD`q&rl261epLfIov^O>Dznh&P@J@)B(h?#DRqKq^e$V&%+VP>-OxAZU z%p6v1Nvcg$Q9`gghtQq7rIS)~Y*Y%f=M8(8#v7&a9LbOUla^z3C#H-V0bfV2Z13B$ zUhLHkucxe&6rHRpy~!zI@xWPyIs1-kOx1E(a}|{h+93Se-W$oAo0ac(bn~3ca{(|9 zVsqGCxk*(G30w?LvwIE4@chEoUv?HfUyU)16aoq8-U}QQ=B1X9;@7msB1usM+xFXL zNQ0zfoeh1%yY3ELZ@pR*W|QpiKezk1#LdL3GQK0kyXDp$BpEXhuQy7gwkE_Q2`=8^ zoUO)aZ-f^B!RE=my?Wj(C3uZjPqOf?O>Xfq@>1vgEyO&P^zX2JBCa|v+80HR=2i*5 zgo~(e^v;&wh?*i37V3rL(;E{2vos6$7O~j5d2a-`HuR5m@?IiVt+$U*aF{T0?x7S( z|D7*Z5$|bmHHy^IMa9=-8kj`(-z-oGtR#hJ1c?X8F#~@rSayl%6skiZWgd*IFC?n)Ta!$eXP7 zD?Ieg}S>8I|s||j4w+X6xMoIX}a`Q zk-}qDRce}mrEWhBT;E-WQ95RMwHhxxQ|I0#%L=!jt|0d!1Z-LzCl~lL-!+HSu8h>a z?Oh6_Bv9avukf$un@XBS|1GN0&TF053F*+$cx|&iY=DH0dZ!3b{8<#=-Pe?d>ZmwQ zrZcW5Y;>$0|HIwZNRKD&-e(5D23~8$o7Vi-vcpH`YT9c44qCVfHQrx&IN+6u4adW^ zF=>F*k7x8hbyEUI#ndQGq-X}V%<6k}gD6Fg0IF2iqe)lOj~5=M`TQAh>}&O|tzyQ?&Fmb1M!PDy4_! zcekq$o^;!9Fl9Emw`VJ&Yyg&OXf&=-eTuJEa`7+~bmh+Ewp7gx)j`(m$I>Mkq15jEKcJ#yda# zRu#wvplZLkX8aqAcj_B>{zQ}C#ALhT4N-ziLIQsCw>fGRq#TO-{urz_>c|4Fm^hd+ zi##f@*!jwJ+a7WsuUWLp)2-W#c1#@jIbU7o?WP^T=gtc#;y~@enD=V(=n`vH&x5n9 za$}CEzJ|{@Q@C0GV@*J@ya8p_>vVre`GA(2D_b;5;p9|llR(9=JW2|Vo@$=5B!3Jn z?&dt#NNMEI)yf9~CBc#g7jQsj!hn2y^}oXdGD3t4Nm56x*PPdpT|&E;pY3S;f2_lA zCvO9CvMq)yHh~LWLrP?9rF;X;UIuV$ZzZrwBZEd_+XpGQ*R)#swQudR@mS*=~kw+6#U$ndoSGwlGgf-&v!f!#3BT-7P)}`eMhh+ zZb4j{L45J9D;SeCvn^c=|7?<1Ggq%(O8;T_O%>7G+NzpXjmhU6{)XpKx$rMT5k86D zo&RgGy0}`Zkb=?UP1^x$(^K{ri7@P%C<>uwf#XjQ*9A?}5vbkiCA|N_8X!n4ZGh#( zU#^w+b$P0PGSS=2)%NZ|HO|pb`*u`yq8nYzHN2HN%vO3+wm;PzBh~nAqT2LdSd4YY zvvSF>e60Ez6Sq0_gt89Bti)3L&RH8kIaX6YmNk|W#CHtZb`N=%Cb!1lc_-E zJb9klGH;c4Xhyd_yzflE>`pvF%JWxyvW6F;f_^ABleu8+ZR{*&e*v9`n+q=?YLg;l z3tr8q85nyGjwTmS$^zW2)(aY7^p67wtOqq086Z0@47&hpQKu7{VPk%yP=qi%VRSf2 z!Tmy2YwJvP`0S5i(WW%q%&Gz!Tb!*1_iA0kZbvuMxTlX1KQ~=e^#!bEbUdh zuJ6-{T%y+xmbhaV?oMD*D1c00Q8jAlRV}{AOseyyF8=rQ9o>!y6iyBV zG{&9yzz0U1_?=`~<}d*q<=oN7SNotIS{f-|a+A$j4ol$49j7TBLgeJC2xsWi^%L-5N1la<>qT4*Lp<$*p z5%jF}p102<_k7x(w<|+h2*9_~55r#Y3TaeaL%fqvO2cn%KR_o+eluA`)Q7M9TWYAZ zEV;8+bLWhd*Q(0Sr}z)NRV~;;85kQ1ri=kE*X8 z-ws1)7Wa>u_HF=6Nzzepp{}mc22 zT%7aFY6acz(&rX)#;r&~G9&-4CMwUHWkdfX!ektGO3@6?n_Kx`FD+OCaNwKt@95Ju z!Td=u68FmpHLUNp6HFVe>E0CJQ-Zp7DzNPpWWb{=;F(YC;3g{ccL1)*4`NkR;V0;x zLM>~O1=m5_2oTq!a)OzymiLS158iLn?|4^yGuQuptZ86@;E3UN+NSwt>JlcNV@SKy z&O2kdud2T0_+mHcewuvKAOG1h>fRN2qF@Kd0{=lH2lIaaKL%nh!|EJ~ze{s%)CEnv)In zzj!g|L8H4+F@uOT9WNvUR&QZ~n2#qx*z2wH)ePhp%Dx+rK)QFTy-jF5Tp;}=1omucOV}aESnv5p5Y{cP%co}0!3~r2+Mh#s_L@+)D}7CgIX}1Y163ER4%J( zu7Brvq5rRxcrtc6abPRfd(!)Utm@Ka3XQz8KyG!oFrRfnzt+1=K~)17dJ@Rc7|t6_ zDE7HXm;2TJ83~{-=bQ`K^0n0&RWd-)aQC|!7dgXmMU%4A%bnHa4q!L&*%Nw6 zfv0xfaU1n!Ax5H20gS3=#!z`8>hhyM3oMsPorQq;wdqCLT)@ zcm|bBjFO&FkbfEAoL8-Po?1EcfI9Au9EtdipI!R2IPdz+X~CG#l6OAB)P8%91(p_j zEJZKvoR@cSaT<12iTx`UOu`mKSlLgVnq$;BiS_$@@IGM0AjNHxhCNW@86R>)iZ#ma z=C4b8V6OqiHHW4}NfF6ceue*-EQ4i`O`OK8Ekgy6VZwpVS3Wj}GA8H2s3!p<)A*ja|&X|xx zq<)AOxw3M-ll!yh!RF^LovMcx!)GI2rr>&8U|~t^mb{Wh17HMXI}#0mN5{)M(k7v^L2FzY^$Y z(_gGoJ7kw8@lqIlYF9SVA&g=kkq?{9np+=lp{#W`zii07!C^S1CJfGBFO=LJhr;#- zv5XL#UYQ|DHrg!z*_{MDMjB#6wHC$J+cWgpz)tB%Jk}L(`!K~biC170se^1~#AdMvD>Q=9lrRY+??Xz=_Ccx{G z`7N6_z5->ZT~|eE;BMvvgba@*uRL*kXCp4TdD&GzW17Sr0{Q}<|D_VZViT{HMS*PGYx&%cg#U!=s)kqOvWP*-+D#l_s4(iV zinJ9TU3H&dAPKnhK|6nNDN|`Bb9k>pJLy%-#M|Ynf3G?BQN?A^2|bHC_f~c4OiwH~ z(h3<~0d@f+ygeNL`!4!5zF*fXUiIXD`LFZ|+8e02^O4(&d*TYnEk*M!RRbOE^9agI z&js{Qs1>$2uQ5?plEQNx1@4N~9l@$+iBp&D^9a+#d>yu|SE73VyJp8HUD_+BYi%A& z&rb_4>g{4T>(m868}-KIlIMNqY||>skvHmv#6Cw{uD?><_YXZ!3t`J<$d0P&N_RmL ziJc_)8}RSi$>0vnY<{0Jl1Gh_M;j*t*`Q-+jvRe1TDbjs&|LkdL;Wa>+TtYERJ9^s z9@R;%#dQf8=k?3Pr=a3kV)Km^uh%%XAaARz1h}vugNPU|q{(8qOx`sR*stj^fEgZ` zdUuKT&%3?FNDUd@A>u3uu)5OlUk;U;`7RkoVKR; z@d`2kju@=NvW-AK%X$4Qa}{u;>thL3hGRy{s;`IT{-I<^?Tj4jg3IVmdJhs$ui4mR zpIW3T0J_%PrKSV}o}|1m$D{TRJ)VElI#Z^GK_+7 z0W6Z&=+oWqk#99{BbD7Uqbuoip>k4WMo)+6?WjD?u8|x_ceuMfqaImS5H16s69jFK z3tRN$k~iU6K5nzYy$^D~9X)vX+9#ieJ>s)tTiR+;#4K`wO2UB4H`)4GFR7em4M6Fy zvT-oED?Q>;XjkuF(;-!;r)ejY{P^Wx(N_-NJS!R}{LU(S<^Wfa3K&;#Os{W!*HjL! zBYtvIz0|XME|o1Rpkg{q@DqH(G@$nv<~u z4`t42WAm%aL~Ug-yadVQpFe~lCj|MGd{aTPTXpuzaGA?zxi9*j9(ngQk5PrC+t#BA zCOX+0mogdF<+eXW6VDICv_l_3&*Dx3R)VtBQep6mwA%v^ZA_mj<_BuF1x@1o=MjPY zX|V_7^hg}?e8Hqlg~S*-`O_TXtrL?mPgp9)Ly0UIJbsttucgB9mGRS*`I8xizYOw#| z2c5f$vbp8-e5OLHi{qQCqT08%t|1mr#5W5e+bQ8Kt&|Y3D%j!U;+M;ewC)$*4PNh) zO66o-Sa}RZv@v2iFEZFy#(TQj&S&Yp;5vkoKVI-0{wkJACUSaJ(;muTgb*J&AlsVm z(pyNG;vakcH$M$#J1p$crspEo%N1TQzoV7o56trc9@;BcY&I#d*^Sx^W zlX1D5F)onJ7+{eG_c{*29UxoTDD3AL$w}dypzc1=yUFy=Ftf;4+c!7T<70$-Ew@6T z1A@M?@IfiGy>RdLOJi*FR?sfrWWwXl4@3W^4ShbBgjd50P`p49^q*g5C>zr(>EA5A zfM<*j`kzm=v%6O(_JATM1mG&~^#QbuD1v+wkiH z$IUqLnj0b$%zb1wkGoUxyZ6c}Gh=Hls8?10&%!y=We35YJ#Wd_Zi2^ItHxMRuhzM{ zZFHqEui4Y8X{GT5?C_(kU6=Q{%GmmtY5M8>>T{xfCZ2{Wwt8MKdLI^?{kd_Jdcs?q zV^vC-I-ftM<}~y|C8gBv{MteHB+EwluXRf!zQ?Y~U#9v2LhXwDw!+;u!S_==G3~J- zu_q;jXa}jSAUU}^r+mKu*{qq5 zcUXe{(O~EDpGW3pA&8|@5KGp;?c&eSRC#D0qP*-gf+x3_hd&>xYQSr=1KX~PIc!}= zVw7V~Mx;2s4?*ekt_jP*gW;I859U!v#t>}}^=IvV`~@On2b&5IHw|hT-%+@Gb?{7E zPsArvv%0NZGF|BB?dJFsV1(H{uvajazM@(NS&S>pT)fure``QsrRbDN8Th>@;0ETw&d)lHmjC)L3w zeYyPeAmWN8rooAHBq_&wJl)v;d;!On_YTDEJ^I17{!ul?zdOtLr%cv)RU-bHX(9e$ z&D>PTYKGocgCi2zHp4=tn!YVLr>0&@eeZ9XY5R;KW9pRI5?%N;E+*zi)pY4wH>dR+ z3fWcrPK+tYsjp`ryBp!)8g2H`#-~*g?0~&r$ExPP%-x8|TFlXO9-}G<3#^>v1pm)9 z)u-PQnLV2!I(*N!MTz+JQ_D$5D~HJe6He0h-K}u1PNgj6%Qyv^aDCRY)n)`D+i;@$ zkxwuIbcIx|a}xUAJn+*MIsKpYMv6qZPGiz-h0irg&%C9yo~)=cPGlK-&_Bm;S`-f; zb}t#n^_k)hDMBy5IIC3XOV4_~+?qRK(NbaN9C!lsP;b~2?BLq23ZBg|s=eJ@%V`|g z0Et^0e5uYku(YqvpTW_*<7zUq$Gwc`>Y8m5M5xXowS7#$_7%#OcZ;~56+HlyUbp`q zy-rMGOMM}Ug3m+x`*%AaVGilPj$~d(V59?%VO3jfp9VcW(soP9x*4kd{6PBuET^cz>X$aZ zdBX(yaqNqO-U z(bc;Axl^*1`|3FiDc`!HfSxX_ifJ{fF689$jXRoSZ3Th_K>4e?5qVth{GC5y&L4Zy z8Cw3_$^x38ccf;zb+hP-8T`#_2ao!L?n9-Fhc=C|g81O9%^QRa>5p~>AFWe<#g=7_ zray4ayDpj4X?4bZ2&-aVV*rGoHwxf~IC_@!U}|)0%hlDB51sDZ`1x(mcS~yhBlz(< zd}j#a*}9rjt5Vt#iwHAC7`5Jju?xtJ`mk3DbIjiquE zjs$}tZG-ns-fQ6*W*;i8^jT#YJh$g;1I&`@UHEK{0XCnccD=6rea7>&BdF-3%(s`w zi+$pFq3J$%X^dyfv%-E5a^(H40ulamwPt6$JaA{V+t>C>YZE2kcj z-r(fAwhae^$zKgVuyTOx|EJ-?qxegEqCi)=$cV*es}~NpwlXsN4N=uG*xpNDhc#45 z)qu3u>e2(xo=Jj}qk?8{cIKMuae|dkAW`Qi2GUndMA&^MIeC=^txDFeXNd>sfBK&% z=}du?V+r7UNPVh-X@d6FL*ypqNYWbvk^>`{LtxoGpA@NZ>dEA<6W>Z0Yo`m)!epQB zGrPeKOyRz$%LC`1F%L1XmedWJ)H`Ky%pJPZRd_$eztXot;~16v!g8pZT6t4*rL_6< zfiP&(z;=mBWYtQz^5v07dXp{SmC(Yk3q5DD8K3^Rbd(Nqhv;5;Kd^ld3E{kfFUY&Y zyHAVbofs|=M*sm$Qv^IIOe}A-qXmSSCYmC~2$zj|@MHw0ouN>O^kj*I5kMatnBl@E zkS|+8`am{Pc?ddE?|&#m#@zp`gyGLNNAlgNqtuw;y)D9%Mb=v(6+vdZK#T|y^k@O8 z1A9aYP4KjbhrQKqio4u=_(gLiIa1X#b79ZNTZNULyZU(iNeDGjN?Lsy6qWc!%l-MS zbhScxEk2JJme&*y-%xX-{->xe0@~y^c&z)qIRCxnU{eU(XWfs_3LY zLii;4inK$gZ_1f+gvEJ_p>CGk^*s|UYXTM%XiHc$vEb2o)SO8Xqe=!ptyO3P`Hu)8 zmL4n#o-_ybqWurYJ+i)|V=#K&=bf%BE&bV16G**rryu>2@rT-n2%r4-IWsqVoDGk+ z-7eXUyhCyV$vrPB)UYtXv}Z1sJ=dX{7F^!UG^lo1U?g4>R&F=#+1LDc)^u)1x_`Bs zqQ>3|Vc9=IN5eyU!@svi9T_Tkf_Y~EL1KChlMGLww$5e9%}!2R<1XLwL3b#k(L$&bN`t>ks;$_6Z%} z4!%Um(WgS24De^Okp8p6iXTOzZ&;=d$4EkiK5S2Eflc042@bu7eGM9Jz*orKGhVX^_h z?yI<0ai8m5Twq=J^XJWkSt*p#?RI4aKC&m*2x}+7?7#yogh7TD{{DcISofmR%Ul;+5PrR_636HLIJ}CR??K zhn_*WhvaWZp1HcJ_D{{r&XPz7_s1Ynsv{byy00ClSv!&}ejz>M#b z0#~bePzY0gj#GWCQarlfCm8NBQps0$H0i%Nb3;}L-8(;l_;q(3dvde0n%^V2p32!^ zr3RCILG-XN3}eQ6UqAy$PA}N&6Xz-tPVUoU zJR)5hzAp~pojIB#w=vmkjk^ZA{EP8e^rKilqg7O{_I8D`v0jS=c=xK}9`NHN_zMRkjb(*~ENY)sZ{0IvT_YeR~W#hwaBpF`W$r484cq<)XA>~5n1IT_Oaj|TjWdVSDi8iRrnv5S19g~wDX42 zGPR)zXGjRsf?CsKipb>2<_-O*AkHh?OZ=^*+WXu@+<&UkSE?Nx&I)%oZ`8>&L*lRp z6&orgydm~lk^1D8E61A!PxuNDI5nqhtEs%{r$y}drC}!s+2y60SsiEcz9NR@Jn~C4 zV9)GLm*h8wlEf?jGrf$7PuI#6ASnS;xjHRI2_Wk|4$lVPnIIR|A5}YeE?&jU3UWP9 z`39?3$XHQ=vUZN&s#njuw*YYTQa zxk{mhHQU4Zg$CF^!vk6#MhS#LR5qrELDvKx_=o%Kvvbi~96#@1gMz`f;f%sFA#Y&C)%l3_eakYsci}~Ptf~G><=%^!7TZOEX1|uG@Y~N`sd80 z8QoI@;@JqRfgB=PBI8^@NE;!q{57K9NcWf4xsR#~BGgl}y*i@3SSiC>coAbc;yQ2=+)hO^4^^9M6gT$=thnvYoLMDTQ`7}ZJjpV4& z!vyF{R7z4e>`yffXp%$!ZnzRh@8MwtMC+9@6|JUCbQ7yTLt<;=D5t6F&y)}8eea>kF@?oq z{SQ@y%3sO&?ms{YI{?4)Dl2w=&tE&`3Qqg}G~=QExq4XLx#lv|dT{IG--sLNFB|#@ z@5E5fcZ0F-byB)|VjJPn-Db>;CO?JgL_rfiu9C=mwrnUSbp!uSQ5Py-YS&X;?%9*Q z5@%}Ss_M@d9rhWp9RS*b(MnfFDk|i3eVIP>Wx+2lWl>LVc3mp!zbJ_PgAU~M8fNWw zoOm07YamD1W#$RaW(B$}XMd#@Ps^SlM8_Jpg&IHbdDoA)0ZGB#ADg5mw`D{I+;LU- z#kv9Ee&YP&K1nrDAgXLE2p2*&7*`Zk*K68z%xxnT9Hvee>a`Evt6hw{U|eOu{@ZO2 z0-HUtRlh`nf7;^(P%_l!@|@xifBmxFGkkUzgwKrp$G1-eAK1w&JM*pc_|0|+4L;`#l_TQ)XX<`~SbbB?Tf)p;_ zdYiE#6z^M+dTzw8MflNcICEHhvKu5Wb8joAd9SO}aME6Ei?hpu@NQWh8r&_(E%4uZ ze7xI`(N-^t6qK4+!gqtU8U62ft+3rcL{4NWJK0K5XTIq)2*n9)B^GYwZCnvYE_{M> z(v4TrMG?4x`0A;dABqn!0MB(N(5@;nZ|0c(4 zDuva@l2V*`78sm0HYEZY^b3%O0)u=pvLE8n@-lQUfIo__T7U4(6hf^?8bButc{Q9I zygzkG{qhxP>ykcs^8En9VPjo*y2aX@;j(enP%=2>>u;W`<1Y0r!J^OipviJQaYnGQ zc@Y;@xo6I0f11=ElZ40EA9heVAV%VKtY%13$E}BhL9zg(tiv?dq37>;AAV6^{Aff5 zj{9EhvL6C#`pBRY>1#m?+8&cvbmvpN1173BnvR>#88Hhq__=!A1yeaeq80w0YH;$M zhuQWFl%8}e>=wAOr-P2h(An9uQhf&>G?x`jY_$)V{{o)e=A2a zUOy!)@o{&?g_f3d6Udg5U{(n+uu5jM`404UK<@sdyiTr zCFMTrs$9Uxt639IbyJbt+8JKH7eS~dBhl&yP`8g_H8JL7_QR2U=e;GU@O1L zD8=`j=wy*C?hKK(hrICMHD?cF#GNi-vj17nrGVC;jR@2oP@1zoCqutq6KJwEhP7_F z8Y~PdO6JGQxwu`amjN9cd`P+l)9-QL#Kd1R>RcuAt7Kn?Eq63bax#5cS>8wOdhhHU z2;yA04KxOVy^gMy3-hQAmW`}kupETCEXS$R!Pz|KHU5vLt8XTc6(5zI7aG(?Mdp7F zEmaY)4mh8g36^q@@Q^ol;Oak@KRCUR)+Y4lXd3DE-GH0llQ|x@{~>watT{$0Nu-FU z%$(2^y$?^W?r=m0JVh|qi;DG=I|IcZoO)@u{EZbZvUMk4n^~+ch`wgR7=3b4|LCiT z;&$!S;Q?Nl2V+B{I%{U)=hem3L?&gwXN18a)9i+?G}9k|J5Qo+X!4lk0|7H6iRxh| z{@3?7&d(d7?P_Uhw$C@iMI5CvXLhcg*J)3TTK!vPgJ{#%V+492F`amccXBH+D|K_? zBtgYKx3goL0xcbH2z9Dp)gB>bJ`KCuk#z^E8*KpYiAi1LMIa8RqV;8d=aXr#*=L1y zXFP2+AE}ZrF0r=NN4OJ$+H$|OapY5RwCxuc>p#tcHK+%q2SEKI40xWF$qt7|%(H|K z_esjyy72x4(sxf+05y&+?ph55Jx?bz4?a%#8hoIQV}+A2wBlWl|N2p!xlp1x`v^3f z^_6cfcowvz!4x@;FYH$3iq`HaGhV!^|5&%)6lW;;c)vcg4Q#95IdEyWWhp_k|GYWk zxzx8sMF7wYik!_Qecg(?VKwtuTDF{dOF!~eZM`An;&@HbZiwtX*D!-Fi+bU-uNR{P zx4!)pZ)zJH>>_aa;KG&HWLyKw0OUA&YgWF@^|`kPe9y|c;GQUW+=}FSj<7VhXnR?U z5w0jwdTzY-GJrrgo=4sZoQy|1+B6J-TiRXVF4Cjge3Jk8Nn;IsQ#7kU10Naq-t)PF z%XqE0o2(!f)|@Ey&2zUf%8{FTjwkl<4tXJ>9>9eYYGJ~>*2-v5*dr0HjAvX{)cu9` zSxrH}zpTBY5-g(snBnN-1zFHu&%dgo4BKXQ1n#^wL8&^gz86-~Rne8r1T(rSW;k`# zX~z|MAl+Cg)d85j3Nd>l&%px)6vYnj!#sd|96q@7Rz|=o2@>$P>xIGaE<@fajbr@{ zmr574wsL%OvD*#<2&eXQC}%~~^ZV8NvGb-Tx@L@fx5>td1?S$JKTU4MTs!R|S(i-eoUwt-a2mG*Gc3In?s_ow1 z`bV`;Dg7I+# zdsUD-=H27qIyJ?rD6NnyQRC+mYeP5I_#-2(us=Ol9H4Hfs-11kZ*FMaZK~rI2W>J& zHL$LoFsb%DHP?Sj5N#fRB$zP2$lBR~Vhsc5xq`2@o3pes(Drz8=LC;^dgYF_By>l0 z)ny0q!kjzZXJck>s)XCdhV*LC`EquN&5ARK(bv%BNg>MGSZ( z?GZO6l7rk}!h&P{Cu?^C19nZIOZ!`{g%*OQoyy8~J^B?h(i zuKR{|=k9%fD1Or8;7Lb?!Sg1%PrUUA2RN=`xE_SyMC=v2^E2n4Eu0-s`!N^%GcOsxaNMhD9AWLWU~N=B{007qe`>Nq+P5iy*+9_S*06^~zSrhv@Fd`mF#w93@D3B* z_+!~++nP()<_G$7$cD;cqUStI3SpU3m(!Yl;P>CPWHcrBTD0f7Va@{hTvo6x&k4na z*3S6#+mUi{_bs_H4p-80z$w_@X>_>u`a#JD_D@pIiZ*%wX6a75lW)D%z+3^Q!1t9E zVAsgA@z%qD1RY3@)KZgax($@}mcE?z}3z0(RRtS%LF8-U9qE_~RvutYpy zFK11sDAmU*zDh70|J@oG@5qAwm052NI-lR(<3B1=}}1HTQys8bNWc+X`qc(ny9rnrxt6xpJi z6ytaJ(EKNlUqRf$m3LZoReJt??_Ecl-mZL)HF2Zq@+?=T)hp&2k6_xuW6!T=2jLyRF~@>_ z_)Y{o(w(8-UHLATRXU#<6cEUN5dW-w^DnO7<5rHtxs{YsYo{lJhRXC3LgjMt*xX&S?#_(W2lY>qKYfGDyz&^GNrGp z&fi>jjjbCyG2S(ZvC^IDof(ctYd$^hT|375yyUGt-BzA>U~1DB+3jQPK69l_c$~7A z^(lz+I0v;Z{K;hlywZ}ZxA^ykwoDYz9&9+(Z+r;94hlL8y6F{t0wh~G6ntFr>DTbL zt)FGz*g;8S+|SEiCB=xNazoOzy?naS^SYJbfUQo}?i2*!%i-DyF@`Eh^KE}g~0=kDR_(Faf68NHw;H`KV!X#0=&^ZKGA2yx%_{rh(BMEF5i*^h%<|5~O|6Ox9` z8sp+C&&l&I>>c1A#ErUd)bK}79NK+oocKcTmg(%i ze6FnZ-(i$Pwyy)GjSwfbM$l=j)3r7IFT%Q?B_Oq?L*W9?$CW0=sRWZ*q33ul?}3-ow~aHtU$1siSIuIEiKgVo_udu&4_;+ zx+NrdYa!UMhPKQQes!C-_lgunWiEtdF|xl+M~j$@v=hZW7WWn+8NoWe`wAItZD?|X zQlX7`Ja~4+5$Nu=2%M0c(BWv4pjnW6O_3eSybiml@d|l0a5x5>N}p1k4FMe_;247i zS`{K;E z!7`@P`^3-}j4j*Bi_evwHy_C;m-xCKHAA|Y*QG@L^Mu>cNZYq6OdwVk>;vK%cJ1rL zpyRUXq*9ds+nFE+ufeCu;?VJCnd}o|+TTIO$oZ@6hX0GEa}Q_w|NlRURkBqo?;N(I zsDx0?tXidmLs3ai$vNk$o?6FEHh&dsc`aik-R`MW^tK0Y)b3CU z8G>$;iB)v1Zn%z0fu4PHM6XjMiqw{qTI;_Wzo`!VnO zN62bHl($!iT#f1zcvz*<^-(#3$i&y$b?}P4{NC6rfxMOSKu5@7w>lN{LrZ15qsFv7 zG`e!`PmW`+Dvi{>sW=256!trM*U3zq-xUQasRSt6Nx}wDAwDv0Ui9ElmxO^d;O6P= zVa%@^wQm|OGT$j!i2q#4hnkIU0M*QJMaLZ^rbOC!;J4Dw36iVrT7k$Uk;`G6(!c~WD=+l*egXckB78zr>`$Otj>coCgE&69hDo^z4@=fAu zMssdPovq$Xm6=tVDzQY)@7GDA%|(ub+Qan!X5v>Fx4!7jC9Gy1O?NSdp!P>#cvbUa zA>s#d=~G_(tso7T#r3P<^mPF^A#Zs2{vq!c+@O)>=V)6fRM}!gN*Da-)uy=F;p$lv zRk-!h)nF03QO?U;fqVo&4s~XHFcO;#ftK0Q7BbaiAj-2=o8F#P6?_D?mty8H?Jdae zqihBpA;}8P9~zITjI_2J(0x~Zu=9)~B=%2DW<^nkXWO910{4*P>NO85q1xPxDpP}* z+pZdVwT=r59@u&1=_E)){#-1@h+c0ylT_N+OowjKBWkR+%r?~-t62nZ`{zr6WoiU* zo2YAQf$g4P>(?=NcJI{!35k}O6>fW9$i1H-j0K1Tam8}S7I)}z8*pb*VMxmp^T+WF z0V7$)k;QT1(oH(){;&FEA+n;}Ze^P)M*b+rmE+!9vzY!7yT5>Bt4dXOLL*jqUjX3J zcdR`+?u(u{emz*Qw9WFOpM&y=n^#^Yh^1`+_;ka5Tq^x^!ioFW1Ix~obgu=$$KF=h zvMeC>3aSqGCJ^Tp((%DTGkIa<(_6#t0f69D+~s4)6XXZTS%othm4A5Yih#54sJ31+ zyM}i@NxhEgeD4y>E^p}Mb=hV1%`oWX@gbhm9TF0sJc~X6Uv+@U5pYiR`L(#<CIovA8P2*QuqZCpFEbF%l9o3mG-=cilw8Fk--K3Hko zQlPbot6of6S%i&@StU|daqY+CrEt2DT00*jCo{sqc2!LtK^&)={S+Ry6>;v0J{HV; z`y}mv13V_t;)FAk2HY;tbq4;rb#0Klk9twz&ac2QlB825mzW-_^XV1&uk&ewJ+$_B zSe`1g(LEa6q7HiWh)LRDw}r6MDMPYvI5FoYfaJuS#+6vBIp?1MkjnU;i9yK}0`+TSP$~QK6CbPSZZzYY0m3=Sy&a1&6*XgQb#1Q?rUL0nl zrqCMV11dM@MbU?;NLK40s^!$2+F!4GF@CRR{&xk2%&tAGnmYO$YB*~Hs#-}iMV|*q z`SrFu^k?ytqy%=|ov)TAjK@EjljBgoHf^#>XRx;-qE)zki6RVQzNir)2WsR;h=sgq zQ?NA?WZqROwukxJ@h)jc_Hg5)q?|eNMVn#ZnJ&f+h|NH5;k2%lf_<*p&pjr&PihM( zsHMDFRpU;aKzZMl^cXG#;oDxW%vR6YNx3H!MbW3r=v$qeDxVJjcqY_X^%ZuO6&d8mbh z3#H#@e%eC_ozuL#SUEi<)lg>dHyC0+7d|u7-%wf6=JQd`N8ZDAG{PrX`34fA^-+M_ z@YyVSZdPlG{M%#gtI5Zt<^y|shxWw%#Vz<=?^SEN@M~LFF;Ks}4fCfr(dAeD4v-A& zz9*CBUu!lvIW6h6T{-i6$lsxn(9b<{DQ(EkU?O8eP6Lt_weCKL9;g(n9dH$^;gw4l zL@#2UyJ`ly93AvbJp3@_4i2!Rg)Mq*1|P&4a?ihe3BU$KbJD9cZVpm{E9r57@4@b} zUmvHakPXA#CiIo3x4W{EdB`CiPX2PumCsc*nf;+^wK}&f4iIE&FzrvdV+||@wP4C2 z$Oyp|Dm*zeCwQfsIi*r)QUJ;O=##i#3o@j?ppKbsP5=%L+B{dbi8Fnk_V&zC*JyhI zMYg#1V^da7>4)dO2A{O+x61XELmnqdym5VVS*@%H;<0f%GHFo^aK*AbEn$GhSPyOK z8B7`{Enns|-9&OKn4di_V@GnmZg!IjUq0SYrx^H7;)Aly_KNpg%pt>$hWvs`@@f z%<#WZ%rFqCI~&Zw7jGcZ5Ry5x_F2&Ko?4_}-Q}qJKwT%F$L~}o7Io33LBW@t)iyhA z64KjGgdl=~)lm><>rmL;$~C>6?U>{x0l)L;#rK*2GFt*^=T9vR`k_e*@3c6j>`~3K z<@oHu>J3!M4l0Pa_AFtzCXP9&tQg6D`(R;Y5p~uO`ou_^=5S0)HLtbI&@Z3>=#|5c zVg=|VR@B3~Whqt2?mRVNT+e{1iMivcaDE@}+@ zBQKPcL}l+hxmu)hF6-GVz` zKpDBme&qFA`MUWm5sG`Q)tJ}KV?%yTd#7aMbA)Vp?bmr;pD?bz6x8GqDdoE^eAgq7 zDwn6rHEc>};fCFWETvt|nRVD>fxG~5TIz*AQIDx1+VO zQr&-#`K*3a|I@+edC?L&U1PCYmz)eQJ$LF>@chBiu#=|rbXgB-;diExb-C0qps!Pt zh-@^o2mL5gs$8DIYSQv787{qBiYRe@oq3+FGJMlm->F+CG-j-VG3h@s!X8yqCDo?8 z8K|yZ{qx^p>TkA#jP=QjH;o(DFOQ2-`^9Iz-tuoPPWO2F6PBNXlCfPA#4w%dg`gAr z;(d9G8;v-^s#<~&_uc$0_HN91m5O~&YdpI(rQP;qX$y7zt6q)+wxxMlZR9L4kO2(wglPQuHUSg zp<+J|_G_-qz9oI*Yqri83geKzcGuC@Cp!r`!OyJX*{+(41(eyRP3@EFw0^D9PG#*s z9e?x#3RALZ-ER*KI6Y*MWHg~Q7)5HT2$~UOv&j>TzH9-BM(4%>cJHTAg`-|U;@SYj zkkjt9rybc=MS)!*UyyRg4_iTS+rua1^~9v}t)1@NFuem!_m)HKZAJ9wr(-(O}yaacn3dz*C1 z?Xbr8y^AKr5?xI@=4Lr(I8(7%-_au|Gvn+Dmtx9$ZCdOL;a}e_a)8tXa;tqi zyN>2VhcWUu&Tf@&)b*F2~ zqy+W_rc)N?{27^cIuJV(!@6>!l6dVaL$CSY;%YdSu}A5qb^rAvT#}d0(FyobP(0c@ zXZrBj<<$O#fy(iUBDHodZ*-h+ zgh$LZ=ctWi@(LYOg5SdAol~tjp-Bq(R~%|i0_|glANp2&XjaLlxsc2!y@A1(KB)J9 z^GRg%1_lnV?EHvfb;jSCr$44^?Cx<3k)`>Jc5)V=6+4Q@{}_lPFIsP{&4SCjO#__p znUP~*@DRrNmdTC@HwWM3$lDHf$y)&F@3Qhn!zU`kj~=WK268v8i^GAbw|;jiIt1XT z+`bt-b@(!M=+Co~rKw?mbLV14?z)DF*njmkj9ng7d?*v|UFh+@d7AKQ zu45sh!&f%#aCI>vb4D%GKu7^TK*O=$!vH6aPk=C|beu|{IHNQg@;?hgzzyPaPWOO# zQ7z?eYFP1pwoP%V3E>l0^q6<|(W?o6+OYO+&T}7_NwpZ%jXaSgqcV2#GHR%|8^m*u zD|;jNv=?Dr#Br`IPEYC%xR*_7SZwfoYSVCaNO}WK7{${|GL0FNxuHV+Isci(6oW`? z-DccEY;g0BKhm2T-H7)^RHHK097Z&etgvW2oIA(p9PJpEP z7U1mEoyb8;FS%6Q{{4E7{R1%>k5lNsj|8H^QKdcRWMz-Uk0g@l)AnUaxfSoL5K~y(uzO0sY zpcw0@nxy6p3vv5nXHE7n-fyAn8W}es3Y20{jiSO*9#DrZHAb!t2IVKB<)W4U)^*xC z?`aFLnCVS`I>lgV70NuUf$yw*Z8-(X_Rpi7nDp-sE=1%_#5CP;>a+OdccS%^O%Rc` z+zteQ;G@4Pz6g!nia+++nBQxM+#?=!{slsZx=wzlg8WqkQ?jX+^0U^Z$*Wkb64N+O zEWUfOeOJoycZ$5KV9XtzL*&|mR|2e{SHHB#`=-h7o?@+0)S}gG%zcgdo*{PBqSCfv zxMFL{@pQJ>;DdFLZ?@*@I4@s@%LipTCB3TmVdXBt%wEku%>H0LBSo^N;>IlK+-}dc z`0EE-JFWMN+`VqsH2r=ii9jTmCHjzwI4&n`;)o#>CcJmqbs&??a!W4#$pW zI=lWl@MXC^P~OAOj+NQK47}|eHLya^zY$MpeUBYHdPc8o-zb%E&OoGEeXiS_!&r*A zuHO)=ju@JqQ}b9d+Kk9z+?(0n;B#~BXyY7uTG3ghl}9zEA5knIcA(|5--E70)`e=s zjv8sP@qHoRlDWNZqZGHTa2`>NAls8??JLA5hGwI_6_>X%u$T$;l`*S~F|gWJj>nFb zqit3lEqF7?H48(Rm7MOBrw3bR`oGeNsh);_XM`?+r;nB0ihgChJPhAzKB)Pr7zL+o zcdf>6|xx@Fn!*MO~weT#n=3{Sm=aJrmZd%^khh9QuYEglEdzDO@srs|%R zgeLbEsBZTDJR`W?tr*D0B=lIx(G`d9Gt(C@!;F>NcsK+p?@uo*+-Z4u#YA5;>kl*| z>M*#d&klIs$tkd1S`bR8eeo$G__!Tv3zyxN5$l6DU$EH_)O#|1j)+w51zZ(u%+%bZz#*pCR$=I1YZrd-qk(l@cQ7 z1%r~cn#2EdZ09$x&{#azrwOdt zmvR{rZJhRnu z^tbcIo;t*@3U$9!q~vRfNP=cu?&;f)2XqrbEWgEs{Im)8cL?*iz&AM~;$RcpvbmyI zzjk+VJq4-2rs?%<&m>DDZut-2cDoGL=WS&hcgF+$?bl$ny?Er~OI{5V{&u(sgbgHp zzc^;m4nXnxF5o}QQ6knv+CF1N{KhhR649a$f3IXrYK=?bvqjp2g$TI*Vm_5@L@()W zXn`u3ZEqNC;hyqF0C$}z-C8lhrDb%&;2_(XZTeR29-NH4|7M7bMekvL40gm>5qRj$qX+DVVFIJ z8ioYq-M<}i{{;df3wIi5!?7G;#pS5oA1qHk7P`;eK4S7R=~>Q8lUIf&T@2#@f|b$Q zy(HEaXIFujGYhfk@os;2ZzEE6`^WNUF~`}b%xws>oX(Q()0#9j_h=eb0z??&0^CEaSRo3!R!W+<7)S&GIlV7iTRR8ZbdaBQg8BIG_m$SKr0z$c zDG{6hB8B%Xsn6?$JYDRorBT_nZd;+&_QEEa&JAKUgO{7p(%FEtr?IzgO;r|V#6#3w zmASlp@sH0KJKj(6;40ke4v<${$>B&?kd}h1xnzc$$-qkrGMaHni$k$!s4>u(y`d@Z zt4XSY1zwX0Lp|?!_NK=b`T1H3h=GNq@gI_q9q>}*MZXu+2pvLwNqqa)S7)3`o|nOE~d&=uEcQ$ zv$`K_$ELM8GjnmP?^`_2sM^CFZc-0E+lRL~KA4jbse!l=b4%%OSg8P%w%{>y;P0<2 z!X4y4T+|Zlsq+mC3*Z|1DQ`ILz@#B(xV2`7wV=z%H3-)R4~LI$C+Y7Ed=oU;MH@A| z=c->bNj@K>Y=CB$D-ol1nC%U~LDkTs)g%-Xv)S(|`7S&|x`S`yNWEk^ynJbREs33k z!TP!%ZR{o0EDb5uWYld=PQJ}*#vbnD%o<&F+uEl{8I;=T3&WWd%}De3yYShF(-mUr z9(F!XGwqvXBCC1p*LP6u>S;V|7Gp#cc{46GlX6}Ou@k0e`L_0lb}BcR98iH@Se-85 zb7|J;1-L4=jh#LK;z9KAtq;aF_e9Fp(A}jjaywJctaQ`Uj(umItL4DIXHT2AtCBj? zH?KW9p&!4$>edeNrTqO01By9j+AxU`S|5k7HTCE(i`=zaw*G#H^vz6lkVhtzrE|Oq zMN=bdOhr*YpUjylmJdlCG}cdsN$g6lG@r2hb}%EfDC@qUM|Yiyv`Q16?`j_VbhCpQ z+#w@?9c>yFPFt``cI7@M(_|U6PI?v&HZ#6)cKS58bEi3WYN&3Zn&(s8&b_s#^fM3B zG6h{)`L6Vvo;GH0YZOV;K|Z|hz0(Dx4Q+zyt&dKP-LiUAp`Rs{)4$>D9c^^jbkS_( zz1$6I$`{&4Dc?iyi}21z1jSFcRlE3V@@%AlS6d_PDFN4}c{nLSy>+8qyez=usO3K+ z_(}B>ir0sy4rTfmLdV3|3m{IU5CfTW(*#jV#Sgy%qpb@w;LDHZ+u~q+3r`a{03Fx! z5rie{eUa%b7{6>E^16$JmYvqh69?zy&nA=4bI*K}ix*H%^!CXY>iUO{EOTgJOX=3q zX{oXT@-^I2O_${X&+uxj;`P;Hu+F3*=mNu4dPL}6p zAgF6}p9tF<-rc&`21c;hMU~PtyndlRw5>jx+I61L%I?t73%Q8rR5$ip7ye!99s5Vh zCT}|ajYam!Va&Iwnql_690O%s+}&$2hV)>eJ8q-1XxhmeZQAuq^wC^{{^U!Nk7!VI&Avx2J(Ax>xE5ugb*&l zpIfY1M4@|a3obIGCO?i}o_Ie+MM?bczd!;}+GAI~x0f$MUifcRjj|4c-!u7%tkdcT zkgI>T5xKqS>@h$vA<^E`Y4Tf%BUP0(HGtOog=IL4u(q!|XJj_-+1Wog|EN3(&LeQ* zLabOMimUAQ@r~krZKr)Br)r+-Fb-t81sTR-`MS0pO>(kGliD4+Tr6NYg&4-|d`vJa zVL-MZ>}&Za6JsaxFVtzb#nUL8{0P{a06k^WGm#K3pkf~$$*N^ymar`kpbO<$VTGqz zLk2gK(lj`l18Isb`FCT-Qz*zJrXE=7(3 z-455T`ezPG@GqXKw$<|?`onE~+PIC&Mrs>I4=G508gl$opag(p7%Pv>LyC)Fo6S#FSekBs`Mgqb%-*%J2wv7 zqbKBf|NGQ_Xb1;>h4l8xYluUtg#F$cN1(}Lv{;PGvM~Bh{bDT9LQDjpa2%k<8?q}r ze=@tbEjY4D8P)W|zE@mGYpSB&esHDTPBgV>b|qFr4zLsRb7RcI>Zr5BJSaT0j?GWA zSIZnk(%Rrctqj#7S2%!dn({ix={A9B^E19Di_O=SSTZEp}pj_!C_F!Al?|P&9Z1Nc~s^#c|51DlD+lPU^a`TnS z&fE+HLF3%e;gLw?B`JcU5VguQGERDwK>H41NFK30H?N*(TqT+Bs#5 zw9%#_P4v!q(!LxI*3C|$f6*2wlPxvap4EFGha<72eG$yO9Ht04mpw?*B+Y&dRC6dl zA(}v$*M4#}EuNF^4kkpEBEqg#$ks_tT2X*dOg>sK3Ol-d- zOXhzQY`Apva@v1G-A|3`@mKx1eoSV3Fi_8E?@;jG3>Fg{IiK0^xG}m?ZI-ppLO;)} z%yKoJNekwP0DyTsSH1~8OykL-|AWk&PP2Ez7_7?j?F_`bCmA>|<8id%9b`WwmXKi7vDX)jSvQPhva4f_^2 z6XK(d17twi8d7+UsX|w}I#jOMkN$0w-Fju=AZ8l3aLof(0$~8%f7uH5#~<4-H-5{A z4F!WY1-N^sKSe`2Azsyy^z9V6%zop zdx*a7*4&b1kwZodf>JC=|7KKW1x8GV)Tnn(j@OJN{fKXJzAZJkztx!t&07$N*^lD1 zuz%16vS#y$MFLq5e;Mq5kPrVx4}$Np(%_EJE`-=z#T{z$Ql4jp?-->QG=KmNwiFo? zrmuopj?wnv6t+VN5ssLO#Q)p<55g>q<>*laKN9p+BTXU~etI2& z|L?ASIq~dp9LL5%?^8Y2R_;w0_}+w4E1=u)(j~8iYC{b3nQV;Tu5M|=Zl5$DiuMor z@HnCk;ODlyJ%@H~2Ki0#1|c!mcWM)uluqWPqX*7|P}{UDA&#=S4J3WRtjK%Qn1#&U zEGpX8^Y84GWHWxm7{CBOrma*KwxZSHi~(_`rZRJCwU%Xvm$V;sB#%BE*gQaN9e5kn zEhOkkv$1qv(b!QW7-5~S88%QeT3d}_?h|K<{ddPVGkyN9p-w=TB4xb=tvSGEF~??l zyZVH6}rKb3i{k7Od$@>#G1W2342Ks@{}R;KZAPmWisuQoIk$%!G!dBMD66V)F0+B7^B6QrZ!bj!^j`J)k_dP3UffWFK7fQPGZPq7x#Qrfz}mZ-X|Us$ zGLOqT<%s6FJSv@7=z2RKN*wW2J0edV&uR&sdM_(v2$n0O*w_TY7tNBZ`o-gh_?{X6?C4_Bf_H?jUhHk*2k?TJrbMa^5&bDLe6{w_0B zlA9O({-igU>xy#$J1+u2i4+Sd8@VZ~RXb$|xhH;8y9E*zXS-JZ6PS~=34ZceTVe83 zjK8i;>tAlUkxp*K4w*EMjMWS0>1^ujgFnyoEss@oA(z-Ao=4`=I_qOnnl6f#_w@-m z$ssIEyO4H_0cSH9b;6fosgNB2>2z1?35kQS79~!QvMG`J0^T(u&nQo|?L8%^F>Lm_cj;f^@ZX-|q{;oo22(#DGA#G3^nvs&W_+>Hn4t+)pZV|xx8*t_j9m-%1CUHf}85sJ%~Ro_nP-O z$|Rvj4}$Abw;{xKZCxB^f%={~zE27bH+4cSPw&Fu>*6u2Na0`@mlW!lz`ofE9m~a% zDC%tX2G}2k6Og&y%R?ek9<0VWA*2+`QsqhILzPOV$J|7go}wCB3?on9A!?>HdAVKA zH5`8q79z(3^ky#bSKz`p*&qt`FXRRntHjVAH%-RxgTaTIzhO&77Ub$k2U>`>|C(6B z&)n_%Q1^U0@TFdIu7Kh_mAX^7Kfyv~oU9w7-f-O0=a-pWW=EE?W-BccEad*`V^%9| zm+$D+W+DFfDC#3b1QAr8kX09CCOC!&Yg#&~Z!?{JT1ely`@}H3O!p91L?f}?4N-@W zyc0F)BXn~4QkA2bT|>n+XPs;4QMtsNJ0HYiHsvB~?SoEV&QPgJeNfrF2ZK-Z1gNKx z9w50|Mp(5|wExj@zfY`cD_${qyPfi0g;(SQN37D{>&kGsBm`c^{BMPaxxhoW1jsci-f1m{*>D7+uQk&*9kPfuhNtmSPZq7mVsgzj z>?!A)wx6yN_Sa6xLN~+XgVnx)R8W{!n$;&E6yej`iJA*2_%h}f4;=J6HyW1T%?|Sig=9HF zmWQ4?LVKUZ1Sth)|1j03VZMOFCE*{R%~yCxKvSyLrTxF3S4MtQ1#SiGK`empM333z zX&h&%oS$!qJN?nzi;|nfks;%I^tUdTRm$zH3{O~@WkTKzt|YC|dr(TNlX-)s?RLB5 zJ`IS|uw}b!pFL1fqt%w*E2?#c_Uv4Sk0YAy+=3H`Kd(l?mI2%GV4;0eT1#_OvZ?g_jWn%Sc3hdH{ed52K9)*;QhwjC zZ_1iZ$_+iZp!#Y-*Hfi}h3jrjS6ACBJHQwhE(pP0fS)cuG@4dkD>7J}W+i6R#R;`W zRoZjZCzB(9_IdiVG)Sbq@zZ;=^@#yIhb`Ng37U@6)~N#(DuSKen6&8NteFQFspGtg zW9KehGTN5TxPkmHb|w3meXp%d!=RIs%X_)au43gyXLP=)lDDNxcOZ5AX@pV$m zU-_DV!D&J|)ri*Y$``1FLItBQjKqRu$^`OJr{;Pm@!CaQQ^Z}>49d3cMiB*L0)maX z@Lx9B^sc<+rQ_Y#=S#*Snuu1gEhWt~5Ub7`s^na1SK#>kxA zLsXQ-ntUA9QVp{`$UW@v4TQZc^5J@hTAhsPM2r=Vl|w9A-gWN<@g4ZP)q@+=${g5y zrA#Fj8ad^~Z%gePyz}zYvXpdaTevmm+bO&wAAiQH^HRfbMF%amM_Kp2L$0Y`@9cRn zBdbTHQ&HN%*tFWP_kP$RNy^DZSV{3y^_k`pC_US3B`^3^$y3F=PQ$UGdTA-EWT{V` zh8@Ck(`f&4BMfcAKyF)=Wmiqqp#^kS`+ zQ?i3GK)BOukZ?8LQtpE&h*uZXy$syF(`rDxcgbhE!eR1? zWBNjF37CvK-a8Jpk3F?srt#5Wp%4*(tfj^{^b$mVOL-+AwTx8>Y`aep1j^0WTFGIy z-pTuKjGbYMyAPJ6!QDLf!M?8^gO`HR8G3%}zs1bi_u5dW8}2m&m#TV2M_XN${2|j~savie8(&w-ln1J~?w83cMaQh_3^_|b75Y}|b(G%Up{-qCUXqDHY3kDAZUi?e>xUu1`+Lm@*Xdq#?l6`ZW)BvVrlD+J~K1? zs1&c!wD~c_j=X=RV+Gcm_*2|=tsMlNH9nfg)LGO{MwhVu5Zly+*RKRos+ z=Xwdq(ngTuH-jOx_gz_Di{Yw|XM5SCRA{R9Lz$}d#{dU9q1FtKP0i~Fn|$d=g)}uy z97|;z*qX-0va8?x-Y!#Q9|B@mi^eOSn-`8*7K{JI{VMAgCV`fdt+(-_Lo6J!&Yzf- z*HDP07o+Jasva%I?`&g1Ur{aHW~T;dw_iJi)f%qhIv|o?9ePR&l=j-MMDCz% z8ah>@Ccv!Rb{0imw{*#VFN*5IrK}_ZfN~@v(>>lwX$@ZnvnD-4T;WB_cMK68td20k z{ijC(y`AR-K?-0|6EL~MeW(pN9U4VEvK60L?Z7rr!Fz>;@*sc0qNt9!|F;^u&|P6khRHbO*XR zzl6|W*_kA=g<0RkPdcXAPUm2NX=mp;+V)|6@*umS{6a1r5l}R1`KR`W&Wa_wgBXtA zD=}wd&x%)kv-7b^El-~RpAEgaa?js1aSw1j&)z+2I)=p^rwIz5loWW=-9p>wxeu5u zZP+O%>gJYFt^DP7)Bn4-raY?!Ttw|JJ=^!(JTWYh6}&z+wwH9&Qw(2b>}ve&{vj_?5A&)|A5grSmQH z^q-{*bM%$dsaFNyP2R`W@t+=$>w5xBbacmm+ua`7k0@^=S}9riwlWNX+#1)SXFs!t zG(Xyx;l;fYme#b;S*CqURTDB=!%||3I2X?a776~Bvz#Kn5`L1UwCr1M=IeC3pzH7T zz1)qUk>NFw?+^oXmtiT?$dq#Ra&`TNe!YIAZ5)4vfBV)-!AUwpk&WsGM3hV3 za_T#$`+zd6fen?aFvvmbS+P6VkkUzqx8+XWgcO}<3 z3Z*7=O`e2Dcv+OlFP|dtPru+&fzyk;{8){QS9}WK#SU0Y@0+9UD*%WM=f(qdkMGC| zHY5MmxUK@Y{r`<`I0M{R1x&e4mylUe^lS1GWoW#wZ-=M+$M$;04T!rMm(}T~U$2G4 zoEI8?lCcz7eP=H~-tou(ZcmAvnBmjb9wF&Oid6!K(nvkr*gA$bgX`_m6L6Vdw*ZD8 z{f|rVr*^XDPFu|W%KpNFUGCLWy4LuoDcZ-K2Iq#^`pB`-SY}o|mZ|uHE!}6n-u@uC z(dP*KkzQyInWewq;@)sSu^SA4_?FRUhv)(CE8sST+>XK z#^dM(gXXb8TWRe|K&LX?5R*1E^Uw5Xzrml`urJFz8gf&SQ^b?vVtn&5{27Pzvg7iP zXrllIOCUv?>9%yH-6%{Sc{v-z zlkQ9InG+*B`Ys6w$g9%kuyiAT)kjgh^7`3)%CpC!A?~y9xzpX%A#UicScGZ|)69Qo zWnfc($omb{@E6Y|9BJ#{&L|Y9#3E~a1aZRPjsOm6Qmd_MkvN?AEaRhU5yWl%%{Kn0 zXB2=;SUj6eGzo{CR;OmKhkGq6zWSl!#x8hULu?Y&+2^T{l4G|lw6aVu&=m8RI9hQ+ z%gvVwhu*Qh(*f#(srK^dF0+aeb=B$;pmV|ESAFrX>X$}^r6|#60ZJ!hWe6Glv=6w4 z>{1G1@hoC(ay$e`aD`7MuioXBo$}2Z3=ApSc(>0pM{|yg8f}S4iJD{ZZi7>A$;@tL zn&^>TpCbM=cYG3v(RZ;VPoHW@?w8QMJ&7-u#Iw`fzKOcG1vv;!IC}}JX)PCo-k>eK zhdHPw51K|4*;(&+M-@@#>4qs%GUXOKsU`(dmRB+cwI5hbSh+-@bpe%cv&99{h!dI@ zCH&f2W}bQo$U;Hqogagm?Q2!4HOt)P4R_tGONU+M35 zZ28a?sIlwd-rtua@;To@X>;+*P`3}Q$G#41{TB&2TvC@C=Ue?UbTIWu4hvg)98_x1*)~c03r3ZwA2paKSSyi^v zo=O7lHiX^y-GOdF!-BnFK08w3P&rT6=E(>f^^)?JYVg<3@j6<26{d;MjY?rYlO%GV zX{qXJEJwo;m$6#_5&e!UOY^7&&~@f1JaM2dPw;l~Y5*I6O$TC5MWu(Ioe)vt&DbgO z{Fp(_8|s|5TfYD(dW-FDzX3GLHcORG)_ZX)zoqGcndlt{-UWWIP{J!?eKG0eBumFAH(QIJ#FuL z*zMQ;#pJ`P__OtZ(hkvUR9Vb`Zf)fLa5Mt?uDgx%Lk~NMDv6qY@~1Nl{QtE8M3bwJ z{^&TA;4X4IcwF|d3Hk@1U0*HgL{uf0OD8?02XRYU({f|{OUgXhO5{tPmI&hy0X!J? z{kzwZmtD7xwU=@1a3N2;m9(_d-<0Vc>8dj-fRy#-{ZY4G3089?zZQwtdn~ycE2AcB z_3%@@eCOsFgo}&@vlW%ufn#e9<$H;B61v)FazcsQWc6ZcN zuV!ssoPBU7i|TZTSgsDX?GkFtZ&s04ZW6;>{|IGCSHP?;*MF!MONU*etg5)@6qd zE->yrfWm;WNEL4y_*0}x?-KK!Tpo;-M-!A?0%}@e>QEa_i-i!ak0qfl!)=GE{U#~7 zFa!KvN<$8JYRfwl=jn&2CYTW}Cm3V09xzyKj*G`C5#zngvbA=*ZT)^oSQG9UHxdH6 zlwz68DIZ>i=Fc~`m@3VA@mf~bxKElRV?#2^#O~i`4-Qh2JaK~kqk!Fd0c^Astz2ZylW0neD-Er+ju8<<6WMPg*+Eq-7`Z13-BQ8Fb zK6AfV4$tNp_q4I)q{Bc!I$jW*I7MoTuCW7@%By)PY7>vwZ4TbScV0W-6l_?hNx3bS z@4fv75!?Nkp&J9d#NAo;CEEKv7`aYE4f+p3H%=;FdA;gi9{T!#xy~5!UUUCizlg8b zskee}$)(Twe`V@$`l9$?B!(r6Z&Z6y6OjV(YJECbyn|L^ zmWQnG`0pKJi4R)j$|jm7R{bXgcCH>!VSl+5h;Ouqn7|V_U2Xw6hbMPRlDfNI*BkH1 zL6hM8tDnV7pWFw?S`9`*jQ83fsvqf!YKKc979#$XYUlZ{LR;d4gb<9KEHOAPa44k8 zY2nu{JObsvNi3R6oJidLBATV&dMU;?Jvksg^Nx9=a5=^V2r(hu@zsti_|oYVAKpWEmdCE6~E) zmr|@U!|PpF3%FC`MAQpd$Hmf~-cGD-x^_{*cYY)U=clCH2@fjJmQ#vE}( zMkH*>7UV`(Y~R?ak7MWH%9Fkvz>YXR=lYQ&kcR^R++bWi>2l}JoxJUynPXZ$B=^Q{ zHlTZAl9~ZlvJosOcEFyzfMcD0Q*ktqFGJGhKj*DkyPn!R6?dbZ#fc`-6Yd3js`aMu zOpIQlgd-63>GiyTJaW}yU3^P(M?Q%U-Af+`-?QTGU{hGOc;Djb&}2V;X$T%|qAxdC z+~b0eQ~um1A1LVf8^aT>mOL90XP{zD<5~C2N;t_X_{I@X7{0 zWGwsy_01P8jq7JOE_XTJO73QT4<54YQ8wnEf^tlkeK9+&xhu9B4Do%u7JOM9~Tq*C=gqjl)lp7efN5j-N^l? zdSt?btA*Dx&k9bFaqH800f4n<#&K>gXfOLWWiYd)Sci-&!BTzq2B9T8Q5`mKyN_fBNyz;d|T}AJ{h57I0H|DFpYJD*?0!k?UKbpQetf}|?Us|N3q(-AtDQPxf z6A=NCO+=+ZO1gVAsEBk(hvYyB=`M-UIl8-hFnZs;KiBW~*ZJ$5d(U;9v-^4OS7lnQ z)jW0N`w~cfx#<#_>2rEPJ8b*n0q97I!T@+HJ$Bfz^PI3!<<6H?TF$_y;32UHky+am z%?|zMMj4%~gjb3uD$hO?&`5Xu3{|x*fbYtzv@p+eX+M0>N^V9%TtR_^-E6-9>;GlP zXfG7rnxSn&9_}}#t!*~+~ZT&in_3hyGWEle!aAKer1RB~NVU4@@ zQ6^bNm-*%1KNJK;w0eP$pKht$=$`ZuISyWbP@k}W(crk=&c{^xnAmWrc{ztHJYk$L zXZ74;mra+8cJUpuy5RKun5jHl0=~e~?Dd-W$<>ncV>(42%LKKvkYRfFaD5ad<8`iE zoNSutxJw=Ju?otsjD5JkRBt5nvNwb`gi&6&JK}YzRjZsM*5prCrlmK4Cv6NDG^xH5 z8rkWpiF>?0d#zlkfxMz&W>EmDeU}5mLy4%)K8r5W8pD4^9tVX^%-P|s*Q8I{p zoeFN5{?aejwEJ-KNOC-TVl={PvZ8MHJ6y(MIp&7Z!00_@`mBj+u_`^tD2cjTwH3stY zM1@?Q!TVQ>@M-Yixr+t0=p^bj1TJVwr<{&#>AaaFjutb#Y@lGsy|wjJ|u+NFJR+o zQ#I>xViAjNgWcX;OST5Zz~FDDvkht%dP;Jb%`d5@z5|)A_@F*E(zLXIcoF+i#2uPx zJ=`Hz5|hhfN~hDKoMNaiOcVyA_+hDMpFYs)$f76Ypi;}RXzjyQ@95-x?hyHAbx136 zk!XdG2CyCA3uhen5mZwSX~0GOF7NI0%i-$PJh&pa zmdv~|cYXhjnpH2I1+)>>K5nD%-ahGdIMzhmO2JQh%>p13pkuB0^y$jo#TrUzk7t(P z$`I*VgU><=HDKq5D0ywZ6g5U~>>|S&5t?3TxHE%LnBbcrLhh!56IxFv@0h=l^^<$m zB6sk3k8}d>;Sa|B!P~+H%2v}S*g{uflgUT6kyTI!80F5-<*oEO7?$02u zkc98R+JILJdTr0{P~$F24YCfMpqsFttr21Lr0uM^NG75R0T+8O5ZU>9#|OHsD-BWx zGK?1*(AyqAIWks&raivFV^>lne1`@1U|KCn=|BgedQ2JS>P`UpHSGBe^l~_oZn}0O zJ;g)NuvB*JXm@H7DG~u)I&V*an>o}e_}#1%{TCudKXSa5xfP7S)6-m*iR4-M&bXUhH(!4^5lq!VPz5O@)HUaLe)uYc94oe~k2x7^2m zInT*RH{oh>!>i8{(o&$~w!uyhv*-xY0fAZgRlz)^S72Mv$guYCHUWYq3y5Fzt|eZ^Q9T??h_ z?8Vwader6Q6GW1t26b3grj4wqOiu!z%7d-MguRF^s`C$^pOCzW3=9)UF{pm~^Crw3! zf+9s7rWG&SiFo*x?`mkChg#$cjag$9fgBaN^<|snZ|)~gPXtA6T7e2)+9H3Ew1RR2 zMN|e%*DQ34^3~)%ZHklLFg(2>WU^frYBn^Ju7wpmg!QN`RvMe!=)}z>EyG^ z*&n~~l{%NI#fXq$9A`_!gN3v3$s2a2ruR!y48IDP<^a_hjR%r@`3k^e21yj=XVERy zWb_1YU?N!D%~FoXWAQ_wQb{nok%A5+EBga#$}*BK>i!i^zJOum`O9}e(K6!lkK0gK zwEEroj7pBmKXU{`m#9OdwozzTXC$X^lR(~^m46qTKHoLiIXqXFm~(xg$w>rVEx&p7 z#(9gL5OdNI7d$O`c<sa#mJu})P7ybleLH@#jM zse7_{q9!#L2di>0JZbzX5!2q3(KZzn;5kS-ILMmUjWzIC#rHh96vRnZ1pijT(Lm3l z1A+50WTT@|Lx{-fA}QEhvbXQ#`8?A~lrHIs%S?q*ApACU8?mW;__uJKVAfl|YCrWV zY24G1*mOq$H{uQRc=P~N-n`wp8ba4GbAsUy2-BBY@?VgWA(}<8@jGS zO?}F@X_+A#yoMkdbj@?$_f4GNOL^3cWZ!I&V6V08Rsp5Ys4?ohws?CM{#px!l5;HD z>|AgHdI{Oj51qVzUPr}(7du7z9Cq5BCetl?&j_i=^`?pK5F6z3e)&M{0eqQ52i>8> z$SVR4hw2VFS6G}NjRzn0D_Cez&yxip^a(b*(NN>wWA^+NmPJl?efxT0n)>&D2RJ!D z{6#CMAQ>e5WBGQ!_<7xTd4|tvY7g~-*)Mjm_Q3E5@v(y!?4{n_$9DQ$M8XA89!4h{ zxQmk_7s`eLdkwIoKRvm0S|I#`10lin7JV5P890Dbv}yLX`LOou-*870lxrk?E8`5! z0^~n5)`eF2=&vvTN;#lROdNS6uUKRkZyxOeLOFe0k9l5iQJIu z13AUMuc>#;vevg5-u~*UFN29~-p^P+Wm|2JWES^DqN&r2>ASC9T+J&7jM4~QK8Fz^ zExW#W7%PtKbf<16(#TpoesU zFigP?eRxbsbupwe-06Gy5q}wsI(qYJ^EF zwMB4mnHIH$en8&8R?9ME@^UVzug~`1K+RbGGI268SMIk>*q9mIAxIrlqiD>BOupOp_ zMr&=^Kk&C0&F8HsY8H;>^k&I@eRS&l5cHo4DB#pN8ARpqmnj?QSHuC_5 zAR!H7o4k(%)acJ%*f?Krmomj>AKY9~j%)}fuPVpFR$uK=0%m#QeU|*;0Yp@;BJX$@ zEv@<>`WYJ*pMQwH?hr!H$_icf7L!+OzRxgCyGI$-xGWtD+l~wULx)husYk$a78ydQ z56y!52cfLZe%rNL(<2PQ>=JUMJxfZ@2mNyXgc1aXEYWo zY2L9lE6}ORJbhj?5t@X43JGg`EI&s6$h(P9$%~BoRb1rFBQmaVm5-1$LakQv26BUP z?Y+=%gL*lG0~QfEaQLQ%xY>NpM>gp@v0`rlZ%wJdZ%aL*bxster6r#HVu9$t7=ooa zHSzreLhnA>Z0{DVgQ6l#cdb_{quWxNCazQ8*>u2y3?2 zV_7)(AIP#|XC;A6K684mn!uT7uV%`4AwaJBO;f72SBlXy!5 zW@DwUmY8@O-FW#sG#SY%twc`W5>`FPg5g7-u1b*XjIj-pc$VXv-TDLHElw3H z@%{_yBGe>ph6>L!|IJiwN?ihzSQ-I{a(8GPb8OlEHk3sRH!{Oa6ai|&QW&Bnz%s8Dp8e1 z#%xw&4R>0+o}S7rdHS7kP^V>h=8FN+HoVGboMcw{s^Kh%la2WrPmtd_p_Dz5?7roU zM@vh27?!Xy$YDNLNp#S@%IJUMCLt<(=f(Ts(;l zOG%I`iKg}5>A0>z+OEh`q?_fWOHv^RZd}+w3=-ojc6Cm?RDgnhGS9_anN;|jPfrJiNStZ0e`Un`G#!BrSmke zL9m7;DcHG<-+4j?>8rceQ}^0H*qsI*vnITM`|Wnw>r(gi$I0IA_aPdd8KWP^*RY;b z;w_XVeXSQ7pVrrAF+Z{2WZdOEshy`TKA!qI^f1xf_tJ6jfA~nBLNt`f#o*Z+6X}aj ziY0PbsMO}<(SXHIg=(gZprHcl-1){V4FVbo@H7%#t&Ws^9OX~X`IeDmy6Pk7X>xYC zVuXpj44NAD`=i`u<6{GMFu|uoyL#8^NPvNWGfRMHfC5K?;K?Gp+Xt>rVUx6Zfw>$~ z*44uf?tdzTX<)%j^dFUpJKb6S!9|4Zn4-rL=z?Ft`IfPqx%x1AAEkU}4e-bMO7#7i zy&7F?=hrt~FY3Emc;1xVKCVv(XxDZ|CNj9o9i>cGd@RZMQS}kl2L{DUH)pyRxQmaU zh2~un#MG-}IzIo^R${>Xwv0b`Ws(i|wGrBKzJCogr$Ta76ptbWR?m~3IXP8(S19(l znx;6U?@;Sq8iP&O2~lo$*s*-};HKb+;BU8xl!TS<9xGs{nLk}6HiY~^*2dv2^58awklt_dVe-vN`-e0GcBH{aYzZBA54}& zb%u$A?D_woRs8SnLqJ~~^MSaU)W}b?i~b6X3F&%*+d-?Si(<>iv@x=~3dD(vRjcpG z-o~gYhl$GH-&ViZa$h)*d(*J7^T(Oh`O9yYsKLCgSoWu`ucfwZEh>8xonI40$antw zC@JH47P+$JH_fnjPm(opdcBa2ymISuPm`V7{W8{3kea7oU>AO9(lq zR5l7y9HlK^KIXh#nEbH!)2ifqu3rrVB7KsRsC1gm)V}8@D>5&aX&)0T^>0*@Ad$Xo ztX~45nvkB~oH`OPKB~K^awTl8G@^a)zB<#G=Bvt&VGs4y;|=oC&sRLQ^~)ye@|e$A z_wr}!xFDXZ!&}5LTTJt;&DZDqVdsV&5f5f>adq$)Alx_LN(PqGpf5IvCc+)yrQ^LH z^RTq;Bf;yk59YlOc-us^-K?kB#|c@j_#Aje zj^F9mHAT1Y4gsR3Iw~g&*l;I1hAIQg8gwWQcbnvr)JvY6{Zr);B%J!^w&KgbUpkk} z_LRLY6Gcp7=p9eD$F?~0E)2SK+S30)-`yqFYVc4GW0T_6Vf^)i6D<8XP+8z61J?JJ z^Ys%RXwmdpor9o4Yw@BxxLwl{QD<%?!SK&c4)k(cM`Reb%}-ZaUD+p$!$8T z_>V6DT%=1JLMyG_ds)=@bF5iRusC_DOd?JFi_QqZ{K-DU0V|1`%EK5%MynK!UpkVK zC_9AiVhHqBM7ok^0kyQuMF^*p}es6ysU93-ETK66&s9 zs!-wyCL_mNIa06+?W^>O9M;Z4YR&FYH(eynV;9$-_1uz`TUwHNuQofT7?N>9MC1MGkefU5%Fe?;Y3hb_VUMWy zqLvc6Ex-nDe^pC{>PB=e#hrv!wTQvbSxM9B9UKgP z8U_4x`Telm?dFq-Cy37i{+p<5Cvc1yY~1Kj1haLLX2};sX86#oX^Ele?yXz zs-O<1xdE;Er2Frq4RA6_c-z*zC5)zc0@8K@?m2W>=8&B+b-iU8l&MWGbar_)ReNfG z1C~lH<%&+BmeZZ!(A@mRjmLpqZ%rtw9@=!c8O!ih_j@$4a?avwVoVw{*<9AWb|Np% zs*kTDZMr%^?w~&wW`34iD1AS*o^;T=;g0RDpzT)5TkuvBtQFW!LF9?SE zH?v=7(6=>?D=~%M@vVc0dCoGku>!n6vHNI+THg(%9a6v{2pr1^t9iZ#C8up>M zY9sL_nAfd3Q;R`{-h6fE|z+ZrusnS8;7^Yj9ora=Z)dzg`sHHTcNP7 zp8j6K<{S>@ZjYay>h-zv-pnS6hOQU(a{?R7!(x zcMODlb3Nx$F3Q;sTWmws4KfnK7wE&lZE0)^wMzrliVBS-3E6ugO)=FMtF>EIbC%oq|Y+$uMJOhi;;o?W;8%pY<%eAcOgFn)*7O%HhJHx@JAsHkwq9w)Pp(p$DOi zw&ja;hG?(SlQzkkmev_xOq`bFzQ5M(Kc7;clf2D2v}y!}pubaMJR(H1$n@vQGltE# zzsG=*%tD}aN8$u2{_|hHX-(1_0+6T*$%|Zpq3=PkwX^s@E~ZNp-QiL`n}Ml&2mN zkas`Mao3J~ISg$m|3Ih9{a9X@Jrq_$yu-(OnGfPlu5#r!Ub~b$trY3p|C<&_Alc4) zvL6O59xC9b@-ewKxIz`TUG^TSM4CD;SNfjPk=PXO$5^=v=$7%s+ggkQg)TeKc&jPA z!z-TG50^dVsKKUt>?@wC9U84*!*8(6+;b<9@8xz?XnVdaaPTJxM$fst#I6p5caf7FH^;SSzr|w(0|ZxD={qY5(jArZrd)io7M>Z*-I(^A@ zAE-&wn|XCdKTdNg*5^=+~`BI4z69X zUGtlO)pqN5d9QZ=Gu!#Uvc9-0l<`)w>+qifLrNP~I)zsU3@gDq^g<(o`eVz(wn~2< z$TBzM+MJV#SQGO0R{Vp`LXCV3rXs8uWqBo^d{X3BO^C?t3`Z=o|GGzFW79mNyAoKA z>{K^=65;mgHbGU5)tUs^MXh>V9M3TMb~LaLi*mO1P~HpUmf^flrp8(<>Xy^|)2+ft zan^5;sMNy8OB_uTHmrdSQ;|7~bmh+or2?yEJ9gzWqgxgqxS^+J(_y^aVUPNCL0%GB z_wu9K-qq=e8k(G-jnfJ>IDL{yJN_E+8eb2X82dlsbbD`Sz|{KyLSL05!JiSS$dCEk zT)>N~ zpHR!b73o##xQTQ5yvvP*8JDt4Sj&beSXhkQ^2wi^;-fEATQz(TTigb(F^G0^8p+&2 z*0Glg_Ti0}^~R_76n#s=b$s$HSI>AE4v`SmTNh&@d3DSCrWC1nxa1CNnTi~QD|xr_ z(p(L!8DJ-?G3H{^@$73mwCgIsHs!^(WIQh}vTlHON03`-@0;g22{4VWgdUd=)P={fvuDb6y%D`qJ^1B`9mTW`n|DL$H&T1gVFjh*S6$)%h< zPL8zfQd3HqOm%%dgU(c4Nu+LCx7Fum>jrnP-LZq9>kSv*zG_NO#|6j-+t`sA3_agL zoa79coeXUC@uQrRW@VoQ?GOW+#))cOO#p2zl}$wo7WmoigvJJO(FIX3Q}B~|v@VNe399lM$8CM&e4a8T8{GQVQ(d&t8AoALn79&0GEdDesM zEyAp2Eo#Edn^s|V^dRL`y%yWZbrV*n(c#aow>V4O?cl`SopHD41Lp+hvo%Vn;_5U{ z%Hz^pe9`|A&;DFNcZjTCHNl8X8vpv#%zORZ$#gW9JGvw)>P0IYP^2G<2-e`oMN>7N zFrNq_gWHA}0bKfNuvE!n27mc-=2F-^Rw|7f0CsJ{D*grv>neZTWI&gF^bTh~kCPQ2?u^t6&>;2miK zu%vBs*l64n zjS>5p#b`Y^HB}8-B)&yCo;}gF%jC73_+rhxY=QGsgERPqj`g(wL&17k*^eiu#JxL@ z73>>ir3}m(E%j)qEOkBPjszYf@*MRCoOPd7CrxauY5pE`#96KNeZ@8l5#2*HzJoV- z1+MLB*aJ4u*!PlQvt|xyl+N??vlX33ay9q^Y)QKcg+Ei4H|-(eT>>+>_oM3AEq`@V zR0uizJvT*P*Ou5yw|Pd$hHE?AP_fEU=Y@*vn!%+wF;eDnS0*||6i89ZWrT)qAQ-eRnLf`ZNVW6xUCTP2o@u3CYTtyjCEV(E1|1s=W^ zmlkjDzfy~p6sZl87V($bar8iM=iCwWih8^i+$oyz^pnVYPS<7?d%xnTNshr1J*J}E zfYMkG9?no1+gLB!9G_lm?Wd>aNtU))avv{s^c%S=bh}gbK!nnDxIY`R`v^n z)yHs6ZqA5wMECrUt0#)4$_Y+)D!1Q%XL?W)GC#~vuQmzoCh_Zip2Fu8nRdXUi>IMZ z7|qjMb~QS$$nP{|)As($Dk#)*tMmn2+SYN^MVRIWHgKK zfx3r)@jT`+mr5yCAI^|e_k$hpnJVk6(DQh{3!TAKYwYE$^wfXa!jKHh3=c-E%8I`P zx3WChN)j+vEPos1DF6-4kVa`i{X*W0{!9RjzV``@&<~Hi15-cxm%PtOyQ; z>|_&8{1e2|!~!>{b@nzwwypdYLYSN54)@P7!?8JRTgbImX}4>(&{1N#eoW+EJ#s%v{}ymyY3B#cc6`kR!aXYa0aJCg^hd6N)M}%ulxil z`s5*&N9U(ZD1!3l5w%hMM1;2N&CIBA)Nb}n1o&fTWrnZ0H|7{sH~iyYSdH=g&!d4S zK?dUylGdrFb*#KopRvlXGn@?aYGc+7L9Ard`|FXUs;RP>E4!+!S_XZFp18^*xc#m2 z``02jZJHet2^{Qd$$uLd?PYY1>p9!&Bf(b>O-|=W%{$=Da==R0qwv8_B_!2uRrbY1 zDuaECTb=>yVBb#;%(S$%=EgUrWy8oc4#Q|L|L9jK;jqYq8EE(wktRE5u)$xFtzr8# z=6c^hzY-Bg{f?+4FU7e|)G|>lh1XTgZdUW|a?qTcqe1HNW-|&)-@SFTxUFi;P^Zz{ zbI(O(=i<2bsH$5D>C1lFU%&jD{*m?jq$fHFYj@Wx=m?X}(XWdLT~mGC)~FmOJDX^~vYmB&we3oEGaKYJTLuQ?CY=k#4yb&*C* z_r!WzrIh35tlD{HLTa8tA=rkg91iAga=mcRHfX)y*q-u>a(p~V>~s6-9MaBAiTLi~ zn*%h^G$%Y^QvEU~eBDQdLIoHqEB)^wEApdr!l3@D8{ZgH#MS<3zLxH3O^Mvc9d+^< zA(V)H0+r-x$c$aRTw0<-`K?Iz<(WYsJ45s#9-0xi8?mHG>>i4)8l!vVZOM!~4=o zBa~$)+Ekg0&!X`OtxF!)9T?q<{g^W)#hYhZmU1z9rUyEEmHW?1q!MO~e`l2))Z?&o zwAhL@xi1pwK3@(_Y485^EjqK>DpwfZ+gjxrx7m6~(quVjMztRMkd*=aq&7!=4`?Q* zkQ0IA5*rICeg%Bt@;lCl_*6@hG=mFhY8>kIW~g#f0YDH&ei9EG`%82c?Lv--U1oZE&y2YP(q^rVL4Q z15ZJm+cn4m*`jP>??KWJtFfUEiqJ+!FN_u~{fJEhZ>kOtfEBsezz z5KdNvN}V;cP_s{N7q~KEfBrv?UZmV7iYmdBAA8@u9P-_>Y!bI>2I(=A1;RHIjn*#NI)GJ{f~cIOqXxob1vV=6Pez;pux( zdv{h=ga$iquC{P{R*e$&Jqlesp}0C|_Cv6AUiM$eo=uuK?i5u&dcb+TNJj7HaX;#r zR>s|jLji+2EhSF3P|T1*2=&GVo+6Z;`yu1iUNSDe+xi6rN6t~BAzU!)&_;Ds?B2*< z)Z3}ld2zCVIzn+~1oE%XK2vHYcrfS?+;lV~z35N0TwK5Z<3BB#d=w#4cQg-6SaQWRX*CCG zaP?;8%qNmkucbEi7cW7!O;W&3?Nzg9o!Y`EwUgt)5wF9Sv!{+xLBvg4Z>*;%!m?=g zP3CE)4;wGqg3kP7>#6qn&)0EX&mAusQwE$@{5Q&WoG0VuAA7J$1uJZv9V1R08!agZ zEoa@#>}CP;^a3S*MQfV8gVt*|KU{Qu$q|a^W*K7sDqyQ&@xb{a=1a9;;*xNJ#zv@{ z(`*9&hPd2tH`7M}<2OUzF``M07kAA65%ETEFj3q|&}ia%%TY55D_t=PMrBp9Ek6N0 z{`f;J6y|0zF;ld6&uJ6A!4GCbCs}0CPZKokaux1tu)?kO&>Lb0q>+8q}&g)GkUfkFVRR(JLDaM9a(sQ zTLFVYt0DA!$L-ye4O25|e1;?DQqRANGX%OnwESbCOD#bt{H}4e4X3qS5#oZ89W7B_ z`-Zq^lBml1t$1ht7~Un`F*_3ZsZoic>jXka?{(Md*D*iPmuFpQA*Z_Ctk;#uxS54S z1#2jWd6NP8Kz%UhLg#*Fx;%-Y?yd@s$UeTafb#xa*nQWe>t1h0~@i_xIZXrL9hK6A(z!LA`(KO);2AYgmDJ&Ip!UegAq=KR{(_^j}S z|GZP(BbgZDpw9h?v0%ZexUEs5G1yGzlPTH^^-ZgX13&e>4}TL%QC&=m9PO)`yVCl} z_?})dX>e(U{JP&yF>;;ai)QqH#tRWuwO=(++Jb(tqAo2K{i7x32Ey!xe1kd*fw*6# z9r`WL=YFwcbc?$l(pfkcpg3Vy!qqAHF~`;g0sfwZ*1O7Kk7HNbOXg#D^UD)p^uvzk zunMIwQW4$}iGL<6$tG!mjLNCYBcE1U1}3t7!O`F0A(Ts_GE)fjTf@}b!z{w9rlX?X zQA7vp`@xh;eM&!U{X)lxqN=FOh{w~%TqO5C9pGIq-;X3mxFu3cBqQsF+3&qya4m^O zH;(^H(2vy8t$g$;ZCeve`+{VArL7Xl;nc-#xyLEu^zuh)^G5>eiQ7WyZll$^fq-qg zf#_h)^fSi9zs>hOjAVE`0$@3Vqxs5r?g_d@jY`%A?!Q$SDXIH~%RP8UxvLr0I+Ck8 z%F%BSXv23P{4(FUaPi;9gI7MBBrLDLWeJ`UIE=~czR=sLxMjpT45f~#Nc?^~Ivtw> z|JtWc=kNE+!sdhK$Kb!tgeq1H(i+9W(;MwvFt1;X;zesZDqgwkI@3~>?v6iH$pU~` z+<&u3`C36^0YdySO4r)i?HVW5Z*V!;WsA19DaObUncM^6x{`TZ_i#`KV*@7}jGgJK z$}(&PAYCVRz~{rnZnmuftvml~uCN2Rokyj$^?LVBJZoFB^zOA}_M9)?$s`$&BbUYY z|CL3mEohK(PMtJq9DqG|=%F8@x@v!|5Jn=PxOd;?nZ)B$WbJ$R?gZ1wb_LYK*A=LX zJX@HULnNcW5;vL=W{5&RJx8rcK6NE7I_hWA0ajB)T%}Lc;>O9(`KotjZ$t#KLvP_M z_1SM`>_SB&qVyn_FUtxCPR^Fhq-Ez|26-IPngcX|XNHJ~aA2)FEmA!6ZcFL2g zuD6;S%@gwD%q2euw2{ha&wkN9huxlY10*FcYM@JB33i;Ul!Pd;Egp29#>kl+YGaQp zBM}p=^hy8g@wO?G#Ag9>jsz%Q zUNp?BZE@)|de(K7uf#U)!hI>>b}+%XzICP}kc0wbIfl(0Wy&Ywyj{i1yhAnMauQ1i z^#@Hyts2loQ<$}(mu{-h*;G_JBR*%^*Ss5xW90wXKInT^{@!oDc4NC^x@v#Ja5K&6 zA}Yl<6>l_GknB$aWAi!cU^2lA5S|z|d3$=Fm1m4u7Vlu{uU%}JzxEwYk4iF`?U1a;$yLSS=y130GMF}70)-74*~8~C zy!Nr832WSB8MiU@lu#gM6}-3@<3F4?BasTOR!BRl+fD2AdHDX;guTnO?*np8f zBAL;oor0w?iktsjFK&w2Q(1unTF4E=#!s19EQ)=e;C;D3Hz;@3yZXgKV}{5Ip~T5P zyr4auKl%t08N66y*Nv=(%ShS3ch_;19qQDox3U#L_$ta`ualX@*7m@kZx8uG*Md4J zjD%=xV^evv@d&Ns9`y7r2tK_s540aaKE%3I@-H}XELLkCnEBlecj+mId0 zb^1bcp;CRT#%Z3%oi4k^ zEiGZBdYmKIC=EBm13~jWkYQNwcyChJe5*!EQ7*gj8ET$0`;?pzV8E!>i56>Of!?A^ zMSk1s%ibUh7-M(q*mr*v5`Jkyrt{+ zX=Od>=K7&mrn{gQz>@stWTS5N&8CNF?G2P#LMq4A-m|wE@*X@wGIq^1rW_IrKltsh z9lVbYhmV2VnOT9STMLaK$W3u$R!G3epOMY7zsAwUKW!hTM5$Rfd>jqD{dXzOXS&qb z+M|9>95=PBNww`X?b5x5sX^p>t&G%ZT{9?^ZRuin{YuXuC%xg;4`+PNR;`Hbvsc_+ z47RnO6}?Mzu^a7j&9{2HBf5P9kcZT=hIP2JY>|V1B`6;t?pfX`p6Stno%e1^2@#&d zSfrL=?}9>mk4jGl!mWiM`T=Yz1>KfUi!ACGszS+;6&yE=k_+1N_pOsD4l(eXr?*!P zL}pl48PHlYdW1FQ>eHX!n$J+1ZBTY$0nj5Dz*Ct|wGLBtJ{*kg+EqTz=uxw%J%<_4PgGkjm|^6HMt zG;Xzr>VS5lo2iHXx&D7IfY>ftz+l>`dUKn)BOXPkz4F=ACFxHU?p&&y_qqLWlq44M zgZ=agRq7z-!^bQkf$)P=Us!<5+HTEN9)-!fpjX!`KvV#e@&wq{bpPwZcdyR}OjlCj zkyo4^kBcvFu`6O3S8tL-X>M-iw+OxX*Rvjog=enHmxMJljAh<#>_m(6guSzw9V+}4 zP&C22c@OEP)^K8rYHu%yjnRibOMN~ zac5P`rEOg`X^lEgbmuKir{AOiboPjoC2+_qjMZO#;EF{EZ0E_z0~zCp?oXAlKhVMu zV%opZoKt1%tW}|%@~7TeFMr;<_ba34q14q)g->2biSNxHW*Ik|Y19;4xndBa0(*XM z;c2R@A~4Y6Am(2V+tFC^AA-1WG1Kh~ShBJ_mlXvY?|qmWzlu;GaR*xiMw@((|A*{Q zTHZ&UYl(E@I9Shpyz9Kiw@vsDNh5!C_Ui4?&xA%_G?0y=v+&VCoyr99K6nB=$yYQdt{%5*<&tC{QV5KI-UP?0*FzfiIRJ3PLcKV5BE{5szy zm~e4biy9O^%%bFw9-4s!a0fZY>fhs(-I?%KqwpK8kHqs^GGaYr6jaN0_i0>*2;J=f zy`L^Dn3DW8kAoudY7LM(3!r+%4No7jOTklG6hH~Q!Sv@Xauth4oa5{_IYJW@9ytxd zaX9pbpT#i*q37=@dt5bFY(_@rNfkW55<`sUbm(h4&vU1y0Vd2r91i_;g{D_TBW6g1 zOIA2MYYM%bdac=0gl*MPa^y{&Yx8B%^}_MJwKKrM3upV}{|pLnvuFRqcN*P1i;No& zb=E40044HhyjOuS&Pcy9qN{d@F##)$=|l`P?r4pMr%ZU=xKneOIpB%D2hid_t7O!+ z(T~|^Ku#Y2?Vg}#{x5>U?dczOqyZ+^CiO-GoQ2>oM zmj~@Sp4h316n~Q{Eke@g%t}N+$`=UmJ-p$}Sx~RR&bw`s!KffNhwb$6_T8!SQQ$M_ z#wEO6fC}>Y{kRrO+5_K-dXuSRGnLO4wW$Kl6Hm^{gD{q7*oFO|HQHeUdl)X27diRTLB10iR*gO1$^F9b;YHyhb_ZDgp`}BNHmOIfK!Ph_YUr7NG;fKSB%};X!28s$lLOq; z2-lE3MAaUxUTzq#)D19;b^?&ByglX9EGzj|n13QuYzCB#*)>%i+|eO|oS#QUz(=AY`!;4QUH7^uKu z?q4g0{_e>TOCKKVavZX1Ky_m3F~;3kUxQem=Z7tOBpf%fTb2VgMEZ zpLB>?X0^*{Y%THF_3#$eL(oEX4#=_ltA0AxZV~M;aw=Xt%)*IVGDk%*5>+f?84yXzIU5#Bn} zN1GAFJ1+y?D_74vTwUTY)QO&QK6cz3M9f_OQGLITDH8{@_g(KYXg#1@q;oZE@C<40 zr*N&B?k-hYliXf*;0^kt`upVh{URizRdSEed(p>Zf!{<5{UYQK;L&EYKfzC4U>%=C zKfjo=u6%z3?a?71x%X3XS>PWkarB^8Krzp*q@|BkeSC1!{NbNmGafshM~3ABN+nrJ z?3ido+6}iesz!-2eQQGpd;PrJ2HsUzOc9mJ`Yo$HPRjc)LdNS*b}5mwo*!aZZ1`eo zsUck4=*XOkJ{U1b_*oyPKyH%+ov(g!(Y*HY=5)my(@gH7xuRQs@9}J#g+bFT-sPwXGa-E%?vbqo+wj@2@ zZLXRbF}BL{QV;mc>y$A4IauQ=x5X!gn$0WFdYwP_y2PB%Og0DMdyjLS=4-{AV2Vnp zm#xXNS2ntTFBL{$K82(#XMEk3RXR4`#fvS9*V)uG(~CH>jYtbz$j^SqgZt5U z;Wp9%;}?J$LY+UIV$HaR54qwTMNYw8TZwouck`R;sp8h^(u{*^Tz{lCn|9yiSqw2rk zMWF1sCAOCSd*i#e5O%N2g|f9(OcnTl4=&AhpKP&kk=N?;gXET}J=^Mv-bb+gXFT;~ zg(bkQ*jDjQ2DP{NxtnNWV;+*iQe6teX`vOb3PVZ3@zLE zp6QdN6#PLzN8aEXW3F@dB_=2Ok4l5#`dr~%mE~iO~otW3Y$A&AXH_eK(aXGpnm>pPwhy6+nw2cUz~F&8&dmD&^pn#0`!pPf|vI zdpYoaS(V3m89(Q+dO;m)JqJx$^!Bgb052kS6unoFZ{_6DbE#)4n+@oMd?ktjmaS+`vD1E{of{mIG=W;e?D(FQw}Zz?m%E$eJz;<=#e zMkVNH$MPNTR~%I7V?6?KUtGec4%R0AM|5>t-PzU>QaSd#Qt`;^vyO7YL!ngHC#0q` z$SDl!6tN%v5)#@N^Cd#w9V2Q(esz_~4^gaQaTnUaHmd6^;(eYRdHDofjJhXbs2wZc z_jHK4lw3EFQ)|cre7V+gLRkc7s43S`0yJ|M-gV&F zapAU3`tUcZ?eMKt{F@>MMshmQyGN4-O2A`~|28C~bY(C3e zy%9VZRx3%y+-BF@u2V=yFYemEu9x{%`uq_q*R?wG`YTVbT&Jw}S3LLo8B|l9CjWp# zwZ8GNA1O$XF}x|@2fj^M?@AKLu9_pcfa5tXXnNZ~hmp#1%;8Zu_{1gSXz~zg>kK{U zn1f?g-(^wee|(ONMUh)W2Q2m8d6YVuaBq|~mC3k#ZW738`*1a^H7JuE?>RAEH=ij$ zdBYUA!FcOouFc>2X<14O9dxPX-Q==td*{N^;sWeKXAq5P>;CcEs)nW|3#-#X5X}YT zy&@I7GvgG`H_ZzQTj7$m97~dNp5v;T8QCuVvoj*`CpGa_=|B^KfG88O5=&mOL;1FbE;y@Rv5tKIWzaDZAkT%Xf#TpPlU+ z#&H4J{csL?;y`!w8l})v$HaeuP59DJJ=Q)Q2($mrpTxd*jlE({or8k1sU{Bl(Zpy` z_g%2BU5&LK%SCM&j`R1+Y|ZEk6XsgaC#8<-B@K^E&3u1Zd~Cs9bkf-CDtWc!S^*%x zAzd^G-j!zAO$d2LE;k(&N1Na)U>smzzAtNe>fqKD`H5*|-8;bFacGJVuxo8Rn#b9; zib%?@$h`V^u>iKlnp=IF?}orV2%9X9BSwR^H9Gd_{yh2gU#xArfn6$_0c!EsH=^FO zsY{}Hvm|Tfb?G0bgF&VxraAjhyMuRvjz#zu2T!Zl$-)xqXYa}_;Bw!K(@I=F>u!Ai z-4k6cwGwdRi?5f162x2KraFzmJMo=&bO=E$6VPA z4k-3w?^rHw91JDrdPN2?>)89|@rJWwk=MQ@?A>@8q*lG9Zj!urZ&wpL`55DerrNwN zQU!ZJgwjdJjpBZ@VMR6Ko3zCGFcxkOjPSGbAi6`$3d^s@E!WFcqBuOBc*lP)$u_6$ zdWpTr)Oa54*PY%ZEO~G{g!M9HB)i|_Q}DiS?tRwx=(j`kFH^oobY!zm*cG(D?>Efm z6S%B>jZgP?@#0GnnV-Vh5$vLOE8fq1;QQIGcktCjSD++hKmRW9ZG*lDe(wRnYIsFk z@@U!6CBHk6!MnRvfFk1M6Kn5K__wS!s87tuf+6;?5f z5UCp5xm5oGoW3w$y}8PM)Z#h7l@N2lIL+g%7{tg^-}sQd%3?)zo2fo7Gt+d>!yjo( zq!C(mGIC$<5f`VE<~^GUJ-PdR6N8kREv2eHg4OEqQmn47F@t`WFkpL(ltDVPotDOc zq2Qhrl%D{A{*)H?eJ$=R5QeXe({OI_Z1kv+0-_o}ikCp#T!1-QeIz}GKFoarqsfw< zU9vqE?9S!Y$dWa?7cIZ1%z$&4(1P>gsgl?kunYva#rGHawIyU)0!LGTSJOF;$*3^t zbU@zc#`4G|S`cLcV>Nwem5lvlZ|5{UM#Pc;qHoMM)EMmg5Njim=0zXHUI~FFvR9s7 zPDgUvUM$zoYfhX?!zvOhE`#dl#xw8)w9)82?{TW?=s}CYcC`%kWn{J2diE(%SqExJQW1Ca`DNgWG72 zF3JyQ!!tk6mvwLn=tQ-aE`;9dGvQaZOYXrDKV-m&8UN>gE2DT4mR<-}u?*83K?P<1 z|1mN9KMawyH+JP-jxFBLw*A+O6-ZDEz4pI#lZTEeD^4|+Vd5i-( z*sj}|-G9-QZ7SF%b0Xl2WB~oEKG?V}>iwh!^c(q*Pu3EQoi&J5`He!C6K@TsosktV#qWwkoQO+O+Cnc!Fty!`7)vOLcc^^+qI)6U zX6c)Gx=L!rD-C1UInr1q#MB1K3v_ko2Qd^a7M zF(_E_vRuU&X-@JdiiUA2ym{!}xCY=hZP@buTnFD_dzS!X6MvWj+R%sbKET_*buzzH zWB(I$ElRt^YMgLx+4)IW(sjJ`Mo=*7t}j0b)jQ|Mm)o~xICdgO-6)iN-7(u4+)8g= zMy5$haulJ!>Bfg2z~?r_)@?)f4lWFj$Ro1t89AAf$ju8$+t%!H3qoZ!jJ$IACHMoX z?@ODjHDe+V7iXnOyNckp_L7p6(p@0O#C$K4Joqi}zfb6855Qo(Ml`7FPMEIzQ<{#v z!_eikxY#SXw_WC+NkN)FRv4xfMThUiNdM8R^zy@Vgn4SP!j%jMqv^Eqq8hHcF7d89 zT@z!O6;7+7(_9AAfA74KJ^U4stl;r2#AxFiQ_gRwTX03ey+XybLvc>BR zPn&JpclWyLUl!;Ji|kk24Reax|E84551$-52_zIoREj87;c-`PnKUW5|J;aRa5wqB zA$mqW&?Sba63Z6DLx8J-9e9rq^?JW~JmuXVpTC&;uX!LUH8tRSUW4Sa%&WkCy=wWn zM_?<4&aV4YLv~88`+MaI*iY)%f?Zj&kVKXncha>7!H`I@TVZqJ?cA}noN z0(LV)5Tg^~2M5 z7w;8)E=oHpAJ_4oc7hMd+9qD#llUv3^ZI9OuSQ%PSytlWHbV7YX9xEEJFX5k=?mdm zUUL?u7jAf;KwfOXMwsRNSB0eqm*QqUMh7Kne|S?{7k>ZQT7rf1dJDGHNi4JXW{;}g zEp{HwaZvou6c)P+>rF_7nAS)k^sQ4C@wU$$9;W71+6pfJ)-I>sdQqg&9e%}(Qu?;j z_Fwsm(UIQ=Ik|&-;#k|Cd9N{lY&H{y>D9{xQfHDhQA99oAN=+%DELNx8!BPJW=vo~Na5@E ztH0ExaCt@d(xX2k;Adw-W9_09Gq)Ai$7{7GUDR1vSlrGJCw3-4bc!P`v<$n2_#>v^9Vo6p4{Y>d!4hO|I3~`eqpv#EPmygtXp1B?vK)LFShyxgM zGmqukBD?gEy8K|Kp7Nc8uSF`lZV$6ke>Q)st}^UbBX@vx*UwtKI%D`}4!e$rTn?Y_ z{EZuA>1Vn-B~>|Uye(ma4IMr8(V=r<4Z9F8rU*#as&_Wm;WM9P!qn} zt$^`Z4^BIWiURPMRJ;S`WTs1@e*TT5VgjjC8??5!6d9)Jd}vwgP8aG)T2KAQr68{E z$2BY!OyXnsy+$h)MVZl$YrRZHgi30ca`vqAX;NAU(vs-? zFwrJ#6xy|*oaWS8o0h@};S3-iQ)f09t82wi6px*mP6+H0ljYGd9Ra;I?=i6(nU4V7 zCffj40(GEP~qPa-riN=jzM;x^%a zO;G}y94RRmNyBJ+>z3vbOC`H2VFqwiMg?{DaPNOicN8G>`3d%Se08U`kf?$ehN+)@ zl*KBMF;yiWXke0g-0#ysFN$5C@5P@{KfvAoh5U|rKSZf0-gnb(dTIpEj| zQ-ZHU{)m5dYA=5|L!lI7DTYFS=wJeW&0PDBPm{;r0gmz^=yHbWfS?+5i(j4V@NJba z=BTC+#*QXN-c+$7?Sbn(kFU`mo19EOJvmYB&&{CK(dT{i_GJm2vJjg|&*s}e&x+WS z0z%vk)rg5juhXrkoQd9U%WUu*CMaPSdClZ8_Dd$|B+%-wQt!od^L~ncmRZid%HY_m zq^HK>`RL5kQdi%T2k9{j}>&W|^rNiU2-(%b_En?#S= zvuC~H|J3%`thRfxrY?hfJ&cd%oqum5KDKP^fNwU$oo{{K2@ZI4{qV!-vp?zU4otpg ziHRPD?zKF*xg~CCt6N-iUVStA=s7*Zz5O3BLEmOS8k#U172nAuON&l#{0PRLJ-ltU zKi~52XI3#|GziP_4HcZpYD6@wbd8K{NmPv_KSSX@@g#I?od!?28?w&Tz=$@|8R_1) z8KYkfw0tP7yaVH;u9DEWYOFc1?B$#S4pP}r`XbPd> znslvJW$WMk@mGRpRvlf3oYV~+=_}7t_Sv4Z=YO5jQE>tdA)cN@5=aU{1~onw_NH?|i0Kxg;>OhMKhMjU+BYy^Dzo4hmW zQ>q%t`w#BI{~Kcc^>0N=7LV79vT5W!x251$R?Wt}Lmslx%N8i>g|5s*H8ponp|Uc= z^6y`sx#$X2D%HGb*1K;fEzf4LE|e?OD0J_tUW+h*jJT4Ajh)?{cwM@hvIL(yQ8RIc z%&GJBhR53Wg;Oeh+|Gvk@ci_2*hi}m@mgXQ<(0q`R-DfD|Jw_Z%xqEYow?dvjSk~>sAF=5K)zaP;IgB(|9;%&yt z1sw0*<0*ae>t7y__Z#fTMNOOC&TB50s*B0v?glK#qnh^d3W5EaN5VNDN8nl#Vb}(q z+Bc9UviZsC@M4sv&X~t zzooGW)jL>PFqR8gYlFp130xGN1LQk}uTOv3MFW5ZdeH48P;4}oXSH8>2 zo7`VI;Riqe2&_Gh4q*NiR8p|1UOqBHoqfi}xNwsILljJ%EX`Qy{hiv4hjjzoEZTIv zf+ZoJ?Wcd#xG75)N?z@|`|VS>+v44J#leSJeVpueN`qR9kG`4QYU{~ux3-Opb<>a; zdwTEL_oeF}TR-V4KjmZT)H#CeoLn^c&CWso0e04$X)>E~=OM4WT&T!nAJKDt#RDRp zsM9iPskYf7jMspo39%n;ve~YIfD^!Yj~j*#*|j`^T20b~c-j@q3TL@q*f)oj$Op%! zyb4x6j@M&DrT2?%4mf+b8&PeGp)ITJ^B3ov>WXiIrP~SlB#ib^&DSe2}})sQ`-elLT81|SH`}O+3uiF8Tb2RmjbvmbPG#H*sD2& zfWV=38eW?SAvFdYl@Mm%E9*8uBU&m0wB!P=K4#i15sZP zO9VTwW&YFe1d;<+6~^1j+m)7`07K*Ka$BmWY>o;;#J9$zQYI(^2}->7phYV4axQ`$ zr{egS5l9fmTmnMYA7~lQXBq%YNu?6Y*O#TugHNogh`(hIF3omJ&m~+1$^rZy(A^&D z%rv3fcM4Lg>VAPB7^V99s{dy6j1x`gx)sO5A~nzdGm)AMTA?Zw&XOwPS71XRBsoKimsA}JV^!@X9e|bt$+n2jye_&Fn6SzXLxERabmtB3e zcYHM%iv9@Oy%u`XV4OG(FJ|&~R}86Brvr^re0m!wx1?DnZ-4~f*mdYSA~F;mK^@Nm zfKborpi6VzoBa9Rt9=gA_7mno9JiOBgXP{^$@(fqbVuBsrj9LAfrJqv2NZhfoyOStKeuuvHZ;BuE<{4Gi_gPB|Q zKlZO2c82R&K%VybAI$INtn6bfF6lhxkPE@jv2RcaK`+uQb)5hXBk|EP%6c?76$-8s2glznLx7xx&X$UJ9*JK>%)Y8~b8)rt2F|OV6P;BDrm4M6js?*PkoQPg$=s-+{6|oaZHG)4+|Ch@t>F zq5l|oaFVt$)zY^BMbY|~s2o;$Ol?waPNt|R_ec4@tdF!b5V}|M{tiRzOO*!)H{*tKR zcKv~rS>)KQX5&C;29PSu!uq(I`TLEFUje|ViJ+dd@@q=qgmG6XYx#cB4eu~kBiPNL zYv4zEfR;kXCt}vC$tsK!GuKV5%KJGuWNSjA1FBx}pT3;Phzzu2k8k0$u{(>X@DgZn zej5FQc<9YVY7KjV-PR@&(&RBOMp4#Q@5NdvzAfCwPotd8SqjBG$+@-!oktw2xz-~0 zOGgA!JUh}ZeoCBc*i0YJ3&nM$mPsD=(u$GnCJ0QLb%HPyp=WAL2K(#zsvkSuLGQ|g zFh0w{YUKUiZbwtAg96fZRzz=ba5r!3^^#Q;gzbu#3g8 z_!81M=@V*o2{FzL+iJ3zIuwfQ&ErP5UX9ZAh6)sr*<1|tEWp+-t8hX}dCwI#Bd_Yb zNYY98N&GOrGMC~G*%78rpJ${-m>HNI`(y5de7gjOqtoi)u;W2xPlH>jCmCCKx2e5Q zaOmgZkrMS#Fb7VF{FCQ2Lz*s6;TZolu)azw?N9w)*4yzacO0HlQ7eAq(M#CpUaS7< z1rg{Z$$=BB^*guCnaL&qNzkJ>A&-X9IcIwxcOHl%CnG$b@-3WEjFc#oAYsg8kSW29 zF!XW#7tK1{sT($t-3yS zfmX|7zy369;u?>HJH*I~6&jV@ab^Cy441x@C3dQ>q0`uEwFk6HmHx zaHlHF5-R`Z-@1E)KzXazxLi^1&FdGLY;%#@d$&~Xxb-jTK63QE^F~Za@qUg7XZ=zA zYTdzU5Zn=R$NQTw)&2T`o#MjPWNZ6xC!{eD#dqTRv^jb|OBj_2^!{1FkzF)~IDYEW zA>bUiz|K;$$XzM`tV{vvzTH9~TVw+y6$52q-@Y{zpeG4|fy9uHDx5w1XG>p_8co{9 z8*Fe1?$l9(L?NZ!tN4{OPVM(U8geX|=aR+cu6F5x3;A?tDb8FT>iP|=jldg98Ioh7_X7iUPa*4jNi+x8^H0!qMpnVkg?p3 zJYWe29jF2lamCD5zDBol7Ru5mW2swPBcmBv zqgq$Y_ar=XN!NV;aYC`*6FS&N;2YBY*zw2J_*f2TNt1v%Bzq8dSR=4OMHc3!$xauAS`Q+|W&Bc{7jleE zc%fYMSD0Bn-AT;*tP+b{H+Zc7_i3dI!78(&7X~x{F#L0d5GgE*xZq9CfYkAHyUki( zUaJq3iqT+BlXRd(5iX^M@v+G5J6d!Hsc~n3WS>bO-7d5FUC#o^tzQD|Lq}O^zQAGj zF;`iQ92(2$YFzD+^C6*p*jPq6bmjgscQN>>0dVsQOKrD<*HbYht*^sC*JB7l^%6jl zG=NFE6bYp4j!6Emf5Vt;5)}Ql;N~x^IFd9(oIE9BTco!FpnP2uBeC}wpPw(wNRs+}8Bb`={ zGQ?^UtT-I9&JtgAjF`TZJ>Ggm^P?=wPNs9^rKqT%yOfm@_mbnWn|esdwTOqmEfXCb zcMrjSdO9LWZ}(JCf^Obj^6dI@D7}fZZ+*7B*f@1bP5zX);e!vVo7YSHsubdUgHWZm8MqNzQ@<-RLOn601ll7$=BB-UU<9}nlO_GQikEr&+ z`fmE#m?_#9I7wCEIjRDnJLH+;$esP1z+-jfY0~1fols|e=+bODF*tlo&ICsUsjk2>1&{dYe*JhNUXmTv*)Um3NJowFh^Sr$= zBCzHR({Jh#Mm0bKY`Tk$v|Q7aZ|ll}c}+Y|51hruOLt6~5vz0KV8^JV0NF_&e2xn4 zbp)w>?*d*G`e1!HXVZVNeVn&u9sVv_-r~zeFNN%b<18A)taSgwQtP*6c)hR5^_7j& zFJue#YSnfL#~ac2VBbVLU}T|g1=#WLw;hBggNpeb|+E3DleR? zyw|3jj6r@p(XmrLtmdUNE|gq~nLE;SQs@8?mK4zwj*j!@lb9XYI9*~p|7-Lp@L0)Q z0eIfAH_P=}ho>X6_-2LVd|f15dNXpBvV)c#Www`vbz7t}QMQNU0cwT6mL$F`>25iA ze%h2X&;y%H5Vs98y5HZUb0G`#0KPnb$%<0$ zWEU@_xE6juWRU7ZH&57{9y;ChdCF>hhBpr=J=;B<)#NXJ(6*@rM3YJa(O^s<=C0&#s`*A4*oG#6}GxRh$=A zT^W_017utmFV#UF$CEaCzM_+dK^kG9C-+OUSKX7WMfN&wgt5ISN}X!_YZ)IzfqbzM0b;?o=;h-Jz9~i?n;0Q&K9(MtlCCUi@N)n`eJ=wB zkTNn2`T_?X$6rm`C#nd5T&-inqNTd_V$?WfpaoDOsTrQ06h_^4GV&7)c#V>z9#&w6 z)kc|Wo5*|y=r@Gix+dLFnfagCgX@L$#PC>vagb0yU6f6hCYJN|d-seop84gg^FNe@ z=t!ADL1Dn;^-DZlNZQiwmz?v&`(dx;t)Jv>Qfomg`mOxBKe^sxhXqlYA!Z7idNe0i z3fDrY5n&Iala6vEQ42)JkhD^6@a_L4LSD`_g%9O0`9PX67ve47&X%Q0y9WJeng7+6 zfhZc-AckjkH{M&TIn0PcCob+ukAED-bFQsK9Ae%J9CIlSIlrmkAnk~g?us5@J`a3N zS)w~;4*1W!Nt{Ua*Jz+&Ogq<+D}^2|oIascT#S75BiVyo$AixPT+C6%D5bG`07>MN zspx!j6Ct{=Xz(ay;R`@crrYa`UhTHw0P!`e`$NP@`}~z-F8NEV{OVbhG6|a}DpdhI z=U?8`y|q2-AoKZ{=-b6TWKmh9^MWZRxGGehkxD&%sGUoLWFN5e!38?r&CYAu?qZjt zNojbF`^qUxc3;48Iw{swG}04>fQX{1NLg}4oqC6Wlvgo87 zr5(rC#iH;J%qIqDvt~(#2Fuq!WhOEton;Ri%)}@Mm7ALv+Af~zRjLLILsFD#4HZ&0 z>h(@_)WAR2r?!Lp|D0g8#S3|`-Ga{(;1iD8HG`%vj;fPWWOF8XOgq(HR^-N$|8UE* z^5fJ@><|{MdJ~x`z1$UvW+@2z$QIeJwt8RP6Tnj)odm9XoGOVut5k!hSnqY2ZY){N zdox@csWL|F)x4-eJ-}`qul$%3Ni_9yI2rvhcR$h0+i)l`o>vxcd_B+nJoTv!0Tmpj z4{ljfoLG)DkNhb5hX#@M_lx$7EH8SKYcG?OjzRG|v7f@R8Qq_)(qGOJOLld`5En*} zT}XqTlFy0uM24pMXSc$JixT&RFiI_IyW8=-d(eBa(eVhWKhQ8XwJN7zlac?nUYMiy zAOMjfREH4mQN@bWO6jRrA}YU@@KAQR{~_$KHTL&5&q`9Stp(?hvxbhH)gQAoELHRD zoy`WB9=hD!^ZHAP-Cwqo1HhT>NkzlSHmS|U?3FXl`PdVDqv)&w^dL}bR(-DeKpFpd zAGh#DsCMxnf)R>7=;}zMoCWu<(z~w0vy5HD=4uIgcskI@=``w3EvR?p!&U5^zo<-NKxGAY2C_hgGoKgqkXV+usbXL1zK;)oVe~j?J;Lm?|X3IhPIy7 zcdk4fBIN-nMWnXCYjhDwF>8X9wfPhUI$ADzDBk)q0tW=c+w8Pky-$= z5>1#PgC)9YiI~BM0Tq76CyRmpx)aCyl;;;?AI*iwrei`_Cu(!-wkwYX@OT)xU3DT1 zRQ_u;5Pwcx?*@L!>Kq`^rT}U-hboR(Cy8_BfnWU7Z*78SVA+-_TtvPR2=rdzZ^IOx>QX#K*b27o)*r{^P!Alv-5fy#qPx2CIU2#?g7u}JRhyqaN)77BD5un&mjx7BiI{H z)^%;ya&G?ga{%5H$;(_UV1GYtm)%%Z2vsy0SzP!{u6mgvlHB#RwBPBZXHX+I^+l0X zcA@__N^%(T50i(OgOfli#IVx)F5(#7Pf5siF1<%)Yb*voVFb=M4)oSKkh1fHJhR)@ z*hPVUqoSlT{4<2%dZv~o5n33S&DfDO+lY_tApK1AweK{RwR}Urp{y0e2z8Ish!kto zV4u&`p|=_7IR=!j17=B|v@13sZ`PwtY-sg3t*M?HY4@-5NKs$TOPbg}G%=+z-Uc4~ z=5y|M8u*~F(CR04G1QFh*4+D`rtIeaC}zAwLyr}?afLZ~F-E1XbMIO!E|+yVGv2Hc zO2|>nxD1F)$~dDYN2O1SrLl(xCbesxsMrV4^LVz-BlnfpnsyuEDYS_Q zAnx7nKuj1$itOZQI&c*-Uy$fNcv%ifD`kvTqn04A0ypk~YCmLB#Cy}m=@eMb8)`Jz zjR~;UNrr|I{YPJ5$FXP;paSjKSeHQ7R@gj&lSottq#=iwskcdeWD`P0(0ziaxpCos z9O60rc&hq!;966j)l`Ehr#$t)iOlB>@1z~OhbOO}zO$NaDHl-ep|p@efq%>wgpOGQ zq8Tgetzh&;fG*j6igRDZ++aoMNnjFX4HVfxrVR*}Osro%gKL@HMupYVVBcdHk@WV# z6&??vPB41e9!eVEEyD4W>7Oj{y&RUHSiv{Ojv7G*7yosF?44k)1MJjbY+cRgeGq?D z%QQxqM{%A}jZcli)v`Os>1y-*VzXn*NbwSSjK zqS+l9;0v!)2*5V{NRCS|o6fG4>ux}N{9&GYNO>Dj)Q){R7Zy--qG*^Wt~tpui%1ay zvzWu`Ow8(q86Gg)V&G&1GTavudBggA==n7Xl4E`ZoV8ZRw)>-*S)s$dtv6$&Cmk7# zk&ma>89@N|CgIpxx-1*{$6s?`B|p>;J#Bl1J=5sexjA}G4lCN?2d{wo7KCX|G<_wagdhYbG_ z5-M}J7<5I}D%E?EZlfJwaM*97@)nHMoqy)rCzBoj{WZrkVzFkNsX!qEwmYTg5n|?R zp(oFsPPH2;?+-@99MuZmw1~b}>y2Xllx#L_QuHq`u*7o%ocDc4BgFu3n07u&XkkEu zYsZ;uQnQ@)06M0T)ZS!7vvQJLefA)+u)_ zWM_G9;%dV}v-=Y8%wDV}rWUD$nR9!a9r|!_QNi&UEq}mfthwndc|=kk`)mC09Y~}i z`rLl%_nfiW?=9FdnRKj&5e-}3I__|mubtjG9>(bfuAktG#Br+<&FM^Job)Ww2mjAb zWaGR0#ni0+>_KM4gZUq;byca-YHkYZ-}qDhPCSpAS>X(T)_>8qon^&F9|at$1R9y0 zWnmr&t+Jd%VP?!&A^Rhw<_aHD_a3@16+Q436s12~lzJewli}-+oDL6*mzD*-G&?jS z4699K{}Z=YBU{dFMgbqZPYK7`y3~*di|x+sPYm=0cK@1_d)$}Z(Kpg>4#Eo3q)33G zmyVx}pNSo(k98H4fS=9TwP3t+aGY3Z?2&-;#^H&Y&Yz5Zg@X`XI(|gm_OJ>BgG^ zBxOjG^c9u*B_v+4Ds29lENbw;$K#Xx&%ThRJ^DoxS2BiZs**z&iZ?FjH9DhPuZ5cK zMb)DyJG~93E2M-uVj0i^*lUY+#k7FFS7KKY-c~U`^oqn;ZNDS+#Pq< z0%}$*;N5b+7S(c_hki+G@-9rIW~JK!;QP2PxpRj{3L}A)h$hA;t^dsG=By`vERnC^ z({hu@X8oKOxLz4V8pvVR`K}rvpEG1@Zwe622K_@3R)}@S3lF2PP@$VE$^OH*JODQF zO{7t$1v}L9MpM@Kl@yPN%X>N(E6+8phan;AMV)6H@6--I2gRgh3fTOJ91pj64{SM5 z=<$d=sqvmo*gb8OH!lHJ$@Wo70Zrw1dgYrBcs6djmI}Mo05eUyLPCJh+I(J9y=&~P z4^$vGA?+N3&f^vCvV+$SC^`80thRl5D3pjBg1P-5HMrLF|9b)Jrsm0q4ic{fMsVH(vL!lhp z77AVblUv)|1vn2RP>$(>eF>DAalG$SP$rg*dXji?J~weCaM11#2E8n|G(J2e2YWA| z9%70-#LrO@R2*+Z`eaKvT~{71>VvxZ0IYsQBI_QtHa%cLy_Z1;7g6g<3i%v!$bT&b zNT&R`0HG=7WZC$D5VUeN?^LHk`OMT9C9`gspbUDBZr1DsQW1t7k}@}|3~7EGsb5sx_U~pVdFoOzWLbsfbpZR zVWaRZ;|q?8ic%DAkU#KxVZVXHr0UNQgPMt*4;wJKE(JH;7+Cc+=`SZ3JwYdACL=6d z-*8_26p&yP-uZ5Ch*qVZlzmU|aYt5Rw&BA@0kiYQ6FNyb>lc6xT4u;PV;x=uU^KrR zo>}2&Ip0l(2?)PR`l=u5;PB}juH>)*NUNSu>ip~YX8DI6=W%hE*PVWWH2hnE<0}K) zLHsEle(c;@@1}N^!68gFJ&)e{HOG=QgTQnl&lcv)yBTes+SVZt{9jDWKdW-&S@}zUGbZZq$La4% z{n5rR4I323TBq|i^leohHtQFz5jR?Jwuaynq(^0a?@X0u+v?xJiRY{V;IZ*YUf#28 zQucR%njAyGUY>oSF@sL@0=LJl(E=dJMDLE8Vy zth#Sb@L7j&|D_7M+~Z`s^4|7&JPf5yOA6tmRz10wIn5>N&G;v4cj>UgMS<;Cy;}aB zE~_uU?qKoq7ZK7u1}G>jAEi7-(k&;vv9F``(0Nx$kqft zJ49dnWRRvK-r)R1w%fdRwHN<`vi%QVVRrf(|F7u0jx^ZNPg&S{fjH0a1Vn9_9WGVTSQzLW5Ru6@Ok@Xe)nRd~(Ej#GqjaCca2%P<;AD&rT#VP6 z{S3l4wo>~!r9V})O+1wiJqt*2?z5*bg9}_0ouzV z3kxb0S<-O6_N>7$zIPXZURH@8l`M)*yuy1rSTnl^htS6u{~TePnqtA?X6>>zbD=K&&qiljkH_WdS`eFe#>o&N|k2=MoTJ)?nC zwnj1SMMh|hDN)Z2arTkE6X)A>Q(|AMJw+aO+Kt0dm0$X6BF zywu;fp|YesE>gLdh4fysy1wtX$lfp3Pf5l`(YNRF=v&p|Ryn=7G3zuzJc7)|YGnCQ zj8y1|Thi|Ru*>&-M9x2{JdHj3#4R~mV6GRfL?*b~uqI1j<#OdHk|0TO>e=Kk6Q3n7 z8~o>ggVNwWyL&6cvN?;IFCPgQdD?@sZ@mi|Dq{B_SUIa+5y0#}VHG4MUt&aNJs~a+*`filZXWbOW|$wyrf1I_-&q&PrLlMSa{lNZnn7pkF2wfYqJ0Tzc64Tuz@HcF%TsLq?Cq% zC~*^0Q9&AUgmg2cCk#|dLOP^WQWz=1h?^KG-90+S2w^bxoA>AO{p+~tUS7VHJ6hCPf8RxJVM+|nu>Q}$PiUG=-4?c=f6V-%%QMetK!7w55Ue#B# zQHxcKN6*+#yTMz*9TBthDZk66jL(Ktr$EzToe|1~p`zfFpx=Z~bih&vLLus+*$e*l z*lA~U%JiqT=k&XK_lTrH@=tf>bml{Aib@F~LRHo0TOfxl#26|L)!}2Q&bx@{0s+@~ zFJ)RyK5!=0DJIULp3-D1Wk*-ZqQxspCD(+kCXzT*d7X88HR2-92g#_5SlGHKF_Og0 zEqQj|i^widEormSrJ*$lbF|Gs^@jx5$Jx~X_hlE06A_kig6Jk>?EZpAA!?rd^GDXj zyT0ABdGfS-m=8rR#qR|Z#Ysu~jeFo@yECu!&ul3NVJD(>S(^IycQ2<;2Q%=_j=m-n=86Q%zokGqLyI@s7xp%K>Y&JD4y2Z2*K z0(RLlys%)Wt@nfLvW~oU$54XM;Xz;n8;qC_3nmVe>pfOu0Z{-JH>;J*ib#6Q6eeW2 z_526N4LW}IrY-^3mtDw#MtK`{;lWdYjQnu&w*bPRBJ<60NZul#$jJ@+2)52GAD<_- zVQMjytgnX{V#$*uAo7Pb2`0Ra`F(9LlOQhv49e^ky zpInV&ujP4?Mcyq>O0RNwbn?rN$NZv)*64F^UBj8vzm5ZQPZ!I{_O;OgZ(Mv&{_S+S z+Z?BF*qXLI@oP(=GijdGejS%!+5D}wKX9UufCln#^HhbrZu{7F={G_)-9DqKYd>{F z=;Gm-))W68Gue}`a^nZ%wI3C7;%kvg)s=e6n%gr6cwk4%wbGNEwI@Kd5z6be->39AH9>U*;65v(ra z+O(jAD}udz=`yolTDffd9cl5S9x3F16frCZkE`{ zl`?Xnz&nZd{oHS+u3|=J2>nUU3G8!VVl@{?3|MB6ZYSeqdA|NV_S|1#r`}cf<^Cc= z^OG#kb7J5@-tSUe#8#O|t-)H{Z>9tI&Y~%nIQnhcBPg+^e(}3*kG_mTNR^Cp{b^36 zB2dNWAn!!6mQAdk%r^7_y%r$r$4;_eEXIw45wE{ZHLcI$u=B*lnJMOf&w{QUz%PH> zF#)^WLRuP4Z1-0#Zx;77pZCOYe=&aP@@qGu(sq~yckxH5q@*i`#7nZj=JRY*#FgpAgc$9bH z_pV%#S1NFO>DJ|1j>8TCmychwvla#EK@T6HrnHV1v}Cvy7Yg59lgw=L{JC!r4r=cX zD=sG*Ajsr^V3lW;{@yOLQDMscavuY^zx>?q;OYUB1_cPI369c11y{MR>6Awode5cw z*I~tlGPD*h(WCf0=pT1XE$oLK>a1QRddMAzD+yZpdI;W4ND&hiOTQ3DQ=uDw>VACDZz%f;pFvd*8W ziW0iCRIj#F|JoBjfI8Alb=;>p_Rw#c!W=!+1vC-8+JKn>Q}_hP{plBDwgrYZz6@R+zk6fPzoL@q-IlM8Hz%ssBIH@##`B|F+GI# z|Dtp_nDPRQOF%_5dgR{z+6;dTLN7&q15#PQbzCP2p`Vip`2w1*>wc8%*F|NEz<-hj zLmf^X`A-25k0=}qUEc-zq6jn+p8^d0opkT$>ex`onuGOVw-%4SfQG4>2Bv8UsnP%U z@dC5Fxz5#oEPk%jNCKM#po)%agKjjUHOQ7X_A2OQJ5>LNX$GIS{>V;I%Wj4BPRm7e zb{_E%ivkDHfy_6k5%yi8;}_9-r>KkhzSIdF(^nAQFdu1HNpyI3XQQr?gW*YT%SAik z4y&TIIFnx%8(n5VsYMqD1>z*dmNOsf6Ha;t$$OKOb%?cST8Z3%^JR#{UuLOx#zS}K zj|REfmwc8jOKKNVee!n`t^ZGU(m?R^CqYSBF7B=F>Em{q&bJ4HHTV9Eosud0@(y*M z{tCuwJUY!q)selRmv&;nlRN7;ITxH>SQI--&x-PpdzYGA{x5@ROksGs>~0U03$xZ7 z+MOX`uC5^U;dp0{FKX$wM3ct$pUZ}|Vd-Xv9`Xx;Gx_JYj7^_f_UAVqikD?a(52+Y zW+(0q?{*AeUh(x|H28e*l;uueaPfsn>Qj)}6=!(Dai}HdU6X|$j5uM430%GNRXU`~ z1d;rW`&ExU;#4XvC*v3;jVO^h#{x9#@0Mu;4DIaA&ouzqez>cwn6tb(D3%HZQNXik zXemqpIAU?EhBfGRaj3jQe6%tgDc~$AZWfs8mZ-~^C4Jf8&6tkGYjw}j=SE3@u@Vu} zmZ{d#f_O-E_{3vmf??VcV_W z_8?5SZo58QHMmvoy?8@`>t$B_?#uP`I8XZ9dtW6Y5VFUW4tAG15#h3KN5rSF4W};e zU8#S>Ki4Kr;-h_SHAGR|l`K8=bY-7oUwo5G2Tz*B-aR$Z`gNXbaX(vMYK+D#FAJw| zJE6P7W)s^HJe8pVGDIZ3Rpp9poa~cZVJEPW0%YY8rj5y%={C5z!s>eT(T??;^lGUa z=y?SdYIj&_V&<@+64wQ&{KnplrF+Zx0?eG>o~T~1T>ixR8JHsnL=yLgrHWQ^8kKS( z7-l)+nG-#F`b}-huTSc!Hk9;qtTMW)7pdgg+jTnay8FRpxjyH8CDXP?VhHRN|X zch`RRKm-K<37ki83LeG!|4{eRKO3-Rl{AIIcS5-;SvYuFdt{gFA?Nl-{HUa}(d5hX zs>CPvfr2fqA~tNDQS+m6yEf(iR=0otaZ1$0HIgzF^Dmq{zQ`IK4CH5_8Ee^k2g*cH zJoSnvhvw(v&NBb}QV`35M3Pt{%2<8a>_BBX$#l?pcDSJoFTpjq+Vr^gaD3O4OSuiDfN^;(GV& zk=UlAMd&U_p&hiQ^7idEvxWgdz~{5T+pKhr?+Ka@uI4%E4ZLn6#%aU~qnxImk|Nzh zVVS*40&frUQjbQ*7*3>?ZKj0(-CotIT1IMpGy-zh-8~!FCvC<$#LW4jWtYbzGxs?% zEqdW0?b;y+c~iMfK8q~xrx6^3Tsye#31222eREZ1Pk^cZ2n}>i zC7Yx21*Y zMq7R$$2|8ko~u=oJpVJ8{2zcwN%lM!)`2~Kn%QoQuNythXo4-zNXUn2N^$Qu9rP|a!bi#n+X zL&lALhFF(cY*zVB@{P(>!iu1JtcY zm$U2Lc;(=~l{%)fQeIIbQj zn!i@4P$~-oAwqqzgJ#X73e?5p3}3kFuPmdBs^7!Tg!Z{3@%cf!D&I%4vXdV(`fa7M zb5oY?oG0EN5R~J3HlkFy^=ESuvlM~c7Td4E2grhpe%DT0P*!%L#BbG1Ok@5mZrRay zV2p#m+0k~;O%BOwX|+$+db2wAveL7}{8DI-)1Plx&R`da=5>(s#_D;eVrR4 z5=yI!(V)fIq}d0um20oEjg@h}%1*K#nE|so13K~FHn^!HLz~Nk5}Bsn)Qlt{xldlD zeH)91xmQT_uKLaL84MRblDbCs4{4}Ss^#uB&PmK@x)Y4gI~{orZCGO1 z6J1kY`_qOnQCLGvV+Ea*DTjyS0|~z8Z3@BoVcf-j-sKq>Y5hF`O3tqJ!m2J9VH03b zKJo6laD?CqiwlH1=ovU-riT=%is7q#bMzg3_h5K-PwP+WzVLFJ24(n@5H1mr%bfvx z$DD%9sLDXaDDBn}e#ZuuD3dk@x{TTFu#GaL zgh8e(7cPVvn8p#yVY)hm+A>a?hHR>5f7Bj@%B)5-#GGZ=7R%MQ+tu%c0UT#33pS*Y zTE8}K**s|Q0|mT3|EiMJl&&D+NtgY4D%_*RGn{6*&C6^0rHhE8r}5f5*4XlcHF}{8 z=CHfldk4@h+Nnn>XO5S*)VFV3xk2rG3o5mBbp=1MI~ZphsIEZ3>=9`=z<$&oaX{Xe zWxg1I?<{rcmiEHnRc#FhXsB25Pmg?~CNw6##ozuaNBi zVfk3fDs5bQRhz5CvKXwK?5Hqk$VTB=seKYP%`s0@V{5|4h+j>Mfyx9{RujeH_Mtmm z97h$Ui_c-$OD+~BhczI|R`zLC3Px7ABVR&RBDe5Pv7G&OnSlL_-vv5%IwVsRcOv@YVafcK&`I<~)If_( z2%Q-uB3J~K5@M;VMck#>y#_u~=`K$9mUKB|mOQG3I*7iu20B0TUnlF@aQL+PB%A|( zzLKNfvHD2?%k0<#>8F`13W6f^0}q$~NrV!2|DxE<%hv-xSOwo=>JL(&bi~j1G9oO| zo@q8!%goC$_wXFt&1aG)3sMmm6my*&@W=S|F>p+-bEeL8Hu}1UiK&9EhFxYnQ%2)| z{{jQ=%az<8+}p3!gy7$s6*hrwH~%)beE3#_|Nz!aT}`YlPoq(e@nuUwyPPu2C2-GuBIgy=W{6`83Y!u^SR{4_ZTG2@ioWh zl6xy)Y)Gw$y9clb(95dnZE{*+&9Q#!aGLl?0aI!yT0TmzNLcu7o&oOybE{m&XzK#> zG6*?#aku!=1C&mv$Jsy)UEv^q1O=r%Y)=N3!>I*a)shu&#_~y=s+PiA0TQ`5Ehz4* zkY8Cbao4xm)S!F1=66%Coj|7R&w;AYzO&PA&j#x>{WGT!Ao5A&BrCVOtfrwAX{1#+ zUE2v%@O(4kpr2SDaq>j=L!Cz!Q`wWvu8#eu+KR42yKEE2E|(fvnlavM%gjta?6$?9%FnUE6WKiB82eGL#| zS(FXP@`nq=$@OmWMU-yb+? zA^k%_28=6o<=MIP)}DK;pFX@SryS5siZs2lsm^F7-1Hve&ie0&u+O7`^@mEDq&MVn zC*znm%k6Vg%FZAt&|=~|W79wbbs7-(=*7x(v%?Eg9TBbUt6kqOj>{Zg@MZC_`kmxGn9dkBLADCK^ ze8%%36;Q=y#bJHPCPoLk!p&Jl1LV@&NDp`*0${6x?bHg;i4frzPZEDC27KJ_wG1uP zSZk$ClRrJ&?}GWpxGdKzkkY692IDlGj$T|Nz6Gtg*G1R6%6eKw)K@0Be>PQppbPEF z)Mxpa5$@5`SDV~c!~Nv$ufrh|*R|(sOBEvxd$5D%EhcXPP3SnJjO87Rp~Q6JJxS_~ z>7maH>Sd06ZrEY4ak+4(bdEqAiv7k=dx^dn@P<`McfPesgz`$8%?)1O1wt{vBZt*M zZ!W~iKD7Puyf-Q&k23W)YZK zO@hu_eOO>wA$mP~Z6O+zDTo9*O+J-F$~fmT@FcqFOZE}zdazTV$KQDrJMI?CjAm^m zutL8Yz$t}{I?evku@I0y5b62xcTvceE+vqWV(wVv+!3U*d)_FBTop5t-oWw|3Jxp* z0}M#0)4yP@lJd#rixA6`OT$Lmx(pv1Z5l|R2}((NZ~)!$#ZUngw+`y9JLIPdcvzi= zDZNxBB6P>QjY;lrV|}#7>FnmtKh3uWcO!xzw01vrHJq|FSAYE?$8Lp7O%=VU3XSe& zb2v_9x0~T?=&5$#BQ+{_B;XUQhW5mpWE$Tl1ja7?G@nu`Z~Zl^mT(9hL;bNPDJMH2 zh<*n{DXyk!8I{C)tELUa9(Gn{B=`d@FC9NG9WQ}qo<`EAHO$E5HAZ7jCz^wEK@5Os zjnkM4WeS4VNcj;ABC&DVDZ$EL+5M0K?F+xlN0ZQGJRg&VLO^UJEi08us3`1LbTvDo zM=eV_o{9;9>tWF2mhyAM;PQ4cewPQk?B+Obc&V|e^R5SC)HP;9U&^gdSDO5a%hTIY z8l2)YqoVO-$}vbd8b&WHMb70j~gW_+7UL)^^5H zoj#3Ew^mK7Vg-l1tY)Ouk~T}}Cd1OYM;9i!`fQ(Xx7z_G^vaY7BRBcwWv8YwObjGu z-EF!Dwp^QQ(wk#1fRv#O0ohgJS%95&Xe}!5T+i##b+@Cltwf&RRVOY^D(2wlZWRLF zS3nIL?M{(>3xIXrpKex20B9J|lfqQv|2**i8>jibstjlSvys$W_m-) zbYg8M<3B(iee=_GdOxQgYM`7B05&f6E;8c-#`u2;3$|Z6v1GIQHXe}W0CIc1+%$Lf z$8jj`PxE1Y!(!7#oPNgsSO2j#9-ZMPdjr#o`L0rS?>33_$q{$KqgMbHCASpXw;pe4 zPV2wT1hJStJln1LkeL2r&netl;A|H!AS>v2_Tp@bzuxw)PuJTgKd885Pp|1rc}4t_ zXXy08RP=hsi#+rxH7SKy=yK$FeWT5g8yl5bAC=F$sZBb{6UaVKBlPK7JT9x-CU~5V zDq;JSPJz?TxP`nJQEWi6bjb>8v+5VdCW(8VuZxZU8@$TTX zOKd((Zx-S9@#{@BrR1TxXFhWto|^Fis$uogq`R}#T(KS%*0cvOmlsytyl}~tv7A&4 z`w&FIuf0^-dUYs5(V|em*YoM>9aXIdR*D}|&UMnHVot?uoHdtB1m)`Wv_RQIU9$dI z>`*Giy^bI#7pRBBzjy)R6nfA(!;*GwD0=*-i>T;>fmpfTA3GU(lV{84FjHn@Sc<0a z*p(9c!PNV=vVGk8aKv03a=vj(cAYUl9?0WI$d7k0;aovn7LRqjwlGNODlQ|YstQ_| zER=wc9=*q*)hXS1Cm{Vg>00 znHrV5Xf@qtU7a!)lGr#mUF+MsF4=K*u@<_V)SP3TZ15}7_XVX_gvKJeTq&_Qm|G4{ zjrdHNQ}B9cO=>>0`F5eEH(0jvBYT;(uBNm_qu3lpS>yP3f_<66$G%gw^LFQb0u3>a z#K21#yGWOdh`6w|Oal5t+y>>d`C^0qvF{1%_lV2urF`OGS(5A$3V8<60b>JJRA(hi&LX_CWS{D(vyZQ3Ct898 z8Gx@*6=-FrlXC&$?|42Fm@84gb<7jMc#e zX6llF9~*fd-dJ44ZM2E#&Sbqtd!-Mk{FxDw3Xy!woDs(pH$`=Y+smM#-5@zhA-Jmt zX*RroyG`ff^s)m(kG<()eLWRQqPl(q_!#&Q8)_-vh=0lE=boSBz=`o28Er9|UD2YG zJPG9-$u!QYxw|*BZO#-CoxF; z`eycaE8u1GoA1iYhfKIn#V(?sEozG`nO>%)|YpF6?}pRW6Z|i+^rRV!mgGMw*xf_PbM+L9|?5@^i|n zG9IX{q3P4D2HopI<<1fI=?=03Hmu6oqJzsnCi%iY_~`z6>gw`hL4Wy)?ApSbZ0N?! zA*Kbn>!k6zkRy3S`?ar2`(o@luyNX0!{F0zWT~7B&)0@WG;Udkj!?|r?>r3#c#`>AINIIm73~=eF)stQTe`H zXl`2vzv=w$N3l-F4z)PS>bw4_GJX0t{`8m<|FcI0mV~^?YA&og3StqXvii=WRYxe% z&_MYI_b=RFB}l_MoHQHzg8T7U+5BT!ry1iHi)$kRFQKj3@+OASUfFm7)o(KCK3V-m z{v5HpBG88Nk6MS>(Oh7$zg^@-NZ(FlTgtxy8og#TSqf{SxKX23vlrRc28)TQxF<9#WKIRTtx&+CtOj%mxHE!#a zuks-g38T6f-)8)lqj5ohep;^QIbOLb8z*E1*bIjClh?yR%5>vbS6hxYz9Jpz5Q{c_ z>h>F<>HrmJ3bXcsJ-dxHp{h)}Z|Y&TdW8Rzvh%6rMzoq&D(<1DX^LBJY+^e&ce)t^08xeLk8jTl-r<#0HQBVIM6qf!PVdNeFdv%JH3 zGnBjTGxaxoMg4$t0)&KhN#W05Upy{r;1WPekH+3RZ(R%@sKk5_DAnt^)R9+~2#9Xz zj%Bo32>D;E22o;l)^waaGVN~?>?t)jh{19-RuGc;PY|j3 zO#RvXkJx3{u|l9OH+o@xna+x0E;4`COs>AKYHxpbPtq;0fs#KDpiQ9==Bd*smJZfQ z!ol0c3ltcgQf`XU*mODtQg#gal6ePtr#hREJL`rtXE)KxD=jT;9CKxIE1?7XJiIGd zuz^L-{TeZw1sXU@ZN>ZEYzkRl&3fEoFhQf#5Yci$^J<5_w8q7nz^5Vag|EySnd_?J zUQe{+#4rx>cnzxKKIz{5hC0(JF7`^K>h(y1QlyRPS3=WNTnUAx73_aCTCMeF$W}0x zNE~m@N`F%>UX8kZ37vq$* z7s%}|2R>qFdy@w5A3N~|uAZvjW4Hu*_&UKsFnwgdcm0Ot$437YzREQ_d4HC9#yuz5 ziBqu$7q-JH1@EArzUT(j%)L{i|1BeJw^bH^?Q;fAR{c}IPpi7eOxY3t#U*W#`sJr~ zRgt2g1O93FWY_It(})8DAH5ttXH-VG9Mn!5ddSb~)wc_&Z20WNZV`f++<);}X$ z*Ph+=S?Y*tfN`83mL2NOO$`Jap4L44)pv78p--IK=}M(LJ7PV?y#8s^(5IqbKa^y1 zmvT$8o4Z#3JOEwmZ9g_!R%J~)?J9B34g*4OoZI8`AQ}7i|GrPcf#>%vdvZ~{CbF(` zjeb=~PY%zx1L%fC@M+Ic0$2+Y=%uicZ-^~Kf<;7)WFl<2t^2K97OemRpoAxMz5bXx zw-`0N&0aZ`)P2CP#@i4e$*G3E9#<(MyPdymTcaR5GHCq^r=;A!;q+YXKUH0ks32G`@3&z@+ zt8XjD9$Skq+~}zeLob+vJD962+A%M6nGYtK$~vd2nH;F$YDIcGPvcLKyi?lstvROq=DTQh3!t{N11n;5q;z%qKOoP){2EgVmuoX@1m=aS_1`heH z*MYfI27@&#Ep32b@>@2X*iRiENq~%dheTTG3aNbxfIRh~#u?y~SNg-WSsYV+jH<0J zaE7PHp@KdQR9D8SpG~gfLtMQ99U6}c}{4OJf*5RPpx`L zETR;f4`&k&n?p#k!<2f(S;@XNmt0q!ZJ-eX5}V*3X9jo&byyd;N;b zYUmr+VIpnDJ$zHp0{5Ue!wv5j;KQ5x72HR(pjcwOrqCvBi8!EMdGL}}ghLMyBq4P^ zHcANH@6yuaRR;USgEQdTVBX1gOXARHtN`ymo=|~;e(A+Ete%gQw#T{hS3aH9UBE zvo5b?ea2PPKOs@``d;477psdRm0@0lFXApry0ET=@2I4cSNU1|O~Zr4^kxOOmS|?t zAz254f5={W;#NrJ3#+H0q3Xdu7%P7x&)D-|rYYLG@g z)tY>6Wd6LYel^Ww)_Z)^oAKb&f$RZiW4}A6^P9O-&eLAkL2aW>tW;)zxB*8c$8h4K zmn$s?k;Tgv_PGMWANEWqOrhIbKet+_(3KUoA|{`kaj3T5*WVznOCw3Gxc z1$%4AQYoLe7ya$E$6e6!0H658q215^o8`a7&wF+U{~6<8ta&`P0)g2}_#cwj(F zlgf%Wp`6!k@c-gPnBiqIZM0%B5cf&Y zIEF}#Dyn8W5ICY9OAa;jrio$n(=k=u_&XpOL8|z$gK{=8P3XMnXd^Zs+;$ENuD*!M zJcI^vzP)O~)us{0n*nx1YzuW@7OP#=L@ACrvr}4UHq)d6avlR&5I(b51$0XB)V=LC zZDPq6J9mP#Ne-ebnZFnW2&D*?TQYxe9Zup8e%CFU!J)c1D7E{viIBrGPdR#)&Mk!| z$htTWCJXU$z#nMYZzLJAoC3sSePkr&8t#B!7RLXJ>>p&oq_0|Ge{}MiLRM4^x!1`m~zB-&gP)4{|bq$@gwM6;I)ffCYUM2 z0^Qx_<3}L3tQW4YsRT4FPcRIC{yb&4v87vK5|g+CTnC^>s<@4~P_WqnwWas8h9`cq`j9 zYPd5cuFd@?F2P-_>sSZu6SPrI3UmWaYpkEtDxO-h~~ zh~?o=ZpQTvf&++#2KwC9B2q;l+Z5DljJpX;6Ha0}p>){&i-KQ+Rv%NzakgKZM90p0 ze4zR)m-FYD>itknZyH+wRPvVR<1m=v3d}c-5AG@O;DU43JSodV)Nng)Y}ds~4V8gO ziRJzA!uWU8GFV|36B@Hp6(0XN$?zr$NS%gV;}HH4bmPlEoqm}EHqc(VrH<$TRMT1h zC8_A}y2Q-77x#P?<1PcWPM&pcJArP|L>=diut%AV#`McHc7IfsT?KTO9sF3+yS8L| zS$2yaZFr@hYy27~Cx34w%j2MDv47l{!xF9{A^)!a&47mhS>7Ei$3={9Q(n-PJH=Ya zd-wH4iA|?p|EsL@dt}e`(E1OE4+>Z}qkeMN{P^j7-#TtJ_+qhR8vG~u6!P|I@E8}3 z)3*P6#SnoymrHi0Rx*T|+g>%--NtWHhN$DfP<3Ugomk~@jrL@EST>AD7-bc7)x4Mi zt}bBN<46&)zk%AP=x5O%8h#{il5?)adcT1`sZnHRjYBcw9!P+c_Z0aA}*l4WQuk2`F!8?Uao$b9qxZ;9t5S3 ze^y^PxD%B3>#tj7xg$I2-}{$+Zl+{E1V*cBF-8Z7mpeGbcWY!BlMD3C*!e%$Q9jY8 zI6-U5;>561N}bB7GLd+47n zwCO**Q%pZo6uWaErUkUrRf=+Pt^GT3VpY+0clV zD?zVT;(ho$S^*tMC!jU~`;eE4Lwz!TQC$|@C2$-%7nOka$dRL@7V8zBuiBys9u(f} z0i|jehpT0G+#gtD ziBm~J0%YoULZUr=9@cYP3x>z{aYi|PDY9BukdIpl@Htt|t$)C6Oz=i#M!!|$lS0ug z8UAKXTCIEeDj*~@{c4?l=&y6M=4|YmVA!ta;rfmH@_d*kXmADY%AwxrbD)bznOWq~%y>u9^G4*N+MTt6XamAdqAkF~o6=eBW_QvU0@z zH=;)&`t-d*BHzb}(`>Y73639$K4|tVI}b!GiKi=jipAo>68cZkH#_}9wNyRD+?BLU z@BWZpxIIg^Qqw}jpaOX9O(q9LgJB0yFZ>;3O7Jxs2KXEHEq!ybac^3AUhg8OgE8<= z4H%;VDcbbq`fU};QSyz@2^03AB`;1F0BIqn6q->V<|9UQr&K=@LRoCs{eG~+b5K44 ztD&IOLdVe4ya2y-VEenE%+SfXd>p`*6e$jv&EXfkWK?sADg9iTOBLIMH-!$ZgLt7~ zbR1xZqub@ZV{?fGPD9C5&eKNS0ssWf5LTUicrcz#GfR=#BsCE^_t(ykuob*rSQ<@f zS6F=LMByO;Q568+zi+>7Y^((T}h z^`;5(5$$=n8qYre7A!5;l;u#|In+7DC|=zJI#eD~9kAm1>uBr_uvq{Dd$|w?J6(yI z&T)EWe`M-6LUDCqqvHYR@_Z2G3l^)2HqAH+G0Mz&BxiHDIRA7L6x&b?lq6pFqS>M} z3&!$Fk@By4oR4ltgYcI>cT(o9ejX3qT~49>3YGLW7{clNS**~O*tx}VPn`Egs|SII z9%>ox6tTO?Jp+EWt{JOji5pu8bO@Z8Bj7cLhf>*GnhLH9M$0d=&BweSsy$&FE5tck z7fyTRI6CNP*onoSCi}v?#LIA#=T*?NDmxiJP7a!GnF)muMNWmw$OJl7pdxVa1)C&X z>hVA2jMl3KC{PNekW|2kfo~kTN&ly;st#2n*5l|ucB`v&CA=u~TBm9Z9HG4dILA}7 zf%xmT7<8AV|2E(w^_qB)WfvMSW?yFt4inW*WY2VZf;3thy zS^A!vou9ACUwR_`$?pykzi~x&LFw3jpjK2^>HcEEwScsnx<&Z{w}6+QzM2wbpxRE? zU=x0{;Tf;4hqynm0~Y2+a3?SH(nb1jX^7uEqG`_!7mhr6*1Y*3^EBh%%c)P&V1DRk zCzt>80?6Nw%kmHr@{S4=y(L}GV#Dt>!t-(v_WUOuXYP?9cc`JI>gSfC+k@c*TVaj@ z0bl<4i>?>C`Mwt{OgH6l{4x&xx7AEtr*gbrTjlwm+`O(=j}CGscX1W$j?yh_2nrY^ zzk8)vBvd#0iXWxI=Am6MRkHaxVCAMYKJU$3h8*XA3R%g%J-^LSVP86ymfh?zMISR; zb6(|N6{Pm0L99L;QeDV^hO%UAbx~yK<-Je(6-;1j%hh0K9i@>|FDILmYB}czkMBy! zAK=y7rl{l*E1`CQ56-&5JmjxFhLA>&ocPZ^wEcNz@Shg^12&SgDCFnP6c5IAH49aH zVOH}|ee)dmK3b^%Rg4BW>z-7LvOKkXkBt6IGB}o4Er0SmI)st;0JBgPl#f93xc6wJ zg#pSfr*XBH`0F%sXJbB zh1{O4p+%e)@UQYSk}O3*2hD*j!S2x^-uUYQ-;Wd)T8XN_U(yj5^OK;rXrB?Eb_^wb zm5|NXrh+qohdhMR`H9*bcCF_2&zJF&U`n_z)Vhj(2!c_FyuT6^T~H*91I!{ z(R-Z&)J&5uMS5*UapR_Hy8x(U{~ntr+z(!Sic1fwQ~6%P5PsiHlKO_<3c$cbSxT|m zhR%W7U*W|w%t@@|y0!rFl8Ph_AOp_yi2D73!{Ss7tomC1ZYx7fBb-%N=%cb%7tJy0 z2HxR=UM6>Xm+e~+>n*vojk#C7E^lW)QCwUOyJOYNSmO2noMs5;aI0=G zvz$JBS%lR)vEH06RPY-!<=JK4g-5m?ft z54T*xQ=(hrvlL_4dwv7`H?Mg&03hz*Z8<}j-|OF3{ilSx^8Zh*Z{LqpEFWM}H?ly$ z>(2>2J%#$|n=_qtt23k7=@~^C%Tx8Ayto#;=QIQn00d-JYwb0@>r_39Y|7;rJVrx9 zm_Qk)U;QA^kzC3oT6u~L7-z>)%md>JcC4vjTxk*DfM)aDgC`V#XLTRqmONZje~-v~ zZy_m4EW75Sv~2Th079e+M`aLVP)D%?CVT_6KXk$wWMk4W=8M@VUg|zuC_mQ0m+o!mwGRsDLY>_) zh|8FGU?!0Tfa<7>qgYb)mrXJJO>ik>^Z7};H=S6>83!o}P3l2=wc{yu$4ythJ>=e` zP>X;eD$e*n{5jRjJ(Yf|$|LM@UYw_u&UVYJ&u4^1`5TDd#q(SZ^x|geif*0)8$?ad;^ zp5`Z%ZQ%v;zsJ(4C7nTcMxuAWV(1i6924!DdErj)JgxX5ov=mQbvsV@1BEV33ysU` z1z8%9lpBBscuhV-G66t!6hZBRjMP7Q^XM7Os*QKe&iz_2c99;vS`$&`r2W+PbwLFt z&&q(xt;<^RPyqCxqK!?tmY-&Z)+$wkPisH?+EuLoM99$7wysFbh=kCsH<=pOUW!0p zy2NYu0j|KX%XCq9O0v+}FS*}^s9axM0MtHqTMq@$u87zu60`=jo+cKbPh8?D`l=k1 zWqS4GnO2i5i`5|$1TAyYdnHCe(qY-vy3=4W`@KQH9SU~RBb6i>5l*gvWFMc9C*QKV z^?WDvzs>x%8ulgUH60ajFhbaC#9s1?PA~p;K(^p-4n@*87U$)WjesBeS#d$V3kk9b zf>QA@SD82iM$oU_wl5hx340h3smbzK;Ic4BPR{pT&ZhajS>MrF?@fc}-VEOtW}mO^ z{u;-Z`I7!9I%a!bkV$txHC(j3Fyk)==suaS4Cm;AuNT!PR$IOotC;ley&d2BbK)(~ya2f4qEccM1 zCk~$;p*$Cfz41fx?zn-cgp2+2e!{<8`3?$uRycjrTkv+dL(f&@I5(lM``b3YJEw_M zrp>7EA>5qc8}qrInlq|$Vc+x-GtwgtFn@7`zoRMg%T95NuQA-ubYT<-zbX&RaPg}w z(lnd$Mi@?4)~_|~!FY|t5t};?HoUR1SB=qG{p+SXk0+j0(W#>xm{I$HpPtW$&kesh zOSnO2s!b`J>Y(~lRJ9w)R+WgzTwF7Ja;NkE?P72VWr_lPBH4C`{&uv#jWUw8|sJm zWt>;D*-sgllBp-i+K7amK%T7M7IXFu^X@D4V{f4S$lLm*Ou3c7rmgLYoBWbLRh2#U z0HO)s*qoWxW+-gx^X2($>xHjo-kU60==uKg?e@gar=P_tWKiYtnbWd)0z;Bh+a7b* z2UE3slE|}9Qn@p?klj^69Byejo=FO#K&(ojU^d>6w+n-~T&onr8<+F$NPmRU8zb1h zW}n#p$Nl9CJ~L$2QH|%~U)1}F^B?Fvx22y}{x90+j|qhn7qWIRaycwBUi+}(DX%&c z*1t#SWzAQJ_l*SIqqbULh?YSs;LWc43OO;}zArQ9fy6}_m>8W9 zinsQ*nw7=WYQPDXV^o`RlfPs%Y*yG(>8Bg^oE)29NEcSc1ue@!sgiu+;dfsQ`q`RV=jm2U=d zs+=v9K1Po|T9X%HRuv`ECEFFlZ2C}!H>O4=Q_)h3{zEW8R>yKhP{9$A7N2xYC3;*IiQ&JZA7yeAD6o~6m_-&2b2FM!OT(>2Xcdeo9 zc^tSS^XEp5^JZUW=*H*<_UAad5=&FJVly=GYp3-r`>>;_NV){Pf-qS7d4;KF45PgvqRuIE5AD1EYk+GMBm6$rxs5p zyKXD^hhi3ocX>+)?**^B*2(%$Fr!Laqbb{ox-Gr_)P6b&Qpne`LU;Na+ z`LIx%kmU=rZ^kIU-&M&PtX$Z`cIF2z9~M0y1Kr91(OSKA>mQ&|d*__@(=`E=&kyTh z{?H#=`!*&GnQ2E40S_}LsYee{eV3TG;uNQo62nbXmBU|(Z%!A7nkI%W75EVTokPAe z8-6S0d%5~IhcYw69(VHz^$W;a#C!rQLvLqC@@PhMgwN_`YGmHD?(5~l?Hx3MvtNx_ zz%w92zh7SyeiHG&Xs& zxrvNard7~<&iRYL+gKL%6uu-dh1+#|j36qOiqC5uOqUR0)_*Iqc934YW)tNy@cFd+ z8+O|TZbYWO(GkQzq zBgIo2`(JjZpcl)qZ~D-p`oH2s=|<RL#BXl$~N4#V~xM`iX<>f;LMqO-%jI)Cs8j{d;5qaiuz zR1U$x38lipOE>MnAE&dtBIx2Cd=tkL($1Xj&H8>Vgad{{g6y~yx5Rg^d2&}a#ym+D zj%EImsGuWQEV6a$jIWSoH46v##yqHofN98W)iUuI6#iJ~@j;0qXI6n@Dfg2gF0sf{ zrJ%S-bA2ANL#+K%#*3&^5VcTw_&o}TO%J|G(T~$BRo@wcm}ZQjLB7)uwql?fX^LdW z=kc0#pb~5RUMv1~bNvS5ZUU8wP)S>(qvE%G@;h-ltL<^B{^U3_yF$T(M1nih*2}@` zfor?SA4v)9<=sn{%SN)7O(S15v&4FB366BmP4yE|_i|ChB1E4L2A3Y{^yTOqFSl&J zUDu--3Qd9V$r15$k%2Q?GHA{xPgG;>jO6+67;DEBl>N-F;;COqlzqQnT7&7*eoda+ z{*D}~wkWAjwiZ>sWZ&;j7quU|Q#>=GS?qtfjAm(>Iz=P(f=J_N?lYi#6AmqDP77rh z<(i00n}x#)7nYU}!&W!%Zw_Im6?^V=unYTzv>8ID_n76C2c;WSyH&q~Nq;ZLmw78K`iaD0P#lxRG?<+RoHM?%h52*W4*P{b{HVH}~n64^1N!p3Bgyx|Q_xjLV1C2PyK!eQ?|GNU?Qgzug4N&Y*0&1~I^XK9W zVh1ME=ipo80Y7>m+}U~XhM{sEI<~R|3cDB68Jxjx$=(m|CJ@Wi=Z%LBm41gX7L2bq z<5{|G8>*-;xjZLqY0ev#D;>sE=0A_LR09D26At7~{#Q8QXF9R(+hQtJ$)c5>C+lKU z()Ulx8yT^7mWIoTJ;RJ)Xno1V!p?c)e8o+s>E#PB{E^vJm#xGJ8hi53lvRV@VGm;S z;G?5qP6uLWD7x`};FAn|CS6XraVom)&FeF2Eh@&bnqZm5x*zgIqgKV>2(x{M~LD@qOD~-(1=FR8e_dyHSFHGdhH80aD zx7dol>baEy?d=!pa<4LM?qb4x&s$A*E|#UiW%bhD6?an!$ocIy%m(&VpSWdH4Caoc z=&cVU0eW*PXd-t>q7zy0*V*lpAa1gBHbMI^tvyChc||6I?77F;oKql#0*P6fQj1Ik zahzTRsfwm+A}ZD5rw){UGjJo1iZL!tknODky=5Nm{D!23(O7S(6zd@N#y@haFXFV# z!->yGYUao_!`m}{JY-Lh-953IP@`6{7wjG&%t+uH@SP`D==~_4d6&<>52?EA)8lQI z&$J|szyggPk7Qh?fvct63FFnS61f7*3k8b%saenwcJicZB%P6C?0u;^J?5$S`1I&; z&$uxu^%Qm3U5^Xe+3cXn%Lx`$U8uA&DeF3ZHl%d0_k6eCb3Ag!iW)P{&?5iym_4l} zzm>kcDdmdFx@r3MUGrJ`*Sp4ez;ddZ~v zUvLlTiCewh10$2U^K|Pm+PPItX#4GC8wRe4J87MxSd50*ku4@79!Z58BfzcT73dDU z=^?fVYF~0Ur;>#na(6bRiN?7sp3BYhM5z12_HF-}pnI#ArvbJ8dE~a#dg1(HsJVU% z-s*P%GwExMQ5wP|2xb0GSx}RSfGPJELv8hce<#)fS#Ex{X7xKysb0RQoUgiA5RnFec!fWWSehV1=9b}hGC){ znpWneak-ejHJ|m#8J+oGF@W3FtcS+Spvju|6Z2LT394|z8GYul=S&PY+@xTCXs$pV^q%kiVg8>y|JzSnCZ@#I z7rlLNJ%`MkzeNo4eT8W=s{au9I8&jEIDFg3&GuOxFD+KSjjH)_EB)`--5xst|9go%2%N*&mt3&2?3`BoREm zqFDuk@Ndo0%sc`dhn!p1U;33l9zKi9uQ4dbE^OOLp#%#@2J&o0QDw4xmJSU*vTBG* z>bTeBnNTt>uv1j%SEdTtY-3KH-FcC#kRdN4M|!qv#QURwJq8<7XJP~P)7b;gJGNxG zWV(b=qQCF<-zMZnf?wg2Joi&pccpl1{*P~=r6^qAr?NC+sbHN#NqUsKGr^7u^2~3R zIqVTF=)6NGyY+FQu=1p$Z~Bi6SF%xc(Yqohnb=*@vyAag)LL`0R1%KOMSCIXWPX~ajMT~Nu}=zEP*JXR9yW3U|RGAaA^emaj4wc_u_YZJCnLcRM2&L z(9?g{cmMuI3fv+E?lrWVIB}xo*^-Dj{(m3U<3#fH2aDz=+e^If;F_2t5c|W(Msg+c zvAP-WigZInfW3QG`=h!sevy?EcgGQZXihz~*!+c;L{*>n>&4hF*9U*oi}&`WmpA1JUMIHDxN4t*25=%A%&5* z?;4i#NrRtcw^4lVm-^cb3m{o3&jm!8 zF{UPAkue_BS!i**=d8}szNJk){=tVZ?9Ox^AJuDE&k#;M3)h91SBw@9eVEB%xx#Cr z7*!(ttOAp`F9D+0Y4)i>V_uUd6fZzu`IZbwzQjA-Xtf=i0ByleXcZQ6gRXhag5uV+ zI9bY`z%w%V+V}4wcVE2wf+jKpqrObq^H}L%aZy#D2Y+YBX6fya?^=-_?k0TG?f+#% zG08S_3uk7|efqKt9P&kN=4jS_<)DJcmF4AiEv~XyLQgqC42}(5P&e~JxA+2sJx$+I zDe%glCR9{t(yf2uvguEfU3bpOoLWOrrHSgJ9&jl+^byCjPE^SuH$%;4{Q z>D7RVKCC#Ogybi)1qTp^$Cjjy40WuIvnDqkc~tAzpC0<&WxnVNbLKgtbQv5x^Hvk@ z>ZEjgHS$Kd>I#1Koilr1c^B^$ed@_wanYp6d_*CxfLeP=Fjih0*X(AUfaRE%F^w{FLK7AJo3Z}zfC>CA2T46$1v##> zxl4M=8u1~7yky{R$QZDh=XIPxXPEJoJ^QTU@i>x-EX?|4ww%VWTk5~1u3^>KAythm z>-V;Fmn1e4T(mn0AT4p9nU$=YC%>6I+m42YT7+_vv-1+OkJ_62R-G>5=KxPHE=P1YcA&m;)sL9y$EY3e2^A;w1Z6 z93udOWZ>D3!LyBz;tToibb?pC)s5tW4%8@JFUktal=~h&w>=87<>$(y5sZiu<_{(0`d{)qW)EV>P zEmd57A-`6wQusQHKdkymUk3Pgmt05kiTqWwXvhKK1;-!GkQQkLxe&DmRWwjT5R6=_ z(8|073+HJ>&(|n7xp<=w65U>6`zivnaRX9-?Hpb=I`j+F*SOLh@+IO*KEMH!dBI=7 zKL0#Mi~!oR%%HBh53;>bxzT1fM}HD3F3SCsTbd&3U1*XT-ep4}h& z1Srec83YOQ4vkaN1OPX%RQ(b`C_B2y1;h;RH+eZwj@#G1E1JOF^5Eb{S}1>}yW{@X zZih6~AJk{_i0iX|ohb2tdb$0J(CX&M>N+ia_E0#%_`cKKXGEx;NsD?j?)OQC!=vLG zQCw#qBv)i`IB&nq;5;`PxB>ZG(>0u*cz2~e@bZb+Mk$SbsNJ)^bwJ#D$~b~J6sv}+ zVHX!mDq+3f2R*a(dd-IEX=uI~ggg$nAjv|*gM7ZFZZyi|vs#&)7Uc#Ggr6S{C%LrSFsm-$qp9b^Y~$ zEag`5fM*&b6z}lRGXxs3=|b#uE=)_60v(WuOJG!W-W_pN7_URD9i9`m@&_ zkoUxHdAoaKNuHJrxB+`s`s<5PLoL+vlA&8dS~prg+3m5KFO5@ff5n)7s8^$2_| z>wZ)aaVNa8OO?Wwq7u0#j?+QZenPvfM_NtMxmyg3oM>?BB3NxXlX@WmoXCUd<&)jk zGi3(Pauho$P^`f)`*~Vo{_PTa0wU$%U4dC}io}P$v|(m)eaZUDM)eK(y-*8kR50IW^y9os@O) zsdXPzX|bi0U%Mq`lsH^Qo!U+7<(a$LU{ zC=W|D^WR`x@nMkj1V0ZvKII;5s$@|w)^vFRZEG-=X=v@A*qPGP%v&}ZsVo+^9a^~_ zpT9;i&s=Q7{ndW_$!5`5fSCdi0+@b>{^g^!T7$r$&t{1w$jR1-Q-^D>rlrAWEXQRY zW>$H9J7s4zr_be_K(t9Zz|&X8Wzw(F2>E zoV1X1ofyqYDys|a%XgR!nitA`h{Ke{SI7#8oUUr6waQ~zlJA{}+v8Wv9Ykh7_S-zr zJ@$wmq)Zm7M!qE;N_jk)2<+13vJa7d1td{@Ih~0nSnzxrO#XA+b>Mu%lC0CRuskG9 zYSm5@zviv(nDQzs;Ub~&7k)(w@BxI+X+lxC0pP}zOkNw}-phTCOq?;DBv`Gu3SGa- z`|rM0cA~rN;D13DrGvrxi0a~_)6ZUk!^1}o*Wh@Uxa&5#_Dj@;%6(vJJ8uSXI$1ZftouFBk9ldQI#7fiVK#$(`DD5?MXSA z&P`ism7c|yH-kAdJ| z7hoI)j}kt|Az_Q-GKctfuc>?Z7ww;Ze;`e3sXme!sx z{wQTTvO`~2eiKLEC%>stGIA@?)2L=a!Iko3+Zr7QnsbR!4BIIFA%iOg*Yk|{Ve{Ig zwj zWp#4WqBn!9u@qEi&WJcIdT_zh;)9THca((loIY{}H~@gB>u~*n74OZO(3a(E@`cF+ z$b=pMXLmRl9pEecr(LB*yQDCwh>Bmai`p_GMbaLX>{gP0OA);paJL>tzW+ve+U1Lq(A$7b!U)XE&Qn?LEex`=bMk(p zZZgd}Z>LjNW={Qs0*^*84Bz#y-FJ%qg?H3n4AL(THeaP+Odjvwsn7>)JBe@iWH3Y8 zD-)7?JEwe7cdFCyKhoOsbSRmzLP_UB7d>P~7Pjo~EpKG_+A}J{xG0*>@|TJQX3wtQ zGXK84FP*5Llg+&-sc$#VTHa~x$>NDMR@c(`@4FJ0NL~Psp5R4jeGS#Cc=a`j zyVDXIBZxHzsar5*r}c~Gf{$1c*nw1TIBmG#V&oy#+xA%3U@=-YEIm7*HrW{!4iEM2 z+^2dsWvz~P<(|59tXR9$pA;-YhDL zT5zR=dj}C#c(-c(F)sR~zt`sFZ;?X$gnnVJF=U9(g8aYzD2&l%2d{aK9562VU$@R9 zhcV;9RgJKmE$S}#i1-@J2ZL{4zJPHbR|>UX?py{EDq=$DBc*$CtFxioJDz{d4MJgv zU1ni~2m|+1wm-41a%zFd{ObT(;P&mve&V(64Opb?7A`mPO&y zsAf!WRRG+q(V_|1o3(FicA5DEl)GST2-?tZNm}>A(Mr&#-c4HI#TK$?!okPQjwHfz zGU1i5NR1$0$NJ}3DMCXM&d&n~cD(%L-2Us8C;{ywnI2MpIS@7z6@x(vTPVk|wR2%} zs2AC}QyWVciFo^&*KyItDFyWn^`$#xpI`Pa*t+(eejclOTK-?9BulNU{M#{NOw@5f@?dWk5?i{&Wf<8-TrJblpFEx{Yr)?dh(!$`jw(J(&k z7IIRI%N)?{v832QTd+r_&x{D+PA6dhYRWDgYNsqSXI}=@Z#4E)WqdB%Z;Uxn5b96R z5skB3KOU7!w;wCj7aG*@784}mt6nSF;L&|%8dT&ms*>ln0?|9}75XttP^6i6>{Q?W zd1D~N;U?oO-q}BadHyo&>yb-PifFlN>(Q=Siz5H}UTpNo}<& zaqKEY>faBTRLAgdtyVuZBotK_eQAz269R@rX|)OocFRH23pwb^PBN#id15x8_dJka zLU+z$7pos@85UN{s|g*q6KwVi|JKQI8m7FX+f&@fGU7{oq_+$I!@}WzxT#Xc%Y)Kf1dOOv+0PP+W-)T_Y_E3S#@`HHJ2BsnsS37C2_vm0_NRx%E4MX|7JTcRmu7xF z$`R0OnEv2SF?5@>_{7HH+T{0b?(`TsciN~t02BPq+*!6MXvquxQCX%=(M|D_U4v@p z%dt}pZ}v4QhUOE3#5pI!q`!{lzoG2qc&(?1GLI7C8G{g67!WAC1atNIBtmf5d$9YM zcNHe#6j}y|LiVE9C&Xi*X2Ib#!s45xdubXXm-V;gBsi?kYB+u8xSM+#1-_Ah9G)u$ zAcu~vUkgup+!e>Uc;0$^An`HUSM*r7HKW3lz2Iak#O?erUYW1;Iy9qKj~An)d&GKu z0#aitUq!i&D#z{?C?59*{IQBYdQ-F+oc=>Wl17}6=z`^*;uAfWJg1u`5A zOj)v*IVS2dqzYl3_5LH$vH$!96;wsKutT9$#Z>7chD|ZJLzrF=4Js6jd1Y)xns}n{ zGzuq;yix0k^`kaipqgFu^)RGC%&B>AMq44cf;C2Ge7A&z=w!Cs;*AZUkBeDG{yGyB|Xk zuM#$>rD>nf1_d=TeqN%@Jg#EX$uie6iFnL^xkmGl`-RSG;neM*ZtUgWrX|Hf%7qY{ z9W_vKvdiaK2Cyf@f+QAed|cdX7J*%BVI-8$2)WOHtX{e5D6OMnq=H=4nxMGraE|jI z8p~D0x_QF5!)il-BqH65!LHTBRX zVNde_joI`Tb>@hfz#_-v;nURaHPs1?u}}JE$Lfmn_oh4FK(g)ne;I$NddY)VAP}S5 zRkgtk%;N8-i{+m;DX;ma1)g_%`mL1xnM6XX!M~xziOt0wm5ZG%-u*Rf_`38P@BcS~ zoLi)C)7;*1lr?21J=^dP9NxCV31j;=XLuni(emG!Lp!k72(;aMdso_|)8}G*AJ~_u zeJ#b2fyp8<0p=}hR=ZNwV54(@VOJKEQYrW*J=CDqd^`G@Ft{C$VUka3CaEPbC7q7-Ww#hG*e{#( zWC}>-clEM(2v$gvOPx2G7+r|n5|by?sLHD!LMiW~O&x9*(nxqE`Aj6WhLiY!;k7X% zHAMgbqvoS<%tll#b0Tk!MYKuP6w)lhbh#JXct#K+8NVvw6)L*ZT>1Yuj{PoCS|JYbndVn=I+v zBKt`4#S9n!y6yU^&bLpMGiyIEO(Lsgv+8x)W!>WG^zs+6`TEQ6xyZ>%r=nsRjtdIw zf-w40(_@)7gXs#-lFQh+^7G(mj-Xpq>v@IjEATEP6fh!FGq?ujcEr~Gr_LOb?hd9PqO5y~_4=67iwrr=e@ zb(lH;om+4?#u!J(U_MBBDXXTXV;UdawIxhCwi0m%)R9ed%=kM>{k#q8?OeczvJm)T`F0Xx?^4q?LS)><9^IuRiXo`wf-Ij+D}PvCmffo;U#Dc zjnZ$Sh@`^rc1XAavDu9V4wzv%+ntf!Kumh6XcG})eKs>>cI_5Sp?pX+=6IUsHz+sSD8;d}?ErjxHfKF1G1wf@xn8?!! z!R4o49jEwpVO988Z9nn2KrYzWTLKS{@c8U1luXSF%$Q={#JVn#vC6%y4fIz@VTIC1 z9`{@QB&Cy3>z_yfdoJ%aFXF=$W+R>A=>%8PyCNw`sy$Tq*m&~8b@*uw0BxP6v?||r zqZvKX{G1AHRP{Mexz0+WpdWjMsXTOEDY84u2McWyDCqOOW?+BwmtQIb3+Dx1+3LYB z##vyn(2wKzK(|WEPq==YFv8uTU-Yv|u9Wjsci4n2M{il(WGJfxIEKf(CFG!P|)gAogec(EQ-<;_% z_YQPo*udX>BI)TR;Axkc)gS8w=M#6bazP*kq$a#}q|Bb??fh>0XxQz=|KR}iEg(41zA&%{VBrHZT0D^1)S?H*^vZS^PD;4kv@k~}*9xK}A zW;!QnS!5pXoHrB?loki*zTE)fNd>Zs0-jUL$E}_MOt{U5O;jwugVp@=4!m<(ghW1j z&_wN#uai$cO7(t9%C3^{)A8mvM>l0n6bxi*=bHZ$79n$>q5HmZtPiVeMN=rW5Rwcg zWc=#FeoE?AB&aZ@vO+`?pN(yF7PSFUD>zdsz}d1aBMGPBccBWUIY0}fwQCOqKb^_R zP~ZV|UEmj85l$BFG8^Hk|lw)seU$p9ERkm zRn)S!t7cwBE6KkJ>JdF)GT$iG0y?*yU$}QgbEj%XIsKE2t1sN}pAonk-ZLCo*5*$W z#qPH!+-VCgO>{6-{%6;95m$9F3kR|QiG+olGB)*G!*8sdyjZClP7C-fIg@Vi7bfzi1h*amQ)+zv;CGpnKL8gO7G+9ThgRk z5?~|*i(|-S-<;YKo5-zDG%mW){3F%|SKK!&sm_4kA91(>PTLVQ4>82XETDnU6J>;Z z&fyW1?*R&3ezSV{<|q>e@O&H*E}HIpa~CdigY@v|1>l02M7HpC9HlNRoQO@f@I9-= zE>&AWg`iajUZty&WgdW_rWJ3D#<&kuNXwI24R$9?{roNd4Uu?hQFTbNTyb1zl8_?a z#@p~fY&WdOu3x1CbVSS-GWx!3N18WCRZS_7B&bXhMsTcKcVheW2s4~5aS9MvrDb(A zUR6+iBPCcJJf)eZArznsQpBOkc$;?7iv3iv;{_UD&+>b4g!GL>egYL!b7V1=6to5> zl6*$R;?F4hLL{7KR+Pdh<{hmoUn zNMO>|M@foQWC#rFxr|RSQZr8=@-rV|xe{zTk(rHu|4*rw!LWP^Or0aNMqN-o#@nK) zpFfZCqXZQbYkUjkf{MQ2TP3A|FMVp-j-wz;r6h#gGK67NTsr{|;!pa7n>EdSlrDn$ z?Kbt1i7vUxtH(*#K9o7T-9ITfkQRrkIp0)_StUl~rappcG3=?WOyz*TRtow!Nu{>g z;t}RFy~Sc|i5m-I+69qx;Jsm=5B{#N9zvKJRV|+L;u)==0q$!ouTC{z?3d9|^)1Rj zwFk^Mi7Heum!u6#L7qv@P6I7jDftRJ6#%J98j!ahIqcwlJpd?Ly2I#EnVPCdV}; zD7n5*8ZU}de+xM2+ER~$D2NQ57s|;T_%O#0S}d51kNT{#U%8FCUB}~kFs*rhX!Co2 zMwN&e0{Op2RsSpSvIDVd)%s1@Ujc!Xky!r(Iw=HJ;xAZ6{jx)*TbGQ`SFG@x!I7Wt z3|$Jqbq(70_i7D8xRzn_Lu7c{Ev%>?eDpuPOcD_eP3I->DKzqq-?|U-DEl|ZEgdhO z#W1#qxWH@2fdI9;WP2nsY;!H6sK<3bJigzNq%oy$Sf7z1$geLFR&L;M0AZ75l&v1 zo6;`iItQTx%sR`ReugjASH7XQVQN!IT45jXPj^p>7k9_im7&SpZ0C@IYs-77yFaIb z7^~g65izKN97@rw1Ag|;Ub413cwk3+{o)wxk74+}11fkLP8rfn#7RqE3bY%~^b6;N zY=L-iI{C}Uw_JP|ST%7>qm>ienuD=Zf`t$!9<(I#uHFW3i{K}uV+75U-wNUiNYqFa zy5cOc*ti>+`dE|d%#v~Hs<{5c$X^-K zXr;^nd5xv8@>GON=I<$YILMyJz>+$Eua{|7F7Ge+zCOv5kgs z*xNk=W@`oxov)W%zv%eVirU&{!Ewr~w^wJsv9CZ5)VkE=e03~ZTDI(`uvtK%=~7Qx zB`A)1{0g3t}I%-PJF*{GS9Z z%Oc3X*RX{_1kIV%T-Yf9`dIrcp^H2O2cQ-@{BS!QPC$UHNDsJh`E_+33`*RId{n|Pp%tCFxe=QGycjw(*}&@gvUT2S?aC>FKP-xC01j5sY2A{Fwi(B(n_D7y8Q zn!xS&<#Zp>UnT-xCCtYa`w60q2N+RhKj!m^fZpd`Rbh9O%A?I)Sm~rSggLT0{B|#^ zKwXf8LK=IXP=NP`Cm-!JNSG$#M)w7vxb{qI1+tR4?*BPwW&p99Qi+X|q|Hwq9-$mi zMGYUzmEULmEZ;%aa>n!On1iyO&-GFBGfB@0{w6%|$~Udv*I$C-1<%_rRO}${3Xy7y zm!Ph#HahXMm%CEmYBX?KrSZgdYeI4HaK9+zeZHvjW)*iijnIbtj}`!c@Po6O=bx(@ zYXdd~>`;!@b-Z$#nh=i&EXs#Bi6lI6_vVhckL*<36rhRn*wo8JL|?S&0YZu)xB-&o zWeLd?cB)$nKsl9g3&7JsqPIYakTKd)IlJ8lVcqLszU{5!3RUZKQahe5eN=q1AZut? z4<^4nJJECtRyQbB*!>iC%AY)TY4GI?tZ2pmgR0{NbMU7AX^1>7NL87-BeIYvf?YS2evDqu>pT~I!7L1W^%i0)O^ey_M0vOW6)obEJ6OQ7>h-fck-aK3Z3~2cA7|3J@iuocsN(QkGO~(~n-! z|L;3Yv*7JAZ7^fhORi^%gzLG?c#X78j9ORhl=3B57R!()#$yWW;GRb+Il`$QKj1~* zQOb{2CF7~2Y)y)M#7@EY`u=X15^sQ+_3V>Y9bRt!2O>oicasrUT(2BuaxUd389Lbt zv;;2$QtSv7dPavk#~2klbrvQbtLub=l(Ay?xp?SP$r?9b)xO5Punjlw*y1;S*0oEj zXaPeqJjm;W>O74sm9|UJ{D8GYC%peubaz7U%E@Fwzq&y4CcYCAE^l#$4Yc$PC~N7TL?bfg6BQa zS~QpkqS|5e(+^hxBOn9G76Oq*sawa9_ABi0S~Z}tEOiOHJ$Po1%U?W#Fa>Ww;0QW6 z-+!7GDw`AIeb-&hOffUcFmnI_QdxHo*G3#2tlA2%RiP{%% z`mNq5R+!6X1l9MzcBwD}>|cR>cBCp6@_5)1a%{t)R16%4VEAR1Y^^MZ5uEGz>Yl7!f`#Fh)J1Or$j)jdQ&)Bi52|{Nmq(HAoYFtGRQ@W0 zc-=K=J4scoA%6I3t^Gp@#8qW?+8zoUU}dI3@xE0mz>_~=LUp4r3+)(!zgpS5^y}D$ zYKJ|7J~YySbs$A635iuRjsguJ#XRrUjU4~?H&H=XQG+_F%ys&nzu*2JXJ7v}&qyJP z(;57SY>=)>uzi~IAAjC+a&Ifz%jDb4TSifnk*$NZ;y6kE_HCu{6zg9yk%!J{g*&7x zo1+1xjpm6;!>`}vTQnz+@wtF+fdpE3pX*X?pU@gl7;doi-&n;~4LuY>X@$f!6RlJ)*uuTMyu;?^Gv)aDvGLpZO5I z!U1@w(GYqPF4@r&2Y(ST5L{yWm2Z~K_)4KGC?CRF&d41axZy&<)gC5q!D&%U}nkx2#f&!9By- zun*#2S}bTBEOQhx71D762yAzWBxl1X(0_)kHRK4dUL*u=REU#89su0y>LSa*c${gs z9gO%4XtrnBZX0VV@AZVFj}rx%k#5Rdr+9HmCE5k-_qCkTaAs9B<;H+p$ZYqREtE;s z8SKhpG3xo_!e#*m_Sf}4i8ZTLof3dut)Id!+n~~zO({O3ddIn<<_|CbQ!XKVg55-0 z#`cZnT9myCO50uxu%Hhlb01c<1qVyA$fvc1&F^*7T~pRlpa~ukQPJu$NM})yJvU7< zLr~T*Ul3-J%03#d@pT34gn8ThJiq3~r=nr2*BVTq+nBjPd6tDg{yxW_wKwspg?4s? z8}1a;v~}^jMLo+Uqvr>lS&egl)!;8ToVR4rQtU$C^t|$L0XbRQ?6Sk>$4h+F(@9Em zlw^a0i>Kzm6Tn4WLOsMr;F`j|kCj^2%RZNn$Nyk1kHt;XbkEZB8*yn@q>h~)w3}G{ zY7?J$k9;eNh~j?J$wdHoKNfbszx<7QkS2r`9{%JI1^p!*xD^KzTnXRBaVyb`@~F-2kJL z&2c@`+1h-^qAsDN!^%V{=PpT&nk?e34Y@=Q_b@949~))&29v}vUfE7YzHuR>kqF$2 z-H+c*I{{(!#wyNdFsei~&yytMf)jrkXYwP*b+0P-$P0W zS@74r-gHCR_aru`xE1LXlwujR6`W@MpXJ-D3aTAH7PqF%O)cB0Zw-&oAq znJb=3-y;J}@t>>$_1o!DP7>BEx49a=u7V`Y_VmwI&jSj;{;qtw+npNF`=OaUFH;#z z+K|r28jPJ<6E5o^S{Mq6!Lq1g>iEITG0MJ)V+`exrMM-0%JPLq1EqG#blQwtz~VpX zDRG3RZP!aODyw8$CH*McpM<%DV0%R%52Go}*4qB8X5im3^lri{^?sw&9Z@R3&WOVTG$ye4uGX3Rd+`+yq3b*>f$CA?&xnO^ z@;KH%QYz4V?8ci?k#7Z_f4mf*YS_d%D#R9HgNv+bY`jhAK6~>8<}cEt1^33nW_b$>Q1}t zYn-z4=s3XOK8^D!?qnt{7vEsH9w(0TZ1UVue@4Y=2Tz({a_<$K7x{Rd4h z^K~r{&?N)0DvMhg-TEKsdfj^^{HO!f|HS1UW3i5+ER0|CU;X&HJ|n3dmyYs70dEzW zZi~{>yTvhAjmYlXWhO-#UTYR~CooHemKZiznD}muz;Ny>)>8FC&5U|ByrT9`M4NOc zmb7;GEYa9Q<+A+!?YK?A*if(P-=EIe_~!r2{grvz!sJh($8b|~qYlE=y&TV&jM1`ofF~f8)KDSn2+AR>LPG^y94u}w z;?sl*2Ueb45YH&#kh)_Q)I}sRv-))p)$d2@s{%P=LL};es+&0Dg+VgkNsfC&lyi5< zOH2PB#@@22?P!Y|EmGXwokDSUcZ!$d?oc$iQ=quJySK$DuEnLeyEM3lAVHGLdFDPZ z&pmf$e}MmF*4|lb{p^>tQEL?Qp9*pUR8NOZ8(O6iqI(=44BUwJZbdoy1~Ggf!!?+y zxFIYyns8*b_oz1@yFE!x(;_NsEnF>0Us|n#vLUE* z+yv_8k@kcNiVbgiwkL4M+1+6MS)W@F}AjvY-N6HclFo|dZ2zZ7k-Hz9L(YlD#>6R zO$jCqlHG&b!k`=}ziMJwJo1+xij74lHmtt~+B$^f)?V6aWNq>T&0hA2@z?g8pV^xR zyP0-1XRtEiRqmW?UcxJiPVD}F)uTB*O_t@NGkw{Eu)yi_ zr)$Tc4tWtDprnaGqUinVE<%^sBE~TOBBiI{wSly%4vrEpT|j!x8lIe6&_M4P_L2w2 zVk$r`6qho^=VfSALd*2VJpzmDex~=ApIhH_@@~^=v&RZFtS#m?+A4{2p3fNMjD~-fFlKK zfos0wHbvm7sq(>OdjhyyLS9gTmt9vQ zcCV#r#(l#hDR8_p{W3+AJ|?4dd6T-#0x@}9f0JS;@WPM-0c%M?Yj5-pj?3|74p=F1 zPkZ<4#k0zJ1E9(%>Rimfnu2YqtpY^NBE+_oBs#eRz0aG}c}Q=%Y4Mm03E0NZ`jHF? zh>+Uv)@!h-_#e=gkUdT`a(;;pnS_JQBma9OE8l7_u}9;M3KQlmq6Di&7eT*2hbYjo z?*^gaqoCZv86qx00TqG3jFi5;z1_x0HZP79hopZmZx3jm^QHMJKMu!*L;t5n6OPIG zC9F%l#Mr2_)+&U9ZzJQ`h;IK-C>UDjB!vTnGHItWxcGSA{}V?HE+a7il=|=LCt7lG zWjvzjlna~qJAxU>+iAK86z{|MavCxrGXkB(c*MTa? zT`;udeRweDw0YDv7zLs`OY?Gq$UC2>DycjmROvR-O(&HDZ;SC@276ESYU zk%~`%*Rq}PmHL9%Sb1gAXjR{C89!q$jAJXO0NLmZpr(t8n`mUdNK`Ct0vtp}BbKOe z=l~>B$S?bLR$fIP=&wOfb(YHL!?;Z1pmHJDRegX7PKZ|x;P$S|Uy@op)s{Iet1_2ok!cU!Uq8zNY zKNXcUBk_FRM9HBERS8xeQ7f#q(0)N*V%)N+BvPpSxdJ~X0v;@2={xl3Hw-|OD0^d zO$#UA$vDK0M}=l`fxa0nG!*+q0|!N@CSKXYnMxUgg^Q(cVtLOV-u`aCM`JOxq!ouo zsfksy{jnfKSHgcy@lAS6CHpUuUzM#~WkTChG%aC{BKWClCQTUIhS)zmItwO<4tQ?%5B$S(xTaTULkMj-f> z!^?$*AgQ`VT)vYKEa3i%Q3fFSYf*jss3d5~lcYp(Pi!|T*V>Q9b-UuCWlNwEI{V`* z3h&*g86W72%-2anWZqxWCKOcr6xC_AI zFf}FULwW1~GkN?wM2_O}$05fVeoyu|tRT%_13e_FNYM%nR}pKI&Wv;-i3p&DQ^TFqIH(ag$ZJt9=K{YAN~-Ka+rr zU=VpumLT7}pY^>W?WONSvBN$|`m!rrv8B4oL8`F(kNNqmbJ$Z z&`Euai1n}R_<9W=I2zif+$Y#IUrSQ*WuiLHR;k21YHq2Q26#hU(hMiRbj4+CJ&27t zwF4qs5Jdutt{(^@cNodLXYCPafO{#5stVEX$$Cle@ZTpq`UFA?SDfNxfd^Qd7{`tIge0!Xu-yNl;Yvoy))j=5*UF&eQ~E@d?G!?Z{xHmJ4{&LqXt>qh$+P5Ri=ZtL7sY z96oD1Z>i#n#6fsaZxISX$fIJ&mqd|MB{{4p{yE|XKUmNMt)UR^AE+=;sMI5#gh_T# zbyoLiRULv|RcIJ|y*9&9)N%U5eSF9G^CkWKpvZTuaA+|G7AfC8c7rEIyWhc3v)`x| zb_hipnjI2b1kWHaFaF)P!|pn9Mf6wA5Q|)kC=qi$?sSBGtl#9%O*$pAcV5D+mpu>L zIDBkh?t89Y&p^DAx0c)VA_W_Rq@e+IJq=>}zw`ug@^32LkNE3ZqAqZ0j3)a6pCZ@D zl2|o__WE)0onH5!Cpdc`ppiEI8RkAn*9*D(xXJB*wy7#KG)M4|_d88I zFS&EH<+8?+FAwqoV50&D- z+N_W7FF>Nn>-7=8E*x?UgJ}c0DtINo`&z({*Z23w6r*d^(-a#_$SBgzjawSVDZRfQ zo1gDy#Nm-*e)uSQZl&Zx8jgnI&qixe9^TjSuLtM~y}XkB*I@A)Ni)yt=M+s=bSVk5 z;bhN?A>y)aBA3qIK;3apz2nZBreTvZp@mSV;N@=;$PCH8P^cn3ig+ekrJgAcMH!&4 z4pB2H-J{`K)*$704P$+m#`h0#!QJ)o?Uft=Ps;(4+X4UOo1XQZGw zs~(L8j)+DS7xq1s4^S^m*XFa_{+bE!{Rd#m%yaFn@x&4RWvFQJG5D#O%xeu-&Kso> z;iAZG>gMs(%lro8+69r=a^Z1qz^5ZHYZ+(e(0`VRBxD$G``w58;h&MNjdi#VND{?( zKsi#g(55n_P#ZP^(OqBjTF-;}?bkYHkH^Eo0fh+Zm}mkG-~Ak*pX5!TdX&xCJ*9C- zX3{LODgGti2H#Mp;?51FU3!|jaL3EEE6m&2Xmn|s9J{qUrlaFu^dIyn%>arH&!}LL zM1SLO(!oFs!b)GYZr#6LfEdg&jVU(^nO|ku^5;soI}>uA{d+b}3Z1?JbV(5c^ajRn zcS6p$l0by*`}`nN&_yTFUC8{KRa~L>>m_GqNOx^b%OR>=#sTRQ@#rkDB|8gOv|%*0NcJJKQXy-u+I>Ef6V={3PQd zY|aPYZzAn%!mPn(F8fkrrm{B;X7Yj+WC=094!so6% ztk#!DKHWH$HY0Da;a7$?cC-oJI{%LMQ^}~YA!ZRQdR29#O_qrwB4Kqq{`Tt)$@Ta> z^%?kUhoj5aZwEdaArQV7Uqzdb~d%c65jq9R}?S3h}!NfQrarkqbKYOVpW%cQiTeaO3}|y`2d$5PlkCPhPg2 z`_Mcq)talUDE@~g)8;r`XUbDn9;3yT0kHsJ`8j{rdShTTXB-2$P=i0e-cx`B^;>u*nk@7euBpE?}5@-`9P ze`_#SU>D@Rv#d;1A*yUzv=)-O@4vwmoUTO-94yH=YShU^Qx+7Eogz^vzH8#fe!EjT z%i~lpCnXJQATics#C=o{`4rJUogh>k_szlx@}Jo@F>r_;g>mTd-Pv=@)b+8VWarC2 z4T<{m)x_-3Nilej2ufchq)p>!Yg!4@QCgYr*wC%#Nx`?(*s-3m?|J*0^=*{+XkwX# z-RLyHI-pY-NsC#iQc_{9IQ@wXA(>147|EFhWp4RfFR6+3(C-FPfcwX|w+V~cZu!C{ zN944+jF|1HiG7_S42ICNbq8dfK!!pGffIR`ovR^qInZLU-mrS7Hr`0 zF39h^99l2f4Dv*jq_<7SZ7|OKj8|0FXvopS{?WpXN6f}{tLVh22josqzl4twmGVcGFm7qbd_rUZ7L!D=`C7Ko32ZF%cJhU};f z1a6_fUCEO|0);P**N*WwuGm&gJY-3E+GfCQ=~qIp<$m(GK7l8l?h7V=pAV0UdY7?8f|;X|H!V$t%An;LGcAexnzM-upDpsBZMRirV9m}$4-kA{1fM3% zNi6neTSCm2O8P(9EEKya?ccld@;5%+I&!dH$^POp)C@e|>sGin=Fs3IWx6B&M?5P2 z_?t?OShS#o4Y)h%@8;jh9KshF4g%;?XFES~epQJBY^R~81+G)S)VP&5Kc)H_gzkrlw1UZ!NYJ{hpM( zTP32SC;b*Ha3)y(Y#%-Q4a!aGO&=?peUOBUolnpxEndUhof!QtXhO}&DBKBmX#h3F zyOZr^c1aS(DzaPQEh~EXQN|vThRb{Xau53|-M3j&(GW{b>ZJZ8%SuD6B=FABjQyut zxeIc{_ue|AzD^1_;ebhYvm^;hpYu63S{aQfoJVt9{MIZ}Ez}EgLi6&|gnMKE!3O+) zGN80578^OUn+YBMc8hPAz_8~dvH)>{#(10`ZbOowMy4h`W59bTIQEPL@JS154q+;M zc!^fuyYY>*$FlX0pMQG@hCmM`C2ZdJnGdbZEmS5%^6Gi zcdOy?BN&5p=+g^u`A$7@PFU}weq7rxK#ht-I;%d-cxLI5dc4-a?S3&#`5R1CzHyxi zA|}q)3qHln`nwS-Xe$+tUpmH~Nv%vq3Eb{?=8;%(?ZF?!MO&fxe?@ z>OFlniFpMBx}y#H^(u-JbyPhJiZ@sR1e{@4fr=7NEv=uI&j{2BqgwCoa zerunIYE)%bv>!b^q*sXrd5^~yL~wkRgo0JP3kz=Yia1tY{-pU7UIlZpte60{oIokS zU!zXjJxb-9CK8X&uFP4+W{kL9#9dwou9>&$MNuz1(BGiC9cY3(WTo;fuy)h!m1z>W z=-LYC#Tm5Bq4L?O=Vl(1iOyN{!_CNVCcl zE116EV-#xT*a2pD{g~zIs48{=)P}nBG?K*O`W=||i&LNoo zv;IZNZ}Fk0yZcbMYBXOgt8I499bj4=T*>rb9jN|a6yB|Yh9(KY2$88Z^~JC#`be7T zJ#4US2uBXrgvxX@df($ES1!4m=pQKoHY{8(tsX3`moR4cUec~`GlinyOR^YUU}+va ziZG|}tj@I@uN<8jcQCu*DnzmBbXiD$hG^TUZdo*XyedM}m+K$fP$VTrZ&lJ?a^`I% z5D@XxH|t0xJ04mgIJs5>oI?)6cj24iY(;w?{f4nPDt7s}KYR`Ih@C_xfwLI<$G3a( zgk=NU15Hkd!p`?`gem;TXfZo3FcjV&U)pa~RdBZN>P@uuy*mF{JTK1a3E-?Z>Z=Rf zc?foeoWQ0!B~;C2KXhe}(2NJj(e=;GGp@@;C9>ov%jvD{em{0c1)T+b5H7<8<5Ik> zmioU7(f;{{%a;C*gacW2?-}!LbLxI}(H0dQCa2_&Av7S8GmorNBM}E=9g9sC5n}jA zEdvi_QP=Ns30iYwR`Fw=FMd%{G`uUXF z)>r5_gNe}fu;UZrH=kDYWx39P{33}-lvyLl_^^roM=>Rm#tI6$`Sa0LAk!Rz#J91% zN8eLPIo7ABGg|Nd*t&MV%O*xI3NO+)%6B;H(L|y4WpVa4N_OYi#4M#^s?5Cm>wdEM zMvPPlbv|rfxL~LLWe2w>*VYPGWt}+h1$sZPcc{Bhn)HCf5a>DxSERhk3IP>v@^8wSs zV;MvPwhdqztf+cvuHUNyPhTNZcg<6T&o)dwtlmJp~(A1|Z3zILLRyBg$Squ0dN zab{=YK5ycx?=U3u%%~$TQLOhD^r1du!* z(D=ZworYeqvwXV@J=hxzy!3Oq9|13=zzv&qpnk7WRi~m|H&M*+txWgnP+Ih3xkWUm-09N-J`H)k;Uu$phnu-l$r0Zo6X;ES{ zhkgrP#g-PsI!V$Z_EeOPNWnLLX3p%~-Bc%0rhl3^ar^cTPHTX@ZS%8ky#h1MXKNQG z6gVK%(*AM_aE%~|t8o&<5;kg^b@p9T}WgkIhUnm@F zwrJMc0Z_nWKS!*TxX^S)9z+0;!qT^-MWe|{Lf(fa6ll$snpYt2ay0ILrsK%Lo0Au_ z^2?Ae*S4o_W%*S79K`jz`SjEJx`StExXR9Bw}~9q5$tA^redbhWMr=t1XS74Exi4e z^;dze{nyKGQg6p*@Lx`@`%?in>cH1JfltEqfxEYT+QGYvm5XlewVQW$oEbkQLd^VB z6AsPq40@ltSIoXZ&(M4O#4d-d&<0djBY~ZL?Zx>w+B(M90l>i(Q%!a8TQ1&*uU+@4 z=spVCzJICBKAYa;H%}hsaApb?KBRv}Ffe{zkDDYm_3{?}U3<`eFb~TA&zEK;ZM_%) z&(|2~Is7NHCO3lLc1kwH0+xxB9FGGa(V6z1mp^MBC|fsc*lmbJM_C#>&`Quhb~XAz z=ZEzAoxmW-Y0zkv_mw~)bl?49i<8;M6ru=BnelgCIO2^Kxrtdx|Jyv73tnk;Jja?` zCYMwR46_YbOrw^(a>uUNG^l$58|#OU7CirOhhpao7PKlV4|$gwfxcx#t!-X=IO4dc(73y>;oC1)Zo}@ju2$qcv37f3O;Kq zG`WOs!Z_;tj?+?fmjmq}!)5`d!i((|PCZLqZ7T%EYki6md(RUdeXw)){kSWe&`$@EBJ#ZfF4Hw*6bZ@PFD!y1CKqBJ@<8>q`eaV~jFV-c`1} zSp1)~oWs9SgS1pzZjR4z48kNGgOif}!q}Ac?Dc^V*1fAhd!ucQ!mm4zzh8IVa|3a3 zlu8D}-#tO?=NXy)jWCXPiG2{Y2JMIXRkLlMOR#gMV0D~>kU&!sT07rsX_4J~WNnIu zqY@I8Pqwat_5RPiODpFdjl+#MpR#c-i_-6x#f*C9|2@wq?b)TtM|>-1o8k*@sGWs1?!?)$JE-=;TJc z-q`4~2&`pTZ_X~c-*E}!f6?si3}6FL#8KLfLbf^+Y!(gykhc1e3W`Qx^gR81B>eku zbTD9E2q_<+E-!~Ids_VoAD@$;5p$nR;h1U&GxnXx;mJoxLG<@xx&BmR&%B6exscD7 zy+?&_c*5b>Chfm7Efit`57iM-x^&HB{Crdb+F9ITMg?yn7~@eE4AcY*Lw}NTEGH-Y zbN|88aDhZ}`%63#?m_ioKuJvh+^8NA25r;Gw;LXE`>`(CR{vic)&c8;IAtP3sl?_{ zmtlsPM-h_GO&8c&f1nM*uGCjgzL4MOho$WK52Jb+ZN1c{p(;JA_YU;gWy9FiTiNRHcONJV$e7jpRlU6dirajT z>VETd>m5s>dS1V#uP$~sZbL@qKB15aCUxRg9XR)%r=Or#a+EgmINaLtmG5bFobV|C zOm*8#EZ1j|dq+C!Yft-sCKT51)?21__Y{6rR=hHOxSYv^1>H@@0!KM~)%@n?5|Rh} zlY*CL(vQquV?lZ)Evvc`kQ4IBhx7QvZziP!VC=kto!`O7l}$M<@59v3x1kbMzdlNW zL1t`{?oXQ(-eb+CUxI^fe}Ghor(-!Mod2^wsLhA|Iv{p-HW1?cO3RD?zl7~VLO9t$ zky$%;ddX(DaE6Z!KkK@iD10^nHm{vtv!5^lH1)cI`V3gYS@dC|peaczQmw7jW=7k| zsSnxsIcnl(N&4_xJ2jFwF&gQ5-Jpz{PN*a}zW!2dvP3vY!KZ<8|aQG;|0&DJ+g-ESBa80EoH z7o8IC&iBubwml*tYndz9oz%(Oar)arWLHkkE)59FYqg}dQGTHQ{yLICPPhMU4hLLj z@D*M(`MwPI&-?Y$P6cEM4H{GD01R%)$d6arX0Q(mXvuq742o=X+WGx4X;ktuVzX8} zRKHA?b|c7!g7Xw{iu#i(Ej!RLtagzS%}BAJ?}&c*}oC>-}}lv<{SVAMsw%v_2qw`5H|}z^ktXh=Tcl z2OiVG)9PxptX-rf3763ki16g+pgJ{DJVbG{E;l>L%jsw)7n31U`$ywMimzEkMOYzM zY);*~@AN!mbm4M2bzK#@!jHbne+d`C)UHbWw&b?3UI3-S7cIFv;E@?C$nXb$0Q-1Oqi@yfI#Wj1h3p~K)&Mcm~6YEv)as6cNh7ap+qd#iYul?sdIM&Yo z3Xti7x9@4uD+HD8=xI!>)OFT5ZTT%zOwkTOc-HgZ?6j*S!5)3BabqQ98!toDEEqlZYolJRW{m#o{ePfPhG-^3NeU^J^=-uGcp=} zqQumdFPbV*_I2YqG}I(bh5wQ3R)TI1r8Hx^TSU8}N02+0EIGz$> zx;~OJt~_l8x8XnldL)|Aul(EY+fN{AVvF#|%$fQTzP%B`?Ek{seT)O$hex2XU%Vk<6=tv#=Iq{0) z$bG#%@Xe6Sh{n^B=8JmJ2uyZ5qB)|ToipHxe$r?<$OHm}-7f&w?26X$$fnjdR?6mT zSF%{`5I86x>CF>|5g2t6C4nmk%jx8Gu4t}Zd-TA&dWf&zA6{rZ=yfLWld!|&3pY`u zvwd%npWn<*9cvzr;!*OSSX zj^oqFj^W+KUeF3GZo#ZqqSqs6lmT?TY(1Mj>CtRH-ON8Ys@jkEUr+H4N-^(A=<)FK z3g7Rix8I6V5O1l315>F~f8Jl@+w9NkRzn7AFM;3lt?Ct4A}h*<7b+_I+1{R|Y1-Il zi3v%=9Y+N#b1UV9C8X?Oy$aH%neX7pDKq=!zYtFtTZ(J5*{i0^{-yTEJ0P9`HNkch6S(vOBViX3H!9|O_#b+~QFuI@z?iKTF4lp-0443lSK0W#c> z=H2p>o&Ds?i~?Eue9oz!9z~sdY9Sn}0SeA<#TYuk_D?f4()81IJvr z`y8L3F*K*>Y<{it1wlkkIChzaI;PTP7EFezw$k5`JH@iN~Rg2k*8{_N)c7uN%I!-IG|`1GdGo-psgFY50JqH@HPpZDO| z{_;$)kU-x7Xnew@=V{)TToU(agsJa-YJEu@H}HikujoA1+Ch61)>hkDhySletyN>lc_K!!K~+4lABS1 z{y)a1B#cjjpVbZL5f&B;2-xN;PPVlI%X3fG>?^d>S{Nv6*R2(qKE%}sC{+iBha&)% z4eFzPUO=Ks3+mckKa+=NS2~vhwssJmJddx=1lRmyCSp}Jk7}Sie>=+H5O56=S%mYz ze z%3CN8iv_HmvOEGb5J7IZWG1!nVl=LI%mQI_5@U$7&USeY9AvRC@6xPwrNrt>>ac4i zDF&t43rT}>j}e;a-EvzAawkG>Ndr@-IT;JBx*5J8@HnI;g}JMoer`urbbhb?l-c`?LD!<|Oph>X&{8ysljC?t2<}k^bV@uhMyE719!N<=o2~-If=WwlO?alRz!)th1G+qQ;HgT{ez?v9eMX-r_ z9s^+kJ4sdoR3YkYwJPEQ1j+y(+w_W7oF4iu~R55o8KR<{RM<;RI=QFq$a#Xa;q z{d?S0tV{eU`E)2Bd&xERyQfNf;3Hr?e-2$lS+|gcy8Q+FU^3*Pru`7PKnbZpd*iZQ zK;phjaKwlc%6W6D+%~B16jYASQM!?^ReQumc+Rom5gfejeMNh8)XnSi4K@3}pL23J zW%+pkk+#{-vV-*FWYYCn`M24hj~qqetyqx9{b`(4b8(DLO02ME;lY&UwJq|UWd6yO zF&a7PSs^HjW9t7d(o+E4{z``K>7_ly4(re9L~1UL;NL;?=bOlAp?(A<2o*6dqcSL8 zEPE_5ufI!PM*(0@Cd?;|zZ{Ms9{ryKmWg9-tp(r!h-<{|qYM9s*Lhij3Li#VbPjYMSaf~U3 zHqFT8b*=mi9c24#c3$u zluwwD-l;Vg*G>MWL6A-GUk4L&B8St4vpVvB4XYtfToocvv{mFL{ElRHYC*%OeOge; zS`Mc(DkQ^cz}gvxLHMN#F3X#lXJop7z7ZITZ0VQgK)NVUaS9H=00swI@~MqB9wskk z^K%KCtM_{-u;?g;KXQhL{yAqhtCbga)2j6c*pFd^DwmA&e>~PRq5N`;20a^=S;0J~ zIOweKUXZ8@u*#Vy1k5WljRZYx5r>l~xBN2h;OPy1T{-Zo50T}|I@#8oVUFvqB&K_< zG~>N0^S2_6L^nZSsxfWq$@d0O|F-XUdeHia@E&Me6AD@ZBrqE-c1<~_5L53hiZ$Q^L&yy2n)wgJ*1~8FlT}CeRf;T=*OT_+ zBaNgIxCCUY8=oW#PyL}2)=HheZv{(Cg>$@=!#aS2tq@91aj(Sf-$gOc-r9$e%{zo< zES&KHea}me8!9jwjvoJsJ-}AQ(dZR)vEZhrjZ?-t>cVHZ&+7#Zp{jr?k1z1t#US`g z_eoC(fh24Z0Wf&CGL%*KD&3i>)9QQ^krecyFa(0U-_Gz-A5ZMEO|WA8Eaml-j(&ho z?W;pJ=&h$_mY;RG&L#rzh9zkDKi`;5!$DChLpEf=@dof0+lX3 zsboPpt2C8N#yB>;5Uc=})V2RP|9`yzPGs^IT7dpx?Vp=xM_21g_&*V|TKh_|rbd4G zv_Ma|&!B)dp^p9fDQ#Z1(OzZo<3f1L$ItAsz01VJ^9h^mp$xB=0vY%e*N6ntQX2PV z->al$WBZWaE2sFE7M8$U7=**gh#Yz9A|b?F;uYTw1%8muk(T4>L&{5KMyo2iY4W{= zxPD+65Q5kwRA>IHq=TU>s2Tg86b)ar?Zh5S5^eZk-8P3`P;z%$2}LS;4<)7)GqjVcQ^SusSSIyMI#F+W>za|>wwW@WPOm_q++omX5y){QelI!1shb)kx2 zfB?vkMj?AwkxA@jmz_C=Ay(V2Bmxte2d%tl>Xkr<*}eu8JhT5631``&*unI9hmh8K zyGC2ljZTDb9nlN`o{TIj@vvp?wM$@B~%DHB{-_s=cyv* zxnOs&StwQnz1oSc3b=ppzOA9&qSz40(Fj>9BxTC1-yo>>pA0zQl)M=QKph+da@`bP zo|8JR3*--G|H*twiemC9EK7K~c^n6u69lX!-?YQ(Y8-@@dym_*!FN;405hQ(=83NV z+K9dNXm0)ZN`|p?VGHwbx2J)*n4SMIC8b1$Hi$c`OePom!+U4eAO0z47Dk@5eB(%l zN#Ig4f9-KdJaXY(auZt0VHK0V_7~(gAWB*|KP|Hg*^&|ef;g!5Yj4PdaHuEwogejP zAc_)t9dANtDP}qb0bV+xg%kq90ck1s0i30O9$!3N^g5YwavHaUlGREn3Mv^FI6VZD zNhgj{o>u7WSM&azt8Y-e`KK}9pHC_o4sLGAOxL&V;IgdYSEI`VjBqC4Kjx?0RyYk^ zvf{6Pah*C1y(uZ66))|t7q zXUW#5`|D7U-_^6OM?!h+Cyi;gPdU>VZw6Zkvk}}&DaJ6XDl#d^T9Ozr<-3a$gdIEn z5$u&!Nge7|3@OY{Rgbm`wgI+iGwy zCrhD~{_S;DMyACAE_=48@E9!$Ifup17(;T}&+1^&GeMUg00=N7=aB(nisC^_!OVSq zWU1!Y`!AWdWsVgq96181Ka=9}>Nv$b$CuEz6g~6VY3Htb%sS_Y7gvTKwNyH7E`xp& zW!@h1PG^6LR^D3=IO6));u^=w+2g`<0U^#OjPkx$_gmsrrCJ#&G7kP*j%v9cLnN=n(y&$XU-q+)wMFpoC-MprL zmRYl3pgBh5rcd|nr>xXDBJrh#k>NG;3vJ6_yqw^#UpbRDdIOB?e1h_W=R0e(1DbTG zV^?|}+74P+%qKa7i(sh>0f}31d`JbRpI4;<8YPpRJ;>dYhVm zAk3&qS9hlTC_;;2Z9aQ@>zsgwfuoa-Fg=Mu(;@6|jxvgJ?>q#Ena0e2=ZwXjPm_Iw zs7-^*@iPq04r30gQ!mD}o=w&3e*ycnK%pR;zhFndL}*b)L5{X69!^O6(BqIZ3!_oV*+o3I%*WYqfNfr||oi za?=(PVB^#Q3vIu?xQZSCGFKR5|7QHj9%pkRK_?y*Y<-3g7&bG-#g=$9&v*NS+8FPk zNCIByf&Laj+GOJ6 zk>rb}F@Hy&@b*KdHq%=)@nhW0_$_DbgI6i-b}|y;$<1H(1K6e zhRuwx)7l@qt*SDFyssojpE*xy!6|Y372>?cVy|Vc!xyy&2j|*?s*_a(ifv+CUQW-C z`3kY=$EWqfTcX?iwdXZc1+_2G$8Ac=lHi5O0|={+GWS9MeLH05GNDW(L>c4GI5pk= zWqehn0-`b5_R@a4&wo}Q<0z^{aQQfzGz=5l$KLm1nz8+5{(~~mb}}c`b{g2Yu@Bu7 z93F3O@c~BSTLl@D>*!z)sriTzGWC^f&s-ziNY*{td)m!qH@`SAQN?M%+Gd84B|W7n z1Z#V59!GRwK2=mUs|57{5UmAw^~-baqw)OhHx9Wo2bCvB@|N`0OVns+%wV8c{cXe{#C?zjnk;~h|<2Vn$ZE;(s|e?w01JD{{& zYAk0(wp|rncv4QTbdaOYayj+n$3&_6kC>Y23+9zdSZb}nkWUe*bRG2sS8~VviSo*;Lj&C4R_5IjJ{tSS@UKdTC zf3}4XbI28Q3UAnEJ-MP}=tifkK*yeZdd@7P_9Hdlx5+@7vWO2V#ifgi1|P_TNC=i_ zfzE^RCj_4+v<|+CD2g}5;atNlyt8?O+TLA|Y*4{&%0#V%ZQ)2s`RWd+X(SI3^N9z` zL@ke#2d%bn&*C=!% z`3P!cQwVu-#O(E+28Y?^i<@(wWG*yer|n{&NR_HJe|=5&8e1RSPjC&idYR;h;r-OD zE1fo^a37-`2fJ;p)W^9R!xDVoWM9;r0gy?{!4ySBN-co39qZj~-VRhZFt14Gr|$5Z zf-ZdAh70&pdv8vWxR*!99nE(JhqNA&12y1uefh+v=dL*U!M%f0|Jz_KYLuh~G7CCggVCcRZ4C z&j0Z8@mVrB$avjKNa&$SW9Tf>AKjR;?`cOOX>QLs4Y}TbM;NelBtcR1dhKXMsK`{< z$y)b1zcW%*-^b9gIPMGk^hl_v2w0DDK5F zu4DFe)c%-ob|6>jNa{;uW+KpiDR|KIH*17ZNA@69Pm
    --jQ!`aI~LtxZ<_i%F> z*Qty98@%~A)#763*ge+$ zeN|o-Bm+fSUlE$14wB^czT+POQ(BH?um4PLW

    Q*-aL|lC%>~3Wh9f@?qQP2kVm1 zQFVY7;BGWT(naWk9{?4ua^KqEUf#yV-U0*!!Xn8JLPJ-Eip-uekM9Wi$a=IWsG^f# zCsq5UK7F)_u?2Gy=McbVr}_@EZbTscR?f%X+Y`x{y_I}oS$fGB*Px@s6YV;bQHsO( z?cgMFx1hjtAJ^yw)7!pbVY_@h$Aj_5b;-aFy|?{e4%J+Jjq+FH-m)OY4>!|R^8UY? z=h=EhG(KiTx^gMD}Jix-uf6pwQZ!^muB!Yr36cT$xkIf1H9Wtmg^|a zEGf)86S__e1oj~}d3$>YDQO|yf5@m)JS6EKbK%1&WjYT>9g@{=j|fm;pV!fY3Cv2= z7$PmZql-db9ZB^KZ(L#blyqdjvgNe(tfS~7_isk2k~Ch;iee>S%Op!M)(6ra8E@GM zNU#?xjZb^lBLFfUw*T-tK8nWN@)#u7$sI2j>oL*6mC(@X34cxdO5d|yCQR{(PHRj| zYt($U6s86`x?mxaBOeU62B(UA1-DH@CI~{aIS!CcJN_JuVb8g=t{!Sg!;6hz+j9lI zM_}}7scx%tAhJ)Q6WsJ#F`1(^%t{sqT>ky6;1hU5nVt5eb+iQO zoZBtM7*_V$xjIj^7=e^Z<^jHxv4%rDod1Whw*YE0+SZ0~cWH5gOVJc4P%O9;q)?m| z_X44~dx`{i3lOwWiqm2(F2%h_aVb#T>7Sl^&i(G(f6lp`$-IMP-Z$B6ueF}No@cM^ zt1LxmN;?Nb>^-Od9#!I~N^;p_)N0MA?{k{^6mrqywr|_iv*iWpxv5-p-Zl|-O!JUF zxxQNKu|0BkS-ooNU4Ldmt@Qa0UhXk#%5b!5yET!zNlP2Z$9LPm<$Yg5kByoZrMB$$ zP`{z8h(lx^pyIT(&0_AyDdoFdok)tX{{A(WUUHYR!TRPS6W_zd``Uxl?4re~NA}4;!+rHKFNLDW7UZRSNlw} z9+5VZzC_Yw;=ffdA^qTzzAbY%ycO}rK|PC!;i~KWIN@%%G3WTnQJk(HvIkEE<9S8% z&!$DUU2}h?Mo*yRMVRCIs}UCE=Xgril{j$z13XsivjbG zxA2~#l^U7YYutiuG&UgY*fPr1Q-1mzLvuBbhj`4WcE)=j^A-#s5hA_e8yPS`i_i2O zZyvJOHu-;NQqj}r&SbJ{Jvh+3>tpcYiR9=li;5=O(3oTbyClY`aIXXZJ#i(%S(L(PP$TySENcEjh0f7EJlk3w4xi5F}F+L%mqiVz`$Yst` zJb>2Vi}>+l(X+8>dHFf2o^H|Wm`0d7{aIM3RmIplT%z!^WbHg2TJ8>Tz?4>~USNDC zNSk;{R-qM;gPIM*+-W7TMN3A~B4y{hLg$Xqm@K%Lz|O2-dH+lJ4$heJ`Syo^+r8Ww`EE98Uqur)Yz$OUc? zyJ8T=en27DvsO}h(H7!&89cqCQbMoNsz#=D5rxyaevURDbypt7z4yM=bVrTm`XK5$ zu5;ZspB=^21f9MABu}@qMJ0Y}I_`UiX#OebK?x7WVvI?r6Pp{Dh@K5NySW;)KKl7c zutDll^7xvT0ctG38t@>g8`a?X^&ml$Va{~rtyepD*+4zcl664U4k2(%^7GBq)ef&# zkAc+nkHbXMnWMY@RJYNKnm%JKNl3a!_P4td@6l@ykLzEQ<}rP)H(}Jek&t(W^hd2H z9B!LDkGDUBWX1(ByL>JuzqD9|z$JNB<5oL=9G^VZ1i-uKh8A?!3<7UQ*OqKYq$0j% zk(<+}KU^R6T-!Qj6`>FjS0zk-6StoL3#PuY{=Azc9s4ZjqvHX(MlT|7vw1c^boqCr zu5Uc#8TOiO(B|cu*Ye4rXfa2MoG!nn2OmfG?eAY}-Xpl5W-57XKc9ykZyyCr^Bf#J zYJQya$*@i2KjCgEHUO`JZzcoh65~x4LnwoZVDpLw(HDM}9=ttOVl)26_Lt#Q|D2M*-r`n+%clOMxzZi9&OS~kR{8d`@_~t@5_vt zCFk5DmrI5tNs*@-M-L{89Ih=#?JHWOG|?7gFzsOJEAcO_-Tt^c6P=DYJMQAsR^qS^ z-;~oy2V{CtG(L@uoe|n?ldXCH?MPBoKtULXdC(m1N8a}La3 znn*i=828Nf;l*;z{0pKD{Y8QHF#Xcv)Y%MjCXN$1MGPd+j?HDtNJc%vrrSw}<0u0S zFd~fJ$FzX7St(9K%o6nyd8Xtt72FlrW&G1I3@jeT-pPXe_J4gkjgpRSh^l_)l*!De z40P@5zZienMwa{)K`1DwpDDd?rp8W+d&!2tJ=fBHGFQxJN@@DI3Mcvon8qm{hWMbY z8?XGUw59yu1=ffai26fmt!Jv7x%Ed_mmEDTqyRRK>7f)B1OyiIm3mO&@6^Fx@+d*> zd(T&59Xot^^P(lNus?;0e08*Sahf9uIZgUCcHADC_6wZUXB3+zlx1r^KAC z(lqyo$*tP-=@)?X*B2_&56FM1XR5@~@1AWBG|l1p*r6FpEeY%~2V(`N9*0|6q8jS1zm;%vy$fG-A`CKec35e4vs(~ixMo?2UiqocR{LNpO%(*`8o>XV zlC&xK`95>*o8*!UfxO@LO9HyL@^lR@id0cPs>6LveP4;Cds8S`naM`E5jihgY)q>R z#qxIxxZhlrW3TC1gm0`KH&Ox4_`^HkFCrb=bxx)$#SpUx3<3 zS%bdj@V3I(Z2aQcXX&B?uM-wSQcAw}+Y5(z`L2?uCQVh#>qu|i&pR?5l~`Uns{V96 zAjSLJ9p?PGH>6-YgTo|)W+rV@X1IXQi@t?JR3Uu$spj7Nea1CItFX6V+Fb- zT0$!7Q*<;TL=?q13MTbE6{#U9x)5b>xYv8J$Y9JT}Ba{!3hc~w#Z=FfJY>%MSga% zZ>A$a!=u@2a^fFnS{?!O`U$`dabX{{vwM`bLhS?_6v^vQN>%rgUKJGQ&{W}ROoB!! zTZ)utQ@I2(REr|TES;PrzWHp<*ZQ2=AE!D#u(@>HBhUPCKn%j3YHsc;@iPFQ+2P^W znh6R}A-g;~uBUG25H13HIl3dh#k}1+$y-u-%~a9qIN7sl#6_c^B7H2@Y2J%XEuyD% z88y;oGL`SJTYdSlAkRtH`hw0sO@w$!ra0~}7JKQOVMbC0we&5%p$s+QMEi&A!1Pv{ z+81$T_$1`#E2by2&QS8lV9$U}FrC+$1j!?#njA7J8vW|$ z4xsakN1t4C{M1ew{}WYz_88TQ;p}nXBW?3{uc?XU9v@emw{glES8Tpm>*@+Yk{J0h`23$q4pfOzJZut?Wh0|ik9)aJ#i)lC z{nN&J8IUU=wkd|7Kp9PV7)?y;R&7e_$M2ZPVD|Wz34jraN8SW*u48&sa}c@%*)}zO z22~;19$Wo-wCZa~A6RFySRuP5hOQ{5xcs|aEp6XUg~wK5D@PJIIYNZD2>|GoNHFDPabRLemzUH~e_R7i%E<*S`**;9TFL5;0X z>cfZ2fz^R7^)KQH=&7iLtVC35{GG%7&R?GR$*D?gBTGg1mNeK31O{t8@ z-`B8Vl7Rrw?bx*-tDOkT)>HUTjp65KzvL3S<72c>8Y~YMJO#U_h@mckc%WxJwY@#F zC%L376IXO~VKhlr6?0KL1sj@W7^1JhuA1DvVj_6CuWO&s{+Tu zw~y5A3#FbVJ(c^p^IU^}CmQ~8BkM5KV=o?YSoX9>CJuw#B>BY?gOYNdw};=Uo4)%x ze)qUsI-avk=)E|2-k;z15h>GO{t(|!NV|?%nnRbZ6+n8w&V5YPT=B%={kH&ljQF_Jd?g*+7e*`#>ScRr{kKckCaCF&g_uo_(Jj z2vW^?JM8j>?5CUtwwJz#RC7&-pX|K7LGBV@TiZQW6OnE?CnVI=!!?WWLilpIL?N3sMNA>Sr=fbcp9{+QSe0ip_&`|D zq?2CK!u=sC9>M3IFSY}vmVZUgmVS1o5d>MGesfat#Yj>Ci zR9{Eor4|XM=wkZRXB%N=i&G0JDDvq>(Xh~>;x0CS|D`HmAsf-vTpdWB_v-UJG%hBC$XiG zT}-L&l#!tnR~oW*QQpE0q^wtnBsHzZVo#C1FX6S)k?^^Z_v0)r+~pCS>6QSnsB>Ku z4+;7TWeX$bk;grTY#u|O2C;t&+9ob7jeq8``w zv?e6^gh>hOE=GUXHkcxOIZ2tx(EZ|mmU1y&AyM(+G^pL%96HBVlM`;HZjpc!EB)wF zQh$?5^k8_dTVTyvnnYmx9%WkLKj`6#Nito4=M$S?KB7cA^_4Al{ zIHBEkLKzciF-9VoSekz#o9)oxLxB?51t`UhU!P}YN3v2}cn zgu)w==}DP^w|witgUVi2k#?~ZXHR2pShaK^W#Oz-bv6K}*9>FrYkGR3c_JF%w(h!0OZq zAo`QRWkD4NZtSWz>cQApzoD+V(T~=;*_3UP^lbY+!;ZFTGN9-T`~NHTk1QHrdl*eI#!VTL;*8h3h}_|vg2r#`I&kY1A1pM|#L zs5SAV9`s;5Qn$E{Ies2=`V3z)aExt3<2ZgmGhwKy!Rwva5&g4m;J;swy(Gf`hb3(l zV@EzVHh&_(203rQm8|E%#I04o$=Z{PmhF%`O_YknDxcdJ?v1ZTM154@Xye~?9F)`Z z-gQ(V&yF@y%TkMvOl1{36Jh8{rA8wx4{2}6xLHVQ9y`RiOh+C?EAv_$UD-4e9V=F7 zGaQSQP|#gX(0d2>UiOp<;LUNIS5D~O?cb8G3=8*)+2WnBGs2<*Y} zadK~|S1v6hr7Gu47v5IWi0kBKLp6VvHvBjo6~OQO^$bwh_8z!7tP@agxS7gzf?^Ym z1%Lalk!dw*0;arK3Q88)qCx}8`_j8U#c`-0@?m1#aC|dtr4D{Bx?-UL4zm&kpilDj z+sOnDsvRU2eAANCW)@%YLg1jCHM~cqwy`(Dyr8YG)i902Z4(l(v*a8XBJ#$Vu;3f^ zyir)iT`0Zyg%6Va8V9q-BQlx|2C3O#cE1hOZHnb0yW~p#Se8))iEOos1{GPXP?%hJ_Ft@`c1K&_Of5O*H zv*Nhu){J-RMBIz-a5FlYNniTteBQo4O30;{jSumD7*yb%?fFl|vQCgJ0GXjAb#jH4 z+86{H+8Zm|-@?8VskLW|i1Q?>@dTKJLP9c@-q%xM0EpvioT%1rOL2KPdZ(K;5)ZgypET9Dqk>=AfncJh?FRt&m+5!T}(*Ahlbr zM*bQmoJlOS6z)$-)4WOh6+bb@bPe3spD2H01t?ge7_zG-nh4mFolB25o2)1OITWrv zFqYIuiFA-;k=RsK7M0{2&IS%?M)FN&(q`4mEA~L0{iuV4ZHI_LzqC$E?s8h zOl6rwV{d_zY$siqF4pcH!kF&@$FS4^6W5fva+|^%k?XXFlRo_gs45PS|hEMo2|b@prNhpqPG`{9nx ztFIceeUONMem-T}plD$8Zy^Mdp-_tpo_eMLF{pRlcdXlYR6EFGth!Ic+PB6f8B4x_ zQo;(yhvZ?Hlj_Q_zE=QJ^GHl;LK;zAiZwQ^(C4QskZ_j~=da#TWASqdD0z3p8`@T= z3QlED0%#}%DFA6KBXtS$sBR|O1h56eO3EpYLeog>8HccXpXp4Z?W_mcO~+-15Q9(3 zGS8nPz7+r$n2InzN*$<7s@tjJJlLBtDx|?A_$AGCIXTh7rhG~`807KXitL#k>Pt%6 zhcG&+F+;)i!6KVYn}~vZZjNig9dGFC5c0w-7r8AI4e3J022`RH-Qz;>?-b6NB&%{C z!nxfsV(}De3Vv=(7Vs(ffPdHL|72PyZF|iX7Q(F3FPb!TCG!JXU(kpUV|n9RY%joR zATDj7-X1O#rvQ9awj#b98nu@si2hX-$Pd%J-@>ux{D^74t303;b^@H(%36u`2kMWh z;mrgv4PtKvuzJKi{!c69e-g|gOC+#m4#S?Cg`ArO7n~bNKFNpiLM^_j!>mjK)bN7D zahXIEaI>xuYWXjyPB4W3JUhQQtH_UKxaeeGozF6y8B6b57)2XsU?1m)aC~8ADGp|q zs*J368+nP$R=6VGGnxJ3FDy4t9DnZn6RDGAW`oVlLjh5YZ>`c8`QX5^HB>x~_)fF9 z=bAMLdJhwm)pdNsEBs7*purKGHP}5UbH%iPwx85b19eVJ=1cYoeQPhCq^^i6KHC<_ zcDH9zkhCic30d$&(EkvpE4xgDTX+lp`;_+Ilz&EkFg&R=D)xQN2=bLMW_uehGhuOC z{N80t0^>}m9pV~F0C;&CHfDbPsJNi0uE<-h(V!bcfm~*hg9c5TviJjw_cnpA&LU+S zQ_LRO_Xb{2Zs-CuHh3=Kt)|aL7hNGIx+li(&k8+MC_+8q-?le&H+N3d37INUCV?;o zZE}b3AWo|SSR+4WUIaqNOn3*O@=SoAwGMsTv7DhHUr4@p4FF(6>E5zHi|THkgQ^xz|4B{*nJVOCuEG z980Z{#N{1o#!8_ryNoLg*Dw~k#~z7&q^oJ?i#JcouDrPM#e%H>NpjO#se(`KX{`s! zWJY(g;by-$23nG)oK48)qy#j}r0dJW>F-q#q}=xVq2yb#vuq00!7UjxR|5mO4tPYS zjtUE%-ifaU$MmSgHh11~QI3aDu;q?>rjW{#O6dIzfiR8_$K%SsKY#t7;?+M%RRP)% zvNrrpA`RSgT$O>F1-hFBr(gb6M>qf`Uqd_$3N}!MPmF~rpn2#6m>Vq=E>H~8Ag9oq zGYr zPonk>WZy)b@REn-;87nGu9qJ{g|yd{$4E7BnJiI$Pcsw2LZnjai@=#0nG^zyW208$ zU{ji3sYV(pxG1_P0+sE$W$fR_^eF9Vh;+DH<-!`DsLDdW$+UeGDYlog`VJ73icXO> zkjGKTU!@r!3AscKL+hA4XG$OBXlot!w6nv6c<8 z*xsZMyn**Wb~hRe(y$&^|7kr@K%7(a)H$4h8u}rmA$(s!y2oJBr&DuoFN2zbQuba& zk+5W@K_A^vh%hoZeWS2{>LS*|li4;pJ1b}5T{8T=y~ygUOP9=S`sWJOyND0^EP>sq z-i!@9D+>*d>*Goco9zY3X8(2{;Q!bnh#-YUp6nDQ^tHu;v0T&sv?iUTJ{hBTluk~P@NUacfRc*^_ zEQKCS_xzo}{>oCm zII#r8eaO8cwEGF)NjAH~&l`Ns8W^0Ge_Eo6h@Tzz>^u8vv)lz2JCB3}s}yvjj46|n zvVLUoSNqVn8jK%mm4OcHsUs_-laq-YDAd4+r0bGO?~G@Zk@Yiugn9^54Ntd+e|%o{ zlV|ddO!+8!k1&&*Q&%ypwcCdP1*!?Q;N!$4*G?Y@-XWx}ekc2i%t{`%s&y;0C>z#j z=Zlreuwe*JLH&+?g~~cTsZWi!V@~K1hM4Yr4Wd4`bHKw>$KFE_;Ch~@eM#@Gv1gvh zi^VRx2GSrqa;(Thb7bhD;)Tli+@#y`dv$Pm3hs9hpu#FDtb-*}Dk)LU2J;3PFk4@6 zV<`50C=_Y3W*^Yy#PP+{t&SLGr)I~?{>#CL9MC3ai*vvG zFA^t3dQK%O_0C}!rJpy5oi~KtL>kKGD*ZVB$cj@>(r8W5Sq~ok89c+A=nphP2{Qze z1NLm45rK9>ljL_1iJ_s%M?>xbTM@YiyI zu4@_>bZR0BN*Vj7BJP8rWi5EU6E^gsz@Ap9M1jy!p6s-|J`xu&(wexSY$(qS#)wQp zd#V6OKHQ=jh8j{=C5R7L-Ofo?D(rDnsNkG8poqxvNIIz86|#G*7?Q=TIu@uwjmmtI z9NcJCU)22*%&HUxr?K!WXcuu#eI;kVpjvAGT<>|`0`CIfEV?3=3He!KgdAZtC|<32 z%H**|e6m)e5IcnkXjs6uf2&|=V++x`6H zu*rHGx?INUW27TbppY|mu3e04il3!5$*HEzZFN=<56O)Y8E2Q3C66CS0WDm}yQ}pF zB_Z}j#|~KuYMi9}#`H=2%mf0AgWb?-o@@`~?6P^~SNwIvuaA z_1+j)T5o4uiEx>Up49ZSk5!L_Qy13$BVIoDK1?cE(naos9z0j*bRkobQN-ZgSx_$w zzS4RVf|ZD+iUFB&i6sUCgany6Z_w66WkqRm4l^EsTdg%d>`Wa7U!)zym>pD_)6HeRNRb64UszDU zeiSG^Ppy*gGFz81I@GD-?UhD4H`Hc@%GwZSKBlOb@l-`OP_yQPdGKaF zQqF(1QTF3dS=WSQUKT5oE;%fgdZ01{R0v{*kY6F97Iy=pDbu zV68Aku;lfzWXJW%w(EN$k8A&Cp7Ls|vqBeB&m|>pLo8Yosa^lpQNe*?shusofV;RI zU#(>&69a{xU>eUCx@j=ZC4Au}U2b4QFy!uF_sDo4nJbczI`;%4?zS*l|6VV9@_@a$ zylbka<@HAK5AeXfp}VWC`(8Blf&M*P5Qk?kj)Jes-3y#q#KuCjQcMUm5~j4(v3exW!vjFoa0*rT+sBm_?mdiyk*nKj_f`C z6zf(_(F+QVPhwlQ{g;V{4`+R=x6#tHwX3d4(j52pyRLlqg&zIuiG3^`)z_XQM+s*{ z;XOwQ76k@c9itbwPRk5e0gci%*QZ(1m$x1r9nvSaEK<)-=jV?S?j(ylqBfozVPOR2 zx2<%H#%~%{nYt-EiCteZ3l6L+UBbvNs>Z~%di7&L#!p;~TxVKr=%-2k;!zV?%1gvJtT*IX7$q6!b`~auoXq4z1 z6?p~qsn&STc{m)aPq;-sUb&2m@$5lk3rnM`KnQAH&`N0?T8xwD8&Eg-19>>9GO44AF83NHKOHqcol2`d1XsQ=);-x?RuR|RQ5^sJ@s$3torl?xAM0M@ z_3N^YA)S~$v4a`h=%oBsa4|l!Vv78f-LFkhs~MdxH82aD^Wed6H%LN2@+LV!cDB%| zi=-|L!JBANqD)WL%0~AttJ<8d^HN)CA>Ot(%JQJ~tL0Arxry3&mY=TaSj1W{FB<}1 zPG|N9BJh+S*Rwnyt%eVu;(nWE-%P~^@;i~DY8Sn{T0?cH7BW813mGkw-#jw;4SDXS z4)*~{?&M9|2kwf@1i;m1mN3|~g>`*=k z&#mA+*Em?qd*t*U(z>RRx`5zQunOV%X&3h~Il8#q-?`F=x8j94k%6tJbJ>g1$u^A@ zPVj7S&Ta?ynDAB&&;9#~kpUh|DkiO7{LPvRo!q6s;zl=5)qUcM?WrcP&2`Gp3BZAQfEJRFZSM$wfemD4R)$Q;P29Mf!9Oj_Q2H*2 z^$5viq|9WT^%w8B(fPnQzHRc2c(`EZeM=Jqx%N&buW?F=F|O9pBr<~^&V@b=rbk!r zA`h3}nPT$*#b5DxgobamPT05NEEMdZLM;G4%Hm0K5g7&XB5VG>mU5)j6+!5h5%puN zdP6CNzSJ2{G43DL+`VL~;Ha6VZNt$a9?{yY)K-yw5x7wDM#6JhxwMFjCjmnztKy>Y zD&7B8B}eCR1Z$Cu+!yKd^>Cb4Zl^P2&tDso@@0`m*S{(_rgmw6zk*d^Tdj+JX8i?K zm|}+ysA`oD?G#*|0n_`N3qE=)Wlyj>$^t>1(8%3ahHcjdD^u>7%*`a_KVu&_+#V|! zI8UNm3MGix#p?SwRBHbEI(h#3iLjxrzSUWj42fRlzOp4n40@fy%vzQky>;C98BOL% zC%fff9Qw5sJWNn9Ny(973pVsBQ3XTmYOd>hGQ#W!^NZeu<=f~T#^6dgJFLF7qIK@O zQaM2Nr_{WbhIsX@@}=NqZ2Q=hr$(ZbKpm?k&Sj#y9MlAyE|-L$_>QtGwMMLY84NG$ zH~T{0XJ3u$GZE0ure92XKcca$RIEK}mm&cgU@Zc&Zta)pIC5F%{79O%lh10DXPYF^ zkSw~5Uitp~=F@aQrQ+^U(`nQD+h~dby07}*+7LRzrm=^-OD1BM+5`86x5}hUKmq}Z z#6ytgh%W~KLE17-APqVX0#jD84UZ68_(MGG& zZo~I9f!C_z*~sw0Vc?N(`$6XRg^jt-%@5lhbjF(lk1^UO+Qizm>IgJyg5n^xGaG!} zunif>65b!5+A6-`Nh+b!Hft2JBj6Q0JfR_Ri*+K~56?kiJ4 zLU=B*M|zC!;`hoO2AU?4*c9QXNm|eA6`5I?{e7XdwI6-aj2Rh}!}qe(=9T*NjABZB zCrk-dOFUG~71cVGPBd*IX(rWRq2<(N$)`X`&V|s5sTwjSec3uB_qb3{h70{EGrJ@0 zSY9OG4I9gXqp>o*m^x!if7BS0#)L?vmh%xUg1qjcl?tHlWjKIKO~e>7y~sL+G?Tfo z-NCJf?f}=u>G0k&a$v@eg7OcBZdUuQVpVpmy)q21iL#Xqm21wz_a5B&3LhJsD52kA z%<9T^vtlt9;?+VaxqMaC{J$Xqo?4uHkw+{`XzdC9j6M=4-W#*R$lQ$#WQ>0kpxxkKkC2m1?HY7u$)zz@DbDuXN*uI+(W?O^}J6m*OiA8c!UyY9oGLA~IW+mXPAcCdt$9%RirJN#79! z{A!Yd#KT#qz}4p%9mTHHxO-$Zf{&~uY7!pum?=rJQ9ZMN$4Zc`uq``gMaF9FQ_K1q zf%~6^dj_PZCTn`|TcN2x}a&N3$Qz3cn^y$u^U0n%W zDH5H0`GCR7b&N9YrWvRpjOo|9CU{RsMs?4iJG9dq{Iwf~Xack1cKcBi;LSjj3LK{H zXh@0o?DJd2U$G=*!ZnP}<=D|iuE)5F-an9&!h4VP5}M0*9kA{vrpU9XA6tm`T|ozIz$OLd}z7c%NfQ1%~X6<8Wvw($yIU$Uy;wqFW9%FLlJb zSm%nJe|6d>EfkJX7;=P$i-Jiw!WDhyW|$P3f^D@)GG(Leq|^B_nRUp!$-^QMlQ7(3 z&0F_#rI?=U3QHN~5$I`ZCb=MJH&xXGxDkD<0HgrdF4VNw>RUytV}6*_w?aR(Q&0l$ zr@O@eSVR$mmVW4iS#iX77U+GWm>7>4!sJ`w4B%mkP-v*5IwJK|xrQGqeg+L!4DasY|>Z&jK~&GDds$*_3a40OEjXc`Mu?6DHLcp-)CM;Y`Y|)_ONvUE&Om&j z>;VbBn>KyL(51Go_CnVV`;duGa)%;SQ4XJ z9HghB#r!%=Wa)yZoQ%r$= zpRJW&^y7315tVD78T=q06jH!8m)9}ZT&xi9AM&Xv7_QLp%p?@mAG{hv@NG_W32WKl zzbJU@K#hT6h(-89K^V%-WE>Ss&#mP>NkN`czJtG4(`vf&PC%g&5ajTYJ2?5INreMc z>&_^ncwg#dnw?WdF<7HHSkFw27$=VKO(8M%O}!x6sKwR{QO5d_*mn_z#QLg~Q6f z{b+PJ7^=+AkUb5vMO0VH-rWLNEQ-E@-gYgS{)KwvA7Tbk01io4VQ)QU zxV!R0B*pkEFH*XxN|!nI&eSv|Lx5LLUu8%+yO~)8j~-IgNah-U%89C zi%^7QWV-nBE*ry=ZoR%Z^_LVC@%JVgHb)1i{jsi6VI^hP(mMhMS+0~UlHMIh=q#hGYr6kT5KJeW0p zn?e}SB2H&AyVxfD7h;ls48k^&{~|{}i~vtz-PQ_jGtrAzLUb~>7G}lx)gpuAh}5=pT3P;ve*g2HF%FCkB>RbK89I#5 zB@}k?ypM8(i5Don<3B2X&0rM+_GMGucaRoi6YnWWE|-{q%$6g2CV2fJ7H=sbw;KN< zwEhoDxnLBBlUpu?9K?X7@V4_kY?#2*BlH`G2U>Y+B16(VXh2X>J>hIjSiRc{60H}X zQRdIPoxlIg-%c=fiy#u1 zN(c@iQZmRLHglRuCyx7MJ9L;dcb9h~bL{71;b8*mtr(SbjOrMQgAkS_W#Wo2$O1c3 z3--IF(C=SLi~sXW-7Cr1U@91mLC8%X%We8*oN+^lk6e~=m*M@V6ic92bXIWi03J!9 z9dSk9&;$VR{M}>nohN7m1JjeQ51QN@cWrIDGc)b|KKe}l-B(*}VGYhmC%~yMr1fEH zA!9umNdEB5(K^|szXQ%WkwVFhxEXilR|^Sd5$B1h^oE@m?$<4d<@H%EB42jT71>XO zUcR@Ru{?m<5WIKlWvcpQPYjeltp2NcLU)Bha{A~AT+SUh{5l@C%Vdj(&pSgzd}sW+ zkhgyPRbg??p%`01Vd?WhHJ3ZwR~_c!jurWdpe~G}@30ko_~|Tfo>J zPd~9oy*2C2O*oAG?d>nB=rK%~WzGSO{%o<-0NNp8TeiAa{Q#p$2#>bEodFn-6qp) z*OuQ~miO`)NxpJIz$GErog0@9THT!Gu7Tb{c{DCPT8w_mRVIhVfzsx{$Nzo@%Kw~) z`0N1Q4<|xDe@7FQ!!etNafz+a=0m=VHjQ8;4ZQMae(3nbn84`jsPvvSR4$XeyKp^t z%uXH-Wch+Ft-a0>2ezhYW`%^!LM0AYw0pe*?;x@2^@P)ZIsH(W#&R`fZKCS+s-voJ zUmedb`F=ih{1eyCH;r%NY#X7?2jk=3Z#V)*ICLnYTvD*vf2yEF>Wi#3%cUcmDWvt> zyf{ZHJb4}0f?)fVKneL}XrCgp%gsPMH(B?D(l*0?*f;V2EYyjrB||LbxLbt~fmj4( zFz7fxOdny;^>wV&tdhC@PUC3mThiJjc&(6?Z#yv%G4R7DgEr9Ns{^8_Oi5B#oi>w( zIg;b#>c`i`^<@s@40@|bPB{l`RV`5e4*Y$=DeyeSU8W2J(R4Ll^wq6<&)RKn&|2iVde>>%UwMqg zKE|1adri|TV7;6H_EhV$uJ%LeeMv~fZCG$=^&F#~=@y)%*>>MMwi|#-&7CZlW?h({ z?rOroFZvoW@X9xpnq^G|*?KpfUXseQ(Q$yZt4zu8`J&Aax-)PwDR zphP5;(~-yCOHOCvU5Z;iZ_lFjJ@wi@ZmmHArm@*{*Ikjo`qaMMgrD8%W3RzabT=Z6 zEPZl-Q?caFs*K{GQM2P8IWm(eCFsxhu7`FUURXyJ23zGg6o(BC10mlSBw zor03Otc4wh3}@aDt-ec}_k*9$B#~X$Zyw0_Mu;SSP1(g#e$UGwkM1K$6kdn*dVjX~ z%H;R`M>^dzipp&0UcqAS$3Y3j6J(KUSpG#?E|K5x6!l-t5DP&Z9!_`|_nw2VpQX!= zumX=_k!i2TpIp6tN7jt`6xYt_WP|Eo)gq+Bn_Q4KgLrSKrQs394#i*6m@8dH0saz97 z&21Jkiw6W;r`fD4^)4QFf1`U63Kz5ZR$*ORk=Up0h<(}mRjGzHHl+2V<=a*B#3sup zx&{OZ1~$-YRHvFJZxsIyPliYWz+4d1-0Dw?gOzELh8)_7PWXmLApG33PBvtM5Aky* zT1bbS zHkJhEuV1XiN|x)j(1UR7&VN0$rD7*CZ=)-cvjp1eyY@CFUTi$nwG;|^ZjII%cI^KZ zN)Opi3!eI@`gGq^i(aL)^ljw^{$l>n#+a}g1bR^s^v5AOW?cpvO%$=ksw%F%qjyLS zM2oY$LcjV+-_SMs0tVrxsWO7riG6eO&lh}z1A6Lk_1ZG7Pn~9tTK{SyuC}m&cLS%7 zRG(KaJY832qtRr`aP!rX$~kIQClg;0R+DI=_d0kdW3hL9p};w;kkR>?WKJs0(%r6j zhp@pYSDDC1h~gVa%`3R#;$p{3*IIz&5!*gImLPldO{GOvtdY>3pWc)i$8v8yUD109 z_7kA{LIDaTjn=+Ux#n%!vyW6J`U%rRnKnhw?T$R1zuEoO^u^{584MUZXMoJ=x`ZDl zelvPvA933%1$JvT^^-^XkmQ%m?oq6eZTedAw-#^vKU!;BV7-jIswsbR;Yn?h)}s=| ze?*1Uv4Jm)22;B%g7^}g858{S>0&tEs(1gA*VZr$`N}l%W&C{>s$o0UfkPWv-B%<) zal0FXzU;8MesIbg`cDlr{yPGNYzND*rR;juc)ikmCg-dC5^hvl?pLR;V3vmQ=X8f| zYZIf~xzBFrIrMw+1|IAg+ucwbNwdK33qCqLhvnlj678R?jh*HP_2`VK{68J!)5&o> z6U}c_2}6Iq_>y!{QAtoawnq?|N~!y*<0vy2KmWhH_&*}<|Ndhq5`MZ>>8n^dX$;sb zy>FSxT{f66{lv=JdvNH@@yXy`1388d?STRFH)Q`GV{h3NSJ(xKh7jB>xD(vnU4vWD z;O>pPySuv+++Bh@1b26DtQ)_)Gi&C)bJzVazo2`a^X#W~Rqa!o)GwHZylJVB1`j%7 zE#8HU4$~CPm_dSn$2(>}S~7E5Bq}zh8KKlix>L>?jb)ZX-qFEQGLqGVnL4S&|CEM% z%NiA@L{Gx;B-Q~kxzdunV*=JgJrsKJkBxlJKY`AhhuC^oUBBgDhzRPxE#*pdFQdPjrR*HxeYyO#esKv-&9mKX2xvZk!1L+VJg?A5}Gx7xJe zoVNKh<@P_<`|H<7QSBoQP?%a;Zyi1G9K4HM!|P{i5ViL;ga1% z=0vT$u{_RDs#4J-t$wd^(S~NTZDkFLJVqYbp7*3Z$g+{s-&!dpzT>k6oE29UE6DQ*svYAy1<+P;>IozB z>-G(2%hA>+hag>b2w?+>Z*N}RaJx4En48|yx^ z|ElH3wOxJ9^%bv{$lH@__zo{Lkag`fI_<&TMk*Ka>)A{yl}E48XW`X@mMZ_3`z!93hb8_)iyYR>y=k z|NXrMt6=%oOG|8tGzJE*)RVC(Inf4Zsj4Nt9RBBH5D`J6@CDz*x;v&1V@GQLO9~*& zASev&Ef+BfUG>G8q$3|x8#aj_T?c~2$*(+Z+RB9O|F1em;XHKdel4uB-&es+Ssi2| z@)JZgolqByI_hozIUrKbCwB-d_EUXo=IP;iupnl z8OZ87EuX^jl3H37Z@Jq;Yxtzj zwkfAjdgJNDp$T3NKN3D6QzS}8P;^x%mmmToRx@L~Y#h=|neSK|Ip1u0QJk3TKN8oQ z!VZ;=)IMja#+>yejZ}5yF$&TZh!>;*wJx~^7>H{fnmsd><4_;QovAF1U(^Y5`x15Z6OVwFU0mAHWKVshK%TyS6OZ>EI(bZrt97(X)i$n* z9{*=&H4jT)0*Ymw_ItT1Gd{fajBbYi3=77eNWb+Nqn9}mO*`j*&$@4?;I4>UTN!aF zdsU0hXCQSxoBrDa&PoY-Lv~Mn5&Dgo=fi&L`=r5P`ju&|{_btn9%hi@4v`k(D`Ki>|Q_ zDc4F`BzB!RJrnEHYV6vI)O}cDt1ubDd-$(bA*Ujz6O;K(xHZO!-6?VCUUzXz*TYP9 zz1qCR$xCJ0<|*yDp31Fd?=j4kVtzXJQC+mGr_K*epWE|P|7&L_jL9sXjTr#PcyU-P zjjiRW)~Z0G^CjThhqiW))69Im;pHukzqt_O_TIqa{6Mw4x7UMbtMAk;x7nt!kgKUo zlNM+h31m0m++gk2;n#{+6t|aqw|!X?{roiQz3fZ+Hiu3A9B5Jl@wx%Ujxkf#f zY%1H5>hahZ6R>NJ^O<`N5smAWy9*P|0gd?5jXPt&><&Hb-r^Sx<6GCPxnwuCMw3}M zC^1#i?!vV?wbl9PlXD&ArD%3got42=+3<(8v1dL93p7lmKNy40H67s;ENo0FYzRDN zl&+Jxl8B$Ys14mdwRvQaO?@piI)PP+rC-K*D4D6 zzN9Rk^r48XgSCq$Oj2Wd=+2$0iWjs4k!kWrD^pQd`c_NF`8rgc5bPY0nRGL&!^f~8 zY?1l+9QI87h@-7Y(w$s4s!YyD^LK_f$GQcs7+~2qb~>#iD4DyE;qyQ%7m54B>Z9d# zuX{#xj)^X#KN#`+t(a9%7348=ZG>r{=xyjdC1q8eqT)nTx)uzSV>7T#(klD48JB{F zw8yQB+4pCu(HYZeZPzDX8@>_JLRAm%Y4AeFUYt2!^RZBeiiP^>>h^z|8FH4>?VS<+ z%4chLK>5xucm!5x!zQ+ErY`7C-YHj{q@3i?5<9em|9Tgt6yXO+3k+iURkicG+x9A9 z9mYAa3rE=HNMB~Vj3XwH`8q#eOxpnKl|4@#V$e1bio@FbEd<{V`FfZ_d1Mo(KhMXh z|6>baQ^wa`t8~McVb-~=(Qvi$vkLrsV#<12Bs=bkZ$qPrR~J8Iu)hBgwl_~gR2UW( zf|TT2uscMwzbWJ5aAaLIwi_bTeEnoHdYsAxRE}Tk5 zK_7d4BVxMKp|*ilcoDZNh~Fqq>TszmqmhJ31{B_*lQUCGGDdN-^c>itm~}+Ve#!Y- z>1jE>xIKbn@a+bZjRu{PLIG=}DQz%i#K|X@MuxuU~l9HH_wL?J(8MH=vmzKF?VBkyg&?PZL7|m(~6wmwpW+Ae^aqH zZVsoIIx6>_uFk|MR#=cA!g!c9Q@b)^x_D3v`*<5Qm#kre36bwxJ27S@|9U0HL4xK^ zs=Rh@DL5!t@{)6S!%qwd4DL zQCy2S!w&%eo7{kfANIbY(%2{?+9;DhVl8(Ob{bG9rzXyb{Pxw=xw*slb?ziYHi<`a z#@4F?s30Aemg?I0`gmdCh8ax?d~lwqdFB|X*GjiF;n5Yk@v*+{Rx#ZSe#~VO^qOKz z`pJ^~^RS?9O{8zh$GTb>hMm{p!Uoe)aGlx&pKiNy7WsY#)p3-pYAE&NxFhs^e6yD=uTUkzSD2#{jry{nBiJQuIYst)d}R#fcrmA0e(my z{_L$}b&3r9a^QE@t7pWfzYJ}0+n=$s*K-!uQdgbb0g#N62Wjk>9!Dros>QSP{601# zmFW}gE##?-rg+LlBuZX<$1#CbYxRF&#gnwpj_kU`B!{Eqt?{*Rv#fxEA^DI$0}aHa ztCe=^=voNJwbRI>*jDDRv^7dM$tWEgK4_Fg3YUW6EL>JFh+VaUN3dXtQ9`mFobR0ZTlIHB zqf7|~o>LrH)%A)HMq_m2qn^3Jzo#%g(>a0RbhT)$dX-=tRPNWgJ!>Qcv_V#nV{9+? zrfaMyfdZIycIO7wId@!-;)E~5w)I7`KW|`Q1OfFhB&~ps}tq%*=R%USY>+0#qcli$CxeqshDDnhD_P`a-JV$8cq74~X03 zIAFFtfSq9ckn??+tZUsI^VjJb_Y-XVm#rXFLlgGA2G1FEqAx$^{Y#!5pN*-8ye9$G z@#NA5P-eH9!4@&-cHC$m>y^?R+Ao_{N-*+~!6Zt=sFOuhK5>J_4}*fPV2V_nATBa*ouEk zu~G%-V4YJ^KXkq2{JePgsasRu zu=C-XLC)8=pUwh4V-0qQ&(5?2E~`sEH)5K4EbX^QgUd!8G6ic;cYEmJ4-3_BN@F4( zOG`b#CNPRhm9X%l%ZDbnK}YxVdcB`Bd#SJ`ZIT(1$weH+BCv&nA|q+{-teZ5=nIyxn5!izu(R5d zLz5SBtRVrecM||GI+N=x+VA19zy8;)Q*QgM{E3IZ_-~Lp<_6c9Ki=_r!CSJ>6+mhI zVrH{(JrH3-Qisn~M2FrFNhTMF3M3x2C)1}Y!X_xP}PP$+$hIvj*{NjMFY?71gk7kuK+0&%!X$sk}Vjqg=-19HPnnUC)f3P~~;>BRl_XNQeKWDNC8|FI2L zVEM=Ww3n*n<6k)q@%(u>G^L1fRqzGzhvR(s4AkXoV%zRih<#!|H|5jM-ZaDh5N)|N z;09oTKgvL!^;)uXW~z|}X@5b)5GMCKB@i+goYEiDZ=fb1g};9BW7zZ~&A3j1R9|JK zj0;%R8_~7mmYqgTErDg1B4=q$7}vuJ%;O>z@kKgo!6r>kDIwYgBdi;H+&VvSs{z)z zONByYL>t99?HJ_ekj@8zUHEHG;Z8j8=VqqKo}3MWX@>1-l7^44c;V?x=Pd}FA+cuc z9wNHb^)pXF`(dKoFr?1StI_Lq0uSzQH}$^DD7Iv3FA96!(;#5j6}A0Z#Gk|V-M;sI zcdADz1HDM9M>^6hgmTy1H7M@y<-XqGoTWeGhlSxBSignb{j50A%DZ%!Ua`Ad<(F$w z?u$E9<_V2p*fw3D?<;Ab=KJbhQyZ;J{#zVUpt>@cfIj-lwzKoi3%JTf)x~vOcg&>F z@e+5?JgeoMdv!|{5ZFwJ?bX>3P$_V~5I zuNFoAq8tGXy)Zy zDQuLbA2gt_mU?h29_qbm;}!rYy`}t^|!?5OwnwlOh3#gfjOTf zDmeFpJsh4P;0!b`kPiS zJi$nY**2c1APp&RQ9+E}=jpeKtd6G5N9baA87~LN2XZ%*r}G;{oa0`e=4Cd8m|b%q z_+k^`rLS-f)}ele2L7en*H<&YNf{n+1zyU?x~fj#Cm$#jh)GH}aaFzL&Ap-@?R-@N zZz$G0zqZr7)vUj4F6Z^`W^6*CZ6?3;-~&(wvil>tOO9V3Vx>}F#uqI?6ve|uP;Qz@ zBZJIeutra!Hv1hUBHm(@N)-UY zC5DN{gokz$Af`jX+FvEI?X#7IU|+~zBT@JGxbWNVyQRz2CYF;vM@X=fJ3)7!G{l5= zM0ji`H<)=@i`jBCnN0ahNI%Sw0#vrt$6KBBhrpF&{psxKXAk4B=&txHWaiFIujkZG zZjcr_5O$`Qsqq-gQbh2Ux zw_LiLbOidE`*!pDxn_Ml>u(24>BDp%CJIMvf`vkql}*xlcc8cIjDQhEmPye&7@M7-0v&n`PkoP?9L+T zQE{B?5wbhhl>{0)-src4J{_7!vV++6ktu{GEq!60Jg0aG%lu2-g@eAFm^aih^FQm8 z8)d6uU{ih2S*GHF>U<+W{tiSyeDebHOK+~ZVJ-h5);RnWEQ>x>?tqxe3N_?{3Pq7P z2qK2+QzYCxRk*Te=9?HBKGXZJBE=%>d*JcIbk{^!^^CQYttM=z+z07`ZTs0Rt%aUd z*LB^?N5?CMI})DCl)*WDH%)JUnUO)t%XbV3zrv6n_K$;)58X#V623Yq8h~Jq_NsQD zT8iJH5od%DfcLX*m{yUuG1gX@%f4xaR%|M__R}ds7uMB*q~H+;s{>et8pdH55mCc{ zm{2RrRmu&E1`6XmEc-a9?DfIq1`=0&3LkfEGIkW6lj0zi@h4&Ng4j!^I+bp39K+=FsNC$tqX4&V3z&2 zP1tOMt>ExLra$v>BTCMq$6Np)oWzNvnwPx!{tMY{zHX7Xxli~YEh1ePV_G5j>ED`$~r5AD;gud*m!-3^-Q&TGF(Q)9oqVAB3#DB1YyO_f6F1@nnX0n-pjV#)FnIG+? zJx>>q=jl+JCp4MI*vWnd499(0B|hfr9dLJ@Lh@QFNUsy)7~a={-Kxu0xySoPN=dqN zhm(#%x(Y7RcZ?22KR3*5I;WV{hfyuX*`J!byQfo>_eCW(wlr~>c(yU|Va$UP+hJE& z|4u%Qr1(WKx2BuiG$?O>M6S5_P=sfh%l06wq+MJqlI7(JJH-tP z;}u%p(Q#1Hk5tXHOySD45*{^P_pmlZ%Gjl6OqfTATEBAgu-C0&rVk-(()*wf+c#Om zYvU?A#B4)qG4nu+JYoZ5L<;*LLo8oNR|wGM9TK<&=f5#N^%VK1rHpV)nEQGU^*j6d&joXYV0rc9XhCop&dfXUr$E_Q+u@ZK(?BF3 zjI`-}F;7pw`MccFz{8l3fY+4I>$|8+|H4*$4E%E8Qf(?{Rnk*ElMspsywxJLBs<0< zQ{PoU5oW41HgjDA^fv|Tj~}NnsE*ueWRq6Fa>4^C)WX7uaX!^0 z(eH{ipSs5XYBWEKf(=6N58*)=4xsym;MIBfE&lsOU(2@_P4amsgBxM2A7(v}2K^x8AkqcRYbwdW z{wO3eg^mR7(3DWV50%hiNUw8ErD0xX0iCOl;XC*HT>GzL)Z6JzQ#sKRYM3$jrX%?R zp`9L^jQmYPvh*T(}3TR0P9? zy1Ff?HZwjyc)thT%wmpvY+YvG=JyioBY|r=S(MBJMMoYraVts+vt*6UE~^Vk?yd-} z-l8>banGIX%DML%U)q!5V@1V?3nIZ00txFt|ETwfyijS#Mln&}ikj)7}%)g5l(50L#E5s|bq(AMSm zM5FRWdsq1X_{%YfA!6Jj6BxCa4kSeZ;(X^9t+Dw&n6z*q1QxAtm^Wq~_8aLgW!srI zfqn~&WTY_Xe{HUI|02&sBQ0Z$C9AEbV>;#^A*~G;EA=~Z%S@W5iKk_u5OX zoLbLd!}Hu=vP0>NVjA)A=g99x1SyS*7#m<^XPqfutTJjuNM_F@TF>efGzU;7l^DY$3Y;UnX$xW#mODb@wInA6Qw0(J1}KVqy8N+ zgg~>kv!1hXmCi~XHcw+I$z^L^LmRTlGH*va)a=T_E+Vr@ltE&~_;(_vbNVnCVFa0D zwHpC%l>3*(bQBd#2G?@3y;u*~|B@y@OPHPY>ySIFP2=SdaX;xVqK4uz&QEau*zVQ4 zJ#T+OzLqwch0-Ct@rhceP|HdO%)@U zwQ3G4bw=z$8T}w*;yd;YB3G_0n!%x6vGpWtC3dB{QgeO`G!%!nvxvW;B?LntWteoj ze~fi(FtNi}(j-H?-mc6uT~cFBM8tk{8YvnJTWerUzLwj$l1b?xNpnks9#+D$F4Q` z$@K;-psdaUUeU&>F^RU%{cB`XaLhs3bc`p*qoH8??de!SfW9Llm_&c1jbE=!Nkk9U zT#%Ty;Fjx0ROll-@b9C`JpuF#2fktoKyk-p?J%JW-jsC_SdKk=UPmqf4QF0t@*(7H zQ-(iicAZr38hjW25v$|o?j)2-sgc*l*ADUi-iqWY**>%z%34yZAF1ftaIW9QUOz7P ziM8Yz?Tt-@gv-Z1RJW8Ek48b>OmcNMV&SFE?z9{-?T^ePERsBmtU|uRZ*OsoUc297 zXQW=uxVK>|Bh0wrPY|1Nzuy-xbu>R0HBIY8XF zPf4d};+V=ebUX%*j+86)1dR$M@ABUL>D|=5Xv*AXo@P=WJO3#-P~Ai&H2vc89E1;G z8eCJP%>Nh7sWb+QOcQ2{sIepncV|&--IG=dBx-ciq;^)S$-%S>Vub#vG1;&-z`2Ir zZ}$%bDt_46r1}!z8JCwZ%2Z9HDEBxO#=m@ZQhZJIxCZ)K6zfc9Nbk48ZAXn5lI*|JD76c8iAL)#BlMV+M^z0`8k>?`NM>8(d?shKrGaAK!XoFFsulyY> zRnGAMhB?0Qq){M4+ZGh3cC?T$ZGta|P0B07H|MCZ@KA&}c|xfY7;eR`^!Hl`5aBmZ z4g5}av$d8ps8H;~K@Z1<3;W6oGvTHx7IAC&h>27;Q@6liICNqm>L`%+d&T?mnUs9u zLb;)64SiZB)c}ht)Omjj*em>0&=FLl%gwSE*YE3<;AUiLrk+aoKW&fyvO`+gzba3h)xJbj2ff-gKsSS-H zTfz49RHGQi#E3JZfcu=g4*OKRy5FducE)hblraXtbc{m;p%1K*#iuw7J6hT`^|zm$ zo8o5_*93acs{Px#gOiR*m7}iB?CUqbf9I6_=}F-q1({V9Z*5_t`cfFrW+Bm-8}8U? z6dNk26vYKwzm}H<+ZM`EQ~Gbe|H|wpf!y~DNMuHZKgC(QZu7D@PPoa_}Y|PX9QKvb!+WYWibjz7IRvjo^)kmkrOI8Sgra z@r!QV;OFC4?I)@seSVN4(aBZS~P|#D@-M8(B!!s?~ zY(va0=0fOt(2s8?IFb;XUO*(HK{tbPm%pzA4b;rQmETWOR#6y7VlgBbCs98mxK+f$ zrT>eiijs)>i%t>;438d=5{9bqVat>FL76R-|8^0;w1OyFsyWCVjGg|)bTQ7_mRjOk z=O}*ZM6962<%qIjQGG5co44rGHro0P$}gtDTUK)e$z^|ti|`7BX5UdVHX@$f+)?7B zVev+SY9qg-SfZ{e%WE&I`GluU&4M#k5%h!<#WJ zmPO-XQHZ`%Q`s0(U*d>YotbLmCi8ZMW6(0~eH(XLQKAKRb6n*PjBU(w8@}x|YmE$O zFSIDtL4>tHoq(UO&H^GIIkU;*+#->tj*h;MBux}6HU9ziqa5WC<8Bh%d56UxC zE773HOcWz~MHyfH45oXD?rnP1R%>5HZG&HY*^MtNwq@zSE=7z^r&Lq7f5+c-+)q`h zDs=u?+GkI{|gA9zLRrFAO^OiP=pH{kq2+sn_h=emUDmvk>I@y6_ zxGo___GSqJ(T>XuIHhp5j{jE{fWsnQ+y*lhgy&YENDt{tTMa>EPK8zre9rOP)uM zM5GBRIxDwrdk0Ad{IGxxe`OGL*12L*Y*k|R=f(8i5>$leX$y>5pl~YG?MVrx;`&_S z^?Eu4==I=$0S-u%7qz5yEwZ&Dg!gOut@F^E2uKQRz4PO4F8_l!(~Qc}WuEk})Oq|E zHaE~Sa>S$h+3D@d)1^GzTz}GZ0uLp-0wm$3V@_e2h3nhF^?Ip0$Xi|i<+kyng2j9=i^|_&<-Th< zU%3r8uU4njJjf@+kK#S%?9%>?*s8GZM!DS4_c^BiD|FisMd)|7jF}u9W2QbtxNWxL z3Dn&G=&9Umtv&dYQS_N?RoRkmjj>sx1h+o0xC4Pev83-yehVF9BK<}KQ8T#}Ud0Sv zxzWu@6s4;1Bc;g7Lc1Tfd3%nFC>5rFgMMiI z7}S$PqU!A{H16x=MsuVVNi->3ieND)LShV93#MJQ_kLOkff_~m_^37b!go0}`nKv} zZbKh%OtQ9{H{@MADFZMQ=i8xF+C7`TF3SM=J?pm>OX$Jy%%7eHw?(?VJrkCqiDnaa zdr#8jsoC06`q$-p68o4YI870jL7XAyioSG2G@smzfS;>+#3)8mVJh>rR;| zW$fL7xcuK(dZtBsQ#CwuGv9v#$oQoir6k_|MS_oKH}<6ZT>1kiKK+xc7WyDEA9Sx5 zZ`8PdFP+*(Nia_v^*+a?^{3ptJSaypW#-{9Fb*3jGB(k-CunyAaVvK%owm4T77cI= z&dy2}l%mB@o^1p2jibwk-VE&_9=YI1P7EC#o!?%3IKnBeHKv+WH6vuhsp<-LJ0%t1m{3XHxonJ8GHHIu8*4x>NgWKRqd=ZIT(ywg#3^>Pua~a4 zdjlRv#&r@SFx^nbuYBCQBl2G8VXryda2nB1GAWzxa*pCj6k6pL+aqt+FM>GuhPiqt z46&{Lpf4Hc!#34N?!^_s66{wYQ6B4yQ8@dxdKr&Ge?WdS5%21V=t~@f*j)d7R>GMT zGC1#?sc{7!Z5;MDj`K!m>_9=dQ@n}pl#9le0S*HlrXHOAV9S|9e*IYhetFF9(~7H) z(!rVRAjT&Xw^mLA0B%JId_dd4&6OAc0?o@cM_lvApf?#IlHf;6{8 zb+>q%mp0apIXj$L8QJWUk%l|HiQ&f4ro=c)MBB_Fs6GDe=IZXKY1TwFE?tt;#a>^x z`G|Y0sj-8cj^h4-e&u4%4I#ZHHEHcraOG-3EChkZ&M=1!eUeyio69N+hzDNdO6~5$N0YjE%?t zH;2)d%3s(5|Ka#Go33&iXz_lFI!Q*1w{jU;@9VYKtjxuqf?e0`Z{J*rN{`e$OgUe+ z8MfBC6-Xk%8pp;QWBszYfgmuOw@jIpn)kXC@a5)5#LnCt5*%=w` zLlG8IRApG(S%y7^nJtH?N*{)c;%n6C-Sy+kqMDtYpSyHI->Kx!&(GW0c=u0D0gF*y zf*xYlwm%JfA`7(B?e_VX6uL^^fg)G)n%=lv0r_BS0-*%@4te+Q)zYaeT6>rb`2~=o zCgsrW2w$m(le`bydo|!jr2K_4ZNVNZoeD)KED?^z?o8~>Rlc4Gs*W`m(j06_GiA&Y zyT38%o@MXQeW=-_w)k`eqP0JU;e&`{z@245oR|9S+ z9{95f_F%3m%M)U~v|4L))>XrG8?rPx{FJ63qM|BHUMl1LJPz!?@_XJsq3)<(rZ^H4I6PONxq8{K zhOfrZ5b*`144zikJq z!@rwU{*LbhS#Dgd)XyI18oifns&E)+dTNDuP|~X4oLmdS^3yQC5-5<)(d$av_fL+P zkJPp)3f5_?5sDf(GyHF9U;*jt?pl{xNm3w^VTXxky*G3LF1QGUEYb-%X$BK!r5B(i zS`vs15@tKEf5ED?j+)EljhDGJTZFs zDj)tJAy;(XkB;g9sPVYO2(QHo|K^fT+17)-SqQxpa3DKC0N`oEfDhLOgGlr;$Y ze9HS-`Rb4`6$Go1RaA@iEnnl1jRJk!A>XBrGp$CwGcDgMb$0bx2$;&Yto^Lq|vSKT&BLvpd4mz3!F|pR<*jBeOTOi-{)`KFOuo zp8BlfPtiEl1 z{55g?Ofvkt@=g?!$Z;_*Jh0-)#?CrKhP@KYfNk=?T1D+%GJ2ymNx)bg>~YYa*parv zob<9S51X=&9GHQSQe3lgL(s0rOPF zxsp{Fl9TQvpK}4Wg=&(SKyYQAtkp4Y925%5qg$KX=8}GV7g(O%E^$}N&4u^feeZsi zYlOrAz2dt`SEUj;`1Vl7jZ9+5fHhCDdxqDp>W!&O;*RdgJc@H?062Q=Lm@~g@>Ik; zdCLqs64!%`_r;uR0(a)`9yGTR;1@lqFofCE3=4B+_iOI9?KD5g;+QYGWSH||_mb#& zZW%twX;dM979b$!mSPeU7eM%aGWI+6x`W{GCS1~8Tc>d^VZsStceV*v{#QITwe+R< zZ`4>isoH+Iz$rsr^P6?jey%*$LB49CTb82A^+#t93{7&>Z{$G2$0DbYeujI$lkZlx z+SMXP^CL2LlLaa`u01hT2GUS~xja=#p%}NojMlw38d%3-!*S-%#Q(Ry&#}HEhM~KJ zb$JBn9Z;Av&lzW$#e^cICC@G>a^fq`NiyTzy<}{Jzj_zJ$+Q!HFoz5Bu3_RjhekWu zje#QNYNbcyEG8AZV9+$K8;)IxZbz`E_XH;jm_*Ip9CIRz$28#X%-~woV_3{+?Pi9CvOwU`jP{ex(op1OfvBYn+!$aguTGAbuOIzj!*8dE0D; z{d}?xBE90$loo?QuuxiK*v#Mqs}^tL8HvD}O554OobRFpB>blyOB8lW4>f>0p7Nj6 zw(nD@j;7>VO38){Y0JoQ&~Uv^w0zp+tYG#|PBiXzk8>y!16eJl{YxitVpjA-hi)6o z6+kOs3C5FI&})!ks=c5mpd1nWahc;vFAOyek?c;m_?lACmK|`K1**OyT zR|srxi*)IJ6cur+Z3Qm{eI7L!mWJQYx2vmwurS006XYf&TVNvMqOMQ8MfX077UOjc z#LM7$QEUr@jEQ^j5!;D|zkLMD8F6jf6dE)Ti487%CaC#oBZg)Loj#VOnMhNYHI-ZH z#c}VoVS$0VqmBXg<^homj5o4a8ZSXX@?BhW-xOOdN7Z6aVWp{52EpDJ!lT>62~RF{ z?^53w;F3g-M^$bY3Sf(U7z)Y4DFbZ0=YF^69FGfV8`@Ea8N*3k7SU$|xigwgkX`DSkHp_ka{@UFsz$WNz z<`|#a*O_?Co~9q9zY%a9)@p!|Hdud)7z{lDH~c#&|HUG|^pSaqG@;L99L)HSSjM6v zb?I9d&hXP@(`Mban^@i9LiHQ>=FoNgqN(j8H(Z|j(r{d@coF(Ftu!LC;>ZhsLsG!*oMo}#7O@-oHSmKbh3 zkQ!&3|I1gmB7%6ym8-O1oxHXmLTm5YBTXa9{X;JXIoo9rh-_L|3hhKFrP?jIAU)oV zKyHq$05!+d+3RGZcDjRkK%d`=A`=7_b&WyO>n=MroF2K%8zBT^-!Ubh)H^ zZtSN|@mZLmb|TwfW&MbE`eIhSP#yx&0+0Z+^hay+C+l9M5`^fu3H)e+oESNC-q4gp zb^%9WKe_DQxNm&EAL>OX00`yc(8?h>d1r}Zgz!-o3F3UOfJuodscyu`{Gt$q}94^RD0`Jsh|dp~#08Wt=@Ocs(ASa~3Xi3%B{5ZZwy ziE@_0`YX22buX)a35pe6uZI;*Bs!NlN^aTveIDn+q?DNOLioja3i%{S-F93})L0yT z1W89tj@she{?7S~{tSyPE+`k$r?Rey*B4{0fEkWMxY%dKi9zy?;js!pPKH@nu%iuT zbjRygez}(A@)+nSPWT*)p~ZdcKj!UXOz6tI-f+-ey7T@HhvPII<_?3~JGNeuUhM~)x zUy-zDw>gArgN<47uQ&HEOHu!~>09o+(6xJ&2~oW)0R_!C-QOx(1C`7>8d!4_r=2S+ zF_VZA=Qp5UTV@VDR>I~Z`H?4pPkJg>v+dz))I!4U_mN%^_dI&~E|fiTLq>)oisigo zQTM~EpzezE@OkVJr%SW79B@yI=gpRCx}Ur4u7eLAv6&3~x%jpRfnNSmCcEdCK%8w) znl;@r52`pRZSkl7#?fiioes*eA_I&Q?3&I*5Ys^Npz853K}g}4lk`N;lf#rduIQCN0}1HXXk09XdX6@KRV$2XcE(%7>o!5TQ{| zF;tIyub7UB@t+d0ID7zfh5sU1T}D)7?ua@1rQQ8y5EXf8-{*|0lHP`VLpsd=u8g$( z?={L4qZA_7$6V-GNECO4^Kp-0?Wuo@;=GMoqh%EnZh&zT+tnPkqO^)8xi%(v2;z2+ za*c!&3U^y^MD8HsD@1NLD%1DLUT$Pe9Rm;Fzy2rfnC<)w<`%p=rWf1dUYL3eZw*{y zXe=!BLEPAWQ9|J`EiTy!py-<2*1&y$4R&LUvAbJ&=MVymFq}BSG{3_itCH22>B&wX zeqfw#8x1dnq}9TkGUZ?~oG9GeZ+X4h06gq*Wrdi|T7>kwmD%FYZyTzsw|)mQiKk)`h4R724?bxj0O*Ez zX!`q6?*IEm|33gY9L4Y!=e7X;ve{uwj3BpAX?PW3V1{02x{LWTvi#u^P~-uG_pws?e9B47JY8JSg_dVp7CVolj0J z0v)v36@0%!b7cgzmZtLp&8V5T+{xIB&9}1s{RfjfKcw?olZZlrysR;30$>}(2Kg~? zj5o0$oi{W$yBPmyl@~IVtECq!Meat4ff7#I?mfaw+*z|F4BNtR-xD~mdsch_Mh^7l znRYVDF#{%HIV53}h$j#2&ynv85JGb1AL3Dxy}>JyzdT5l8_TAc#X!1h>hOj4<6X{= ziPEX&h_6-oh|S6@>Sz?U8menPGsul-ZUvAktlY~(Kq(!q>1H8b@I~8EE2fw^x}_g#Pt{E8LJ4&qO-9J zyWUmi@$a4eUv@}e9#IbO?71AXO-dpGZ%YEajR%Ch$lOI3vBwruB^GM3t z>w}m$ITJm{W1kDM=i!;2DRbZHU&DNmcVWrqiC0{G6R_0jpO?TAsBSwZ(J1*kGuEBa z%d9gQ)OO2V>%QxT&2Dw>Ts<*TKEGd{~7U8&^dVKE{ z?f341Z}1%&z;E53rKeWr2iapoYwRQMF^iB{pABa;nu}I8*njMs2=<>2p;hoF6r4>- zDG(V~e1ysE%pB4+NKr3XNdmpDp)Mq<`g9$Dm0fcB(KJ%E?&j8t^_z50CqmQq3jKcxC#mNJ5!OM|XRGePOXZrc-Yu0idsh1Usr_2H&W+|cwrn>MIb}3yk;ndnik7cRyc;3BSv_OJUdc@bTM9vWW_R$du)^t9 zP4EOsMepqRu{e2%HdgjLAJ-495C(-jj8M!c`E=peE#_Rg5xd(Hi`HUdAAat%^js=Z zvxC!yUoMv!FlLUg{Jw&-qLI(VJ4w3;IErN(wRfm~Olp}{yLlvoss;;&T2gF^a4+ra z-H=DUx5}M1 zggI^>5)SU0@9AMov?e&#Z*?jCH+L%laReP9+s?CDwY!flcqRw6n*1dAr@?{VU%3^( zJh^)wl()_dDu=VGmUP~a1)RSt3z=%*u3F#nm_BRGb7L{$4KP{ox>jVBYV~k+zCFvp z^BKncuLEL{af-wSG>|}4&HxV05vc@SQ=dED-RsUR2AZ}C!=8qs0SN3HvI$bM>7{+D z=-o{zOx@@f&utW`s#Dpf37kHeVj2{b2Wo})`Pl*0&LZ$X0o5Y85P~fEF;0wt(k?_2 z;29@e2a#N-Ai~7jnpNLFz0eP-rG3$uU1K;{X(Iw@)q&jd@She*nFS6_rdNs9RX7Yp z-4;y?64O12EJ7l`Iv`(>9^1QXR9j(ZzDBKoTMg6-rVdWY(f5I~W^jOoj=szLU2SEd zwk_udheF3TqTheCTI%?$Ix5_}Z<0P3^D-pjx;+m=or?Y@pROa`U(8j@~w)UYP?J`ZGh1b%VOt}@hUZAdCGB&F$h9|oz{PiMqy9ebmik_Em zVL$nxrd?>=t!Ug2o#wiUmMTs}d06IUN`E)1vo7T6;sdn3uPw&`u0GMRR^Kr2>7%K2 zUuV)m_G9%>|9*a|7S{@2#EZf6*yN|UybqY-b`9?#)EwyEnnjd->o@LRnWHErEv;dt zWr$a}p0%&V@A_simf?6T!ocM@NURWp*Y4>*({9Nf1b*zN^B9fa3%-K% z^bb`>cyhg@?ovE4=_9@!Oo0}(1KKSOnYYhEavRmSb{+9v-H~Vh*EMVJTF_57jt1WD z@SfbStTb;<=uf6xZ#O?h4Y4z@SFp3ZbB6gHV^8s-a~b8euzefzaBoyz#A@WQXiP7p zbz=TthR;w%whJV%cAlKM^N_b)xXqyZ`liQ#$D==k$7l|=tv3U=0HSFbFC<4<_@to4 zVd1(Ip*j7wjjxx4msyjtJcx8^d}EK#osO1eeQlly}|j zQ>QAY%R9OkkaSG*LF%oKzp-1u6{iqqP+ZJ+_qZUA9EO{WjI1~D)5xCIZ_S6Qm`23r zy$@>2q*5pE8AHzn;x{bx$AxiiExycL49wu4%+ldz8V>5l%>vmqQ>en8zIfS1fK3uz zex&J+q>UM6L|tcmJ>ofkm3X>x!g!7h% zj}eO7YTxo1bxN-usN>)_KHePL1S@gD)WzxdHOcD0U$0!F*-qg4Bxrj#|7W8Cq$I^s z6(&49{HbG`dA)PcZzqf}iCWA0JDhUqDaV;cNG#2^LzUK2jN5}WkR;k+xH1yA>;e(= z)-SY=)S5WIS&u)G8z2h*G86fG1TwW7W1j=KWMG+Iugh!oP~Ok1@BH|y;YEJ`>-$e^ z3JR;W+lPE4%`2Yd5$TrI^vaSjHBKcZnmILZ0pBUQW=RF;M7^O4;T3mw>F=&ZFQ99m z8eYsjKuLNxkXtS3Kwma;MPcB?0h>X7XTT{8_erj+IIK=#hvoL(cDRDq)3@v1)iOER zdEK-I!NlRUz1KY50w;VrMnTwCwt11v)LGwh9S2mfdXzK@kfWF{vl?(bPS!KmGmh{h z2xWwX;d9}hYH@?0YyCZ~`vu+n`__D#NS)IC@UeJM`#;xN1nsFIkYO08Z%{E_o568* zz30CC$>xM**!(8%t$@~O7*sx?MfbO#B{w!aR>CNVa@Iu`@8Vu|Ynfd*5sVUJOfJLQ zIC1s>6dnZDzzwlAX~z;i4P1_%Mrf1Z-$L&0POX^!H@cLpbeFNIH&7&^{x{<(qEWN7 z`b|YhKNt7j4;G&TIN~beRv6=Q3$W4|a(+LaU>zY#%8m#HN*WjYCO}Sk73bQMYoJ$9 zXK~J(IK7!X*;4hUqAcFWLGDBJ-u^snb=gpA;2F#uNdGP#+-+NkbmTeI>cUgpP|AG_ zFV}S`rZdSQ?1&?#oBOM-e@hww+XM{dN-&1hsx|KP9Z32vjWJ0~rtOJ>@KW#VX7!>M z_({&iUZmmq*Q|V3FQ`ljoCG?aFVLiOW2nrC18m`8W91!b#w9r6(U3Y|Y0qrA|vH|r7}8%e+seY-}!S&t=uVPO<*%xG?`$>-vgp7z{H zqa-Oq_dLkr(FPagEj#~th&2u^gwB!llYcaeFm$Nvx1aR@#q9GS>Th|T1}+MTVMW#% zVknb=WyL2T?#1~YUxf`3rQEOBfWts$w&T%DDO?+)UKXSLIiszKg z^5%X$JG>(H!ASo?;evD|#ye-~O32cNN?~pvnD^~8;>B3oHrTpJ? zTc*F4pYdh9uzb;a{64#uM+5)dawzaC&yLv2YiiF0?2f>jn*5VxtfKatnbQ$Q%qv&7#_f5{$UDa#xEE>-BEOMlWKr+8&}IkgdknOg7_ znnA9Dw|O09+<=-jkEM7T?e~KG+u&ZF;mut^FBnMA>9x)9l&Vy!v^8&3ETocH!f{%s zVW0zRrh_+)MeavcAP3fo(S3p5pq}KXcZ=r(JK7BD8R`!2RIw0#39NA{GpmUq>|$&Z zS;+4o^OOs=OdTf|>%FNZN^`~?NLdq%6rWE_G1_r9Zl3=zK1qg`LFc*E&e{PZ3U97q z3(ht=p?n31-h~LB0TH+k^_xjP;<0IDe0xS|Z##tCv1)|oR?qbiMR=*nAJ8rq6ejR6 zoGE09GXEICJYhNG!E*aX-ZOoXCRXJ$GE`&qgl`S~cL9ZKPkd~0chUom z_`jOEC}4!1j}%)+Qz+GnsSgd8h#=`CL?YijxbloC+EM7A*c>@zj>0gKbeR&i)1gFH)asmp<@dUy;c>Jcbm}4#M~qD+EUfjPFuo8T3MpDNW_-^2*O5 z8r{F%>A`z8Q;&QRk|Vqp7qw%a?IcE zhq|Qijjqpqw02OH2v+L7>6Od2jny!^Nx&ylE6f69LulLzZmX&<=#yr3P`F%|>k(hu zGz`BO`I2yLD@RReN?K(8%07UGo!;y5ButM_YLUDi*&H|=sGCFaUS;j!@01~VGc2YEZ&9j zE_&ZEFNosq?5bQu=Cmhay_tFta(X5cU?^ScbH7AZOGh?fcD&|CtUu4NF<|SXs*XK> z0C7R-H93KixYmL02n8#!ZgUafY9&h}VynL3zQlP6HyIG|>9w6Pih9DOT)tLjjPKtB z@E^00{)z5kkYilB4lNG9;`M+z==Za6xW^OH31cn&7ix{iDEl+hM+edCd4EZKU)08k zY+Vi|T8yuVBP6ixRc8yz&h4@#$Pdy}6a$70YR zK@TQxHEbu3h&i@>j__MoveH)ax{K*nkJbpom3Aw{hJ7973Uq0bB6x)$rNeFG{7rW0l8%djv9VYYWugjL!~{HZ+amVi4(kbQv)ShaiMQ4I*fm!)OWj{ z+dDX&xBFo*4{KE}SbBP|U-}``s;pP^F} zbyv}`C6*7%u_iCMHdgdbptDm)0cNC_b&Ow*z*0!pF1T{jRKJI#F3=sb+AEwIL*aoa)LfE%+|lMfGMxLPwG1;9$)! z^JUQ292e*Ei>{L#!o^PlSEp$JB0Q2%T~B@>%z0dqCV3O*xoRWo%v%ugvCAOHwbcg8 z#r`dQ>V1v5zo4Chy`lksC@~T#7^i@j@6bM5$2BPu+5pHPgc`==Ii5Yu#u#28AFe9>d)PCPye zJXETjjAVnw_BOn|XPcnkHLN%EMv_~tDP3tpT2;FzuY)zab(0_{yHOpHdLX@K zY}2Tt|HEbUx)xY*B(|+G(i1VdBuPGCFd>7P{@$jM}6gFj{I#`(ZsE18aQ9<^wP~q z_Ux|cEh80ce+)Ykz|3KlmnOH$M~L(LwO$s|a8X|cn1xqh39PGuv4eXWJlPa%=t@Bh z!>52>9M8&~*!LRXLt$j$o8{P&gqFi#ou-1p>V5vK6$)(D=19u`T@ z$ytbyZzG;jM_ZU%Wi)Am9Z1J-H)^sD=Xxo%x4f$W}{l5u< z3>GSV)E+LI_T$HHxU2Uvxx&vqKBIZ5onbU<@#>cA1B!KS2r_xS3q}T$@8za)vwSMi zPCnT|4~BcMjvqO3E9Qn2ykogdS?vz8UwrGbuh_FNeVszHcI8ZEIknQU8xK6bEN^$y zNFmHfbNzfhZa7xiq~7Lfzk=WHt9?l!u)1*+URbyW2qmW-pPF9SjYpN}eY%)%2jSQ< zDu||bU+*d3O?RWEeu5-5I-63wi z*+QBbvaKad(~){;vIz41*jNXMIfMmL+HI2R&}w3~p$FWcpP&8S9{q2P7XJzeMATts z?onQ*Xz#Je!vLuASnCm&u6o%B*w(H^LW&ha%F5-VC+^5TjKsaazj}XPbng5G8EU|uM1F(l|Ll^ z@B;vqf5r4Y`Qf{4hWfhq(>;a%#o-&64^p|^#v{o5j*oXGwD&2@HtU5&w%Ur#!*y1{ zNH=mXsZ2)}pkVvfeb^#~A_Ai@eGmKB1?4VetsABvY+p{ZG2vun@_F%$8# zJB1I6^1*2JtNbM^4Wfn{@t+1aPJ6zz^75XWlb=>05E5dC9tJPRcW2!xbobz38yV%2 zR?hy}$-if=$bf+mmUZaai{GJmJvO7vj^F~I0378` zjyVh$%TIDT@~NW)OPp)F?GF!cp8u9W{!h{VZ=ev7f{7h8^hKE6H+*p?HMbDM$jz=e zA%wDWEjoW$DfunV+5urxLE7SEYf7U*rYyKB^gBy{W}OjFPei_+5MEJ;i>m=Jz7T?K|%}-+ugFHq~ZEe zRD@Fx8SvIs6WLmp5{3XKh*1p5h)74CY7H((eEeU_5i<b_A&& zu#C!ktELPVZ({;E_~slo?99gBA69)oEVU(9IzU+3&YQ@{J^ptTUnel|9!2MkH!2QY z92(~motx5oh+>G+6i160GGNMljh*W;VepYK`~QEJB_mAqCGm_WcHF#keK^EsLk7CF z|Lj#;=`#U&6)FY-F1mYW!&Ft3-J7U%+J6I?R3UFEfqYjy)M(4?U5tjhPW&4;ULKk_ zG@W%!H?2PkY}QyjBW8GwDWfCt>%q={T=nO_LCKUV5q@0~%sd^}`;~am!4!>(5)jLh z|Ek*lbBfHvg@g%M0R+`E;Vh)v>jaiaA^mS7{$J*uhN;OgX;gm1rXi2XjTh7=1&?Ez zPR!M$WVS)}=UYYjR3Lhp5hc>(h)~I0i$*W^@0gbZj2MZyr`|@n%2_RC;^JW!M_Y^p zY0W`S>I&{3>)Pnh82z`%_J0ImI-y>TlfXv@_>rba8pYqE{wX3>jkGl)YD1+yOM(iGKlXk@7Bvl z3ThD%i3x8xq*hb;|87~Nmx4@Rve*3sfx1*)h?P4_V^Xft3cXZL{Wi8NWDi{pk|Hrt zb}P5mO@CjaNF3$G(|0Qmf769_N4Eimaps5LS%g_G>@m}Hsd>+kn+^o|P8=84?MYvz zw)8!0t7->y3XcC`v$B*d+}sBR1qHsp($etHnV6Yd!@^(#))p4_(=+lODoaa8!M8Uz zP4V$)0p-FvA%Tx}HjV}k#m9}e6h$`>(=?S7X^SkA;S>|_ujOh!tQ>8g;NYWLld`P& zt;7j&>Pnon-;@5n*#A_WpmFidmCA%>QoU4HMZH)&-+Wnr6IUVJCrHzAz%zPbgr0`Y zS08v7lKZ?j5)RUGOj%5Sx$^qRu9=xH8JU^4J*e1@w1Wt&LGTS>^4c?pheb9$#Ue-o z7k`QZwY523y&Sm?6CUkC0@pTe=N$-9s%rjYgeIAiSRQm3QPFVjHwKhOP6(1NEv!`z z{1X!w5hQnXb6)p*$XAvoho4=j%6eo^IM2$s5Z=F*1EI7eWDzBH^?Hk_X+yA!3kHf! zcW_{!Em4dUDJQURclXyTYv;?0f1}I6Cqw~N=v6ZGTb(yj#Cjzg$3?ZOYJc!fWQ|fp z4{e-R0j*#;w@3=!%CiVeQfUqi5uF0Z_kWtv3qln!bhaP%dl-w%!wHY0+JDVYky;%D z;yJ$Fb>zk|%6k2^6E<=~6b&TaZ?o%(biEWwMSDSJN=rtLj#V;@UKWxf&<Ke@7Sk zmzKXM+5IKj6=*1HSIr>(2(fWAGfrMAPC;Ars<{yuhGXd&u4@%)-W=Ee zWfhh~3QJPNxxJD3duQG2SEXe$(qI0`mI^S}sAEe@i*Mcj zzWL(x^j4)+g|QcJ`m4FQIgx^vyrNDGku{9mg_jT0%F&ZR3{Ca;x(pS_rx!Yg*_hoH1LtLg4PWs8Q8Y6_f)*QdUB zpt=6yIc=q;E$GHG$AtBUSz^Ld`8bm-qx&^*%lL|5fEfW~3BX}wLuzUmI$F)kPQUXS z@I&J`r0dyIktyyU3Y-zt1)27~dVlX}t^DD`hl;|&!B_bva!v{Xh0UNXBV8mxc?E?B z1C_*J5M(QmQ{Gy8OPSwx(MB2jmHu+#`FGEA4)q(-CAojBD#r;Efs=2SlV7!LT9kl< zz$5aTWf}~zY+xSQKYd*~L2tr{UJeOyR|)g3OQQ<|d!>!Ew@ql^bseNfOD<#uXm7eU z9E9o?pBE48o0xlTB~?ayHS|f`77KA!170iqPM9jcw9x(OWL?36!eYxI6Z=xso~vE( z9`c8zu=wE-5$(&-zpPM@w3VRyvIKpI!Wbm_F_k*s4HhJeLlzEUuNi+9Zb(QT$Vqa` zH{~1VF&l~_?;@`5LD=1xnL#faakdJ!Zv7{iF-HX8V86`nxK=MIjt+2{G*p8jnjv^* z0HHp#b-J3He(!>=msPsh4)DJbnKa5n`OjGZ6GT$lBv*3Mff;VSvoXMtzTj4<+@$4x zvnTacBHb6f_37WIe3vJIWXNlJYvuL^2CW_$lrHs0X`>nl92fv>`X=YSXj~?Q3^M>4 zw(}A~P)K*TD6TeS9=)M&F^TJQH%2)1&F_0q^IW-7vdP zR$W+Jj!go`QJ=>XD)iV_E5u)?nDJ@anBD!P&-Kp1=qx-4UpcFIEobCuV>8~%t1jq) zen7dgeQOe1&e;2@^^=pb3ll0ja}^e-(N@?QNpa6Zq|p|~wRtFIWrFMX`aJm($M1HG z?ef1e8&y&;6`v+rH^4K5rFHbD$M#OIFVi7r3aVw*OKQWkwwI*jwn-coqIPdz!GrO# zOGfXE!$`0#Jt5}Jjq2=gI-%G9+*9+~L?4^FRq>9{-^XWVHR;8@(l3O72MuUBnW&;1 zD&j{jQgG5AgZsR$qUnOfr8GpwA&MEU0rs}HpFq~R_~j$Bdd}y1m>5bdrsP=eFZV`; zrt!Fu?}%3IGXe(-Ku`MIY4p1Kj{1slXt<{}`Bfk!BlbgU!HEMUcQlsQ1CP)cP-ATu zx{1gFCjG$16c0uVO@k+NJaH@k5-Zrn|MTkShL0dJgBu z`ob5O<+f1Lm|e18I;X#TfLtz~qp#fZf8jpka#knY5jbq!S zlF-hOBS#$ZHT5XZwDItByDg*w5D6%EmUVH$iU|!P0a==U`ZJ_O0sbe+p$&O6uJ%-T zuB-ii_u@qdyxPfMZ}E9tiiq&kHQ;4hXZ02E0nGt!pWSjH*zL)Hl)tU`mJV7^0R|nC zv90VK8}yir7bhGvoNIfY$o}6l^?o6!xguI6JZ`)z%u3L9l%X zF@YTFh+jvM4Gml#n_WSu)7wgA<=90zBGC0biTJjCE!FWEdZY}UIC{4_AMRuy_=-11 zOn%`(_<=1Pfb}!sDg5LrTxIw5cjFXY#B+zSb6o-FkSkpz=kB5JSC=mKcqEPq7}KOT zH@=M7M&FEk&naJ!2tuz!`gJ$nl6FhSSnCh_{U}=?zJh|1jIWdsSRxKZ#EuJT3g8l} z4Pj28l$t~M!!j|wryGN60Tw}KW9T2IO*1pFx9q;4X|0S}{BQvlv`m}s(|8%!hk=^! zYPNrs*<<_o1#rKkRsFta2h)F6wXcc!V)l09p2b*)svZ+*glc{>qFgr@_ViY9JA zE`YiqvG?@?`223~bNNs^@dx1R{SxHE|EUHHY>v`xD5E@)Ma7~x7$DEN;uh}M_xJSg z`Ebc@g=J}KKJ0h-J{2!0Ey;rj=+=oSnkt&wf}w^Eg_PRn?}8@AfNXE+=OV`KSdv(3tr}VQ(ShG@0-&SwL+I*?T+T5Hf z6DKUG=HfHB(OiE*?UxkOoCD_!<~w!qXLWKzHzGeLr|I#@Nq(fp3+bQ_6ApjMuh$qA zc->HPOFEJe0+;29PfuqUr94W_LY@Gews<7&LRcShL zP`ZJhU}^Yz0*5qFoqxWFD zctcTHMPrnfg51n91Fmz+jl{xlS4K{1dtIg+FV)pJc~oae{Ii}J>IB+c?FOFL!DvnV zcdlxXGXpFHd1l7e057|-XP6!EcS3gij@aFia%f`UT&_MSp0YiD@n=1`t+3vg@fSB|Ntkz0!^2+R=H3+hvFEbKdUm3kve`_g>$F(ejJ% zOSW5ETG|Zp5A*_}TT}sIh(YueBKqq7V|(#ec`%OEhApTizj7^q>w1F0L*x0^PpB_Z zbRKD~Rf%tz9*BhU6x_Amms-^8?YF~~xO0Aa*eeNrkxD%<2}ZPfwzBU_mFV<@+kq%%{dfU#w0Pr=o>UFn^pCKqBh1 z(?-OlTGt5(?MlbogkNHx6xgArp;^1!8EkKv;>@OAt)1(a)^-ZC=4oy0A^A-TO=);Ru|o?p^$9=_#NdOV6qX!vY?77ZNcW(-U~ zEjv_Yc9KRTLU;Y(hr=CR-s$#d(!g;WborzHSLgz0;rD&lk{rm!DtEII0=!_nqzm!B zrud1wuV;E!>xx|1>XFW+gxvOmXXB0;*JuMh7#`|?bCCb! z^CrCTkl9mX0JssjJN&g7?A?@uA>y3J1VNm&HGdPv4`s>E1o_!qggY^~%q<#=6xVHA9z!7;E+VK^}3UFIn)`A z=5QrM@%Z%|3*5^-$Pr=C_d0y|_~ZxYwBUrVuC9eUtZCR4zmn*qZX+05UgV|&!o39z z4O|R(bdY)xhwTBDb1j)4)CqU(iQm#UNB{AR(T4V3>Rii@M`UK|w_}zWcP_Kx3Z%=c zo}ac%k7G({xPfFD)ZBxdZ46F%jpPQvX`2?Y#YbKebl>K$S4>ye&*m>V>yuTk521-du(U*Mm@o5ELrF53{dr21A z$(tgTv|aQd!=?$p-0!&296H{eYJqGz?`&YtXx)3!2R%B$YrwDBPrq8hz}6VaQo2{E zqr!2(?ZZK~NA}B2;o8IXK@84A7c_d)#`D^So5#AB#Wc@9B1VLu0m)4{3#lATvPqs3 zYdhyZWVNC(?{2KO`cv5o>GL%#H&(W{#oFtM3-{BL3#JZ&Fr-)gV*Heu?16Bu~q!@oAX5ZdO_4%*~Og5ARxVp|L?t@-9cG;hZ2c zb;fmB=9+}D&~+E2R6o?_6OLjdHGs@aAjxZ*$Z#KjF-$vg+VQ_uV$UuEIW@~Co-{Uf zvTuNUesbOWZu_Wqf3A2PH?diBWdF7BE4uS0pSk&S;iqP460g4YyWciC$f|M4>yYsM z9{K2SI&aHPPd8$xN;izo={1bmxBGd(;VIn0wNjGuV>4R`aR>ghL>xRe+9vyTl%lV( zLb`Uz8nAvB^e`E)4zi;ohu;U^%qq4Tyxtmk1YF_`|Vq@9Zo8?`7axxM)&Flwf1EuG9UMy@D?H$O#>k*oJtFbS6{TyvKC-x z|D0n+E|)I5eW6ttD6TS;`$YiTV+V6nADwgbYVf4xr?UXTj`X*fM$D~sTevCRgwctM z2)S9^E328O;Q+dwN!pX*MZSyZP-SBytlioIpBtN847t853epc((qK(#l|yIW>kbv} zG)2!z8_3XXvbaAZb|2s*j{W2dqF*jeH`hGhM#f)JGB$yEj21d=ZZw2LUAi5zKwtL z8EWdX?>yWBN3NidrN1_%KyF}pBFHo+3tAU!8Uy zc;7X_#}?s|UQ%kmYyOxEt4?XF!Pce?Qb*HM7XOn>4nG_?>DU?u4s zlRO-38_`(I>(B%7UZ3#3)Zel^-#NTCfXg=?%hQXnt7&FGtCB#aJ8Tx;N&W168ts(l zloJiYP2a!Y5q>eLgiEw5sOshJd{6+@3WIAoQM;u;Si%j8*+QAUU7ah=9`ym;s3F3S zdBXHXhuJSj*)7=*Y1vWhvra?jPZQ@&7TJCa&oAe%9o((r;Ev7<!EXN1cch#avj`|q>EPnYS3j=dC@2-iRlB=gf6EPQD(YMcP?k=1XE<40<+)(? z**!ma99a#HM-AF`i&H6Ql`1SKu*RlSv&qBUjF2X{RDG2ey21o`1b{qXyC(&%2P zmVBV8rn-BpqiT#BC)FPwJ&gW6hZYW6YAO_gLeg6&Sq~>!PqX1Udy@BhOpyJ2texHE zU>($c4i-4~IcF~vKJYQ0SWP?NozzOwJ8Jg?#wJ}w27=&BCGk z_jMVzS;c!od&LbwTHbcz8%40{o((o01HoIQHAr`wb9UzPE|vW5QQ!lMv%M_x0Rb~9 zv~SBU-CV%_h_geX>(ll%EYPsM1;(P)pb4f(H4fGQw4JxaCO31b_AnHJ3e9f5TvTT=kLqpek{r zeQKFzb&t_6B`F9UE;nJ&Y?F1rj*lvg@Vee_UUOd=|DaW4I@YGH-r1iZ43LyUqyJ98 z|E)b?&KD~<4>EcD3p6T?^%seauyrca(+rxk+}Ge^r}Y!%3Ih`D{nn7cJAuCV(?<6^ zE=8m{e8ctHFP)@9H6j_CtbqM#aw(J0gmxfRb3vL-JDVia)qpPbiQ(zgw?_6okk4r9 z#h%$_Y7c(lzCdg(DYJoMzoWCiq3YHOE+{kWp!Y2^;)LYUQM+$wWt#raQX4Ma)=TA{ z538iF_tFttfEA_F4locno#0>R@m%0_rHiV;q2E|RYa@P5H>i?Pj%MF_#?|=_9-Z9h ztUe_G<8rade9Xyz={Q0A?(KYA-D|)rD8L^X_1M_$r6;Ugl8reuv9WC9TRszG2x!?N z8-=TR-><4j=or3N$G*A$VA(81Z#4*>C z7+uTr0ahInhq#ZXFnjO=c?23qeNL+*G=g7uX@oD0^}P1JzXWl4W)}YdPIUVnRT8 zAUR7kLXKnHQIXje$-BW@7vD2M^yW%k|HcsU2q53$b1#<1dEp4FS<(Z9q^1na7Utb8 z385;6g-A1Jo(TC~WdYe!*5_yCx^ga-90qyUhm4ldYT@VmeifyZQ*~TyFvx;y4tnfX z@dIk+Ac7}}zwY1ZwTWNuC$73~coCqr>w2pKbA=4$nQRkspBd`}Jt^nagNMJj0U^8B zALDw4#{3UuZ$4&oa@f~gipCL6?g$`bW5VqkuAQWn6xk~Oh|9S4#4(zcTFvxWKN5to z)N9k}&J*e6csE#%!rnl>_0Ss2f}&MrD5~XbC2$_-qlLn#&w}z z7%M}Geol1j=cu*r6eoQ~2FSs^ghxd7{*oA|E!OMxDOk~=Pm)xe_u=}MYdd$>kkcrT zU92xqtlmo{5bAc1&`~%?r2-ATd>Ir;IW-LtzjQ&%y^+eN3L_}W%wKLb$q2$$8hdQ* z84(eVG25%#$*`!gV5pt_kwDZ8myUa^{N8paaT+1s+|>oD_3wnJ@HtXX;NLctZp_}( zF}}>2VR55g{)YhF zWODE4BkVW>n-5yheK(=go(NI}eHy?JWji9dP93yV4X>4b@;mp*P6*i%418RFeF0fq zwQs+xbgc9{vms^<%epPI$Y;7?ZrTJ4iXTf0KPr11<)@gBV2EHUzJB7}`_@A`?&Q~W zDe(Gq{k)zZ@VppsR?)nlUMF-+j%pI4X zC|3%FpREiMl4Bk)rHQuIFXKHtd!u;#F$M)3i9A-FAlE6jv=g0xeu%v2yJ6q52E?No z|42OPC4H&lKltIoMseXd;D!JBWi@i|$i0Fz;OR2W=H6!moW&g*buvL3a2aFZYLV%d zoG{UtF{y)NZ{yHMePH)lcjqL?d2-*?@???lIb!w)pR8+Yv}bj#mqO5Yd= znRJZ@po|t-pW3P(edNYyG8^v&mKjt!2I$@=HKNi;mc(D0J0DQM=XIhF4bI1fNFkyfRwh@~X(rvZkbS}1uHQ5Oar zt4iaCBr7X-d#?zlGw-4qH7=8?tm z$ME;#c3gz5*NPAs%mdORz@GV>ZWk=~>5FXzb3;J_-+bmv_4ndn5Dq?0Qf@n~JUpKV z1jHsmTS1~ks5f?%6#lI19|zb3youSQW9QzBt*ZyZuU^3>k+{;@q+XXD7hh7^ zs7!W6a-Z*3nEfu|%sL=Hw5teJq(-zfw(Wh$mqOdkFHi8@r38Ld^j66&l{*%E*!?OO zM^v3>(--U#0lLS0toqfB@JgI@07f1S~qr6K9OJ2@>Hhn0m57Ly_YB$Le6QGqTNGy43?=EqkSw!=R}xlZNVQ6*y#|=qA!C!kp!4@DTh^pb9Rb6{ z?7))>bxi+10Gu9Sl?-Vbp8H6S@u1 zoi^wq8D+sIO8QNM;QcZ3-L35Pfv|Tqzl{0=C{I9xaXH=iHFLk|fT(S#{d%|+%(d?M zG!vWDOU){8(3-26RCz0})**@#;P0q*>7Y>McfI3rV)Nr=uco#Cuu%7bL(Pf#xX~Lh z%i%w|W0gxv&*t1^Lr|K29lk4owe_ybKy3e>H`HRjy7B78Zr63|ThE%3 zA5Np$SOOW#O>`>r4`c(7%+ti{&x4730y=sPPWuu)2eT$a`L_n_PC{*lcP6ST(m^DR zHiNz5Im39DOy*)(EtcYD;CgZlc^UzIAMk)0#8U5U`yiybE65vw}w%WG1S}coP&V*NlTDKHsTiC{v9LnAx z33B&sLaXHJ2erV)O7rC@w*FCG#Os_cJzr1VWUpaC2|?~q_ah!>*X`v2icQRIKf_=@ zwY8Roro|M(7dj)sC`e=u@D8Hp7d^T@|ey`p}>N+I~48{61Rm4ivzaL}pw9P>xAJ4mw z*O?A?j%baMWKPT5wEIPFH4Iljwcx6%Gz)hrd`r&Y@k`}b6lqewo75Ca%??WGGFPFe zi{3S4{R=>+Succ(BZKNI{l*t3dv^?;`VBnAzu5Z_6!dTibZNi*aTnSxmS$o)2QVgs zsSHM@SAUqkzvS$>KZxI<>8%NL`04D>gU%p>=&VyuKgA+EGrfti!N&?KJuQ(ewqy4S zm#pn&iODku-yK4r8MBX;)rNiBrPTR&SObqVgy;>XaArhFuS*MTW5(ObkX597{lquy zcWOfFB2Db3y6-)S&4_s8v)&M76J;5f=Y~?0v+0?-WEf3|@|P`^1ROs1h`? z5skJjTyzwy_<_=RDAsi*1ybUAhTCE33=)4_qK8F_zp+h3QS#F1?%x>e%Xo3T?t_sfO}8_ zn5}INZdnL}wLFH%BYtVUoKC)sWqKbM7i0E%bX*e;a$#uG=kV7L#mo(B1(#-%v zcemtF15y%04b6MFpXdM97x=_Vq9@(+Y3dYSx(symJ8 zVOS&oyx+qeOuOwQQA2+8+f9+!f%OVnf4{^%C!F>>K5{yz20lLU=O zDSWXRwpwmSf7NRvmq{5z;Y^Ef2$WwtQno@T0DKc>6dbJwDQCZZ7_k(OR~Q$-BgbHs zWknzikD=RQoMM$i4rbm{T?Tm9K$1i0_zFOWJ5efD!KXjU3HB-!Sw-d+rlb@90qe(w zdLU$zkGQR1GTlKFdD?4wU+&;z(+3G5`(5b;+lQ`W1uNQW1FMMhS5K2Xpi27c?{$U9 zdv2!!bhLv014>eo#&_KrBxQV%cw3)|r!+M#z^8Mak@BV2|0=a0&nxl!>aD*HW7-X_ z)aXc++K&dNnYa9GfwkY=8zK|r-a3XH35>I|sir!#kK*(fjoL9ELj3Y>4i4}kS^Dl- zEqC|PCg&6HBtGEYA=&YX6(R@+vAy_LCGL|2%lTFCf(DZ0{wC&V`VuA2k$&d-y5`P1 zzA~J|PIan3;$WJv=f3LWu1lhj*F2tYy}p@^yKw5NJabIn7lnb*@~Z;-B-3&L?g(8sx-@k4Yo?6?Iq`1>o#}UF z%WDKy-!`lED_ZcBiyOYlR?@rXJWQY|n>Q7-Sd$ZYwMylxyv(#ERGH>CDoyV#3QgRx z{&rF)wOIW}I6I1fdqUMLlX#}70vm}ogiV~mD*5Jy7K9#m{*-a$Ink<7T1N-JZU*lc z^=#TBa$!ejLUYKBY6iY z`&=^p1QG6%u;Kvjrs@+NF#AozR=#i~?rRc*ARhCgDvsa7xh`ZyEtgx37)u!+ZI@S6cC)^DS6cc6t;Mpn~NeQ;^z zqTvIRIQ%vf31zXvWPEY{>Zj}fKGJ{;vy+@^X_DU0t|xNg-P zaMNQPJg3w8(zPM)yl<9PGX=(7XEse5vp@<|F?f4J69@Wo4O_#>MfF*J_gA|h?~as* zrS>~L${^H_v->F@(zD2yH^a!V$ln=T1;j>BzTY~v2LId!3h3CIgK&cfp?J)+z`R~B0hw%FUv+RXx*ApBb=vv< z_VPg%=R^38^$n-XhJPM6KR4Ge&ZnGvt_7fOMt!b!a!ImhXG=^_)PL3ev;{+LfFPr} z7+eue?XjTAU{n;XHYidIGSd%_q$W;&H*Tz3NY)724^lmMS)n?qki?E*4kYK@%Tj}%xO_w^I2InGG@8mS2`+D4qUtpr0NNIWuh}EoWwg@vDy_npTCddeu z0GW!{prrmk%1)EOFSPwrN93_q7LPFB`Yrt)xkRXw{(VVE_e@6Ucc4fFbR<0b+;wE#+prT1i4Ov*xN~! z2CvY@BjcqI`z1@&xl+UP67GYUu+S*s?4O>fiW~gzVZp(^+ZS?gvxe5eeG6t14DA5>4lzmtt*-=1^N4# zoI<$9A6eLb$x_qU`Po!*+e|B<8=jBe9fwGq(aN6CGIo3tvvcI2_SlRy-$?8;a|x_Q z@B8#{mG$szFeJ9KNc{ZuLnjJWUNRIXP~2gEBX#$E*7t_(WbxkW4M3}Tq^H5}8PSJ` zH<1H>h{-~eF~kY3+z2aaTE;A?!WZmY7HVXIY&m)Q9W*<+RVJoyNl9(35ymwcz1Ja) zmj@h&1ZH6*_!_(^DTd4%d9=#WA8cO-%mug1nQM0)iaI2TfZD4|2lmgd6VOPn4@~S^ zIBlRBT9{_{Gk0VV3g{UZ<(ntB_hVj6r$TtQS!8$&C&dI{PG6Oa43}~ZVYu>mc$P_+tP1cN*{B(aO^JV2XWsJ#CI0@U- zp&7xC$qyOqvdpcqXgk^C&)$mtROi_NQie*+j)fF-oNC<2-Bds0^xo{yzcrXS8A;@M0vc0%GOKG5ua%p2%YmS5PXeu=e#@@z5IwflF4O!B>F9_FslGSUcwQkE1c?iApS=muS#Y!ysZl{AOvppm$!=l3V=m94zz zUL2QtT5*=B+ThNsxQ6-w0Py2ryo6l~rKs3WK*QE3Z+^jfB27TnqhmZ6$F!UI3$|E9 z9X<-h@YOe}H1pkA3)aAn!D7h-=icndN$e#~v>JkY*tU%>yU5&V{Q3w~NRtgce>*7q zeYIY4g-|NGut{asu*(1)vn2DVIvt8r*0R^W3JPCxaMIt>_gjY3Zgaiq{28==Q8UbO zy42ZoVBj>!WKFtrhB>=XpqF_ z??||oUZS`qMn9Xc@UP6t z0gWVdE?c3?wLo<#%=%4EFGSUr;5`jPrK=0LqE!`X#t*A#3A4z=>h1Fg`Y+D zzl-)O020z%ZmY@rVhIlSee<7|6mMB zrfrK)W6OLQiSs=y^8L!s)a^x+iBx`@DGTu5{f2CY(RnyMrLgL0?TxRl=p%mlI`g*!LE{VAAD%fmfKlICU#GY+E3_T>F=d>S z(O_rtdm08U&6JBUHEIlA-gN*&gQ}cl^zcndPlP|uo2B8(w|=vim%V7gq(96!$v|RP zB=jKNSu;afKnFH*2KaglOoq%LffS7m_H^wM9^?K<$zed!XxatOR4M>~z++wk17CMu zu=0fN#EHeb{QYHl&91y7F;8HD(f&dKsUr}jz4Ax+yWA5f&GAWSvc@BQzq=xdAzRYe zNy4j(5e(qzCP}OeMe-`koX>`pI#o;;ZHptDe&?Xc%CKoyC~C`9+4U+3!Zy=-m-+z3 zSWWIng$Egj{*JQPxkmf>^Cb&!Ko}p{+)mxr{{spek21+@q{!)et!n8@!9rO61ps!B ztY4fEd^lHmP#f&o+kO)#H^ZjNfP^D6kCKMmh_f!YXzaI|l}Hrovdq^TYPMk2pI{81 zmJFhVDf)_h>R5cEY+D5t7rl;JLl*S&8o;ul+L^UZU;G>dOB_*x3a=sD;t0}E?jBL2 zKE1bn)^HzD&3+}aX4d;p$sDuY*n>rTLP`UjtOVa`BJq!wJQ`;rnkhsS`57^*K8uA* zbQFL8I72Auv+nU5KtfrSEWbmYq_9IQqzx%?uB+aOo@u=MnQ%1b6Ej8HEjcymuk%?Y zopVt9`!8tbxgj-|q49D+(bF?kliOB)DSz#k0g~uPF5Jg>nRE?9BKETHc?zyJ{lnoz z#d_c;aI;)ZIe>nwpm%AukvevVH+y z-*%+9+!Kv7V`=xap8(^!gCW9JLc)_mbeo*ZyyO&llJx!|!EeI#M5)&dOy-H%))$7l z#tG3#pWvg}Y9m4PNSmN=wgPO}0 z#yvxIeJFZnldvpt*@+MBMD1O@{?pj}cwQ34?D@o4<|PnE5BEntUUko99~r^&Bh*uE zTXh;{KXiDwaDa&+m!)cowA-&|qmb|IY|=H78ie8P077(_@Xx^s=C!qcQk@tyH7Q4T zK+3M0-}y(#UYol?=wyJg6%*(D7Sv0kE!0rT>TE7lcG^%MeW5l99^v!}wUNPnWCz7T z9UD!&%OwM)-Qk$DZY{QgEm|~0OsBY|BKD=R)-f1)3o*XO%YH?|htqz|jWC4)x(&kVBqbOAED_q^{mi3Hp}gQW4%T+TZNWE@&m zofC8!l)!Rur>r1%L?lgNZY&!4@3wwAEAn%+b~_@&!rH?`L#+zfrL;sqX3wxuP)K_B ztaq3rQRoDl$=aG2U#LF$GrOeThDap^&wouRyjWR%$vW@AW|+UFe6@yLS?FTg5)$5t zX>M7Yxp56)rQ~$8#u&b8X&>04tmr97AJ_gR7hg||GjtHH&zuqsLQ@x9e+PB0olaXR zb_{0WCBtV-Pe%!&rTXfGkBF3T$G~OLm$hKaq~bH|j@0=#+36mcDev19ba`v7BG0#n z`TY_Tfz6V>roD{c4bBc5f!ac@_e!U8F=<>>%?iM}@=<8SZIAv^EAnZ=#Un2N3`Z^L z^j~}Qg1S-A!o?J_kNqxcvku@PcfFrbaByavpK#i?A)*{0?Uxblti%PQ&H?N^9Ia0RB{b^k!$5ml+G*CTlSbE5$%XLaj3e)UDq4b=^{}bO^a z^eOy58=&&xy3!|}Ty#zCgHfAu!l{5SMfp5VTnzG-XQ1s1?7th#zhmsw!W@T2OT5bZ zD=y6+32H6a&cImO2R#;BViosV@GvvFh(*l7?e?K76)e%cJb64Yv(mSUMg?DF{jE983cc~zlA{#L?6BoHY%z2WKJt8Z?Z68ypImVK_ z3st_FxHO}vJ7mvU?os&BV~?}jj-f?BziLl9 zJ!d9SA6MgTdM4*9UX~Yq_!)+B(hdxq!07!j9))7$M@`^bDK9ggr1I_ntxdk+esEL_@MPsr~X@F_tN(l5<~rg zV2YEvBC*j7@J84no6%J`;9H7s_pX`$0rH|pk3glr8_5tty}UzPVLX^*^-GpMikU@n9%qS=+B=s&!|AhIdKUc;KYR$L*NzWVPL-RfJvS89BUpoosokcL?h^@lRMR z5h(^Lv)e`-9|*Z$XD&}(Dnr)!Qe(xs)$JoJy-X5 zKjLX{NPli(jU71r`bRaI*^pb0M|#AG4Kn&X zL#|-2soin9&auV2r8~@W{bKW{gzxht(C0omIEf?8xWoBo$GmA>M^S=5_7F(Hn3{W< z3LFuFd3ATVKe+Y$nfee5wudrImNCYk;$7q|K`A{(&to{9>rjiNT+o(#8Q67->YPQ_<# z;?j9%_mS!N{pHO9Ju*Ysn8?v`?bj6ymZzi&f$to=))nYV#J`#)WU~=!92$Dh{7p8z zt9JPhf9<`jn#;9Yp3Qxw-K^H&XB>3TI+e)w$Fj%wYm~1yk||~&fu^^EPFrkq#cSPe z!`ej8{RH(nEU(~U=`U1wWYr=VUb`CYtb4HWRBh!!Syb+}pWkNrVYzy2E-FV#kB_1c z^X;R2?6rR-*y1XD#0Ya-)Na7I>MuIzoOU$3o~k@@+cs*kP`sL>u9c27{u>kKz-D^X zinK2+`92fK?QnaO48KG==tbq~NBQOD;(T~L!;DCKSLl0f0w-mpi1sjqH=zdlFs;NF zBSoT0hwYZ%jiLs*BwE{rEO6cu-ddzQ=0*XOh4tEs{3TB1eP-hyK{ z8J8KK8=*4R8cN+IT-J*UA zMURyBVYq%4_A!#|ggT>M<*3)1AuAHnh&wyYJ5S#E( z5FE!#0Z5Qg``M>{pElX_F99be4aNOZOT?GQ%fne5LLoJQ9>b0G`n2SC^I|^Ywnxgz+GxA{aK>D!=AY8I* zJ-d2$=nezoS{cCzXzZAmwJj3OH{Yx-z@0FXwW4{iqyi&_j>}Qa)HdnumyJL`Yin5# zUw^(7&3bpcEx`#jOv&Qn`V1!+U5!xbxhhB=NwWV>dP~C^$;dGH4V~v*A4MAh)hXxW&qjxt)N3MdE3u^+ddN~@kL>nkwFwfQQ!w^3mcoduR z-NpG~phUYEzfSZK zV8q-Tpb81C?kJk9Wjx;r{sz7m!3$_oYUyVDjXnut-(+2guhRfhwd{sWEMx6sbMd%M`~rl z+S#JhK$spa62l6c`xP7?c#EytWHKxiOUNY^5+?eN|LZAHfPSeD$XbOZ$x}a)BrbU0 zk=ebhBE@v?)I!}4rq@e%c>26pbg!{$!8xExuPFi0N zEZs(XgYg*MWPAm%mTS*5DXo~=C(WU%9Bu2k4j<#I_I&zyGuOi#bd5zhnl@h?{W2!- z0V7*h55y5+Dv{iEko)U>7@Hv?Jks>^kuqR5SHAI|kQ1e^BEfLtZt!RZCJAVsqA4Jr z6PAr;U5!|Ni@Vw4^xM7PtGxd<@|=q&8|D5_W82oT=g&-}^`ILbSk0x6!t(1IuW_#x zcq3aFBPQU^CENqK6FR}^MNm8Z2R-XG8OOge+1ozBHnrlf4pLSXqkvm+QzFzjONE7B zsMK(DxvS!rO8LqEblB+L30dLZI;`e?uis_7Gh69f-*Pg4-ci4%lyW3qkPo03j5+8c7X`j4yZkbS@X^Q674enp|ecgdmF+wj7B zb(o z9szxb!gjzGWLg06H3zvU4}rw5ll`v9`iq`bQ&I#Wv$3Et@Air{zL)ep|Ier;M0N7L z+c#2)V#vInDf*8uTl>DP0-_#dEkK0&&m)YzUq9X}t-LtAa3wj%_dP~Kc9FGJopaEW z(P=$MoW#bQ(P9G9uaWtpq}uJH%}g}s=6`w&1d&2p0Ex$Y_RZXBCQ{UWGgi)1+ncpG zOnUeXw#yBdo8Z;^i^jwJcx9&r%`#AM$9=i}{xS zb{cveY#E-!CFeWAvDa@;$H&1G*{uR&*vD%o8jTel#^^}@7$C%igbKeFc^QW@_)){ajW@{o!HN9 z0B9GRRR|wK;LAXy_fKPWq+vf?tey2w-+vWF&iurSGZo&DAv`Juc?~uGZuDA@Aae17 zWT4CkMdDg|weZ>Gobc3kNF3$L-p|@HG$y`o4O-|;8sWK6y z{MQCqzw_z+M;0;TcBknhUq4HwO)i#PHFDq&h+CJf|HNVH6q4uxw`q`F{6}xG-T7Q7Eal#%fEu{yRF8>lj!Cxvw^0q z(K%AE)8iR+mGdDpSp1O`-Stnww~|@~z)6SdIVxwkEn4fAx2y+K-Lgcn3axcs0#4@# zCY(h|mg@*)w07&B=5Oga1NV$oduc`?vc1TNB({x5YDf*~=bQjSB1OdJ2NeAg)RD}O zSzZXT{o(G{Z90|A9N{l8ip5eSc)8wD@6q1I7dumRKp{4ACbv2c+pW#ID{JTY^*mKI z{;EJ;M62&VRWvLZB@^G5f$b*I*Jpq64=#;G&Xuwi^S!7Z^VewWHy+N}tK`C>H?a{g z!OG$z7;9g7Ib0o2f5$CldilAeo>Qcg7`ZTXU1(t=dwr|saGm{7iVSurU`u-wIkE*F zLd{sc%!^cSuNlt}5rpU9JNVpDzEhQpjg^`_+V|Zm@?Pnt_euRX^A}S6&Zu#>XUz{N zP?seKi9ZB87fTM~9h6>nBd;`Y<{?4OjjQ|RFPAfrp_m?R$=nas?) z7j5z*UR|!0AOYczF7Yuwnty{&)}#0heiP;?jQjNCxgxt@KKu(sMbc8^ULPiE3tJTa zVR_?FJ|2nFuWoN|14AvNf=e#!Q+T+19qo2z@ClS|WtBa9RqtcQ$&}JzQ)cj3JP~sw z{@$Ig3P_HGW)lBpO`KZJG{IrW5np*Uj6aJCr$Hb{D zppP#D8vCb+su$M)CaAgT_q*-q#-~I?Bwa%4YV^Cv+An1s9CIXw;9ng*;8d$SZP&Av zNxG-o{rNa)kQJS=%M?)vOpX~x7EkB2#TUvwMUqgXJi-L!2ufLx~ql#Z_YRll=MTplB%I zC|(%80lay^DBA9&cMkh&L;SbE#AVxz9!@X;U@27~OS&LznoWOhGK}ij;r|I|kvva4 z^89Z}30!abw4PRqBcCE=7Z%@3B(E%UOGB;?&#gt5=%ELbV5D^0vWx%b#86LYtR@;aA?WpwBlBQH2w-}7Q1{R7{3~fFvS(v@c4D= z^G#zHoihOl(*$C3w2^UgI=89hO@x>X4g_Qs9s%{?QN47LfDp**-kUCN>=t2Y@Ui|7 zzc7F*8gS1d$*dOnN^zF({8IJYNb*oRq08`I^EnyZs{r!-Q-{m?0A-YE8(c= zsuLkY_?o9;Gi^Ttq%W>Q%^@Q0cq5f{f>bQgA3=k^^oISeiN~=`MDiUWw=Wf-Z`dAEW=Z zOWMLuL_2Cm|@t&|;l+e6rbWiRQftO=I!^?C<4-ACA$Z@VCkiHC$86RoZCY5S_Lmzv2$a;nc)I zGySqC1OzvR>VsJ@#|WWoYlZ?x+)PQ_exlz_KNS-C=z454*M#Ynk{=V`%HL{LG|EyCx^@+V)6GpQB0AI2WaoxDpX2wO&- ziy|fmqMi4J-?t)Ga1YHMJVIJ(dj?RC=(50lhW7m)=X>QZPg(zVPE(Aha3iSaW_rcO z=SBNx3JQl<8uV2i&=>y#W43?>9q^aJb>#wri0m0cyy@X38ov=87GR=k#B;jScgWBU zj{(Q{hp2?kKD3hh5zkG9Wt71GNYYcU$JRcpHbxE1eu@9Ob%@M_CfOwRV|$-0$VdGk z1?k}0P@VEm7BBL_?S}3^K%#D}lyTw{*PNH%YM0vQA4qejk<%e9h_sioj?<;LxJ_uX zm5Squ2S>lA2dh}V!%D9fNm;qK)Sj+9?+%)!C;ZsjzIK_V;nh*zryA|(zkDf)Z?#~o z?c6@~B}R4{jywbB|uRp{^7kx z(1!sx=Z_izEOKPlJ0ARZocMN1w9BSVJ5+3w@Yx;EwX}GJv+{8q!^)ej5#DhZTahOu z8QPDdY(@n!$!M)+ZvS8v zs+m3yJ+e7T0~R7zUu(1UGQ9tkI!^|FNt9sR>go>s%C*uUMHsNR>zkwDU>(nH-NUzRL3?J{>@U`F+u94&lyGi7q| z6BLgc`nAFfkSf@-ByHuVq#Fi5|2(cbIJcQDYQ!Q2*A)`c2>;?q|>g zVA?rUh8pa=V^JIsD>Tl?>X;T6rRO!LH_dJJ+5Sz89ubta`-ZOKHED+N*U#oHhNNGs zQVN$`L#JAQbL&pGDKy!hz5e+UUWADjOCzfC-kdDKoBb`yl>uGke&o)22KgW(s z5JKikC;ZNIW`%{FKjI3%9p!&@=B3xG8$^4vYK)`$e3N^ogv$|CjeI5|ME^o;18c^M zh-V`sV`Ky0b&8bU$E#j==uBGJFq!vi($EZGfBs*?m9EtcXvdaZGMVZ5j=9hjMSyUq zA+ho+6a7dan`pf8vg4cQvj3av#bUDcXFR_26*lS9rT1Y8z84FYMH|#W%-_EK?&4Fo z+kY9c$EX<23)DzTE^@G{{)*J`>Aj-^V9To49{Twt;ap6q*)`^IBS^08N%{ zZ@-a5(g7*=ppe6zBzwAsSH`hZdFF2~-{adaZ`ijUnJkR?kIOzZS;AzI6NT*dfsyWO zon|WnyhS2f_m~`PJiVnIaR-*emPs=bO9yS;wt^}+Z^EqrQ+=a;jn;jp<^V?6GR`(+ z3L+siejd(gWP-JpCK z>M?a>NzFOg+LGsV?-nD}b1_Xxrlf|wL#}}=eDPH>N^|1(_*hHj$<^-6EB+Ssm+;gZ~l{z^T$F>_F>!jmbd`p9Kcq8k_-!o3dmDtGdpK zgra<;E6f$dH1xio8?}KIG?uxl%v)kUs`AU3&l?8Q)t81y8Di!^(GOo==ssKaeds>) z=58=v!l}-1lnXaqDW*Z!3gzy`@16gyqHZc`$h1No+4r);8C&5Ls*QV4^Mq?09D#lOhG*I9wSbjYm;rQb;{>1As)?W{Kw{wiL`j7P8Sl1s3S;GF%(l<#T_U`ar@#Bx1ZD1mu*9mj|+QG8Zq?EG*gX!1sCQzXW(1fA7&xyA8G4BM#Q766?hEE zx-z3`6n&XT*Z`u60+qZepro(*X%1_4)r^=OlA{8WF|M|BW-}a5WPo=$3cSn7G# zpPN!QYv*i(-{<7ye`u@YL`2|(>E`=zxJpT`zP#qC#NHcyJ*f}hBs@O|_6$I02=L6| zq5Zt?>kx}sWIbIJwA#aC*D<<+I4c&1!-2!@>RLmR`8PjgEBZR%N?9vGv z0G>WG#}mk{_o$5_9LTaadN9y=A4?)@l3Pc-T)}^8Gq>pU7Z{HpCwCv&4-bvWa5xYE z_KCMhoFdWIUvGQ3JGxO>R-f0SNa(e&plrA&QEtO?Sc_eGgEe+_nZ}e2EFnaYD zd`+Wm)vMX{G(-C_8%o!#BkkVa$~Cn3R}x{|K3h0^Qi)KBmSS_CJ=F$L@9@hsHsqer(%@%OG6F;j? zgYB0D=UaSkr-AnOau>fp3fSif?>+vom-&3^>jvl-=PM2kFgLySgYgp0((oFA=D-so7z&1hQ?;9$g9Q6#JDSv5c4(qRoP^@(Uyr{%8&r?@gc0Ux z_QdIoQ=wtftqju>E61+I1jwbZL9p zcsWP%bV8wsMxvt)HsMsoHKX4rM}lg|S{;%#)fYu|K5_Z#{Td*0o@m`4`90iBuN;3s zl+}(YbYG!0fP@a}rf<=-#qEf@Z+}{phKn9FuKFGV80}wEhFn{EP${GF=_l8+w?&T) zLJ2*3(ag*JGfeb6wOdE=N>>vzI3N27&z(ys-a=z;1Udjth7~Ijk>|`h0$qODUkY7Edhs<66kSTO|yJO^en%y}_PwX$hSDM5j z^UWrmRXvL9~L+?e;8Kkv=PTLG9<;#;T_ZFjNhydv@ z4Z{*IbPK!1e525G?fFA%mjOL3HS-f1Ha(_v1Pf6&m&MDq9G+w8o3y1rVUj~y$a(Xn zM9(ieoSA%ME!T!eQD*0XX?0*G-^WDJFHClqkf9_dQA?^>xi!Gjr_RfkdM%RKhey6& zqmXJDlAt(oM+Ib3;RahJMc-;6tEGra0+s zF28>LSwo50{?4`CLS}9DBuA}`35vzkpSlvYJzci~>>N0?OYF4~-%3^K85uAj{o|Bs zNE|(VrXzfnc+w9_5q0gBF|R8hTF#Tf#!8%|yLDNM|GT7Z!bL4bs7VzC(yG zH<{Xq`8zFy%N7IY$E)bi-v?3C^>3Z_tk=NN8p)(EUkFD$YkC#A^cAL5!Q(LvPB`fN zTrPeTAgAkxZOE9y@lyMhFa^)F(u?Cs>Kil@PijbeCjlA7yGyf^;ixS#OTQr;nm5t@ z=Dh#shX3D-KAfPVc#Wn;tcP8A9GhGO`k^7zI4#2D#YvTc%u0MW?Z)7m7z+ngvuO7} zuh|B$?)A!%R+EEK^_!a%&H8|(6R}ST|2V~Mi#{{?ei~K$_03+tRWdS~*0J3Pk*&wR z6kFzD6~C(RH5lr+U|7+8_;f}s0c?vOi%jqMrmbIx zuZIwr+@v7*=c6q$>6mJDa)x{C|0cysNQuwmDf*3Ssk!SZu$b~L#3Qj6a}6iQ_^Yz{ zzA{eZ@zYKg)})X(h5Q1&g!9TcGyt>b*r}D?UW=lfcseLt(ueyZbYoKAid=^3N~1kc z>n%ei{U;*6?lnk*i0YVn$kDvev6~3#-_!{@e%<3tn*3kJ$Nt~mkc+)yJjCdrXWNVi zCA&Cms!kJ0x3O64tkIcJ;9$|xZNvF+LN;z03f0@b>FiJ5MnUWhCb1gAv_BRhK4-oH z26y>4oEER0q_$pGDeC&3*mN~53>x_`VzZM~C>p~{GD^~&pHAI}5Sa9a5&z$}_5XtB z4uTy_R2+(x+e-u3YPx%^mm`r1{rBTS$Jy}n!z0@Ev?VXKe%$s#{D9S}YX;=lbNkT& zNs*yUKl1WCf*v+JIv{{U9#Q3Foy`w z6Khk;N7|f&!bj}R@i&TCN^u@D0h#wtOB`j7<>nwUo`5~@u_Nh5Zzoj^eb8+~AAcub zq`rl5!w21g?IyBX-k*D@FUf^JE{I1_fB1AEMnPa@BmB|n+MNFX*SzDo%w^YWr~eh) zWcp_(7O@Troeefedt)ExNGOh3l&RWyW3)4)ue83-iio#v_Ud(3z5vn+$&J+i3Bo{! z{NF(+e+Jdy4!2rMFcLXe<~;#Js_J;it(;ReHfIfxVngS@v^i1jz`1xUc=}se;GC?hNF2MbeBJfcbAlhkuS!jHF<1iwKggJ04#uf$glUYc!jcf4hfV z3$*L6Z#W(OT+d!0FI%@;WSs4AKlv4Fv6ZupmTWcXD-pcE3jd6kypJ#(9`UlJL(Kv< zt=Mjfl1C6}iBx_8wtnb0IYnOXeR*P^Ak)#u9?@U?1L&mY`HIR?#wRb2W3sMumuhxR zD*dHu3!XWStA)ltNsgJrljl0l9vSy?Ild+e$NIW?+M|LX;1;FTr9DROxJH7~8M1b7 zi%Ai?sO<-$DmcANJN;=4Y0Ou*S=;Nk*?3l`77Gc8fUflM7jO zLtbC>-;h0mlX*9ogLActsLF>LUTT|)0sq~@6smK0w zc|Y1<>YJA?^6QqUDXhjKu;mI6ILGR#UQ1^X5J^{)XP3dSdiDqX+WCKCK|{dKNKMc9q7FnA`<;gy_q%*(hv-7H>Auu{tN69hwsPEIuL4fF*z<@a-yVnA3V`GFnoN7ehL1g zn-_R5J>>80BV9Bsbb=Fzc(PZ>o@=%k=SPt1hDtq-`;(F%{Vsu3i;2=qyNin3<=B%g zs~(XIJWp1iKHnb|gFp=S@V` z2dt_o@7<|_LjW;>kgI-vh1*d4uKljXdK(zjId_W?NHbKKUereD=$+e{MwcP z{1p-RmLtSJN)PWRA@(99YT*5^l;Dn6(*CPMWy421He6aC&&16xb?$Hq33ix1T+xaS z?zqA~8y8ax6JaRq>+c13;G&nDP!3#qMx2HuUE%HaQg;Xa`q#ul4Sx!Cvs0t@UKk^5 zKNT1b;f^9n>TyWienq-6r9yM6EH9G!Uq=2Fg^wSwP=oR`Kbw+*Z-b}*(upaZIe_HP zpS4WcZbju+%v)W2Op?reoXOryyK%jAUKOaXcZM%-Gq**Q~@hjHxWrgzZ z3Rg)jt`hA12ovP_{}jpNfQuVp$Nc(vKf7y;K|{t388=ubkypB7ZC!4z3_%AK75z4- zpXFZU(OG}3yfmuV_zPlkE@gk$ZNeE|s#WIhE>Sf}B}DAuFk$#MQ=~h?t!M18Sgc`= z70%A+Z_-`1a3MX*Q>F!bC5eI-DD3pApf+yuw)4}O^cfpf0&0Fsju)d>I1(w9>YWVuo(4n0l zq|Ko7i8V3jP=9hEbVkffKUO0}@gO`&Y^3aq&$i7FHp`oc@){Xq58Rw$9~In3{vQ|3 zO9oLUsfQ5TI>!~-wI@ewD6}rL$fx9`{DVT{Dv08pJlD5!XotGb^-hPS`?GAb>75Nt z(^V5c3GY1@9DFA_u)cM%CC7r}9qyp1O!4tFM3p5yX3ph*?8^W5?KC0rgq%{;DY@wo zDzUuZ#+FGPjujX*Y_GR1A+zhc!Idf`)6fTAXJ`m-!n04B1Nz>goN>!R!)f1BSVPj9 z!2}w<=o(f3l9WV`NQtCv)MSiep3a{>J7T%fE1Rh5+I>5|{_%VPbXi=~gp*mZcRilz z*(xPllad|Sp4mV0CV(YqwEC$R2Y3NqxOkU8qBXZ9r{g7AV|0S5zRL4|C$#{tP4UpLfGCe z$HltEMifFv>k0JaRD{63qH1-LI<&1$F=|xz>wzm2FiY;_<=IV7fbIw(Gu3ChS^XU% z=?R>jnJx{-voVRN;KAYI(19SUnYIPEX!sRKM_#Y~Y3k%{ zOMG?y(DMwq;uHI=&?&d8ONMT~amG-}qg(4raxoFKO~Md7{-*G0M_y%bwto|gtxDXG z(jsYK<>-4^lv+8O~czmee_@W>$x-!9*w>*)FkMZ zmXv1wf5Hn0p&H(a^>eN3%HK}=F{b6X0(}1MZSHR`-qTNCX4(kVE781|lF#Uf5e3{O5JKg9P zJWkOc`(w^4Hs2#f>MOU%jCZ(+(pT*I`pa!4%Y`9YQH532DRqQ-NXza!a<~q1*-JI* z8RjBcS7oJy^Z5k<<78^AN@OemiVslj9<3uiu+CU18j82ANX)c^TK;BYdI*ypxY&UG#e+<@5Rk8_zZ7+Wp`J8 zz$6Tr`_l)CPO7TppsIi?oVFw)J=7=d)yT2tk*h;!&&u zy6u4+NsfP}1d8V|jylJ|phJL@bmD!(P`B>Idx(Z!v|NBQMLcsx?mFl|) za`d1dS5~k8$^vK*o3t8?5Qt*gW&ii8c zlZN&7VR$9wh|2c|juqWQI)RpKP6+(G{Zl80kPFA(#6AzlR!A7ahswA|5W7_I54myn zq5q}$&HMA*R^YLNh}9T6C9oF+BOqb3+`44D9w8H?3L;R2OfQXiduv3shIW1;V&_)a zrg6OTQ`82K^Yo)~6dqZz^0Y|C*a@yGHXVJ{Ffil>tF!`y(8NXFxQ>UTGoaD-g}EJH6;jozMf6d4_Tw8jA5mMmEw zQ)Cltl!SNYA9;LN&{5FbyR%odM-?5Yt=D1tzWG!LdY>=-KA|xyqBv5n#Lv39{G|CQ1WdwlfB-0T2VShRTCTdmXFv zRv6{!h=Ddt+*e;Km?JbM`&>DkRF%{_^!qVR&`bIk@?rcZr8Q9fQ#2|DK=nO}3y)ZJ zZ0y)q`0sQ8AK2o~+o%R5zwTl09$?dJCuq>%;dZ{E7F?*R%=Gkm-84sil;TD;25fN< z6ucuW&<2?li-{!rRWq&BXwsOJbZ&5#I+ZYQzE4WpAv`ARa3LG-%6enXuRjzW4jXUX z`tQj8|6sn)s6Px{l(Yv^w=yY~Qs*NhdG{wlZclWf=w0M{thH#)X@S+ECu+6q?C7|C zj)!ma-8YnKjmVL-FtENZWrza-J;+zTqcYK=j}MVsyqxG}{H6fYTf>6%P@;#watVsZ zEI*SQlMvI40i5Y2h9!#68xo`VW_m}Dwmo07BB+x)13l#?A2|9EF?FyDnfl>;e<2)$ z5bRyD^*^HpV-r`bQwk>C;J2sGifzTY$?r(n6)M=Lcll4cl&CO|%a-piiT&{B2KkBz z4ocdK3+)Va%9tL=rD&+SMn=`=3r*!jrlzJ12Br%f-bEDB{B;if2CUof z*30rZdLNMuand)|$*+RRG!yD_uM`=)XJI6!hlZ>fho3pt+3*?^zP~d3{Dox{-jdTU2*@>*WPe7aj-w;pHue{h` zdK=Ik6V-5yZoTnOs_95CDyGjoN6MPJ4!1@rTUY1emwcBtd`2H6?p?ckdpcq#b&+>&eQb`g2T|5AA&)* zvDtKGo|1mEeWP;HrWy#4a8O(cYAsbnRmDduac!Ro75jDrx&DtFgXpOw2hiz!<$t}7 z^%eUVkNI$nc5q0tH($A3e4OfNMnc#g95d+0-py$woFa?`+3KonESi`I`rV!ZJ>D+n zGPoe+BbON?GN@9PREapT>Wz=`pa=AFWY{7)wq@-IS^Cft|L+Coe{u;z=tCZD=o2t2 zzOaFK?*X6mn~dMvB7#`wvl=p_c@Jq%V5Xb5ZJ3BT{!X?Qc>2qJg6Fv+J=Oxe@WlES zEr`=cfJ}`VYBLOpkcVv4pOndTuQV-it`~p47lZ8RR7{QC$AoO8jcGY0q=Z}hNO4+; zMH6LL$I*49g{kN+ue(ktBx{y@D$dZ4ph~@-((;>gzq~KMtn$Ng4#RO5l9VPIT5V)? zz%X|GQA}pOlOvf%L3Hs*Z0JxMDM{fenbe_aapfbRiq0BX+qmY<>mP3U@5Jwah=}qS zAz&Iynr$}Ex0Oj(SH(4^l<;#6yE|NEM~|0f!ug8!m;*CYQHJy`E!Nun>BSkxSIuX& zaUuZw1;@)~K6Vy_9c+ifflnst$CTd)N>n*Eax#gMY<71U53ih#U?XX`{_=(31*75V zv~R7gJBreHe3!sj@kJxrG?5L&UArQli3?svEk z-WV3*pO6rjyN&(XoM~Potv5#q1npl;NAbADczTO?Z(w<}={sR55mbzQ63q9ww;S%6 zjl|2z>~i$fpGUQF{B>Ui43&NHaWs>mpD0Z#_HI?NadF!r$b-u=3z&pRHzY+sbHMl` zCHWn!pwJJDZ(axKKOaWwRgI@!luTcL;#)k7%^~u`?cM_ZGeD%ey>gT=q}w0lDLz6D z{bm=9OiFp2+{N4UN6_l65Z^P}mE)+;Z&lUEj8BxyPKuRie+z!fp4VMZMPhx!?}aOu z5OQ=tG@TZh(n6QC$~hZmQwkB-7XinYFcJ~0fMY-FKl=GlOkbvg%-D1SRb4H4IPKca z4i51H#?QxuN-~Q?5DsK*1r+he$bXCf|4o1Wt4Ywwkj*D$FNF1cv;OM7J-6t;+H2j2 zyYL%g2EO^S9hfI7{GJ7qf8-(Q_@H#S;8-4f8;fQ@E{%HlYAWOCqbWEYJsL}>oPfqc zNwUOHmP<`1iUG52vsQAx#ybb~SEkMLMT&fUwL-OGdbENzTG*7<ucOOqCAQxA!{nI{eVOdpxX{(Uun-`mg`%MqP4SSd zD2%eO=X&#w;e(clx}FG#PBjdyM4_T?Vx<4-Lifvw>Iv<5%!DQ>xroD0A%OgFs!22q}TEalPU*C{%?F9;o)`sq3WhdHC>M6A9eH%dLV|l0VS~d z%;gyAObf{ZO#R6-fm2v5J7SIl4)E@Z!Vhg>FI&4PgXG>7iXBkQ1HOKc=(%c~`u@$t zXu94+@^nIHMZn|hoo%aQnWlo%2(Mx=i4{ued6%BMen)X6VCQy7>8z*byGxtt#@yR>c^TlR=7$mB- z!KOtjet-UeIakTK*LHl7m^qi^GSkxg_+CiKQD@i*Y++k|y8v>m^%CNFg=B>{S2aCXuP!Hpkh`k=)ldoKAS8Q5BuAKe%(H&PQ6?Lf$3Fj_SkDxVpzuetW#+ z@4Fq@O-QkO-M8nUx>X(1%`UvQ7c;amf^?Am8dnrQ=o}}kQ@Ndjr0{t18)+t$5g1US z^_g{CMc0z&(tFW8?d3t=6B6{_eteXuaj6Rz&X-lmeMl&5mAz1(RZeFu<)NRc?7b45 zHkgQ4xX2xlpH;>8!3#_8z9TvNIJ$|;H{$Q<nXLE>Eq8I@@Ll>^$h#qlQG_wbe0n(x!)G0{UAEMFT_U;^={75bKbH8vXOJNYN1&vQ7 zme+*o!1gYZThZ{#^3Td;d*op}?{Sj$ekHK&&a&?S)_Rk7sp1rlAzI~@OBBDS|MZz? zla}9}Guy-4U*1SJmt6(%o0v2;OSiSK{b|gs*cb2C!UNtVwnKzZpBUy{LKhyIA^Z1V zZJCph-~}1t1bjN0n}9yjGOy(#a(>;Qr#%4jmVPN5c99^f{4nVNOga*QEE+THKlzY) zP4kdaMiS)P>zTld%(4bnpgvO1VO@wnSeClr(ug2pb5UK(@|3ouGOF<1P-zdui+*TD z?%D>heuvj>s6_Y&Anvui{%et=Ia4_6@wHX_??!tJmOmeNuF@uBrQc#syIKA68E)h9SG%L1 zzlC-0il)7#J6slj%n`gIP=1F`X!Xp?=L1=Bgta7a4OUHOG*iZ<#$a(QnJnV2>*T53O#^G+m^*ER5ZKwOHDBP?6t?DrymOP8bHE1F0&IDNrMC(d+b)@V)gAdAe`{nH+JACCvYFFK%#kG!c`Gg zPP@WKPy`mSK;WLMon&G`T_7DB;hm>r+pD(j^(u)6EI~~wA1Xy3K4ru0CXC}-;O**KQ|k~O!BexdsPoUva}3_9$YVk z6CxFDPKnXNmD2(Q5r!XoK>?}epOz`V2w?yGO27yNMKBn$Mt#z~RE)LR5Hp?jF=81g z;kQ|c<&0A(vaGxfo7vk>=F|oP(*QQH2+Ep0dlo?#K<^_Rbm!^jAlLLk3$vH9U_7wb zo^U81w#1CoG+8kZP6ihJJ!`#*+al_-=Dtr(XkWwyW4#Ik%TqtlmC&j2xbAguUJD=ejWpgNm zZ$JLbM5f}w^-{eX!1X91u}3DC+uhO7|Dq=72riNJ{CtF;Wp?;^N?J&*-B=&}`1UdW zDM6?8o|&mP15TRM``x`0*wZ7=tr<8($J3PG?MbxstBxuk?B|~}qkz>-Z~+v;Raxg1 zI%1i6kpq~LIc)vcE`Voh#6{|_IOw`w=_?tDlX~fU!(j?$#P?Bv_WMBi=4)i*`{XIp zdxy(i^c$0|PIB;W_I+CY!iT0wlN$q7j!ZGtn-9O?P;`q~(@3N{c`S@5qdG@1k~Vr( zFzA|PQ?SE!9$mW+VC!wxwu|7hxW+2?!T_`uA~Jo`xN_m?YOUCk zZuWJW-Sp_wJ!TDDDAwLU)5C1-JI}tuoLb-A?8jk!yIf%r!4%KZYnN|@>9r?4t^jx* zdX@r#Emb2h+ulXv4r=nh_n!U(6%>S^|Ley^lTVb#w*_m$BN(@C ztd|!lm?^PS5h``RrbZ!nj)HkTkUa}bf-}Ukk?wX_bVouZ_3KF|`2%3K&=^cQW^InL zy_2iLa;ra{j`=z6C2BI$*{rk~TIWCR*`zT{KEh%vO*jml_C)eR!+IP$OGnCe;3s`l zZ|3L&dWt94+L;j3UgP8cZQSU8vOa$oeiFsM)ljTw%)|LnR;E&YVKFCEn5NV|r=$Am zlOiuve#tsyKDX0Stf6%9u#T#ojj4vqw!z~cn#PJ!3rOY*ldgAqvM2=Zi)ZM#0yq_IG;6>VAHWVxM!U!N1vPYQz-D62sv_>@l2?oNkU8>Ozt&p z*I{ZlA2gJlbXh93_RBWz#2fAGF(C|1ay*~rL5yXM#3aJpm8m&@Hk-GmXqol_jJ5flMOFd)6QZ52wKeR;7pA;2{teB~u^jj_d#c6Jn>1F*SmVgmcug6xP%-`id7w|u=hK%~^47jxYfdcSt85s}?SLVRFFTG9Y)gEVqNw6v^M?GM zLwm5=jn8Cw4bQ>HTX`>7 zz9jzVJ7xcYyZBco<1kp%urhm#+e7nlaM3$A>B=*~*Q3mR=)|hV6Yqg|w|Km(L3Sgs z-MSFKk;Ov#;P38yF(mdwL84t>qXLW!QqWVCvBn>dx7&)riGf>TsuAvfHf|0Vyep{F z5K@*YhgeKK>av-_{RK8016@O!Nal>YQ>yGM-F8ytrQ`f*u6;Q%`_Zm31{7d`GVfsi zJpw!XgZ{KnRwYAHjTBhj;sTI>RI#IxpdrFzx^?}bzm16cC_l)_|DZ>V|K*I$Vbou8 z-g*>Qr};vdy6I3E*4f^}oEF1E4UzjA&twJ@^zoCV%UwVJ9?mWF*QfyJ!Gn=NDRk0` zVWj1;S)R$8alo`le?f%lCM*j!6#jT%=VAbucU7qsw(WU;eTR8q`8MA|K%5yvV1zPo|_$x`H#T|et=6aMOh{7T$hrw(& z0`onys0vUxZJt5xvvpFfypXP;PAea*WXo|*{+8s~Y=nZB!3n8k^X!|Ph2#DPo3*$b zdSi*usKOE4x=IY`=VAnK*&IIZg0R>4nwnbwfq*>`D{n@k?x-%i&HI;7&#YQjzdY&j zAwDbqwjA4777^?Tiyf*?N}~??-VR*8wEhUsc5M`#A=bEM6!?_vEl&T52Q*rFEJr#a zK``M<1FczSM$`bZ7Jq)wIa}MFTaM@l1DKKs?tZ>;`kpQBpZ9jX z&LDqyB%ziS+GY0*G#FWd_L_vm`%yTPC2oC-s4q`>oma8+MJVGLS-cl}Mi!TB0IiOk zhiHBxQ|Rl3J>oV6Lo^OK@r~YM zwQ`bJgoNm;X|Mti8^->0Q{&9K=C9i76P4F(z>x|~Td%sDJ+=wK4ZUy%8(;VjwQn{A z%wZGrgaimq*mZj8Bp*+F7i@!m->m96dt}Oj-p6<1IK=YW5!j`!_V(v1@c9o7EbI-c zzBeiWAX2Dckvy=x1t53R0nkn<0E4R`rnOi^1iGf7oqSX?q^2;oM=4K3d*G zveWsTN^Zu`kL(q771Z@XG0tCOU?r19f}^JQtTdXn)4t`N-6=4>s-taJF!IdXnpNnv z7ynf_TZdPgD_C{y4l6UIci+&35@ZbVxIK)j6s`5VFMRu9ujG{v@%zt_=R-g~7KpX> zR(+xw&~KiQ@!0;gryf+V7dfJ|I0AzP{eE9AdO#Q1$vGHWrJ0N7G!1-z`qyyCOT6(P z1p^6M6iJ{P%m*J?;;2~IdoRc3`#(zpXrc;X4}QB!^;lf$^gprYeD zAln4dp~cW4gdi}GU8_2IQ+ZGg;fp~H6=!3@N}~7nO0ZS^Jn!(G({TQElaj*0aj@!e z{_FG4bpADiHG@a6;>2o6>M{G-{&kMgc<8P%DTht9QeUBz(;}y^Kqe>JkgwU<+$*&0 z`Ir&rkuG<|j*-ElE&lP}u=WqHNqMvM@bu3Bm2%Wy<=Sg?=S%GVy!PC>`8-RQ%00F2<~5=r zvqK>`X+)sijK`tKGOW5?_uzcw@Z_N8^9G8X4EC?*eV-q2{tqA7@cw3zi#Q=S>p!Z1 zid*67#Pw$^CSUL;KnbX(LdvN3Zf|+{1Bq!5vIW=H3Z-nw*W9BBdL4Yc9)aCdb zMWy1wbj*F2T*8ByErd{zg(o5UtTMJC++ppCEh-Z^BHSJDn;Mnko+;@lFii99iv%%- zf;IuZsg}Kf&pahJ!Nu?CX@3`QYKuQ3d_ANCEd!rURL|s-OBp9&w;%^r_hBP7+hEu$ zTyDxWTw1rwFGmXrLG>0TGkgF;`;>D*JGp3|9HnJ@*C*#MGdZgcX`J7>>tq)F*o*z0 zW2HN>k`h-q?r?lO1{SrwVP9t+*uMBm)BiE~fuzqW%Tt0+SLtZrq#&$^LSRxwoe9SS zKw!IFw_JOAAB!5z%ZUCWfwFP^&Ds`mLT{e70yt}d~Wq32M75Wp^r+4q^@uK^J6oVr%HcbSQ8}?KT$Jy43DwM*LBiO@I2(K zzqiwr0WS=ut-B7KrMrPX@*Pkh2_FfJIi;*ik4j4YU(D;DhIc4NcFIbQdGt64@}WAV zG6k5cI0=m8a?U56--19edaTKyfF_#(Il47KzTNT zwm)_M$X~ixn|6{f0T$=xx_?(C$Z?b7;G{l9NG3Q7OiDW z)DT8^?c5ChTpOYyy}5!1Vja?!B7u-bs2fGMZsN(U;i)Y@Wt)Yn`iZs1_bzgUzisJ9 zmnPAbnRg4Xa~^k{ej8@uM6#66d#9N_Tx7hi$ZPC^Jelbd<%;tPl^|aAd0{won6Zy=_&GKnk8=9gcZO0S2|I*75Ra-sd@|0rzOm6 zVQKXpEqwU?kB7|AJQ4(pCCq1RUiqL*Jj!CK{{ zrSTZZtRe;iKIqw_NTlC$Ji39da&`2ZEU ze=^ne3;*(VdRyJOF(=ohZY+hXEM2Elp{s5ElZgL0d-II&7R0J2I|3`xmLk zg#z6zl&v-}!6f6ZY>rXNFeJ%rAU_WwN^IkbOfbe{T+HKMv6)3ynSzFg+O`?cR!!7a zcyj4S$)AqD2?kyC*S^f*0njon=DKOochSyG1SFVJM`W zWzRk~tkkG@-eZ@JB|mi!bNH*&^Ax%@Ly0gCi z>1bC#l#3Ih?3w##P29kwMKZg`rq%c3fWn)RzUp&cKzEvVe^a??K1jb?bmL_~PJ-+d z*W^6ZrRQWg!!5~2+io7KfrELUmp*VtT)>?c-s_0F{u^1Ugp-}9ucb)SYFL@G#;NiO zB*?k3_6rnjM0rjnz73xzdd{Txu*x5@KA~FxdsmiC#;P{qSU6a5z=>NoqL0-?wn;}x z524dR-OKOZK16`0^k$uZqK!m6pj3hp?}Haapag>Ag z!F)|i8V#sh8u}cq0^@VwJ%=@? z+iq)~YW_2I*DmH3vXA@v@!do#EWH!qi>8cNTM2X4V`=uM)S($hhj#6If1oq`gDq%e46 zOdo`@cdEE51!L}bg&_B2&2Z1iz{e^naw+EGp1oScy|>pJQ=9Kv4flRC$Owc_--uL+ z5Gp`!*f;BZuU(b7pLC3{%-a>jOrBGws4KSqWOUAElF-A5MvL&og+clmoYx_?`ry!1 zy?TQ;>&v|u6OF3TyrM%>`Yr1P()yu00`SYZ&p;6DQ08M@QnwLwA71WMvZiYn=7S^%$#ZA= zf%kJ!b*`>+A`%Hkck;fLMQdLR^2cYM{PQ}Ngxkg|Jo3zz#Zsghzjua>h$bm3_56sZ zpXec9jEWY6A9Wxl2J2`8Gi(8i{j+d6Op;Mzz{S_6lOAcCF^rhJo>Ud% zJmFHL+7Md$Kd3u56c+Hi+Gv;GoDTfTBDX|v>E}P3x9NQ_oP-Q^>ymR~2jPZDaPeLJQLD-m$> z+LzAia+PvzgfOHRc&vCf3RHtpvO(8feH-}_e*GD0$@Zbknvpj1EtX1;Qhf<_ANfi} zH?mwSn*i=rms9XI} zshZ7BfVdW{5ItCPw=j-a0e^;^SFc4m-E%coJ}k1IG0-=XL0+cgvO?A!AmwSv+t@N) zVq})1Wd|1eqLW#7k+F9a^(3LJ{~rs`zlW=GgvQ5iWR(7%)9u^T=?XDNpinMH$9Yu+ z&e#PKNl#>wVd&jhV>RKJw9~6ZvzD~IA;W}poPK_R+PZ}~mCOzyrJO(7QvR6d?CnIMnmYhh@`@XfE#~r`w3Q_h zDfsf?5~}UF0xTDb9K*63w1d+4!@txvGz%%!qA&LA-&HB+r=DAyyaR?@8k6P<_3D#j z%uJ4;(6Ew@e7`*_(zwAI(8&(~rZ=LazaV(&VmNpO>F{-rnu^=G4`277zP$wwwQ3p1 zwwd#ccx2(Fp_v!$?xHIr1qVDTR3UGv+0&7(_@@27t?j#E-d60|y)UKhKhcxP13XJh z{%35FU3cpLZanjWnh=dXaH|SKYlb9RC9i^Oh%V&o{(%#afLo8y4L0ZpUzHw&t$=AV+ z_ag>r6wy*~LzC=^L$+QqZ%=ttQPH){{kfYm(Nsn z?jw9)u9iFBB`>rs%;mPUZE;uJe6_6+!002l{Q!l`%NVi8D}n6lWCe*-4S-arK02tP#`5yMnQ?(gD8deWFEyAWz z;RdGynK5^r#4lU`&B{OD{gN|JVq^*qTrU1#Xj4cz9}8fhj;cw^QH-DTB;f=eZ+EoZ?` z*L2$+f4CI`DEUMpb|lgXf_Wtrk2*&9dDuE$8{Y`3vz}^U0etZO7X4I8H%`Bak>5{3 z+ub^K6cfFJX_9e8xPR}pzd{U$0Bz#Zcq{BY(Hvj5>+aGDdHs@y>kyIU4W^_O2CDsWq)8B9SdJ51hys(^*?mQ*5`!GDp8k>1AAF)C^T7|J%qd)F( zOmm7I;PI_~@*#i^E_GCioMS3K$-11_=Dm0GiURdwF{Yr#9ePnP_W?pbUjZZ?sDPqb z3mcLaM3FNaxIIKzUM1~(#N(m=8{BCt4U|(wb#*Y(K5=3}1@mud?zfjk?$ocrnYb3? z#u7g;j@7+m%ahou@CW$n_Bm)dz;qahO=5isVh#_BVUelTt8|025UkE_ru2uzf@uF9 z9kTl3qq;DvhYs z6U@)o2$EUT3`;~$jXD(hrnqV9WwpBl1gE6)FRl#LQp-UDnOaDEUZR|zO>n{*s+3BP&J^?GKb zZ#A^hj3pNASpCS?Is(*q0-5#UJoDIzvcPy;35Y^m*>2Y6Vlx?$TCfmJ@TEYdbvCHsX@Iq zOA+38FQf2WAWzLf1;ZWG#TT8qk5w-iNBdEe96`0(1t+#WVJm;4Yz78jhwQ!@K<%;6 zr2_O*0^PYbUtIauUc=?PEdj^qVnRE50Aapo>6l1gz;gACD$Qi z5y~+6&bfgW#00z=+V<>$a$1?N79BeIp*Wk;E_$^kUuU4AFiTwlA-*8-G8IX3S)YPA zmWX>vC(DR?VLwlt-~AK;)XPXDu6;p%FGwPjVXw5Tk&(u&->9ry z(1dwNz)~Lxj&eG{)d*EkZ421JJ3vlcjZ0>0`V1aPZ7@+dPUNF}7d<=6ip_)i;Sl zJLLy|%HGA2(tWhcsS%oZVOo`kt&%X-b}+>CT=wO;*J%m|6#}3u(+X(6sce_%CM)eX zaitsnRw6dG*0H4m>R#{(B}Ue=^&NFN)P5O?;7p)h!L}@L!*LE4_ISGXD3X}+7u_86 z#|wIGVj)u60>$pabqLDCXWYnV51;Oo>d7OvA-)blLFEBM_>hDerszY|;vLr+G`@@6|;-CF(|Igqh^Yz^8cVz|^4ow-S5$ zvmLFo4>!-Me8a-oRB3;rW`D;QB62$-9K|{8P_gQ8K(843T$X%ZBwQe3l(Ylgv~;nte3~*$G#U@1?^r%GJQ4UeJvMa7~X+>GVm?E#Q<2Az|EFK;yFL~2GX1H@k)e_mkX}x4O zK?exCv%M`@zVtss;8QeWQPIo)Zf-GSRq9%4Ap~rD<7j!|F-^uNkc~EuYI<)dpg=_g zS{EjcvbJ6hKDmc!Qi*GyCwb1+kJ$4tmvalg?oN!RO4dTZfO}X=CMUgx0!UR=_KSTz zloWsl&e7=JeLw~=lL3_~4}*5-Nm2pf)*XA$jA0v3oB`1c9HSJC!-e3*7dc~of2j?; z302`w5kFj~iwBe%tgYXs=oyC|`N2#1A~Q~>>36-X?TPo*j}VVdHrWA>s(Yxbp{NSl z-L2|+5J+jKjJjC7x^McCv)c9R*y7oSV>)hJMo*Ald+RENTqpS#v3cI{SJhytuyJEs z-JKl6o^lG;L(*S^Z%zo$_turU%X~oVNJVfC2>Sik1V2me990(s*}mAWI!VF5f*ui~FjzNDRl~s~B9ej#k3)re{M!c|rKKI?L|M@-Q1v6c2}> zM=E^Fq<`cUPoP<}JUdaGAWq8ISgmbu=tIHi=FqS$be$3-AijrQejG8m*phikyoz~C zaqG5{Ke{GfMdz3l9%FG6Yq2YgET7W0*`g76Ps{I6@7EH-@}YZF-E=OH!iE@hq;%whUxlA}%6 zlH?a)5Hi?i41^wWQ+G>tLE}^MmU{3e0Nt&)yuAGQZokkcWY<{IizUmsMvirJzPqpv zcou$J^+oJ_wlne2+#b=@C){Nwz=fBOjBu}{uwaODS;c#Pn2Wo+8`AOT_PE4bxu{=q z)cUh^FN_A3>=nG7)~|iq$p0aWQrPfl+PectOgSPuw|TUo{&jLj)gpQ7E@bq}5w4F^FLS z$3T&Araitz;V8$mP+yAS;Z#Zr+K(7-#dFE0kvD$b_?BOcKhcSvv~5}vhN0}urYQU5 z<pR$Pxt9RQiHAp}-?YLZA%t~+WyJfy`l3$GU?iqWc_71+@ zyQ(cgCq{?GhKvX(=2s5uqiAQ48x)+cjPRrBwsVht{Bjw&0tj(xa53 z645X)SA9JKft%~dXJp(XC7u)%GTI_03ltk0P=$PXifd1`Nx5RVk3AroY}oplyZ1#Q zC69Yx?+2oV{6E_+LU11;;Y`Yf_Z8?+;?Q7Jse5F=0rbh1u$f`jiKGh(jpv8U52-Bk zV@+WxgDT_>&Mm(fem~M0ekFb_cgaYKlvMJd-)?Wf>b(fdqOqL%f7lya5s-jRo*dc%OleMiBOYBX z>4~42O4^M0eX_`wak{TNj*D8TsWw|3(7Bh6B#9^$4;ZX|ueJg_>|in>rltk*=LQz# zRnn)EWPjq#D|%9GxA`)gB`qO?Uk>!{1npDoQ|0%*sJ3Ez<R{@m{5;{mz5D=9nUApw%n;=D+NL2y|s3;(vKFq(6<>S=9)wMg8a+=bzin=>;+%`ZpXr zp6Yv1F$_7S$}a7fo0z^gUR7-n1Ke zgaT4}E{#zn8R02z7Tvay0r^3b;#!u>F)ePy_?2Tizd>o%+SJ7vjOxH!2-PiaoFy)H z>`5FG6SkBzDD3G0SNZgGPmT%vmYcb=RtSU6T)f%)U+KRwCJ%3W;}@yF@S4O&cnp?p zj>Xw$uY7O7UM>B5gB>+}J*S%eWKN>jp0^iKtz&Hc-#JYdSFTL5x_PwC0P`cz( zDyy``E_?*>e7Z{F&MgdFSQi zm!@-XCvbIXhFJZzQOlwve~*0Gd5WR20d8ctzF^-$`KObSb5T0 z4(XqDXN!)PnyGZ=#*3%7?pHKz^sgG<%rK97>1#k4lxO3|#2JUl*q*q_fzwMAy{{hf zSrA)b^4}$$4!YK9fI`j6R8YznR;)XVTS|5BhA_w$z5DL2)(UIOX4rVkm9b?po;lO8 zDs|>}hrCz^(M%n6ra{m4GyQ;48>;%GAg{w}Rg7Z~72pnB3Bl6jn<4|W zh{KFMEy6wCnABNS=EM ztW~EnzxDH{0@U2V>#n)TwEe^3HXif;?l)P{wO)HSXLFrZFJrN-m*%r~N;VH?QlG^T z%O}%5(Vy2>8Y?1ejVv`#!WOpoe8Jt$)1NOBe)7f{XDAn3!O`)uwji7Bt;FVoC%2;{B)|z!RncmdeZkl=Cu`%A9$**4_hpfFRc}GfrOMnn z+mNm&{EG{3vA@+t<-qK@o*N_2V^SzBgz3?vw_+wg6NNce+Xk6VXxLJyJ=nuQE-cEj|+meq=H3hKqOOIm2ubl%`lH zw^HsqDD(!)Co}V}Z@dDp!KDA2=yoV~MMdk$5HnPdnmkNCFanWzDfz}1fd~1NwGl>d zsLHaLR|O%-7xe;dzJ z55&v!Cmd?@H2;h23a;V|OKI1KZj$~;xN(`YkAQvR_l-2A-HlzFLhOahQ6 z8^g2ML3DwQw;aXId+&u_UEp&s)^lBhH;u=p27I6!CTQu5&;elEt${&Z`^};%$jU?0 zem?X6;+JMBbM_s2UezM|Q6y|&ng9BU=2TmsVMx2I2+jASKkjDWa62_Vy3=xgoBHP= z-OD;3t3zJ8GfDct3=!&cLYCp0B#9-VC@zzIV-Wiuovh zY&Noazq+5;lDe8YJifU*uuC(HjG$>5S~N&6aaVZ(y61!EWIE zNzq`?s#u6;<&z;E^~6^hEvGBR#irYD$7;%goqfX$U#YMB--^#bAH`_;{phcV=4SqODT$nMsBV<^QA|&~EzE^h6LejJC!;!xUuU)Eo9Bl;MR(1B3hB5p z=p#;Gdj6`ogACoVn=?5^t8Ug%%a7So^4V(oodJ9Ku(Ma!>A z1T-ag*Db1R&nd@;>gTtyMziG5@?(Xw5d}TphMBpdmpXFZ16-C<$>&F*7rr&_6? zY8dNB#oKmbhvoGOjBeEQPQA4&v0ESeTuo=EfBkV7I$`bjWxXt2La8%edc%^7TOb|< z7Ko2sD;LLq3qnyjgAY~?QKa>*MhPXdwGrQ+(AcJy zA(%X;P1~QLd+$}~Hs*oYQ6z)hPYjV&7xHb|G(97L9Nf9e?~@*G?jIi3wloDS zG3HKEF_K5uHm(SaO$~+|-g8wrHDr=IBGDgS?2Bv7Xg>J9;ZxgSO45395_(Y<0BoVI z+Z{lwDV_ZXFxDEP)T%{i$>Csd4ebpf8J59si>7$UY?){NoF(O`_wK%njenXmdD}w0 z!=wuwwO1lF@~45L!|{w{47Z5NzP0p|xr3Vhe+Z9g>b49k#_Vn*Z=>IZdjo%3T*_)? zy&I}Wlz*SE`9y^`JpL7n6%#9q6EyItFr`qTa^Q30YLPz$V#HhT!9ZkHJDo(Npht4t zE8?2!j3CFRb>L?l2NAl$6!}OeU1xvc*{>waBOn)_RB5?wds!N8q}EKtiHe? z$79-nzY#^mu&xV%uVww*oHDt;?nMD)M3=a|`F3m)y(bEHO zyX#C@drb<*&h2V9)-s_wsF!rYS#y+D7WAEvJ&(`s!YA^v5m(rqA-!7?Qv!2FbQGFk zQRnj)XXdz{>T*R-cO{z;-sES8D176*TZ;UDB-V@!LX;tFr{{l{;hvjwH}>V>d*5*JH)Bfz z#7{o*_J10=642!?5>;4mxBnV$bwuLf|Crc?#kuB!hT>#DocD2hUJQk-8%c}zWF9w- zTN*OvD7=4Zr(?emR88Y|GwjdTA(GdfDWmm4Ru+Mi9qiD*J>kLy6F@{NCVpIFHiDj? zk&AOHg1-CRbVB|;nnlDfXDsyMDDJlp^+Eo z$ZT~p5MD~ykLuw4%&Wa^=iN!CPjG*u<*Ny>+!L7B$m?s>-+<5aq9))J#bMqAJX2?W zEh8YD`4_#^mik@~oHDt(IeRMdXdsz&-Aue;^~5zlLCMk1#{Ct3v`}7Rq{sa9k9kRU zL5IR=heBWDHdyQ{w|l8)He#?K3wiKkOy_)A=hpWVu~;4xZRUOA0z&AxVrhjb*xRcn zmy}KpoQ#ua#{8PM#?-K*3B{Ik)T=cC@s}kgk_Kh?@1UbsFx1zGUv`--d)QORBhqv+ z`#W|x+*_Q-nuGBza`*bGfaVX{E8|_0dXu;n#83TDah)39{lKDppi)ZQ98)&106jy>V6=D*O!G*^1{HnQO|@E3rGn z=6+B64PVkw4P?cvRpT}wEAQF|&-b#{v(OA=Y;_Wr>u16Z$~>NQJtdk{7C`84P6_KWYM*M_|t4i?G0Uv^&{#-7{O-Hd9dKDw4ZKVa(1 z+I@#c-upuAtzXFPllIfw`D$~)x$KNR;p_G(xxOEMMhgHiE?+*tnlEgO9w8zmBtJDE z3{T$7)x@}>N7#z-%r2FJEu^(Y@_oem=6f<$)Q4SWWoq?GeyBaY&WjU#R&7jd{a^Ko zmUG|{5t*`I5-d*$FMm^jr>|$4s2A^loAB&I(1d#oXHg?Z&W1RCp99SfjQDr2 z>0d~$vF-XrqYmCNHGbvRc)}WvCZ^EO+h@*TOOmx0(7$wsnHdTr%^5ss-A^z8fI9nQR?_T#t}0t`_9E1 zrUpar1V3h55ESVE2(%r0Z39+Iv)|lo!A=;)-tMi#esRlUsDy0 zJFGPu=j84w)Y%g$gE9hl&{6JqhsuMd9g1pWlkwnJ!=YEMJhc1!WMBiq&`iZqHz~=K z#DX6^D=q6)tSJ`vFnf(oE`GS}wqAyIzQ=}lccjB8<4doI!m8}#HjTt+?GRCJ9>>4u z3BN@Hy>6pM=1=?Q<4bENZr1%G00mw@3prVQtWMApV==L4*E{dJqjr%Lw9GShw&SZH zxmA_cu0(y4TCnA$p+&~ZYrFkw^m}4)GN#Oq`DiOGGJbx(d(n)pk)o0X!sh2#x_v~; zDPreU_`W1Xqx-|WY>N4lFmhQ7eyiQG^Nq3qg(0|^hwwSDY!{YszeH=^X+Er=Ly3EQ z73$3I=4a`c2$w&sNFbqyE6}Jo2~?ZMVj&a)K|UYq22O!E?L87SGd+9**t81dx_R?` zddhG;F5xjFZ@n{)WuHT1@t+a#IPG}n?6R9u?D+XR{>>r(n2jhAyE4gD{>XAm@vOwT6mwCW5^Tl<(@EGrywE?KfY$}}$lW9ti<0NqMYXJNYrn~vieyS^fp)5VI) zY1iU?Ioy!lZsq6LF~j{xn8^y0W%OHJ09s1a$4u>9;0LSAiQoON4BkSk#vKL0yti@i zy_Het(&rUFs8`0fk;9*`%Oo74Eifzz2F6HAks7uwa6c} zSpSe)ixN=`T~p?`ZDQ9#5d!oXIa8?H$|n!Z@x2>YnCcXZKRAi)O;0pK16IXy*L8&t zv8?02NtiQxDmqxv%r!*}=$zc7!KnrMjj@ zui{Ldj)n)!SuNLk_butr0&-arICSU{JTl()DM?Pn8=XcceD2hjm=64tk28@qeF5bX> z7YhDGXlH6(7%*4qTs)SVnHpG4_BOPN6|822cS$zyQ_mANJabP>aQ&_!RZF*fL;{Fq z8Fzhe(rI^6^~N(>DK(5AW3%(`LMmxgyqGOizTGcZeY=&OPr(=C0op=doF5se?Bvl7 za6nhMsiTzgNQ@u4)3)N)WajaSuF0Mg4al0eS>)5LA_DM5phT>ddEj1pICq^6M!xkf zvrrf!mIEB$mJ;HrM)FYWMhzG=F5L{)F3{dKqkCmH8880q?e1_u8s*jl8Ziarw7c`Yx@ev-+ zp9bVubwkaFnZ8&k6pz?x?2_taE)80FAPHBh9)Y``k}`5%xXt(bcgs!bTpZ|}_^Zw} zV++c*E1ib?kVnl&_}888STO~x82f&{Q-tR=@-?F7lE{JHmKt!UY2m$7Ii7FzaN5}R z%nAuMI6s@eko)2YMq8Ii;-#i2Mip991K*5WK+`_NSSU}lsiGAU6RLHrh0YHbaxx{# zWLtEjahZp$cNDrbvY%$auVYFCGGKi+MFr|fP`&j|+-YPw^3um%mh&%H#GKZkyuYx;BN%cF+o`y^AP!<~4Ct3L)mhlliHN)dCVSA>665!;JwoSz~*3j@2H z_p+|gB0C#Yr}S{1!EQ4_kT*K)a>NM_2fq8sp-22>S*PWWbDZp?+y#Dcmn^>2nGHkc zKiQYSUdg3Hz~){A;gT+nlLR%o{ip<-yLbrbJn)&A!9nQOqzDI(i z`EP9+7!~boE@8A#zva-eW!!p%hF%QQ{1-)Rf_WI#3hxyhE6vHwF4Cy(An%|q`^t0J zzvGIKYWv&P@fIZRmpS{0H%|(TzCl~lKIZ8bt z7SFF)nasF9F&1&z7`_F6MB9WiRQ-`KJ-sPY+TgYGmKDVeHw0m=2BfAt6+437yt-8E znS+Il4Hc*tduDH%IGgS~VJC|(IvH#{A!)b{{>1Fp=$CF7H`RQKI9k#az?)FwHXV~}e^U!Q%mBv)aNL}6irW~iym z+10v@3BCddMLd${@A=3MJ!Cj~h4~ofNR(f4Sb7EYS+Tz~1%lHqBdbZ2Zc+%7YIYkw z-d>*BMe|JqZ$8ge%Y|T|mz^wmkjw#*_e8T}U~1;;8U`NpZVglYE{`Iv8naZa&H`V5 z*(8#$FhyIsCy5&R`r2difnR07M>SS<+FRDAaw~re2xDjQmv8Z2+DStK)ujrfCnUfk zDO_}X#AFRu7TV;x$>3jdHx$DgxUUJmyORrp7Q&dRmcKPOq-DtT&VRZ%d1SZl z{g^6zKjZAO4;ngmokW?OA9jjZj^xagy!%9=8lc_Rv`%GYt}Ou{;_mjo-y2Lvv5c>N zS|5EfKcX+6ZJg^Znc^q+GobqA@AnPQg&Z;=Y*hLu@ObJKobaE2&#mt?5*&>7^oBCN zC$H!H2^e~lQ*R{!)eVqQuIs5g1?&#OTkyXG8(XvIUO$7@mp>L3WJ9olp$w9D0TBQQ zQYg!i`K-+Bn{ijz)yk~ykVmyCw+1yN7|$-<@*E=nut=l*PJy0Y7_;YAd58V&JP>HT z3lt|vT-b$?$6b;>1vIpu{0#?K?ZFHde<||iZ7fso<(`{kzf8PJ3Oz+BJ4InF@D4hG zuZwl#qZ{xM{_K%ac@964(>n*xw+8FOW!-{jW|04?ZPz8}$`Bp8NR7t1Z5MPwSLT6C z3s%NuEwr66N7!nC!cZ8}yrwFIkzC`ZJztez=)=P}%s4R&sgam(iqfoB z%VAUWCHSiGJYk&9m!=dP@K9N$xDM#MS81LHZ-+_3c?U?lGmh2f^!hm*wVvAKt~?TN z#1G=@x^-hDB0VVz!=SLc)9P6yuYL`3TgL8cb>$|dAGk+fvEN6<%f zP{&aC=CtT5GckL|WKZ=2_`HH|{YZ8|854LyBm;y9?)29*1_#Fc1E~7JWfA)3?n&a5 z&}?k0*z}CF<&O`)l@A%>rC1jrVV<4oXPdu?cPSd2COYXN86b!LR8Y3RaG+AY!turB?_koR<^J< zdkUHGO9*=LRBly zqOxHt0{lp`e&yFMZ$)xR3O~-N&5d>XC?my*$f|}_DIUzPEGx1dEO7Ph_*@e(@lrtd}t`;(Tz_zJk z(4Bw@HkKa}Lf`E|f7LYIc;T5Ssrx9c>T1Vx-snc!RpI&Dd_t_4EV>irY!K$qPM}A*InpQConYNU!4~u@L&e=g>3T?@XyJCc7RDX6}bU*(6wGi%>D6}Q~5`P z%_Ts%xfs47LX)o*|BE9HcI4V{s47L%6aO306YlBCm*#j`SFP^owz7#3#?ff>&w9K) zk7=lSl*s@hM%w@LKRY}sB~CeXJH~BtTVu}K@6N5zT`pE_TD;iDo#~mo-O(u|Y978G z-L)l?x12)&a%W7r*&o=#a=1SZg#>Y(zCjPH-x{wU%~y}**twSvme+1 zS;)Pn7;?qx8in<;3qqO9%?>cDE4j}#YQBZvw$of!S`FWrPt5r}sMi#ta%tpeQsJ8d z^c7VPQM6hL`N#^13l-AoYHNq@V`uXHab`6#r2bAIHZi&tHgq+DdWf;ve&)qqx&uN|Djh8N43FjgV$%DLnlHz-Vi;_H$s}pe}-Tw-TxJBC% z!OVgE!yEcBG4IN3`~LgrZ9E5mapufluH%%PgKx*{vWfrF2C`kT48QJB_{Vpyb=6^O z-}zT1+jA1j2j!qdTDem6{aY-|G)Tbicm!jf<-uH;5#F8h7pv3NtfT3V{nixbUyW zUNsJ{c1CoXc*>h@yfz{B-GO@Z06h%h_~I z?;THyVkBam%M#h;Ha7d<3g_-R8E5Y$(0oQ5x_?IF9Ef5=cBa!KVYHQwVXs_3i8YQ)o`f^tH z)ApybG9IlmL@{wZ}*H!&ZDWf0!a(+M)YCLJP7w^uVB|r*B-Tj#jnvF&$m=D)zNhGH9HG8`*LN5$9b64L~itF*-4IcpeZVVL6`)@3F}Uy2|`Om+_r&tI5iJ0|$xp z_s{m4QPS4aVBq@encHpymTS~J60S13m{A?M{jl0;Ry>MGql5;I2ejCp9 zs73iMaVk1GTHL%<*T=lBz8`tv3V&lomJ@j*-_KJvxu;uj9C60OAkjlisMUl)W1!tj z*pEg%g7a=1?%S+VMsRR|{&2scf^({6$$rr?ztA1`E@2$vh4=|KF5b|O;!JvksV$R2 z4ght8>W~K5utM&cHgk<3tEZJ{lq`fy#Cj#_M^eZ^!ARzKo0Jwc3`5O6KlGl_82h?aX0AGOc9 zR$?btoXc1;1r}Ysk!F_6TijRMr?`A?S)DRV5ApL7Y)-yI+*;Qfd{!!zL#mpWH^pgeh_2;sqB+=n*)sxr zO`8QK#-%L?qYB>XJQcWoy)Jb|bfIsrGNY-lfEzc4ZvF)#*Kl- z(}k;PdS+yDVnniJ@>MR;VCSx9J3TjunmgBjIpBp_$UQT2{PHWU z)j|%Kmq2y`sk^oG@H4{W9MCNd4q?kd{S)Sp`%yWxU`n?}^rquMw)*E7SqK#Z_o0#@ z5Yx(z=k)68iE@0pej}X3=aj8=J^?SMG>T@Y<&6#sUi7n-cfW*~$p6U$7-s)Fvnxz< z`62Uc%F;8sqZ!K@dq+wm&>XGv!m5R}dE?mbg+mE`@p}$cRVw0hWUZ3S;X2O&mj|g< z4qrC6?UscX>sgH(Auov3_u;b;|A8<^T-V<1%m8u4h3Zf#ddbWpAG2a1z;v0M;$ygi z;A|DWoUn*n+BSGs-FN(^nQ!hP!OIRHA;~>cyzzJI^w=bxEgwO;`mXnmV;2LGt~w2p z&lF$k;%G-;FUemlTpBu5{9Rj-^O(I333yAN*Lil!wj~!AeKA^V?A}@2?4$3wlKM(( z%f4JA39+bKZF@sU`6v;KRiCNBwHmfJrRPk+%mwP)_KdmW*IDH`nOUe0C3Hh z$X-)LnC3Ry^T7lg;S2`M6(?rFUS(WThyPdOY93V~bwPjawH6vCy zxK+dxk1!AUk%@|=8mq&J0yNGe$Tj4Gxly3eS>fKi`Y4 zy}ke0u6>x?(s1E-@2^+Vc|$b1tT8vm(6NQARRWu`EU2e|T9>I&IHYDy%#GUFa{!gFJ$JA4`&y3qOQ!YK*YB~< z9K=bZPo=eGK&;@h8q@3Uq^;c$#zfJ^b)-53<(w!!%Q|GBy`S!vGjW*ZC_wwGivhJ1 zQgLS-|EW%gzxH8Aa!F@JiKKWx$m0~6{c={OLeRrxHFAV{p!ly#zd15=!WF_a1I4x~ zy_Y=pdoKCXeXyCR3PJzTv~Oj79v?i{SnPbjHf~7U%5+ z!!}(}-f;}kRMQ$SnrMM;IvcZJOAXC+({Tr0VC9g&Mcb*_aXZsM)hgtV?X@aW`g@bt zim7=zrw<$(Ru`>bEG40oc9uVSZyqtI93o;p_QU3H~jyZ0@LXUj;b1h1x?9AX;d zJ^le4hc8m>O_-qEEJ6$EmGT;o1dWx?kH>!mLr-_}gxQR|ixH2Q`IjOJe~W@xpufP) zpXF6N*Lb`v;^M4(+xhc#rhC^ey+!4$fiu>BD`V*T;3-_dbGCeT> zHVv3xx8E!G1cbY1<)e&fjw_QNX6BJiBo0k&*u0v^ZjjZ44H7u@{DN7i`~;%-i>ZR%tAJ9uKG5Q z(Ycmr8?pWvcv+ybZ?)w==38Rb3PZ8&P9C)0BDM5$65S^E`;#>ex=wU5uuEyDwkF^A zuiM>#n1apL61byR$O!sAT#OMV68{vL!5$lbp|!kHNraW$%ZIE>YK`_2W? zL6kySn}>qXjf?X>r*uyX8j-@yk2(Sml)O?-Pw%w2&J_rNw(ISGju;u7@#7;)h2VnU$`^%JM({_NR_*Gw|pmN&S&{0e2} z9DZbaN+-e|@d|LyA7p1Z6~4;J5M$%x`bSn_z8pj{I~C61v#VATb!?nhocy!ONc}Zu zKY4ri_C+_3^VQQ1SQ{IeNzui1UUDzRkmqtK-nZLzZ@}nh_xIk877!?0K3vUF9<>5_ zddPzj=B)CpQ+fKvzyuPwa+RQY794RYgDkx&HmGw+u4QsWp!k@%8B#C*%<+wQ;Xn=p zmShEcV;zEJy#`aA(N}5smEQdR62)@zb>VMxn1&?bhkJkJk&xca+Odwc8#5f$Y491t zR7&RtE=bNysE>lbFYU%>^D!X<*4!KJ{>#qkxC%1F^jE;JBQ zv$ceoltFCvUxPM#jBc+u2Tl3Eb@Y6O{AiV3z5z}X7J}3|33ci#NHqbd zrRygZd~0jf+ba*^)k=b;!lh=oI}e3TtR{QI_#Tuv20Ok$YR~M>x^wqV9ez&&*G_3z z2*pY!G$5fn!*Od@O|@g3wO=?5{(-6oqaDF4YPpducFh<^rBrt_U#U1Q0Y8k|~fU$hLkYMwJ`TrXWH#nz=B`ryqr->x}Kja|m41PjS)5)HU@WZuU^!_d%l zo;I24$e$RjqR^fkbs`1HLs|{60Uo>oq9|f`7AyE=P>K5Ua~A4E?+?x~hE_3dFBsq} zfJvGl+CZ3TIh$eOoujiT?d`VFy#;v$(@#g+q{jWj?T%M&<#`A~7SZHR?){|6eDH|; z3-@t@Gh@RLWbQ45hO5akH1~M^(VB3(6!(UVuS_~irBCF@!7>23?&s;u8!w40v^vbo?O z{Ee0c`c2EIW^DN=SXPDEnMzs-%pHH%t$&`uHSq6iXivm;0}@y2A|41p=9@G6%TXrF zA|}`cC>6{YI+oGJXVBa;&f8K{sXA~u_^iak1rZ`lcPKTOicubBR=}cecPJ7HB5>Y0 zgv3q%^+OQS`p+dM*J-P7tJEs&e;K(h+tE5yYBM)u{y7Ux;`l=)@Tq9XMo3Gd&N1xFt+WcF`1Sj2*D0Jn))m?-y02n z>;j^~e(?S3^l&-Uy?2J%vpk2t?YL%`+IX!0IqDh3VM6-p%o)O=1*WqMWL}iN+d|iJ2-Q^(_TAU?(Ql%aL;`9 zU=sdeHd}tkD5JR~so&oxKj-}vpD+{Tt+pojg8^cKC77gct<7(SwH9WE&)Sqt4IWO( zNo6`Z?`ma9-Q7M12-|TEizNTB#2jYL2tUQ#&0Bb95IGgHs|5f9w`q+z4$GtUBEQot zIXlL`dYOP&={UCcZNY+CY*wKlJNzwMBYBBznc4*v<@!zL*Ip*HLzg=y;($ql4Ur`O zXE^pigeXOcwjA!&h1+a7buVDV7EJoP7^3{(dA58tEYZ>9fRvZJ;i@AVQqC1T?NBH& zCQ^^Cm$-^cYII_0ihUABAAzMJc^K$i<+F_aGu?T3Nl7JcUjf8p#c6JvL*_HY|7h9J z?irXVvVerfsu6!Xkpv748bU6=uZt?*?$)NSmtE$f-H)M80;W^!#@kBehq7qlK@;a& zrrrvG!8mxsa&{x`nmA9RZS3i!pdOmp#wA0-Nw7XA<7_8de1>7+8%uJ|-&jm3){1byv`L;Md{o=26xjnn{_8BPmm=WW?x%*zatpCB%(Osbo*9uJcX@@41U$9SI z9-*CiZ9z8uRN9Hn1th%%y|;sn5nj~2m%e@D&$f|zrPcP0LVN{1yJ(G5eCa9x#r0_! zCLhX3>iy4P>};;Gg;WH9%=-h#{P7E>xc?Wdf)^mW!R;bC)vrMBy!EWZi0GPi-G_u_tq4yJfh&pwm1984n}~dAce| zn^-5Jw_BCH?KH;2z8~}9oYPGj5Z#K%Wfv~9KRzY;Q^iCWJ=eeE*dP>VKrSPcR#);i zr`N|IjSLQe9rem2YNjB&HwX|_lMyjuE3SQSdj}pg5Xa{%B zy3@qFzXJPgO+HJB&;EV=hssW-gMB{(m_4oQl!(Ma+)r6V?|{ITMOjz7{yy`V_E43XHb=+|c-TYQ;I zc;%U^pC~n~Tx!fElYS(%vp^BWqZTsnOJsxUfv2=(e2IEH4u;rm^YuKt&gRegp~E^W zMHzf(0x;iYlcLe?xmXDL;P(WkLfyEb4P_<;9r++1yCb%2a?L;AL)g3;4m$^A9(%M{w(d%EBBx79#0Z)s$>{a z8l7lc9g_w!p<0bCr6mP2L`KFe#tOVWS&dHanili^`vO(B;8FCoR*b|a9m7WFvBN(y z-tha+YOV0%-gZ%TT7Cgk>OMNL_#Xb@U|Aqv)Lw*yE?zg^dyZ&ykVswPLINatN1k55 z3I*3G5ie=3^%m@&`E&#b)kHXFb*h1omBofMx${sgQYpHY+22he4I`IP$b8hXCslKC zDo{e?{Lb~E^P>q)!t<_K*-}U zHcJ*I(<7q45YM0zvnoP6TY!8uuz%7GjKmg5THIJY?n!vVd|-|%GLRUMS!0cC%MIQ* zdKdHJU4)W~wj!FSSdY!^_|)oq>;IAjMD5hbh>?@|i}MdUtQFtMTtkF3t#BLJ7V4#y2)FS_e!lN zj~4o1-O~fb97M!Km|NG5-WoK#{=<5-sbLf20Rxi^QV>2Hi6lqmB;rhx23uSC7=?G0C3~T<+Et3dKrz z>4j=;brF~djB^5#n3Tce9AH`|&@0=cAFgDPhE`k?i9+j6{)9{I0i5|Lj(tSCdv)O6 z@}fnb6#UGOV9)YKU$1im-G1zvpbB(78#>QJSqBa9mcshdh!sD*vAQ zH%a0uk5}T6GPqTyFBFjjwQ;91-*{u0z5C}rM6HQ@USdFNFqyqQOXCCs2gZEtCEvyC zC3cg+6WKg@!z#Qr@piH(mgW}c&pKbue3RJaruC~G{cY@Bsnk@&_&BU-bYrrVAa^DQ znU=!miHe3R%zKRYN++>8_>o!r^M|~!zzNYZk&=3RRqYw_)d>JAuGSNos-s$2O4Fto zzfD?{6CJGyFdh@9=D~nYfMK?~o>FgPHTKC>f34m}L!AP7hqqAd$uI0f%b?d6wGIGk ziqL$s_c}l#eZWz)huuhi?54d0q3!4*GNBE9X2JWb$5pv!Tfi=Qpu;yl8x}fyQRV%3 zt>$gh)Z3_5|Px>ec; zQS3)`N(;GGrOd#*M@!OK^MN%zTh?YfYnlq+Uia+{nRz3Hm;w68@NDm!9R!!M&^(eM zO^pCxYHJKHNne+t&2Mv-t(~DgTyh3>TGmEut%0|DibcLwA_G94O@~M(>@^cl}k`{ku5ngAG;s`t# zEw54Gi$AICC#6`Ui0c<%`#R z5>wNfsu(SLH(;Ux+I+Q(M7K*J(k}+0@MHik_3gaAyZXHb%^X%lNUU}UDcacoF}0RS znR*JxIlPl>8L+EVY^+a(cP{!f{qklt>$ic!hy2$XwUpm1>roE`?8+VIG zSV^uXKWzWmHO|gFkPG+)dWAUwZ;7Lb@Ps6yW@WImTrT&eH-Qk0O+{d`Bp&(xDhACFMbew?`%YV3J7 zaSVA-YP1m;2i%n7==IEQE(PW%#7#Y%RyrYz;9<3HHI-y2X0F$&ffjV;K_Je(u<%AT z#?QyE0~uZOPrBefo;bVlVcSo-Mf=%ye2qxbR~4C(Sg`D>7eE=>sSkt`QMIE?)GTMO zhBl;(-o`c?E!5R1=i!vW=wBlDuW6p0_xV)k9}F7vnQBdZ##-DxTInC~atB&E?Q(-i zwdL{4t3iv6ZBvLg4hhPM79xi4;C z8ZtHzd0_waQw`D3N3?eCa; z62ZP`K}G1D0tj{mBnZ=-3qM|CvRwJ+fPT8CQH}p3_r+Mc`P~rpZM+{p^C&3A-Qub1 zHcAK-%!m+(Yp1_a`>su=u={F+f4E9!%WbL5Ou?k>5`P&dS2s21$>~ONOyLfG3tU zT;sCNi!0kjYMz3{k-l-sX=4MbY{cJua$~YKepsICdr&xEZ_)(d__U-O@0~L{NElj2 zNt3O9*xmKnjexO1ccA579+0OrISP!rx!G)9G31O!b8xLKICQ%TBe}JI-2Z)Z2^5?z zikqD9gkw4YFUE6oZNP95#*h)zBI<|g{`g9|H5tO7XxVXu-oZX4&_4t#C4b*qJ%s#- zWi13qR#c_1Cx0D2U%X#03$+nGOKIULHcOG={za{Hj~pKC*pCv5C<4~HwOhU0z#qf; zJmWlYep8So+9zh41|Iye1AQGkKgYUIWl#`3#R+z*_diDIGsMCgEaUM{>(XDomO59f zLwfH4o0YtOibNX-PLt7A4b0v$d zyS?JCuMY2Ic$;HIrS$3{e+bCv%<5jmdO&d5W12trigb?@MC}IHEAFM=o$yxtIg!~Y z`%WgJ#~BOLCrP9~2OU`fSn8kg9iT`q#M|`Eo^Cyich{0jfcC%=WtVUg*=^c`V?XAZ zN%UI1{T;X!?|pKE@&dW)Y-QW)r6a$4fa^3AxwJLF=e7{R8|~-;&<=T4-NZ>l?9<-{ z6a~fxY+>c&qOCrYsS>@(6MYKu4Ltjr)M^?>c^ep7D>Oh)aF?q@#%glA8`t0T0-Gh$ zQ8^71%A?8O;4Og3=n24?S7j1T?ydlaffnu$I^J528Nu@jQ75xZH?r7MA`|S>_mk!# zrzznmkK)&9=|U^xGf!x%zyR;6Y@S?68zIcv?`MkRCkE8jGX%;bzmx*1+u8oH3@X7K zUdKxS!Q)YIsPQ5(gW;_6Nnhd<@gU3bj9^+{!gR+|po_ai(C;EO@B=PqA9G&gjMQdA z_Kd=vq{+U$b32lS((S_y+XIx%OQHQ&xh=Qjl8X7e=Y)}FO*Q2E-#^AhcazSzL}5qu zPm(^FJMj`7cOT=r{K$@lCpEls6S#`LN!BNktGT!4@_dUozQTLoY8>L1*;@AiBcVXu zI^PT(hgy?<2|YK}7!&svNV1!=AMF5Yi#-|B-`n+8z6PEueW`jf1Yw+f{hORKkk<10 zRS`6BuqW*xtVdva07UqhgPJD#8Nim z1vaJJ2i}LikGEPdEU;I^vwBb`&DUGcK5aZJaw`cwoWym>sr)IV^8=?sLHBru1LxTd zB&d;98Ul_9Ema%H*6;%st<*8Eyib-4*&Qa{rF3ooGV+TmWc}4=Geu!%-Ot{5g3;?J z3eEKL|C=oTXFO)2WT)*<<`ejj6kxoMS<=U@kmH+EJzCCbDstkNT$jOXI7VZ*YZSZ> zzWuzVhw}`B1t;sTb*o*349L3Skgf-XASokOwOsTWeS$K2mOUf;+y)Ny>fTw@_NG}| zG~8pgsIw*800h&mhMBcHsTK9AM7K0HonAgaLy=*^<=At;&qXCeZz~+-6oxt^JM1ae zt2XO}(W!Y)8tQ(KWsxjjq92PLLa==sJ6`m54^vapo){T;h_p6oJmZS#eUn9Ij%qQs zFl$7xO7n8|WQC&eDdjAFFEzuG$GZPEQy9v!ozH1n+5<<_B0wCdtZ+yuy^{R2^m@Hq zDRSpH8^2p2O$8ytoi9~X${ZbC#4rHz6=l+<(GYQXIV`FQS2I-@42neUGL%Bq+kz27 z+Z2}GTUjMdjFQ|J;z6#iF=)EBOpcZqp|h($e0<96ZI3>ZDBxDr!86A zoGv*-#eJG#oO83^j;8lNTUC202*XIcAs4PAl`FtL8+TYZ)++s~NbFiwt$3&oXf=!(Xr+-x1+mDn~Eyz>aCr z63zh>v>zV8BL;mS$!1};(+)W+t2-C>a-q-9VMN$^cg14o`DdPdQp8FN{Vo%`NI# zGCd^FZ`kmZ0cA;~%fgRWtOd3EC(}jjfh8~j09(ub6s<7$tD6-Xf{BIG<_~7<6~{nE zXLm8V=|Ij$fbA-K4nqv~DTfOocLRjhrcng_lYpUeOxliU*~bwJMIonNdzpCT$ii#M zH{W$C8=Mv*8IWksLFW5o{fOyA}&zLF(DdqI0Tb zbeD=o#$y?PX97o+kD5Rr>LI(~H)4L_fTXB=y$MikzffiI5gW=gREsIv?4quhrZSAd zMY8cjUiL23Rr;Kl-tWIppVX8NIvg8Un%8rQpqVFez`DBvcvKQ}Y&Ho&YGnQI4*ax+ z&hj}jYdUU8paOl)mE}t5vqLX&ZEVzt5pHOoc~Y`iR+f4_#VYe84{d=U`YrKkV&%~E zf0)C99G$W_oj9a-YKkvl&#PLsD)<7#87KQG5|5TOEq>qp%$M35&gI^LC{wfp^LPI> z$~m0reg@GY>YWp^xH!(+iU2ezj)(|24tOT3D>`}tj4(J|_FUSR$Wrz*Y}iEDqqw?fj)@h)>5$5e5y=I@>?Dla#-R z6^ux^ug>5FP!zS7mv#gZs`jr$6 z%6-||X19i8m27lGh1XEDVCU9R5AwubJq&DRWG$8u)dCGoofpxX^*AZZk*xBd&oq4j zNa(qOi%Bn;=0vUle%_mLwwh~NVl#8m7X&t*8!6@?Y;G-%se4eX)hvK5E-r3iFsXo* zaGkA=bjXx1ry+C~L2~i*Lu)_rE{A`qN{YnzLBerKJ(sjIg*5dxR<4bWc-9%z3hW$K zIjCaU_s%T>h1F{`5}Law0tvTK4gQjk7ClUA;E0|7)C@Y@t-o-d7b%Uae&-PTntI;P z$EOEZR$kTCoTl2~h9Ba_s){Nd!8i&bv#C`X-#Wwm{@U1;$R*?DB=r!*EBf$lt)|b8 z12mydHZQ2is(Q!KEig(lVkq|N)k2}|cm^|{njSP}MG4 z+4~GX%_v>qWj%~?bte5hZv4@vZk&`@GcF=X9ysxeRaWi0AaEs(q`hAu{OSl^^;1i>-lj2?g z)5{2=NDFuGJ7~TyCkb7Y3zvE{XtX!_*%I4wg<7Ne!~k~a}^5E~NHm^$hBa=-9B)?akV-RGw) zwC?8~(%1{UG9n0+e|b>R-Ih$kmi$1i9rYDjI~VxhY#mi z{Y8ptiZ`C_hZob`^#Te1EP0L48OimH2a08Pl>oJm&64{e*3Yn{tqUYuHQgPnHlq^v zPEAp|XutEgdO}9I!Y!?Sicm)VG{KFwiik^NUSvvVaM0&R=FIDq1-CsrAN!V#cD??G zDgzGry^7`~+kL&vbIPm>lCMd*IcU#L=DP&n>;`EV{MJEP~-7C6@77fp$Q{A)Zw)*9ue!&)ff4m2;_qhRoAG*8qj>9lZLr^W>4qUoQ zxOMd){Z##v0ixFF_4eBX^j>MmJK-S$tNWcmhtrKTJD2ItSL7O9#)7h{-=KJ#&X zp-zX*yA>-6?{_OZeCS$Non+TjH@B!BuVncG{M$pmlI1IP@H{hJ&@__nke;(L&#OT? z9}_$z&qR;n`H{t$w*tT=c&tMbOOoy3?Z`mOl3zImwsbZa=o{elGFy*-8My9voXMQcjOH>mL5 zzE+tp{-uVN9`|5!W3iX*S6?0SKI8eHeJ1lU*LFMUpox>{Yj%@oGGcp6!9q;CY9mz@ z?Ke9UD0Axp*IcXe$9hjBrJ{mYXF1lMU7`q6LHV<(POal)JF22M^;TW^prr7kJ8!S& zSm?||O!tR$qfKgy=%zQ^YhVAfdOkZDuD0WXFt`V5eeZRBVy2J2wp_gFra@Zy+uqA< z{KEJ2&MSfc)hn*yyC%XT=GG2Wspm=*M0%zVc@M*>1lsako8Gm~^^~_|Z6VQY&Cpg8 zuVdDIg4k~5mrTB9GaEAz#D_ZXt2*?EPfJc3?E6^K**WG~NJh;qj()6YxRk zow1kfYhu>shm{>e*;5uqGd3|P6iHr5q6FfYQTEGyf5B-ms)38H=hZgO0|1bHy*0jr zvrK4aIm7`nYv(5#WwR~z_jSq^!#HA~ZmlzykV^nIwnhmQ-ib(~_c8Y*?XxX1v+Dz8fG=5!)h;x5IY zK>qoB%kljO7B}G!c}`wP6TJB)+sG=1lokUMG__Az5Pq!g=4LfPl*vU-b#OZ>7AC8X zzFdWS7m`V9J*Qz`L_OO3_O832YX*AF9C)M%84V|u3e*^9P+`*C0U)=paS*SJLv6ON z7d&>$165I0QQC>tOQ~IuS9TTK_tw!{1Zsh%ZIdLnaIK)3-O%N!QeX)WfLhi6SpReC6LySK_SYlz?& zu0#VbtusP=y;pDw$Qd-875R(aL9q2?un25Q%jsjW}B$zpu25(}!_aM>D3@ z|A|&JvhJ-C=)cN&!y{DtOdb=21&7OAAo4C$Wi;T*GDOmWE^c@`u18xf(>3&+6WuA_ z5K9#b(r-(=T_o4^A{LN; zkri7#d;5uONo<*LDbTz10-Tpvl!*=zH2h#^F>L;AKYqItHzudMlSU(8Dnd-M)E`+w zD6)tqv(kw35){*n89@exV?NGl7D6vyeu@Z_-D&B@76nsy?o}NWir!mD7yWQQ1Y*Vk z?3r-c(G(>qPxZf^$^DyAv)`D6B4ZFIvV0&S_~gYsa)2Zal|O|EoE~sxUCaCI0s=F+ zAAl_4fN~u@s`zS0t7FGy&WzY~jDNGy0O0+*JM&q2M+;vJEH>l7uZDCIYUx6NhQe}C zM|JaYnJ5%D`enYpRtNx-1u-zs8OA$mrUFCd79C>i?IP$hECbMD>py1y-n@3gC1avR0RR!dgN z&|}MS9c?nUAcPkuhT9vmy*#ZsM+QdEA?S)#HujlVng00((NAQs00`P`m(;c-)lJNT z&+R_N<~6Hcv(w7eNS5d_4CsaSj;rE-k8)x6LZ!|E1jKloT>%lV9Q(^<-ww}TrTT;} z&aY=9+K+04`#OGpI(=KD7yAn0tZ6W%~KAJZ2k&4K)*QPM;w zGQ6T6(_g>Ew!D7c5;73fR964F0Mj2hrfu87uP+X^@}d=oPJ7vWsyzDzmmtKlzx3aB zGJgN76(zeM%6HVzt~M=MMGbG96d6~Wyt2=GgX>H)@zERwkJbmldnR&!Z{laEPNl_A z3wykYDQ--kjcJ-9(xFUteu5YRO}oU^?bo0yMsVmp>S`bP6Kna(;m=%hXp$kYC_YU| zhcb4Ki2y>uuBTqID9iwVX2{fTmIkTK^5I_vQr%@QxGdPD(dW1U&IAJ&-fO$V?HJlB zg)MSr=u;l?Q`Ruc`vMd}#NyCT?kKNM8cC)IaLB-Vtt%v%lA>KcIXSxsjBU3{;6*Fs_i07+DM0xdx*m#J%@ zW%=7VUb+eurkk?(O8@xjXh%fn!2g&~5%LsHO-b$L)M44nY|&cUD>eg>{=*Grb-yyy z!csiM_uDN(2VbE0Urbn3-Aqlyt!_VJmFp+n^69Wy^vT7<&7jhXQIQ}f{7c9qtEm*Q z?dtI*8vnQP&aUBtb=)Ib>BIC>I5K&%6Pd1MUJKSXZ-@mXWNs!}7CFN!H)4dg+A)wb z*zjoG$nPoTFoR~JWb(-V#+c(~x=#Qsd6Wq6zH&VOrPX2wz#@#$9f;m}de8N0HZo*5 zeHDDXJ0;UX>JA4W*a=3Zx*2F-5*cX%c*)QwE$v6rqMVM##$7g5y+pQ)&NCFv4kcpy zI4f7-HDdz98Lmt22Vdn_(FFOm!^vzLjYtlGcN_-9d|2=>Z|DnIcA8Q+sPw%rZMj_X z420{42~J#o4;8ky-YE=6_18!Jo`ydDgj{DFiyo+xVn6uapLeR^{H) zrZ~sBy6bajuV

    p4|+%=9Yu)CT*dy_wr{8RI7<4bCJ!l|8j4h5Ar2^rYeoS_@J6E zQOkzXRD6Hp7u@h9^!oY7StuWhK@!zMk_kr57za70{?}RGS0x+Az;_=nn^^-c%N{NA4^OCh z!H+z2%rPhYp z()84D5HaozlT5yah*-Y`1$Z#@IP;5bNH>A*Fp6cnE+r@BfwRoId!87W2uM;h5CtclJ$@=;YgXwPk8to|TrXo?bsA|X1dXeR7zC+AB7Z0}Dbe*Pt%!WG-$PgtL5s}GSp7Clq9+xcw zu3`_7QX!$4zc=JYo)JD}sfS<|f0zN>gZK`Mu0?U3$e@+LKYR1URn@KHkh4uo09*EJ z&?lXi8CUbVH;k+tB_0ZisXnq4a6nGyfxfXW>&aRY?FUI1u=$2bP9uNU3`W5W6eG(t zOCptvQN(P(#_Ots^br1?!;&z}Ml}`WH|^Ifn`o&VfR_%thYWMa57lVj>{CzVAHt7e zWikqRP4BM0IFb<*MC8`hY{%&^0u?u%KdX?=i}u5ykm>DvW(1XSKCC{)p+ zpZcc-1hrK8Qt%o{CHyh-v@S>QB)g>S!*}aCY37zZ%b7GDdYQkT=Qs9z*N^M{eOLrD zb``rHt#_!dMFU(0_nI`yJ+FRJFfZUV_sFe_y!+GQTkx_zB*-gVkWHCZz$;b2`+Gg(t^0 z19KW&z$q$treUhaMk^o{7Sl@K?KH;b21%mwu84=-y3wSlXPQ~f@j|KPs{W*>27hVk z{HG7!=y0ZK$UnqNXK0Jyx;Q1LE3@?mZ<~kxdZjyeKgd7GAVKY3iukNHkHKn0r6xEk zw$nRBa8C86xi`wPWEfXQECh=V?6xR<7>OwUVJsuJMX**^1C;GiVKZNP0d$t|K zed@T4&TN>k06eEUO2i!uMJaiomWBD)&)mBC)buJw4#U#{}B-hjn z_m@Fo8-*QwS=t3XfA%kz_;lCE#o#qfwldjVYd zUo(t<(#!q_#h4nA3CEBDg{~t-vLKGVEogC|Y4HuDfP^MC-p#$Bxk!R~tI4k}(262+ zx5cXk(OXM^>I@58<5%3{CmP`1{j{v4%&!yAVLXhjwUtJF-7|x{-`RGg1QoeuN3Dg3 zu$o}?9`<|3v?G7fV8_w=d#3ahv1{f=e|!bI4E0fheM(T9+%e53KNcDwbrK}NSlC=H z28DyOisotcujC*$z)#=p<<@@8 z{wVAxAxHKnIOq;><8H*B{FMRpIWM7L{J-Tyv*F=foK_mc*Np^26{*zHi;#LxF!;qQFZTkTTy3 zP4>jgTKoA~r9X?^xhvLGqfybtm=wMs$+|o43x#sr^#z(`9kQ+sFApsI>85f0BvRVE^QxR?&xw!%z;aj-^u zcCe+Bam3#{QUZT8!D{&Xz}RiFaNE<$wFF)P#`EU!HvP-Dxy$#8JixYzFaHm}b)!4V zO$pmMp?MC^S={;`5+y+><=hE%DtW9_#C`=Wl+MRry02Zhb^}UW_SUI_8kN|d#|?S^ zP83#FVRoEZ@A;edh60bjB_NM2&Nn6518T(nwO)ttTj9HHV_EVI3pLJ}POSk-KLPAg z_EYNzv>c3K1y2s~=fYMdMP{p7h@DJHSsnQf3-A-fp0RFK#62y0q>W*&j(3 zzmsWIV++TJG8`$YbNr`>^A{JdPJ`pLR1iuXvrPv@MXG!2>#XSzq-fhyBifo;F!ffE zS+esi*2XP27C{Er+0{jv>&t)N%0Mx5f}-K>BJuUlDF5WV(y8Qk>&?koN%*gvNFt7v zpcx)2kvMGruDRiV@BHxmwI9W@fqDdpQb580pDz3RF*CxYcr&Fsy7sF~`SE-E1qjWsZbx1eEa7WID!l>6i1TA(4GOaoK z^aOs5Hc&M~6=LAJt$WWO9sR7ZOG3026mm+Cj*69r!R_h=$myeYpZVYP7!yWda7f5zKYkBg0VwEEd8`;V6*gfDg@ z>f*K3+Qoids1(gXw?V+|LVW1jg_zh>$2Ts;-E!zO<0_KCPUZbJ)>y~HF7MD862#_~NV;Vdilj7s z7R}0N+ZDb;H-Tu5Jk{g!pwf~1l=0se*?(~aBbtZ; zJ7LQA+RJ{SO-=N=2`yW85H&s{1RZ}>w>WrhAE+=css}R_E$nT6nN>XNSK#G{F0U*S z?B2bTJAY;F=H{KPpZ>aWyeOuJMgNT-mC`qaKaSx-GMhD%5b|}tZUUR6Me+`d*Og_d zQos2xXn=p0?)_=rW5E|}u!|YHPRL0?O2E>-x!MB7t)QN@$g)0Y8&24{MvxrnlFNa8 z^|SuQ+^VJ05j_UGU{ViQ)H_p9uknM>oExd}y~WoT6!Pnd!P^H~w-Xgo zRzKT~tS^qOj+Nis|K(8r(}!$P_=1b?F&YO^sd;h=cnd^5m!ny)S=vl9$#c{YpmPTA z-~@j54&iQ1x?WQ&fX!sE*P8}idvE~H6vnM>2I`jFIpl$$>O;99gY=*^I?E_ONKzMB zJzJpk{=;;uO!(ij7*0g_QKMfK4y)1kev8qI8_Usgvg936Y3%;0bbUzA{e6yWbk9EE z1N(va8>_ zEubF70_Rn=mnsH`&1ZTdPWTO^vS*|6a3Qb~9m5m-7YkJv`A~3khnUOB_um^LhHi~y zM}(xI#->PB@V_7#pNzS2!^m2(+Cf*y`(!sN44LL}w;H3yum0XNY zQvbSDKmn2M=U2=!(gN(3na~!a7kqKL(C}pG`Z6DFv1bXHDDcuEf{OTG{&M*CdFeu) zKP;N$W!xm;(O@NjGWU<9eV8tB1Ci7b^xwynz$ad>GL%G%>2%|_B>8TUh{y+CWK3u6 zB&pNo5SImYH!qjk`bo^#C)_PCOgD8tLK7V;Q%M-Ay-m=X?05iOSCW>&47C#U4AZqCn*JK|SlP8o&SMQg=~! zEwKIm5CVnlQfhT;s4&# zz&c?6^cQ6W|6KhX;CP(fCOofO(;UL}7_#`tXZ&}hY6Ea{6tDPn2c$%uakm<3Bp00s zY>QxfqRgu#0g3sdY;%A>D_LdwZk>jT^8`2Wg}UC-VD!~F`ZI}2)MZfkxp=mV>{egH zaCNys%T1B{?ImNB?ccJRP8@b_8PSGdtFFL@VRPjqwM6>sAU8%_v^2c-GQ+FSOn=;u zvb3w2)FR0X#EocGBaPpbsMCa#ab51%l(x)is{9gskGUOj_Ij=)8b#R0*?(U3)DZ>t zr-HcxKe2%=meHsRx+NdOzyvgQcI5xJ_KtE?XHT`6t+B;L1K41kBUsYi{`#rECMxsg zZldGHsH5Yi>%$$azVWA#?3^ajECcLo9I?=P4IPM4TZ)KN-Rj5jK@ms;T$9oih!f_$ z9uoo}f{$Cc6H!=_%TnCvVUa;!-5Dg@8b2Q{4h#tht;ya+*}vI7;grPdnsjhUK+jWM` zU*hTiu(p4g-UuZkW$WR?NT<<-x(+u5CnCECDl&FE+n+VjBFgI-NtXbr6&dB3fk<9` zdUZi!_s$GgE@7Dlvb!SiKw9%BIgpd1L&*8v8ux@q0d<#v@`Ry1nuIx5)g6{0D7^aG z``eBXUIDbI1GT0oX^74CD*86`o8=AR<#*ItxC@v)sk9iAqJ&T!}H zX^}(PBena4?{%aaznP70)IT-}=uZEsT#{U5NF)Q-22|T;l{Q2q9`b$7>k+z`ns-k;_rD`Fod?0n?#=}xo#9kZw<1kB7)(5Z%|aQm*4 z9vKgK2x%*dMB!Nk<(De%9aT~P>IMFBE~x%hsK0aSowi0yO_)DIlV(PFA2Ad}89`KCqMFXt!G%^QfyilZzux^U8kzslGP%Sxn8jml}!$xaBt1!eGnI z4}yk;i>pVv{RiJ71-Cx~zgPUv?@j!e%uPW~nu_k~iwkB1%NDidNpk4Y$u)p1)>4XO z7qPhU&D1jg(^=!dcZWZbMFj96?6leK{E_9koM`@lBhygB;M7f`97$sNrQm#%P-y3; zkEZRvW2!D6%2$*28Y@!icAP4!WaK1u*0a0TF^h(?dJqengd@le(+zmXmRP=GK4hya zwR1aPt-~ju^OH+rb>2*Oj0&u*>U(wo%n1re6V$3V&YR5E(sNE|IT?DjSZy{8u4p;f zp#(H&qTc;9cjo_PThn~q!sL6Zh=cQ{Vv!?tKpwT=7EyGnJN20$^Rx zlKW7gOia#5_j>@hNn-A%D3OLL(yLR_vl=#s2 zN}%Bw(%IN1w|Lqgu{has0CJqs9xbl{#JfFmHC#d(6D-yhcpR+uj*du~f~yIEd?L*6 zw|zudSnp5Q@rt{7SOzo9EHvZBE4Dxrbjp?&- z=hZ6_W3s$p=oscbSPv;5myz#J&o3=pjIh0UJ5vAZg-izr?b!eVegU7{S>acZ&2>cwkDoUTD&!!oyQDb zgYl%5FIS^QmxKX5nRFuZkDl}}ga^fV`Oozvg9D$(+vOJT%f*H&5WE9vHyXxEO?`K> zOJGuBBj~**>+uCDvwrLBAJ_?l==J9X$8q8A#+IFu(t0JgH)_hF(loy=6FuLi62Mxu0u>DILQuL3Na|=;Y+S04E<1Rb-F1GIpU|)>HJc26GW_#p@DA= z&flelpATi*^+{zC#*^}ooG;44uKNm*l_VwBdd$}F@3+PovAY}vTlBPjw=rS( zu8NF=pxnv}uhDoB#f{;rVqC>nf80kl!#V~$&2NYRi*EtOr!sm82UR0UhH}s7*0?-F zYz06zV3=M4&SpWHtpl;1Q!EC>R~&0966u1U?_QOgCP5{mI@#;e7@t$Qt@!)R!-he) zEPG#4lZBA?<*-s3r0#b-KIBBghIlT*WSJ{YXt_-2LSbCxAJmYW-AY#gCgY+tt1int zT&JhUv_b6U)-^?hauc3LXac}?TnM5y%72<1Rs{0Ky29!Jy zk6(>IIJ&<$HM{(wYGBd$yWL6(42q5NsuBZ%TIq4|Z(xxx{H5H>W)s-4{tu>ToM^u8ulsFo~MJDykPrJ zM6>M3hDoHES?H{dh6P5J>7s(%1ls^7(GlQ(8HF~{Me%jDotN7=XI=F$csxs?Zux=G zjaJ`6goy=L59bZ=ig1qr(XI}G#vt!^y?Ji{7=O8cL1j-Ll|Lvpw40Od8L`mqXm6ov z#g|95!e@Z%XUDI0pg&QU`|os+#1b)lC%o7Rr7cM|j}c|SXMOm`0rB^}cEU16ncge+ zJ`-1eP`8jT0e=Wqt0P-lGD(ZT*zc!r7kCa>qU8e%GHx+qWA#71-W2i2>438n8hR3s z=IV!^KxfED%7)D?-wuc!c4}^5H9;Yd@GX9S;`7?Z|^UXq6G%>#G6!24EY6uBIz^?HT8}P z!STZlLqUG#H0?}pM`3w0b)9FhXVAWhFQ0mNILi~hUywF%yhjZu3-Tz0zjw1O6LWi+ zU|w}5D1vI;aeoojL7UNAt&37;%JdDI_pj2>f-Y`-uaLy zent-MlJifWcL--fP?MCY zdyjb6Mm}XZxApnVyJ&9A<6?c?eE?8|XsITS_bDBec#ry!n~2e`aTVq7m5eHb71E8W z`9?Z32&gdW#W^=9c{Jq(FG-O}!6CPZ^CWVnNJp6DPgUch-F=hSe?@e7ZIl`zHxsO5 z9?w~3aP?l}MV9Zm0zjY&JsJ$-cBb~-ik1M!w)5ZUzXM&c72l_8JOXZbkp*zw(hmo{sWH2mWf7Ast{P1ign54;TB$>~u-9zR&1;mbYwXdXgVgoy3GT>bcD2<3$S| zG}6V-?Ktd~Hwd(MwgJE)$vfDfoH|UwL}nd4C=PKhhF1=}|M0w3<$gFif3E;^34j|d z0vDSMn*V^ad?Ho#t}VRh;&K{y%)KzpraooiW17v^jvWT7$)@{@1xe8-R`a2YA|#=>*Xmp8gqNs@R>J#WJn6Ml(3D%%)ubDwaWTTzk29Jd^7Cmu`pgmvwB|sv

    ^T0H& zL+s=wfE_>s5Pwg{1W`zz(GvQUS)1L@9ONgq#7GxO>bdKC)iXZA!Z&p^DY{$5s)xlV!+&qhv?+bRGsHLGm?+S${!6g# zk!V=9d4T_6C$iXV{rl@C^ZT#6>P<3w*6E+PsGc7Z=(=5y5|?hcU5q3QDxOqd9eZ~_ zzp#qna@SA+v8s86xFs3;e2^{BT=(zzvd%+qTlY&d!6Yg_PCyek`lPVEgK$?@)>fO; z#CG4tyJ_Yw&8>J#Bhph%GfyLZdbW5rh^rDt>>`#)I-pjwe8f_wSU~_km&xp z5<;5QGQ?z?Fv{alYSS`N-o7Z&0Q~zIt0d%LQt%KoZ8p|=ZEL(8C{iBUn81@Rq@;b8 z)X^;Hd(Lp#sn8HYpgDI(V;e}kx2`$olqV5RQCPX_on)|^c*}pq^uZRo;pye&zo^&I zGO_4=5Nx|m;pz$Yn&VxbEq`n+Y)s(IY;9M`wD(=^ompI)>KHbus!)2Qq3QBY(!>95 z;I)rwTj6`Cw@tI#;(Y00-8rJFd)Ls>l7Gp(6K;M9U#KXOvEFV_QG0x2yB=yCv+T3d z_hAv?v9$cNC918@5xvai)&QHZ2>ET`d(RhE5lRV1pixkn^SzN~ zHKp{TQabIe?XMKPgI6-m{36AKFKp8SaDAOnNdscLbvx1!PS_R(X`b*2Bq+bVr3Io$ zJI)t(KORm@(s{o2=q)4+{A1H790vWTJ8Kz_b70R?1~fQyok1zmov^tTQE1Nc z%p>0Sy9Talw#^m?qtrJ50)FNmO5A}u^ckSm^c(s2!)Kd%k6P(-F|r)wl?hzTngnuo zcU?mN-~eHxGdA88^6f?FpV7K*<%Dj8+YFrp@tr5#dAv&{wrCj8V&bqcIs*J>tl-U7 zo}?aZcw{q-`hKt$r^G7b3ZrW;!sbXGsq$=p><>g5*c3i=H~P`rbyR%;NW(6s1JX&i zy2{TXKZch8(6ZiT%D7iSZ4_)!=wip?ZHE@q^{G@Iy8a&D*A-y2hsKdNAgHw!#Rm;* z1-BZibf_r_bB8DB8K-xWo-=1(&>e{YGbb0(7}AxWow3-tN5D!bdPXkai<+$92Q{MY ztJP>%*x-_GmiY8|3J>7hcVWXEH=R*4GqPYTw`uInSXs)H{vUe0Y+Vu{13;9>XGKxy zxMwA4(fQ!>G({o^MLQ=06Oy@AvJZQ7(4WJoiz6ewzSFCnKg8)YRafP_h%KuGPo-^MA^7LN$=kE2}t| zj7gMe(Jbq?$8|Q}Id1?y9~n1VxeN?(3G!O)ZEUpeeIQ$wV|2~T>3HLf96ru-0?ht$ zlb&%?xL3hb$F+co@u8WhabQ%hw4RQ=@^EdkNP?m5_3r24*^xO!685#Flc#U+%yGtB z2jAUDO}R^0E-NO4PIDJb*SD{ImFv1v^|F0)3djqW3$DdTHWQ`3?HD6}5 zP}RbB$U!Pk5i!o-V>bN_@a{2q68oirwF#^_vva^TAbTgGxRQnXfO8Yp%O)fh*hEfnW5t z1&_^4pKv&!I6XqGqTaE;V3i_#tP)Vh$Un?&TUywy=W-@PWNE)SJSb`K9b##^2>G_A zoNM5+a=X}*d&|&!yE)^#^V_FO(YACI%h6HmgW2T$3gi}|U~rw&0_m}fUp~CD^@g@s zy_(`cZFG8cbvFq@k=)~dRk`MJ^|P>LQr6#hJ?){bww>2|`_?wXm12v>V^Bm7WDj;7 z{B=;R)y8{e=M9ZrdTHo==#!Op6hb5Y-WgJ0yI%Mp2e3NHyx2UiTO>uu+SayhPaE1M z^^Tjd-MeF6G2}O#{T5tIl%>GCJM4f8xNgJA2JK>AE^=K))3LN{inw0?kVR?LT<}0| zSey}s-chdRC;-Y>f~P_ae0RUvqrE1{YSXD?T^k-&$Qv#wqd^~hcaCr>cRxzXhLcw@ ztMdjKA+%QWxmaMs9R;) zxZ&a!c9Vx420^rI$ zX}@0a_)jli4AYN#k@~}j1P3K+8@>)Nk9E)a{Ds^NEsRjd>zC&hBvk3$_+&Ug`c^B+ zY*O8^a0M)SwE*)(A5oWD_r8bq?cgwNuQ%jZrH^w`EP~M$ty9VT=#cW-?+fOkpP~_Lk3ofY zfEaQm_PFKG0sq@Gws`e;Vfs=wpS=kjwRE=dRqZ*-(A5-^(NKBLOC<7Ei1{be_FBb^Ke( z*X=%{0uTzNjuoidOs*xp8fx<#V?LX+YyJHA8F(v(-E3wm;v$P)Vw8=s_;UO)xegIY zp6OBFAuRY|PEh6R5O@-d;efT$rTs8ub0n6`bVc)r6en5V(a)>KfC|r7>$Uar>1eCn zBWFOY>vdTLozU#A2CE6D@e2$$Qxh42L5}{ddu{C9CFD-)l_G_IRCBySs!Yr!!A?@0 zi>0vQ*ReX4HN!9!FWtJ*S4+iur$yHdSxd%=mM4G&2Rt@kuuuH}arxJj=s4TQSz2>3 zbQPJ)s*`d{l>iw^e3mdY)-|%>KB*43hgr=gm?v!t@;fXSe@G!5n@WnwBHEUfw>Km( zaD?8=~ggDiavl~2!z@7`$Gfru0 zJetITJR%DQkbIKD{6)hxASF1s&%5Jbx#d{MGgf`7IrGj|Lnw6qlH;b#@>V{T3I2u~ z!s`0b+ij7{l3RGEAg6H=#NAebLKpEEl?_j>W&@`T7PF5OCWpq{(r-lEbO*Dd2AdSG zIW12E)SK(_s~uDI#&c0(6?KgOM?)hW3i3ZkCZQUbgAV zmHdJ$sOjg+8BP-vKIgU8kgA<{%Uo~!`5Yf@bGWum3Pryz1{+VXOH#K?2M^UQ64~ug+Y9h24qv#XIv-gAG^bz6B`<$jFr**7HGkVnW`O z;H`#=kcld9(MXi7ErRDdrk-9mFrdxxdyt_xcYNd^&v(}v9jR# zi)4;WCi~v`_qOMtP$u>t zDfMS?HU5={M%(7@ix%|t&|DgqX@=iD%6MmgMMT7jB1K>E zetfKL-Tk$l%<=g97oBfF+?xi;<#dnuWI)Y&yLSm3^&LZEwucPihE@Yg##Wbsb}7pQ zJ5;J*Y%9s)DZNjD48t9_LD0hvsCC!Mdc>_v>U8}hDJ(K*TaSy=8x+i?K-y?d%LVz3 z%b|Sl`tvbsUT6vjDT8)uo}LS|J9Cc18YqBkthG>h;3(cY{^z8l^K1zFnwr|XC z66$|)!-L1+6HR_>3a06NzV=W<<1Vjt)HnHaNw0Y{`Z}e4Hx<(PPSN*rd{nU@p)Ud` zXG%wX{qY^->>A4&uU{2YjW9HUNw6Eb2?PzE93&$FD;$R2C+RdXeq>W*vG)1ZGxX_{ zY!8q8qux#bU6Ubn{?gm9Wls3n`)>Jc6c*AcWaevX(i5_y)ZsN;)cB zvYH!C{qb!Mk8vu~X>R_`lfhBlEBgMZ}p&;O|$C z-?o#Db^@)~BQNJkHd(&;0Iyk_e^Me;3o9#s&iCTZY-R&>t{SLw z8HkQOrc=X&*BcLs_Dl{Gpv;vi{=^4-E+&TKE-&?Vp#4XXPB`jA|1@twgYn07*yZoA z9{JgZMEwxYB#E(QNDys?tmMj&!sDjv5lY*HoVmVvn%^|7MBmyTpt!jKN#EWW%pivf_+GJj&nUW1 zcouED_;&R?6j&mwG)xGj8M%ad4hrShHxxsJqe|TC1_~X$ch5(L@!6)E4X=0=?L{(N zlb23cx7|lYZjdi+3V%{FD5NxaBE^CtBiu%e(m2!4?*Q*Ayn}GnUFyvXK28z-DSMWP zb5(FkNp!g*dS!sb1}ruboQ5QS_>OVW+oKf!NdzB%|A+{q%&iO}Lfy;UBzg<-n6mt=M{~5)Ahpl;{u^ z_{v(-$(%bL7(uVd09``k>B0xn_~v1AVjah-L4Saggn3hH*NpCibu#VKN|pfb$7CDO zwKwcXDlM$&B1eog#Ug?D8<>&$_WEa)2?5dr_YKk&ueaJ*aOv>J3Ru@d#Qry5f3$`WxkIe!R~$|`(mNOCmRFK_H=Y12!F4pa6$cTgh@_=BT$L9YS8w~i zM;3lDW=!S(EM#|Z`WG^$DI_qZATIg+M;|zJ0sl}6Yw>&SI zSK-_VeIzlIuzIgT{kkCx)Swc9Nr^X_lzZ!W^MOz;Y3_lN9$B?=1TcG8bg#fR#-WM5 zVHqtQo*+e`1pyxYIq9rLBI$padf!~85^G0&7vd4MB_|u-I%e^qjARM@8}t|?l8%+b zP7*9%VB7GaX`5GxJ)wrM=`a0e6vsqy*cNkss>4U0Q2tdx=CL zp>?PMpwUd$O+9AL`Q!kh;!5zwm&e_7Tj3O1P*QeMAq@XS8gFxH$30X?t+Lx+1DssN zG9)T8?EGLAwLONI>&>ElBFu z5xjANJ*a8E5kmd6=S%b?PpHieF@{CW)oepmV8%L>`qTJ?ISg3CoG$T%A!KX36HX-` z-olSeQ?*tT~&>_lpD6MMKa69e1-t!J}75v?3@##4TyBnXX6`@I6(qLlxdoJ@y8Zmal)Z`vsxZu^gkHH>T;= zLfFa*>$4Zi8)$Rd)=`0v)^{y0HRUFjX4%f@PWVRNMkn7FqKsHjDW&z%o7@Zs zk)lVv^Pv#!{(?R?vVpSI1U@kBL=KC3gJOzxt9R}D!M8eK%-@3HMY|IY0zhXCW!$Si zDGsx*FHBg8NafD?A;`Yh?WXLT}m@>qJuJ(&$2+ zpFD{(Rchs$&@?>I)MarjRQ; zo0Vod%)Sr~jzN|sn(GQQ3C*8%I#w?G*jArnA2=OPX;%3hJQ6HvI)^(z*3)#|9U?m(V?3j9rjYNFwI0;(gJKQ~ zc(v=0OOQR@VQpYLe-A_7RzeAw-x|0XmK=iuBim zM`kX=a}y~BfaWr(H=C`>Xk}rOIZ*$8m+;J@V)S;=2m{FR^F}H zR(BC6p6PMT_nQ8C=a}jbZ5e9Bz~DCi$`#xi+F2P9?U?eK)b)aROD}-#_NeH`c)$Z5 z{A8EKzEQ<79;zQq^SDTW1Q;n{7bZ35$`pMyk4YXbhK@8c*U^kUEbLOxViz=8ZZkdt@+72{>XEkmlyEl7 z`UOdy8HTuhkp|5x4I0)P$h`FG)AcIMmirXX-WM7O6Rhw0C}z+9k_?U8rQo>>|FY-- zzypatGBk{Yi)%!6A3=k`^LaW|nY8(l4l!xeB?R5>l)n$kO}SUvgBNfzFQ##74{ON( zrTZR?lRnQx-?Q;?{Jl1i9?#k=F6Uz6H{V_G2}e!3R*A8FaCwFmb_NWJw9$MV8WP zu}&ByYO1zaPW3|gws4&v`o5`9G~c_(MW2POs)p@+x{txxy7poXnAOQPdVxnMI)>3| z-QK4NlpZ*V9XD@atDV()Q+XwShSb&`G4M_=Cb&zoODGj28!|RMC_hXS#{BwuKM!sN zY2<$u1hW|T<-mt?w`>S37_(xqBMki89~`r_h;GjKAJ3DR7ROcf&MkLvKC!+Vp^kJI zC68tsJf$b0hRS*YqZ0hkJ79Qjb0M7W^EHr?V&zMmvoKf&Wr!2?T&7~hq18PX#-{@| zb{ib_0DHG#8*>G7v!st;D&EELsO9$eGdXnj|BX~1YUNN|ouWC9Qb)Y_k{7(1RAsEl zZo^f^hFMCBFnFId!|@H05gu_S;x*m$6UAqv9vb8Y3_mMH^Fs(d_5}+ZCMhFRsvRv+ z`%Q@1YpkFe*QGy(_JC+gnLcU>X0Rt#NkhU6JKcS{E9!3E%J#N)=;nUpIO$_#b|SIT z1I`J$)Fqk5&%$1?AFE4+L!_+s&I;^L0%=|u-uhjc@1;wW2^wu}jQgzZw_ZPMJ?Wi= z<7B7GxZZ8ALI*d@sr`db&)lIx5B0t00#;bUgxE%0+3cV`Q_Ye>T*K4XX^{Po5orRn zr+e0$eX9I3nY)Yh)YMXy>(P*;SP~i1Vr%5+H~0~zTJ`qtZ+v3Oz0raSJM&_kYBQb$ zBSm`%nQ6DMs(Mv;(Sm>;nX8i33+jP^VSMT;R|UhmS4R+$GHuP`Ne!EuP1N#Zw{#By`w+JUp4XxJ$93xbHz9vcd^C}-dfwc4e@BbYBmM1QgY)iso6$sa zy02YZm`ZM@qDDKEp& z@h^I-3vg!9{Vv!t$@+d2uy5JRywZ=aQhMYKgx+BJTI&w-U*3?g)lR>g&+edZ)%%g1 zZezShy(Eb~sh$k;?0nrqHV_C<0`a-rcs>-rfY=T?XX}^Y?PNdvh<$rCH;`9*b^4r+ zS8)y4oUv$97aD5EDYu?`3axk2^I-wn3fz_$G6GJT>55($Aq)7Pz*3O=S);d4#>o*npNuGZ1AVZWK4_YM6btG4)S?S~~vz0~4!h*9WY^_qb` zsAKFS0b1xy8KT8EsAbca$Cz7mqf}*Dl>ztf9XT8;<5nl5l~T_dwePQ67%jzI<6bOH z*LUGC@4blAnNf+yyx#yB6uGdeUs{aWuc(stA?g0z0?W zhXF&y#R8VG_@4sCZ`1;?r#+#D_GbHfsUCA$1>kEfB?w~GXxK!s$oy~VfaCjF5~ymo zJ9ZwTBl6+#b*jNI^^)&(eTcVz7D6yJ{1`s9eeu| zW=q5_7)KoHJFyfD^4cqwD%lbuCw`evqupL(;quRonMY-nzlR}-mchGhcU3Uu&{2DN<;ur7=zG>Ll)tzm}i%uR! z3)$}8H>A=pwYIr}w|w zY*M*k$E(H{7x&5`N8^mdH3s|*Yz{cKVI6!ydg31lse0#s@E!*2{mP0A-UJ#EKKzxK zTw4sY5{85faFI^=CyFRYH+baE{7&=CRfh_=#*t#AS?y_oALV6GaWvOy%}DeNvI7WX8_!X%StEpBB->(5s zE7XdHz#lInbQOyrLTz0`5l<>V<2fYhrHhn=udh`eE%8gSDT4Yd>flzV2U z`Ok`;wyMpC(e3?qZSLum-g(1R-f|b6D6)*k#o zFbqFjoQIc0Bbc&JfK&R^;QGu0+G;Nk9?dk$&vdESEtwR*VN8+?l5%wXFd%x?c zqSHO$;Q;4Ce{G?D83qH+NIR@yu3d0Tq@K!o=4OQafUj=BH>{C>% z>ASgiZYVh35b|I$2AS&d|1_gRH>2gdvMhU6C-tr3aq>S4J{sYAZkxCt*LKlBq4`|M zuZH(n6H*WS1A(@mcLa!;o(b6;5g$yhpfO!iCFls?h3hyJwS*k$47~##zyvKe?E@Bp zb+gsU?RjhKKrh;z#!s`Ae!ydQ=UW*4CAGyeK zEDq}BxwnD`RP(8=<*h^b@Mz1RNB!l&@8|QyPYZQFR1X!iRXpj*oGpE^U2&3K8q#HQ z1F)*>9tn*$$_y<+y)CJ%8LJLq1E;{2=be7*Ze<>P-hne?*k3fj*)(|HH_2^RZp@+& zn*LzOYT}VJpWFJG6U+T7z7A^o%Zoo(5$iR+gufTY4p{=IU2diuDfP-Bb#r=nC0C!m zX8f6!7Ex{7atMSAF`0B$ke*%J zHSN{5AKYV~GG$Y`uDbRT>#r2CMZ`%4_@3IPzjVo9c>>3jouD*K)B&Cb(?Q;(Y0zS3 zPZ6u8(EElz5C!CoWW+;oqs@+S(`Xbeobf>Yj3DF>cDFV+pN0CWHnj1$NKmmX--uIu ztHHQp(0SdFTQ9CjUPL{2X292|FN6krzxnX!gCx1WZ%orh!HE13VIYo(`1AADo1WGo zNE7FE1a6(zajOFaMO8B00Irc0Wj}8{9n^1nDKP)5Nrf{WwZH^GjEv{Opb`yzw|kUu z9g}V^9;7>&7MrnIdc2nA*gEH9uiztAMqYf$_(5>?AuI27{lRK$gKz2~os`PW7a^Wt zZlABL8A?Q9PiHhqjWB}%EsB7E!~6Gns-s2c=4**xzYt-C(CSb7q+ZHZ`Q+KSyh2{7 zw(j__X?(`f7z_r?7h?20aYTd;^;VG4(NdnGvO)oUb_qE;RB_&y#BX}vj`u}p`4GS8 z9b-xj?y~BjQYVRe_tt<1-76pf{YCBjTBX{iZwSmhBEzhxwsJDG`Kj=ifi3Tk2xFXs#DSe6q3Oi92?v_w!2po{*2Z} z0^Xq<6)2vn5Tn%o;R5T~1eNutrZD@>dyCiUF_AJ^)tUT$y2p{qVUehs6@M=?4U+o+ z#uV~RAPLNA+LY;hOUHn#YoDEHq{9!BmZA)`f)$+oB(1he*Aq+SG=Tg3^DA5RtJ%WD zKn{ZJ-eA)QD_q?o$Ai3~%6StDCzM}RSbz#HkGWdB;ah)yt&v;C6Cr8<%3np-<7fse7QW2vFe=$Fvh=er-hGk$tF0pv~?(W1uY4T z7A^I=9p}G^-2p@NiYlIFpneUR-sfj-&90X`C6b~$x&v5F3YUa}r#&5q*Ij|-8++&Ch22=CRU7 z@&hyb9?$K+FeQg)qjX_rubb+fj(cy={8$r@l;M8Q>pwGM&(GNOAPwV;3u-;hLgy_9 zzgioL7caRn&gLUSPt#kPj)Q(;wraOtvAIqO-Hkg-xLyds?%`sw!x0Y=*9~MK!l=xb znXB>q`cu>F@!}m&JY7bWT|B$pRfNV|!ZMH{0xS-E={fa9*7tx1OGCGO(O4TQ9 z{klul6|MGPpGWyANsle2XpgTs39ga1&0(z_8grb^Fj~I*DWN5Ynz9~~QLoSlIs}W~ z&5kD^FU^(bcSmn82|#&y(M7xUiN0uy%vTWlb#LoZMTJJzjv9;Ocw6CRhO2e0A$J3i zL)5V;^j)D+5Kyw)?LBk3W>8t&2@tE4u|_QF??XYuf=^cNlPIys*!1^irW=Z4r*} zy<+Xzj+W82PtBbKB7@&C!i2QG8%y*ifDnp6E@I}JN3D8Y34iI%HicCbR--U&+P(|* z#A>9oza3wU-HnnW=!>}qa>>YNNpdicWEz6UOh&}c@nqfB&_u|)1lC^#GMfEv=l?G4 z@At1-FvmY<9m5^d@UnK)K5}N+6sWK9m9gPZHsw2{yt`af}?3( zBm8I|(5?0UBlI1I??g#kNilhv8UxBnany@2^PhXA0^z_afr`Gj386}LQ^CJ$o1k`JJm=o#v;_rPBAAOTNI9?c&KI6X?l3!M$j)Q;2 zuVzLtW32h`Aza^_? zbfgJ34}@RS&&IlPm5THt^mTeW8ngIP>*TbIKOFzb9bZO@#aNHQd&F#K`+sXQL8!p@LT`9V# zL(lwm0}0I@@WiNEKbH;RVKdzqk8!q1aTQ%M4adI2D8#o3>Bw= za#E9(k+R#czMJPqj?aB}CzVxA1e12|zH@r<#Umtyn*d8roW+{jk`H(H+v#T_R+^RC z)OLm|x>$cVpjmMQ5#z^ahbs2sHXN=-^%Hlm1Tgx!suG#tuQYmTX-OqbyvamZT~vNW zCODg(U!h>A#8q-wfF?!GNig~O>PcdC)x}t-k`eN83XZLmo;g~ z7$HncboMs=o-627IO=Ym*4rRc#vGElcAC+mjF} zGUsqXtE2>8Jt)22e1FUJOMN|hn*pOx#f);tRAi30frgCy@lHVT`gq>LbW#V_ONQ>3 zb{^vZgBaW64N*Xa{G1N;_(SIkIk{XPxGAc(5FuM{J*$BPSaYkbjs&+<+@}@*Y1EM$ ze_`-infSvns*34v4vaM*foMf(#%FAua`v@bwdQ<2F4O&}d!XEncD7n`+&m8tS8r@< ziA9$3=@zrsE4>#cbR!R(-(ZJiQ^Q}akyLG_>2 zhNT3I&WT-e+Up}g0t~e|8xVq1R&9u<^O%A+MpTkgtIrslT^OO8t#Z92%Og~Awnq0T zNKg;^F-`xMSxR`$a|SxWRTlnLMmbCG6wzZ?Wuiz~5Q@}2%*qQQzr>U#e8e>jYKa*5 zq8em`vaMgia0OxmV0~*-2|5lxJHJ)*Q5zI(N;~g-lullqsl7X6qdPC|o`9m^kT;JZ zUQP*mUhWh_2nvzZ@qOmD4knL8*iN!*>!bL4X4y5$=>;B{Z9bgm76X#-@VhBDdN}ow zlcC!7^?K3QJsfulPnaTX6YZ6ne=mZ^Ydyk z*x;Q{ClThn$D`STh$;eI)sx@^VMuaB!vz2&OjJd9m5r+#3B75QDcqYkn@V)IDqZ3C z?hIX6l1OjHHT-SA_h;caw^UJZo{H;wb^%q4@D6T7kwVJ}>X)|w3{~ILzv&J#6;#u_ zD}M2~M?ae1XWeoBa>V`fpSjZJs|bRJ!L7d8jFHgxF6SN}i_i7T6;3d2s&zD;rEtBA z*8mdVG#{>ip>WuCVYDc0)i^}psYz=SGX;2^Zz_^w21um;s5x}ctJfVO76!eqH507H&(E3et{rtAJ3Q!*D9(gl z|1{%8e~&&Yd&vwjAwtyPp(Qo5-W&Es(A={)V`87n@eGW| zp3rGyi^}OA-$OvoyF?+MV`%_URw4gEUEo5tzZvYNg^YSJ2c7jeqte7*Wi6+h zo6lwk?uRJ7t!Mnc@Dbo#-f;tXGoHI|hmkIN8IJB+wJ^C;maVD(C7-RP@}7xUrY9uH zR|Ur?|#MvcFFrlRf}bPb5-wFMjQYsH2I zh@|XNML@PxCT;wwE3EMImBUliJE1n3Rrh6$cps91As!ue@$IviaWb-DBL^=h{{<*3A~T93Gu|7yiB=QDzzbezWSC(^oDT%{x7r>jYMFC^bF{k?mCZ*MFNv(&U2Lv zv`CS*S=?B1~qi8I@Qz(SvG3YdIt2O4uuwy{!Z3kEM1o<}Hc& z4ZC6ZfmTU!R@})CPdS(|LCmV}$>v zP9J6DK5B&sp37BF76qv~;2V>5KMjj5B5^-?yiwrXKZZfR(@8D9Nb3poDu$MnOIoN^ z%y`IJ#m?ueP8M>>nYxNQD4`*a@p?F9V?0K*J=AFa(W_v~ABOpS8?U9=w?mPff)p;Z zoNv1xsz-Qu0x*ua1!6^<=M0EF{pJab10r~pVk(LXOXT9H)Vg`}WV@e$oT*s`iu*yi z;-XS6FR%|pPkIvFddy@c8C@`VbHBv6yi8*{E-Fk1gg%nPG`qcd5m_8+lP7y-?W-WliB&d>dpYx+1eD;;sPVU*2Q*z zd8yVzx54i_5VG02+u~|{ePrGw>vJk)3pBi07W)?v9pz))RBQVe9WHFaH~c~-5_Nw* zWkh=}c+E!6XShXbbRW$8*G@ZJ54tti!B=vQMJbQwT z6A8U*|4eL^Z$XS^@)qshH-YzO!mu_uMRib;D1WuALK0)00e+LV21We=TSG=&$?NkY z#Iw2#?ncKJm$yoj8+|*^DbYxNu}@b#=>1Okbbs}^{=&NtK^$)r0Ev3biR=o6A_DHz zn_#o=?!Nq(MUMzbsGZ{5tgCYS;O@S%5*Z-Oc*&?QTS>|R`r$Rx{dUBONTWhp1Z2wI z#%IBJ^#o4=Rj5xh*dD;);_lAGDMPHHdQjL~Y|%t~0Avo}I0Tb__WY0$ahCp5bjz4p z{ms(*QoAtjQ1mXy4r8Hr(xLO(Q<+EC(ROJ*Vt*-&r@uiBLcuN5k7M#2YSc9`0n$?K zkV(Ej|PnoI*%ZPByP5DUc`kyFaA z+O*y5m(NEmp0X#Ogw_uhp1$--GZ!B=W(6|S_DI~P^X3PurY!<0lK5rzPk(uXy?2Ju zq8{^#fh_MCrMbND&+xMtD^c>no+zu{7XIT3<&IoD*^Ms5;X`n&a?;9oSPo%D-0LQ^ ztZ9Qyp>!%wsu`;X1Eayl~HQUD12E%|du%)jwIJHf|(PMPe~8jjrBYxpnRMYGA*4WWg21XEH4I);DS4SD>l=F4<|~6E^WDb2$NqDC=X=6ukvAcRMy`KPU3L*W z_%vHmdPh%Lu1>WZoMZhdM=mKwB+Ll7&y~9)3pfp4Z-_s?K>NaKmx^?H?GGVLT#FTQ zlO!Oi5AXw$MuI+)|I6y*|8VXjav_B$^2Oo+VZ(&11#?k@7-0zv3^qs zhbfk-#wbf>Mr3ssOh~Vjpyvd?G261YW4Uy=lhhnF%nFjs_kR{X(7VNOF5BQo{4U76 zpWuu2#nYMN%s~H?CeCx^z_{cu`L;Dz0agJYQofJ>cAUQ+-j_wJmgC*TZC7f=4G2*R z{|E}e_`ZyE{xdRf&q9!aDhbw~vf0+Skn!@#(Fl3%gk?}qgq7>$LhQ47*yhQ=XD;*$ zC+pkz-7$I6Uwtd(ngWjcBng|C2Ah zpBdJn>G`Yt)Kvws(}}1Dn`Z>NBnqCb4hF}ImpUqW7bhjY^r8cmD%h!!O^-k_`fE7q4IMyK3eG#;S3Fma(+nI)F&sOu@SuL)OUZn>A0{WkikC z-1^bS=Xd!wC(g9{RRgqWqD3PsmTWSp8H!x+FKcgORv{MF3s*9oR4;9~%J!oquqF7~d z=!wwODSoyVb*3ISUK3Jn;mUVv1vYWV&(F&UILcv*R|uK{LN7R*BsjfNXNMT}(J0@2 zZ%ch3B0Q)`eVUIFC%6Pi&c&P%kILNy1;%VGNrI4)$?xFpe$Ai3M@%lBz0%HhmNZt; zUq)q1cU~>GKPT1NFm55TS_T4nKZ1Y!my1BdLZq|-1A?m=K+bnJ;|&Cn&7=X5_3azi z04#2&!td+#Cw2MZBYJy7>{Oi=Q4x`*m5zu=KN=9)LdpxQH_Jp=y%Nti&sk{zyS6&r zaMv`6JWpL`{`bX!fBEcopn-pB_D8S#QO|^*b<#vJhIfLH3)?xd{k>GTeZ9trD2 zVNVhe;Mh_WX)#oH`u}qALF&>}TTb&zMJqR?@8Lx{uUp(-PZaH%Qn6YEzu@zMP_UEe z=hA1`|M5Be?~kM$6CJ<}hY*0G-pzUBJ|4~d;ClE#6i5TwHM@69DBe{;LnjhcKxdxP z;}yASt(%p|S(kV~yD3{=4)%ZF; zlc&VG`XF~`K%h2SOZ#gT4*9^YjRVXHdXq$zfM@+kFz;t8$;uD-Ql$TV$nIqnOX96-|DV`(Vop^6=8$XWDyxy-;m8|p_Lt8j51el8`EvCJ~lpn|_jw?kc$( zg?JE+dzAlW4HVM%aANO^cX6i2-yQrdgAb>1mVB1~!(RKxv(uJET;HAApTMbjLl_<; zgXT#P@NHjuA?AKJDPc`qO2x-PoGYym1G9xf62F%67A7Y$NIr!d>JArK(aIlJ=-Pg# zHmf=o5pvqCIlh!@)WSZj8^q-~uDE);zcs4buv}AAI{E}*-#L?%5H9_aJYVb$j-!}M zCIzhw;s_d8yj5;lgHx0rQnPcsO4EJOFN#m+Rv7r7kM;lFPWKP{@&jxgPk3EQ8g!`U zY{U#j=!yCD1(WVq^xH<9CQN70FZu_5QcO`JKcC6p^=ptuCg0Y!L28@0*LzlbJ*W%` z)W0GBgL%-G$e<&f zVi%9m4nr`(8S~DzDj9Q&O1qJM%vyCKt9;pH*5q(<8lbY9(@sZ69MV4nZrs0W(!VYK z0loHtGKVQ9P4!qzthzZ9mA7jC z;zalRDO{FmynNwmuaU1M zQ2m}=eQBm$?I{Nfv3%}W=sI%`*}~O#bv(kSEuu&4?Bw0wIjkM^f47^aF?IIJKW(EhUbDg3P;ZnUU1^*Xmt*y<9l zh(IZre|TnJE{1-Hb#2wS&eY0K-S4u?aU6g;_^4`0kMGdy4 zX7LyLMU3RX{&5)=rE`B6T-`>WKvZ|2mdbygnGA&4F`E|;z7-ll97l!j0$*e}a_{^m z3NSmexyq1a%+!1FEYGL^I_5Rnb)5eb_w~xh>GZd+^m+;|ksEzx;Q9}qCU9_<5 zO^%5gc-QZxzkgdPRsYmKKtR9Tt=#{yKtcKelbxwz>EU)U5H3$u1-zp%jk%z2hUFOjjm+!z<^gG5_U9#vBWzr z{co(=$nUZ&Rr@=QuD?Abl>NW#?|&`bUi4Az$_2P50>42`+G70H^S#|Hf`4afwfu+{ zpyoQ~+a=`~M&k$?%pCtKF?YrrIzEPA4T?B@#XgKYqiS7t1qBg^sj_)F-BiPUS6b?_kEY70}+GVDs*w4`9B1&!WCcBHB1 zr5+E3HJ$-md+7gTYghP0yNJ00TwzerR`qUVU-2+-f;pZmXhrW?A2^%+`3XlUm`<9l zO|qRp{@G~jb@=T1N-5c?{j-DO!_1(8eKxAmZ?1U`C|PF9otlAN-tB2@qAhy_uLfcS zu-0)#3=?RMWEWev_wm={_(M>W=IOgTi{Oo9;ap4nzdJgmtFNSFw>mo2C#*0_g#T}K z??3m&;3LZ$Mi{7S*&K`+DM?YZsyb))5az^ zFjYTzpK3uYmQ0HH%}Z}fBTE^-w!JP{s>Y(^|KNDF$jW3 zy7EbgDg*sV2t%Iv~WZcj+)al(evG?6%@`eZ!f|7-N}?tXyiBFcmX| z<~15R4S|P8Al1}@rXhER$m=kbQuB)G!Gt~78L58m=gq&0`^Q9Pe;P!~_)x8D zQB==0xj2pP<9aM~#dRO>J(zmNZrQKzYe+}(KFc78$;X6iaM~f^$jLdH`JEIj1l9%doI*yK=MMSow$wEfQ8grfh z7h_)@4|Uu9UlCf6R#}ruM2N{U)`YTeV;LEQFk@fFK0=vFNZFU{+t_35TPbAU#vn`9 z!3?qtS%%-o{XEb8d+z7?esAA@{o!@Zxz0K7_j#XluFvO+?AM9x6q1>`&sLVX1OJzM zPh-3aQsEOg8NED+&@!ww7hj^Ot$ zcO%5mY9qboqG4Zinxlt!uEf@SCb{f4R`bTti1I{>{4EehDqO^4>E1RCXB0d@Bq|^m@gECnNtvZTXkB9>`KwX%q21>15iNS5-9%%4D{lN+R@o zJvVQ;+l>&wHKjrcd#)TbdCHYu=$Ecb$F@YIH%|ZOrT*ol$EeGdQwC+z))q{!=6yn$ zG_Zy_nXD@m5o{nb2d!mRLvQTTVWAfvld%{i?y}&Tu_;;^_(`p%wry*vI!ak z_m^3>IK#q$z-9)j%y`dx zY}g%Ph$#L&h~aPdV#yqT&JaCFFQn4hZpHEPh-8hR+o<9i)cdhNE29AKs!?cBGtT~0 zpEZW`^5clOKd&MC6zTDyn!UeElC6L^=~1RZ@|PUTSVW=qZM=UrFZjjRv&Dn!7Gg#RxT|Id5~q8_Z`9Mqc_o0VzOPcn5P#o7|rKA|8!?S;hA%YBUw zW1ShFHd}(u(F__h4@#b0A`U{f#A@l4=xfUTajOFc!bRyVYJihke5{LJf}V*C298|Y zA9$&|+~Tp;T@Sk)2o^HzpIys{Y*S!B0myRlNuE!^8_lg;q1(yi+T-l}?z9}%yWIr$ zi$|b~8=c!2gWt9WcFcPBY_7x#1G@-T6Z9s2Gdc=i#bj$!F}M*&d7X55t~z4aPn_gS zqnq;zW;#g$#2we1F+y7sICb#Rl^1{;T(P`PHZfo+(k^w(ere-3{<#w1#$egjaU5mS z#E}%Y)8yG`z7V?u4T5z4fiKM1rXaOt5kq`rHGZ1^C_>z$nnHxlw{P7S!oB>LRa1#; zEbW-hXcK%DeP8@?VQZ14f5txRNSUL09e=r=k5G=E$$O0K$^*267rlqw0f7%A+*fkw z3PaY#L!2RMz65ub3BSxqmYY5v&{jzE$iPT>EgKlDcWi4rSI}{NCS;cmqS&AvjB!Y* z2jA|H^+(To9c9vubMvmU`QVBE(PfPy5t~+b4^r%FKRzP5tQ3=22+24;R)t;WxmRSi z6GAiKdM7wil}(>(q(KxcQ6f8tzuBLaq+hifTTP?5&K90<7+=!w4MY4y7* zWEPN%^2^^lEn#ORV+dEUH5Ll?Fy!6Mn!B9oKc-7K?3imFORFo1Ob+(^ti7Zs4Pnm6 zOrF0+y1TA>kFUoS1q;+XB5j!k$l>dRL>qcqW$r1^+sC*nhg}8hfeMinF0ZKJYXZcs zuI(^}!Tb|UYvl9e?Vr}FwOnE1{JfR&k4rA@q>@1~n$Pfwi5-QYIy)Xp^~lncZf5+x z-bc4oI)E6a8si@6r@KU zH5ZWsJuji;EWawt08^NaE)&C%Mm@>B&jf5u^j>OUt$%OJ2B}?9zt-hdOO>jLBE4eh-QH9<%zb?_5ZP27R~n_nhgKnbjR<)OOez zELdVA${;y!N5a4EtcU;m$}ByBsm>S1EkW!0T4X)*+-PJ1@e8z#XyG=KJmtIn>aW!F zziuc1LR~(qY=mpMfrryfF|d`wbKu87OODQsnLqkVMO?WQo2l48g+NQABfEdT{-DZJ zDneBD8*}oOteNcCkNs$(J#qTeE4ec#!TF;LsWb**RMLNfi@~|5!B!4;1UQ* z8KgnXN24hl=3KlymZt6K%^2y9v5w+FUK7;S;m^_4^NAw~mvz4gHF>TVB_y_aGhPm3?my12~yI!kr*s}jjGN}m0dNNjVRnNXqBC}vm z#Chzu5uXx$UB?j4e_M6{{z#!l&T%fRxKtRxX=cK%ie&490^?DKz~KBC%zt}f{`ko` z*0!WeWgVuU;a)5V^L~x68SkkIfrq z$$BDI;sSGd+KD1U?yrDO7M>X5kK=b_x4pMc(`#A2?uCk5)F?r#XFM%#!*=`BUzGn( zHufLh*vNOnMdbD+k0zZZSohvJNL*bOgi4ihEDLkIT%O^3I65tfecZb#mzJ;9<>Up+ zHN0^KFS2h;ozL=n5Ze>uS*%D&&Oqn&t@CTuZoQ z$mKHyViw>o;9sab)v=N@&CvpJtlP~G{la`n%5ODlWKmlasbuQqw_Sth<^KejI<#h&B$@`n$Jldkw8P01S!;W4K6Ucq{&yWrQOYR8QWHZ|;e zaQrq(73r4wOm4YR7z~GG;WtY2YrE(*caE3AxF!SWFP?>YEaolc?CSyR;;6N_zkCsselzu)oKZ`{SM+2UtMXFr2yok-L}y?SE9^f$JA_54G%T zXv?DV1TI(>K@tD-HfNlbBsPUUfC{O^tajvd9|s7Sjdm z#{{%FmxdBq%vee9YTE{Q7~S5jv{tVhXvZes4!SynYMad1ee{`LWwmK>$Trnkt-Q^; zu7odn?h<091Lio1OynJUKnXVPaGB(BMToP357ns6tNfc{GKk%^9i7SmjDVu3VnX>f z8|OCEAUtx^uH_^-8ySol%;?+^Xo}YerlL%|xpie>D&wqrR`Qv>B3IQx-7&SU8FMsmWlZGltoNs}m ztBHXasMN$XiFZQZN}54o^JP(g(6xLmYGcFWeZ7ZVXFgkqCPlHyZ?Jvf&2RE?%-~&P zg?-ApqT1rBr&efr@Qlr1*5vbOq^ zuYDA>)6?Vyxv(9j6T6&P@OT8tE!dV;iBb4r>@dmD%>c?bxyvr10GX=*w88L)W@B^V z$#pN)J9Bbnsl%@-CN{NJNjJiQI_+o1Tj9q6TFZGHX@dbVj=4K;lh~eq6UTbsA4Wp> zUqV?Un-K#Y-|S-@s!J6HlLawNJE0}ZWN{9+Sm~_#ta=}dvi0##Akr*wkAO z|4I=k)YbbhH^4c~%m>Z4$U6n2y-~tcYH}9tXHx{|{X3jmV)Ib&Uv{>hqNS!l8A*yc z81&|3n=vzWIVh~qGu<2gE{~9_<>q;CqSgc)BRk|+W>~nULIkPUmG?jJAOxp+4ObW) z2)CUICk6xy8w*;~BOTv$_=J0n-Sd)he<0;{@~^@8pXoK?{G)~k2B5^%u$<>5xf7Oz zM`9o?GW(O4aIJ*Ry!%QS>NR5-`+REL!4IOExB*m~?EHQ^1cP)dR^;-}DI#+Pu??)| z*4=5LVkfm1A&iz2F~v6vm=5`G@N%)%m%I6#xb`HLW(=u-I6+(0tswog7^xTg3+p4>~Vm|wI6sH63*WE{1(S@&6W@y zYw4;x&nIQf!q7>I0i1GowgEftM>uJGF*rw3x+IW?XUFwv_bI=A3m){X*3TNYp{twT zdhTg+%%SnaTjK21KpQ!c#Ex%hu8k1|t{Yrk59wh2Y}{6BwN{(EeDg@Uq?$5oYUuPZ zcj{hCWU^pE7WgTjz?g$+x$rSs+bkSLsnqs>`?cK&@Lc1MSfzMPY}0kXp5~n`HVCQ4 z&iYZJ9{ZE>pTUT`rk`Yi8L8QojSV~Gvl$SEtVWfz&CJO&?-G8m#oz7B2_g|iDiL^7F z%UN5uGE4XkZZ6ZU9;=wKQ{bleAOUt9hcLl*>3*BhR zC9V#3Dsd8GPB?6z1VH+I;LX zoA|Top4wo*wo#AnFFEw@M9t~!2_0(tvFrER`08ZjCW!6cH(yHAl_8p}@Y@Uw+ra^> zcC_gJ{yQ8qDP7Ua)DZ-PUZ_!DU#?z}b~-ZqRle4bWdmEi-|A9mEXR$s4X2&J^JF= z#>dKCx7n#&6s}tYgPS`@)(Wn1hVu0lxK2`P6nr1IQOql z>J{Y_AC#pBy_Xdstw})6NSfxt`)gwOENm;4zIP&_h7}(aCftXsfQ&G5D!l1)uy#Up zcWM+;GCTRJeMqqFNacU#)RE1gNJu-qtuDr3TqESwnQ;K75X5xBEr*7+5R z%ZbK{&D6HNePmI?YV7#pwVs63p$0ad`1aGIuDP>!UtyI)20MbTcJUWa0!XrJu~?K_ zEJRyF>VCt5-K>R$w$Z7YcLH(e4i6bzO!T|A zR~CdG*Om+t?g&N|^VbiWK1_O*>jz8!CPGH9qkDe$i$_Sbd`01Z@h zZb&yFS%qb-WxiyEA6%K2e{3(4JA5SA`RU0%c6m=Ws+*?opLN%IHm!woy1(Rc=rkaz8h5{pF-O|3Go6R;?Q=_#qy+c_5 z)4F-UnG<5_+$k-$w>nnAY91 z9_f_Vjkrc09E!)1Q(logGT^_UDp89d_#qRRU|{egSP`C4nr(Qb27~CQtI49uS7*$U*SCAr zMqenT-8n*Mj*vUhV3-UNS_#^{UOj7ABoKD0Txm+ViH6l6udFE_8Om4*ZL zWs3T)0qZ5({^d_7#h8oIPY(TZc~sA+y!b<)-{T674y}*8K_j5{E2OLMEABy!%U z;&Y5D0M&UwNZ-m4z^pcD4&@VrckXETrrCXspK$>Du$}+Ez!md0ONYWhMS4@;I`GIB z`AtKb#+l?oe+&Hf_bjUpxju!8T=+XI#gQ(nyoSHQyh2a*?BVH}rR?m!wH>>^+jk#P zU!WZncNnZ(Xm=Z`DNDr%=u@Iw7Y&nwX=E;7`NCdL@Z3?AKV*V$Z%Sw@_l;e zCDOI>>1<(QC#NQ%P19Of`tL#1DTBIeTlJx&bzZE5#ydGnd#3!5@(LX4o`g`X5@@8?D>~z?T z?VB@NEEvF&v$G_Q=~rvsC%uw6E&JDfl6!@z9tl}Mf(n;BR8w}U$8^^Jo#bCgDX%c2 zWhFEFoK#iKIV5$iOo5r1=7ilpyl~TD(EqLX7mG8+bC}mDY8Rk*ir(D1T zgi7x3iPH%rGp-;=Ja`n#^-U<;7~PBCc@|yx;=idehlx` z@V`jhYY&>^yUt_qJbC<~_up4TKU?YecTBr>Ro#?0Qh|3zOM?~#fajp%S%CQHce-G2 zira+s#|C7g9dvPxh~0^E`V}?w3F$lL=YaZHXwKZ?&dl3E4>vV4sBX868p~dBYF%K~ zKZ3XV)n^o3Ls68uP=%%KZ)Jt;5Lz zR~V*1=V3y9dZ*4)PASuLeRHlx`^8#PQAvgL_ye_R0}MW=q%pR`X{84Dm5{F3QmXubD;mU36JF@KR6 z9ZAzi4zasaRK6A83>-A#8956RfZuE|Fmyv*J7kvcUJnhNRV=eTWuw>d#Q>(USOULP zx34ET*rn6`HKxxQqbUA66u->CKwL`zR0c8HP`UL>81U!)(hCGo8|adcOpX93$C~os zT~He_UdQ17(h!oXKa(k=PWy0zT+Pm24VKTbAT|sJ%+XwFd4!k!v{btjFKTabjA0d5Dv|p)QeNE`I8FdX(=e))o>0zY2`_jlQ-eSsa`e?c(BE5-?rM^_*VcnVGpwc};U!L?j7bW)ZL)eo=ZQ92n^$g;Vr>!W2zZLoaXL#C$U$*sHS?==Tye zGr5;884fQ1QvPbOuinL$+p zWt9#xyB5P!GCapy>iYIF8-s2P48C3&PwCxp9a{vh<*3?v=vKgn%%i4;O9h1OUr7F~ z?$(B0Vm2>B(E`$Q{;C{jlo#~zExwVc!Hj@7;=9Fx9%ifg#=_jvbGZW#_J1p_E+P8mk1>^!V*nh8Q z4_yzKD(8h=*;croITyDPe0FeZqOuq)W#`PW7~d8*{BX8Yhmy*7Mr=Wo{P;@T9|M=e zQDAU%a4IzVys@g3=g-)IxelteW}7%ifm9VThUL!nlkHRa+e6PJI(ui&KTo;+kfPoA z;NcAw5R0l}`hhr>G;bfd#-eW5c@fjV|GUcSk_7GFBHJF9BPSQbu866Tt%kJROXsK};#7Y0+1Q6G)8DYRgX4-3^2MO3NsZ$ykEkd4ZMs)l=2`OJGu+On{cJF4L%%V;2a@GR_W5)G;gYb zMyPMlNr}XVLV@tBgwZ(p`(I1lvFv>K7}1qsn6V;{NBDeRyVu`S*=t&=*J@cPsCYX^ z5&ySXLE7j&;q(DaHI-ck{2Y;{dcmD6Y&$aWGdBDfHzPzHMm1J;@YuX}I1JDXiY*#- zK}E01>0I8yzZc>@Mcy`)CnE;)oJ(Hi|$dj{x63t9vpgXB>`G5DQ|n zObtBeATFJd1d~|r{^V)sFI?`fY?L9RvBb`tZ4KXkLn~>+b81-r?<<*OCw^Qj?&AF5 zmne9}I(SDp?MXW)H#&Mxgv!15_%jHks4YTY$pv-I*}Q)pNH^bOkBiHRc6E0gUv+rsq{(E+%Tik&O|yzE-@xiuqN)o%9;Jd#M%IA%@sK12t zt%QFs$4BL@w`9nE+v9h+@qI!kH-te5k=D$WDPO?(P9;?E3U&)%$8uW_<2w^D!O~?1 z($~|71&7ofaeM2BR%OZ+4{G26aFhN%!%uf`*E?!I241#%WpM)M8*1Q(Xe6#cl}B=~ zvT-h(`q|+X%NnIp+AN{?}=KlJ!2WzKF&{DT;Oub<=$BEv{sbLk!7 z2)Cdi$#u?^U?vNR9^sGXy%C2$fu)Ud{~{B7%ydVvo0!Kg&&WM6c(JJAHI%AzqzH*j z!h0$Y)$)8(V3 zDM?JYp^N8;gd-Fw=iIQdWAZ7z$?fi zM>k2c_`|||nmM!1sZ`8oVDR+bF}E^>6L?awef-CF&#(8FiQ{vlsd0I|hAe#xetH<^ z5tjMs0^Gfrf1s@XN^1%_MOLgJ17^VF%s?a-AjC-YA!sEbj0X7ik6iY$grMKN*QVQ| z*t%F_V>7_ojpC&Bl(kn1n-p#LKNEkE>;}IBaPQQ=O
    ~5iNV1P2 z%FJZLL`o4P7S|5y2rP5!g;XsLvxq_q((uVDVr2#*c{dFJAxNnsWHGs$;K1OGgwvkP z{N|!Sz#13+(C~wm&kLUPPH9n)4rF)xNPPrq!GY4J)Y6#PMmCjQL2D<3pkgk0NfdVo z>HrgN(FV%;{z+5Zb7bd28z2~L(vp-@g8A6JT?1|$HrkrZVxkT zBcgSyVNG!bMcxCPX(ghOjpcNDr8HsJi=0`+Iajo>lAn393`P%`&(n_?-s6fr=o6?c;7&^`jcA<^51 zHvzg#5o&J}ypw%@jzG3uj>+9DtyK8F$T;967nccx1sfhXcp8l5m!~4X^o{-+n@Pt> zb6ChcO_4~~UEn~gT8z!|)sHVXM7o&+xJ50EzOTwPLq?=A~1cq$I4 z)T<+n<39`1D-~G^wRL>0nr1&-(3QT%9VfsDyD`Q^Q~C7#a1w7vXM> zRGHHPhayRc(AKb?WMVhMH<$Z?Kp^u*CTBGMe1W3R3%JJ#TcqgyyNr>x+{^vb* zRH#yMP~wa$0V!F9N95O?wp>3%;9B5+Oc#_?#Q0Cte)aOVdfC|#=bp76`4knrSm}j( z`%pGFZ^yVywH#`t8E`<5wsf(SCNZT&z(} zvaBxgdEJ5*uu{ubY$Wv%m?xARzkWz>=vna1Gzu4VtG!?ubP zS&xP5=Xst5OU=tLv)LHj>X@c+yS?4Z^ulU&+!8gm|Fm_KAt}@=TvJjhBdx7CuPO0# z^4~K9L-mwOg+2injnd6(mmf780-coWRO{ckMD46;S);(!d=McT@JGF&zRkvmJ|8$M zgpX}Kil1$FTRYx6$pDPe6;tKx+US^SXPU=1{N&7rLNE5-SLu{15>qNjYdJwu1ua8s zK)lgAbBg?l%Dm~DQFF7?y6)7e6+#XutKRMXzQSTczTy0=?=f5F$Z5JG65tM9hC!-k zDQto~mK@Fj=q&n4Vh3-)-aFXwUQ0?Q=Ph=Xz*3)M!Y79{HCo3->2rIj%hk5-pZhn{ zF5JP0K1sKHm{kA>^FAh&)~hlP1g1KOMqBAPKJUgK1DMsYVjps?VUWzF&71*G;HN)1 zJh8d0`RLx9Z+jR?cByU8cfaXpnRwg(wubpLc%`_TD1Wx~>U_LFaPPQUZ| zoe%=06%$J+-+3$>arwUW@BeDo{D(deeg09=gXCwK^~C<9@Q-u*@42=&ielSRZ}_+0 z1E@+3Y}To5ZJabZdGXnjO!9?NF?NxjjUKGKBUQ@(&kd3F@ha0Gc-W8Qauj$kM{4;i zA88`04Ek-(DCLl+h>I1A5gywQ9mLN}3sy<_!=}{$125R_?FE|?cHCV_`7{bgAqdq! zT;cUU4%)S?e0lHgB(5H;7v%6BFC>US+1whPxQn8u<6#;FTI=TlyDYF9deK9!Wsbv%K#%dtG-`y~X&j zMIJ4;Tobpa;-EP#d?CX6G%V+P`^~#R%!7)m@TJQ@J*h_6y@7EKD>m4AyLj>@`?O|a zuk)jER;O`olp3ma4@2g^a`{TXU)obPz9TJ1q5k535#N;OJkI$ZyIZ)j;=93yD*YAH zI%w{-4&bg;5=NewJ*YhweDU7yi5sl9)GcTwb0gf!xepU69ciEwUZ6WtsMHe>O?ai2 z*H4Fh=lTSR!+2x8@23Fkzh?p*bqTa1_TS=H7fSnnZ->OYGrd^UBnNlo<%3N%a77pE z`Hrj;^XMukT25zR?C`Sh$u$H)o-*iVXbQ#)I=|>8j83KT@$`UYf;vaQrIl zB79v^M>E(t()6ufK7>}q*j+mnL_*)PD2EtRL{`d6;L};}0Tl`QHU1wK-Ds@H)thE} zT0~>{UGdVx$5Y905MOgGHNhr(ZV%%HL4@EbsReWElbGvAUVPy5z3a=c+nBV;&e*&z zUiWTJm<&J5T(Yoi2sjW9xt7mKYmmxNeD2OY39VrvTNcTl$DwJZe>OzQe|I$5IwY;! zDoP3R+Q?C8oKVS0^leYHE5*E)}%jRrCV32KS6SP1@PZ{LmE`?>u(CQI503>tc7ggO^F1-_VN{mc#S!O3^iF&Fk)Y5OYh+V{R?YtrC3px9G zUZE8&Fs4Tw)&3*1_f{}LHxbSK-l6A(Wiev6CO!hsDRp&Q3!MPeVu{||v6`X#B#N}AEh41kCqczf6#t*`O z9Ilvc#w}+m7FenDFTOYZ9n;c-Vdwm!csIL>RDd(|k$xmkwr?EoI)@GXa8j)Gql3RH zNm?YxvO&kIT!2&a;;#VUXJm=YZ8B(;^%MvM6uVzV**_yEMb^PFTcBYUvu{rdlr}~ z?OzV<#_b6}po5!w267Aq)kV5)l|!-rNKFCx7Z2KYja1=zNINzs&jg{PZ=5%T$b zJWs;yIy7&xbi9NBcD(Bz))h6TXS*k*+&TK%ybe>bz1K#=*!GU%pbSlOIWmwE<#r@= zAS$rn4%MiU?M-(R)uOMfHip$BoE9i%iB~h>x!Na{HzcF;rD=z=1$uM?A*MIz>>fRr zQ|o#(^RKr6(DcVSRLFo)6E7R_dHkjZcmH1Kz<-9>pTrwaOJuP}0J;uY+ z)MEZEX-yorM@=wa{N{(M%{tp{*?8}|ux9FiAme}9)$Ho=ZG{=DN02xqj1aZvZQw3Y zcd;ei+;&IT8%Ghug29$v0VOE5A-XXhL$Z3H+)aSp@ddEMSAnCkZY3~U*Kvqg6$SEz znxQ|H2H*zzijcv!Ud$}V1WnVS>k!maoNrRD#cuNZZ<1#jYeV>q++QeV=W)}q_UBWc zT5b}D6A3Qo1OB8M|MPLBsYijgx3E{}S)Wu|1 z*tFD10w$n1DY*FzcH0iJaSYRLW0Dz^}y6wZh~7?y`_|JpI+d4#dL6 zqb>erLU)fdQ_Yk03uo_Usz*2aiUrI8=MEaX>(9JhJYUQC47VL^DnPkM1!7ZEaw|^% zPBL^-!``w{d7f!ZeIoCWR=??DGC>IL+}m|pua}JXBV%sL1ac_lxD&`?+67CP25v}k zkZepo<$`@e%0Xx`o-nak6)e7FzMaFoej%~+W5SIf{_h$DEoj#oD&okbz-4xqX6tSS zCbpI_E`|@gzC^4Z?DA-zB{vQHD$Ov>gpO&7xS(littj|KuIG{TH|X4eL-rhZ$u}x^ ztkRNN&|10{`=%9(BVdQ}o=DZgu~Hjn-{Cpap}P=AWz04h+%I#gw`KOjhx2M$JGi~U zkpd-wT=h)vPL|8Q+8iJ6O?B*tY)*MAaqK+)@5g}tS`?(9<$im;X~>F~tyx=i#J)t6`nCIltLSRJ_B+ReU($cap6o zp%P!ms7^Po|VXd>!@lQM?Jb?uBZcn0$HtwHSL3=si}UwpY)IKF6e?u)5o&y zW>M?S?;Bi3TXD9ze_-1fj}|A0mW~?m-@EfkJt#VxSLmb|sxgCJKHSqH@6}%z+*(hW zLmes<4tybtJr`!4D$A0L)c$3LM*7Ehv-q^{(ejMZH?7cqj-UtH{>=z&hC%nZ?DfS^ z*Q3NrY3e@H2+Y$pX#gDtx+;o@Q1FC7p^pray&P^ypa_zF{WKJpGYbH);EecPjV#K! zo*V{Q&hUg+dS`eVqF2qmLW@YgT6uF{x6rAFy315~5Jwr}%W#y4qk*>PY2+`j(XSd~ zw7qY&-;}99^v`_F{G?*}E(qRSn~1lGI+7b`G*W~^WqI0KO_>M^?&W{v1!R5ElP%vt zupO?oYu9vV?_Q^u$FVq5`$&ue5g!oRBV^bT8_SCW_5-ko&%p$C*ACvuobI8M?BVmo zt^kj!L@-!emk#IV(y|$*0GiP6>YdW&TV>jvMQb3qRb6ea&er~`pKmUlaVf4U4iQU) z#U+i<`oZ`)dG5UzDs(xjGueLXh5rLtq{)WnA2w}gjqm~-cHOt&85r=`{g{oW{K07d zPIk$)Rq9-KmatpgIcp4`^c8z`Vx^Omir9*D0N(xN*K0iBufB_UIm6OQAeg`$_dptL z?MHVoAZ=ZEk%Cm3TfcPqw0En7UU5)!c~5}qI9Pze;0)lph0$?$r|o3f+!l-1ncPw!Le~ctMLFJIWirg0<+6QV zb|d?P|2ybO!HS!Z#-`k*oRkbP!zVtSuN&GP6qOo|XcpALhejYi+bzSk2B(N}0hfs@ zANW(7kKA66IPUtma)L*+t+oA~SFR3tqP`HZnSzMZd5 zVqe=yqf%)ssHbAbq}lLxd_06bgHwmcfB(A698RwzDHGbF{jiYNCiPa)DqNT|_44W* zIlrbCe#x)pCA}Uae_iu~`}17sCRZNH1)S2EjjBx!z`Pj`gGg$Fqct@a(h;88#J)Ply9b&x>kP3C!>*a0rf1dp-4=GP?i#yKWJ`x&^Aw0h` zKu-@g5Rdhh0@rX9xYnjn7gnWAKQ*K}Wmi3~X>7_^N9V$v4GjX;8E?4Ka~ z#wlg(Rce$<9W|X3&GgRn!N*rUP6loi8BEN6NG`;$XdO*DsOG0@Fp8?C;-x%p0gr@NH^J6X%-D{IS-c4NZc2vbRN&2_$7oks1UEXBS z+hQF4{e)~`gk!~Iehe!2#z%^h0Er0{PuKq)cVn{AxrX z6IaeELuX5qyXO#QdRZ^!BQZ=Qp_-DrOpQJAdM_12-P)p~oXyV&mI zL=>h4n5vi(u5!UCN%i&!Q)wh+Bs)-0t zSfAyBkL@U6l?uMx0-m9{cB(TbkmKU7b43+~g;y_X+dEcq)_#;M9jKF?I&$;7II%I! z^j2G|2h%=U%j??6_OJbUJI`Bl+f&IU&-(mJ5K-Su4q7K?K6EpKWE0p7ls>7jqN5rO z{gR)j^2JAg8C?+dp7opoI(g!2r$(c;p+S*hn$xS7BH-S1gEOFUhZjE^YXzq2H;g^f zA%LGdYJ<@GYJAl_^>ZHiKr(zk&zGqb_J2UgAQmXguD8cEa|8 zC@Hig(|^WEl>gL$p_6)jkX{%!w=5Ek)(+zl%RiTRI%DU?zZQ$LuRiCv1u(nSUm<8S zDH`rCngl#ydU7cAB3rycQSZS_&THtGDKx{Sg%p;Wg8cAqy~lcw|K~E~&%c_n zAKz+@J$cHl#x91%dP7UiS51P zcK;r}ESfVXBhZcMp`ALnfDR5ySXn_mt!dhg!rFoAOO|JixKfSCh>>oNRzV^ct zwjcbfeJDH3KkN5RQmszI!L4@nZ1eC0Nd5;u^!w!X)8ISnGV;Q*5}HjoZ#|0JZF-1U z**X4C?kU33Y~lZW=V32Pw@L@jy2Qw%`jq-i^Ao+F16ezSCuL#opo1XFmHoIWYiC)_U0>Krf4*1}oHPep zb@ODo{IY>xysZc8CGl3T3pDrmA$nG|t|aW<%1}*AYQ%k9-&vQ@!+=@d1~U_}_j%dT z(ddkV;QeB@oK>MErE@?=9r;nC5E#%OU%OFl5-ZgzziHXfPWt3(Tjb}qn{lM#@aFlh zamOkX=KWle?V2+z3|(bAB`KfM4=P>f`;h7^+ z+X@5K>;+IF#GemWi(GPtJCDokxc^_=@bjrbSYEW!>Q2zZzBr&$;Sv+HyJuwzHZmf?$H}er|!t4a=Wpb;b<1-50{2EbPZ{) z6>S~QD4VJ*lMSJ)KWR0+0HCmM;I&Z#~wPP=PP0^A9lWbxK(z#?y_l(U-Z@9@#TT)UnmA$zw4tD zmo{-T7W*z7w1`6tB6jnbao4E$P9uA7j$n9_?t*Oj3UAs77bv~MPwyXB$oRct4^iNC-n?^#&&18`RAkiF>#LYF1aHTaBJKF;hzpf- ztxGL?H{NLmxyR4)=oH8U#$7ec`!Ouf*y2@3hkT{z$3b0ks|a01A@tvN7)%tTfG{A_ z**j!X{(x~d9B)S~FY-DpfBVmQem(;e+8s`&3=cQ#wKsG)IENT_6ar7f4iiwzgsyS2 z$%H!#)%?l-mAW)OIx%VbZXLXL-sQy;$?v{9k2OfudpC2dIlLf=$%6P!SK&6n{((FD z%&Z^cbZeyzO5bER%j&TD8^p!5?cG*37}qL9-0HjgAuRdunZX0LX1a|`2sB$84qQg2 zV3>o$AD1yzU?p`Ox9G+(nu1P~cC*iK!b(Zet6k7b*-=>I4rHqxOC|fVJu~1Hq*^b( z)Bjq|Oy`6nYCXYvVy|;Tss{K>rA*EK4$-;|e}gh>C{KksIF}?!AugM9Q4w{v0X!U_04b(|@PmTGMyxg7x7SCU`1dGIU=U+CWK7T(|yT{M4z0 z?uEbn=hNRBe#U#*K5>!_q3qh{?A@Hpc1Az6nKKz{p^P4E2flwI@(_vkOR>nsKm9RGY*jCCD5 ze+LI2h$k85Z-Bmc3P^MAdl@k^_Cs+jER4gztdTcGT@O*c=&0%^wZ3U-HjcECj5wnr z=fCRtm77DjrrU2>qy}HN4Duo8nbx^wXnM8jO4aj@g87H_oCrJ z*YcF9Q>SkZ8{__TuhOg_ulzYhkrh6Imn-UpY%{TfcXs>DAe; z`Le9yuG}}Z_d1^zo3BgjNWm@gHOic3XgOpY7RjH1tu(4kXeiVNd^yk0-eo=HCfZAe zY3I!E~)m2fGaiyBd=l8*ZCh{s&vCucZ#QyB*v31+<*kl*FogA1ow{ z&fGfVbyD#5H97EoDS|||QDs)gYhT$zun7lF8ffhPNXkz_O$s=C!uJ%AsohyWMi@-QLvRtW+VcR@?VM zeli~@M%hoOMiy@sQ|}EXgy+$ ziDVYyl`Hm$EM(xNUL+pc3#xdzot-}BK7tBvWr*UjY+ISgoBV}Z*+O*+kw;$CjLzOw zhjEVoZWg;sEhe=d*PZCs$K%&Wnz2NEm={dBdTf;){6U4UM?NsFmxFXpl3G&Z5+;no6=7vub|7+N}dRtog_u+jL$e zmwa=I1QL)_M)QY^Gy1=ApQ^l<&0xc{h0%CF zd&UR||D+XF?%Wq^!+DW>-i9mIq(J9nrQ&qfviVlA2XO?DPs$vN$4oQSI-FW&qTit~i7U^M5(?#JsX>OGf}~G6^Um$YAx-mJ zL0Ob*y)cG3IwolrV)j^Z)vd`3Vbg{m(ym^Qf&oL3<}E69lRHg?CM_K{QoLz1mh7M8 z;FgaR^kxP=@QD(>LI(g5QL3`d0-FP+Al&v85WfPP20a~MBw@|M?OF?5HI<_g03SqI z6Yq^jEM!awY@tr63TUuxG{(i*VMlf!AjF`|Y~9wWJe<3ERO%0Bb4{O_y&uI_{FV#9 z0l{}>PKY*7^x}nzmycUugIFdf^G0yafJ$=UFh2%B} zCIr&e+(5mLOMzk6WHi(2Pl%y*3_aVW2R!aQKANV1L)n=vo&A+#p&}lp$TI=Lp+L<9 z^ti77CGz+pVE}FK z&l$}0*^A?CHZ8&_^}=Ct{ZXCrLJc&(+R$F8LncOhUeFh4ze{;PVcQhi&bqgVO&rK? zWYX??G2Uy>{ZC%3m<`EZcAT~(mf6jtY;K5M#BJZrbRLgWCMXrKvKjXwZ-5iBSXt8! z3rv$M$Cpzcw^@A~Qwj+|M=2NBneGB{{_{8M-k)~%G<>uhb>L(L61B=02(<-SDYS(r zcSrbk!HL(0U;FxO)Nn<~w>JYGv!PsG1xEW9Cr4~X3b$CnL6_e?IwOAb;tYyz_2#pl zKA%W1b$+e}YQvf`oVFJA2HOGnB|uX&jZYh?73A0&vfghm{%R(eTEKs*H_erMFgKH4 z_J9s}Kv%;hz4aVE(zhXSRxOYoxWoirdfWa=qe~ONs(HK^H8X$wtpX2(7hcizp>7yqjn&+ea~YrdE_SXm4IKbTpvPZ zW4p7DfTy$NCz3Fvq*Hx`=g9fh{!@AZzw|PwiqZ9uv-+tbViNav?fXszLjNEK--ewU z*U`P*i%8Dp8Q=T%-OUcT=Ng-i z8`Z?UI;(|@m+FCumBi1BIQ9zKINlloKz{1{?LlMXkot2m#=FJB$|PmZy(t3Wo_!{? z)^w7IhV<44^bR8;91`Z{5CJ3l8}e{m!*&*-pE!+Ssx#nsC*M)dfol{=U7fG?{@Zou$R ziLPbvwkfDJ@9LPshErC=dJDZ~>^9s#Oq;w;Ke0IeC^9;k>B+FVKL)~$QOQwH7jPiB z;8N@qzA1YB<$Fs+wgM(T{?fc#$6xI}Ce4+82pzG8j~+hAK77!+Kr?lWAwm$Ue!sCD zRoj}1%4Pt=r@WwiwdsrOAx70u)4YV|3kk~7+b^h2woMRz6XAJ#I;awabHCoWN#RV3 zb!|r-@oJpxb$yX?mFcn2e`K#Q;j*U;jIa6~G0acbd~7yQ1K(0PKJbRA0;S_=<=2k$gJX0ouWT%yguE?Ue7YblOqx4<8C zS%YGWzzug9>*Mp}v=@g90ir{ulp#mTqL!!~ED)0bOzoa(;+rEv*5eCth%+d{{vq$8 z0!)dih~_kh<`6l(Z3;^p$e-h)SGyCl%@HD*MTDXl0YZ(j9&!Tj*6<~^NNVjtjV3Vz z!5Qrj-Bcjw%MsKSZ-cB`g9}q(vj!_OQ1}eilj2LU;|bunDni(?SO9+ckO=!HWD4JW z)YzzK7vFfuJQ%}Ntz$7J9lv$XT&yd7e(_5AH_yyD6=uqS7b(DZ1pF6cwzskdg>8%Fd!-=qUA^AXARJ{+=2qbEpXr;@3}ANugTpGq!QhzJXZ$X6$J{9}zMF zfz93OPQwrPvONb%9N`u5&EJaWD{<46;-$xdMVJY1A&~3GZ?+FTD|tV0j#LNbw2T*( z?sdX&GcXjQdYi{aexWgA;MiL(`1-AegS3ejtK)N8IiKk;wgEW%3UH616w;FPt<(q{ zSPiT=1MNh0d^S;su1G@LCu)u>9#S%x~}k$(%=|E88i!nt_oay}?G&yf(y zLi15m9i|{Ab>!SfHPM&1jAzKKCt&@e{Q}QKckTGWH%aZ=zfL!6_hnA&Nw8g0wXlv@ zWInExSU9Yl3V2_WG2W}q^Uz5bGD zpnhp{E5dAFz7`LJ+!21{3ch&Zr= zHQ4Qw43R^|!X8cc-Q8#$E_d=QO$D1|7>)K~9$43yf)0}FTP*K)<`0|fxut}$lB|A6 zlGn5xRW7uzXzYMIcu4WhR3H}=-ut2itjj6xj8cZ}_2(}}8O<&;rk0OuqC++JWyz=V zJ&4=i?+6|YVO#aZeUVPUFQYy)wRY7|J{tUXxU~wNsSh;rKHNdEEpvO_DvLwSeA%=h z56|Z?n2^D?0|U$*+(dT9uBSqYI~aKE3OI31MIECIL$2z_$)lkst$7hm%m$MkE3VP0H= z8e{_j>wMSQ6#>dVymAvp^?b3z;Af9#9Cx&ub(AFwZR)8x=QK|FzrN+4 z`dp4idqJ@JECRe4(eFB*7VrMWcT`{S5f@zXpRR0advTo`e_8wyHk+*AP_Wj+s zTQBdIHN3J;3*$C-`*Qs!>|HxeUvfEz;`NDJYuWG2=_})=+{ZS0Tf{UEihtX)!GYNW zwA-Tkvv<}m#apO)Q*Pb8-X`r!YxTlH|CqB*fRKYUfGO#C#Xd;MSsBz1tqZV!TruWz znTKSkP&>*e+R)n+{K4>7L4DGRGdy``JIMO2T;uzAFY_)v1*wz90Z-*>mKX@O6S7Oc z=UM6Bw>k?Y>LfF}cXCWv6X|o}VExb)R>USm{D5jLCnwY^PTq8+GDFbiY0NM-3~UPc zGJOhhh;P@1DGl6-a8Q<%S{0Z_X1uz1i?B~aSS*rRB$Zjr70=>y#GYP#`?YG7PWUn`)-2FRzknYaNuN$ zuB*eu)EZ9T{^T4Siv+VToR%*%wFx@vnnlL%Ns}}2t1h6U7aBZ>9}2*;dNU2CH;BYW z&;CuEeDVn4%8)(p6WlxkH{YmNv|495?G5~fzzpDb2TU)!b$Qj2J_Q3A9_8iF@jS7e zpd@!FSJj>qq?{ZKT)1|BYr07I#m>WjG`?6kiT6I1X*Fv9pke3oo&nKP)8PF3exQ!B z(Z0yeXK>h18eGSo2=ab@n!4T5|H{4cIO*IU-cRY?BU($!A3s2fm@D?$4&POQr*BV+ z5k*Gg$LWVx9Dak0*WkTPRoe)eg_}?MD9RPj6`w73#IB2zGDSJ2Df%Jt-b6nS8Kfma z@C*YBEMHKiX&LFW1|04=FU)F#7m$*0Dk!reXa#4bnXYWx^vV~>CX(l~@zd!h6Ag^~vtE`cqCN(HS(KmAdWvfB zk{E1Q5imo(uu*eE^LkeHsa_+DQZEluUzrQ~;IJig(ijVim-Q9*AuJHiAil)bQ*j$( zd2NX{hO37})c7&vi|qz66Ho*;JIrGGy}h_lJEkX1Q|D5#kCytx#aS=IdP(R|w9{z6 z(~&RJiADKbw<_t-9<|$aeTaz%tS&^3es@qkE&I5XrfH&ceFm9bnZ5PRv)5?etuRyM zoc5eOWOepwXHL5i>NMp9MSvX^kf&v5jnYnYywlxsC$TTL%bf%57g!Y*)RXkis@1=s zO8sL!;kV)e{sWsjx2G9G{t=Zu6bfF3#KjtcFHg8jO04>d^OR+n)K8Kxbh972d6j}y z%X^+e8!K`mU1Ib~Gj@&_7Fp{DlDv^~CuZw8{mLvq>z)cj#9?VP1A2C|k6bwnjPh5` zwUC1W^A9<=wORphgSnko{3V(H){xpo*xvgUPkY!t2IQ|T+2;5;)70hdnAFjo4i!%% zOnWBWucY&xncT{IPU(gYFKTW1dSZTzAv6z^Tb~f+8lC4Tp>>+pzHPTDB}Yt|ch?t~ zEO7!BA}pl_pHvx8Fh{C~omh9vhZ6BnWqM^fVNGf@`FMIrF6NnId1by^Z-%cMSmrO@ zH7tOOPmx>?5i{|g^JLr1apg6WuY`6T<#S1wV8X!u&A1lRQb*+mQ`X^>+60CBQw@Fj zzHq84o0Ac*LHmhN8Oc=_jUxA%JujnMHX}0ih6cuOz7Oy!nVe%;nN$*_tISS3=k5(&z-LBO2z1PIa!qvS-i z>Nt84X9Elzk+*rAvD5sMs2!6gd%!CMj=1`|3(2|3j-xTHIB=%l_=ZbQ#YaCUtgme2 z<8@^Q>c?&$9SWzxsgFB7a3V{3sXt;1{GZ~uSz|AyPEN67t?zylaYpheClS&?VTNI! z;@W;5be#);t8|l}Ds@at%GXrcK+^#dyZY_#yJIbn{MLQXwN@J2h=_Ss)@6gQKFqh) z){kHAhv0`@-#qYkvq{GxAt%#G!PEl*Q|VTeky?I<dVFutl1b!2H`p zYzpM&E@joqXMIG!xqr^fYPf)yZoIOm2Mtjhh&^tLM_{rLwj_>CaQp}FP-gaiwkkWjuF6xdzUNG@$shzWq@!0DR41OSJFKQ+upJk4>nNCIe!_+lRD?rjcwhSX)u z9MJx*6upYR%e)oyo*Dq9 zW~SBf5KLZxAAhv3os|X8O&b?&M|oh$V)nf!J81&BII0B7i*yX3t5B8V*`}7;#$)qw zJ5Hk>5l_DZsGUr=PWK0TpGxm`6eqi#cX+N(>=@MRY>y|;wDYVxzH|YE1@vbwGi^Fr zq-35Eru^%*jIt0F-tblejWQ?XyXuYS)VH1Qtz#2{o>QY;gd({cgM4By%SAWl$Vo4U zgvwscAd9|^^OvI);PQDF`)8=8^g6Y|Z0q@bxsT#eL z-7nkX{uQSFqw}T8dSf?rECNdHUJX>F33p<$aqnQG8g6JZTzTet5Q`K)cBLunOgfzj z-0qCN_7a&*Ktk~Qjtj?*P1dCCVgW>=%!WpnL=mvrgqms~ZUh+kyD%c=oWW|}<`Ty? z0#7!w`0%kzodcoFccp~jxA1eYGwB}5ktc8`5@QbYNn1cbB)M~~*>&Ix6p zZXL1Y1ANgZ1pESTZ1hWXc)5AY&=LR}0?Enl+~TL3!EXX^c{Gp}XKZwCq*$=kGj37k zEkW&8!K};oNZ!fbjr;FEZSGI+n2u!)={pa;4YQSeALT64|M}P^@aN4yOzB%ghG}|p zhPt6R<}ssI4efD@*_LV^1@Q^h`p>WC-HR&A%O_VKft>+jq2vcj05%c%ePz%-s+N}X zYpumK^7N~n%6CL1SYX%YNLoaeZdk@Odn5Af*9O)SygIeChVIJPNg*1XCEECDBnR_d zO=d+U)x0l_cLermom}9OrZ>*%$a_F4t6E>(EKe@N9*~K{{v;fHC8XmUDrZ{uRihCp zx-*o{R1nYa-d3xkd%&F<8CApmXe{9rL?~sTdOYxEWf%L4f2wzG4^v>nGLx`32k$g@LVi3J`-;LpYAb_jZj z7rM;rVT?aFmM&-8Z++jo4nun5H5fYAgU+SpfR{(-vg~$|P?uRv4>~c3>vz%>DKqf7 z`_YCQiUl7nML^II5k9k6qQtYg=cu{5@tCBN zaJ+z@ahS?JYs{9US4&sd+{(EMzI2zwV(E6euFMjhjQJ+=+}n|v*(gc4c5@{glT(RX zfnZ|+>)7uZ&YwTD1)cdH-vVFa{xMmvc>4&5Dh(WuI>6k3L37AYKtgVWev+YvUZM@7gz>z9?b@|uGirQ;X@jB=wCE!I0Ss9ox;m)UmylAQ&n4k97CHC=>F55C?P_#7(HsU zbR|B(cu`*Dm`INFCG_Q0rHGaKT%#bpJEK~c>ithd42|%dGKXGQ$r;3fU!*ly)B|5S z7EQhrMC6PM+_N47{b~qYC#khshMV)I`w(RkAB;XSSelCitdBm;o07Te<;NpJX z<)hl;dxei6>;w841tk>6_)Y>EpjYzo8U^T(6Z9kz zvYhBqs> z*8A69Mj)P%vT#H4Yi^OK$nHf4b`STuM70QYf~0h1!Ukj9>9dF_aZ$cgl%4-N$yKLI zJ6VbEqqIv3y`3H!=QP)H3_f|6){&;x{NQ1W7nk`yL%^nPcxoRY#^@)h@`bwVb8QyB zfuQT?e9hB*L2ZN049Q{Kd1#i7kS=pwj_e#@RJbVR;NpOVVMGZ^&-r?gdUPENV%aO! z!5QS9P)mFQQNA^Fp^;&fGx*60nVIqSxJ1$X9Im{q@@f5JKnZ@~)Cgi9X?M}HB~s$e zymd^m*gaMaI=Bv+pFQ3upci#1a*3pQ=v$EgcX)2{^ORd?R!2;4SgO4tWPO zU=5*|1QM$o#e{mo@j}H2|6o$~jd%Nc_#V*EgNyZ>u|}xEKInO0%2GCd1j6HKFuCD; zTTEvKfXjmjWu#S&M-&~dh!s^=ZQTQVtydCIFyg6SIw9Z}DxpeekTJc$vG#K_*ls9O z(FY8+x;<(9BRu3_piIrzaOKFigJC6NznrLow3l$MRJVm(6LY9V=K@aIEps=Fft(4^ z#xQt2?pto8KPpu&*i9Z5EdrQ%4_-LrU%2~l{~AOx3DK9HoN(}uS@Exj-|o7&ibqx2 z*5C)Lch`3FEUT*xzVj^O7!cZ}B|3a~wx%XF?Qx^03zAx;FZbs|wl}y`{C{2wuO1DR zU^?=%E|Qo$L+c@GyT895954-NBT2^lN0>`r4W%%YNSiN8@vF=FGJWXgL3XGRkymfF zIS_gOXfUd#JIo-z9{QE#L^AyC4fnhs$f64KsR=7TI%~nF(w-?X+MRWxFH4o&w0Zcm zyhMZ3Qcf-f6NlZ$GDAPc4zZL2nPi9n8%X4efLqn*2T_d{JLkv=x5NxxVh(qnj<^t& z2SN&ikZs-6t{y;|d|GsB)TG$=!Z24hDZX7C9EPi}YrFMCZY2_@3ec09ssDf{7U1%<03OUZp!CZ$5M)TTg$FGVU`I@>N%BY(x64ZA!@)SnqQAAwS3b z$D9=G^Q&2*?&@m>o&`o8UE3FXKR2kDTP6-Ht1f-Pu*NdEePleySvh(Z(jkp;1!@3_)O|Y+3eGe! zYuOlb&;xaUQGR3j{tuFdllH?6rqX*YxX|z?-G=QGzbxE@oU|kRSN+)4e{S)m_X4#%qy;KOdt$#vK30oI4b@isEroG_q0a#_Z2$Gc`=9}TF{7B zY|8zFkHAA^4@fjs=XB>+EZ<@E!Rw|?NVH#}r5Q*1GyM718~WhJV5fQmPC~bO4-zQ4 zWNp2{^KV)PrPf>5r9BVnDEP{1*v*E`J4 z9ZhLCX8LWin0?Vn~U7bp?xNb}?Ql%GemR{tS96OsshWpW)pWvm;y` z>1>0oqBK)i|3f{Z3Xa8$5_Xp00|Ws_Q=i(C{K}&OKBF(+e%X}2ZLuP^px0|EP>`AG zv9=|J>LY@Z#dhxG(~P>s)rVSb^WIBzSSt-zk{GAy%hqENI=SpzW@2ISgW`Da{kN?v zi^>MIc^Y9=Z#`biU#l*V$L^lsA%s{4Wb1JRBg@WJlcrd#sz(}=W%S4j*l^;d-#+;@ z8Eur>M1fD2BHlP4gXu(WDfUq-pmWJKdZ1guWGoTt68%W8U#R@P%zEm)a)6q^oF=m4 zU{XH_o-gpLo0&ik%2$-y6q6p#an%IR#*TE_YG=6yY~i)R80#se2>Y-nUCQ$i31(v; zn161e)NTKk$2$?b8F~l0cAqC!BP0pIBi^5Nw`I!%)Ngbpb^kaNN>x7H5v3s<6Z)d5 z5jrQT7J9VkETSY50mOF_8qi|hW_!%&H$)!~Uo4{FLa+oKThg4{EWaJY|K|+-FHCEC zkHo>l2OCD3YayqZtNt61G(%vUY^#8sKV7oH)gb(SNMw(8y3)p#)(Ni_7#)P!RPi%{RQ~iFs zwytG%^Nx=#35iDlP(4a4@zMH8VnTqURL>Rs!yXd<@RXo7EuOq%_srZ{YwKht z_A4e7(eHH!1Q)mz?;n4nw&PBS)GYL2^7~$VEasMUl&2f|aJ6FG!SyIta(gO2#E$=|osI)YP zivk!=)&xZOwKS;ePz-1TYukd-oyT8I1q~ux1<4~SH)bCKE>rF56`Aqlu8E4=cPNhl zwQ4=kE!GGvblF01Dqm9_ZAAKckh$fx4;ei=5+Kz#eOt?J>a>4H1(CDvk|rX3G%lE& zP<>`{sX-;F^Icwv<`;OP(~rUk)lsfGMd)+y>B?W#g$j!pjy6qg7d5G)b8rEG5|N(~ z(1oZpx~Dwj4C=^Tu@3Zz15gt&?W3OWWi97LtPB=x)l8Sy$N8 z#@g&m^4FG<74%o2!mrePiPJj(5-sGmK^#HWX1f(HE!s-!olGZx#D;g(Yi&ShJQab;Q_s8d?Fd4Ry4p=NZWh~Khw=<7N7}RL+-VaQzUpK*E?!5UbCiey-0VOg z`n=CO;=Gj;f+n&;P0CLTXl6(rxZYK*0{Oai}GIM{1sFR(le!KNAM#AhT=ZG(5+PU@S)cu7R^x}goq;kCw_mekL6S>oVfudAhx z7)`POfZLci(;BXr6?M9wfz`fgYys3{36S$R6;lpcsm2p)eJ>5M!2}feEqIB7=<9n7 zlg^&I=V$vmAe0Wxxpj5APqa@DHpt)b{qNiRUbc)!DmNiiAFN+M&UKJv$)h{6v*Mr| z1Pd{o^W>7O+PksCTP`$if1D>PVH>mOlPFYcQ9E&|XZ<=(bh%gz`m+slL&wULI#xDo z(*=E>@6w~lTQy^&HxKT&rZau(%6)RkKiY`!Di0qMa$-VbwnmYR)8jX0<9{yqV<2bNm^{C)%g zJSA{u$+6c$-2Z>(-v2(ui#S;`$2rdN<}WFES4GMP98B@mp4a^$rF6Ib9_;WJHjG;q zzS7;AQ_Jm(dbKZ+slPgfP1E5em0yYK$2wP~(+KySwn-_P8V4*9T zI>HJ1@ole$IgWQjrg$gw^ki9(F-@H(eYeiwFH}l_XX>+*w71=(0mnk8k_{KiDqlK|7}*;N z-N=nAT6@cc%Fym!UE9CBs;S2Uy~1@VF_?w4DJz`ACg;~JTd$kWPi@pYL%-ANi~}G0 zBWy%}D-H#&1rE1IYkHTNywA>%LCUL1Xm4Ng75A@yI-c_1wY0x8=YP@JloiYzGw(Uv zM)&kByS=0p>pcGfGxk@LQuzq3obHq^owWY zb|b+7HrZ{EcenG9j4UbW+au;QtQ{vGj}w(tO1S^tlUr*CGND$6Wc%ash@9Uy%F|iC zjf#$s)Xl@EuR0Iyg56AOyy|U-@9ib*T5iA37Ll$pc)Q1Nl!)*?&n5r)Ed5L4S$slb zzr)Ecy`Pl+%d+5Z)h9&nUBiyox$*%zqh!B23&~e+7ZZ8cxJ4Y%hx1I)hu9WC7eT*g zTi)dsvfPP?tx`gT8MGtnmf99>6AZzL@^cRN-&NiB{vv)ap6yofEYb8CZ_fAsu;pY( z)-FD(<*xRt_vFQHNr`m~;s&GW@15}aO%H%?wpywe_FlLuy`uDjsHoK3!QX$+!|Hi?kK(EU~Qh zl+}9_e`%gA7n#NcsPD2UO7fF07F>}|och@szzQ$7=Ig}8m<#?^oWS+wDrE}^XwzpL zJ|;YxdMbT=;J=)k{}~*fr|WAZU%yl-a`oyeE>#Kw3#wCt9}Rr6u{S~Bd%R>1^|*MtenNBazn+z z)rDIQ^yUeqV$d4xyWGw(&OD;gs@wt*%8R2R)XplmU1%@1+{{g9l#`0>*~(e>_%8^f zX^Ed_UNb8#&`r9CTSUExnHVW#(1y9Z~ns%?-^bwRd&=cYk%wPWwt`naD9FCS;$88 zm3`%$jCw>s0_lNxqw3bGrI-v!4!nJs0(Zghu7%2*5;wH-^Mp?&!f(x z{8+|Kt%5B3O{T_5zpKQ>*BJwW|9fWrSJ*t{sQN~IW7s|*3d5Oa``7E+J#19*BTinj zy0p5%oz9N!E$B<^qrLP#yJ1c~Q1C*PkNDY(>6fV6k2akt9#4YAr-J*aoJ~{IuU6JA z$)&TYbx&T%4LCqoAGRD!_@GQHF0Wbc4y+3{|Mif_O#?g#ORiz0x zU4xF-DC0x*#J;OtCOKBdC*9PEQ7yQgJm`b-Z8%Q+_GW}6;<4<-XX&gBlMs)KG}Wdx z2j89022o< zz&jQE4IoW6#Wl-QY7$ z(fc-aaqhJRsqAUfsN})tGrMMH8uNDp?tg>teZ$k0$CvwRFE5sJF39zLWN=qK)t+q0r`yZ9piut$pr$w$OK#V}lkIsE z{l&KHRvkoFodVT&p>6eWqQI3$ep0ddbe(!nswFUB^a@RW2t#7qfYIh4Mem8nM0CrT zS48)Z8`&G{sLgZbKd*kV4&}YzdPx7TJVhh%@TcpeuYyr4Hk)yko-EM-O?j!q0V~=b z3ta>5dWpFnn6*uKJ-0tVJlpsMyQW8jb!B%G-JeuJ3u2t~(~g%P2yZY27p@iP$86_A zGk)E_lw9{vON2LWL4JzGJjXUcf$n@Y%ZC$r)2sXIb>MK4R&@6j4d+ke@=Ly@i|oA?lpIA&Jr`5-+#pp=3r|63pXACd7tV))~0OU!e= zeGj&<>7wHgSg(jYTc-dgbgr6CIUj0K2fUCG&GUQa6r*ZGh;opfdx;_{e7Sju1lp13 zw$ZqYziksfH6&-stzuH@sjVNyuXuFjgf%r|w+z$+wdpve`d**)u?-0Yr{> zFth)Su|dF9KuJB?l|_w371_a(hW}mC{r%Q83L$%iH;hm{*J09T7#}>^EBHmBBRFVc zSV&b%-}UX7hi)+L2D7=NV>t7{*_&>U<&j>nkEQy5E|C8&KSY%I+VZDkr2b$P-?C_4 z!D68$ao_Cnp&u+kY)P}6Jyw?q@wS3>49p9=7c31blTPoGn7LxS{0vD0EYs<+q2Y}Q zEQM<$>#Fb%QmI`oPp~&YjuM`KCuJWas{NaxN_H|GqJlQ{$?sO`Rt8iP=_n(#;}t%s zVPjcMlix6LS&C;WWRvGJet7}a2&j7Bs27-c2}I*rGFK73|4pPb8WT7?d#$XD`+wyw ze?ffem^Mt$vjAa{m+cLa3m=l-`llq^(@QR|y{_p?RAGP`>lStjmN7%^XMUD@EK)FPMuk+aMA#RzB zM*!XMTN7ISgV#{ioqXC|Z0gBJjt*PpeWQwo^rv&BMx)C^kQlM(C zG=Ap8q7Cb!1Qx(1Z8S)TOy4))Ed+ny*$dFl5JmP!ki%i)!nHT*vM=`4g)hXbe>p2c zq2*Xt#WHW|j+fi77h>S$kY>lseKQIB8d4qS@`btu_$e9mCDL7W;ac1u2iFJLIZBFB zsZfbM-oqqHQGTu@OFqWFSN(jJBP1ABdgHhnh@;TzhiPCbG~~4DPWm;mZn<>ovK;gi zp?%-Ri9Fr>O1Wt(irqTG9PVxP6BfWZyTOXg&XEu={1XMgCuIwbz6NNin=`;BWxhHz zwFzh9C>#C}B+3LKSNzy*6%kppwZsomU10CYOR=IS~P?7VfwXpk%pPHn+m z??N?g^FsvRyZLk1kh^ib*JvjeZ6jG>oJQPT#i6XzIGDCgsGdmPcKO;KnX+#BpV4Mw zJCyUUx1KytvyUz{zBEU;#jg^f5S5+gif-`miPY40QK~Ax!oC~V66>Dg99mu^FTCcb z{?yXK{IdMSS2GgzYaDN8XXSJ893wCdM*62NYV>kl^s+oS3C8tZYPo41yzJt#?9nzU z7Azm2&9d??8T$heqhdNT+|NxOBO?AmR2qGSrbzu3zJ}RhnwvaD{krvSw`OP z8~L%tJ9wu-T-}2=uph3C8FhXgm|4V4O3EL}b_mvmp`$XMKdeUYE|dzF*^vE;gfhg) zXYOkymp?M6Dv49tS%qAwiEX4(gslP@fxtM zq9ky9I(yjrXm6A|GDfP_ca#0Z- zGj}ikbyGY?_3NC&=Yxku!_QgBS0`6oBo1;jdLBKz3|`)pl7A3CXQ?&o*rVH&1HQJ+9lbw(&$=ZYaj!ps@hN}R z*QGmID@{&dved zw*JcfxQA-utBbgl80p^m!XBw`uT4csYnwx+urL--pgsAc|1qe`IoA~HH1Qf0bUc4B zceU^RpCR|foXb_i?UYJdzduDO`$^CFo4hHmoc)kel#ep@Gx+u+;6U$%2yfehoE#G| zeJG1#G6kN@*ky0m3rk57|5iG)x@;&Q!mPGclBABS(Vf3RAvsQ~&c3zk<%cvKX_C|+7rL##bpgmX;3qbjXGD0XTLR< ztc&rTRbFRi80QJiTrrPppQ7Ctz*|3z@gGjqepo>5D;Gb$92Wd!vUd?EyJX3((%L>G zeve7IpZk3rb=~3o^!lZ}$QovKFJ=6vAA)+OsuC@d;lg5-nXo)t1D$^Z-~TKnvD~-_ z%06JoJ5c%cQbH*PGrn@5GcQsyZfJ#84O8!ZZuJdK1pW+hJ2^S;GH|8265Zb!2W&F+ z1xN2+se4~E(WzOk;oDXhmexS&D!Jav%lDlpEhQzGs2us+g8S(3x+sY;W{^-vjj)VA z-Ch4NMH_dPgB77UDdi-S=LocJ$_0(0`nMIFV+MVZ9U3;5e;pi?6|ZSN;F4@x@**Z) z_W*0R7p7EUCo#FS^SN_&YkM|^x|x4iI%Lh7TB3)`6x2qF4i@cm_x-lKb1j1{ThutE zJGLyRD3QPPo)4rnPu2znP+2CBaXtP$qJK8xw`61#TO&YSleM0HJC1Zhw`sn|bWZ|c z_Vv>93Asyw!Jg`DSizR7WZ|BRDdzoW4&?30*GDbN^)iCsw1ZX`GeTH?hCOvjduZVl z9Z8;9YnHNX^zd11^;5W&-;EqoWQ|)-;_s{|J+F_3ilVXl>tZpV!cg#{~vYsCt9aH#5=MVGKGqTsh_qmm-Ueg|M-VT5#{=#@Yn6OJQHi#@S z)Ob?!YeI3VEGU3Nc$QQ2b0wzHyZkHWeq_CFgNV2mo_P7n&-y`>?#bZ>rpn;-Q^oLv zN8?Yx&g)v+@Rh&H%tH7tl5l?Z;?A@RktSD?jPM+F>R8=r71yub!G3YyyXEwLCXZ2m zciQHXLRUOlP`uBY*YU_kEmin^e|(KU3oF-CJ|{O>XjjRmtM9$h4$c-r0rULl?RYFc z`Azg6u8@yRKg_&n9I(3oKpH~`1lHwd?uU>6-8`M?tAmZEK6tzmf zt%{TH#Xzga8U?e9>3TYr22pq2h0%GEb#4A7b#!*z;;S%q^XIs24{M=pf3K&cT#}QJ zkRtk8S$S&apE1{i=q0U7J_)2W>k26D-g^Hns|I|21{1-7E5_eu& zz9%0|Rlf#SWS~44HzpeWRAG1YMosh!B|sWHz1nT;cpf{3$bpHoG!35%>ZQ-PI3`bT zrZXP>+VsZP98CW-!}QWOcP~8MFV|umqxd3lJh1L$3otJOF-ES`GbU0 zd1`+pp7!qdWgU;)*@DwV@P?|K1=Xzgw>zbpe@1>*?mVi0^8GILRxAC^Mo(*^hH3LF zdwx<#V`G)t+G(3!a)Doofc@0{3rRH^xKVEriOFt+*V}fZvsNFRaoB@L8H;A`?FHL! z2x9|lh}G4|)_;doXYpORDZ-K`4(aA|t~D&BKe}o*d1JiTUA^+OoK^Kr0;$H%%fXMr z>#MWUjlVhZ>b~~tWveT*uWLxNjJ5c9XW73^- zLSZUDXx5Uby^j<0m5~C9XQ$cOab`P~T{X73?_P_#85KJ}y(l7J9iA3^!0F^5+Zlzm z+iGbcJ71xyjp9_>{{6BS8@E9gZ3*EV4fM0!OILB$JWgKm?eRBqO-aL&`k0|JyWb&h z96dDtTt}IiTDkX{tES|TG2%*`-(GH~CBkmg;Pw>smKg46`p;w%N2>gxPNa3&*zldc zQK4xsMWpJQz{bgQ&rw|-J3|?s-dB8v&nt-9z5Q2%ix~H9W-|0)Rpx4&<`}c|0j4QO zg#V5;A)v4Pt)Zm8rx(1yA>JiG;05%k%uEHgl<#HR$hYzPZ<$zZb0CMa_9gi34^G$j zZXehJ-7Mup!6}{FK{QwN3Y%&#RL!IHBKZe~5q@E@$Z8oeift(EDnrt@_~LsqYsT8JMTZ8))MD z>8QmpOP-0t8z6(i*N;`#UcCUVjC5b^7`Q_1yeqK0%Vahp`*VQ1*ido0c2Gf{+Bgo8 z+ndhF9cv8z&EKFVy1(zYUZQaLf6nT@`EGksZIchn(q|5nOR3yQ1=p+lH(bml*yX-T zg0_FNEcyhTiHS)}wOf(@xXP)V&Z@%3CF$Ypm2=g1Z0$7pNb7WuX?l7l{Y%uiMqiA! z)alPXN~^FxJg)j=uL~}c>f1-6S@?Gt42$jp(e@8Ke<%4r$ZYW<0)k6;H^Ca?HNW3$ z>6m5b{IABpDo5QZEB_B;Zxs+%)TE1I!7V^=Pq3iD9RdUr8u#E5TpD+Gm!QEKcXxNU z#@!ot8u!aT_spEfGw=ItueGY`v$CF*|7zR3r9qJB;C=ZHYhZNPw(V=Xgx3Fi>LS8B zOL!=!5|2Rp9uH9-LGUZ*{b3zRcolcJ-X5h}1pF2AzId(Ls3^!yDzT>IfBC91!Bs=C z5hXk`_>t7rY%S=W%97C*5@LQl7Zxj5F!n{bLyYO?wBmJ>N`1wlstHb&3z|>UnkmCf znLAm~#WB%`�Pxr+WWCC=-5~bya@ea8HZc1tZM*mhNx;f6JtQzJWCV7QyXb%XIK;)n`+7n%Z?8gqYaUKC=q(}y6npwh( zcwDnR{ZFO@ehpoy5a#OYhZD4(f9e0bt|zPu+3#?~zrX$(`!Lz8Oy*i?wn^nxyQ6gd z>)eQ z!}QE!!l?33zBpY=*Ro^9GiBlX|MWiZkI$%?R4sMzWs0FT`hwfYwlgmvWIG+JP*VD2 z5;f$c4Se8Uahtki-^8nvp+fZ;0K1ASslu%VO|ecFxfr!0He$}0r84>t;FRyb8NC?iur_q~fx}DMqxVEor4h6`w-pFDkbQ5GUAZ2K?Zttg&Go@~Q zpnRXIbwxk7pa?&MLk?G~g1|_ebo^C|l|D=pjOogJa1QQt9X+?J!_7pPX#B~JD=7sp z$X}{+(em&Ro9*F+ol8N-Z0_3vyRD@ElF%Gj^RvuCG)qQYTJ#rwUkoFvpc0!l6aD(% z6-o(x48N;6Bt1Lc{C?Cv(x8azay*Rvkc}H{k%Y^9fQqW~12BNRf3X_*5nThvN-~b?9|GTHU(& zJ|10eTX13(e$8OaA(8Mr!Hq;p+w@P_VPf0fQ6oA^{vIGU4D;C~^4TOVkTe`SJ=Z>O zKpVhdSCO9NxL~p36yE>aJnk@TT|llXv)bg#{|-99@dF^IvkENw_nI9lxpgau7akkd z+u@ZlyfJJzX5>{Spw%bC@i0>mp_c`3nos2o3M zeM%uZoa&jV(#BZf71~btSjs2FIdYgiG-l~EcWrpPT9a_}Z`j9pW7EsX#}g$Lmvnu( zdLQ@@4E#NyncFcoXI}$9YIIS{myCFRJ_84f3o!LUlGVPCSOd;L`9Rp3XCK)AOQ9+!01rL$pEx zCb%*Y&Pw(n`FK zB~zIQ-3Y(Ekv!VX3)UpI-we>E;Uf9{HYR^MXuZ{1wXEf*1285 z?Q(crE8vk_qY0@OMJ~A#MUo|cCJ9Y`JUw&hICvxfcF){Q<&8cv(ZxQ@tt@2}pMj_W zylZ+##f;@Wgb(o;Q5Lg7W7QF8Sz}Tpu#j}jf?q@~F`G*_MNmc!| zNjn~oP!i6*s0bB-PH*PX;_%mUpE^C`EOb-_A0p`*r84x9X~G)EdvYRiVnAZhUCmng z8y~)j$y4Br<+0ALJ9<8yw)j~~@KyGFu)n`oSl1&f|3rw*sVsJ*^i-=dN4^#?K63x# z00+1PAKXeGKI+yR*F*C*m8oN`(ZRD71q*|iQU>g4 z=SfP-zDv@Na;8RqD*LN2IAf+;QY`KgGl% zl&$dKMT)upHn}|!PiuqHfFH`g74Urml-c&aKg$t8j$>kq+3o!1ZcFEG3z5Zv`t}?z zmX5cd;l~BiVkqm>rZ6(Ii7(8AFsYY@x;`?m#1@U-B!bcAtXMJjs~Tz@^Uc_0JU3zC z&>;@@_|A+TVzVFCl;UG?-WH2SjJS?+;{x4pa;c;3tnQ{|(Q^0U#>t7Z+2xni8@Q0^ z3wUOs+%Khfv3Pdm-1k4}Nz27N@mK+5Z@QW*-pU>8k8<|?s}^trJwzzI)V9SelnBm+ z`C<=Tj*U&|#aT6<+=yF3N?=&7fUYieZM(czR*?We913!oZhr9 z_#t}s;nZWhK&#T@s6^g9r)V6I?@KSG5jFFUb2fFI4{VW;uV+ku_Q^csS#5iLeOz^p zZ}blg(LwZ-HZflprIt{;hieAR0@m-`5WE`Z1Yj<?# z_?21_QXLCzX!f4od-Cwp_nxqeM=ik}5&D9a=+@ai1P0EFFKsGq8Qcc8SQt|4($xip z9URSYzv>ofEZjPVVQJIUW%VAL2b38K!YK`X1RIl$<;MYn)t0sBLHfxfF6$-s;1m|3 z98}ahQV>I-?yB^{NPDbE9ppnjOQ>Ey_{8ii3;3-uW2|0_QFMVVg?|vlyl`#NcwK>G zxyQ7ZjDEau39J&Y(t1rvlF3`_EAx$~_tsD9;fzdE_WD~cOK{ae&<;*J;>m^ElM3B` z3Z?Vv#HMd=?K#+772{$nuh0zF^t#CqUT8M=%2%1yMa{%)EhWB_gVlfeSK z((Sj-v$Dd|Uo3N}OlM!+7$=n3Z_rKehvZ9z&)RR=RsVBR|I6gFnbnE4PrQE;K;aFU zpOHX6&Jv#N<$Hh+xdH{haSGGhmyvWAL^wNQJV^>2lFD7wh$w8^BArDLbYew4YSFjJ z!djx#%%e9pk(>={&soFdogAr!P}wNs-9egA1f1jKU@sC4ht#F}&Sj?xWg5ouM)_}$ zu(G@->S{A&thn`AC8eIOU~(!rMqli4-_c!92Ny=fHL}=-s!p2+46?@7ZKG?HWqggp z<5wjk4-wOK!w!>N1x^yxgA5d}(4XoDXE177X48OHJh|)ustZgIPzOP;5-Y>wz$eD0 zeYgT@0LuOYk*0fDqzx_(phcm8NlG~Y-wn03U4(Y_YM>=|5J|oY@JZe^vJ&B1jk8H^ zlEVuP>}td?Zfwkyu~jNO*tBjA5^24f-pbtv-_z2c8Mx;6n4GuPbk7oWP2C8g-I-+` zn37~wD5kMib{c=Ko`YPmULD)>VAZoIX09+K%eM=5;=YGElGfFGW8OL8A|Z{gpkF5Xe(qUl3UcPVyBe zGF7B2b;j-uqy`ffC`5x$+!?#{Yyf{RzJ$3lM6>H%O0K`QwyjA=5C7yT!T%Ps7LV_h zhw^yY9)Z97@YgQ{_Ne;k!C-t|GV{ z^En<$%9dPNF4wNh6ac}frvXa0_@xZZAo_8nW%A{<%kl}ED&p!>{kt1(VtDNwozu*` zDA-!#7K6b~7c0SBnRAJZ{18Jedd;Q{t3tK&0=KD>0{7XCcugmw`H!JN7W`^c8aJM7_I1LjV(E#&l-BAs)4S!>A zoU}zA#(eq>(si~)a1J|Dz;7hD8eya4{rg^bZ)|onrRRK-j3_`*r}A;ocvQ{a1TR(s zzz;cF1y&3)P&Bu6?Wf!~cxUvXZCRKj%49;$%`?p=%nBrlXLe{xyluXEu-f+5SN7xV zjcKq0Q_pPL5-1Imr|0s(a56LYdl20-HhFwmt!?2PFYnzKDJ{?AeajFyM&CaK(jLeR2L+g$1zZ-k%W);a8-n=>%~SNXTLWyJ7Jj>Ur6v zkd*~Y9P#l7kb>GNd3xPq^31@@coBx%CHb?BA5ma6!^5^K7Y+4d?fgQmUnS1|)r$2{z89b5<=M^8|qv$J(@R~1H+PI^a zS5N^>EBeIb{g$2u-Ws>N7Viik{woX^R~Xkbi9hUhXzk!Mxw|lRCHfDAn>-b5@*x0+ z)#+akl_`JZR^hX;^jEo{{=a_B3BW%;Bia~(_9?qnC^DG`O~$&01AS}B;GRuAlSIAo znvi}F9hqle1h3;Maa00b%ZEVXr>r0A<<9hmr5c$+O~Ev^AN7!$|AZoiO(n}54ZoK z9h(e49EIk~TlBd{t$$CRmU>m{Sleb!NEW@gvq>dVWxdgYr2H_;XGvU$K)xr;a+`~X zgG8{)b6C1>DV+<7wJ>r2xUu>XIG)21ff*h7?dt|;^%5yso{`zwFi2R+lPGrGv`YQ$ zlMA|>`e==#TYrQnU0Afh14n6b8296MwK)~*uczwBZO%^$I}Nb<5^e{<#^vTQ{yBz0>BoS8B?*BAUpp>P6U7 zO~UnI`u|4akZbcff|B-DBteV?CKOaR#v=d$pVG;aDqW894Vvc0QGV( z)ISly1qx^KQ7)TN(&*cFp#*BdE?pbj)OR;j#ZUS=tVCG9z*28#E)L$H@1!Xz8o#!N zxcqn)(b(`mBCf9B!H+6r$@6{Tl@Uh4K&Mi_m$w&(b!kI^7GPz(bBcwL%v z%Oe|Ra*jOYEln{Y*q(ovR|JA(yeL@jKT#U{B9ri?ef~^k$yP)-CGNq`eM7kbh-gu# zn*Up5KybdBy`YLpfy%J1V&|1YNP65=vsF;IR#Y*B0#hrH$(mZ6*!x^0izPIx0(-0G z6Y@B8ql7ztf#;{bn`Y2|EMieDn)}EJ>C7kwp~R73DF9R8MD;XdNag z$BMtuFnicp6OpxB=@t?ibBM`OtAcVQciV7j~0!#bA(ls+l?VN5(DsS(P=ux;tcbTc*NH zv*A%rIn027=p#r#N+VDtzY9L_n|4tvwyEbOk#_gy)CK0NFM*wGf&X+wxVZ_VSM<06 ze^5Kjw)_O&1t67WjK_?8=O#nSdnih|xC@ZoWyjXYHVMEWBXY$E2ois%F}E_6T%` zJ9MY8N4CRX<>#E0?Z3aJrgW{Bhe2CW z>H@=Y!o09g`Yt1lT9-Epe=>nxzqiZ3Z!x9oe?+gsuIqn&PB__WC6OdfN+FWL@j3O=ZH zS*6lDQRD8K%Q*j0{(COda`qbH=MQ#$lq6j1tJ?ALxyV%EtTMa}y|eWA^%q0pm3@hF ziuSXW8%W$Svi;DB&9u#eg>9RKueDOOwR?YUYX(%aU=w zFi55@&{>4(_wJ{5?J|KvKU{ydDzqs+if{+YJ>58$ZVZ+-#(yRdGL34GBUJVt`Oo}T z(y~6uLrGu6neeR4_EVy6nnG+O79th*TMG5&%kKSY)ud01$!|{Vz{OH=a=+;15`;HfZ$(=QyjY^@(o-coHJNFX+_p8_VyrWyT9;h z3`q<0j;^Q9C6BzAz=N>C!*Kh<6Z&U9fxsD9tG zQ;mj09ryYBKYL~2cGG7CpYgAxP!W#zR^tzbN5vN)(#-yS`S3+%$~rIJ`p%PatyOLn zyAkJ_s$)n4=ld_U*u=9-`yYQV+KS~q?ymc0vHgk2W}v)eIDnPSYqOCmuW_y)^^zgYBJ)EwA@{)T!%I^t7?1<1%Y zP@^*2h|eAWwJ0dbS+P^<3~wJ(L;zhz)oFxcIx3f|h#uFX;78Y>#i80e5HIJ#WWuF< z^!*hD;{#KSX%W3o-yky`KmEl;|C{3L@8*fQXs|;(BL?J3=&B+li^k&6_xpK$JcTYv zmt%ig@T5N4k6}WJ`q?8bkBgQRpsEtH#hn7KfZF1;um-W{T!Z{YkTzqv#2v9okQ;6Z zK>_#K^S_KjmuHz`Tg&#uJt2<M3rQ-#EFk9w44Y&Oe8)Gi$NGNbz+1hbse^>3kas+tVkuTunByO3V zbmpw;0XPqRbo*j(h2_kPz3xHnBNGLAK_&>6k2JO=>InsD2_rH5B8v#@VFQ%sZNZDW zWfn!1CfT7W$^$&B^k-z#V*^NhJhk0hRfYEz;){pLvD=l`Rj$f|0IhD8E!!nE>^i6I z*-ELwIG0k>G zZYO5Gm=r=z7#-vnl8M!CIi~q#KzKh?tI+41SAMS-vQeJV%CA;w-PU)J0a;EMfa!}A zDt^pY<$c-vZmmt$zoT`ie?Z%}94I?@uz(zWzJgi;+53#+v^ckpvQf1ms90DCU;i*# z2paHuc0-cPUcSfO<=CQzt8bdW+^L%z20#&~XBel%VqBbOB+3OMd>Hd} zXJAuYL;C2c4vaxM2{xpUwper;%b@Dz_DV^e{4%71#WL?dzMb4MnV#Ywp2kG8 zsr8@91)VWu$%gROru~9{h>m-+xh&P0?3E;%|{6@@+g z7a{>YbR{7BC5we|*_|Z*XF@&UO7MiK>Tc7DZsj?#=NVRtQF}*w(U$qA>B!dUD6mtL zjIBjM{@TYxPl6l#uR=>B<`K%ZnLIbx;j|_)hn1`HqXOor=T8LJRu)Q}^?km!yE#v><;3Nf7KYgQTRTj!4M$&F+zfD7xZi?03Zxx_kNRb7OheqgFIJe^coaIR{d7zQK1!QtEGLF^L%Ltc$ zg6~gK^z2H1 z12f^Vuq9N7zQXjom`_Cjqa2 z0|d8fyV@ByP?t@#GUsf>$fIUDt`7&!?kuJG2NBw=_0A`~3om~&lV>Sbwyyz>dpY0) zaaHnKi;7_T_Zfps$5f#{7OkoVwrJU>m>iF+CRN(#~QUlB*xb0YcE zxL* z_@GAF5So8cZjrTAk>??OLN@#Y(`68L50?Cu9DiuqQ_R-n+&Qg1tPA5>E)o9mfjKA& zCXF?Mpn#Lk#~q?7bcP@Gd;Fj}X|Js@eV``FV4+u617;~pJrD9|MuL`pWkEXOW9bg` ztO7HA683a=E5VATr{E6w8BrG$!(>annvVb0KT5Dr7_@v9vO`?lULBXt&6g5~q2k+T z3%s%HX8jZ6oJ}`&lP5Io(pA!pPENLM%&-MF-UbQJYEE1fG+uhhMye=&Jh zj+%LYDfRkn4026)R@2-uhV{$b%cl4_Vbh>c&*Lt1sv&%yDd=}ZbdPVf^fwZ9-5`bh zq%_$v(_9HzxS(cMdFFqKWsYlD49d~SzfN!DqM;V-sTrxFuxWc7BRy z@SYeIYdyz+zG?A~KCqQE#9#6dz}|Ze)oB^v$FB_qx>Cj!6ByoE9jo#hv6y3*R`x}U z>&(nRv@A(WNhH%gvA&X9_*?9eC^<{{!)#bBB#)M}2-9CFOwC2fs@RH*fPIm(DHc{!6-zyquP4U*7XBdNr+SuS0_{i)EbFc7IcV zl-B5wgF>|&x*8T0=~_GMD;DP6;ca}zdSYC|X6#2-vJBerVwCT_UJV4-SYG&Vh3rqPsAl ziKA%I!^l!7SU~DU0mHX|`rno0>yzqpdb{N>kgP{A;+2I#3Usaq8VJTQifm~^!KXqAiDrZNV5Y+y||498N}*#*EXHUCAvPxd2I=tBiYTF(O7`tX_Hd3#9ry zW!OTkzm@pm!Vq^AXIXbbZ?Evq4~tyP+h35@8?ShK1qKV^Nl~N4g?3F=1*n>=MKZ5!NWThG5rbq_Ut4W#;} zV+@3s$%QK;tF-OapUuc?qNl`u%Y=wLigR#9eE36mdMdZ#yH3A0BS)yoIykCyp6aPl zPr;&u@bDtuKL2u7hLI8Ej-Crkd&9U_?l2paNo&_yi%WL#ZH0hjau76obl9w`EL2H^ zg!d@l*7w^&KHI{x!&RbFs|$F}LhoY|$~h$|@)M-+u!R+%R7tdYL|`r|#^_Xhcd(4A z!1{*xGZ`^59|F8ywRs5u23)QV8=e<;#_IdbXE^7#v;8{r?>?GTA43vFyQlNA6QyKe zV6{Z%d=T#?dfjqkeb%C5J{^FWEbPrDv%W=cpY-XYb5O|r!lM`;rd!CKt4(5g&KU!O z1^|7IK=ChbaM~8z?RuywBZ?F=vWz!2u<27)Qd!qDCp3a|B_KVOjlRkU|F+}(Q!%vq z0pq-97MBD-QU1hBdL^d%qEYJOXnNt-!IXtRnl&^gp|s#!J_wem>2!@Ow?h1_orzSIgJU9sD+IPHK$J1^YtF&MFklDv$ibBeSww zBrXk#{MP5czeJw{h@_*gm5E(e#IO_&ntotL#nCZMDWBDGXD)3dxG;^m#5g}|-u=Q< z8?W>1FV{}BdwZD86eu(F@&@Lcg!!Cx%6y9i3%u%%*i9V&w`ni_wsw7}W;aSdpc}qI zc^H}<=ba-xz<}=AQoATrbnJP2yg7TZN&wgNF~t>(87Iszth~&?LW@aeC$%T-|$uw6+ogSlPN8MW)y^-00%StZR zh;&xTV0;t|x^`O*5*M_27Sy{e6X4ybo%5?*PV{o;0;bDORDPY)M`=v;>Dw=JCd*; zZE^%*9WdbfAZ5;?aitX0r44R#mM>M>>65q#MCrF~Yv{nU95kEQcn=)gqsx^UZB;xv z_n$#99$JJ!w+ve#8N&*~xqrSg!*sjbcb@a^il7yp@jz4MNW7hQpukWhDin}-tLe!8 z_r4@feP{5Y+f?PqCO@C`=*mElE|E4*v*%;6&wBZbr{FH*Rl@JHT@@uu?7?bIQ_c-SjP}cprV9A)hqtYVm$J;qJEF)!I{}-8Sv*^KF%Wp)~J7m(JsN_L=fgD zv{n-HL)Jo+!n)c$G+WIG@Kz^|4 zpXMNj?4%Z{GI^(ov@n2@S*}ggq!5jslvk}CZhY5<_0DvR)+-60;LbCoiMvV-YV`Uz zRERH@P~W!j3g%~*O$%)k$_V8+=O!mIJI-#=(+fMzDY+5CnCyIfuTlj?f>?vt6RSR=|!bRvVpd~D!dQL;b2Y(UHK zB0L+10XQ-{b{NEYdvrivhILi=u`vn&BR8E8EYRUNxo(}uvi9?E{`?kUipM?2u6sW- z6HcmK>}~a`R@*Sb+Fg~jjxnRzUFaDyT*Y~^$P2xlC(&-TcHi?)CB#_3Uw-DxPN1-t z@atcm(3<5hIbzjt%K?jQucX-Y&&bm!T^6(e;=nPHWH7{)gD>%nR~1paa``@Ov`a0uED10p~TPZnk%dm#QM7wkf z*YRZ>R?_U`7e?`vUNJT)2H~QXtuhaVyQ%|){W6gLHw=p7Pdo)29XN_UBBQqIy%BIU z$%4o5SstR%Ga#i)F@BekAAJHj%dg3QkJJv6>z zW_YwyiqSUWN3M8Ljh?(a#vD+z*{<750SlH=#qkFCC@hyplj7w`@)i|Vcb&;zXhNp| zvpb5syOI3r%FIeX0q*^U51;O`c`+HlJre6hvLNbMJw~^pyAIg&B>FyYQAR{eF+Q}z zZ=%w-E@Nh~Qfp^V22pc@erJM})e6;HyS%#oEE$DbC>`ec;EexoP<1}9Ueq! zvvN&&i94nh zzucLY`<_c2##Sws!Be;^u<*PCmbq;R<%L5}SBM|_9c+aXHEn{gTP0U58tnk*;r`!} z+4A8Uz6=23_&Q>hsa%=^5w++;>-cFQgA^s8YlYIk7K*JQsf*P;Nw?k8FeUXFVm49E zIp(L}2&K#oHydLe-SJt4)~{r2ts>-8S@ zTjDw1DjT5D_NOa7LAo6I#7<6S%a?47uXFJH+!ucgzSWXdX#oNaU#_A1+xg&eCr~oR zuZK#y*;ywaXC#YHE|o&LJka*p7IAAHM`51|`)5Mhwr{kH9!5IlUQATbeFiVrVlvi3 zW&6^B{pSPsH%i99_y;oln+Opi&VX*X!gc%7Tbk@Vkl8O}#0M&fWzKw!<*N;Y-i^(H z@1hDE;ekWQwu$;8F}jg(ZH(?0AR)YdPx6$&=c+vo1)%F#{eUne#@kv@`p%9GJ@8=T zS_H0-Og=2uEc=hgPSQe=8JZA$SHc>(smx)90Hi)M6 zCH>=}A`p&humpiif%C=Z6^2HhicPdO zWZ$n0=~O$bOIpkoXF@#MjUsLj@>?55>uOS+|21r&P~OPic>DN=6OFAr^|_FDQYZ+` zkGSLhS>+OHD0eh^LD0CQK(|Q*j&l@@)w^%O)d5 z(elhUY8kiD>rI(-WB5BxOcz<;JaSW8(z5T@?C?ZS4lk_AMy+~9iWgy2Nt+mJlC3ZL z#jL@skN?r3kew{giJE-2ht*(iXU>YuTL8Ms@pKwQ2LQ8iZYU$r&07~m7FlIyyVHM7^%kD85 zcb)H&ujC8eGubeX4tD!(BqNh+B`iS#1)jmBuwNP*=;~SW+yxjg0Ikl-xQU)fQQ(AU zXTI)1-$oA9DLMJ#Mv|-a{RQO(M?$j_<>2EA?)K2NIA2sq>YMML2&6SD*6HWlp!^PD z%pVi8Q%Dc4Frxyh)3mBcNY6p5sF1pIb0hM455>dxL{c}&+|?nUscR)9nE1qJSxlSu z``RPWbuBf;VL(eh^JgJ5b9K6)kOmr94le90d|N?7zRPbWat5AyO2B2H+VU1Uz2ouL zASUcLz~wmbq*oXevb5P{j?kgIpsrP!WNKefkqUIt6yDH!TiAcbw|Mz^oEfy8%l;uCQjU8Bs5r?G$Gln3>LD%?*832b5)}8M3+JmI7o!Ls(yC3? zX&p9tokq0gU6ItEnPx&|cWrRat7ra@4wfg}USQqbI5v|JeK;SJpF*tE8?64b|9o*m ze8xQ~-M>YrS)7jZnNrxgUg-!(_MO&0^Y(6p8-~g&A}d*myR()^@@6gPZ)x(4hh90M8G@=Q`_EyP{y?C5?0e{o6fhn?=uD1sGilUboEOz(xRrsW2o zUSs`_i!u+*DcQ@9f?as5X=L1`zRz${3VxOZt~VI$kGJR`Xd?M8rxLJzxR+?=d+{y2q+FdQ$3>^jLXfY&^x#XQ zEeQK4$ji(B7~B;tZo}0l{-O|&sX%SO`VRDHK#qe@I>Rm(tmGZ11Wk9M7;GYTM^9zf z-UW?|(^L!@&JDo@I`c&d26FXkwYMICr(zH##jbXN@WysXc@;HxzNd`|jK#O#p1Oti zc>#4S%dT)%fltZ{z7LBx=7q1X+wP!b)())d;ERXJkk-_Xq_Wn*Z!C2kPqWUoPQtaa zw_FOTDs;b6BZD#4HeTKMm=pFZI&M|_$5V5+Uf|V^9kA&5+nm}8G{dAk$I$nT{*>B1 zu(=C6mbglh#_wQN+qn)3>S4dgVJ~t#`3?&nqXE_yFL>E5<{YH3m~C&1x~sI@h2u4y z8FpLTX`<7o2QT$G`Qy)DiiW0=3%>Kp;8qgF@HbAfl?9}FmHm1Et0v$sx@LZiJyV6T ziEz%EW70!_du6dO`B@Q`>htLh-@^5GzaYh*|4|bPqv!)7#{qbBfgJP`lT@Nve+YMJ z2GgL}J?Xon?1i3{2by-AO?emE!sZJoJ=rptj}JjXhIZb(x~DCTL0@Sd`fNjS^kUOw zg+p3l_pd_AXI(3sN%yUwWS-y znOC!xeMJIwUazxs3msSii(#G^WT{-KjnPT3-iK=nf{s&BiU$e=jwxH#+EAjXk?Q5u2dC3X=CsZKv%xrSME=vk&66m03Nv>%5 zOlJnSRXemcJz?DZt0EJLQ8ZDNud{jfCrpcpsl`z|KKkBqlA=U>E6=#L^scIaKp-6w6NbpUX5~yHD8k#0$VQVK z<^933!I@>AhnHWxA8jcppz6hYWIkavL=@N6oy+!-st%M&Lzl8i-4(z1_;tcNOnEO! zN7+nq37t?tC~v9c11w9elhbySBmu`oLN1}5am4z6jf7##5Wo8NV8PL6C$`LXSJVr+ zjuD8?O{-A`_>fE6d&R?pF>b*FpCJ)JVEhUCVzrZlhgk6-QQnvqkM|rg9x3 z6tR5-Cn=usZ7@`XUnvEMUIxHv;QDT90z&qMEs;ikhh8yT4Fs{OL7PX{V=iAq+~1=R z(MfRC&)G-BelXEmqHB_|=i;#nxB4vMrDMnqj8@F1>A7n4w@yu;-iH?0tp3EH-I|pF zh_G)%858#NU6Tim1YoA5%!|2~A73GT=c%dGsO5E`YY~LH(G;Q+jIgQqL{;ZHGRjpbO@q4--vGmxr=>g|WV{~Y(>bIW2GXMVj8=B~X@R$khwU1*8 zPSm-33bTIh=5!_&D_2M60_ub8;u#9c&k#qN$bskfqDhF_y!Zkjg z0Dbc2ZYKjI40n+b*PVq38o=6g{!@0XeJy@Lech6f+Z{9|HuwTa+1o8b{!gf4!>S6< z(>ouSSQ^2=c-W149M4kP*-1lxx@*_Csm0+=BTFF=P zw09~j-msFWKt6!~+O#AR9(lb4MIAG}=x$2YCCuY|CbJ_ZZRQv$WU@5RtaD3E-@E$0 zT5}^v#h0lz%dt9{6O0~ej|TS|t9-;!44b@V@@J4?0jDuU;h1-pi|p~Y+t-~N)S+?3 zbKunZ*W&uh9W#8!-{Wi2hqR6)x$cTa#t#!pBiBE)-y}D~SnpdI9+iNspTcSNWV=yb zJ*K9Gf9Oe)vMyf?rXO{Q1zu=W4gTE#ZDKfKYIunQk2Mm7!ap)`T^8n_-pATUbuHG$ z7jp4>R#QiIN*;P7`<(?!h8x9dRFg@;Z_mx{+&Zz5JeK}b8%r2()kU4aIL#$co0syt z%OIycxXbrSH78sLtaMp4&W}>;jEw)j<4h`OYO!;}ta^<+2aPC~X5!c)#EjvN5pv}s zf7l1H9!-mPBukGUt?z(O$3{#{1S?sV%(2QVSHBUHGi}!_`FWc;6q=!bKB=6^tvZ!2 zz*xrvUIr+4nh&wrT0c80`WiRgO~1sQm3@SNX9`5iANqAE#pR@>OXTki)KtJJjSlls3{G|ghm-(b6LaH z?t5-#H$vrpzhrGn)Nt=kBwVroh0A50?b7sIClsXm8GRpUB@#&GUC{8OU@i>I0uNft z8qi*y=JLt;^w7;yFoI@4?GaSufJR2b4$KnaNPqr7;pY|K3+DrC5urx8$gGE8RK%lL zEBmZ7yN5P>Gu7@cJMW1 zsz8ahd1i*hVkly`j7OK>5!E_OC~>m1--4b3uM^UUc*}=G2v#-C55iuDYHfCgth7|h z@MiXfY);oULGonFL#B!BDiM{OrkwsEMbGr?->AaS?}KKGj2)Nx3E$*ew!Kt5NLya1 zV%5Ja&d9f~OrCH8xtKvqu9v<0pLedij9ZFG0k*`Kj5E_wd91hU15vWs?^6ZIi>tcD z{lC42MjevL3$03C98rNV!o(}*#GNN>JjrUIgQXCGjlaDOPM!QVe z{~qV@>dVGhvObYt>?^`s6HNco&R0zz%&rb$1bDmFBH zx~J_+)Zp*;9?KtlBP(h>xGnQMYM@}Bc$MDrj&0!rc8I$C+NabTXLH~#DRt>7QF!m^_ z^2lJy>aWB|{y?3uyJ9}7(Qm*TWcu|-JQZ|RenN*^~nLj`IKlwzY$ilcCv$~aEqKL8!H{`n3emF*}a2R&+y~tVazMzaOH66 z7PCX&-u;b%rt87LX>txcJpwQZJFTnC2@_t2lvnM_P>%I?>3kx>WV`_uHh196Tb=PdwEx=@I-+1d4 zq!|ClawPu70W=Kz{{VkLfWH^wI2m_`40?AuPx*Ox^#J7o<*l441rus0k{1-YshgFO zs~4PJXn2||o{H(is3l_&-yqXJi|`>p|3^SNa-NPH$LhkwOVp@qsDT7RH!XtHuW~vl z?Hc;mP_tey!LdvHRAA9+feM{eH~_RhMR!oz$>hVqHB(cbHZ9dxQ_MxKmzwCl;d1-vr&>ZG zSk)dRjOBWO3SfJI3b|0Oj*hjST2U1*1;j9|r!I)k@Z+V*&j_Fu<)0)sJ-PU3*O z#Rz)NrvUp^mEn0^_PZQXF{$)v<*<67dWjko{wk~KD`YCg8NHhi#e1V>Mogc>-4C+VTQ`!{x{weD7z@7+(Wgxx$3sV|mv zfnoQwqHwXh?X;tPRIk?@n)FdK% z&`2Gy0|l-$mLZ*fa~8yJm$BTmoN@e2c#lZv z+e62SPYg61+$Xcil9R#c-xv570P=ZQ-bi5dXo+C6ToH)o?4o9_4gFft$q@SB>)HBB*!Gh z{aK*kT3BZJtN@gyL2p9Q&&!YF#DoR)xy1vKUCKmJ3x!DDQ~WBPaRT?F@}^l=h)3zi zqu$Rhe|SHk*KD5&v~-&{*0)RdwiYWtS8>bkH>V%Hh4da;`Vu%1+9?uz(AtwyrMyiX z=1}TKf45+XV&h$d!?dA;n)YhwJt!R+v^pqaQgoiO=%x?zcHx7I+^6v~pK$MS6|#8Y z9Vwp|nOD5kZGN_LqpU^2Lud4Kp!ihn^YGxX!f{p8(huYy1$^npYw5<@qqY@0G;B0* zExmgipBwDYMBYEOpeFsoz@VdclHsj!$|3Ypm+rZqTiejwCaCUINqMn>-vAyqAu!&j z@^V+=bH749auREz$n(76FIAeTDM*`JbsOkBj{bSXO1HxK##e!3ma29GK+o;yQ|y0h zosegA-iG>fIXF@h_&Q}F*!4F(Bp5GIeRf@{mokte>_&@zp=TZScEuk$e=l`h>4>ON zL%V?ysz<&IJqn=guO@z7KgfvTGpU{%tiiMaNFCMt{ch++bw{HDsHWX!+E-$v+n@Xl z3AODT#k@ zJ~hWgzRCE83D~R*iYa0jsqrZPP&A$kTByxS_D|0rn`q4Et+cM&{QvB|iK3%8&$at@ zSO52azvt`WtY=9ggfQ49Av@i1)kfH8mN3F0q{4q1YC3S5o`jW0-7xb>Am=FjmH#ql z$vfI3jEt-bsSQSanFj;E9fk%qe{wR?dSOt#a*J1-@toc||6Ok_1R6&huFtrcd16|Z z4!4H6nAg&`TZG6BgXg7-A$rm#sGZCo-e+_h545QdN!BOe#he>_xR1ef{^BggJOohF zM4qxHNgkE?I%t1SzGUEE)4~(wk#6XTM*bUua^j|VV!b$y&$sYFo}b2vclQQ|;%7c| z)WD<7A^9-x2gaMXY0#zv8ji~@?n&z*S@QY*=PH(tXz7Pr8l*pjv%+x-O0dIqIn-<{ z!OX*Z@Xbl{75^j;d>?dpk|W>FrgOGoV&l)>3}cc}1;Mp$KAX{JBG6C$1|BQa;J6`> z)&my;&P@7qMR)mxmdh=Zt2Oszw>fv zGo$E@A}y5Cp&qv)V#3cI4D|Q_B=FF$LNT=&d0a(wyg8qXhF6Vm$3a9qeAt=OP5e>v z`i5Gx&x3ZT^p5=5hLKN^b-u-t`x_wV19pJ!oGchGMi-9oepgvW%920*X)gs$2c#~Dd8!>!4>Z&rO6>LPm&M=GUTRQtUseHxewwW(aYam5Pb>cr~~EK&uSP-8-YZ)wQyN?DEUp!)`tQ-C=?$$6yKt= zlGko7Jz-?pDS7e}^c`^oJ?1L;UvJv+Yqpud%&7d|3X%P7haOO_yPbiapA?sb%vU_r zK%{*CD-plxH!XZ0h8*V=^Km3tMHpDuE-pOu{b7aB;tFB}%dxr|KZGKo!Hf3uVQ3iE zqi=sd>V&@gWug^y5f@+Y?e)gK)XcD64>J#(e&}&gpM3I{v;>i9x$NtYsI5c%8F3wl zoDCJPKDejZmd5wvQvL-EU-0LLoLFn;s>{Hv(RJ-9=Tcu|dAto+2XHv88z#YQUWx!| z9Dz;aLd?3qA0kKblpJaf&zClQt{40R56BVx`Z!@~`TD17J1ys!PF3w}bJ z_b0jqp1RjI6rr`i6$4~-CWj}JL)8QL};XWdkVG-=st%`RTL!)b_jM*8xH>AIi< z8DH0{9fLMz+@85*;mK7z_hf&1DZOX2Jk-Y@O>@9 zx+p^r9ff_-S`Om2+_5_@LJN8Vq&TS$Cs1&MZ@u9Gg}r!*0qAc704NM(10Ud4+da5N zG(3))Nc;>a|5{%lS#xwVILF7%*1r5fnBxQ1M`-|lnttu5RWj&`7=%_We;kf4!- zD(aAq6#lD@miT*D}{v!I<;aG0W+KaXs^5rOvl*XuqI6XKO38+SA#MJ^bMxcsPr&3p>pB z2EmJ-{K0bQ2Hu=59uN^e=%x?O!HKPW%Cw=zVzjTje(=Fd*A))y0}j-*%V8!^oo|;w z=btPcfKvc*R=BwxLi3+!y^eXr=bkej!skO2{^U64ISyRnpKz-AioOSOUV;BExHP}D zZ#T6Ws%b?F*5ERa=;uHkfKh`{FnF2acXRB4y$dVn!P@bB2-y=q$JO__qw|G3HLer> z<2qaIAS@h?^KXV&=ivnN^g%7*TfH@?F(3a(NF9)MMKg^1R|IXE_HtJcYU1rpAEtX z1BoHCGmhO8P392}9}zFQ{f8Ui3(^LE4f|jnr;8r6Ef`1Nxb1V)*h3C`4%l~0pLWAx ze@qt%)~UZ*hP`(DHZRot0Q|OphX=k7I{Z80xP1|*$$tfUs>|`3MAj}Q+>mjc62dp< zS@gz51O~Jb_>So`?5N-9rOd&;y@qA{MKR>PJ@kiT=01st9Z#ZJbU`rhdwvxfx=|ea zG9q9~y0k->2sK%cK>Pw7kmA^@=h?4uL-d*9*)A1LGkofl+tq7^4;_{jeL;<0+0cUa zc`*FPO+S9zhH`e~%FY)dm;T^4^N9oXGC9SMi z%ecK6`GDQw2t3 zg_8H42`1FU-1{_Y>%So<_?EY?7pPq4-IT07aT|=&kfX}MV-D-F3JDW_?%*bmuRyQ) zFkguZP(NRRnWjsKw-^BP*YCgn_m`fIn;&1|xAn!%{DHcDkr*GVbyxZ}@+k!4%i@zAd+l#fiZ#p@&=Ixjd?3U2O z^TVva&~HobQ^wH?d8c5+*M3u++o0q+FUH_q07o1loBzFS#36A;kO$=M^kIXNHtu`l z`2CqPmow;1*wW6xxf(}mzWulqK;Hv{nG$%5Myx+@e%3d8&l-U2Z#(pW&H=YG(DOR+ zrvBFTNYK|M=WC2}?TPC_%0no0!gt-SeW3A3oH>4t3v%89%= zm4e>={kX1ky&J15y66-L<4a9P^Br(IUAEF_Xgrb*1F`g$Pqtg#Hi*9>uH$e#u5l)` zX?kx_8vJY^ck-N@-+V=Zxze~UQ*EI;Z#MXgr*5l>-fb8XPjT?PG72#OK5Y2fhzFe0TsS^_j$JJy4T~7fCgp`JXDV=|Vr_ z!!8BN?>f%BL(vl7L_lCQusC`pL^kqhtuTt4qB$yNu!xHd+_Bz2&k)2zTl1MVcuXA$ zDLIxRc`?B=T5^dEi@PZn$l+#)91+B9J_cD;Kcq*m#GCL#)if#;w;kZAiy;Y*;sN#* z4RxedyL;b?PZssu3}RQD%k3~0`FXO`4?8Ili52reh5N@s;;4W+o~=+cG^gbdj10oR zNPZPW!?<~y%Zd1g{$WAL-yR3|tu53KhhKW)N$_amdfrOKNwAiF=0g~Y$DyNfKK;*c zWdo*OAp|bfdujdA-W+bk*4c`V`}cCj~J>|PHe%zx@=1%DjL4F z%-`n$=o#hY}i{DMuqIR^yzC1QMd9Q9Gn z-BHJKzo3~~cz#1fi0zZRW8bQtTlmt$bwU@6hxytcVp-x#L;I-@+Cido>xD`7c>qI+ z=pL-q;66zFIQN+bIQ_{*^0Ll{$1?{#Xa%EpYP)CFk=gG$j=|_nYlVTG1nY{+^u{WtC7>^^nsHK2!Abacr_}=lgFtja`P=vfbzQA5|BxuemE-IrjOzhPaq@+7KL5NA z9%I|k;)HPsgNxaT+Xup!m$<*dKP@m`^3R9E@i1OLL=IF~W6<2?Ow7~O_kX@j0abYhflS!_3aAr*oJ#aY;Oli~uBhM<|T43CG zX)(bG$G2Iy8H>EEnzIRtzMiDM3})I|Kjb&|r!=*9<21v3;=T{_eD(PZ{zyOKnKQ5C z-S^R;Uh(JOH1w1I`OQnq13%*23uWH5?QJJg3U;7na#I4&@TLUOb;9#vCscg4GKqNm zQ!?NJkEIfSHAF|gZSH}=L?VtfL-|`bnT|^{6g}~8omd|5LR|OS!gl&>rPcj7Hovg> zo2%*CC>!uAEeD4n=R?M)8~$*I**CMzmYam)SwV}4zvNgyc)a2khCt-{5cR8O73XO( zC^w#Riv&#bpcqA<+o0kf*R_2}9c~fiOYs-wmfC+%Sa8s03J)^vZ{c^3-|>S#9Q0>M zKm5%&M>ySUvD*Gu-)309C+fAuPkPw?Q!wmwyv(PuFGKwe#sPRbVDiUjG_r)&1KTp1 z8a;mVTKI|q|0+-WGcUC4-u9TajX(+cj z91<)p7M%RPVAlhh$J|CB6Zo=@gAeDJVXc=G6u#vogg)_);GB%`Huux`c~&v>bNiuL zTs6_Nz3=Oi@Gpf5gyl(1g(bpxH6$N2A3B{{A^Ps5AJ>ekT|k`p7oBXhz1=YD5XULv z8+>}krO#lTkvOKg$WAuwc`*AtU=r?^y5M3EtNx)yiuS59iX4e8=EP5N~Y4F3~`0T?El4v~Y z_fU&t@iQ07Ngj6KUyyJ}`?HQme)0xq)6PKbg?xd4W zFKv$w!9=gG%MbC8!=6Kq3_5rGQM+)?%g0jya{_G$%5A3Wf;#tc_qY8kJis;g+x`t6 zSepZ}t4`Jp=x=!CF(!kWxR!LB^h~x~pxWi`%fQUmfxAJ(S=3dKU5I%$3lsp`YRop z-JXaDrM1BM-4220N({uO(BDBFav#Xu*Q`&L(SLv%+R_8`H#Vy)`9BkKlV}Hb!Q0Iu zc5z;BLl<4bAQw4z$W!A>Y&RtQ(7g*{XRqFwdw7}F4}&7&6n+jqd*l0YB?9%tIWh2u zE7ojD*DCLZhi-3e{SFRw&(L)zvP8}knKOZY4;;v(dqbo5-7Y}HPR z?isB5k?XBXw#D%!J_c2++MupC)(aSdo1y%FREN~PhNC9_lRfAe=H5Z@Ss-G8mFuJb zR`AU43FDYdJpNK$^yi;{=_f+8|5to-P3&>6Yn`asfBWD6`{S2uc}N3N73VuS#)k}i>pWhAU3566Ma~@W zq%(WP&GAd^cfq+E=6daoPwtu#XqS7aay|3a)Tu$k8Xtj^;O|b02XY?Ni4xc?khpnX zI|-3^An)MtHhJ1U%RZ0%{C;TIbH9A6BQ)RX-*}(1G1oVmp)Y5V4jE3LwKC)7@CE7T zwNKd*>pd&!`Lw+1k24;Pyy%BSHd-%CvXj7X3J?!+!gcKiKhAfr&8NPu6*qA2hI`Ed z-wApKl7P_PLvpC@H?V~o+4I-}&kBg%IVToC=N%7$*q-EzqSd$3>Ysq<;<{aW{rP9E zw`<+qG15WQBu2H~{{N=+cD;{-gC}Iak5+11?;e=z_uOsT|2;7Mfkdg%Li)oGvaiJ`98F0)UH+ z=3btf6zvcX>tBA5 zV)YGtib56r zQlb5pv!lipsI-OUjHfqw=@ zTq9oLeMcB>002M$NklR$T&iE&-gZKrNocufN?dLR zNzhh^+{lnTqr|MGe{EPkN7~5*B98c<_zl5~=adh<{SezR!L+4InzhOInE^(Y{U_C? z++GR*iFO8Zo@AW5;gLg*j$8TW%^52Z;iQ z|E2njWfNjDrFoipz8?bX&0O8k*4*lmyZS@=qO;4(&FdOIlAZd)W?vui7xumyN&s>~ zKYdeM3a~&;D}C$_YsENvvgL|i@j!2SFVYvkh`03_hU87vf4wm53xB|;uRk0}9Qsi$ z@`mh)wg-vm{rty#z`5fD%X5bLVu=_0oe?@V0zDM9iB*(2DVo-Mk+Q|E? zve`dw90SpF9M12Pr}c`dZpiD_W}oY%{H=doP=PT%;X?l_Vdle58ihUwc=o#!EK)N1 zv2T0U=!Il^yCMFHIQK*1a}>w*<8cOzX&jc~m9a*A&>S6j@mM{yyyS*=qGbf_Objva7zMCdTeMz6PV#SGLUkRkTisy(R-@JceMfX%dgjxthc$ z#a{+f-Kzj~pdWIOK+LU&Ztfj{Ht%svoE0&9Ewy-QKh3>ML%h&4K9IK9^lhK-0q&Z< z?cd;mmWu#(f=8P{F7!;O)x0)W-38>qGJlI$;}l*|gx&KiJ^>dD=7No|cKlgaGXz9Y z5=9h?khgDyt?L(~_<#$}BYqsedW#+uxqm7Ef2sQYzrXd(G4?ZVcoBW;=~LhoACz5l z^WAtNkPIGgfWDa*@^n)#r$LYN5IBd7b5)wdRylJ#_TSjjE646k9k0cYn{0|8Znj(D z?Pi{+MG*s}$R~&RqhIGjM7Qvel40$Ii*#6~$IJV@`p)sSPaBVKP)3}>@4;_xd?l_r zpP=y84ui`Ip0R4YRo)E`u5WGQjt;eZ=p(_;CpKpW^IZ?@&ZxIW<%5LxBmib*+zR%_ zaekc}njodZT^mtlzK zo(7wP-}%#Ngb#ja;gq+txqjE19vq9=2@!SsZ})F#lMN-0m__7X039dd91_~#iTEPN z@d2jX4mj)xocPggF9Rx50+KoYpn*?O^o0b1mVRAO&%#}Kp?!-wt89Y2`z+tfO3QgU z-#l+p^OpPO+qy>75957i#i}D(VNOd@+h^?+P=d&dv*|a@M&fm=2O_|md3QSg5~kJ? z*Bf5M6%PkpJ48}O26k#8za0kE$d>Ez?M<9fuWs?VUAt?2_x@_JMK_K2nl-saJKc#J z3CMj&d@c|VEl}?|k9HE1`w{BkvbXZCY2KZTecq1m9i;dFQLnS!?)p8}-YrG$iM3I^ zS=n!Bi~2q6p3b1>DfBWXOR*#y`7wu}&ha=*e-tkHwe-Qcs9`=o znL=J+XguV=LPT=BzykF2`vL$hsRv21SaWR$LsP<1_VASTbpNA<{JF`oK3XUMm9U3{AQt(33pJ zYxZe{Qb)Q~@c|VDR1{I$@+c))D6&Km%^w1>s&C$e9mFeQ_D~c`KQ5Z+Uj-yxL|l(Tsxwncxx+~Gw^d9HEd-PQUg-|@umh!s&e@n7LH$7jOQ~NJErQhSJYawpz1i?| zd>E>g|NWqYbfZtRymV;XdvX5}e=K?tSKq@3H@x~pIF}3mp?+_C3qR$_0hZeeXL=4h zL_9vLwM8C3)_Fr_ajzbE)^aA`kv2Koc%5E7E3U;XpJ3AKS@4vbZU&={{ivZDz3tV= z8XPsm0>7IU59B<^wZv@%GQUID3lVrA?>0{lsuyHa-mPVs)%Y=Zp<%3RaF+DDYfovrD+w)Ad63Oy^CP!mW;2;$hI3V`?56 zqaKwix)gW{$_=L9fv*Vlm*@2!`2KXo^*(=%#O2(z*GB`6(-Qh(u5MhM1vTzN3%tVr zQ!_Cy1*-*9SWQ1;L1#(Fm>UO}rCtxYX!uVTRf>};RBn2(w^S6Hn7%_tes{Mpg6`*S zxhVSTDB#;Fscs9>%}nNgWp4Jd*%#A@WBbF7w-i=?B7?;cbRn>2lS$?MuChYinP)$On%cQ;SfeANp{ zC=~96c6h`m3}vADKKR{qd*Eauja(O}d?9?2Kjl?RUpU4;0ZBhvFAS=#tyA1`;={H{ zW)~NbPsVA8zU1~maL>19YlVo9scWlRWc@X{hc?fPVm&kKo+`O=^9iQqw#gF5?edmejcAi{H-#OF%r z>#5{+KvIplh`eBK0#<%?L-T+EyrR7phTbR~a@t{NhxN2k7}PCW^rNoj!CX%Z^vgL5 z1`NkTyYW+KT;D0(sTns&793_>2r#b)`noD%EDFZ&q^`o>RkuH`x3|%S%lT;zdBrEn zjLzYZ!d-A?^OJYu!BOTP`9u18Z5_8-Kirf*m!bjcXYl-RgiLTf_GEqD$1V*fFwUn& zh{6+o#?}2AzX+BdJrLYyH@WSXa>aGKCV}{@O8M`E|18J6LtC=&RoB&Lhx*I!Js$Wz z=EmNF4WfwJ!)FBCy5G#8Tk&@dH7*&pBRT5Y_5B8VOMdLF0nefWr@bwdN~ zEj%VH27R#UszcF?f=ej5P4pXh7<6GvFUh~rejY@lEXo^T{I)OQzWr8S++=0(?o4V} zWKbeG2PJ-`V^AWmZErilQgBn^$|b9KYxCW5{@ds`XVkUf_*`ix6N&h8W^(=Ng{LO85Z9az zspix08v`D{Js!IL!{V3~Xe7QvI~k|R@Qjn@!MGwF!LyFLGorcEY;7WvhOWc4!_cqa ze`!$^e@AngYPTSxg&%3FMNFk<`%K`De@j*B1)`eAD;%8|L>_z)X^2#w=v z@i0R4PunNPA@&T+cv;U{^gV)-=R6pL(`i2HfN=Jh z*KVG6pblqnr7`L_sICRo*ZZ70xMr+VtuTtyB+TP*b01;gKSEgiruz=pA5zYCVT*73 z=J;Z;nE!r?F&PRGXp&^bul09_dwj2;x31&_9(zj{>+J!T6S>$bHCf? z0Hm)utoU39IR`LgO`9z(pE8~T<2;i$M*4EoGHucA+dkg|x|)33zrq7&<}w@rz5f2B zI^l#@H-0OKgK8Y7E#P1JI#?AbvC#5+Je?NU5BL*(9iIjkjCaS;4*W;RMD>S?BkQ8$ zyap@&Ty-TK!XM>Pbnpk;dcEuo51P+vSjaVV@&UgyravyGS(|xcuL3n*lN$?Wc-E~D zdmugp|13m-9=W0MTepu{73#cqoSSSKkiBi_qD$wGi*cdyp$Wx{Z_-8C4}CgCIzTU; z`WQW_1XVXK~VJnh>)L0b5I1O{cq3;O-O&*>1Udr2 z@lQaJZl=$kxzM#V>4%B@@u93uZ=u`8IZ|xz_&Xf7YfSUOJ*!|+zV$=NAj?$$d_zj8 z<4gGGtPW(6m2Z?x^}cu*{|L_HFZu8Hb=^q;1&L66yNx|9dg{JnUblNuP~%*Gz?j3h z?}#OqdTZPKc;MSLqWk$!Du(Uy5pk-&sN2JS?o)^xw)0TBXhPhAWR z4+VS8R(0SJ-2=}Nvz)NvWGDuL>{5SPcXdKPbX5H@!wVxdFq{8ky*>DqUGw7)^CU(z z&Vvtl(7w32_EK!P2l?}_zoLep-Dj1(Rj>b%Z@{4M&mCT@UmyFE3F0_qyh((^KH7no zTJ}JZneHq^bdTIrbr?ur$Nu3Vhc%A9ih+ODAw`cqz4F6`UaF_zC!?(wI`_1TP{3+C`Si}5URNTT(t3C!`Ie#pFxlkrr45$I{ zivP4BW)(kwvkasPlH!+ZR1hJmbXF_+w9z((Xwqp+rCJynZ8TQ6A>4qmn==Ep%4k*;q=LtME8Y(@1 z;bt&CcZT*ls_-%Nto#jU9Sk2zEd=rL{4YKE5)=z4w7c|N^sB~=>m65y_|UxS;KONY z!S6`k{c$PIo7bdZ)a@+xMc#P9P)hM(?Q|W>^Q-a-U5SqAb&PTBsCvJSZ^Qo6rn2EO zh#)n9eZm5__iHfYn|{Lw^+pWGP-wVK|NSS>4`Be^DM(!cpH`UiWUT3Wp%rGM7V7uI zp#Fi|dxIk8ng7z3`@7?BgpoxNk2Z)K?&bFP;W5z8itRD8*DYK4nAxE>a~5&r6k)!K zb_Q-KwlzLiIK_X#z6WwXbkOX+j91TiTzHw>6?oBa!4Cd0&jz~=vPU!0`ZHN*`Iqqt zP3!y_fnLAV`PUBPe2udz*EdYxFs^u;j9I{J7fL{FOE(a}-s z&#UwC#nX`&tuW#^s&UZmZ;3tgKMwJOt9kui(>O;5TDLwO{#Om_m}nKg6v#yPgryx1e2 zw>oMEdFW8D!r-5ERMDewulyk+C!!W<)N_0@s-_keKb>Z1n+%qa+K;!m@#kx~O#G!E z0QSNu-!!2KnC=J)b;*CL4_n^gfE@ntC%AmWjfFuk{z`D<&k7Vii$$?G9M?H77Ks+E zZOblvUN(fh*YlG(QLD?w`8Vghz>M=~Ql@;uYpDH}4DP?=tI`v+mVCOyOa65}_raC; zncu;q06A4pex$#>^JH+F7&5iZA!LImvbUpsE4&To3ffN_1^!ZOnah=Jhuz`(wCoAKqGa?F6L(_F9dGlTd` zt?s%0`1Naghy*`9)&zln?Kb_~b>?O~G0<`9foa{KSgVO&q3?x=9+3-OLnFQUJcWmS z@Qd?+Mfa{&_&u=K5leg&?2&iFAEO$THls_yPCvBo>0|!4{VP0hd`10NnE4+tqE5;= zbv7XS6|cab)1g3vUe@!&Hf2_-jfc3_5_jT8OWyp?V~`CoHcyLE^OuI9}DHrS{Ud2Ary~qa^R*M3zm?xgY#|x zO0MY$KlCF|gr>U+4(chgTiVi5YtM(k4F5y7-6wYZ;n282D*R>KTKh#m4sGm}n|8;B zR!_qhBYZ!S$Y=r`47#8R*{HP|64>AEkq27+xxnj+-!k5WQT#^p$aLb-3vtE5jP5=> zvQ0IC6{*o@!?OxQ-|MKt$Ck75`~1-=t?DOKHi_XZ`_y5klNL=Npkzpfu6gT(q{x75+L7mjB`$h(f-24nNg zZu_ttNj&U>@Ok7y-sd=$iftViq=grEU9?Pb^xGJ9bDz>>7bh2HFje4#?r3 z2Jl0jL-@t_ZeA=sjO5HvG6?)$2#X#$Yxs-}v@>FR&3qO< zT=XPJ0m65@co(J%6U`9J5xfCllE+SV=a3=rn98HD0Z~N~405J1Zy^SGGSTte6Vz*M z%^@c_9YYUVLH28L_Ae9_aqtBXPW!NQ<8`lIWEF{jTMWjg?|~-zyv@Q*#62#+VG17n zjh_a=m--KSEXLF`QcxWQ8eAXcGJNB&gTOD)}aNW*A z*+0Men?y(Hhem(q&sBlz+CXD0wuLo<-qBSe6>wMeVfEnwt)VYO!G}Klf=}Rku}=f8 z9YJ7Uz;%ZhZbI>?y5*l*EKI$*ej&aeM&5?}(&IBAuJe5mzKZ~54CKLz1>Phlz#$Iy zyX@1B?|opRhW)fd2m|wZ2MoOlblh(o!()TO?gzXaZUyCU@Y6+xt@JH;$cS@Oanx<^ z^dU)R{`Hw`Yg6^Z%xN+47zZ(NqJIv=stxz>t=4!bjkzt}++rsbz6sxDur>K^T0Ag6 z={Zqf(MJ#XcEKCEvqVJ;%TH1#f)Fj%cpcVIy6U=st(&fVPu3@S|?we!@EIn#Y$C zkLYa74&Ujx^*|9d@LOPDy=`0m`&;p||E0HMXZ;mNnZd&)G{zYwj(!6OduitN1|Zl0 z?}I2@hIB)T8Wej-hXc_EL;$VKV;{M+Rv6g#Tk+#FurPb}CX;)t!QQJJv&R=zTOCq( zVcs6sa{Ei51ox!fU@*R9Kg#I(;2bdLTd$4nM;hIE2!XJFO5c67FUk~== zgeJZSn_dMC6C&HvFBU3Uu+fk>I{YZ+vwRdcbZNNMiUwhNGuraLL;(K8&x={zuPSjjQTa{ zcH`F&-;oLCF7ITQ`yCKh44NI^_z|&Wx^9HmC2dgQJ41UNRrnY5r@@IWmbH0)* z^|nL~-}Id;es{oVGsK<#r~%3H3ywWdC-)iX3$Eh51<_)Vf6S-DM7D|EB&^{?cZ?kXnM+9(b{2Po{29W z4*Fgg8P%)tJ%04q#x)>*(f~(ruKIrJhO)T_E&1uSa0Q5da0JRa@rt@UVfJ0GQ=3%1 zKEugb-Y$mpNzUKGW8<26n1wKU{jNip4rzn_*yox1a8T?;9OHJ%Xiw>)h0d$2ImZ&CEP(>I;Ep3U0=ED1hfref2$n z;BoPe(mg(e^R*3fO+3?7=^ZZG$(F|%)fl$gQikV9(It)mwdaQ$j8T}oFfL|HdiURC zpGiu3fte(F?ft<1xb21;$pczFf$Qga6&OOq!VE2n2M9o?LZ@s||zCf(S1K zTOl-WY?#hsD2@GqIz!|ZTDgaP4!fU^rQzqm%O|7Np)fXH;qO4$)H$G^`7^J3dd}3* zn|tWQ)AT)XW~UgG{T~6bxBTA_yh+9>8$)l{o{W-=U1#iBlFF zagfBv@x2^|t^_>fAH!`!%Aj>vi=Q0DcfJ7v!cgY~{_?m5#6$Fc#K`xuagxcxdR z_$=L|#CPY&13FJ{7fSj46@7GoZx_6wI~!0_LsoAO>e$)rc`tp|6FPsGr)$1`E#$OD z-Uyt*2p*y}i!ydyn1+_nKlAvyRI*ybmRT*Ay=P)@;^Og;K4&khB zr*2Wfleu zSv+2A4pKv(A$ThO7~CeF-1kGI=oe`Lou|!?RQu1#*5rnJ)fU@O};fT^hR5S z@Z$@@toQR!zR%Cf&m?;uXmm)c>hEB3_F|#6^W;fnOJG@L8yf ze(;Nj9H473T#HSyP=wyO*d$7H3Hl{${OrO@kXT22bHOg~RbAj&bo%2BeAq zRALBvv0Xdv#af(!rMn(pb2l49ervN5;4Q;~8vW(jg(<;G}uO5zGL^@JYx&4rXg# zBCnHaC*NBdca4&**btJC=hG*b*e}HjOnLnp&}y$Tw3T-8S@{N1f%_4j4SKF1Vi~*L zs{Etl#>jlLH&}*_ifF-=_ye7N6QzXV%&QMGpS#M8lkjHRmYmDgoA{^h6e!8iz2bQF zuMsXnjA%M}(`>>QAbR7L2WRXW^9p)J(_A*m@3lsb?GPPSHgBdLpCPzIAw$~beBf%) zCl$*xXcFF+Ytk+e6C9@q?F<#0CN2%d32|Kb2ZL~=e5YIr%lxffmv-~4{=w0oK8xz( z@fP;Akh|wGcnN+B9~A*%F>CSP&>&NQflk^@FW1T%8-e_@!TbJ{*=q;re_NgsJ5V=aAai2{F>Z zPw3V`&RJ-&NBL$41L#M+y|o=_NA|o*ly8omeJ(w4Q>|_H##_`8n>OU#+m~X@BVqu~ zf{rLa6nO$)+v`{yO9{aACpO#53mAuZzp2?|RuDy*8j=VJ9ai$}1)n}Mcjrfh_t4K%k`JZw%WfJ{ zdvPWxD_J_}-XTb>NfdRe$=Br+Rft#K&A_;=#$AsoZ^&)*CWq5vX7EU^FS~Wk2)e1{ zHCch#2#2qpK6(l$bI4`7Cb^E@KiP$gW6b4Fq`q6lvf|(mUpeJ?fNfi{N6%B}ca!PK}h|p3&OXL3r6Ce%+iG7glJ&a$IYT_lS0tbu9aJH{OM*Szf`DMF$uXgtkX2Zzjj5)Pt(p_}ZIJf$wO7MgM6L_ec=$a1(1r z0=f})h%24{=T?Bbcf+U`HLmgoIpT=$-DdXBUSj+fv^=p(StHfwCbpODG0fMQbjovx z0}@7vZs1ciZ_LzCN-@=NuoD<3tHnwYdygWG?ObK2KRUCV@f8|fdYL2`OOy!}8FJ~m zUew>uRjWiUq$<(56L*a(;F-R+T_@}m#8+DpUOj&}a^n@5p*%?==dP_f_F`@2yUbAb7bMnt+JkeLZ4|q{FdA9{p8|$p)aZ6weiSl zR9Ek*U-0iyAwj+p2S1PM*)(npXf%JRi3^81j{#hZj&{Z zV!90E2*ko-htg+Ggv*kI7q}Nr@F{68T_q&0B(ZfE^Vv~Y_Bm4;-X1|I@U5fB7q}%^ z^$rV*Jzac1h52I7ARom?RKC`Av+ew1p`jVBKJD>b)YBZ9D2O=vgljQBs?u>s`=S2V zo%SWVc48aG(pPs3*fCfs;^~sW)Naa12!P`d%~FT#uaqqV-#MQ`QXJWr@S8JZLQn9r=gXMA_8 z9n!LX@pq$B7xO?ef6ECPN!Xq?huHwLXT(9u;)nudZqI;qw5dGsD~5mkF(bQZb;>uw zJJWN?FS{F)WmMdcQtMcz<8ieWwUlZBicEajh>)~=fW$CIy;O%}6Ej72yyo+T&uDNs zM^=Q0U=WU>Fwa$FLWiFbUZRJpHg~@yL(f-lfZH0FoPo#)sl7qggR51PD_ha9_s9;P3kGcv4Ze4a?NZ5%Cr9G%Rb z=$>+2uzb*c>phSu(Lje`d19&(mqF%t?;h>-wRHcpkp%BU!^BRj)U?&R!0l zhsehv@M4FSHSQha7ai3QP{ny;|AvY;U)>w?BJbeTVyyy`tesYYj`EMqS{afP-cJm^ zy8eCQF#K?B!Q_W{vO+1i}LY*Iauq}XO-*{!^)A^arB;W>?<6Db_a(ksRA^M^#`pa)l@p_O^xaGM6@Y!RalU~NGI{RTWFW=4ZIjM~LPF%5l z_by`}HBK|r9TfzGaCzX(-P;}Yg5>ZLqn-5Jjof#oSJp@(Cz3@|<+G@{V^{B~<6;y! zEv_=ezqLR~+1u5EZK7tJ+}h5Gy&TA*<1jt)dKtk5@cfUyYeK(cy#kg3@XJ!ws1}fI zmGh@~$qN%Bl3BvR`knF;w^s8?oPSk|uf-ZxzCiGtHXEE)&l=2N)S zP=0++msorI^eCQv%u0Oyryh?ZIi0nWN_S!(p--4rY!xx79U{Xq5MllZ;!URgE4b^;rsme4{6DlpX)#<-}>&*EMc@4-%+ zoVX2zR9Zkk8$$(!HJ`!f)jF|qu64~}y_|_J{Vbz#UK!7&kJ%Q?FYVb@=?@yJE}8LH zy>2D}mY$n3_tM@kz`R%$&b4X=zsVzeai@&)WVv^p<;xfTnegfpDopR~a|xo?5Ooo- z`sm2x(e9>AHAt3_*K9*5OgpGobc|8`6hycEzAgt#^UkQZ zC)I}crX0-n<3C69A2bxU6XGLSq(vvae&tQZTnCrh9O?aN!yT3)6SJ_r7AwCjpy8_b{0_-mb|yCw}fhRZ#Flr0qzi z+^aJ_P}Vyn+Q?|bhy&BVvDf*+F6F8?C8^CR@#Qbb((=khgo|9sY>+6FJAt33G+SL{ z^wmC2gmZuI0KqO|4>pR?bjkNL6S~+BZF=i^Gg$vCt!i&hG)TsUMC5bvjz?8K8Wo)` z^lbA)xHQz;*XR?;=NRb4*pJd>mMnsKMrOZ(qtMT3d~}4x(ENE8PxUH+qR6Trl@N8J zScyC?EwG}?a}lOJld`6i$?A71m~ek8QLiNJ+5UnQfe(s{N0|mC}h1 zlI6#`l=smv<4ddyzdoJxYtxykeRb12NV7XV@vm_H zsZBp%q|9i^DgF2a`^|?p|EeJyqwzxr^(UbStat;0T@X?p-+o zcorfQ*A>{Jk9?Tu4$H;MC33{3bd@Fw6}SNDX%0dD7R?iy2-t-3CeL2QH-0beV>Vi= zhFQ+6R{&}CJBtl6TPnpJ z_SmU09!Qb?d%%-&|Duk&LFx8r(|DL*W{qre7Ay7k1wQ&QK+B=(y3jr@ZPitn9~d7w z@9JHq_odxwrgVsMEm*366RHbYtQ~ZC6!2{Eb@^c26*kneCW7ar6oKvv?I8l8o_}!*(zErkx{T8i9d;xO zXm|FbLkb(GYRpV;cai!6v`2qVv)RF0Q}Pk5jg_lQUCeqgx+iJ zX<>dQh>N?yjZk&J#Gk9$F-0vKlY{iAQX0COF#P4W; z{jrc;`4Kp1K%my1^F$lnFPQg%R&1l$pM>6lHn1V*jDd$ro3_v#D^r*p!CH`e`1Z~F z3(T5MSN}*$pku)j1*QLC@7r-1j^tA=60xwnz5@#E!UP4_2}Rp{!9U?o8TL{EMT>PU z77_e{hZJEdJ)OdGl;>@If>i=IP)+gwOJV(o2UUn@gHS5uJ=eg>FAwfzcm}H}{%lpq z<6F}SV%ww_5khe`t4GrgEENoXylgv#me1Ic;gF>G@LQ{lebn&8^#}S@e~U~N^Ld@Zg>?Ox18*)XPKA(a*J>@MJ$D-`V7}o}*5& zO^|!vSl2zi@q?5Mv%Qfyb@HeW!ORsBWIcWvu_Au|L(T-;HKF^l%WCZJ;H{Rfj{s)Cfo22>H!aLX3agJE9;Pv+Epe zC6 z>Q$q8`|Cy*yiJ6V$xQNMwf^A8uy}8G66Uv=^PW93SQp_BNdAV%b4Y^t~Cj zwn0HZ+aVGAp415tfW#Cjx;2SB#WucR%v`e_(YuaLHnYoI(Gque_!IiJv92(`fk^I} zmSjjmtZVCQ1T?zmUwTh*8(C&dyHo9+*0sl95SP8ue%f8jCJ#mvjEiDEG7EwVCE?A= z`+ymxFIz5E9>;r4hcZ52jo_E4T`?hPof5Y93EgM~abXy1*W!v>7Np$SE+SjA=qi2uS7T0vN95n5{1Sst z37Q`_EOtwivb?c^U7tcL8vQ_j!ow-}fU^BIv_(aN(NZH*xq)a459ty0-21Wp<_M}b@6UydYkH!m&2j6RbaigRk zPgJnA#mxQ9HBF$W!1W1OPb%jO47I4nQVZ~D__RuA`7Sl7Ne&7g3>Ej&OHF3FMC9Uc>;MXUz`G5x$rK0e=c>yJSuj2VE*~ z((89+QIEN2@n}i-+O~MUM&(5AVH4m- zPubSD`q;^va!4czyLiE}2O$e{^=@{x2^v>Tir==Tq$8yWVe*aLA7 z#2<>`fJNcjpV+y1ND^uPjx}-(DJUmvld00*l3C2V*!~j;C zI5{&_i`DWk$b*bA2EUfnd>-r_E@BiOu*CQ5=3sZCY+V-D%BT!U#C_LU2pC6hn6W2- z#|;%ndmvMcbzha{RNRI%9g$vsguc?R0v}}aqGCz1w;Itv&h*N{A}E;rBukYxkOn+j-<+t=Z^s*i0$Co?S1IBUDxMa&@m z-V6liDq~|`v^X2*L__(T_cM`HKKZ!Eio{=KGg9{Jqh6tfWARn-_NuNN(l^hL@aaDE zSjoROj*2~cf%>O!cy+8)sykcPn5QeM5wB%yq(cN{YR2`Q=q zq%YkVbFPvH$d~Oe#$0y>*3G~IBR`Mfj(XQGIR=Y_!mvPD+uZSNo|D1z;kzSZN?$)W znxz-X`JVgn@Z%Yb`O+kBX-ctLW&ybNugGe)mAbrey78}c_!(0yXPcWsAA2G_E9CCH za|Chvycj@ElBQ!TUZ_ztlunL+Ae25sRPnu(*=!~b=rPEy=SJvcltuz0x=#|TFRvx` zd&c(TEKhq3(9f>}Ez-79jvRJcx{(H$T=@5O8XmoVg$*=2|B$45_uTH40l>*JIo=g4 zSW}6vC-OXNWZZ&i!iaTg~pIiE9#>LY=L*x5`kuF@9hxPT5Kg((?-q%Uih^3qzSZGD;JQD&(cieIm}QZ(1S z5)^%jLOC^cd;P~fE*g>M$zJ7nV~rLg&brQme*b~u3S-EGdna36{uXn~nrvh+5C}dX z65IxG?wc@e<(WP#0R8YMb}rNe`Gr{SW0fA*RzoDG46qnBm~*H40>{LqCTBT>c#QJr zZB$i#8|5hXZ;sw}zRS`DF_mL_)}>o)Z9?v_8~EI3w+2JN3WVk^cbgz9;WEx^me}8$ zx)9<;md1&96)Vm2>SJP6hO`4|69kSPf~QOGwCelGN#o|SdTNuRWy`?iCf&T1tzxtk z8wzCL?l-;>a#Ygx7SA+vbS;RFwMHz$m86ZGe~Z4CRgLTD0tFb_QZ*b>6CrIne zxX0y~Bsj63h}=78{El#l9^HULI*JemI*s>iiU;O+W)LeMLEjAi(UUry{iAH=N8_QW zna;x~S$UnDGqm!>*6~`6BM;qcFhsIRfbCB~U>j-N5gXN4O)V#mBDWE)|0fFo1IsqT zrH(BXY!M*PWWI3!dIx+$(3sUx>!NQo+jCVrQBj54(u?(zOu*)Ual%t{(*6D9SocjP zc9lk*X@@fHCLjf#8I)>?+Yos-fWZ0)L~**$frA8l@2H(Fcx>~Z#oW3T@E+};Pnht zi#jR0LR`4B9jm1WujN9QS|H`aaeijtH%kuk6f$i`71~9P;UWn35c@(*^+0Z>b@%kukdt@~9oPiqu)Zv0(7hkh1L?|fG?k~Pfw~lss z9+MeU4;rUfs19YV*)aToAEo@GZJ|cwvyy^n-hjiygH%vKAi%|472f~K4Q2E4ZS;Db zoAt}m$|l=E*7Tma$QCcs6u|>!s+(~(3hMfx_;GntU5|D~9gBlZEBG?c@TYUs{qw~+ zhup=TE37Z+Yc+2 z@b%uj(f;BmicUfF!5XLiYLaSc64cSMZcYzO2`o$pGlY5+1vwyvjrsz*&=%DS8U z2|JR{awU{a)o`VsS)l{l1lP%`owGQs@r={Gw|$%7Rp7WGaL=^Y-m9qFY61551fX_b zjiJ-%c;Frd=C;f!a2LI^KD}|ZWyu7ZW?X%~37MEEqpmeJKu+6a#d5MO#96>MwCC&M zs~qshrLUc|KtcN1hW}3n0cwAX`*)cna9o$v*|rrnE!w79d-KCWYmO>I6C{%M*->_ci{iSI3FvR5i@ZKS+6B7&gV;##l@r$3>^mTKz_1qAhMHB&S zA=q~E`pwm57XOcrVunculb!}vA8I%xhIYK91h|{4Ttdp_ckgJkVE*k&_w7=A0)zD-#ffwywUJ&ZCD78J>LFjT`Vy z&=a?e-n&SBX>y|`U95a1kz%m$Q@6>IjXK2$xeZ>bPEX`4eP0^N>4i#wJZK;n0leoT zfMA#OTns3F#Fkv2fy9MNEH*Ans`>eiZWwcR97eVv<` z`5>hIxlSpnQZRXGNj7X{P>uF0n4CP@UG6rS8LDW+agGa>8Xl4505aR&Et6MwTeP~f$6Fx#362#@MmcU$9_K(RZ(U0oOD4% zx{)Snlx4EL`P3R9s$@nl&P8Gyrj`2SF^XA|4F|Hd@w?s_>**+VPDs^G#-L!j&j7=F zU~d9mcU?yLbEL@|siS@yQS^EU2!>o@w>!^xmee33l=+n{KJipfj@sNDD20uCX3`0L z6tB2K(b@josuDYY@h#ZlDU{;d74BL6^ZA(4RDz$-h(W+hahwdD)2_=gpsv0s=mbn3U%}VXZs{-tixUA??_Fx6o7as%EQr9}(ZF zk0&JBD}zk*v8zn^9Ig^89F4tsWC3UxSMvRXuHHg1HbfBDr*G9fY!q>`HP@$MoN5Xm zC^(tN`-tL@d^wJ%7I#H$!)ZMGJ4=<8&xat^+>!?!&!WW+|I3bCR+bEb?cOVQU*NRo`tEl7oSFQEfrA!<6(_XqAS?DT% z?DW#c>QkW^gJC8$p;4&$bNRBig9>8&R;^TVL$9F!pF1IoQNnra$rgL?pq^5Ekg=oy zxYHh>$ywd?Wh>d&OJ^fF&bwD0ns_r{|vcp`4onbk5g zI4fF{XsQX#5hNb4g!}Lw2fXER%JksUR1d82`Yi#_tmS(_aZs;2XZ(jGW0-m|Sg@AQ zSVD|k++Q{r6u-1GL$w(2+Nk7_8g!)5UeQ0aXR6;5&2IpqF1A&Tx6YcAU_ogq>aBBDYPDFk| z=AjXFY=YeF!oG#IM}VV>BR!5EQ#d;Y0+}B^z6w6KAJaLEQ!*j-)iA9GDL)ZeB--G3aEMOimN1uo1pZ#}huhbk6Ue*=e!Rtvo7k-&D5gY9LaTylim+N?WN zuEg;U;o1&(YYrY-;c4xJTCY>-6g`@E9t$_sr5NpKCaYuV#z$(vYGsFYtvOf@*!!^o6$WSM3@_ zF|LbgnlW-@oZd|1-N^`cBn!OK6v{8cd%Y58PafP0#|MBFd2Y4k@4D&>Z?!>KmS$DL zxDOFon{y4B)RkHNv-P#RRa$@aHuj{0(Pny)@-~dk&D%=W3^L>G`5OEOl->R^c9-~R zQiSPUX%DY=(hmalb4@!Y-nb)9Fd4@{kVkXajH5e1t>G)h+7% z@_Re;viJY-xLNz7cfVm$5Q1oftA?TRt|{$rmA54KbUuv!F(`gT-D3&QB;j6YEDyJ8wwOE)05(F~3KQ$Mm`Zy$@^oN~jk&zx`~k3SM} z5@wF=HpWelq=Tt+$suqqUIrxc5R4l{T_>|BaWR+V737gQ-1eE>!0E$7=V^I7Z>q~w zCw`zCw51rF)VMcQw%U1ty>H#E!W%>(+{@7RYRz#9F*Mod1we%CJYKJ(2wB7LZFPv# zSLa*NZR9>{Imkv1FlNF@U*QT{;&d>9EW3E&ChP+NkH{MdDw5fTI`1Y*3sv+u;b2|L zZCDI9%aQyOq2o|aveR=+p1e{Us0(~*sBt?Ob*7mPX@Wrc zgQ4SDV8#M1oJ(<$3T_}QIDVzqKg{szfcjpERb(zJA!gwmRmsNhG_dA90Tr&~!rCD4 z*%d{Zt#gY^g^sj|+#n@cWvJ`|D*GZqweaLd{KM7(r)6IM=skfJ*!!Mw$m6O}dbA6e=p^aw>qHP18Poi8EdP@IQTjYrVW_lexd(%dDC*Y>vcDcqWR+C$ zuFvfQd23z$`v$Q4c0dJ$xMk4&5lTF#v{cCcg6946UmR%LXuT$n`S%>yQ12WTO(kwl za6TdV<21n=iAtvtC(r_u%?p1&iAu+RrD0(d`H8$3tq4xCJ28Wm^W|m%mcRF9z4GBp zyz8f-5{Y7M57E=t85=-=zhwZEL_|DJ!#1=1WDm-Z_aQ5RZu7eUK`o*K-caALg_fxD z0|``Es2uV2qGGz#twLw@(F+v!)%Cea&>}BK>m(FEcJlAZDz+8W_)X-b%UKYe7oK$e zh^xD!c!Q@O=k;P-LO9-_?t>}FcQjbTlfUivk=^-JVD1RZKsufvUh*hYpmz?$PU2wN zKx&OJ0zj~Gv@ZA}?sLY-+gxsHGFp!?fy(N%9kK$5m|clZ787u=Yex$<+?&!4-_*U# zhWubV1w$e>tdQ7rAA+qOIb-Ta($8HofBT8M3FSP!{t)W>OqXU+yY=3yr0u6K$!QTe znCOOWJvPsvs#8a`kiAM~2Kcq?wG+6d-YfzQ;5d$pX)=MU>uZ0Z+{zxb0TH%Ng#!1Y z5Nx|ek;Nen$=Z!R@_&~;i3?&Ie=+66l4lrwfvdo$2#k%kB@RtpXSpl*;{^*TlpDj( zbe@?X@G)iax|iTxC@OT2U<h93G9Xs3~Hd_+T5I4L0pmP7B0vz{K%i!PHE~;4!tN)JF-r?XEz4M z_t=kayQTChY^;TQqeP;4+;xa*NQY{L9eKM|J6m zaQr8A%JL!B7vW&a!}^*FiRxHoThE8DG6Vn-lm{gM{s(kV)*#8RJ{B00%Bx2EdCYg7 z9o<#bq5HNle&d*0ta{H?yDPpWpr^3oYK+$n)rJ6IP_l4DgKLdb1=tc}B@V*1X~AKZ z^f{IZWTCmm+E-u>#)`5M1*LS6$f(_RcQmbCZvL{$hRqC;I-T%NB?B$1LfTQIW$EAk z1R{*VBB6?nVaKxfG@7mY$dA7;g52|74AYaZb2yGe9zW9~wF7=DGSR$uYspQ+c>kaC zLTd@;ykMzVp*nZ!vIvv1WzcqLU>o51q?5su*vH!)Wgeb#^?lPd=pH~iCoF4j_DWrF);J&Xt)o>e?o zf!kEZ70}_w?{?hk;DQ4(h{1a~iQ(Z&*&Wir0gKD&qVXKymEO#r-0boK^+q>Gf)%56 z9Kidx@$e%ACS6*{7KT7g8i_y_S{~a_9>mCYgcJ%4Z9}t#3t_E0=8G#+ZjN)?>f6Q~ ztct5;67cS{n?*5w+;t;)HD7EXol_24i@~9S{sX}+_kZhXe%e%-k8X=E2Z3BXTKnA` zGPFY>7BrvEhCO#d9?dZ*A~u#&`QlYilMj%Fc5|_fy?`>tmHEl+RrL!URljup4!+xo z*B2F)oZl1tl^fF1%#|KOKZ;b|+3MLAlE)$o6MRuEA13+gSAQKJ>YYHT1d2al=NcvZTxUIf*7r)1RkGrp=n{b3rtvM1lZ z5^;Qp2S-q4+30{5Jal8@S1%<>81-xZc(?ix4cW(pJgVJuWAM$py?OZTq#Bgd1hTZO zC0LH1|Eykl*+%a!LNm-XQ=A$EC zkZcCe$*j9Y>eLnI(a;4Ni@)u*qo?jgeH=h|+Q5z}R;Cy;Y|A{U(sI~C2m3s7n4a>v zRn)#-u&iBkR=ErAc^bW;RI3FtqFKFB9t8|9kMiwD7$f|uCv z1DrzXs?l-kH=Gy2|9yT!xwdh&ilvUZLc>j!tF9BgnxdK~Zm&4xRD4T0&gzy%Ia}S> zxN$o+^ZKE)tt*VMGu|fQo--POlU*}$bt$qy?I-B23aggS_9ilA5OvTKfuX+?oSK5* zhQLak*Ezl~fsJc0>H|+Y`g^QCJH{cck_gm95^`1DEyD%C$Ne~%va!9{lRUsl z{N9u}5*vsctU&EXTSXN4hV)VM8j9gC12aPr?!X8NhfVN!u0uBEhf9ioMrgNHDDA#7 zLIiD~Wta&k!dRDWxMH0~>b{}lMxchj{RU=#{iQ^yMCT|6=6a=gV8`>Xyf~X1pLPyl!dq?Su4NG~)?yu#0 z0Aj{Pr)??8o$Nec^L#%?_OA~|b5W2>5Pq34>bsf;JlqIK@nr8kL_GVoCJ1oR6JPvth{^^6fSQad{b7IIOeSMVUAFtrt z;^Z6kxbCNQ4X5^Zp%z1MVR*woZm(7u4lT8oi#N}`rH#}eJGs$i;G^}4r;}KR$A?Q( z^tG*p{J-rCQ;(^3-fvFFGE`Xq=fb7FiD5a^k=+gfFS#2u4nBB{@??a#wliB@=jJ2& zDB?T%L2}JEEm2=7C+>5*X_&*_#WoYKCGT(m^AeUMDb9U7cQ6_aB*nST8#d6g8P>Kv@ld-)0UdY7I0rUb$&FN7)M?r&2c*eajUeE-91k=4R8lc54};h;cQFK>GD6X@DD z*2@&=hXLeq1mw{ggCfSgzb_CZw;eV>)l9+Xp7$rSB+YvN%XJfJGuUfj*1>%vUGHhM z|N0lQ7NZzWK~j@d5fVbM?>-k>57OT+jp3{>m5@mmhEW=iLIax7IH}7uzm*jp8dc^7 z$w;DeNcmx?;In+jf%k^*l382-UMXm6uDI%|x2bLIZ{^&sVq5>{wP-a*W!#0_I;E$^ zMSHsHU39+GE1y`xIedh|Mqf2<(&$~^BpeUcb67h+c{YnL8(g)ygHJMb`$gs+`0uPq zhIFanLi!0R^LhE2Voc>rf~UU+2N; zkNlGIjCNTDvWR}sXGeg~Ckk49uiDL3=;vlpfVhUuc)Ixdz=U*Z=$BX7>JA3Nb@C_& zBQ8x4IZ%B$s*FgzkXq=H2Tyt%Yu&RXAKuYEoXFJJ0Tpg}22 z5N5h&K2G8vw0M<1;=<#~G#7HuO|&`OOgH9F@>YnWM5$bk!t`^*mQ;IM))3tomXPx@ zntQgOLAx2^6H7P#U8&vg#LA}JdUp$HJ81TApTn!~m_o1d)@VEuN&6FbU}V}ZefR)P zQhocei2v74#M5CM2W6}WdG7_rINrt=iKhCAr_DZJ)3<)sKFWt<_sTJldbdNjwek!H zukf@-w;OjYCeOHtP0!w|Ra@V!(`a@q5({$y!%iLQpzdIL%4rmJURm$2a#DQDNS_po zm%s>5Y$y+Cz%c$n-}B6LgU~zj>Ydbz3(-N_1A>kv;DfTi-#1|Izr>)d&3>xx;Kb~C z^x#tOWfpVHPWM}(58FL3v2f-gt66+aVvDTNN8U{QNbA0%d#F{I?+B`>1D z{6cuk9JjDHFQ^?=APWl%l<|MtLp2wW{C;g7G;K6(_Pxi1-Hzfc6Jq(5f3F=@>8!{D zV0*LZ{a~f8(LAk<(!?UaLvjvNW&@Hxg59Qc1eO3nc&4eM9QK82Cw>{U9=O}?FDNku zP4(4F;iRHYW5|5J8j?o}&0V)kM{dER{mYmMnI&8At7;1}RT4N}fU>i;!G%Zv@00Lk zk|JCt-zn$BA%7ZH<4O)pP)6AFtyp=$+o|mMu|gjgO7K^Z5`?wD%$0IeuU3P@zut|z z%(5R@1kkb5ki1T6iB|w3k39MrIBAtL96)-VC1owEEjG?&%MOEkJ}5sP+p#x?vxPBS z@bfq7w*-zOI!jYNJ!Ye5VpOMzLbTBRSfs@PudpDDe?mby^G}6MRd{)?HZzCGY$Bu5 z>=k5gcp(|W61tHTF-&C~O`guNP`S+|Zbm8Epj z*cE=~ihxRrEx_JEo|pzeroQ4x{5+<>H>k6%$Cj(KY9*(YD(;WoV;KvCB|1#IX>5vuZ3RmQ zxLg!ryd;(dL5hO@-T&|5H>`XVD#6!wLcl)=y(c?xzKQ=Qi$oJMl{2Fcpwm`zI|mgb#Bchm3y zE>Tiu{1yWtd@4b+)p6h^@X4%&GWDX;rHR~RFSf%Y5KK`TYB)VkUf%o6$xLgo>7aFb zH@M~fCyMSRZt%}-W4GU6SSg!}I~+l`9^;T~ zJdzxCYO$)aPIMUvgo!%qfXg{{;zf6VBo(0$Uh<9B@vozDWd}MxTSzk}bN8SOcHONjaBxN#&QZ^8x?`^vMaWs9x2fO!F zCms3>F??4%-)&=A!iO40{T|9Zy4!eT!@!CSERB)IrGqUg6e!kY=T)(6Hz6A>7cmn9 z#YVS$i^8h)zRA*?Q&==Qw_joEUeDwMc!PAvsG-o(?nZqG@A-^))z6KT^f0_T3RJByKb-)BA`XDn{bfiv#T~Z!;X%_c{4L51 zhVTgPHTrRhS4KH24cpy^!o|r@_`k#)PZ}r(StS2qz>&H~AD1px-?_p4W_g}h*-=MN z_U^wBWEJO~Rua(fnem>D={8Xodz)Bm692H~{Dj9lRbJ!cJJ-yD87lxCJmc3^eACBPT0tw&Or2a8UWmpFp_whF`)kH>oP6ZO> zX|K%QNlA8(ZN2%C_&?SdXv;KY2U{3$O%Qofl3kSwafZFY9*kAZ=9ka9i@rVS`7G}k zEwqbG8Z13fkR7_tL>TdcXz00GXiD8!NN<%~{yqo6127)`f(VYrp~?#cQ(SR^<5Kqw zpJ!aV@R3ue3l@Cv44V(s9Wh^r)GWw9Uk>PQ(d8pror&!@xf}&MtlK2{EZaw!@nzV zHi%R}md2TY`6JfVERNT3-Wdw)L$xb-#o)bp2mqN0?mfL0{gR!W{9@O%DzpGr6GVrP z3oF2#N+M#PVyNCGUd;plcQ<|codCY4H8OQD-IYPcG1Lxg<0*G z=qwXG+nJpAgTX{Xzqg~GQiS10(sC($VikqYk9Mj-!*TQ1F67)f3wv`vq1IXMj8xqX zicwz`gmT7fE zZH}w1I|*<~^R4xO4U?!4r}BTIR67EmL1CVh?xKA)ukpJiSlDJJj#gxxARH$1J81lGM|`w+A4l->{Wr{+@)6CR;;^Dn zDcPhAlzz5CGI82O5Z=Qd-Fc(^+Q6RS@~i~}#xmEuJEE2qBUrua`K+I1?$iFjDCFHq z&(WHFZ79s)={YPWZ9A;dKX+~7)bhUQAwXNFQ(m_{L4*SBVi6MyCFH?|H#U66d{KFOf*erb3fr6?OkmEq)X>xC73p6lKA zCKZJ1loT76xpUTgM`0U&k)_|!`LQ8u9F?-v^Q{=ayTlD;FoyTPc-4xH?e1ulw8+}E ztQZze(4QDm@la$RP(Gr1W`Fm$@zv+pj_!zy2p819=GiZ+9-96JQEaPZ6@BO%KH`lT zXik%DE;Nkk!g{t&CR&Ax*7K4LP6!2M6Cw*=f8k1$8Q&~(_OhrcC(V^#!-RlRfn zTQ$Ti3wrx&NDG{PgS#e6)~|e>?suXwBDMBm8K!MSI5mtG4jIlV4dvZG18fnoz${)I zn6sMq=yd14lbfO4Z5p#n^n5#ke>C-%Wmjx(inf1{h!&h19#p4;h?v34 zB#=`h#J|V9M9+F|TG<;BPyL<`#;5pek!un6P{brNwg!C_!f>S%tx3cMeQc`ZJh3=4 zh1wLk;p}k@HNyes^jcNg!f(seg(HljS<(hs{_nrAM3p$@1vN~KOIOS}vUaBG%^Zzq zp)LpVvV={v2GmPa5pWY)N_cb+v@FED?|PE|8qXC18Gi{4Mv-p&zWCGdc?T_TXAgK^ zP&!j*!CI=sg#8 z-w|-`rPxlSvwU*oV|)Y$tZtR=>F+V9_NxD^ECLnOt`=qAi;0d-{^G!EK7v?v_D(BqEGjQ`^Y2UK`+3e(GU40Q zUs`u80{$L>zWtDgdxwsesdeGSMmpg5GAqle6g}4n$8L6P=C>wR-7zrJ?NiIh_I(1d z44mIl;8E1$!$|QpFS`TXgYw9}GtV(GRNnSaC=u2=gG5!$mtKa-;Bp?D3Vr`yUa1Ds zD?*@TstJxX*ER`$>Gi5=4vciD9qWLE?AiAf0b?<$l$9cYZ~l1+r@j!}W=|Tvc91rzn-C=FmLIK>lc|R<>xA0z6FNjkFT0>w`V< zE<;pbX5svAzfd~E6)pIKO_N6*bAc+k#seCf>5oAMX4qOZ-P5AQUc}2vpn>F#2${uK zU8>#7W_{$i_h+!XWPo}jo<8UO)EYrJFm~l6xlr}?FfuPFD#_&=_i3?r)thsR6Q6Ah z(M}K^X0(dH#G$d*tJISLMMY*xjqG!|p4XsEU#YG)B%`&iVh1kxcEB4R*G2Afew;@G zw$6m^=DZDW-w7U8l2$6%RrD|UPmIJi=1dLxo&=;LLdKb7w!W{%MXRJ2f3Hmlr!QraA^$swHt%lggzvmiv!ZezL5!me}jlm^kVH6LLSYP8=J zM>13|L153nLkt`*4ekJ?2+`hQT=0#7g7sG|_YIZ?Pa;>(lSqhSizq(ttoL%iZE%#= z5y>UVxOM+*sT1{&UHP`ITgg}Mkd{%&I5i+d+PH- zy|+K^y!V-CAt}M&eQKisLSl{9b~D%!F%7eDwmpb=CAk!f5V3s{6#xbHNIv-{GB;#NtIz4Xa>%@ zBo?quRzrgJ#We1Xf-b|@Z_rSWi>lxdb_5Al$IC$d>&g(AxAXK6pPLn&iU1|bfcg|~5GoDkb^U_t}YA&+qX)1k)OXbZ8Mj?YVZhRn` zppJd?`kO2>l}!~}=eJNdo`cD_4V7g@ljdv-t3=j$k&t&qq|XiH)3Av(c34EVcY@4? zOUgFIMDjwzy_@^!i|GMTm~qX_83i0U+_i}3W~XkQh84Hq%jRk5XPeQoOeY=a3hcb< zn((Hm6`QU#V{X?^kdOE}FjMG6PLzMUaRc*5rkWvUQW_%68OdcUxl;ZFx!#tbMAFBl zai_0vRd>pnzhXG0P~@;yBNhkC;d+g54s)bmpP&fio1u=*?8y3YCvc;uEL~%DZB&EL znpF?;X%Q|`y5`YZa@TW0$ByDvxeRrRHy4{LVK`jol|@x>>!@8qH)D;LeAt3UaJZ5&66za3>oe1n-(X3kh*76S?_OSV-7tLl0UxD3O` zFz*gwHf4HTRZ5y5NvV|$vmXwORfi`J7FC5+TwZYoF6oik&xEQFAHx{M%p^nj;X1@r zW}Gl5a1Nj%XF1!I*!Enor?P3N08^47H-mEpAOBbow}`svY;I3vbLUsJ?EG9qda{*I zxHw*5Sh@wvGbF-1v9!4RR#=I~2z3R;kfU=rk0l^=nBfz0<1lS&;Z3QvBm8pcz5eq! z*cd=&7{x_B4Ad zqGI>3bBk-HX2ff>z$n@))@P@zCkEX`q;b(xG-HGmDStC%=x9W$o+DTqn>8~eY#Y}z9ZHRN3As9xo?(h({EQ5T z;SgIVln&qfN^`#JnWt(26P|c#J9T)Xn+3qrl!TRiHF!UOp$~I&%ycf3?YMV6Bu8H= zO>@ALJiQj$`@N+O{_7aGWkoO1+^gx-!YmfyCBQYm>}>Pj179QdMfqJiVdqaM3oM^l zp`~Vu@y((;76*#Rxml}Cv?27q5E}(Avdtq|oxV3PAjNoG8$!2r6?)Ei4Va4Y-H{_@?%z3c-p zsw1I=?)kakUbUFy1&gp&q)NABkygTU4ja$?J{TgjSBK_&UG0e#{$f^>IEVzbl*tHf zNdQdQ`Im&sI9RRds=X%*}<`o@w9%6dI2` z&=?Df>3mqf`B&TfN1#Oi$9uuDuU@ThbyXQXYYZEmK*?Ly5SENWRcfzWN%KSL)~Fw< zy4@>F@7Z@8nR6^qySd|3>>5+Q{F9`B57%B!vKf>`Z2@tfKPC3%55cc95)khVhq{8z zkl<3KH-yvJ;=eEYjKE(yYr)kXd(k~<(-qCLtp$TyskH5S&@_WRvEmOgZhkCVo5UTa-CHm+G1t#i&YM%ck3P&zFtGSlGFU##r780((S*y ziEv*ylC>-ghQHr1!6*h4z4$y~vuBhH(XnyQOAgxkI+XI}gmX0frgcrRv!f4rjDCxu z4c=H5Jgt3x8_E!7uWwNHUPa#14E{BfoeohlDREaqlcREum^_s>jc5f-R@sM7akwL! zP`h5H7j36=ozV=nzPa})wJWCdfRq@(gkY;|O#Nn=ne9_8P6E>3H;4|pSei-37rQcZVLcwNM!(QcV2&Od8N)|j|xfLkt?9ri#7(X>VkzRv>6Q{TC==yv? zNA?ET7f(_Kz3()(*D(hOM!J~%5O|H8Bt;tY=a0n`~Bn>A8BzZhU)0us`qB zPe{nj%h^`^&)SH8?OXCP{wLp<{m-_KX3tH);2s_5Y(eqMj|8H!WV@qe>wKLRmMuhB z_jVQ2qY3uaW4Ib@u>8mDC+` z7YeBv1uRkYI(0@?L-|^J6VegD$wK=iZHG9AgndIg)C!q8xo;j^tIH;a^he-AQ1M#m zr9|^fms(Zx*;a04z~t$Km{RT#wo@r zpfETl*>G76T&;tTWc^LR()G=&XRqH+DPzY9sA!W~;AO_U;tI31Be(m-MVU&kk)*dc z-0^$y&yGv5 z%Y_{ib^Y!Z1eNgGW=KnsyVf^ZZBdsA-@uOEdKI?dSxS?{>R>9jtYGsoCazx!oUh%g zcwqksddmsd z0sI#q^zT&KnwJ+(ifTky07zP-s>?aq`va_*-2CShnHdJO8ot z-M>Mq>x~)C+NvN4MS_v(JGl)r_Ng||0D>~3_bBQy*s?QnCWtTkM&i0N?SkRG3jR<3ALy#j1+r_ zhhBVF-z&(gGv1U>+u~Ps?f0e3(C%LldN;)bavC70xNO1JKco--dmsE-)}pYWjX;XW zbxb#%N)tcvH2#MB<5wPB{>YrWx$AvMR3=P2k4Pb1>u5dd8e?E_qCF;yzB%&=7{qgr z)!jNX6(zg<-7v@mTE)bm58=T1`r?d~#wo*4Q&@ffnj)q)qsRGIloGQ9(0bCzMDu0| z#Ol3qH0pFXA^3mv#&R1xxdW>dlKNK>rJ#Ga&LB)_c1(bG)du{#rxltCazd2}^h{Sg zjq%>nzOqIy47$Snj~D9W&-Q-or&|*4hFto}pCSV7gXnr$IL~JG#qO`eX5vd%#pxC` z9!t1r1ohQ06bA89YNm6R;hhB8lczD# zMp|s)Ql1=ejzy+AFB1BYh*%#Qr8zFKYA^j4787Pf97?dn*)xy>7_kBlF)=;rn)hdmSI;2FSo+O&cW;OZd)f%c{8t4}qCuAz^t=_J z&Pj*i1!(COzz)w%#sk0FFZ?dUYw;#|6jCD*3_rckYh0RJtIY_Z>Y1FbH~(*46f_w% zW$aqXg;2XWeyw98XdC|!f0%cmz~{lO+sa0xxPc^FLLrT{nD7E*)V+W zbvA}`F|5ffr3XA%4H65=e+RRV0!bRR#XSF7zn~KMX^z(RY>P3vB({dV7}nIWwU8kZ z^+qpMGrF>3(3gQC3L}OwD5+VAwZtWn`vOY5~*}+y+Tl`zvPum^q zcc&KEYe9wg4Fux_r&5mrdG|(^TFvId3|>7Qf9JozOl(|YPT0-S8}r;>)$6Xg=-vGx zx0-nNsBxC=>K;ey?{={C&d^-4nE$GZ=zmPelOZMwNTX>F(m&XO=g%wQnvNe;Oi4zbeY8$a4 z6MTLmKMlGQxz~nSRQkt6w?+EGFTNc#+!?7_`w7B{&qjjYH?4i^J$ndHBq%$>({su7cKedU+%I1$M6 zEK18#>X4ls!yWr5hz(Spz6hs&Y_;#$yQLt&GeHQj(!_b6f^bg1j{sSW9CpVM-_ZHa zE~^Pp2^x-@_qf@OkvEnW!#)z(e!cI$oHhjC2eIV)Iyv%c%?FvEGk@&0#zg_Sizq$Y z?UP$L9Lh8s7OZgl`pxkYIl8+ul+FFKvXr+lGWPWGAtn9el#b41Yz@FGK(06kS?$4MWqjKbxn3pT8ZwLoNm0bYu!ch^F7azDmSB^LKDF3)5i>b3hXo;dGQp?MAk>-RGKIc3z( ziLJ0&=$J%-HNV>D0w-u_X7ZMPbR$sT37JIa@{C*;sgVNdDZ;KQa~>_)H$v3$GV zsqpA|ceg0tBX8Ig6@5v4eL16PdMkf9V|bp;C1+flatkGs3RrKijAPb*C!M1O*WEax zbohPQxx~oTd*r`bAfl0_2StnTNO>fM{j_D)16Buy52vyqkM9kU)}4t8D5WY2(@m!K3Be700^qT3zJCog|!;_Y<4YuMEo}!Gm$4-l@%x$9*7T)|#4I+#D2Mu%98|;X&X(l;! zu0(;)PvidTpjL@?m!-!N&b?iwI(tZxF>}B8(7rX2{Ki%sR||CjC%gxZtft@agV8<< zHFBcGWu~1_m4mUlqwEd%fnuLrFp*7GMh8rli@J+=$s6mo4 z|Gs1^j<|w}{v?zg$)HR6p;o_|_F4uA^OTBU*J(YyHZ0I3(RA2xujN$_%Q>C8L^)rKc^gm4>Xt`!>V@HBDloW!+%#wj7Z*m+)-eq zK5BqYUDA6d!gGGBUgI%`j?S{0r~hZPt45SDokLtFGlbwsD&Q@k+k5mhSj<2ho?W$w zS$U{%{_q{08E_bg>5+I>pBCUTcceVYb3y?>mK2!Kxf|OcmtiN|6$w!qx4`HAyP8)T9-PZK?`kO17C;vCD zA&X6@4VFJm?`x5Af9-o9X2NCZZBGw9xJ#gJS=V)57KyaAvmtUac4(fiU~FUr+H6ra z8O`G}9llIY#KxLAkYy~ovpnNj#N~Mf@xB?SjaYeWvA{n$NOW%NtXDf8fq&t_C{}-0KeFje#up6 zYHeyg=t-0F$m(9~%xyYY*5Wi|1?P!zftHYCyr)=Ei} z2IAA)iPODu_^x(H{MgB3^YqaY*ei;@DEteg%jtFbrd2+)q2C?Lz%U^_E&XP9c%5-M zL5aco`lyFCyt+JHtbBBymSaHV5{~)L`eOgE@9v4871cpwEfx(W&je;mb&<_|;nDpZ$0eNZW$=i-mrIB8Jss23EeCg-#oK8%Mci z(gK^7TWep1|6bv@k#w&DKgz*h#kN{hV(V)>PytN>6P)l*Y|dAux$OHy%zOs@O4bZy z5?!=`96*@EL{JAi`fDG_=w*Vhs-Nev9-fN}%6L(-@Y|-&lv8G;21F^0(25TS$yq|L zVsFKotqu2TMjWPao~8f+Y$oClQ=1wkiV|eLOP*CB;ojM?5_hX>72keJAV_P>$hupc zMOgEDJa<1YPUHLcT#19AL^I)d;cl2HFXO3i?qIH|%>UU1UW^Y?rRV}P&9#yZ zUla$1o8#f4u@HdB|9sGyLR-I~y=2S;>_y9lx!Cn~i^NZx(S$6;1Y-HOG=C0hn|0P1 zV_Yw_E94$;`>*ypWb&dL;ob1bZDWV$K-Hs8ll>~_2IwEiFX^8*SgY#|G8uUf{cm^b zntD&@ZD*;q^+&*~ci#xZK>NpI3`FSmD0CPferm@5fx5tJ=IAzRDTMsK?T#K>W2VN3 zFUX@syGXFf$FuZY&V_okX;*o;o_BetJfVSBMi=y54jirxv^oFrM#rRfvf@PXXnN2S zST!}=DDo+a-p0)(B9U_PUdN!r2yhZ8gW=OM9vC|MDWkn6kRws6#34EZHI+~fYHiq@b({h=ad8sA^U%5CqiD2< z68dIQJ4xa}d+YYG5N8TZ0#q5s4{{|YZ+r-)X_WETxbT9q{FsD}_;G(M&J59PH7MD& zy7qur7h_;O)opEglD3PAA5$3qh1UvxKtuM}_=FE{ZBLKWyI?#~mB=ojGu2&qd^S*@%Ozcj;pdT4Ag zFZ$<+eh4eGSU>n%`!7yD4@IjkA4!8xAtvN4>u816X;*iF2>^rh^IYhhvpkn-i&y%# z$79!@m#wCB**YBXobfGGZ!4l6FR4*?aMcgh5d<0#6&KvP&05$<2c)Oud9AA%>_Ks5 zVsd4gC{}8gUX!EeT0}+B_Oa=@-Ric_Uz3l1f@Qq&5B7@YDGevmbH%ttzEr=wfb+)177)a#0Um>S*Y8#RO@rhhJ_ zsL>!93>@hrv=gG_H!7Wxv=BZ~QL|c?S#!8gfWa2uNi@I-_!w;gyD5uJPDjEIc?d)( z&(&WDi7Dl0F`pjCm#b-}XUe2Ui#L}5b0SPnWnV{tqRd0hzl>*d$fd2OAHTeU2`nXHmkLG5A$| z*q=CKd2Sa?psN3_yscC+95(B{tyC0-@P2VulGmC= z<*QEI)1Qr_zAD8!i7FYNVS`uxw4m5R@yb=f25VBJ$@NU{f+U{-O`@`(2|6R zQ+~jE@xX2@rE+9)FQ7SQEQSs%kak^HKV^snRnQ`5i|1T<$KxP=`dp~h$>hp+Bigds zvbGbYRXo}WzhsC#8q>cYl@oQJ$x4R4hNMo-g|I~G%HCaAm!#uw85Rsns! zZH)%?_=&^fd#G?J@Z1FwB6(IiPSE<77=O@Zv#GIiKoL z9hrwCR+hc|dxZ_TkHh`Zic(MU&>CEYgY$IpC+OhbnG-w?{*$KSw8CkB~n)OBAlElL$o)10@#YZU4v@J zhZ0mFmQ^p=n+rOdqBZrIQ3b;Jp~B8KhcB#4KO+ma$UY^- zLCK15TtPam`}fJ$o(sNxpbboQUL7-S=pY}qRf;PEQwTk{5*P#ganK;NBSqo;8o7VB z&D11@&H4)YVSok0y6PU?+ZEwA+~zlUY9Yu?%$VV5j8CY$VuoF~g)k+rdzw`wugz>X zs}b_5W83M08np2!TMKkQ zUSF$To}UoD{v^Yp*)akS-mybvzay5Y!gGT>xYbSwz40xc6jmY6c5%oDN(dn&hC{zB zo>iSsM0Rg=+HfdTVnp$XtG}h&0i|zeJ@-A(_ND1l$hZky{0Kr~2<;R@yd#A%!v}q4 zap9j+hS!__iVVXLQ6Y04;9utOl?18VbvLA2&(@!#CR|8BpG&)a6pzEa^$`dv+O-X++= z8o8_9@imx4sAGX`v2^Y+e?v%<5SFjFAtPkKYr)L4=yTouF(Pbm7(ENI>Th`3A^oFU z#rL*f%J>!xUhCozyJ4R;c~0=%mLIJ&B^g?$_;#fbdhiN~*6Us5k_6 z8al^|$7uE(;T$rN+L4YDZdM|oz2t)V4E>xwSG9q` zL_EIW^-X_QlEHTR(0qt?-}NV76#S-!0+yPerav{)Spps6$ueWcd|;mt&m4)4mHJni zPO7Xws78qbfi6x}E|EG(uoD?h29JE z7u8Y3RcctI#?u>^cE1s0L=>yQw^eVyL|?LKrb<+*EdM(bD6^pSe)x;^EF3glH}MC&>{vt2+rl2GZ~r@2 zCN+kVfER5Dts`Mx`$;dF`5Z>?)FUbMY9`p07=MGb!VDAH!SL^qX;Bp(VsGQNvcq1H zz4_~z9%B&W2^?b+8&W#B#C<+ylu^j_C7GmjY~@IRfBQS}U9C1o^?OrO3~m0^BPjyr z-SBG_Q{RG%SIyZ}lWD)j((*x}bCBCwpxfI`Z!B%D%wfi=Qq%*2v9q7UF1DDz?rFxN zQt9^NLM;35sX^PLUx0z!^iJyixY2}y{%~g>y;#+gj@4l~f?N9~sy|obUn?RVwBb5` z(-$8I(hfXk9>+KE8LAZ^`m+HV7cWXxZ0YQl?Rmx>q8(=!&m@+=1y}*3e1GSDpTRJs zaB9kip`P!;12?P;sx+|FEZ8?J$G0qFc5*-dT$0A~zqsWje$!%^fY%-wWD;(VH?sIL zouF+xe2Dw;ClkfPLrT8j&DC7^*{&4G$CN3&wr4@^QA69b2jOoxw>AuW(Pl_? z_fvHuPLGh?!TH6s&r78X1|5&%l&3-_(H~`eRbKJy>2d#l@Jmh5kSTsvHD}+Qxta=c zOF^_)E~PtGmur0ySjj#kBkP(KC-5SexM208dUX6zuLHU{3DEN?z{@uOsm-7a3&0-R?xhGID?03<$IEX?(EqfOgPPc5bE4b*9`7!>jAAULd>n4=)|F&M|}M|>RxyV=Fy6&C}o|c zq4&H=HI9l$`|eNis~R%W%h&eF1Lb~H?X3lG2HqlWR#_^Pz+!K_pSy9_4$lfvQ5_EM zHB;ohIs6LFK&05%5x-e}Lca%_Rc4P?(_bmSi`#Yh7WK?DA1IbsYn#a_fc%%z92;6S z%g$*IU`v0Sj1v4l+eN=Eb5XR~&=HbiWS^ALwE`wTI&|c0NmOBKA2kX6$E zk*r2V(~1mhtW8~7t3z{s&OEJA1wig;=evG*60T(bdj!4Z-Nm{zK7h12eLD`$`$EZh zPb!R{5aRq$C?AiFUrLh$cPBbSr8XWMZCXj=XYxn(t+bI(Ekq3!x6tP?R6#%p``Gtq zLC=ex5RDZ@QeI{_{|HV!o;JUZ*_x~uboI-#hI;Q>)-5fl45%~`y?*U)&$tG(n<$rm zm4McfqjFzU5LY9blR!76dE<`~M!CH}zZ6&U*K&RLJ*1FF7j2EcSx5vIwiWFr0m1?fi?en{LWB{v`?8PxfFEirf74yI(D}K4H&PO1!+Bc4Tvp zoUVMf`!-ab^s+lwdc3YfN#R-d%RKuvKa3`1T+V*O^(yrflgEfIw^pgxx|em=fAZ-L zs4-%?T>gB8L>nH`^2+dM$2-0ZB(75PK!g7%ZD)L%xTWjwd2gqR;X^ZtZd^W=c%%BS zK~^~{A!0Qjniz|j(wJSP20pVPM4O@)n@cEOi^6Y|9q7eX#B8~#NNZK zJJ`mwS>F08VJf31lWv%aq{eGo3T~pMEV14=$di#Ir6u{k!Eu=Ry}P4!0bSfHP{`i} zW8Ze#5QxiumG?kEVyz@K5R@J6eJA?ScLt(pTd{c}H~3|kEilUoEIz8H;_r8CWR2{GJ)L)=n-eXycIBPNrLaWp=dqtk%p!tY<&E% z(lozfT#ByXbpwxQyEpOgU6sknXdu3E~=b&Xqc2K-Lt@@W`zE&(5^RcFh80~{*wcY(eS4v$?@ATx(cJyeB zB9%JJwL??#z}KD4$K6teZq*>YS4`fww%_9nIPoy0s&_}>&qd5K)_9!EfJ0D<`b&x8 z*dVS2=(}HCdK*ER zqZ0_fIo;#-T)oj9oVL{ioaZ)61EV!!rgfEyT^J;KNM$oA?0?_(ddN`=5Ioqv|4th$ zeX;eOw@3j_T&%B*+XX@FbrzG3M_{lT1YYEpZ zz4OZKD~5(Ym7-J_SOLx>$7^+Z3UU3Lzj^dU9n70SLpb{>Rc;hse?O1kj%Q|oUld>w zqBuUB|I6`Zqd2}>t>D3w>KDZ5EA!BxJuEQaNa_J*gCD*QS> zhxs>WC8F?RB~-M8EhJaO6FtJ@bp|T_Lq#*1H8WTCZUao+9phyG$=IK6MfRxg_uu$W z%AYO+b8nv`CyY}LXt?ECD(VaCCxPr`Ppc;HPoH~ zR`#US)X%GZnp=ODOsp^Z908b7Y-%i|E*0!>h6cq8r<# z`r*K4-zy62Htl|{sP)8N@&>*Z^RAtq2**4P7Qzf&Xrx$Ey~VTz^%Cee-oE*hVs1bT zGqZzkY$ zZtdwCr%DvI6@niN+J|qsJ#fIx-7}!>M`FF$mA}5pFjNJ;8};`4OhP7$1&{w~z*;ue z**tBC{3w5rx5LI>NS5$cG;z9?C=XL!QXW5KCd)W#WWqX`-~9JY0LPx7SblYh5sFr; z*y#9M@=%d!S_2%t{gwcjx;*bXsC~%?S53TAc((!RC$~6$bNj5qD)~U^NLAae)wA^0 zVm7LrXtyJ?a@0J7%$wB1lEcs;!(&@PD<=QeO*_ArwDCOl>U+iE5KppZqKzw4f;A9n z)W?JFc&jnU>@)d^$@1Q-kfvpGeNBmK`GI74sca<>Qrkw|nzo z4{q7T!l3mKV!28;rHWqO#tyS!Wn0f*@>i`MlJBQP?NB2WuFo~EiXdbb=d3L{x@K~T zb`CYh@vXk$;DMeUNXG!g&!Fn}k!bRcRT}|aN3`nuesQ1aQ(=5;I8T34oL#~jrre9E zE-}5{g(^E!B3I zyPtFZpNR=bS9#H>^aucPIO(XCL8bTZM?Iyv;i~=YA#Y9(;DPOBS?(ooSsHgw#H*UY zoi+Nv9Y5^ZXs0lzH%6LLUniU>*BtWsI^QZfuzooD?N+5`Kh~cow_JO{>cDBiK$K^| zZ=?9GaZ;lAXV5SQNQw5BSB8h-SOwnKe~@6#Y3L2@M9O9RQ*osO$FCU_W@m0>`f+q# zBLma>b8NdQN+NT_IiKp@?+{G{s|O4VMl|)oe{h|-Pt>6fPl{cwKy3IfWzcOla}hWl z8rf0Zqq2UlUIqTmM;DfbQ`zga!DB=KcF0z8e=~vxDS3pe3bxEemAApmsWZ&i8dB~| zAk*gD2r8^ca=$`MlNnt=rWy0wIOX;+IK+JU!c{Cl1f?`LGLO5@ev8Ku4vfO?E*U*7RPDW!QWvF5Yi=Aw1>Hs2y?&}5|P zWhr=cE<9=LrelbIZJ_j*xfDC?U)wjNnIOo9#O2{)e<* z+O1C=zi)YUdw->>U(3pazmb7su^btxcUBLayfoHx*~8NiH&O?Ulon@VjSMJ@$Uy!_ z7(q35ls-iy|J8V?L*{`{l=wgB+&{s=_EfFP=T;*)J!bcQ!CH zcC&V*IPoqyZz7a;;>+?KCK72D?Jkl%eB9bvnCtXphQ5Ym99xVale~APv2lJ&Gm|d< z#^>=+6ZGC-4kh#vchMbl+c!8>YY{lVJI#RPGjJ_7< zC`IJDiM;*f(*1X#?wj;CB`KaSRmz>wE$C6`1DTuiykAype6*e*yN6}FJw;`C&NxBj zC!oPD^m+KLQA>zWf5wL_no{rYGrEd$q8>`9q~=Q0ipczFpov^?)C~+*dREs+jJ?Vq zQ8=JfJ(3~q2_}_Brdq|_X=zjmgX}6N&sn`#OG=5q+Y9k=1RZpA6Mupe`lx;k|1d)) zqiMdf}M&v~J3`re|f-XnK+THut#_;*nH8bD5ry1R11$$CA)k zWxoG?cWX?EhF5-v#o}3bY~oJ=rBzR>vQqy7RWh`cE-pZ9T@ZWrhTOhyboZ^e+tOaU z#ZC5Tgb8CNZ+1a?G0g;Yx_`E>R|d#ZU1uRidFAv9d);%iU&QNHyhx`O#6McN$B_Vp zeH;DWe@eQ!*63jtv}S}U{;;=f7|SA7^8QxFzJA_Sna^-S=_7^_GFWyU`p#(mfsx6z zjnlGjJ{Pv0N^OU;%Zvf(_^U`Tm|d`~cJ^6RoYZMo%7fF6q(Cm>iq%&I!*;Vxc1Cj` zjqwkI9Q9wVmzBarnuNnN(hCG%tL(8L$A*3q*M$BZF$M&!BmtMwgL~mEvSKv-oBdF~ z&hF6ZeNEe{bG69!7e0QwkY}HIJPz0-`!Mdy28q9O+hRoAR-4pAz@5fTl+iL8CQZ1> z(tWTYMU`da+vul=_6XV5kABXUJJnoIZ9>$2SYv!oB3_4$O*>GL2Tqq7SbK18Fi;xUiPL0bq)=B{RqEHqJHI8q)60a zuesys3NPz8kwE_~H=hHiTIyF_U6zo1g=deUt%kAz6@s^f3NI@_DNjGT38+psJ$kFx zeq@pdZzOski8$2i!3;_sQP&ae<|60UtLFLyX&jDSds1_PIjycuw>LDF(i5z{9xi3!la{Si2C)zm6bsz}Y>b=WY7c@-rQW zA!;gIS|8Lp=HtsX*3}|o-#xhGXgjKaw#&o5C(8xtLeY)7E#(o3Y8Cro=N|&z?%V#V zw-D9O{B(6bk8MUO@j3^3Rf&xV{J9t(OsT^A3i77Fq_^)?H9*kkl6&FFJwwV}AGlIi zLZf5m_hoj^NAzw5MSII#sc#bsdN}8C#D!DAfPf?$v{E1zAT;wG5VsUSD9X^d5&PD8 z$o@NRA_su7c(8F*u}v*C)e z4nzO+B&ze!Rb9stj=1`n-t*JGQ1+3Fywu#Bw7B|Yq>u=xSS~U~x;k3}1Ow5!Ie0qZ}f`erfx&S;SH3^F3I+Bc?6d?8n;=Jw_eTi#$ zpHJ7scQjl9L~9g&3?cihvS@}=ftp4x^?msXzD_A@U(pC@^ADU|7*?p?!%Jdz2biiY zG!)Xu?E`0Eo$2q`N3dy4mqEaZ6{Zr0b*E(sx}awwQ0mW!E?(->rSLS&YzN`p@(C%5 zE`LPn|Dy^%~QrvZ@V^(rvVaWXfrl zU$gD4mpIY5RKWHodS~m--wT}B-TC*>tSiM0L02Q&1{hs9Wx9!SrOK;J zIymL8s5(muGe~PQXoVFR*Z4{;`z-Jy%A&dqE}xhJi?aGEX5$v3o^d$^%%nx8Aqt!# zeaug|9i&%`fz)Ts1rKkP?jdldm>MyRr>D6kG9F&jFt;W zB4Ktn^lY28_1&#Lr4@>&IhQk-7ewqYsK#mUIX? zpkksuwjha;K5u`tTgG|)4+x?sDFLVOYg`j(X#91Xe7!~q;kf@&%W5sNNcb=n5k^D# zz#>mBWpvDJPC)dIsRN9}6w1$r&Z=4ApAkQEmi>OfLzv2=Slw$L{J?B%$ySG&AqgDJ zImL;cKTTeDa~ihivez*mF{cJZO~}%nZtd)w7up`*V>O?ua`tNftyiHU7J1*J;KPaW zfN;Qo@A)DGAonpxZsF5EB+h(Kg-%yi+rNiDGrd0>Z{@7ZmtXCY`?X|AZd13fPop^$ zt^8r!?%J;{-w-t&41Brw^>PRsU*b)sxlN$2z+Z-KM?D-DAlpA=oQ!SfZbFTJjsA?y z9=-F_Fh-zTm6Je4w-?6gGn8+2SjeQ3>yueXBTljk{{(LT`iXj=XAoWWB!OSv=Ye5U z2|xjNV|72*JP&)aUgZfp0*j7}0;1^JQvW=*LVEp&674GV^B1v=d}95RUJFThp3j_8 zyGi?!zajo@?8QvUV3nRO>h)baLw$+WZNrYEt@ThB80u5n15yiaM9(n?W48w%VWSQa zW!~^0mu&rAmpN~(ZRT%Kzaj{S&u71+ft7SyTZukJDlx#uqeZ3(VAKA5T7uVlV!=U1 zgL3Hnu6oAd^#%DY)N=;?-OXaUQavl(4e|bhSes|I%$Lb8SFLse=&eifOWOs&D^!wg zb-yX~YY<+X->>FhpGPbr+mdZFX0aPw^n#?tO>BE#ec6@wbRH7W>`QndVSokEeqQA| zmG0N)JR#=sE&q=8!Z5*CHLi~-hW|!PgLO#1MaTp6#&OEavHnYJV7(r=qPpo-2mR#{ z;TIGkM7wv7EH9NvT)I?tUvjVr7SUQW1#Wv*M>HLq-QWsD*KS(gCyUa+kcrNy=pFU< zMo;@Utv5nhz(ra7!VW|G4PWtU0q82+u2VtHd_gbh&3^`@d^srJiB!ws5ND1nYN2+O zyXlEwS~bu#r*0t?c^scY)eh(C2HXRP+C__10}s|6jDXBBhjoFmwwj z4N7;1v~+i;Gy@1ow;&+h-Q6JF-6;$)F!WGE-h83DBLScjP*9)V0@ zO8F#QxE1sVSY)#F9Z>)?`d|Xd>T7Buxq53BPWavMLPYLu0(s!h!vLNIoOs(w{(EMx zFygE;B<2A%Zql;K58F)6$JwjtV>|!tjt8Zdei2rDRdhXniNPRVh?+gV0XBi@YEC`} zSic@PGMsYV>_m?B(GdeCN8Vxu!{#{|=)q71NN?LDo19emlv|eC(6CB+Q@C!NvcAq! zCc4GIIQtubc~G2BxV-l#GM3PHu~#(t-tjy=)Czh^bNkFeAa)w10mjHb$0n&vo2Cn+ zU47(?)iP78T)(nu%sIz4s70Om2HA|BF||PZ*9;o-oZClBUK)^vslv^L*V8-Fqe7%u z!^+T;*FX(YyM+M{!LXt^5f*K-`qQA=;BhxN^K}Vdyx9@!jib#PO+)#k?2`n{s54hc zg~e+FJJn(BClcF8;9mT%F9R`32%pcqCx0Herrp$!&5C^Vd*}WP7ktHSzg6@< zEa~OvITEXnAt7%sL=cVQuwu`$US{6ZprIaU_ixHka0$Q~Py|2V1E@;GE>4w@?BvMy zwv15dVW~YO2Kw%~lid*;b-YA{JFj^J9y)-=*+V*8)nw2Ec;he2+$C5Dr6AH~ip#&2Vvd4cu|x9r^hUag_`~iejYtuKI2%LmX^4cOq17{8dGhqrqf^K|U}{V2v@*lYNs=gF=V`_#4a1VfERcw+1EO>b76 zFEnScp}A}eCkj?BG{2VTP^t=BS8yQGLi@78CU}MGMw)ga$G@F9*1>ptPHq12i7=T_ zE-E*ux)VJF3QTJ}y4NOq{_=!=%GhYRzNLJGQ$4ovVgI^K+6@aFxAuJ|v zh7z*Z$Qz!gVU0bipXAI+f9oR>?09r3Oi=1p2X`pL==j7NmYu#Y{yoN@_!Sd+L--rO~ zZG_k!DP{~nXWo~XymL~!J|g2=b11r2ca?*E{TZJTlCh{+c~`~dC&xQd*v=GQs2xHo zt-CtzY>0YXzRd7(Q`zWhkBsrf)6grlw51e6OJDeZu+oqqtlB}SMh@wOY;x=|6@@N# zMCg1(cQf0>j@TN$m!e7Dn_S_NdW~{{(&UsfY+B7C2}ox$s`&uZWhlFB5Q% zopDymucPd79(?5U{TZ~8BeShpX$$HYn}Vh)epMydK@g z8HwX%Er*(zg*rftPQBS$2xzMVP|Vj#*k#SQu}$HlVz-}&J>=uPZcYbCZSY!=_szSX zOighzQJqlboGi~y8%)H@#01Ug-#gAEkdxIc#`o}0a%G0fg4b$n97ue}N3hDH`(C!}Do{-g;kO7O`oNjkd*grCbU)Q^kdM$4VMyH5rcP>`|V8e+~VHn6J-#vi(vO zV{c@Dj0Ugs3BRJgl_l_JqVVK)#!Zo1iSxJF`y6ZRis$6**NsTVXX-071v~ZGWQ}Kt*6CZqOkTA&;~%y4cE8)@ zxH?h>4B-8WVC@vYd5`rmu*D%sp!JyCZPiTftg6t-do7)b%Rngl1D{)I{s`3GHv?Nl zErc$A1E2$!sYyCCB#Q)ZZaraH{jAcfsk%ao%lm3iK3naEGAwNsQG(7@okYmq&xufGT!&p&5uEEace=b;ah!O>%;5#xoY*CtS8lI(qzNTf zC<1M9TzRh@j2!ct*xq`*1tq4=whJm;46fxuFneuKM>bt97tV5jN1VQ4xA~#?G$N6o zr{yP}v-ZhD(wjb@)-B$^2H+K!UCSAmZWe^u`g-|#43jf6Qp%x5{Yd9jCP~R^B-hEZ zO-%uwtFGO_3XHiZQPm(hhtuvtVB*3phOhG&)GrVul{7jxSv02cWW2z=-rbzPpSUlL zD#MY^!|&B0vM`!REt+#Jcf|?y`L55m90;|uI%u;hvhYInf9@VmLB)=xOwt@j?trkT zpK~8i9NR2-m(8 zvxK2A36;7k{cZx6o^Kw6w-fn48+drNm01gpfXkpGR4`5K4E3M{`@L3gNzOV|Y6*va z;{r7_yyUCBZ_QVLCfBSoBr$s8x!SVaM6s!qq zW!Xy!GnKW-jJ&Q)34YQkv?sXiQ2c{vFa-jnzRyJ_{u%z*)L?CXS(0rM5}9hW{_9x% z5To_83N?ZxsRPD-y;zjsQP-n?s^YEO>JwRQmaTAQsx7+}VejH%nmTK#B1YTQB&h-y zRNJd{(7e$?=f*ehe9QcMfy`Yb`(q?9pK-?!i~I*C3l{kO+u?=4u$nhM{HJfZ?5>A# zyvhpCE;~xi&?I8gnMe`xe{a7bve32OsS>J;`>hY#oeO$yh=Ac`xomh@t}4$$7*h5f zPGF&xY8oFy=q}@WL$$t;tU5`AY*7`vuq2xM$E$)kpjlm!mw8Vz4ouSgdMy8Fu&W+w zfoNWQ{aHj?_UM=|o0-E{768vP+rRU^ly|8SENZ7MveW5x8d}~;(r+&&+R?k*j z3Vb~oB(|yj4J>WgKgHR!u@HhCYCJ*##k~D!4exHYT&B>iZ7Z9%mA0gxD%_JLQ{3r( z8qt*cWcwO;NcRkg+PNzW*SU)-ciO-TZRWL^=rZN8CSgj8@d6)VEku17-kCX<5|64R zKk{LkS1hIY_J4(9T-z%Jr4fFYpNgo3P|yc?Pdy zK6=NOy(fyf>Q5D&yr48}}I{3BU@u6C!@ZVkRZje7nYbHHfh|ED&lc;#hq zz1dW3z~)j`bK>a6y)WEaBc;_mu{v)xZat&fTH@+0@RQbYZ%U7qr)3HxXnmgaYQ5lP zY`$vOkQuvM5--N;h+DF4h;2RM4<`G><(fZzG$Z4$nhpPku>TG4&)nw+O;Q(zcNg6g z6J%nF331tjk}xllfW`s7DUnW8HT;zi1d2JarTh|@(~~0bmNbREq`{xZd-cmACyVDa z-F#cxIFkAsQC!qcfFY6Eci5aVk7N`2_u5Xv3kUO7>)nTkWp?{?pZ_5cuq$NY52I6a zWzCk6*UNI+7WeL?o)(4;howk1a?6`dxTC{LU!?z6>-gX!8?*TzViP8KMVh!{EA$N6 ze4Xk->at?{#8Dvyf)~$>1PHV;#&In@DKZN_ge(DD$lzPmq&^MAUXUv}xby|tdVM=7 z7K?b+JVWx=T8&-ac!7>~zg#--bF@s)0UXipy~wW2y!H!sQCe>~MwNMg*|*6F-&mzo zXpV)0)1TXUR;JUD6oB@X+n?5r^@q^j|@b?e<%vkimA@@OR zkGns$JLUx1AID97rDO(}kyW&7e0$K^o-XA*QwS#Rk-o#^{$0*qT!8eY#6|F8g;Tju zT$}_y(X$La#Qn2b$$wvQq?>=vHH)2NY<*KPWpODgw8(CsV?B0Qaz}ZBE*{d*%0uGT zNk*Q^d>3>k_t_<6>2))A;Uz_C+Ij>`phe#Y4ysCChNuKLW28r>v}LO1|QB`gA5KViyWI0KVHH6Tf*6;lBFoyn5?3V6F<}1PgD~*Mstk`fy|1KyGb-U z``arcDnGjpvjoP>-44sCDHlcUmHBo^QRDX4ig z<{i&dU6^87pr2dB3)4xcG>NPKAjMShdTxe@k!pvsxT|Dk>TQq^3j%`%t)Kqe4zf;; z=aC=V^mA!hIJMU%QypAsH2xo@0m%ymF&j$<`P7)}?tT$h&J}z!4?AR5+59XdY@0Qqp<#(G|)+NAmU)4{sH=1yTscK7Bq^08^^IYjJSw+cg{YFND zQo+?F!>hsn6;)qp^aWF-e($XEz}T7w*&Gs&;cxxD4wakz8e~xF@E-fg7UMm;uGFU5 zBj&rGEAgsvh0o|)&KvmvHd z9pppTcZFli7b!luQ5#Hpxust>RWRp1>C&ObHGCLA8{AS9AT%R4hXO7tq#*JaW=;!~ zuI>XyLVm=HqiH*JS}zU-Jfj}r1(o{`9DP7$N2`Gcty_bs$G>HNB6V($sC_2}K6{aD=IVQxF-5@bqrn!gsk?~mZh3sucl6b3x>ZE2 zZs4tz_}?yGouo^CE~z*WW$@v|`Ck}K5$}3LPL1l?N7CXzp$HG{Ikc0;2eyAtpn<$w zRT49}_*B)rX(%;U&m_7@5$hjgg}!lTa0_m)l~zNH;w8B+7io7Jjbw3mF`z){7=|)o z@iH<&Tv<536ZZaIOo+}Z=)pLe>%4$&`?_ncRoLuSBxwfiVAr8a)O+U z;0ecjM-aSP4l(4fGWV8@#sg-*ZTtS4P_VPbDa(2NSK5u)t8Bg<0f=67+3?sqM1-t` zZr0IVz^&CE5t0Y=@i~^U-=Tg0=(F*?qdS*QGO<0`?8mM1H+hYP8HlFC>Aj!@K%^tZ+N9fxZ*Bt$(U&`Mr?`DH{5-4{(?!*_q@ zqqFm|AR6r5Qz{{M7xf$t~*G!xAX)ilb(IT zx!pKf?_(HdQGJo}g2zKp4$KLdJ3z?2w18*)jC_&TR$1-||9w3c+pxekQ+TkJqSVS9 z9<4?3tBz_48;(rHPW;=7Sm}6!7mZt{ZPHl)$gJ59zlNpcA!@*t=qN9~M9!T4Haru>^}DqU$B`qx1WAW*%(Os2)hKZ)o0WMW`NZb+~n}SsM<0 zVsD5=1+1mqz@bmi{mJt0BvBx6(W7paWc^qoVVS%ChlHxU;ieKP*r;$j9OpGm=|*4Ei!d#6nNdfG2S+6qpkySw7Ezzm5k(caKSR+r_lIeP8BkAw|u0H&naZl0znP znjYk#T&)Tlj&ziRIDG;qYb6VZyqhkJs1zzyO=+wayNW_1rmEf6F`f zBl95SLLEGtQSKBMTLbW#;a$?4Xm!#Sj9r<@+{1cW0SaC}Yfo>x%`-5B0{P8uUf z=XeLeN&Pks{&T}OA%IZy7D__bDq+Q+QmosiZVbWhF(pAl5I37EhKs`OcF|2d%ZkyIKIzeKO&Y0vY_3Fr=43U z5zLy4+?QlW1@MFDR3gt%5seemClYD(0HbH~U)EckA;FbZ>(f z^C)wwdxAz1_|6+jOR=-mf++r<-@7y3|=x5zX zZg6<-eoZpm8{&Fp=TrR<+M(D?c?VidUGNz`oaDNh+m;B;%+K&^rKoJUffsAqK&gsW5cJGeT{Pl>^?Tbn3P ziCpwoM}ALl6CQ4{uFeiu%+eOBF|+I`3o0FKXZT&&$XB`0Ow5WYuJQjuq!N=B6={@l za%4zd~#11i39>C>yOsH<*d?!?Rfqcjf;OBV00csY%|Ajue4q=1Xdh zQ5l0~7abJSTCPkFMJssjIuCe{A58zF^tL^8Z+uyLbx%jmmTA}4(7gVw07soMEQmUg zn?yqnuMF&?INOq+*aION-;yHb5}``37VHg$}910}>fc}EazekDLfCQf93jSd= zoL^@pseymq@hs1e$RDPSr*=YIdV7wzyUW@qQ^Q_a;xInq8;D@Dwt|CbeKB!fpd3_{(e3Qs9xN187bU~c`L@!8Y`_((XUZ^SF6O zKF1y;Vi@i@=M^4=!bU}>X3?E{@%r8L^Yhz^VVC+`MHIeF^O29O(WdkA%N{|8$N1at zi>UMAzIz89?}`QZE`j)MXWp9FeEuTZwv)wj=u^YN(8kS!A`O(9bL3PiD><%WxLD9I z(QWa%JIp}o+K4Geb-n($w+7+=Sk#5D>bX99zJN^`n5%S4-CvNCj6g3o$^I}kuYfFP zh;Zf(;Ya}Ro?VM%u)XiFm(8)GxdVv^HJq$TzSQWJ!DiBK_OckpcWAw!L&SE#`4?W8#+OzGA=3soH^F?+9l6Adw!L8<*j&Yb0R zwLNhm?BH3NrDgqFOn==O)UsCnGYd672UR+kwXKTvND$flKGyrlxl`}zND;}qwKvV~ z)Q}QP9I^K+fcp?c?s9B_93&5u#GWH;w?6>DZzjMux;OI9Lu9G&l3jbx6se)|th$Ig z2Yl<>9o~@`vk=BvQn6+J1Bt^RyOYX7+KD^1FFbqX1*OUQ_L5io;&wY(1hbvox7Is_ zCS7i?+c|kg|AV+rDR<|p)}DPgJxQSt(cz|DWcnVGJoy(Zdq=x3Om%f>mCj2qs5*lQ zu96KBp6Ua#@92az*f*KIEG;xnXQ;_9|*UappIB$XLv%)R$SCulf-snLy_+W~`@l zbsaZ?J0j4JXT`gKj^zL_Fh>XG9(#ee7I>MW{<&#~@6G5re?|kGE6k(~zuv;l0Ega3 z$`MEoYvd+O6<+mw=gCq5i0X=Q707z(cA>zTVF;04i?qG`CUB2GvhD2fjDCm9FLJD|+B9z=B(o4 zH@;d?eiwW4t44>E&Mf3|GpJfdW87OH#=3DkFjV`o_FpblX~(QT>JAj6c1L>TM`G*{qc-BJ;cYW!z4_08pIXYTeZ9>>i@h&Po0)*V`Xp5I-o zfkKY*{;U^Kk5fMw8Ev)_=Hgu@8xrCNq=Jl_C{pI=`(R9&l0R% zR>oVU|v2t&p_A|G`@JwRb>nU!cz76~A z@{GxI1#~>_8jF>;#M_YK%cDJ^{U^FgSlqYH$2-W=b_iQXm~?6p5EzdB;3vBhT`6IB0;KHJrW=<^ws4)9 z0TAs#gehfM#NmVC)mD^|_n!Bw+W%4YKz0)hc@7!ZxGkf?3p0T0U;i29=e~JY{%z7( z;(zh(-r6UeDuz>h;Q_^4h zoIC_;HWTWk^Da|zGc7>{y??4gu&X{c1lvK_unvJrpD{=E4?NvH-KcmevjWt(4EjQ_ zv|4*k^!l-1(IIUBexu&-7CF2-y}U4a>h!8qpDA>?X)GJ$({wyxW>DenwvqXC zx52W~IKJO&g00_Cb{yKkiUpl)aCd%81Dwe8@?R zMjM|m*J+!V=3RFd5?!=Cen#2~)2y+`a7(bPV5q;x-9F=J>&}jgHwu~v0C|Ezi}w&j z;c{$=`~d+hg+15qmHp7L^6yl~k*XzTRbhc$c6$5F6zQ~@yuddQ2WU>Mx}x+#Qnr785&?YnU8{1frfDS_IyMFzS< zDQ3Hv3YA1cZ?%ra7t^$L6_OeQSa-A(HMKEr@xiEvJ4Z0!c5C!;zvo{kdBka3;$0h@ z6ed*0Nzu3c@FqGm*NH^=j0^aC;FGUW??%dAGg1dxN^@88gRpQXX`s5VspBoL6=j5w z!yhp$KS?y92+d)e*+6ju-~C->j|2ylov*5#7w0}8-ZRb7p3$k?F5C1psLj$gLX@ZuS4=9ZkALG0@?|LKs6mgN*yNAA z8NB}V-pOFp!f5btJj*)~I;bcHZ$iyami&e?%QYQT&Tw)D(LS|h?tRSFF81*nbv9R7 zN%Tpz@LF}oyD}vHQ_`9Xq`oR7nIKvw>W4V+MSic0;Du3CT>LH?z82bOocYzA=%lc} zPMYw*O*kjO*8*0;O3OuqH;CNGEa!b%r<2=mW?YANpasSi=ig#E*&oI?xzMgFO#Ll+({GcftC82*+mn(b z_VEU$Crhn6A$=0^GvM=Z`kC7)dM2UM`Ug+n&>!g&TPnv+8*NRei{!!_=Xe*bVfaX? zdpn3oh$8r(H$G}UWJz8cA&N-CXp()WRo16H+YRPfmcVE`T{vWh|yNLAE3+Z zz5+g5i0Ov#BMpjZSjOP%tYWl!J$gpjBoRv%JAt!-uEdHVDGkF0@W15ZtPTW8W!lGL zlKlrflghYKy!w1TX6P<~NK-g0(u^svCJ>wU=H|Wf{np_2O3w29srQD|Sgt>#c@Ef65U@kJXV%{64!;F$iCl+2k!X8eHuHR!PH{F?hfxV5W4w(EQG z%Q$_m6SV8-=e?l!o-n?!(~=xViU=N`hW)MfRpyAlkBjP z-rdT`pHY&D8mIYP4Y?2x$d1n-h>a5|m@!y4;Fe z1wn5-{@)}O_Z#kz*(`x=iltwemqYR@ccu$*Vkk>aJgfXWJ{VTF<=B3!J(yBX{M?mj zGR&1RUa?v3ET7aRQ|Of!fK^nk(1|nPV>cv2;#4 zZ4q3Pv45xj=B(E5$%t1xqRhe6>$xl(G1N2Xp=qGcid{-Hd?)oWM#KSD*CFB8uqx!AtEiH$|!deD}%E@Z(hXm;TYr=hrw`$7n^Jv5){&xq5o+$GK!}kFboOQqTE5x(gH{pA9K&v>C7Gp6>bqzzo^qvB z5a2`G(`ghsFfdS^4HuRhbM&bNNrmIF}7;Kj+ueBZ16RH-jZFMf#;ow;#ZQ|ZB zaf@U?CZB0m?`M#6@smPqBS{G}r4x{YnupmiY-^L2kOUd%KGC8OoQF#QgC~u1e-fO^ zF+a`I&gTUHD-N!XHLwmNwHhQR_wyFqxw(jE8_Se-PKWHRq@cb-GfG66pkqjmCeJR) zyje>KC!9qFwuhEb3&3N@N7SbiM*=szS=fe0g_k+X8?eRau8{)up$POlq@;!GF^8aY zI%=IOP@vIkZDLw}^Y%-~kw4IzDie*8)1c9^XY<`lTS?=1Ph{%{PaySpyN9w0oa*X! ztuXPqW$1|377nNv1UD0G^XxD82>{{_nQFnl6$yCPma9Nlsh!HnhuEP(d1WO*DvqOH zgeLm^eN)sqlp0_)|218u_cMP!+5FBw7pNCIm?dH_M1On%oy+*xCNf>wW?Wy}WlvtiFGEo3xGls91li;Evg&XJ+5?Gx zuV0TCEh}Ty%}g$^7)w&7N6g0IePKy_Wn$ERG02Z`=j2`PN%TV@^p_y&pSO8y4_rC>MXQvel1KR@snrzo*^}gf(aMd( z^qa~xwcYQ$s@@+S_YGkYh)%XTs$BUvz4K2FMUgJpqC^p|aabt7c$tY0o+suCsQXSn zD2Cgq)bHAMdNzjX>{@n95Y?hu?~BC|z>5W&{$;?l$c$_h` zGH*FSpF=9}j;HoAju%Ily3mUabkSVv*EkCr@tUc|*br4b1ZPqAt|A(i1@}ADMnz1C z8zeBa7h(0zhN4uO0K?L9<+;>?gxg=lK`g(f{o#v`oM_ulB5y;lYl6LcCz^+)B20&9 zn|Psm%wAz2RzeSQR&ZeSH0W}$ADg-eLrP1^#P@8!q_$qORzj`c2sD8mE;?#`3!y-@cE3(k}#4$wEE>jz}Gp>Ggw4&$NP8J zs%BpjhP|Su)%A6tbyT{r!OE?QJKIfot8480Uk&xX*~^H8!b8nuKZtu(~7V+ps<-tPteh?129qFR8!d>G>ap(nu_WVaMtAZ&&{#@iqv z@c!pPrv9a<<7$qJS;TAI+Ir$*(Bw&`^aDqNTfDGG6cG`|`F(WlLfbUE2$M zPt=Wiv8WGR=`(z!A{V?cJ2P@$B#2+TXr{h#U%N zR?Bg0_f?*M2t)OQnyh4NiyHKtSg$_|5j8$dtpBFx4+kB3wb(q~b#8Fz=}E=lH&kh| z`zztO`?Xb1F&m*%&hGdqON$oB*dCcw(RxOE&HU61PxCA6L?tFME!-(4-CVNw@`ZBo zDd`*aOaX9LaQu=4`T|O3dz83v_;xnLmZWmRck@T+hULGmuXvGEAfv}nzbN-mNElv! z15#2DY}cKq(*`T%rVad1p2*dL*W%s$_8HF4e)R)H^2Wy@Hj91)aMd09gXJW$vQrdR z*QTV@!@K{}=}hOc&V)yaY@_r=r>_iu`4_W@Oa}R+!Wy}SV_9;B+V^btCl$TTz}of0 zDgI)aO{uIU7__i*#Y_OV!a34j3j?t1g7b=QtnAcNlt%nr(lO-L;A+IX`XY#cg2+|( zU8(OtKBZBv)=lG~o7_u>$bH?uj(z*jx}n=+cpojm#J_7o(wNZwlZ-vC`g%}f7p-2( z2+fb?rJ{r!twLoRw{4D1zP>8}U5sH4Zf4AN8h1JJBa@nQd%p>i+9!_yu@Ma%+{J-N z+6mLPr3hqJa@qt7SnQcbPMfgeKRLb`FyADb=$ei_#;vlnzQG0JEqH?kDP zR$|m$zcn2@_O|TR!9+|3X2|8*+;_7hqz6s@Y#igI%sgNC>OeQmBzAfv#EHNb&p+>9 zxrzT0f9?x%IJGqtdpDT7-;f&>F?rR|p0SbB&T>ktA=kEv)^i4 z@(E=-hIk=`rD3~g${E!8C4P=*!8h`3pwo%}kxE`4smw$beVHfxV}5$heq`!5|3&0q zOX?zK9nL1Z##Qwr%I~zhp{Tk2-qG5`?Dn7Ojq~yMT$+|4MFTbnv#s+Tkw$^O&Fo80 z7QT%AOEI~g>xrJL2Xc9vNoz;+b+YivlaCl7$CQ>WX-bdszSanP8cWk z5LMW4I(Ou2*Z281=W7in(BQyC0eoJQ(FuvedrYs@aT^qtN?0vphg+!hK@O$YFkZg- z6@OWBe*Qxq*osnrBH3iYtvW1d~Y-SY?CJ3ERWc1@Q zKwIevEujy`gdd$0;(B{a%S}kUjtclR3Cl#^=k*Jo&aU*r4=s=E%xZZL+LR_z>vEsL zdAX&SnzdtHcD?hMP3gh zTxfG*YmV~qz*`5g!@{gX7HzD10Uo))O&tSn7(*gc66B!a=EGW+1K)DiytD3NmnUmYXSLX-|V^EP#AC!xUc zI&M)-W49)=(Cd?x5x`w&3Dq9gty{(j#h&8WB$ zb~&z9A4o#nDWpnCgFr);ftSKjy#YRnDf+pT-RRd|huRC=(+!TvFNZGw z>R4(Je{lcWcd!|S(~ZRfnmqTsqPs3@a=`l*v;GN}=+417rsVQ_^6MU$V0Q`F>HCix z9HRzteTanM;tfuaI>P^HC8M%H; zF-vLC`;r3aujIkA`o_jsmAyyAII<_I= zJ2X(I?{+6zdWRe8E#s~aj&qWOu<;WYWerS`wO?3TBlX}RAWzYY3#%B+$E^@?R>t?ZI$>?H_c~WUY(|+rQ?h+?x@nYojF>( zWw}8JDLbiu3w-nnM*>3YTiWBgmFM@)%wH?H#n^ZpjSz&Awm3yT_6ov^Fxa>7z&&pc zGHfrn(Pm4GI&!^8V2plO{TR*TCJ)ShZLi1IQRyHq&1kj`DTbYwC|)~_A?#nHM^s5` zCkXg&6M5&s@+y_-a5h z#A45(O26|yHqe(i>JxrvIXAt>VMyXql$96%*ZR?qr!u<#`{Y%$3wmE0)AVKjyx zZ_}llo^KWtKxZn8)=#%$R>vDDXw}(9YtG49;cX&@@xz~!bK}GX9eF9AKKyl;TnA=< zpKdgw{+w;GBT60U+|hE$0NExK|Gtj;)5jHUTQ-AlsP0vYLyzEzj3lkq_lD&@2+O+U z887g#HuMdy-j8a2)(|I2l$#Z!;BVwa-*;^rjsanZsvn}MH#SmbHQ&=P7CW!y(8+@3 zbJt$XU527AigvW+W>e1}H9Y?1uh%sAbbV4u+-BY?5AOz)f5B7Ah>{bnLDWrI(0JP68i^Zy!aZ zC4KM2S3i`zgt5Qo@Y&iMGcqxd_UR<5Xnqs+(fr(;yMFlH$bb(s8Xw-Pq>sJK zVIy6Ipoz7=4SkEzD3|e~XWRxsy&MPfYPc#)ivm9e2T#Su#jT_K=1m!p}hXyGG2d?b$Pq?)n~d0s5n0rz{4I)U&>; zA|kdk4ns>Mbju-7ifDOo+4Y*eWR@nXp67d^^Q4kinumhU4N}GM?`y9;e)bvYXiysh z7}EH*ix$3hzjEjN+yjM*i zBu@FgQd{3l@J!;8HjbcdM+8LOp_xXd@6RSkb*-E2BjM~|fKaXYv}PhfT*%xsxsBCw z2C$mWei;efTO&{(S=xM+!qQ@c$wrTOI4uP6LWzA^?7WFc3FAqDfQmr-9ZMF?o;JME z@Y4rwf5gA(UYP)igOnc>vkt_v2e7~PX{8Z#*ind2ul{+hO*DqQLj0-!Y^`EoYzwEF zx9f|(4ARAWIO0lLjGvPxPLvtzzNa z)W$_Cr0HcE3KebI03$ib7i?P>etAGp{Gyc zLoD@ zr_%gjo8R{@oBO4Rhy`)a<{<zGQ?P20BbASkWTM8~>!}FG_PqIW;>X8Kdf`X|N)A zwQ{@asF{hDUOsX(=5R~Kd|#=z8X^+xIx}K7d=Mp&5Mk;hcsyOi_3$z3D&z6f zOW6o>h0;mG^SZ~#){0Xh908@>buPa2rajDL9xyYANMTPQ&U(7B(}d7~m}tal@TkY-r_HQ6ppa*F2}pcA!uhtN0)#a#Lbd1c~jqCW>{?zk5IIpFMC@tTcZ@HMwqS zWC6qJ+n~F>@0k(JghKMyQZk@XK>mwk)*9MYwQ_;$1S}_y6>)J~zwvq>4BmtbF-w4b zD7AoHi6#p@_t!TK9a4%vLrWKziGUl&dW?(auf$+w)U+SpQpS{mTt^>+&xpbo^(l8%&DuNfK!4G5@Ocj+1?m zn_Gi6dv%@7T_wEkA}vb)%%I_4OnWrKaRO9?_rK&<2$k36c%Jr~_t!!5 z6(`~+#zy}EFRctJ?(Om%&tirxW4Zpw(Ckn(tY++Kg-k6h+>~-Ta%}S+`Kn~e7#7E?HuoU8M1Z;)|LtUv?FUxr7(mowl&1{>I){ls8r=XQ;zv2k?Un}9| z*gQwX@FI29+e#^8_mW?l_<6^|2(a7eDBmG0bKnr{ucpuGSNKctKTGSYxWglQlmge) zi6pT2+-`0OFmloh>EZrs=#xnu5t2}m9+m94@NHVbvWPrVTTQ$C`Y5F|D~U?zx6-G`|lV>Ct7@<4(M{IFEMH zQ>w0&#KNh+M2s&_5W20{Q}(UO?DQPukKq|+AFGeqF~1#NP>>6M{&iSn?p>bUl4$wF z&K!NCT@#=Db8H3#@I-pesFY6}ZnHg*<^5Ah``%b&r5{92!+y?}o%*ijt;k#B&#Y*F z(|&M`W%`eofjgFvL?~#wv<9eLklS()N+ov;Ue}F(KJXoW_sFDz%bN&}RD_ssjwFIV z$9%A4Erf}xrHheTyst~H`$6V)F(^Y(XR9>Yy_Rfz!t_OiFCX=(zuQ|rppvs*1F7!n z&t4pnA~ep%o8*3NBAh5!22=8U#Ww=U8@zw6o&TGMElv#K)4O4Fe=)QQyr{>pl>?i8 z8+X$zcaQ9}i+n=;1G8TZTXwv{a*vccE+KD;5&Ep(EOhc?%scIEP&YM*oo7S#U|4X1 z=gvca4y*nd2U1lB{AzHKKy6L??jVz_8vIKhcp0jH-L!pZy>)F?qGONrdM#9}eSHK; ziSTT*$j9B{r@j__+i9{~9C}sXR_#y&NKjq}l0l8_wTJT|ev296IStK&h?e(C|NRCk zC675GYWeS}j=M${<qG-HDY)R_s9cW*C8b4I zVItHgyPj+Zu+E99j5JVXXU15)7ps}!U zPOv9>@R+vc7M`J@S$xcfjqb@+FfO{#FJFHuu>(jL#o61XhoADhtl5US%%K`KHlj~C z$Gr77ERcEF1d7@|a+;ZJRK07PjwtCc1^e1HBXT zNg~fVMp|D~S^ts(@6|WobE+% zHHR>!&G#k}4DZi2j}7`U5dOe-iq`B5!0U4f)TgSRx0bXqE_w3w*LFTG+AHv z#ZJ87^m%V^GFVHs-f6B|KwwlyY(gqd_t`>F@TO6AA9whaJp%6*l^9h76KAq<8~fYK zr|9X(H?>3jms@_XW7@y0Ute1^haLKbE>uNHI*?39r1wb$$S)-C467zFookg2q|Jze ze%JO!%6)hfJjQdq059_{lW$3t8A<|FeJ53KBE5H2R}#Ie-j>kS8yo$|N~llch?m(W zc7chp`Xyl)YcZ@jvg_q+aD|e{i(JsxCnc)LVyK?`1fC}k;@ujO;qr+4T!AUdVKQ99XKiurjmTX3B8iOdk-+tS%yA= zHvxY}ucOF1PTYy_FUR$`*P0>{6#B(R2EyB7nKmFR>EQ>L7sDkxvI%wB#?;zt?95Gj zrUf{O{DOxLgRORzp802%{rb$_E#|E~<^4m~bqDhiv2r#f&Ns6gy&0DXZ;vl52CJAJ z%l-|L9SCQF*qAR3Z2%qd&!!#R!rKPC%uEzc$IbO3!&)}4d|T;6H7Ze-%Fa=1ipGQ` zb4L3N(sY8XqOL)4E*n9ic|+h_%dVow+G|fp3Fejg2-O0Qh5U~eI6PNNbX1lPltoVF ze?~$^o&lP2$G?(?buu{_aepseIGtv*Xjx$~tF*dBU$;f}xm|d23`t40t!E60&CGo5 zq(EtVj#aHipeHwit-gB$DopCi61Sk39Co3JWY+RtZ^cE1CaB{(L-Q1g&Foo)e}|TA_G_Z`G%|s=Q=8`oy-l7WyloeR3J=Yul0|nNgPJV))@~1_{T) z`szjv8Ft=goH!*Rs$SUOlP4E=;jSb4+g|w!Kjy(BI`$kL%I$~1Mg6Wq6i&n?8FG%3 z6-KOcVarvPTsDLT=IX(tO?c{Ci;N%2?%2EKsY?90+uB%}+S(ixWiS@#A2FKV)9;TX zfBP@6Thzf1n96vC!*UJGISzF}=w#n}Qoown`@T8r(SQ)-^!yE0pax{o_u5n35MJv1 z1N$OJH(Kwbt6%qolLN?$Bs@z`Op_ULusdzph)REUnYu$5?RlXZpof#cP}FMorfvC_ z7&M~f!Ob;4Yb|_Y>-L;|JM6E z*Oe%Bt};Zu1U8&#q?He`LS!V7&Bt&JG9>dQBriGb!I;JypT8HrFbxC)vY9pP2r=GL z=m*Mp8>}y7LMD60DGjiSskwh!71reyw6N8GedABBL^UCgf9rSYUh*l^kC>Ti?SVW5 zUxsmd5PU`69$_2CG5c>ZPHbYDWR4oH(!iL2OAGQi1%>#xhI??4Yt2Z>B;!i|Z9}n_ zV>KKfkHC~4YoI;Dl^7usS7QJ6;S){PC0|)t;A=zIgO%5J_*)7BzqskD#VhK+()5VX z{5d{$Jt+rh1?yKg<1RNWayso^+)P1Y}dSx4lA|V;~E(n8%!*&ij!WF*rkTM66wUd!hiK= zZxV$ihP6d298dbAd_1c460{xr9RN#X@03l4N~wKaf&r{{TwMDpZdicX^K3%Oxr|yUl3_Ww-Exp@mU_^}{^>n(Wz7~8KO&blVDd$T z%yt>-1?3m$(a$Rge$VSGat;HfC$N3_Q5r(w?~+`7EpC+qJUBo|?vKP>$&e|Sz+ZvMkb zA^PbEzt<*NyyU}XBiq6qmT24&#uxYkS%94+TbXH!?F|oR=A{d7b)N*~%F@HLt%EJhB`OLcDDF_`3>FA& z>9{>tH|}Mnn6rhpTk;hxpEJMWb-zk1`1IUh(A-Z0)4IoSJ2C}1*hCy0A;q0{2gf-{ zYDPKx#JWXcxD|6?8I#remeoGIN%4?CX!vj;={xj^j~UWm5?M)uW>&sH^(Jz?$U`G#}G1G)A8>NT@}6C?Uj;o0k6--9CA$WeP5 zTj!I*0gE+;#=Gm1Y~LH-5hgXm@@P&ktnyx!29~HPyR*X-J#$(e4$qrkG+|--3{^vI z1+@cnpF8k|#m9k9h^1m$=^6_mDtCW@Eqyh%MWp;F>RVM{P#)1IHt3;gQsVH!F?mCw zsPgGdf(mlbMjqmwf{;jXXi}90O%ZbNOd(LMoX;6l%6?Cat&B`4jE?Sf^B9Mj8&i_r z+0oy6?;0G@SS)m5&7Oq`B59*3!*By`NTzh z^|gF8CVHVT)c$#fGt_7wG5ws{noxh*gCaE&P+U&m~^;n9M|H+)!pY}C2Sa+r&!G~xs;xmvu;l;yO7MmOC4uy-r@ zqO1N{|Lh3;Dq4saUCs>#3}r>epsa`zPULhVXzzE5!qKO|{h#FVuD@h%)&Ro)>ZHjt z|FY}*AyXp00EQ_m%fe{Fv3I_6M}_A6qq8lKFb+9YL|mXuAoPuz*OX2ul#BIOuw2#J zy?;q;Z;GxG8jT_gC!T5Mz&T@Y=#rd9Aa=<9X{)^<%uUZ+|TEdCk z<*AaltsiKHP90u8cA!Ot?`_4CB(aFz$McU#)Rf&r0`K&m>Siy_VQf<|f(gy#f$?7l zULVlJiO{@`gPCVtYdXVoluQOU_b~;sSE8pRrLtDk`;9cESBKpVnvTgKin7F0`DA%2 zA4K!2HWb%?oX-1>=<8OcdY|m_XPZrEI)Al&EC4M1YwR#vFJ>iI-J^xEKTVAQO)DKgo9VeSn$jJcS@)XX z^ST7Ig}Tvn!&^%0qXE1&V=I5gZ!FfrK+Ks~^f5EUy@EtE80Bp-#MWbe+b+uIi`*tm z?G9_KK3H{k1IrnR)EiSSZS+x|6cidr+VdR82z}Tcuf^)ZdR0f36tXh8H>H6T1K_ac z?~Qe%p=y?R0|811&y6G)9fNXGEyv7=j1>WduvzbD9VjU*AT@sesy0t>gtHtX)DS-cc|R##NbNR-1^8(q7OEYj~?BkaXY zzPL^qpa;#C8lo)!yj-7=%e5tml6?DxrN+@OinOpRGC)<|b7D_acUvxdPbZrvJTFd1 zrynneJ0NA#xgAfs@Ao4x^WWVLH7l}A4-(H~oRYrRf6ro2ocHf7dK_UKIjV@bncw!O zNH6L4sfm0S1Y}L#u1Y*Fzm}$THGR6vfDF#lMyS*TirQT-&J-MLIC1y)oa>=^5dFFh zT+v%(f3okysaIqNydC_K!uEQ!(*O20R>F@$hsk0e_otALok7!*#oOB=$ar26UmJ|sL~aEpBMu`NBX>YNp!C-)MF-5 zy*s|n|77<+-v1xx5O*~{{p#9fy?r0CBBFBOK}6eEb*b@@a;(3bSq)ZGBi_5=GxQ!< zF0~a~9;!yJ>1;7yJ%`u=r`LH;5sV+QS>C&ZFl zht@tLV9kW^GQ-bI6O*;=s>(#t3_g60D{s+D7}%jH<3^H8US+` z-gHYV)+v`LSGb=+TQMGR#zVQv@@VE<$~l35O62uO?{-V_Ks9_qxS)D6c$}o`cK;|g zI-Pg%RX%a0R@mIs)KH|dZ04{CYI7`7%S^uuPZq865L*S)!MIo)xq3n3*0a#uw5oLm zGZ2UnN|D_pwf6?-KJDXcYhzdWyB%fUc_-RanK8_}`D{M?mqhYRT8fy?&i}MGsmPrk z7gdENoj1*-^-kp$%v$Z5 zV+v*82nC-L`;?Zl>--^P9@#XC)rkYsZ_?U5;t}|@_XF=j z=X@53_!Q{#*1Qo&y%rsWt| z%kfRnUOqCLxi2%#gUYS&TON5{Y0iVq|7SRwhW)c#Z21XQ1J%XW}PTg_u(jaFB4QCNg>~ieuX3b}5tcKt3-8Kk?t4~w0&ugzO zOAa^6Eu09ytW5HgZ$!D=G0KHvN5)L5#NC=>emdgefRjW$6u?GYuj~%Q;C{tIZ?j9D zN#TX(%#=1HD%Xu$sijDjDl1L7G+i5=hK&EvFVr`aGMt~x&LSS%1LrLzO=1(gh+bT~Rxz<*eG`>4FsRZEx1ZwI@drnsd>nFw#{qTw@NVaN0|Sp6ngIZAlhuC7w*y)%(MgA89!lGtxlBQlBp!d_~J{KEsbr;U2 zpZ8oP%b`bk#sEQ|UI&YtMTarV7nLz#`}=;vCtVe)jTIEEMW)yPi{Zy%y6!yWhN7} z7?xr>eC0S97MW%Ww^_^T`94oc_u~sNf$ZY@mmR^Mnp&w~9O4CI+vE|7fj#E4Z%WGx zg18Yl$!?Qdj`c6<^UK_YHeS?lOIFsul)=NaK$B{|(xo(V_Z3NN*r#J+kbOC2HZ{~?q z+sCXE^~}%x(M2maUF#{sl)$vi;}V{4;k%pOl?M%H;+gRBgFLl%{pu0`_m~nfEP_UP z;iF;Eo+_+4OW;@#eJ(?~|7(9YT4!f7mcKmAM_A7ZbL6#1<)bw=VWEGEVP-~W*JCqQ zC4HPbhN;!0suWfqimtNT#>SvAz&f1JsMH- znX}{LXu6{#h&X+;{+obdyn@(dNoMfRXCZ>4u-$++H?G)0P-MbaUOO|6Gh5KG3Eo2I z^YK=XuEXiSm|)W|fffub|KYkm9>&St9C90~0u71B$i|7jQjM}c{uZ9}qFfq-i8GeX zAR7sR(VpwBXujD-;bQx8h!ohmr^wEtD5!TIMPUN!Q~dD zAHzZsvsQ(iATrl2%@y?PC)x86+tZ%aWEA5QHa&AG)o|wtKWx;++7MX9cP=;)*|cd~ zD*ROGV>rp$O1@-&!9OY}3#Zr)sQWXq$URd6dB#pNLf9@@#yI1{nqX?X2HnmFFOmha zZnQ; zxnlB&w}rH3exTT9Cwj}z!=xEhjHb9{$UuVCPFu#|WvCkJakOR$mDtz98e(z0+h0_- z=&<6lYYe8|w=c5MPnil_glJG=W(`V^w@Y*9`4RW~`~4(MO2w-AGL|~+^mAr{N>P4? z=8=O9f9c5d#6QMcC!~;J_YAF3WV>2Nl;-IV(xJr2hE+T0xxZFnK~f~9_%g3Ll(tL0 zQmxX#uNxopSR7G5q}p-hq;E}BWW1?rmrJq@VPvO@Ad{B@}K-l1PZ^bT1}|<2^zDbEWbrceQ2r4T}fxRX4n?_*U8NY6S~-eBZ`-2>Ke0Z zq7zm53Oak%N_&G$;3|#T}{`hjBeJqb)6ra%fJh$hCS;+mRGBQdUzYI$Ga5vYGj`qH!>>rHd2p6x) zZ%_@88kSQz`7%}}j+UBjOxn`JI| zu58Mn4Ls?*myuyXOnynbROetKtMT1!;QeSWG@{#q%y401z~^h_jqgA}wBxz6UT|M+ zM6E*nigijibA=woi3hjHq&7K|MWU722Rat(76+f0F}cj?NG-m!TU33H$zdEFHunN$T2jQdH-?C zJE+I-UecZj>!+4?1ZPxx0o;g90c!&9|rOEVwv$4DB<*9?1$AHOwtn(4|Ap`c4uxZe4uwJK3uSM`N{>yyza$08#pg@vC~EOLuYLLly##S1u*fi zOxgG2I-ZD~f~s#?Oq~17RJ%T^ejKigbm*#oQKre@}>PbGr`%%nI8R85|uCD4qe-Hr=*_Rh}b6K68?tlt3-l`vY|DSsvU<>ud>YFiWwbF zGaf(fbuMKg8acELCqpMJI`zfhg!nj>`bi9&U-*_NoTXM{lHbEoY6@=H=vzeo<@B|F z;fRsU6s~G}G2Eh5pyE?if@V9BeTJW3T_Q0DSFl*0$G^6~qT89rU`E!!g!Tx1dFu(G-s#k%-od7W4tr*bS^qEV z0}|xF%WmGcX2O@k{r(yJPV8%x(|AZyi0=&x@@{75lK((L1?ZkrmBK9eBA{>qxqL;s zDwY0Xvx4#V{Cf5sp9b7t_d*JoG9xwc?CI8Cq?g=Psh!zFqNnzwBtIjD8G8COW;n%- zKV-U)N&p}b&DIE5pDf0d8M>(_frfK@JQ6OtUIG9fpI4&sleyE93=4?ojUPN56xhT83|kOSPz;V=+NI+P>JItX;UrJG@JMDu?!& ztE2>1=<@6zog=zawwNn*lkp4aTUR-vA@HAnH_EyN^_cY;H+pR@ zqZe^KwkKs8Y%!JuSg9Aiy3u}?PxGPtc-8s3{B@YEJIb?TBi83xmhgT?KX(xEp7Ol~ zh6}gDqd_33&mRv-Vh2-bG?7Q-gTqv&tkCi?VN)8yAn-T>I(|Mn1fS`CUPN(4UO|4q z?Hio(HmOM*Xa!9HcpitNf{@|L@z|r4;P(koz4_xI@MH+xJu1&yanwJJ-wBo5M^_Jt zh34A|7(*>V8nS0gEQY+Lj-7;mVJWB}jGEaxwRL9sT8ecc@jf=~ij3w;_w3qekDDEHFrDF7v7Cr8YX8DW2NbFfRo09z; zy(D|ql(a#PqWHsu@Ww}~sYsSZ0$@tAH42>P2bLU`K#l1&*uklCc@&_F8_lCbfco)pneiEYNBlwxQ z$)|ZQk%wwcP_)%c{`<%c*Hv2uN$udVx(@I&tg|QO%T`2U*POfVLzJmkG9R^jMcl17 zm7&O4qCS<~Q;dClPZ7(=?Lfu}>|cp>`7bOrYM~)2-%HEvFuX5wbS8%aB0X>r>u|If z>HVlKVwK$hOAFra0EWJ8xb}LtBwP8uh*NttgTGsfeK$ONyoK!y}KE zrmGMvK@8*2$Yvw;aVx$n!`pU8g${Rb#yK2>8~y;@^rSvQXs?@^%DX1--ZS1i0LnVq z3^Z-ot^wJmp*KQ4yJBlBr_1fz*VAAoNYcTf7$%lxljL<%*hMP=ouE5tM(mIlS<_Y6c7rgEA;|)e_=oMDHh=74lTjnFI8TmxJKc_%a%POK22gjjK3S z${R^&>ANR!FpEhovbLzJs{sB`TGk?`k+5?{Na@|QmWDQu%Rk)f{C7;r@UwH3B(*je zOWM&Y5a@mpkc2TuPo4^))*R*68{ElYJ`irM0i2d8xJc!TV?j ztYq^EpPLqpbu-h%zKoQyc2L3++hv~%Y%iB_3|uUB_TJMmT%%)AG1#>(_X%>PcA8RM zljUmKB+0u@#l$xPK=xRgVh(x_Qa(_f4WZdcX$pBK$}N`TJuW)U*ZJrvdT36gdR!b4 za18vXvJ|-O#8(vv`C0isGZi8%Z9G*ufR$n9A+e~@>{=Jkrd6ye3TO~(|A`fUScDd& zp~Y|3app?oAF71?-9vjfr9KqYFQ`?7Lo}QvrlZvQAQ2NOr(M-`ZVrcc&A(hGN>Hw6 ztCgs6640o;N1HRn8Q+2&WBHXW1NXf?@|bd4aO~9|COgSv=1R%l`N7Mg+~h@Fp99b7 zdu<(6zmlwf83B3~qBX)1fboYk7(Bg11mTb6m`5`d(I|Bz(L{bT zfx`I)K9lojWk?yX7ZZy^htZ;Zus-Fe*PC(+F{ri*@m5FT9AdUZRN-FNrJF4Z&?Uak z&g|f#*v33%3Zmg)Z&e-fp!^Z<`Fo_}y918=H|Fg$n+BIQvI1VZP*++!Eleu3S7z7! zhAWGZrNjDj(f4E1$;NlF4;e2WG~|6QA=~;zc*B234mkhazC8sxq9+eheZpYq7`25| z@DG=$gM_>}7m2%nVcg-4PpSa^W~l7(aOD3Yz}+R{c%(MLMfGo=!4=6GwV!J00H5^y zmm|B0jCLj9G5L)iv2HqP>SjpC(2>(3v2Cd}nD^;!!1gSzDUmKLUT7*nzJF2`OO?g5 z(AgW1V>)-+Otjf`4AwZ%Q$ZxF^gFibk}r1q$-zX9PkjC_3r3tD_K;aMnqh|FFyCG-Bwvrw z(ck6(o%fGNqHjf=&$SM1nqPJ0ddOR-pJJY0&h{q65!(tMSDsvJVho}oYNSBy?4*c6 zG$_7z7|#~iEoS32auiG9$LXqYu*0RW*zgbHqrg{(Ke=;ySQ)?iow@L`yA!n{_49!< zkc~jhO2f~Rp-+sA_tPkfPm}$Qy;_Uk1INTgX^e;hDnZmW*P_WrDs`mKiYq)eLcWAB zFf~SkyvQZ{Ccn?(W^$H*I=&L_g8GP8xT&$cD?(Tr^feTs`QpVi9Et zXLk~h^Vh0jQO_QZ=c^*pm`3{rNO}nNxXnc@9H%PS`81g^9Qjk=B8m@Numb}(glo6d z-IyuKNr@*b56rC5W=Fn&?g;t=4V}WcgMxpb4eBFn-TfZE#Fy_l2*rHX8DYE1iCVxK z;)%#OF)?`Qipdy!J3rqY68xdlXIr?X#4_sEyB`y)$qX+tb^j~x=#MCsMrTJH6zubj z!;Mk;%V}Ll%aTpHJ-iTEDZ7gck;`2!**zp)J|4e`diq>@fhWcJ zLpAr*K9$CHeQsgicOVDb>iJ()R^Jlqj^gY{j8tu*A6VO~^nIo#`y3LY+w_6DCPyE> zE(t_AeGocKD!e3;V)c{jcmR+Z%Hp#qCY$r2V$=IFf_qP#Dc&|kNkq^sy$TQFChD~S z%+dWo>`ch*4S@GoMysw%=5>vgDmDrn07&RG1%1gHyb>(U8B~6S$Mz2*IRJ37 z+IGC}$wL1z39(T1WBIIV3zy|LdD-iEa8-1bo?W3}vaX-=9Y{oQ=iDgpWqSrUHVaWvD46GIZq2E!j{ zO*R-1dnJ6-ZIivRxft5eDIAyW_@VDmmzf4FPDb>V@b=|WX}C*LGSgd0NZ6#rb*U1k z(NGCfCR+=u&goGjU4t>21y7A^e{ev$oOI&R4AD)1oc7RX!@u}Q8{hba zjZz9q!W>>@We^6nOw00nYyJRtDE{#r@F1l`sEew2Di+Nfo_m%2w}raYjUA3IjGhvi z;IC?#lSazDURxBP2~#9(-t6#^(}s9(1=J`mUm@*zf>^4gmT#MKzvyViACb6B%#(L- zjVZeuSf`PDw6z;=M3uKx^*^-JmYdmNv(b<0?sWJYo_Z>$YsiAEXjm{l_sM8 z`ej)^E?io|YnV*Fzm}#aD3M=Y$lh1?A;QfQ7--(q{82>F(q%}yAQb!4<8K;PX0&Ta z8kXKDhT9Ir-hshb=ciS~i+RqM1QytySU1Yy+Tfn6zw=~@SlJPasK41UU3NVL4+*~I z5#Y8eN2LA99ho!j>*D=U=6r88C!ZL>ESj}AhUj~SzJn`kdoI;XlrbbyA=*LT6!G_2 zTGV?nNjhexcjElc_(NwkTc8BVLsCp?6R}o*7!!7t_(R>WFPFP7prbH%` zJdmvrY?ws2L^9Qb(D2=^Z_U>SF8X>z7tiJ_gALw)+jzgNdFJet%?2k-xL77mF4Ri@ zxn=5j#DIyTV?4g5((%UfXx6b`?*a4aE4@cUxt-zL=AVkxy8R);A9FkVK}L6Um8}%m zp2go;B2`Jrq4lkZD94zNwwlho?}%F0|6sbJ{r;j|REND%ny(y&wrmjL0&ZVxv>sW1 zb-0;+K{<;#&u3rVv^#=X!%Gw*6Jp?_i`eAfs-Slze=4|_i}rZXkEz+zoAuY59%#6` zx33%HI>$V^g(K>*i(D3l2`_XzmKAVBE#BpCOXS#X`e#5Q4=IOBt^kMq!AQ{mOESDy z?wIgxFo{xry4@2Msc7d4guFK;18UF!+cCJjaHno? zydE{~ptXgaM{sFbRv=kd>6zea$=H?&nNMvh_JfFgpv(r6-y9afh5z50K2fu{j8 zy}hF3fZXco?4zecA+(RN4{=X01G5`8sX#f zE4t3@KeD*-19pE712Hbo?B24Tg;qy8--h|0ZVGd70|11d&I)(I>(Ob|EwC5e1zQZ| zXr)u0`R?T;r0T=jPXBu!OOU%rH~p^V4{5vF_-593qSvHj1TdEauUVH(`QK%!#S?yZT@B919Uy7oA#13; zeGy;(uI;kN463X?7HIs`JYa9q{pJz%`I-92cK$>Z!RPQd8~ocV=39QB-%E^(P!`<7 zbJO!u>l(T8;~qGRG0JA z*)H}f{5k0?O<3qr>&)+7P-;{e#N?1yo@m-QcSbK7BY1J?DGy2JYv}o;aPqTLY|gTyZU645WtF0TiK*&Ll<&zN07ww3oJ_I z7ZCE_M#s!WH=`F@Cj=3pkF#6Foya-bAGTWM6*eN(3+|_JX zJ53)WLfDr^YUZ5)D~{*=nK1{&fSToaBGcATp_xTfdgVy_D z@Fc+>$0e!cSO+;&IL1Zd>`!FTYS#)6R$apub2m|38!)zNnM)v~1BRniU()lVeeOR6 z^DdzjcBNyrZKIDx*F4cS`KE`PxSnj;l}}U&!jIk-K*wq}mYsUrPUqRy_|G<*MA6g` ztdq#_Vl_dS!#RC4M;Y6>4n}=-4bEs=hC`0_E*z|Gl5H$*M`3WU8#)~d zH{`jwEI3d_+QuomIup1W8ybCarP6kJ6uKw&AA=V)$h>X7yXCPV8K0 z*Cro3OL*_G85#5{Km&Jx`@Tkw0mo0xceRstyf){i@28-7;DXY^F?1#W(O z5X_>TjG6f=y_S->x34G1J%1KOcgZ()#|}fOw_SAj#XTMb7v!=~(eM(vwtRc})6n|K z3l8sD`|_@TNgZgt{*k5sfmGj&z4+*M$d`rhaeVUER^_xRM;S1?=?GJVq6Nm4Y@8qC zIGZ1+DcJqmLtDCO75@&+Bj#B@SdSk{r1fy0K@>r*mk(~wPI!)YQGA?BY4K87^ALd5 zPb!Z8W|CUTFQgxA*wy8);~$%fk6g-VRFj(=f30G5~?}$sa+HS$6rE=lzW#aAW z0eW=8`FUpXbUa_|@?>SLo2d;}ZB(Ded3R-8(3+*3d-E1RX^;TXG3$1JH;wXA*l}LK6OC~+%ElLvx9wW^KhnQq zP}nA2AlWrEeJtllJmuF3O=920HUV81ZTeE#?$Pqnv&9j~TwG&FinICcesb>;I6QPU zZUL&+k~mWJ+Aw=QBpcbGA?UG~tib2~n}}ek*3f>Jta=iKU~H7dW;}@i}YDM zCdT@bxPRb*WGjHs_z18(QEb=XS3N+pTN%^mcL!fCvK^}nWZwT2Gh1JHXQdOb8oz*L zwJPG@$9Y_w^(s8#zwH6+t5Li+fr`@cSIeEG;CYI!7QOFYI?BD^I{fw-_XE3W1b4bo zCC@M~xR^uTZ8y2v@3mSe{GlYn(}l;V9zISzx8r;WTOcPglMi33UW&229%^ZeM3!Wp z?Wzb-Xy!k zteCBN=iK>^N=fF3>q{$4)aV`Fhdk#%>GVe+IOv7%6XUGtf3t@)nh%vfyg76lpGaB1YggVP&QAay_PzGnE3U1#nv|Ene$a(q8eZu4Dy7<*-I*@Y8927!Q z2*&McYzdx2E&|5@)koFq?eitKuqVtl_6J#=jb06RxrdK5(*8{QXJvmKYUi3N+6ovd z&lZi+_BqTp&aXdsx!Aww?V&3ztGX;D@LELUq@GxM*ZYg%t(#dlWqlod1aNl+K(20Z zjz!>;6^rc9cEC>|h?B(0Ykyr5DsH6WW9qLtk-DLyBKwYfMUFS3?TN{Y)G^o1H913D z-e^hrJf|Hjxn7)WDX@V+?EFMf!N8PqY>{dW^tLWjVn~ZM@|<-YLUT8Hb)l>k6s0rV zKX0F%61U+zF%9vcPVTSZJG{IuO8r4hZRH%@?a|rTUZlPBp;(>hW+6Q+Bm8apdGAT_ zN_%6Rcf+@sfWou-&$#_G*Ue7^JF<*dsSM7h2Nv(;k25cZ9bGuK#>RToDPfd9B~&lR zw>^w)*l)%D?PvJ^+0V?Ahf4TB8-{rK!0bpssG^PtG|J~fk|8;;`os>@x7JBEy-gAi zDF+V%Tb^oiRuYVu>WX0xs@4~d{o7$+);LdJh;J zRJDMZgGm4lt>z)El}|XvG;ed@~M-b5yPO`_=*PRbb+Bx5YgrcrORLHF_U=me^OU~ z3eU*zb*1q(-W&T^FNjDKQ!;nw!tTeqX1>w7)j3%#+KL@&ZnjUxsUXo@sS;u(U7$@_LLfeF zcJS+_V=}c-ZuXy~Qad4Lsd(RSc`*NcU`#mOj|tgp=T6I+x}{)e$vgd+(li~9K{7J) z!AlUr+k-Vh&9rWXKN3ZYc|*t81>%`0C*N{165Hs%9F5{7h^(QUuh^^ThBwF;hVd~} zy;=$LY_UNi)(pCq)W7@+8##X!=5W!+-Y!a5i?1%y?|?Usk4xWG@X9`e$XL}b>j9?S{jGj_oBJbLcbgFQp;52DBR3Pv@2$=;k(idguYA(1 zCt2E`W@O}B6pD8EE8wdMu0gZ=Ejrkw`>TSH()e1^MDhqybLnh0`H0zH7J1!N>%h27M}kA3l}d(?gx++87>ed4GiS@y^(@#{NOc9$Op_q%?)M@&mk4 z^&k303byIBPCQM9*K2iln74Hyxdo)GFGAA3KwCStH$Ftbg|UUOc;ID75D(J{+^baZ zm9{P8YTdjl_5)dPk+Z2rbL<1l-x|>mkh`K{!f=K0-63@+z%*1hu>IM;bvGD#@y8xL z@Urtnc?YB$ED1JzSi0RtwgopTkFOCw1w;w1I_rt+Y48n{Fb?@aW!aakgi>)hMLm7- zl*7b@Cv`va^oJmsT_vNliKhobDkoeJx@#ZPxsYA05yksD!;fz0cBdlsLDjWg>q{r% z)6c+q(s1+#2x0ALIji(G*}t`J75`W7N$IYoJ-0^c$Wj{S@eA+vc^|rdt4Ki>d@Uuj zIFg8fE>>re5Jpal#IK7T;P7pqhITL(Q>8`3$%9e~I%I6(ZlQCOb$)k}R-uQFPQE-p zva?RC{L{Ifu`@we?1R-a^L}7jxv|3+yG{ zrlY2YPk$on^h#4q&cnWL1nV*b*RS=ePGRtu;%Q%d4IL&Jt*vcyTsQk&sfQS^Gh#?a z;5Sfl-rAri+Npu2@P;>%utH10m3HT8BQ!vMa7{xyXIIjo==AYh3PRVFrk4K_AiTwO z0`euUtCaZgv--0VGm4T^9E~)!C}3kTbt=OXe7Ja`d8{_&@h! zi(MA&dDO?^ZjX||8O_nd@%%XF3I)Q)YH+rojR&~v;&qY%rz&8y{#_Xi9!5%( zPMybP(;tVL_E*sM<+#vq!%**4gFhT+0_$(fPc(2xE9iWj?<&=ctyUr`^CJ;}Af3Y4 zE05i=g};n$uaRfj^sMPGET}`IKaUuCFGRl#Y3woJDep??EuJeRv~-_z7W*Y<(v2S? z@m%U5a>Zyyt;Iw_w_r$ zsEziz8=`-H9L*ei{>S!K9CY36bK&0A-K^+e>0`>r@}qfln5G+G-!2X#RF8R#M^jfM zIz=|BsTFo7)5DyEC>o|Y@LUZj^q|tlAS0Q zYI?+RzJ@6zVD^NM0onQ=ki`0JkrL{B3*p5XBF{>TDH0{P&-y)_#wRoHL-39BFanql-y#@GbI21r40SG&WO1Znu%+} zpOhOcFZ;K5T%A@xTA|(Qe0Gc%aD0Em94|vo*HfPxfF^LEjz(sa5USqZxM-+(HU{XI z-g78=Rp#fH*uTk@+hJcQ&j#T(bRxSdWP7PT%og!Lb=G>sG#V(w1cncv@;BoANk&In ze_t0RH(e}aB~ZG}hOnG#dhb`$Q(98c9)*2!Z%%t85UWr+f%R~4O(j9qxxA0qL&`0` z{nfR#3@*T1+kNLeKI--gSMjg9=Oo0D@9ewM1S6YMha_cP)SFK%hnsYSj=bZcPZ zSxXHYT)(O35?rKvy=qyM!OGMTl(WLX*)UxOceylyxbM5izR(re`q$@m$=)KGHI$p> zj>8^yQ_Y1^Xg$Zmh~>+T>0R^=8G%ak8nADLnJ9sRdiw?~4#>{&>vjf0V^UgH;G(Os zlQ?qX^YTG-DC6w6X-T7vp9e{7#1e#-2!pY$$*_l4DKS)VMeon<_evyn*ZY}}s7G3! zcZ(36#`(PKdKM)tmY(UW-i;;ai2=*3AfvZ zca5@|a`FHeV7P448&)I^OnEMJHCL~0 zVZI90H$fg*%93RpJBcy#;V$}jI(YLu*8m1Y$=wmvdOI(0jqPAujTcUjP)6}6>!X%g z<9mL>ADEaMd$Xq0!_bWzSOCb2W{eUH(gl4roxhy#gR`-82O^-?OhtatQK9XmxpX!R ziQ%7+tB-wQ<1H3$jrX%cuH+J@Vs=Y3v0xy9h7U|yFO@v8a1mIAKOSSP9ObBgc0Vg588rJKV&dXSs@9mBC&ln*lV+EL zr}0Epn{TkuKixq;HM`{;fL#?Olp3R;0bi784oWW;q*H8oaAr=T9^vp^|DbbLtMi#Z z#J%4iTg54FHUn9)JLpn1iGz#7#>Waw*;fGO0TL?+&{&-~C{0{JOwUQ{ovo3A^lBN? zsnleI{fGQ?Q4yI9Bh(1dTqtkg-Za-HT5HZMH{+QpuA}NH=QZp&>`#gCXP>}Fqybx2 z9QvsN-6U1`{Xf%0-`_mmWhL`+a|<~6DZ9Tt;bR}TFn3Ntc`)qmA^jC{^FuffjfEPE z-dzQ(up9=L*@Qws7BorgWBVn^0fC?OIF5`hcDu~2s(A>^}4kqQ6$hW~- z8!+*R@@t(Dax@LLQZtfW$Mr@60b#|;*MW~HZl|svr&cKKiqD7x5=dnE+6%8YJ7AqC zd!S&|bkof8TbvUh-dX;R6h;hklS#d~t<@;6RaX!F@l|(E5yqr~w1+taTz&Zv3Xkv| zo~AHhG(XBdr%@PCY_j>xnsN+&bXUt--cl1h+s-=?qP$10dD4*M=&s>P4Fb}KpOHkG z5uL-H6;h(17pUHSj`Hkm*99iXG;r`EPa}myMIPEfzYV*(eE*p#?PE`sbNQWckVF6< zWv^pW!IXDpCYaqg>5Vkty-F}@S~6~K(e>=fbi8@vKCvS@(ELJ_ePco+LfhGJXS*Q% z45HyxGCF+_^m@nk@_Rzks!o%a;2t)G$9e#Yz|0vQFoap1(J@QgocSRAM^McETZ#qS zEnkYwWVO2Vl1;{gyniKa?~hE2H~tzi48H#GNlq$zIpCKr{SzN4U0S@WcS5X0K^uQb97A%Nt#&_BhWfWFv=V6OjHl%ybv@5Y z_v6|Bmx=CPU*lQ~i~gUrV!qu~t^TbJLGy^a?=Qa_5+SVXZou=URMtxQnGo3(mpyFWl#ZLGB z!jWG0enQHuj)R}hLE90)w%NI!>ClJ#_R@Ut`Uml9dop=}uJ?$w%WmUAilD<~Uw{K>gkyi;lZhk8LIDp}7fv1IDYWyJI>pa%lYXYilO% zZ&BuvmnOqQ@L?~yu@y6rhDn4jZRIRt2!)YoHzjh`+6~X>=JiX)7F~~TB)+SxwP?FH znG7Pq`O%=IyC^mDh7>?Wxcn3uGh9_Bu2i+rP&3?^${M_JDH|e4BIat@>FFy-sIizb zW>0F)FhTb0sL*}8B6&PaAY}j$PX0bS(e)b16kd-8$j^fm%u_2uaO>S;Zm=)9E&Ny*)*qo&Tg9(Ka{@jqDrKpsK> zt;Kr@?J#&&|9(%x_^!!_zKPgv;VDU{z8%pp+ba?rvqZbqp?|ArLaJWR;c!%JtD%;2dX2NAwjmQ?+XB zX^u#^@=I@jsiLpTP|%>vC_k-oe~v1GMGrT(*v(U_aqe1-@J;q#ImFpfKH9*y&l?ot%x=LZzeNodblyD>oTZSy5Ev> z2Ou)-@U1*>e<sEyLZy&Z;tysv<7u3=@w~S89^oJpIipG$i-# z`RzkVYNw>k=Wp3GuvGzVO8zZ!qm^#>UexFOE7GN8rZH$itysnTND#f)MwTwF{X4Ak z0o9MdqQo;I%)2dyw*w27ri;KHqWW(Sp}m}F_zKziEQA~6M(X7-qD%BTKX-VwlenDQ zNr1^)NfzUn2nFmRG4~LpDrIn`_@0aipj$qbGN@FvI1c{ht>R(ELBEzhsNrO zX)YVss15#H|HnUrHC&25@>y^f_gnc`qz^bx`{nv5V|$m;p5O9ZH-2tyPbWNt>oXc27lGh^bHIyFVN;~Pm`YPL0h-R^{j zKnUHIVWtG_$hYxVKO;M&`wK#;|Aui)T#I^D8@R$wF5elbV0QOp_5zp!GH3`V4|f}N zF!dyL1HZGI;&4;T01^EiM?_V`&xK?DEY!Riq94L}%A-3r9C=S!4G$~C1lU{bd?sj< zlcK4@fB+ZRFa#(Y9upIK{7zwCxhkMFunU=E&0BRq4oPWY3=XDjIidn_Z38!T-+&}= z;&d_5ZOMFsN8nOe%8x%KhM&{ftr%bSxP6-EXmwwBN=Ez2bH8*HSnWw|cB(GEw-P?J z^aF?A5-oNX9@EDbsVzEtmdE>vHO&mujH46BJpS4IVgpTZqcWfuVa{A7)5y$6+8t1m zja~9ExVX1aPZ!MSF*(EcfhaBQTk@ni&z}nQ3TlV)jL`zXHT2?H2&h;j@qn-BUn^?hQ$6l(-Q zfd7>q{Ijo7B9g>pde*yz$=w`os0yUhUG|vVDQ*{L9C&;RuIA<`nZKDe@?x9S`Tb!q zrc?W}C5lN`e67@7d#pjLRJbym@Yt5#sU)^`^JuA_L%=-7*)ANcx#NkZ6{8!x6_+sJ zHdU&Fl2pU+3B;i+k!;=l^hVH!p`WeQ&70w75a6__5VdEPUX!O?&1&qblO8ZeVC9LWC-2Ct>9Oho}9NP88c z#=JCb&-gGgm}7l(tY;5R7sGiB7sk;D9wKR+GyBZ`b!Sp5^>pCi{xEN!JXG)zNPvgw zywy>^Iobos>L6M_*n9}Upa_ZP4L1YHX%EYIn|Bi$`7nB#h68G(sd$z&XT=e6 z!J8B|+PHDKy21rSYLjOQ+m*Tj}g^X{eTX$YNznYqyi-}3Jqm-M=%+UY6$VS*tR zQM=2e2zpj|qvaT4eJe}KajS3&VUbjeVd6eMlVM7f4WMxi%ejD1^@{Mje&R-4E5 zW4+}|zFdk~W2MMh$_B^!<)_UmiDqtIDg!b6%NcTUvS*f7+ln)UBEOTG2kJ@f7dP3$ zZ2GoF^`o`-wxY8Gpq=PniAGE-)WjwcQuB33;*CL7JuVb8l>ZOU=~6}UscOyoO53jJ zTW8KJWb^T0bjDg~uw_exx*Kdh_!E1Y>3WrA7VcGS>$iFxC$cHe{~A@@csKIlmQ*Ar zgF`%BbKhK$wrwS_#VzOct^6pRam`fnOI#~pSvA#tSMviB2M!w^JH`IQn*oj0q@y$V#e9P zL-Q}=JGrR#6D^cICyLHy*Og)6r&_FAR4%`l)a2eOAPU3_6THYm4f+aeo;U4w;cv

    pq3e#_TCBQtQk%A*A@IvaU#HJg> z^YWRu+J$v1&=ZKmdrf<}Az!07aQP+JfZ+=b=hJHvqvO>Wd#XmAr(wP3_o@tL6W20Z zAZas?lTkKJ*&d)heJBmDekHJmtWDOP+_1Kk@NOSE)lDw7jj9B`*Dm*?Pw%tb!NCwb z5uRG~T>@W6MO9rGc>ejQ{T5>IaIxQpB7Wb}S$Cvor9jRs{mgsRtP(ROL6 zejlfrBt1HY#R!k?S=LJ)JSVVJhS5^wYaEv@J=4oSvgp5#Pa#GpA4~ndQiNdjP5X+x zfwTM*`YWPtzuiO`#()RsT8|a&N*qWTA4cM zp&0_wrJ%Q8?csg_)Rl-%`p>!DW1U^cw}YKa65^BZRzOZGaE9>^Tn| zz7+y*%V^9e=Z_Cl9A2){)eR0bD0*Je=qZbI#$Cr4G`{n;Z3b9zh^PMSFV82_L~ToM zkt=?yhe6Wl5Xx%&Jhs|X!y8@EJ}*B76NmX?-q_-?I#XZxh0ORZlHDc3Y0X1u zh!3F)vqkJ}L!G;DQU8&D0gh2H=x4fkOTKJZv-)Dqse6yFbJI1o&J_4s{g!#zNUwO= zu#gIG7#+(p`D*7OEc-!wrfIHUkmH3a-kJ=y;2rX6f7oHo(wgHwwBrZbm6Ag$S!ccL zYcNfGoY>Iq5i+BM`X|7CsBRkF`$bzUU`PL({6J*?BR|$rOgY_kJVy*!fiZU46kU@G zVHN0ie3dk5m)EH~uRgoWGfv^2;I=-wf-1*P6f-x!jYtd$jxsnAUa`wZh-8| z(tQBlR^Fg(u@_6GsQa`+U47HFOY)6n#>)A3+3aU*S6HzdVY&&TK>f*jdLD37IfjKHD_HkfOsUY$m>0oexlWS&(esw3qOA`YY+C?7z3< zUz!T?^=?TK>vJ_s9pz6Gw6d5SFBb=B)43>JxXpRM$kO^>Za5AP*GUjWE@LVF)4hGE z3J%;$p;f{A=Hl)8-QAzcvyW66lV8{DvSL&#UsGz|OTGR(H~w<0ski525T5{(!#aJ2 z36J?I2ur4y_*C3WCT99G^!n+|N87q&kUrJ$TGtX}!n8;Q8M~28JN1}0pTZJ{$Ei&4 zt&hjg(8M}@!&y-vEsnXwP{8Plcr#wuA5*}*Bf&FXg{rh?c94Q8yU1sVcFo3hWl8=U zRoc@{bM3nR8wJ|xh7 z^Q##sb0Et;*>j*ABbSft24Kl=H*^ZYgr(S5_a{`l&Xp4bVvD4O5taL?K~rMOmx4OA zKMwaNpNq%V;^&Yd&y*9-65HW)`$`hqk9)^)X2EYX9X zsjAl))mgm*>50xbQGa;zv6RolHVLfiDcAP)pKR-msJ4;3SZ zP)vbNRjymU>tD2h!BXwN2FoB;<{JZ^HS-uqNYSY8tDm2G#cUQUwc<~yJ}BU;W_QKk zyDIx%on1$f<(4d(w_XErh$S>|NYj--X5rPF?V(L)Nx=nid!AKU_|3}~(r-ATx0AV4RIkUcM2nZ@dl6BMqmeR9@S9Qfzly70+GGtd`JOK)h~roTvM z9|WEkSA?bke11r)H+NC^P%G4;ia&0;V-Qn zvi*M$iQ}TT;WsJFloetj%~D@uwy8f#63R zK+0h0I@K`nxH({b{x;=bte%X6Kr&fpzU$dj5`?+=x)ruAPM>t{wYgIZM>mNN&Cs6m ziSxddcQrD6R|25F78~AE(cz;?gM;7S*$e7qcJ?yb5VghH@YKLfY8y$MUbzD~{ye7i zPyDLtEnnT^3)6diQQuw-0$j4P_L&7ZTNjXoG_^bkIr?eU7rT511}`@jD@=WGNfG=~ z#t>2yBOHOpLQ5u(C~*3Tc1p+;r%=0xfyzq#IWJ%9lvA_id@rszHtlNYedtA0j1mJ| zwN%$&P7Uye>!2%Rkw{g4YR&+Rjl~a6=oHk4jsn!td9kQt>x|PnUtSbD=Rl}wpcl(K zAE?XjeL6nm1+5!-_#mo`>LBu=k>p6FIu+uKjrY4!^qmXQh~|Qpfq_r_0_Y<2}W4CM8zya$$8Ip*3!H`I1NH6OYy47LeX( zeiK5WzGuI%h9I9Q3Cn&icc#inj$4Y-)+W;EEFV=~+}-H+-{?GuM~hT5;fMd8_-pn3 zmJKx)qGZ6eLB_)NPA;tOj9W$rQ_=m!+FG;qrQ|OV)kY$Na@Al8_GR8^nQLM=!t20! z)`J?FHylyB?jeGg0Wmn(NMLHB9}eV5j=f~?;#t0O-{?0ewLg|Q)Vxg^)6@Y9)WjJh zkR5cE>Q1%!pQ=2C)L0hCu#SWgpGpy09B`LEJ?v*UTMXd0Jj6-IK-$0`y;jB8p@6Kv z*d45=fB?|+dTb5l?y&k-~Rcf#oDms*R~ znx!E+^SaKQ7g5c$=VA6$jRmit?{$XK0L4nEis)`PHu2@v*GS%GFg#!hGb>M1ep56x zp{QWz{dNmGC#$}rCfGAY6p&lkHB0E7q*8=yNtd09HbG1B=>egFVUxwk{Cud#O0wX3)fy>XDTQhj5ohW7WF8v{fHo$pB@xe#*n|n!?zjs2y zOL0LzN2HWv5{jDozfy~8qF23-K%fi zg1ASC-jR<|-BIH+UX)gRnUZ!HR8yWm^3%YTvhX@|!r7$AGwGTlGLxyN2$>TAZ&Xcv z0hQ7GN25hM9RX7_CC@Ae(PPPN%~w|KWkI-Y)3!G~c85+9K$CK?4l31pSgV6?Tr0IwgRg*3GJ1J@Q1`V9qxGYdhR z>+9Q$d$5rPfDLJbv!D8mjbNUJSGstUI^3Faw?W;ZZDQn$Wx=v_9^p)CNPlc!8yns6CRvzfGP0$9-%cW_2tZeDG@-L5{tlJs@oJ zz29?DEHYf=1V?rEiL%5b#P`~qgJG&}A(kP=FAa9=4Sqjd7g<;P6PVJcIOcQO)3H4z z1V(fI>rVxY(}(@0I?HBs&GEI6Z-dP?VBDj-Sw7+b(dbm|^29Xc@*VPkTcGM>{aY~k z4}vTg%|)tm<+rgknV%+XgtC376y>aFC6Rt|bb2(U7Qyyjbt}F_cSNU!_12y7M=#c+ zH`50cM5T2T6b?AMbFG#1FAgb?L4lpu<>}8f_kb2vGga?l32k%y^wyD6ktR1*goRm~iZnY2HQVqT0KgtJM#KFyLqRUiiDkZ5`U=+p*sO@Rc4 zCwwvDDPndfe-u}{n>DYvTlw3dh-?<3StSZWID0yk&LO)EX}A{aIh9KWsZA*-cGtU? z9@Tg@_Bnw!4E$fJ=yH}nQCfFQ6(bSS#+WA)}w%VP0#v7?*4 z8T5sxMP)=^$N8o~MRE&qG`nJdx(iLw6L)FT&%@N2@I9LJJzCS3?3zNV3K?!32TS{d z45f6Ft%LNS(Z{N!AKu?8uzG*7UM;pQWJMVjPS*`y@YgS6(!xY^i93a+MftU&&oOY_ z?ULcAX=^T{gU2Ei#aR>qS|S=0TH=Bl5|6eS=$}j8F_i2Ud)x7CaF3xua3GK8N*BLvq(n5uG9Lr1w{7Ym@+$t+#76mmN47{Zb^9hDFSp>Uki9BHYVnEe zX)Si=uuE#Hu&3jSSxaTj9edHa`f=J7a*IK&4tl6o*KKRL5;ENPwb4 z7E}%0Es31@Nwcdmc-ffPtMp+wQjn;XFm9+KD`v}Lxg&^_ha3c=%g8rOh-?8ag0AH!cO01eRp)USLP#{d8o=+t%7Wvw3i~W!}kmXp(-l% zZg0b}T)emYBPe zrb|!An7yijDUVVsbE7Miu)dHvMId7{Jz3TLp8C=>9q(-pQ>2GXb7ZcCfYDxYCBHAT zHhgySlx#{k1#6G2l;5T)qWuqhgEm!7E^l_;yE#|XYW8CF!B8*Ih;=?o>dda;r|g1X_`*W|v0fWw@nD5~sIT2!3)b1~B$TevN~)VbeU1O3xZv5Z zXcx1LXn~Q-qpeTVBRtCrfotJBUb)MsMyd-bhdm`#=c)@F(~6gr7z_5X$7P=fU)@Al z=@93>OhQr&=tOCtRSVvrT&nt9yQX9X4 z>d1DmZ5032Lp{%bEL*;S{E8;^qmHfz`U-5GVQoQXlHK1AL7uugnA&4rU-5ld~SGdbU|#JKH8 zAy=X3&)bJ^{K4z5Y3+Riob+E53##IFoP7Y9o(C*~s#h!J@Qrc=v=ie;%u(;DwN;)1 z=w{BNG4|bgID&|g_>#IB)m_aY4KLfcovRrH-U1Mpl0@^|Iek43wvFXNl=`c$K4>oF+Y z8Hhq3X}AUYP4uT%@X+8>kJlarV7L5fX0B>l6F%_BZA*_jw9PWy5n$|AD>}U z`_8ow-u|FluW%W>d2wDcudC8-Ida4OmjQYo?RBHR(P0RkC{cpf`o#(e&%%A_o?XZy zEC0=`%FHI!6wv6$r?biCUn@?n%(?i(^IO&NJx(7D2zV`>qy_0hgyfg@%4JtdUB zQv-qgIh?(ykrd-Um}e=DhOujtGkU^!G~limIX@lZvYz&LD`KX(!6n0LG}~L;JJ8l_ zl{uhljpT7W5MKZe_mEl?m2!wp&doe7imR*&8~W?au59-)xH{qmb)eFE8L9Wa-fTc`U*ycFG^mTT)F2;-#K@|{ml!O6KhS@v;y zkqv*9YcKdzcj03Vl5hF;w-M~F&QEqVxT?tB-ANh24DAxwhg{@DqcGE{ zmu$*}MdFQ}%J;+O+==J0 z5~lweZ-j%OH>DE?HF<0&G4JU!pvj_V>_r3I!cUNOO}D6WT98j6l(rWvWeF>M10zXP z8gp(UV4;>3P@eFNfS7eovE4Z=r`|NyI6lIWT7ccOl|9NBIm;OCI{LBDV-SZU#QFAG zv2EUidWulFx?WAar%aqF&|l)ROa!;UA^A%vf6g>VWZaEkv%%s}WgD^()?F=Oi?6y0 z4GM=vj2|n3@fN!v7u9AO!yV28V?+DuuTNirkFh%K*aKf%!w|r_3zy{lSElyL* zyWj@L%iGH?~7t>#PqDF`&Yu=UA+}97Kn;0-!(jz@PE8(hh0Q zQz4upYL|_{OQjw7hh!Tk!X?{Q^Yz)c=AV|Al-xwd{GnYKlGm|vdA5e^UXA9UV|`O$ zT_FJq7N?xVcuupQM3~!rH>DR8;jSBt7Xx!xb?)6sU-L)%MHWTG@MT`gnbFSeR6&>h z*8}Azy!gvx)bf*aP)W&R$K8W8tsyyvE@|H=qY=7foIB}HLTx?dogsIJXa~bbmPD?r zd6Y|wk!zwXzGm4+3_fT9T$W3;6pmVRXKUHr0T)rv>*VH2MpY>Q-(}+mUE}7>5(V=l z7qfl*T=@azMkbZ5)@*V1Rvi|aQL{2(S{O=#3VovKT-q8K8N$ZS(P}UyL{8^9-2oO}1ukZ3 zIpmK>QrUbqHfR&|>pJP**n@V&CW)y56H9_?RJILn~qA#1?3h!t6O%Jr@ z05!})omS?M3+)v>nSH8{Rhs3I_;*!Hv||>xxXS@s_iSksMBY?%7ajlOK01lWFRw| zlb#>b;+}d#`_~M-O?Q#U$a;!Sr2XC0_57O60sQwu!1t-N5SIsGbX?;8Q+49ia^Eip z#|jUwWaJyzPhBB~e$AVZ43O|+b8R@hfk*reS=irTG(UUP;!F#+q%TK5g?ioH1uhPc8h?R41nQ0UX)X9Ha_Zfq_((k0)dB>=_71nU3)j{9qCREfm8}z-gyGE8 zo*AnqGhxdvhAI7AU9}b)ELjnSDl>qrDt&WvSA{$OxNEhQ^wWskn!un)rrE9>#^5UNwbQD$YfFiy;S? zFAL>9L0>YB2lW*_j2!s5aEQJLfIzyiX9jD*%|(&2If734{T@`j|qi(88;W*l?)?VVtN!H%_d$e3X zYGCdLjtdg$TcmCUGOkab63?yYd2_d(#VT|k)z`f3!;#@2b{wLLsvz0#+PSuz0(OrF zKW^s{=hPAX^#|vjEk~{=UoMRz81N=PS0%2_xhN(W1_%m#pnYd^Wo=ff>#PKnV$DHf z?Z+9KC}Q)>L#Du^ETM^wt)a7*syp%nyE=r-3;^=#I7}<|o_Tf0o<8Z&ufYCwspR`f zf~}>uThNKGL{9G3v40!UhNV6$EQa4cxNn&HtRc-^c(OU!u=$E7Dq?$Jq*QvIG^mEg zbZBd}ij4vLmf10l8w{!|@kwkG;Mszc#=Yo^x7qh6O@9!984&XDU3%lNr6ncZE4-~gS(#FZvK<2fBDVx zLSYPB;fb2tadjcf-nw)1=kxgHkL$yI<|9v`eYTmz^&j8l%ZI|oYDS+iMbx=-m_>wm zXo*5j62k|woTJLU*T}7p4KScU6}7U3c3D-p(6E-`dE%z?Y2%5g>GzV);!gBmV}0_k zcPOSJeU6a+997y}^K@u|kCg`@8Rx!|nQgDOn}SCP-P>hJ)BmBAKxYW zK|$Gs-7rg$plCPCDxqpcpvz6b-}>9WzcajVr4H?O%x_ExNuZ09MpUGfX7X8{& zUu*XgU*iR`*7hN6XS}VLQ>%uxg_KQeHTB?i-;atLA%;b2pb?6bfp4R2;c#GVUbTrbBVA1q}}!Rr`$ED!vuY_{ZDvjqkeFMjXfe%2;MeI?``(|JQ7oOdxZmN8vVO?PKD0qDYcl%%|*<4&q@_FA5pX@UZtu zBO_1RsZBjypExtl$j%VI)qA@jM&2XiB`>2ie$JWO)1~3+x50N!=6SC`W5v6s-&gOj zdWH^VyH#uId>H06>pql&)xg~Gz^KOKKe|zPCt^dWtgEbgW9u=E61#b-356QR zY3xc;MG9xi#V0{;Vh~}W?TU$^1%^EG*5k8F2p5sP*v(iZ6K6eq6Qceo-btD}J%7xV zTNYhX7V;||ndqHG96M~L%}EFLS#hpZHe-8s%VcmK+{}5cl49r(f8r&!%z`NN)7rD8 z5eK3mU;O;YK(!Lo>eqSNn>S0Vttz*LFK>G`!qL5|e_QL$uqJ-2b#U0%aGbd&mDFI| zv6AQFPN{G9)=5iGZh3)5qDSUy-Y<}=dJB z9hR^z9D3F5@T`*}m#d4Bf~U_k%q5k1>kV;=@cM`8H+Yd&6ID*zc!Heb7IT<_yFqJl z{2ckIm~2v(C!XJ!SvFl$%ei#I%g3R@N;ZU*(@0CQh-j)w2Hd5->TG-RuhCUvx=y--kdBYSCu)D6#@`0Vmd;T>~3ak zbo^8ov-3>N|7>Ie$iT1wmr`ET|b~=se^SJ-mLDB;q)M<(b(= z;8|`D+Ia}I>TZ9HVxBjwpObE_l7~CEHIaNmR-JfJwvb0-P%Dg6LxE-@(wcF$;;j@} z9r2pz_}vXkjjn|ujYMyjw0ZlwizFC{yF8E{kVF&l;Ss|L0e<3j_L8ID59cqC_J=sn zEWgLFzxBYFCowkpWg`yunJ~R6mAoN&5r#_De1~?V$f4tD-?_18n|Z{b`zXMeEj(ex zT!u5+PmJ`kh$SV5dyU}O;?1982fBbD9i?2^(_3mtUFfO-#UZs$Z;yLM74MgaaHI{M zoO)0&ixH89>jNB*)=jh3t4{2=Muo~-)#`%Au)K)0$JNb1-Ck+3XKg4C@OXwp3q(_{$6fq(@@mFw z<>qB175g+-k%8b%?Mc@oDwGI#SNQsuZ69bfc4|1r1LCZmiN_3!g_#$nedz2@;+t<0 z5`5{>82l~Xjtwo_W_A31{crPOm1Q+U7Fi=QpS$jMLOIgG&lDrLkh1Y-7)_U zQ*YrFQd$~m=|*OVfuUi5A%73& z-21-wFJLX!clNXQCsBnZ&z{Cp{loP5@#l%jG`A!I$cq#`#V7!lLx6LiAjKVkYxW=b ztNfjcou?rLu}G4JrU4iT^*!EmGVJPd=I?6zLQ1n2Pc zpE2hYm_>{i(gQq$RBG%}qIv451n^R0i_$ zxY@19^1=Kk)T5FFfx)z~5VSGM9#!V<S2 z#&I_WRd8G1_fUziMRT&zHzW%{kBH?%5G=YVwj;_>S=-YtQ0VYN;GxAg!tu2*4wiRQ z%KWLsgLw1Xi5Zu8&hdlPt3X~CA-J*s{!o3t3x(v48!@LhXgzQ8A38|xrG8BaN4-k; z=S2?isMv!@lRlOHcbeL}kL8xC(#+~9z%P6D0<4?pzHdp+yO6Vaib}vEe?TKTHcxCX z$8qcKhm~!<8EEv$YW%O#kE)k(u)`@T{}L&E`f_UM(Yj}Fp-h}lP}YyP?}Q2S=oHi{ z2WY(hQ0%%0wH$68E~3-A-lY@>)I|q!lD#C+J@t?m{bk;nI8mJS<$l?!p^zQ=@YDMZ z!1U6cbi$l2w@%+!nK$tWXe}*}{!APQnxr7O`-&(}EIDuNIS;dyMjAbsmd@j%+HoZ^ zy%1fxkU!p27e8NgBgpD`+2clgQ1XIEBcaSzyJ(ksD0f8_HPwo9`GJNRdy)tZc+ zt_7k6-{?3`P4_nR!S|1)byxv(<8^XZ{^rAzw``nS61ziaWz;|ZTKD~F?9=&8F~_YT zWe~wZDh-6Q5#33SGAnyZt>$tNX3pbbxWdZZ@RdO{G70M~xwqMfYJ&E!mS0}fm}8&@ zwSuiQyx@9>6|cvpSF2>6Zm-X9Su;F>wze!lv$B*oj#3=^w!*yH7J|iT7`|Jj5K+}% z@@cYJllV!yb&k-^g%389hXY_dpsZGI|LnG-H_dnEvCy1Kew>C`kF>_u3_JLpdyHe#F2ef5X;1vJ+CCa7}T$$Tq#GEgB!$zC=_w=Q9nu2D)2)ek5 zM&etLUmWnkTOY<-eWIeJd&}Ew!ZUD@=vP!#%5^QkzoWSzsrW5nK+fZn&~xjs*g63d zTaAVe0drgGbVXzB90y>r+0@+<``m8%>)S8J?uIkB5npjy|HA%~`2Hiztr{8V>iP?@ z@t&Q{uRHnR#pTiGUwq*wU z&=LO9!e#l@DeXB|2UU=fWTm1*jy$&%RftW{>vnH{A&IrNx(ym9$1KGIk`ZFV)w<+Y zE@$!Za)>?&je1=r8eFUzob@5LjxjVQio=aTJ%=z<+q!RLnQHpra%TWSbtT}sqc+bE zd(u%|v8n91)T5yso<7(ZT7%?v5gg9CNVTeq#5L7ydRpAFxTlmie9PGHyay^9z7F(S z{8q6?k?fQ5&HjL-5=f7L>x!rQ`by!TQ63bLieMU9gjXAt z)o-*VNBYmj^KBwjPTV4KOgF`ch{*Z%E26++$sve@#7P^>(H6UXC-n9Ix9R z9D_L+4~LYEm9^+kfAruPd5;!njMnAivjWj2@_V!`h0J}NR0GpkZZPeKKDzWU9Ui~Y zhk+L)3T)P~oAL=3bIWMCUZEMUKHcKG__1ay{@vvhrJ{)BqZPb;Z4}hVKN#E6d4LJQ zA5G&s`W?L%wyY^FuQkT9UVkS+_PQ(@(6c`|&_t7|268E}@?NzsR$=*w-)~<1A~|)c zPKj(mn7ml5q7p~S0+v7g`dXhg@NLp_4$Hk_jMlthkGL5pfDVy@=Kc@RHYDZoh3x37 zzF>6}l%nvf&!+j}!8)|sZYJFTSi4+DPGa0Qr+hwJ7{^I}bU{zm(|KU73lXDG1lxQp zp$!m)Z-zw1%_g{E@{-CK%^%{hvp+A|ruTH;XaL|F>=lO^G~x?s)7Y_v#fqHorOE7s zd$yt_!EeVFkzZQf3RaKXs3ZLV-c;FP>i_T#tN`y2=pH;A{(o5qX0DAS?&-kb+`at_ zYWd{po};i$rSWFHUv(cLYky(pIi2yQld++onpH1rCJUUSjQ&7&CD`$__&ilgFoWJ? zUUXNsM$vl$@zB_M61+sD6ZB2NCsQmAw2srX#DOrYn{2Pj^e6@Yi1j=2Uh!qAD3Ay3 z*$@D$J^B|`gL*$9cvX#gchsMA`M1k_#g3-RikDXCtvVoMtKE^qr`E|&1Sf_*8=AYr zkNAd=X~E@qL(6Jn_4WJ*;aL5JYVbH(;2A^JhweC@bMRjuF2$ZE z53qOJao=C~mZ6U|h*clkmf5h@Hk+s1z}GOhLAJZ*LPIa|;_fmy(GFyO)*eAuk>3DB z`qiIiOz_X_eG}Su3+)#-ip%+?&nZM?KCQj|y4`Q#m>wcOV?>&@x18rlcG`{IlKmk_ z_{~98XpQZi>VECXKNulXjyH0GBTvaqE8wEGtHM=u{Dx$LXCaHT7*zLP)#|lWO{$p% zCY79z0do2{wDn;MDO0)Hn^}&C-0U7qF$WuKBJ9;CQC5~bMsg`g@CLQhHP*i~F$kE6 zWAiX_GP8AD@&}E`B$b{ritv#8J%ew?p3$<_Hh(4}lkAS-VJ#--HZ3Vj)x~5^*5Rzm zhT{%64YS8E@LE z>@v4pd4fKfi!qr>{7zE`9dN8#rv9s>bf!>#?E41N613nox%W|1T;Wm|#S*5yFp=Z6J3%(>Mi=y00>^rD6{^iRkx|2M7a`XYW?49)PgGU6(S?{DvSFfZ-zR)r=-m>t zt?r)|0A875%P+pR>sT?ErYa5@RM$Pt{heV}EBf1B{%$(LCvU?B@v$CBld!r&&_fRF zb&q>AEA197gs-4R%#6)xF>>r4Gl*yn8d9u~*(I%Zfs@)ZTy#^}g~^&_reuuCs(2!0 zCuNxCKPihk=Hj_o?E^C;TMzP~l7#F^rqNjZI$L;6T6cmzWd;`n=Pgz>4p*Y0iQ-bL zWx-%-o4zXou{WfN=ThIii2so=Qn(r7NdbGr%muvkV6LRsM#Hg*T1gsC9GOOMuIN*8 z&X=S#u^+%3)Os3yH93GmaHG@krb8ij*}&b{C5%L4KO>Eln-h1=+lF4bwSkw_^&q63?w1oNa#8=!(ZXB!vk<&fnzm{Gf0D{M;N+q{#v< zv8zXMtF2szm5F+!XBTzU&yExlW%BH>832T#CE^)mv`jNfI5FO_Ff6 zD@5}{g1OK0$j;+Cx*JO4K)&dvJv>G&X~bXj0fg=j-O;gISQ68|AtWL{!$A}*Q9hf; z`n5N*l^5^K{YCpQ*Mn(v?*mi>o!psM^Isxr< z??;Q=`Gh1l$7U|xXS%@ruXP}X;&fMJ`r=MO{!E`}6ACv+&-VWwc?hM?BU*)4)TaE# zFT%?^_gMX3(~4LA655^1Sq9CDRfhTKhHF+HDg(|+iHdra^DQ7JrKomcJ;S;0z39IVugpM}d|AzQ}OL z-F@B4e8~`5Kh;>_|AKl_{`dt=hfV8eZzhP60=c>D(m1~_%qlMSi}KP^zWdJ}`dXQ6 zYFgb3Jeqnd{{uOilJ>_>Z8?BoU{LE_2 zw&Yrl;#26+TOMKhy*qt=>d`9}VY{y`MvNL*4v4+z41?rd%W@zG!L&cc-K*p5i0*!7 zYiHGXCDQn*FAz~qQ@KHK=N4B-=3?My>w-)E{HC_RgyaMsC@&@r_H(UPBB+qvpFnXK zaa*J3C_~soD?P}I=3gBj5voiMjRD^hsZL!`YP%L`;*7@A?H2xpzXwpfD-8e)x9)Y^ zb;XcQ*B(coRdW-2+MOuAE*))Un_U>wcrr-Rmlto|#{;kmR@b^Z(ep}WPOd?2&3oy5 znjhr5+-Zsloc+z{^^h5d3*B~0zFYKI#*N7IEbrFSybKuGr6Toaz+ag2oqG3?E|T&d zPWjn4rkO&lT0mtKIg`#bA@)RH+(DsjP5Ug%zit5gPB)_VPokb8J4X;{57&6(pN+^+ z=WN`luPRkLIOce}cY5P2Vk_4Q z{UfRTN9gE7ZA^D!FH;?~LK7E$_d4e+yzMfx<4^Gy9jlAoVnCwHl8(vH6c)NYsooL^ z98;$|%kvhD!A24UG2O7oA%*7ANGn?FjU~izGr21=PQZrX;wSe+P)e8$UJ$wTBGDsn zYg_y<{FRrVUaHEarVIVUY_$%lpE{*Vi4R%)g7pnNe2N8Ax*lWaPls6QksitS4U5oJ z38gPPvmWejPGipheGgp5WpRcRP!HYx+_cf`Z#!WZ+23S&w6~j6lTV~sw_cLBhP&4$ zU1)`(udZ@(K9&F8vkEtYr{-J?+!Y7@aJ>r&8EQ7YHRvYMZENT;Gkdjq1uZVQY=0z? z@LD4uRGJgbm2Do|u?dwg{^$Z)TY}hIb5?wUrkN!R6>XuU%TgnsBS0fG8w3*UPbwP9 z@D$lF?4!;-t$s__G1b) zg_$+syfOCY;(d1Nhc>@-JWtW+SJ{H?;>22zH}~j^@8QpqCPex+9h0kgs+vEXYStk7 z4sx~kHK=@W6^L@jGtCyBxri#hEM1_ao9vho z+L?7T{0oY6pH!K-iMBl=Vy8QJClpFFpCGj5SzkL&q%YuBX$D#$1a`4e1t075pP9Y-;ajuS~TxfnR~;}&8?7v@bd{h z-|~{i?tad;-%6t@qw@+)#sa`o*Z9Ou8bpoFF$HXi8P94e&kcnPX%~y~bYrxGEJiSp z;HBdOe%d&fULKru1V)D!l1+SYR@!1-DF^QEXBUfZ8%_{3A(JunLr=h`QWuYY{Nx^`(3~7czT12BYGD{{ z!1O1Fe(SYY5v@mMGqgWdfZ|bRoE>VVa6K2QVFM?J z_*{@{!HR>zR^gr^QPP#3ze%lESHc>C(!OtSaEa&s<_}sIi-8h}Z;to{9o21sNdIhW zK{?cC`&~}=8eD3_+?g%Bmn%hVY&dA&=(W%xY(B^vF;Su*;S4}?xj(n8Sz-|*>X4pj zm6Oo?bN2Q<7dv*k|Jl>?YheX_y_%C6hWA=;&%~**a*6tJv)F2K5F$q0h~j1Yp>F(R zjC+I-Mg1!%t-Z8t3wN^R{uR24Y`ODJ_ChZbmc(3Tv^#5gpYO4IKq^EE1|p~gs;u-B ztJ?foyTwQw7)2F^7J=6pg`qe&$O<8UzCVw4HP7o?-9q+9g?(|KMzILy(AO)4MmT z>wl;+LUu54&PYfN+H;{?cdywOmDmrfL(yU3G}bI4n=x+JhfP3o4Ih<5IQpIS)}J&I z3A6QRhib^VyK$d;Ef>#(e{ZL*PADTc4X9~#g-(=$Fm4<6l;#r0v&9vso!-~fbq|z2D#@t7mrt3gsxd1JtPb;K9NohQFwVt>hDOujqY`bD!06 z;e%FpbP!qiAPTwHu2}x6lx;sH#AnX#&s#mK{WWdy#M*o?(YteQk+EaGhxu*aEpV_M zL^|Gmwf#fU84z?-ydg&e;unZs4O+yGV7^Q$zU2NSx&ChT7uoq>BZ(o)oU*Xa<;xuI znDZB?JnE(A-ifmtk8tGxLUXnEUXBb-P+GJR6A0g_g;4MK3hWef;hu#R506^zM%=2O zMN{s_V!l;dqmy~rHE6DwLIocCSHU+>m8aEV8(q3~VBkgL1j9UIH-Z=>L8;(OmEoWRe2~q=zdIPq z%SwLdpm9K5P=Th>DdT!)PxpT7TU9Mh(KszEA1Q-w6H~4oS{At&34-aKs{rb~0>>_A zdP)hlT*uLV)@8dXjnmISfb7+5p~1L1mMGl#Xpxfqo5n36B66(9F#zG0&&3q!^~o`L z)b-m!#UuF@d`i(V$EO{QxC5g0%HitJ<3O-T(#|7ahlqw`cOL!iGJ|AK5ag3j8#Mu; zr?wHDPYOx3DY+~CA7QhQ!(U;2>M@hy9gp0CzBLqne(ONlVPzikd{k01{8Bty$vtbO zyF%DCHo9$KI>`Ai1-?~Wqw}6pv%uk%dxD|?XruXpJtk@|)!2LND|o=PircU9y#U}1 zZ*<(hy%f6kNsu%ncVadAqmE1`6BNOvxe=b?GfMrFd8d~%LNMa+1#){31RVbXA~z1QYiHxp$SUhuo|TjP5Ph1XuKqKEXQ5Ul#)GIR^KR zihiP%;|TqkQiSsXrY;{XVkC6^8Je#xM9#8+#OO)#EiH;QB2_LOEC*EnU~ffXNqGh@ zavl69I*AaWnB*PE!}lgj^KD*x^LJ=8gp|g|udSSMn(7uug{NMVAtoO{4L79bb9Z)> z`~N+XFF8aAqdlCxgoK`L%lq+TXw@<{TC9Av(cCRI?3A)x$p$-}Xq@R%_XM(# zY!>T`O}m{Cdkh)y{uu&+)@9tk#W2espOjEu#jtzGu)DN7mrFF*xEmt@gJvmm z)hwv!6Vr|?Xm^6GPDScNSGp2cu};!V$R7eyl&IFZNt;6-2(NA2BGD@F_NDPQZqJu* zUA7BfaYaMk>8;4y39U5Yn^Z1Z-Lyx-W&xyd@Fq!<^Haz``VCh9Jlzj73Mpsn2JM;> zQAk8qO=%__x9Y1Ce+EPG_a!6oa)uDLU?OI-!6G#CF^(U3YFy{eci)vHMnvB){gI!{ z656^OEf-qFQ4-xt-_g^z@hz2te*Dt2N5~B4^}JgGDN|N+W`CM>>co9u*HdO%3l&&l zW2&d!Pvq81GvA))pXNFv*Y7Xc>RQ+c*Vc?A4r@=Qo-@p7jy6D=nCn*3_j83(7`xr||+=HMW?N2m{0uXeg(AtI8+ zdl`Xz$d98~&5tqL(U$cS{cVgM=7iaRA^`t@FOJ0|Y4%SXJ13=b3IjlmX!Zb9;H!Vn z3IZ{zOXA~~F561oi*;7~IMD>BSzxaALUYiHx~9PK;K&a-b*iGt08YlEkK7(w#_rjA zmhv#hHzYlP0noC(Dy)>2wm}fIW~HHQaI-?6W!1iF*j^3)_`M_QW*TsYdWvv5c531- zvb7GHOVgXG7bPEEoJzF7SQx9S+&*Vax0y1NgdAeQJlg0|gJjlb zb)-*1ubbjxb9%-hTed>}kM`TY;FnIm72zJS)e3eKuS;bs{{-tlL+Ny={vml;85jV_ zBfo0wDzrZ;_{70X#LY1o1^$TQBw>L0DKXuVt`w*|mspl^tb(A&FMF4&Cry=606ZKM$=p`&#>K0|e&XEJvF29HE!u!L*ID0^V*a zTv8fL&RK61N{=o@*Wa5wv_6`h%)GoAzO8djQHHOrJAnOpG#iy#80)TUJ~W(^Wf7qL zO0#{B8h^qZhN1xqWEpl3u(-b4?~!&A8>lpBOjJ$ROqZ^KeuiKVq-TZa7#{F^FRfKm z;!L-_Ed3tQ+;QWg0L)}RMW-|GAL&&E z6O#m?q7W^=g?;bfoFM?$BX%rC83X651B1hhuL3ls!l{bOr%uS|;A0RH>fUF_7heC< zb?ZUE?0QB$*AlI8x`88R4gSZo4`AO8mM`i;N#oQ+rNcO-59yyQyWwb%!UxQ! z0P|rOPW{KiPr-FXYubaqtE6_;N{{4{AGtXECZ20r#1y`4y_>iOPBJoiUPV zGnbPAa{ajE>-lqdPWZ(k{XVWr;KEO=1(;lWYC-Vp9_=mTan(aFFt!QlVjQ;+_*Vmo zgV@79zV<|iP|o1*O{R_BOV4~7NK&zzak|e(M|M7@WS_s`PkNa*D}YT(+Zf)2P=fe> zi}?N>oflrxNfy*cI~hcn{va7S11N-H3;>m})NW!&jpD%K-=*b}2v83F*uI%G{7W?2 zb8GpU%ArB61uFTntCgAGC?yuSaAO=61p>SjN;P^4zU$>i-CinmBoR z>>P`KhFp}P79`C&(FHsb24aBPZ}nWqcP4Vo+z$x8$aS$X8P>Uc&9c=oU6?^&Is9f+ ziu30uvSf6CyyChP@*M81a`T?YzY5+RsNK4pta%XlaJfHPoaeX5Zm<5HLY%PKhBc8? z6WArZDP)ykG{R3PQGj9pYbC7$#HV){-Ms08{<6fc-zxSe0@iyWo|Xxp6DM|iD{1)7 z=dz^Tuk~y2jCQ~s`|c-5r+|FQdaG)4aftev&%8Jz(Ci7314}|%ZB*MdO`MnCC}1aE z*Fq~Jh+k}wc!RVcqyomT6Mo}wk$kGJTU6W<`N8HoMNL%CurVadz=bUiBm&VBjQaJqi-02nF|%* zQZS8U)qg$yY?+ryEbeb$Q&85oORclv4oP?ABK8p2<_h4fz&{uJINPh!X+iolnEc37 zVTGz^V?4GJ?u3B(m9FjC{^Rg3Yb&0BNju8_A2k6Ohjz#twaq3k-33RB14YVvN!49e zq@&BWO%tp7+AV9>-iZW9_%p>{Z=o#mAKi@mdGwBH?D40074)z)w>XJZVw~3Q_&-u-v{8_X(6E*Zh5M#czh**vp_s z=x*UQ9W^}<%&-@OvN+gcL8d*go;Dd&nBhLAi1*QC-J&8l>D&+vi@#1Xvcv@U&=`mK8 z5h>P<;ik_Pg~#MHCiL}}c2$xqU7C{hwJ2XLmr4+u?}ujFe*7xCFP6Dy1cd%rCsO-D z%o)xbP%+ul0Dio~#%7L>jVSqYs!}C^B_lWLnCSEZw5idv%emt7mo~JU)!`BZn_^0h z+aBv5@aJc@^d&1xbNW_ckwqL_$82PS{FL;CiMGcl_9ku}-nG?97gn}Cdfw)I#@p5) ziqA4Ec7q|-%lN##IUx&IirZH`Y-B37MA>dve*ez23t)~0Oe&kLFiNO&d5F(KK0UnT z*PAM++5SBezU5`qE$J0xYnz$@syKrc5+%XPfD|BqVn9mA;9hfT&nSr$w7!c^Ox`Ax z;v3J}ix|Tj0Zp-Ho_O~g#b^+OOt;2S*da_I<)QB$C=Qs8WGB+AO0Z6^sK+b;0% zonHBHl~|#>{~y4ZuRF#e??&R4g2np`Ice2B9CL6sfT1m&RXw*F3)c$@HhEV(&ej3s zbMPEBxHe{JZot+ z@8PNx=8vAi>ynjn&xfiscfwT#oJR9mJ-?iUDi@!|8_&n>+!d{t&SgJ=PUnBvlU|1<~DEUqXqcfKE=2I~)nED?w1 zEp-xiQCSJbNJ`nFgfMXPuO#6;)Sp}X+t{16{@CUI$>uH5`65U2QMdFJQ`R*}E(Aqg zIN9#Vdj#Z4u!F`0f=pO;$Bx-&r5UgN@N;HnPq1IJNyca`XZ`onjaLlEYfgDT{B;g< z>aF;r)Tni;AcFQ z4CI%VWg2(vwW0yAsJ|IY9#rFq@o6jWzS+YV;p4EnmlouaP9Ae~aK)=1i`>xve6RNG z(FPU1#1R5I=j0n5!qPV9&Fy0wwNEK`aw-@d?aAd$UVHHC{3)w^UVKfuq!e8{fqYN9 zTY)IMZOXEF;v!YqXJ~lt4G)CZUZk&xpvT+mK8Lbuwg~dv;=X3BK@^}Sfn|R!*R4N| z+F!O5#&Q*h8{oh%X>gHXK6^&j?=CQ^y>`?({?E`g^D{Hm82-MI_n!)+RzE8{*~(N4 zjJBsVaP*$_MaKoae~o!C($UbdS+KK9($+EV@#$M~`_GMB+`R*Rk|U0j)W4ZQ9U5d( zROa}G;e=QX)UxHPC&+|Ti(|sz#7j{yii^rYd#U2;`u5pugd3*kQ4iGjC?$9EAS8me zhwkRvgB{_)8}#kF+bWx`37P5Je*v=p0c#yYwa75c#=G1YL`SK(#`9TupP4a`8tzU6 zs%93{aTR-)M%XuG-c`G8Qh)VNSNG~WyFU3nxt=PMjNDiZ#uGUh=m^L`n7x;hKW3ZR zKjSV@s^>4W;JHyUPlhWY3WE$c$Mo*%{AS@pAMMd^KnzY5QKM%vxn#D(N#buB*>L0@ ze-`jCaL+avl3(0`PdY!8y>g-Z7n`7?ljZxxxl%%*6U$+JuyV^G$;BCv@8y4-o?a-h zLoWB4pGzPfhI98sg(!}}OfF@p2?MRG)217|2Ebqt=WaNor;eZ8$`c>RKd00Q8P%TF zm-^|`GmFoE2ZGJBzEB8A>EoTlabFHR^O4vm%!sQZ4jHxOmfYy#<&w`**vmBUhGFXT zbH%+`9I4zoK_|Q;M|rO!B2aQf%&tH(--Y0gJNvbMo?ny~az|C^>WF`IrP=Lud!etU zWNV5b1QK9GENAukVQ_!OW%#wm8)d?}$xH7TN?)S9E#|dI@nR~U`^Pe8@oTx^aaNzU z4>LSKb1P{1A<6G-d4AR$S0@_GbqF9i4d`qrMPy2D7nejm3htNjZ0dJ4dRug*;g|A- zp>m3xZ*jY>q%cKI_K}i?$X=^7KWA3=sp?(CSxa8Afuy(u&{`^< ztHl>!5X*;Fk`?$LAfJ!Hc;r1b4?B?FrS;=be}v{coyY7eJlDSBp@vgW-)#LumrR87 zcMV*Z-pa-O$FF=`21F>`YL*MVbFvd+9s4G?_|!*`Yd4e&a!<<{cQ4V;UBIev*rnXV zf}s2}qS2dvB;(~Nn4U?qX1gT7PqywPTDbtt|Cm26;Q}TCAA@m(98+clAGG7$Ez%@v zNLzpL$~Vj|5n^_acR{wWvixnq`del`c)voubqxr~XX6*C1K^Df1UymfPQ(0_$W24y zuuSJ4BUE&L>i4ty_*$uJQXm(#>Lm{J8o%nvpr9nXE1co&HpW0^Ny_*%r z9vtWSl0ySVpCcFwO@kE2WD1DtpF9zrgaB8clcVqH%V9YQIq{Kd2JUBLaH(UI+qFDq z@!hrXSpT%w&74bb+jEgWSJ41K{z_ll=zuBCsW{--{h&!)G=ZEW78L|R>A;{F_^v`- z<$dZME-VX~!Er6f(4W~Ci1>q!vami=`%(T7Ws(sr>N*Psi$ zx)P<8F48!UBQjxbuxP;4qBDwNO||x@GkiQn`HRe$a@t zn9_Q-sv>?Cyx9LQeAOR5jvFC+!k?7??)$LDHzP**x|u?A>Z9tEBT*RJ1?WxGd+{bc zxs+F|ba2&w;rDFS;W(4k;)X^9NmI87%P8L>_1MZ}T=grm86CnIttKomMOM2desreD z4aKG|iaf1U@v#27h2Og6AiRD7Z+a45!n3F%aC+_{9S@4=Xzf{g6vZ21 zK~kKeogqn}mMa_lUpK5fhqxmdWv@x7rt2LxWc_ab_s?Nci-lh016xdBb4)|6^HP<7V z4e-xl&Ez2|aQ{Awvf~=RFWtir|ln0I65`d*YLwlU~gzWycpRoe5xXJT|8#uc`JLTmtx_l$){tZQ>j9Z)&wQ~ z3i!1?lTh~Cz^MBJmyJWta>gN5t=lHOG-RZ0`Sg^{`#7I=wm%5a zCnyi4FxFl0j{WFUL{%Dlg!^fXz~=}Cz_M?{hx?!Sl;m#uM%S_sC7>N!}ENQ&qKTIp>|0ws2kotRGl84&^a>u)-lb(S5 zaGyGlgaIvMc^-MRXsTMuAFsvr{*}^|?xWfPw~F(b{y=wTUP1HRUUHI|4e_{^rYZ~| z_roxdW#K`*lD(!0uQ_rKr?dg)dxi{o);#5kei|UO5=@?~uFJMvZPaP`{xW6E59KZ)%`;NpLEe zyUjvU@Md^bRr7egA&2i{4)cEB$VyVHGS?1GklDH3n{yS~7WusJ&dVhwo27jH-o5V5 z&A`>0i}n9Sqh^4%Zvc&2ibFo@kJzFl_U#iGa}?fv;<-iTCYB)is#Yvb5HT3nl(%VU ztG|VfrlD5(Tbl2A*(tpDgYgRsVx#+#t`#qldtg*6yVxRkhD*rLXp8jf!cNk>)J=n< z_VZ<*WYXu-&5e`P2V_r2!|&be3^OFA{Qm2YJUkIdT&>Cd`o){GZDUz$lPwXF=xBu+q!r-qm|hN(v%BwLo^cPw)>6J>D?9K((qm{Jo0t<&J2Ik`{EH3n zmagulvklpQ^E1JKE%>JraI0ydKp9^e%awSzx(57r^gXwB1K7*DjiLNOls^DH#^FbLSljx73^_PGk9op55k<)kXKA+!ssJfS>!{A6{E; zi3M<25B&1Y3Z#NN*5~c;cB3|DW+ZFGcDk zu{C}MQspjLi9G9ba#zsKkRl8|-&|dBo5^kwkouxHJTjn&6kA{^KLmXs{p?O+6FyT# zu~Gtg`uY@ zMgAZL+Ve&Hnn%|kTv$m)2j?_c@S9JQH+_}`*9!remm#jik6!muEa;T!j0oMz?w)u| zwP*e_wpx3y*?F4BKj|BW43%8 zIQhc+{hJ8FikHzhd;vIwfg$A2w3jb21AbY$ugJbU9!yb`eM!U+ zN7G~WGz5EXO$cnUL5~&8K(N*3?J0LfM22hzJ&gN3=qAb|b_2w%w*ucK51~z&Ec=8a zAt6DQso$GH7KeMne}xWV^x1cZRtfCyBh~l;Ksx*^)M$1XK&0jW5i5>1Ph*Y#3H+Z% zecdBie4Ccekr|2&+11g3I~J8=f4UT`Fqq>8K^JQWx!mllx^vT$=tm3F8y0O_eA9ik z?s%dAxG6D~crDy&CvYsE_}TAdOvflk^2{`jfl%R`m@-z^|GXAiEMyTRezt0Lxc$hv zKo^g{@*aEA?chZC!V!<7Sbmf74+tTPMjIoxj_yFD~C!Qg84*Zd%z$Hak~&c!%!K@lfAEb0E*2 zcYvUcY=X0l47L9$x!l|f8ArOWf==am??9QQKS}#T-A6z_>Y^_CQLbW2ZP#%bdVf%I_2kWYSrjE^;sS7%NG;n2;!w0c(Ga00<0q4_Uh&j2$g zA=7+vl&z{J?*R5o~YRV{W0>GUJOD!4G zYn%{r0W}3QImq54aVYozT+Zq^;65DH9hc1>fMUk$0TpOcetxrU{#iE|n057<@iSvs z@EDXi{=bt>h%ng6V`T88fu2tN5N-iDiVOD-oj!a%BJ6&6RK-;DO=EfBf+&D`hr$c- zgR8R?D?Rf4v;MZ5a5Q5S&YhQ>@+dS28Y(D_rW$xeYs;581zqza%#;jV5lfO~2G0Pxa-yoPlHv8Q1Y&4r;MgJAauECd) zyaW?Qm4?r6tx4u+U}#*c10CA%Fa2BYOS`JPY*~fj15WQ29|)rvjaVn36c8&>56$=X zpxxpo=rxV6dS&y%yGK@s25@zg8vz@woOB?6(dAHl980zBR{10E4wDq4~Z)M87w7#psB(hub3|P$-cxvAz-|NSmCdd zQB*U^tFF3ud2mcIoq&8?nAg1?o!9tt=0`q#U6q>_%dVN9Y>wqW1G*!2od%7_8=slI z<8wJj8alxxO~jn}udtWqU(e6)oh9cGEfqP_=hz#9Z`s+J@T@0NpMzh%P4+KeU;O=e zyTftydWh`KKoxo=lpW!em+6vJ6%#fKUy#}LmOJMrGwYEe!`&|=_~a$OTqtn4PxLFv z>7*jI<$~S1XcbzP-dK3Ma*cJ`j3A~N;JGS%oaXG=K0>qKgt}Rxjy1X4E)y3p#$5aB z2P0_icMA~amS(ORYNLSd1mjSr)dF#AVYOmPL4V8gzc{?PO@!BO3#MFwul@{h?jV)U zJdf@rt28P=`@!sz7ihZ3UZP)da;Ml+#2L)CLr~rjp>SIJOMN(7ViBw< zrsZUBJ&^{ZkP3}a;u>ER^oQ$(C;tfG{e&~S$RE9;p79)v&{b+x?RGR@BHk_&h-!bG zjw*Z^HFAb!s=q>zL;g`)vZZ}EQtj4jnU>&{RL~^GB@nCe_1E%iKhm6^cA~pqPQrcz zaY6KK;{M$ImNr7E2$hmFRpco-^U3b#4?2 zKJE|dz(~Jw9$6s{cmaR(RrckMicm~`Riz|*v2Eoh-B$Wf2h@R-PkxlRK&9r&!qJ=P zLqpInGex}1IxD?mK1Z`*z7OI-gd&Rj>Mlc^RpDvEH7hkzVk-uIH#a9a+YkbYoi#?U z2-~AxyqP_>0K{`q!_zdb2H1O`n2Bf!mpJUnz!S&RsAI0E(Y$*AEVnk=S?^)PZ81H0 ztn}}jFJ2r7-tn%;JklMQ-BSiU)dAb9@^PbuQ!2Z zzxGC^F$(LrJlm6G>KJ{n(QJA-rQG5mYTj5CGTHqSNw_P2Kp?Ay;(jW0f??~hcSGrS z+-p0KS1u=Rp~4oKf0`Zw*gJh6>^(0xy9`rj{R*YHlMQe0T1sgK;v@q_#@1+N!vZ`D zg+`3u6S+#feA0uODoCA`c&R3sB%|Rs?oFgjA>!-hkJ_K>dTn)(!wMi^nDR^Pe#V+T zH?iz1aSv9W+tPHSRq4D4HH|0?^Q)wk{vTIw;n(Ezk zAl*!)rA0s(Fhc1DX&6Y1ZWxVp_eO5)ncv@Yzh3wA{12b&yv{g|_d#-+UeK?5)m$g} zqEg(g-uIt|#+l{YKOG=dXvKmxS}l6qv9|=pAef#2`N0f9iX#9m@H;33iy^v|IV&K$ zQ+N%3><^Vfs*^wlC0Bi8oB#|ft6Po$ z8HP#z_sCuy4Z!6Lf3t&V`k9kB?{mEH*6=TxpU^)nEJTUE*p1^79K7tZML-&!^e9&a zu>5cxwpBih$(G9Csl`01tw%id@CxB=N}xsk#JyB6lnnSAK>aClDPbWF)Do5Gm1Rc# z$?fywmZGbK))&u-csB(48d2cAGWHIB3(f5L(>F5lbTs@00^$pWvhX2-zXW8|SEW&| z${W)Bubq9GH7eJY-RS|k8+NM})&G1-%uoIvfBav~6G4*K8)Ge@>yus~-OQTQzx_j*zbm!9Rw(<}-1iw<~(SJOmEHOPiqcxdX%B|&lwQQMo$ z*SQkK8^{v#9D|4`elCxx`I~-7(i|XEoxv)uiIu3nllgLDHlK0YBq+3>lhf5vvY4%1 z@`2SKl)D>Q-y=P*;b_Z$dqK$UeHCcj$gG(yJkul;6b|IfdmeYr32JtMw|j;?m2xt5 zky-gO4@4$4A;e{!V!R|^k0y~?!;?GnlE(`$TkY0em6oz&LgDMSDQJ)2T84Z=Z9%w! zQI8<~PqSdyu*ybD`rVtz_#bo*KEp?6;fs{*fBrV*wT=iohy8T3gl+OVXi zx4(vw(YPv?F&Ws>7pP^Fov459OBRW|f(6BM3u)93edLbO2qsMwyr~MMT%Bu{;skYZ zVNLsQ9}N<M_?++lXAIdT z^+dO|??lJtb_Ji<_vd{2G$q4?Ov%f+4G;Un#0*9lpAW%`?OzWbhi?JvZF~r&aux%% z+8>jN>_liGrm-eZ2M5M8Ji+_Q9)p0bro(Mrgfk+!!R3chX=)QcwzpGOP#Ve6yqsDg zlX1{HaUBNnX=t1la|T>hESXgB=$;s_P!Fp$NJOY&M5? zeS_pAJi+@XjGoomJGrK<9&TM)28w!u*~Ge%uj1x+4W{+c%-|PwvFVlDPXA&DOrm4^ z3G1#H2V2JFjGfE8%3@V`-p2MPcn56VuTO3~sA&}->Ag9uI5JPCHIj{v0`MPwD+zJd zyeo*+#fXWW-u(Gg5$LxYe*9KnHL4$A$dWwGX&T7eJa%KO;{sqLn ztz-Vq^}3F_ay(R(V6SjVD64W|y&+`tHLZ;63rtZx*Drq<=qVShx{Y?y7b8u>3Ww^1|@{nB(P-GU&c#6=99>*Gh+*X4o_C zf}!w5YYy9oJb`^4+SITHXDjP{uj4xfyjqWn+{$CrgHGHxX$;D7zx{k*b8{bw1Y@ys zyQ@v~xKON$%}ITH6n4c>7?8QfJ#+Z;nY%|{wWS-Diu&>8leFD;Uxg;m!dgpUG@8cJ zPRvQQSOHnf)3KAn#bZ{yvIS(YgvhXj`quLVs2}We zdAoaf4mfW3Fv3M%2Bhhcywt;yBDi6p#i}g2NwD#tl7xw;Y+8to;l;6O7lFSIuRQE@ zAa!0{H%XM1rOFTP`UjkE1pXV2%W^7zG<@f6k{JH} z)TasJeT8(+Msvl7r0WG4QizWt1~kc-`Gd8tD>W)i_YcoCiy2ztGfhQyPul}?)*9jt%8y_h#Q z`@ge<8wA#maz>?`VpB?DHx;pPO3gT_*+hJ!b>Rvou}rUyhGvOl154gXi7qBLucafc zB@~M^+4O78kMW;B0NME3h-j=Hn-~2jNn0&sOZ&%KyKZl?3{5xqNqj4SQ8DC3X2a&5Ln?cJmN8R_EcxuYFMP`#6%7k!eeKTN9mO z+-WLB5PBsxvnM$=lvuGH&Y$S(hC>l_;L9&X^EdOpW`NWe$xRT5TzDEkEf1e>WLWC^ z)vly&-4#|SHp&$2-Zn_w)#SP)`pAxXcKAxGsl?Y=(88u@LD=Uz?}pFG=IIh)@>O^M z$CNE`ZDV9j*Qs~QL2wH@Z~dny?z08{YlMcoGA8f8N?s-OYLzhADgls{{lU-nbX8*IeKuFjcv^gmo{?7(V;t-Z|3mR`_V&2@#xh|&M2ph@%bQ-yTZA` zwwBJ@lBHMwqf|1mhopYPT)uv~7x5S2fm(ylsl|__3Tk+ec?Qle&2s&!WxcVbdgv)vJ1AIgf$?pS{aummYD90Z`U z8#feD=Aps9ej>S2A^m|n97XB*UzTp99=k zy{q2e-xWQeK7W&$p1@MtpbGv?vl9Oi_nDdfveR74SR2UM{1t1Yy3|Hs{-ZN>k{Yu# z_^CQcpnKdl$X8I#D^YB%;0Or1dyj5(sdDvy{!V#6Ve`)awSrzN?P)_KQhZ7@Nt0D9 zvf)Z8QBEy1$w7kEn|q(KCBf0i&$}M64Y#!3 z=$7g2I~I6JnS38$hOPdHpnXSwZ1DTgFYB#Gfk8&Z8!$IXz`Dz6XICoKg33mj?)V(f z=SJvo!z=9=tPi2ArwLL{vSt^rR6*P8FKvhH#OcR5YJfE`mF`j0uG%i~fEF>f*^S38 zB=@y$*6yV3;6!~hN~WlK;Gh3oR?&R!9baF3z+Ia?$Y)s0R6BgI%o_iYaJ|k;ry>h& z9C+@=x#<%BF25fAHRwFQd9cmFyP#L9qnghp7gzUsg8k-&{`moQ)95pij5XBMsOtIT zwsXIU5q@p@N*0h}-&uT%YkDYy%2W034dm5<99`d@;4TBT0(D)!gn$XnN;RjEr0(<^J- zXdINGr2J7bv*3Xq{J7aq?OVB^@3YUrly3n%lyvNF`qEe+oyCpSq*F5SKlNPQ)*&%% zVGj)De6EY#W13EQZRV~9Ghd*_PY&%#BoGXT1Jq9VLoW26G?;;nb152D1-%B;|7Az$ z2~Rb)FEEqnpqq0vyD7f;HhzFJX-hxVn|rJATgw-l;QPi%qcD6<&CS`EV{8{7_9#aD zeB|1}j3%XEHxkPMCSAMlqNCwz7Ts3WEAnb5E{G;t(`p0_R_F6MoVX5Vo z7rQIgyuY9C$;~FtIF~RprfJA%BR@iga(*^9ICInRiJLf0ia={{XtfG5!30cUc zJnPx+?>nQTMTaRLL_M!odJjK1`vRxOU_qY8xAHIBct^U(dL6o~J-A)XSwTNyBIytO zJMeLJsOG4edqku)HLIgO zE{M{ zab)$%cx!3~^t&;yco<-Js)#Hz5%Hk%bk5&0X#2I5Ju{@v?sUj91;(rYqz~-ADNB8t zjm?^vseVxZM0~gwI;W7;Jr`eiF#cO{(W*wXoolD?Jnv}&Ic->OFh%&UOq-L|I^lI4 z_osMzo3UcQI1WRW@#}_i&`LmP((3jh9mSeI*`cdzYTvai>tCRW&z^q<|5lvPa#HQf zm0ssyDa=)vcV=I+Y4EdI&pKECzuRBNVy5n1K&q_D@2DJoFqV(yCOaD`2Vj+EhioC zX+^d*GfI0b-LW5iCq>kegu7Mz`Ep|G;a}WRRm9nHsjSgSTW zUz3R?;6}#Pl@#~$B3IEvAFUB<6U zPt)nGTEw6aGeC1#i$CJtsOt?o$j0Pr`&o(>!YX*Ug^o-RZPogG-&DiI(X#+xytSL_ z7W8N431Yp7)SUlpC#r)a-#w$9o`MLI

    + +
    +
    +

    The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

    + 
    nova boot --user-data ./cloud-config.yaml --image "CoreOS Alpha {{site.alpha-channel}}" --key-name coreos-key --flavor standard-1 --num-instances 3 --security-groups default coreos
    +
    +
    +

    The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.beta-channel}}.

    + 
    nova boot --user-data ./cloud-config.yaml --image "CoreOS Beta {{site.beta-channel}}" --key-name coreos-key --flavor standard-1 --num-instances 3 --security-groups default coreos
    +
    +
    +
    `_vn9Hz{HDG`bBb2h$ahA0tI@oS_g_rH%L^%xr}&=bb2_btqXYF4L-*~ib$u>?U&-O?R8W$JNG_d_}So<1`#nLI{vX}DxN zSDMux;h*jr*kd>I+#hNxUY6=4Rjr@`^p#Nv%(I{Fu`qI=m&_TiBX>2#2DDABIi9ZJ zehgGDqO2G8>@B?SR|HS~2IlJbLRZY$@B6vGoPHM?%J|g(S5GkC`A&F?T1w%CRx?F6gGpfR-?302hc^A?LG6T&qQtJ=b+Nk3h->&3 zTfGg4P^!wPY;_b7E$rE4ch<)cM6K~aG;7K;7_NLy?uV$ZNa#gJ8;h6-8cY3EI*8Lx zh&pKX5ZBKq3fLR%DI3=vHpcGNpfwPb=FC7s z{)~-GVT}$Rq>?4AUQ2aZ{G71MVfi3#PNe?w7_h?n42CU`SI)bwbW;9MsuHGOldc_Fi)qh_^`})<7c19>+H^h z+nt%{pQ2|Ya?{epr2|s^{kqj-`oj`ntZ7@HE)c*bC8JXQaOzsG82pV7th51X@X_k^crg$v!>QO$k_Q~P!xvRg*{^`p=N0RQK>IS{D z(#2|g_O+=-@<+uJ+*(_IlkqY|#dco3dw!^t@Z3Qje|7I9UD7k;R$uv?*SNMJjFH`< zD3IZMBPWPP5tu|pO6ffakORBoRC`QlPp1ZB=|0KzE;#|Jl79#EPj*y34h#f3A}aJK zm3lfsRx>kq!bqZ<#7b?>6B^AFa}B8V7`k!BlBPy+^&n3vLA$Q1(g44B{ic@+mX9gl zx6cREX0<%|H5tTKMwu!mMfe8#wPZU7#rBZ>P&y4Gjj*$zI`(35c8b$h!pa#_{{M1D z$OHtN3y+FBtEb&Tz_7Gi?~Rh;X2M(NmrkyD=XkoYEA03{ETr^{4Wc!3g=_j;zDRH! zi&SA!$V)zT@TJhQ`Oqy~deN1`dlZnf2RAnBp3gF2+b~-Fa7sCm)H;C@aLZtwljeB+ z-%V=bb>7LXM1k`X_Y+~-4DU0Jm;sifx4-tkRXpF;0+3(sZ&I+xtxG==(Q-cI(bVE4 zOFUNbs2uP6ueTASJp2XQU8n&vDvHKy{R1RJ?7 z!CNHXs;ZSAoe?NYfYiA7l(#(f%BCf~^lA1uJo7`>Vij}VH?&$5&!2>3;!}D(El4xU zJD5MZ&fiQITSvPDQ}GQC>rBb;pG$jBQ1{)AcEa+v^4d(ynYu+FL<9zxi~(yFm)Ia`4RZMxC?7 zaYyXcT{`cdSOM{_n#2QS55(w`5~=2Kzu^K%%X7fRv+Z9R(01lWC$v`A!tlM3N)rXW zF&=lq{4?GE&Q$*kb2P}g#d_Q3#j7bt4<)M_E#&m1>x^VJ)!AIW?TN5l6}s&%48JVO zp86Kgdbt+zT4-ET^pC})Im&J`txu=@ez%}-?W(U^Df^<=Q&zo=%te@C%ykfDMOriu-JaOW$i)iO_ispK>Sm{SleXtsuj!L`>-2K;Lp1D4p(p2Dz{)g17hKJe=@!^9WbXP&=DUMytQ6cf=bRbp&&y4 zyUfcUHIMw2LCRGFnw1*7B#3BlpRPd2Cq(QeH#(YQI^2&Ve&1RT@8^)SK1=VscvwiC zo(@oF+&SAjtV&Bbi|XDVV*!{}_BNw|!91!42htIlSk&_2ozic>xz5;N@=lKR);k1Z zuVC9@`Nu6_lE0UmTeFW7{7GtrQbf|>_8dF%dyUV@JQ3e=`13W_G5Xg20)#Y0cHCwn z^`~!%ZKPzA3hPte8{};BGP?g2rn1)J^^`7@PcsIDOu+ZvD>f=!CE5N$`N*CN8rQaj zF;>m9Q7MdMYMymUr&lFpM)={#S~3y-1Wxu#W~4pr9(gN0Gl4aafF}O+m3fr*@p@MY zPeHMLA<$W+9_yib0Xp5$L}14D;}B!K@&x6!`pB4r#!z<+XV@>0g&J|e4$RHlgSOqgzdxhxyvn0F|pZC-f z|It(0iwmokCQ`A5uQkryX$g*1O{S-jyhQTf{k2srL#D6~f-dGV(%Urc2w^4J?uDEV zzLF*-^YmvDa%|?L_W<#Bxf&fx^SOCS7qZ)3z}XYo;mTGq+2q?_8QX1*O45A_S*>Ij zbbx^|EIeNN=iA{YL!YoO&A>}#%<==ay$u@W#->^nZ9Y82@&=&B+5btnk^37AEQ}Wg zqWj3J0(`9>n9L$6GouCTcYafHfX4OKP_2mf+;C207wb>cIE$agelPq#u4m45tzXTz zs*1m1JAI~{R<+LVE1l=oI;KtmD$JBG%A~m z7(PONF>&v&q^~pz>S%BJ8%L--l6KFNV}{i+-`Zg@<*?kaq_Nh1fiNz!zY=nlFASN* zd3bmbQ>19(HHJW8&pplMh%Ww$c)?-zh+y()RmHoE?9pfC`QB6Ig5pC*JI5#7FZS3a zJ*+UI>#;G}sPGO9j1F+1Z+TaWS5^&-wjbHnx4cdV<23aF)i6IvviR0l{!jrpo;|r= z>sKCK0L{G&_cQ$SOdRAb1Aiurz^45$zKUe!;OoV1@~?+dfeU6a$y5qZ#?0CVv$D;! zp~h^5Q9;JVJ=>KV8@u)wA?EQt7X^atPhN|o*Yu!I2f-!v=Z0XgtjFpWl%R_Z+TRn$ zv;VQ{3ECWLN}$!K(>@G-C={y3KU1Rn*gO8Xo-71?^#N-2MaH-RY_KCJ^T#2$awLY# z8vV$u6v~m7Vinf*-?+}J zXswE`PSyYBqf0W7kL;(r8L4{q)K|L359OG0QZ&H&Q5T&oS5Xprr*-7L>G|h-aOyfZ z78bw$wY+CtNog5Vb&4DXc$0)7`Mcu0YTI5$5*1O2=$I{UJcU0iTUeR4Xs_+~DE})# z@HI%dx@2@`ZfdACPvq!^ee`h~iRt-`f6Bg&E zl61{_=%bh*Xna|VeUO3dx#30+saGBy4&JxgPXHDf7{}Kd!^$dXqaZBa53+8P>sLR; z#;mL9b1pH_bQbLxo(o&f={9VYHiHq4=kT-aW(?`qi4a=%q)Lpl2E3NIIr&=(e|8o()kPRk$?f-}ONbEEg znQqy&e57x-bNx3i`=b&esjP7Nw`euSW6U zQU2$_Spn(-SGxEPZ#mz?=EOmHVub5X`7G-h5vZX(R+ClNtt-yBLF2a1*S;nCHaBGY zGm8|lF2ZRX{zagad%OA7_uF3rtnbWy8M4OVua+X3guoE<^$+#77mt$) zF^B3THwVzC7aml%rVF+&D8iTO(#%<2SNiz-X2TCrgPI6qQ^vn)vRoOEIzNT2N~N!v zfWuK-@k5?o@j07MQ*FxQ>f!di<2r$d1oAtYXuEZi@+BJ0vdDD7!xxd$YJFWKVhwM= zBtr6Jld}AN>l?G1aH^Yu@TW!4p~H0xM$Pp2(Hsls`(;eaLdcuIc^lBu^*`$elIKOG zyz`PvcITaHI#3y>myU4{3^FtuXv)0YN4ac{M#QXvCv?Q&_7r8w()I04#{gNTwZAX@9PPH zgejP?Lo{#g9l&)piScIVLPTvxUgpGw1;r|)CGnx3?<*h9hn{*ImpdQhxX)B-*(=3f z4&wU(EjfA*KMeCC5;E-cYz*dNF9?%bq~fQmq%-gO{%XNScgz4km@6a72=D7fSWv$S z&(*FU3Y9{8^9+yKEh%FXL0_JIb3o-K@m#anKK+b1Jvw3e>-wdb@24M93C=23ZFl;p7g@P? zmz6;8pi={9l0?e$ESmJ*>=$me*N$YP2q#9{!cyK`H^ctfLJf+Hc9DMU$JE|t%;=ub zx_J{s+rR!ha+ZDybYX+r8TS$P@#lfjv^4(>hvU8Z=DP$|ETPVpM(I z9jPeKHb1qWcDl!|Jo>u{!68e#p&>%iIG=R%gUZTLR4t!MD}GW1c~7RA*6Ez_eShvz z5@JIVp>pq`aO~B6sq&Z+^isB>Y|5{v+t-;!Y)f5kyqm}Z;`g{1@^=xZRPTQt)(p5S z^r{+jFm^h~eq)SO+Hf65ei@&xKk13g{u_S-M<-( z{3d%-FLMUF{(`xFK$5K)IN7C_qBy&tD?S7uylC}Z9L}D&8*g16dzDt;LsEYCC)qr* z%8Yxr?NV+*C=ie0J&`O0p|-xOV7IB4V|xj>79nW<)lE09cGMZ0hU#VVSDDT~_yueC zVn9NxTWZtfwmN?w-cVI!_kq#pcJB@&r;#meMqffC-_Ro`?ZJJbV{{ca@t93w#~)x1 zVO!eud|4&<*hzIj5Gg}SSZ-R$F{Jk)OoFTOxqi}ELjJy7;W@>7B|3oheT+n+Xl_H) zcf3Gu&-y;%(=+dQ4gOTkQD$tV)DlXF;GVCSoRxVvf&)6-D!fAeKIeM?VqiowqKXKv z6u+@H{YXjUcP0_}`}KHLX?F!Gy3`#_MxTyKuK1FtxPR3@#kT8svr+kR4}F>Q$0;U? zQtAE`FA>T{-1f3onieyrp3-{lA_By_s@Qz@b+CBCMn2HowlEH3U#u4R-IZs`+2GM!PcYr~jWs`h zWAVpz@6%0ukX@u1{4~Pf()nMRCPa>>1G60wm_yRAL3vL)AHyGC|=g7)&%rQy%LK4v$ zWWsXa_XT;A&9?Z`retLX<4ee+E|U2{{zqYwq&x5&lu*#^EOA)mX=sB^M?Qz64)JP< z-g4+06tRzTSBAskK<~eF${?m)x92>=itsjebl4U(c@%gI^AAD>; z{O#2O!kFS@XiwwC2gUO)>~+%0na#cyH+(6TWdD22Rq0@8oGG=qZf!sJLVCHE^xfv1 zC?wLwP*3`GyzvfW(9TR(z+rHNc^qJG8Gf)&aJAI9AGETJuk=|z&cl3=DUooI(ljJ? z!70<=Ao{~$-)|fbI>|zIvV6x}W74#B?+>XzSE5Tj40@;9R;%*0C#ogeMAd|x+sT#{SNp=me#F?&w_UY z4RgndKEuiY6_qAWG&sjZ=JW(-Sk^(7(cumA`m~EE!L`#mya=>Yz_9hPOoPkOpTq?3 z6FuRk(TEnN$J{ki@E{N%lYuUfWk{z$o9HWTCXFkIFW9ZSwgxs^H=L-?tCrmQd26g4 zxO4bs0tJ#hsG^{#P4)Z|XUI$7kQFtcPkC|Lq3zmemE#$dc37cArA=t%^X{M119D3gW%* zFiLNK_v`Ysk>BiHNW04X=J$0X8drP!4uW_*mfcTw3P+@-yzI{9oxZvezFKpp7l1CW&+y-v4Kmm6xu=Ni^t6kr$K7hhde_OgVFva`&$jPU|!Jfns>v z5*Qtw;<8PB^VYyYHIOC_MCYG5OUCQkWfv|Nq!9c%(f20qS>bszS)0T7)jYL-xpb1q z1PSI(Cm(#@IP&6V1lhmv$ycx|p~QF1f7wYSisVMKAWbt^%iY`3qh>?6~5*$`No#%XhckH16CD z4EPmWP9ml%2Zd-3t^S4#8LNF9vb|Pjt-RJ=rq1{^KPzd!?~J*ea(?%zmTR{gBC~wc zaTEQf>UT@ez)$v(#plzlw@~09bTEGL*CtFq@1Tt8^W$#i+MoyAmA*hP-{{#(d4E7F*TXj*e6g=`OXJLsH_cJuXeM-KP07YD+9>0j%ZCMPn<*)s zKZK>i+!uCik_0$*;n%%8a?<4QAGS0Q_j}#)&K!z^P88`NTAln6blX{|vyrkV zZM~~cjpY%L3Fv?bgD}y$;P^8NzcbN{@lYX(-{2|$$dG@NpnXUTS)CpojO*QTg- zl-vNwH%g3lY?rb&A&=4|hBB>Xw$|^y+|`PyJ34I%YxaoqDTZQB-FoGpc|$V28mty( zRjb2DnSX*E@u4e6xz@a|Rbo#+PJ%#a0UGF9J0S~HG3Ht$zFC4E z_UTD=5exA9Zrdb@Lzuths*l#fgl(8592cANGTXLgkNMgmwKX1E`hS~qA06D#o#ldY zZ4Wm`haIFkHdTmUBT%GTm7#7d9?Q+t2N1k~qu>kxFhGPE>%=t|KBlsV&KTh-^$h$yWzEl-5>`*-U#a4pn{JVn(EG zNWL)_f8S#%PqTs>b{azB5^TI_t+`h7roQ;_x3_m#1@ z!}_)NKoc^rQr@?|vwe}&XxUT#+w~COx$LMjgJ{-5fD1l()169FD@Ek>#LVAPzhskI zGyFL$VSA#%Pw&!oRdM7EzVmC5LNb-@%q^n(dcI_aa$Hq!61BO7?mJC2V?%PFe*4?j zoD!wwhXz9H3j>ZbIQA)Kcye?-j;M#^_AQwLYJI+MRl_ODuw~V)D9<*go$7o2%*Q%` z?i&r@5gm}C-zEk}zy1VaKuAt!l0hZfKLhR->+m1Yhl5s8kzDp5Ea zE=!{wG05E>BECnjMvtYOw)6@4f^4s%I-ajH(^9+zce+@Q?g@7VfN6Xt4=NT++ou*} z!7)N&b0q9xh^EVrj#dY&yAK?deJvWzIuqCDW)ADk;NtXC2e#*hyESpUwt9%{O1K9) z8#PqzoxoCd>->C6PJ;ihPNC+fzjQqnjDn;4d6ru#M&b_2x)%rQnWg8FvWL$5M4+w- zNvM9JQAB%ux2+`ulf337r`(m5^{E3_s%2_r8oJuo$nl6>h}x|CvWUx35ulMsE5V`xF=kIDbzY$ z-akRJI0b*dM*p;6(><63cq~HiOPM(>t&l0LR{0i^3ThmA^XCMaJRUo1d=W!+p=sIo z`$l0|Wo2lt!l%~bw(%I=JjHe``zzM1h1%(m0@O86w$6*k9!W@vw@zz}YK z!j(;TBtm=DQv*u!@w*BE6f;*z@Rx+KDw%$DL^E53)x}^%cC@>`27ACBtxM1{c30 zkOOwhQqab#V#wz+%&;Ur_xZ2#;a^iTdnj6NOjS5~jNq`h#P=O{KQOxdL1KuZFYe&h z@B$aYvjj0k75TbXw3k*RAed2&O;hos(X_tcVXj5y&#s$6i zYYG&TOFe?W_&G8n<^MNCBtQV)WEt_dE8c@@->cnVBNrc}F0l=xj*xk3{cY~@Lu|Ky zc3^l($o);NJ9gA2TnpDEgz^sb zoV15%srd0HR=Q5kFT4EM7)HxaaZJXiCHd<_lra+7A;aM(mt#%R=5)lV0*mFoYvbc0 zq_B!+;T4HR(|z9X@?mPZ2uu^P$9NPT&yfdXRnS3fy>IUQKI(d)O}8z$E%`Z(SzIwR zu5&i)<6mYw3Kk{ZAl`UKiA?kD{cF?wN)pss_8#NDAe}q^ob2ZK6?>?PBTdiyR}hD$ z!wHeYmpy1y#rejmx8K6;xza0)8ZLSFjH`;kfzmnH6Lyp6>Os4+WdK}yI1atUH*E=* z_8@z~yRS-0Ys2B|uvxn5Xn1oiQz{_xG;KiJa zMpuZroBtIfst*MXo~TT$kHs$g%i8=lyf*hDaL8R0Y3I<`?fIDH^TzF=lrjE3 zDFMQkWNHo^I^*gewMrK9K(uhPwe$M>$9omqXm;0v(rVVIUu4xjaoKwM z(t_=*3(sNLaFQjm5~z2<$384*%nz;U z{jCA4CG-Vb4>2%Pp;{j_>mw(;vq=4nI(C4Vf9OLR4amE?;)f%LfHAK2hR zsV94=fj>>q59Dn=vo%BOaJJrwbai$>&l?O;R3+>hRQ#X zXd!Y-njYEvod!Koyl$0rj9eJ9F~0Xn)_lOj*3jLJKH|>gMht%kApwD}_$ov$qdo z%^sA9G7x;ZNh;SSOep#IKyO-xW}`%W2e9d)KcexYad|Vw^p2Y6f)i`$)+e!%9x>l~ zO_#b;Lt;#9&UFiQ7JR^8>Gxcbf5O&1%!QKQPGNgQhhVk#(DgJJau`e4&Vp)`Wh zngWk%DY*HU2GbD*IVjj(Bm(=sv~Eg7b<-5~*+ddR+{st9Tcz=zjqfx7*-FOXCjo^R zVjl_b43Kj#0S`(yGI{y2LBH6M$1ow=InE{P8P(KaPf`4JASsDByWhqBlVOHM&y(wy zQ*E>bUGxtu7!l8k#168Z4kAM%X+^t-8M2qKydWn`i7Saz)QA?~;{=A;fARCB6Mxc$ z*iPz)7#)u%r^zueJPt@N+iz!bX6sJTK*F`{ur`YZ_RB<62T0E8G?Jb^nz{O~T%?oZ zjZ1J+io5%=MM4lwb&aih8p0knIo8Gh%s`}^OZjnFllD`)Fp~Q()uf+wD3v=jdZ0&) zCAK*#eny^-IZih&kENaY8{^kd2Rpgu`^G^(GjXR)#w|qoYP9H1?ds!vL-${(!Fk;3b;_I2WDsHukCMToi`0%qIL8^f&>2+jsI%g0$)F+>0K|i#ob57GyLyb=FZhV*PjA%#KX#u8fqs4F&wE~J2ozbFs|m~glBryke8VDC7v+tUH90EX zSA0p6b}~JVyx!p`Q$5kQpe@jT3yoR9SW?daF3@iq2Vk$BFQWBxVbSHcpfD5a zPvb`-vfoow?1(H+dpUZq231U7S?U$$vme(~oWchksiTKST~^=6g3n_sc5RjKB^eIV z?aHuc=>8sqb}hwc?ep=h?h*J$cDeAKE8gX0h)AI>;gy3>VfNa_#M{YW{sLe;`WNr* z^d-1BrtA26j8HH&Tb+xR&7|Y(b0m5dde@iOVH}*}irmAG((Q%$MW?||OkDedpVf8I zT(n32J4?4NK7JmARp?-EE@DoB6y%{+=qN0dcM zeOr9lCWWf0M&3mtON@wPo|IG?+GdDTq^5tKGtnRi_8u@`7vg#Ubpm!~q1G&o|8ss@ zPyY_y!BOMYM?CKA= zqZS5BeaS~>ijPZng#BMT*XtqEr6)Ps zB>I}RNV0&`BvadrrXZ+C!3JsFDU&Kzk@Mx+lID6lZ zg)IA6+`q?&WiS=5iwgS`4gY(JTvM8Q-I?+Wax=uxr1deO`6P)bI+M@x!1EsU#NunsxC3q`2(*qG2ud0G^omtH-0tfZq=xF7oc8u0qKcE zQ^5pTyZi3WM(q1c9@N93QU3jf-lAR2m#6u2yhr;gy4(JFQ3G_ltU=D?`KQoFY=qm$cH3a~w04ww8TWX^7tmFXvoO zj^!Y$ENCGD2xQOOJPE^iJP&VvIeJ&*IW`suI(KSz2b)*A$CqGmf4+%*e#5jHNnd>yKmn}!S@6!H_b z0^NmFoxqxzWx(Fz7GpCO3h#YY{s00`kfGcB@iAwjm2#1@1Sd}mf@AmaaF-JtOqJn* zsbYRoUvce*S9ZH5?P?uX0bU+o;%kszEqjpr1sD$(b5v|3NvQop1qM7^A`h@niQQKy z*b6s`(;3gX{d*>d#!ePLe5yu^=(zBy@c~SlHVOqp*C_Y3)sMc^tJH@hW|ctn(VDId ze|&$Bzp7n{_@L&ZG&r%w5KULX`(x^h^SvzhEUN9wgG)&=!!*IK!m7FLmqVAq4J!na z%>RDH*`(7xeO5DtPx8ulpOf6Yn98*GtTmVp*i5AxdYke(BAAS^(5ESrY3$5ZKH-`1 zrA!hL*~rP=!#BMveLU7w;Tu#>)&RSaL*JKRW46dww-I~?K0Xn!P>-NLujyN?*kh&V zF-2dMr<1bF*UinSO7>%} zu%2b$O)c=feZ>i{K;>p@SpzWyyj`Ms=`r3>sdtvf>1I|9oW0@IZwzt5=m`}05_r0C zk^`m5EnpOMgpWlA zc||9lO3R>|J+LZOOBI__4;W6I=xf;Blt2PkM1>E|$kChrFMT_CW699MR35A+%TnCE zko%P`P1wIq!^|T#uVMZ}SjTqV8QJN9$8U(F`2Fyz*IuEy?9}h)+%EogZhrZauSHG8 za92@Y(_6izKW2g0v-QnIs7t61bx{Kg9DRgaJW^YsUBn<43bMHJoCIiX5&Hzc?E$Em zstYDh6_KHFbF&^!0TAi|nnf%kit@6i_3Zkq;svu5MsS9inrr%eBNEu!Topo(4t}^M zUa}GIOXG82_pZZJp!Y&qU`l`Opwyz&DUfY2Z+F^xaxJpy{y)plX2>f4lU{4w|S74t+{Vyqf@0@0jjnqevkwm*kT#gqi`=ORI)9?>qAD5qcK5;T;Jdg%%|&!`~OMeN!pF4`YYXo9rL zdmj0Q>=D>b{G~=}h^;1%Ej&b&3SGc=Z0Bxx#PM8)&J{zr1h>rS;T^LIYCc;E4>W+j zknj*XYxPPB@cL%e7BHou(9^tkxL_YLN)H$;ypU0Co6#H|9u);qgR1RTk~ zAiq9%TVzK#s1xn(cJ71>Dx>O-947nt7LnT=U=kP6`QS~=|GXMEKMJAj&6VB1-Is zwo^%tg!a_zZL3xvJLjYmAd`NKn;^mptgO4;sJD+|wm$51ju)|4fiCpQqKFrOqm+GU zfzREly1W3*=&1j^77e@qkJA#>8m=y?iKe3Zw^?0&$VKKzwxMiB@bEaLXHIeGf&k!E4G9rPQT@; zZMBjR3~&$3tnICe0!S016qolfO(RW+xL!~F$Xt2Hi4GN6sy%|ae|P$~e|NgbyJS0x zuD427Mh4ai%1%jRZsblK%ZBe+9VV!)dS$CR5SPitt2a<4CiB&vE-|?12|IpFZco5^ z)3wZ7{?C!Nc-qY$`J<`_Hq=H3-_HET6-`%uRYUCbv9!9#o4O6aK3PqpvO2-F@Y4RQ z7e!jMubYs!DR$g&*3r)#_ERTEA8lB^+k4}q=d*=_8V4S?UUDmAxgN*Yt_Se&RjEu$xYSx1}=xMvi&c(hwDVYCgJ&69<#h?y2!o#!)o?`Y<6J z`QjIyZU4554^{$#pT{}lan5~M0X74k9)jwu%aqc2V_Sznc-V#dY)ChgJYlW97$+ULg- zdFaoy@#Lg*lr&QBL`Ydy^#7Wt^zy*|Mg8DQi6JBTvat8<&&gMCaHV#g+r(U9Yfv;mp9!ENEDF+A1pTu^@&!BL-0TZ|NuxueJUJwYsH#{J?| zx#v0Qm^T`I9h)Xx(9}4-<_hm!hJXrX@&St5i)e9>E5C zZN#V`MZa7XaT&I-^d+c@xu=ODCY&6j>uhL1(YQP9eQ57i24Sab>Tx5J*pP~bO{`ww zIq?P(6LMbE9}Vz}R&o)TMQeh&%|HhhSe`&*DmZb*67LhKonDZ+ApsfVFRlRr8C=fy zofTasrq!+2p`^= zG)Li)+}sQQvv<%Q5?S!4&->>+2U-ET)G0WzoUYY79cm+=0*G#6-gUXyddFzJ0VlJz zWx4osF#sP=`^>I`L95q9fHt*5LSLO((j$hq--dO9ZN^3KzWhqlvXt9GP9l6HFLneN zh_HsDJFeM&H5>F{s2gsAo;O5<&_5%F9ey2Rbx3$z0)1dKSSkLvWNG|rnQV5MW_d@I z>PS8A$QfORxzMwy*%h)i(=ypwsy70!)CT|gwIFWMcm{tr-zeJsaQ*7`M(|0q`RLqD zZJYN^-OGF2Wb-CH!*W^P+6UoUQ#HA;!5L&}ikGC_VvlKL`D92*H}LPdmJom}{Z`MG zUeJ6VQxn-)&_Jq!v{vh1Ofs&btBK@jWmrZTew!002aF^=4c3Y%IIKV%w<9nt)drO2 z+aArezoy-G56@`*QvOMd$zjV%TTxGc4V}$uBN2pkf$4fkEs2HxB3_E+77s8&q<>33uHOrV~nv-*dcBkflmB*)o31Z8i zK;i{Af&2Db?bO@aZ-*Fji#=C8K9&?`;21NUr_#dfEng@UK5?Xt6sV+X#rQe&ifq_< zj#iYcQEDu*{NhX*+0QSsebS0nAcGnvegN}I0!+C0ohsEw7~PwGS17(4wG#Uiw)32V zfWehfkq*ia+EAD%&U|;SZ%>)ua&#Sf-H`d;<8lIzGKL~@F4@ty!e4mPNmo&6PjjC_ zRID82VP)s=jWpDbse7;MwbdR@lHDRvy?xPx3Qpj3Ba64C+dQ+HcfYfgDLtA*tXW(( zn&(?Ylr}?D_^2y1tX_kjuns^J_;a3x)7=c=51rSEIurs1HJ9&wOR3+epOVLylz(hD z$adOgi>3%XduhW1`2BJ5!4ra#ON9T|DOYKLaA|WT_!s=`f~gSgl#_G;N-;8k=M7h8 z8Rx+x+OCKXo~>;wc4Z;^ZKlHuW%OMX$4pv{1`1owD>@!DRfy8L8y~&&?YnTj{K0L1tD}+ysri%f&;x6U;M(5uC|F zFwgbYS;bdrFYWh%OJ4JfHcY1_aqXS=t%kqKO{%7h?{9j+IE%Wo7UxqQ6|7Wfh?LfN ziu+KQO|=dz)h*d{hg$cnmJ&z|?gC{hC$nF3J=}lAa7`gU%%zDtn#Xh_?BfkF{I*-{ zcI5q{G+Q4es#!bbB?4M zry&t7_y7zYtm*C&yjC&!bJ0*2*-z_YXF4WH`0hs2a7?lL9@+kEva(i@)m1f~*UJdL zXvH0jU&S)(njnnvu9x00^%=S$L}@viV3fpzss+!5m`a{a5AV+?&U7ge+Ry{qq>*9B zzqTs7LrS_&gIjT?3xNmOe}p(svCOF5BHMY~@lQT0D(ruJ_|R?z{{LU0%*r|u`4B!k zrx(Ijk+R9bV)a(Hi2i`}=%C8`Hu(@S`*OI>HsQ;azgm5#{(Ie%N?W$BsI}_M`6^qpGrugt#bnd=V##BY!vVWq% zPs&j_Ba7E%u~t@1V;>pT*SrRlVkmWE#0i<(29ka<`#k3wtyOWQf#7edPxFF3JxG|j zF_F)syDq2)3h(i%VD7Tw5h=*xZX8ugPOjZGZ{kLC9zK{_VISS{foH;nT0ppP@}lK7<*A;C5rhKAkgRJ%I@}Eu%{Ten z=pb&$v$Wrn`dCKxr#&p-x;5BJm)B14q+}jrrO@{|pT}Ca__izLEtl1!M1& zVqR!@`p6Kv?Y1fDj~b%HT4}w?5^PD4X3>Ll3CD1q%}@Ld3~Xb|y-WzM+_|usqtnp_@LFAltYD2MllfIxN91yt zz;JQU?O@BodW=2P#x0H8AIlj+EU3{;*Z^X)lpS9Be2J{RyN7x(;0$JJ6-j2CalGLU z?(XJP3y6tOZz>Xpup*N?m})-p%h!w$7;}4da0)++xIZO|gQ5l8t)6BkyGJl})xyATd-B80^YEDq8n#47 zLDS?FA4_>j-U~s$l;a=o^%4xB74`}J^(8$Qi^d>$w@VF?M`=vPkV_~Lxc&{}v)Zz> zPwQwWvFS8AvF(u=WUFgWUGqrQ=*w$H8d!2%7uS%s`Dm5#TT;rWAe=1D3aV5!n0%rzYJ(s5Js500uJyZky z5p}ZI5a_~NVtbNF-XQHvXZ1(BcJ-Bu3x;*8{sClMoRr?nl(r+(T2Dv%@#3mIG1ojS z>%~28n704y)Q+lk;>rt+(>PD`_HB9^GF%YBP4VodPXb#*USf_*?B;-#^jwm(3k6<`{6P!Hy9j`GPF+k_XzQQ>vxZynkAD(ri=lGTRap!QSJ9#9gfyP$#L{uHO% zdl)t+1aLDdauIUI3z`3we@_2ybNxc`l3Cpm8L3c8=hddf8gN@YX_SgDmS0#VZfIxQBvW^LjPjUT%6)m3hc3%c z!$l5IZ=k7mB^Q5;OBxGC+y3k_XuyVEpV^sOSzibRK8Yd-*%2&@asC)(#WEhUbk%A7b>T3+N^wGk6;Dy|pe)q@Mah=OfE&GM;)L?~Rs|6}`V9 zIve~Wk+1utiiHp57W^-g2<5P8AtVwm;Ql-m_w5tPE$DLB4Ja9UcwmewZj22q{;}z$ zMh?#LkLND1k8)$XxrSHu;fEgyzJ6zP zZs6-%e5$k_(5vJ4abILBgs*XTloUE=pj5st>k~1HVm-7Az-K<~CQi*F(39#fHtsK4 zFK>gAE}jitDlM-(7W8@fq+;P?<|(epu&Vz~_DU5|tO?2cxjf#!lKo*Lp(DeyPWg&T zD!GHI5!MX}!mU0H$br{U-+j{6iIMAkjNV@{U1C60Qxt|)IW2t+j!t`TQxCVjT}`wY z;$U(TM%LNR;BQ`Hjh#n7-WqdHKdl~}rr`RtHl`Qy7=n*ZFjb!_Py-||g&f8#7_6<8 zMH?7)CWL$OHU8F~o7JnGy~f(Y$OXbbf}eUyphVAvrF)FK~`l+)ujmT<^x}o{!mS^z_3oxq`H`y3b}EY#A7RC4nH8 z3xJ7C&au3?|B(Nl-F4ONpuxotSmf;e+eb#MSkp%>8Zk#?XBEf~D8iIlmH%<7E^#QP zIYo_Iy8GZRSGThUJ=W_WeIF9oq<>Yg=Djt$d@L=XH)t1Ytg^gvk;P!v+d3jFHd56* z!Y{f}QR`?RG~WMgP_G}`;e_97Fs}e+tnuLIw9lzY`@Lo~yg8t1+g|UZ$LN*ivnWz+ z%spaA%b)N?avK^Z(=(HNlgob1p`_L8c6VmGCCSFFT~NJiOHu2_yTKxRSg5yjn_r>7 zuvtZ3gF(NUleOPl-+*i{o~Xo};}ezY?9i+h=h`;(vk0cwO*zgH;8xW8FQRi02Lp5zwjH7Y4C&D?Bhk&H-Cmyy z({1Wm^^x79so$c-VN0vCsj!Jd{DQI%R2BV?x!zoDwvK656(hnK?*9jI7B!G+Ul`4% zP-LE#`U{(cSpVVj`$MXg=kx@K$-DJw0ei^PqL^{}y`;ST03S-f$HMZJz~c0k4VvfD zUkcb({oHJl20mpj3~*0#VHkN&RzU}FM!l%(KlqaCXWxGBDH`O--##kAIMcpc_AXjW z$Z?*0-qGSUPgXtRR~(>=RwKTWj@!2GD?*0UjS*Qg4dEaPk-nA^m)^pr8t3{3W9SG$ zq|0>=<51lw7hp}M0OWE&s4HNP5o#-S zxvbe*ob+#2hVU0sVQ&CW{c~SmFJY0z{7hV^7j$yuYdzmG^zfwwNP1>HZ)gO*O~1=N zEyc?F&lsCO@BeXc#ho~Vqxxfdb4H%3+KKsD&;!K46}7svY+j=61ZMf4Na2FlYUiva zy$-*a8zJIeV87FKv&?cmd7a!Rn;YObsuWDmB68&N4oOjgIv=ByUmK~(?z%f*LJ1Eo za&U-z@Em0Y!Og}zSE+)Je6PD0=Zx67%%$;r+uV3&M4&O+Plazn$^2H%V4n4P^{f$3 z_^P=8k?_AB`DvZNWLcoL*xJ*(^xb{Q;MAt6BbMtY`ASai+|Ad1RVlFdm~{v&S-Gq| zMH8h!Cf0?k3U;2#*WA)u^@^Kn0^Sm1x3dTQTlNf!;-n|YB(B&FR{_0Ww4#kvH(9Z6 z%8VggfuEXEimzX}-{1GnzNTACGTp8v4Q6SX^JB8y*`^jcU8pNCj5iH2^x1K!cv?I( z^Hl$r-U(JDoIFImk#`?>w=YiAL{@CF%5xfFO7Fk4tJ@HrZDFA@M1t;rF>ImO$v2So zs0y>PT3!^PW6+WhMS2j*IY5=UN4Ki(Nf}&GIQPX5VXBubS-lw} z2m3OY-W|5D39lGt@nxUCUlvbPe0V0$EioQzifTL+vk5pA7?((+>V$uul&dHLbO}0f zg(cC^*iM{{#1&j8d>R@)ggIg{~rh_Qdz>y=d zj`aEv7JXRpyZNLt?ALVnt4NDIyM#AnWc8Z1nyou`LDx6IWL$+7g9Fpfi|h7+<@zVQ zmzOK&1|kMvdd87eC&B@~D`@X&H-Kk;`e3#UXmWG8$!}}BQ!^sofA&CV&KG(X%y(?a z6?8`BeCsf~nUN=$dAI%Qz5BDIP@j1Mx-UJTs7}lGe`U|JFAnMz@NPDGR4gaopAr^< zK)W5JaQQQ1wZKpL+n1FmJ+zy9ex9_> z^`@Yj;f?=S_MCWjn&r!f1qc+yHbv-=e#8>|f6l+RY4tMd8k<8NT4OPFX<}uR*<7IP zlzJSK>y6xVlJ=QvpVZ$G*Uy3fI8+t*ihaftEpsJL%=ujIZGH8er#wAaa&Qx$aspWs zM0K_P>uxnXx+W`{Cc@v^l?fnZ4V$$8V_tz`5-y|fKH|Ez&cX7w^7I>^2acbtA&mG9 zCMt4NZ#(}9co!U(P_?gI$+}z2Mb)<%2O7xtu>MEnGdM1lp42JTchh4v#ZD~yQ1#ac zbEIiEzY`0;YFULp<2{j0I|YB_tDN(LI^~yK?KwkSPEi7#$QkX&*?L28^onb$&1~1* zXk#o%HF3r$&E}9pp3)6<;CT>7ZZ)8;auYFTNKT1x`DKRN2z_Gf{dGZ#+csfDYK~-V zm6%NMG2uJMyVyj% za9RhIas>)1Z6(zxmt#a|hHa(_=>>bnL#C(qcV`{&3frWGKX3aipNG(9*IN1C7xND4 zu}Q+ppt&_r)Q-OgHZ)Yu077Dpbg3~G($w94aqDXLoYmSO>+`dB(-#hQC7rt`59Z@km6j zZe6PZAJC{d63Lp{npyaw1B%nDv-_eGx=K{SWBSL|C<#HkIrGw?IxV(aC|L!sW!xOV zZ0#(jb-@mg^WQ*~eOOlrL?=svRZo^%VbIBg@Iw-f59OwJvTb`CaV-lcypa?pk~NMp65l{&R^CYq>#M1lgCS2Mikr19Co}9j*u2IKHZTeWp(R;t@6#tk*tR~Y z{uZy?S*(raAzEcOmi@NYh!{I&~GbcFCC)gy$B^0*^=4X(1-AUov@6z&qQ+3;p zt1{aUiIJMFl?;6!`ZJn~Gpsy)@=sBF4pI*sI&eF&JS!75S(=)47iWy6nw=)d3U!xO zvpDp4EHLcZ>d~*GEdaFTUddYDj(Fg%BZca_$ z>ay%VHD}|3;d4-tYTbbIE4L8z|L|!8z1X~4YlhF|r|beC`q^~U8szrI^jxYQ*bcs- zn#NvJfDHT^Mqs7wyEejFSx3_DUzId!v?43QQ@e+xOdR$9x=8RLvtMrMgwlJI8TJ?k z+dfUhya%d0b0l`B_{cjr*d*|Sbl)%*!hjTX{sUyUcn*KOZ9h=KuX)b$VHs&ds%tya zDA<>kH?UPi#Wiqeq1ugp+OVDDlYR%#?pgET+Di!epGe`AgfKi~ZEYrm$;qsoKB5Lu4iS4Sd{a&rX)hWSTBJ55(>*Vcg>D#}-q zapW3q@9mA39Q{3PncXhFCCsDTHfKv}z2t>K$ba2K`5&6kORKtj$3=9n(`gQrh3hL% zL3by{UVk~N@~ zkdONoZ6d;Z48atfiaoPKKn0GhdHl$Q*t)-w45MAcK`vr@-li z6sIuK9tpjVtlww0;3$~jH#UH#kXj{Q3JI3?l>|gMUgq^WOYqUki2h}Du|ZcivZpQZ z%LN3FS3JhJllM2hakaKKp!~L^UNu%Vs&TaeG=uKE8)p$(^Y$;k08My zn}_hBi=N%O_q^TahrLh3h>v!8Cb0;%8YY&lJX`UraX!mga{UjCvN3tmj?&RH{vS$) z`pHVfm5FQUq#fk4X#25}tFEIpQ+hGU)AROyyIQeimV$u!j&HjNZ{kbA#gR?Em~Myj zOC4a&H%@%*D<}HOd~r%29g5Xe636$69|g_feQ}P%^hJMBxtvl(^u}B<5sRUesN@}L zNgS2DKg7Kl~%AvQL^n?BGhked|Z__M`H%*qJ>f)5R z+)ae~p}jp!8e)??x@r3$d-r4LWxEfa(Q=J!N?t~5)O4zMmm7Y5#^=a$9xP< zPb+a8tkxSn0pM5avYPjh=RP;VZ{Fy_2>Xl_#Bg4WTxRm4UEaF39-hJJ{zb6B6wXrq z9qF{?{Q4KwX4yD`BXexTNSzB!Rq|Xu<;A6Jeb1pP|D{hqD93eM`@7fdow>J>H`DRi z*omj!t$CC~xYK#P{n7R2%{@as_p3E4)0ymM-m6i!FyWTZAXge6d>q~Zmzp!jQv6IH zl1SE;aynt=%lMM1-aF?|;u|_#cte2iq_&iLFql!ZPVY8zDU6k`7xEvb6B1tL7TDK& z1lcCo(%+Ky;(;%t|8kA^*qUV{Fvjw)onB9G2JJsr@cH}*VoK@srBy19SiGny(|z`? zJ~Ei$M@PvUW=AoZfu~ehVD@i{EI)1Of5@ogsSCv^(#55P4dkTdWvVJr3bI7 zT0dspe$Ajnd8LpH$X^nLPp{{ZS?0OijXw@+yV0L6Jfu4})*4`^(YMXTz3N>D>`qfv z4;LdJpvj$6dcS<3?)v6oy&|=#3|(aT-P-rFYym@&)H=F`%3JV6UUax8@n3CFn#W9I z#5|~BM4k-R8?GnKUnEXwz)$(Z*R+eEjzwpLXPHfOURDddNDIh^J6`Dj3ipLxW%2yM zwz0J0eQ~yPVN>}fl0Me(G}nJzG5bZVOQ`kyfTs(P8tO%p3fU(~K8u*&;}>0lC+fL- zXhlh}Y2{guE#XG`J9&Lwud_)`P>WRqthpj)u77`RVdgpv82Wts5>%p@K;hC?5mn#O zY*LG2lv4Ei6Z`5KE--b8KwFMmi(B_!`BfmK$v*R|&$k0>z|_#kxk@K8X*aE+y*ES*LoOQ5 zc+#R@`e@b7b|Ji*Xzg54sJIvoi1;>zM`M>_?KYUPaZ~V~^ig%@5hj0`)xcw!Gk367 zK`1ndJ!i zHL-*45qDKGZd7?`>JwsFA^_hkz{1)rBvJPEp+o38@Ae`WJa}rNrfY8_J1pXal!txm zA8gF!VrV+r<;T+xX*cyj#hsGump(d-cH4g><{Z5>)$=UH5D5}6cGg|=sgS2z01ee3 zpt%I|Np)ksV(E(an()8)T7x6*NsTH4F<*R#n$9+pk1rcD(()(w!M`1>%b9=(2-3_Z zb=_L=L}@MaZE}wH!A1tQ4H)#p5R1=({r{EXnCNr=$$yD11nlCahv-dkQRIIkd4Klw zC~QfpYU*#4#YCIJPFH_SIfNjUjib@P!>i`zvYrE&1dcKdo1JxG2YmmeBQ^cR`>uR5 zlFZQ3%43^X_tX!|S~jNr>7o?{{tzPzI8lH-qLRcuyeg;T5uYn8qhH#k9mB=@)6obj zcITA5aG;5UN%pkv2TL@u%0}%1E#tU+F%FaCjh4c;&)bdmT#a62)(_gpFPzm;GpjL^ za;aQ{1tR|Pz$6TCOEe^tAj7II?HvRf?34T_XO9r)N4)Yj8||%uCQTr+q|ln(lb&$q9P!? zw{PsF+Gqhd>xXtSqKhel@kW8m-*58667SXGqh8k9u^pJQS2H+Z8!~#Cy7i?Reb;w)O5tFx2f)qynH#>tRZYKpIX@fhqCaxs^30((nUpR&yfW z6-IJ+e=}di81iadndm=rbGH}uw{)S84Cef++{eaqYkQr?*tq|u%zCCzVFC`#=yKU} z7p<5r&$J0L}+xc7iCj4dawb*CWbRC7=BcXW^Nhim33bt$=nPw+#z~po8PDiEB zr$5$ry@lTJo}C)6@Zfl+d4$94=DgEz^AHWPU|jfU+%^8`-GwqPnA=WgQ&&v%L)7bX zKy&Yvm@alSMQv!O)!L0Dlk7xj{BSeQBH4S`Zd>JBu{+H}{#!A7y!E_=Ok?S*B)Ol6 zQS~c4q|D8^st%Y3UA4ph!$QDm?|JvfrN)W|7F3S;oxgPddA-3BfJ60n zTsp2DleRT3l{L5Z#VDUNe`?d4qVD5*b)sf3+C@up=tgLGkq*)L{HWh!O zLxrEfPoTrb8dVV)e*dzJfmVi2R_}hs9;cfnziJq^p!U|^76&Dq$%_NTRQ+6pc>$0sM=z zRkYX`@7_=T=KBfXlMKbBNxZ^7-S7boJ0-h#5jzj%#wcT`clgCf57ysX!K z{B9o07rgkk7P7_h;)@Mv>#8`w>3elrZ4Mo!yNuvWx6=;@joXLvPj(&&TtQeJrZP;U zi>ddxzT{_+3uPv5r?{Uky5iwr*|I^b?e9nD0rvWeTFSfZUwAilr_Ij{-SxPV;!bRE zR9)+3(-_DNqe6Rz5SxPb#PrmCeyZrgPm(w++CT`5uX$6yvgh2beEnoh|_nbTQC zpasmE)p@@~{R^x4W88cOGzE#~Mdiu(3VCvR+t+Ljfs&m%XOOJ7k7m+!_`N2Fc!lN$ zxlX^w&R2&XZ~*XZnie80)E9Ux20j+t*ebnvj9Tp_r1Do54t=%JBt*n1Iz+61G=#Fb^f4cbXl^9R~Hb zI1$>@r4x-@cX5&j4SR{&onshUZXM(iKNdIaS$6vnQ*rCKkg=Q0|GC#UaQ_HjxZ=`s zbn#q{adkfK>6$#|R#j}L0B|_%AqlM(eixih*R!oXx{+jVfAoSt>u&y$TlVB7Ogf5$ zXY|&l6)|UgIa|2OWkZ#hjV!Xckh*+pke$|zo8bs+j%#huq$Ln{^9@jQLZVr-}RjjR&6vDj;eyQ6>_$|t^@u}oxY>oF*}csrTrnu zhB-exc@&_bNPqa5(?-je+)mefr=tdWd{ONJk+;BK<)Z-=*n#`Uc!CW|q%R1rE*fUT zrqEW~lRyXB=s$>;7flILB4($Q#zG~yQ<%8V#Vhe~#vAYxp60mXy~3MAx-r#BkE^j1 zT$}FVyo>rFB>7FPy6ZGtsNU(ob~rrH&470a2~Q&^jUdoUc@B^(~Y+~zr68nnw367yGP-h zM~4i`A&Me9qQ`v0=BlbKb}Re zZ$~bJv*&dJxI@f|DM)d$%b4X}NZi#udKUSv(;oV3Ol3pa6FKJ7lfEr!l>f41rdY8< zy05_*yq|Wz>HSknPtvQn$H<1f4)Bfh%7Ocdg5ig(S!Vf%ssx90i;j<8)C!0AoFlBy z=?am6vU=UdygLSatTAUw>Js!!eQ@PXt8>TZimpS%ap=Kx##n3k0|+COZ;*AD+3Rtg zm-o4Eiv8buA+VW6EO=Gqo=Oj&!)JP*a(Rr*FI=qK!0|7q7b?`pjOA#(KI&OJ=#9(r zCw&8PvdX0rKiPfqsS7=W%Qf$oX97Z8 zykQYxrE0r{|MCmG7{W?tx~M%FI#BtWZD&F7H}^0ZyLOwCunFokvrQqHl3b@+sJaV3 z`pfX2CytJO6%pz_qkA!l1J^W;U!4hcdyUeANQMl^SP`7g;2(r;3PiY{Dj&zNQOEUq zwB$60p|`iI&1s*JfuZ(+)Tg;2qK!!Of0G(HN>w_xiOGw3V#|)r!HT#>NbwaweW$aa z7{ZgU?lKCSSc-1ZWZHe`UeKZ0JtGvkXZj$R0$4Y13W?t1C?0REc^C4I^YIt2H?5zd z^-EPl*3$zS{ATU*4*!si&@O0eL8g!Ol+dxwsxXdUUsix04crDO|6+|E2r<~ND3Ic= z$HPyi8i`Iu=ZPSJfmCU;0m{1NlLltd@rtb}RG4X=XM5Cno5#vxo%FcP%ZtKT zN>8FY;^kwli(wB>tfZ&=+?+K8U$L>3kmBo-ze|E#k~UdHCe*e_IshaLqU<(4p#H=m z7MkIwNntXE{_t_pa2A5ryU)VL)F017`RMZ0?cXz+JFB;tZBOEouJT=&{`M>5i5I?e z?msgV;)R8vIb0oD9?{}zVljhOPTdSs{!qzoDba~Q;&?OHb*Ie^0?c%k^s)3T!Zp6N z9<=caLBtVVZe?SKG}yM$2e^WcCscH|J8sa%kBBk42;IB97;5M}1AKJtv;r8KTxGj|G%NkRQqr4sy`Tx0TYd^*KljDo$^glO! zX<6@Z1b$f1$4GbBV=LGyBSPM3Iq&Ffzw}&!)Rk8Rswg*P+ZbL9ylJ}# zQ8~+n?^gL<$bKf?p3JHw=_z#_?0DB$4bwf=_j&42R$ptrEWBv5uw1)$BftUA$#$E|c3ZW47I39Jdc4*7u&xLtVrx6%-nBKq5!jF^;{L>YWAp zA;Wah>wx<;(e3au8Gq-o5!Ra`qUncc$`zf}na3_yL8RrxS?9q}FQYeC#0T?@`rWJ2 z%c>k9#E3U%`eRV)Dxqgtt2#_sFdKfHI>gh!!yiYV+cep|Ti-XktNI05@!}qIV;?zU zW%gJXwf|Ij1G!9TC(YV_v56J4^_=Ou*g2>7OvaM@yP>`^#KjaCRy~q6%)!20cSF}D z)w|R7V7#A<(N!65V@h;96#&uT)x3Y{YO8q@P`>4S)qO4Io}CF?=TZR8+qK=+5+2p* z?Zdy}bVVDL(ohb#pyRo{)0MRb8CgN(Zf{2x-71<@Mx6Ig1EPvDyk#XOs!7sZCvF&uUD4{x6NAyrVI& zgxO+xbpu5E-m=H&Vl*UOI+ChZc&N5Vq*{DpzGYqGi5UVcD$fK~( z_=!g^Ao2&jV2kD1#L6HNU{e_A;mVeVpA5g z(_R0oQywIN^m7^S4Oasn%fdWJ`?J)v!A0sq8seqwd{)cci`qx`nz z5Z$`)_TFg19J7zb^8B(A0*wLK@EE z44#8Vrrp>Z1U!z!v*lmck$L!#@1X52<1T;3bk!Cz*_YFI)#-~ za5lvqCvhL!Nz9vPF-)${X8`>L=Ay^n>LniKD7|qNyd~mLqy!#BN0`S~{JW6}v>5IT9lXW!YnXm@#9ACu_(V`%%xu-H!oG9u}~OwwN<=rXO0Py z=Fu&bUXrmwHHqL`qQ|Qf)g445ESyRpyJwd#z0b2X8$k8gIFMMs|B4FTJXs!3oln_% z(?QDFBW+yH^+07e>M(^3f8$hk(@meBVOV}Hajyrz6y+bP13};PaAa6H#&^U`ge?}q z7Dl4~g`1BI!}~AeB*`~M$No<#JYfN~C!}-ur)PIQx@7tf8kj zyT*RP+aHtC>w&*Z+fx6~(H!*qT!U=huHUp7Kv-MQ9H+X&t|SHT9%T*D8-Ca?lh|p?PCl zANEUgdG^b~+xYN`U(E$Q(7SYlTBb8wPBoYBobOs#z^YB1@5>mK9JHaPH9iQORH-=? z#B|WNp!{|%^)J=}5-1HK(dxiG$6uMa+eFmOSqK!AOXNDuG-zwy5r`z`+`g!k9x;4~ zmH+M3;N>WF-t;L){kXkbX3wAQLlY*JKoj6J^IAuYB{#4|#Hea#%wwDz-5)o0v$j`c zj3>ph(|q2x;QY(qn4;&xXx|8j>hKg*@>gmrsG&vQHRA$$4(lWA-ls_)eGjqq1j-e= zb{Ox6I&^;vY`QH+Gz~p`oX`wc)HZp5teM79I-grCOVM*!NAT}?8NMenl?a1JE>(Aw?j z@L10Jzg5Mm-p=gJPiH|f|DDPhMfkjX7MLr*y@X8k>R&f~Qdh(|{r|A_7G6>R(etnY zBDtV+3Mk!3EhR0Yq;yMncPZV7ba!`m$I{)k(z(Ew7c?(f`qTABX@jyi6B#A)E%*0e^BKDk-x3=>!QgH{I(JDsihvHG$q6kUFIFk<# zyo#P3Ar9*hA~}BZ#is%zvNMvByGrJ;fu9i9uWysP{;zjG9eJr4S9?I0_F-r;lH2)i zsAdC#$Ta^CvFMZ3M-~?4F$FpsyjV+s2E2CaoRFAp#*=sDWZ$8ljm`M4K0)0SJ9%F0!=s7{NU!$H5psti{s?>lF#TnNu7f-n%!VAPEv50 zJxE><6!Ji`d=+9OnTCuK8-i~VdwDpwF?pWT3UfB;b;(|_%PhKLW%{_?Q{WA5# zKjjGju;2ILl+CX_SFv-wI+m>PK6a73ZgsBfZo^V1Km=;EG{)ZW|CD zxcc380V~1eUrhtsnC-ujoxVR!8}t&W^#Z%8zY|AR{!hL^u?Ic=BCc1=BK4SA=DM&B zHrZ>baqk1y*EW;F2+ATSIJ3ak^7iow=vTejbVP~eP~P&zNiwJgyeaOs5F;+@Bb+|E zzh#H;2|g6JTx15c0etSI!D@kH|I$Wu4QT}bgQZL9NQ z`Mh`cr=s0Q8QR*I69FMT!xPfz=io-kcM_EpayC0X$wWNUh)f(r80zNNrR~r`R-ZQ# zd*f3$F7)_h@JdXyFE zfK1->U4TTlSv^oZI(jc+fH%)weSIilMj8$C?%RD&Ti`pxN^eWruQNT)y`adIOKR7A z66rc?gV+8TE9jrRb>F`u@R{mrk&3tNLrC2D#(p!rMdSq|&%~wPUpe=PCfIq!1xzil zUyo?pCeFwKnPudvE>!4-NW}0+*V{NOSs(++Ds2Hp`cxCL_vWh_qhO@bZRhk1(6oVu z#KCcj$FKJ|$XOn>CjF)Dp(D+y!A@4>967&ytgI2Oc1mRzEArpxgc6IMlM3DyVqBO- zm%6Mv8kyJB{4dg+Qb+o;x1-fw9)9xbvn^%SGoxO``PM1WKar5?a1`n}^XlFgc;#xbc#~+yU2@_i$ex5dlulOt|#eU-0{d}dI;NAFu zL6uK9F@NFeS3pEzC3t;jVfS`7^w7d!)gc{zurO?|_GjDg@iyimPFv{Y)5=qk%N@AO zclkl4su-CJudaF);IE^K*)axsc{8a#rMA&zD_jI?)OcU(Dcp1> z{b5gvi~%KB@EBaa?wQuB=Q zhYgH>fG(FF{vTAdWe;%82Z%b?vjK0;8_Vc!lOruukeiEuYWg(U#jf!eZN=bZMg%Vl zJ6lyWc!m#gTq3mQnqdmM`Y!584mdHUxPCinc0kgA2Gk;}cvp;>G$oGOe>;KK)44fB8%hR;Mt%W#eO z^~`ilS0t=CE3@EoTCg^6)~l54x{AI+pV4+h&^SlYS2W-OJqmW)Z@zHz(*td2%N6_T zMxc{tqkD$XN4S&^GJb!3M%1M)o^(sJG;-hFSF^)I^oE^5>)^8!S%e9XmT#ML?c$*F z`w%iC+Up32@`Ur8c>got2M4E4yz)KhA5dy0W){iK$T;#!yfkDwBs;Bt|6Z0AYNw^$ z#%k@_D>Kma?>6@sxU<$$u<$_ldw*tZB;d)?dXVqs(m1l<f_GwpV}1~; zjG^-AGmo=?MhkZe63!=h45cIPaqEKb;Wr%0-{r;H?}c1^DCc&ddLC&fQZOrnQLYEV z|CI%>Xe!F}^J$^N>`F7C&n+C?YF`#Pv!<^_f0}ZdOe1mZ#)@NvY29FOCdy z@2`*h`+WS`b=j}(bB=&#^LNy;XMfgU_G5xzNXUQDyCL-FKROkfoXQ09sYCv^5>toz zY+>+%I#M>vDfizw1_1F|k*(s56R-dW|5)Z>dk^Cu=&B!cLmkn_kO>`a#G>GjexAabkj6Du=@eoW{8m!?HE-&BYR zZMEN7&>BxY%{Z-uEY;arJ-x~Lmk)Ci%zZj@*`BPSqvd1J8Hf|%F)w->IT*y|cTg(; zjB1l2F>qe71JABgQe`MEIFtO;e9vLk@^6P-I_)KDL@F}K_yXFJT`+9^Nv&_~{X@Zv z7bO;@_rw`7Fj8IA0RwOLeiI>C⪙^g~ea$Qx~39nV|Hj=v_|{hs{K`HBTyc4UVx@ zW_#6YZ*$fg^I1ZS*{JW{O8+eV^>d$AdtAwK zZ&K7_NQ??5qx&>7JA7}WE^^6T-SoNJ60w32uf%XzT6+397zf%t)yoc^*F1DnGpCR^HCrJS$L;*_qn-| zzg7SC;J>f<0jwhGW>)`e63}4Q6fd?3nL6C3Vjg$oxXBfix*F++zpJO8B{()5Z@L=! zi}i=&6Jc*d1C>DDoext;Dx(hutKJ`6|H9qz6{o%`Tgif7u?B3(U**w;>Ag+jI|lhe zZx2mz@&vAw((J3Vlsr}|6kp8GgRvad*Hh0ZPAjjHdKXM1pY=V_g%m8YKFH=hia6tNemRZNQJ=v$U;ClQxLS72{L&%neld2teZ84%>q zEiOED#60FyKB!+?Sd*yf&JK~}vHH+1;7#v(;~rR|Jy^Bv^exe-m(Zc~oqn_g@?L5` zk7E%%ptzeXYs?S$<+;biB~U`SOPeTmX?7ceNSUNZ4vjHe1-88>?B4GGm~C(O7wmi7 z!ZX&X>HYDuV(xS+E7<+`cVAZq)q0X)0`y3u8E0KCz_U)7EDQAQ+1)*QJvS_lgJ$qx z(Yf-CZgHlRb#+`iim>=bxvF!OWzR_e5&tiX1l}gBeh29EU-LR+i44`3VpytOULQzr2YgD zNx(V_#=vwB#!B355zk%9BJSr(dA4T@Rl2{o6KFiIaGcWn=$->;QysHnthvE-!#n5~ zpw%8aZp8_vBPD57c2XtGySr#O+R*jZ>&Ua@faN_G$m?4yeQde?-mpFm!eM4dPLIr3 z$BrxtDtVr#2mIh41}_tcCO7zVBSde_y_TD2chOF6w6U6$L9272rEwF=r~41coY?jNA%v{dS>zgG&GGY^o(KG>$QnfDY381=n3A_k%cN}*GVcFL|Qrcj7TtM9pA?> zV6X&;=Q*R|&-_>xnx);I<4p#*G?Nx*gQk@p8VsT=XD|CKiRQ!|^x?Jq`IA@;$C?6m zEnDP2%nTo?A30pP0Sg|@=efGP!nv~?ZXs-YlDHlD`cOOArk==7chkvyCbp-y$`gko z59kt8$+@(Vx_poGV1OMK-u2-<(6%b1g!0`LLLPHeg};=Ci8D0hkTFH{(!O>=b*@6j zb2}g$qAK~9*&_imMYs|SoS|%+i^3%#OVV(0il@|0L~uWF^(l+Z|1A(Jf4W=w$cC%l zJ8Lt0yLE926CmCk&BYGX!kcaHDCWCouPsRlwA9qSIY=A8tHN37!x&>e0Rm(C%Q&c} zZ#y@AUpq3C(Xu4!$CvD_V{YC9Nr#JeV}>*+$Z0!$R~~53J*GAv1)Kp}#Gx;eD$STMKS0;=mG-n$-#R>Ako+uMTL(Q1`Qap+Xjw^)~rd>iW#@ zB<)%|H@k?Ftv}0V$|NUUnCf+o$&@_4LvOK>+T@?;E6g;RBB3ujqh?Ta%9WhPW{WTD zkBM0&x2%{IWbCeKS;QT>b0DGYa1qjoZO=J1MdE6U`u4>8B?G>ou|8e6c-b9usQ1Bc zjGD~$QWlk#-c{B5aM#f~1K5+gr7pa6VVKknaW*3xs2Jp?3HNi*l| z4^yVO9l%Fo&^jJ>y&Gq%#w2_r$R!;@FBX`_yj_Tw`!cSv9rjSK#cG9h?!$fMkb}ZW=fR<2Wbj(C zpm$-B4nZ-O%N9F5;CKU-wUdROuQ$U87C0cKif%%f4Ku+PoG!a+4!Gssm0D-Mi8_{- zbGzktI-UE|sa+GQHF5}BPiKlO4eB~_1$DSBm3V@w501&Dx%lFpQ4#}U$a1u!$T);f z&SeM{d*0d^hdLNX@b!y>Brp+9FFL0wvzNB&zwGuMSF_p@GRY*TNz$P3u~(Ye$W^F9+%8opHVa2tW@{$-d<(&;$_XvxcoS` z$NaD9`f9B~5hw(ELBZMIMQ^`9!?cJKThN6i?I9)r`Lxv(>Thdm^q~y+CEm6>9pBY+ z+^ttLLw!b;#A6^tZN_*JisH?&OFjM<63CmFZJ1D?<&uk-` z_7y^r93H10RL+H}X&UNUeIZ2P`i@>ygs-j0drLFd zkQk}AbyBjW)a@>)+b9HCeat*}qcGpw(yo&gf^}`Ke*O0ng#uj>`yyvIGV$klt5ZnR_1ieFMtM50 zYK~-isUOFPs*4;#sY&pZ?aJ-8$le9Tr=l;if!xo5o7?u4JRQ4Qv&BeOXQf)xQyw@o ziQVJjY?0lI__@G^AvY2ELXw^TaFa{+b`GjiG2q)hEBLj( z_0T(cu|=u$@dM2n2~^;r?SQZ8!nTj#G-Cp;viaN9TzO;yM08 z$>-YB9w&=Y($@SoyX-_g+-qkrdPDo)GFaNKAhwyR&)W`t_K0^K6W_L`g-|rdGHiUU z0jy)t1W;cn92Y=$Zpw_^*iW-3H#VA*H><8$i!-xtgXhOtWv2W1n$I&uJtyr^jbMUG z4?6V$S}p4$0v<8(?s+1_UsaVyw}Q{YLr2_1DnzGOyIs5IM$g)Q|4BWM#EHCmXW!>4iFalK5MCoZV|_>l6L`sfD$iJ|)!Cw(|_zB@cSe4bJJJHT!%KYovX5gKeS=py$)v$_XSU+WSP^ zr?qAfq<4e)iCv=P5*e*-5ZVa=xmWE!I4G-)UnGech%}G-Bl=TXmneGs19{?fpZa zEMhk(VU0gpjZNX+dMQHW79YF+jn$;NHVc4IeY?#1Y`3P;tZ{N(0Fe38tQDZggy5yW1n44?yW{!Uv!sVRYm}Ebo6<*Bsx}ji^fV1&lQ3g))k$fglPL^=AkVwi?*|dxA__MFEr~I+tHtS5H`fb&xo0J<#H&&C_^va&dxKx zY)Us*SP5B;up$Mto#;w_zlgFewd6=R(QE#u<6unrsOMya)(!l(EN?!G!sZwrbo0Tl zRe!7nOX{NbK6flyaogN5{g`HTkp-8^%H!jRJmtLJ{H?cW|M+e9_s{6*6oj^_i?Q$8?<-yTB-8t_g;0NGcA)~#fR3y zz!^AxLf9@a6vvtpM=qoo_H(BzV2;4st9Z|PF)5|31>Ahr>xwmq zY!#MuD`=AwWZF#aox?kK!2#Jpxctuz8B@!HGN!X)jgt7d&b@jN*zB7=fp**DHu&vej<1s< zQ=+Gi?<{UY;UrsUiDlU&=>#9@Zx9kOAsV^q@m2l1w@Z0>-g|H2E@6U4IR)KvpqlS^l#=21txkE8E3xWBo%Hc<+C{Mb^%!y_E2+RK#3;iXYAa?IID@QIrxs2`;K|&IgZb} z{g&Z_f$OC%X>(>o{04sf@>+HEnXfq^h(ss=D&*hJvQIGInJ)|1&&gUG5E8bW>{o?X zj2;(@D*C>`uIl4mfXW84o^iJ#{-4ji*ve}z{sVihex;6cqSer}+;Fi}-oSKcAst5V z9EB(YuX~#n6Ty=|uMl6TjxZjW;pu_n6Q79S_R8XNCtb|pn44M@9oc*I#=@rw5U$aB zJ0@eL6RA!VZ=wsU+L!Eyi&MpC_0DL=DbDnpXKGwD(pPOHn#8JZ4gaY&l*1puUeLDt zLN)I?t2Ugye#hq%Y0}%;Fb6Rl$IW4pzN;n|Q<7sI7^uuyRRm0<{kG$Xy|3>P`CTk~ zIr@i^{!m>BLO%DzM5y1)N}<-Yxei++&lfqNMw13wjvjsMYbha;JK5?CpQD1t5`NKT z$SStW<2X%7YAXkk9nW)l=Yqh&9S6Y*(+2w-AA2{1s*+^ttR$-hUFh6}++J8LkWVRj z-COtv@?O@nE~4TP_!F_Esu~i`D-zD^VN9QjqD9N&FkYF}ko>YH=Q~h_Lu5)6<_cbeuA2;;<7w(t;sv0WQg?o;z>w{c4Hv45j<)+o z3GN8(;8iUNp5#etjH9>E0`~%XyMm??cP3#__o&~E$&8(N`)3iRB>P@hO~2BiHl2!6 zN9PWD7jsEMM@me4y1{6>jck26try}B=hnFNRv>eHT6q2EwqC#*@V^N(qf>aB1jmBF z*nY~eK1|g|&T|1xYv9{l`GL!6w<$PN96f2qMF}=eL`M^N?zK8cb+`UpzOtU&v9^4Q zeK*y^J}t!+LrKsCZ}ln4{K7<5sJvkMtp$<(T!h0ZO&saL%ze_bCTYpiA zSZ*ghRem&_u_Jp-B#pgFZ%>!BP6xsUr9MpiDF`$|=J_>q zW1v6q9rE|96Gdt492d>u{WIx$(8HNshfm|}1iDzv_hYyo87txPFAQzMAmZoZl6jF;+$o+hKYVE`Uhe7rQ1+FeSa zq(;`h>qhp=X^ijZ+qapS>USW2)%k15GqNA)a+_kylnD*eIeF?Rs~QWRhULa&KF3bP z)`)peqXq8bl$bbJWxlx!qQBiO#BpNuf~H2*4Mkb<_uk@?J(vQxOp(;_@dK$k;f#IM z_3iAU^7XT_Z_EI-lMXFRj`KB=il)a85e4h!eYxUyXrH$b4hwn_yZ zuUN@jKRczaj7J%5N2J~JlHc{a{oFX4-v^<%JOYro*y5+#)A@3)FdE(8~hOv-;v@g2DT>pYQb&B%ibr?Qz|lF+LukcFUZ?4 zN(6ulEk^%#r-OECwvz;k^mVt@SFo6@=21#ul|Mw}n@E+7D> zNS1sa&95%1nURSk-GViqgHfMAH%nR*=H#Eg#$OM5?VlH1S4f(*{5gFGisz&?_SX=* zTuJmXh=Fa~BZqc;)+tg?5hxo}HJh|7_SI28Z*(5qU0jNoR&u;|DuB-=haysq!-0pzNlu*?1LyXYr~=chsUI=jH- zN!7ooMj!nk3pi!mYG{ccI`qcF(wVkS{=pB9MobNbse01xVpi#IPR65HvZH&c(Giby zQF|pEGeQB3oxOVdc%{oy@7&6$-p?K^qf8stzodXwnh^cjB*d+N0ecIctIevp7bWzC zzKIvFpH*vVrkSVPna~o>j#75Vc|Y18QdTv9(re_F&NhFD8kudJ1r=Yi3c1V4In|sB z%A;C~`P5$)R^lCwI^}Zw87?VJ;Lv`!&>s@1vRd48uKtn$#t$s*A}m+3(el-R_-ipB zfs!x;mXgEUIP5V@p#IyMlWtIA1m^c}D2nzanOv&EiK7=USeBUPl|Dvm{DHfO z=T79TDtT%z{7zC!E1KwQx|QeBXx>VgFM9k@#gAd7&;lug@|zEGIy3N+a>)lyvm%k= zFg?sZnQE`Rf^`GPI#2ceNg$+qlB}TuCeB_PDR)=%pdX3k zCRLUt;pBPr@#)NduTthdxrNSQI#Yaiiaxe+(IH;UNIIQz*jtl5kYT1!Qthbp#V@t2 zazt7nxyn`2f&LqD`qBekyDqt$g^yRqMUR=KzHiOApW-$v2-t*f6Mfe>cAG-3R!u}E z>I2zQfSZASThN4R`hbKoMv5orXLA>|LfI7%O@wa`0-twLcx68r75r+JjOY#BQ2=RF zh~wZ6$U8R}`t8}sd)p(kX&EC9GTX{`c~nj%EfEE2 z5+g+%D>$twom*6*LLHx32+(bphHB}shx15X4n)p#%#7Rg|*yWSlT>XDqv5%s$5+HUG^WRZ3G?+|&IT`-W$MUDq3d z%gNg2!J4BfkCZN5Ox=5|=T2OYxt1G2|1dD~(mD;?wT?OX4fiBx%q$S! z2h|#_d;7+=8W9IHE>9|4bh#u9Np9*=&@ZB?EdMHa`Wn*@@hYCt19_Kuc&fC-(Pfm? zx^5D9HdNj5PA1NheyYX+MX5Q*&g-r+MaCN9 z7|o&^QYhf|FlIRFA-IRBiuH(vnEoQ*4(uXF8)X}D&AxwiRGcVNc0GA{igzn?V1I*E z2r;|OLn2-vPTv0@9?yCt`T(xu%ms(ZRIuKKirSWVVI`P6TDy`bu(g{#Uvwu8XM{TV zNN046T~($bwG&gAz+&1mn_i86dFT-K;qS;zAe+Jqle>uG>%SD2*D_kkcv2fuH@J)R}T(kPX zl(XzC`!=1Q6U!cFqjJ6QjMNpD6Ioz4@7r`uL+5tFe2^w?pnHOwzV;)X$R?9!X^glB z{vhN-C1vPj%ql*k(K33JA}%#iD+EmjcPvTATOj9>{`mtz{=~^nJs$Yl0P>4VSx~pC z=cytml0KuhMHC&Tr-lf!3JQFNVfoT;=*-&wK21KYNn!iUIusszDhNlzq2c(@O02)X zI((dNhqq3mNO>f0Y~Ju#O@MwN%vq=iek|k& zTE7S%V4oKZoELi4F_7@dlEOHazoo+^WPW`U^+>?X%BT5b<$iNvzVrrog~V0m@0l74 z4G=-K53&7>13X$VbzK+U(mrOqs&Zx_LX;IJR~_fjf~FN(^c^kI28kvYrL!DfV>FNj zBsuS5D#X_A=#R?5jC8Cc#6s%bz8?xWjwz46a9zCf%wX^anP1wt^QW5K`pO2*L}(V} zC8;!E@!07-+n-lrwOhKixQXc=$h&`d=`IQ&eq}*n{QKX;N6~TKp5wAc(15jpybP?p z;3!bsQBa`4WOu6i(^=p{%sgJ?C{-VKj@Ko;Wk6c(RnK%fV(0Kfw!H#5=aEy1C;pbj zz7P3KA*L>NA#u1)Dul$^K=$?+;QP0fwX|S-rddNN;bP`_Qkci=QtWi0cBSfWXV3 z{b|a!1Ji5{Y@Qvu7v4WyU;4Pe35f6dNglTuHer=7s%%O=`@y%K{v@LU%Zk}NC43Ay z{~_08BYhe6OuaQ^AjNajMNuJ!_n!~X4FlVjB?1Ghzfv=FaC{B*B|3lM!LOP2TM;}$ zyu`aE>6;=yyY0wx>Zdo_~ z`+s<#5f7%Q*hevx<<9Iu&io?!GF?;#(-~&@tlXlXU731`mU4MUM)ONSYr}0RpqAfw zkv$})@M(>P$#QFsXkhS`)DJqrPEfeW-!sC&kZW*nEyG{bK?!+dNf0xZ?#W`B3`_tQ z*qo?-Byn#pUs|Qp>!$s2lzFiM>Vqu+8190IIA~7N*ZNRJGoVe5CK=V8EbOM1lCdY3 z+=m>SiN>%!zT}JP-WLl=qp!9V>7%qkK}v+TEL+8Tw`moJwqJ8Ye#b?JSYeVh+eFh) zeYVGN_PR5Faq=e2S{0$#Rk$ddbQ&HZKMF#sE);IteNGX|NE)1T*fs}0^3sOJg`Uvz zfd}_#t%ps^WzBGTB3}^AugM>evlKjD+#9;Wy#DVh5H{4S??S!+$Htru`C1#b9p|?; z_QSd%V#VXmQAhF1LB@ppNe#E)#5fyeAqR!+rFySDzwXc5{E7hAt;n|roVmq$X2V5; znN0`5DW2ggy;`>M{o3TnQiDBsc6|f__=D;n1o|>(6;I}(_C>4wP+=`I^t}JN6k!9u zmFURlli#vj71S6<=D}4deCsfEz%}nw9p*GKs@+w<7XB+JpZ$7>@H7=ingVS4{Z7b# zc6^2&NUbRHx(%oK4}e@U`z=@isYrL8#tr@g&a}QEQSFCDdm)io;UE0@WqoSsa2X_~ z)6!tw&Q5yW1Y^wFmDwNuQ^cY?1T_1xA?XQ^GrbY>?qmZnO@W$aU?E^{L7+$RFFQQ4 z3<^3XWkMwO!$Tz&##gGO?$4bwWBM^4B$6k$B|5{{JCfD06OK>WgUsPKHJohUi+`8Imf;H!t$L!@^5B)|D)J-?{wvc-%C&C>%pAG_mkR8a_%{@k*MUx!B|P=b~w7feWgBp5ucPi%wr>6$o&ImoTv{V6&6NDufp*(K ztRnN=%yKnfOLzC~UulQurnj8e!p^SK@;PbOq$^T>W6Y%oeewLcGLTof5?7zs9U_%| z*Bw2{s4l?O>bz;9?`27Sv?!wbE?@W+>W@+-rml6DXQoWFx7oMgEfo{6)TRCTo>GsE zn7QuoUuVHmB1iok^ogFBs{4@m-KzD5$Qhs&T`ri7!t`PG2yX~~OukcSQspu6!IdJ6 zNKHie{cDmYz3Cdr%mSy*OI9^EypS@_|3w+ruT_i8+9h86;2%BosFj%zwWJ#Qg54tX z*3Q(3QYumNARvEiF~x3Jhr;;uiiqkv$o0BLchK~?)enD>wQMNY9>gK>gu*tIr^+)_ zi8PaW>dm$Xo}luB)?=Z!9M1Pnl=5)E^HUV8%z(m0cgG5u3Prr@;FyT2<6x%kW2QJG z^h3wj%c~9Twm9PH;B|p_((B`w+fwtL!%!w#m}Z~ebWSn^oOh@ZA*alK%{>MNHJSwS z`z<}V-ub_{wp{H?esaS@^}5tQRWCcT-i)qE8eLvy-{HnQ85`eBK0AJRl_M%0XC&BP{p#r9i_y%ZXj_%eVL*u-g0oO<y_Z$e5$tl% zx%_amv5>&#{S0YTwakc)Trb;Y{zqE0kX`ki`L3P-`I|i!^@&B5_P|@GfeU>MP)8^ zPn4~22`&9T4GDM|`Xqvrs0bmS@)9d|>thn!X2o$8*{qGysvBV{81Px0r~e3lP#kQ} z2|uXW&W%(iaz88TLhF}m%P|H~hHNvp+Ilp=c~5ljem(pTEKU%s|63!Mr)R6=(_5C% z&z)z#pKSJ_e^}2^ubaKgI5!as&+mXR{CV&u{^X;wJ{RrNY~-_R#_X7>$cz1*a4jn_ z>e)pR#otjOn_c!sTD6@&_q-TYmqd!6W7Y)LVj|^M#3)^{t6ni3I5LB|xJv9y&y*a=Mw z{e#YzF6r1lJG0fWNjA^MgD;3`0Bymzis0&>*@So_SNdWR zfKikCI3I=Tjrd@{D)u^pb$#h1W^~R+tkwrT#bqFJ2Vq|~tnvzr7px08D|P-3IrL}% zj~|O88_?8SS8Hylc`2T6<2bE3^o;WjxVQD4fv+pPHg0jj-TT1|;QK9hUv`bd?0veW z?_>ZRpBQ=ia*a$1jYMb9c{&W4n!KkibD89p>27Ab?ckSoh}%`GFYAti0gt3RxfJ8V z^?A{0FCxRG@Eb;&K8cGDSFck7-;_i=yzMAIxGux>(_bENh38#O^Bb|07_!GWJ=U}p zg4;XnTV8)G1KK4K9EEP%y~Ep^6G!SEq6E3+c7!ja$L=)eL&&p}o)E97Umut$QYifr zR|tqnl*)T#slyxUZ}{D1l34_$IeaUey1;^=5HCiAE;iWlf#Mh$^VBot_OgDj@1pdv z#z3_}c>3-Yt6=#gYye`CVj5hK1k?0+OR+fKk7-;G+#VTaw|Y!2x2HKa@RT*SYEwxG zbvs^7dq)X={mXIIQd7_D=}08@0+tc;Pb#@GOgu4S^;79I(fQt@6_Q)@6M%k#f<>7p83OH%d2!Z&6 zK5P$Z^~8#K-O&#uRobU3ebE?^;070z2#+o1bMh{?>k77hxmkN!_kr5U~`%6uv<`@+(SWi1Br0=d5pkVa|{Zb zwb;Yp^VI`1wrl2CSeJ`c$UMnEZ6q^$x{BtxF4FL$Adj(kWECr*P}ZR)>TR#^;Qp}- zFICF4LU&B%p+zJwXDyxXn`-O$k?dc|83Ri>Fr3cyr$~tc^DLZe&KZ^3)bE1JaXp90(cBCuYepft|ow*1fY)$kd?+g~%4S z;e$QbW7YO7f9>zRO(8&s{oWmxsaU1{7pyW0$(&LQyyTnxzqJM4BrSto_(q8gEer>L(e`Lc1lTghTtT%XXYt=O ztrU6O!3)2V4)?=MP|*{jUS?)7+~ORC$?SZ`8wDcb$4_i)v)np+WGpCmpF8{Mil4TU zbZ}=0_jliSSH@*cA3zwiCTVdHe_rptbt%eY$j6aq>1wfN?bvMxuA(jLaVGHVRlzmJ+eRS8HcS+K1b7@!hHe|IUKNF#_oL zUslPGm3ItJS7b3uwNifV>pR&59#0?M?+`*>Sw4RaW;VX;y*6}){~?Y`5^MLbM3T(= zCiF-mU7@|y6O6xIs&!Ch|3ADRGUisA0_U+nOvd%=E5EY@T0Wc`K{1o;LmgE(zZT`x zf@?+!He=dthIz$1bOJEPVhH(KblTW%yz!E99)BIEe9-sgn)G z_2TzSC$|Gws{dut> zT}ba?u$q>RX{^FFvQCs)@TxEaO4gVEl@(=w)ic# z(!zYtFoNoSxK&rBz1l?gHbvwmj&ok90ErL4c~2s)f~&kVSN^KB#dMGCD&<4M@c}>4 zPVDA~Jv>d=W}qW(Rs%~XX%%~yqh1HOh&}W_qS)g_*M@iSKP7kR*gmyi$>*F;d-mHN zPCfNb{0T@dJ$s7!;{4 z$IO>D3w8{Id~m2qlvaTC@d18AE!!5NKC|VG&LaFpm(>N=sN9ORk_P{eKq2*i3lv?w z{~~3jV~~xRuW@N=5xVPcA>~NBNM|0fn&t4yQhvu+X_lk-CIZ@fTgCTfUBPyW%`VzH zcou>Xxf_3zreI$qFB(D4>Nu;yKf>S;;lyC_OFn`2XqF)`P*hv3&-pf`8erGX@-cPA zj5_LIrg8dOgEIRVRtMLfb-5b%-dhioLkC>_fVz5gy>$8T*3B!g*EV~62qH;-;x-WB z|0(_`!Da~-LtN0%!Djy6>X-X-iHsw(EDQtcild(nK8Z4Tp9gsonkw%9bnXL306))1 zvli5!2i5EF9^1d$o@?aIp8an$tIx9=R>xc@=4F*DcNJq@V_L0%NFc@()7}nw$YM{> z`10;k|5+TmbQ>@sz+MbW+RPzmPfpIe;y^-Y#_p_q#E+5%?H3J?YjxOYa1Ir}QvWos znOjB;pNN3#)8-}n`j2|M%vr$mso}NYe#x;PA0m3x`^#^ITie_A^b;tPu3={oJMP?S zOY%ZfHq<>E3tXlgVlY`=@3t{$xwxesfxbX?nqXhlAlDp`F@~H_hNQPhIkv;wV5#gu9fj$H7*p-DMIN`M$D53= z`n?6tx?@KkxpACx1nSk?fX#M3Edn#BiYx^9Q&TGij5&BIrkfn-bFv%z{M)W0n^eq# zKDNHVkPnZ~P|xmTV$-J!I<$Gb=QZbR?j+IQIrMuJ9Xn}E^QDc7rb`dJjNFm&7n5yP zXkU^j`O2=p<&6 z*J4tZj9*)3``Z5jvPr%y!`};HuUsgkBbMfyc8ofvfwtkKNG!uMp6Er1v@^!zmH+Aa z3*T}1WYfEQ2`uiVoJv-IFTs4|@|bU$Y}7bu{U$f;`syE)(dh9!u1;?a%-pl)5Y62i zm+u?dwY^t3oMmvOj`4QG?HViReG}*P5xII2MF>9F4!B*h!Zqybqtl8tFICs|pjj*W zq#LUD2{=ZxQ7cGtt$XNGpX@hK)B86Ycs^%eVwxwg@g8qM0~}D4$3kYlMIQ3K(H(;p z-S)*;!$DhO2z4c%1oeF3EX(1s64UBRGE0#q{2S~CtEoDqPu8vB*PyJ>H+i%&c)if| zRY^$^J7u)Yw0z}O0QN#d2T81840@seaj?Z{CL{6E+$VMeCYE`C2*Lly*jso-*|uT7 zj|B<{A|fEAAcBB2(p@S@2tzm0G33CIA|hSV9V3E6chAt>T|;-nP($t;pZ9s+=lk~B zYwiDlSzPyZo#%1>j^nHs*BlXBJYx={2@kep1Z!dFJTkKQ>jnFR@U}@FjYaNQ55D*} zV8%)!<`9(+8QIb&Ljb)iK}W3 zzE4|MKmDKBxuQzQDgzPTylNx08D85vr+zUUY!Fu_Q|0G7-Q<*J9XnGv%(Vj zmnP36-yjH0NDNS zvNUV;&2pApc!{6*Ug!Zoa~rLI?zXd68`|tKz$&W|=Iu|lYF?$FJzri!Mas1Y{6i52 zQZ|~!S8U+1=4y~nK-yCbl_ubgj5ozKP_1c=gSbtsfp zFqy)c@z-I+fFt3{P=4=p4myETl3bC$# z*S>b45|3}IH40fAVb|1=xkylW3M`D!-*WO~eOV{seWfB2ThSwENg0@R@8$RIsUy>s zZ%V6JNigW+2*?v&SoQuvdxP5f31gqQ!O1HPKd+C}Q%v`_$tRhdAJtTNSYN3fg>AW% zrCLuOQ+$~lxgwMae{jtgGVjBa3rJ&b_r-QAt_!iLX3Xyq@XC!HEG#%8QEi1UbY8%| z`jI3VzC0*jW2?+iSnuiLNQ|AxvC#7O&D_3iH`zy;N z)Qq086q2*V;{H@EhVc5fMTW1i&kwmwCRo>4^^af`;J~?0W;ax|G*TWdW`@5%vH7_G z3>1*0OG-{^HCpA!?!tDx``y4{VeH0boBI$q)0APCDQu*SZx)4%ER z+&)U}DO@3j0D06S4^ep}p^{C)eEWk3aLG-2OC+9$oR?_Jq>(E0keh!gh>$sjAE8CT z7Ti76b^RoRJqNrvcWPrxX`49C`|wo8hj3MGV+Y8nI+f)Zj_BlQjYHb#JU)cYds6C1 zcVeJah7-b*JAUaFGQB73L9e%)O0{_yBH!*qZ!4dO%(=bS>&faGI3tq9x8+wbD!cGH z6?L$eL}~Iu`cF_N-ubY-3Bt$kaEz$Tu0(bS_@{U>oS#?2EK*S^s7ZUC8p?{vW1uUK zqYZty1Z!lpb5E*}t#nVxJDF8(#9Sv?NR1=8gk~zB8YbV zau=((?lcX0grO+FfOKNbgKI?5l?FID1RL@b!y=k4%ya=e%kBK8fH){wpy5Hv8;MUz z`9!SY^k<-Cmy`dF686sHs7=>!I40NF`28i*Gj47?P(_C6-Y-zNGylaK1@G%^u!jDR zW~nHIu59S%8fYgu*;eW66BQ>aVur-B0(blS&W90KV=ECq)Wg?dk{m+yoKR!+kdH ze%qa)eXBZRY-(S{DIE5*oK?NAXRyj%EaGi| zT2%=h_pPBHrGu(*Tzh9gCW-cYIfk*V4Ub=2O>US`plkDP((dsN533^S@9=zdnqdL! zVoZ<7>$@8ke`QfEQmkGCgb*-H9rip-L$6)v(oMZ4TIOaL1%=J;F48SO1>AbvMFg*cS2xWn61Ueuap}}ua z78-x$2Jm$J1LuMGoa(9TK{X==>vSHfvy$|y)MW&pGr#*ZRRZ8!?ArHmj)IgNMGx=C-PeBlUEb`ocI{{NU^JidpbA zZ1F91`}G+{c6H9H!!FOkaRRGY;Yy)$x~)v$5b4=7wjbB%t}}~xHFl4%<7)u)6E(K= z9AUW}wQ1TW&8YFAVE=%5A#{)C`-wz}%WgF!g{K`Vb2W1QSZz5cjX=OKh051-!D*RZ z>8#XC`K}e#G5BB&xq%CN^rqjHo<(B+K1Xf6p42qO0B|opgd6RM=FkWV2G`GWJ?pBL zFIGwUSblg5DHd69#%Kun%)mL#QgG~9 zwN`9f2*{>>?V)O?Nnu&jmTTWCPsrQU!XS^()DNkJ`-|F;cKe|(CjJy>i40cNNT0^> z*Ex=4hR#haN4kJFgPE&%C(*f|0jRThB9$j}yJnMi^AYiVs7w1a6JDET4ea047?ORg z<*>!1>4}HR>s=vAXK5Fy<(4we>XdNih~GwE{l&xH&O;?<|6-LSmV9)`R<3xjF#Py) zoVD=u&S&a(t(LUC2_l38J+$s4XV5ef)FkV3DsW}wOz8g!*^%UytD3qqDAZq z%S9z`GP2@;>k3JT_mFITGZ_baw)#lyIk&CGOVNhu7Q^rwi@C09?hiaqVhFJ%>_)uj z?jXwz$Ovd{k;zV$!ovQW!>}2n)Rpz)*7DSYZSn7S>j+qx2%Lf*5k4K;FVQBsCjP=+ zivNpMw1sF1+e0li!TcD~?V%_uli+q8GH~gH8&494>TB0%UU>+5i9dm94U~T@mTci# z&-957Cv|So`wZk{-8q{VwWxZ|sAGxqAL_>Zu+*|i)gEvLWWqnjrUqusNLbB65$+z0^jba(d4Ic7oKu%lX8CoA_ zeZ#`tG|LCji0htv8(oV898f53wf2L!j;=J~ABmCqZmdZ1CWBX~3ObY-9gY2K)*)w3 z>2&zhGp6b7@hZHRde3kyTFXvA)%WdfO5n1E*Oh2`^;_{^GsEHunZHhfF`sIwdulySEtG9tj zVTEe|aq54@@{&cTkOrMzUuWBbkJ1(E3Bs7hs513jp4T(p9^qwKCx^O|);CA_-9RR< zI@5wA_1C3;5%gripUnX|D0kcw!^Aor^2Qj& z@szY&pmt(wkheFXHN6YQ0#Ej)E+H%1kXd0W`6~{X-h*Si0r@D4IHhfC>N-|~~@<(L=I+rh&9ri3Sq2YLe~c>`D@9A-oC`(d>Y6lk9i(aU4; zr#`m|LXP+Ld>XA%>_;)zE*~W}@W&I)JQEjc)XTw{mYC9s7K_uNJqlN3UGhaGgw+`r!Af=ijdWbEvyMcq{6v#;!XnE-98kt>>M4lZJk`RPRHfjDD7}%-Y3=A%LygPU^!5q1wjLoe0sm&?E7(kEU)z zU4hm4S}=FF9jZyMcXR2JupItEF5cvTx9P&A&#}vUr&?4JkyBQbT}Cs))@qtrM7NLi zMt|+MEY7ZTW;duwCGD&!zbyeqrS4I?pq%O!@yYYGX}#D=XOx^!5i)e#(#V{Qj!>m2 zreVUx5EC(^P~-K-MK0pEB9{rT{9P5adDu;9Mi;er zS4bg*qhT;hzM)0WDt477>U$xho<6Wi??5J~L+j!8()8l4np6cqYNoaXEpuGuAYR2> zXnz0HzI5;GZMAS7{Sxp*B1xhWg+`84XDfGV9sNjT1{ouFrhnL!J|?V+ie0ZE17Zzu zFNuK#B--EY0+nSHN9HpZauFT%Zh4TyaNL;>(A@&N&`!-)P`%`F_^ z+RZh}un&I+7^DCJ20>HF_9@?sZbk@vtW^s*z0|7VnJ`S73%4XFDMV!`N{xRIQM-GO zXtj@G1^o`s>+-@_gq`l*VIoi7S?WlnOZHJ*6GW6N!C7}pr7=UXBUPzbd#gVWh@hPu z$eEv>ED$&kdQ-G(oAc~Dw~+4kL`4O%hj+t8gqTu(WywxYXSZsTy-)C}uk_MjW=82C zT2Po}MLyf`{^2^V!s~1y*9*qY3Vp7L@9t&)Yzy(s81&^|I5Y6t zyNvw>`5;i-l#RGNXb%CNz_O(*yZ}Xr}!#Qm_Q{oc~=RN&f zw1aokwg%C|1ffit{SHyKC28KDNIL0@rx=2h0Ubo*f~+v;KH*1zCo=l%$+Jp-5GA#> zz0Lz>RS&Eh?mJM(%f_AwRzO!R$fu`05YA;W*!%t0)4@S3a*SzJpeVN|)7hu1QOqk3 zny>|H*d8M=uLNcSOcjK7Hd^HU>$CKVl)LS1H$fLERt1M+#tGYMM}qx{-VoHARVHrU zpwrl7zhQz{AdELrw~=c#I<)k4->8SzjclvG530-DEr^~Q3Crv1~AG+qP#3rz- zKJcFA(2TC<@$-)-8kI`AoAz2K++o){7iua49i=4g+&$KcNiSoJ|A3!^bI z0hXs*8Hq#zJrYy{HqZQxYj3NeuWDy)p0Y7^_E^~ekQVYVpNvu%{;71IJxfc~T)3d9 zRA&QuKJPT%mt&`?%bf2&y(_YUEgLKxBy*5@Qj<6)CQ@(W;D=Oslra}DgBwTbshz3B zG0AyR{RAc9K%bwWZdVY|=66d@(hT|amui=Rf%I=yn$G3BeVNv53YmXN>DyJpPlUwa z7RhTKQhp==Rgq|Xp>n0+q2Oqr@=3zdjGCXKM`Q(U|M`gJ9oi>GRNTb31_=fvRpY#cvW6SCT(O}Ib*N{dFJfXU?We!rD# zzsY5}LC)?HtdK5c8)g%7usD_CQE*)HQ7hVR*dS_QFDsg6ZZVBQzcr@e&^K%84%E_> z%lNQ1&9XSUt5Uhnf(6&y!*g*ODJ*>@$J0l?byhjU1AVIv{E@2XEqKcUL_D1qIwmq6 zJ(0e4j4~f*OzqD9OeH;VP`9K>G>Jntn~g{6)eeKDtqN#t5I@u=@U3tB`Mg8lZy4H~ zZxXIOw(`XmUJvFs_9ArTcVd>k1T?j|YpLF#&zB*rX_e|$>D`RctRch6OG=vs-b(|W zX(3OO1(;C-i*nVR1#30LVeM)Mj8mvw=3uzb^#|vgV}ce;`}_w)IR&sbIkDfmDq?2m zTeA1}94pG%z-)7lx{H+E0_uzWf?43ioWW(yxKQNBMc2(S_*qkj9&1J4g6t%0gdohh;_Ts_XX6mUcCkB(Gmtl=44o<3PO1D)#7IHA0k^Yf){w znh3inSRd6VK%3lI^s_~4ZGW=~jTigl!tj$4GRYapgH2z17`PA_ykHOUSr<&Pp@k5@`&KyEIVQmkD}dKF#fJZ;6=uYT?v2w+i-js5SY-= ze(nU{kv~LyA~UOG0PL|oBFppNkryVf7inhiE>;LR1q&80E_BNoI0zt|XIT(rZ13WA zn~A{elPfPEL|=po&L9JQerwWt64bvWV-G-zq*$G@9v}A?)mm6We9k$Oyp(be7*F{X zv@mWnRM0+H4U|&dg>8J2Or1rY-CDy|Meq^_?gOt}&o1%Mr@furXuf2pft|lGlyb6YjlvcS}gg+-*CUzuW)y>!?B%zrWe4|a_rmX-A8lK9PYtAYY&u>yua{Bz z3V0LvIky?O*o?b~^1Uj3y7=Lj3{%t>&|w{Wy_Hw?2^?m+SKSivC!k8wF z)7ArY@xQ_jx=p##Lo(j;+3^8EJ9t-=%{_mzGQ^yKT2!LFqpc~r@r8#88@*at%{N=8 z({_u!qa2tP$P}#seDga;@*ubQZiPnIB*rP@QN!7H*#IqnR(gfQkl%A$ooZ4(QnWKW zYvXofDi7n_kgv&UTkE-7Y%<6kkM-c0G4?7d^bgi?Grem}cjGg%`#rDJ+% z$0h^-2qh#ZpRxs)^!2bx5;Lc37eC@FBVz2it+9`jlTsmZsNS4Yug)pXtCJ=hqDKyi z^h^E4O+B}ZRV3}yG17{6*VfS}e~~+oh(S-`5Qmfk&{#BPv5D`x>qpStI z4hs;m+4{#7Ox+VAY)@r+68#yLSr4||2e%2h8gnjyoHocr^ZwUh zWi1A(28*<>R5CJ$$9G0<(lnL>fHaMTt9Kff!;ELc!lX;JOMxf-#mY(GzuTDqQ<7mm zx0=6&J=2KAH{^7+0(E0ab(r}raF=_Z(p$Wh2mH;Sm(a^19y`j7__ooz-}-8^Kf;cr zo8&aHYIdA3#gMw6UA%`sB0>fkF}T=13isTf#^1Ny8;}kcdwj)=zn0i$Syl}$FUrCf z;6CAU?ULDbjfZ`Qdg~CZvY$R?&X+h=x(nru$8Avh?$g-i^00RwTirSy4)W@8t9xG?4eJ1jEe29BU_k zTxYxW8am&17+)*O6P&NG`3M@1IA6ZEyh1gKv_nDpsKq+EaVE^@GJeCxm?<`dNuUe4U=5eED>;nqtG#aLX*iW8 z1v|v837oO^$_sScoRD3(MrG58cy;U>p(7}Ic^;4wS7|7UiD`x$Q%Q^eUd0n~%(B~u-vBsKIzlvQ`*8cqK z_uioK2kLrvoOgpdmN(qs*x%mCf=|9`%woS#-G7R`ba{2zcYSr$Go73&0`u$-?^-27 zIa0SQn+XNh-h~@QyyO1nTbkP>?U87_M7KM~@d&V2=icQ#;OK0vcJ0v zRN8JOpA}d}lr*WunOF7WQp;g-p+#I0yFglP#!wDN#A5sB#4!|2e3vBR!K)Kl;|gX+ z3P*Q8&(BHYlLioSg?SRXgje{n@4=s8UxNduUz(+nru}h9S2D*sVen4&a}20ojGS6% zuMtw;BpVo^1wt7CDo~*9uqJV}!A`Wqn{_Z?!Dc?=J#I5DsaPfghs{k$4};@SPLNB} z&;0Y#%qa9J(cJE6#6dtX;{tRD6+l3iRj%YS|2GP*;`K%yHd)GCGalaQ+#_w;OkQHu4B$_w*BA)6thl=H`65Z0Jj0>Vp+-47!5%`6e}$T+I8J z*7gvdfqY8jjRU2Y$m{6KZKj4{D?Zv-sh zJGDWc49t`=V>mgX%oyc~)7{4yUQ>GM2NGGcb!;PCP>&}^y^EEZ`R#y$frPdM#kNk$)FlZ5DiXOk_6>Ds4ckfF4%fN1eo6!L2$U}4$hc(${s*CHI^hjn~f z$WctCZRnTj~X{`$yxd$!R@hi7vo4yfuZd8=G)* zZFK)FQ;6k+zJ%i*X+9kh4)|T|0p-ZSlF)nD{S+W&H(k#4GjaP5q9|WKIT2VEd}yj6 z1hf-W_AQAF_s(OWerq$G2hJ##SFr?R5oa&(1()`^fQR3qiJZbyHk4UpIKbScSrS;E z#mo;%8BK3z)fW)Gdy-gwTKK6a=$r7wGXcia{10t$fiv`r6+9{};@2z{)%JV8j4Gtl zyLdM$8Lyd(3HR(2uoxHH=k|QF@xMVm6y+fgi^{s7KNCjWIR(;Zxr_^d{IOL+$mP_o zL#5iT&nX+7$tIfvmMcc3v%l&3-<6}8*trGQ8+w-6dEhiGeI`7SKB9pQBv_EungbO? zYm-VNpgQoyVFs z-~}slkYLF3!TAE37008-nxSgLSa*=K^tzqtZ{#qT)AiB(F8>^juq}o6Xn;yH3#OXn zr+P({@><{GTe*kqt)r~Ftcw+kCQGgpRI2)(`eO~yCEGBl6d_%hYiS_n28a$m1{#T@ ze;)^iKgWTD83^Z$zi>Q4yq5fUWGAL7PJPH1#H2^^TB1TAget!>>UVl_5~0#Od0t@6 zo|ZOq{j&YRU13in?~8<=vF%H~m)4FLO|SNj!xoWD2NBeO)g{>&W$ccb+Ws6e>GJ!TrHUV4)ZxvCO!yZTRz-Z zQiv)R@wFH$()}no?qsL>wrLfTT$V~s;mXcp7choz$xFRe7-WNmlPCiOz8nKn>uhx? z>XetyJCS}J_8l>x1bpQ2mTQ?_xrX3pDNT{tR*m>sCp0fwgQ{mI!PDuuQ%a=Y#K~9W zvAcRD&6)8nsF?C=ejDOK9VN9_tN7JS_r8eqTizm7MQ1zBL)F-63ciJHjII1Uqsh>g z2Wkr}bQDfEO~LYCz8<>|KD}dtahhoazNR}Y-ojI$6H0%>(Wnm`RS|ws16uQSG=t?kT5#G+s2Aur2NrINcq&hVwG;nDv>=R!s|#_#^4Ac z(?6w@Wghb-y88fHC$^VG?&z?z%eU0z;HJEm7gBz&%K+SDH-(hy6SXxd#I-CA# z`#TAEF}a)gI^dUd-*TE{AbeF?G1t~+cEh%=j@^C3fYg9_uO0?AuIbi{5(ybjTpMt; zd=BN}oH84zZW^S_GaXF^HZtw|laA~H8<`}xqj$=;^Vw7>YuUm^YLP*R$Gx%hcDKmy z^eEUwF$N^7RVw`!0TH$Zg@XC(F`(o}n5>#)+_+-9+ zpV*!)4-B*?HxM%nqW>MAIO_O^! zBeoEa`d7h*zqQ~}z1Da(!HUFNaGSm5Q|BNaE!Rt@s~;Zh5=S7Vhur5=-VVo{-V}4J z&=+?gmr-SZu}t32;4U?_1)}+|t(z$&O{cS~JtV1JwOlfrNH5HP-?uFsl-}FBt%CCq zBgO*<_iKat#3u#dhjsSd84;VyXHEFc2DVh9^Aw)F&% zx~1p5zwdw`0=HuiI6Sx)s#}y#r=tp{<#}NrS2Lq@Ys^gRU6Rz60Of&|r$~zAg8R_m z!)=&*fg;4Q^OcsapX2FKXMWvwao@sorol5PPjBZ%eqvjE-+>uq^)M$=jpgjt+Z=(5 z#CuFM&bY0(2{;3GdEVQB)g14gfvMp)8!G3`rR>mgRxeGzhfiY8W0W`*vao}nhgF1D zn2i+Y8XEDsYFvTpKDECEPqbBZ^E8+57&s88#!U-r!#v|Q0mpcF8#%>Q4D=k#8kOeO zIIh=tDY)U@guD7;*YGDwCf&2;ab6pRFvU#rmj(xWSjs6(gTkt=+`Tid#IzhnS*pxtU0*5HPxS@-K4Jl56JHTBq>dx3Whl@+YYiPe6_|8Do09rJb zXV?49G{><$pEF$jsNyKTwe#peFf|++as{XVN2o_)l3tqO zXTi)x>@fH;WET<20A4Z@7A#J#!V~S+We$L0ov~7O1(`CKZbcwE3|*v4Ji^GIIJ1yF zpQ~0tUwrZqYeV#ap(K(D%ZuoDstHP~bf?r&W|ItZ6JYo1{|c~s++iX7z*D9V=%vZa z%4>QV?%;tR&N)>C+iB12Km0j+Aam%9omLm*jFq2vDPzxhp3YYU;397!r$#&a0c>JU ze755)o|JqE*#TG^3Lo!O0VNBzH!zXY-zGC{iSlh5qHDgI9+$) zviK@m@3#(J_DSi=&&|GteE_H5xEHJ{i#%d-?sF|>V`v{HyYtVke2JZ4!GrVWdrrc=_fo?Mw0=Olz~6 zh*ie3-d1Dc=uI)w!z@P6izNH&FuCdLcD>UgrklZqxKP|ZZo$q~SL7yu&Ut{Qo&1vr zLvNd_=+z9XYf{SIO{o3~z6*N{_wS%}C1ME+^g{yEic3ZHd`I4hFoFQ7`nCph#qGl! zl3$u?y3|r0Xcr+f#OgIA2jB%1?6E8)ZMn@iM;^cad~kb~?UP^o@3cSK0`(tlVI4?@yU6dPwEqRMz#b^_NI(i?`S-&VE}Zd=!JlDQYix z1{@wO9yc<{C?rRyy7HH@`t(Tx5dC)8A1YpB9P}m=K?*-~JN?BG=n}1D2shSlP^F52 zMHm+fBYg^D+u{iXEdEFe-8xwPR+!FhKVPO-wagT(W{i3S)3+^jRf^iGH|CsPSNpA4 z2&S_xf#Y}0pFbvK-TVx$`R&2r#}LFEcweL&eZMa=FFrM0R7%wDe+-6L7d{YcWWpyx ziRE{8Q5}ztrY7-Y*smZU3q<2BmuyMB-TkgIsO&kxU|mItjH^J~7B4SRdqmy=+o=!c zVIb$ayfM@p?Ju{DUKDg)1Z^{_br)ptlLnw}&cNucqCCCw&+R;DMGCK7#R|yFp)k=9 znqyPoE)En{YmpEE&cXE{D)&-Zy%^uKPvgtzwGRPfHkndeoU@dqhc= zGI?Y(9TqH&0(>N}bdLnfum-BITOY z`i|N}?}6vgNmOgd4@Gal(VfXS##VV*Yb=o{I*nG}DcIz}PgEFh5neRP?=v%V`Xs$C z5vF_b2-|k^QKIor9-?r)<-W0_&_QAZsQPU`ZMNx|L_ z(ZqObPXj?_b)|iH;XrO%5y?v+ndZhtFm`M4ikbFy53j|{yE_*lf{kN&w9A}jnphLU zEIg>>({MWra_(`oGLFjKCo(ceV_&)9+v&_jGxuTu_2G>1*P({+maA5;L_UMx-{QkX zA(0ks*DUexB$#VqYHVb-%h&kLJqO}_(MH1S70*}_drS2m%YJ2N!-!FxJDj(s97$JB zcrNx8Hxl<_98TD+WkNq6J2O#taUR4vN`Z40^ah+!n+I=D9>#q;R~$arK!_%{yLouf zdHv@7W--C9%eYD%tNz0KpQ$Q(@``!GT8lf!9X)25+jU5cb~!zEU-&g({9cNNePUmg zJLLMeD7o1o>Z-8zBpAQ6q`y=L&?Y+p=*o=9t^!Vy^7sA+T>qy)#FZ_ew6JU*DcTih zj)X@V`}Gy`Yf{c8&o2BnIAVyO{k@&iUa1s*BRV{!b^4ZsQ=O`czy7zIeE!pS873Z( z7}ap$?nicfJL1|#RG>$fZAwDh{qDgpx%1%8)d@q$^rD30rH&po^6CPEMj|hxD;zYn zMVBS%4;)1|GJa*HpKOgI`YVWRGV^!nzfG6UUFcuSnS**Q&wvQY@I>r!Lm6e_BQDeB z7x|~=yWIFON);Ec5VYsI+ZBi1ehO9Kcz6%m0z-S}l~>3Qf(pT)of)US>O#BbNr3?z zgkrs6qlCAc*p#FK^!>@Sb6E4l?#a*Q34mv<+#e#Br# zDtOyT9~01{zchj4Ya~j3YN4agQWU$0oD6=P6ovPxVMtO{5Tog9Oml^ccUMC~Vyz@S zWV&Yg_nkrfCKT&>ahe)Jk83Kfb#|PVKQ|Vadjm(>jZ)cip5Z~17jiMzL8$#b_l9F$;KIJ!qMbzm2F*Xvz( zsWw)B)78Hk&H^9gq3#PwD>W|t$GO|gj!vr$0u+lcza%j)pt5y8b7?AXt32(U-H>&O zDhOOKkxe~_ZzxFNed&5WH8Hi?r`m*CW42)?2WOZG09~4Au~hJL?Sd)e zlIQyLD`7n{GBe3?d_|4sKthialB|M{1`a(<9sv^V{d;w?J1^UQCO)lsQ2!-jQ(0u1 z*(@y^gur{+MXzN76q3E#ijXVr?Rw~_49D@H*o1!LeR+WhD`d6DpdlJ-*4w&UYACbUXT_=C9W%cpS8Fb zcJu-}#Xj6*7ArC_b6<FDPE8`s(&&pld=6yTFs}wPVZda2$RFEd$l>F5o(PxN0tts zE^T37`*r_O9X{MFmtF*xODCVYOLY;ka(J+I_3lOeVEwvXUG4n?yGx#gI&@N%J2z*M z>AYL#>g-6FN?sZleJpZ)eyMeJvA*=Wuew4nGtpi!{Wmb_mJld_w{42K=gkrj63`Gf z8xEz1h+@tzI{y*1GMbsKm?`hHLc$X5NnvXTxI?0#F`1QS%wgr9UR#ovqGT*h48 zTXYJZqWt_Mw^!!EQA*>T99JD!k^ucL?E!&*HQ4oB&Q4yKoZhETm&`7zLCj?B~6K-gDy;88YZ?mWVOCLGGyCjXZPk-Ro= zW|>yGu~G)8mwuVcuy7@33jkYJ2e5U=GaGpzDiH_?t69{Y=;iQ{vFT8AVqTM>aO6br zJ<2@&9Y{JI8%yVnGHYLGK=qPbb{>Qu%=Dw_{!@D zWOxqdD7ne0n63?%KA+Mxu4gl$_rNMkYF}}a&3i$1e1d9LkczHfJ>mg-)XU__8KqlF z8XCqvo~d?ZUN6YgkT|2bTUg_;198ve{TDM7%4mbxl+N_v4gr zS11e^t8LwNWmBPaCNcRWKbiNOo_tM4Niymvr!1<3Oj|;LF9&(=Y5-n|i)?ARy|o-p z{Z=p{6U^0aHHe7lm)ekF9^voKI3;mn${9H;S(~=g=*_qbjoyzZRQNnzXnyzR{^;U$BSFPyf<8AT^(J1FX;2F9(7_`+mJXbE9BVdN9@IJ zmF~o;!gJ3fqxFCv;{O6{t3NZ-i~Inmo>4ff4gUo-htGBu^h$&mIE^IHRy-Qnh7 z)N_SqKAPC*J)7!&y@r9nRzF$~A5SXa+y5gw%Bhb+6bv+X+Yf>DBiaAP9Gk(ijBX{&${K(rHp|jJ>l4pe}kze z4$96S``8i5YXQgu z;P0#K{EiGH6$Zw5B2F3)O8`J_Z1%^m%J|?05Z~hAySa>7pK(j4iU8eMO{`OTi@mCE zJsj{Dl%!r6Sc+9A#Dw4t%n03RA^axH1gs!ZoAs8{;bp&xjYcSE6pp%zn1b@**Ohk+ zN1!i(>jFDl)TBX+io#Od7t7wZ9rT->v!Vv(1d4!6*@+F;s#?my!XuQu0)7R9I1qp@ z97V6IQqJ=|v(}xnIlthtS_6k~tS!t3(>mZTX{eO_bG2lw8{s$05Y{9HMFKYMCE>Klb)1d?}l&r zK=H!K8r&viaB(F?sOEesm`eM!2EWpufI{ZER|cm>!5SIYc#71^x*w6_REwZU4^_*V z!>;qL)9p&KD&3V}%M;e(c7vHDzjri;40M+%qlAZr|L!G3@HUD;=fsZhgK_@pCipql z2MnB_*ZZUcOw)%|SZ=A7SgM2VQ?)C`3`7QjYuV${vS;?iTYK>{&Y(8uXc#7S!IH_L zmf$R<{dDj34IfD^y>Xw9*wJgc!2-DIZ0@fISA+YJIfjH9fcos14&SkGE;;_ELI^m> ztd;ZPI6WX1X09Or_4eu_f;`j9p~SJTcw9r;G#ii2Fg1l#Mrr61aB27u9aH+ohOf00 zHxD7mOr$CIJ$i0Tb+(B2^#jd4U)9!N1-xnJOn@!{Y;e6&*#ce5pv~iVdeE-Wmz+W# zE1Q|JxFo(j&rSuss=}p8pZ*}>lKC2%bx#EwWH+Q_dR{Mmm;ath`z*)o(3h9L9I@j5 zZ0CU2kSpDA)qfk~oOSABbfa=@rQZk`$fZ}-Fb_2uFfyG4$oKN(XMe52v^EGzS_R~$ z1Y|%GO0F+3$^;@abM+GVT!UrC3R}p#b+*h3!+yl0!p8>!vodx~Y`5`F^<454SK88x} z+40GpRVce!*yJnM%Ku}WJxzA?#2AEqPD5k0kVX5j=;mM~SGxNd;ayQ(KVDeLzB0_l z8u_?9Z?AdDFvR>gvs~C{=^yHWN{A8kq2dFAJhersX?@_eO40wYhxg~we`60$YN8t^ z#eJ7=ONN}xwVgGqeU9*IBKMq`NCA zUAv)>#1MCN;kp(B1*x~x3XX_|w)n&P;-9OGiJrv!rmwSxW`jCNw%l-1H~Y7X^=n5J z+aU)PvaDQs$XTv&_uFo3V}O8V^HhHqD{!bBwL1OlI zM#DE?y^^X~g7|{2Hrj)>K2U$?lGsrGow&?0Or1Wn2u;>V!OFzZJAD;BVn2#eTOnp! z4UTqkR)d8XVb~d6{M+5tEqm0UIaiTfAO}4k2gF^lHn!sBgd|Go*a31uN7mISwV!E! z?DvYAX%iz$WB!XccLw``>qljY)V-cX2x=O;tW{U|OaPSYI&>x{vHEAqDQqy-1O5EO zs#oHt?jZwliNKlx=D*R3N!_O5ChFQW^!F%hjn&9>I1J5A)6HvaCx8-ic5zmGdV9@7 zBCgsZS)uFUCetM-KELa@P;cbqkq&26B=Z|Th<)!6>+)nK&ZKnCQq6&uw)$K6I4(Vl zg>w6nR9lJCPa8T;%`go|kv#W7C$P4&Zgo?pokgi3P)Y128fyQsY?y2(HU2PG9}MAt z`cJ2kT5JfmJH;TW?VFy+LVYAI^1&Tn;E8~BE8X5OdByE9n3`J4A4Xi4S?~UEpTk}I ziL#xm-IgcwiBUt@<)7siz^wDjC15{`;DsL&Q!uB_b2K9Z>%bjZAW0ixvwiwvX_3Ge ztYHfWWj%i*Q}!={%)9KuX~o)nZvPjeB=(N@`udNsssC7+|Bf6GQ}_QzjX1Q8>+DQk zTe|oO`I7rYaX~N9Id_$AH|M*P6Z3iZ)b$x)%4j>DMP9EdbhA6_4aT3Sf@G$o$_c4P@osy}@(&~yz?m6)}f*Qg>d8>;?SM3N- z8V;c9sZN_YYu_8o9A7e-HAgfEUXG0$31-i6%|;3~jBQ);xp@3M()v2MWVxR*D-VKK z>GgtRK>4w&&~HiLC19y|HtFgS^V#}`?ors=0IJr17aCZ0e5czT72KUHluJSWw$ZqQ z5s!5XV!|_DpV|4!+Npi<*YU_fIT-cJ?Zm*EV4$iEbo4+ zb~tBN@D^MBe_bgTPlT^dvEJ7%q>N3sCU1H`(or*++zo|NF_x;$J+%^g5p|4cWN|g{u*b9TL|0R_> z7@}Vi3^(Q(SX67$?V&e_T2T~TEEH7N{wQzk#^Tin-PuUQ46k#N9Q~E()Z|W+rq!RI zh`0BZ1%|^Wf)l-rNA2QYum55V^E*~1)J~`m_v**kR9jOB4l{XcBIgkRAPu7%hO|hDNXH22&e4-@Mo2Td2aJZn2JiH~pW}Jo<9Ppt z@2-8W>pVYa42!*3uH4;=7y(Xw6~jW55Dtd-R)@f)`7C3Rr|IXQIRXDhUy+SX?+!f^ z`M^?BEbZAM`6zU6WKByK=U#fSqlZPR#k!Z{=5RB!O1no-`3+W^Di)xd9)_)&sD!^M zU48`HK-R6r@12##aua#h1H9?~Dk|i;Pz40<2gnv`12_!^U!83q(-s6%F$4b198ZQl z;Q{8Ep{WRZ-bgnIKFoR7_CfG?^3I-=*kj=>KxgUATWCLXx!;c2|3|MoW~H|%*ULh` zD7KTPA@_e!42?~7Q&gkj)J?$?tPZO!iC#zd8gJ8AYjpCqWGP}Nt>YpGUlVpFqHnch zGJyDN9~<4ud)h|0w}X3jrHZ>ZxQ=<8+FI2X!)=Nn73m8wAM7H$V-#-@|x0a5h_JHk~D9U;y6%X}ny7~37@h$MK6>rZe!W=vI5JBEI4zfDGC0s}DO}KDp-xE!noldVM946) z{;%}XDFro79Ow4euFS}$ez|$38aazk9_>2$B;Y9P1s@t0iRvla&xBNOqa->e#f7Gv zHncZI!QEQtZ&ylEy!QE?43jnyPc9a7k(w3WTs*nZsWM1?fURRCk|`|-Y2TY}*%dQ; zEH!jY)T`OI{Jr$<2R;DL@;7fK|14JMe_sJ~WFJ6&#vZUVjEm9`%;M-<(`*7x9h-;` zKhLo?xebJZc9(e$%ZEgZPCYvAZlZkJ93u2KYZlWAuXq&ixe$39_nC_6V!!_q3o9+3X3N(NIuN4nlrA=b)Z2!8Uqb)|UWS}|H z##|@6jm8*3+W>R^nee4xQl@)E|F1f>-bRC4BH`M1(B zKRWW!uWC7Id0&9)or?Y(H;z+Gw`RY9s&RY!bg0o}V5oUoI_szEpIn{`ctsb_*o9S9 zB}F@9@ZPs0KKage0AG@2#g*PSSoTsXPEem|joK`$=-8)Qj zu?0KX_?wdp&tn-`BzRsCK9?Vb<44xt4`N~4QH=jDx?dvK&+Z88PdyktIG)T+$WR_S=A5SnFQ`2t){)KeHNu+=_N3S zJ+uvw-%TgU=c<~J?CPKQ<)j}asNbK}D;3>00y`>Z(?G?p6VTNc7xiySy#S`7Ls2}A zD_@2@e1U1#JmMMZ^1Y>^oX_o$i)@$i#}h*Kyy%%nf9fEN&xguFttWpd)Vx3vw9ytI zOoo(*#tn@E_00UH$q?FA6*SP>E#LW#Ip3t02Rt|YZgqmjh4U9z@e;-)_|-z3tWWn* z$Bj|YI%wMRFOmR?C%XUzG{KD`eHa6Ud8O(2`bhq~vtm~%mv4sE9Ybexk1n?MJ!hmu z%+(q;GKXoLX=oXtlF4*w{GJ>rw)+|?-!6(7zj=P?-rb(3?f^u-^4qwio?>%@8k<~^ z<5ap~_DEhsy~g;thx2|XN|t1m3j{xN+lMv)t)H%d)mg>9(y_$^5XhnN zxc^0GQmU_*OD6Co4CC8r(Mq_5upB>brWtvBabfwj0wT1gg2=w_*lN7L6Sn=Re7&Mr zn_9=E%3pn`73*2^8-LR@9iL#CS!qb5yMF4;UPhYl(W-u-#JHJjg|FXgV}f8hw?}D7 zEPcm)CamZE?Pu?{&E4h9@*PU5rQ;;qSAW=40#ubkc=o~TZ<%jja^?}*H+zXTP?>-dEPg~W_1-KC>A1Bf zg=teyuZBPtNy2X;H;SNTH=L$p+BY?|MG%_gx4uTXG{>;^1zi&R9iGDVSN@>!7(5_K z=(6yLy?0;bTH^h>4Pj>oi*+7RA_1eADBFt4?FrUwWU(N;FCLkGSqZ?2f|E1 zpm#_frS?aoQIdd^8j5Vfl&BR!jXQhzYrKPFP2^^Nu-*J2= z)EvH^wK3#5i(}!Qp=)#-daZh+t58%$>lQys?=AZEmL=4AKtRu3H**6oQxJpS7{c81R!X&2RJZ!=GO_6l^ zh&FbzVMa6rr%LFmMXwC?xVC?RClC+a#ufhmCY!T&zqG4pQBT}439|sH1oISCF%k}JYO#+iQXY^kPi_G>1NF{=+OUL>=>P1RMO}L zNZPp5@s9|BIpb4X#E4uYggf^`h@u27&Mh59hZ&!5b-^P)Bi?}QKpadRb6BU|UFN-p z@4QY!f@doxJ1q?6)uw19^DS!R_O-$HqKjy4f~d_&u9h&T36pm@rg)=oGmO>nU?)C- zi>C`StRGEVcJXEp98U2pO24ZL`ln%2iFO^k%x>!<@Zb0HpA4YB2zr@FWrutCWg$~> z0_s6>)29Y4axX+st0i;tcg|}+rFrni$*&cC+g_((Pg1*D_WaUAi=Q8prl_o_vlurg zr`Mw;)vl_(+_L3Dnux2>aaMqBS56BP6T|JUfjn2M-7LQM%&O%yH%4>qrLVX+zMyHTn44DV98;(v09KTw9&_!y>NuLOj*pvrEw8kcsR z1x4=6uT$_ul!`o@o5t!oL+;Ara$^~)n=-rhUF|@Br1H`>FN!5rO@}{jBCH680S&-y z|2X{Vo#tg=@$qSU&X$tWhaNfNp=M*n`2a~!JdyqdtT2IIfQCM~LOJm2DhTnNt!w+59?H z9f+UDsWfyIR8iuj3OL?;pyG!sSt<%Dp^MAw)UQ}NmwWJo3|F8ItU!3?xN#3}_HIn} z8!qMYbuNn$w?_kB#vddDPe(7Fr1^>#kw03QF)>9E#z(5@uRT+mv4f4a1L zSk$JXrAR&PUQ2A1&E81mf29ar`vmRJrLDDMSzfCHn2a|{enuaLAdYhE8v&tmtXdm1 zn3|>9|Ax;jtu>{@m;bnnsO;(wod#b57gnnt4*Bh3*3xSgvm_eEc-9UI1V9T=nro3) zYNjT{{WB2pUI z&E^X3HkAj-BB1CP-j5Dt%}q?|T5%0tB*(%8@UM-0a+D(CZ)AqL{C2c-=ff>9@6&7H z?^x7oucNB7wDIo5;1acgqFMBKV6akeGIy54O8yYkQG5&1`At7i(uYR7_tR{;wBiMS zv5c-lzU_xQGUn8rE~4;1Ix1-hMhZ6=g)cgzD*5_( zTAiq<(kP3d_|W>2%YMc|na2al!;4jg&y zd>QSO0^C0Km3p&W9=&X)VEeQ+!Gh#hn z4(GSO=VMV?QyllUDJpDxY`j1Vp;yxN8T3zdX8E0fCAeE& z>u%a$o>B~@G-EzoXa|g0)Ygx)l0qj?15JH*md}z)%o|EfdXO$=EwQJcq#j%E(-Qs( zvi#Abg54l5@s}zj?>+W;<@Mk=K7xKxs-d4q*z;I1V9EhYIPe~KR<{U0s?n9k| zWRK9y-~L}u0<}M;T-6AT?zgd zT^+4CMnd@%=SExe1J!s1&F$z5W0^}IaUX$Hmj{+hoad*L(zotUT|}2ozSpRnoDN@g z+YHuXeZium@UT6_?KWW`*3yG@0!jdYy63R4l9GcUNzaY>O@cJPQdg}MgMeJuU)!sV zF@W)q)>qj*fu8iaf-RV{Gw`u+vkxzd=f;zDXWBanS$lUVnfS~MM6YPBaw+!{X>Ky( z@ri&33YIlarJLHNvbtX!@9)jIt-Iz$^M=&e=b@Qi`^%02)o@nJ0a(+kN<9CwOgP^0I_VaPk@(-U#+~&$9Ytt5 zPybq<-?;vXOE1jmqYSfGz;k;0O2wJ$&I5irt?ZF4&F(h+wvi{QCE6n90sXI5KZ|hK zS+50OWi;6v% zCxs>f&%zg@#nUGH;zJ27$_2%vJ!)d9)k+=qvRYrc0CKA-oyCCg^sWnHGR5wOol>9o z*X?Qs8lFnh=deA(qC1jICRDnG8OV%n8XAoA&Bm5G|hsjBHC} zZciQT?+{s=J|f+g{Q_^cl_VSE`ix73lbb!ncJEMW?)cNqZ{r8C1i`26aklAw4#CgQ z?dJ7|m>0#_a(u#_l9@wvOS6U_ACo`nii1l?#YQJL=>Ibh?z*_^V9kTI^Q}5%6@luG9m)SE8YRj-5l|R;i#{rFTqGah8yWO&In8J0GF6w>5}- zsz^sTUdIw!5yM01-uUYe(j)l=fvFacXkxl2M#qY|>m=N40$L4InS%@wbGc68XYcpN zk1JYg{S6NRbEq&-3h(`91yhetj?!N-zdavZvx+C<-MI$Y`jni-kNq*VB0xe)RIJb` z>%i5e^Vi!rcL$$4M;nhC3bu__5s_|Z9yd;=Dzo!&)SL3?a-|Pbj&Zl3KXF06y#L=Bj;jW_%-eaFe}0%dVbU`PB3N^)GynMZqZ_ZVt2B zXux25o>b>%^1{zbG0E@@BaSnB6yN^)JBLKH7D#r1GtW}(zhdMetW-stVw9-`hZpoqNq9LO6h{tRfzeuz} zNy>^By7HZ;ms{QI^m|vnLE1v^C%Vi}*@n}86nAQ-yS6)-%F(8sY5&z;A~!idP|gy& z75NecRxtODDUk}}a*AJ6hW-qRsE_TPeFdI7F}xDs!18qD^?c%}U z+~ckyz~)s2t`|`_a`GMNSDz!qqp25k2d3O?TuWmfH&njAtUdg{@3Rn_*dt1s6_>e2 z5!$8@vI1=2y!hbyiX;6hA|wwanf;#g_Rm1LEeq=F%z*EMUiB9Lzw&V-$*^7NtTQ!@ z5D6B0miTvIk+%u{qu*3I=fSpI{bWQDu$3C`}FVq;(#R5V1+_^b-^s(rb~SSgt)9W8t1SfE^1Z4|DxVezS3a!kkDk zts`uJd*0+D*>X)0eSBl1QaO#mS&4n;_`TRX3#Rzdh-X7x1JHzaNu!#_ zOJQ5@{8ALD|Dc$wvnWsYf7s0qRiYKZdoF-#e81bO#R-3jZ6tzNr5jgx75Tjj{+NZ6 zT*C0IXKb`21d0GAI}II}NrgXR{%&~2A5M9C>hvAV% z`26BCbnt0SHf^UlH8Lqc8%gQ4_(?6dj&EbbAjhi-Zr4Zy?$cb2X3I>1#c*R^OzDJw z(lx^l*3(dQQbvfc)F6AKdx>NSzvwK;J0?xUI;c+ zQu9(2=&`Sl(3hPg71*0)fX_dfaWcJs0|N(M;}R(aVla>Z+F>xU*T+dUq%kmk3&KZ* zWc`tMTXR^uBCC5qw!w@t>?4R=H78GaQSjSKexBF~A7gTBB>ZQLXAk9^F<1GGk0>5= z#WBm7ZkKv6p?je151g#<7_yEsyu}zhX6g=cBsHVuu}qWkBnixLp6gS^EqMR{KPFg+ zZ07Viv+U_#QQ>*gzL9b<%>GyRq}T^#wO6rS;!huLEWAmW?Z13|>^w`XyvRlad)GFY zJMUFHYn}z+C#<>bNDVUVD-CKY>|5Y!Qn~??<^1E9yxV+y2IkK}Zl_fauvoIh`qov+ z_5XTlfaP-gsPH>9i~`vdyPiCQ?PiUj7mtcO?b>W-H<{91n$?SPh7vP(nF|^{~q|x&{S_d`fps-B5dxS7U+s$ zJxv&_r^(!eGxNXX^Q<1jQyo&iBdtn5mvr#hB9?L=5HKTU*F64=VaHN38j)a%(RWRWgfZ|#3yqIMasN60DipR(48A24|g9a|VtQ!KgbmE4n$l1x2_hr9LGwZi-L4eRSbCLK{us}d4hLMXhU4A zav8JIwjXMmf&ch@&l14>(aJ0N93c9K*h%>g1e#evJcKs(-Be3X!Bm4D8dUXI?=8I1 z6PkLxklzP;p)!@eb)rpOZ1s(j{Pu^j9IxO0Q6NEvHIOT{B))ya z?mK-pqTxA({g8*AsA*v30oDBfAUP{Sr>))PUW!vNn0ExF7I@h?c@oijv)=8k0ds7> z=q9XzcZ(VN)m4^a)0qmz2kBMFg=Q8}MjNYU5mbskPCKiOb-+sgPWa!)bW?L{BQ4<6 ziFC}t4F0(HbJ<%K>#%!9EG~bjCEO-?Y07tqY{}iMck=f$(_{0fi}d#&0AK6Sd+A~o zihDX^oiEzC(>jw(u5!Qo^$$$bm#;WzquoK9;Fx+>5d|ju<o9w9 zpZYcFWx=i(TEYz~t|1UTOcF1nBbg7~aA3AMP1$MrTJTX~eaoM8+hJ3)y+U@tFD!#| z2EP#Dp@Qb@aPU}y!e^>ZqcC!uroO?6yiyG6&GIt|TcHR*qw~MV&>NqHg6$(trUU_g z8G;z?1b;G@Up9x6JL8y%3qmC>^~ciWe=!7~Uc#PMtRB59wzL=VDgemF`f;A4$^ch4 z@A3_M#`#`M@M^As>tp2%8zc89X!M`*U2P0pBdHstTcz4p%?pYC;a4299YMNY9s(a! zv`|`3gOxKZVXx`CVR*d{Y)tpZC1DsV@$KNT8C zHB-V~N$-5=Bz}mwwo;bWOneb$v5j3K! zZf1~B?bEExEnoS0iPF?f@HeYH_wz&qe*UzpNk&(KxYUN!nStz8`tF=}l_f$la;9{g zI$&OezDnzQop1ePhh08d=r=UiwbgU$zlw0LB+wA%-=inn@XQ!5P2^g*hCWM!>p62@ z>7~Ng)31vzH32R=H4WOvPRr^(lZ466q4^(YhThooL{eU#*GfI;5M6I4X{wa^46}Aa z{o8B!Kfa{X8=+yM-sNYO?sFKEwqjL1`N{{1q*b8a-Sdg^o%hPK_gQaPU-=8SC_L|r zQJaoI7j*4+6!ds6u%r{1#O=@ga7m097PinP)`fZgztAhK@j9T> zc)Ud|Zf-@}{M2?(4{%p-*=0tAsmy^zof=7D-#3R%JJu9s=Fy^q_irDoCBfXOb+E4+ z2mUYuBy<6_L;S(M%v+c-VG%xt;Td8M_9x z23_SIm|(i9;rTCr8#(U}S=O5^bbu+y*qo1|XK-s1@8x|mJ`gNK@7k5x|%NVRqS zuEnpItsK5ZE_#%xpR}h3x(tU4n;D*=#GtX3ciyI6U%wMXtvUv{K$pDtBd-51-xF{u zl0KPM)KfG<$R+PM{DJ&ulbO@xenkrbK&bWaW5&uE8=9ola=q$USJAxkQ6z2tRaw&c zPf1}TR>KYX*1jhtnzz0erBf##cZ!=msTEc?gddFZQfiIu(y|@Z>e=N4Cagj~PhFi_ z{ns_Ud62!wv-g}%Ny712=JmS;=PIzRTZ2J$x3vyd!$eW*cys@mKYX~p6I!F7gq|~1=xlk3bbuDW^Gdv?EO>Q(Yt;Q3 zT2#sGvY87FN>Vyby%rK0Dl+gSkN^qo=PxGJWL#RV<2_Ab3RmOAX;k z|LM*~GUk~Tp1AcLp}`=+>Tub%``=5nq*bY zq_9_yZcl~ev00HRPu@)f5Ypy({{ru)6A3Fq^vzDpc+I#`1gAgW{^v03OG$)OKJvE4 zL(KG>rUpacUN?aQ;X0`Q2V`B6S^>B<-CR-m4Tk^ZHOM_G2snNs6b%2S*!307EDEV< z&BR9d&Kz(rYf`CUL|%S+yh0g1{tk!a3XP8#`B}=;OColt4n{QKy?@?}r^kJO9i3pnpC2%loi* zaZ?Ok^fe26d`(O(1FsZ134|8D#*8><}OlW8j7j@|Rv#7!*%cR-9i!Ka>G zf3^had6=RmZ@>t5ksMtQ+d*PJbhHb(^G!-vgvc$Cfwhy)u~V zwm@HpY>WbyQrCkA7=?^2gfwY#{;L*#!cN8;{D5tCg+TqkqR{%uPbG(?^UeTb$y#xU-Cvv z7|e=H1nT6+?io%VgK}dUBd)lbt()M9wbnD^px9zZk?x>8jIrG6&0mDYQ1@tXPH}8Y za9o#^i1|c87&uy>XDwA$lbGgIxNgFrdO6rMM|t4#>?*4Zp=~kKOfN#AKFZY|+kf6I zQgBORBKDVpuE>N2pNrTE#1Ev|R)qDI477jsX8nH?&>JtFplDTq8L?)au_yeZ0H9;^#&jsjMlm0>dsoaX4Uv*&rhXWSj;+SE_w|^rSDXI zG{H0-+&`kXP0&`N6bnAHWHphSk=t&b5TeUWD=bM=@wYk`vM|D4W*ocVRg)gIT@HS> zFVSQYn{CZk$5PrI&hH{dkEn@PRBngh!W6{MA5yiLMz0{eDgKC>NH;UtNhqL~go+Stn) zCA#`HuyAcr&|lycpn2kvy2q19V=$W%kH+N{$;CDrqT?mqjwF6RUBkH?besQDYUb2= zqd@{VH-63+r(JV_Eycv|E&p@ojluvvQ{t3-bFAEqa({muN|j4R_YS#;c4iL~Q|bb;rT-;#){- zsG*=#7;L@MlYYAc^z28Vw;g(VyO(8|PIq+pE!1|M`dMZU69S4a4fW3IEgNs zysAGpiP-wpUpFYAj|*c&G?xFoMM>nF?gJ14qQ<;KjI>h za|Nv^I#&Q1$`@ie>`6c}-;Te~Rp7MBIN>G6jice?mh{Te101Wm=eCNETs|)xU@%9m z_1Z-3LmyvBzf<;J7#9N+nU%{F?RNhmUNsi+EXZS)_$h1=dn{*xMxPHcxK=U#5=?)^ znYRh6o#^4oYrsylyK~oPatf}2-o!IQMH$Lf+pkVN!*6_EdK##w8Ob|sE!!#H#58`} zL~-I!9ABZnKh!B)VsFxPgIo4!bhcaJ>&~pBf{th zY8_IFidt+rOhmRw4vJ}WU}&%Li4YEljbuy`WmPhliOXD{GS$eI!5K>XG`}x4n#smE&;OjgNM}Sn=PxiL&6E{X>R8PB zetu=w(appAop}L`>I*#R(p|ba=CSFZG5yEj?bq$u7T({WQDzBfPq)t& z`6LH|23U^Tp%E_-@`04ERBE_LR>5(q&AL&$8X47&qbSyWh3a}p^VJX=BNr69DLWYS=<1W-5=nqkyg(Hk!g_BthPUiIyN12cbdW#2A-TVuU*#Z_ql zi69#u>GL6xpzt1#VRA8eTuc4s(~Zwj^y3|!*W)QurqMfPqE{_gR;Zx!Of4d+2_>As zbE>jYI=StSzsyh)>wDsMi%1dFZr3EM)qbyh+aTqnU_n$-ANt4`?K8Gc<2F)Z8qDj- z@Y78Mw1{-$jgq*4FnHn%{@;fZjDMMx+?4#e$1kS@T>hsCinz%G^n$&x4F2c}V81wX z01bW3(!AnHP>{VS?)1gTTH9j0qyU-Y!9(+J0g22G9m1hKua~%PN|vx-s3XJO7S@Gg zPbts!I{quXwWHR@%=R>%{8pbnK@ewA7VuJhY|gQuxA7i7k!#%aMmv7Mybi_uz$*txOyb2II?{469Rgq@WNgO>FmvSmF6_P+7+@2dg95FW(l`Oee z%C9BP28+t^?0o{taQ4f0dms=YVK0_3AV?whVKARNsp5#K^;cW+uBEg{2nQ>DXw)eV zbYD8UiS$}(`XIcOYGLfS2KITqaU6{@%{vV_;(_jXQU&G#2G@x*4=4f&x*iS6p@{^N zu$&!C>wlBK5S+V#bR)vu`{#un3GEuVdNNd(w1JNeA^FF7rkZ5L}8 zbrhD#4et!^X@7r{j9~o1KSKHFOgvsa**iMR6socoE=^K+nz>=>Vf%;30grv{{4^(F zeC{19JAIq_S1YB1vX)wOrZZQLZ+#bA?GP-f82n>UY4WxFwM|gU==jWF@<6Zpm2K6*Q$s3X|N1GSS{i(xxxBPiFEpucK5hG zrstDt$qkkj0i3*hW6*nvO{@7ZD|Gvl?L(vOx-if??tNB9 zenIxBQ}u&@BaCencPyFQtx$2J!@aF#jaj*5#AGqQ7-j`DXPN%U{gA_9;J)L-7IMi_ z-S8P9dg0PTiLUb4%n8JLBmoV;@b-I`6Rmf2+Z~#L6ipmqZ|g61u1u8}SLL1)C!9}K zJfJtJ%Y7*5V<4%E&L9&6a9iA}weK%g^Dp|4bD9x^Nma%vh?kAYSQ!H!3yht-lKi;P z%N7L`NkkpFb(*~U!Zx|LLzl%G2N^2fuiR?FvevBDrcK3o)8*+~1otxUYcj3I1urQu z5BOAR${g-MEr!yJ5qO3X{Lr0(;Jy6hyNPT{1 z8{BM5$!7SaK;)RkXWAIuzh_DUqITJJljKQx_fZbAQ+ls!oJ%ATQ~xQk9yer=#GV6V zH}_CN^eUUNk78T5!sqL^j_4NXkX3vp9}XKA-O zRrFKBRM8dT6*Gt-ao(4sfuX=2jZE5I2{zRFoKT#VQZIJ2GqGUlv0@T+S^Ski0&M_7TSE&Y`)AhKW=Z`Q$p{g zHf|1_J?6g#)q;J-W~c=>%J9H(%~%b$ebAFYT))kaT#x`?_A2vA_Gz+ZSc}`mbVz-x zAfy7-(b5mAG8{zXkK0ET@KgZT{Lc)eX-X|cnSJyfs$ODBpC@YjH z6df{ywiLqGUk?G91YJ)9r69|ZkO9%5^=X%VGpT}~8Dz=1{#wQ z_5KLNJ#%~Yytr=PtRkM|*0AAPy0Gr;W%I1n2>o+?xmTmz?)U$Ly`&*6(B{RN>?x6? zzRFPT84;-c%RWuSKIR_B&a9|4So%9G)cf-pZ&^7||5884Hfy0n(}&g_OFmU4T9F;s zR_m1LxFttCt7Gu;3}c)*0P&0+LTFYy@ zXt%8B$s0@7G;q)dV&%zo#O?tHA()z{cEm)39H zyUK^-F0q0J3dU2Jzxv9)Wj&PeC^l6eU!P@LXJi8Ts&y6EN{edrgyWFhlkE*N5QF}& z6zTgJUi?D7e?~=r1hBMn9_m+niyg$L~3dbX|i|! zNnuDY^X+|_-SfecR4`Ah4o>3PGN7u#tK%x4@U4?2w8=-SJzC_}NMV|KUD1LSRdOvK z7v$1rq&SEbcI#hJcukZ8q9}@Zw9ylwXA=jKA(YcrQg&*ST#5#6&30KK>gSsttRi^< zuad4oE5Vp;nFl^4Oq}1>01COhr4Z@?{raOg>>j1L*txB1wZ3CS9J4TMZc>(M!=)@5 zXOKgmGePR1@y9JaS%OjFB3&#VX064XTNhsC7ibIaCJP_KahB4sCy>jOTN4X!vby9U zn|BtH3}@#;wag50Z`QW?{-dTOLY9GnYSiSPeS?-X_$MS~2VNxaEbp9w!Q*%UI_vxL zG_)JR{cw4kGVS4jhiyNx#tRp{djfeaZ^#-4^gI@gQ%h^=K##cIvu^tPx0aCjIy6`n zUO06DFDgg3U9|OdU92Qez$>3knD#g;_6gYSR3vkq^*+0-pCx1DS)oVSg=)K}judhf zrUK?Y4<2H~|7IFKe<*D#SJ-|cM0fkc3@tJ*WjJU37bI4W$1X}QUSE|N4g~Ue)xf+B zfk_6M_V0IdA9l=5$5uK00zZVU6}1b}BY9>OJHHvWxVvP(9>UM8NGiM?s6 zh=y44Z~ig8>ijYGHSY3m^de6=26PqH^Kx7G~-R%RCQ1gd#wU2+zRlj_r!_IhM^> zvqn@<)ISoVhwKWo<@Vv1VEn**fgJpq!ngCeb4yLjo8+EE9W&D#WoO?kI!MIxVXRZ; zp1v7n|6={2A;kVd0Dx7BGZB9b=lEiE&bGEvwq*64WlHkr+kV=4r&Us8@<<&87^ScE zFxiz*jaO)F*}-^>bzt2)5IcP$<*wd$GA1|D$tN)cwprSZg+o59q>s_>KTG-VuWz0v z(#PC?lD5wfPDi$n4*BX41ws`4J+u=SjBaNBmQvKApl6zz@lXX=dyr6`)t^j1(c!f5 zbTmr{?8TYarNi%>aM}c;#v>EQ@!HlVDUF?FvDfoTJ!QANr-fZ*>3q;x`SmQ%qZKBp zZOzadRkg{4v;F;@5TvT3=%U#rWT4ucNo;1@AaH>g_})2o7!w(7`QdxO*v#QAq-B>s zX&ONS2$Q^>t89-~&3hzmoYV(l&Jx^b340vHBo~M8Bc@cS*EflsoTw-G*X-uj3NYq? zMwFN>x>{*<+L^*fIyZ_WSixpGo)w z25>st7P^Q{;b=YBJOx4L?n{L?jC=Q(N;5kqe++*_&Er_?{qWy@F>~CHp{U{PlNPnP zWo;!1i+8r>`iROm61G2tFD@Ba&rlxrMm&c1X0AW40|PVJV~|9FCM2 zeN6hHhTr>JGZgutTep=dH>Fh9T22Ml&$Q!6i@(&lP%)cG5q;%&_1~j_TU9?}DO>P? zaNd-#wTJkPrxC)>Vk1Z9ctKM3MN=W`liYD4n-j*ou^)~PO(irw0)UiBy0>->X zp~mldfy~7*wDpg5c(gP%;-R_F5ok>fM}ct|DDd|->*92C`e{gdZItNyrU}9v7!SE? zN9AeEf#1({KYyY1D;L1=|MgXw?swRE#&2OHKjNQO0%PsQpQ!`q)Ks0r>1I9?a3{o? zYE?ySMV0FPWJIcO-vOvx^`jYwkaiWMkFeMlowd$=9 zNYLll^A&8MEB8QuTj9s6DBtCb)T#y}?d2XNWf4=`==qUR^rsNKgezP;r_bvZ`7#Y+ zGpGGBS)XTRGd)_Mm+3{yjOnI)1*{2$7dOvc!h4(qE*$sz7=WCq4 z4Dee%v5kE(VIWJm-;LVYeI%s-b5N(KtjLdV&c%D*BUaxTj^cqZPJwEpqXcD5$>~|D zN>}D7Ox88$wdfYtlH(Y(W!C6PlZSum@8O~oc?)rU2IChL+K}0|^`HJv7Qm{HeJPE9 za^bM{fq%~Z34w}7Fu)k301&MtKL%f5!ebF=1m&9Ar4-Eg=_Ob(4R z07CFpp`pUos_KRfc+2ukoa~w;-bF3N0}SKqy>2elx0qJNj(|4s(-YMkq*R~hbEa6S zdsJ~5cy8sRZ!iE7_M@5*-=dD#ZHznM_dDWy29Gn=>lT{fmT07U3vrbN>L|qer?_lj zsPd_Q9J4rCdC6fvn*TD(gU+kelZUb7b;YhVogU#;D|MvwupcN_AiP|1U46Yea<=;A zrLzNhMY%F%1@@+$-ISu~@iceMDH1D3Kn4g({*b00ewdw)JjLp$) z`G*fR{l4JUv}3du(+?e=F(t7(rVYmX-j9qT@T(a-aQ~N(8%_LSd;&12r3=hd*H^)X+Nka3RnlhzZ zny^CFG7160XD7Vo<}=b>$U>)jpfF{s81{{)@Bnc!*ZV$Pyfd@XF%^FG(DW7f5+xk9 zQaL?N>6?%Py7#F2*TPqC$8b_sl`}lqp3By_jo2`zQZ5DI}NG;3UL(nbLtg_4V0*J$pHLn>??O zq@#5OQ4^BwyCwRk{|{AX;TCns(8XCrfwv+{FY(&-O%w(&9YDe|HDV z7(S-(8dX!>jdUX)tHey+fwX-3n`4%l23_RB-EA@v%gEOgt0lS?WHmf79>nASxcu+Dpp4x#QmQ-SH2ok}b3y@rU zx9=f?-!o$((ln}TJt-LhNjqHu8#{_swV+ z8WDTk6A_+s*E71t;iNul#^-q%H(EGFObB9X{-=C~gQm;o$YXWwGW#UQrHN5W%^hZ6 zgJ3?gqS|nw$b~9Zhdn_M^Vw^;Lhr)IELfU&V^!)*28D}N603gUkKFGnPU4W~H9HE% zVe;p3W2NcUCEO1g-!hB2tEFHBi~?6u@mT3=vr=h`z}tV1d@f~gU?ll$n=|D!ubj_} zwWo(6x-VGOPmH&eR;xpY3Zh=bmx`u%*-Gna1eQLhn~r5a?F;!7r06b&verJjzY|0* zStIVao-I9t5?~Dkr3E{|VUwlnCk!`r+5|KIWI2m8k)OEQlRg|$#%CXh$DS2@CGZO7 zCum1NGFYL@dxm>3J6HB?c~yN5mFs>WFymzkmg*V$*do*=?jf#&90+{AOmsq3Is%I5 zzBIr0!o_6X*8owS$cEPQwhn9o*Ezh&ux~eSt9egmUw2PriP^VG_o2b>Qv}zl$RH6V z+>xckkUMrU^7g3I{&FdSJA~(2+gXh5E}eIH)34*W$h1GO&fS{+;V&OE{Vmm6kXubF z>0?yB5ixJAsOH=qz>y>Br*N&#KkGd)^474 zcMybJO5&2CHe^ysXjul_Ae%f~R&W0BYj>f%pUDNoM#fM`;C(PiHL|Hn0(V8&^URyc z2qZ$SS@zjyJWBO7y3$*=+kd{OF)?mTnAzQXMVt5U8B1E4z4cnSP4PUFF zBF_&G@M+PYsNUE$Zy=esLV~8T06Kryrj@v!CKi zK4kNIr(YW;U)p^U(ei7iQDn9-IrDBid52P7fn}%_+78fY*+t|rw zJ$!+r_a#p!hn6g>%6|2ems_Ggtx#x^MMY9(2~Lx2Czw`-{9SHU?!FP{J z1g@sB=S-WO6S^6n=V;FBgq)fV>*t1=^l9{>??x@^YOzU)XSiliHDOI(-pTV$@4-wA z-ThPfsnc(jvq1J44wOhC_8AT*)t~fIywcJLcS6Jd_G%O_d{g>i0}aKK_%r9O1!(6*_I= zAqPmbwxYq|Q>hHvz!-4b3JMyb>YCpi_W_c4F*^+!Q@ME!-onEX(V?hk;+kh&xH^?; z$Dgk*6bJ=A*hJ@qN^U<_SZwy#wv#UOW{ONW@e?DM)4{zaxnMSP3N8t!16~kh4i-%{ zmT%VmNr;OBw?B{reZG@4Xi9Gd{SgXqwAA*K&>ujmN0)H%4Qt&6m$Gjs)_#e1mL7F{ z3;L4d#OJRAjXUztU8|NY6pm-!oKBmawmy?lO1@tKlaWxT(Y1F^f~)*qJWms>2|V`a zSi195^t2a*_{7=lv_UoG5V^0dOjBx{0vHjvS|!W{y^fDo9-lehaA`N%$B-_#*eYcr zo*@>e0nTt!zE*khJE$4{RcJ)*YF?_Ph&vaMz?>FID3V+H?-|ws z%cz#t0GyjFI;=jAN(>t9mJ>onrxu$g<5_l?bc^5zAA^G@nodL6qdhKZ8rSocoZJbx5bBRc1tQT4U$l6a_1lQ9zi4b-Vo#fFV1 zX07AKyvH zfshNHb1AJCVjG=Dzfa&+aa`h%rv})(#AlZmbtlLkkE8QTOxhDT1R+~L4@$LcU{q0) z-7%%sec`$Mg+2<)881qvO zFb7j2dWqR@e=lZTsh3zN{3|j{@m(?9B)+TK`NnI=RQ|@_n4RPsL}7yYWyIJ=72YtY ze-N^ZT|{$d&J%|6)^d+5ZW`)ZW45^Pp}Km2<)6M0bK7zyb=Al_ z3FrA1Xv-BQs7pr%ivore0Fgq2tTPNejbH6O`yy%ym(_>O0O2$qhI_;gT_q^lr8+3o zNoeJCB586Z{^I?7({x9R=|wvI&T!_$*%BXhZ>!GZ1=O?dwx_aZ@fJbmqow57>%X#JwC<)?x0LM|zA0|i%{iPZ z!HRWIcP+atYcwd-^!UW6T`v+#dwtD{I`yZ}I41FAtvdqM<-LqeKJjW$Q-%_~XLusn zC8aK_n8rW51i6@oV^uD1a}8q+IHCn9+QGd|L3*ja{ccINU-gtU1!2e4%+lxc3b#+* zVgi0@d_es_V8vawhrTt-4a>W9QiXKG&2Isgvj-eb?ymDCLoLyko-dJ`1P93Wi}JmV zI7wQ>=N4x~s2xn=$DbVg_X=$Q19(&gm^Gy{bls*s{M%j#L)U=P4n3MO!s79;eMR%; zTa^04#=A@g$SyvpHr;lYh>=gW`LduQwdFA3Jn^HrnIVmCyuaOC=+I?9@r4lYs}jVW zg*8i2dy&=^7r(*E8uy0}%~Ox>6m~sqv}fr-a=i~WuUJ@Vuz3GUBL2BK41vFz>DMf!g2>1Y;%C z4ztCG2GH%&-LP;fKGYE5Fl;eujgd^$X?2eUP-Owd*LJWB6w*5|YK>cj-cdK&6gD)D z_9UkU2cWdZYB#bb#Z27Oy#3tejtJ{E_D1z9T)qBS0Ejj;TK zYsuicl4Czit`w3xL32>LMG{$qc+eP$$;0>5)Yd>Umi7tn&EHG6sS3YPdGgZpO;Fia z0g7Lk_5(pyXl@q#;)lCqcYeXm;-JUB$`J^Y1{MlYg)u&9I)vpBzg z#)893ocgZq^AC1+)YNyqyy@z5t{cWDhxI*m>>*;WJbP6}X^)uGX4hv(Z1rk{xQI;U z|HTFo(TPl-xrhxW`(r9ak&7-<5OB$Sb7y|P5aKusV?Tb4NoZKC`#}mvd=l>dg#YT& zeHXU(4+Z)7i4szaaub>DmX`A+cMXlKA^|9h3b6b}5JWlR7g!)Z^3TF^AosYM(1vgZ z3(G0a)Xsnxb&W@8PV}pa=bVvx^5aoVjIIuMFf`vU&zJ{6lDYD{?JN6s6jy6DUj2UD zEx)9>)!;3BtbUpdl)jen$V?!T{%~l|D!}a1fmEVjQ|28;^HRec-91|$qQnbG{xDgqn@if$PHikS@KlK8zmAW2d?8Am%eef#hg{YA_fQ%b{H(*QZ&&Msp9 zO-qC?^4Y{O>+-zR6jUTh;k;PuJcJDer*61FNQ{mrWm!ofGUd=r4N2ym#pN2` zHndV}!u=Uh%aEJ4^5)RE^{4uvtu;3OiEwm%+^x*7<>1?P&#!WUJwui>T(7)Y8&K~e z|KFtj7f&u0x$(pp*Iw^Wn%#+a6j~+PmHWA)i!U&V`+v#xchSpnWpkI!So3< zUzSR;?&V2n^+*{k-?&5po({QI2a=##a^v%mxJUa93GQZMw0t!q;1jmh=hSO`Cqmg+Yo#q5$x6Wy-lh2La=T4U^QFbUK$$@pocCVxw7eG{p3OCITF~CxuaWK zqqQ~H#<2Oi&DI+zlat(Nf^~Xs7)BE#^*;XG&?MgbJECjS^3lUiU6I-MqkJMKdwnNiTjK|VK`!FydcHhO;X~M?Bp{C zt=IIOTAbbgl3!NhlIl}PmCmi+zWk3I8}Xg|e%b*U`{@9)%-pNA&MF>~8IyJ3R@J99Z_6Ae9C5CJFXAL95bB~4Dz z8${cS4y&dH(S84U@U4IMl^E9#1#(HaDiEgB=E~f|ATPSUATlh`UPx7T*=_y(m@ZqN z>h*Q~Z=Hy(%xX^@VQ#3}m>cTC+Swxj%MObeYx<*tjP>*o?rMv?MkLKbicvyO zSwE~U>e3^yTQo5zXy5^R|3TO{dfEr-O(bZJD^pF{HLoONnktiP}>xQ4EN&BH-YG z40VLp%|sJ-SRfU;0w;zdp7U z)_|1}=lso=ZE_k@cz54BsI{JqEM6UMsJYLaGs?|`$+=S5l51kfRo>K_FROTp`Z7bw zKaVlHAq_&qQ7b?r`^IwxLhwf4yyVgTXEhdADmy#eo2>4qb}K9avws39;N=_hbX;m# zuL)8T(lgWHOi1Ng)WN`ePSU6jNmeqQdFIUCi;ej#9E)8%Y0u-1b|s>(49DKQKZp{i z!Xo-&Ys)VyoDazaKQc1!NWZR^^>UeS9Ib}g+~CW-l&^GsVQY;EnMf;DE4V)PEW|9x z^j`)~=j$;at4cZiZ5h)(?WqK6G4eSKG#Q;?+a=)DxpWRt)YCHFBAxtp-cyhr%wiRf z=*I*BUUYH?NK`VyoB!ztrFg>vhaG<(sG6J@ZMsyC%Wi$_wC&vIq`qp3WK^;_3RrCP~7z^iMN85@K?;}puz3GPqqK@m=Qz%!CGz}l1|K3&mS54hKsU`w z-+B;WO*Ch>oBvA7b;yl-V6`VxfU@)o&n)}EuHS}k<2T345d(ge50Ox)o8|it`IjtN z7V}5B_4wiCSMTU|X}O*9@XIlI7>xV;fATP?k&?Dg#M#PA%Ic=BFV@yiS9(mnDN9-c zuT_eo4K6q2t2jgmIc}g)VqBAffP6zPSOu1cN$EMJ#x5{bP%g^E%671^@lJ@HG-eA{ z)XqA%H@M$R^mL|Nr(CS5i&{^_*^VGX-{PSMYylzdX5DGfl5*&Tq3EZb_4SX|AH6c~ z(JNj!5dU?xmCiWoyN-KM7BTXw$-m|(0*^u%vOQfHX*3t4o9tjE8`)!s9;PNB2DpSh z@Qt5-k4*zs+uw^x1X(8yfHQ4}!yj2DVGX89b!QrYfY%7_WwJ* zos&m4R|VgAWR(GT8`*Va9T80VN^g7XIUK;8)8FJsetN#jVs?g(h_Iw@%EWWE-lEvEPakvQj$AO@x$2qN%OAM2NBtymAcEV38LVgjWkS{P5wd!j*pp!z)b2mf z6%-J-rK*%SjMp9qLH^8fjava4RY$CzD2(uMrv(AtEEUXcoFxlOv|M{dZ&0&R?fv=rwI| zVr55UI@4=@o+tlC4SWDo4MwIDR%N?0W+@b}9p_7#y2{$hm1=|gtR{5nKNvyA7kNe6 z-qjY}e9J1h)Ga@6w4<pTm4z`aP|NeMnc_Qe=U!Bd{GaHr)WT)(_ToBHJkI@RF zB9z3-K*oXAbv8;}4F>rx*Drs38C36S60F>ETWR@Ta#9e;bdZ$lx=*9zX2gw&;r(D6 zFMU?z=xJcpu)W;fYA3$dP;h9hz&_(Gj~hAu7k#<5$|v*p>J_ug+2uUSe< zrmlg#cb3j89$H-r;*1_Ie!}~VZFlNc2DnHSN+^!V-3H^wAWLmFZ@q5jAnA)6$lAM~ z6s6}#whN=kx|PGq8>uH~83{WdhO2e-D|^J2^x_e$xh`(h(d*#sY(*-kJ)!3=rQ-hj z!m|GI_~zhC;2hK|oSv0-t8u;g4pP;;MB-lMIhlHt)iK9#Qxn1Uuz*(*xPcq8c3(Aw z+j*P&9;--(y> z&!A=3RfPnl7GTS`#F?IdIj(cgD zN3RCC?%YbT&6n^!^KQE@O=Iu(;7ZAWw=F+%1ZU!?enUZD7g=X>aZ|?A|B-$bxg$%X z)L<$^ZKC@mqTTs9;U3;sJuRF=rB@6$Z$9qGsyg|vF`U-!%pt=$if%;MWgwv?B3N1ml=wt>BOZX6pe z`9(C{B3a-g))^xNYuo;JWa5ph3(}u+?mDp=2q~dgdj7hiz9X$!Ykxiv*WsAc$Se#?PD+(wD*#hD`y^$tZ51flyUC)YN%uBC7&QvpT{XHU#4WWARJJiWaA zFA75BtwO=<(}euC-(aD{AYws%1%~4~VgQU3F5x0O;sSA}X&<80MK%&#NNld0Z$fk~ zk#>;ZT5d%n4IcISB^&wn0LRn}RYOQXGYDa33^mhl8JrbAlp9zmY2aVUb05j-=&MG5 zf(?;p`oj?NL07FDkA&k)N4x8p;#t4RsFu3k~4E|SWDI5J79ZzY8`AKwfrT% zZNK#xr^;jATAq)$`lwswOkzhU!8=Lj|9W%9jiuN!{Xd+m741Z;Nly?I(UB=Rw#@B2 zqa68qwy`+-Z`+6Ai6u>}>8G&Hg_Y;xc12zB&8Dnbu3yy2{bL*$-)3f68_k;5)Ta=? zWtQf0-h|#h>lyC$#_R-dqUvqd%{;4rUhceHqw!D<*-E2g(gVn9gsXO-H*3;oy4p=f z_ABo&H(zAqCG>MKbagPZa)YI0&(V^rk;YMw`aJo&-y3pK`ONkinIHLk1UE1$-V{vl ztN07_w`MB=E|VT~wmx))rTXkQ`fF_$=74G~p!I4!CSv%75XPIo6{oj*uY78JB@kyi zh!yS@9!l)FT}`;@{j_EY*RU$WsS@YFHT7FoQO`vyad*}C%it29Zm+qe)5PtL(vap5 zDNL8Ad3VWIIe1?2{qWh&>E(`CB)M3@Ofx3eN~ z6ej~;wI!vxC(kge$Nzp$GZpC$DwWO>&WTT z__TcK9un#mf?%Y zAV(`NguNSdrVM-@c5c4}3}wCsFAY1A()2c%Ggk2Xl{V20+otVRKPc%1H)uWo$!#~Ov796%>>7d49f zBc7XwGS7Ipn>}>xeq(w_T(Th8nSgg@Qo5s>7t=u~BC6f#;{GzAVWy3b`t!S?O;(II z1N|+VX=-aWQ4(*$WN!J0S;X*2NCb-vQAH`av}P|pwO_k4)RclpKGRgU)4dnhgq_|K z%K>p$n3PbM=7`Xbyoov7oD$Xwf*r^6oNHyIz=F2>U1$PU5Up1wp+6>$DfYjnuuBJyI?cfZn%SJ^oN%{kucLdT95-kpucP_!{NB+mX>owVlg<@^D(^= zNh2>2L|=ulu3i50)&NCYic@v_jxzodEB z1o0m_wk?@8bQ=S02mcsUTUq!7A)eqg?J!OL;fNAHcIvSnveU6aHF{h8?Ef7^hNkR`f z9(aE06aEofj^zn-TOyKkvW2Mo^lZxT$)sZ1e`k4fKjEL8g;s*JbAVdCdz zSF`Aswz>WE6HCqt+riu4))~Bl8m~sKT5g0gnY7&I0`O${RL^4N#v&P)$ijTQOJCC^lwfoFc9AM3Zg=ww+{hPy^zjMB0DH>@&=#Eq2Rsj8(YR`^KYW%#*O#B} ze6U#mTIhwr*O_8>3F(MGHt#q7NWw2SG=XdNHVeH}_E1j6;+nd#oJ+5AqkNdRgij_0 zgwSXRE$zKU>y1jHGL0*u^H+DjC}48l%7KBL3#pK;8JGptoW+yGzByd!Uda8w|_Ef`Y50w(125`K#%pvzT7Z`d?Dgw))+~{i(5R&j5zrIu-4}p+S?DUg3y5_JfELvCJPz z(qB7%ewGQF$6)+nLIOzHjfo#^)YIh+Wj#&LZ@g+YYCz6e#$u(9(5 zz^m4pdq!3`%A zBhErs0@|EN*x-#(EKz-xiF(l@`e;R9BUvEsG|ACGug!Ex;{S>}-2Wr)tZHW1L&wiNs2<~SM~b3@)pHRbJ(*cE+K!`RR9!w_4%>z=lEC-3wD0;W@Ex;-2! zs+uk6{zZ$5&5UZNJE0p1PnH2of69-WWX%OV*d>qJMFfGbH=9mt(bNm925X*=EY21g z^gXpxgSkq&KAhrFS~x@qEa@K_&yn2Q0(d+@q2%a7F+XRWc%Y#$sRxw!oxu{*r zt9MA&&OYKsf!+Bq`O0bAx2V^vm6~#|m=`Fjc=i#E@4tvN5u$_KeI&?G=~a^r9zAIb zxBDOWqf$$W=&_+wL7|j-gUXlrNR}0m$#mpQ_@6}(V*7A6j&Ju$5W2seNvbR$%q_bA zmI)71_KY@%m`TXPcRnHF%Bk~U|07m+)Nc|&H&?CHKw7f~?<{ANa{L9^Ue`}ACBQ}x zS=~gA2{K<06Iz$Hs~|BK@&d1M?QZSU(!;DLaqy@Y!FUH)Iwq zy4`M%kM{B=lH##$nRM)AM{(0tKQ8f7*VrG#H|G*dVRTAp4SHc1GqC}YM%GF&cT~3( zMyTA!)h~RYXhTXJTkOLS<_`vKt!&Hmsf#DIJo@K(&eUy;Wv}5KmC4GZoE;Rln||$0dhlq& z5^dO3du^6ym-haUqx&%1Ed}0ThwGWxB6Y)sD;&At0U-J=Of$HT$SRLxBgDA*><9e6 zTr6hRXAKF#(SxE?-zv|^C%*a%G72PXw4oSWxf$HC=t9#}rxO zi6s86fV?oIK^{zu>!)U)}AoV6u`^VrzsN=E1P*E3>4)7bClOCKMFE*5M5(4v*)nYG{ zbHgALl(s(*rayTWSaWe~2yMxOg5h^%7e|#$`W!5MQ{4vmm3HJ)+ymty(uKtUSy8}; zcQ5-s+0#@UPX!KXUWnZY#b!JH_7A~%t~nr62Lmva3j>g47#m4$$)>~8HA4@Djg&0@ ztBqNi=-R0R9PU)vYELx{1Yf(ZOnO>q3RFZh90$306 zmBm|V+8xqFKB(zwPrg@PbIG&hE-e8f~yd*M_F-Y>+e`(nr@q_++Df4{xCQF z6wVsduE!q}lVWPWwxwFAUQU|WU#UR8r@bhR(a8JH^J(SAus)Ua;44mUUA&^%S=D>8 zbi~Z6hPsJ9hanJx?9&?-F;EN=*!`@~1AliXb zgXUk;%~k}_8+&L9zdJ;VedgstkTPVsap|q`-P*;Mu7otjoWF?RxeDzo4oGL#4?*w* z%KmA!2tPd)u=e zN04DF3SlC7yId3N!Y(pj+RmLMiK#b;!U*4!czd#AQ~gb`6u(=7g&eFALO09v5vSgU z7)bC#J7J86+umTYcDz(*2Lp!}-$&GP6h;d)0ddvzj>FG6*b#Q@@h5-eZ&4!ubzUuL zv1HvaLlXhD!gb^GK|FK)*LHP;otk;ceAkou?ZLNMJ-5iSM;9MF0Z(7TfhE>1uHuQG zsUG?Yc$SAdMx4$53p8gSJ;L4}ONW*Te(_m}-=N_L_mIBKzDK{48}Aqx(^PbQ>F1Os z-mu$_;Tbjv4@COQU0TsNmr{mRy2|hndd{0XwzJE7MM7}S-0POAuk;xKt6@@&AxNxYH+|2m%vxtAf_I;qM2iUPQffm4v*? zw`WlX8SPy1v?X#H^;u&EbZ8Ap?#Va*q~}Y%VOW6IR;Z%1e2?RodiN+oA50}jG` zpHW!u@!$M(s^}k zT|1OdAY+J5Om?LDGF%-gIx z(p)0avq}^jEYLpU^n6PO&enU@P7HiFTs&*~J?7sGUt-&lYsKCTvNYpem8m3O7 z;M!b@HE!Y7c)=(Uqbl=l$-#N;54JC?4eMcr7!PtUMpvE$G!MiyRG8(MJx~y~&1<|J5)Z8gD^TgcH z$L`dL79D8gyhAvFY&3nBXS(*#bp*nu%WM8!DS&!- znrjAU)6%H?9oS-LhK0J31~$f!dZ#Ac9@o?lF~hU^s@pSUp>eotTWaN;%;O`nVME7t zPdc6ee@nMvpF7g(XYC)har;D|Uk-sM!J<9kc+sa=3XQ1$G|)Y7!k?5ls4$r6%4HY> z>f$m?AKLnB$~%3N;_TJOhSS94gB4xB^X<^+=Y}@=(vi#%+NgO;7$HATFZYOGP{(DHft$N1rC)u4IiT?*V8ZgcEM_h(##1e@M zXbljFTK3A6D&%cg&5C{TJy^Ytyi=6AmQ8rF?)}jT(CfNkJH(d*NKQ00GY1}7+vck8 z$UQ92BU!;sf{fLU?Mp=pb4Qq@?ilCHls6ODE05Ke)E#^mU^99VJWxlQU1F^mBwA~%#_x>|vT}GnE?*59)o~K_6Rq-CCZK1xE*X|uk0<2}3=Kqcmo4{W&hz{P&^{j^+@^{{ z1mrJoxvdl5$zl&*DVat_P7rhL^+8oIvv!c>M17Q8#P~BurLJ3+YPtGYqf!s8QcbEG zUFfmeF;D3*umM(}%+%t%v9|ko_CR7C>0|wZGnlVUQ{#)o-80$cnFu=0(tJ&3jQm%~ zuzZuR4Li!@i#=q%r525R_K>YMLh!Vq1Z#@S(dUYlGV+RPR6}q{WPYT)wx(FjV00QC z^I* zWCi2u3>2Pcrkc@IR~`_v;3fK>;=%=wU`n0Ha3!^;yXPn5g62E>VEMTEa8ToZU8)c5#GlJ zr&u|29B5h%C54qI0meOkyE$@&jZh#SxN+SIpfjf8!Em=$o%%iP3#H(9OF)+ zDh3jm9DzEU|JfF*o(BA9Tliu=yMa2Caj=3~#y0bF=Hgs^FBI3Gp@!m0urvXlWJp7%t=ZG??Mm*Z}~h^oPy%tk~3rKAUG0 zI2a6YJ~sWmPnT`vMjnqgG-H3N^gZGY?C!aRoT1`DxvM+q-~ix^)UZ|U++Ogbm z2wY52?M&0spq0N10h~d=L3dl1Nx4&9KVl z(rw;Y2Vo|c$ED+AxI6n*NJB(!#kjb@Vu$a64TuuFc%jx&Wj);H3OwiEBcb&~k8^%=5T$e(=k@t0=n!3n~^4dCdnV8#G zlA8{u!VQYN3*%qm)A5&Ry^?jRx5V3aYBi`VFEK6*N9XhW-_k*GQrumF%`k63{YOR> z#KxSuqE%aHFuHAh@84UA=fpGVk2cdpRzG2VM#Z=i?{S|jKTNM3hv?T%xM$l_UP6ES z*wFS-2@@(ohcG&sCcyx$IH(2_vX-?mr3P)n(}#chmIj0MYHoQ$3HFBc?M4l1o0b^L z5B3OJm~Ny{yvE$|7K8$s5+q0QC}1-?ngi`Y>u^>3-K|F%M9n)}%`%s1D40v5|9W2L zS2O%u$l1n-x%m(e1Qn2AqP$~d*CG|M`7K;Z3(OPDOmmwwX{AmP9_aMr@GP=%S`Z{k z_}POP`KI%r0NtmeHnlWXxL77~X}#`*;xta$Y6$&9n~>A6Bh8~D+dWiyQu&NLkiFpw z8}Fny`M2w>MV?9mASJB)ZW$s;vs-HP0zXu=kK%o3=}vBR1Ap`Os8GM+*3?1qMe213 zrfuhlZL6p>NY(~)Z71fv8En5iW3BnI^DL(u^ENd-OrcqEss+i(L@3l+b&Y+o*&dxc z`Stm|ndip|0v^7=vqz3D^FOo0+M+~cN4o==ax^>hi9IYE8sC|5SU4SfcdMpwt5tpa zpom&%p(ql~9PKPg52!`;0_JUQZcTv9y_1rLv-#zE0W~0&W~7#Wb3JVZ90gqx-`iyVv>|a&9w8i} zLM!`J~7`+D??iN>TO}?oM)0uE~afw|g9^^eQb3wRpl(I%~kx+gU+>NRT5oiy%gPt^2TtN8ctE1j7_A{Odu4jfL=_rBJwcVz+(G;8>uX9RA9 zB>t+AH^i1!t=Nx2Ze-2jJ-`PRttFK%@C?oz+%R2-90OVyIV}#gGnVaz@=cBv(bKlw zw4)J=lDE^g>pUBW?DuK9avRj27wm$tf$)m>==nn^y#EW+;w5)?`e(`gAgG=)Gh1_}B!R9Qiw*x-^&m^ocIYsFC^M{W(!CYYDY}z$8dNij~|Bq73 z@W=~HJxEPjx>i8pOGPnGx7iJ`e#_+F>Vo)g6gE$n{2>$t`->IM*J^?>w4$Qdv~7aF zg=q5DrSRo?7m`Y_cuZ9ybBj|~48mM<#M*jg`O18S_@Oh3a4J%ls2NzZ5Km;kG{fjX zA2W|tARoR9DG>6B=xW_Qj;(3ODALi30W{zL3i3OETnC^mA{S$M-}YHHhV5^;;+F_L z|EsyOnb}U}??&NyR*`4srOQ{7w>-DZTWLFj_ZFjvgMJK zNbUuvh~j(Z+R0%x$klEQw9cm0^}9?hX}T>I%sR`gn1mT%DExoQ&QLybuP{ZO@8(C} z>!;s!*-ldo>Smb+o~TNndD9Xe(Tuoe^g)O%SrZiE;ZI*w-5>2$PpRyCtT_j@B4q+s z=t7kM=f`j&?JwlOP+}zms)~f~8HP2hRECO9K-lkSWKjB5Yj(b;9kxgl{ul239N)T~ z-g^h5H=lOauU^uJ*#_rlDa7$Qss8IO&=B`$R+pTQc; zn0ambm}5CBUAB_S<4Q1$*S>K%SnBaQX(}S7mVsiqFsj@ZWZRJYHO9qE8Ak&*fS);p}#jkI0n=~c>aA&R~1&`-(!;cvxHV)Q{sTe%WmglE!d!lY6ES>Jcs-~!5I@#7r z`l-sM4;SJPpcTZ~NzV^tc6tPkcMb)gF)jx_&crxqZdu9b&z^1|bpOfRn~bd+x<63= zJ>kND-3=X_tTk(OTKbQOR~KT>#8sm)_hJt64oSUWh0dqa5=q%Tk7{HiLMOX5d+fsB z;4rP9k-Te3!khG;KG@%{3JWzuIrLAI&-ZzA_=TQuQX;Z!6#k4~run=ij)s!t$n}l` zj>d@Ycoj8@%yb^G>g^I{2RG<0K#WqA%1ZSt@wvEOxz+kLP2u!Fgejjwdg5Qe(pgL1 za33c~Cp4DOeHr9tKWzN**{P_5)yhGx-0DqMN3N+&J7oKf{uc&6^MjW69e0hS=8A;K z*FcBYclB~$gP%rsJ9u1XpdA}(>-Z0&*SB1}fRPPkkPw5k>XUG>7v$sR|8dX#oxQX& ze_`BX*%a{1-%| z_aTtezGvN%*Vkv9e3zeAQ2W-L9Oj7j4fAF*d!TA`C>CjGWW~ z?!q`)@~{VWbkp%GVX{c2KwOr0&<4`Z~_xf}+ z`e%w9u3K(LM`9}Tpb8IhcRCF@X;Kpg`Cb{kxl^aSnncD=7k;Uxym39@*D;$=mko96 z=Zf$hqF%LbbO(cUbDl_O7BHA78Zs3|U{ zF#~z6;hXp6r+Z!w;T1Dj0X&4Z<3NN_s!%>I1Q98EeQnOCCG)|Quwblbow_v3ULoj% zE3xduE#aw-@}_>~g)0xIt3U|euXAj@wEsiZTlh5{w^9E#N{UFw1eES>q)`M!MVd)> z=SZb{64DI<(jgtAN008199^R}#`sO|`~E%8^DprFa_#z@>zwzgU!V_AP9q3Y0S%G? z8gAQ3(Py<+nXKJ%30u`SN<5Qn+i2X^YOgbyaf+06=tzB9$!$U?#!Mrrlwl3AiN$*3=!w+@27WB z#2f7SC71yMxW36cIey*k#5IpQL?AoliPx1~D~d1K46t6omUxqX;ctxe)SJ4_eyln5 zs1>_JfKg;IWz~!9GtDRb*vd6V4iLYVoPFFGT0zb$j{>=aa!UYVPRsupDye z;LNOX=Z8Ps4@5J|(1rbu?{1={gA$3xYRC5FD|TxlR)Hd(+PB?|_lcd5JMFb$S^1j| zYd2>8FjRn0L0bmiMGe#F75^O?niBc)^|*@ApLA)E1A>E1CdH2auhDC!@=8;sJH3mN zM0f=in^HB{dr#hR1|fHdv~MVCBWQDdFdc8=(nisjQCW?CYBqh*RKaX zPdrKyo0U#Rsa zh4+^R8~&{`{=BPsJ0&Gk+<y zDQx}oWu@G7sV!Z-?5pV=gMtMCsuzWa_DZ$;<2~ObZbL>FX;~+d+desHoo(%Z&lDHS zx_z3Aq*5F#vG^5!FW`&EM) zTcJz!LBG~{cta{|czjmsDDS4Fhs8`&NpSp@f}Exzvapeyly3W2k{>770we0(!3b5C zk=f0Flv4Ns*VdsINf+?y_^}Vr_3HS6`|wPCo{nY8*Yp~Dv&~!;L?Z15`BSNSUf&6> z?MT(E?c*`M!w2)i5~Ib< z-7%lJ2=7cW)RxdCi0bU`F~l=5+>l)ZiFK(+WwiZAyy)I%7DQ){oL5T3hkqONJM3;G z{=N8}10G5faM)%XRufCbsUpQKP;Q|=aS)};+O!?p(DSv%sgTP7)*VBmjwlJMVmt-B zy?h+3sT7YPj(M?uVu!rbzU$ifD^r7?cI)Y1R#6Q?g=C6l?I>JoI4MkMeCfP_Hk6R) zto`X4j-cuIa<~p4$offAnwv$^mheydX<|Ck1vW9}u&g!=cOIqUY*j^cb+e&j-ln^f zuoXA!_Drygm!ZTVR|Q|@UMH5;ZnPTtw|Q!t2SV(QHzUA%do`HsN9Rbl>!-(T`&y5BLd{SJg6W z9AW6lBnLO|vqZ1JH80N}R~Nvw;yhGC%bJLAD@37YP)>&YeTsKSc1iGqt6B%Vy>TC* zZ?~C|rrTfY8LF!C9ER(U;9If(4s-{nWlNlY8_p}skmmR+L!A(h(GlU{o%C#X2Cls* z2_vQB!`|^zl2bwrx91?*zc8brnam~)_YnsH)CI=Y!|MN9Hpcz7UfyP#sJzd_w22Jj zMCm1D3HSDBxHR%`r^$CM2v#36d=>!ujGshyuySD;!rKh*WwdHcrZXE6>jf9B2Vxk( z&_45x!eCFssoQKz?11*2-eMw5+_4fR`SDjSc&swQOS&O}06HH-8i$3ouN0XN^kcYn zvop&=v`z-O(KY_t`@27Auy7KC_2iSX?9DebAwp}_I@W~XJW*z^#y5SFietb0dlSh? z&vNdF3m}5`hAXa`J<+@O`~hG;%%I4PnS_rE{%0=!OegopVT?rTXgQqg8g8bfv?L&e zX2$gm_&J~=J9$eu7J3pO_+#d9`kGW&{KBpu$S_5Gr4~xw1!$5xsGiT4;%6Yz{4Tpd z5%t$YAtD&~;Ey68r4W=pP6-&~bowMA*SZxUarNTe@X>2mbM4c+&`eqsQ;KE+G$<7F ze)_!|D`i1_6fbRxu5+O?MNj`}3MZtx_3G!g*nBybn;x}g%M()DvOIJ5V)|@tK_x9s zm_%FHLp}z#y)QDj9q$L~#SGc2wwS8gkTQdp%FOo9g#s>72Lm80Az4bBU!^pNI8R@F zYSzc;x)Z;6Z1-P)y^&@>u#Ia|+HUqUGIYu!qx zZjWZT%jRx{&IG+D!;m|dwU|gd)Sc(o!c?m#Kqp6>#>5kBWc}Nz7!l9J(WA9Q?oG|7 z^L`7bkF2`ZWr~~w9r7LQBg-T6ybia0GE~}p?1VyybV8Fk>*q3e(i%jfeKCyt{HJwS zW5hc?l8W@3R9^T;h@F`S0HqDX<&z(GQ0Lw7=crtuk@(XO$8D-xyfX*hiIz+D-*OW@ z>zu4ua{?ZJZHu(5*w&kL>I95YxvL4aXG9dl#C%%1&dS_c282tB52v#=|YfllI7Wt(k07qxK z^m7V7r z4I+ukJF&i4c~gN5yP9316@6)~=^gbdccGmnJ^fNoIrBSzlzHKHS{TI8(C(#qh5c+P zIjA9?=(_*>boHy7Co8>8z|A>?CiDl;y3gT9BY^8YJeHNAO?PrZhOQ;o0#YqP_NbPa zGFqsF%rCvL|M%wzMV-; z)c7r*qHXiVv+LHDbg+0Zy#H@2;Cd^1`doiM@bcGzgkw2o)s@LH`>6;-+htpV-)ou= z^<}#EWp+?6gO~oU*n=Y%YB*_54(Cb;;tEPaSF` zOjvmdTgyUOL8jY)MV`z~Oz%YvdcAxOKL2+Be9)}vG^iw11avUGJ+t32zwU!rzOm!( zJcc3GoRTDiofyj9hIV0vcAJ#3zm%4B{!FgOG3stN-#z7NGi}Z!Iypx@46z|8q7*dl z^xs*LW6RNv)sB1QI<~~>(7ZeC^Ox#g*jX#o!d|rZT2vfDa9`tgB9q=ZlUNd?|Ip@g zvwM)FGLW?}LcTsv-PTYkbbrfG%BIO6)Qr@)v)bByI9XRq$ zr~RsY-Wvz-aUk?0vX8e4nJc;85FB-*4q#~2HI$XTuyC9t2@y^$_qv}+r%b*Uk>8b zNZmRPHpqa{fhTkOkT{^}M}NI%rso6ApE#TL%NZt`;%_o^fN?f^VGzrRDz^l}dkal?d9@FV=b< zlCP2H`32pVqamp0x16@Zwutk|%pwDEy;x!~ z;rYZwB@PwjRn3JxKh!M-GPRt|e#&9eGbFFM<=_bA#oswahDteJ7$@#J7r-)ZaHscH_Sh%|&_ETN&_Jd+`Q5OI^r4 zGS*y?Jwm)fwPt+XqKPa!wcRmr#VMJYoC5&0tQfrWsoDbTg#8;4I6xe@-jOfH_S=RLx-{T7w<`@%p~hZ zJ9)5|CAC@c@)gQN1nb%$s3=ro8g5i~8$>$>oS4wNbN~Y`m1;1AV#fXJ73u!r7BhsK z!O?=?&vzMP$;BC#e>kOS_W%`Z_-VN5{kSgr?e?%Fj;!XMf|jb+B$0N`BW^|G*$`Ag z()kIHNDbL8(}_0XAbNKNW6zFw9PzqNqc_UIe5wQJ#=lc_N{kYBrppzfrR<5xslO|$ zSiw7?lB)JKVIf{{=!f+H1^!gHnJPHzti*C;6J2-Jm^kQk16Ml#p76|5hCP(mcK5VH z?dp_zQiVcj!+M!tVRUiANJhexD-XH=<120$6_%5C*j=!Uy86hOCnSkcomH_86T(LP zoEnQYQ7%X~Z+6r%w`4*ycqRX;K8Mwiw7l(`eNP8k-q%Vs&x5UE2mK(bQ{m1-!Kln9 zMCLOm&_ae+yDhjRo1f{flx=&3X}LEA_uB70%yPT_?@C;_7rWpd{V|g-i`+@EBF|?49%t*Cu~YFKh2V#x7+Y7n52;Kogn8ecX{7=xO>Y{f zs6oB=-?n3{mda_bC@8v>9`q9U%zvKviOho^oKhBg=nh3c*c9`#L2YDpSoh@mE3V9A z)-YJ=QOV)R_`31Jp^(Xgy7lAvKTi>9_u!;9gr{<;AW@L$L7mSCiPIyEJGU&xN*`Cu z{M;?7C1kl>iJ7{^6NjYIBeNB`q#HX z_fcsS^-jOrFtC%TyS}-kMV`Gc%S)i`SA08+z1y$spLY>Xjv5A+A7Ek0c_k8NZErXLSk%5CDO9A`HrfU z{-xhnj_l&VF0-V-@$n!3^)xdnVW5Z%G#Cp!)Uh=L%@gbM= z8KHF~(jf8pPDpVxp6~v~6N!MW3Z?=EvBtf@y*~#Jl(rhb8!M)se%($`;8=Y!VsS3G zq9CGC`wPxS7BNbY(WBxXus<~_ZJO;h2JBgLUKxs~<3amTuN}>2#)sW6BPG^YNdf5Gvx+WuDVvY@nNlkRLd z@v>pZT`KwZoZY|QQT;gN8-pa3|A#Mx=ZAAZYUxwlH_g!X*IQPPIp5``DeSZDSYW!T zvy@aUi9P$ouc$pB)ESx))_5J=Y}5YK&uqoTb?midC`4a?rMXRQX_Cz&ypla zXf|ORFWy4!N+WRPAI+crxPKoOueUV-Z`xmC*KA4b5^KiA`LBj)yhZ?J!ui-0{8%?HdGBNj&+g6q!8-a~R|6=HEyVg0NH1GEZ65_fg< zRm>Zlt)PYntbsqkgEPr^Vn-5}X{C=! zuvGAkBK4={1ewu#)YPeY^r-6x#2-mtCuyjhy*g(E(mCq)YVjLn=JlZCUB0FL`Qu z;$Xl+jwBbGQ2?wFG8m~Cn$gV5rfJSN@plELfJcFGh{wS@uSr!xWNivq6HNwfE`@-x;|H zE1P!O!nH4-0fE2Y_)!jD)t#oEe=+P*f4%UZp}L$Hf4dd{_ybek?paM}mVu304gxuY zq~JA!+@kw$thVH0ey(b|;w|NtVqP~$X z)_ub^ODdg6pbmqhUAJ>_1rW`2Z+V`Vo#+Oa0mi-!CFR}i$9c_{zXu1H4y{>|$FVmS zi|19WG2UZ{q-z-qj-z-l-Mv~$4CYULnJgo1vil>-j^7LBBQ7G9SGRY_vGS?GoJOrj z6DRKI1rfkK3^8)+dgxy(p<5yIwtOR8G|&PjX%A+n)xc3`O#)4|K5zbUpR@x(ZZPxC zHNvg<=wgEL*mrDog1=$5;^UN;_jb@=r!2F_IG1c9?Y6*=*W`Hdn}3e#^0bpbrmgnL z(7E^EykR)Q1nz7_Lgtl=us(cl@H}OYjk#Bz}v*);r zb_AQys$f0&zB-395hnDA5e~3>AbE!}O!Z|TD4r`t+&SkXW9H~fgBZw@g;jj-%c~o) z6eS{a#d!lrP%|sTg?8BcmA4S&4JJIdOd2f-?S{2AAwh5`$W3qY5`@m(+<{{Tr{TjG z{dPOZK>e`)ZV92P{awwh67(PSE))gYG+}*<#+$l_ z%KnQrssq@PNsFcQO~8}EOyK5K`NLs~Hp&|?RrfX8g|t-Mb2)Qwx{eVP=kBPpl45qO zbxmO~y_droZ)KJg3Sd!4{^zyIo>G1Q9`Woxi6_-6*pYAfHS&yG^;(IWf1#v&K$Fw$@-syYp zB@S)9e@tMZda8jp#d;oRygdA4vl2y5c5#ROsF~!@;;HRE5fWARDY7b8kpa_7R_u0%Ik+~*|5^c<^Cdd3M-_LDOq>fpx%ll4Xe|G)gA=Hc_O-(HC|Z0;GCflAj#bgeRXG_H`H-nzZY>OXngIL87RH^iFmBM9NgzA ze+>xnT-pye5hXTSU=*dua+^Frybh)xZ1I?emg?N#l-tp!Y6`C(>WEy#s0Z(45IVg2 z!{4i|bzI0MK%`^n`MCk}9de*Bj*+SY(IO@BXS9IcKSkvI z7vTSH!EiW_#2;%}@!o~J5f_NTwlh3)qn^^Jcp`Ve*kiYxq>~r}{_<{Kw^l}a7RYqX z!$UwTtM!qO1gyA7nG?9hY1e!A;dJRC1EJQrG>bB`b&ai_Mvqe9T?!^96(r`996nVfh}F>`6GZlQ z`KW1}RISK}pTc3Pq4RRRPA3V|Zxr#P6Z2%EjVdO~ovLWEJ*RaqRD8>bo)14QTJJ}dwnwJMDsnVn2PrzrvzT4K_<*F zY)cZuAMUA{TGX{yt90gWr4RCb_HNxtrl4t|Hqy1X5+w2Jlj9F??AKC+hXPoJv^9+| z;Ze!_;kL;O*c`p>JC(RJANgN-Gi!%?8&p!Jw8lcf;_jDxx1oR}Cm2S3=cBR*(tLD& z0-E%oP--UmQnWt#5$9e6OY*Rf-o9YD7hmJUcanCl9tHJRDfD8`5}m|yDaEJzukzR^ z@k&t8mieE>#eo=&L-)-;@35ZTJDR;Zp&C(nSre6sg3Z$hWR`xzMmjKw`Dlqo_GG*= zo$e&8jEbX@pdnS_>#E&$x=ixzD3b6f{F>zVR=#%>=*+nN<}ry#-jMKZNMe#Q(oPD{ zL@P5U=S9qP{=}RoxS%R17T+LERh{(BS~y5u9CLclD+rq_!(srG9yC!_lGIlWz&`!P zUT#0kG2O&SEpu%$%Y^d@3zVuJ9ymjtS2g5{uFqh9W>WT)C8`R{fK;yldT{kXv=7 z%{&Kg)-y|wQPIC$kV#sU|7qRTzp6a>RR(x3%zpI?K$n2YQEyy(g+pqt?OzCe)D#@4 zoKdOK@R(|sISV`Z+%1xcj$)vzk17peLYQIn#+5*6?|FzHOO`jNUb{oR;qOAZqL^Y4 z%0hCj|7YBOah5YrvMDlukk0)WrdtiFs8$`Jlz1G*u^`@7*HQvm+k2&EV3)GO`r9$g z|M_rFo7Cmx(cV6aBm(-hwdXu^bD<_9>;xsPa=v{gTAJ9(<~4c6SX>3v+LJJ_o=0qe zzWZuCe!U;j5U2j^1xiDJz$*0FOS$}MLVV-zZtX{xQ6HribQ#>1A0v{lWcHWnn^))e zm@e_%*-6rxye`qAlt;yS2)Ct!)8Qa1*4*0rn&0?CvNqO-L&GBsohwCFUqLo1(?emE zoCw~)C2CEy)%Lkt^Nf16G@}48rQ)A*KLbU-p_+*oVB4OsA5*%7A{tDbfnZFgWP!*H zqVaH~pJtk2Ozh(RYsGlt;_QJJ(2ctc6^zY!o2 z93Q?>PTlQg3g1`wwX^CGJ%>3Fa9Qwq{61?+L2Z5r)9@c?f;>KCUkJ;)NG zBzFmLLl#J^nJZm6CW?9{seKyF%;;^*ETV7v<)&^z%6PMteZ_8xpCFUiKN#!zc|ZEf zJH4-0M=B;J&Gr4_h;9QE^JpEh(oV=k9;=Zivn}6 zn=}dQ@B3x~kA_VMq9hV%GKL-$lvh|lZU+hXzLt@|u9P9MGj5UzdrxYr3GIMr@jl0Q z$zp|0%sX}-eXX2gy+ZTS&$fBx4t%J?rFExWcfOE2Y-*xLFBazU^6@VN-Ax({#y{0mB^xG%3dR;B=^-HTFN{;O9Q*d%5^A=2(Y4=UZ*#GP?^nN<;M11|M zDZXwlEK%>%U{LG*MDvH!w9)hRc9^Y~=$zWi>7S5&qiZi;)U!yF%$o3lspuEXQm!>& zy~Mr+5z-w>Cgq@gAI7Sc;WUQ7j~&%-{tdcJ_sel*^Wpj4(PG~YlF6D=UCO~-&_0Go z8nvRT3%yz^Tr)F_)eQWT%@V8&slMee*NMcLk=vIsF*?ra`Ric(a&&;=a@1Cp>Gxnya@XXOII)#8zlBZpX?j@j4*B z2~JDP9>&rLcqLF#gbyhgeV+^>(1lH4##6k#_p;d<*xXL*PMg_B&cZ}D!UZ+>#pIjO&a-?4; zT8iK_aTZ;i)qDBKp)iXO%up=mHSJ?$Pdu+1$Sb$}Hyl>1{Cgf{6m`AH7x!~sYy*O+ zE2_>t`l8%y;r&}|Ss`@n0QDVe;Fp`eCsf~l)UTTPDs#~SBNyE}2+~|isbqVWB#=#= zE#PzKqoyLi=5qBeRTKW92IqsGj0EApskgn|l)eh&GaJ|iyrM~51$<-IybwiPOBpKH zO>}2uPugx6vvNDHgeAlpI(lN=)!p>!D9Xv3kjp9F4>b)wLpXD z=ojP!+b;_uR&{z7%hPPy-d|(s1uX;dr;7&__j#?MU-A`u4n}`1zSDe?hn}7o(V5%r z@>k8k6gr(V4PpG zKk?QPT|@N0L8`73mhL$~H?asqZAyfOYk7QGKtiloPKG3h$IV^5b7!kxkN|M8NNLe_ ztM<}z33e^XICS5CCDLENzw!E^1uc-ex+2L;Me2_U?GK`NtC)tmqk`sYZwW$tbspBf zZZ_3v;IzNcQ^cYHT5*$kDdX!5VSZ9x*vcp$?AqV{i1s#uFrs;V=*-LRvZ5Sm z^oW}Rsg~JS>8;TZWEM9ZNgk^yzIsr*sA*W5i&y6Nk2^D`UO*yE-@`qXy8Cy3mScVs z0A^h>twu)Pcz*@@mF_&%W}BtR%dmQ@WopM? zTtS{Vr@=||uHJTX(vvtC?A7lU{0g}tX*FI0oG93g{&iuOrCUp6Oc*D!z~o@eH>rtU z7&n5V_~+V};}c^kPSLfRukKZ}UtL`(5cjoqEwi3Ti;Q?3e6vCheI^GF0#6uWcB7X1Uo`0d4D9fE^aXue8A=RUV^?%sZE+@)D^Nm+ z@o3VkgA6^DF+fPp8R_Yv>h%o@=>|C6#`;dgb*7EFVpjd0#u(ml@C^b-Zj&+*BO`^_ z{J~tCEssOHLM2ztmtj1=q1?`EW&|k7CX7frCP#+0O1xrE;djgGkAdt+rq}3-&Vr0y zCh=g~(rEY~D||Zq@1@4uy>HIKR_$J2Q@BIWjnT^Eyb|b7RxbAo=mwra&eoq8F#O=%7JnyVZRi6m-iJy_R zO(swltNwO{ly1h!|HfW_RCJRp&E0}KO1rt=9@VA&#GkYZq{xjP7AmP*w-=PCKWmt; zYaXV!dnnQ(B+}jTSmY=P=v>*fp>AxogkiWTv^K_+7`#{AO$CR`BNks6Pp0}8W+5Cu z6qg&LNw%D{3axh9z6{)Er53GIBoN*wj(R7=&_9te81OiagYO8a@ixaN>qU zamPy;Z)5)rtw>z}GXIeb4L4a4nw@HYB6xQjYWY;m%x|6@CUBbdb6cEzeD75<8FYH- zdo=K$%HTwR`{egDj->Zck=A#Ywu0#=CVE^Su$zPbg%enK!3~Xbt??eS%5+Y8A}!1Q zVoVi#k-5{@LW~c|9qk;NKy)_N)#+5}LFt4;{F73p;?gcY9cz$=7?8Fq`Qg+3Z`QTq zDk!zP&~ABszjZcjp6vK>k~OgtM0rHkHanN`h2c3v%^g{#r!&~Th(182laCfA#xLot z&Q9Cy$w%$DbytLuxQVD=WJkgJ8`v!8lD_m`wa{j0PV%g@gyy?RjPl6i<%E8_If+(a z?Ik@3@eWuX%XnjG*dMg_=1d}un%6I8v@IV*!J`cSfxTx(^RTmEx@m4FKf6xctjY?i zY6a56UCII|XSPe*TUTQXK#1W2&nE6HXmtkG2+I0~>X} zOVcoR6La;Z*OFxXqhmMr9GC5e9}0`ftIl+sB+DT$Z>hTF@C)!b7=s?ZyrMpK z(@&#O9h*bHDU%_HS2!crC2rn&yYZAJbQ}iT<___z_s*0MLb}~_jiTTl!!0Q&ohH8KcGK6qA#2R^KI(gK{0(j*U>^F)Dv`Q zm~Av!UEdm%cjpJ^i7HdU)i8J5$$1%7CoAmOsC%ftyX+VK`Qa z()E9%md1Mz|CXO-OZV%dt+)Hu2_VLMiwKOfI`V)7_;q~87|iXpmZu}%(~XNaNn%!=l9IKysf@wZ3rZhhIzOw6 z*4#un&0Id3g8>!ulxL4rPhq(PinU*jaTD5FLS+c*S3dkgCxzdT1Ub2Bff zmD8Vn(4_(M7!}o9;bTW(&%LW6G}&7$CBQ%_-Me+O#fWQb#hK_g)0NhN$9hw7WD44S zHzGWtpgMw*et<*Go11*Qu6MPpiGT>V%)s!T=4D4(v60@HcT86F`T#bH@5xD1GcQo~ z#qF_mPOyTHX8L$!hZ96!vD#G!Y}$Qr5}j&+boOaJn%e*DIh}C`k6xd2&G57&69sYE zT=1-VoYs7g<9-~I75NEavgM6@$TGsYw2nT+#QxF$M3}>At?(D9!cqA(Di5bpAFKoUl#qOrBh2gl*<`qa zJo4RLHvVZ7R9sU)&5vL+QeTryd=1ShS*$iA?*8oShF(DIebRI{5#-W~-S{+zse+O4 z+MIfK&Jh3UkuvH{KOR$`T$Ps|4qLvm6HdNH5wE)-p?$g=E4vFjU5H+?&jtfx`@qG= z3y0gb>7hT9_L@kR$0h5sP}Y6-zwDpY6hv$lHWvKWI?30+7}z%YSB6lhz6Xbia-Z{# zSN!LkvQInalHAa65FL2L&3xU& zJ#Bh*VMq2YR`$hv8!^(5Xi{vtKhP{!wzU68gUO`WL;lju(BKj1*PE^u4S{iX5BqB- z91YuFDQEg}>MQwmxG`dWilHu~t%!~y>*hT0-5=!B;4@DAe>ib*v5Ladl4rVxearr~ zGQZrOxLL(h-GV;Dp4w$Dsmm?44T=X&hd^t%hLC5sVZhEkyETZJw<53K`32_ zM7RU%Ys`Vu2QZCG&tJSp$l&pA@L7^uMvo>!kK}~u%n24>3^>}*S}XZCET@S56Q$JL zxgsoBZt6q?oyp3ZKob;b0W!Hq7eupSgru&Jj}vn5X{3&A4yw4%*@=}88Q8LtA7)W% zcm6@ho6ACpFC(_3qUe?!toRApN6p@hUw=9#21aYIJEGYb%G{Za@v?o^l%%@;696bbMbualuhd6 zjG{@t#Ki!7b^S`zsG^F!N%AE(-H}wxmf+4V%5;N7crxv_5qB2~A?U>$Ao=EIBiZs$ zv?lm#C(9orfy8v81wtUR5`g7RslxQTQ^alR*2)|^xqJ}oRYIY)U%cTH$}|d2la0}t ziG(ZGDMms;T zndCkXnHi(>ZQVG3_bvKdryj2K@B*&H`tCZM7k0{GIMAp|dz33(TsMZ2QJhzgb~xE- zuuHekU_SMo1Prfm8uSSUi)Inz>~c%YI-9=yGAjT4Z12!b+@dR6r(Qe&u-ohtboMTs!5-Hnw(Bo-6ZWG3MFk z#LyB{WJhrX5o)ky6;+2qRwe|KBL=zGr_z27pBfbK=YFWXkH>9~GR#~t=~MLyg`JOl z?%?!Ct*uPggGABSR-UvTUV9ShXN(TMg<`;%NBisnK(#*WoTQZw*DB-O`xvkK~x$g-Mb?!Cq=JwN+UgFCYIXS zFE#`*1fSNpiR{Q~X*4cE zH=aBnYZA{8DL?Lsm285?z`b%qhPJeiEc8fC$b_KXzz&we1!s`X%5G#e$DEx69W(cc zpH#*~2~!Ci-v-q4At}p~>9&!X#_eJz3)7x}OsNfoMAeNi5Lrsnr}TZeTZ-39Ay^^E zv-O1U1HTVx$p$|05HwwUrH=HQb$X5i7WGH8Vf-aP=HoJXpYuth*AJz7a3y;^v3w0t zyjkJFmQysuIX;4YmO%b=6{xV1>c=HyP=*KG=dhyQNn7{}pW+{*8go&ym`Qst5n&pJ zjBE-Dy_K-ZE2`0)8@Bbw{h*_gxueZ~9(@&M$PG@`FDIfT-wA)dq=N;8Dc}KJq#mS>c2xa7WuX6TgDSs} zSBXO&I@`@A6X(M8yF|q<3)$U8BN$yQ_K00>UOc zua4{}^0LuQ@)`1rO7CX`^SDj6tL`WRNl*A`BxKhHrBi_)xqYNi$z`@L@GbG0QE?w% zs$G{_Qs0YYt-o~@RHHDs z>n|K;Zf_UvhFq*JAMOT zO>5G!%KOrOPOD9X24&-H7}*u&Bxjzguxa!m9%GDQjQ3Hn-rAcqZ0_&(S>&&ll#^#> zT4ve@ddcPk^@S^v7uPnKI1?)}7~9}-0?TS9@5nu(62^*O^z2iRK2?fs2$CcZ3{R}>xqDQebd)#n zKNi5X*mLOc+KbtHYky$#NPgX4){&=fCRRuI<_b{^%fr}E!3fqLsf7JI`T zr;{vBY$3iFCXefXAV239JuLybQO4C{yv-?yh<gZ(d)kW{f+$zy_-e~B=`X1pj-4H zKZn%klY;SUg`@it<;8jvu%;y^k1|LXB&d|pa>(fRI}Y+39v?u%uk+{X)!*uAvfvxrj(P>aEG z9~NA4d0ttej;;EXliX0>LO6F-_+#e$`i;sQ_T<;E_@N8Ikp>iG4;MS?Op3OWcxg0- zY0m5{h_|1A;D-##n+jP4G%Jqy`o=GPA3_cingcReN?7F!=GxC6OOCtkwT-pZFHs4M zXAwN518?h0NHV?sk0jZIl_dRYY>x`6G<-c=-815H7W%vxscV1jC9KL#)5l#TPgvH? zDt;vB@LW3K(qp7juTF^*Ang$d9$&h|ypM#_ry9-z(I)W%#@{O+sYs}y;Mf9#M0 z*$;w}e^mpfR>SxG=b1H27eMA~*n|6Ft2Zg*wDsD}2Hch}}}9NMPzSq6kEX2KdC= zZO!x#^>$|7TGG`I5)^Z{ALcQxb*Tzw3ZIp<*l(R2dx`|Cj7BqHOz+qaQF2AdGkpoM$p;t z80?h6|I$eTKH18dd-imCR`e2`^GSVLQcGkURusPfnQD4y7jn7nX!@BJedJnibNeYB zM#Hq`?mHUZ<2QaSvf!7QacxqUfqq&(1nUHdi;g`7=9$oq6Zg7wQY!pvj7>XLI_VGp z^OMr&<;&v2QS#3g2@H>{@b`$pcq{LRka3`7|KDG2{CeHaD8o!|N3&yQ*Lhj;M2l-+ zll2;I=2)$>PkqYp!wk%3QsL8AEilx;IkXpkDxQmzsz)xE@8u_} zsUDlqyU*si9+-TR`9wV7P7oPp2e9BQKy(*{)lT9-$?F&@X`vHW7GIi?!47%leHpFI z4j_a}FeJEDq44x61St@f?vJry8;Ju5v9Wm@&En2|gkIqPiXwVs`h$2Dn_YErNr8{2GhRDqssiJ7iaOBp2Y7JZ(`+va>90cEjXu7AN6^LAfSy4sP$ zDp$Ys$Xl{yctQtoQ=slH;P~Q2pE~d?{e8>=6YU6QY4jCgqv2hHOsHKCs&h%e=TXUz zaBqGTQzw538K$_o=IrCDS7;X;nR9r%(c?Q!UuQmpXj{2?g|o?fN{q-=y+c=uiwd%J zD+)iPfPFmqdG+;QnE2~Uf|R28X%^uzru)5(BDmiMqwC4&w4fOyZ**wNIA0UmJxdfI?>{Wy(-Q3>hv3H-F3@SMFFLF81M%mjr$++uVb73g%6|emfLm#?^#M0m&1e2 zWrJ4uIpfirJ|n-rKQygn2JYyB(AimOsmeZ=Qs$GWlK6h>p8YWsJ$#Rs!GEysO&3YP16TQ*73*& zF@M}|Vg!Ae2H^0C%(Drs!%}THfj+9b80!=A9uzKi$f?;&z!FYQ(3ZYNzS3LkARn1Q z7;1K(zKmFdt?YW(^?dFLE(~vSI}iX6KTriKxFnzRwJ}&X=^=dfnnQBygud= zN{85>yFa20=fTfnd({;;goe+@Rb6pDwj%2*C%={p(3U;?R|d5Y-6rHaXy{UpE*iwk zrS>l2aEqAljib*4|H15=>vR-0BGkO0&s-+z^8YdQ7G6<*Z@9J+f>I(C2cQ>P;Gz=x(E!{&8J#$CUl`?;U%`gv^))9!Z6 zxQ%aT+DE+lk;y1QV^jl=n0tJ&M_~)ZJ^mRk!*3{OcJ#`P$2zY&GW=QX6HTXetzLpg z)EPu2G;^@ovN-{?^G2FvLuIof%oudT6-JTiWSg?cUNY(NbS3=q^9ersC-M>VnvS|5 z7q$9{OhqC!>w{;uR}a5}(9f37%UGfQFGJ;J!PjYA4sF)B7x+*M7v5W&rlAimL*CRj z{?>GiNMl?Y%7pcJ)^Y3Mhc#XgZw-?QV0E&VT0%3 zPQ`rXt<^Mon#E|DJ8T5`Y;iGgJa67R%zKr7m~g_aHxq;65^F4w%6g{OPJ&C!H!&54| z7PgES=qVuvQC-G%`UC!(#kZm~&OiE09vdz*%%GyLYQBoscxmBAKoX6aQ~sFVGT&@LQ{ zhtBRK(%LRVrFmY3j9-`UDE`5>WeDn8?mV`!Ba|FH4E`7Ae*9mYo3WD~(HH7zot%ol z*x<<68TVR80*8&7XM^QJy_Ne_O?p)jtFVYKZGrXWc>Z?lwTW~u|aOgcKUQ~!Eju-c8t zL9D~T;}9|-lJEa}_=*4BX>id^KF%H^$CeT3)7<6^&~Lb$D2UW`g6dgj;J?n3`xhF2 zGIg#I4HxD?YYMTJ39~8o!J=QrX#MSk*ZH%Mn$IV)>rPN~>B*V($iT3n?rC?ZgQRy0 z@;3>zaFOYd5U|xP2sqKf7VnUK`~|7_g0yz1o024E-Xo3r19-cA+QCN32-wDMyVvln zi%{USL=QXj2f7->rT?zf9@R*=%i${_^!NWX#8pebi$}!_Z;w zf*F5adNACgG2EkY*ipS<>FR`~!nRb}8v!q{IH~kvgw4pw9bEeLle!GtG^|TAh#igz z_fQb7+p$#44hmkrR3rQ*5&w}$KB;x}wL#9aw+^DCa^4vn)f!hIQHOP}=24hx*9LIs zXjGbaROfXfd7J(^UcE;$Ub-wA)2S^r6_ZhhFg74B-p$H%b4dWP;9K~!o(M6D3Ij~8 zbGEBZZCgC+hhU<6i1q9GL97@OX>6A}=&$A3d$RwgxVm}cX=9&+qlCmZyF}lr=u>O< zVK6LH1S$vDJ{5c7U$>i;v|QgoKnguzCHm!2O3&T$F|m9(){OPz=8SJrMdKxi^#uoY z-x`KWOXDYVE*2ztY^s=(U|bab<%Cu?rK-eaGVT81Yj?sFq@%DaG+zwe#fO*DNmJ9H zeO?1UJX_brAE!2!LR@JV$4d4qxqB5Xxup&N`D`1ry>ithi!9I*_s#OWeFhxXZDIS} zB!#gi1<>0gC76<(RLKuDIse5|3ONHa_*?T6B6K7oE@DW0GBYSywD)tz;M5X!=Dk0o z3zca{Jg|<|AI(Gxk`b@J>QWlLJ@o0U@|PLDwZ>*a*p|9ohC8p-dMCd}9!r zeR&;KAIi`5`b#1t7pzz`IYkgv@8xUjLwgld#f&*`1OKAM!AYAND{9*jEPGephZl_$ ze_0xdcAC3es%M`2pp3mKhmAXPs<(5VZpW+F;gjF|%TYLEpl%ueQC5`oB|t&?NUinA zmi1OquS-5mA0qq1dqtzgtZHi0Z8FYRPoHDx{Id=(Qk5eIq)cfmYOM_nw!6<4(_~fv zBKQ@abpeH?8cnq=#G*yD7=YrvcHw#8l`+BER+Ue0{#373Khj~sd%>|BkW)_aJammCgtF%-vl zCyck#w^Y_km~;_^asprQWRlk+#L)7kKciigJY@*!1HF-trDB`NUy}V0g6o!qPK)Qj zl?n!f;s19jY$VW<|JNt3WF$1i&(k==rVYzXd1zaIp8Yk6fzIo*NAxG`Hoo$&z8*k< z{}xLHJZ2L1)@!pro=g8=vy9kq=PH?_6LOF5j~C-l{H3Y*WNljQ-FNncw_D6>5IZfY zoh{Iiir(*Lk?HjugOl(6!R*08Bfml%BH5tlMz>9ZWl0Ar7%Z2dxslV&KT5S+W`zw@ zijPV4HU{^#wq|ISh1wKvdNJsN2y#ob1Jt=@v=)4i+voE{}j4lY5cvs}?JlWC)2Enu3u0_Kc=O7%9*gmd2d11%s3rrr- z6D%_U?>^Cg`ErI2jhjtfmRgqiY;^NAIM;GI)WCd~-ojsmUU527Xe-fvh^-OzH}K)i zuYBgFXJKq_CIv;6z;-!nQsJbX;ZxAR5-ah-?1lJ_^t8I?oOp<&S728c?KF6+g*Qlt3- zyy13lPU^3g;Z~~E+pF%9pw+TJB!<|bnCC|lsIplqDbN?K!)*tXwB^n=XnrJb@sNMXqhJFQ@ z%h$bHQi49qJl*{w3vaeqqOVT4kW3Tn)uW65QG)mcF?y+Z8ez-<{w98^4eX=bonqzU z867K-6mx*7U8&jYQyWrCq}^E6le%^RRF&Y^ochmDiVb!ENS=Dnm0 zBHd*2!ziF3WqLB^K`ij$X8L?zr8a8*KN#X7`t}b&-~M2#a&+HECqLuQ#gPJ`!V1LW z6djI}JU+L9C*0HARpPGm^bzsg+8pX*xjN5VlGc?v@(-UL^DI=T;>D@4Cc8|p!}I!2Cznd`r}r6ZZabvG<@suxRKW73tU(3c}Od&n!u%(jAkBa z21g7|-?1Ar3DObPj_qpscFCdGItL^%Pe}L?Gm*j~C|x01`#*$zZys8Z7u$(3=)zY= zg6uNbY6pMqB`P;$hUaF*p|iA4r$IhceWEWYHFw3G!WBu@NQW>mN%&d-0g=O>5)n2dfdz&{Ju?lD-Kf}9O>1_tzt7r3!i1+~ zrjZ&>cqh8&xoBpQ{b*G72^&rj1%36ChgQbPTtJBlZJ)RK_=z2ixR1p1NiuKS0px$Q zT87BY?nP=V%oLF;Vlp-?eEO+1$#)Qy;#YM5Nmkk{i=~x?{8v9&b}H~WB`#QS4{UTw zY0Qjo>I#Jr0aw>VcZz}Od-3-&l?N!h%&!}|MX?T@=r4r5jkvu+4Amp>xHQwf`Mx$c zu%yN8UM6~7QdV`qQgqE_Z*XJWiRWu8xp0t0mJBgbiTAGBcuqJ}v+NAG8Kvh+I`xl8 zejPN{N#CShy4xC7PPJe2SdDJSr3N73!FI%Yo7~Y7k~t07QK8>PMY@a(k9piHg6O?9roiH>CdKhgB zwE_N#hfWvBEpU~A6)pU8uT8=ACNp-0^3H^+{r2Gt{=l?4uDRCf0g z(dCrxcYU{5zp?qgds&1?%G%q~SnQXTSs%;2_P5UxUW%nvV$ruvIO0yX+wOTQJx86R z0XaYiLWGmY^n1~@M}g6*TmqF*O!eA5^*(MoUnB`7S{r}e|y6?0e0 z;k@Ib%6y9co;%C8=8LavK1O8H%jq$=oWx@vJhjtAjy!Iwi2Fw60MkDzR*8S?3H{xa zpjv?g#L*SJu2D%O&Q5RKJIELo7I%NOpz*00ZhU}J_uHt6rfoQQsk+E%;jY6>5!7s* zK#sp(SnKNqQP2T=x4+-PFc)FPpv+Ris}uwEf5hXiF(mS}i|D%{+cilOI5U40+^c4B z!&w=K{=g3p{^s81mn9`Cb&*=ucoR8UYK(fRHfSAd@DsTgsZZH_DI35q355R2-SAcr z$e$q?IV%rRy+R(J>`Z(qTY=+X%A{yduN$(4kPy|34IRKUnVPut~Tk{R}nOAM^72N;CR>*odvw zp)d-yexbSd#qfEPmBPKR?4G+wCyJpu$-?&aHc@maZj+kSS_qs`7_w`hy63(L@G<}6 zAiYdn_T>CaW|F;W3dh`>^#>jKrNf9rjm-o$9! z9oxuw5c8!1-jJLw-t>C{MH{T~@wxb#mW-kymA$iN0?uI})9J1t&dm8a)Q%Mc;zYIY z^Wp|Md^Q-d?v;|UQyLv{+qAf!O>$2D^ZN;At)zz;*Y;9pa71E#@ekc|iyw_*QGvS7 zXu8nqG+E~L%?JDK{tL2Qx7OLZKuo7hbdPURFPPPLt8m!Pt)*s^x}8sJ zPeM0ZR_jO=G$u2HlgrnH$}$K0Q-T8;MOBU&>->2#SIN(k&M8mn*~n(gH-Wx}bSll< zk8ZxanC{=Ai7sIyJUlnO#vL05E{bpoEcpFAHC8MQX`$Q&J=D0uWv}sw{L@FyPUJ>s zt9}ExTyLas+SH`f{zuVBRo8WL;ia~4ZJ0yXpDpDVIX8{&o!E=)-_Mr#nyx?yq+hGR zKM+2BcyV`*yMA$2xPYuXV#TnC`5wUJ??}+@0u>gKnzWn zJDEN!Eiym&ArWMw=w3jad-6*;)Ez#E7#Dovq=%jhTx$Hkxj^ZutDC_=qz8r@b(1&Uf4$&PIZ(bNCPLLdXB;K<2>NXq@oiQwnd$2 z9PjR>C$-A>@+!S2*yx=FN|ocp=YcZkr91207cyvDlVIs8j?GEFZTY9EiKfLv+ly%C z9f9ropoGevju^n^_7Ud7$itl<(wxKHIbz+21bUw35P8?bA$F`pb12(c5de@|WTy=n zM;U98dJT=-VB_sFLt3a;1SHY?_DI$9qt4>iFtA<07>{(C{s^wd*{+u&GG1e;a8Gyh zl1-*n84Fk5`dE?bhwJNFCi8T z-@vnHxTXRxuFLNV<*l>#aX*9SWTs!$sb5k&1I<#841OYMk&+jGW=kF zJKCS9E}+xWlIws_~&T(Qs(GfmktgOBrx@sAxb z(3WmQo@aZBmlUTv)lg;V0^sHItv`#~i_Y3dgF&_Cg~|?w&VApr9!WyWUj9fTvdeL< z7h`>T_u^slziHT? z^Kg-e>M(NysF(Y?%$F3q#ylxvpG4+VHTqI25~2TT&m5(=@Q7i%3}7M`P%qztqjlhS{beeT^m|1UdjhzA38-(5j< zGBY(8Gt;h?v#_O0`SqZjvMBwV?&Tik|lfAYpfYrjtH^HYMNGvf|32=zwm$uuH zJH+-Oti!z(HqV7wFI=8oc8{|mu;|UFGpiLok;GD~tS&1_=}EY2d*aqSY+8?N0BUa& zsp>}W>}+QnN(+n-=nS$%6gqr;y6Zx)F9CrRt=-7GGDt1_q{`jSt{a=6Pv0KKY4*yb z*L^8V^v=6a_g?bd6?1KqzaWaeJSx%C4375A!44ctg8#S8()xe5S^Cl2EPfWq9@-g6 zr4#O9kk@Air(vR3r`NPin*Z48W0Bqzez?0Y*%R7jjdU&3dUwwP(jUGlIWr|i*73-u z?>38tw`)^-L_yGq9Pt~)^8dJF%i>hRY+xD)8Q@z>embSQt1riE3xwdmG{}=f3%$pZ zgsyV3v6gZ3Fa7~<;f0MSuC+zGR`{6iLlLhlZyV%SrhxEr&xTOA1C40)%WSch5li)B`BN^I+0geUn(core zrSnKEK!D$6d}7%V0_C~{xt}1|fIjGM@FgZuJ;kM=Pal+o6)5%5-b%J8fHNgf^l&55 ziT#zt~I;}0s&X0@Rtf`7LJG(|ak24c?4L%+ewekXt6*-PXc zsL*ZuOy^FtM-Z$X9|rviN85~1y!{h+y2!#*soV7H8tdzG1g!;8i);m_os@|SfKDQH z1})S)l?)K3@DIv0zIQgb9#>gP;ISMT(cnDU-S!ht6S1~fRJx}`o61wm2Zyn3hQhw{ zdXk9{0$;-_o*S=zV?TDFYm`_->nxKk-VA-zbMj2e!Et@2!Uc?%v`JzC)E)NT4j9e#u zG>uo$TMP=w#>(uL%J_7nx;$kaKz#R+?qS9pj6Mo&N?zgLX}^{MBRtg~^eT)0Q6Sp4 zB9iQn*DT?k*$C-%;gnUOcxXxH9^uL9p2|}tE|$#G8%bY#_mqb(F|*gfi3a1P+KiDN zNpwvlN`8%F)1f=$rar#Sh?p@wax}#ftW|W2hvN1NCo*q1w|mV8Q<$YToJR6Qy+{j9 zK)ZK_?FCd&YnY=;cW+3+?0{X(`TY(N=wxqGI_UbZLvu1-j4q5vwI(Et4JnH-*7(1f z{{u6%#XWU*ViS@B`qyrBAzAz)HgIGntYc9MrGR{iuG|tm&RIv*F3lKVXrb0AAhSQu4&Z9X>3J&*wVQKdHmxKG zpuI_AdmV{X3@^j-fk1j)IIqdFzK)1RybJDZD~%KGnA^2hXSWY=?uhTadl({L!N=q#O&YNpJPZP2d-j9U1iintx*qS_%^AIFd@vt+Ln{A@ZzY#1xSTLVfy*D>v}~C3{F)w*~j*^GuH+T3T7O zf3vjX_y~L5mKwdNJ`=!KqO=h_MPKxbjO-*mE5o;-W7S+Cb6-08f25u89=DK<3)WlU zYC}bj82it+U9G>`F6)?6Rz(x1!z+^$KgckM5lsf#PTnCh@dvdLX5z;|0zEFY%)y3;gp?8di$kV_rLa4@*KEt#2=gV#&Gk%^@$*wR9 znqPE-!VRZ|G{?rW>Bs4ZZEqA82szwLonWjFzHDb|e7s1}?&X7zSf}goF3jnp?9tGF zoyXDssjB>`#^WG^@b_d)1;1PjetirsK@oHgQ2p`M4MjX`yyK4SC4WbsWXgGH%u0gF zvCZr9vxKFP>2F4qWi$DC)tvv-Z^Kdo$N`MK_Ke94ZZ?w+P{YfVi~{u)=SgM*g+lod zWyBE{6|)7*3D~!6U_dFGJrozE=dzOm^hZQxJ0mKPX@!iOHZvZ2XCt% z(ubdP4?jj6YVTdvt`Ubst|J_7-yTF26#k5Fc}1 zya+KBaTZgP{P2`Y^$Se!XqfXv)3Lg=X`|tI^&hRrf^SrMxqWRDEob@MNdBPlAPBy% zjGs7#`U5RTP+^(JHFyD^%6M=8j%&Mp^jD;a|kM@dU`!e6HZ0+l%{M>~q{wr%n*$&+%x=iMnDp z6Hh~ZfyNKN2*1id&%s!TMVCQVEBlOZGJiCiUJPA}T>K~9>=W)D28!wzPo3g=_auDR zF>NhDE?*vTsnqVCd`A!SjSYtWAWGIK)ep zWES@>ag*`CE;{31UZeFPy`u169Lib=W9KpqB14@{zLD^>nxK;{aMiU*=X9W;>358wKa@y6+e7RT+6>>NT#l&lh3dKr9%t~Z@7+S{32chLw>7|=Q3z#b&pRLvFT zbk>eZdROCjN27@+gsAO)Lo`5#BWV9Zp2GLDElQpDl5_6@O;YCvgGSXxZOuLDoVK-y z+_D{rooh@cwPnfM%vGbN47!)c^ncS$!%kkLFy>U4Xl7o+$3!#H<@HEIm$aQ>B8e5+ zvM`lG9!-_vn-$NOvA}Ny$_$63wJYHc6q4ZG@pE-z(BjY+CjQK+|0b}D*3u-|+O5OP zqs6}-Xbv-Ghef5FBzpPQUo4UI;u&MPhTqc=3Y^{A^5dzLcc|5&Tz55QJIS{1oN`7P z*XRvv$I-;eLe#4V=EEH>Vw7*${U?CUY-uLd?YDiiE>xhBzv zkPPQ~nd{mm?!r04TXDhD%;lMG0hoQKbH%7EN^!kB@}AiQT7fxe*}F!@|KHjDA+2_1 zmUNM}{A}IHLr52Kh5VvK@t%%fRkUTfJs5um35fIYr%pAPhuYaL!`FAGx#vK20 zo1B1^iFipQuLb-gVb2>5$03t6^d=5OgL&swPLZS%RN3bTp;El5%M1<~6oqfol5L!SchRX86$o?6#Auleeeq1Q zTG7iOSK$a(zcuK>`Sn$_plJjR-NqG$nCgf#5$;ie>P1HHgDQwsr{H*)f@)QImH{J(G5W3kb z9BrKc(SQ|>`=rg4BLK7D*^OX@H?^MOZIP3O8`>8_VXK-iwUR&{27*)X?7OO_D0!1U zF{YO3@v2`myG<S1sK4KZ(n3;sX7ZNp>v}IQTi^={j8FH(j5| zHyF0v(JW%jHu_4}nPP&YHhC0@X9tSoFnNwI^)&Ohh;9YaFLC*7Wj8@Dhg$u!glor^ zg+8emRP>4Oiac()wlA|k^O-I6D?FYC=O_b3{>;0Qx8*j*#9N?nHk9rBh zFJM#APA8HP`Z8sW`xPcOK7w#FSU+SlQ4s$4eHf=E4PiaUOGeemGbe+qQ$N0P-qbXD zUXN|q+jR9b5ZcNCOv(_3vnoX!>~Fi2*rTY zLjT7e5_|UX-zksvP>I0FO3vD<^0Ggz#$-D%eW<5BFEK2=I1n$t^Hk0}Nbql{@Kq%m z;R^cJZTPpHY?^+s#(astK35hw?1m>1t8zXK>}qb05Kj5wjq#%CJaB72g9Wst{8p&q zuLX3u+J~KLGLwNmTGDQEoR6k+$Ah?Q8eN1R6U|be8flm#7-gfgCz@3fa~yHGFLt+e zxlO_>zbZTI`@jW0A|F`vhEZ8UCYNdH|uYfo#wsl zQo11m$X#sa(387!5z_a6&)|;=ks-o+@(`WzxF!@Ycuw?mWx~%*h_!m1_4(r2HWR;T?{B!|`9kH1N}6etQz5NTwYDw!%UYAL@JO%o1b5!+>n zmeG)AYSv2!Cd4V0WMaNQl1Mx!U)Rc|X$)*gM^uBmoLYWuYTRgdzHcSoitu{#Xbr8!vy626rg=JkwOQ8>Tjez>byyV^`HT>SL6Fvy4@-dKg=U47D7W8>VFcD*^G5ANN!!#3?Gt6Ep&mz;iXZ8X!p<*LPjc}e;?n4?XA{e?)v-@A4hW*uhCM?^m z&E?nqEkgRIl=Uo6mmEaE;*GEM@=mRqsk{~kugpZR<=xCgbI{JB`oVWy0qB7It7u>* zNl|^`KgLHw;b&mM8>t-t?-?~hWFnzR-n)EXLiZne-I=`{c(}b+s8*LEv;CC8MxzYD z%CwhABS^N>DpBUdW*+PC^t&cqQZ-Rr9k&bv&x34;?V{;VgD?W`{k1^qrxQWCJM&?K?&Q4` zhv(`-y}+=dU9@eqYS|LaLZU-AhFu%HOavNRTOIN>*gpY@Ut{YBQh8lh`!XJP{MQ!i z=x^pu7XsJ!ZZd&!*+dm7$PL&#?_HlF-M>0l5PRQw2i&!OxPD&>y+3ydt-=kIjyRrJ z=qf3BAv!iu&&5G;|9yI0zIK88X3T{xu!n4h>e$2nTF&>BoYoUbkB~0EP9#zy)h&7a zFiimyl=pqPFZ{xBjfG2{*Nt~_;(r8pMp;c{U(3trRO}6nt;QMbx|IX`caqL;@7Fz3 zv^&k`*f;Fi6VJH_qddvwZ!G8{5etdfYm9(9ffM7Ae7N@`tV}w1v)=m9L$foA z81+G^sH_t!6JhkZZrDE0eMB@?;e$I7b9S(bWg+3bh~ZFfXm%7XAhOD)IhCBIS7?z| z>kskNpSDRPpCmOL>^K!iKGa+ld`x7T^7Byg7zJ>0QY}0RoDG&XiNV6)!onp8kN#C@ zJ2y>5R!^Fsx_v<|JDa&*alfMK`BbDcw)BkzUOh&1_n-;qi`3_wCOB0*0gs0?Dk8y*@VZ4pGzM|0Y=dPOM^P zD5JzeJFOOz;D<5(7^jaSvLnh`oz=xwH2pk-=?xHiZuQ`a{OQ;(QMRfkzo3Irmqvc; zW(8#50f8E-h71#KQtP@V-pQ#>@`Jf?URe{c->nkR;6*%{nQj({wzjc5OQiAODW!WM zAj$)YV2Q{CZ~j%9E4UuJnfG-UbH0t<|0=haC`K79RrA)XU+ZYV`MCu(4#vns#DYAe zEZ(akofOI}*JvthR|*rmY6#I9+--%F2?!UQNlgpFf^VDTs zezEO*HXabB#GeX@a;)Fx6|u@zAb~8KOt2OZCg!2L(?K}Y@Rp>FWIVWK;KN_x#m4S2 zbpqW)dn1}ztx(Fna}E*ZdD@@z*8RZxWFPe?bC3N3;EpK(ct};>0Tlh#X8)rRGx@Pl zk9hoNgO6Csei$j+j>YFr88y@WKel@3`e#-gtLjJ?-kEC-YtLV>%5zvqYY_*qqMOZh z@7$;Y=h_HdL*RF6QKG|d_5mH5e)myJr^+|icU z#Hi3PumoL@et2DR{P`MF$e?jk(VWqV*y~L1{SeiEkuc$a1*- zb+H#2Xr&U^+X^brG%S0h-gsa|=Uq<`Ru?z=Lh{0MqGhOyJ6G? zgYx0F`ruK*%mDMzqS;1C-rO2;xP1KYv%e#*HGYZ5uZ$~P>Ydpo1rLl*n6&_Y`I(hn zfQ3uhOpGxyr{mG1cz=8!jY&;bgUVdHPgb+_QmbMU4>b8Q|4v}}sK$Tz{PReTfqz-8sK4*eT87-kkZPP4GM6wt zNt++zV}CB90{NPzKRb>PSoM5&1w!J86tUve?QNxlCIfeSeAS$yws!M&YCz-7rW@Db zFJ+o+>yV!5UEh`2ASSgd%1Ox_Ld-FL#5jC3VwJzdUJbn(^kqre6IVh45_5mtIw z#Gg^9%1f&LQLVU}MY3>NXnuqfu(9cGXZi7v%>D)R((}En$ahs1F5KLwre^U=5WD)h zqnd@@qq?|ltXv(%LL_G;jNOioGYEWM?qy0PFSJX;_y;848c#=ApdnJwXv$?Kl%lg= z@Nf)b3chmzlf)y+Y&~vprh95Sb%d%pzA9q5|7@?Ksrq7W&!FmKzYv{iQ?XoBPsQwC zwb5aY8I*vIqO-M=KN zW`X?X@{X(T*dz#F!ZldZxWN^1MHV+t0vjj0_Ww=@jZtwO=4j$Se<1ku8ti%b9>xe_ z)x8{(#5d@-Maq0)Jle4Swo|rWZ`W@p_;jpB4DZ6}HBUtRw2JKb+Pz_0rRP>5;DZuo zko+Vtiet-YE(N78*vt&Suz~E6k1~;|767fY#}~3^SU%+dpJbp zGULw@ys{Cp1^0f1R0XeJ=|Wk|{2!PP1g z*%Sq^qswsMT$;ZSg=WG9Mxok6{Xs^3VCpqRLUy(OOyeJn0e8LTUa+7mTsWfSx!D2q zAeYhhlrdlOPE@LzwA$EEZj{Untx;q7;W1j1Sg%U75z`XKijIRUnSQ>Q9rV;zlr)}YVNK;+Y$ zbCFLo4}TpDI{cr zA4d=F>&B;1-%6R5tgMjS5{sudnAyc1`1oe#+7sjn(uPth7{-P+9OS-#vXC%w>lb&9 zq4pTr8t^#Q-}z3Cfvlb_ce<%;ZX2)^1K)oZbrN1?4<|%gFb+)ea(Wj(;-fm4u#!g^ z|9HP)+GPQQ+6p!dskm70YA0mYhH+LkO%sG=s5#lRB~pDT^UB>laW=NhnAv4&+#0-n zKgRFnA3jRgDwyd&cH}L6?tXdy=j}=78rem)tK*=HBK)RjP*VXl$m#*oV`%pO`bujL zTsc?9+4N3<=RI(`OO2}@9p02t=;}k@WGRCeK;&nTqh-0!>Eq~kMjjbI1 zFAHFvaA^TGsNwFYxqXAFeu+rHs+;p{cL00KR6Em3^m@WCDJ!&eM9i!1M+LnWe9tZ1 zgAY7u?xUw;@9c?SY*S|!c~j&7v(8;p?HQhdeLT8UbEITLbrhDi+Yq0`Bpf^oJ*p*eXZtBKN0Wh z@(G@zVABy*7d52tfh5>#(_;DJr{jR+T0HnS^}ybTQnd!q`4>a`U5GmD)_WI`uf0I> zYs)CwCjlt(_gfjJPw*GONU-n2vj?uF!`D4kYAw8n&z>Qw2tM?@(RfZVSQoE5?@)46 zlWG4}Z7EhjVGx1*kY|>T^7;tV=<2>delim{Zm=aX=||vq-HORU2DR~b?9@q*P+r;+G6Ox;OZy(~V z2P#WTPBfoZaJ8jxPk^ETm~_3ET-=^u{j&K+j5TMItq72RSqg}hT={=cY*8CtfxmJa`Z{*QWv&hXHWD3r4Cte=F#GZ^s z)CJ`TUnE#FNv*tmokdEc{6qQt?PSKplg+I>-vFLwrIv3)8|05lj(-jt3HA%c;OmJ^ z_Z>bX!gnzld-3GjsxD3UY|YezOHEPPAtju%V~rmiqn&>VUg35ZQ*bdI7MQ2 zxr5N*R=#pdVr?Ap&OT)84LI3}X+;o|Ng&koj)pd<4aL{2IrD)~*MjtSgN1MdfkvKy zoqED1&wYV`F9VPDS5)RPSKs+@f58l(%~u43q~Qs<<#@_JCs%K2t4^No0CGEa*{zi0L*8GV+&|d?`ky(4*A2U7 zM;*~i4vwNdx&}v%bNmB#N4(CK)D$?+EeldDMef5K!p9O_zg@mZU@c#rCtdH3%GmM= z&>03{aFERR$*uV-l;pe;HGBJ$U^u7eo)JH;=0shz@H>vbv~VV;|2KuS+rsfEqdnx1 z7g9Nrj;JT()dTB-vcJUz9npl|Q7&JsC@nwl7-@d1&zlAh=6T9?#`B9_J0P3#syHhA7X zBTgPAB6Q#+Pt$UG{RGzlZhiXW&Hl@T=UVGje&778L{L4Fk=tKhI#SE#eOp=&$Me%W z{^Wo|C6tsDmqGtBCaUw5)m-aoVDx0;+cEp3m0;fY%x-vCV*4CEPGf7t=C1Dt(_TOM zcA}a}o$U0BsbYfxaKK8Qe_ThYH=W&aV#&jL7Rqhu>igbv?%V7 zcw5_d9+ytePEEHuF5U)s&|Sn-~!P0d(ES1kB;XMKrNFY}hLb*+eZ z*Zi`!zw#0*9z!3i4A7X%vBhfge_RYq_F3S%SHN-Vrt1xqMYrZ$e&T@ANw zJ0cV>J9vMakyTFNHRu>zzxpsvv<`l;XSP}KTk@h}guHBi&Hb^_AD`ukvVfQ}sCAcT{v zEuSJ^(rH~5H;^D*2Sii)r*6Y4hh@AUZ0RY>#>VIh=ICaNqoeyEu%qiEszbe8anPjx zf%a{c%er9q4WAG4^|z>+I6o0(PHHPKovA53^DvXux@iRB>d+1+{eH9;5rOoDTfq8f z%-^(Tk4ew-sHi;^+l!l^fha$`teX{$9wqc< z@s{~-T}@BJ1_uhPaBsQ(SuhyK_Bc`R_xHCkWJ2vSnj)oz;S0Hx&rBydas{Xb?jI+lVv~f7n;1jk%Pn zDm%vVVKr$iV=`Fo3EwqbXXnawjXe+e{xASpL`1)Nup$ySoT{(l1bA>8pSftfGyZ=5 zgAB>M^-eoMAy?EzuKAsrIfVz}4b(7#n}#fpBtfC~#6K>vuqEM*!zq`gY7zaTigiGo zBd@@5DC?sF7C&aAP&2s|fv0y#`PVCRdAC0k1)NmXN|7{-y&Oq40s$yityVn-CT&6EE6IcYTWv@{|53ocE1?>!wnfGo* z%=%(rWu7+6@ILS0B5VzZp==JZC;$NB_adnYVyXh39l3XNbqb))LTSn^(o3&`2+b$j znm10A_uqXTT+{NRU5Mfp2{$cE$QR51`0br-Y>Z7Jgx7T;<7tJ?=p18ja8{!eGU~D! z7}Zhr)G&PSIq$3;rLCh4vfcv~v_bg}6@-_G3(~R{;ksm=#_tyLSTbr)+?Y>SWd1v< zqA@486Za?itA4LApslKDP1D@`Hti$kT7DzW8*f()wFMnvfsP#+;TOwBoc$j8+99b0 zloqHJ7E!InxQK;T_}kFSF`!;T4P=gN>vv#GZE9+-lPS-9=peG|kx0;xlQ#FW9aTT_ zv~G;Oh>B(2I#=J+QHHkk{HEB;xL_1AFz|A5TG}NZ|F*~qgc#4{WoKJr>i_>Zd&{sW zqi=m!1O=p2l!g&0$sv@6L6L4zy1P?4Mnpki2xzdduEbk8gOu$(?Y)vk zo~eQmuRq4<+CHkQ;W0ShO+4=gDD%zw7>x6*D_u9tV;SM*l(5oG_Znqvv_mIv-!)VT+Y`$=c-&N)EPeVr0e=a zLELx67$RsR>4S$(%7dB@veLW*#rpu;D^#vOfh&lIhQ}iCNIKR1<^#PeX0Rv{@7MT56$x8So?;Jve6Frrc(};=;nApqH%R@1BTuq_BBRU6Z9(MRM zjG7TMZ(Pqj8$-SVFj$Xf)#n_5g+FO6@HFzD6~yOVEWw}yTJukjhe<5*B2HFgtDAbK zK7e-I2r9*XAA}tC64B4$!tVguARo!jW z7XowLV*d(xi60z!j3J3S`-v7F$zg`|B+03bUNz+IZaYcK3j|%&w@u?wa9zoL)|pz4 zI@iZkHC6FiYBsk!WH){(UxZGXW zzWvBjQ0sDI96_@fRk0|NbyMf^xffqoUg#hM z=K1Z2I|hhvrw;B8mhXFV6^rRB$F{{a5 zsn*LOqE^=m2&#IJ0dtm&*FuzCl^GYx9r5vuc@M0=-_-Rk^>21&DAUSm* z9C~%+efhGC7$BTroS}e7445aIT;HW=nEd76GE!8Gw?~Clyj5l^reW)Nr&o>ZOs2Jz z)hCoX#!9Z{Ab$mXst6KjxHW0T;(Ap5wAi1gAj)5^;)W|sY23Dff)sAY#m{5(UgvAD zI}0fz?vpRN#|E5~Y=X9P-1mgq24tr|)J426UZ^zSduL~uFq`?j;PZ5Q#w}&w^y5T+ zOss}sP#hYt?T;6dC*+WkVnxkQp3?n@eYlh1S(>qkvuTkmD4tL2lCZP29~@#aaKS;i z4dsTvE$s#Hm!-X7qpp>gJ{X+~+3>h6c4N2Q(12%}olP}3p1kvoIAj)ADP+7=@K+v? z+50wVBl@k!kl}ntp&i{(3KSG7c}HY`z1kIUd{qm53VI|n%Q5J`d#{4j#{9npzTvA%$dSR=JbW(ExayGvSyCm&wXI_BpLUXZ8YHNs#D>dRh_Kd>+v7TaYmo<_QrVFBnN34;EU#_-8v4lgL~@2rW|ACTs*z z`k@|nCRssBvs=OQw%1(6B^24K2%abSA}%Jp(I; zt%Ffup|0-YL$=1yU7St%DDXY=j6jzi$A9wqCmaoD-8AAe2hc^w85}s??u>L$4?vVf z0_Yba4|#`Gc`X7mqvdCh-*Xi4dmJA%X;Xcgeu1Eg!iu~G@FPEQ>*t$(33G4|h7a7( z(6MLW^Ztw+ZaWTgy=QB?&h}rll=QmTEilXS<2<)ly^i%D%_qQmXb17nlb7t%s*K6o zmhV3lo|vI^N~b4oMh$9ui{HgZ45G$gSp!UfwQ9-wx&TJFT{z+)dP}bi}cq zi)rh~T$ZOpLJLmG`GP_VCc>?_q*j>8eVkGDE|s=(JO%BvJBUpGGG@Tk9R-UPv!k~j zIfVdBQgetT7u)7Kb1-8)ST4iK*sWXX&v5|{1JAG{*(e?447Kn`E`9RA_>^l+21X_s zRygi8y^<&esDn-uo4P~G53Fh0R_Y7_=%BsMEY4@By8dIKuGOs1xv%{&g-ryeu&LCj zC*^NkNOZ_-)|SH}DC{d%tmQQ@Gz@B>sMWQt5Y6~*diF686c1*m7RXvQP{eFV?1^&D zET}y0KhDlL$#jWJU*4Xsm?)z%N-TGTg{|a97=0Sfg?U9jW%M~rTdDJW|A~gEIBP_c z7TCqe|CpjzNW@zf>hkUd;+3^|^E{qhzYKpVXK+MuP{Bj>7BUK=R2`(CY;|?_snAZ} zZltc^v%z|%Vx0ts#GpE4`?hV&Vl|BCRX5-?+Tafjm}9NGc3!VRoiYimNat=yq8UBRc;@n;!@#$1-vibPdbjGWJ(nR>`f1JEmg&XR zo6kMY$23{@T&IJfoz2G3^F1*>zSrKIb)&)P`EIS&CyX;H{a9)Q^+EDG3!o9S_L8fr zU9z8MTg%hDkA}%f;tOdvge*Jf&LV{tiM0D`PlSyT+)CDu6>SK2&t2ceJqzeil3*96 zIY7_&>|SmD33291clSRpWMlE>@=jgzdl=s3TDB?xlNSd@W$(~O$M9Tg$nNCs@M%d; zgz!w8M16XwqY*23XGzacxW@7OEa>rz{uULaI?8hJ9bWXzE(e?*}d*H)5CTZz4R zn}@g_&mlQuT|%3FFU-{xLWO*C;O1Sx)z5v)Gfim7QGF1}t&2)9`DHfJ6-aQHF6ayg zg&i@4WS`!?X#!gta0>os{b%(c=AeqxdXRRtX4L2GatUR0ry+M0HsPiSRcOiVs3hL*yi$bmGcdG zmQi>LD?_q&SZ)Tit19=Q&)w-Q9>Z0TeQ0fvqZ);3ld7r`f=Lc`t z{P-PUZYvhewGP1D0J1CLXk_oDwwXx<(90HfDK*JcdE^82R=P-YQCh0nIEvB;$`^Wsbt(TPsHz8ODb3Dlh(~e2&pracB}f-$RSz$U>jjB@Y zuAd-$A3~Dz z2xN_C5nncJkY%WL!$ww|kS}7%+^wqMz{d<9_P^R%$8GG$x+GX%;M&W4Fo|PmP4B|l zpr7ZF`+-EzQ>~>gWx;{9MKQIh^rF(oKQ5$Z)Ba9D@n38AH`|W`NkB{F%CcHef z-C}Z#*%rhVmHz;#QVriE$Ttk4>%Nbs3p5+{i2V{hD<059KCd?TtaVHs^v?Jj2l4tQ z%Lyc84p(@{vCwSPw)G`KLdcS&I7jcV^jw9xFU(1WVmHYtSqIFtTQH&KukLCcC#0+~ zu>l)boKKz)3*~>~IdRl%#VuSzZiT;!1K=xTrIiM6TnNLoQ>kwv^&Yqyo?Xuk%cO&D zI&M4r=uQm_f44`CAAl`zO`o4F(CuYq>1=lu&p)Hgt*zmlJmaC86*Sr+LpMO3j{W;d zu@ts+?!E)!oEt@ybH;`}VXs1TRsA7VU-fI-gHnsyJV;uGp9VG1dNpe^tE+T3o^n(s zRD9e-1k7_)<_Std5ItDG@lwp!eyGr{+pJ6i)1exZla-0k*N#3Wd_9@1?5McV1)d@+ znXAp-=sL&c4C>b&5u`+$PBP`P#h)M8aX=nC&aKv$GUAwuFtpp##2k>QdmfpfG1;#v z+b=w8|CB(uhN@zPwSw&9#_vq^9a<6_{o>SBKVOTave=Ogph#W9@5rBd*<@esG=A@Cp!=E;nddH1lyPfi<-=TE48 zTrVDW-Rz@)l1p@t%6Mi$*~cT>ccf6>9kT$nb4)JUAO4U*xpF!w&oSH`9=CYaQQvzc zb)tER4ldZ1sZprB9loLpDu+v6sOPCOx{R*oO!jerq=JTFIT?wvu5f0+S|#@D;RgeZ zpUtX*bF6kb#4}1cr|k2Xu25X(cQn8lK4v{nv4xvgh-Z;2cAI-NWXRWcT3Ewx3^7N( zUc=OWo|3seed+WA&q^v-a-0&^ME)-I4bK7J_FgJ1H^|jcPZWdmAYg4wQ|@$rFAL!D z`YHKZ<(@csKp1B>2hh;0UZ>0iJ765oIki8`&@RgTG!H-4vg_WIdY_Mr5Y_fiM?Y_x ziJJI(%_Ezj7Y0`dOU4uc_bC?OW#?cA&53mCUQRHGr>-ph)W+_&y!Z2tg|8b=yr1gA zmF-NUB~vWr{HN6Ted&9FIMWfAI5&-Z)Be7hKfX=qmd+W88r`HunoEIwS>FMIkhPsH zbidl1`;;-g2e=?*N!_?fz0y)?oyDy#3bR#!ufc~E@Xfn~nk8J={gx#nR_&_*(=Y4||NICm3<#!YY>^ zq9;p7(d8~zFxDMF9!%4z%=tSBaO(wu|J|s&_F!DAABw`T4%Dht0ZyS4%y?N{a0-f|SJFr3b%AXmbpmd3R1kQ^o%p zLng(v?irp(X^FwX$_+x^0L zFb*pc#Jitbh^KCb)Z1b4Q}4Z{f(F>I_ymRLSc>^Oms6Vz=>OW$aOV)~irw6zj3r|wCrc6ULBn=V z;0j(s-kaf;u1jb{OI@C>SS&*`P)z`C*Ov*$RVm3H*it0b+{z^cA4P~&PQOgoAPmvy z931Mg-LI@sQ?a$39E~|#4jXa4&b~4uosp#wh|;I#Q>>2!?; ze&~6r6GCaagK|-O40dj;d~1QdDS6JIo*sC0>FfWwWd6qaa9~#-LUJCOx#+5edSD2P ziw*9Fx7mXrA!8Y_x~xYG5t{P0@PQI|%a*$WfGkq4v5J$3dNDB9dBLSRJv7welIO@o zx;RmXb6sSx3#gZCFF5SEMROiVxrsS`C~rROQ6*Nj3y=yDvHzeU%7+hg5iL5Wcc!!^ zMe`A0Q%f}WIv{gnL+D!e-4*U;oNQ<@7*MtfIl8e(Li*tIt2xDW(mk8%`*dXk?``Z- z<#xC;RiD)|yeq=-qeh#JEgmr_)6mq&UIi*B^p~?nEAlxS-vC%`bK_8}8ciBmVmE@H z3H5uis8@}v_Ujjne<$r8Q1Z^kn7W(M8Je?XfDE+T>K6W#A-j1t&Rq;Tc`p^IBoo>lbZ$T=A4mf9MP0w$vjN9W7t+XgL0|ys{e-mHq0?ih#>{qhoA< z#Up8>C=;J}x zC|;Qw@u~0kTbj>2_x5$#BK6B^pA;{hd}PZ0P|L^U&`PbpZ|^mQC+nSyDL(tVsyT}U z9S2~byv66n1G}vnMro6Kf4O^1?c%`)dnwlieU7^T*?~8W3-g)qzW1m@=B6MpeTd~4 zgIl~f;J3%CPYjidV=7e4+0Qd|$Y7zU=u=pF_fdvZs<-y6I@LF-c4o?YcP|A=lzIgx ze(8PBvU!GX(i8&v5_Ysvss`a`@OJfJT5^W47$J{S>2+EtjQ>T^;u)Fkw!-29AyF;D z-6W&@8%w;i56yw;c9zG{?~y z^{B?8aF>59R1J__o%ZQK%*@5Xeu036*IcZr4;!A>`$;|28$n;5E1XTnM#}YeIrLlJ z*-HitofFN|rj-Prb%|6n*lzk10UX1AQza}~*owF^G@R8D^OH3lu*rpNCG0Eg5rqZI z&wBo%cY3h3C5^On>~85Mpf81DmV?9<5``w4OwEKNesqlYJW2oj>$U+~A109~ln6z49 ze{}H@uhW@F;!aP$k>>I5d_fp@sDo6q3YF_V$-FF>Nida{2NKLXp8FhJP*WBe^{n9L z4wdnWgUtGoOlYyrzSho4E^Fdo!L3bd%vDGV+{^sL4(O-NT~+x4e~d&#Tl$uYbAk(I zLtEcISsMD<&MNW6m4V*8ldVSEDRhld<&r5nr%BvtIL26gK%)BOxQyRWr2Iwk3zDMx zR@I1OeLo@D4bN)AjQ``nrw|A zBc2{(r?tqNeZhjW(!s*( zg}=37c@GPa8!!8yx-B+~e7`95Da$R#YboaC%%|+X$7^fiF!#h3O*Y~dDqO0;56uKL zd*x1p+Acg#{4OLesGGS(i0du|%iUntmz%4S&C4Hq$#16H>D!I8Y5v?k)h4Y)y-kH` z$W`L{9e^1a_gRT3*$Ew+~@+UL8p>ZA7Ifmx!Z9dd-v?%xRxytV?Q9%dfp094O=zoVE`V9?JPfMBf z!ra25W&NMKL7YXdf7;AZOclk(PgN&HyYY7Ke{^WEC#Je<7rQ!mpPsm8RGsXvX=lBB z?wb)_E{w3foVo%TYKa+EMPyYPDoay{Ja6q(ss**8&v64TC11k7>va4V>2NCE zhYhHlYl{hvT4A&`-|tmL6Aojr0F1WQf@Qk$pRNH~b%dvcKcKa+DmdCbv#_N3+2I($ zWMqggs(D^j=s)S_%59FOLD^(8=qTt3WKoZ47bLw+Ys#4Z7Mf=UiDnn)_DU)jjOGyH zQrTXmRH;>in9GV~+D{UH*1QhaeJ0xM>zuk3IeRkeKX8*vXB#yo@)5o`Ia)~{S7C;r zHAe5z0$hd+kA)y_m~UI}c|or4L*nWYbf$Y0mk&VCq8;O^B#XPpMS*@ddRJfNh%X$z z4I~_mtQ9IJ(%au@FFbR;t7+ff+)r%2Xx{8qshJ=jeo_=sWD)XBZO7v2k109vr@v*B zt8&Dn1%5|zZSDM~HW-)v(TeqW&+ayLh0b0($ec+X5UJ4@zPhbwTE5FUB==k1e4e8ynP3qi4?vg#>uO1wBnTs7?H&*PhrJf#E>8d^rstz^}J543na$}UF zyQ?f$lm{tGV}h7>GS!OWA_`pe`I>F_RGN0)f_unhrESBK=55c>dl?<*GO)=#O7l(G z9=qwM6>C>Wsr~$rU_!ab>Y01AQ@X>7F%g;~qb7E}jumwhVW%m?*Y7*;P*X>(-Go%u zLJHUqKI~ROFSPUWI9Sp|45F zRDoClL$NteSjPKbVb#6@y?4JV)q1)foM*Zj$IIQ2pfK= z+n}!d-yKBN4`aXr5;JKpq0#{YrJSZZ)ax@ra~~BtCfw8yKXt(-ZJ$du?lR8TIYUQ)T?I~0j9Gw2tJd&AxmKe^$0(-C=elYBZ43Em1Ba?5n0=~s@ndJO+qIVbFW9*Oog@vx%td~ z<8ljZhb|0^;Z=aD;Skwe>i1s(m+h>ayx#MkFYYPmE5iU#Z5)U-rRji)B4D;z+ zkez3GNKa_s``7}0r>24+u^xMb;uDb)<>$?Re_ha^0cYzWKIoCR5=_ zir%gW7s*`HG%aL_G1nRKLA+SMO1N`n1^cQmZ1aahrE}vxZ_=08CZWM{n$l^`vAU4t zRrm84ir=b1%|g~Nu?Sr!8os^Zg-&<5{*#s}N&m{&rf2=QSkp2TI~Hr%QvRglwqZ!@ zlBs9FE$97l@>7g9hBQAjCeJjG4p|dc<~p<7(vFKr8`}w=ba2)s;fJJXaX|ra1-q5|jf(m!C+t8T)s3%AQ|exq(FpO&M{@9Io|jbC59(GvlxYl65&};i2le$7@2lRItanGb(b!1beTYs8BW%4e z|Acla0+aS?dX=^HC-Do0n%9~LJ~wPvRM1cugVW5JHw99PN4fY2!}v1fGGv$KR}yrD zoZjgdmd1d&78p>}e}s)wir~0krt4n*5=MEO#&77Gw>F&M@O?75Xz-4wWwC#kUtE#^ z^3ss&Si6MD+d6#mi_h>mKFV!%-^zQsqIQ2g+xVLPw|7@bJg)Pweh^Fncayw67mh)7 zaUHS@ClDbN&ukQ=<$?rtKu3w4tBj}B@2q6h@uhZ(jU93E~AN3;6V>nfdI9-FSjwJ8Xx7hdp@57O#fX*Bhh-13(ye` z{`u*|Sm8#8eTQzz*ZReDzRRm3s2m=sT3yz3CXLPC%`pl}Pbvtu6$#`6{PL2@l>mZ89%{v< zpC(4w;bM0-v8DuX=By9aT*0BPxO^3V+LKT0w2C`}lD*^ChusNdNef-iJ9e@xV_z#8 zIONl41DfBqj%!z%0$cQ=TDXQr-CzQ7k>0k=CYmUgU9}3q59yAR@*)`*M>f{CZ^aHg z7#RJZ9jI~|SLkNGuDSqw@^a?O0d{+-8GfO5z#^l-M@n20+H<^HYd!~1yQiPD>R!dI9osOwTBE+I zk;=jcI(26eMiKD5qeCj}HoF8;OVO4$Zfm!va3VQ$9smUy1TEYk$@%h^y zbU(W053A-b$n{bw7$YiiE{+t1!$zH77>6$ZS2yqnm3orLv-OD#AEc*r9u3vA z6z9v;Zup>ev~`E|{0Skuw#_*S8!+124uy* zA|xG6lc;#1xK4@QH^Bx59H{3^3^;}F>b5oFr%VpD4K1W=Xz}!YXdYRZq0Z&u@pcB) zMO+g0WDV=x{EV-y+3#OVNs!W>h3&D(bXichG z!-27(DAT9)yy{bV=w`!7gyg3)V4)~C-im%>(aE8amkf6x<^5z-5G(TGS%4PTvJtM( zkP*bjuVssuuh-J6M?wE4+`Vwzk!{w<+8;F)+fY0$W3KRZl~vf}aXsUh-UkgWhJw@^ zb*7;4aRqcpW=(^E|E4W7hHhg(xi8?<*k*R!PsQ)MV;Y2-DXN5B2EA>-Gf_zV$M?{L zn&yw$cHM=G)q0~d=#FBhw_?i;^d1paC-D2U@T63USAPGPOoe&8ryyNZ*AN3sr0+_T zQnBi?oGaTL1y3T7+qkrq3EPOs6SC37N59V;;{oup$&rOw%D@Td*sm$d91E-N;wPkI zABFPJ*avYK2VR)t%vcRsj&_Y8n(&+VY1gn0b8aj~8$n<8w`wIGHI$BYPp9o>XVh}Q zC{v*;SKZamYC|rXAk?wu^A6bO^}eJF1R|(BR<1rJ^>$v5L01lb_ZI(wIa8RWFqd=-hM*xd}UHxN0uPt*0arE?WG!2z~vIzePqk-JEz1)9R$>HBTHBNm%Wo z;hfprdx$;?+{@7~Y8-ad_I(d($cS}ewqPM11HE!E7e(O6d2rYcHGGbswaR~!c%%N- z+>6RU_fC|fgwsk=$v-%CmebR! zLCSHWuNf7c4@RC+KA!LHm^A;axSf!M%p(CN{0E)8Lpm2oc5|@%h`)T~%x`TBoHHgG zynX;vNj>yAAbDwjb5I)KgXa{q(A}nJWfaHX-O0mBd27CBdb?T*J7go@l~RDr6$9+& zJ8{CgBFb`pV%g6-!ej(9j%l-r#9Vt;<>DWtY}^Ez(98ov)Wm%FyIEH=YnH}?%$lQL zmYw6g9yLZL(fyDfiudX;vizvSi_sCt{d?xu&*_AYPc=58C8SESShmr_b*n-;RKM{hD( zCpO)v;^)$zrilA4__Q6n9;tx24Cx{6uc(-NKgDD$?ro}oMNgTyD2f5}3b?hm)m#oN z_lGq(!$5V2q+Ch!sYrQj+{^5Qz&@^^Q88^Q1+P0s4cSoTVscuBcfWPqQRF?Z=^Y={ zPb#;3_q2EA1BFg*FC?t`s2TJB(wKbxqezVXgSr67%>{kJBf_lxU}4n&kkn%d?ws-T4zct$oL%mT#GDaO2T9d;P-|iKbG`eH z_7~qPDzM~%3b?1FEE{$F3B5TfR6+2-ej)tqrs8YU{9z>FrXeD+&;P5MDSrEemIgTU zcMoBY+s8X|sP058U`Id!l|-yk8dc?KgwoiM#B3q_7|3c!z=j$du|D0bX8;H~yb~y{ zabmA+c;zCH`}~cwt$&=))Q({?09yz#*}qlHTT+Jp6BhYb<-d)7XqI)Z^vaNi`3f71 zhfBo_JI$_5@FvWkQfEKEPa*97@;#Vv+qk=SP4YNlGb@H)ZYFZ(q5ZFO=+GtaiZeHI zF1uJ4=;tO)S;yy~6E_@IO-Eavshiwdm)4+lI>>^#Y#_KTWoJK=XOylq(3fUjMNVo9 zvz1`yzS^*!R5j5amCm@_k5;+tr0nAR5(wFUMjK(tHwW91TR7_DMCHHk(ZK54y5U?gtYc z!P|V}oAoqj@nK^u3O79`jdw(GT?gE@xd1ZPxm7irgxcJ;G?fqZYE;#G7avKaPkEbn z;bB5C?|m2ROPs}A34#)x9}m)+Ouf)EeP*BC79)JT^eD1TXi7!u?cMtdu5|43a`-Ml z4cVsVV4DtUw3>}br%@S~>wcXYUT1L>#*X%sDMKct&KJh|x$%F6+cJy$^lj z(U)y84DZ3fb310h5}EHqSM!a*^rYlqg}p~}!shX>Q*s0W1ADdK_WfFU97FUO9Tm?N zC3(3DjlAv%Z9R3%-QOGWVkv!2gd94(>Y=wwmxuN3OhStDbsgYxh-Y4xPolrhfBF-z zy2EdznEKZ!khQ&An_1WyaQ$XBEikW+(i%lO+XfV0ni0*I_-?lw9?vt!CrLOY&k=Jj zpR5Cze}1i+l4o|?zZNBmT0d(y!Zo)Emgh*+LHe>kgh^|p=&{IktghQKRfR72$u%BH z!s{)n25nI=Wx9eGzHqno_V~<2r$1}iKppgZ4#J3ph*Lu$%sO{aI7Dk;mAp z4kX3&cY>6;?$#o8oATN5>!qi5A34X=V+;lg9(x@ud5=wkx*>s92NWXBN!bKs6|o5E zKn1s8eZ_9=XArSARbt$dpWJC55LjouX7gQV``aPOCNymwSSylD-LrMg)AJ=KBk=v#4LPvYZjkw zz5h#H6P;<_Oq?1*Gb(R9wUZmgcxddVtLQ;uNVLtROVQ>7@;>c$Y251QgI{7H?>u5x zT3=B;8~%?f{h;Hem$|nPNBLI?rs21@HGjZ^-^|f!>za8TC{0-%gPDQvH(S#-i8kEp zwr|b-sdUsp+6%x}0$d-*H=c8>0r9Q7Us(^HW26*q-amhrMPWh-*UX*4@;jVU*1NyA zs&#}GMc@i&3h*|9TZOFeehNU^q^VYC7puEdloS~L(*UW8A32Fdt0MO6gPljGCrPW} zrRjHEf4v?kPPZWMN>tBDl9~DUBCiAV`;=rEO}P_d0*ByFPgmV{-lQpv2hnP!pv|rl z)^y>iJp#6ib%KN18iq<&j1NqyzXUvb$(`0(zRi}i%>DQRZ0NRb%q_|P;|tzDJ+0FB zq3E+nyMb)Nmt~=tEo@p+(%Uaz-2cbt`u&T9oN1QR4?gmw7?4(P@R<;N@)+x%9zh7s z@hSOqo*YSVIn=$T_*84_ke+ zy~Ig(vEOroieF%+z~1^w`~NToJZ`ywkvQ)(Deh5sQp^;l-^;@O)qWBF` zVVj{ulIEJjbSdm^!J%K6g=zjAMDhHyBM3j@7P|#H=WH7AvVn~fc#r9 zW1^)M2jh%R5(^C{nd~BFEhR1Zd4IMt|Ee;I>{a zH7caELD3)n4^Aoevdm%q;U6szQBAx2I3KfyaT-C4Sp^TdqOkti9t}^mYQJJD#?wyq z5&tf%HEVn`N-rlH`j4>i1gUs=sx2(v8P-r% zRd)Q<0)j`4FLhND%BnU@@KA(<6L@*)>ec}$hr=SWN-oP2r3_OGLPSvHKL zp=3c39bsKB(V<#DJoxi!|0!lp`^Osg|NhBM|0e&(Bh(GilAw&9jHejmF2`<3zj^o1 z(C|Y-S!bF+uCltKgV+uIS^dqZv9P4|Khh}7pXJkYn@a_w*YI}sOXthj3{10+>2&@c zglN?$9rW)UO8yr}+Zed|LKl;KSVK{tZR44RQys)g&i*w7Ti=pS_dln-iea=$(fBO5 zMYlMGN#(|dNAmUm3I#t}?+2jQzTHC9y-E(tjD9?I|M?f*OiFt#{u$oP?_bwvNrK@x zsV?7x^(~m^bTPIV$r_3H_d#gjov<+2F|@=56-3+r1tNP@4cdQq3BLPtdZY9#Y6CV? zixGdLgcd20^v_WuBJ+X;V5fUP^NO+wf|)%>cGl~Eo&00W5=?6-@wbxs?wsI!%w+&9 ze-qVW0PjDOIroTrF;sZ^_2E<6?~7*-{^soIBjVW0f1Q1qD^3HukkL)Wg@4gund>jJ zL*Bn23<-t*6BYdrT|JBZ%cg9!$qCQ@};7wA0-yt>qNB&=f>U}F7hi)4d_b&Y0 zvqYfHeGXrttUF|YFf@(<2ZS}|J> zDJoYw{A(4iYTsdUUCmeRxWBJ$-IiH0NSQwDg*G?WAH-iL-xCc0`kt3;s3RIo%|#BpzQ{fHcx_m}e6X=&Y3O3b zOzL~GTg#8QS!^y|NWiF$8*hf|bHV{@Ln7j?>e#h}pp$RGZ-$$1j49)u{m%?MV1bd_ z9R3w^@X4S!0=p0s>m)DayWH{S!FRWV*d(G$acN!~NrOV0seE-Ned(fJ6+$kZ@dKdi zz3_D#l;g)b6-tNt_4tjv6bGBK1gE1ea)C&{J=5m2>yPW{`CW_D4t1IJw`X%H!F1mF zLc2wk$ueR)YJ*bb`c-OoV(0U#=Ex?L@~}_a19DI8wOA+Apn!m7s&n@X>b!AR;n>^G z>RJKA7WBberRLoh(!t;sm)*=H#Sww4L`?Uu)_wF0kxX^6Bzf@J|D00Y<0KZ*=`U@W z753OzX2fJL-+aUAmCH1q=*3dtAUX7+YeN!nrRus{TsxF>o(L1o^EwJMoY(VOj~g7# z?oWunYbS3RY1$M+S|7CdoQ<4n4|{8%{%AJ;sXuHd*gP>`%Ld$9p<2$Hf!X5DOKzn; zY5n}=m98tDAscfDv^(l365LdezS>Oz-$dS(gFKOD+V$5zBYkt~&t`2?R$-9>cUyp4 zj5H|Fa(9aqxVr}5Avb&w*Na~rn2B!Mfj93^7ch|j^0cw+#rSXWiKbOrq?XO2nAeLJ z-2x@4c4Z}d3I@l~8-EH*Y!Y$QsShhb7l9xrz;&+SRc@T0e&PA&fxF@qB&}#Kmbhr+ zUHNa(m62Z!+e3+paSv(Z>v5W{Ru^%VbF{fmXG4W(LjPy!A(aishMALFD2xBDpndzb zV=yMoY!EvorVLBoAg-GcD7i<&z8icgg{3XCnjA}-gEXclZF7rfH5+$m#NFJ@82CzM zlP&_alpMUBad)#xp4`)kkM`f6^0zM`q(q#Sc)Xd?a~;%6f?hX5ZT(RK;7aYYd#NFh zkl?%P&11eJj1?wpTPEVg?ru=Q&yGY9w+9|6h^u0R4NCpYYuLxY71?~wpK-Is;x`e7 zK<^_Q{4qTzUWebpG-kw+P3O%>d-P5z`cLtL#_|lb(My7&yIt^Y>0s$iU+L=veRu7Y z$h2X<16Nm4MuU?q^2y zj=IA98Qf9i=^jO1$GMwsB)0!s8gh?mjg6zVI?C%MX_S-FIL8}EKRzMGa5`MMFV6|k ze;pfrc&X&*t&aM}B5FKDV=#IMu@ud|>=tMly+I@I{5t|~!AC%}6zYdeC$Iy099LQu zL$i1oByjPE1QtPSi^_(`Jp$d1ffjaducn}j$}TT%gZ;OHsSF|ygTWWUgW&>;TQO{l zHyZ-O&17FSWgz(H3m%53-{7m?6H;FG9e~?WK=ry-{c^90zY8_^vfuCk287-me-F8D zpNBnrd7J>9S9UR~4#~K#&#QY)x=HlEYsxJx@H)wKHkmENQH~TxQXq7De%(NWZmQEQq8y zF8CViev>0ml&Bjsh#Vz47rT%^v1Bw9cuiDtIncQ-&kQcqd}xT8zJZHE0fC)#BNvKR9OJ-eEYC6J@^aT^RtnPs)xdKPZ`U|7T{pCyI4|a7=De zb@km0$p70ki+kCY$>4On*1Iu`-W&Ff#x8uN=hDkWM2dYe0V@5mWPFE#(XEZkVQ>p* z?JnW&*pUBj6?{Wt7#=VMI{cL~rF}?+&n)@baJe<-9y8Cc47sOUVwSfm7!hFHT8HB*1r;P9pVED>CP&Tv0`Kopm+Y@1>8dBHM2k=DY5_}c2lQR@yj8P zmeqYzUbzG;m_yxi&_+q)fy)^U^aQT3IsP-4pOo&hN9Jl*EZXP)qwL+|lDzx);SRP= zo3>ReO<}D~E1S;B3xzap9MP;c#W~Ly5Won)v zr-BC*Pk@SmihzK?b9vv-^W1y=Ufb>c`^OiVTztQu!~668ygy&A>nvVdN>OOoCPh^I zE|jrbXcsW`#fu;7Zg29zQa6@R<&8p_aiwlh7ks&0F4>NkoFV&|eQu^;1J9*F=t%=ZUmS0;O zI`C}cEIMK;5Wc;kzoLpa0LkJ91fKkIzXx7Xhhw!~HE~}xd=iC!L(Qee@!n7J_dh+l zKYAbK@q`S;>6$IWT&h(TT)1PExr+61_V7f#Q1oHK^9FX{UL`n|8-pC<4rKxy_^ag&2M%0bzD$USN2qsrt9N)cq@*^o3sX|3Z377@ zs2O$AM~*PI)SYp@4?uGdF_6B5sl_&2l%^1VMhnqDc7inw^}-KN+#)9}=O^+oq0(#D zKR>*AriW_^A$E!h?}^hRe*C&CXh+-Fi_KGn24`n4Ln|q1yYqJZ#1-)L(g73Rv^#UP z*W`8IgzdXdx4nFE;m+dKpFEQRwg1EZ+hF}|aC87OX_0N~3Xj=j zT4f*JfAZ0r?@2^?toxNnveIkyg213t=VqF*@jHE4(<14wr9+tAuR^8jwO=X| zUqI>|5yh04TVL;=GJJxhOzKr4cjC$K$J@jlYGN5J;`V@vh*8%avK}@~7I?*+@=t4T z&8mWcOf@&=5f7@Bt4EFoya->Fj3M3>5k8AZ`Sf?n4=b-Ov;T4t%J65_EZo9=bb0A? z6t1UdcAqDA*dnwTP#zYg*i?D#?uJ0yFW{RJlo*QKrsMt>C0mB&jxl!@>Gd66HuA)8 z#i;blOBKFELmT27=N~6N5H0`@?>kfL4@Y!-JNhNKKkCm0^v=jCchDl)jn%o0!_kf@ z!(T0RjF@1hhK~N)uo`+R73=YBkdG)iedCWO6KhI*!nZ`LRTL)$ziM z>#XDabpTm`X^jd>z+qY%v@kLi$_xA{F_quudgX5&VeKnLXvtS=~YktW8{2M#7 z)!3`*hX+AB7dn3W;@27gH(Ou4U6A=%HoN-qHHzUmWlH$X$)Pr~cBkbhT+qhLsSVIu zK1*!|;a6RON}K%q-7jL+E&!bkAE95kb)Nn9*Kaig2GndVYUYyYevpBqxn-nS!O48H6f+=gh2j*B*%RdIls@9Wku1K2E&WHOEnOP zRox$(K75XJyR-V!>@{zTyt3Eq?>#JizspNoLP9We4hZgN!k;-CZ<`YpXq4O;cS~hb z5xJIDkR$VC&8|hezWsD@WnjZVJW&^4eoSwyY_Zq% zlU+AH%KM1^`tBN+Qn=45rMLN*x+H2FW&PxDX}t4F+{7>H>rr)9ABqQ{xmMBoO+%Vp z_pg2DQM5DklD0%z92P!fl`fAg5mt4|H}5va9-cn^V)yB*oanYe`A!#3e{)>z(tv`5 z8Z}sQrZX>IaQoWzHNUwcyhA#!&3qjYdHs*V@!eRV;nfDMIkFqJbu)S`p(aSXIYuxC#m_7Z(^3PF@KQ&}@I4mo^u(tx}lMvfWzPgWld#B}07DD=* z*?915qG$*toCTPCgnYweV*g_BIdce;N-@sM*lh&;B#nkqgy4_tk90 z{QAjlmt2Z@loII#xpWhr_wD(|O=;7|zn+-jZb*3Hy>r^>qhrcuYWPl){P6aK3Yv8^ zz3S|v4M)3&Zbu3N>f7E#j7I#o*hkuWEn$em{Hcz`l8Oiny%3edWGEU3azx zI6D{lX=@IhG+%EWc;y$6f6Z!YpBFd7X}EFa@na$kAErQWO4!@-<6_(F3)Md^H?B=M zX9*{2!|CR+B1U9j*X0lS!?$ccn5uJ*#6P*>-ZlH-ijCJuQRu2uKOcyHx#)a*!&jfZ zZSfGZV{2~+ff9^~yQ8by5cSwYLDEgE6(&&oF2szI}lOKK1kHQ~m85Z+VaW1SvW5 z{A^}kVEPTP^`azf?ZC*=Airf3myD0nTq5XPbCPcZN=KX>0!JYyeqFZ>dP()`P}ye? zw@0}=FUHY?rjWithV5=Z%b0av)_drqKhD(tX381A#VD@++z}#*UEQSe9$vjNd;Q)A zEwcQ0WKGR1{bKTmU3$aKJ<5ujiw@iMSC&qE`}IU&#+d;(QeyMV;a#8P8a6^st#sa6 zyn-F~Tb%T(6jidWvgP_}Cw$Di!tKlzR`prYUznzvT%*hb-m|HF6o9~{=7yI2deQ}2XPd^%0rYfycq4zEXE~k3?ZBpkI-dVdwsXXj?lKci9#jZ>ggt>Nh{^AHk zxx0PooX+c{93AmFfA~e`vt-{LAL#J}CC;34gEP324-<%@#gj}SI#!*BW;`0%KDhqk zvH1|BjkLhy{r$TivNjzWHffKCv;9uzobbmc3T7ul$9+jUNP|^71j*CqjuKY z5JnEPkSsGKW1$rrbUC%#TZi!$PVBwkVaG9R7#`jRsyA!8W7(WFHh@^G&2PMCmbPpH zO)e9oUN>|sW7WrOUzGV(#A4?)cmUDSX(pa(_GqQJS6?MI!bmTJ7url2AMUw+1^)H7 z8-MxX{nBaX&-=L_XF>&6BdeOGCVxylv--1VSq-*_KRWqn`G6oKO5+b2DfLegrmYGj zoW9=|2|?Dsk#Edir6!vBmh;&OZ@#;JW|k#+UBZ87+g@(-&2;1_oF1F3^(<-?uCY2Wy0I{HUR_GPQ?*YRb6yY}$Ul=`zYL8r-Wg|g_ zL#c&ClaM#4VGs%GVJGjzl%^%?LO)D=$Xhzeew&i;5onq?`V(quGh=I@*4f-#dH9ay zyf3c1F$QextY>$s$vP-Xak69Ug2TL%?#mn@_&E@#v!@yhQ%4R1nriZ1)Wv>(d#mhI zKAebO?vf+9c(a-kg)~oPxwbU^cE=Y#xH|b`@AaM~!%RLQQVnQo?+E=5oIV%fR8^6d z{P@1n)t6$v&Uo^PSM6sM^T^7aIb{{N?Gxx#!-^==aC%D-on65knGHk?3vd}8#7Rjm z;pfGSn1rr2(CAk@i2A+gyQPl1LNN-3Vv-*kpIX)T<kMBlZ4_UsHx<2fm*pkK4s?cJ-2Prdf)+>?uXgmF9kD4UN}3R_V}AQ}o*~A#OUjwj zRTXW0zTmF6v+iN2j1vW?Q`3MJ%ARh%<$kdLkZ;n@7@%R@sY()7&SvSMB1;*{SawYa zpIDW5$ogBT5qu5aDt`ZUz+;ML;t-nd-fH7PdOnj43#^#+o%Xmg-sqtoZJ)i$$x zcMN0KpZI~Y>ZE$kRbRvTzia?$cig_x;Cwjnp^IaB?BdlwX8&;~rD3IQ;PZjGgzK7} z2hkMYoEJWM-pE2hTn^w9og?z;M~E zFj*JcmK@u_Z1Lc(%Y?mbHrbFbn7RC9e!zv@gPC6_OM$o?$u!sO^1JN+iFx*?^5KnH z_S`nm2<5!9hv<@VaBLI5WP4TZm(oVz!S(W3r#+%1-J}$Tnn}iRXuDE6;CBz%5~{$) zx{EDCuAT+@?sVO@V(o_(<9I#d172^a9CvppJ>eKzEqkjTyo0YiVzu$bkMEAVgy6A< z@BPy8I}WtFwOSp$%WqNdih0H|FZNhXoz*)seZF~=lQ;dsXX_Jb|1x_>MWKJ`vTaV) zE0z_r_s*n?XVL+=Z{`~JY0C8lb0RCwV!Vo)Swb0}=wKw5=@ozodM))GBdMcE8gS%f z$6{pszJCAZhkxsbYY$t!_a3xOSmoRQ#-Vd9KFq$Skoky#R@2gi`YFZxTfbkI zfBv}U=JhY_oj&+vg~nW0saM>z%z!Oa%fQN>73`mXOa5|JPq8EdtX=r(!iaN#lYS!A zd%XUB^(5F_Lp+yk5)!KtWqZV<=PNmh4aY%Uc~Ok0z|WP0{>R>bsKCatPjoX^hym^u z;{)Lu8xIe$rvJ}F*6Z>xuM)3SeICYGPG5cdW}_42mTpMQrseN^^WC+tJ9dd#dd{`AUvMz! z;+Oj&OXe9Ec7C!5B7YE&aRCvq<7LGS2bV>`|1PsztP%oei@1iO7O;5$yo+lwa#hX? z*!@dfC$4`4?UxQfo!5lM_hLE0)wzAsj#Z0W1zF*8J?H|B!NXU)0R8Q0W<0Tvzwn)%VKcm!%d{orB&i-gVgJ)S1uBBdZ60 z>xts_qMF`*Mf&(K>metY@_s7y`)=qHX*k95Oqx%zATeo2j&-hiZ^`7dDiC)E#=;SQ z&NdW8z4Es|TKrAY>m%zEdNHo?2~4FXzo;nuZY$(eru_?f32ApFb3zpM zN#=%Y*OV))UD<;J0opgx%5r*g?UJMtoncOZec``7qwD2bU*`C%)Y)SjJ#>Fxh${Jm zQ`)#>?DG--`8bwo(~I-K!zSx>{4dYF1j0DQJEYaT&=Oy1I2!g_Cp+PC|t+9)p4^2d*Du)*~mj3!ql7;GP>7JJ7?Fsy{ z82{~856~m%mB5+vQBYh62c_-ohmGkbI*Oi!3Aeqbfx&a$H8FYFeLCoEZZ z(TF3eRPJzO;+fnm2hi(yTb{$VPse8@D6>Sm39SE}ajbf5Ed-GK3;-MbIz95_m+!a+ zxTO)E*YEy$?_OI+U#JYi4@&6dJ0CE&aP=PMt-tGlfm`os4*zimFi2wMpV;^1#pZ@3 z<)WB0;{wL!ptXRHSEo)d+#R<#`KoGrmm}(vJDK)mO>y|Y)%pvg^qDsiYbw1OHrjrx z?=QIU*;{}F_rM_)=-S6un-u;wu4QY#;Cb%KrS0wV==|e z_*!eY@v*mI@j3(Aox}R&ba9r)V+b<<~y3R6ZZ zeE4@LZ(UC|_@4f%`|APg{ez#(S}kKuuiC%!{KjtO`C*cP6OCQrbj` zopE)k5^ElMxAZTqN!kp zZFo)h*G#oh(r2hZBXB(OC*uD71oy)7=GWGUQu-U$gyL~OeiA>ap;rKPNZ1IxF(8A)>8`?#~Ht5DKf=dk)rpmmm*!Mx;)n`-!k1L_D(@Ovk>`ddVuWQmF1(5*SNHcZ?(Aad^5U z+Oqn-M6l+|OZ3a2vn0?t3hpVe@d-eV8NU}lS`f7$kg%_M-GivpA6f}lQqbCrq|030 zljZrA_wL1grRFtPE%=5xa=>o*$vQ@4sOoK0nYMvSkTwbpFwwQwr+?(56~C0BOihX` zw`qlSImj}lBg!(9V~g1@9z^{<<7=JNmqZ))`KMj)?T4lq?$praYWmHiB-cyE)j9QC zANs0=R$kecIs5*_RJ}}de5Q%QpDFb=mfAR0E57`P@cma@lUyFSE?QqDdVtogTT+}s zO6G=&?=NDHTzcwQwQ6twMyqMro@tsrFdiftM){UmzV|3U(tUg zQY<61scY_HuQ!|ibusgxt9fuE{Yu*3`Sd@(8?ibo9yx}J`(W;fio1k}KYCjAeg9Mz z2lBVE@Spen>s7*$6vOtK3pDx9$okevRxVMTy1>yTw!V^MYq{L6nz)zPI^dA}O!V2`;@)4c zInlYuSzP@>w*eGeA3^|!TrCP&4Sck_Q{n&MtD~zs4brPsu8>#_t22q*7J2z#)aL3m z>!{!P&;L31|6jMIkhZ+gw5+_ZLY_XB?CjDtu6BDO9zv)e)!=4NFrEG$H~!-C{)bD( zJicibIJ>%EsG9CK+oZp({bt3)qna<*ocZex{~>$Am$yd+ca|a(pFhMw28+=J{E(Hv zn?s0;^1%N9TL1a*nHP)9Pp`tlbf48|n`}^C#xpl;(oB(&dFvedT6`MP|K3%9jRd}9 zf0j+8Z8<7t2A|lFvd)35h!4Y8u}8jrz46Ll|M2g(GEuk)$LZR)?)Ai-ngTv0nZ+J? z06clVFST05CiV2Y{146}qpDpuiMA&b^#e^=u9Ru6S@@H+w`DwQGZ{5X6)zNzOtcag zR}klS#Hl5-F>lF!u7_r4rwXecRT(o{NgKV}ES?2WR|c zlkC^kB~fu7Ja*&tc>S)_EN}Rvx`2_j&S9EpuR3rUFmS!>Jz{EsTiY$m`iiVlG6%s+W)7x;VS)d{{-Es3sNfkd4nDIct0~Po3v9Z7gW*ji02!O) zT&Vu(GaDi%wEr3ac^4MkKKLJO`lnY3I~Q_aU2^b7^~KDL_LM_Hxefco(g$dBiLzDs zs~qA8SiWA=dG&vYsRfG+j;Rz5A@d3{awaLUZ9pz$i0R`-4=-r-lbGdB%YpnjbnDf= ze_G0a@*@F}fG$`T0+0)H1|hc zdNy=u-QHY}wf!3$`u?C~Zkj(Z$3Oi54uQ*tdj3%&b}4FUhrcarL}u!)ZNrLCv-`$JVNo<3b_xU*MD#hdX>pk6D`) zzhPFk^(+H|U!P|aN5xZXmKv*>h zN5xk30#7ZT-?Z^-W=7KhH{&y}m{n7Et{`LkXDSu}i>Nn^Gcofo;^7jcIkdLvC+jSq z9)LPd-C3-HK&R{DbZJ8y9F#|!m;Vnard`2i1E!FbI#RgA%*C#d@w<4U23Uj9c$m3q z{xys)nJ(DM!J8ks&h4Y7z?W+(%yJ-`Ust58wgQrR^{VqJ^QX=wa<#7+vzC%%bn^RKB)2WMG2>@6KbJdBfpy^^rwf zVC^zF0GcMfGk{H*BSulPhbNoQzgxL~-gE`Q`=>5`qM3;SB8uWIm$fxDeZsB6=PxGG zA8jqUw*aUFBJR>G*N8+2)JxZUNi$z;Ot@J!uI4rEv8GHrIRj-t*wph0irc5iwU0e( z!GA1|Psjp@)oXB}WvHkmF?zK&z$sr$zLU&^ZY2N}qG?7w z7eebCX1~&K){V*-AUIFjEo8pE>uk8}4v<%6Drc%`+%7%Db?YxQdTfzdRQYhjyjHzr zlM>~-U-OMMfb|cu>|HFn9^e_*HI0ao!l`gHKY}KIZMcnE18}A9pY6M!yb+sVU-f%G zJ0jejuHIef54N5^_8?1KeD_xZxOnByrOYjeqb6HKuz=PM?WAS6=-q|@6PYlru6K~z z0`*s8TE@S(5>}{mJKPS;>rk&3)i%JY0gO_}@^6jUmJrXDzxtVKDr_5=WErY0$@*%Y zGDNIyDlHJ0Z0BWa3$6C|H)ZiDUMTa0t3bxuxI$)#5y<*Z<1cM@vsTaAC;2Ke-STiu zuzrKX^iPA9gys{brdL1jksq+0mrCvJ|MF5|%Rn37@Odf&sL#p!Cfm9^%|A~lomd#L zNzg(UT+}48W_@N4rrt$;EW~%BZWb7iNPnGg+5P9OlJ$;Dz1wt_aXc2Evj>KMSi~)(gmS7z>Ba(#YwVB>r#agjlW4?L2#inFW#`*{`+TIa z-`sCYik%(Wyw84K%O~ti;b-|gqyQEAaxL)canjac${%#PPTWZjFJj%8Z74k>g6Hae zvW<4(!l`FMuS%&ee>&Z|sJaMyJbS~PUj176phuoGm1a@dIDbBG?p7~eiPul*+p_p5 zx_IPL;+?UmxQUr2%U2>x+eAmSk*v~Rz)pwGkoh;tRSBjbO$bWXSjBFi5uQq{dGJDh zJj_{M+`v3qgso$1N9;)MWOP-32`etYPUI0RpY{HpsF?I3^~p73BLq7b_prC=jYQ^c zGR=uG#yQp461wnzNK3yZ=3I-Jn3y=I?-3`Pru{9s(Xi9P)gSDE6H4M)6>w}*KX=5# zuq%~YH9KpJqG`gn#U3=pV(QOQFm)F>2VWfY4MmaKjAQ zb~=*;OH?!%B4IbSaPT7wjkw)g1?b*PUQd2yT5r-3FStVoJj%h;J9i3L@BKwNIn6Y` zWqX%Qw^$3k!=e+L2ByB6mTYij44lDL?7nzRoFtNm zYM{NWN-|yfFwBgt0Pce6<^K95xnpxyBEvx)tQ$;hNmN7~3k(W(<*vU&ol<5^-js+; zYcQgcS;ybIh3-rz85cLIV{ibc*3X@0H?~P~9n51drT-y<|MUuUw4ZBMnPtAo4FfU? z(LCM5a23lhnJD*xCrX0qg_G5YP)@@DLjx2K2FgNd(puD0YTqm{_uMV^ELD->7Mv@}V>LYyxt}U7e zc|*cQRGZ>DVigAV2x*?Av*Pe)W?P<&h(pbb4MY?t=4w=2;HT7&{x*S}nYT9mfA<3T z3&Qt(*FP0mQ$TSgsknF!o^mC5I-urjZ4IDBl+jPPdXEI!YsOFTkGbwKw@7^WCrI`h z2wiB$_dE#WL+gWt1}R~7Qk=9AL9y#8jidP>DAL~Ul4jtrKT_tg@mV=)<~<=J@dVFk z-&CenW_ znC+e;4_1HBv%=P>BIX66>iCqqsj{*<@zw_}_tki8doq!lf|GQ+Y1&A9x#nD~jjEOM z>;s=$350(WX^82K6Pkilp&p(AMo+q*x94`L86k2bb@jNVXH;^9cG#N&giBbC{Jod( zy{@wrtHqLfhg9QzlU^PpiwkXdm7Qa~#>Ma|DN=~BR}>IRkp`P_i;m_9kbbgK_L+Gj zQrJDTZdD9XfCaKFOga{droh$ESO@$0a^nT6n(rFE$21{wXBOn{*|lK@T!u8BSwJ&U z(GwypQz`AL*L_Iu?W0G24crNb(b-Dv>8Z`o61xec=|@+*ZVB-T3e@EtyisJLO$Kc` zo~Dxpb3>hBvpqxeW)zQ)Q(YBz3vV%Z4WTUqlJ3_7woXs?V$=INTqaw24BPSNoqZna6A5o zk;S`*1~}gDH&soobJeMsyC~xC`f{V|LrXo++9)Q8T@HjdU#OxrcF*Qx3n{YCCNOo8 z&4KyG#K(hr%&-zeg!xJXaFwZY()0u}y^m5tRVQ8aF+w{yBrRZ(;T@m~uwsY+(#^g+ zN3tg6fUB~`AA0phzls++hdIl5hE|c~dymG||Ez=lyU3;>PfG41XbqZkeH6v(XZ$D8 z)0pXx5x^JJrVLu8f0Yj0m5bwzWx~L5=6kN5>kUYo_SL3hjDw<-#mBPZTB-yUgTqM* zI6-@?x&B92VMH@0=}rGgx#u%s9|mo+bUu;?eSMj-g;&=s3FUu*snQ)SD>wR4ZZf7@ zl3K94;}Gc<1g*#+Lsq6vFZX7Y%C%k{34r?> zD+NMUS-q*s7wyo;(En&7JfG*#6(3OU1ZNQV$cT9vOGR~KDJwWro(JaMm^`ZCgZ-sR zn%OeC_L*LJr4cp86zl=rxol#KoWy&V{&7dJBx8;qz zW6ufGNIfhdNdW4rbWaioAf&qS2DG@8L3S0Y&YF>^*bhsqWcygeL)!6H*Ef9x^Ah{~ zdXuOJolb?(Tl_E`QTe`DPdr&(Xo-(AC;NaA5I8q;^L#GK+xTLtnJySk+UYItZucg( zm(#;#F&BHYCR>w*3C*Ao+(Eq^zt7zx1l&~sQz;W#);WBfAXtnctS>7N;Edp2s+!M} zaO^bHuoEbCAFfw3#HIVUtNp~H(e9gxoHA}tkw;N1o@w1=iOfecKfO91qD*|dDEaB` z4LfAA^c#8~kD;8dbS7s*xG}G%)Rj?h6cuFfaHRTRS(&^F=}>NnBgF7q)o}!eCUZvb zMLe)R9%uPJ$pJO1&y(`7wB8msNaE^xUAy zzK17@PfRH|wax$GtR9wFAATNERI>tUNdwToejtRFJB0 zW0aC(l%x!L0biJoCBhGUJm2C3OO%rz^I$MT1Y2niy&CaHe7Y{7IZp;*x%lWBJ^7_a zG4(J3TgXEf*Kd;r3lk9a^e9@ZVVsqe(P74lix`yA?^8GJHhl3KRLp1}5t)xwCYOpX zFmzbqgFtCV0l6np65Gx`U3Sn7jFXo|p-J3G=}qr2H%|(K^67lbQ*Js&*&zioA;8Dm z`-F(8ypfMVWFV?e2OXF7l4&_PLKY}!M`K5YuuqQ7C=C^y??VW0=dfhw1v-2y@Vuid zll~7vlFq5dMb1_JJBl{s*F>urLbtT0I-@%yHO7m@;UyNkXM}_6cgAU`!790ScX^o* zdvjjk@Lc4~pNKd@uVjXS!s8#=2@}ck$S8q?UF5$F4P}&NpzR$>?POzpH%UqSK_*wL zO#+_pimPiatBNBH=#~0MH4~5Hk1iu<`w5ci5ZLS+f%@j4SHVdnUb-lCXmV3yiBh&x7z8ZwnPhngeWafJO3yw(&NiH!?iUS>AIRyLSqy^x z1{X(KE>L0+9QlwLQ5EBv*TzPMOCvbaKlouq!q#BRx@=U!MB+i=5T4A)C28Z!-u*3E z`b!(pzbggrm4%7NHuINO@meve$!8T9GA=gVr{0Gu-zmsx?!dRuq!<+0b%?x2RpwJ0 zUVo0FyP$yQqoGNv;~6Bwqbrwm&Zu5Nt|30uUrmJyZzqz~?~}FjXrmK;OJ0*L4NvCq*qHbLgFTFvY)1*p z0?@+YY%Dn(sfKEY&*Cb{wrY_~-5sVt3{lx*2bq4NDhwNbkvv3K`w&`BX`X5p7DFeH zv<>;?J&eF~G>uyM)Q>>JB7{yDckjk6UY=8;@b*z?*ABkiY<8_EMJBw*d^<1gy13B0 zGS^>_6Dkw&E!zbe|2}sr69^B#$vo0nD7Dq6ZaaN;8(giF0r0A~Cy;5`Q)N-gp!*CZ ziWUNq6$zo;Y1Vc2ux;Lp9+RobRCW5G7g2~=(?)J)>H?aLG0nyg$-1A@F}6(=Qul&v z8OZgCT|W;Us^DIxbhYqKpkwm+hVArZWPDh08_X%YlY}Md)tSNr@gwYY0#3UCT_~g^(v33C(Df1*@UkWfkZ=Oz6;$%|?v)g6dhM zpg^g=B@f2|>e)H3HDJQIQkILbwjK95yifRN2heh&*EDqpQx4mqc-n{d`0H^#yYC(C>+OBz?M`uy}firYy_^@y#g_$M!?acM?JD{L)4)B{eF z$Ha=lq%m|h$%X9JLMVQRC~DPYB=%}z)9dfrb)3!DWeifg{Rmn$UQpw1v%{+=&3eb~ zH^x&{;KuMOwQU?Qo)!);m!`B*a6 z*_|Fw5e?<3TG1o~%~;{+Bg8d}j`P3+-!Bcz0G(r07uH{}1SHGtspw(?8qp$$24!MU zS57neXo(tBS#dh?8K>?KaIG9kt2Es(1|Ll95UD5hszmFgd8Q2$pd|t1$&Q@Rc=gSO zX1P5k5?(tyM4+p?sqz?m39I6?=a?D&ic~3ZXL5PybRiYQ!;O#Sg*bGC#a)nuFJd0PwS#q%CGC|>8@zFGC0%7_#4NbH+32}FK<1T2KLl|=q+^2OY39gb zyIKOtHn+C7DJ&i&6BTHAY#CL4i9ByTNBaCbt2F26Me+0v4n^1-d$PjPaSA(K*Nvj1 zJ_4rCx}vh)Zntz#k&MMMhlKTd%EQ$xcp0L3l7^(Rle}i51!>larO6LW6CU7o&*TiD z0@s+3-cc5O*0rUwY^**03^xL8QyV+eEvgUGDo+c0g~ZZbLlAM{bKz~A9PfLvx5;ik z;t{!SV#m9ng1H8+GBqrOI_95=W%BTKFqIZk{!(Z}(*&NPA_1aQNJQ)?LiJK$2W8JD zL%o}zut<)y6yTBi{mKt}k0n3jloQI!)6R%<_*h<*6Cj*SXfg!!=)SOCnP)oPw$`5S zSv%I6PZhkFZ$g|>zpgWB*Rws(+?hP4N>D;;tt#cIo3}_QH)T+@JH5?zQ}O{7VEnXH@wc_H)X2aVSJl+V@Co)4s{O@IsBrmHgZn0Cr(=&=I4;qM-EEjpQs0 zyrf~Ngzg`?27W{uaZwmw^i8vJmqtTt_<=lv^5%JZ4RBA8 z3{(+E$0Otj3CK#GY@(ZLKqG~Ps?#^*6CC-Nfx+l7ZZF@?#abF6&*trFh5(B$LIV~Z z&mh$mH|69NISO-(1xh|p^Lp#i>3|1A+=bTONRqKK3k_w3x5zj-J>5MLA6RHeJ)54h zfmW`)An_qY-LS;ADU(aVv3o*<)C5|aXBY%da-p~hWr4ENGX6ko88hxMRmMZNyQS^% z=n-q)6I`9P$QodDEW*J@?+3*Rk@K5)a!CN_s4$16MROW1E)jbZAPeSjTtq#>%C{AC?R z;;!pfhlU@is|>E!D*dW5L@LcskA`25v7LMrL9hr#Um5SX?m|8;$`rt@l+1NH{#FCV zt0|)6L#5cP*te3 zps%Y(^kGOW?KxWbZ==P~b3)N%v}}ho$M1qO1y=f6+vM4Tt>{x{om>spjE(g+;a)z? zt?Xk)Dnb>bGi@1sGa%@#f<4yx2{Xjo1!SfdhK`@)3GifGo6ET)X3*CMR4e+0Q}zR3{I`CU4va zaX_M#*;23Vs?O5%UIMHKcByI}UqTD_5cJL+$P& z`?(B}(d~YGLb`cUPgO^-H-e_igBU``M$z7--oSy(|2|#p$68Hw zQF+07GTV03al;6%M$`Y;ju*T3>BrPF^@c%XUZVygLk4oRJrrjU(&ArXN5t)I_Z+ z;;fq_cBXa_%BL4Y1FASWf>hkX$CPP%i;1k7{F#UNi-;jC z&0q(#WwdDahRST6vy2@EiJ)(iAJk+p+F1qlk&GCx05zRKO@7`>m1fW@Ee|#eYOxv3 z=@C=Gp(;1be0{>+{?b_t`R# zoNO20N1Y-Qb6@LvHIrVt2~Qtgvzy$3QNjXg#>YgMouIBAW9~P-jUJxMwt$C)Wsz)P zJlff@Ie=6gf7H!^^N}!?DvvlCt!oWUHEg+8cEh+{;t-!-*S!Z5f}s$Lls|Yenv%yd z)td-i^Bz6Kq~HTQ3XA91gbt7z)53X}bTXPG%)nC72Q>&Ubh(s@*J6)2RLWcI_=tis zl8ZF2zIaj;2H$a`14hT)nCwEuW^a^Vv4!oVNJMSm3yM}nOR%i673-O5ID4cnA{64l zx##C)tmM=o?eb?xj3=+B6A3NuM0vLP*i7n$sD6KbaH->Hr(m;;}zkUO0D9w{-H$k z%SDg)ZMt@(Cs&@Q4yNk1%DS6zz8O+yHUv3)gohZ)J_v3cok&0+EDG%zga;qiZ&8~co+2CW6|pSSI4o{bPa-I~8iU5GhS=g`E)#mS;0RU=58 z)}f1P)|dl$_i+JZ&*x=B*c1blPVa4qCQ%cl?x-MAL<|?`{ge5yv&|S%;i%NMh>)ia zR0G?|2bP`Ctlt)3Wbd?{9*xOJ9Op?wJN&K%Fg z+ENq^p3-^h))y1hx&D{r?@f>KVDiIyN5}wz+!Tfiqt+A=4q~G|Cj!MmTfGdYs!>Jy)&VY*w|1xU zM$2SHVT#*A2HA^YEb@{uiGN^P&P_w`kvd({E7zf3vddE#wZaHdX~;kknzsX9zj7`} zB*l&x2pr6SvC0LuYW%J^-1gV*41Ll!2&9|C{mO$J6c-aDhlPYGqrp0r_H1!cQ>Q>A z>np^~%=*SxyluTQ3Ik+n>^ik%kIZjUG?d^0H1?8gwMa#<-Ov#S1V6HI^qJhQ3C~0A zqD=dm&Y*&Xc8D9N5wnk*9)B`V8C$k(MKQEIx8s*N2$OGz@)PRt&+qFv#cC)fL(&(C z4C|uihF^FkbO-s%^oJ%tJQ}>1czAh^mo3oUS*RqPwm0mgnNmVu$}0!2ZG#PI3V( zgA0`-74<!yJbNLWqd*?QCSt4CDRNBd5QYKFGzhDH7v ziFvg^J51F)bCkoStj~psvCY&W2rq^X1X{Ca$H=k6J`RjlR6W9@=eX|d#r#U``FcPE z-3LD5^`0&dsfH&p9epUJmGt7{$**}{g}Dw&_rm)Mard6Fu3CaO4~v!*9!Wp1K=XoY z3AqH+z?kp!9;W6|EgWrXKc_iRcNSvZerO9HasY7zJ9x9{rac5~5 zYHL*t2`K9Twa7HdMP=CLDtFx_ISx;~vXGUkj9T&lT_`*r*4r)2#UZkQc|c(R1k8k& zuw3O;d@Al-F_syJDEGCT@~0)ow%gJ2aa+!rp95?rQR^3)8ipmbAT3xI`3`Xl#y899 z+I(Zz`XyuP3RYY=Fz!mABZmASeBDiIu@XS zjCZjY{Ysg{)Y9sbS_(qzVaV9slD9dIizW`J4~IkNXsHa~BE0jl1cz|6?uQHTi*6R@&Qd$Kw7?4O%R;(3XZA`*N@9tk+Fw`a#%)(n`#Rhrb^mY<(heA9OsjXicED&0X<2lbT_j#BEGc7VR+qbaS>6+I=F)6rnY{3#1f!Cxz&V--69 z=mM3xgkh0FFWF`?0Zr4+IAN5MJYiWKz?*Q*CbBROIC)e7&wy|P5SA8lMrGWq0Jh-f zX=TY>l|jjW-mIpTkj0uC@tE4F5AM5PZx{9zw{-*aJ|BTp)6Qbi z%SyfInh_*GQKo|B$50Mf#86@MVRcdhF`ch%4;IW@$LE?RC9akc4s?g~*ygZwv?8w_ zpl|1j3I4(kL4^=OV}$u00mdwqP!qdY7FKjO~i^(#+mQ#;#JfrV4xe z?gr8(yTi<1wxf@yX8;O#M@s}M=bd-AT#Z9LCT6p=sVB$dMJBdjB-;m7${$ToJ~zJ7 za+(v7z;uM))e%mV5QahZ^NnEk_S^r9I1%pI>AJ(<1)4K@aGsS6@Sw6xjS}!n}mwVO2>q4~jX%s#2F;IS7f-fackF9yyYAMwcc?q#nh$RX_*o3eX(CN&0ijdTH6h%m;leVBCNil|ygb?R2 zfC?m~kZg$|QDd@^O%fm`n-E^k&CK(8($CNJ@X6}}$$q)-wbuRr|JDK~746^1rm#~v z%byI0y;X&hr^X~*iG_a|oWDhaJ+hQ9Rtu7L?EXa)HVy_%A(9cp32@{}rQ{@l5Fj5e z%WzCfxbg|*nO$#6O-*uRWZ?R6;)h~Agjs*b0`^Nm4)#JH2vfyVZ&0Me{;tFVZp{D{ ziZ=0cXPa=V1P(0{l6{(f60m7gWy$B+$kEt7Wzh~pp|1_SJgc7H`;=ttsY$i{!a|Wr zo3&E!>UM)nfu*h=&2;8qv1#Qs4S6eZeRQYDD@ihZ^LHpF8C@8H<;}oTB(_4pTXON9 z!+#Q`(O$#yzMic&R}FvW>E-K-A{aMoPWjgrnVj0@0s{YK&?`-sW&$*RvMR2{x3@1A zp~Qt=kIG^0A1<^*-o^rVv5mZA;YRhqjB|9Rz| zKhNz6@YXnvAK+WYR6&sVVxY05X!h{?pNv(`#<0bS-Wt{3mB$9Lo7$nv{d{6I9k(>& zV+-|Iv)9>m#Ou=RMS#{Ci014I)id>O?wEEcDS}J3=2XXSig*)k=|Z&Uav7*)-=`zs z3;~|}6xr9Gn1xpm0R3D5#YN1ZG6n<)AzGo4m-b(X7~oUa1~l|a4_Nv`)uv=MkyBIHPE2DoeAd#THL|9s zV%eoWe6lP2z)Bq7>`yf{jqnZ{eoY&;Z&noe?7FdZVDw5Zt#6M1QrDj(6etAtlo&HL zHLm8QZ#HJBX218FstIR~P<7fF!%RgWVqo#g&0ZGcQn_Xei_D==UA*OKFu8XNyUs-% zi&3!unVRa5w8-I7vKt@r4%97cL@dFyi9Eq8-50PslN6?o9HdXBI0Kiu^X|B=$}a&3 zI4=7DVl-E&vyPeW*$M2@jf0DOhQy$MoqXsIrqg%9scxHztgWRB@5@Kq_Mra7muFu8 zUgPBMk48vBIn7PvY{TVT*||Z$uGCt#ic(GNp&p9bf6J`FT1F@Ls3^8UES9RVi31U( zox_RStDj79n3*iacp4B`Q1aAt6YLqGxgbHR*aK3g+z7C$Hnfd}z!g1SlM2;r!3%9{ zp+ql8_sowb&`i$zk$#Y#iL$ScVkt^J}x{pYk3l9k5s@Wl#a#pMbS^SN!8l)hv#6w!6%E&y%%Eyn&dc#Hj#{XK@ z{Ia_hKv4J4Uf)QXGuPkL*krud)lcHp4CpHxod1{GO-R2IAinAgS=w?KN(B+$s@Ox! zPHEC*Nx~pZz;dZ?MR4DdAXl2TKSve)D@B((`+_ICfk|%x*waTyG`pm*qQPgvVs#o5 zjh)Z5CkZJu%g*m(Rz5v;5UY~K^YY0iMo-q50WfQkC@FQ zR;0YR6Qr3tg{{E8zqZ9Gg4;vhSh@_<)-^`+1!oM|6k|#j`-fQaUVgdFdI0D8-tR44 z`E@w`A9D1O8-3QRk|9bmU4^+6A~^0SPAZj%J-PDezD zRa-f6jC7T0@m;gANU!CSsWhaI=O>~nD)L!-l1z7jm5dC>0j0$(s@sJ$2)N?@Z42m~ zv*8U_0{O!J>950d!&mX<>QX_1N>$XE{xeix%39@V8(rQ%m8Q7rF86Tb^oD-D{gyP5 zg^>`3fjD@<4Jem>5^d8kKu7f%5`lbx=r33m1=~@183>;u*&#QulhZi<`5R!@;qG@2-gGic!xNss}=Kq9ev2@{X0$y?43+9I?KS)}7>Shvh^x%*_S*|fhOnF$h4lvOHN~L!?s=`t%se8;8yVZwZ_unAH8cchEom$jV`);yA<0NbtDZ5JDQ#B}0 zUIGrAkcPv`hfBSbbn#mxTWtDFN>ljyxb6*CGNxSkH_a5G9!wjQCASXXO}Y(_s> z5gOT+B^zCqTatuV?pUQc2s}m^0NpgHt2J$n5ZK4iv|Rc#YgdDl)fDhP26^u^vujP^0?P<|qjj&T^^}kyKLxSg_{nBhR)6^_1zRIwC${XAAFNU(&byX0tiMn~qcKEP< z3u3NJVrbZ)6a(->QM(0+QIIPGM($7yP`u>bC{$6ho|7*TW--)6Xj%5k9*I9bL`>bpc_~}XN!keLU}+dxK-NM>?>v&u{1X{){Mw!xv}vL**Jsqh`9k|*LK$^b{cB2GF-FiI*mGq3N9 zl&tUWJvIKg?->7DBJRoqT~_+-wlzN#R5h^)13 zee(rj7A=`pt(pBAZkr%#_U$Q|cP3kN35hI(9ML85dV7-fL970u%O`im94& zRltUy_yU}DIQdA~wN?waC7@D+@;_VbCpF$*E}Xldg7Wb+g6_QQVrC1YL z;DX$?(0G@+#sdC|wYuuRyUUH>`*}bvJc*?h5K$;j9jpl0lLs~5Z`v?=ZzM+OT)@d_d=7OJi7Pi zXEy!o0u}#QC2HP`#dp?mLW$om3E=4?7lHWzls^qA7H_j1wR_k@FbRk`F|7UWDW0kl zH19AYCe(o^vf}d;mWS_Yt-yDd`2H%_RavUMBLPC3LNX`tTn-R~Kv#BgJLkNvvV&qW z9qaIp*D2h%MYH_GXn64iObYQvfmJJ3~=0BGmRI$GSp77AelkYU9 z;&YS!>I$3FK5wC*?AVsgtPd`&ROGZSHDnPEmYRp=B+X6&b`GhMv*rAJWQ45iDv;l# zL=SS+Tl^C|lgQgxa?N0=#9~GRzqj;ZDxonKI~4J3i~Zsl8QVmTn!c~1(NVhDc8t!R z`nsb;lq5zv(gbr7f7QxS$5!7$EK9~-wH}>Yy^AuZKCDLY^HJw$Mm}r!sKH4{_+aDe z&VOJ9P9X59C(te`N`+Z;xsKa^l@nC>wW7cc5uLtKx}>DG2tlnC@$?GjK}5ubPsT4mO1p7*ivG1e z4hyEHTwx6BN-72Isr;UW4?~ZB!-(;w;#nR51s0M}u41+0lMeDY-KiSL?zXgn8VIC* zp?vm`Q>mwWwq}KeQ?ZU+f(4&v4>>|adAj|XW8`NUo*h#M0FALsf6a6$)Qs9=@MX{o zGeR8Sf~t%xq1^|?wSY5uo(1WGO~t_n#VcC1oQf)-R(Wlj>P}A)9DlgfY?_ng0eh75 zQ(v6_ws{viLd=INNK}yU6H$;*vvqHzUtO8p<~_@n*&ZiGcz7?)RIkl7J)>JJZnwWP z0f-_NgU(4ps$yGATwyi}s;O?d#2-T|&j!vB3A3dXh)m^5k$vS?PTR@9=fl*oj^pK5m(t^BU6CM#LjDM5(XyAcK{oD#lx z;!$+V@hnk5(+`*DrPk686aZI4^gbIUr7;kqx0{L*)7%~IH$;A0F6zz1bo1{u;M`bG zS&gZxNI^#Vm-&A@-3QA*kp_=aa2M$ztuAh0K-v+Xyz7KA)e zozWhYV`L-~zZw}ref|RZfylL&^P?yG3y4Uex&d2OJYD>T#SHp{2rP%zn1=g~B!r6_ z!mgcDo+ep0w!?dQnBO`iez+;FqE~s^_2l@KXcurZ@s<`xfS@C<7HK9RIz8x8=flG3 zn{1<-3S;T(mM;djL}31nm41yDu4^R>nh zK=!;z(#smFWH9~X>E{8faC>Uc+&QhRDU$+TAF+7)KCx3p2+VS)mJ>z9RL=1fi&pCm zR;;}B@Q8I+9n*1+T||yJ38#v8O2+(?ga@KU%Wl~qWW?-44Q|ZnSVDru@m zZQ&h)`||NyibuCc2UVO+4(!ZxYcG*M6uYME^3F4!ade5GQt#Ru%FH7dX}qz-N^IHc z%g2}+BRrALk5IJjeD#O9yKt#bCXy^}%{MvB=0kL*5Ol^8ArFw4Dr^!bcqkG!M7dJN zD-^Ss1;LAE^2gq2M#c7-Tc3Nghl@*8M&vsnm{)3Kw~HyJvuvO5h*2hht0&X9Dp!6u z=AtRSNQ)>+ys{k@snt%4-yq|0db|r+1z?`M!-d&18=M5yHWUtbE#J7^g7Ax0%WwXL zGSlPJNY|tuQGR6jIC+qnhuw~iug9r~} z_ub{S2~nd=+K9(@WGbnSxzc_!WLa(><|4cNfC=}^MURrgu5-_)CK3$PFYHw;cX==V; z8g3|AgOrH6;@u_Sr~lq4N)ZGPekWhm5a6*qx(*b^L@%JPZ-&~6*2jBf=#3?jDX4W{ z9$?mvyfrV48e>ArJdPl9DT|ljSb9U|jW$DwVT*-6Iu2-kF+Xu3(pZw~$JfGyZ-vFw z+3|A_4BkgBhH0fzB1FfJx#+$Q3!=iZ`ptSNlz{RAO;mW~?`zhkGr-I90w{eqRZSM2K{?HMkR6Y6C>b zC0qD9oUxSUu`jmOtXJUb92yR>`icgo^OSs;t$;*&K9vS%){W_>)JD+4l? z!mYMw(piA=X%dzb^ARaOPpxu5)P6WfDJO4(?W1R&(|%(ALiscYf>Y%#+yJoIfYw#WISfFHMvel9WIsWP0nJz%wN+$q#@aW zuwE1eESlh>>QU>e1h}0_sP>I3Khk~tb*PyWKMha&`^KHagQJREL$|cx{xe&}42+W9NJP*p3lzqpTfIrRflr;um-pE@Y!h|0c zV9vwZMG6*3(>K-hq&IOr6)7{EEPjAGw4H4t6C`!-NGc_Nmq>P3_gSJ(!%<``; zpz4fmNJ-#COFvnq@qL1t=B_W?fV|_%9Not>Kh$D)TG>1WN-rhNxZ3j2vN>GumgLJF zw{(Jt934e)-O?MB@wO1HqkX#D@0nzLC2!aakyo>9}Bbiufq$lNh%aBwp5-C0c2v^@OuqG2%@*|qV{)!HiQWlu)QMp*OslzioafJKJMBz0%VZfiCnB$ zp_K=66l2qu@8n7sNLh+4c=yf4==gn(@?jX4TNGpFCM{uUZM)^OTH2kyz39~agfOkR z*tZ!jj*3|3&vdS(5(J9r?8_G?xN5_hhU#|9Y5}mI7(41H208)2#s$p@c+bM(#pQ}W zl^Lsc_p}a-tLTPAcX+r=WrT|Y06JCF!{KQeL-S;D#E5kKi6G@uM{c@Smo3hgW9l4- z8S1DOoQv^kXtHp6V7?yUNQ>v6a#Mp~nSOM~T#@7`jl;*PeHM|dI~*JB8xP+I{P0wy zRwm=d+y0X^zHxPRsY~bgjE|ZtJE}$CW5y3)WOcoQ-;*m3H0n*@&z)K@hpskbso2w2 zvVO(YoA9+hpy3z#-rFDiG~(ETr>8d@;?DGZl$_?X>m@*P5OGu=go9wc8C=#WdkWof z`ZS`p_nuvXgUy+`*3-4$2tZ#_EdFTxz$Nr>#NY2@95#KvNLD3lHuLwwduP3i_>};N zS-2>+bV97p=P&0I_BpEKskm=K-CA>SSDj*U&UTeEwo)%*K6-&3Uly@mq1~-N{ebzX zjRU=J8nJ^r$i>Ji>J;CoN5L>EwU;AK+2j~~+@0)o9Tk$ny)A4k=wzPvFUw}@3AyNr zWunQ&ej{Rs6#t2Q|GiK&+7!6p+FJ()r!Not<0d$j!fE^!KOX!s)E-W?GJQSzz{1Pp zR^>TI_)KM`L65c)BE4#g=z4Ti;J|UIBZ~rad%!MSkf5_YX#{eu$M44QgB1k!Wy`sti?`3}sbFfCz$-;+v&2?>*y0O4 z7Rbgc-xo_@p?8q+t(hQ&#>3O0&3V1!_}l3b9=%<9eKTn%L;q*9cAN=a8yMkh&*ui+ z`eySMxF@u@nRJ-qCkTUST9e^Lwb$^SDH{zEw?}%=Yu4t1J^f?+_$Ylq#us?gwLSv= zV}N(zHkJF|{2<@{lkdEKp-%&?Og8$?_o%1i=ur_DNtJl5n)D+eGWPi`;J+9OOF0=# z95c>--ysa1T$m2)RSsErX^@>2k7NC?$SKn6;NSfW`pg@8aY>}-4=`Jt7K+-7FIACr z;xNTFpBcYh%y%#!?UGQJp3qTE)q;_Q*MSHAN+fOI#To6|($LHj0i{ULX!6_vl8zCq zxe=n)yucU2=~6VCzt>QKd(+dlMZE3ZcaNQd(XC_rT-48{+{@?tW21JV-vn`?Tl8Ceim&K#eB8+t zp7@VDw0EC~q%45x=9@`v283vnDkugxSo5tz_)sBo$NY;0I<-k3Ms%>pZ}uxAosJ({=Y4s`x^0~; z%)`C43e!C=pF5-9yO{F6))>Hk9P!BpB3bzT-Iqm9^i( zjh7Y$#`ryab5pqs8#@Oeb_Z|yxs$H|G74?s=c`2fH{Iu=elN)2a>tI$c z;akV6^PS<)qTM1^MwCzeznpog_v@NU($?CaqDlq|{n5Vbe_J2v)!6^EW?NGC8DWRv z7lc3HiEk^`F4oLkia0&F^yTY=zbt)uJ7$laD?AFVdh?VE_OC literal 0 HcmV?d00001 diff --git a/enterprise-registry/initial-setup/db-setup-full.png b/enterprise-registry/initial-setup/db-setup-full.png new file mode 100644 index 0000000000000000000000000000000000000000..9e38ed5a082d378ca5b70c56b304825819050983 GIT binary patch literal 477162 zcmeFZeLU0q|3BWvDW?*Z3MH!)r^HBN*j7j7bQG0xIfTPvWo)^eZ8=UMA~~*SJDrk* zv5*#qTwiUKYzT8PTg>Iy#%9}Zy+7~I#rJo0>->KIewo{CUa!~l@w&er&&T8bxOhId z#48SV+qdr9x^CUN?H7MJcWvFeAFbA{+eG_uv+_u?&!->Oty8rPw6(o*(bo3h6%;Zc z@V5WDb-!#cb%DD&UDSkBABlbZ$CDlFk3F@x8l5q+X;aaA_a84FeA>L@;ltsu&`qr0 zA8s;ycih**bG_TP!{M4ObMAY?u3llb{JuQ{8T`{+H3O%hMG=#kx%h8z6+o{ix%t1Z&ZkF#`s@>cZD zu&pawp2X~2w>RlsZ_Dc6us`sd4}uQgf4%M=GdXf8aMRYU5eK`S4#)n8|2yQx*50(} z(E_pGwv5X^!%WrboX(y^_GVcG|M#2eatmklyNMr_D=17b3-?*b)s9bJ98 zm|(YWp+wcq^~n2MZk=<^LUX(_(_=l#$> z1GY6s{Pt7RORco+jh#Jqzf6)$G`8Gef3mGb#GX2|Ve!_9okp2|{Bby$W`F5%yN1g0 zj%(-7?wE{!4Rq$bWLkW>_@_PU{jm|%vDwx0i*bI8-9Kskq&xZOZO&00+ftY3Igu}Z zN+>}6JQbz>afj-mgZF;E-s^Mxx7d<`V)C{+q4bJn~4==NWrpW>4*+*$XE{@h^7+|uDM z(93k)U)7)5eQ5gnCQdcs@wCqMjDu25n*AUC!E|5{&=pY{M?RXnvZl2g@oTlZTw4gw{!ET zxp$R|-`X~BYVCz}W!EZIu6!xF_j<#Q+>JU>8yc|E3^V+FT+!sZHgdw&jPtVaBf`Jd zYuw4U`Jm!wqOyN?y4l+}^&igslpL$|%e~#%$*+y?!=6X)>;8T9$_D>(9p|R#e$_8G zHD~U}T~VVE_NpdX3)c8ee&dtnhFgH2M7w7uZ-bXDy z$6WViCU#JMzP(puCM zkB!_-yyy7dY|*Ax%R2$s!WzG^qFcKcn&{n(9KExGu8m*!bKI!Li$6AwUHn1A^xW~Z zvp*$*&KJAOlUB}rx@dgt;DHa43!pE=CR(c42jHfxolQGVZq+)P9F`1D)<`Z+4sXSnZ#UO4hgX?YT{ou= zZm8N?H5}B|M}7sq!N0+}R()OUoO)HWm~qAX1!cPYF#ONx^vr)|7PSr`#Q?88@xKn0VH4O&3ax4NDq{zV+uDeeB#ta?TmU_L=G&{ehG4`aIN@x=`q*8 z$Ji*$$guRL(Nm^Q>93`F?$wpimDE9pLDNC%pnYWog2bBp;PcgW>W}G!u)Wi_dqD+D z+4dnl)JE7&vBzBaTwt(uD!qbxUhq27zqYP+uU9oWgMlaSz{!1v~hW@$MkCqX`fOMe;uxSR7Mb8GIV;TI2H?0j+mg~w%&OPHRL zo?ShAvu7=8kn~gHQw$St|B>HD?)dncGJP}8KWaf{PG=G`uXUMc!j0H&ZXQQHj9$O0 zm@a2lq*NNeAya7ZrZk9zR<4N$sJ#>aIQ=&gdD;Dw%oo+kAH!t zWXfkOjZ0~q$TVP>G0}-U5HQ!}F$-4q%nMLET(_-OJz6n2F`7PG@ukqOQh2N5>+Cat zG&=q<#4;{FWPr4zj~HO zEX<6y?l^qJ=J~1TN3R>4GQEra8fQ{b-d&zsJ{MBGkTdpZXJx|6ggrZ}4?jA5KCLfp z*w3c5TenxI<>A9rcYyGxL1TCAVUxW8>wuX~in!G+B|Wt`DK@)3JHu4$SL(Oqi`RAp z0IX@KwRFqEw{D^E3F@NLctl(Mls82DW9J^>1=zA^fQw`@aN5FZr<(Ymr zF~qdx;Q7pJq|RS1|2mvDxODleMR9!~>Fa6AZ{s}|ndvVat)K%pQFM-<)2YHA3w3^d zR&ca%)FYOr^*7uZvtM~Q6h9WNgT zz@M0%H_Hpiq31&RV>1l{9=x0APrOq-=A@dCU}^0_R1MdR2WKe4VkdqVY(mm5%is7s z{rEm=8vw5<_q@EN@SGb8k;eGDhn>#uq9NU8UPlg(0}IAKZSzm@-{VipOvr?-G)~1= zL6?nsTnArwV+USLE>8+3EnHU0`frduya}eEa4A+*Or4wJ6;|am6HKzZzOSi|Jcs7F5H39(G4~ zOjv5ysuLKr5NNs9)$SdxYYujgx+Ly@J<&a}EmfTV6Xav>%Ud&6IZ=Yp-alW|6zUV+ zjo8qrlXpK)q2cf81grg#qGk{qZO6cnps2>BpNG$jld7_Yj1S2BW?4-}b4FEJU}Ki| z;=4~DtlkM%ZYYWk%I?Fg(O`k3W&cEQ<;bPlC@Hhq<4$!;we=ilC~DQ?BeE`nH~eha zu&ykuemr(8?iKqEp3UZtgwOc2H`%9-1BS6DqSw|^*PxIpV9a~mwZ+ezz_569+edmi z-H<_xV#;BQwbjKO$62UFZF$t9KU>-oMXEJ;}eEfm}PS>wyn=$*MQ zBM}AjLiW65baiZ|jg#t#Da885xJw5_=%%cfK(PcRmF)hx;7ZuugIAK^zpbks+|uB1 z79MZ7?vjHd-`+n~$ky1|y7~Bd#YQo^>!sS=2lw*VuS;B7_xJwwr=JETnrs6XO+@^> zZq(S=c8}@x4n|0*^ZMk1b9U)sEVk^?I<4*NNEujc-F~SAg0zDRt=Bz@l0|?!bKltp z@4WKWW$FCqiTY0bI`+jtN?qKGIAv9_CFB=3^tyF>kAC}GfAQLpg>~!JlLD{1-gUiv z$;uCT$JpmLq_4km3>ZuCP+R|8^L7_~5@T zxr+cFcD;P%pe+*Rf6(0cl(ETS$ku}g589x93$VI&?!v!^EB^x@zIFF*h!qeR5fNb= zVP=d(!GWeA5C~{;5_s~Yk@5;7bX4$NpGc!%wBCOR`A<3L{Ly}>z>vFv$l!zD0CcyuatsH9e?Won2z)1hwuIB>p z_y?nv_kf%mSIt`C&tg zx`_ezx22b z)tNmnH{AH^fB*Bpb@0FK;Qxm&)LL(X2FyIbVkg%mZ@L-ozfbtZ;S#)re^YM zxBjs~b`{k8QkuD87=XO^>D>3bCgb@TMQDrJ78&hwFW@!1+8|sOElnai&0)N6vliD^l#(x@23aNS7#Ka&D*dhyv#m8C*#<1FdqwyG<9vhm_E;cN8%NQXMR5#;aKS zqg>|XkFhQw@ASIsp5D{%ytcU%e!p^$hdkQ=6autrKZgzfv{ZxStFy(J&A_u=S>+F; z$J}3hKd4s?vfYte6r-a@OU7^yX?ic@CUVO$b_Q-fXr!$u%tIW1x2*cuXY%(-48d=L zJO^;teRZ_rsQG#iVh#m**c-Tl4iXX2o@LEXC$O#)rD7)Sdj($EM7$6y9=0AHMf7OxLEwqUML){1vALvR`A zuYY&!UU;H>Z0HEIZy)ht7Ek==5HJu=fZ5}p9sdveGF5k&ib$Kl-=^_1^W>_)TW zmUMMichC1^4FNwXKH!pRVi_cJo+1l=g;{K`e(eZqb3&EP6;Qw5PJ>-WkKtYMzXs2* zc%f}Fc@)`5s%RueK(mxSU2BM$m&T~F{h|lXq|UMj|41FfUYch{=azkU&NZ4|)ZmAE zjK4I0%pA}q&6c+hk z9@4pqkWSvUgGhU3sTIAj7(X^amgtfKjhr_U=Wi&zS23zwn5jxs2J)Fz+Wk!+k$p zkYYBGS7YV-W{yn;j}1%@be3`P$4k(jO-RSVHjx3VLOL&1?@jeoRLNMQz?R^#Hv*45 zj(dy%_6f5^AH;Y0Zo<2=iF{-931Af1c)JI4XMQiv5X!6DZO1n6_gF}E`!a(qT$HX& z2>qBi`+0M4)=ih}8^MS;SX{;gj6r>8Q{7+4q4|Sni@x7O=x!VEkNSiid*CU=J(AyXDt=8RZ6LWdKpx-`3!)&6@w*CiO_SWjoQf~VY zm52_b8n+~tm43gTo34(20*o`p=zT5^$!TUcc9ELfbQfoJt~{sW*UBr+z2%RpZ74u>X7uIw<8IBoC49o92WQD@Sb# zO$vjYVwDqI^L$>1TNKHw)%HFKAMeFqLJDk(6cAZ|OqYAv6m>Udi?QicnJ$-V1vczH z9G)fYH^WkwFU{688P+aIawqKXt5H6l&*D$Kn=R70YkTJ)t!pv6CcTRP0h+ zu@7bWdUlzwiEL`H-ng4I|9sXm>>)TlPpHk?2)VJ*f^X(PUUqqVBiP(daC_AQHqPj4 z>2v;Whgul>DP&G%87<7X<^e8VJ07uxN2NIl-SQR*3Yh0wf#m}0CUUHr=QeAvxGG@^ zJ$oazh;#y&aDuw<`u3p`h9%W`1%XO8oN!tqzB<}wBzHowUlT>wzZ*fw7j z@MhW!I?++}$~(8_5Bu(iy@MbOV!jm1WA^@oe5cxQ!5DV}YR)UljiA1V<)&}6#sr)Q zH>`i<9an`PMC&BhZ$_|QywgY;c{rZhP#<(%Rsauk~)Oe>a0N2_P3+401(K4n% z>Z+4SNj8$b;!>tckL6&$KYP#Z4l|x!AuoNb(k;2iv1+q6O6 zit3^f|6L_dXYM+d89=D6y3rLQDU3D^fQkAyj+AFwW#PRxZ^N5ap!Ht7X9^db$HCIP-0kpElXp4Wj zi9u?(Z@>w)ysBmR>?hsO^sX2I@%<5FOfQrL6kQuCjg%6*y_Woz(~S-%Al(=R;KGo? zpc6D2tYs1IkCmb-ZaIXTON<4m;*NR}dy)<@pPzZYnjkmtRaF?v^ zFzzTbF@u-%fEM7m)Jd?s{H+v|cfx1Su zg85cL?NFN}8~8@eZU-Q%@PN zL2Iudm}(Pl)p7yeD0QW>BMaxdfGq7mzw*8`h*%uJSSXIlTw|u(=VGnf(uB)KBcx~ zktcTzfx4Z+OH+lT#cSR94@(1GhKl#S?MAM4M7)AC1H4;7S*thZcF{{AQHbxa!y^^D zEycF0&e#m^N#}=`V69V(k&-*B19}%Q! z`+X{%RWi0~=HHlBc!J`0)IgV7-`5XFt42_agU{j&Z7J%#W9@9V!4^=WLg+Xo%Vouh??f|BKo6@>kM@qw7 z@zl1UIkf{kfnb_q z_Wy(Uf!b{;)DssCG7l*Eprh1;o>pb#eIopR$Iw=5e(PX|^+a<=eW&Lq3sXVC@c3Rd z*;oy;{j_v$oFrLXHP(QgK`E=a#{BoUzwxFq_CN3?lPI;^N-l-_;_{{OZc-CNcd>#U zIc`RhbEuX2bJy#$m0Lq{biTX2(h&c$!4LnO_FS=>d%cH8dEc#^*RH2kFY=@OO5X;S z`Z4-S4486dE+GFzbE@M76@$7_R zZUy-=0aR)}p+pEQItszOAX!G472;ooKkStUG8Qkdd5)u@7ufz!wm(5|A@SfF>{tE} z8Eo!2(xK+PNAE*ZCb82|)fGM1-BGaTS^lb1o#BjgumCyM?Tx5jDVsd@4+_<;J#Sg+ z{T?=EP(SB)os$QC1IuReqoihKWqZaK%0>jG<3;pHggmhZ zv1W`vM+=xk_m@fvRul6mf9J92HWc$&XXB+QI3Vf)=nhwOFJ7I`ex0OvG<<*ZWZ7_m zNN-}fv@l<&om6)kNeVA!zY|>}to(!cptf~LFtJ^Fvq~ev7$4}V6OKq}9va4HLHBx}6#JQa$hcKb z{WnGkOk%RI>gIA)1*4WJah`AXUt1(keF z+-lPg+Ew$)ALtrp0!25wHASS9m}b4LErZ3?x$|;uMBQu2Ed|1yCmR_dp3gW->?QU*Ui=XALtc{=2$5r7f*W5h^_eA^3pkaAx0(8dRh*+r z`mC3^vnSITu7ovu2D$__3NO)=OG(GKCicyX@%4&f>$xo@7=%GI;R*LJ?#kUjZrvK!unspJmIvanpskY5a&##;)Nj20XphQ!Er4sxZq* z?%Wf3dEvzlxclZ2uaL~-D%7nWM77|vW1sO<{boH;a5%e=38ZAC92R{O zT^X->;Wnj&;#%qrg|oNlwhv@*4@8j;T}}6vOp)YMimwF7IGc}6kL$H*VYR6F=ZJ6tcRxUveL#sCWq@`Pv_IY5=BZ``|A`?fB z)ny?7RE}PF!qL4XSM+#AKq})P>rX6w%xiBJVZ1c3<`RYuGbt?L|nRngVaXkdYL3Kq8lM^jhXQ({-e06)r*fR~~uASBa16}?) z^-M$YP>gOmBdStR(4#A8b&Z#~+2iN7un?qLLBSq-hqa(!%F+zFN{D zT&s_I;be=wD~KwfO~v_VTc3;1_973Vm!jGoy(Q_6BZ*zvxOf@Lx0i(3P#XqHaIrm6 zMX)OYO?22EIKa7xNCk-nL3eIyF)LB7_IZq-2{x@{&27X(55jmM`JCn&wIB`T<^Oo} zOX^L8#qJ{Qs1;s?K5L1+M8X^V=18>|ut*;Aj_)3GI`Ofn?iPddG#>nuqdTUXn&pDn z*i`-^qse_xNjla~dG*R)#lnjP@HnPPyyp#DfyAr-Wgqk`m{!r3x)#F@_%^|2AFru6 z&e(8gS{}9u4)~>NExA(2O|Hb5>dY8XVuYICG^}VnVUx_CN zA9aL8ZJzei;16-M-Sl3J%qu2nXEfSA8~cTwf?q;%`;km8ZlgV!tpF=za^5K&2K|r~ zt<2JvA(Jr(>hrC5Szj4WSTF7Kmh~w_7WgF#Me6XNJSYM?;qyrTp)73572W&LZL+6S zQZ0FHAbnB)u-dW*!PDU?v%0L$z?OS8{1tA^YtIX z3SZc;F1631US$UI(oENDHwFqV=`!<+q9m8pqzqVxN?V8Hby{6l$Hvuj)hwxkf@z!O zNGR&XWx|>(m7t8Bq*!xH!bbMl)TojsozU@8zm}R8B~(as-OC!4cB)s*+vLVE%+9g} z!8>OuoW%cuWNSlR_Dqd5vP7(qb9g0=IH9JhK$WCz(|s(0yc3@RHPIo(Yb^y%MyTB$ zdDh?TCf1IkQ0;@9}&u8B6OTB$F%^Js=GxNbmCTBx-jV!kM0JGxwpPbc1+P zXWUz*|0uq0pZ&}L|J8cyL8@1g0WC|5KTetQAYoTwW2giJ2Pmj$r*+BB8ZJ>0XBE_L zc42>|V8d7i^siJB1R!bj6Q1oza?C%ZfF!8%1>LS*po%%G0N`>W+6t6R5j6EF?UX?b znIA=O)N&skQp8v~t7LqE(z=N7hM?vavAsWW2TDTc7$ z02qlDC=*X(Mlw2uvyo>NFy9PvAseDmLM6@fMjCml*=XP{-oJ&;>4__;fx}Jo*#DFY zK_`%wb}EDaI-*jls6*-5ztpcuZgN_(>~Sd2zh-c<`yD^KZoz=Q$}wr}RCoCn1~KpJ z;*_kv!XEzcevG;_b5qzjYW?{&uU;VqU}C%KMj@e!a(D^9CbfLL5UHN|v@fFGckC-$ zAwF5hOphQiewh7S##YGKis6kjTNnTue5yQM4UQ&GBt{^qtP%!fn&`Po884iVE>|t3 z#gM5yJg^r5#>myBQGAAC#vsT#A0iha6(T&(4#%;Bh^xx5v#B_-GWwK7{3=jxfwtnxyd$D!BUa3+SN`02>KLFiKKn8wwszZ3hrG5(| zFvuC}28Wo?try)G5G;R$1pBOn=5HY4{HqL{qu94z$;~lH) zzsxJ1{R~zPOFTaF)F%G;q&$ZbRRYmk8%mWV?lgeY^JJp-kN@&$AHZ9K@+k(`%uhUI z&I8QAAxk-UK^$}?4qq8&3L&}zdviPQh(9PUR4Q1(lfNftJHCyrp zS}Mz_wm^@{d%UGp-qJ#-d;%)>o|F53YCA3QKRc84D@}EwWnsgjy4}h+=QSx8oOlQd zN;tqYBg#Ivhf*?2@v%qMRBJo@dUTwVLCpC&cepXi7Y3wgA;w29>Yz2uP-?zQD=9aE zZ}{E0neW|Q3DIO_2$ebK=brQ>T6-BYK&?cxzi)^Ac6{qHul-$=X`m4})|?xnd}4L8^g-NwZpnZ+0ZRYoA5OPD^#kK^MfH`8%O+rR23I#2ljps)^29ftI(U4lkNct zQRVLC>-e@j*0g<8+rQkAXg*&zSvQyzW|+h;lbD-rsYklmZ`wfcfvd=Th4~^(FtF37>aJ)mxKBr8HM@g4*-lY(nGhCnH z$Lzt7UweD2hBCet2+)~$P_d!fDiUX{ZA+%#)~L73r8C%57ta(<=PB5ULK)lcATAQAT7>B z=n6^-*a{V)MCm??DBOTHvCt+p>P0t(+~C2|v>j5$1G(KZ26hgu;MjXhJ^|L4NEy>5 zLLx(OF0>6dyg;h)EpISz3%=FS8hXw((>dm*fg0&JU&vLty)0g>u(|Nfjrt={Q#0=R zyk5zNM}=V4#u0mCOgEx*Kj}3pMy`op)Kp9`aH0z6bQiD`crh{RX^y=P5G-IeOekY; zFT5;td?CHfa<#e1Z$$S5|E}7S==N|^iNSoyPU{GFfv8~Ky?u3)&oIt6KH9z4Jwk21 z$C5|MtYfzDH2-|tJPI!fFVVxGJ?RKFe#{EpPkz0`8Ra{Pl6QAZ=2Aj#nq}!oN>oY| zE(b*Z`MFUGs!@#;{b_E`Q9BXu-APj9+k_q;*~Z)SI@0p`Vn%e!P0#&dk)L`vbZr`zoHQi2^nW-dphTdu@w0GW>$ z-kV+JrEYKIJrCx5ModrP&burIT>{WTMb|Wd4%SN|r-*x|spbLsqP%K2UpD|81%K2} z{q&?7h-Lju2jBU>(boSb4D+iD@T8Xyo`ds&UbWw*zbKglPtOHXL>kr&mx8GcUkx6_ z(EW^7OTWx(9|jtma`VmRp_n4G(XbI)?!r{eIeHwBDM{`-zT}%v>L(11Y}~7Mo7>Ej zmFt#+mFY6IaL8~bbqJ`;4gwpGc(Lp3hQUTmoUclDhmoe1tobn`s^n;Wm=tWwX*t?j zi{{GUz_87=bWFPrBtNx1YN5rQL~-}`Dp}IVOaFptcpuwCSg8dtH@;DF0aW}a=DsXV zdS7RP%*TWOO%}xZpRxwjRzsHJF&uJ=L z+6hvpx$@1Ni@TG;aK301M%~r2JV%2hZi;RYeaqE|sIqb>s=l1`vS3qsBvz~&Ca!dq zCLXw{Uk$sttYHgLTIm{dR;-$)nWeQv&k>XAK5H*n%^yOq+=U$GHEJTTtw9-46uRSW zhv513+f+`Y$Cq%f>it9oQ8DB+w?||*rzz5?s#M2(ofyUsj44Axv6_N!EO+6AZ@gNU z?7|!xJERlcKKb^|>BUwQz28Q3-6(VlDSXU+^%4InbB!?#tKwpF3Qtqqo~15+v;)lIIYRqj(h%0wAp8#V6IW-zkK`JXXb#0Rztx@F#+Fv7 z>%_&N(&N%~OUxHPYq#EP9`GYruEFB9P^)@W{vUv3o$;Q)qKV!tkhBW(cf5K?cUQYr zl>Ew}R7*dK`%b_V% zj(hXtLd_FGLSC*;6p%vzE(vO!5euW%3uxU1FVtINhrcIeT2RWRKoEj&Q>W~vAp3{1 z=Cs8RO*4H)a459*JMW^&zuJ;wh=s6?*&T;h+gp}QQ57UB=L9eM`5SeM zfq%rSv(^7t(Ket*RGdZ(*m|lm)3i{&{i&)W!j)CJ0WhAuM|3r=S9WP6DYpq%4r>-^ z#qEhF@pssg@pAmqyxy$>$k%wN3J4ek@m_#9@zZTfurj%_bu_nA^a!3)>oRv1l|1Ap zdR#%?^kqrGmF~#bntoK~74*xAly`9iO%UVMiV~pw^6Wz0=e@(rPEdiWl+ucUi_Zd{ z;gy1*n8pZiB3KlU`H?i{^*%y4KZA zXHUu}X$xGH_%9nFcMijQw36kO#e>J;0P_bF(PMB7UD;3DoL;Os*~gCUBnE<<)f{^1W0*mXwZ*o&@hpqFa+q(;iKOP$P2;ArGb&4YQU% z^j0gCg$x#ZeQuy;PI)-yElu}UyQ9gC@4z819B0}gs8KB{WUfWp9)o%U@1Nh--FWDN z+5~o@DV`v>)n`T#IU-UKr{84t6PJt9HOqiZS3*pMG2PrczIK^<8dJLS3kd}JdfB@+ z^PMeBFlPNJqLlfjgrB*eU^6&#*^9qy)lPMJlK#%pa(T9?Gro`U4%|DKhlT?nVDbTc z%Y3an=q&)#m$c84brQ=DM0;T+pSLN?i<`r`CR1PHdLX_b$uNL;9Qzvt)L}Lgv7I}* zLoa@jwm4?%5LG#y<0>tzYBS&e#s0RV-AB15--Z@L+~@ZFkVUBhoJmi$1^^GE^#1M@J&^Q7RBVObndup;oAqbXh6& z;}Kq^Izy>-)91Gn5IHnqC8!L7o!+FZGRlM1vzKQZ0|2I$7s#oYMaW4Kfuk*|*^CZJ zNNb8@uPhuYv~d?+Dv|XLPUJqCJ^ID~JI!g~Czb%> zEGwAXkrlI&vg}!0rCivb+-#6~8k5els#8PFWpJJwtEpk7vQZz4DIc&?O-bWVc-5wM8yG}AkdYg8bbL7` zBNmXD_G78eU=4(#QuH>!50f~1kz^IMDDi#N(qX|LhgG24?Ma9V);@|XCp~Utxdl;V z-Fy^4)5EfY?sUBirZ#pw>lxuxIh4f_Fh@Z}NpZGpNJ)&VtmKPXX&op+G}b#YxahJ* zFV2XQQe5g@#-fdStBI$1eT9y74OXb_%-QwnG;sfn-sZM;VJL9Kj+>rt(}ZK)R8uoW zY0d8kKsbNe6%!My@a`B`1*NW8^xQGOHWEu|9p~hQg^~wAoB~GG0OC= zJ}~}7ot;KQRK4-{tR5QWd<;Me+zVM}>2*&CpIaKAA_2~j5*%|jhdDy9mM%<%&aN2Z zczvCXvi|?YhYP)K9-waKi|$=y>)saajPv72-fGV4Ep=QZ`qU##RN}Qj$>K-q095C* z8;s^bXepRH(C_7o`BdoORZDaA3l;Rdvt-Ta2tM%!XR0pT#&bD;Szs64r`19`;^%*1 zSGj+AP4);55!|YZ+2;(BzBEm)ik}%nb5A-zF>lroiyk(NC-^|chxLmNTi)LA zm^90Ryr)~DD*|kk%lk$)Q9w(rRzu7gLhITD5Wm``(D@7aV~m=a3d{B~y~!~ptL6CK z)X67JHWX@1U;zWBM(NiPq-jjVjKoKojQ122(90bG)}h)HX0FzCswiKA*^)Af#N*1{ zgHoE~#-0F@O_i(RqQJ()4&4}T6;eHV)E6sCa{-jYS_PAm*)W`>*I+LYV2V|>oE$a? z2aLiP%>(J^d->u_on_1F7=bGq;(LKSuuq|hQbUo~lePs*8;(A3tu;TP$1;B4C0HvC zu~Q~iktUK3UhY&_xdR0i07jrbZfkY5$xPD4mN#?1hCWBC8Sc$%irV!Jc-_tBJbS}3 zZ1YNTVwV=FaZm%;3Tk}3bU2{j7V0|tG8I9F~pNW>fyNxr5rrD85)d+nyC&oDr?@tUwQoc9l{< z9Q)*@#S>^aS;<~+RsPHw4k0i@JyFr=v3y~x7U-RhG?d=((imey7hlASu4C;)SMLRV8W?Q&=$Qdtc;%?>jfo@qI*#LowD%UnLX)YG28-8_StU9NxK;x z=4=yJGJACX7ZM>-AS&Lngz{IX@pCL!^ofxp9;gqt-A73_OhRgQ8sZIeN%4k$tEpfl zs9>b|*3>U-9VYJo%{Ux!ns`YTZYoP&>>0%eSm~&L365HrY0dQP6Kzk@UGe}Ia{H&# zdPi>9AUcl9cWq-l$56gRWY zOESE`055=se#QDoul?1&Uf(gLtLgG1O6P&&@%w=5@qgw3D+qAG`^AO#k+R9dKxR~7 z6}L-eTPu}oQyeqyX$GPaHg;tb;%7o1wYo=s_=84ZTcSm`&<9rNk0#xG(&MQoAHZ94 zo@I)U!O2^a<7%sBD#!&YWF0aom%!yz120iN3vkkzOFgea&cE9pn1q^Cv{|nb}pS%@*OoYqqHA^ThtKrBlq`-TFqSR-rV& zaK+ab0j}8TR>($QyP(@6I?N?sV=BRktQ72^3+e{3k2zqP_hG`(^yL=oET+^4i?W0c z!IU10c!o24gw_B2c^BZ3HU|YQA@=BM0d78F?Xpo4NyQxTJixqZ+Q~wsy~FyN-x9Z+ zsEO{FB%lhyj8TGiANs08=%606zakI)0ysjg98u?|f5SYziuc$r^az|Wd-@`C zEUAz1wy0rcU3zWiH_*f|@d?RGZD-Ou3gcdX+P*xCcwud}y)o}k!%}owx}6%D9`UeO zm(ofcCYWLWr43h-4qe^CMd{yzFWJBPk+zsuHQV`ZrVgnW!z)x;RkAr%KR7BoyCpU7 zk9IxflFyH@o10TU_t%0-cr7p#s1O#IpG2@hWus|M1W|&yXogFeN{TQp6*oyZA-K2H zXgQmCLFT+qdg-Ndd&)ku_DP&8I1g+BX*g1LG%{MA3LjQ}ZA;LDzQW)cvxDK!Te&?x zU?BHN7ijWVK8(XjYa%S=k5}52P~aB4OWw8Uz&ZfaAbzQ-r%!4Ar>Cnw^}~O@Y_#|> z`>e6JX?kELc5%Ialu={v65fVC=eB&+tOOF~M_NzOGe52DRYjR*!RW_a+dC3|^0|3=Va1@lBIVL7Bn`lQ!fW8zDe4Y!I8 ztOoZlukO;YAECmwQ3!5XZ3J;?RZ2L@Qk@y~Bu|$+`Pw+OuH)zf_vtLHAk}Fuh3tVl zk)1q+HWIaOav<@#*6FE0^j0|w>Y5#CmNDEO0&K7(uj%BBhHZ-Z6F4>nriT!C%_<8P z;wDp9i4HxmENW3(dg*g_Rbqy%JusV~UJ?~G<2}F`w19+krtLjJ7%?+PkHE>=Y^{=| zZ~HwC1^q4r-R#?vM20a-2kb|3Gxxo#0q(MWbaq(TR4YZ_``C68mgI^WU&hFlEC0Zm zZN~AKBAy~L0PI3Ac)P1}^; z*|C`X%6q!lq3EfQsIXwCfBjuwHKsL)Eg3FN8Ey8fAet+iPyBCtIncIj#jha?p|Weho&4PaH>|U)U3lb1<(9;X;LC<>ow*vtJvJbq;9ur7(i|h_;gzrV zn{wQr|L1oB0M{%2x_6lky|OatgN2T%<=GmeMF~fl@vQoD4ludTd51-^if#}p!7OzT zKR4gN$Wj^MP3v403ztUBO|rleQQ{KtD7mq!)1FYb3>wV@bUn7Sr&q_5FAY0WtYpwJ`c@Qzit+ zYv?RI3LiEP#9nBYp!!p**uu_>J?5Q_g8`lnCW7(2wv(Ku7xRPd193>kNYu*XE&|xM z0?2}dj;LT!4|ICdB2gL`#bcGTC!6cq&(rIQE|5s)q=kOYvU0YL(S6e*E|f^?9M zp_$N2P(rI9x22>k5k}*P;lOkXx71A2sc70Z(@Fg z7K*q>(oSSb0>&R!gjzuMPVef+;j3C(lsA;F;_% z9S~Y4HrM!eCdI0iqkdM~#&v=~{us0t{qw7#ENAufPE4SftQ6XlK1l2zOSb%1&&DW+ ze(?UZHk@+2-QoXx&g3A^xnldNoj>NW7OyuD{$amP1FSw?P~te~_?tYcTRSr$U2B2` zlsG>oSFo}sRq9FS4yUZ4?R}0W6vMcTq{LWZ(ZV%v0HDP}#e7sWc7M}aJHKxLnsJ&u ztx%H|C$$2n&{rs=8fn@%_6$>p+OUL?bV;%BUMJ>pb5B!b`%8P7 zW$Jz|_-%l_)R>q$aMec(z5rRr4sjo>I{;x-(wIM`irN134UDp4v|Y6oXQj}pTGWc> zB73IQ=_0xtUb4~6s`u^tX{g)OC#nd_s7>t7Qyh347rcpY?2ysJ&{!}!Rfkz)KIb{c z^!C&j8#tk==k*}LNPNIZ1+~g(Hisebhm19|Qe#f{6xR9qLfP0BcFOv%7^q7W1icP}V!SN^{~cQK_7gln%1q(f z4aES{jjVmDp{Ox_MVN=jb33w~fWv^xc*-8_NVlBpJDALMnZ`YxF6r7_0JL34cYn^Rp#C-yAZj`@KEroAS--llI-J`u(zcO^>}1jJbEsRb!&t=oKM%y#5e{ zu%iN1gNu24h50~KwAp1~CKtA%o|Osga<-qz<1t+eLapPuoy%Ne1h4VqnJ6igv3(W& zV-&4L?{*jBqS#!_NG-ixWBIr*bh^=Q%iQIJqL%FARC96_-P5gz-f-!w;wE?ce?Mk@ zG6Hyx#s$wVFsK$s6jK?dhM*jYl59PAop}- zd~Q13#h$9KASQ-f_{}Q|csKl6EqYJVWGN+7ycelhP&tSaV@!u_%$|xj5?^FRj%EN` zFBL;CS7m!0n3SgTmudXvKGbd_ip&`vsNLq&XpFD2CDmAQ!x|2%&jn1`wXBUYTpI37)ON(S7w5#FwH4LYKGU#s>V>s4 zy0tTXe)xI6TK+_vjTY^FnWIV93=T6f4w8Z`h!`$c((ojL*YN2g2BBvHU3 z3Jk^FA&*g-vi3J>uWW~p5mbY*uwUq@45H+J0O!p5=Y@y{jG`(Ab!9u+8=22*Vmul5 zaWI|;REVeeP_7&2jnb)JLHw*}2D0&z))GkYTh733#h}{ZHXWp;^i`QJt+6m|+t^z8 z^q2MsT0ldvUyHo4i=0tZE&T+Ti0!u(wZL&^>o0vt{>{hQ7a_fDT3^+QRh81|-yJPt zDO+#a$^I@KzfLrZkd|huCX*>%;h!h;T*cdQYF;YLkj6`N`$9D^PAtzVv4jx7=~@ZM z{-IFezsPvk?sG^zC8A0~^_cN4T!L;9y3~mQ=NTf4w|fk_FlBTvJzzE(PmT2ll(LrM z&GSYlsb2xDVg}mVClPT2vBdllD;hccK&!BPu3oMCgKPqsS(GK^<<#2xidJ-nuyiy5 zv(cZ}b2Um7F)#oG5kYRmd_rRGd=M|;+RnRbyD`621LeT{-&VHO19@xLyqDz+IXu2T z-}0(0RxpoIXby}B$+Yi_OR?JF0x!dRh_D!bJ!3SPv(PGX!?iET!nHF54O~B_Tz!{q znxI*KV3xmuwO3!O?MSKRz8}OH7R(Di8ZQ1*OYi+8${om z@!Rh@KmM3V=MTAmAP_sgLDjQp$>>=@)xof=fHQd$^4eu+6axl3FH=?F#d8ZX7@Of*T zN>G2~7QRw)9LkqV8EjvZ38?pLO9gb)G-iFJg~2)tW~AUhh57ZspE~9 z|7-PL%ti4QmC|Owf^~2mhc!do@wmADBZK%Vc9#&q_Y2&enApc8fIo1E2a0~_$4#`j z_Nf<|=+|z*bT^tTZg|OEa`&d~p7)jOFG`qOww%iUTyrErPm+mDZ*&TPWULC_`s5x^4jGs;sOh$A`=BeIM@ww68$@a=zZSRyk zRYpISthwYh2ltRxH{3qFdGd6EOJhZ|h8^xuXcmnj#46@&C1|yu&B>%;Z#vsf84ZZu1 z_GtaJ&=l{Lt6(TIVxaj_Il~f^fMZ@HgRt|yxPl0HjeSp7)l@5H@=|7e4Hbag2zOG% zhul<8E2adou$(D{mO$4f=2>sD759>qNQ!FSKOGTl07MXnw|1em8G~B?>U9(9WW&nQ z<1Dcy799&_uO>;^zvi)+2S-RLz0&>55+*7GPgJY0Ya!@v!*R&E4Pdh!cKklKGC} zE0tkAZzz{~`@M6UoWV_awYgF{FtjzZG9#5fx5c-w#R9s!A?u67zmvDXy<$wVKUz&$|lHggjIYD5vN# zHfC(+v1$@5GYl_ifALQLvCFSmg*Oe#G8Nq!j%&;Ecwr(-^qW@|%KsS#zGD`q&rl261epLfIov^O>Dznh&P@J@)B(h?#DRqKq^e$V&%+VP>-OxAZU z%p6v1Nvcg$Q9`gghtQq7rIS)~Y*Y%f=M8(8#v7&a9LbOUla^z3C#H-V0bfV2Z13B$ zUhLHkucxe&6rHRpy~!zI@xWPyIs1-kOx1E(a}|{h+93Se-W$oAo0ac(bn~3ca{(|9 zVsqGCxk*(G30w?LvwIE4@chEoUv?HfUyU)16aoq8-U}QQ=B1X9;@7msB1usM+xFXL zNQ0zfoeh1%yY3ELZ@pR*W|QpiKezk1#LdL3GQK0kyXDp$BpEXhuQy7gwkE_Q2`=8^ zoUO)aZ-f^B!RE=my?Wj(C3uZjPqOf?O>Xfq@>1vgEyO&P^zX2JBCa|v+80HR=2i*5 zgo~(e^v;&wh?*i37V3rL(;E{2vos6$7O~j5d2a-`HuR5m@?IiVt+$U*aF{T0?x7S( z|D7*Z5$|bmHHy^IMa9=-8kj`(-z-oGtR#hJ1c?X8F#~@rSayl%6skiZWgd*IFC?n)Ta!$eXP7 zD?Ieg}S>8I|s||j4w+X6xMoIX}a`Q zk-}qDRce}mrEWhBT;E-WQ95RMwHhxxQ|I0#%L=!jt|0d!1Z-LzCl~lL-!+HSu8h>a z?Oh6_Bv9avukf$un@XBS|1GN0&TF053F*+$cx|&iY=DH0dZ!3b{8<#=-Pe?d>ZmwQ zrZcW5Y;>$0|HIwZNRKD&-e(5D23~8$o7Vi-vcpH`YT9c44qCVfHQrx&IN+6u4adW^ zF=>F*k7x8hbyEUI#ndQGq-X}V%<6k}gD6Fg0IF2iqe)lOj~5=M`TQAh>}&O|tzyQ?&Fmb1M!PDy4_! zcekq$o^;!9Fl9Emw`VJ&Yyg&OXf&=-eTuJEa`7+~bmh+Ewp7gx)j`(m$I>Mkq15jEKcJ#yda# zRu#wvplZLkX8aqAcj_B>{zQ}C#ALhT4N-ziLIQsCw>fGRq#TO-{urz_>c|4Fm^hd+ zi##f@*!jwJ+a7WsuUWLp)2-W#c1#@jIbU7o?WP^T=gtc#;y~@enD=V(=n`vH&x5n9 za$}CEzJ|{@Q@C0GV@*J@ya8p_>vVre`GA(2D_b;5;p9|llR(9=JW2|Vo@$=5B!3Jn z?&dt#NNMEI)yf9~CBc#g7jQsj!hn2y^}oXdGD3t4Nm56x*PPdpT|&E;pY3S;f2_lA zCvO9CvMq)yHh~LWLrP?9rF;X;UIuV$ZzZrwBZEd_+XpGQ*R)#swQudR@mS*=~kw+6#U$ndoSGwlGgf-&v!f!#3BT-7P)}`eMhh+ zZb4j{L45J9D;SeCvn^c=|7?<1Ggq%(O8;T_O%>7G+NzpXjmhU6{)XpKx$rMT5k86D zo&RgGy0}`Zkb=?UP1^x$(^K{ri7@P%C<>uwf#XjQ*9A?}5vbkiCA|N_8X!n4ZGh#( zU#^w+b$P0PGSS=2)%NZ|HO|pb`*u`yq8nYzHN2HN%vO3+wm;PzBh~nAqT2LdSd4YY zvvSF>e60Ez6Sq0_gt89Bti)3L&RH8kIaX6YmNk|W#CHtZb`N=%Cb!1lc_-E zJb9klGH;c4Xhyd_yzflE>`pvF%JWxyvW6F;f_^ABleu8+ZR{*&e*v9`n+q=?YLg;l z3tr8q85nyGjwTmS$^zW2)(aY7^p67wtOqq086Z0@47&hpQKu7{VPk%yP=qi%VRSf2 z!Tmy2YwJvP`0S5i(WW%q%&Gz!Tb!*1_iA0kZbvuMxTlX1KQ~=e^#!bEbUdh zuJ6-{T%y+xmbhaV?oMD*D1c00Q8jAlRV}{AOseyyF8=rQ9o>!y6iyBV zG{&9yzz0U1_?=`~<}d*q<=oN7SNotIS{f-|a+A$j4ol$49j7TBLgeJC2xsWi^%L-5N1la<>qT4*Lp<$*p z5%jF}p102<_k7x(w<|+h2*9_~55r#Y3TaeaL%fqvO2cn%KR_o+eluA`)Q7M9TWYAZ zEV;8+bLWhd*Q(0Sr}z)NRV~;;85kQ1ri=kE*X8 z-ws1)7Wa>u_HF=6Nzzepp{}mc22 zT%7aFY6acz(&rX)#;r&~G9&-4CMwUHWkdfX!ektGO3@6?n_Kx`FD+OCaNwKt@95Ju z!Td=u68FmpHLUNp6HFVe>E0CJQ-Zp7DzNPpWWb{=;F(YC;3g{ccL1)*4`NkR;V0;x zLM>~O1=m5_2oTq!a)OzymiLS158iLn?|4^yGuQuptZ86@;E3UN+NSwt>JlcNV@SKy z&O2kdud2T0_+mHcewuvKAOG1h>fRN2qF@Kd0{=lH2lIaaKL%nh!|EJ~ze{s%)CEnv)In zzj!g|L8H4+F@uOT9WNvUR&QZ~n2#qx*z2wH)ePhp%Dx+rK)QFTy-jF5Tp;}=1omucOV}aESnv5p5Y{cP%co}0!3~r2+Mh#s_L@+)D}7CgIX}1Y163ER4%J( zu7Brvq5rRxcrtc6abPRfd(!)Utm@Ka3XQz8KyG!oFrRfnzt+1=K~)17dJ@Rc7|t6_ zDE7HXm;2TJ83~{-=bQ`K^0n0&RWd-)aQC|!7dgXmMU%4A%bnHa4q!L&*%Nw6 zfv0xfaU1n!Ax5H20gS3=#!z`8>hhyM3oMsPorQq;wdqCLT)@ zcm|bBjFO&FkbfEAoL8-Po?1EcfI9Au9EtdipI!R2IPdz+X~CG#l6OAB)P8%91(p_j zEJZKvoR@cSaT<12iTx`UOu`mKSlLgVnq$;BiS_$@@IGM0AjNHxhCNW@86R>)iZ#ma z=C4b8V6OqiHHW4}NfF6ceue*-EQ4i`O`OK8Ekgy6VZwpVS3Wj}GA8H2s3!p<)A*ja|&X|xx zq<)AOxw3M-ll!yh!RF^LovMcx!)GI2rr>&8U|~t^mb{Wh17HMXI}#0mN5{)M(k7v^L2FzY^$Y z(_gGoJ7kw8@lqIlYF9SVA&g=kkq?{9np+=lp{#W`zii07!C^S1CJfGBFO=LJhr;#- zv5XL#UYQ|DHrg!z*_{MDMjB#6wHC$J+cWgpz)tB%Jk}L(`!K~biC170se^1~#AdMvD>Q=9lrRY+??Xz=_Ccx{G z`7N6_z5->ZT~|eE;BMvvgba@*uRL*kXCp4TdD&GzW17Sr0{Q}<|D_VZViT{HMS*PGYx&%cg#U!=s)kqOvWP*-+D#l_s4(iV zinJ9TU3H&dAPKnhK|6nNDN|`Bb9k>pJLy%-#M|Ynf3G?BQN?A^2|bHC_f~c4OiwH~ z(h3<~0d@f+ygeNL`!4!5zF*fXUiIXD`LFZ|+8e02^O4(&d*TYnEk*M!RRbOE^9agI z&js{Qs1>$2uQ5?plEQNx1@4N~9l@$+iBp&D^9a+#d>yu|SE73VyJp8HUD_+BYi%A& z&rb_4>g{4T>(m868}-KIlIMNqY||>skvHmv#6Cw{uD?><_YXZ!3t`J<$d0P&N_RmL ziJc_)8}RSi$>0vnY<{0Jl1Gh_M;j*t*`Q-+jvRe1TDbjs&|LkdL;Wa>+TtYERJ9^s z9@R;%#dQf8=k?3Pr=a3kV)Km^uh%%XAaARz1h}vugNPU|q{(8qOx`sR*stj^fEgZ` zdUuKT&%3?FNDUd@A>u3uu)5OlUk;U;`7RkoVKR; z@d`2kju@=NvW-AK%X$4Qa}{u;>thL3hGRy{s;`IT{-I<^?Tj4jg3IVmdJhs$ui4mR zpIW3T0J_%PrKSV}o}|1m$D{TRJ)VElI#Z^GK_+7 z0W6Z&=+oWqk#99{BbD7Uqbuoip>k4WMo)+6?WjD?u8|x_ceuMfqaImS5H16s69jFK z3tRN$k~iU6K5nzYy$^D~9X)vX+9#ieJ>s)tTiR+;#4K`wO2UB4H`)4GFR7em4M6Fy zvT-oED?Q>;XjkuF(;-!;r)ejY{P^Wx(N_-NJS!R}{LU(S<^Wfa3K&;#Os{W!*HjL! zBYtvIz0|XME|o1Rpkg{q@DqH(G@$nv<~u z4`t42WAm%aL~Ug-yadVQpFe~lCj|MGd{aTPTXpuzaGA?zxi9*j9(ngQk5PrC+t#BA zCOX+0mogdF<+eXW6VDICv_l_3&*Dx3R)VtBQep6mwA%v^ZA_mj<_BuF1x@1o=MjPY zX|V_7^hg}?e8Hqlg~S*-`O_TXtrL?mPgp9)Ly0UIJbsttucgB9mGRS*`I8xizYOw#| z2c5f$vbp8-e5OLHi{qQCqT08%t|1mr#5W5e+bQ8Kt&|Y3D%j!U;+M;ewC)$*4PNh) zO66o-Sa}RZv@v2iFEZFy#(TQj&S&Yp;5vkoKVI-0{wkJACUSaJ(;muTgb*J&AlsVm z(pyNG;vakcH$M$#J1p$crspEo%N1TQzoV7o56trc9@;BcY&I#d*^Sx^W zlX1D5F)onJ7+{eG_c{*29UxoTDD3AL$w}dypzc1=yUFy=Ftf;4+c!7T<70$-Ew@6T z1A@M?@IfiGy>RdLOJi*FR?sfrWWwXl4@3W^4ShbBgjd50P`p49^q*g5C>zr(>EA5A zfM<*j`kzm=v%6O(_JATM1mG&~^#QbuD1v+wkiH z$IUqLnj0b$%zb1wkGoUxyZ6c}Gh=Hls8?10&%!y=We35YJ#Wd_Zi2^ItHxMRuhzM{ zZFHqEui4Y8X{GT5?C_(kU6=Q{%GmmtY5M8>>T{xfCZ2{Wwt8MKdLI^?{kd_Jdcs?q zV^vC-I-ftM<}~y|C8gBv{MteHB+EwluXRf!zQ?Y~U#9v2LhXwDw!+;u!S_==G3~J- zu_q;jXa}jSAUU}^r+mKu*{qq5 zcUXe{(O~EDpGW3pA&8|@5KGp;?c&eSRC#D0qP*-gf+x3_hd&>xYQSr=1KX~PIc!}= zVw7V~Mx;2s4?*ekt_jP*gW;I859U!v#t>}}^=IvV`~@On2b&5IHw|hT-%+@Gb?{7E zPsArvv%0NZGF|BB?dJFsV1(H{uvajazM@(NS&S>pT)fure``QsrRbDN8Th>@;0ETw&d)lHmjC)L3w zeYyPeAmWN8rooAHBq_&wJl)v;d;!On_YTDEJ^I17{!ul?zdOtLr%cv)RU-bHX(9e$ z&D>PTYKGocgCi2zHp4=tn!YVLr>0&@eeZ9XY5R;KW9pRI5?%N;E+*zi)pY4wH>dR+ z3fWcrPK+tYsjp`ryBp!)8g2H`#-~*g?0~&r$ExPP%-x8|TFlXO9-}G<3#^>v1pm)9 z)u-PQnLV2!I(*N!MTz+JQ_D$5D~HJe6He0h-K}u1PNgj6%Qyv^aDCRY)n)`D+i;@$ zkxwuIbcIx|a}xUAJn+*MIsKpYMv6qZPGiz-h0irg&%C9yo~)=cPGlK-&_Bm;S`-f; zb}t#n^_k)hDMBy5IIC3XOV4_~+?qRK(NbaN9C!lsP;b~2?BLq23ZBg|s=eJ@%V`|g z0Et^0e5uYku(YqvpTW_*<7zUq$Gwc`>Y8m5M5xXowS7#$_7%#OcZ;~56+HlyUbp`q zy-rMGOMM}Ug3m+x`*%AaVGilPj$~d(V59?%VO3jfp9VcW(soP9x*4kd{6PBuET^cz>X$aZ zdBX(yaqNqO-U z(bc;Axl^*1`|3FiDc`!HfSxX_ifJ{fF689$jXRoSZ3Th_K>4e?5qVth{GC5y&L4Zy z8Cw3_$^x38ccf;zb+hP-8T`#_2ao!L?n9-Fhc=C|g81O9%^QRa>5p~>AFWe<#g=7_ zray4ayDpj4X?4bZ2&-aVV*rGoHwxf~IC_@!U}|)0%hlDB51sDZ`1x(mcS~yhBlz(< zd}j#a*}9rjt5Vt#iwHAC7`5Jju?xtJ`mk3DbIjiquE zjs$}tZG-ns-fQ6*W*;i8^jT#YJh$g;1I&`@UHEK{0XCnccD=6rea7>&BdF-3%(s`w zi+$pFq3J$%X^dyfv%-E5a^(H40ulamwPt6$JaA{V+t>C>YZE2kcj z-r(fAwhae^$zKgVuyTOx|EJ-?qxegEqCi)=$cV*es}~NpwlXsN4N=uG*xpNDhc#45 z)qu3u>e2(xo=Jj}qk?8{cIKMuae|dkAW`Qi2GUndMA&^MIeC=^txDFeXNd>sfBK&% z=}du?V+r7UNPVh-X@d6FL*ypqNYWbvk^>`{LtxoGpA@NZ>dEA<6W>Z0Yo`m)!epQB zGrPeKOyRz$%LC`1F%L1XmedWJ)H`Ky%pJPZRd_$eztXot;~16v!g8pZT6t4*rL_6< zfiP&(z;=mBWYtQz^5v07dXp{SmC(Yk3q5DD8K3^Rbd(Nqhv;5;Kd^ld3E{kfFUY&Y zyHAVbofs|=M*sm$Qv^IIOe}A-qXmSSCYmC~2$zj|@MHw0ouN>O^kj*I5kMatnBl@E zkS|+8`am{Pc?ddE?|&#m#@zp`gyGLNNAlgNqtuw;y)D9%Mb=v(6+vdZK#T|y^k@O8 z1A9aYP4KjbhrQKqio4u=_(gLiIa1X#b79ZNTZNULyZU(iNeDGjN?Lsy6qWc!%l-MS zbhScxEk2JJme&*y-%xX-{->xe0@~y^c&z)qIRCxnU{eU(XWfs_3LY zLii;4inK$gZ_1f+gvEJ_p>CGk^*s|UYXTM%XiHc$vEb2o)SO8Xqe=!ptyO3P`Hu)8 zmL4n#o-_ybqWurYJ+i)|V=#K&=bf%BE&bV16G**rryu>2@rT-n2%r4-IWsqVoDGk+ z-7eXUyhCyV$vrPB)UYtXv}Z1sJ=dX{7F^!UG^lo1U?g4>R&F=#+1LDc)^u)1x_`Bs zqQ>3|Vc9=IN5eyU!@svi9T_Tkf_Y~EL1KChlMGLww$5e9%}!2R<1XLwL3b#k(L$&bN`t>ks;$_6Z%} z4!%Um(WgS24De^Okp8p6iXTOzZ&;=d$4EkiK5S2Eflc042@bu7eGM9Jz*orKGhVX^_h z?yI<0ai8m5Twq=J^XJWkSt*p#?RI4aKC&m*2x}+7?7#yogh7TD{{DcISofmR%Ul;+5PrR_636HLIJ}CR??K zhn_*WhvaWZp1HcJ_D{{r&XPz7_s1Ynsv{byy00ClSv!&}ejz>M#b z0#~bePzY0gj#GWCQarlfCm8NBQps0$H0i%Nb3;}L-8(;l_;q(3dvde0n%^V2p32!^ zr3RCILG-XN3}eQ6UqAy$PA}N&6Xz-tPVUoU zJR)5hzAp~pojIB#w=vmkjk^ZA{EP8e^rKilqg7O{_I8D`v0jS=c=xK}9`NHN_zMRkjb(*~ENY)sZ{0IvT_YeR~W#hwaBpF`W$r484cq<)XA>~5n1IT_Oaj|TjWdVSDi8iRrnv5S19g~wDX42 zGPR)zXGjRsf?CsKipb>2<_-O*AkHh?OZ=^*+WXu@+<&UkSE?Nx&I)%oZ`8>&L*lRp z6&orgydm~lk^1D8E61A!PxuNDI5nqhtEs%{r$y}drC}!s+2y60SsiEcz9NR@Jn~C4 zV9)GLm*h8wlEf?jGrf$7PuI#6ASnS;xjHRI2_Wk|4$lVPnIIR|A5}YeE?&jU3UWP9 z`39?3$XHQ=vUZN&s#njuw*YYTQa zxk{mhHQU4Zg$CF^!vk6#MhS#LR5qrELDvKx_=o%Kvvbi~96#@1gMz`f;f%sFA#Y&C)%l3_eakYsci}~Ptf~G><=%^!7TZOEX1|uG@Y~N`sd80 z8QoI@;@JqRfgB=PBI8^@NE;!q{57K9NcWf4xsR#~BGgl}y*i@3SSiC>coAbc;yQ2=+)hO^4^^9M6gT$=thnvYoLMDTQ`7}ZJjpV4& z!vyF{R7z4e>`yffXp%$!ZnzRh@8MwtMC+9@6|JUCbQ7yTLt<;=D5t6F&y)}8eea>kF@?oq z{SQ@y%3sO&?ms{YI{?4)Dl2w=&tE&`3Qqg}G~=QExq4XLx#lv|dT{IG--sLNFB|#@ z@5E5fcZ0F-byB)|VjJPn-Db>;CO?JgL_rfiu9C=mwrnUSbp!uSQ5Py-YS&X;?%9*Q z5@%}Ss_M@d9rhWp9RS*b(MnfFDk|i3eVIP>Wx+2lWl>LVc3mp!zbJ_PgAU~M8fNWw zoOm07YamD1W#$RaW(B$}XMd#@Ps^SlM8_Jpg&IHbdDoA)0ZGB#ADg5mw`D{I+;LU- z#kv9Ee&YP&K1nrDAgXLE2p2*&7*`Zk*K68z%xxnT9Hvee>a`Evt6hw{U|eOu{@ZO2 z0-HUtRlh`nf7;^(P%_l!@|@xifBmxFGkkUzgwKrp$G1-eAK1w&JM*pc_|0|+4L;`#l_TQ)XX<`~SbbB?Tf)p;_ zdYiE#6z^M+dTzw8MflNcICEHhvKu5Wb8joAd9SO}aME6Ei?hpu@NQWh8r&_(E%4uZ ze7xI`(N-^t6qK4+!gqtU8U62ft+3rcL{4NWJK0K5XTIq)2*n9)B^GYwZCnvYE_{M> z(v4TrMG?4x`0A;dABqn!0MB(N(5@;nZ|0c(4 zDuva@l2V*`78sm0HYEZY^b3%O0)u=pvLE8n@-lQUfIo__T7U4(6hf^?8bButc{Q9I zygzkG{qhxP>ykcs^8En9VPjo*y2aX@;j(enP%=2>>u;W`<1Y0r!J^OipviJQaYnGQ zc@Y;@xo6I0f11=ElZ40EA9heVAV%VKtY%13$E}BhL9zg(tiv?dq37>;AAV6^{Aff5 zj{9EhvL6C#`pBRY>1#m?+8&cvbmvpN1173BnvR>#88Hhq__=!A1yeaeq80w0YH;$M zhuQWFl%8}e>=wAOr-P2h(An9uQhf&>G?x`jY_$)V{{o)e=A2a zUOy!)@o{&?g_f3d6Udg5U{(n+uu5jM`404UK<@sdyiTr zCFMTrs$9Uxt639IbyJbt+8JKH7eS~dBhl&yP`8g_H8JL7_QR2U=e;GU@O1L zD8=`j=wy*C?hKK(hrICMHD?cF#GNi-vj17nrGVC;jR@2oP@1zoCqutq6KJwEhP7_F z8Y~PdO6JGQxwu`amjN9cd`P+l)9-QL#Kd1R>RcuAt7Kn?Eq63bax#5cS>8wOdhhHU z2;yA04KxOVy^gMy3-hQAmW`}kupETCEXS$R!Pz|KHU5vLt8XTc6(5zI7aG(?Mdp7F zEmaY)4mh8g36^q@@Q^ol;Oak@KRCUR)+Y4lXd3DE-GH0llQ|x@{~>watT{$0Nu-FU z%$(2^y$?^W?r=m0JVh|qi;DG=I|IcZoO)@u{EZbZvUMk4n^~+ch`wgR7=3b4|LCiT z;&$!S;Q?Nl2V+B{I%{U)=hem3L?&gwXN18a)9i+?G}9k|J5Qo+X!4lk0|7H6iRxh| z{@3?7&d(d7?P_Uhw$C@iMI5CvXLhcg*J)3TTK!vPgJ{#%V+492F`amccXBH+D|K_? zBtgYKx3goL0xcbH2z9Dp)gB>bJ`KCuk#z^E8*KpYiAi1LMIa8RqV;8d=aXr#*=L1y zXFP2+AE}ZrF0r=NN4OJ$+H$|OapY5RwCxuc>p#tcHK+%q2SEKI40xWF$qt7|%(H|K z_esjyy72x4(sxf+05y&+?ph55Jx?bz4?a%#8hoIQV}+A2wBlWl|N2p!xlp1x`v^3f z^_6cfcowvz!4x@;FYH$3iq`HaGhV!^|5&%)6lW;;c)vcg4Q#95IdEyWWhp_k|GYWk zxzx8sMF7wYik!_Qecg(?VKwtuTDF{dOF!~eZM`An;&@HbZiwtX*D!-Fi+bU-uNR{P zx4!)pZ)zJH>>_aa;KG&HWLyKw0OUA&YgWF@^|`kPe9y|c;GQUW+=}FSj<7VhXnR?U z5w0jwdTzY-GJrrgo=4sZoQy|1+B6J-TiRXVF4Cjge3Jk8Nn;IsQ#7kU10Naq-t)PF z%XqE0o2(!f)|@Ey&2zUf%8{FTjwkl<4tXJ>9>9eYYGJ~>*2-v5*dr0HjAvX{)cu9` zSxrH}zpTBY5-g(snBnN-1zFHu&%dgo4BKXQ1n#^wL8&^gz86-~Rne8r1T(rSW;k`# zX~z|MAl+Cg)d85j3Nd>l&%px)6vYnj!#sd|96q@7Rz|=o2@>$P>xIGaE<@fajbr@{ zmr574wsL%OvD*#<2&eXQC}%~~^ZV8NvGb-Tx@L@fx5>td1?S$JKTU4MTs!R|S(i-eoUwt-a2mG*Gc3In?s_ow1 z`bV`;Dg7I+# zdsUD-=H27qIyJ?rD6NnyQRC+mYeP5I_#-2(us=Ol9H4Hfs-11kZ*FMaZK~rI2W>J& zHL$LoFsb%DHP?Sj5N#fRB$zP2$lBR~Vhsc5xq`2@o3pes(Drz8=LC;^dgYF_By>l0 z)ny0q!kjzZXJck>s)XCdhV*LC`EquN&5ARK(bv%BNg>MGSZ( z?GZO6l7rk}!h&P{Cu?^C19nZIOZ!`{g%*OQoyy8~J^B?h(i zuKR{|=k9%fD1Or8;7Lb?!Sg1%PrUUA2RN=`xE_SyMC=v2^E2n4Eu0-s`!N^%GcOsxaNMhD9AWLWU~N=B{007qe`>Nq+P5iy*+9_S*06^~zSrhv@Fd`mF#w93@D3B* z_+!~++nP()<_G$7$cD;cqUStI3SpU3m(!Yl;P>CPWHcrBTD0f7Va@{hTvo6x&k4na z*3S6#+mUi{_bs_H4p-80z$w_@X>_>u`a#JD_D@pIiZ*%wX6a75lW)D%z+3^Q!1t9E zVAsgA@z%qD1RY3@)KZgax($@}mcE?z}3z0(RRtS%LF8-U9qE_~RvutYpy zFK11sDAmU*zDh70|J@oG@5qAwm052NI-lR(<3B1=}}1HTQys8bNWc+X`qc(ny9rnrxt6xpJi z6ytaJ(EKNlUqRf$m3LZoReJt??_Ecl-mZL)HF2Zq@+?=T)hp&2k6_xuW6!T=2jLyRF~@>_ z_)Y{o(w(8-UHLATRXU#<6cEUN5dW-w^DnO7<5rHtxs{YsYo{lJhRXC3LgjMt*xX&S?#_(W2lY>qKYfGDyz&^GNrGp z&fi>jjjbCyG2S(ZvC^IDof(ctYd$^hT|375yyUGt-BzA>U~1DB+3jQPK69l_c$~7A z^(lz+I0v;Z{K;hlywZ}ZxA^ykwoDYz9&9+(Z+r;94hlL8y6F{t0wh~G6ntFr>DTbL zt)FGz*g;8S+|SEiCB=xNazoOzy?naS^SYJbfUQo}?i2*!%i-DyF@`Eh^KE}g~0=kDR_(Faf68NHw;H`KV!X#0=&^ZKGA2yx%_{rh(BMEF5i*^h%<|5~O|6Ox9` z8sp+C&&l&I>>c1A#ErUd)bK}79NK+oocKcTmg(%i ze6FnZ-(i$Pwyy)GjSwfbM$l=j)3r7IFT%Q?B_Oq?L*W9?$CW0=sRWZ*q33ul?}3-ow~aHtU$1siSIuIEiKgVo_udu&4_;+ zx+NrdYa!UMhPKQQes!C-_lgunWiEtdF|xl+M~j$@v=hZW7WWn+8NoWe`wAItZD?|X zQlX7`Ja~4+5$Nu=2%M0c(BWv4pjnW6O_3eSybiml@d|l0a5x5>N}p1k4FMe_;247i zS`{K;E z!7`@P`^3-}j4j*Bi_evwHy_C;m-xCKHAA|Y*QG@L^Mu>cNZYq6OdwVk>;vK%cJ1rL zpyRUXq*9ds+nFE+ufeCu;?VJCnd}o|+TTIO$oZ@6hX0GEa}Q_w|NlRURkBqo?;N(I zsDx0?tXidmLs3ai$vNk$o?6FEHh&dsc`aik-R`MW^tK0Y)b3CU z8G>$;iB)v1Zn%z0fu4PHM6XjMiqw{qTI;_Wzo`!VnO zN62bHl($!iT#f1zcvz*<^-(#3$i&y$b?}P4{NC6rfxMOSKu5@7w>lN{LrZ15qsFv7 zG`e!`PmW`+Dvi{>sW=256!trM*U3zq-xUQasRSt6Nx}wDAwDv0Ui9ElmxO^d;O6P= zVa%@^wQm|OGT$j!i2q#4hnkIU0M*QJMaLZ^rbOC!;J4Dw36iVrT7k$Uk;`G6(!c~WD=+l*egXckB78zr>`$Otj>coCgE&69hDo^z4@=fAu zMssdPovq$Xm6=tVDzQY)@7GDA%|(ub+Qan!X5v>Fx4!7jC9Gy1O?NSdp!P>#cvbUa zA>s#d=~G_(tso7T#r3P<^mPF^A#Zs2{vq!c+@O)>=V)6fRM}!gN*Da-)uy=F;p$lv zRk-!h)nF03QO?U;fqVo&4s~XHFcO;#ftK0Q7BbaiAj-2=o8F#P6?_D?mty8H?Jdae zqihBpA;}8P9~zITjI_2J(0x~Zu=9)~B=%2DW<^nkXWO910{4*P>NO85q1xPxDpP}* z+pZdVwT=r59@u&1=_E)){#-1@h+c0ylT_N+OowjKBWkR+%r?~-t62nZ`{zr6WoiU* zo2YAQf$g4P>(?=NcJI{!35k}O6>fW9$i1H-j0K1Tam8}S7I)}z8*pb*VMxmp^T+WF z0V7$)k;QT1(oH(){;&FEA+n;}Ze^P)M*b+rmE+!9vzY!7yT5>Bt4dXOLL*jqUjX3J zcdR`+?u(u{emz*Qw9WFOpM&y=n^#^Yh^1`+_;ka5Tq^x^!ioFW1Ix~obgu=$$KF=h zvMeC>3aSqGCJ^Tp((%DTGkIa<(_6#t0f69D+~s4)6XXZTS%othm4A5Yih#54sJ31+ zyM}i@NxhEgeD4y>E^p}Mb=hV1%`oWX@gbhm9TF0sJc~X6Uv+@U5pYiR`L(#<CIovA8P2*QuqZCpFEbF%l9o3mG-=cilw8Fk--K3Hko zQlPbot6of6S%i&@StU|daqY+CrEt2DT00*jCo{sqc2!LtK^&)={S+Ry6>;v0J{HV; z`y}mv13V_t;)FAk2HY;tbq4;rb#0Klk9twz&ac2QlB825mzW-_^XV1&uk&ewJ+$_B zSe`1g(LEa6q7HiWh)LRDw}r6MDMPYvI5FoYfaJuS#+6vBIp?1MkjnU;i9yK}0`+TSP$~QK6CbPSZZzYY0m3=Sy&a1&6*XgQb#1Q?rUL0nl zrqCMV11dM@MbU?;NLK40s^!$2+F!4GF@CRR{&xk2%&tAGnmYO$YB*~Hs#-}iMV|*q z`SrFu^k?ytqy%=|ov)TAjK@EjljBgoHf^#>XRx;-qE)zki6RVQzNir)2WsR;h=sgq zQ?NA?WZqROwukxJ@h)jc_Hg5)q?|eNMVn#ZnJ&f+h|NH5;k2%lf_<*p&pjr&PihM( zsHMDFRpU;aKzZMl^cXG#;oDxW%vR6YNx3H!MbW3r=v$qeDxVJjcqY_X^%ZuO6&d8mbh z3#H#@e%eC_ozuL#SUEi<)lg>dHyC0+7d|u7-%wf6=JQd`N8ZDAG{PrX`34fA^-+M_ z@YyVSZdPlG{M%#gtI5Zt<^y|shxWw%#Vz<=?^SEN@M~LFF;Ks}4fCfr(dAeD4v-A& zz9*CBUu!lvIW6h6T{-i6$lsxn(9b<{DQ(EkU?O8eP6Lt_weCKL9;g(n9dH$^;gw4l zL@#2UyJ`ly93AvbJp3@_4i2!Rg)Mq*1|P&4a?ihe3BU$KbJD9cZVpm{E9r57@4@b} zUmvHakPXA#CiIo3x4W{EdB`CiPX2PumCsc*nf;+^wK}&f4iIE&FzrvdV+||@wP4C2 z$Oyp|Dm*zeCwQfsIi*r)QUJ;O=##i#3o@j?ppKbsP5=%L+B{dbi8Fnk_V&zC*JyhI zMYg#1V^da7>4)dO2A{O+x61XELmnqdym5VVS*@%H;<0f%GHFo^aK*AbEn$GhSPyOK z8B7`{Enns|-9&OKn4di_V@GnmZg!IjUq0SYrx^H7;)Aly_KNpg%pt>$hWvs`@@f z%<#WZ%rFqCI~&Zw7jGcZ5Ry5x_F2&Ko?4_}-Q}qJKwT%F$L~}o7Io33LBW@t)iyhA z64KjGgdl=~)lm><>rmL;$~C>6?U>{x0l)L;#rK*2GFt*^=T9vR`k_e*@3c6j>`~3K z<@oHu>J3!M4l0Pa_AFtzCXP9&tQg6D`(R;Y5p~uO`ou_^=5S0)HLtbI&@Z3>=#|5c zVg=|VR@B3~Whqt2?mRVNT+e{1iMivcaDE@}+@ zBQKPcL}l+hxmu)hF6-GVz` zKpDBme&qFA`MUWm5sG`Q)tJ}KV?%yTd#7aMbA)Vp?bmr;pD?bz6x8GqDdoE^eAgq7 zDwn6rHEc>};fCFWETvt|nRVD>fxG~5TIz*AQIDx1+VO zQr&-#`K*3a|I@+edC?L&U1PCYmz)eQJ$LF>@chBiu#=|rbXgB-;diExb-C0qps!Pt zh-@^o2mL5gs$8DIYSQv787{qBiYRe@oq3+FGJMlm->F+CG-j-VG3h@s!X8yqCDo?8 z8K|yZ{qx^p>TkA#jP=QjH;o(DFOQ2-`^9Iz-tuoPPWO2F6PBNXlCfPA#4w%dg`gAr z;(d9G8;v-^s#<~&_uc$0_HN91m5O~&YdpI(rQP;qX$y7zt6q)+wxxMlZR9L4kO2(wglPQuHUSg zp<+J|_G_-qz9oI*Yqri83geKzcGuC@Cp!r`!OyJX*{+(41(eyRP3@EFw0^D9PG#*s z9e?x#3RALZ-ER*KI6Y*MWHg~Q7)5HT2$~UOv&j>TzH9-BM(4%>cJHTAg`-|U;@SYj zkkjt9rybc=MS)!*UyyRg4_iTS+rua1^~9v}t)1@NFuem!_m)HKZAJ9wr(-(O}yaacn3dz*C1 z?Xbr8y^AKr5?xI@=4Lr(I8(7%-_au|Gvn+Dmtx9$ZCdOL;a}e_a)8tXa;tqi zyN>2VhcWUu&Tf@&)b*F2~ zqy+W_rc)N?{27^cIuJV(!@6>!l6dVaL$CSY;%YdSu}A5qb^rAvT#}d0(FyobP(0c@ zXZrBj<<$O#fy(iUBDHodZ*-h+ zgh$LZ=ctWi@(LYOg5SdAol~tjp-Bq(R~%|i0_|glANp2&XjaLlxsc2!y@A1(KB)J9 z^GRg%1_lnV?EHvfb;jSCr$44^?Cx<3k)`>Jc5)V=6+4Q@{}_lPFIsP{&4SCjO#__p znUP~*@DRrNmdTC@HwWM3$lDHf$y)&F@3Qhn!zU`kj~=WK268v8i^GAbw|;jiIt1XT z+`bt-b@(!M=+Co~rKw?mbLV14?z)DF*njmkj9ng7d?*v|UFh+@d7AKQ zu45sh!&f%#aCI>vb4D%GKu7^TK*O=$!vH6aPk=C|beu|{IHNQg@;?hgzzyPaPWOO# zQ7z?eYFP1pwoP%V3E>l0^q6<|(W?o6+OYO+&T}7_NwpZ%jXaSgqcV2#GHR%|8^m*u zD|;jNv=?Dr#Br`IPEYC%xR*_7SZwfoYSVCaNO}WK7{${|GL0FNxuHV+Isci(6oW`? z-DccEY;g0BKhm2T-H7)^RHHK097Z&etgvW2oIA(p9PJpEP z7U1mEoyb8;FS%6Q{{4E7{R1%>k5lNsj|8H^QKdcRWMz-Uk0g@l)AnUaxfSoL5K~y(uzO0sY zpcw0@nxy6p3vv5nXHE7n-fyAn8W}es3Y20{jiSO*9#DrZHAb!t2IVKB<)W4U)^*xC z?`aFLnCVS`I>lgV70NuUf$yw*Z8-(X_Rpi7nDp-sE=1%_#5CP;>a+OdccS%^O%Rc` z+zteQ;G@4Pz6g!nia+++nBQxM+#?=!{slsZx=wzlg8WqkQ?jX+^0U^Z$*Wkb64N+O zEWUfOeOJoycZ$5KV9XtzL*&|mR|2e{SHHB#`=-h7o?@+0)S}gG%zcgdo*{PBqSCfv zxMFL{@pQJ>;DdFLZ?@*@I4@s@%LipTCB3TmVdXBt%wEku%>H0LBSo^N;>IlK+-}dc z`0EE-JFWMN+`VqsH2r=ii9jTmCHjzwI4&n`;)o#>CcJmqbs&??a!W4#$pW zI=lWl@MXC^P~OAOj+NQK47}|eHLya^zY$MpeUBYHdPc8o-zb%E&OoGEeXiS_!&r*A zuHO)=ju@JqQ}b9d+Kk9z+?(0n;B#~BXyY7uTG3ghl}9zEA5knIcA(|5--E70)`e=s zjv8sP@qHoRlDWNZqZGHTa2`>NAls8??JLA5hGwI_6_>X%u$T$;l`*S~F|gWJj>nFb zqit3lEqF7?H48(Rm7MOBrw3bR`oGeNsh);_XM`?+r;nB0ihgChJPhAzKB)Pr7zL+o zcdf>6|xx@Fn!*MO~weT#n=3{Sm=aJrmZd%^khh9QuYEglEdzDO@srs|%R zgeLbEsBZTDJR`W?tr*D0B=lIx(G`d9Gt(C@!;F>NcsK+p?@uo*+-Z4u#YA5;>kl*| z>M*#d&klIs$tkd1S`bR8eeo$G__!Tv3zyxN5$l6DU$EH_)O#|1j)+w51zZ(u%+%bZz#*pCR$=I1YZrd-qk(l@cQ7 z1%r~cn#2EdZ09$x&{#azrwOdt zmvR{rZJhRnu z^tbcIo;t*@3U$9!q~vRfNP=cu?&;f)2XqrbEWgEs{Im)8cL?*iz&AM~;$RcpvbmyI zzjk+VJq4-2rs?%<&m>DDZut-2cDoGL=WS&hcgF+$?bl$ny?Er~OI{5V{&u(sgbgHp zzc^;m4nXnxF5o}QQ6knv+CF1N{KhhR649a$f3IXrYK=?bvqjp2g$TI*Vm_5@L@()W zXn`u3ZEqNC;hyqF0C$}z-C8lhrDb%&;2_(XZTeR29-NH4|7M7bMekvL40gm>5qRj$qX+DVVFIJ z8ioYq-M<}i{{;df3wIi5!?7G;#pS5oA1qHk7P`;eK4S7R=~>Q8lUIf&T@2#@f|b$Q zy(HEaXIFujGYhfk@os;2ZzEE6`^WNUF~`}b%xws>oX(Q()0#9j_h=eb0z??&0^CEaSRo3!R!W+<7)S&GIlV7iTRR8ZbdaBQg8BIG_m$SKr0z$c zDG{6hB8B%Xsn6?$JYDRorBT_nZd;+&_QEEa&JAKUgO{7p(%FEtr?IzgO;r|V#6#3w zmASlp@sH0KJKj(6;40ke4v<${$>B&?kd}h1xnzc$$-qkrGMaHni$k$!s4>u(y`d@Z zt4XSY1zwX0Lp|?!_NK=b`T1H3h=GNq@gI_q9q>}*MZXu+2pvLwNqqa)S7)3`o|nOE~d&=uEcQ$ zv$`K_$ELM8GjnmP?^`_2sM^CFZc-0E+lRL~KA4jbse!l=b4%%OSg8P%w%{>y;P0<2 z!X4y4T+|Zlsq+mC3*Z|1DQ`ILz@#B(xV2`7wV=z%H3-)R4~LI$C+Y7Ed=oU;MH@A| z=c->bNj@K>Y=CB$D-ol1nC%U~LDkTs)g%-Xv)S(|`7S&|x`S`yNWEk^ynJbREs33k z!TP!%ZR{o0EDb5uWYld=PQJ}*#vbnD%o<&F+uEl{8I;=T3&WWd%}De3yYShF(-mUr z9(F!XGwqvXBCC1p*LP6u>S;V|7Gp#cc{46GlX6}Ou@k0e`L_0lb}BcR98iH@Se-85 zb7|J;1-L4=jh#LK;z9KAtq;aF_e9Fp(A}jjaywJctaQ`Uj(umItL4DIXHT2AtCBj? zH?KW9p&!4$>edeNrTqO01By9j+AxU`S|5k7HTCE(i`=zaw*G#H^vz6lkVhtzrE|Oq zMN=bdOhr*YpUjylmJdlCG}cdsN$g6lG@r2hb}%EfDC@qUM|Yiyv`Q16?`j_VbhCpQ z+#w@?9c>yFPFt``cI7@M(_|U6PI?v&HZ#6)cKS58bEi3WYN&3Zn&(s8&b_s#^fM3B zG6h{)`L6Vvo;GH0YZOV;K|Z|hz0(Dx4Q+zyt&dKP-LiUAp`Rs{)4$>D9c^^jbkS_( zz1$6I$`{&4Dc?iyi}21z1jSFcRlE3V@@%AlS6d_PDFN4}c{nLSy>+8qyez=usO3K+ z_(}B>ir0sy4rTfmLdV3|3m{IU5CfTW(*#jV#Sgy%qpb@w;LDHZ+u~q+3r`a{03Fx! z5rie{eUa%b7{6>E^16$JmYvqh69?zy&nA=4bI*K}ix*H%^!CXY>iUO{EOTgJOX=3q zX{oXT@-^I2O_${X&+uxj;`P;Hu+F3*=mNu4dPL}6p zAgF6}p9tF<-rc&`21c;hMU~PtyndlRw5>jx+I61L%I?t73%Q8rR5$ip7ye!99s5Vh zCT}|ajYam!Va&Iwnql_690O%s+}&$2hV)>eJ8q-1XxhmeZQAuq^wC^{{^U!Nk7!VI&Avx2J(Ax>xE5ugb*&l zpIfY1M4@|a3obIGCO?i}o_Ie+MM?bczd!;}+GAI~x0f$MUifcRjj|4c-!u7%tkdcT zkgI>T5xKqS>@h$vA<^E`Y4Tf%BUP0(HGtOog=IL4u(q!|XJj_-+1Wog|EN3(&LeQ* zLabOMimUAQ@r~krZKr)Br)r+-Fb-t81sTR-`MS0pO>(kGliD4+Tr6NYg&4-|d`vJa zVL-MZ>}&Za6JsaxFVtzb#nUL8{0P{a06k^WGm#K3pkf~$$*N^ymar`kpbO<$VTGqz zLk2gK(lj`l18Isb`FCT-Qz*zJrXE=7(3 z-455T`ezPG@GqXKw$<|?`onE~+PIC&Mrs>I4=G508gl$opag(p7%Pv>LyC)Fo6S#FSekBs`Mgqb%-*%J2wv7 zqbKBf|NGQ_Xb1;>h4l8xYluUtg#F$cN1(}Lv{;PGvM~Bh{bDT9LQDjpa2%k<8?q}r ze=@tbEjY4D8P)W|zE@mGYpSB&esHDTPBgV>b|qFr4zLsRb7RcI>Zr5BJSaT0j?GWA zSIZnk(%Rrctqj#7S2%!dn({ix={A9B^E19Di_O=SSTZEp}pj_!C_F!Al?|P&9Z1Nc~s^#c|51DlD+lPU^a`TnS z&fE+HLF3%e;gLw?B`JcU5VguQGERDwK>H41NFK30H?N*(TqT+Bs#5 zw9%#_P4v!q(!LxI*3C|$f6*2wlPxvap4EFGha<72eG$yO9Ht04mpw?*B+Y&dRC6dl zA(}v$*M4#}EuNF^4kkpEBEqg#$ks_tT2X*dOg>sK3Ol-d- zOXhzQY`Apva@v1G-A|3`@mKx1eoSV3Fi_8E?@;jG3>Fg{IiK0^xG}m?ZI-ppLO;)} z%yKoJNekwP0DyTsSH1~8OykL-|AWk&PP2Ez7_7?j?F_`bCmA>|<8id%9b`WwmXKi7vDX)jSvQPhva4f_^2 z6XK(d17twi8d7+UsX|w}I#jOMkN$0w-Fju=AZ8l3aLof(0$~8%f7uH5#~<4-H-5{A z4F!WY1-N^sKSe`2Azsyy^z9V6%zop zdx*a7*4&b1kwZodf>JC=|7KKW1x8GV)Tnn(j@OJN{fKXJzAZJkztx!t&07$N*^lD1 zuz%16vS#y$MFLq5e;Mq5kPrVx4}$Np(%_EJE`-=z#T{z$Ql4jp?-->QG=KmNwiFo? zrmuopj?wnv6t+VN5ssLO#Q)p<55g>q<>*laKN9p+BTXU~etI2& z|L?ASIq~dp9LL5%?^8Y2R_;w0_}+w4E1=u)(j~8iYC{b3nQV;Tu5M|=Zl5$DiuMor z@HnCk;ODlyJ%@H~2Ki0#1|c!mcWM)uluqWPqX*7|P}{UDA&#=S4J3WRtjK%Qn1#&U zEGpX8^Y84GWHWxm7{CBOrma*KwxZSHi~(_`rZRJCwU%Xvm$V;sB#%BE*gQaN9e5kn zEhOkkv$1qv(b!QW7-5~S88%QeT3d}_?h|K<{ddPVGkyN9p-w=TB4xb=tvSGEF~??l zyZVH6}rKb3i{k7Od$@>#G1W2342Ks@{}R;KZAPmWisuQoIk$%!G!dBMD66V)F0+B7^B6QrZ!bj!^j`J)k_dP3UffWFK7fQPGZPq7x#Qrfz}mZ-X|Us$ zGLOqT<%s6FJSv@7=z2RKN*wW2J0edV&uR&sdM_(v2$n0O*w_TY7tNBZ`o-gh_?{X6?C4_Bf_H?jUhHk*2k?TJrbMa^5&bDLe6{w_0B zlA9O({-igU>xy#$J1+u2i4+Sd8@VZ~RXb$|xhH;8y9E*zXS-JZ6PS~=34ZceTVe83 zjK8i;>tAlUkxp*K4w*EMjMWS0>1^ujgFnyoEss@oA(z-Ao=4`=I_qOnnl6f#_w@-m z$ssIEyO4H_0cSH9b;6fosgNB2>2z1?35kQS79~!QvMG`J0^T(u&nQo|?L8%^F>Lm_cj;f^@ZX-|q{;oo22(#DGA#G3^nvs&W_+>Hn4t+)pZV|xx8*t_j9m-%1CUHf}85sJ%~Ro_nP-O z$|Rvj4}$Abw;{xKZCxB^f%={~zE27bH+4cSPw&Fu>*6u2Na0`@mlW!lz`ofE9m~a% zDC%tX2G}2k6Og&y%R?ek9<0VWA*2+`QsqhILzPOV$J|7go}wCB3?on9A!?>HdAVKA zH5`8q79z(3^ky#bSKz`p*&qt`FXRRntHjVAH%-RxgTaTIzhO&77Ub$k2U>`>|C(6B z&)n_%Q1^U0@TFdIu7Kh_mAX^7Kfyv~oU9w7-f-O0=a-pWW=EE?W-BccEad*`V^%9| zm+$D+W+DFfDC#3b1QAr8kX09CCOC!&Yg#&~Z!?{JT1ely`@}H3O!p91L?f}?4N-@W zyc0F)BXn~4QkA2bT|>n+XPs;4QMtsNJ0HYiHsvB~?SoEV&QPgJeNfrF2ZK-Z1gNKx z9w50|Mp(5|wExj@zfY`cD_${qyPfi0g;(SQN37D{>&kGsBm`c^{BMPaxxhoW1jsci-f1m{*>D7+uQk&*9kPfuhNtmSPZq7mVsgzj z>?!A)wx6yN_Sa6xLN~+XgVnx)R8W{!n$;&E6yej`iJA*2_%h}f4;=J6HyW1T%?|Sig=9HF zmWQ4?LVKUZ1Sth)|1j03VZMOFCE*{R%~yCxKvSyLrTxF3S4MtQ1#SiGK`empM333z zX&h&%oS$!qJN?nzi;|nfks;%I^tUdTRm$zH3{O~@WkTKzt|YC|dr(TNlX-)s?RLB5 zJ`IS|uw}b!pFL1fqt%w*E2?#c_Uv4Sk0YAy+=3H`Kd(l?mI2%GV4;0eT1#_OvZ?g_jWn%Sc3hdH{ed52K9)*;QhwjC zZ_1iZ$_+iZp!#Y-*Hfi}h3jrjS6ACBJHQwhE(pP0fS)cuG@4dkD>7J}W+i6R#R;`W zRoZjZCzB(9_IdiVG)Sbq@zZ;=^@#yIhb`Ng37U@6)~N#(DuSKen6&8NteFQFspGtg zW9KehGTN5TxPkmHb|w3meXp%d!=RIs%X_)au43gyXLP=)lDDNxcOZ5AX@pV$m zU-_DV!D&J|)ri*Y$``1FLItBQjKqRu$^`OJr{;Pm@!CaQQ^Z}>49d3cMiB*L0)maX z@Lx9B^sc<+rQ_Y#=S#*Snuu1gEhWt~5Ub7`s^na1SK#>kxA zLsXQ-ntUA9QVp{`$UW@v4TQZc^5J@hTAhsPM2r=Vl|w9A-gWN<@g4ZP)q@+=${g5y zrA#Fj8ad^~Z%gePyz}zYvXpdaTevmm+bO&wAAiQH^HRfbMF%amM_Kp2L$0Y`@9cRn zBdbTHQ&HN%*tFWP_kP$RNy^DZSV{3y^_k`pC_US3B`^3^$y3F=PQ$UGdTA-EWT{V` zh8@Ck(`f&4BMfcAKyF)=Wmiqqp#^kS`+ zQ?i3GK)BOukZ?8LQtpE&h*uZXy$syF(`rDxcgbhE!eR1? zWBNjF37CvK-a8Jpk3F?srt#5Wp%4*(tfj^{^b$mVOL-+AwTx8>Y`aep1j^0WTFGIy z-pTuKjGbYMyAPJ6!QDLf!M?8^gO`HR8G3%}zs1bi_u5dW8}2m&m#TV2M_XN${2|j~savie8(&w-ln1J~?w83cMaQh_3^_|b75Y}|b(G%Up{-qCUXqDHY3kDAZUi?e>xUu1`+Lm@*Xdq#?l6`ZW)BvVrlD+J~K1? zs1&c!wD~c_j=X=RV+Gcm_*2|=tsMlNH9nfg)LGO{MwhVu5Zly+*RKRos+ z=Xwdq(ngTuH-jOx_gz_Di{Yw|XM5SCRA{R9Lz$}d#{dU9q1FtKP0i~Fn|$d=g)}uy z97|;z*qX-0va8?x-Y!#Q9|B@mi^eOSn-`8*7K{JI{VMAgCV`fdt+(-_Lo6J!&Yzf- z*HDP07o+Jasva%I?`&g1Ur{aHW~T;dw_iJi)f%qhIv|o?9ePR&l=j-MMDCz% z8ah>@Ccv!Rb{0imw{*#VFN*5IrK}_ZfN~@v(>>lwX$@ZnvnD-4T;WB_cMK68td20k z{ijC(y`AR-K?-0|6EL~MeW(pN9U4VEvK60L?Z7rr!Fz>;@*sc0qNt9!|F;^u&|P6khRHbO*XR zzl6|W*_kA=g<0RkPdcXAPUm2NX=mp;+V)|6@*umS{6a1r5l}R1`KR`W&Wa_wgBXtA zD=}wd&x%)kv-7b^El-~RpAEgaa?js1aSw1j&)z+2I)=p^rwIz5loWW=-9p>wxeu5u zZP+O%>gJYFt^DP7)Bn4-raY?!Ttw|JJ=^!(JTWYh6}&z+wwH9&Qw(2b>}ve&{vj_?5A&)|A5grSmQH z^q-{*bM%$dsaFNyP2R`W@t+=$>w5xBbacmm+ua`7k0@^=S}9riwlWNX+#1)SXFs!t zG(Xyx;l;fYme#b;S*CqURTDB=!%||3I2X?a776~Bvz#Kn5`L1UwCr1M=IeC3pzH7T zz1)qUk>NFw?+^oXmtiT?$dq#Ra&`TNe!YIAZ5)4vfBV)-!AUwpk&WsGM3hV3 za_T#$`+zd6fen?aFvvmbS+P6VkkUzqx8+XWgcO}<3 z3Z*7=O`e2Dcv+OlFP|dtPru+&fzyk;{8){QS9}WK#SU0Y@0+9UD*%WM=f(qdkMGC| zHY5MmxUK@Y{r`<`I0M{R1x&e4mylUe^lS1GWoW#wZ-=M+$M$;04T!rMm(}T~U$2G4 zoEI8?lCcz7eP=H~-tou(ZcmAvnBmjb9wF&Oid6!K(nvkr*gA$bgX`_m6L6Vdw*ZD8 z{f|rVr*^XDPFu|W%KpNFUGCLWy4LuoDcZ-K2Iq#^`pB`-SY}o|mZ|uHE!}6n-u@uC z(dP*KkzQyInWewq;@)sSu^SA4_?FRUhv)(CE8sST+>XK z#^dM(gXXb8TWRe|K&LX?5R*1E^Uw5Xzrml`urJFz8gf&SQ^b?vVtn&5{27Pzvg7iP zXrllIOCUv?>9%yH-6%{Sc{v-z zlkQ9InG+*B`Ys6w$g9%kuyiAT)kjgh^7`3)%CpC!A?~y9xzpX%A#UicScGZ|)69Qo zWnfc($omb{@E6Y|9BJ#{&L|Y9#3E~a1aZRPjsOm6Qmd_MkvN?AEaRhU5yWl%%{Kn0 zXB2=;SUj6eGzo{CR;OmKhkGq6zWSl!#x8hULu?Y&+2^T{l4G|lw6aVu&=m8RI9hQ+ z%gvVwhu*Qh(*f#(srK^dF0+aeb=B$;pmV|ESAFrX>X$}^r6|#60ZJ!hWe6Glv=6w4 z>{1G1@hoC(ay$e`aD`7MuioXBo$}2Z3=ApSc(>0pM{|yg8f}S4iJD{ZZi7>A$;@tL zn&^>TpCbM=cYG3v(RZ;VPoHW@?w8QMJ&7-u#Iw`fzKOcG1vv;!IC}}JX)PCo-k>eK zhdHPw51K|4*;(&+M-@@#>4qs%GUXOKsU`(dmRB+cwI5hbSh+-@bpe%cv&99{h!dI@ zCH&f2W}bQo$U;Hqogagm?Q2!4HOt)P4R_tGONU+M35 zZ28a?sIlwd-rtua@;To@X>;+*P`3}Q$G#41{TB&2TvC@C=Ue?UbTIWu4hvg)98_x1*)~c03r3ZwA2paKSSyi^v zo=O7lHiX^y-GOdF!-BnFK08w3P&rT6=E(>f^^)?JYVg<3@j6<26{d;MjY?rYlO%GV zX{qXJEJwo;m$6#_5&e!UOY^7&&~@f1JaM2dPw;l~Y5*I6O$TC5MWu(Ioe)vt&DbgO z{Fp(_8|s|5TfYD(dW-FDzX3GLHcORG)_ZX)zoqGcndlt{-UWWIP{J!?eKG0eBumFAH(QIJ#FuL z*zMQ;#pJ`P__OtZ(hkvUR9Vb`Zf)fLa5Mt?uDgx%Lk~NMDv6qY@~1Nl{QtE8M3bwJ z{^&TA;4X4IcwF|d3Hk@1U0*HgL{uf0OD8?02XRYU({f|{OUgXhO5{tPmI&hy0X!J? z{kzwZmtD7xwU=@1a3N2;m9(_d-<0Vc>8dj-fRy#-{ZY4G3089?zZQwtdn~ycE2AcB z_3%@@eCOsFgo}&@vlW%ufn#e9<$H;B61v)FazcsQWc6ZcN zuV!ssoPBU7i|TZTSgsDX?GkFtZ&s04ZW6;>{|IGCSHP?;*MF!MONU*etg5)@6qd zE->yrfWm;WNEL4y_*0}x?-KK!Tpo;-M-!A?0%}@e>QEa_i-i!ak0qfl!)=GE{U#~7 zFa!KvN<$8JYRfwl=jn&2CYTW}Cm3V09xzyKj*G`C5#zngvbA=*ZT)^oSQG9UHxdH6 zlwz68DIZ>i=Fc~`m@3VA@mf~bxKElRV?#2^#O~i`4-Qh2JaK~kqk!Fd0c^Astz2ZylW0neD-Er+ju8<<6WMPg*+Eq-7`Z13-BQ8Fb zK6AfV4$tNp_q4I)q{Bc!I$jW*I7MoTuCW7@%By)PY7>vwZ4TbScV0W-6l_?hNx3bS z@4fv75!?Nkp&J9d#NAo;CEEKv7`aYE4f+p3H%=;FdA;gi9{T!#xy~5!UUUCizlg8b zskee}$)(Twe`V@$`l9$?B!(r6Z&Z6y6OjV(YJECbyn|L^ zmWQnG`0pKJi4R)j$|jm7R{bXgcCH>!VSl+5h;Ouqn7|V_U2Xw6hbMPRlDfNI*BkH1 zL6hM8tDnV7pWFw?S`9`*jQ83fsvqf!YKKc979#$XYUlZ{LR;d4gb<9KEHOAPa44k8 zY2nu{JObsvNi3R6oJidLBATV&dMU;?Jvksg^Nx9=a5=^V2r(hu@zsti_|oYVAKpWEmdCE6~E) zmr|@U!|PpF3%FC`MAQpd$Hmf~-cGD-x^_{*cYY)U=clCH2@fjJmQ#vE}( zMkH*>7UV`(Y~R?ak7MWH%9Fkvz>YXR=lYQ&kcR^R++bWi>2l}JoxJUynPXZ$B=^Q{ zHlTZAl9~ZlvJosOcEFyzfMcD0Q*ktqFGJGhKj*DkyPn!R6?dbZ#fc`-6Yd3js`aMu zOpIQlgd-63>GiyTJaW}yU3^P(M?Q%U-Af+`-?QTGU{hGOc;Djb&}2V;X$T%|qAxdC z+~b0eQ~um1A1LVf8^aT>mOL90XP{zD<5~C2N;t_X_{I@X7{0 zWGwsy_01P8jq7JOE_XTJO73QT4<54YQ8wnEf^tlkeK9+&xhu9B4Do%u7JOM9~Tq*C=gqjl)lp7efN5j-N^l? zdSt?btA*Dx&k9bFaqH800f4n<#&K>gXfOLWWiYd)Sci-&!BTzq2B9T8Q5`mKyN_fBNyz;d|T}AJ{h57I0H|DFpYJD*?0!k?UKbpQetf}|?Us|N3q(-AtDQPxf z6A=NCO+=+ZO1gVAsEBk(hvYyB=`M-UIl8-hFnZs;KiBW~*ZJ$5d(U;9v-^4OS7lnQ z)jW0N`w~cfx#<#_>2rEPJ8b*n0q97I!T@+HJ$Bfz^PI3!<<6H?TF$_y;32UHky+am z%?|zMMj4%~gjb3uD$hO?&`5Xu3{|x*fbYtzv@p+eX+M0>N^V9%TtR_^-E6-9>;GlP zXfG7rnxSn&9_}}#t!*~+~ZT&in_3hyGWEle!aAKer1RB~NVU4@@ zQ6^bNm-*%1KNJK;w0eP$pKht$=$`ZuISyWbP@k}W(crk=&c{^xnAmWrc{ztHJYk$L zXZ74;mra+8cJUpuy5RKun5jHl0=~e~?Dd-W$<>ncV>(42%LKKvkYRfFaD5ad<8`iE zoNSutxJw=Ju?otsjD5JkRBt5nvNwb`gi&6&JK}YzRjZsM*5prCrlmK4Cv6NDG^xH5 z8rkWpiF>?0d#zlkfxMz&W>EmDeU}5mLy4%)K8r5W8pD4^9tVX^%-P|s*Q8I{p zoeFN5{?aejwEJ-KNOC-TVl={PvZ8MHJ6y(MIp&7Z!00_@`mBj+u_`^tD2cjTwH3stY zM1@?Q!TVQ>@M-Yixr+t0=p^bj1TJVwr<{&#>AaaFjutb#Y@lGsy|wjJ|u+NFJR+o zQ#I>xViAjNgWcX;OST5Zz~FDDvkht%dP;Jb%`d5@z5|)A_@F*E(zLXIcoF+i#2uPx zJ=`Hz5|hhfN~hDKoMNaiOcVyA_+hDMpFYs)$f76Ypi;}RXzjyQ@95-x?hyHAbx136 zk!XdG2CyCA3uhen5mZwSX~0GOF7NI0%i-$PJh&pa zmdv~|cYXhjnpH2I1+)>>K5nD%-ahGdIMzhmO2JQh%>p13pkuB0^y$jo#TrUzk7t(P z$`I*VgU><=HDKq5D0ywZ6g5U~>>|S&5t?3TxHE%LnBbcrLhh!56IxFv@0h=l^^<$m zB6sk3k8}d>;Sa|B!P~+H%2v}S*g{uflgUT6kyTI!80F5-<*oEO7?$02u zkc98R+JILJdTr0{P~$F24YCfMpqsFttr21Lr0uM^NG75R0T+8O5ZU>9#|OHsD-BWx zGK?1*(AyqAIWks&raivFV^>lne1`@1U|KCn=|BgedQ2JS>P`UpHSGBe^l~_oZn}0O zJ;g)NuvB*JXm@H7DG~u)I&V*an>o}e_}#1%{TCudKXSa5xfP7S)6-m*iR4-M&bXUhH(!4^5lq!VPz5O@)HUaLe)uYc94oe~k2x7^2m zInT*RH{oh>!>i8{(o&$~w!uyhv*-xY0fAZgRlz)^S72Mv$guYCHUWYq3y5Fzt|eZ^Q9T??h_ z?8Vwader6Q6GW1t26b3grj4wqOiu!z%7d-MguRF^s`C$^pOCzW3=9)UF{pm~^Crw3! zf+9s7rWG&SiFo*x?`mkChg#$cjag$9fgBaN^<|snZ|)~gPXtA6T7e2)+9H3Ew1RR2 zMN|e%*DQ34^3~)%ZHklLFg(2>WU^frYBn^Ju7wpmg!QN`RvMe!=)}z>EyG^ z*&n~~l{%NI#fXq$9A`_!gN3v3$s2a2ruR!y48IDP<^a_hjR%r@`3k^e21yj=XVERy zWb_1YU?N!D%~FoXWAQ_wQb{nok%A5+EBga#$}*BK>i!i^zJOum`O9}e(K6!lkK0gK zwEEroj7pBmKXU{`m#9OdwozzTXC$X^lR(~^m46qTKHoLiIXqXFm~(xg$w>rVEx&p7 z#(9gL5OdNI7d$O`c<sa#mJu})P7ybleLH@#jM zse7_{q9!#L2di>0JZbzX5!2q3(KZzn;5kS-ILMmUjWzIC#rHh96vRnZ1pijT(Lm3l z1A+50WTT@|Lx{-fA}QEhvbXQ#`8?A~lrHIs%S?q*ApACU8?mW;__uJKVAfl|YCrWV zY24G1*mOq$H{uQRc=P~N-n`wp8ba4GbAsUy2-BBY@?VgWA(}<8@jGS zO?}F@X_+A#yoMkdbj@?$_f4GNOL^3cWZ!I&V6V08Rsp5Ys4?ohws?CM{#px!l5;HD z>|AgHdI{Oj51qVzUPr}(7du7z9Cq5BCetl?&j_i=^`?pK5F6z3e)&M{0eqQ52i>8> z$SVR4hw2VFS6G}NjRzn0D_Cez&yxip^a(b*(NN>wWA^+NmPJl?efxT0n)>&D2RJ!D z{6#CMAQ>e5WBGQ!_<7xTd4|tvY7g~-*)Mjm_Q3E5@v(y!?4{n_$9DQ$M8XA89!4h{ zxQmk_7s`eLdkwIoKRvm0S|I#`10lin7JV5P890Dbv}yLX`LOou-*870lxrk?E8`5! z0^~n5)`eF2=&vvTN;#lROdNS6uUKRkZyxOeLOFe0k9l5iQJIu z13AUMuc>#;vevg5-u~*UFN29~-p^P+Wm|2JWES^DqN&r2>ASC9T+J&7jM4~QK8Fz^ zExW#W7%PtKbf<16(#TpoesU zFigP?eRxbsbupwe-06Gy5q}wsI(qYJ^EF zwMB4mnHIH$en8&8R?9ME@^UVzug~`1K+RbGGI268SMIk>*q9mIAxIrlqiD>BOupOp_ zMr&=^Kk&C0&F8HsY8H;>^k&I@eRS&l5cHo4DB#pN8ARpqmnj?QSHuC_5 zAR!H7o4k(%)acJ%*f?Krmomj>AKY9~j%)}fuPVpFR$uK=0%m#QeU|*;0Yp@;BJX$@ zEv@<>`WYJ*pMQwH?hr!H$_icf7L!+OzRxgCyGI$-xGWtD+l~wULx)husYk$a78ydQ z56y!52cfLZe%rNL(<2PQ>=JUMJxfZ@2mNyXgc1aXEYWo zY2L9lE6}ORJbhj?5t@X43JGg`EI&s6$h(P9$%~BoRb1rFBQmaVm5-1$LakQv26BUP z?Y+=%gL*lG0~QfEaQLQ%xY>NpM>gp@v0`rlZ%wJdZ%aL*bxster6r#HVu9$t7=ooa zHSzreLhnA>Z0{DVgQ6l#cdb_{quWxNCazQ8*>u2y3?2 zV_7)(AIP#|XC;A6K684mn!uT7uV%`4AwaJBO;f72SBlXy!5 zW@DwUmY8@O-FW#sG#SY%twc`W5>`FPg5g7-u1b*XjIj-pc$VXv-TDLHElw3H z@%{_yBGe>ph6>L!|IJiwN?ihzSQ-I{a(8GPb8OlEHk3sRH!{Oa6ai|&QW&Bnz%s8Dp8e1 z#%xw&4R>0+o}S7rdHS7kP^V>h=8FN+HoVGboMcw{s^Kh%la2WrPmtd_p_Dz5?7roU zM@vh27?!Xy$YDNLNp#S@%IJUMCLt<(=f(Ts(;l zOG%I`iKg}5>A0>z+OEh`q?_fWOHv^RZd}+w3=-ojc6Cm?RDgnhGS9_anN;|jPfrJiNStZ0e`Un`G#!BrSmke zL9m7;DcHG<-+4j?>8rceQ}^0H*qsI*vnITM`|Wnw>r(gi$I0IA_aPdd8KWP^*RY;b z;w_XVeXSQ7pVrrAF+Z{2WZdOEshy`TKA!qI^f1xf_tJ6jfA~nBLNt`f#o*Z+6X}aj ziY0PbsMO}<(SXHIg=(gZprHcl-1){V4FVbo@H7%#t&Ws^9OX~X`IeDmy6Pk7X>xYC zVuXpj44NAD`=i`u<6{GMFu|uoyL#8^NPvNWGfRMHfC5K?;K?Gp+Xt>rVUx6Zfw>$~ z*44uf?tdzTX<)%j^dFUpJKb6S!9|4Zn4-rL=z?Ft`IfPqx%x1AAEkU}4e-bMO7#7i zy&7F?=hrt~FY3Emc;1xVKCVv(XxDZ|CNj9o9i>cGd@RZMQS}kl2L{DUH)pyRxQmaU zh2~un#MG-}IzIo^R${>Xwv0b`Ws(i|wGrBKzJCogr$Ta76ptbWR?m~3IXP8(S19(l znx;6U?@;Sq8iP&O2~lo$*s*-};HKb+;BU8xl!TS<9xGs{nLk}6HiY~^*2dv2^58awklt_dVe-vN`-e0GcBH{aYzZBA54}& zb%u$A?D_woRs8SnLqJ~~^MSaU)W}b?i~b6X3F&%*+d-?Si(<>iv@x=~3dD(vRjcpG z-o~gYhl$GH-&ViZa$h)*d(*J7^T(Oh`O9yYsKLCgSoWu`ucfwZEh>8xonI40$antw zC@JH47P+$JH_fnjPm(opdcBa2ymISuPm`V7{W8{3kea7oU>AO9(lq zR5l7y9HlK^KIXh#nEbH!)2ifqu3rrVB7KsRsC1gm)V}8@D>5&aX&)0T^>0*@Ad$Xo ztX~45nvkB~oH`OPKB~K^awTl8G@^a)zB<#G=Bvt&VGs4y;|=oC&sRLQ^~)ye@|e$A z_wr}!xFDXZ!&}5LTTJt;&DZDqVdsV&5f5f>adq$)Alx_LN(PqGpf5IvCc+)yrQ^LH z^RTq;Bf;yk59YlOc-us^-K?kB#|c@j_#Aje zj^F9mHAT1Y4gsR3Iw~g&*l;I1hAIQg8gwWQcbnvr)JvY6{Zr);B%J!^w&KgbUpkk} z_LRLY6Gcp7=p9eD$F?~0E)2SK+S30)-`yqFYVc4GW0T_6Vf^)i6D<8XP+8z61J?JJ z^Ys%RXwmdpor9o4Yw@BxxLwl{QD<%?!SK&c4)k(cM`Reb%}-ZaUD+p$!$8T z_>V6DT%=1JLMyG_ds)=@bF5iRusC_DOd?JFi_QqZ{K-DU0V|1`%EK5%MynK!UpkVK zC_9AiVhHqBM7ok^0kyQuMF^*p}es6ysU93-ETK66&s9 zs!-wyCL_mNIa06+?W^>O9M;Z4YR&FYH(eynV;9$-_1uz`TUwHNuQofT7?N>9MC1MGkefU5%Fe?;Y3hb_VUMWy zqLvc6Ex-nDe^pC{>PB=e#hrv!wTQvbSxM9B9UKgP z8U_4x`Telm?dFq-Cy37i{+p<5Cvc1yY~1Kj1haLLX2};sX86#oX^Ele?yXz zs-O<1xdE;Er2Frq4RA6_c-z*zC5)zc0@8K@?m2W>=8&B+b-iU8l&MWGbar_)ReNfG z1C~lH<%&+BmeZZ!(A@mRjmLpqZ%rtw9@=!c8O!ih_j@$4a?avwVoVw{*<9AWb|Np% zs*kTDZMr%^?w~&wW`34iD1AS*o^;T=;g0RDpzT)5TkuvBtQFW!LF9?SE zH?v=7(6=>?D=~%M@vVc0dCoGku>!n6vHNI+THg(%9a6v{2pr1^t9iZ#C8up>M zY9sL_nAfd3Q;R`{-h6fE|z+ZrusnS8;7^Yj9ora=Z)dzg`sHHTcNP7 zp8j6K<{S>@ZjYay>h-zv-pnS6hOQU(a{?R7!(x zcMODlb3Nx$F3Q;sTWmws4KfnK7wE&lZE0)^wMzrliVBS-3E6ugO)=FMtF>EIbC%oq|Y+$uMJOhi;;o?W;8%pY<%eAcOgFn)*7O%HhJHx@JAsHkwq9w)Pp(p$DOi zw&ja;hG?(SlQzkkmev_xOq`bFzQ5M(Kc7;clf2D2v}y!}pubaMJR(H1$n@vQGltE# zzsG=*%tD}aN8$u2{_|hHX-(1_0+6T*$%|Zpq3=PkwX^s@E~ZNp-QiL`n}Ml&2mN zkas`Mao3J~ISg$m|3Ih9{a9X@Jrq_$yu-(OnGfPlu5#r!Ub~b$trY3p|C<&_Alc4) zvL6O59xC9b@-ewKxIz`TUG^TSM4CD;SNfjPk=PXO$5^=v=$7%s+ggkQg)TeKc&jPA z!z-TG50^dVsKKUt>?@wC9U84*!*8(6+;b<9@8xz?XnVdaaPTJxM$fst#I6p5caf7FH^;SSzr|w(0|ZxD={qY5(jArZrd)io7M>Z*-I(^A@ zAE-&wn|XCdKTdNg*5^=+~`BI4z69X zUGtlO)pqN5d9QZ=Gu!#Uvc9-0l<`)w>+qifLrNP~I)zsU3@gDq^g<(o`eVz(wn~2< z$TBzM+MJV#SQGO0R{Vp`LXCV3rXs8uWqBo^d{X3BO^C?t3`Z=o|GGzFW79mNyAoKA z>{K^=65;mgHbGU5)tUs^MXh>V9M3TMb~LaLi*mO1P~HpUmf^flrp8(<>Xy^|)2+ft zan^5;sMNy8OB_uTHmrdSQ;|7~bmh+or2?yEJ9gzWqgxgqxS^+J(_y^aVUPNCL0%GB z_wu9K-qq=e8k(G-jnfJ>IDL{yJN_E+8eb2X82dlsbbD`Sz|{KyLSL05!JiSS$dCEk zT)>N~ zpHR!b73o##xQTQ5yvvP*8JDt4Sj&beSXhkQ^2wi^;-fEATQz(TTigb(F^G0^8p+&2 z*0Glg_Ti0}^~R_76n#s=b$s$HSI>AE4v`SmTNh&@d3DSCrWC1nxa1CNnTi~QD|xr_ z(p(L!8DJ-?G3H{^@$73mwCgIsHs!^(WIQh}vTlHON03`-@0;g22{4VWgdUd=)P={fvuDb6y%D`qJ^1B`9mTW`n|DL$H&T1gVFjh*S6$)%h< zPL8zfQd3HqOm%%dgU(c4Nu+LCx7Fum>jrnP-LZq9>kSv*zG_NO#|6j-+t`sA3_agL zoa79coeXUC@uQrRW@VoQ?GOW+#))cOO#p2zl}$wo7WmoigvJJO(FIX3Q}B~|v@VNe399lM$8CM&e4a8T8{GQVQ(d&t8AoALn79&0GEdDesM zEyAp2Eo#Edn^s|V^dRL`y%yWZbrV*n(c#aow>V4O?cl`SopHD41Lp+hvo%Vn;_5U{ z%Hz^pe9`|A&;DFNcZjTCHNl8X8vpv#%zORZ$#gW9JGvw)>P0IYP^2G<2-e`oMN>7N zFrNq_gWHA}0bKfNuvE!n27mc-=2F-^Rw|7f0CsJ{D*grv>neZTWI&gF^bTh~kCPQ2?u^t6&>;2miK zu%vBs*l64n zjS>5p#b`Y^HB}8-B)&yCo;}gF%jC73_+rhxY=QGsgERPqj`g(wL&17k*^eiu#JxL@ z73>>ir3}m(E%j)qEOkBPjszYf@*MRCoOPd7CrxauY5pE`#96KNeZ@8l5#2*HzJoV- z1+MLB*aJ4u*!PlQvt|xyl+N??vlX33ay9q^Y)QKcg+Ei4H|-(eT>>+>_oM3AEq`@V zR0uizJvT*P*Ou5yw|Pd$hHE?AP_fEU=Y@*vn!%+wF;eDnS0*||6i89ZWrT)qAQ-eRnLf`ZNVW6xUCTP2o@u3CYTtyjCEV(E1|1s=W^ zmlkjDzfy~p6sZl87V($bar8iM=iCwWih8^i+$oyz^pnVYPS<7?d%xnTNshr1J*J}E zfYMkG9?no1+gLB!9G_lm?Wd>aNtU))avv{s^c%S=bh}gbK!nnDxIY`R`v^n z)yHs6ZqA5wMECrUt0#)4$_Y+)D!1Q%XL?W)GC#~vuQmzoCh_Zip2Fu8nRdXUi>IMZ z7|qjMb~QS$$nP{|)As($Dk#)*tMmn2+SYN^MVRIWHgKK zfx3r)@jT`+mr5yCAI^|e_k$hpnJVk6(DQh{3!TAKYwYE$^wfXa!jKHh3=c-E%8I`P zx3WChN)j+vEPos1DF6-4kVa`i{X*W0{!9RjzV``@&<~Hi15-cxm%PtOyQ; z>|_&8{1e2|!~!>{b@nzwwypdYLYSN54)@P7!?8JRTgbImX}4>(&{1N#eoW+EJ#s%v{}ymyY3B#cc6`kR!aXYa0aJCg^hd6N)M}%ulxil z`s5*&N9U(ZD1!3l5w%hMM1;2N&CIBA)Nb}n1o&fTWrnZ0H|7{sH~iyYSdH=g&!d4S zK?dUylGdrFb*#KopRvlXGn@?aYGc+7L9Ard`|FXUs;RP>E4!+!S_XZFp18^*xc#m2 z``02jZJHet2^{Qd$$uLd?PYY1>p9!&Bf(b>O-|=W%{$=Da==R0qwv8_B_!2uRrbY1 zDuaECTb=>yVBb#;%(S$%=EgUrWy8oc4#Q|L|L9jK;jqYq8EE(wktRE5u)$xFtzr8# z=6c^hzY-Bg{f?+4FU7e|)G|>lh1XTgZdUW|a?qTcqe1HNW-|&)-@SFTxUFi;P^Zz{ zbI(O(=i<2bsH$5D>C1lFU%&jD{*m?jq$fHFYj@Wx=m?X}(XWdLT~mGC)~FmOJDX^~vYmB&we3oEGaKYJTLuQ?CY=k#4yb&*C* z_r!WzrIh35tlD{HLTa8tA=rkg91iAga=mcRHfX)y*q-u>a(p~V>~s6-9MaBAiTLi~ zn*%h^G$%Y^QvEU~eBDQdLIoHqEB)^wEApdr!l3@D8{ZgH#MS<3zLxH3O^Mvc9d+^< zA(V)H0+r-x$c$aRTw0<-`K?Iz<(WYsJ45s#9-0xi8?mHG>>i4)8l!vVZOM!~4=o zBa~$)+Ekg0&!X`OtxF!)9T?q<{g^W)#hYhZmU1z9rUyEEmHW?1q!MO~e`l2))Z?&o zwAhL@xi1pwK3@(_Y485^EjqK>DpwfZ+gjxrx7m6~(quVjMztRMkd*=aq&7!=4`?Q* zkQ0IA5*rICeg%Bt@;lCl_*6@hG=mFhY8>kIW~g#f0YDH&ei9EG`%82c?Lv--U1oZE&y2YP(q^rVL4Q z15ZJm+cn4m*`jP>??KWJtFfUEiqJ+!FN_u~{fJEhZ>kOtfEBsezz z5KdNvN}V;cP_s{N7q~KEfBrv?UZmV7iYmdBAA8@u9P-_>Y!bI>2I(=A1;RHIjn*#NI)GJ{f~cIOqXxob1vV=6Pez;pux( zdv{h=ga$iquC{P{R*e$&Jqlesp}0C|_Cv6AUiM$eo=uuK?i5u&dcb+TNJj7HaX;#r zR>s|jLji+2EhSF3P|T1*2=&GVo+6Z;`yu1iUNSDe+xi6rN6t~BAzU!)&_;Ds?B2*< z)Z3}ld2zCVIzn+~1oE%XK2vHYcrfS?+;lV~z35N0TwK5Z<3BB#d=w#4cQg-6SaQWRX*CCG zaP?;8%qNmkucbEi7cW7!O;W&3?Nzg9o!Y`EwUgt)5wF9Sv!{+xLBvg4Z>*;%!m?=g zP3CE)4;wGqg3kP7>#6qn&)0EX&mAusQwE$@{5Q&WoG0VuAA7J$1uJZv9V1R08!agZ zEoa@#>}CP;^a3S*MQfV8gVt*|KU{Qu$q|a^W*K7sDqyQ&@xb{a=1a9;;*xNJ#zv@{ z(`*9&hPd2tH`7M}<2OUzF``M07kAA65%ETEFj3q|&}ia%%TY55D_t=PMrBp9Ek6N0 z{`f;J6y|0zF;ld6&uJ6A!4GCbCs}0CPZKokaux1tu)?kO&>Lb0q>+8q}&g)GkUfkFVRR(JLDaM9a(sQ zTLFVYt0DA!$L-ye4O25|e1;?DQqRANGX%OnwESbCOD#bt{H}4e4X3qS5#oZ89W7B_ z`-Zq^lBml1t$1ht7~Un`F*_3ZsZoic>jXka?{(Md*D*iPmuFpQA*Z_Ctk;#uxS54S z1#2jWd6NP8Kz%UhLg#*Fx;%-Y?yd@s$UeTafb#xa*nQWe>t1h0~@i_xIZXrL9hK6A(z!LA`(KO);2AYgmDJ&Ip!UegAq=KR{(_^j}S z|GZP(BbgZDpw9h?v0%ZexUEs5G1yGzlPTH^^-ZgX13&e>4}TL%QC&=m9PO)`yVCl} z_?})dX>e(U{JP&yF>;;ai)QqH#tRWuwO=(++Jb(tqAo2K{i7x32Ey!xe1kd*fw*6# z9r`WL=YFwcbc?$l(pfkcpg3Vy!qqAHF~`;g0sfwZ*1O7Kk7HNbOXg#D^UD)p^uvzk zunMIwQW4$}iGL<6$tG!mjLNCYBcE1U1}3t7!O`F0A(Ts_GE)fjTf@}b!z{w9rlX?X zQA7vp`@xh;eM&!U{X)lxqN=FOh{w~%TqO5C9pGIq-;X3mxFu3cBqQsF+3&qya4m^O zH;(^H(2vy8t$g$;ZCeve`+{VArL7Xl;nc-#xyLEu^zuh)^G5>eiQ7WyZll$^fq-qg zf#_h)^fSi9zs>hOjAVE`0$@3Vqxs5r?g_d@jY`%A?!Q$SDXIH~%RP8UxvLr0I+Ck8 z%F%BSXv23P{4(FUaPi;9gI7MBBrLDLWeJ`UIE=~czR=sLxMjpT45f~#Nc?^~Ivtw> z|JtWc=kNE+!sdhK$Kb!tgeq1H(i+9W(;MwvFt1;X;zesZDqgwkI@3~>?v6iH$pU~` z+<&u3`C36^0YdySO4r)i?HVW5Z*V!;WsA19DaObUncM^6x{`TZ_i#`KV*@7}jGgJK z$}(&PAYCVRz~{rnZnmuftvml~uCN2Rokyj$^?LVBJZoFB^zOA}_M9)?$s`$&BbUYY z|CL3mEohK(PMtJq9DqG|=%F8@x@v!|5Jn=PxOd;?nZ)B$WbJ$R?gZ1wb_LYK*A=LX zJX@HULnNcW5;vL=W{5&RJx8rcK6NE7I_hWA0ajB)T%}Lc;>O9(`KotjZ$t#KLvP_M z_1SM`>_SB&qVyn_FUtxCPR^Fhq-Ez|26-IPngcX|XNHJ~aA2)FEmA!6ZcFL2g zuD6;S%@gwD%q2euw2{ha&wkN9huxlY10*FcYM@JB33i;Ul!Pd;Egp29#>kl+YGaQp zBM}p=^hy8g@wO?G#Ag9>jsz%Q zUNp?BZE@)|de(K7uf#U)!hI>>b}+%XzICP}kc0wbIfl(0Wy&Ywyj{i1yhAnMauQ1i z^#@Hyts2loQ<$}(mu{-h*;G_JBR*%^*Ss5xW90wXKInT^{@!oDc4NC^x@v#Ja5K&6 zA}Yl<6>l_GknB$aWAi!cU^2lA5S|z|d3$=Fm1m4u7Vlu{uU%}JzxEwYk4iF`?U1a;$yLSS=y130GMF}70)-74*~8~C zy!Nr832WSB8MiU@lu#gM6}-3@<3F4?BasTOR!BRl+fD2AdHDX;guTnO?*np8f zBAL;oor0w?iktsjFK&w2Q(1unTF4E=#!s19EQ)=e;C;D3Hz;@3yZXgKV}{5Ip~T5P zyr4auKl%t08N66y*Nv=(%ShS3ch_;19qQDox3U#L_$ta`ualX@*7m@kZx8uG*Md4J zjD%=xV^evv@d&Ns9`y7r2tK_s540aaKE%3I@-H}XELLkCnEBlecj+mId0 zb^1bcp;CRT#%Z3%oi4k^ zEiGZBdYmKIC=EBm13~jWkYQNwcyChJe5*!EQ7*gj8ET$0`;?pzV8E!>i56>Of!?A^ zMSk1s%ibUh7-M(q*mr*v5`Jkyrt{+ zX=Od>=K7&mrn{gQz>@stWTS5N&8CNF?G2P#LMq4A-m|wE@*X@wGIq^1rW_IrKltsh z9lVbYhmV2VnOT9STMLaK$W3u$R!G3epOMY7zsAwUKW!hTM5$Rfd>jqD{dXzOXS&qb z+M|9>95=PBNww`X?b5x5sX^p>t&G%ZT{9?^ZRuin{YuXuC%xg;4`+PNR;`Hbvsc_+ z47RnO6}?Mzu^a7j&9{2HBf5P9kcZT=hIP2JY>|V1B`6;t?pfX`p6Stno%e1^2@#&d zSfrL=?}9>mk4jGl!mWiM`T=Yz1>KfUi!ACGszS+;6&yE=k_+1N_pOsD4l(eXr?*!P zL}pl48PHlYdW1FQ>eHX!n$J+1ZBTY$0nj5Dz*Ct|wGLBtJ{*kg+EqTz=uxw%J%<_4PgGkjm|^6HMt zG;Xzr>VS5lo2iHXx&D7IfY>ftz+l>`dUKn)BOXPkz4F=ACFxHU?p&&y_qqLWlq44M zgZ=agRq7z-!^bQkf$)P=Us!<5+HTEN9)-!fpjX!`KvV#e@&wq{bpPwZcdyR}OjlCj zkyo4^kBcvFu`6O3S8tL-X>M-iw+OxX*Rvjog=enHmxMJljAh<#>_m(6guSzw9V+}4 zP&C22c@OEP)^K8rYHu%yjnRibOMN~ zac5P`rEOg`X^lEgbmuKir{AOiboPjoC2+_qjMZO#;EF{EZ0E_z0~zCp?oXAlKhVMu zV%opZoKt1%tW}|%@~7TeFMr;<_ba34q14q)g->2biSNxHW*Ik|Y19;4xndBa0(*XM z;c2R@A~4Y6Am(2V+tFC^AA-1WG1Kh~ShBJ_mlXvY?|qmWzlu;GaR*xiMw@((|A*{Q zTHZ&UYl(E@I9Shpyz9Kiw@vsDNh5!C_Ui4?&xA%_G?0y=v+&VCoyr99K6nB=$yYQdt{%5*<&tC{QV5KI-UP?0*FzfiIRJ3PLcKV5BE{5szy zm~e4biy9O^%%bFw9-4s!a0fZY>fhs(-I?%KqwpK8kHqs^GGaYr6jaN0_i0>*2;J=f zy`L^Dn3DW8kAoudY7LM(3!r+%4No7jOTklG6hH~Q!Sv@Xauth4oa5{_IYJW@9ytxd zaX9pbpT#i*q37=@dt5bFY(_@rNfkW55<`sUbm(h4&vU1y0Vd2r91i_;g{D_TBW6g1 zOIA2MYYM%bdac=0gl*MPa^y{&Yx8B%^}_MJwKKrM3upV}{|pLnvuFRqcN*P1i;No& zb=E40044HhyjOuS&Pcy9qN{d@F##)$=|l`P?r4pMr%ZU=xKneOIpB%D2hid_t7O!+ z(T~|^Ku#Y2?Vg}#{x5>U?dczOqyZ+^CiO-GoQ2>oM zmj~@Sp4h316n~Q{Eke@g%t}N+$`=UmJ-p$}Sx~RR&bw`s!KffNhwb$6_T8!SQQ$M_ z#wEO6fC}>Y{kRrO+5_K-dXuSRGnLO4wW$Kl6Hm^{gD{q7*oFO|HQHeUdl)X27diRTLB10iR*gO1$^F9b;YHyhb_ZDgp`}BNHmOIfK!Ph_YUr7NG;fKSB%};X!28s$lLOq; z2-lE3MAaUxUTzq#)D19;b^?&ByglX9EGzj|n13QuYzCB#*)>%i+|eO|oS#QUz(=AY`!;4QUH7^uKu z?q4g0{_e>TOCKKVavZX1Ky_m3F~;3kUxQem=Z7tOBpf%fTb2VgMEZ zpLB>?X0^*{Y%THF_3#$eL(oEX4#=_ltA0AxZV~M;aw=Xt%)*IVGDk%*5>+f?84yXzIU5#Bn} zN1GAFJ1+y?D_74vTwUTY)QO&QK6cz3M9f_OQGLITDH8{@_g(KYXg#1@q;oZE@C<40 zr*N&B?k-hYliXf*;0^kt`upVh{URizRdSEed(p>Zf!{<5{UYQK;L&EYKfzC4U>%=C zKfjo=u6%z3?a?71x%X3XS>PWkarB^8Krzp*q@|BkeSC1!{NbNmGafshM~3ABN+nrJ z?3ido+6}iesz!-2eQQGpd;PrJ2HsUzOc9mJ`Yo$HPRjc)LdNS*b}5mwo*!aZZ1`eo zsUck4=*XOkJ{U1b_*oyPKyH%+ov(g!(Y*HY=5)my(@gH7xuRQs@9}J#g+bFT-sPwXGa-E%?vbqo+wj@2@ zZLXRbF}BL{QV;mc>y$A4IauQ=x5X!gn$0WFdYwP_y2PB%Og0DMdyjLS=4-{AV2Vnp zm#xXNS2ntTFBL{$K82(#XMEk3RXR4`#fvS9*V)uG(~CH>jYtbz$j^SqgZt5U z;Wp9%;}?J$LY+UIV$HaR54qwTMNYw8TZwouck`R;sp8h^(u{*^Tz{lCn|9yiSqw2rk zMWF1sCAOCSd*i#e5O%N2g|f9(OcnTl4=&AhpKP&kk=N?;gXET}J=^Mv-bb+gXFT;~ zg(bkQ*jDjQ2DP{NxtnNWV;+*iQe6teX`vOb3PVZ3@zLE zp6QdN6#PLzN8aEXW3F@dB_=2Ok4l5#`dr~%mE~iO~otW3Y$A&AXH_eK(aXGpnm>pPwhy6+nw2cUz~F&8&dmD&^pn#0`!pPf|vI zdpYoaS(V3m89(Q+dO;m)JqJx$^!Bgb052kS6unoFZ{_6DbE#)4n+@oMd?ktjmaS+`vD1E{of{mIG=W;e?D(FQw}Zz?m%E$eJz;<=#e zMkVNH$MPNTR~%I7V?6?KUtGec4%R0AM|5>t-PzU>QaSd#Qt`;^vyO7YL!ngHC#0q` z$SDl!6tN%v5)#@N^Cd#w9V2Q(esz_~4^gaQaTnUaHmd6^;(eYRdHDofjJhXbs2wZc z_jHK4lw3EFQ)|cre7V+gLRkc7s43S`0yJ|M-gV&F zapAU3`tUcZ?eMKt{F@>MMshmQyGN4-O2A`~|28C~bY(C3e zy%9VZRx3%y+-BF@u2V=yFYemEu9x{%`uq_q*R?wG`YTVbT&Jw}S3LLo8B|l9CjWp# zwZ8GNA1O$XF}x|@2fj^M?@AKLu9_pcfa5tXXnNZ~hmp#1%;8Zu_{1gSXz~zg>kK{U zn1f?g-(^wee|(ONMUh)W2Q2m8d6YVuaBq|~mC3k#ZW738`*1a^H7JuE?>RAEH=ij$ zdBYUA!FcOouFc>2X<14O9dxPX-Q==td*{N^;sWeKXAq5P>;CcEs)nW|3#-#X5X}YT zy&@I7GvgG`H_ZzQTj7$m97~dNp5v;T8QCuVvoj*`CpGa_=|B^KfG88O5=&mOL;1FbE;y@Rv5tKIWzaDZAkT%Xf#TpPlU+ z#&H4J{csL?;y`!w8l})v$HaeuP59DJJ=Q)Q2($mrpTxd*jlE({or8k1sU{Bl(Zpy` z_g%2BU5&LK%SCM&j`R1+Y|ZEk6XsgaC#8<-B@K^E&3u1Zd~Cs9bkf-CDtWc!S^*%x zAzd^G-j!zAO$d2LE;k(&N1Na)U>smzzAtNe>fqKD`H5*|-8;bFacGJVuxo8Rn#b9; zib%?@$h`V^u>iKlnp=IF?}orV2%9X9BSwR^H9Gd_{yh2gU#xArfn6$_0c!EsH=^FO zsY{}Hvm|Tfb?G0bgF&VxraAjhyMuRvjz#zu2T!Zl$-)xqXYa}_;Bw!K(@I=F>u!Ai z-4k6cwGwdRi?5f162x2KraFzmJMo=&bO=E$6VPA z4k-3w?^rHw91JDrdPN2?>)89|@rJWwk=MQ@?A>@8q*lG9Zj!urZ&wpL`55DerrNwN zQU!ZJgwjdJjpBZ@VMR6Ko3zCGFcxkOjPSGbAi6`$3d^s@E!WFcqBuOBc*lP)$u_6$ zdWpTr)Oa54*PY%ZEO~G{g!M9HB)i|_Q}DiS?tRwx=(j`kFH^oobY!zm*cG(D?>Efm z6S%B>jZgP?@#0GnnV-Vh5$vLOE8fq1;QQIGcktCjSD++hKmRW9ZG*lDe(wRnYIsFk z@@U!6CBHk6!MnRvfFk1M6Kn5K__wS!s87tuf+6;?5f z5UCp5xm5oGoW3w$y}8PM)Z#h7l@N2lIL+g%7{tg^-}sQd%3?)zo2fo7Gt+d>!yjo( zq!C(mGIC$<5f`VE<~^GUJ-PdR6N8kREv2eHg4OEqQmn47F@t`WFkpL(ltDVPotDOc zq2Qhrl%D{A{*)H?eJ$=R5QeXe({OI_Z1kv+0-_o}ikCp#T!1-QeIz}GKFoarqsfw< zU9vqE?9S!Y$dWa?7cIZ1%z$&4(1P>gsgl?kunYva#rGHawIyU)0!LGTSJOF;$*3^t zbU@zc#`4G|S`cLcV>Nwem5lvlZ|5{UM#Pc;qHoMM)EMmg5Njim=0zXHUI~FFvR9s7 zPDgUvUM$zoYfhX?!zvOhE`#dl#xw8)w9)82?{TW?=s}CYcC`%kWn{J2diE(%SqExJQW1Ca`DNgWG72 zF3JyQ!!tk6mvwLn=tQ-aE`;9dGvQaZOYXrDKV-m&8UN>gE2DT4mR<-}u?*83K?P<1 z|1mN9KMawyH+JP-jxFBLw*A+O6-ZDEz4pI#lZTEeD^4|+Vd5i-( z*sj}|-G9-QZ7SF%b0Xl2WB~oEKG?V}>iwh!^c(q*Pu3EQoi&J5`He!C6K@TsosktV#qWwkoQO+O+Cnc!Fty!`7)vOLcc^^+qI)6U zX6c)Gx=L!rD-C1UInr1q#MB1K3v_ko2Qd^a7M zF(_E_vRuU&X-@JdiiUA2ym{!}xCY=hZP@buTnFD_dzS!X6MvWj+R%sbKET_*buzzH zWB(I$ElRt^YMgLx+4)IW(sjJ`Mo=*7t}j0b)jQ|Mm)o~xICdgO-6)iN-7(u4+)8g= zMy5$haulJ!>Bfg2z~?r_)@?)f4lWFj$Ro1t89AAf$ju8$+t%!H3qoZ!jJ$IACHMoX z?@ODjHDe+V7iXnOyNckp_L7p6(p@0O#C$K4Joqi}zfb6855Qo(Ml`7FPMEIzQ<{#v z!_eikxY#SXw_WC+NkN)FRv4xfMThUiNdM8R^zy@Vgn4SP!j%jMqv^Eqq8hHcF7d89 zT@z!O6;7+7(_9AAfA74KJ^U4stl;r2#AxFiQ_gRwTX03ey+XybLvc>BR zPn&JpclWyLUl!;Ji|kk24Reax|E84551$-52_zIoREj87;c-`PnKUW5|J;aRa5wqB zA$mqW&?Sba63Z6DLx8J-9e9rq^?JW~JmuXVpTC&;uX!LUH8tRSUW4Sa%&WkCy=wWn zM_?<4&aV4YLv~88`+MaI*iY)%f?Zj&kVKXncha>7!H`I@TVZqJ?cA}noN z0(LV)5Tg^~2M5 z7w;8)E=oHpAJ_4oc7hMd+9qD#llUv3^ZI9OuSQ%PSytlWHbV7YX9xEEJFX5k=?mdm zUUL?u7jAf;KwfOXMwsRNSB0eqm*QqUMh7Kne|S?{7k>ZQT7rf1dJDGHNi4JXW{;}g zEp{HwaZvou6c)P+>rF_7nAS)k^sQ4C@wU$$9;W71+6pfJ)-I>sdQqg&9e%}(Qu?;j z_Fwsm(UIQ=Ik|&-;#k|Cd9N{lY&H{y>D9{xQfHDhQA99oAN=+%DELNx8!BPJW=vo~Na5@E ztH0ExaCt@d(xX2k;Adw-W9_09Gq)Ai$7{7GUDR1vSlrGJCw3-4bc!P`v<$n2_#>v^9Vo6p4{Y>d!4hO|I3~`eqpv#EPmygtXp1B?vK)LFShyxgM zGmqukBD?gEy8K|Kp7Nc8uSF`lZV$6ke>Q)st}^UbBX@vx*UwtKI%D`}4!e$rTn?Y_ z{EZuA>1Vn-B~>|Uye(ma4IMr8(V=r<4Z9F8rU*#as&_Wm;WM9P!qn} zt$^`Z4^BIWiURPMRJ;S`WTs1@e*TT5VgjjC8??5!6d9)Jd}vwgP8aG)T2KAQr68{E z$2BY!OyXnsy+$h)MVZl$YrRZHgi30ca`vqAX;NAU(vs-? zFwrJ#6xy|*oaWS8o0h@};S3-iQ)f09t82wi6px*mP6+H0ljYGd9Ra;I?=i6(nU4V7 zCffj40(GEP~qPa-riN=jzM;x^%a zO;G}y94RRmNyBJ+>z3vbOC`H2VFqwiMg?{DaPNOicN8G>`3d%Se08U`kf?$ehN+)@ zl*KBMF;yiWXke0g-0#ysFN$5C@5P@{KfvAoh5U|rKSZf0-gnb(dTIpEj| zQ-ZHU{)m5dYA=5|L!lI7DTYFS=wJeW&0PDBPm{;r0gmz^=yHbWfS?+5i(j4V@NJba z=BTC+#*QXN-c+$7?Sbn(kFU`mo19EOJvmYB&&{CK(dT{i_GJm2vJjg|&*s}e&x+WS z0z%vk)rg5juhXrkoQd9U%WUu*CMaPSdClZ8_Dd$|B+%-wQt!od^L~ncmRZid%HY_m zq^HK>`RL5kQdi%T2k9{j}>&W|^rNiU2-(%b_En?#S= zvuC~H|J3%`thRfxrY?hfJ&cd%oqum5KDKP^fNwU$oo{{K2@ZI4{qV!-vp?zU4otpg ziHRPD?zKF*xg~CCt6N-iUVStA=s7*Zz5O3BLEmOS8k#U172nAuON&l#{0PRLJ-ltU zKi~52XI3#|GziP_4HcZpYD6@wbd8K{NmPv_KSSX@@g#I?od!?28?w&Tz=$@|8R_1) z8KYkfw0tP7yaVH;u9DEWYOFc1?B$#S4pP}r`XbPd> znslvJW$WMk@mGRpRvlf3oYV~+=_}7t_Sv4Z=YO5jQE>tdA)cN@5=aU{1~onw_NH?|i0Kxg;>OhMKhMjU+BYy^Dzo4hmW zQ>q%t`w#BI{~Kcc^>0N=7LV79vT5W!x251$R?Wt}Lmslx%N8i>g|5s*H8ponp|Uc= z^6y`sx#$X2D%HGb*1K;fEzf4LE|e?OD0J_tUW+h*jJT4Ajh)?{cwM@hvIL(yQ8RIc z%&GJBhR53Wg;Oeh+|Gvk@ci_2*hi}m@mgXQ<(0q`R-DfD|Jw_Z%xqEYow?dvjSk~>sAF=5K)zaP;IgB(|9;%&yt z1sw0*<0*ae>t7y__Z#fTMNOOC&TB50s*B0v?glK#qnh^d3W5EaN5VNDN8nl#Vb}(q z+Bc9UviZsC@M4sv&X~t zzooGW)jL>PFqR8gYlFp130xGN1LQk}uTOv3MFW5ZdeH48P;4}oXSH8>2 zo7`VI;Riqe2&_Gh4q*NiR8p|1UOqBHoqfi}xNwsILljJ%EX`Qy{hiv4hjjzoEZTIv zf+ZoJ?Wcd#xG75)N?z@|`|VS>+v44J#leSJeVpueN`qR9kG`4QYU{~ux3-Opb<>a; zdwTEL_oeF}TR-V4KjmZT)H#CeoLn^c&CWso0e04$X)>E~=OM4WT&T!nAJKDt#RDRp zsM9iPskYf7jMspo39%n;ve~YIfD^!Yj~j*#*|j`^T20b~c-j@q3TL@q*f)oj$Op%! zyb4x6j@M&DrT2?%4mf+b8&PeGp)ITJ^B3ov>WXiIrP~SlB#ib^&DSe2}})sQ`-elLT81|SH`}O+3uiF8Tb2RmjbvmbPG#H*sD2& zfWV=38eW?SAvFdYl@Mm%E9*8uBU&m0wB!P=K4#i15sZP zO9VTwW&YFe1d;<+6~^1j+m)7`07K*Ka$BmWY>o;;#J9$zQYI(^2}->7phYV4axQ`$ zr{egS5l9fmTmnMYA7~lQXBq%YNu?6Y*O#TugHNogh`(hIF3omJ&m~+1$^rZy(A^&D z%rv3fcM4Lg>VAPB7^V99s{dy6j1x`gx)sO5A~nzdGm)AMTA?Zw&XOwPS71XRBsoKimsA}JV^!@X9e|bt$+n2jye_&Fn6SzXLxERabmtB3e zcYHM%iv9@Oy%u`XV4OG(FJ|&~R}86Brvr^re0m!wx1?DnZ-4~f*mdYSA~F;mK^@Nm zfKborpi6VzoBa9Rt9=gA_7mno9JiOBgXP{^$@(fqbVuBsrj9LAfrJqv2NZhfoyOStKeuuvHZ;BuE<{4Gi_gPB|Q zKlZO2c82R&K%VybAI$INtn6bfF6lhxkPE@jv2RcaK`+uQb)5hXBk|EP%6c?76$-8s2glznLx7xx&X$UJ9*JK>%)Y8~b8)rt2F|OV6P;BDrm4M6js?*PkoQPg$=s-+{6|oaZHG)4+|Ch@t>F zq5l|oaFVt$)zY^BMbY|~s2o;$Ol?waPNt|R_ec4@tdF!b5V}|M{tiRzOO*!)H{*tKR zcKv~rS>)KQX5&C;29PSu!uq(I`TLEFUje|ViJ+dd@@q=qgmG6XYx#cB4eu~kBiPNL zYv4zEfR;kXCt}vC$tsK!GuKV5%KJGuWNSjA1FBx}pT3;Phzzu2k8k0$u{(>X@DgZn zej5FQc<9YVY7KjV-PR@&(&RBOMp4#Q@5NdvzAfCwPotd8SqjBG$+@-!oktw2xz-~0 zOGgA!JUh}ZeoCBc*i0YJ3&nM$mPsD=(u$GnCJ0QLb%HPyp=WAL2K(#zsvkSuLGQ|g zFh0w{YUKUiZbwtAg96fZRzz=ba5r!3^^#Q;gzbu#3g8 z_!81M=@V*o2{FzL+iJ3zIuwfQ&ErP5UX9ZAh6)sr*<1|tEWp+-t8hX}dCwI#Bd_Yb zNYY98N&GOrGMC~G*%78rpJ${-m>HNI`(y5de7gjOqtoi)u;W2xPlH>jCmCCKx2e5Q zaOmgZkrMS#Fb7VF{FCQ2Lz*s6;TZolu)azw?N9w)*4yzacO0HlQ7eAq(M#CpUaS7< z1rg{Z$$=BB^*guCnaL&qNzkJ>A&-X9IcIwxcOHl%CnG$b@-3WEjFc#oAYsg8kSW29 zF!XW#7tK1{sT($t-3yS zfmX|7zy369;u?>HJH*I~6&jV@ab^Cy441x@C3dQ>q0`uEwFk6HmHx zaHlHF5-R`Z-@1E)KzXazxLi^1&FdGLY;%#@d$&~Xxb-jTK63QE^F~Za@qUg7XZ=zA zYTdzU5Zn=R$NQTw)&2T`o#MjPWNZ6xC!{eD#dqTRv^jb|OBj_2^!{1FkzF)~IDYEW zA>bUiz|K;$$XzM`tV{vvzTH9~TVw+y6$52q-@Y{zpeG4|fy9uHDx5w1XG>p_8co{9 z8*Fe1?$l9(L?NZ!tN4{OPVM(U8geX|=aR+cu6F5x3;A?tDb8FT>iP|=jldg98Ioh7_X7iUPa*4jNi+x8^H0!qMpnVkg?p3 zJYWe29jF2lamCD5zDBol7Ru5mW2swPBcmBv zqgq$Y_ar=XN!NV;aYC`*6FS&N;2YBY*zw2J_*f2TNt1v%Bzq8dSR=4OMHc3!$xauAS`Q+|W&Bc{7jleE zc%fYMSD0Bn-AT;*tP+b{H+Zc7_i3dI!78(&7X~x{F#L0d5GgE*xZq9CfYkAHyUki( zUaJq3iqT+BlXRd(5iX^M@v+G5J6d!Hsc~n3WS>bO-7d5FUC#o^tzQD|Lq}O^zQAGj zF;`iQ92(2$YFzD+^C6*p*jPq6bmjgscQN>>0dVsQOKrD<*HbYht*^sC*JB7l^%6jl zG=NFE6bYp4j!6Emf5Vt;5)}Ql;N~x^IFd9(oIE9BTco!FpnP2uBeC}wpPw(wNRs+}8Bb`={ zGQ?^UtT-I9&JtgAjF`TZJ>Ggm^P?=wPNs9^rKqT%yOfm@_mbnWn|esdwTOqmEfXCb zcMrjSdO9LWZ}(JCf^Obj^6dI@D7}fZZ+*7B*f@1bP5zX);e!vVo7YSHsubdUgHWZm8MqNzQ@<-RLOn601ll7$=BB-UU<9}nlO_GQikEr&+ z`fmE#m?_#9I7wCEIjRDnJLH+;$esP1z+-jfY0~1fols|e=+bODF*tlo&ICsUsjk2>1&{dYe*JhNUXmTv*)Um3NJowFh^Sr$= zBCzHR({Jh#Mm0bKY`Tk$v|Q7aZ|ll}c}+Y|51hruOLt6~5vz0KV8^JV0NF_&e2xn4 zbp)w>?*d*G`e1!HXVZVNeVn&u9sVv_-r~zeFNN%b<18A)taSgwQtP*6c)hR5^_7j& zFJue#YSnfL#~ac2VBbVLU}T|g1=#WLw;hBggNpeb|+E3DleR? zyw|3jj6r@p(XmrLtmdUNE|gq~nLE;SQs@8?mK4zwj*j!@lb9XYI9*~p|7-Lp@L0)Q z0eIfAH_P=}ho>X6_-2LVd|f15dNXpBvV)c#Www`vbz7t}QMQNU0cwT6mL$F`>25iA ze%h2X&;y%H5Vs98y5HZUb0G`#0KPnb$%<0$ zWEU@_xE6juWRU7ZH&57{9y;ChdCF>hhBpr=J=;B<)#NXJ(6*@rM3YJa(O^s<=C0&#s`*A4*oG#6}GxRh$=A zT^W_017utmFV#UF$CEaCzM_+dK^kG9C-+OUSKX7WMfN&wgt5ISN}X!_YZ)IzfqbzM0b;?o=;h-Jz9~i?n;0Q&K9(MtlCCUi@N)n`eJ=wB zkTNn2`T_?X$6rm`C#nd5T&-inqNTd_V$?WfpaoDOsTrQ06h_^4GV&7)c#V>z9#&w6 z)kc|Wo5*|y=r@Gix+dLFnfagCgX@L$#PC>vagb0yU6f6hCYJN|d-seop84gg^FNe@ z=t!ADL1Dn;^-DZlNZQiwmz?v&`(dx;t)Jv>Qfomg`mOxBKe^sxhXqlYA!Z7idNe0i z3fDrY5n&Iala6vEQ42)JkhD^6@a_L4LSD`_g%9O0`9PX67ve47&X%Q0y9WJeng7+6 zfhZc-AckjkH{M&TIn0PcCob+ukAED-bFQsK9Ae%J9CIlSIlrmkAnk~g?us5@J`a3N zS)w~;4*1W!Nt{Ua*Jz+&Ogq<+D}^2|oIascT#S75BiVyo$AixPT+C6%D5bG`07>MN zspx!j6Ct{=Xz(ay;R`@crrYa`UhTHw0P!`e`$NP@`}~z-F8NEV{OVbhG6|a}DpdhI z=U?8`y|q2-AoKZ{=-b6TWKmh9^MWZRxGGehkxD&%sGUoLWFN5e!38?r&CYAu?qZjt zNojbF`^qUxc3;48Iw{swG}04>fQX{1NLg}4oqC6Wlvgo87 zr5(rC#iH;J%qIqDvt~(#2Fuq!WhOEton;Ri%)}@Mm7ALv+Af~zRjLLILsFD#4HZ&0 z>h(@_)WAR2r?!Lp|D0g8#S3|`-Ga{(;1iD8HG`%vj;fPWWOF8XOgq(HR^-N$|8UE* z^5fJ@><|{MdJ~x`z1$UvW+@2z$QIeJwt8RP6Tnj)odm9XoGOVut5k!hSnqY2ZY){N zdox@csWL|F)x4-eJ-}`qul$%3Ni_9yI2rvhcR$h0+i)l`o>vxcd_B+nJoTv!0Tmpj z4{ljfoLG)DkNhb5hX#@M_lx$7EH8SKYcG?OjzRG|v7f@R8Qq_)(qGOJOLld`5En*} zT}XqTlFy0uM24pMXSc$JixT&RFiI_IyW8=-d(eBa(eVhWKhQ8XwJN7zlac?nUYMiy zAOMjfREH4mQN@bWO6jRrA}YU@@KAQR{~_$KHTL&5&q`9Stp(?hvxbhH)gQAoELHRD zoy`WB9=hD!^ZHAP-Cwqo1HhT>NkzlSHmS|U?3FXl`PdVDqv)&w^dL}bR(-DeKpFpd zAGh#DsCMxnf)R>7=;}zMoCWu<(z~w0vy5HD=4uIgcskI@=``w3EvR?p!&U5^zo<-NKxGAY2C_hgGoKgqkXV+usbXL1zK;)oVe~j?J;Lm?|X3IhPIy7 zcdk4fBIN-nMWnXCYjhDwF>8X9wfPhUI$ADzDBk)q0tW=c+w8Pky-$= z5>1#PgC)9YiI~BM0Tq76CyRmpx)aCyl;;;?AI*iwrei`_Cu(!-wkwYX@OT)xU3DT1 zRQ_u;5Pwcx?*@L!>Kq`^rT}U-hboR(Cy8_BfnWU7Z*78SVA+-_TtvPR2=rdzZ^IOx>QX#K*b27o)*r{^P!Alv-5fy#qPx2CIU2#?g7u}JRhyqaN)77BD5un&mjx7BiI{H z)^%;ya&G?ga{%5H$;(_UV1GYtm)%%Z2vsy0SzP!{u6mgvlHB#RwBPBZXHX+I^+l0X zcA@__N^%(T50i(OgOfli#IVx)F5(#7Pf5siF1<%)Yb*voVFb=M4)oSKkh1fHJhR)@ z*hPVUqoSlT{4<2%dZv~o5n33S&DfDO+lY_tApK1AweK{RwR}Urp{y0e2z8Ish!kto zV4u&`p|=_7IR=!j17=B|v@13sZ`PwtY-sg3t*M?HY4@-5NKs$TOPbg}G%=+z-Uc4~ z=5y|M8u*~F(CR04G1QFh*4+D`rtIeaC}zAwLyr}?afLZ~F-E1XbMIO!E|+yVGv2Hc zO2|>nxD1F)$~dDYN2O1SrLl(xCbesxsMrV4^LVz-BlnfpnsyuEDYS_Q zAnx7nKuj1$itOZQI&c*-Uy$fNcv%ifD`kvTqn04A0ypk~YCmLB#Cy}m=@eMb8)`Jz zjR~;UNrr|I{YPJ5$FXP;paSjKSeHQ7R@gj&lSottq#=iwskcdeWD`P0(0ziaxpCos z9O60rc&hq!;966j)l`Ehr#$t)iOlB>@1z~OhbOO}zO$NaDHl-ep|p@efq%>wgpOGQ zq8Tgetzh&;fG*j6igRDZ++aoMNnjFX4HVfxrVR*}Osro%gKL@HMupYVVBcdHk@WV# z6&??vPB41e9!eVEEyD4W>7Oj{y&RUHSiv{Ojv7G*7yosF?44k)1MJjbY+cRgeGq?D z%QQxqM{%A}jZcli)v`Os>1y-*VzXn*NbwSSjK zqS+l9;0v!)2*5V{NRCS|o6fG4>ux}N{9&GYNO>Dj)Q){R7Zy--qG*^Wt~tpui%1ay zvzWu`Ow8(q86Gg)V&G&1GTavudBggA==n7Xl4E`ZoV8ZRw)>-*S)s$dtv6$&Cmk7# zk&ma>89@N|CgIpxx-1*{$6s?`B|p>;J#Bl1J=5sexjA}G4lCN?2d{wo7KCX|G<_wagdhYbG_ z5-M}J7<5I}D%E?EZlfJwaM*97@)nHMoqy)rCzBoj{WZrkVzFkNsX!qEwmYTg5n|?R zp(oFsPPH2;?+-@99MuZmw1~b}>y2Xllx#L_QuHq`u*7o%ocDc4BgFu3n07u&XkkEu zYsZ;uQnQ@)06M0T)ZS!7vvQJLefA)+u)_ zWM_G9;%dV}v-=Y8%wDV}rWUD$nR9!a9r|!_QNi&UEq}mfthwndc|=kk`)mC09Y~}i z`rLl%_nfiW?=9FdnRKj&5e-}3I__|mubtjG9>(bfuAktG#Br+<&FM^Job)Ww2mjAb zWaGR0#ni0+>_KM4gZUq;byca-YHkYZ-}qDhPCSpAS>X(T)_>8qon^&F9|at$1R9y0 zWnmr&t+Jd%VP?!&A^Rhw<_aHD_a3@16+Q436s12~lzJewli}-+oDL6*mzD*-G&?jS z4699K{}Z=YBU{dFMgbqZPYK7`y3~*di|x+sPYm=0cK@1_d)$}Z(Kpg>4#Eo3q)33G zmyVx}pNSo(k98H4fS=9TwP3t+aGY3Z?2&-;#^H&Y&Yz5Zg@X`XI(|gm_OJ>BgG^ zBxOjG^c9u*B_v+4Ds29lENbw;$K#Xx&%ThRJ^DoxS2BiZs**z&iZ?FjH9DhPuZ5cK zMb)DyJG~93E2M-uVj0i^*lUY+#k7FFS7KKY-c~U`^oqn;ZNDS+#Pq< z0%}$*;N5b+7S(c_hki+G@-9rIW~JK!;QP2PxpRj{3L}A)h$hA;t^dsG=By`vERnC^ z({hu@X8oKOxLz4V8pvVR`K}rvpEG1@Zwe622K_@3R)}@S3lF2PP@$VE$^OH*JODQF zO{7t$1v}L9MpM@Kl@yPN%X>N(E6+8phan;AMV)6H@6--I2gRgh3fTOJ91pj64{SM5 z=<$d=sqvmo*gb8OH!lHJ$@Wo70Zrw1dgYrBcs6djmI}Mo05eUyLPCJh+I(J9y=&~P z4^$vGA?+N3&f^vCvV+$SC^`80thRl5D3pjBg1P-5HMrLF|9b)Jrsm0q4ic{fMsVH(vL!lhp z77AVblUv)|1vn2RP>$(>eF>DAalG$SP$rg*dXji?J~weCaM11#2E8n|G(J2e2YWA| z9%70-#LrO@R2*+Z`eaKvT~{71>VvxZ0IYsQBI_QtHa%cLy_Z1;7g6g<3i%v!$bT&b zNT&R`0HG=7WZC$D5VUeN?^LHk`OMT9C9`gspbUDBZr1DsQW1t7k}@}|3~7EGsb5sx_U~pVdFoOzWLbsfbpZR zVWaRZ;|q?8ic%DAkU#KxVZVXHr0UNQgPMt*4;wJKE(JH;7+Cc+=`SZ3JwYdACL=6d z-*8_26p&yP-uZ5Ch*qVZlzmU|aYt5Rw&BA@0kiYQ6FNyb>lc6xT4u;PV;x=uU^KrR zo>}2&Ip0l(2?)PR`l=u5;PB}juH>)*NUNSu>ip~YX8DI6=W%hE*PVWWH2hnE<0}K) zLHsEle(c;@@1}N^!68gFJ&)e{HOG=QgTQnl&lcv)yBTes+SVZt{9jDWKdW-&S@}zUGbZZq$La4% z{n5rR4I323TBq|i^leohHtQFz5jR?Jwuaynq(^0a?@X0u+v?xJiRY{V;IZ*YUf#28 zQucR%njAyGUY>oSF@sL@0=LJl(E=dJMDLE8Vy zth#Sb@L7j&|D_7M+~Z`s^4|7&JPf5yOA6tmRz10wIn5>N&G;v4cj>UgMS<;Cy;}aB zE~_uU?qKoq7ZK7u1}G>jAEi7-(k&;vv9F``(0Nx$kqft zJ49dnWRRvK-r)R1w%fdRwHN<`vi%QVVRrf(|F7u0jx^ZNPg&S{fjH0a1Vn9_9WGVTSQzLW5Ru6@Ok@Xe)nRd~(Ej#GqjaCca2%P<;AD&rT#VP6 z{S3l4wo>~!r9V})O+1wiJqt*2?z5*bg9}_0ouzV z3kxb0S<-O6_N>7$zIPXZURH@8l`M)*yuy1rSTnl^htS6u{~TePnqtA?X6>>zbD=K&&qiljkH_WdS`eFe#>o&N|k2=MoTJ)?nC zwnj1SMMh|hDN)Z2arTkE6X)A>Q(|AMJw+aO+Kt0dm0$X6BF zywu;fp|YesE>gLdh4fysy1wtX$lfp3Pf5l`(YNRF=v&p|Ryn=7G3zuzJc7)|YGnCQ zj8y1|Thi|Ru*>&-M9x2{JdHj3#4R~mV6GRfL?*b~uqI1j<#OdHk|0TO>e=Kk6Q3n7 z8~o>ggVNwWyL&6cvN?;IFCPgQdD?@sZ@mi|Dq{B_SUIa+5y0#}VHG4MUt&aNJs~a+*`filZXWbOW|$wyrf1I_-&q&PrLlMSa{lNZnn7pkF2wfYqJ0Tzc64Tuz@HcF%TsLq?Cq% zC~*^0Q9&AUgmg2cCk#|dLOP^WQWz=1h?^KG-90+S2w^bxoA>AO{p+~tUS7VHJ6hCPf8RxJVM+|nu>Q}$PiUG=-4?c=f6V-%%QMetK!7w55Ue#B# zQHxcKN6*+#yTMz*9TBthDZk66jL(Ktr$EzToe|1~p`zfFpx=Z~bih&vLLus+*$e*l z*lA~U%JiqT=k&XK_lTrH@=tf>bml{Aib@F~LRHo0TOfxl#26|L)!}2Q&bx@{0s+@~ zFJ)RyK5!=0DJIULp3-D1Wk*-ZqQxspCD(+kCXzT*d7X88HR2-92g#_5SlGHKF_Og0 zEqQj|i^widEormSrJ*$lbF|Gs^@jx5$Jx~X_hlE06A_kig6Jk>?EZpAA!?rd^GDXj zyT0ABdGfS-m=8rR#qR|Z#Ysu~jeFo@yECu!&ul3NVJD(>S(^IycQ2<;2Q%=_j=m-n=86Q%zokGqLyI@s7xp%K>Y&JD4y2Z2*K z0(RLlys%)Wt@nfLvW~oU$54XM;Xz;n8;qC_3nmVe>pfOu0Z{-JH>;J*ib#6Q6eeW2 z_526N4LW}IrY-^3mtDw#MtK`{;lWdYjQnu&w*bPRBJ<60NZul#$jJ@+2)52GAD<_- zVQMjytgnX{V#$*uAo7Pb2`0Ra`F(9LlOQhv49e^ky zpInV&ujP4?Mcyq>O0RNwbn?rN$NZv)*64F^UBj8vzm5ZQPZ!I{_O;OgZ(Mv&{_S+S z+Z?BF*qXLI@oP(=GijdGejS%!+5D}wKX9UufCln#^HhbrZu{7F={G_)-9DqKYd>{F z=;Gm-))W68Gue}`a^nZ%wI3C7;%kvg)s=e6n%gr6cwk4%wbGNEwI@Kd5z6be->39AH9>U*;65v(ra z+O(jAD}udz=`yolTDffd9cl5S9x3F16frCZkE`{ zl`?Xnz&nZd{oHS+u3|=J2>nUU3G8!VVl@{?3|MB6ZYSeqdA|NV_S|1#r`}cf<^Cc= z^OG#kb7J5@-tSUe#8#O|t-)H{Z>9tI&Y~%nIQnhcBPg+^e(}3*kG_mTNR^Cp{b^36 zB2dNWAn!!6mQAdk%r^7_y%r$r$4;_eEXIw45wE{ZHLcI$u=B*lnJMOf&w{QUz%PH> zF#)^WLRuP4Z1-0#Zx;77pZCOYe=&aP@@qGu(sq~yckxH5q@*i`#7nZj=JRY*#FgpAgc$9bH z_pV%#S1NFO>DJ|1j>8TCmychwvla#EK@T6HrnHV1v}Cvy7Yg59lgw=L{JC!r4r=cX zD=sG*Ajsr^V3lW;{@yOLQDMscavuY^zx>?q;OYUB1_cPI369c11y{MR>6Awode5cw z*I~tlGPD*h(WCf0=pT1XE$oLK>a1QRddMAzD+yZpdI;W4ND&hiOTQ3DQ=uDw>VACDZz%f;pFvd*8W ziW0iCRIj#F|JoBjfI8Alb=;>p_Rw#c!W=!+1vC-8+JKn>Q}_hP{plBDwgrYZz6@R+zk6fPzoL@q-IlM8Hz%ssBIH@##`B|F+GI# z|Dtp_nDPRQOF%_5dgR{z+6;dTLN7&q15#PQbzCP2p`Vip`2w1*>wc8%*F|NEz<-hj zLmf^X`A-25k0=}qUEc-zq6jn+p8^d0opkT$>ex`onuGOVw-%4SfQG4>2Bv8UsnP%U z@dC5Fxz5#oEPk%jNCKM#po)%agKjjUHOQ7X_A2OQJ5>LNX$GIS{>V;I%Wj4BPRm7e zb{_E%ivkDHfy_6k5%yi8;}_9-r>KkhzSIdF(^nAQFdu1HNpyI3XQQr?gW*YT%SAik z4y&TIIFnx%8(n5VsYMqD1>z*dmNOsf6Ha;t$$OKOb%?cST8Z3%^JR#{UuLOx#zS}K zj|REfmwc8jOKKNVee!n`t^ZGU(m?R^CqYSBF7B=F>Em{q&bJ4HHTV9Eosud0@(y*M z{tCuwJUY!q)selRmv&;nlRN7;ITxH>SQI--&x-PpdzYGA{x5@ROksGs>~0U03$xZ7 z+MOX`uC5^U;dp0{FKX$wM3ct$pUZ}|Vd-Xv9`Xx;Gx_JYj7^_f_UAVqikD?a(52+Y zW+(0q?{*AeUh(x|H28e*l;uueaPfsn>Qj)}6=!(Dai}HdU6X|$j5uM430%GNRXU`~ z1d;rW`&ExU;#4XvC*v3;jVO^h#{x9#@0Mu;4DIaA&ouzqez>cwn6tb(D3%HZQNXik zXemqpIAU?EhBfGRaj3jQe6%tgDc~$AZWfs8mZ-~^C4Jf8&6tkGYjw}j=SE3@u@Vu} zmZ{d#f_O-E_{3vmf??VcV_W z_8?5SZo58QHMmvoy?8@`>t$B_?#uP`I8XZ9dtW6Y5VFUW4tAG15#h3KN5rSF4W};e zU8#S>Ki4Kr;-h_SHAGR|l`K8=bY-7oUwo5G2Tz*B-aR$Z`gNXbaX(vMYK+D#FAJw| zJE6P7W)s^HJe8pVGDIZ3Rpp9poa~cZVJEPW0%YY8rj5y%={C5z!s>eT(T??;^lGUa z=y?SdYIj&_V&<@+64wQ&{KnplrF+Zx0?eG>o~T~1T>ixR8JHsnL=yLgrHWQ^8kKS( z7-l)+nG-#F`b}-huTSc!Hk9;qtTMW)7pdgg+jTnay8FRpxjyH8CDXP?VhHRN|X zch`RRKm-K<37ki83LeG!|4{eRKO3-Rl{AIIcS5-;SvYuFdt{gFA?Nl-{HUa}(d5hX zs>CPvfr2fqA~tNDQS+m6yEf(iR=0otaZ1$0HIgzF^Dmq{zQ`IK4CH5_8Ee^k2g*cH zJoSnvhvw(v&NBb}QV`35M3Pt{%2<8a>_BBX$#l?pcDSJoFTpjq+Vr^gaD3O4OSuiDfN^;(GV& zk=UlAMd&U_p&hiQ^7idEvxWgdz~{5T+pKhr?+Ka@uI4%E4ZLn6#%aU~qnxImk|Nzh zVVS*40&frUQjbQ*7*3>?ZKj0(-CotIT1IMpGy-zh-8~!FCvC<$#LW4jWtYbzGxs?% zEqdW0?b;y+c~iMfK8q~xrx6^3Tsye#31222eREZ1Pk^cZ2n}>i zC7Yx21*Y zMq7R$$2|8ko~u=oJpVJ8{2zcwN%lM!)`2~Kn%QoQuNythXo4-zNXUn2N^$Qu9rP|a!bi#n+X zL&lALhFF(cY*zVB@{P(>!iu1JtcY zm$U2Lc;(=~l{%)fQeIIbQj zn!i@4P$~-oAwqqzgJ#X73e?5p3}3kFuPmdBs^7!Tg!Z{3@%cf!D&I%4vXdV(`fa7M zb5oY?oG0EN5R~J3HlkFy^=ESuvlM~c7Td4E2grhpe%DT0P*!%L#BbG1Ok@5mZrRay zV2p#m+0k~;O%BOwX|+$+db2wAveL7}{8DI-)1Plx&R`da=5>(s#_D;eVrR4 z5=yI!(V)fIq}d0um20oEjg@h}%1*K#nE|so13K~FHn^!HLz~Nk5}Bsn)Qlt{xldlD zeH)91xmQT_uKLaL84MRblDbCs4{4}Ss^#uB&PmK@x)Y4gI~{orZCGO1 z6J1kY`_qOnQCLGvV+Ea*DTjyS0|~z8Z3@BoVcf-j-sKq>Y5hF`O3tqJ!m2J9VH03b zKJo6laD?CqiwlH1=ovU-riT=%is7q#bMzg3_h5K-PwP+WzVLFJ24(n@5H1mr%bfvx z$DD%9sLDXaDDBn}e#ZuuD3dk@x{TTFu#GaL zgh8e(7cPVvn8p#yVY)hm+A>a?hHR>5f7Bj@%B)5-#GGZ=7R%MQ+tu%c0UT#33pS*Y zTE8}K**s|Q0|mT3|EiMJl&&D+NtgY4D%_*RGn{6*&C6^0rHhE8r}5f5*4XlcHF}{8 z=CHfldk4@h+Nnn>XO5S*)VFV3xk2rG3o5mBbp=1MI~ZphsIEZ3>=9`=z<$&oaX{Xe zWxg1I?<{rcmiEHnRc#FhXsB25Pmg?~CNw6##ozuaNBi zVfk3fDs5bQRhz5CvKXwK?5Hqk$VTB=seKYP%`s0@V{5|4h+j>Mfyx9{RujeH_Mtmm z97h$Ui_c-$OD+~BhczI|R`zLC3Px7ABVR&RBDe5Pv7G&OnSlL_-vv5%IwVsRcOv@YVafcK&`I<~)If_( z2%Q-uB3J~K5@M;VMck#>y#_u~=`K$9mUKB|mOQG3I*7iu20B0TUnlF@aQL+PB%A|( zzLKNfvHD2?%k0<#>8F`13W6f^0}q$~NrV!2|DxE<%hv-xSOwo=>JL(&bi~j1G9oO| zo@q8!%goC$_wXFt&1aG)3sMmm6my*&@W=S|F>p+-bEeL8Hu}1UiK&9EhFxYnQ%2)| z{{jQ=%az<8+}p3!gy7$s6*hrwH~%)beE3#_|Nz!aT}`YlPoq(e@nuUwyPPu2C2-GuBIgy=W{6`83Y!u^SR{4_ZTG2@ioWh zl6xy)Y)Gw$y9clb(95dnZE{*+&9Q#!aGLl?0aI!yT0TmzNLcu7o&oOybE{m&XzK#> zG6*?#aku!=1C&mv$Jsy)UEv^q1O=r%Y)=N3!>I*a)shu&#_~y=s+PiA0TQ`5Ehz4* zkY8Cbao4xm)S!F1=66%Coj|7R&w;AYzO&PA&j#x>{WGT!Ao5A&BrCVOtfrwAX{1#+ zUE2v%@O(4kpr2SDaq>j=L!Cz!Q`wWvu8#eu+KR42yKEE2E|(fvnlavM%gjta?6$?9%FnUE6WKiB82eGL#| zS(FXP@`nq=$@OmWMU-yb+? zA^k%_28=6o<=MIP)}DK;pFX@SryS5siZs2lsm^F7-1Hve&ie0&u+O7`^@mEDq&MVn zC*znm%k6Vg%FZAt&|=~|W79wbbs7-(=*7x(v%?Eg9TBbUt6kqOj>{Zg@MZC_`kmxGn9dkBLADCK^ ze8%%36;Q=y#bJHPCPoLk!p&Jl1LV@&NDp`*0${6x?bHg;i4frzPZEDC27KJ_wG1uP zSZk$ClRrJ&?}GWpxGdKzkkY692IDlGj$T|Nz6Gtg*G1R6%6eKw)K@0Be>PQppbPEF z)Mxpa5$@5`SDV~c!~Nv$ufrh|*R|(sOBEvxd$5D%EhcXPP3SnJjO87Rp~Q6JJxS_~ z>7maH>Sd06ZrEY4ak+4(bdEqAiv7k=dx^dn@P<`McfPesgz`$8%?)1O1wt{vBZt*M zZ!W~iKD7Puyf-Q&k23W)YZK zO@hu_eOO>wA$mP~Z6O+zDTo9*O+J-F$~fmT@FcqFOZE}zdazTV$KQDrJMI?CjAm^m zutL8Yz$t}{I?evku@I0y5b62xcTvceE+vqWV(wVv+!3U*d)_FBTop5t-oWw|3Jxp* z0}M#0)4yP@lJd#rixA6`OT$Lmx(pv1Z5l|R2}((NZ~)!$#ZUngw+`y9JLIPdcvzi= zDZNxBB6P>QjY;lrV|}#7>FnmtKh3uWcO!xzw01vrHJq|FSAYE?$8Lp7O%=VU3XSe& zb2v_9x0~T?=&5$#BQ+{_B;XUQhW5mpWE$Tl1ja7?G@nu`Z~Zl^mT(9hL;bNPDJMH2 zh<*n{DXyk!8I{C)tELUa9(Gn{B=`d@FC9NG9WQ}qo<`EAHO$E5HAZ7jCz^wEK@5Os zjnkM4WeS4VNcj;ABC&DVDZ$EL+5M0K?F+xlN0ZQGJRg&VLO^UJEi08us3`1LbTvDo zM=eV_o{9;9>tWF2mhyAM;PQ4cewPQk?B+Obc&V|e^R5SC)HP;9U&^gdSDO5a%hTIY z8l2)YqoVO-$}vbd8b&WHMb70j~gW_+7UL)^^5H zoj#3Ew^mK7Vg-l1tY)Ouk~T}}Cd1OYM;9i!`fQ(Xx7z_G^vaY7BRBcwWv8YwObjGu z-EF!Dwp^QQ(wk#1fRv#O0ohgJS%95&Xe}!5T+i##b+@Cltwf&RRVOY^D(2wlZWRLF zS3nIL?M{(>3xIXrpKex20B9J|lfqQv|2**i8>jibstjlSvys$W_m-) zbYg8M<3B(iee=_GdOxQgYM`7B05&f6E;8c-#`u2;3$|Z6v1GIQHXe}W0CIc1+%$Lf z$8jj`PxE1Y!(!7#oPNgsSO2j#9-ZMPdjr#o`L0rS?>33_$q{$KqgMbHCASpXw;pe4 zPV2wT1hJStJln1LkeL2r&netl;A|H!AS>v2_Tp@bzuxw)PuJTgKd885Pp|1rc}4t_ zXXy08RP=hsi#+rxH7SKy=yK$FeWT5g8yl5bAC=F$sZBb{6UaVKBlPK7JT9x-CU~5V zDq;JSPJz?TxP`nJQEWi6bjb>8v+5VdCW(8VuZxZU8@$TTX zOKd((Zx-S9@#{@BrR1TxXFhWto|^Fis$uogq`R}#T(KS%*0cvOmlsytyl}~tv7A&4 z`w&FIuf0^-dUYs5(V|em*YoM>9aXIdR*D}|&UMnHVot?uoHdtB1m)`Wv_RQIU9$dI z>`*Giy^bI#7pRBBzjy)R6nfA(!;*GwD0=*-i>T;>fmpfTA3GU(lV{84FjHn@Sc<0a z*p(9c!PNV=vVGk8aKv03a=vj(cAYUl9?0WI$d7k0;aovn7LRqjwlGNODlQ|YstQ_| zER=wc9=*q*)hXS1Cm{Vg>00 znHrV5Xf@qtU7a!)lGr#mUF+MsF4=K*u@<_V)SP3TZ15}7_XVX_gvKJeTq&_Qm|G4{ zjrdHNQ}B9cO=>>0`F5eEH(0jvBYT;(uBNm_qu3lpS>yP3f_<66$G%gw^LFQb0u3>a z#K21#yGWOdh`6w|Oal5t+y>>d`C^0qvF{1%_lV2urF`OGS(5A$3V8<60b>JJRA(hi&LX_CWS{D(vyZQ3Ct898 z8Gx@*6=-FrlXC&$?|42Fm@84gb<7jMc#e zX6llF9~*fd-dJ44ZM2E#&Sbqtd!-Mk{FxDw3Xy!woDs(pH$`=Y+smM#-5@zhA-Jmt zX*RroyG`ff^s)m(kG<()eLWRQqPl(q_!#&Q8)_-vh=0lE=boSBz=`o28Er9|UD2YG zJPG9-$u!QYxw|*BZO#-CoxF; z`eycaE8u1GoA1iYhfKIn#V(?sEozG`nO>%)|YpF6?}pRW6Z|i+^rRV!mgGMw*xf_PbM+L9|?5@^i|n zG9IX{q3P4D2HopI<<1fI=?=03Hmu6oqJzsnCi%iY_~`z6>gw`hL4Wy)?ApSbZ0N?! zA*Kbn>!k6zkRy3S`?ar2`(o@luyNX0!{F0zWT~7B&)0@WG;Udkj!?|r?>r3#c#`>AINIIm73~=eF)stQTe`H zXl`2vzv=w$N3l-F4z)PS>bw4_GJX0t{`8m<|FcI0mV~^?YA&og3StqXvii=WRYxe% z&_MYI_b=RFB}l_MoHQHzg8T7U+5BT!ry1iHi)$kRFQKj3@+OASUfFm7)o(KCK3V-m z{v5HpBG88Nk6MS>(Oh7$zg^@-NZ(FlTgtxy8og#TSqf{SxKX23vlrRc28)TQxF<9#WKIRTtx&+CtOj%mxHE!#a zuks-g38T6f-)8)lqj5ohep;^QIbOLb8z*E1*bIjClh?yR%5>vbS6hxYz9Jpz5Q{c_ z>h>F<>HrmJ3bXcsJ-dxHp{h)}Z|Y&TdW8Rzvh%6rMzoq&D(<1DX^LBJY+^e&ce)t^08xeLk8jTl-r<#0HQBVIM6qf!PVdNeFdv%JH3 zGnBjTGxaxoMg4$t0)&KhN#W05Upy{r;1WPekH+3RZ(R%@sKk5_DAnt^)R9+~2#9Xz zj%Bo32>D;E22o;l)^waaGVN~?>?t)jh{19-RuGc;PY|j3 zO#RvXkJx3{u|l9OH+o@xna+x0E;4`COs>AKYHxpbPtq;0fs#KDpiQ9==Bd*smJZfQ z!ol0c3ltcgQf`XU*mODtQg#gal6ePtr#hREJL`rtXE)KxD=jT;9CKxIE1?7XJiIGd zuz^L-{TeZw1sXU@ZN>ZEYzkRl&3fEoFhQf#5Yci$^J<5_w8q7nz^5Vag|EySnd_?J zUQe{+#4rx>cnzxKKIz{5hC0(JF7`^K>h(y1QlyRPS3=WNTnUAx73_aCTCMeF$W}0x zNE~m@N`F%>UX8kZ37vq$* z7s%}|2R>qFdy@w5A3N~|uAZvjW4Hu*_&UKsFnwgdcm0Ot$437YzREQ_d4HC9#yuz5 ziBqu$7q-JH1@EArzUT(j%)L{i|1BeJw^bH^?Q;fAR{c}IPpi7eOxY3t#U*W#`sJr~ zRgt2g1O93FWY_It(})8DAH5ttXH-VG9Mn!5ddSb~)wc_&Z20WNZV`f++<);}X$ z*Ph+=S?Y*tfN`83mL2NOO$`Jap4L44)pv78p--IK=}M(LJ7PV?y#8s^(5IqbKa^y1 zmvT$8o4Z#3JOEwmZ9g_!R%J~)?J9B34g*4OoZI8`AQ}7i|GrPcf#>%vdvZ~{CbF(` zjeb=~PY%zx1L%fC@M+Ic0$2+Y=%uicZ-^~Kf<;7)WFl<2t^2K97OemRpoAxMz5bXx zw-`0N&0aZ`)P2CP#@i4e$*G3E9#<(MyPdymTcaR5GHCq^r=;A!;q+YXKUH0ks32G`@3&z@+ zt8XjD9$Skq+~}zeLob+vJD962+A%M6nGYtK$~vd2nH;F$YDIcGPvcLKyi?lstvROq=DTQh3!t{N11n;5q;z%qKOoP){2EgVmuoX@1m=aS_1`heH z*MYfI27@&#Ep32b@>@2X*iRiENq~%dheTTG3aNbxfIRh~#u?y~SNg-WSsYV+jH<0J zaE7PHp@KdQR9D8SpG~gfLtMQ99U6}c}{4OJf*5RPpx`L zETR;f4`&k&n?p#k!<2f(S;@XNmt0q!ZJ-eX5}V*3X9jo&byyd;N;b zYUmr+VIpnDJ$zHp0{5Ue!wv5j;KQ5x72HR(pjcwOrqCvBi8!EMdGL}}ghLMyBq4P^ zHcANH@6yuaRR;USgEQdTVBX1gOXARHtN`ymo=|~;e(A+Ete%gQw#T{hS3aH9UBE zvo5b?ea2PPKOs@``d;477psdRm0@0lFXApry0ET=@2I4cSNU1|O~Zr4^kxOOmS|?t zAz254f5={W;#NrJ3#+H0q3Xdu7%P7x&)D-|rYYLG@g z)tY>6Wd6LYel^Ww)_Z)^oAKb&f$RZiW4}A6^P9O-&eLAkL2aW>tW;)zxB*8c$8h4K zmn$s?k;Tgv_PGMWANEWqOrhIbKet+_(3KUoA|{`kaj3T5*WVznOCw3Gxc z1$%4AQYoLe7ya$E$6e6!0H658q215^o8`a7&wF+U{~6<8ta&`P0)g2}_#cwj(F zlgf%Wp`6!k@c-gPnBiqIZM0%B5cf&Y zIEF}#Dyn8W5ICY9OAa;jrio$n(=k=u_&XpOL8|z$gK{=8P3XMnXd^Zs+;$ENuD*!M zJcI^vzP)O~)us{0n*nx1YzuW@7OP#=L@ACrvr}4UHq)d6avlR&5I(b51$0XB)V=LC zZDPq6J9mP#Ne-ebnZFnW2&D*?TQYxe9Zup8e%CFU!J)c1D7E{viIBrGPdR#)&Mk!| z$htTWCJXU$z#nMYZzLJAoC3sSePkr&8t#B!7RLXJ>>p&oq_0|Ge{}MiLRM4^x!1`m~zB-&gP)4{|bq$@gwM6;I)ffCYUM2 z0^Qx_<3}L3tQW4YsRT4FPcRIC{yb&4v87vK5|g+CTnC^>s<@4~P_WqnwWas8h9`cq`j9 zYPd5cuFd@?F2P-_>sSZu6SPrI3UmWaYpkEtDxO-h~~ zh~?o=ZpQTvf&++#2KwC9B2q;l+Z5DljJpX;6Ha0}p>){&i-KQ+Rv%NzakgKZM90p0 ze4zR)m-FYD>itknZyH+wRPvVR<1m=v3d}c-5AG@O;DU43JSodV)Nng)Y}ds~4V8gO ziRJzA!uWU8GFV|36B@Hp6(0XN$?zr$NS%gV;}HH4bmPlEoqm}EHqc(VrH<$TRMT1h zC8_A}y2Q-77x#P?<1PcWPM&pcJArP|L>=diut%AV#`McHc7IfsT?KTO9sF3+yS8L| zS$2yaZFr@hYy27~Cx34w%j2MDv47l{!xF9{A^)!a&47mhS>7Ei$3={9Q(n-PJH=Ya zd-wH4iA|?p|EsL@dt}e`(E1OE4+>Z}qkeMN{P^j7-#TtJ_+qhR8vG~u6!P|I@E8}3 z)3*P6#SnoymrHi0Rx*T|+g>%--NtWHhN$DfP<3Ugomk~@jrL@EST>AD7-bc7)x4Mi zt}bBN<46&)zk%AP=x5O%8h#{il5?)adcT1`sZnHRjYBcw9!P+c_Z0aA}*l4WQuk2`F!8?Uao$b9qxZ;9t5S3 ze^y^PxD%B3>#tj7xg$I2-}{$+Zl+{E1V*cBF-8Z7mpeGbcWY!BlMD3C*!e%$Q9jY8 zI6-U5;>561N}bB7GLd+47n zwCO**Q%pZo6uWaErUkUrRf=+Pt^GT3VpY+0clV zD?zVT;(ho$S^*tMC!jU~`;eE4Lwz!TQC$|@C2$-%7nOka$dRL@7V8zBuiBys9u(f} z0i|jehpT0G+#gtD ziBm~J0%YoULZUr=9@cYP3x>z{aYi|PDY9BukdIpl@Htt|t$)C6Oz=i#M!!|$lS0ug z8UAKXTCIEeDj*~@{c4?l=&y6M=4|YmVA!ta;rfmH@_d*kXmADY%AwxrbD)bznOWq~%y>u9^G4*N+MTt6XamAdqAkF~o6=eBW_QvU0@z zH=;)&`t-d*BHzb}(`>Y73639$K4|tVI}b!GiKi=jipAo>68cZkH#_}9wNyRD+?BLU z@BWZpxIIg^Qqw}jpaOX9O(q9LgJB0yFZ>;3O7Jxs2KXEHEq!ybac^3AUhg8OgE8<= z4H%;VDcbbq`fU};QSyz@2^03AB`;1F0BIqn6q->V<|9UQr&K=@LRoCs{eG~+b5K44 ztD&IOLdVe4ya2y-VEenE%+SfXd>p`*6e$jv&EXfkWK?sADg9iTOBLIMH-!$ZgLt7~ zbR1xZqub@ZV{?fGPD9C5&eKNS0ssWf5LTUicrcz#GfR=#BsCE^_t(ykuob*rSQ<@f zS6F=LMByO;Q568+zi+>7Y^((T}h z^`;5(5$$=n8qYre7A!5;l;u#|In+7DC|=zJI#eD~9kAm1>uBr_uvq{Dd$|w?J6(yI z&T)EWe`M-6LUDCqqvHYR@_Z2G3l^)2HqAH+G0Mz&BxiHDIRA7L6x&b?lq6pFqS>M} z3&!$Fk@By4oR4ltgYcI>cT(o9ejX3qT~49>3YGLW7{clNS**~O*tx}VPn`Egs|SII z9%>ox6tTO?Jp+EWt{JOji5pu8bO@Z8Bj7cLhf>*GnhLH9M$0d=&BweSsy$&FE5tck z7fyTRI6CNP*onoSCi}v?#LIA#=T*?NDmxiJP7a!GnF)muMNWmw$OJl7pdxVa1)C&X z>hVA2jMl3KC{PNekW|2kfo~kTN&ly;st#2n*5l|ucB`v&CA=u~TBm9Z9HG4dILA}7 zf%xmT7<8AV|2E(w^_qB)WfvMSW?yFt4inW*WY2VZf;3thy zS^A!vou9ACUwR_`$?pykzi~x&LFw3jpjK2^>HcEEwScsnx<&Z{w}6+QzM2wbpxRE? zU=x0{;Tf;4hqynm0~Y2+a3?SH(nb1jX^7uEqG`_!7mhr6*1Y*3^EBh%%c)P&V1DRk zCzt>80?6Nw%kmHr@{S4=y(L}GV#Dt>!t-(v_WUOuXYP?9cc`JI>gSfC+k@c*TVaj@ z0bl<4i>?>C`Mwt{OgH6l{4x&xx7AEtr*gbrTjlwm+`O(=j}CGscX1W$j?yh_2nrY^ zzk8)vBvd#0iXWxI=Am6MRkHaxVCAMYKJU$3h8*XA3R%g%J-^LSVP86ymfh?zMISR; zb6(|N6{Pm0L99L;QeDV^hO%UAbx~yK<-Je(6-;1j%hh0K9i@>|FDILmYB}czkMBy! zAK=y7rl{l*E1`CQ56-&5JmjxFhLA>&ocPZ^wEcNz@Shg^12&SgDCFnP6c5IAH49aH zVOH}|ee)dmK3b^%Rg4BW>z-7LvOKkXkBt6IGB}o4Er0SmI)st;0JBgPl#f93xc6wJ zg#pSfr*XBH`0F%sXJbB zh1{O4p+%e)@UQYSk}O3*2hD*j!S2x^-uUYQ-;Wd)T8XN_U(yj5^OK;rXrB?Eb_^wb zm5|NXrh+qohdhMR`H9*bcCF_2&zJF&U`n_z)Vhj(2!c_FyuT6^T~H*91I!{ z(R-Z&)J&5uMS5*UapR_Hy8x(U{~ntr+z(!Sic1fwQ~6%P5PsiHlKO_<3c$cbSxT|m zhR%W7U*W|w%t@@|y0!rFl8Ph_AOp_yi2D73!{Ss7tomC1ZYx7fBb-%N=%cb%7tJy0 z2HxR=UM6>Xm+e~+>n*vojk#C7E^lW)QCwUOyJOYNSmO2noMs5;aI0=G zvz$JBS%lR)vEH06RPY-!<=JK4g-5m?ft z54T*xQ=(hrvlL_4dwv7`H?Mg&03hz*Z8<}j-|OF3{ilSx^8Zh*Z{LqpEFWM}H?ly$ z>(2>2J%#$|n=_qtt23k7=@~^C%Tx8Ayto#;=QIQn00d-JYwb0@>r_39Y|7;rJVrx9 zm_Qk)U;QA^kzC3oT6u~L7-z>)%md>JcC4vjTxk*DfM)aDgC`V#XLTRqmONZje~-v~ zZy_m4EW75Sv~2Th079e+M`aLVP)D%?CVT_6KXk$wWMk4W=8M@VUg|zuC_mQ0m+o!mwGRsDLY>_) zh|8FGU?!0Tfa<7>qgYb)mrXJJO>ik>^Z7};H=S6>83!o}P3l2=wc{yu$4ythJ>=e` zP>X;eD$e*n{5jRjJ(Yf|$|LM@UYw_u&UVYJ&u4^1`5TDd#q(SZ^x|geif*0)8$?ad;^ zp5`Z%ZQ%v;zsJ(4C7nTcMxuAWV(1i6924!DdErj)JgxX5ov=mQbvsV@1BEV33ysU` z1z8%9lpBBscuhV-G66t!6hZBRjMP7Q^XM7Os*QKe&iz_2c99;vS`$&`r2W+PbwLFt z&&q(xt;<^RPyqCxqK!?tmY-&Z)+$wkPisH?+EuLoM99$7wysFbh=kCsH<=pOUW!0p zy2NYu0j|KX%XCq9O0v+}FS*}^s9axM0MtHqTMq@$u87zu60`=jo+cKbPh8?D`l=k1 zWqS4GnO2i5i`5|$1TAyYdnHCe(qY-vy3=4W`@KQH9SU~RBb6i>5l*gvWFMc9C*QKV z^?WDvzs>x%8ulgUH60ajFhbaC#9s1?PA~p;K(^p-4n@*87U$)WjesBeS#d$V3kk9b zf>QA@SD82iM$oU_wl5hx340h3smbzK;Ic4BPR{pT&ZhajS>MrF?@fc}-VEOtW}mO^ z{u;-Z`I7!9I%a!bkV$txHC(j3Fyk)==suaS4Cm;AuNT!PR$IOotC;ley&d2BbK)(~ya2f4qEccM1 zCk~$;p*$Cfz41fx?zn-cgp2+2e!{<8`3?$uRycjrTkv+dL(f&@I5(lM``b3YJEw_M zrp>7EA>5qc8}qrInlq|$Vc+x-GtwgtFn@7`zoRMg%T95NuQA-ubYT<-zbX&RaPg}w z(lnd$Mi@?4)~_|~!FY|t5t};?HoUR1SB=qG{p+SXk0+j0(W#>xm{I$HpPtW$&kesh zOSnO2s!b`J>Y(~lRJ9w)R+WgzTwF7Ja;NkE?P72VWr_lPBH4C`{&uv#jWUw8|sJm zWt>;D*-sgllBp-i+K7amK%T7M7IXFu^X@D4V{f4S$lLm*Ou3c7rmgLYoBWbLRh2#U z0HO)s*qoWxW+-gx^X2($>xHjo-kU60==uKg?e@gar=P_tWKiYtnbWd)0z;Bh+a7b* z2UE3slE|}9Qn@p?klj^69Byejo=FO#K&(ojU^d>6w+n-~T&onr8<+F$NPmRU8zb1h zW}n#p$Nl9CJ~L$2QH|%~U)1}F^B?Fvx22y}{x90+j|qhn7qWIRaycwBUi+}(DX%&c z*1t#SWzAQJ_l*SIqqbULh?YSs;LWc43OO;}zArQ9fy6}_m>8W9 zinsQ*nw7=WYQPDXV^o`RlfPs%Y*yG(>8Bg^oE)29NEcSc1ue@!sgiu+;dfsQ`q`RV=jm2U=d zs+=v9K1Po|T9X%HRuv`ECEFFlZ2C}!H>O4=Q_)h3{zEW8R>yKhP{9$A7N2xYC3;*IiQ&JZA7yeAD6o~6m_-&2b2FM!OT(>2Xcdeo9 zc^tSS^XEp5^JZUW=*H*<_UAad5=&FJVly=GYp3-r`>>;_NV){Pf-qS7d4;KF45PgvqRuIE5AD1EYk+GMBm6$rxs5p zyKXD^hhi3ocX>+)?**^B*2(%$Fr!Laqbb{ox-Gr_)P6b&Qpne`LU;Na+ z`LIx%kmU=rZ^kIU-&M&PtX$Z`cIF2z9~M0y1Kr91(OSKA>mQ&|d*__@(=`E=&kyTh z{?H#=`!*&GnQ2E40S_}LsYee{eV3TG;uNQo62nbXmBU|(Z%!A7nkI%W75EVTokPAe z8-6S0d%5~IhcYw69(VHz^$W;a#C!rQLvLqC@@PhMgwN_`YGmHD?(5~l?Hx3MvtNx_ zz%w92zh7SyeiHG&Xs& zxrvNard7~<&iRYL+gKL%6uu-dh1+#|j36qOiqC5uOqUR0)_*Iqc934YW)tNy@cFd+ z8+O|TZbYWO(GkQzq zBgIo2`(JjZpcl)qZ~D-p`oH2s=|<RL#BXl$~N4#V~xM`iX<>f;LMqO-%jI)Cs8j{d;5qaiuz zR1U$x38lipOE>MnAE&dtBIx2Cd=tkL($1Xj&H8>Vgad{{g6y~yx5Rg^d2&}a#ym+D zj%EImsGuWQEV6a$jIWSoH46v##yqHofN98W)iUuI6#iJ~@j;0qXI6n@Dfg2gF0sf{ zrJ%S-bA2ANL#+K%#*3&^5VcTw_&o}TO%J|G(T~$BRo@wcm}ZQjLB7)uwql?fX^LdW z=kc0#pb~5RUMv1~bNvS5ZUU8wP)S>(qvE%G@;h-ltL<^B{^U3_yF$T(M1nih*2}@` zfor?SA4v)9<=sn{%SN)7O(S15v&4FB366BmP4yE|_i|ChB1E4L2A3Y{^yTOqFSl&J zUDu--3Qd9V$r15$k%2Q?GHA{xPgG;>jO6+67;DEBl>N-F;;COqlzqQnT7&7*eoda+ z{*D}~wkWAjwiZ>sWZ&;j7quU|Q#>=GS?qtfjAm(>Iz=P(f=J_N?lYi#6AmqDP77rh z<(i00n}x#)7nYU}!&W!%Zw_Im6?^V=unYTzv>8ID_n76C2c;WSyH&q~Nq;ZLmw78K`iaD0P#lxRG?<+RoHM?%h52*W4*P{b{HVH}~n64^1N!p3Bgyx|Q_xjLV1C2PyK!eQ?|GNU?Qgzug4N&Y*0&1~I^XK9W zVh1ME=ipo80Y7>m+}U~XhM{sEI<~R|3cDB68Jxjx$=(m|CJ@Wi=Z%LBm41gX7L2bq z<5{|G8>*-;xjZLqY0ev#D;>sE=0A_LR09D26At7~{#Q8QXF9R(+hQtJ$)c5>C+lKU z()Ulx8yT^7mWIoTJ;RJ)Xno1V!p?c)e8o+s>E#PB{E^vJm#xGJ8hi53lvRV@VGm;S z;G?5qP6uLWD7x`};FAn|CS6XraVom)&FeF2Eh@&bnqZm5x*zgIqgKV>2(x{M~LD@qOD~-(1=FR8e_dyHSFHGdhH80aD zx7dol>baEy?d=!pa<4LM?qb4x&s$A*E|#UiW%bhD6?an!$ocIy%m(&VpSWdH4Caoc z=&cVU0eW*PXd-t>q7zy0*V*lpAa1gBHbMI^tvyChc||6I?77F;oKql#0*P6fQj1Ik zahzTRsfwm+A}ZD5rw){UGjJo1iZL!tknODky=5Nm{D!23(O7S(6zd@N#y@haFXFV# z!->yGYUao_!`m}{JY-Lh-953IP@`6{7wjG&%t+uH@SP`D==~_4d6&<>52?EA)8lQI z&$J|szyggPk7Qh?fvct63FFnS61f7*3k8b%saenwcJicZB%P6C?0u;^J?5$S`1I&; z&$uxu^%Qm3U5^Xe+3cXn%Lx`$U8uA&DeF3ZHl%d0_k6eCb3Ag!iW)P{&?5iym_4l} zzm>kcDdmdFx@r3MUGrJ`*Sp4ez;ddZ~v zUvLlTiCewh10$2U^K|Pm+PPItX#4GC8wRe4J87MxSd50*ku4@79!Z58BfzcT73dDU z=^?fVYF~0Ur;>#na(6bRiN?7sp3BYhM5z12_HF-}pnI#ArvbJ8dE~a#dg1(HsJVU% z-s*P%GwExMQ5wP|2xb0GSx}RSfGPJELv8hce<#)fS#Ex{X7xKysb0RQoUgiA5RnFec!fWWSehV1=9b}hGC){ znpWneak-ejHJ|m#8J+oGF@W3FtcS+Spvju|6Z2LT394|z8GYul=S&PY+@xTCXs$pV^q%kiVg8>y|JzSnCZ@#I z7rlLNJ%`MkzeNo4eT8W=s{au9I8&jEIDFg3&GuOxFD+KSjjH)_EB)`--5xst|9go%2%N*&mt3&2?3`BoREm zqFDuk@Ndo0%sc`dhn!p1U;33l9zKi9uQ4dbE^OOLp#%#@2J&o0QDw4xmJSU*vTBG* z>bTeBnNTt>uv1j%SEdTtY-3KH-FcC#kRdN4M|!qv#QURwJq8<7XJP~P)7b;gJGNxG zWV(b=qQCF<-zMZnf?wg2Joi&pccpl1{*P~=r6^qAr?NC+sbHN#NqUsKGr^7u^2~3R zIqVTF=)6NGyY+FQu=1p$Z~Bi6SF%xc(Yqohnb=*@vyAag)LL`0R1%KOMSCIXWPX~ajMT~Nu}=zEP*JXR9yW3U|RGAaA^emaj4wc_u_YZJCnLcRM2&L z(9?g{cmMuI3fv+E?lrWVIB}xo*^-Dj{(m3U<3#fH2aDz=+e^If;F_2t5c|W(Msg+c zvAP-WigZInfW3QG`=h!sevy?EcgGQZXihz~*!+c;L{*>n>&4hF*9U*oi}&`WmpA1JUMIHDxN4t*25=%A%&5* z?;4i#NrRtcw^4lVm-^cb3m{o3&jm!8 zF{UPAkue_BS!i**=d8}szNJk){=tVZ?9Ox^AJuDE&k#;M3)h91SBw@9eVEB%xx#Cr z7*!(ttOAp`F9D+0Y4)i>V_uUd6fZzu`IZbwzQjA-Xtf=i0ByleXcZQ6gRXhag5uV+ zI9bY`z%w%V+V}4wcVE2wf+jKpqrObq^H}L%aZy#D2Y+YBX6fya?^=-_?k0TG?f+#% zG08S_3uk7|efqKt9P&kN=4jS_<)DJcmF4AiEv~XyLQgqC42}(5P&e~JxA+2sJx$+I zDe%glCR9{t(yf2uvguEfU3bpOoLWOrrHSgJ9&jl+^byCjPE^SuH$%;4{Q z>D7RVKCC#Ogybi)1qTp^$Cjjy40WuIvnDqkc~tAzpC0<&WxnVNbLKgtbQv5x^Hvk@ z>ZEjgHS$Kd>I#1Koilr1c^B^$ed@_wanYp6d_*CxfLeP=Fjih0*X(AUfaRE%F^w{FLK7AJo3Z}zfC>CA2T46$1v##> zxl4M=8u1~7yky{R$QZDh=XIPxXPEJoJ^QTU@i>x-EX?|4ww%VWTk5~1u3^>KAythm z>-V;Fmn1e4T(mn0AT4p9nU$=YC%>6I+m42YT7+_vv-1+OkJ_62R-G>5=KxPHE=P1YcA&m;)sL9y$EY3e2^A;w1Z6 z93udOWZ>D3!LyBz;tToibb?pC)s5tW4%8@JFUktal=~h&w>=87<>$(y5sZiu<_{(0`d{)qW)EV>P zEmd57A-`6wQusQHKdkymUk3Pgmt05kiTqWwXvhKK1;-!GkQQkLxe&DmRWwjT5R6=_ z(8|073+HJ>&(|n7xp<=w65U>6`zivnaRX9-?Hpb=I`j+F*SOLh@+IO*KEMH!dBI=7 zKL0#Mi~!oR%%HBh53;>bxzT1fM}HD3F3SCsTbd&3U1*XT-ep4}h& z1Srec83YOQ4vkaN1OPX%RQ(b`C_B2y1;h;RH+eZwj@#G1E1JOF^5Eb{S}1>}yW{@X zZih6~AJk{_i0iX|ohb2tdb$0J(CX&M>N+ia_E0#%_`cKKXGEx;NsD?j?)OQC!=vLG zQCw#qBv)i`IB&nq;5;`PxB>ZG(>0u*cz2~e@bZb+Mk$SbsNJ)^bwJ#D$~b~J6sv}+ zVHX!mDq+3f2R*a(dd-IEX=uI~ggg$nAjv|*gM7ZFZZyi|vs#&)7Uc#Ggr6S{C%LrSFsm-$qp9b^Y~$ zEag`5fM*&b6z}lRGXxs3=|b#uE=)_60v(WuOJG!W-W_pN7_URD9i9`m@&_ zkoUxHdAoaKNuHJrxB+`s`s<5PLoL+vlA&8dS~prg+3m5KFO5@ff5n)7s8^$2_| z>wZ)aaVNa8OO?Wwq7u0#j?+QZenPvfM_NtMxmyg3oM>?BB3NxXlX@WmoXCUd<&)jk zGi3(Pauho$P^`f)`*~Vo{_PTa0wU$%U4dC}io}P$v|(m)eaZUDM)eK(y-*8kR50IW^y9os@O) zsdXPzX|bi0U%Mq`lsH^Qo!U+7<(a$LU{ zC=W|D^WR`x@nMkj1V0ZvKII;5s$@|w)^vFRZEG-=X=v@A*qPGP%v&}ZsVo+^9a^~_ zpT9;i&s=Q7{ndW_$!5`5fSCdi0+@b>{^g^!T7$r$&t{1w$jR1-Q-^D>rlrAWEXQRY zW>$H9J7s4zr_be_K(t9Zz|&X8Wzw(F2>E zoV1X1ofyqYDys|a%XgR!nitA`h{Ke{SI7#8oUUr6waQ~zlJA{}+v8Wv9Ykh7_S-zr zJ@$wmq)Zm7M!qE;N_jk)2<+13vJa7d1td{@Ih~0nSnzxrO#XA+b>Mu%lC0CRuskG9 zYSm5@zviv(nDQzs;Ub~&7k)(w@BxI+X+lxC0pP}zOkNw}-phTCOq?;DBv`Gu3SGa- z`|rM0cA~rN;D13DrGvrxi0a~_)6ZUk!^1}o*Wh@Uxa&5#_Dj@;%6(vJJ8uSXI$1ZftouFBk9ldQI#7fiVK#$(`DD5?MXSA z&P`ism7c|yH-kAdJ| z7hoI)j}kt|Az_Q-GKctfuc>?Z7ww;Ze;`e3sXme!sx z{wQTTvO`~2eiKLEC%>stGIA@?)2L=a!Iko3+Zr7QnsbR!4BIIFA%iOg*Yk|{Ve{Ig zwj zWp#4WqBn!9u@qEi&WJcIdT_zh;)9THca((loIY{}H~@gB>u~*n74OZO(3a(E@`cF+ z$b=pMXLmRl9pEecr(LB*yQDCwh>Bmai`p_GMbaLX>{gP0OA);paJL>tzW+ve+U1Lq(A$7b!U)XE&Qn?LEex`=bMk(p zZZgd}Z>LjNW={Qs0*^*84Bz#y-FJ%qg?H3n4AL(THeaP+Odjvwsn7>)JBe@iWH3Y8 zD-)7?JEwe7cdFCyKhoOsbSRmzLP_UB7d>P~7Pjo~EpKG_+A}J{xG0*>@|TJQX3wtQ zGXK84FP*5Llg+&-sc$#VTHa~x$>NDMR@c(`@4FJ0NL~Psp5R4jeGS#Cc=a`j zyVDXIBZxHzsar5*r}c~Gf{$1c*nw1TIBmG#V&oy#+xA%3U@=-YEIm7*HrW{!4iEM2 z+^2dsWvz~P<(|59tXR9$pA;-YhDL zT5zR=dj}C#c(-c(F)sR~zt`sFZ;?X$gnnVJF=U9(g8aYzD2&l%2d{aK9562VU$@R9 zhcV;9RgJKmE$S}#i1-@J2ZL{4zJPHbR|>UX?py{EDq=$DBc*$CtFxioJDz{d4MJgv zU1ni~2m|+1wm-41a%zFd{ObT(;P&mve&V(64Opb?7A`mPO&y zsAf!WRRG+q(V_|1o3(FicA5DEl)GST2-?tZNm}>A(Mr&#-c4HI#TK$?!okPQjwHfz zGU1i5NR1$0$NJ}3DMCXM&d&n~cD(%L-2Us8C;{ywnI2MpIS@7z6@x(vTPVk|wR2%} zs2AC}QyWVciFo^&*KyItDFyWn^`$#xpI`Pa*t+(eejclOTK-?9BulNU{M#{NOw@5f@?dWk5?i{&Wf<8-TrJblpFEx{Yr)?dh(!$`jw(J(&k z7IIRI%N)?{v832QTd+r_&x{D+PA6dhYRWDgYNsqSXI}=@Z#4E)WqdB%Z;Uxn5b96R z5skB3KOU7!w;wCj7aG*@784}mt6nSF;L&|%8dT&ms*>ln0?|9}75XttP^6i6>{Q?W zd1D~N;U?oO-q}BadHyo&>yb-PifFlN>(Q=Siz5H}UTpNo}<& zaqKEY>faBTRLAgdtyVuZBotK_eQAz269R@rX|)OocFRH23pwb^PBN#id15x8_dJka zLU+z$7pos@85UN{s|g*q6KwVi|JKQI8m7FX+f&@fGU7{oq_+$I!@}WzxT#Xc%Y)Kf1dOOv+0PP+W-)T_Y_E3S#@`HHJ2BsnsS37C2_vm0_NRx%E4MX|7JTcRmu7xF z$`R0OnEv2SF?5@>_{7HH+T{0b?(`TsciN~t02BPq+*!6MXvquxQCX%=(M|D_U4v@p z%dt}pZ}v4QhUOE3#5pI!q`!{lzoG2qc&(?1GLI7C8G{g67!WAC1atNIBtmf5d$9YM zcNHe#6j}y|LiVE9C&Xi*X2Ib#!s45xdubXXm-V;gBsi?kYB+u8xSM+#1-_Ah9G)u$ zAcu~vUkgup+!e>Uc;0$^An`HUSM*r7HKW3lz2Iak#O?erUYW1;Iy9qKj~An)d&GKu z0#aitUq!i&D#z{?C?59*{IQBYdQ-F+oc=>Wl17}6=z`^*;uAfWJg1u`5A zOj)v*IVS2dqzYl3_5LH$vH$!96;wsKutT9$#Z>7chD|ZJLzrF=4Js6jd1Y)xns}n{ zGzuq;yix0k^`kaipqgFu^)RGC%&B>AMq44cf;C2Ge7A&z=w!Cs;*AZUkBeDG{yGyB|Xk zuM#$>rD>nf1_d=TeqN%@Jg#EX$uie6iFnL^xkmGl`-RSG;neM*ZtUgWrX|Hf%7qY{ z9W_vKvdiaK2Cyf@f+QAed|cdX7J*%BVI-8$2)WOHtX{e5D6OMnq=H=4nxMGraE|jI z8p~D0x_QF5!)il-BqH65!LHTBRX zVNde_joI`Tb>@hfz#_-v;nURaHPs1?u}}JE$Lfmn_oh4FK(g)ne;I$NddY)VAP}S5 zRkgtk%;N8-i{+m;DX;ma1)g_%`mL1xnM6XX!M~xziOt0wm5ZG%-u*Rf_`38P@BcS~ zoLi)C)7;*1lr?21J=^dP9NxCV31j;=XLuni(emG!Lp!k72(;aMdso_|)8}G*AJ~_u zeJ#b2fyp8<0p=}hR=ZNwV54(@VOJKEQYrW*J=CDqd^`G@Ft{C$VUka3CaEPbC7q7-Ww#hG*e{#( zWC}>-clEM(2v$gvOPx2G7+r|n5|by?sLHD!LMiW~O&x9*(nxqE`Aj6WhLiY!;k7X% zHAMgbqvoS<%tll#b0Tk!MYKuP6w)lhbh#JXct#K+8NVvw6)L*ZT>1Yuj{PoCS|JYbndVn=I+v zBKt`4#S9n!y6yU^&bLpMGiyIEO(Lsgv+8x)W!>WG^zs+6`TEQ6xyZ>%r=nsRjtdIw zf-w40(_@)7gXs#-lFQh+^7G(mj-Xpq>v@IjEATEP6fh!FGq?ujcEr~Gr_LOb?hd9PqO5y~_4=67iwrr=e@ zb(lH;om+4?#u!J(U_MBBDXXTXV;UdawIxhCwi0m%)R9ed%=kM>{k#q8?OeczvJm)T`F0Xx?^4q?LS)><9^IuRiXo`wf-Ij+D}PvCmffo;U#Dc zjnZ$Sh@`^rc1XAavDu9V4wzv%+ntf!Kumh6XcG})eKs>>cI_5Sp?pX+=6IUsHz+sSD8;d}?ErjxHfKF1G1wf@xn8?!! z!R4o49jEwpVO988Z9nn2KrYzWTLKS{@c8U1luXSF%$Q={#JVn#vC6%y4fIz@VTIC1 z9`{@QB&Cy3>z_yfdoJ%aFXF=$W+R>A=>%8PyCNw`sy$Tq*m&~8b@*uw0BxP6v?||r zqZvKX{G1AHRP{Mexz0+WpdWjMsXTOEDY84u2McWyDCqOOW?+BwmtQIb3+Dx1+3LYB z##vyn(2wKzK(|WEPq==YFv8uTU-Yv|u9Wjsci4n2M{il(WGJfxIEKf(CFG!P|)gAogec(EQ-<;_% z_YQPo*udX>BI)TR;Axkc)gS8w=M#6bazP*kq$a#}q|Bb??fh>0XxQz=|KR}iEg(41zA&%{VBrHZT0D^1)S?H*^vZS^PD;4kv@k~}*9xK}A zW;!QnS!5pXoHrB?loki*zTE)fNd>Zs0-jUL$E}_MOt{U5O;jwugVp@=4!m<(ghW1j z&_wN#uai$cO7(t9%C3^{)A8mvM>l0n6bxi*=bHZ$79n$>q5HmZtPiVeMN=rW5Rwcg zWc=#FeoE?AB&aZ@vO+`?pN(yF7PSFUD>zdsz}d1aBMGPBccBWUIY0}fwQCOqKb^_R zP~ZV|UEmj85l$BFG8^Hk|lw)seU$p9ERkm zRn)S!t7cwBE6KkJ>JdF)GT$iG0y?*yU$}QgbEj%XIsKE2t1sN}pAonk-ZLCo*5*$W z#qPH!+-VCgO>{6-{%6;95m$9F3kR|QiG+olGB)*G!*8sdyjZClP7C-fIg@Vi7bfzi1h*amQ)+zv;CGpnKL8gO7G+9ThgRk z5?~|*i(|-S-<;YKo5-zDG%mW){3F%|SKK!&sm_4kA91(>PTLVQ4>82XETDnU6J>;Z z&fyW1?*R&3ezSV{<|q>e@O&H*E}HIpa~CdigY@v|1>l02M7HpC9HlNRoQO@f@I9-= zE>&AWg`iajUZty&WgdW_rWJ3D#<&kuNXwI24R$9?{roNd4Uu?hQFTbNTyb1zl8_?a z#@p~fY&WdOu3x1CbVSS-GWx!3N18WCRZS_7B&bXhMsTcKcVheW2s4~5aS9MvrDb(A zUR6+iBPCcJJf)eZArznsQpBOkc$;?7iv3iv;{_UD&+>b4g!GL>egYL!b7V1=6to5> zl6*$R;?F4hLL{7KR+Pdh<{hmoUn zNMO>|M@foQWC#rFxr|RSQZr8=@-rV|xe{zTk(rHu|4*rw!LWP^Or0aNMqN-o#@nK) zpFfZCqXZQbYkUjkf{MQ2TP3A|FMVp-j-wz;r6h#gGK67NTsr{|;!pa7n>EdSlrDn$ z?Kbt1i7vUxtH(*#K9o7T-9ITfkQRrkIp0)_StUl~rappcG3=?WOyz*TRtow!Nu{>g z;t}RFy~Sc|i5m-I+69qx;Jsm=5B{#N9zvKJRV|+L;u)==0q$!ouTC{z?3d9|^)1Rj zwFk^Mi7Heum!u6#L7qv@P6I7jDftRJ6#%J98j!ahIqcwlJpd?Ly2I#EnVPCdV}; zD7n5*8ZU}de+xM2+ER~$D2NQ57s|;T_%O#0S}d51kNT{#U%8FCUB}~kFs*rhX!Co2 zMwN&e0{Op2RsSpSvIDVd)%s1@Ujc!Xky!r(Iw=HJ;xAZ6{jx)*TbGQ`SFG@x!I7Wt z3|$Jqbq(70_i7D8xRzn_Lu7c{Ev%>?eDpuPOcD_eP3I->DKzqq-?|U-DEl|ZEgdhO z#W1#qxWH@2fdI9;WP2nsY;!H6sK<3bJigzNq%oy$Sf7z1$geLFR&L;M0AZ75l&v1 zo6;`iItQTx%sR`ReugjASH7XQVQN!IT45jXPj^p>7k9_im7&SpZ0C@IYs-77yFaIb z7^~g65izKN97@rw1Ag|;Ub413cwk3+{o)wxk74+}11fkLP8rfn#7RqE3bY%~^b6;N zY=L-iI{C}Uw_JP|ST%7>qm>ienuD=Zf`t$!9<(I#uHFW3i{K}uV+75U-wNUiNYqFa zy5cOc*ti>+`dE|d%#v~Hs<{5c$X^-K zXr;^nd5xv8@>GON=I<$YILMyJz>+$Eua{|7F7Ge+zCOv5kgs z*xNk=W@`oxov)W%zv%eVirU&{!Ewr~w^wJsv9CZ5)VkE=e03~ZTDI(`uvtK%=~7Qx zB`A)1{0g3t}I%-PJF*{GS9Z z%Oc3X*RX{_1kIV%T-Yf9`dIrcp^H2O2cQ-@{BS!QPC$UHNDsJh`E_+33`*RId{n|Pp%tCFxe=QGycjw(*}&@gvUT2S?aC>FKP-xC01j5sY2A{Fwi(B(n_D7y8Q zn!xS&<#Zp>UnT-xCCtYa`w60q2N+RhKj!m^fZpd`Rbh9O%A?I)Sm~rSggLT0{B|#^ zKwXf8LK=IXP=NP`Cm-!JNSG$#M)w7vxb{qI1+tR4?*BPwW&p99Qi+X|q|Hwq9-$mi zMGYUzmEULmEZ;%aa>n!On1iyO&-GFBGfB@0{w6%|$~Udv*I$C-1<%_rRO}${3Xy7y zm!Ph#HahXMm%CEmYBX?KrSZgdYeI4HaK9+zeZHvjW)*iijnIbtj}`!c@Po6O=bx(@ zYXdd~>`;!@b-Z$#nh=i&EXs#Bi6lI6_vVhckL*<36rhRn*wo8JL|?S&0YZu)xB-&o zWeLd?cB)$nKsl9g3&7JsqPIYakTKd)IlJ8lVcqLszU{5!3RUZKQahe5eN=q1AZut? z4<^4nJJECtRyQbB*!>iC%AY)TY4GI?tZ2pmgR0{NbMU7AX^1>7NL87-BeIYvf?YS2evDqu>pT~I!7L1W^%i0)O^ey_M0vOW6)obEJ6OQ7>h-fck-aK3Z3~2cA7|3J@iuocsN(QkGO~(~n-! z|L;3Yv*7JAZ7^fhORi^%gzLG?c#X78j9ORhl=3B57R!()#$yWW;GRb+Il`$QKj1~* zQOb{2CF7~2Y)y)M#7@EY`u=X15^sQ+_3V>Y9bRt!2O>oicasrUT(2BuaxUd389Lbt zv;;2$QtSv7dPavk#~2klbrvQbtLub=l(Ay?xp?SP$r?9b)xO5Punjlw*y1;S*0oEj zXaPeqJjm;W>O74sm9|UJ{D8GYC%peubaz7U%E@Fwzq&y4CcYCAE^l#$4Yc$PC~N7TL?bfg6BQa zS~QpkqS|5e(+^hxBOn9G76Oq*sawa9_ABi0S~Z}tEOiOHJ$Po1%U?W#Fa>Ww;0QW6 z-+!7GDw`AIeb-&hOffUcFmnI_QdxHo*G3#2tlA2%RiP{%% z`mNq5R+!6X1l9MzcBwD}>|cR>cBCp6@_5)1a%{t)R16%4VEAR1Y^^MZ5uEGz>Yl7!f`#Fh)J1Or$j)jdQ&)Bi52|{Nmq(HAoYFtGRQ@W0 zc-=K=J4scoA%6I3t^Gp@#8qW?+8zoUU}dI3@xE0mz>_~=LUp4r3+)(!zgpS5^y}D$ zYKJ|7J~YySbs$A635iuRjsguJ#XRrUjU4~?H&H=XQG+_F%ys&nzu*2JXJ7v}&qyJP z(;57SY>=)>uzi~IAAjC+a&Ifz%jDb4TSifnk*$NZ;y6kE_HCu{6zg9yk%!J{g*&7x zo1+1xjpm6;!>`}vTQnz+@wtF+fdpE3pX*X?pU@gl7;doi-&n;~4LuY>X@$f!6RlJ)*uuTMyu;?^Gv)aDvGLpZO5I z!U1@w(GYqPF4@r&2Y(ST5L{yWm2Z~K_)4KGC?CRF&d41axZy&<)gC5q!D&%U}nkx2#f&!9By- zun*#2S}bTBEOQhx71D762yAzWBxl1X(0_)kHRK4dUL*u=REU#89su0y>LSa*c${gs z9gO%4XtrnBZX0VV@AZVFj}rx%k#5Rdr+9HmCE5k-_qCkTaAs9B<;H+p$ZYqREtE;s z8SKhpG3xo_!e#*m_Sf}4i8ZTLof3dut)Id!+n~~zO({O3ddIn<<_|CbQ!XKVg55-0 z#`cZnT9myCO50uxu%Hhlb01c<1qVyA$fvc1&F^*7T~pRlpa~ukQPJu$NM})yJvU7< zLr~T*Ul3-J%03#d@pT34gn8ThJiq3~r=nr2*BVTq+nBjPd6tDg{yxW_wKwspg?4s? z8}1a;v~}^jMLo+Uqvr>lS&egl)!;8ToVR4rQtU$C^t|$L0XbRQ?6Sk>$4h+F(@9Em zlw^a0i>Kzm6Tn4WLOsMr;F`j|kCj^2%RZNn$Nyk1kHt;XbkEZB8*yn@q>h~)w3}G{ zY7?J$k9;eNh~j?J$wdHoKNfbszx<7QkS2r`9{%JI1^p!*xD^KzTnXRBaVyb`@~F-2kJL z&2c@`+1h-^qAsDN!^%V{=PpT&nk?e34Y@=Q_b@949~))&29v}vUfE7YzHuR>kqF$2 z-H+c*I{{(!#wyNdFsei~&yytMf)jrkXYwP*b+0P-$P0W zS@74r-gHCR_aru`xE1LXlwujR6`W@MpXJ-D3aTAH7PqF%O)cB0Zw-&oAq znJb=3-y;J}@t>>$_1o!DP7>BEx49a=u7V`Y_VmwI&jSj;{;qtw+npNF`=OaUFH;#z z+K|r28jPJ<6E5o^S{Mq6!Lq1g>iEITG0MJ)V+`exrMM-0%JPLq1EqG#blQwtz~VpX zDRG3RZP!aODyw8$CH*McpM<%DV0%R%52Go}*4qB8X5im3^lri{^?sw&9Z@R3&WOVTG$ye4uGX3Rd+`+yq3b*>f$CA?&xnO^ z@;KH%QYz4V?8ci?k#7Z_f4mf*YS_d%D#R9HgNv+bY`jhAK6~>8<}cEt1^33nW_b$>Q1}t zYn-z4=s3XOK8^D!?qnt{7vEsH9w(0TZ1UVue@4Y=2Tz({a_<$K7x{Rd4h z^K~r{&?N)0DvMhg-TEKsdfj^^{HO!f|HS1UW3i5+ER0|CU;X&HJ|n3dmyYs70dEzW zZi~{>yTvhAjmYlXWhO-#UTYR~CooHemKZiznD}muz;Ny>)>8FC&5U|ByrT9`M4NOc zmb7;GEYa9Q<+A+!?YK?A*if(P-=EIe_~!r2{grvz!sJh($8b|~qYlE=y&TV&jM1`ofF~f8)KDSn2+AR>LPG^y94u}w z;?sl*2Ueb45YH&#kh)_Q)I}sRv-))p)$d2@s{%P=LL};es+&0Dg+VgkNsfC&lyi5< zOH2PB#@@22?P!Y|EmGXwokDSUcZ!$d?oc$iQ=quJySK$DuEnLeyEM3lAVHGLdFDPZ z&pmf$e}MmF*4|lb{p^>tQEL?Qp9*pUR8NOZ8(O6iqI(=44BUwJZbdoy1~Ggf!!?+y zxFIYyns8*b_oz1@yFE!x(;_NsEnF>0Us|n#vLUE* z+yv_8k@kcNiVbgiwkL4M+1+6MS)W@F}AjvY-N6HclFo|dZ2zZ7k-Hz9L(YlD#>6R zO$jCqlHG&b!k`=}ziMJwJo1+xij74lHmtt~+B$^f)?V6aWNq>T&0hA2@z?g8pV^xR zyP0-1XRtEiRqmW?UcxJiPVD}F)uTB*O_t@NGkw{Eu)yi_ zr)$Tc4tWtDprnaGqUinVE<%^sBE~TOBBiI{wSly%4vrEpT|j!x8lIe6&_M4P_L2w2 zVk$r`6qho^=VfSALd*2VJpzmDex~=ApIhH_@@~^=v&RZFtS#m?+A4{2p3fNMjD~-fFlKK zfos0wHbvm7sq(>OdjhyyLS9gTmt9vQ zcCV#r#(l#hDR8_p{W3+AJ|?4dd6T-#0x@}9f0JS;@WPM-0c%M?Yj5-pj?3|74p=F1 zPkZ<4#k0zJ1E9(%>Rimfnu2YqtpY^NBE+_oBs#eRz0aG}c}Q=%Y4Mm03E0NZ`jHF? zh>+Uv)@!h-_#e=gkUdT`a(;;pnS_JQBma9OE8l7_u}9;M3KQlmq6Di&7eT*2hbYjo z?*^gaqoCZv86qx00TqG3jFi5;z1_x0HZP79hopZmZx3jm^QHMJKMu!*L;t5n6OPIG zC9F%l#Mr2_)+&U9ZzJQ`h;IK-C>UDjB!vTnGHItWxcGSA{}V?HE+a7il=|=LCt7lG zWjvzjlna~qJAxU>+iAK86z{|MavCxrGXkB(c*MTa? zT`;udeRweDw0YDv7zLs`OY?Gq$UC2>DycjmROvR-O(&HDZ;SC@276ESYU zk%~`%*Rq}PmHL9%Sb1gAXjR{C89!q$jAJXO0NLmZpr(t8n`mUdNK`Ct0vtp}BbKOe z=l~>B$S?bLR$fIP=&wOfb(YHL!?;Z1pmHJDRegX7PKZ|x;P$S|Uy@op)s{Iet1_2ok!cU!Uq8zNY zKNXcUBk_FRM9HBERS8xeQ7f#q(0)N*V%)N+BvPpSxdJ~X0v;@2={xl3Hw-|OD0^d zO$#UA$vDK0M}=l`fxa0nG!*+q0|!N@CSKXYnMxUgg^Q(cVtLOV-u`aCM`JOxq!ouo zsfksy{jnfKSHgcy@lAS6CHpUuUzM#~WkTChG%aC{BKWClCQTUIhS)zmItwO<4tQ?%5B$S(xTaTULkMj-f> z!^?$*AgQ`VT)vYKEa3i%Q3fFSYf*jss3d5~lcYp(Pi!|T*V>Q9b-UuCWlNwEI{V`* z3h&*g86W72%-2anWZqxWCKOcr6xC_AI zFf}FULwW1~GkN?wM2_O}$05fVeoyu|tRT%_13e_FNYM%nR}pKI&Wv;-i3p&DQ^TFqIH(ag$ZJt9=K{YAN~-Ka+rr zU=VpumLT7}pY^>W?WONSvBN$|`m!rrv8B4oL8`F(kNNqmbJ$Z z&`Euai1n}R_<9W=I2zif+$Y#IUrSQ*WuiLHR;k21YHq2Q26#hU(hMiRbj4+CJ&27t zwF4qs5Jdutt{(^@cNodLXYCPafO{#5stVEX$$Cle@ZTpq`UFA?SDfNxfd^Qd7{`tIge0!Xu-yNl;Yvoy))j=5*UF&eQ~E@d?G!?Z{xHmJ4{&LqXt>qh$+P5Ri=ZtL7sY z96oD1Z>i#n#6fsaZxISX$fIJ&mqd|MB{{4p{yE|XKUmNMt)UR^AE+=;sMI5#gh_T# zbyoLiRULv|RcIJ|y*9&9)N%U5eSF9G^CkWKpvZTuaA+|G7AfC8c7rEIyWhc3v)`x| zb_hipnjI2b1kWHaFaF)P!|pn9Mf6wA5Q|)kC=qi$?sSBGtl#9%O*$pAcV5D+mpu>L zIDBkh?t89Y&p^DAx0c)VA_W_Rq@e+IJq=>}zw`ug@^32LkNE3ZqAqZ0j3)a6pCZ@D zl2|o__WE)0onH5!Cpdc`ppiEI8RkAn*9*D(xXJB*wy7#KG)M4|_d88I zFS&EH<+8?+FAwqoV50&D- z+N_W7FF>Nn>-7=8E*x?UgJ}c0DtINo`&z({*Z23w6r*d^(-a#_$SBgzjawSVDZRfQ zo1gDy#Nm-*e)uSQZl&Zx8jgnI&qixe9^TjSuLtM~y}XkB*I@A)Ni)yt=M+s=bSVk5 z;bhN?A>y)aBA3qIK;3apz2nZBreTvZp@mSV;N@=;$PCH8P^cn3ig+ekrJgAcMH!&4 z4pB2H-J{`K)*$704P$+m#`h0#!QJ)o?Uft=Ps;(4+X4UOo1XQZGw zs~(L8j)+DS7xq1s4^S^m*XFa_{+bE!{Rd#m%yaFn@x&4RWvFQJG5D#O%xeu-&Kso> z;iAZG>gMs(%lro8+69r=a^Z1qz^5ZHYZ+(e(0`VRBxD$G``w58;h&MNjdi#VND{?( zKsi#g(55n_P#ZP^(OqBjTF-;}?bkYHkH^Eo0fh+Zm}mkG-~Ak*pX5!TdX&xCJ*9C- zX3{LODgGti2H#Mp;?51FU3!|jaL3EEE6m&2Xmn|s9J{qUrlaFu^dIyn%>arH&!}LL zM1SLO(!oFs!b)GYZr#6LfEdg&jVU(^nO|ku^5;soI}>uA{d+b}3Z1?JbV(5c^ajRn zcS6p$l0by*`}`nN&_yTFUC8{KRa~L>>m_GqNOx^b%OR>=#sTRQ@#rkDB|8gOv|%*0NcJJKQXy-u+I>Ef6V={3PQd zY|aPYZzAn%!mPn(F8fkrrm{B;X7Yj+WC=094!so6% ztk#!DKHWH$HY0Da;a7$?cC-oJI{%LMQ^}~YA!ZRQdR29#O_qrwB4Kqq{`Tt)$@Ta> z^%?kUhoj5aZwEdaArQV7Uqzdb~d%c65jq9R}?S3h}!NfQrarkqbKYOVpW%cQiTeaO3}|y`2d$5PlkCPhPg2 z`_Mcq)talUDE@~g)8;r`XUbDn9;3yT0kHsJ`8j{rdShTTXB-2$P=i0e-cx`B^;>u*nk@7euBpE?}5@-`9P ze`_#SU>D@Rv#d;1A*yUzv=)-O@4vwmoUTO-94yH=YShU^Qx+7Eogz^vzH8#fe!EjT z%i~lpCnXJQATics#C=o{`4rJUogh>k_szlx@}Jo@F>r_;g>mTd-Pv=@)b+8VWarC2 z4T<{m)x_-3Nilej2ufchq)p>!Yg!4@QCgYr*wC%#Nx`?(*s-3m?|J*0^=*{+XkwX# z-RLyHI-pY-NsC#iQc_{9IQ@wXA(>147|EFhWp4RfFR6+3(C-FPfcwX|w+V~cZu!C{ zN944+jF|1HiG7_S42ICNbq8dfK!!pGffIR`ovR^qInZLU-mrS7Hr`0 zF39h^99l2f4Dv*jq_<7SZ7|OKj8|0FXvopS{?WpXN6f}{tLVh22josqzl4twmGVcGFm7qbd_rUZ7L!D=`C7Ko32ZF%cJhU};f z1a6_fUCEO|0);P**N*WwuGm&gJY-3E+GfCQ=~qIp<$m(GK7l8l?h7V=pAV0UdY7?8f|;X|H!V$t%An;LGcAexnzM-upDpsBZMRirV9m}$4-kA{1fM3% zNi6neTSCm2O8P(9EEKya?ccld@;5%+I&!dH$^POp)C@e|>sGin=Fs3IWx6B&M?5P2 z_?t?OShS#o4Y)h%@8;jh9KshF4g%;?XFES~epQJBY^R~81+G)S)VP&5Kc)H_gzkrlw1UZ!NYJ{hpM( zTP32SC;b*Ha3)y(Y#%-Q4a!aGO&=?peUOBUolnpxEndUhof!QtXhO}&DBKBmX#h3F zyOZr^c1aS(DzaPQEh~EXQN|vThRb{Xau53|-M3j&(GW{b>ZJZ8%SuD6B=FABjQyut zxeIc{_ue|AzD^1_;ebhYvm^;hpYu63S{aQfoJVt9{MIZ}Ez}EgLi6&|gnMKE!3O+) zGN80578^OUn+YBMc8hPAz_8~dvH)>{#(10`ZbOowMy4h`W59bTIQEPL@JS154q+;M zc!^fuyYY>*$FlX0pMQG@hCmM`C2ZdJnGdbZEmS5%^6Gi zcdOy?BN&5p=+g^u`A$7@PFU}weq7rxK#ht-I;%d-cxLI5dc4-a?S3&#`5R1CzHyxi zA|}q)3qHln`nwS-Xe$+tUpmH~Nv%vq3Eb{?=8;%(?ZF?!MO&fxe?@ z>OFlniFpMBx}y#H^(u-JbyPhJiZ@sR1e{@4fr=7NEv=uI&j{2BqgwCoa zerunIYE)%bv>!b^q*sXrd5^~yL~wkRgo0JP3kz=Yia1tY{-pU7UIlZpte60{oIokS zU!zXjJxb-9CK8X&uFP4+W{kL9#9dwou9>&$MNuz1(BGiC9cY3(WTo;fuy)h!m1z>W z=-LYC#Tm5Bq4L?O=Vl(1iOyN{!_CNVCcl zE116EV-#xT*a2pD{g~zIs48{=)P}nBG?K*O`W=||i&LNoo zv;IZNZ}Fk0yZcbMYBXOgt8I499bj4=T*>rb9jN|a6yB|Yh9(KY2$88Z^~JC#`be7T zJ#4US2uBXrgvxX@df($ES1!4m=pQKoHY{8(tsX3`moR4cUec~`GlinyOR^YUU}+va ziZG|}tj@I@uN<8jcQCu*DnzmBbXiD$hG^TUZdo*XyedM}m+K$fP$VTrZ&lJ?a^`I% z5D@XxH|t0xJ04mgIJs5>oI?)6cj24iY(;w?{f4nPDt7s}KYR`Ih@C_xfwLI<$G3a( zgk=NU15Hkd!p`?`gem;TXfZo3FcjV&U)pa~RdBZN>P@uuy*mF{JTK1a3E-?Z>Z=Rf zc?foeoWQ0!B~;C2KXhe}(2NJj(e=;GGp@@;C9>ov%jvD{em{0c1)T+b5H7<8<5Ik> zmioU7(f;{{%a;C*gacW2?-}!LbLxI}(H0dQCa2_&Av7S8GmorNBM}E=9g9sC5n}jA zEdvi_QP=Ns30iYwR`Fw=FMd%{G`uUXF z)>r5_gNe}fu;UZrH=kDYWx39P{33}-lvyLl_^^roM=>Rm#tI6$`Sa0LAk!Rz#J91% zN8eLPIo7ABGg|Nd*t&MV%O*xI3NO+)%6B;H(L|y4WpVa4N_OYi#4M#^s?5Cm>wdEM zMvPPlbv|rfxL~LLWe2w>*VYPGWt}+h1$sZPcc{Bhn)HCf5a>DxSERhk3IP>v@^8wSs zV;MvPwhdqztf+cvuHUNyPhTNZcg<6T&o)dwtlmJp~(A1|Z3zILLRyBg$Squ0dN zab{=YK5ycx?=U3u%%~$TQLOhD^r1du!* z(D=ZworYeqvwXV@J=hxzy!3Oq9|13=zzv&qpnk7WRi~m|H&M*+txWgnP+Ih3xkWUm-09N-J`H)k;Uu$phnu-l$r0Zo6X;ES{ zhkgrP#g-PsI!V$Z_EeOPNWnLLX3p%~-Bc%0rhl3^ar^cTPHTX@ZS%8ky#h1MXKNQG z6gVK%(*AM_aE%~|t8o&<5;kg^b@p9T}WgkIhUnm@F zwrJMc0Z_nWKS!*TxX^S)9z+0;!qT^-MWe|{Lf(fa6ll$snpYt2ay0ILrsK%Lo0Au_ z^2?Ae*S4o_W%*S79K`jz`SjEJx`StExXR9Bw}~9q5$tA^redbhWMr=t1XS74Exi4e z^;dze{nyKGQg6p*@Lx`@`%?in>cH1JfltEqfxEYT+QGYvm5XlewVQW$oEbkQLd^VB z6AsPq40@ltSIoXZ&(M4O#4d-d&<0djBY~ZL?Zx>w+B(M90l>i(Q%!a8TQ1&*uU+@4 z=spVCzJICBKAYa;H%}hsaApb?KBRv}Ffe{zkDDYm_3{?}U3<`eFb~TA&zEK;ZM_%) z&(|2~Is7NHCO3lLc1kwH0+xxB9FGGa(V6z1mp^MBC|fsc*lmbJM_C#>&`Quhb~XAz z=ZEzAoxmW-Y0zkv_mw~)bl?49i<8;M6ru=BnelgCIO2^Kxrtdx|Jyv73tnk;Jja?` zCYMwR46_YbOrw^(a>uUNG^l$58|#OU7CirOhhpao7PKlV4|$gwfxcx#t!-X=IO4dc(73y>;oC1)Zo}@ju2$qcv37f3O;Kq zG`WOs!Z_;tj?+?fmjmq}!)5`d!i((|PCZLqZ7T%EYki6md(RUdeXw)){kSWe&`$@EBJ#ZfF4Hw*6bZ@PFD!y1CKqBJ@<8>q`eaV~jFV-c`1} zSp1)~oWs9SgS1pzZjR4z48kNGgOif}!q}Ac?Dc^V*1fAhd!ucQ!mm4zzh8IVa|3a3 zlu8D}-#tO?=NXy)jWCXPiG2{Y2JMIXRkLlMOR#gMV0D~>kU&!sT07rsX_4J~WNnIu zqY@I8Pqwat_5RPiODpFdjl+#MpR#c-i_-6x#f*C9|2@wq?b)TtM|>-1o8k*@sGWs1?!?)$JE-=;TJc z-q`4~2&`pTZ_X~c-*E}!f6?si3}6FL#8KLfLbf^+Y!(gykhc1e3W`Qx^gR81B>eku zbTD9E2q_<+E-!~Ids_VoAD@$;5p$nR;h1U&GxnXx;mJoxLG<@xx&BmR&%B6exscD7 zy+?&_c*5b>Chfm7Efit`57iM-x^&HB{Crdb+F9ITMg?yn7~@eE4AcY*Lw}NTEGH-Y zbN|88aDhZ}`%63#?m_ioKuJvh+^8NA25r;Gw;LXE`>`(CR{vic)&c8;IAtP3sl?_{ zmtlsPM-h_GO&8c&f1nM*uGCjgzL4MOho$WK52Jb+ZN1c{p(;JA_YU;gWy9FiTiNRHcONJV$e7jpRlU6dirajT z>VETd>m5s>dS1V#uP$~sZbL@qKB15aCUxRg9XR)%r=Or#a+EgmINaLtmG5bFobV|C zOm*8#EZ1j|dq+C!Yft-sCKT51)?21__Y{6rR=hHOxSYv^1>H@@0!KM~)%@n?5|Rh} zlY*CL(vQquV?lZ)Evvc`kQ4IBhx7QvZziP!VC=kto!`O7l}$M<@59v3x1kbMzdlNW zL1t`{?oXQ(-eb+CUxI^fe}Ghor(-!Mod2^wsLhA|Iv{p-HW1?cO3RD?zl7~VLO9t$ zky$%;ddX(DaE6Z!KkK@iD10^nHm{vtv!5^lH1)cI`V3gYS@dC|peaczQmw7jW=7k| zsSnxsIcnl(N&4_xJ2jFwF&gQ5-Jpz{PN*a}zW!2dvP3vY!KZ<8|aQG;|0&DJ+g-ESBa80EoH z7o8IC&iBubwml*tYndz9oz%(Oar)arWLHkkE)59FYqg}dQGTHQ{yLICPPhMU4hLLj z@D*M(`MwPI&-?Y$P6cEM4H{GD01R%)$d6arX0Q(mXvuq742o=X+WGx4X;ktuVzX8} zRKHA?b|c7!g7Xw{iu#i(Ej!RLtagzS%}BAJ?}&c*}oC>-}}lv<{SVAMsw%v_2qw`5H|}z^ktXh=Tcl z2OiVG)9PxptX-rf3763ki16g+pgJ{DJVbG{E;l>L%jsw)7n31U`$ywMimzEkMOYzM zY);*~@AN!mbm4M2bzK#@!jHbne+d`C)UHbWw&b?3UI3-S7cIFv;E@?C$nXb$0Q-1Oqi@yfI#Wj1h3p~K)&Mcm~6YEv)as6cNh7ap+qd#iYul?sdIM&Yo z3Xti7x9@4uD+HD8=xI!>)OFT5ZTT%zOwkTOc-HgZ?6j*S!5)3BabqQ98!toDEEqlZYolJRW{m#o{ePfPhG-^3NeU^J^=-uGcp=} zqQumdFPbV*_I2YqG}I(bh5wQ3R)TI1r8Hx^TSU8}N02+0EIGz$> zx;~OJt~_l8x8XnldL)|Aul(EY+fN{AVvF#|%$fQTzP%B`?Ek{seT)O$hex2XU%Vk<6=tv#=Iq{0) z$bG#%@Xe6Sh{n^B=8JmJ2uyZ5qB)|ToipHxe$r?<$OHm}-7f&w?26X$$fnjdR?6mT zSF%{`5I86x>CF>|5g2t6C4nmk%jx8Gu4t}Zd-TA&dWf&zA6{rZ=yfLWld!|&3pY`u zvwd%npWn<*9cvzr;!*OSSX zj^oqFj^W+KUeF3GZo#ZqqSqs6lmT?TY(1Mj>CtRH-ON8Ys@jkEUr+H4N-^(A=<)FK z3g7Rix8I6V5O1l315>F~f8Jl@+w9NkRzn7AFM;3lt?Ct4A}h*<7b+_I+1{R|Y1-Il zi3v%=9Y+N#b1UV9C8X?Oy$aH%neX7pDKq=!zYtFtTZ(J5*{i0^{-yTEJ0P9`HNkch6S(vOBViX3H!9|O_#b+~QFuI@z?iKTF4lp-0443lSK0W#c> z=H2p>o&Ds?i~?Eue9oz!9z~sdY9Sn}0SeA<#TYuk_D?f4()81IJvr z`y8L3F*K*>Y<{it1wlkkIChzaI;PTP7EFezw$k5`JH@iN~Rg2k*8{_N)c7uN%I!-IG|`1GdGo-psgFY50JqH@HPpZDO| z{_;$)kU-x7Xnew@=V{)TToU(agsJa-YJEu@H}HikujoA1+Ch61)>hkDhySletyN>lc_K!!K~+4lABS1 z{y)a1B#cjjpVbZL5f&B;2-xN;PPVlI%X3fG>?^d>S{Nv6*R2(qKE%}sC{+iBha&)% z4eFzPUO=Ks3+mckKa+=NS2~vhwssJmJddx=1lRmyCSp}Jk7}Sie>=+H5O56=S%mYz ze z%3CN8iv_HmvOEGb5J7IZWG1!nVl=LI%mQI_5@U$7&USeY9AvRC@6xPwrNrt>>ac4i zDF&t43rT}>j}e;a-EvzAawkG>Ndr@-IT;JBx*5J8@HnI;g}JMoer`urbbhb?l-c`?LD!<|Oph>X&{8ysljC?t2<}k^bV@uhMyE719!N<=o2~-If=WwlO?alRz!)th1G+qQ;HgT{ez?v9eMX-r_ z9s^+kJ4sdoR3YkYwJPEQ1j+y(+w_W7oF4iu~R55o8KR<{RM<;RI=QFq$a#Xa;q z{d?S0tV{eU`E)2Bd&xERyQfNf;3Hr?e-2$lS+|gcy8Q+FU^3*Pru`7PKnbZpd*iZQ zK;phjaKwlc%6W6D+%~B16jYASQM!?^ReQumc+Rom5gfejeMNh8)XnSi4K@3}pL23J zW%+pkk+#{-vV-*FWYYCn`M24hj~qqetyqx9{b`(4b8(DLO02ME;lY&UwJq|UWd6yO zF&a7PSs^HjW9t7d(o+E4{z``K>7_ly4(re9L~1UL;NL;?=bOlAp?(A<2o*6dqcSL8 zEPE_5ufI!PM*(0@Cd?;|zZ{Ms9{ryKmWg9-tp(r!h-<{|qYM9s*Lhij3Li#VbPjYMSaf~U3 zHqFT8b*=mi9c24#c3$u zluwwD-l;Vg*G>MWL6A-GUk4L&B8St4vpVvB4XYtfToocvv{mFL{ElRHYC*%OeOge; zS`Mc(DkQ^cz}gvxLHMN#F3X#lXJop7z7ZITZ0VQgK)NVUaS9H=00swI@~MqB9wskk z^K%KCtM_{-u;?g;KXQhL{yAqhtCbga)2j6c*pFd^DwmA&e>~PRq5N`;20a^=S;0J~ zIOweKUXZ8@u*#Vy1k5WljRZYx5r>l~xBN2h;OPy1T{-Zo50T}|I@#8oVUFvqB&K_< zG~>N0^S2_6L^nZSsxfWq$@d0O|F-XUdeHia@E&Me6AD@ZBrqE-c1<~_5L53hiZ$Q^L&yy2n)wgJ*1~8FlT}CeRf;T=*OT_+ zBaNgIxCCUY8=oW#PyL}2)=HheZv{(Cg>$@=!#aS2tq@91aj(Sf-$gOc-r9$e%{zo< zES&KHea}me8!9jwjvoJsJ-}AQ(dZR)vEZhrjZ?-t>cVHZ&+7#Zp{jr?k1z1t#US`g z_eoC(fh24Z0Wf&CGL%*KD&3i>)9QQ^krecyFa(0U-_Gz-A5ZMEO|WA8Eaml-j(&ho z?W;pJ=&h$_mY;RG&L#rzh9zkDKi`;5!$DChLpEf=@dof0+lX3 zsboPpt2C8N#yB>;5Uc=})V2RP|9`yzPGs^IT7dpx?Vp=xM_21g_&*V|TKh_|rbd4G zv_Ma|&!B)dp^p9fDQ#Z1(OzZo<3f1L$ItAsz01VJ^9h^mp$xB=0vY%e*N6ntQX2PV z->al$WBZWaE2sFE7M8$U7=**gh#Yz9A|b?F;uYTw1%8muk(T4>L&{5KMyo2iY4W{= zxPD+65Q5kwRA>IHq=TU>s2Tg86b)ar?Zh5S5^eZk-8P3`P;z%$2}LS;4<)7)GqjVcQ^SusSSIyMI#F+W>za|>wwW@WPOm_q++omX5y){QelI!1shb)kx2 zfB?vkMj?AwkxA@jmz_C=Ay(V2Bmxte2d%tl>Xkr<*}eu8JhT5631``&*unI9hmh8K zyGC2ljZTDb9nlN`o{TIj@vvp?wM$@B~%DHB{-_s=cyv* zxnOs&StwQnz1oSc3b=ppzOA9&qSz40(Fj>9BxTC1-yo>>pA0zQl)M=QKph+da@`bP zo|8JR3*--G|H*twiemC9EK7K~c^n6u69lX!-?YQ(Y8-@@dym_*!FN;405hQ(=83NV z+K9dNXm0)ZN`|p?VGHwbx2J)*n4SMIC8b1$Hi$c`OePom!+U4eAO0z47Dk@5eB(%l zN#Ig4f9-KdJaXY(auZt0VHK0V_7~(gAWB*|KP|Hg*^&|ef;g!5Yj4PdaHuEwogejP zAc_)t9dANtDP}qb0bV+xg%kq90ck1s0i30O9$!3N^g5YwavHaUlGREn3Mv^FI6VZD zNhgj{o>u7WSM&azt8Y-e`KK}9pHC_o4sLGAOxL&V;IgdYSEI`VjBqC4Kjx?0RyYk^ zvf{6Pah*C1y(uZ66))|t7q zXUW#5`|D7U-_^6OM?!h+Cyi;gPdU>VZw6Zkvk}}&DaJ6XDl#d^T9Ozr<-3a$gdIEn z5$u&!Nge7|3@OY{Rgbm`wgI+iGwy zCrhD~{_S;DMyACAE_=48@E9!$Ifup17(;T}&+1^&GeMUg00=N7=aB(nisC^_!OVSq zWU1!Y`!AWdWsVgq96181Ka=9}>Nv$b$CuEz6g~6VY3Htb%sS_Y7gvTKwNyH7E`xp& zW!@h1PG^6LR^D3=IO6));u^=w+2g`<0U^#OjPkx$_gmsrrCJ#&G7kP*j%v9cLnN=n(y&$XU-q+)wMFpoC-MprL zmRYl3pgBh5rcd|nr>xXDBJrh#k>NG;3vJ6_yqw^#UpbRDdIOB?e1h_W=R0e(1DbTG zV^?|}+74P+%qKa7i(sh>0f}31d`JbRpI4;<8YPpRJ;>dYhVm zAk3&qS9hlTC_;;2Z9aQ@>zsgwfuoa-Fg=Mu(;@6|jxvgJ?>q#Ena0e2=ZwXjPm_Iw zs7-^*@iPq04r30gQ!mD}o=w&3e*ycnK%pR;zhFndL}*b)L5{X69!^O6(BqIZ3!_oV*+o3I%*WYqfNfr||oi za?=(PVB^#Q3vIu?xQZSCGFKR5|7QHj9%pkRK_?y*Y<-3g7&bG-#g=$9&v*NS+8FPk zNCIByf&Laj+GOJ6 zk>rb}F@Hy&@b*KdHq%=)@nhW0_$_DbgI6i-b}|y;$<1H(1K6e zhRuwx)7l@qt*SDFyssojpE*xy!6|Y372>?cVy|Vc!xyy&2j|*?s*_a(ifv+CUQW-C z`3kY=$EWqfTcX?iwdXZc1+_2G$8Ac=lHi5O0|={+GWS9MeLH05GNDW(L>c4GI5pk= zWqehn0-`b5_R@a4&wo}Q<0z^{aQQfzGz=5l$KLm1nz8+5{(~~mb}}c`b{g2Yu@Bu7 z93F3O@c~BSTLl@D>*!z)sriTzGWC^f&s-ziNY*{td)m!qH@`SAQN?M%+Gd84B|W7n z1Z#V59!GRwK2=mUs|57{5UmAw^~-baqw)OhHx9Wo2bCvB@|N`0OVns+%wV8c{cXe{#C?zjnk;~h|<2Vn$ZE;(s|e?w01JD{{& zYAk0(wp|rncv4QTbdaOYayj+n$3&_6kC>Y23+9zdSZb}nkWUe*bRG2sS8~VviSo*;Lj&C4R_5IjJ{tSS@UKdTC zf3}4XbI28Q3UAnEJ-MP}=tifkK*yeZdd@7P_9Hdlx5+@7vWO2V#ifgi1|P_TNC=i_ zfzE^RCj_4+v<|+CD2g}5;atNlyt8?O+TLA|Y*4{&%0#V%ZQ)2s`RWd+X(SI3^N9z` zL@ke#2d%bn&*C=!% z`3P!cQwVu-#O(E+28Y?^i<@(wWG*yer|n{&NR_HJe|=5&8e1RSPjC&idYR;h;r-OD zE1fo^a37-`2fJ;p)W^9R!xDVoWM9;r0gy?{!4ySBN-co39qZj~-VRhZFt14Gr|$5Z zf-ZdAh70&pdv8vWxR*!99nE(JhqNA&12y1uefh+v=dL*U!M%f0|Jz_KYLuh~G7CCggVCcRZ4C z&j0Z8@mVrB$avjKNa&$SW9Tf>AKjR;?`cOOX>QLs4Y}TbM;NelBtcR1dhKXMsK`{< z$y)b1zcW%*-^b9gIPMGk^hl_v2w0DDK5F zu4DFe)c%-ob|6>jNa{;uW+KpiDR|KIH*17ZNA@69Pm
    --jQ!`aI~LtxZ<_i%F> z*Qty98@%~A)#763*ge+$ zeN|o-Bm+fSUlE$14wB^czT+POQ(BH?um4PLW

    Q*-aL|lC%>~3Wh9f@?qQP2kVm1 zQFVY7;BGWT(naWk9{?4ua^KqEUf#yV-U0*!!Xn8JLPJ-Eip-uekM9Wi$a=IWsG^f# zCsq5UK7F)_u?2Gy=McbVr}_@EZbTscR?f%X+Y`x{y_I}oS$fGB*Px@s6YV;bQHsO( z?cgMFx1hjtAJ^yw)7!pbVY_@h$Aj_5b;-aFy|?{e4%J+Jjq+FH-m)OY4>!|R^8UY? z=h=EhG(KiTx^gMD}Jix-uf6pwQZ!^muB!Yr36cT$xkIf1H9Wtmg^|a zEGf)86S__e1oj~}d3$>YDQO|yf5@m)JS6EKbK%1&WjYT>9g@{=j|fm;pV!fY3Cv2= z7$PmZql-db9ZB^KZ(L#blyqdjvgNe(tfS~7_isk2k~Ch;iee>S%Op!M)(6ra8E@GM zNU#?xjZb^lBLFfUw*T-tK8nWN@)#u7$sI2j>oL*6mC(@X34cxdO5d|yCQR{(PHRj| zYt($U6s86`x?mxaBOeU62B(UA1-DH@CI~{aIS!CcJN_JuVb8g=t{!Sg!;6hz+j9lI zM_}}7scx%tAhJ)Q6WsJ#F`1(^%t{sqT>ky6;1hU5nVt5eb+iQO zoZBtM7*_V$xjIj^7=e^Z<^jHxv4%rDod1Whw*YE0+SZ0~cWH5gOVJc4P%O9;q)?m| z_X44~dx`{i3lOwWiqm2(F2%h_aVb#T>7Sl^&i(G(f6lp`$-IMP-Z$B6ueF}No@cM^ zt1LxmN;?Nb>^-Od9#!I~N^;p_)N0MA?{k{^6mrqywr|_iv*iWpxv5-p-Zl|-O!JUF zxxQNKu|0BkS-ooNU4Ldmt@Qa0UhXk#%5b!5yET!zNlP2Z$9LPm<$Yg5kByoZrMB$$ zP`{z8h(lx^pyIT(&0_AyDdoFdok)tX{{A(WUUHYR!TRPS6W_zd``Uxl?4re~NA}4;!+rHKFNLDW7UZRSNlw} z9+5VZzC_Yw;=ffdA^qTzzAbY%ycO}rK|PC!;i~KWIN@%%G3WTnQJk(HvIkEE<9S8% z&!$DUU2}h?Mo*yRMVRCIs}UCE=Xgril{j$z13XsivjbG zxA2~#l^U7YYutiuG&UgY*fPr1Q-1mzLvuBbhj`4WcE)=j^A-#s5hA_e8yPS`i_i2O zZyvJOHu-;NQqj}r&SbJ{Jvh+3>tpcYiR9=li;5=O(3oTbyClY`aIXXZJ#i(%S(L(PP$TySENcEjh0f7EJlk3w4xi5F}F+L%mqiVz`$Yst` zJb>2Vi}>+l(X+8>dHFf2o^H|Wm`0d7{aIM3RmIplT%z!^WbHg2TJ8>Tz?4>~USNDC zNSk;{R-qM;gPIM*+-W7TMN3A~B4y{hLg$Xqm@K%Lz|O2-dH+lJ4$heJ`Syo^+r8Ww`EE98Uqur)Yz$OUc? zyJ8T=en27DvsO}h(H7!&89cqCQbMoNsz#=D5rxyaevURDbypt7z4yM=bVrTm`XK5$ zu5;ZspB=^21f9MABu}@qMJ0Y}I_`UiX#OebK?x7WVvI?r6Pp{Dh@K5NySW;)KKl7c zutDll^7xvT0ctG38t@>g8`a?X^&ml$Va{~rtyepD*+4zcl664U4k2(%^7GBq)ef&# zkAc+nkHbXMnWMY@RJYNKnm%JKNl3a!_P4td@6l@ykLzEQ<}rP)H(}Jek&t(W^hd2H z9B!LDkGDUBWX1(ByL>JuzqD9|z$JNB<5oL=9G^VZ1i-uKh8A?!3<7UQ*OqKYq$0j% zk(<+}KU^R6T-!Qj6`>FjS0zk-6StoL3#PuY{=Azc9s4ZjqvHX(MlT|7vw1c^boqCr zu5Uc#8TOiO(B|cu*Ye4rXfa2MoG!nn2OmfG?eAY}-Xpl5W-57XKc9ykZyyCr^Bf#J zYJQya$*@i2KjCgEHUO`JZzcoh65~x4LnwoZVDpLw(HDM}9=ttOVl)26_Lt#Q|D2M*-r`n+%clOMxzZi9&OS~kR{8d`@_~t@5_vt zCFk5DmrI5tNs*@-M-L{89Ih=#?JHWOG|?7gFzsOJEAcO_-Tt^c6P=DYJMQAsR^qS^ z-;~oy2V{CtG(L@uoe|n?ldXCH?MPBoKtULXdC(m1N8a}La3 znn*i=828Nf;l*;z{0pKD{Y8QHF#Xcv)Y%MjCXN$1MGPd+j?HDtNJc%vrrSw}<0u0S zFd~fJ$FzX7St(9K%o6nyd8Xtt72FlrW&G1I3@jeT-pPXe_J4gkjgpRSh^l_)l*!De z40P@5zZienMwa{)K`1DwpDDd?rp8W+d&!2tJ=fBHGFQxJN@@DI3Mcvon8qm{hWMbY z8?XGUw59yu1=ffai26fmt!Jv7x%Ed_mmEDTqyRRK>7f)B1OyiIm3mO&@6^Fx@+d*> zd(T&59Xot^^P(lNus?;0e08*Sahf9uIZgUCcHADC_6wZUXB3+zlx1r^KAC z(lqyo$*tP-=@)?X*B2_&56FM1XR5@~@1AWBG|l1p*r6FpEeY%~2V(`N9*0|6q8jS1zm;%vy$fG-A`CKec35e4vs(~ixMo?2UiqocR{LNpO%(*`8o>XV zlC&xK`95>*o8*!UfxO@LO9HyL@^lR@id0cPs>6LveP4;Cds8S`naM`E5jihgY)q>R z#qxIxxZhlrW3TC1gm0`KH&Ox4_`^HkFCrb=bxx)$#SpUx3<3 zS%bdj@V3I(Z2aQcXX&B?uM-wSQcAw}+Y5(z`L2?uCQVh#>qu|i&pR?5l~`Uns{V96 zAjSLJ9p?PGH>6-YgTo|)W+rV@X1IXQi@t?JR3Uu$spj7Nea1CItFX6V+Fb- zT0$!7Q*<;TL=?q13MTbE6{#U9x)5b>xYv8J$Y9JT}Ba{!3hc~w#Z=FfJY>%MSga% zZ>A$a!=u@2a^fFnS{?!O`U$`dabX{{vwM`bLhS?_6v^vQN>%rgUKJGQ&{W}ROoB!! zTZ)utQ@I2(REr|TES;PrzWHp<*ZQ2=AE!D#u(@>HBhUPCKn%j3YHsc;@iPFQ+2P^W znh6R}A-g;~uBUG25H13HIl3dh#k}1+$y-u-%~a9qIN7sl#6_c^B7H2@Y2J%XEuyD% z88y;oGL`SJTYdSlAkRtH`hw0sO@w$!ra0~}7JKQOVMbC0we&5%p$s+QMEi&A!1Pv{ z+81$T_$1`#E2by2&QS8lV9$U}FrC+$1j!?#njA7J8vW|$ z4xsakN1t4C{M1ew{}WYz_88TQ;p}nXBW?3{uc?XU9v@emw{glES8Tpm>*@+Yk{J0h`23$q4pfOzJZut?Wh0|ik9)aJ#i)lC z{nN&J8IUU=wkd|7Kp9PV7)?y;R&7e_$M2ZPVD|Wz34jraN8SW*u48&sa}c@%*)}zO z22~;19$Wo-wCZa~A6RFySRuP5hOQ{5xcs|aEp6XUg~wK5D@PJIIYNZD2>|GoNHFDPabRLemzUH~e_R7i%E<*S`**;9TFL5;0X z>cfZ2fz^R7^)KQH=&7iLtVC35{GG%7&R?GR$*D?gBTGg1mNeK31O{t8@ z-`B8Vl7Rrw?bx*-tDOkT)>HUTjp65KzvL3S<72c>8Y~YMJO#U_h@mckc%WxJwY@#F zC%L376IXO~VKhlr6?0KL1sj@W7^1JhuA1DvVj_6CuWO&s{+Tu zw~y5A3#FbVJ(c^p^IU^}CmQ~8BkM5KV=o?YSoX9>CJuw#B>BY?gOYNdw};=Uo4)%x ze)qUsI-avk=)E|2-k;z15h>GO{t(|!NV|?%nnRbZ6+n8w&V5YPT=B%={kH&ljQF_Jd?g*+7e*`#>ScRr{kKckCaCF&g_uo_(Jj z2vW^?JM8j>?5CUtwwJz#RC7&-pX|K7LGBV@TiZQW6OnE?CnVI=!!?WWLilpIL?N3sMNA>Sr=fbcp9{+QSe0ip_&`|D zq?2CK!u=sC9>M3IFSY}vmVZUgmVS1o5d>MGesfat#Yj>Ci zR9{Eor4|XM=wkZRXB%N=i&G0JDDvq>(Xh~>;x0CS|D`HmAsf-vTpdWB_v-UJG%hBC$XiG zT}-L&l#!tnR~oW*QQpE0q^wtnBsHzZVo#C1FX6S)k?^^Z_v0)r+~pCS>6QSnsB>Ku z4+;7TWeX$bk;grTY#u|O2C;t&+9ob7jeq8``w zv?e6^gh>hOE=GUXHkcxOIZ2tx(EZ|mmU1y&AyM(+G^pL%96HBVlM`;HZjpc!EB)wF zQh$?5^k8_dTVTyvnnYmx9%WkLKj`6#Nito4=M$S?KB7cA^_4Al{ zIHBEkLKzciF-9VoSekz#o9)oxLxB?51t`UhU!P}YN3v2}cn zgu)w==}DP^w|witgUVi2k#?~ZXHR2pShaK^W#Oz-bv6K}*9>FrYkGR3c_JF%w(h!0OZq zAo`QRWkD4NZtSWz>cQApzoD+V(T~=;*_3UP^lbY+!;ZFTGN9-T`~NHTk1QHrdl*eI#!VTL;*8h3h}_|vg2r#`I&kY1A1pM|#L zs5SAV9`s;5Qn$E{Ies2=`V3z)aExt3<2ZgmGhwKy!Rwva5&g4m;J;swy(Gf`hb3(l zV@EzVHh&_(203rQm8|E%#I04o$=Z{PmhF%`O_YknDxcdJ?v1ZTM154@Xye~?9F)`Z z-gQ(V&yF@y%TkMvOl1{36Jh8{rA8wx4{2}6xLHVQ9y`RiOh+C?EAv_$UD-4e9V=F7 zGaQSQP|#gX(0d2>UiOp<;LUNIS5D~O?cb8G3=8*)+2WnBGs2<*Y} zadK~|S1v6hr7Gu47v5IWi0kBKLp6VvHvBjo6~OQO^$bwh_8z!7tP@agxS7gzf?^Ym z1%Lalk!dw*0;arK3Q88)qCx}8`_j8U#c`-0@?m1#aC|dtr4D{Bx?-UL4zm&kpilDj z+sOnDsvRU2eAANCW)@%YLg1jCHM~cqwy`(Dyr8YG)i902Z4(l(v*a8XBJ#$Vu;3f^ zyir)iT`0Zyg%6Va8V9q-BQlx|2C3O#cE1hOZHnb0yW~p#Se8))iEOos1{GPXP?%hJ_Ft@`c1K&_Of5O*H zv*Nhu){J-RMBIz-a5FlYNniTteBQo4O30;{jSumD7*yb%?fFl|vQCgJ0GXjAb#jH4 z+86{H+8Zm|-@?8VskLW|i1Q?>@dTKJLP9c@-q%xM0EpvioT%1rOL2KPdZ(K;5)ZgypET9Dqk>=AfncJh?FRt&m+5!T}(*Ahlbr zM*bQmoJlOS6z)$-)4WOh6+bb@bPe3spD2H01t?ge7_zG-nh4mFolB25o2)1OITWrv zFqYIuiFA-;k=RsK7M0{2&IS%?M)FN&(q`4mEA~L0{iuV4ZHI_LzqC$E?s8h zOl6rwV{d_zY$siqF4pcH!kF&@$FS4^6W5fva+|^%k?XXFlRo_gs45PS|hEMo2|b@prNhpqPG`{9nx ztFIceeUONMem-T}plD$8Zy^Mdp-_tpo_eMLF{pRlcdXlYR6EFGth!Ic+PB6f8B4x_ zQo;(yhvZ?Hlj_Q_zE=QJ^GHl;LK;zAiZwQ^(C4QskZ_j~=da#TWASqdD0z3p8`@T= z3QlED0%#}%DFA6KBXtS$sBR|O1h56eO3EpYLeog>8HccXpXp4Z?W_mcO~+-15Q9(3 zGS8nPz7+r$n2InzN*$<7s@tjJJlLBtDx|?A_$AGCIXTh7rhG~`807KXitL#k>Pt%6 zhcG&+F+;)i!6KVYn}~vZZjNig9dGFC5c0w-7r8AI4e3J022`RH-Qz;>?-b6NB&%{C z!nxfsV(}De3Vv=(7Vs(ffPdHL|72PyZF|iX7Q(F3FPb!TCG!JXU(kpUV|n9RY%joR zATDj7-X1O#rvQ9awj#b98nu@si2hX-$Pd%J-@>ux{D^74t303;b^@H(%36u`2kMWh z;mrgv4PtKvuzJKi{!c69e-g|gOC+#m4#S?Cg`ArO7n~bNKFNpiLM^_j!>mjK)bN7D zahXIEaI>xuYWXjyPB4W3JUhQQtH_UKxaeeGozF6y8B6b57)2XsU?1m)aC~8ADGp|q zs*J368+nP$R=6VGGnxJ3FDy4t9DnZn6RDGAW`oVlLjh5YZ>`c8`QX5^HB>x~_)fF9 z=bAMLdJhwm)pdNsEBs7*purKGHP}5UbH%iPwx85b19eVJ=1cYoeQPhCq^^i6KHC<_ zcDH9zkhCic30d$&(EkvpE4xgDTX+lp`;_+Ilz&EkFg&R=D)xQN2=bLMW_uehGhuOC z{N80t0^>}m9pV~F0C;&CHfDbPsJNi0uE<-h(V!bcfm~*hg9c5TviJjw_cnpA&LU+S zQ_LRO_Xb{2Zs-CuHh3=Kt)|aL7hNGIx+li(&k8+MC_+8q-?le&H+N3d37INUCV?;o zZE}b3AWo|SSR+4WUIaqNOn3*O@=SoAwGMsTv7DhHUr4@p4FF(6>E5zHi|THkgQ^xz|4B{*nJVOCuEG z980Z{#N{1o#!8_ryNoLg*Dw~k#~z7&q^oJ?i#JcouDrPM#e%H>NpjO#se(`KX{`s! zWJY(g;by-$23nG)oK48)qy#j}r0dJW>F-q#q}=xVq2yb#vuq00!7UjxR|5mO4tPYS zjtUE%-ifaU$MmSgHh11~QI3aDu;q?>rjW{#O6dIzfiR8_$K%SsKY#t7;?+M%RRP)% zvNrrpA`RSgT$O>F1-hFBr(gb6M>qf`Uqd_$3N}!MPmF~rpn2#6m>Vq=E>H~8Ag9oq zGYr zPonk>WZy)b@REn-;87nGu9qJ{g|yd{$4E7BnJiI$Pcsw2LZnjai@=#0nG^zyW208$ zU{ji3sYV(pxG1_P0+sE$W$fR_^eF9Vh;+DH<-!`DsLDdW$+UeGDYlog`VJ73icXO> zkjGKTU!@r!3AscKL+hA4XG$OBXlot!w6nv6c<8 z*xsZMyn**Wb~hRe(y$&^|7kr@K%7(a)H$4h8u}rmA$(s!y2oJBr&DuoFN2zbQuba& zk+5W@K_A^vh%hoZeWS2{>LS*|li4;pJ1b}5T{8T=y~ygUOP9=S`sWJOyND0^EP>sq z-i!@9D+>*d>*Goco9zY3X8(2{;Q!bnh#-YUp6nDQ^tHu;v0T&sv?iUTJ{hBTluk~P@NUacfRc*^_ zEQKCS_xzo}{>oCm zII#r8eaO8cwEGF)NjAH~&l`Ns8W^0Ge_Eo6h@Tzz>^u8vv)lz2JCB3}s}yvjj46|n zvVLUoSNqVn8jK%mm4OcHsUs_-laq-YDAd4+r0bGO?~G@Zk@Yiugn9^54Ntd+e|%o{ zlV|ddO!+8!k1&&*Q&%ypwcCdP1*!?Q;N!$4*G?Y@-XWx}ekc2i%t{`%s&y;0C>z#j z=Zlreuwe*JLH&+?g~~cTsZWi!V@~K1hM4Yr4Wd4`bHKw>$KFE_;Ch~@eM#@Gv1gvh zi^VRx2GSrqa;(Thb7bhD;)Tli+@#y`dv$Pm3hs9hpu#FDtb-*}Dk)LU2J;3PFk4@6 zV<`50C=_Y3W*^Yy#PP+{t&SLGr)I~?{>#CL9MC3ai*vvG zFA^t3dQK%O_0C}!rJpy5oi~KtL>kKGD*ZVB$cj@>(r8W5Sq~ok89c+A=nphP2{Qze z1NLm45rK9>ljL_1iJ_s%M?>xbTM@YiyI zu4@_>bZR0BN*Vj7BJP8rWi5EU6E^gsz@Ap9M1jy!p6s-|J`xu&(wexSY$(qS#)wQp zd#V6OKHQ=jh8j{=C5R7L-Ofo?D(rDnsNkG8poqxvNIIz86|#G*7?Q=TIu@uwjmmtI z9NcJCU)22*%&HUxr?K!WXcuu#eI;kVpjvAGT<>|`0`CIfEV?3=3He!KgdAZtC|<32 z%H**|e6m)e5IcnkXjs6uf2&|=V++x`6H zu*rHGx?INUW27TbppY|mu3e04il3!5$*HEzZFN=<56O)Y8E2Q3C66CS0WDm}yQ}pF zB_Z}j#|~KuYMi9}#`H=2%mf0AgWb?-o@@`~?6P^~SNwIvuaA z_1+j)T5o4uiEx>Up49ZSk5!L_Qy13$BVIoDK1?cE(naos9z0j*bRkobQN-ZgSx_$w zzS4RVf|ZD+iUFB&i6sUCgany6Z_w66WkqRm4l^EsTdg%d>`Wa7U!)zym>pD_)6HeRNRb64UszDU zeiSG^Ppy*gGFz81I@GD-?UhD4H`Hc@%GwZSKBlOb@l-`OP_yQPdGKaF zQqF(1QTF3dS=WSQUKT5oE;%fgdZ01{R0v{*kY6F97Iy=pDbu zV68Aku;lfzWXJW%w(EN$k8A&Cp7Ls|vqBeB&m|>pLo8Yosa^lpQNe*?shusofV;RI zU#(>&69a{xU>eUCx@j=ZC4Au}U2b4QFy!uF_sDo4nJbczI`;%4?zS*l|6VV9@_@a$ zylbka<@HAK5AeXfp}VWC`(8Blf&M*P5Qk?kj)Jes-3y#q#KuCjQcMUm5~j4(v3exW!vjFoa0*rT+sBm_?mdiyk*nKj_f`C z6zf(_(F+QVPhwlQ{g;V{4`+R=x6#tHwX3d4(j52pyRLlqg&zIuiG3^`)z_XQM+s*{ z;XOwQ76k@c9itbwPRk5e0gci%*QZ(1m$x1r9nvSaEK<)-=jV?S?j(ylqBfozVPOR2 zx2<%H#%~%{nYt-EiCteZ3l6L+UBbvNs>Z~%di7&L#!p;~TxVKr=%-2k;!zV?%1gvJtT*IX7$q6!b`~auoXq4z1 z6?p~qsn&STc{m)aPq;-sUb&2m@$5lk3rnM`KnQAH&`N0?T8xwD8&Eg-19>>9GO44AF83NHKOHqcol2`d1XsQ=);-x?RuR|RQ5^sJ@s$3torl?xAM0M@ z_3N^YA)S~$v4a`h=%oBsa4|l!Vv78f-LFkhs~MdxH82aD^Wed6H%LN2@+LV!cDB%| zi=-|L!JBANqD)WL%0~AttJ<8d^HN)CA>Ot(%JQJ~tL0Arxry3&mY=TaSj1W{FB<}1 zPG|N9BJh+S*Rwnyt%eVu;(nWE-%P~^@;i~DY8Sn{T0?cH7BW813mGkw-#jw;4SDXS z4)*~{?&M9|2kwf@1i;m1mN3|~g>`*=k z&#mA+*Em?qd*t*U(z>RRx`5zQunOV%X&3h~Il8#q-?`F=x8j94k%6tJbJ>g1$u^A@ zPVj7S&Ta?ynDAB&&;9#~kpUh|DkiO7{LPvRo!q6s;zl=5)qUcM?WrcP&2`Gp3BZAQfEJRFZSM$wfemD4R)$Q;P29Mf!9Oj_Q2H*2 z^$5viq|9WT^%w8B(fPnQzHRc2c(`EZeM=Jqx%N&buW?F=F|O9pBr<~^&V@b=rbk!r zA`h3}nPT$*#b5DxgobamPT05NEEMdZLM;G4%Hm0K5g7&XB5VG>mU5)j6+!5h5%puN zdP6CNzSJ2{G43DL+`VL~;Ha6VZNt$a9?{yY)K-yw5x7wDM#6JhxwMFjCjmnztKy>Y zD&7B8B}eCR1Z$Cu+!yKd^>Cb4Zl^P2&tDso@@0`m*S{(_rgmw6zk*d^Tdj+JX8i?K zm|}+ysA`oD?G#*|0n_`N3qE=)Wlyj>$^t>1(8%3ahHcjdD^u>7%*`a_KVu&_+#V|! zI8UNm3MGix#p?SwRBHbEI(h#3iLjxrzSUWj42fRlzOp4n40@fy%vzQky>;C98BOL% zC%fff9Qw5sJWNn9Ny(973pVsBQ3XTmYOd>hGQ#W!^NZeu<=f~T#^6dgJFLF7qIK@O zQaM2Nr_{WbhIsX@@}=NqZ2Q=hr$(ZbKpm?k&Sj#y9MlAyE|-L$_>QtGwMMLY84NG$ zH~T{0XJ3u$GZE0ure92XKcca$RIEK}mm&cgU@Zc&Zta)pIC5F%{79O%lh10DXPYF^ zkSw~5Uitp~=F@aQrQ+^U(`nQD+h~dby07}*+7LRzrm=^-OD1BM+5`86x5}hUKmq}Z z#6ytgh%W~KLE17-APqVX0#jD84UZ68_(MGG& zZo~I9f!C_z*~sw0Vc?N(`$6XRg^jt-%@5lhbjF(lk1^UO+Qizm>IgJyg5n^xGaG!} zunif>65b!5+A6-`Nh+b!Hft2JBj6Q0JfR_Ri*+K~56?kiJ4 zLU=B*M|zC!;`hoO2AU?4*c9QXNm|eA6`5I?{e7XdwI6-aj2Rh}!}qe(=9T*NjABZB zCrk-dOFUG~71cVGPBd*IX(rWRq2<(N$)`X`&V|s5sTwjSec3uB_qb3{h70{EGrJ@0 zSY9OG4I9gXqp>o*m^x!if7BS0#)L?vmh%xUg1qjcl?tHlWjKIKO~e>7y~sL+G?Tfo z-NCJf?f}=u>G0k&a$v@eg7OcBZdUuQVpVpmy)q21iL#Xqm21wz_a5B&3LhJsD52kA z%<9T^vtlt9;?+VaxqMaC{J$Xqo?4uHkw+{`XzdC9j6M=4-W#*R$lQ$#WQ>0kpxxkKkC2m1?HY7u$)zz@DbDuXN*uI+(W?O^}J6m*OiA8c!UyY9oGLA~IW+mXPAcCdt$9%RirJN#79! z{A!Yd#KT#qz}4p%9mTHHxO-$Zf{&~uY7!pum?=rJQ9ZMN$4Zc`uq``gMaF9FQ_K1q zf%~6^dj_PZCTn`|TcN2x}a&N3$Qz3cn^y$u^U0n%W zDH5H0`GCR7b&N9YrWvRpjOo|9CU{RsMs?4iJG9dq{Iwf~Xack1cKcBi;LSjj3LK{H zXh@0o?DJd2U$G=*!ZnP}<=D|iuE)5F-an9&!h4VP5}M0*9kA{vrpU9XA6tm`T|ozIz$OLd}z7c%NfQ1%~X6<8Wvw($yIU$Uy;wqFW9%FLlJb zSm%nJe|6d>EfkJX7;=P$i-Jiw!WDhyW|$P3f^D@)GG(Leq|^B_nRUp!$-^QMlQ7(3 z&0F_#rI?=U3QHN~5$I`ZCb=MJH&xXGxDkD<0HgrdF4VNw>RUytV}6*_w?aR(Q&0l$ zr@O@eSVR$mmVW4iS#iX77U+GWm>7>4!sJ`w4B%mkP-v*5IwJK|xrQGqeg+L!4DasY|>Z&jK~&GDds$*_3a40OEjXc`Mu?6DHLcp-)CM;Y`Y|)_ONvUE&Om&j z>;VbBn>KyL(51Go_CnVV`;duGa)%;SQ4XJ z9HghB#r!%=Wa)yZoQ%r$= zpRJW&^y7315tVD78T=q06jH!8m)9}ZT&xi9AM&Xv7_QLp%p?@mAG{hv@NG_W32WKl zzbJU@K#hT6h(-89K^V%-WE>Ss&#mP>NkN`czJtG4(`vf&PC%g&5ajTYJ2?5INreMc z>&_^ncwg#dnw?WdF<7HHSkFw27$=VKO(8M%O}!x6sKwR{QO5d_*mn_z#QLg~Q6f z{b+PJ7^=+AkUb5vMO0VH-rWLNEQ-E@-gYgS{)KwvA7Tbk01io4VQ)QU zxV!R0B*pkEFH*XxN|!nI&eSv|Lx5LLUu8%+yO~)8j~-IgNah-U%89C zi%^7QWV-nBE*ry=ZoR%Z^_LVC@%JVgHb)1i{jsi6VI^hP(mMhMS+0~UlHMIh=q#hGYr6kT5KJeW0p zn?e}SB2H&AyVxfD7h;ls48k^&{~|{}i~vtz-PQ_jGtrAzLUb~>7G}lx)gpuAh}5=pT3P;ve*g2HF%FCkB>RbK89I#5 zB@}k?ypM8(i5Don<3B2X&0rM+_GMGucaRoi6YnWWE|-{q%$6g2CV2fJ7H=sbw;KN< zwEhoDxnLBBlUpu?9K?X7@V4_kY?#2*BlH`G2U>Y+B16(VXh2X>J>hIjSiRc{60H}X zQRdIPoxlIg-%c=fiy#u1 zN(c@iQZmRLHglRuCyx7MJ9L;dcb9h~bL{71;b8*mtr(SbjOrMQgAkS_W#Wo2$O1c3 z3--IF(C=SLi~sXW-7Cr1U@91mLC8%X%We8*oN+^lk6e~=m*M@V6ic92bXIWi03J!9 z9dSk9&;$VR{M}>nohN7m1JjeQ51QN@cWrIDGc)b|KKe}l-B(*}VGYhmC%~yMr1fEH zA!9umNdEB5(K^|szXQ%WkwVFhxEXilR|^Sd5$B1h^oE@m?$<4d<@H%EB42jT71>XO zUcR@Ru{?m<5WIKlWvcpQPYjeltp2NcLU)Bha{A~AT+SUh{5l@C%Vdj(&pSgzd}sW+ zkhgyPRbg??p%`01Vd?WhHJ3ZwR~_c!jurWdpe~G}@30ko_~|Tfo>J zPd~9oy*2C2O*oAG?d>nB=rK%~WzGSO{%o<-0NNp8TeiAa{Q#p$2#>bEodFn-6qp) z*OuQ~miO`)NxpJIz$GErog0@9THT!Gu7Tb{c{DCPT8w_mRVIhVfzsx{$Nzo@%Kw~) z`0N1Q4<|xDe@7FQ!!etNafz+a=0m=VHjQ8;4ZQMae(3nbn84`jsPvvSR4$XeyKp^t z%uXH-Wch+Ft-a0>2ezhYW`%^!LM0AYw0pe*?;x@2^@P)ZIsH(W#&R`fZKCS+s-voJ zUmedb`F=ih{1eyCH;r%NY#X7?2jk=3Z#V)*ICLnYTvD*vf2yEF>Wi#3%cUcmDWvt> zyf{ZHJb4}0f?)fVKneL}XrCgp%gsPMH(B?D(l*0?*f;V2EYyjrB||LbxLbt~fmj4( zFz7fxOdny;^>wV&tdhC@PUC3mThiJjc&(6?Z#yv%G4R7DgEr9Ns{^8_Oi5B#oi>w( zIg;b#>c`i`^<@s@40@|bPB{l`RV`5e4*Y$=DeyeSU8W2J(R4Ll^wq6<&)RKn&|2iVde>>%UwMqg zKE|1adri|TV7;6H_EhV$uJ%LeeMv~fZCG$=^&F#~=@y)%*>>MMwi|#-&7CZlW?h({ z?rOroFZvoW@X9xpnq^G|*?KpfUXseQ(Q$yZt4zu8`J&Aax-)PwDR zphP5;(~-yCOHOCvU5Z;iZ_lFjJ@wi@ZmmHArm@*{*Ikjo`qaMMgrD8%W3RzabT=Z6 zEPZl-Q?caFs*K{GQM2P8IWm(eCFsxhu7`FUURXyJ23zGg6o(BC10mlSBw zor03Otc4wh3}@aDt-ec}_k*9$B#~X$Zyw0_Mu;SSP1(g#e$UGwkM1K$6kdn*dVjX~ z%H;R`M>^dzipp&0UcqAS$3Y3j6J(KUSpG#?E|K5x6!l-t5DP&Z9!_`|_nw2VpQX!= zumX=_k!i2TpIp6tN7jt`6xYt_WP|Eo)gq+Bn_Q4KgLrSKrQs394#i*6m@8dH0saz97 z&21Jkiw6W;r`fD4^)4QFf1`U63Kz5ZR$*ORk=Up0h<(}mRjGzHHl+2V<=a*B#3sup zx&{OZ1~$-YRHvFJZxsIyPliYWz+4d1-0Dw?gOzELh8)_7PWXmLApG33PBvtM5Aky* zT1bbS zHkJhEuV1XiN|x)j(1UR7&VN0$rD7*CZ=)-cvjp1eyY@CFUTi$nwG;|^ZjII%cI^KZ zN)Opi3!eI@`gGq^i(aL)^ljw^{$l>n#+a}g1bR^s^v5AOW?cpvO%$=ksw%F%qjyLS zM2oY$LcjV+-_SMs0tVrxsWO7riG6eO&lh}z1A6Lk_1ZG7Pn~9tTK{SyuC}m&cLS%7 zRG(KaJY832qtRr`aP!rX$~kIQClg;0R+DI=_d0kdW3hL9p};w;kkR>?WKJs0(%r6j zhp@pYSDDC1h~gVa%`3R#;$p{3*IIz&5!*gImLPldO{GOvtdY>3pWc)i$8v8yUD109 z_7kA{LIDaTjn=+Ux#n%!vyW6J`U%rRnKnhw?T$R1zuEoO^u^{584MUZXMoJ=x`ZDl zelvPvA933%1$JvT^^-^XkmQ%m?oq6eZTedAw-#^vKU!;BV7-jIswsbR;Yn?h)}s=| ze?*1Uv4Jm)22;B%g7^}g858{S>0&tEs(1gA*VZr$`N}l%W&C{>s$o0UfkPWv-B%<) zal0FXzU;8MesIbg`cDlr{yPGNYzND*rR;juc)ikmCg-dC5^hvl?pLR;V3vmQ=X8f| zYZIf~xzBFrIrMw+1|IAg+ucwbNwdK33qCqLhvnlj678R?jh*HP_2`VK{68J!)5&o> z6U}c_2}6Iq_>y!{QAtoawnq?|N~!y*<0vy2KmWhH_&*}<|Ndhq5`MZ>>8n^dX$;sb zy>FSxT{f66{lv=JdvNH@@yXy`1388d?STRFH)Q`GWAE6VY1B1~c5K_Wc_-=EM#r|D zbZmEQ+vqsy*tTuky5pQY2YWy780W+O0oRu`=9;sr=C!Iw{DNu78kY)aa3RCj;#^4S z&`nW{8N_&ZyrcJ{#51OZB4eWe!Ik((w#!xns?#5jN@{k0@(8;AB#4TW5+u#wB2G(6D61$@@0)o!P`5uuV@$N-vh=6xxjs%X9C?-1ELtCT&G)`DsD>T z+8migTnNEa&kBi>19PT0&7 z!~GjVSt4q<+3#I8%Ft}4rLFmMjBtaqMA?#F7VrBQgoIGYeV=b)+?~>fup+c(69Wj+@e4w` z%Y;lqSADT3=*R|ChD_o{)^DFh$*w$YT1o}&|Bn!(U@od;pC(4B?p1JOW*e!H+&E!% zJH!Q}wrb0N3Pj@f$vxbP{iMR359-_MTuf6tq`$m5Zbosz&mWeGWc4C^f9+JwS`^vkKFXNDgUQq9t^eO4z_sq*fPeI6eZSM(NrRIAti&){%g$M16J>_z(Ndt`nmO)>mjQ&Ow5ygwFrhVfj9rQHFQ#I+n8M- zx$$!1&7zyDD$OBY|SQlS&?2m08oH;X<$tF^RCRW_~)9{&?r z%|p`{17ldH{NAogjSufUqyE8un+4;Ir``FC(o3BPr=IhEWlCof8HhbQZUCJj`U)tIV66 zy?#yEyrjO?QMonkJ%zcF&rjt%sS1~N)%v06b9tWXgSNLrnatqYm^oq_FAj;MvNgTb zSmmp?zXgDQX=!yiPtVsGUfyB*n+q^*@AWUv_gA@ldp&wK`%d0*nQaORxSC2eY66!L zfOh@A>#g0|{F-qKWA}3Iw=b)sUSCGMmwib-=CH_K15K)d-f%R9+w;8I`v@gMBuG5p8CC>%TotGkC;Ju=e6QAp&{+qI?)>U z>gceW?0~jjo3GP0-v1`eH(w3FlHLSz_13&?pQ<*Q%kLDZPBnFVD;GDZO{;tiTWHJ1 zi5@QlW9*^yVK%d;}`#*`NH~><%yRA&1+0lo*s$T5P&7(7t8uOaN{Sr*=o-&xYEA5-jH3IU6xqemDzf?32Fm zL^3Y}6|h)tv*AVQr5JcvyNzs~g=0pcyj{xUYK)AY8y;%!HMD!W7(8{7!oIo4hN>~C zlze3Fdyt4;!Cq&pj2$B|X&M7V<5e~-EvQP!+H*I7MolxobOvP}bhq}rr;GL=tz zd4F->_9$2TM^}c+u)NXWwU(WpGyI*#He`I7(VL@nU z5Rw@k=nf~_C886_zl-!wdHRFSpLStQ3&0J&Mn;W>DuQD)>)n#|uzT5TT&v$V`uNZ8 zf9}gyDM#9JsADe$1p^V+1M2U}KtQ=&@2umjwGzxojg4GKCmH%}AksBiUh+L`2MKUa z?(qN{e`tpP98)6n{}!gbC6*uFN;{TXl^h8;^SnW?2+zXH*8B|x6!ZiY6<=+@qT1xT zyY^T6qe0$R>TFZH{#ODB>WG6U$kZ!4^fIdnEidX=ei>L=3hBwS(Vx?+hQ4w0!ob*W zod|cerb52L0tXTX!K|Uykse*Zja<;f%BG!S%@j;vhja0pDnB|9NKOQKb$ILHb~MJ$ zS&rO&L*BR7v`grQ8c1|_wo|whn|cS1X}khmj2TVM(8hr1O(4mA)sW|8?f*kzEgTmw z;CXRE7Y267dzVUm)0~K}Qtk-0%tgq#|A$Ia?4&3th?m#eCb6&O@1wil0kh7>y?PTc zr@M1|cB$LFo!K#gEadVE&6n0XZ20RTnhf{5uL1W}lU|2+xB*W&e(pzY=9J0C)X6d; z(`Qg1+CbYzQQeu7o-Sp&Id?TWlT5lz>lws{Y2m(XxIGQhAZtMzbvGQlV za`^|EZ+GV(7o_!^Kt$f;REiddAKTr}Cf^TL&$*TeH4Uxxoeqiry9N~Lz^6pU@&2h% z(&)ggH2~}J-WJx8Qf_oJY%fQAn(w)Gj6{8rm=A0!X|Rn3>{X5CX{7pZe2Wt2>$cS!ZHXm zm&_B2e6~&(eJh*9mv5M1p`eEA zi`#d2eYEF#wzos3`pdK%C+_^|FvsC19|1+C(8IR$oO@HU1*f@|j)XTK$-&I_=8^n1 zry_IsK>n4P-jGk0X1LsS0qa8R9qD z^VI_`D3|C)xfKAe=o-Vv894{q6)T|b;T-yd}3p;BtK}Ka; zWnB%(ad%24k)B#l-J@wgq=4lSP2@aRu!YN)qeZ+k5v<;|kfBBf8HF&>KgH0$&lI(` zcGMZTeH7BVWadLb#aRUqN7Xh$k_0ZEpffQd2SYTaz!=Z`bPpvqiBe!}Y_acTJ>&Pj zuEo2G#@>G;S*Rn5x<7aBvGsuY7c%}^DQ2`4!yc7u3BCELZRd+*hHi z1a}OA2^&T~yX!s2;yzJHb~5;6gMEK&)dasR-u1!^iIp9=7E86F3{;p38DjyGP~Ks7 zGg1rF`$I-%ek*8xQZJFH&x(l=Q-hz7!}f%0ROS zi`RH#i16*JtT^C)kVJ!MP~9z#lHOn=$9@&o}vwU zA|7WgXnd{)2l-4$dK%sW!+1+T3N)Pnk+Rcl*@kaia=%WbvctF-BX~U=v{>9ej>z@7 zR;A?tNORs%!HjiJ|DVIWxB<{KMge{Rh+)`AT!_Uj=NVL+cD^PlVkB>Y@`1G-%ujvx z#o6seWptfdaIn-sY=Ai_2o#+$J59Ba!T@dB{UC%AvRtYvX^*dkPu*A)jmr?vvEso=1+=UDAMg}T^M9@(F5eScb|*vZ6Z)7bU!=QJ4f{g0WO;74 z9Q%1=4dhra&Dxow8fY-~XM_x)axf`x!GfQY`=k2|RQM$D)@>+4P2bdwYNv>Gf31{| zxi2#jGc*wlQ@~0qg=lk#tckxBGReLlgOZQbh-^Nw2G`#ukzM#1`q0beRObZK+MN$S zlrl?Mq>Q{)4NA2crmy5833?$qR*M?0(#JYoi*Es0CxCZc6NExwDD$SPPrW5G;aQYS zf8Z#dxP5EC6rqo)gR7e|9r2b*QEG^~jb{*qGocr|61j4m`9D{^=rUaktUTd46;}PlV81PqJKuM9yDb z4o7O8(DN#|y(9|uuEn22S+!{P1&_N}sAW8^K=nWt&csnN?%((^Zq3~%6-aNXKMr8^4Bu7ngJ$Rny;@PLF)}$ z4mcoAqt%pZxU1jxfYi2|_LpN^I_C{Khksm5G8<|fvj?MhwP#Xvh*U|(>FA-hfy?=b z@jk&Hk@vfu60hUc0SrVbA?NHFS&c8TA7_#gd98!-bpLyh2W*D=S5atQ+f{CkUE(>$ z?%)2bN2!0r7dg=Ui3wa-dT)z|0xh>?ENXPAJ8V!rA7bvlS?fYOG52!Yb=K2PtIfiD zNs%nkzJKcj{CE*Y`Af4WbQ1t9kJrA>pb4`5zro&*`uY`oQ2e1NyRe6?gAH<7lDL3T zg`fdBG(NO|xuofUkkx~g^#!Wra%i17z z@=BEBv~LcA*Ly!x(o?%|q&R{YP!{Ow?K+F_B!&wfdb*YMVCd~W@SSYEh&LaZlfKu< z`bkf^gJDx$

    3La2^%BA_M8UHUo)!#hUlG6#&5Oc5z*hb6;mHUgdi{3dRF%xColL ziT@|Ke{=xUC%8v>k$;~vmiPs5v24HOEpnHFa&&q$M!Enl@8&X3_<6m?nP=hlPxsw! zdf{DwMUIj64DyFjUjSck4a4WeX$I={Gnt}WWQ@hcLm}R19~Rxo7e0DAZ|x3Ah@q%2YC|cQjd-%zLcU-%2nO&sZM#(x=Yg6x}h%1P=oVBwMZaNC~ z{j+>7ddco>Cz>k0ZfmH=sf04rx~53m%O7GvowQVnwsj)7T|BP#Qf<;%{+Rn2+j1>f zh_B!k@*CZ3y^lM2TO-R^oQ5|$sEqq~9*Kw^rghafLFdgur^tXNLOU^Lx&iy} za7(!agI}Q}yF;Pt_$kXQPOpRYGUaA7mD~#1s3W$gL%!ap3@55DlEjhWrC9@rQ(W~{ zrHgYkyZ+Sn#wMGZr0rKfp}WHVmEIoq{uywX`kSE!(W29s$cXndL6nX5BIr<7$dN!4 zB%Ivwv+&3B>Guyg3-Oc<4Ox|yS0VqKZYffL>g3)_1cXJ$RUKnDZ>+^zv-(blY*R)h zHa!&z{F@93i=fY~(g3i2u)}tvJ@eZ7F~j%!EKGXK6eZ`E_`YY|bl_h}KWe4=^Vz z(Xl9y2Q1DV!d~-yiBKXx!$;Z}BK@&`8NLl7SO87Q29apIg~h7|)i_zZR^T_XuvT(MTI&U*45b`wE3yZg}9WJ};!F{aN0%#zM&yOtpLsH#Qvzni$sU z;jE1ujji$>jADU?I$Md)EO*7FHCSmV@%E?NneN?RPs8dP-@LBF4lRp}2=&MhT6&^= zTEOKWyVKqkl!{+;-5w#c)4T=UE7_vi7qKB7bNce%8D!Rw+gQ9e63wqdefP;XQ)tV> zQ#VU4KZHIa%_u;LoG0$b2Tvo7N%ltb-GL9_t}FFj(VMW;w&9QMTa87tnCyns&vW;K zPe$hWgp?t4@UqX-7rd+aSbUvfVgKUAYvh3$`i;g4>5G3@osQ!kkf<=2x6 zv%b6xx-lcz-TWR9whq+yCJZ68pD33mhcYs;wxds<@N+De%x7Shl7~RJHz9Xj#*mKd zrf3{lx{f0swixs6p|=E+gobL8IzK<8iHE19IXNacV_SpkfX(&$%@Zd(DnxSFYJ`5# zkj>QopuTG+;g(oYgde;lM6mQT+kTwHw!R7<0Lup1~Q1a^Gl;lI{#H1mz`&(Ygcyxz8s z_BD$Y*FJf}ZxiL`1s#g)ZnFpIMM?m(Y1$Thm4+NGzcQ7pl0FO2Bmx_ri@TD?nLkk(KKinlnS2?CqW&q-EcUj zGPUtutu&7PwO8uF!f$=`HMH-_KHV(1NsAUqz2U&xt<_?}ybW@RW0|A|X*9RKdI-o9 zuWfA*6+(8e*Yh4i$gZQw(hGHfy@sk~S%4D?OUJ;@@XrgfX9|@Fy;ls7{`c&o$dW0R z)nU10VryE*Jjp^I-)33{u#2r+p+~yt|CI(>w>qrl(J0QfSg*z)0(Y+F~7|$c;RB-HqorETr{x`9 ztO6$C;okhH(pX7ui+nWvmNF|US7T{bgtEBZ63SGAo+gL}OMEeH4>m_UnLJ+E(Z5%A zBZ^$1XpJUuwUbzTXsz^E>kLVAr4e=+SIh;QPxC#QFWKGUjU;}<>6#B2ZED$jnSjZEz^7CEZe%Mx_12DprF=Lr2VJXOi8fZH{W@rT&-iV zUKODSr#7ex_-S!q*Naep`lghY+I7oCC%JMST_K5xe(bnf*yfFrTXB0K;6eyT^WsnU z$<;`^UmhLLHp>P7P@M|}9y;uL8w4W4ODLmj4tP*5(27OlvBM17!)5B@0NZP#lA*bI z9V)l^ywCNT|1|nRI}4znvGN2s#sy+*1piau<6l4X?Ndnf`10AqAC|MKGFt7wO}&4D z)9~v6qa3U#e#<8ak_mQTOTXrGtmD9)H)-dMcma^dEOvG7afBwvQj!djvf*nIk-A$S5|siXBv2{QeempFVpXua zZ(~mN6JdEC1^DStFjLv=&JxZt3q=@KG@c;m2?wDZs!(A*VHp=&5C|q0bnM4s0g5G) z9HuFGcCAjQ>Hj55;KBs369y&=>=kpl!CQ+H))$R(qAn+VU3cp~owtV7@*^#8W4aYG zBAEtnW1x4HG=-9+y%#;n5F*$4pjG>9`+C>t?{BbWT(W=fGsBWm-#Qb<3)Q-jNPQD&+g`T@IF75>|@FclLB71u#ZtW!Qz6HYa{ zxsKOEL%m(T%qzQt`8CYMn2dqoO(zK+FAbC%mJ#7-ZZdGetd%pWM+%%?=n$5e34;*4 z{n6&y;2K^3en)E#Io0{ntL;W1M4Guo=d%6a(0UN`Hw>Z0S0j-%zy`@Y{3n^_?|XT9 z$!s`tT0J#^wGMx(_-tV3hyZ^A;r0{!J8g7iC^hJ?4W=X=D~>t^x=!gAH2(~weQOAM z2)?+u1jz+*cG=Y#=)6};{h5wQEgf|qBJuFS`qtVkud+_g9AhIOCs9ahC}p(b>Y)`Id`BKTV$UN7$5NyI$H-h3Cl|i^@iC2HlKZ_Yd&_ z;v+WSIG?l2Fjyj=jmG04eg%$9@RbN1YZU0+s&CP3={mg;vK_)#O z#BL0q=ZFtVDKE`L&&9OAkf0EBVWgg%8+xv61Q3L%5Gv+LD6eojJD@4xO_8X7Am^GB z@Q=?svxKa7=~_6K?PzCZf|Qv)!-wQdpwHdra@Yg7&&<;AwuF{(S{=l9b&hOSDCdg$ z?_S5>K{TOPX7Qx4-A+_omuspa*U9erv=s)(=HA`kq(a2JzW-%-1ib|JYf0Psr?h#)rLRj#ja8 zZiLzABy-fu(9JvT{v&(|dz5;31=63fCShaI3KDt?!ki;RbMoch!}+?bkB!<&`2K&=T+Lb?ku#0AwBYVhS3l>v<<}t{J-|&p5uE{( zSOkdR5Y*s3k2oAAD?>NulCjo)WTD5g9<%IF z=R;9K=(gOZzg0wDnnvLC%#p$A=guQbWv;YboG40Q$Bt0%7}9Qg@7Qo-x1(zj@xhok zcg-)ff?3r{xT>fqU>(#GMh+U;C-sFJv?bN@TuP|Uf2mtG0MK2+FV{m`Ys#bHM?542 z9LLR}Aoh19hjdV=(Q5`c?dZ2(9jPN+8&q%XU060W!$H^rUo#*zJgmHRPWwKuWV zcyvP0e(rS<+TPOyH)7-cMv+^%flj*00(iTqe5(UJ9yVO^^n1aJYZ2A~nEs>5h;EEq z{`DmGUd${Ah~XPtwDzIzHZ7eTqqK}zcq*D!Rx+CG^6y(F5O(ebnZT!gKEKVXzx;>` z48*5Dkl989ey4N#y%`u46o$x(p48>Fg63{lXlq#qFgUUrw&df$kZItjq*7ItiTgzd z!lFNka?ZZws(oA1t2qg$?IsSeV_}lsV~>xI+d0;`XYk;-E^jrQUZjG7=javi7)3gx zNA@d@^d{u-Y1asm$Y*9IHez(g(A&4+91y8Or^4TJ1=A)7BjSu+6JBGBu%4F(rfYF` zh0AT&8>78m=eAybzDlT*{hW2=icws!LPjOx^8x{-cTB5%qUxW|9gt|jV1BmkB`Pts zocTEUfRYZzr^mm%c)V@2&Dy5pBKfmhAgH}Yw9lKSKGN}T;+bRs?b`An5`91cP9%Wn zFVrxbv1n%&~upOuXC}41k>?HyQFeBRrYDdJW%LFRn950 z*kAWzS%@6a!Iwv+Jv4TT=)Sd_M=&S_cpI5V5D|+YyP2Vm2|1yTN-q9R z*xd|MUNXpw$lMUkWH+Jvxa(9H16Zm^f0$v@3{&Z1*tFsyOS9=8u|=H0PKzZT!Zjhp zF$(4c5SGqe&nI9|tN_#xN`3sCZBAfcheEr@9Ukk*iOf3qQKWV@dR$yH06{@E^lqW#nIPVri4mA@~>E z%R~zcCZwWiPLmrQ?$G|c$v=? z84xQ3pZ;BB1q=WRN9MC>0n#+$^F9@TN&-bWZVvcXx6PSqZH7$X>xN?g z^&vJbdq;BnyU@<8&vVA$8^P!I;>r#(i1i>D(#gycLP!W*&|}JqB|%o5W&@aZC3g32 z&MAoa8u+JpSZLH~k&-d_ zoDrrM-HhMUd%vge-JkXzJpf2=Dt|3XPkwjXQwwNQG}k{px(HE&SScDepoE%PTW9W% zn*J)&T0G<8?A$R^Ux5Wt`?E2(gxG))*9dQ$u2D1-LJUz@Klv=P1c0wN_lDL9I{T;{ z7eJScp;Z1OKOxo?g;r6a5V|?$m4gh-9MDd;Kr0r*Fz1z%Lx50uk!1r{VZuk%UyKz| zL5~S7cHRUg$1` z@9RG6y7Sv$j8xNZ(;h$Iz!ISgDDHiI#jmn3Wc>Mi)zuARx~wFtWFV^SlBA_-tw?6Y zegO)8@#y!t2QOV1*DymD6MNVqN{v2F4ybFv8mZ!>=Z7ov#(4H~0VFNnU#_EKAA1J` z13G_2W6c~byT)7x1XH}fqu!zUFw@lUob27vZRj?KxN!sTewb9V6%=+{xkTwe+-mwO ze0C!YbEx}GEr5<6>!C8TMjeMZYpGX$F{!&L+;+yOgKO?0VpeG%Z=dzhVaC`Wp9`6p zdW;O}26LzX5{hPIp&hDn-c_{)U`s#0CCH9&&RV!7lu7w_Fhmm{B+3SW^nL(kZRK^y zjKH*;;8H-F^!ZTq5((Xwytj-=GDWK2d!1O=HUhn0*L4`zUT83ZQ?hIT?vH>yb#*Xw zH8FHhDe$r@_emo2!BH)EvutY_MQvQ$p*Ii~oP2R0zWd9)C|3I0B*212BOug&WE)hp zIr;NW6t4KROr*E;a=s`IOoaxbomJ{cwD|X54?DO7W<&`5oOUjl#VR;Ekmbf$yF_ml zd35$N+Hw6A?twy5j6qb=T~Hfv7q^y9W;T{i=m~1?A6DU5;=HyzJZxcT#eDqS{h6j6 z{M^S44@!Z&O9r&YWqAH9(MCh()obhP8#6P+oR2MkCD?EYl-{b~T7U9+>myd=EHMQR ze>$ZXl(V>q@Vydqz9gKk+>Z>gZ0)whR||bGs-9v(Ut%Rp3p`NkVD;Ax&fn98o=R*> zA}LEc0CmZ08KHX0wLM8Ncy|D9iCm1glG?Je2~CAR*Mb5_e8t84puv+PRMzZ9e|zLU zG_>%_Ny;IL^V@hgsD8wAv|Oj~r|E=Gm^h5&Y5C?Db=&#@RAjDc#wB;3jgl565+BDa z*c?r9#fQTT>&s=|F3;`VjG1pma5Hu9N{pld`;nH1o&Z#j5O=m%MYKV#ySLMqa8yXH z{x~ibbmt+CbuQ0?x{@lJe_h-_gr!Z#z4WuKnl%puF*J`H(+iOSJ##v86c*|pE zgp`L|3TFFg#EZ)w{BgHwZ|O}kcc5PAnk}kol5PX6_!5%rW!&XWb9&=YUEQs>A?l;H@O98=#;Ou*2iY?c}$^%*a1^;UbLTmL*liJnBbs1$9$ z1LwT#JW|CMA zytOXa>4rUk6~q?1$QqeYS6jyFjylB_C$g*2Rr2-a4$5>7fN(sEmpF?Xl@Zg0*nrcS zjZ8XFE(EJ%6E?PoETjtu^1qN=9xCX+9RT^V9KA@6cNs~V0AY{kQI!;cUwgyZ1b2aY z%%>13ORHuya(W!48?5Bm5{)3N(;+XhgeKuP1?RHVmlISiJ)zvM1u#b`TzVNaG1`>b zXP)pM>we>;x0&=#-m9%h+5{}(BoI2stu>5LA=L`tpz^P)lF^fmS#pAywKCv5g{1}M)=>!B3MjVF#7R%u(Fd^OAtxa5}N0|`7R7du{xLS*b_ zG}5?j1bx5$vADTFW=5`DgqOg6UoH{JH`U zr)1{F#)a?gFQu|TB9)rn3s^sqPJ%0QdBketxaWGvk61CezcO1qi75TKC>$0=#pcto z@V{U0Znw_6Nm8ET>=c`LufUIrHId;BnqRF9%S;;YLmfOv?SW*5jRLBXiyjq;p!hZdD-XOOt z!KUImWF`jtq(a_c#|RXj3epV$reoS161`m=Co???%K;gK?!ZkEiVPBZpZ_7sVuH^-O(&k$G%~CCS%DwM zdL`=AgqhJ%gF7OCw)5&JA%v_omrZh}56K{dm$*uy0)_2y=&cf~D2YNQ1Ag34q)*xH zO+LC`5b#Yrrn0o~PoE!2s|1|kgTU}Ccz~6=AEIF2;+>dS^_xIQ2xJYEo+ z_zuafT}3?Nk`6RvU+O`Y*f|}7xVV}p7a_a@H}a{V>GQ*PDBqP(E}-HVdi#a}Lxd z=eYv{L``d*-~h+lozlG3!8r*o>)*}-b#7CWi!hzwU-LW(8q=@hnW07N<<6TS+D5?# zAh6x1UyNpEbyX99HqvI*dbp z-`iQNYT=&ibV?*n7d#G~MkQ-m(SE_$lVNP7V6JUA{}|p5)hW%@MCHf6esc>&0v#_d z#N)lOjgZK0xeF=~liXOGRa9nA?xTDa#A~T%gmlOLy>8iF`RymFh14$(Ebsrg(v(c- z4xf+Qy%8C@+7|HH^f?Il_zW&f4zSaRIbrnH>X=eKE+dGzHWk})^jFZ@@)%d6HccZW zqq4}MtuU@_cX;^MK#Y(EjlG>9wUs>g*@+zZdO-%Y`I6~;6*8_oBdx?sBRxnm-N_L$ zUkZ060=!gEaL0N%It4%uQ-cQx@1o3S7)~FjMo|5wdt_+R{hhI5gr%ENSL@qz6<31T zh0XIJ?L$nE>fI&w&Q>z`IGUGTIXN~cRBP123UdE2?nyKaJ%@*V{)LfgN#dv+g=fp2 z{rd-1z$YT@shkBHTmr9qum}4+$1()Ier2~~Rw=S6p^=6a5Azz>J;*tY-@BY2a;}(?+t~UkL%6ql5fJk?&MoeJ*&>L*mlmW+v@a| z_BY+0XFR=cIX)%^_>H!ddf}K=!d}bOwWjIDJ1rDqr>UE+ambE`(MP9u7{^zBv1~r7 zP}UGTUfdC_hi7=v6S)OgkE;u&eU9Qq=B|);DrElGU^6&Irml|XR10Mf z2x(+b-0fo?HCIE;F#iBY9OU&eoa;o!7cNLywt^ra3^rR*ceEJo+W&-svXvKFaYGJE zt2SW3gMFAI7qb}Z8zXazMBZ`A+75d@_AqDx_$obe6O$bqtHcem<~RjTA1Vn7URs9T$_9Ca8+i5QkS$w0n?<4#Sa4#T)f&sPo2hu2l3N^6pnY06Po)bLsmQo z@_Nq>Ywd98p+I}j%%m~#GV!SBu<(AWSvPq7^Hbhnaql}9Z#P84D4{*J%GM72QV!!m zR-kWCi0{lhiStgZ4B9J~a)P3VT__Amdn8<8DW0JKeqS}#3q4F2k*v@-9ujT|0hB>6 z6XISZbm5Mfk8eMPc%t6VePr2B7ZTyh@L7Yy{TnBmA0a|KS;$d%s?jNGP?)s5bQvN< zfhT&ryfYNe$PGvh-3#3Z!_04(E|Zu^ag6XXcnp6MmQlp0v_qZe_XJnm3<)#SBeXO0NV5nidfh)t0I$mjFBzWIM;gY_St!l9-4 zMRdNmGsPP8zd8sh4h)aaekFXvP-m*UW2u!^E`^xZ(H1qeHWN;4iuI+pW9rPo(#(nR zR5obAOI~(EK^~r!!!4I%gPX<;igovo`~9~buHING`CO1C`z`vVu%>GLF4jx=k}_j%=)|=%5E|H8K2CUPPQwdXZ!* z8E|_B=`pW@l>lr|r8WZ-O;qYf>A-xn=D=nJc@42?m6Jiz-Wf6M# z0laX2V_C+4e(a73q@%=sF3_n>Cel!Sbjj=S9O`&0sO{1h$YLRRD z3;2g#BY;yj_wEAL2O-YCO>BEjv_W+byT8h@x$t}M2fMLQ@|cRbH|BW?7Na~?Bgrg2 z+;R*Nm#SV5`Gm~!f2|$Mpuk&lbBYddr*o+KwOWb<`tLO}x{Du~!IQUp2q}Q!lJ@~i z%5ch~rnB45P9r{-FPR~EOoJudaD**+ac@v`(4b+vE}bCYdv@pq)zQ!1N<=GyS`-iyM zXk!?UaXrQ*&rrzadx>f-1AG)Em4N!W0j5aQRr+@`cd3XN)D%r}-lEXH(|cZy9<=x$ zMvYF+=Vx7wwu*pJzh?qY8x)m$DJJ!)ppDRoy{#>bWiL@?447i^SS|f{NTxD0SVw+% z03o~ao-qSc%ZFDeatzSXSC%d$Ed?nI4wi)(@;WsoWn*Q9D;RGrZw%8m@|}l=hu8uo zy(vv!gBqG|VoESs)jVt&GCn~}#OtMNS16*wP$T&-I?iNQ{0_Z8%6RlZ5YAbDb?=g< zJ8kUKtapwhWXQXtLMILX*R$qH@NS%k6fP#C0ybPb-X^N|MJKes`$JRb)y8B2B$%BO zQGYp~*EU00ckCN{HXK>Q)f8Cg6IZh~HIlxO;)r0hcZ8pQJHPgc^QF5c4j|@80lTjs zYRkrt{z#*P2LzJWPv8exR1=8Q{RuGt1^yM|tUpuQhn=ybMncDxh~c@v4k;)Xm~R&D z)nhV3TCvRrKcWFD?0Q~!K%<@JD&?NEn92s8jG) z7CVX#cD9RKYWbJheHHLI4e8c8P(M)a{cSQf2 zNx5|2vxfjqANLf@w8+l{v69*!$McOmtaOENzJ%d(?H__jwX5xn@=~83V`(TucSYyU z?C+Z9?M-1Fz=A$)(H7^MFG(sL{b;TiI{<4>1o^@H`lS%2}h zV17Bf2W*Ja>o|kmGc31_y11}*{f~con4qzd$Q3;1`sQNMt8-5zb|I|X*!|#AC&G@5 z%`uN|voVVkz4cCWWF#`qI10pn!RF!C!Skw+C6hzZj${|vU z+J~BL)*@~&nAXO~M#N88BKaH-sFTc@z}mG4<=MZrF0n0LF=g~P2wuvI4Vc#IJ!DT~ z6KF7OmmF&`)FLLI3g3bg-Od*qrsbryBbSeNo~R2N73qzr_xglLW{7%FgdAQsmmzLW zfmcbi1i!k6-N-TQAL_H2*I3(2-g0F0xGDD>N!$+I_?K4#8b{}K+f9)4O`VW}%} zCQB&!d34@axi<9(ptBFZGFi!B%;fb;lJ2LhWz^>HFhJfPq?%`W@E;DwPrb$;TuMaQ zkmlOFu}wbfRbGLL?!ca?qi_eioWvY{fm6HnW#z{q+xqKb7S=TWbi)0uB$Vqip}Ymx zC$%RDfhUJOseB1X&^ummA@9_|`^Rf(e|vEvgme7p%|S<+^g|S8GQDmTL*5APAg!1( zIWj4A5?OYPOqV@2tCl}^Fd}M<+LkB8yoAqfkRWyhSF|083oCc5@}pY~AklE%U-Q@( zCMCIoge8W-i6gH(5D->(T!P&l|fdCYHZIa8Na!)+dPXZwr`Gc11?gd zd2^I{S|HA4f|xFoxN;fZ&_q|=!`zXtJ8X??=c5?^89liC!(<0jw77;ox{P9JRR%+08@i*7^8JT_J-|IV9PUzahuY2KdFK4Rc zB^ws#F8K~hd`r_WL{8VqT$k_l?QWk>lK88>)nsPmI!LZgxg%+`?d{LqamBW3lQBcS zF&K3WX{8d~#PezOn#mR@=HcQhGQAeA@JFpWB7~x<=&=LS!|+K`&Z9xcm!z7mbs3Ucf0RS1Jq1((9adW?w;L#8c{ zu@+2*ba1^1g@|ihwUujHt@n1c!_C$mh%4PW8~b1t5LSqE?q$o zKlKk-vs2sA|Lv%gtqdq7Y3)@&NVEPsYe_7y+JDd|mZj2meM4yP6o5x-$yuSv@x4al zqAWSiGs~hPr>R7dJMa~j(Ap5i8!E{YQqoaWr0;3KdOwIA386LF72Je~+Qou}){8YpN^BD6#$&nLZptTd6Sfb@`{1S;^^ zTQRsy0K)_ld%G&;1|Ep~9ah*}{z95CFDQG2^o6;@zOudtK|n336yAXe^_Na3qxuFE z`_KB;)>Vx<@q{2rC`L&b^FSroblIgLOw&aA%O0t$^?)!^@|{i5F?w+LtFVd{Y^X|K zGOX&z2`|>))Kc-V+$=nOw~Dhcd)XZo!e9#{QnDma5yRJyl^^DxEEN(-n8VS`L`3$fUz(BI&CvZV1n*ut;Gq@a`T@Aj=_@J&>Ep^*c4b~A z3(k^A_?ONKLr)V}#K^b*j%(UuH@dfDu?$qRJdB7QYM}nAzxKIK&Rp@|RE_|Ftp3-K;spW@QG)p}=4$Z;f!o`?T%H{c{h31wnl;XW-{cPQrCM zyz#ADqKx>pn?4Sm%8QiFbhgHA2{LR>3wA&gM5s2ryoRGUj(>TZ3jW`VuTMJI?*tG! z#ux5!Wi~mhSALUQ1%_7`mO&O`+s!xpp{G$nt ztMD0XZ5vHPJt2IZA~E~N)HZN|LwLO z6yv!#XyZlG{uAN={u~WVQS;cJ%)d-1EssozPIR}N%n7jKksqC$9;(414KKA-d$yyJ{L~r zrKAUX8kf-{x~FQ^j!L+kDW;yaxOZ&9Kl5=}i6}TRRloN}?BHU{+VwFg&La(*`O_^a zO5vH>WmrCy;W50gghP3@62si>zD)G$9!rIr|53`=N08QqR6$?S2`o?~g#V;Ts;YSx z?ZU2z!+L2NWu<4Qt%j6Ta{VlE$KIi7Ws~<^*P-|#XO9b~3CYB)I0RJo`1>~p9!FaR zF_91>p}3ivIy@ut2NRdi(g@N~zhm9}4OQism8fdF8-Zek_DWKloHe$M2)&b9Y~KZV zt|`hGG(t<3zmcrsM6rgX`{Rp?aG7)k$ZPa*BKN(srmcPRHJfSg(Dl^wk_-C~nunIw zGIa$~f$WJ2jm=vUWfNYmFemKc$TD(z1RY<-hU3B8yrRJCcSqqBqZa73BiZq|#`w9- z#Umc%YdYG78}phFhw8p5WEVnkAiLekx3=2h{X44V$hcB4CLWz5oF$(1j&%Ft*$2;` z=BwE{p_m@%Pgy8=Z^>S&Dqu)I2EP>N43;$ zW*Adck^WZVj?zqVx^g&ZBpwIpqLJxWE3C{X&Z9HsHg>e+{%DNvRw4DD_$RI{SLJ}j zUg%Wg6CcOPoF!h*a@$YidSc*5B*Vqt<|4$4AH?-=5whd~&5?sC19sal#|3Yj9ox0l zq3$HoZoS|V?>)t|i?P(uDW~O6fwfShU84vkrG=eI-@D~_$vP$J1AcK%0xmC;={@(m zgkPQItsk|V-n+U9{MJKpWqi=9R=Qqi#%^b{TdEYV`lS6<@ufKA=Nuck>Hag=EO$k* ze%-UHbhBk1om1oM72f)o8{q8TkTj3XqQFrIx^6R7y3$nGf^MHBZnT9}LEqi8GYfTA z)G&x`BKbmg5e=$=QEKw%#e0x=wn5B}AX-bn6!sS@wIYom%0y=0UV(oa`` zFUX!7Ypis>4hN+ol+Ap)YCLLrb7b@QiZr%y5AJPZ6>=S`U!s*b1Z)pqk z-9QbRC_kj#^cugenOik^uAZ~o-Sa?-%PPW&F13C9p4G&KxI+FVHvzZ{rkG#Nw;&bW zw%7s(XYg6%_nn~uIDgerDM~vzu#&HzU7&sO5^xltf6EcM7F{Xi*@J90{;{GX3Vieo zQ4i*_!Ja3zKGSh|=8vj_pO2eSpNaGSyeF5qjuyWvoUjxx9y5LUQDe9ccm4iMtT8@W z7=7B}iKT#^cRcm0Ya04`_rxdN1Qg_}q`%h%Ws8#8#uBIWU6G2%-z{xf2q{aOG_s+A zBMQv-2=3l6o|66)-dXEnyAyI7FqwOJFgrA4Ll2`tpP;&uYiSU&74{{jacSep5idY~GVH*(~*aCxMulYOSBDZm1QcHuohe{wP-%41B`a-&|rB zaE;x_iJu~FVIJ@V}L!rGAQ;^{tG=IkMurII$>|KWXB9Fp#L~ffd=86}u^&m4a z!$vQOiNo2Tg2gAXbzN;No{d+pJ5&oYotKy*`EPUEd}#oB;t|oTd#j?W6u6M z@}Q`wcz>x%2{TPe8Q|eCuGo_cO(ff==;qOQe_!B6cf=_qbb^yN6eM|qMm*^>HHFFU zqn%?x#_=w7?~}56=0zl0Lvw=ThnEXIL8k{a2Ip-HqL6~bpIiBD(7+Whzo&X~UVcpW z31sxGXjA_YYQhcRn}DQ@Xj6)rV=S#sK3e8l&w}T9@X&p_Tmuj{EZy-)78Q%Oi80%{ zHEG1kR@t~9KHjr@y1LVn$mdaS-7(xcDryX} zG_FcLvet3MOdEJGFjMw=zxDY{1zb%z-FeW*yUi0cAaCnh!N~T`g=i^Sx*3;T68pxs z-y4ROYx;m^VN!Ue?MsyMTD4BI_XCnI%ondlOY28Ln&Yb$LQ49OH#r?%4r8h+VYQ+B zt?t(F(4|tIL3JMRFLn1K73ui~84q&r8i`E9uzBR1&^uCe9=!iL%=P)MGKELLKh+CscS zha_@~t*O!B$t;d^(zS+0-;@(TiM-ykp z&-@bk_k3eo=M_a$Jq`I+%t|fVYZX+oIjxB&-26IEN?Ro#KqJ6WZJdF%ngcCMd6!6s zyS9L{_KF#9-Sm$hw6g60B1zjd=p2wxiO>z&l( zlj}*!o!H)y>jifnAXwaIhm@ZNZ7)P3Orh;B+OFhx6|<0r+`kNNDtX$8@UYqNZ}(yy z+augI&r9bwd%)EgGQB+*uyXR&($rfaER25H(c(?pTp4YMrBD(8(o1Z{B;x=jbnscJ zkl3%?YnztQrRu-o<(dqV-5v(@kt)IRk)YD|a)W0eRekk(2$;pQ`(hu^dC4IHD^*`t zJ+?-+Xs&W@7A-R~g*^mF^9t9|}3KT|WJyCTS-*z^YwsZ-`iq zJulpcACi%R?*BURo<>*nCy`Z9V{TaV_cE{8tur_mU?XPEflE_l$(k^d(!TPzqK{Zk z?Wc%*kGsunm@qIo^XO_sUK<=nM~+I%c$E;F{RN(SSE668G+&07Tp^C{;dxcOz^oKC z0QUS2+_qz~wRh5R>b~BEc-A=L+yB(wZsk{<=l8l6jkV2cY8L>LI2E*#2)D@wAuc$) z_I45XxX>Hjmw7aS(RWqskKQI}%g*Ab!V71NGMOjw;KCTQUJ>*?Y-K<(=HqrxXSg`7 z-0bNYr-8XE6R(lwjXDCt3N1Y&}9NLJ*> zNu1cZ*_&?viH#m-4vUXe(;G5}ZJjB!__3w4`#s>ZtG73m5(gnm48IQWYPEo{HM9kn zfP}@~q#*?7sB50<%~l&cG=r8%&3+VVCSQPDYlLkcfq9vI|Ba9fguN858~_(xKP4EC>h z%UDd{$v4-tQ_grI=v>RW%;wloj7D1QN}6r?iezQtQ?TtXCjIW4*|l1KV=Dacq4xt% zO_g%f1Tfn2;l)BdTxwT8VL$RVIVb?fTdASTgeNjxSXp8(LlL)&(zVfZ9hco#TA%7S z9}K$Dmc#u%m{GAPf8a88)e1JvVvk+#wm!Ki@@Qy|QIsA9toV7^y37iFVpB);hAa78 zqPe^}yhTJ}$_cmqd_VLKAb>%s1XD*Y5=3^t*{g7n-er- zx*xMc=qq$M^81zZbX6);B8}4s$@#jkPFpeX{s{fTY@61Gr0h|O<;Z4ot!~5&?z9e~ zR}y8YFe@K3e6@ot;HjcWdE*ZV*aO^1nc2MB_HNG(JuGF4FQ|SUbWR!)!G!Vg3hcj} zz1~1tE>WJ=`xRPK3dWo7(<=)o6x@CbdBU4PUBm- z8>cA|k?jVdAgvLA`nD#`@vdI4dk}hLjw)Uu^~PZm{J>thnuZrLh6U>4){G@8D`9S6 zjGMp9Psz!AHQ~{;h|8Bp&(-P*6mOx+-U+Pm`wNWuN+71S`dB7ttf!CZ+d0{pG@Q7N zp{BWt=bxn4(+o*C1~Ia&Mch{42yr(wv+-8a&_qyWdHF)@GymsgbA%rUDpqg$Qh`w& zntq0|rSP~s=fa^$ty<1Ywl0`FTdLtsi5BVkSWwk)bRANnI)2>ulNHbJx+ze$8w%nE z!1awSZ%a~{5SM5`&op-VEZenj;iwC~`gMP?OuOY#8%tU=?WPSEhJqChmCd8T@%e;= zol4JH;lI}D{}|N25BC=-vYmW9XGIL{>J; z7PK&e?%tZG9=7e88ChcMHnz@az{8`pcP$R(DJ`(LH=93z%m`PKyRH;G+t z9r&<=PS8@o?`f>?dmkVfC^JTox_Qy&fTWntOC0FsIMIGt=@$XoG7Xn&p_(>rj)&^8MoG}8&-t^ z2H2A5$-~W&5N_SPH7c`W{j(vSv`Q{XD5=$Oa5pM;bzVJk|1!d%43b=J?a!F0-l=W` zC@HTB{_hC^2L~jqZep8=N&=b-C;fbMIV^w6M*UBd{vSgX1TWR;g|Syn(8@Dkak3_| z&`WCLz*catGZDoekIl=Gk0}Hg)BFmXJTHy$$y?2^5N4~UP3YB{(wcs}LIR>5)lxB( zS=2o>m@2T~Jsv>yrs_i-aj?*3{7TFEs_@ET^H_xqau`XTL9mD+E$BL8FFb{3!99Wu zS_=KPbM8?>#&>mMt!BdA{i|*9ryoZo{Ppw1r-e;ut#cT0Y~Br4&VjvjE21FD193HU zQL9ZXbP~6-Pu8kOb)1R z{Pzr`e@SNj&%r1S6z%OH6Dhbe#a<%}o8Nsp)`8@?=f%S4hc{glPEKY^DYx^S_FHs{ zL|TJHlp3Szae~r@qyk9wvJk@QugTs*dt=D%XYECPV-q))!Q2>3<(|Yp0?8mBaFey} zSC}XyUKy589UK>I`!y2LYdA4tQ+xhYf*rX?pvVe`cR9Myvon>e1xvcR4;;Gm+u~ z)1slQ#2q5Fp*|ZEE*6-0aXTCnyn8fVWm30=lQOsR-d}W_BI<9U^#3^y{|QR)Vq}V+ zf~0s~B)#kd+~i_x=hr9)a(iG5;`XKTp9n6p9|!gwn{*>^T`L zH@vd{xGyqSNW?(tgi-2Yg5KZek>yi4&nIS4lssPptQo%PJ{@TyPDt@OSRnBPcNu#6 z+jJ>Pz+uta7SGR5ZK0hWhE_>jFX3KFXEkKwd3drgweVo~f5q1cMO*0P*a{Bn(4ZQ0 zL%T+AI=rWr=#6CZih)e0rPOM}OD3L6z8AtwnL)jEVlYV4^U!&@$i z4EYqS?Y%84vC8BrcZ|3WH51xgxmx-=4r#du;S^!!vaI?@#77yWrB-<}qW;arWW#Of*Tn)3oA;R4YUzcqt8 zM@dlycgBn~tT>{f=gAYKB|NqqN#zEKg#J2Efzw9P{Ua^{N9Xo)6<{W3y0~NJ0`PF$ zElfuc*;R=O#2yv7-f~0*&520IIR_r-P$^(Y#&3NIHG$8h%+>mmkBesPkCURgf<6)3 zvU_XT(A>JAiMzl0Tr+YylOLdvc4Alq?OLSJja^IQCV?zrnP-r%ABn=-ulP2M=D10y zMhZ4W5Buz6eu7jP+ID)UM0%c%+@R4vnB0Y30A74B8`ZrSIhRg1s?LkaO6?H|fTQ(n zCjlhs`tHe_1`&@8xFa`)UT`8INq8ALeOJQ-?*xR*&2Wxke{7iECsH!6f|IKl^l;OP#!&DPOz%wC~5&+UW;U zDj4hFU|rG_)uyId9Pq+LfFnym#?$oPhErF9!bq`Q2VJK`O49sp0Et^@~0iz#k7K!|Sg|GC3B8WJ$<3{2jJOKIK(;InX~Pz zP9hH&coF915In@8cblw+FMf#<6qq?$`Z)eXzaZeVIb5q}5DSa?AgHwx>F?iO-*9&1 zjO9A*VDa-^H^8=n7;7RMW@={|EhthCp=I^pxJ)mY4VM4LfSCC-F26K$U10K%rK|rJ zN+>??1F3f|-f1v>B;Cs@g6}Hca9!=Mz4S)|`w=gabP(C}IxJK@(rwb<+3*ftt@0ZL zfL22Pp5E$0H^b$C5a&+l>Kq!AcJPu~V<4cCS?j_4nJMP)1%LlddjA~;b|CygCUia~ z7u#yX^$NN2YOl!YCR+5HbVT|7(5&N_M)epOm3ZpPR6@uB1fu2Ql?)-Gtv$Uh0Cb;V6!39O5?fP>>Sr|N zJ&^xu7g{~FJQHgV8hsN+gct7SRyE*%+&)gmav4i~7sY>ViGAXHtwQS?qQpPrq70a1@%ir%bmVpf@jky| ztxc~(D(YfZ_Qdk?rl9l%Tt+3u$`{N?p7`6ixkau!fh5b)b1}9 z+|x2x72R^~ShYqJlN#=Fvr3Y z|E@DvuP_LDQ|=D*`G`?0*t{yQWw{c2NZnAS(8L`jSlgL}0Do0)mmjYiXeN%Lu#AJZ zhub`4Sw|QB3mf|XzcU%QK~$CG*!pZau(pok=+`wzds61$Sp@=O52H*+saWcRs&{k@ zsN_|0uxMu|9#3Pe<&B>YrFhXzBFq;S^2j97M?Fx$?hYIgzYCVTyFV`ar`T@pApO^t z^Z)1p87nmTdXTdhX*11?@r%b9%%So$8Cfiv;`EngT}(s)JI0k^1;7`Xz+&z=w3{#J zwPVWm7Z}a0XrN_%Dsx)c|GWAB>k}?0XgNceGy2g4x6Hin-^KA^zfR?&@cDd+e1p9m z4f$3nFD%9MJ1(Q2?!8iC{O^4o0`fCk>mOaLkN#e!|F7o$=Ts&F5(bP#gyju0jdWYT z8hNp0-OKv8S7(y^)$=*c28xM$-(etoPYHdO72wBq$_dF_y zp`r$q7%XUZP@mn7nxPr8{=rYEqynh!Q9T^PcH2ttF+YV8(H+03p&m0bn01QANXYBK zf%;|^D#}S=j0|wi{2BK>>7TR-0^m7zuRJj3zpvE*U~>ydW)Rmi7!*yf{9#W`%UX3< z(0bu-aNp{5Fpo$g{*yhv1wM$WJtUOSLlO7<9kY#F-aXQ1jKK&9JGtEasv>SYPi`Cy zaIJY$dJSaEdHN@g!)mN3HA#pNucv3>Y-?Srbi|(hvhJKhFj}3YmNjyafD~C1nd};E zwEe^(4QQyU8TTKURj8;TY@%O80<9_wDzc?XB6yFr;RQ26I^w~x(1$4>V%I-4)M?18 zdH`RU;eS18k21XyR|Hr8lcs+Y1u>CGWPmb^vbB`^Mj`{b1a@HGcfE(qkpv=9GbXe+ znLb_Uy!D{EPtHHZBQ{uu3xe+b&APtS{$SfM-a_RiGfH4(e}Y z<011yN0ApMjfwn^2%cVa;2nluwB>V&=FCB7bw-uMbE+P78N#1q9`y1&4nUBAXy;d& zBq{oa(!r=C1qtv!=xHE^tOQx~JlTsRf$rFz7Np^fbc+a!A4R`E5dLYHP(S%QhLtRA zH4avpLX#z`j?O#Xf56B}VXK z*!o8g{VyM~iX;e$fLNg>r0EDNVS+_E&mVW*Km)Q8jY9zHiDfIs)loG6*0oM}OfOTn zHKCii+IauHr7}-T9Ie&+3n`HQ$ExWYcWF!FQ<0gY=QU^Bjuz9#Wuv3`KUk5cim9!w z?ZnB+*?#Bh>bhoNVBjth`TOQwNU(}y< z$dppKfGm~L&_FNrWDJ}B{h5`?t%44=!qc>X>JBrM@Geu2rE+c>mPC6Aw{qf9{B`WAu%e``uMG$>2+B2DobRkR_QRz^A79)x$_n&Ugj#Uo-t-kMHRwGJDE(#S<*~+y? z_qFOBM8oZ@m46qcaE41lFuPtu@lmAa&AS6 zdHMJb;Njt^&a2*Sz+0EDLbDMZsGZD-#ugR)wIvgfKp~wp;BfJ)&m54UqNA>F>FGc$ z(T+Ofz5M^Sq(xCN*q|a$sEq6XmgB#WaZ z*YeuYNZ5EAlVE$`k&vt@s6`>e&N##_qW*btVEAjB%lnC$Cmq3k;7&JttfHDEp*AgH z8j||5<+-dkmUdg%^$v4&zf_`i_t7zE8r!(bJu? zadYq9o-FS_JU-S`Cxh@IPiWrxZCl2sLBN6No#LNCoSXrK5)kVmWe~SEAmomD z|HiJiTm1*2aX2pjSCEJ71W$b*=2x|hNR*lT+Sho%3+2zJ*$t=8=tOa$glaI|kkxtz zM0xC<)d2t%nn>H>EIx`S1P8x+9q_Ddj9=&64>%!4s7Xxe_{-L404uHD(~3$;#l@?0 zb9)aD4^I<+YeqglB0U}db({V+!3*^K;La-|a&~)`>XC_&`F`G};XPn>-?dK9zdrgs z^&ewe(82Q;|Cbg3@t?$CM0z{|f- z%8nYE#!OT!luFgNM>9PoZxRNCZH7lod}G0wSjG@{QOE$_#(GdWuPS5lf7V=V``JVYtXRQQa^Ct7d zx{=CfjzvunFwT;?(K6dCn+u91$bNHYR%+@B$aMh0CTTl$s}T-OM>{p=?e8?kT_@N! zC$`daS2GD8GD!_u_FP-go+UcW($0mC9@btS*B?8KJz>v;?a(r=-*QA#<+(Iwl5plJ z!H1ym+SHFo-AHPXB>n4$9zl;rD~Ho1 z_bUJHszG**yo4S{(0wZeeVKmwzvudJLAnmA?S<`wuNi!I5MFbrn8Jp#L@Bbb;*P`bT*iRe9{h(aOiWfCDqY@ zJr^5{ip>E~R0*AEc*rGi6a&)2D8G#LDn`b8LG<<58H%rHTE!3EXqmO zEwP4X3|mKv+#m(J7umJgQ}1q(t-Y`bKQhwV&O=5+$(IYG@pZT@S{%oQRjF_$8UDTJ zVr0!ybAKajr#E`o3AMGNrZ`W!WY;ILnj1^J%H;a+4tgphi}N`T5>&1@A{LQK2diba zzJ}w9!Zo$xpq4#OUy^1yPz&$;7Nw8eQ<-nH<;3)9kEMq_OAjG+Wsh(8w_9Q6xZUJs z>JWn&6u@~ASOg8NHBMjT)ApJ&{0nPNQB#b>D{9N}`87ad;OH;P2PQJ_qbnH zaYtpRS%xy}HtgZO#CTQIZSue;RQ(O22G(3}Z{l#o^NC@tmw&g^9f`m_hSDK&`W+{~ zs_EyUiS>GWaWtkA;+|DuV(HH7y!i`{Q`tFd3 z-B9r;D4{a3-ruK%lMl-q0NGcQ5MJY-cSP^_=*m9&S@npHiH;K-@2;RdO`t4o0Ao?P_RhccDSGA z%o%PUA0Ad-o*!)s#z8H=KUCh2PE6n`#A3K+yvz51dMPz2#G%3d{VrNJ_2}W|2=X&k zj-&!^rE@wZ#S`^yH*G0iX9H}Po%W4*757;Jp$e0~8e<1v-i!)*zO|XK@e|KC)yfA)# z-r%7cJHo)}$L)Zv3nKhe+sx$!qkBPr4||jo;IuJvOuc%XEln0jjvbH(Vo41_>Y@C| zwZQf1=*aqJmD&M#hui-&+qjzeLJwy1!=~T4AP$9kL$-zce7|yPI&X>ns8>wm9dSVM z2jc&mE0Do{m)T&=Y2M3e=KJv0nKq25J2)**itf0xx_Y$ZHZI#lJbZU~$d&`$t2;9$ zG@HW4hfE>|W%Km(G@C*C!;XA@^0#mFyn=#9?20zHvYLtAXlDIa1GZEB7+De2JCE$M&w&4W!tzg>gP`!Q~)eU3Pd=8hooF(PJKC6KU0RW)-T`i%{Y8tz=)%pP8o>CqH6t` zGFOU@eL5yGE4834n1JhGtWFBK=DwSywM10n*r%ggXcX$6FXa(a5G!Mj`u~!=GCqn5)MphB$oqwSjaoOsPJQ=Jwyd(?Q-rja_ae15D z@iaIlgYCBIXlFNib9>voxw)wjgb;4>00RT#;N-++1m8l2&7F^tnqXD&v4o31bhpYj zC5*d9kr72-M+y!k~3Bmo`@JVLR$EqGy97?82g_tvyKCXIlgjO{TkM(h4Ice zGJ9cD_qr1~x-`C=)AZyM>AzkCNU&U9EovO?F{{xHN1EBB7+g|;HSI8KuP^j6B2e6f*SUY zhtJ|ny|wW+l#sV!}@HssDysFUmyXoOdyZgx0S4AD;nBy_@u+(NLQykGB{ z=Fc&Z`Ltg@4wS-Ff8d?P3CmQ_AC30Ffw~=9e>qwASbu#1Bg5T~bUev>{+{{P?N6!i zR4CY_nyTsG5X!R^*|L3_QDW1To%lLost%d^?QaV(2xwpYOfO;U{3&DN;(SaHKzL^U94*5U z{vKv#U%!s47X^$kH+;F9?Li&stpkqO^;Vxriy_oy-URl$%sRx*8qR)6u^;gczgo2T z1dT#8Psh~tj5Ka3t$(H8H9Rb!S{5P zG7GOJas|-QZT|YkltMt&G&Rx ztPdPeZR~bn9|#|j;&f?TSSi-og-gkRJfgvt{&u_N1KMo0|L+gEm$cU3>0xH019lmW zrnXuMCT*}&GJ`G0v*_iXhiG%{_{1W3*Svb3FIit*`UCt8WTwNjE1 zbw|9g-TZ8y9H+JS6oru`){rE?_00T)kX0fE#M4XV)&@5kVNq5kHf}|>wJtn zkGFZFx%;(CM%l(<{cak%FgF-!ZQx<~N}YG|*d$U$d>|`2+-;cM)`dW_0dE-wbs_bC*V-t$fe`qN5^mc)hE$% z&!sqzt$x-pn7eVmhw0qg+s{YDskN8>7tu!7_IgT#K^Fm#KQ|lQCmT6~9!fyXMVVMb z9NfqiLq7kJR5b~S5N7shjmIUcZ|;=p2vZzux^~&h@VH5q6QLtS*f8I9062%=U!d` z<2yyXb8$)tL>#4Ib{Aqs`p+X2ru8qae?95kBfX$hr@Lr`NKlmFiU+M1>(^?ircr;d ze6>BSei`LGtOiYY=<=p3d7W`i zeXq0n$eg)SOnOE%`k|I22%=B~9soTJW*x7QGe8IKEq5e>MQqf-Y&@y@Q94S`1Fic&NRH<4Dh9E%vq-Eg=PrcM%|~ zD(_SphJXuP(A3Fd&48n{-^*1l>!SW^bjKaC<8pd1Yh8i#K%HhIoxxv@u@bqcJz6n- zka-?YgmM;^m~n>=KFX_EY`OUuBNrgW7F?DHLv zaLF1DKR)28e%mwKf4f{+=+Z>H!c^)IkPw8!VRk1>9R~PidRoRhf|ru*zVYlZ^&4X@ zn>pWOdGRHU*RxK~@GAi=QJuYEn-8~EP!ms8Q_TEKzi1F}nUpS7cCD#epTI{`5Y|dO zHkhuSW;1|Kk=c2bVhITrC;^Aqb>o+)+cemHWtt{@&!N%W?#E6UadEYh%67>Ur;(*6 zXG7=T{%9to6B9cllCD(bI}%Y*O8+PN0?Ep|HtCw`ajgA{2A_a&^`gTv)3d?XNjV3E5tm|842hN%GqrFtt>Z5RqDMl*&RPv1Z#(RB zj|^6a@9w)7egSc6e_Q1VSsU-uXgMLets74FMFV21MK%s}HZj@Siv}Se?Kq>1P+qIh ziwLblPDmiSo!MuCaHIq>3qiDxruFae&~g~1+F>e$jDj7ya-o?0jvt(29KoLs@A2KX z-I7?;c-s>uXd8K7)l(1IXs{|G z!Rydin!OO9ia6XdTW6d9%#L{H_KX+r_uWZIbgom90l5^=-+ZU%7^Avm{q95w_HOgD zG;sFyXT1OD^Q_Uc#?Ur|Avd$(Kv=IiZ|u|OF~wk~=}mCJ8F(c^|XY-$JZ8fknpRIQVf5Yd$|L^;2#2Y#g@f z12UGkmkhs<27N6?MnbnMl7_AD_Wqt+4DGnmxG60o^L)7bM9oB+Xs(E4PIaU%9M_oODq=vi|=0&Wp*)n8`gI({LX`sw_$q+-OHX^E{D5}2)VyI$^eU^b!Rl!J5B&$ZID#w1OVVkI^n3L>tO+^vf_Zm-Z$y#ulMS+hkC0Gk86gfZD(y~k3yVhLXdk(OO*V7 zwD|CsC{x2?Pnl#AA$55qj$7{y8Y}!v@?+y=^m6mS8{SqI@)%yfy|Ld&>&7qH1jf1I zvF;Ele8yAw_+`0!`oj5Kbm{Dn$6;5&xY;Z1m)K^EW0LDo%cjvC#!{>ZZFjf-CbAKo zll}&B4&mB)c;6q3pYUrsjALZ!Nv*K5?HS=8_>ftI)_$2>8Oj>(1>oNd#p(``#c0zK=trsFPr6hu6e_udl}0aO-AF!-luWT-T)2V3XoaVI)9fI z#xX$nla~IO&-@jI{Qdwb$d4_!V6k9nNeki<720O*@u?0;jLy&c0!KsJuBGg>I@@2=A-3uiwvo%?5)L#Zd}T)gP1><> z8MWjIWHBscNT+<8+qUz4D>k>aG*F_Ut!r(o;mo@S^KHqGf-7HPPIiLn5ch&u|SK*dHG#?${j=U$- z72Pv0xg4ZAYY;P~c78IcoMQB}yrV#hDaz(^uut188@Tc$+{AO~#gwT%aTwdr#sG5y zb0-ql8AJs&!{3~FT<$Vt5bR~6n|tjaoP}f#+j|=(H9>_WsIp0Pp0F+{Zb=V6cg`*uKOe5v7YdJ{Z zqb{P7&gsS*$C7(ounor_@P`S}$5BpNjbE9Jx7K1`pN}m?^qyvvpVbc#j7+dxatNRI zMPBbstb=?Iywfj=dE4k$fP0T?k85C@39o+6%d)EHFD1aDM44yLj>pvxtWtQXoa20j zUTar5TJ&d#hP`c1yR57ZpvPrj&9JNFJJ+16tONvFpEs8|k1P9{!$P+|6YP@B>}ry z0Y!JCmck!~CD0z7>IdE7ecj4IQgAGezRSzOhD8Z>Fy6*b2@$}rvxLN}hWEo-@ccTn zE>}BA$}Bneqn7XkksPjagg~d2T^3LJl_`_C5y+jzum)+gh2Ju7Ox^IeLk(H|Hj$$} zTepedz4PMRZXEpHRNaEu zC>VZWqugGLz1+!<$1LNSBXj0hJEmXu)~X{LjZ9IFCP);`moHsp=Ic3z;{i^NX;{*u zKSM(#PQ50n&|!{oPbi^LL`?e$7TtSn+msbg9DNMi;!Ou)UBf-m?Dvbd!$SJtaP={W zu7n)vAQ6*^sh}%XPZ#4Dr#JfHg%Z!&L_R<}U7=HErzM-hpK;WFu+uwqb8|VDTJfT| zv5`Oc56q+d8ZR&Za`B^KpwS=xie6 zKm%xOljXbhCwZT4>VUf*QWlc)Km>J^uimuYpYK1(04XGK2CrItM6aB3LDsP-B=EWC zp|rIE{3_u-@t~*ekfb+<0{706!X|>Rf4uPFp&UdY#T z2=~^XSJ#;hAD8A6vnULSnt;P^{Wm|y`Z=zymRKq$v_v*39$j9GPf78ZWCq zaRY&?Mw?%S0WmDLS)W2D!+sA)S4@&z1|c zVeCpNt)Y#-H|?p2<9CSI$jI$jd*v}?UB2elG_=6HlFwur{_Dik4heeSz(?bvL+dK^ z-Jx#8F@uBub6XD4=mc-mzTtJp2PL!+xbbhF#t%*W0c=Vuv^xPr`7T!YY~^B#Jv?o4 zWT3BJLPS2}^s6K#h2*lj%eahV7C^^QyN%~c@bx#h!{9C7YR(w-H)0M2?R(Om@BDDt zYkFYss!8u3`}})6mEA$H-1Ui9$a8OB_Cs5Rx8RANZI5|M4~Z(<0AKPodtSp~$}ubfY{IYNu%aJ9TxUSh-U{79^l4AeqbUV9e7Dzo-axB$~OVW7J1Yc3ZF z;`qxd6M7((mF!Z5Vpjlnbfrk*uPPYmsDnwUuZnbU$2C5<@x&XQbIQ5GEJbf)i?wy8 zSIdDnpNoAA?{Av8m}-FA@qSk3Kt+fqdXh8iINw-#s+1dG_d`bNM|eLyGlckqz&kck zdT2>R1yO6EfMym0Hsxi|%RY$Z&UK4%m-Kmx6x9f;^(y=9`gp^wbAFSLmhVCXBRt@R z4O?*2WK3Qegc(lj^Kw2Aooe)0XT&Ic5vlBze7<$!9Pg`t_x>TvbsRC=Z~cC`<9V69 z;{~qnEaJ6`^hqp-Y2@{J{nh^n_XGrSS3b;%@koDkD_m#t+~~zUYiQkNj&4~!ameBB zW4C*`R(^F$N2l>@p3d%`=aN)*iuhD5I?@kuX$`X6=X7=rNj!uup-0$SH&Gn{9Q01V zzm+Jp5p`V=3%L|tp+9w^W21xadU_I3NgpO7qC_5RM367NH!o`-@47yRrkagVwC=87 z<$%9zWwtA5&#-qbugq_+Wk>H3y{JF?O1Zz_>(iA47w*y)UfY1s>C~JZHK~8c z*<*X9G5*_6SG$mX$nzpGwe@S`Hu0G@|2pG4y|@Ywo1 z(&DN6QOhTKj|8!Y5Pa*t4GoTe`iZ_35QjSh(TJ1C*yq{*vY8%;`)j=Eb&~`|_$&Zl zMgrxYNrLB=(bjFzp;w4Un-_DO-v8A7h+}6*MaImdx%~+${NyM0S`Za^79$_bZrnf& z`$V*Z`u-2s@%7eG4B|A@Fv?T?rbpdIHdKraoDw3>mnA& z6SK+p7ive`)B@eAa8=hzS40?3c6GfLmD< z#R1x{6K9AQO_qKoG?0imLuIiOIBvh!d7t$Ic6Z}&oKY(a|&P~sI!jmM6;0bb`xI>IN@Ok%aY3x%O?xx&0a)}Ol zcdJ_&hZMK`5&JJzB7H!l3aF4wRs|VuC-3FVJ>C?yyoDZbl@yXob zN-~8_;XspY;$4bBNJ{bv2Hd8cvX9!m%N1n*cK@U)+D;hy`ZV#{dY8R^pY7$4%3Z>H z5FtpTaF#uu@8|E0LIiifsEU*!~Cua;POat5JLVE`gl|3i6XBGF6S?wQvfk*A)hBp7+qm3?6_{cPijy(3}FA|Ib9 z-m}PE7drg5myT5s;ejNn%fM&Smrc@&14UQJPQaGZ@mr(v|8Vx+;cSNQ|95R#wQFy! zO{f)HYqeFhRkb%o&DgQ`7B!=7P!!eLRP5M$Qxvs{k=T1aNk6~O_j!)*^ZfPv8Ap!D zk^8!@>wUi8uk*b5f7vn+!El+m;?Gn7J{!txhOBzbaA^gbH3lZDt{6M&D{SpTJj5g3 z4r+Tt?77lP`k<|}#wzoX=3Eb?iV~t6??-*TqIhHVX>fniQ{Ie}266rcVF21$Qr)7? zKI>QnhH_E&r+I*L6i#Z_d=bx#HI!(}E8@>>a6UW_$J)x~kBE)WGkfWZ#m|Ds6+Jl6 zSsnxP%g5w(AinM2m|lL+Bobjz0IjIt{R_>R<+rv3u4Tdegm(0Na^^g;`>$~bM^qV~ zfHxC3DB6i;bG`7l)C>VJ)X%Tuf)=JC4jUKAP$qppUwT~hf;QZ=VNjQuuB4F5_gPJe zvOBd!NXwlV(H~|WqpCKZL!S!Ve+iCQSW(t{+r1Zxok*CD+mIbHS7!_GaJ{i)$dVDw zJ_ziDDw{X24QE?yuQe3V<@in2)YQ*C?kbt*DSZO->o3R@ch=N@Z2QY(8;oF>KbF!( zeT-60k`49bE#(wY3kG%b6%W&c0<4~w{wkdFa_XDOpF@$pb{HUQRe0KbodoeJc{_C4 zZlcAnS0ImwFxqE_*U7P^%miNA7E2YXjrl*H>u{#RArj9hj9pSv8VdFpS0c(ks@f#} zW^Xm#z;P|Do)ZY`mC+gxIP2&QDPk;)Qt&_5@t?5WN8|gSi@tCzgA|4&taJd?@4r8^ zSh?r+q|`)^QyWcS-eiK;I^JcHcxUMIRpa@f3mKtdE=BeAK7k+Iau)@j>&~i@eDm~8 zUG`<&8~n(Dny7|S^5uzP#Ix>=YfQk@uS0&|^8u;mFxfC{Hk10ohG}kfnYTp`Z4&*A zsHf=~?PA6^)IQ$MdQy%XRzYpn?LRsxlc^4rmOJm&X1#j4xh{nO|G|$$77+bqyJ}@4 z?e~~4)6dOgs--+QDpYJ5jUEOnUj7*to^6fk;37%=Bro}yRRzqU`R(JlmTZa7po6K- z3#)kjcU*<4EY!dopK3x#w;9H($&@K2_B@NXmCJL?I{ZEyma4}rrX|dU4DihGEY6#4 z4!C@=Z<_^vUzh13vL1Ae8Laz$>CV`(Tme-#51EwbG661x4ET9*b(!qdv0IkuI%t+o zZ_1w1pW(2d^C+40pUL`z0(d*-qW8J}cyt9}S4#XcW_Rb52U^e+*ZXrja7eGrIDYYd zN?Q}&&?Kp{KBkuB<^*Eu!q2A&X6JYYv&+T*47hlV@3+G@ zrI6~uM&X-Y5){A4cK3)zOc!Q%2V0*1tVn#u6W7&L+Q770m^w?y(9bB8qZ|i9hBC-4pY2y3bB3e7@3?nT)+3Cth=FZl!o}OoCg_saZa~AvC19-gW~^ z`Qp3(kgctb<1 z`|2jFAC~F0ng8=im$nlx6vq71uKV%tuekRTK?&ILw;EY}nolWrq}ZE8gtuppSZc zGNpZD29%YdHkjdp^Cva%G|j(zky50uCHvxM2>U;XoGkjzgOLxyaZk$If91NToV#%! z-bE}D05a}M)qb}MU1^V@!*}X_v9muocE9muH%>13eU`!+$%`z#Dv0M$p}PFm>(1Tl z`Q3>1n-iB?Nfr7c_4qr0#Ol@x*FL_&>Y}O7iR1T&sDOZL%-*h?&#XmQ=F=(A#zv+D zY?|=YKf$cOsTV|Q+_dtD__yl6|M9CBeIZDLLrUns^f@YH{ZIRCE!$F}LxoG;9kY42 z>!?dM%=Fr_xMU-6z;5osyR@ainw``ZpNU<>#a2{Edc|^G&OOn2t69_-r0*qH%e9o% zqZvVbH==vlVp2beW{r&EYmMPBSKz_gGdXR4QR2OwI9?v<`DY5t(Oha0E#S^ejva%o z%31uCkz5A@CK*w-Zklu{cem~d1&w$|KOUkM5-&b0*W^99T;=BME4c*e{z?=D+tC zve}%OF)L~62ZfogH^@V&MNrvyr)X%3iC(Q+&U%%#nSRz*ntLx9g{j+(Ts@SA4dy3+ z40ET=r}_G}KM=&ldL0If7gLD9y7%kFCq;1*F(8w(AY`uxE(g&yNsJ*|IOI(LC9Yoit(vw=y<-8o~;ltO=4^D;@E>Vx4r;@iVk#P(yK^s>e zaV+qgbBG@wk%Dbo%uDa+yDN5pXo zPA1OXA)Y`mXPq)nnH->!O)_7<*C^U4*`Bu%{{CVbHt{Z=iR|dSvG+1uba)+7gDJ-7 zyTN*`-8@>r!2Nj(gI!|pv0CW@Y2?L_Y^@Ci8O>D;ZJ5&E-q!qjJV&S>)q1lNOKaC2X{bDUs@B z>)SxdM4^4Ae$S>kfI-Pl#OP%&JO)>n`2^Q5F zbPf&T`x$Vx!UmYXn1t5^vV;>!XlMW_|18zOn@V^Du4v)4oxD6@vE`{P6-$!vI?c_E z#jGofdAskf<6q{hIpAiK+Bd7(k$}}}4Zrva#E}MqhM6D`Qxqxy-Noh4_8&ZhlmMQ8 z3}RXS{8f=0d5bB}Xexa;x~8s`S@hSNUil5VXX%uyJWt8%;Y^HSrgLqtx>A#>Px5Y9 zJ)fde+1Owj#Cf9JUG&znLk((`NhbolIeWt`sOg^QH+nr1hmiZ5*Od*R z>MC3onwLKf`@i4+#v{+i+^*u@LlTvYDX2h8u+tu1BkdE>-&9Oa0Vb2^{u9lu6+siQL8f}uXI-y9mm;-O_n-7T>l{QVnPHr< z3Aw4#P~iqtWhFz_Iqee7+o^zo%iuS45`XnOYbz!=$sWiN?GJpGh3qAfjN;NhVTAAV z9+ZZzeTMl&RXP@yVbmMs=h-^P$olG{{N^&M+zQ4_#oIa*Y|=m0diC)N(eIC0n8Tlh&J5aG$&%}3tOMOcr4vy6ojkZWtS*T-hSR+lrHER z-GcKT`Xs6<%%H#$R5lGoCfNH~QGU#8?;Cjl@OcLohj%QQ_@(d3ZrXwPUaQdz_kPQ09^b<0R2_$cRIc*T2a(p+2992MWb~dn z-a2~h)H6pjp!FjnqeDrn=d!dTE?Dw|QGZ#9|J2o0Cmw|M+aWJq9qfXR{k*w!wlV$! zTS+e)4Ew&@ZzT^bFD87~Oxj|C@h_KqwFBL-SIU;A-A~@i2L#vyn-BIaKixGO3pt5V z8(FVizL3}#U72`TrfrH@KML}z9OQf~EUx_ZXUlQ@Wn8X~=gV{m`p=JMx-cBeoO;A3 z8w1=m(M0e|{fh`2v8>xGq+Xx7?>F@$4M?1y*%X>m~FY@xFF z`Hfmz4zx4~3hF#&w2e}o+a-Jb@sf}<*ebVB;#UJpS7DLati1M$qg1(nl{xIYPbb{oR?k6q&2N z=h(BMRZeWv!u}fASRd z)R80ercV@^nr(r~CFp!2g!>1{o1`bM^ha={E52F-O1lO#kPAvuz*sPOOqi#;5d|e< zJ-u^`tCB~Au8woKEnl37x}X6GCuzBHC)Qe`-Sz2~ZJXK$r?8#(sNcOYJ!_+*J#9qF zADX10zbss>XQtcSnf33DkNrqSLVk-Rbcmk|I@Sw%z)bf2<_o4k?DSi>oF4)dM6psA zXP+4%j*W8UX9)7JVqGZfAhnQ&egT0A1?Vt2JHpi1t@ja%?C2h1?_L<C07VX3^#aC)i7p4 z6fMOrMG3XzU9qaW)}<`!fR)SJ)TG(D)1KD$9)|R%!FLtu$-^_BV5l50&AwS522MCM zOzm)`RC-38*_`H;1;z;?9;~citf)k`-{h{#B+TZJq1jClLzLHJ3*Mwu(-mV{jBv=u z@6(?-g4^HSv~~#|e}=Jm<)+}#6UgGt-OSCsS~rTEUush9V>(vrVA<}H>7Fa&=3Lu8Lx)M_|z7%4PIQjCIBwphH-7@&W#-C2HRhrY% z37+OP|Hq6z;Abxmp66Ocb)Xb8j9e&bdv!Xn3#>A4b zhHIHyh1w6mSDVje}0OZ2W6 zydeUxqqig{qGE3<3G>^jv-xc_e~=!Qu$=#qm5JUzdq3VbeB(Yn+H5bBE_Dbmx;11G zv+3xC;1Q+IFnn1DsF6E5!aaHJhe~>n#g0-h5U1G7JZZyAUs-%H!F(G6Dy4I zW=FYn4-f|e2&&H=OCixzHwT_3kl8DnYOAW3&A$)(A766+!Jb7p6le1eY=$6@+Ovb7 zQj?=geY+iH&i>YA0pA0BeJORh|>XQrCHTG^&Vb4$(_a!d2*89_fQH5Og4G>cu*h0Q z%OdhDnR^Cr_(h!SQ|~%R2}T}e4A*t7YP?%?m2!A_;IQhyS*3yc2Ktf^eo`ucJC`S# zJ(2iZGQiz7DsyY~j${TP^bZG4+5m$n!a*gH@4CiYF2XuQ<`uF6gFD}I6T#pq^#YPaA(D+f2#j^C zH@V*L%(^j^)_ikZMyDd{x?JEd5Dn!xZCJRDMO-!@1frD|JNm1{hULT_g3lB-zoq!= z?PF9%!Q6ao0yYR)drVS&8!6S8bGD_2kjd}MO^hiEKs$6|0F9+0uY>q6bF18)SUtSl zeA?uaCGXqN50sFo{0{x7S-Bf{+CV3$i9V(NBQkd)}gv522THJY;IZSXqn2VGxf1>wd?uS&EC^Q-v4}Yq84+8mOrGo=d`aN zk0Ry_+J6IcPzZ8N=~n1_l`a$Rs7@Ay^_iZ0E3LQ4C?gi#sHFL1$B1K^Yxxj;Athv? zuchPH{;+700zZ27Bfy}w>Grici-bz*mLLO8mbSigk~HKI%_k{_pI6ttHc%5r z*p6YPug%s3Q$n0n>p^u%Q0b4Lc4^DZ1((5%14A@!d%^Y#9a9A|E1A}YU-eh2y{vgt zGLtsV2Z`_Mx1y@>AjY1Bjo{M<)* z8zvRlx08-due?eB!7D93GK>4b!D+2b-E9$OVdKF}r<9vCR{Oi*IT*%8Z@an(q_q3d zh=lKTsioD~6Z7V_7bNJ%HTygUy*XXx7D(M4jJac;5`Dcr=+tNV!eVQyyIb@6rGG`! zZ+C}!*!O@oQwD7!{FM%zv7T|@yVGtPett?;rER75@jP&M}5M+zpMl_@tGKglhoR13E)n7)WiO-stHvwo((ew3%(p z2*e<=269Uz+Qd!=BR&_Kg>=Jy^N0L0Rqn65@yT;lDi;axJH}Xfvi;rmI{|^BjTA@% zg6$6nmiC{-U0_>IhmRhT5v#Q6i|hm2OMU&a}^^n&dGfHuzNhUkO_#f(%V_*}-YgyW3LY2TY?Ib=@8;MNVXcZjFpY8#ns;9mG_dM&`a4`^aD5WsG)1$p&;drIAap+P ziwTf--<|KCD9euL((n?(ekCAna|hYbJ(HMcWdU}w($XU?1GKHEk4n$p$A3_GA7eM4 zv8pr71^jlcV?TWA^vSpguOY5?wCyLn z)_I!o%s{c}78;(I+N%fy0dE7cRzfC=U$F{{(z_Gi@0Q47vbpjdu8G$O5$SL4X>}z! zGuBaVVLq^g<$KI>h0CbXgmK}NM$n~Hd}0H>_>kw5?9P6P3Jd4IR9S>Th(?F}#;8Eh z9kgmYNLBJ+NoO(%i#qP1(G?BAl)vzt?dBG5jS z!QKk9C;@aWgJr&5j}<7*csw?+tw`8Zs+Fx-`TYyi zpToy?p-YpRbkXsE3p}oBq;>}xDvU9ulUzG!!ev9f;~ z4RmV(2e?f|_?)eAL_-Y^Z{`~O4eAed)tyCFw?WOp&Ybaa7~36Tywmpc6w8k?K@IPm zRt+o2s&MP8v1J_>+dcsJ{pl}Y7E-u9AErwTKv@Z3KpTw19l-DJ{3nLMX+)iqU2X@I zc+Xd~)bj#M_AH7lrXna>XRoj{0OmNw5D4GSI?b*+i|EX0TJBt7f-MOZdHu=#!MNN) zxi!9g1xGoIDW7#0SsQN^3f;NgXS;oE@Ao>UVkMlF{(|H;>L?xFXfqM_9y;D3EroH@ z=)6FVe&Q6YFR>}Br0%Cr-BkQLf;dBphhmC4R~YudIRtf45#CPGUxG!~g>Bs8*Uc=2 z4{Fh20^}^+EZ)XNbV+ve`w;K97fP&@qGy%g041|mV|qbp{}6oiX)0$IVU^zD8qmkpyOun~jG<_l6394}EAJ?(Ekse1j>%_fTz;U{oHd+WoCp zr=jACptxg^ME_o>Uv=mH=K*=`U$L;>+{z!tH-7 zWM!m-tsiT@L_O>^AIne_Rqyas9tSrZpU`G%MQOxu1k3YEzCw<^v1Yk@8Rf>P!Ll)s z5-MOhpxG*Hhv(ly1Xh_hm0Dm6KMQPyukOjzLTuD+b{Ec%YriRQH>j>EOTUc(| z4RA5Yf@UaQk1LwYoey~nW9TTqh^Th=VR@)I!eX&s{%&m`)gNBXp!$GFcojV#l zT{t|+Sd3up;665#HJ-yzWWpca$DZ>L@ZhBbd@#Ba{rhh77UHu*}GiQk$FxC$=;&H1hllpB785{ySAOB?^W`=RQXdl+gS)3Z!?w+ID~4) z(erq;NE72Bwqtef0_8DDtg!2QFsAIK>-x^;8+Do^fXx4s$9nvI8H)__>tgKN%LmG< zRTHEuoj^=i%YJviTdvOtH-x;nHG}%PYaiz-lNLO8(wgQaT^3+KegwwY#>OI3|FASH zvk~u=zJKWR6G_)?XpB_}ej z5w(j<>X(9;yqiT8hy1kOzr3#R!RS#SrUR)qp)>A0y6mPK2JjzQT+yFWpQ@DM9JE)| zyAZS*733QVm=#J6JN->IWmi}pZ&w!Wx4y13Joo@lS}4McaB_D_VVHC>>sm}Qs+&r} zx_FZR;E9cN$E?;mPjpuGplFWL6q_QMt6MqxfK^NqZzQRp*4D%6+1lj)Y}6$S-})Z5 zJy(n}x&$4d`>J|p_#>Y;2*8Vkv<_Sy0N*b6fVL%;KN2s5O64ONnsU^PNW1L?d=zPQ#$|-kSUMoXx|+f$&F(5-58VLk-Pb6di>)6CzI$HYrxwy2zD>N zW)lf*KFSB&H#OmD(K3gEXcPVKRPFi3Xm&{1$oy08FYTvxGqsv z6rOza*s80;28iTdLk8|3V*!RfrWacsbn90VqgZG%x0wddjOq%rS*u2ewn9N#RjcOu zyDJ+br$GM!D^}|GZeWWNz^Cq%;-v??MccXx9x>3BO?6;PBci!OIy-F3*yq@x!4*|9EowO8 z8XbpyYuW)blO~cf!siY*m5RcSDfo4_lbJD=w zBCGRc{&~Kh%E3KEY%;e-`Gy$k*XW+N2hf9D8<0fCk%bH;$#kEwA7!pR<+!UWuM!C9 z<%gdqd%dIy)!nKubpmNia?gnmE6LfW4v+kTtS2>mXz+ULwmaX%aggi%*)G6}h2`Vu z>gtF`5E>0xIwlS~vTqpY>`o{<4EUtQd{c&@G#{wEDH@NUGu7|y%aeTP2>ic!cp4HF!ZsB!1 zFd-k}xjtb)t2rk(vy;|cgIbwlsHwRB(4Pm(srLm8L2sH&h7?1yZy7Po_&ca zB2s!U3$B4WvMHDJ3XWTBew*}f7V3K?WJmhIGUm%?t}vDRGqr5y71OK12M0w=Ms2md ztiII4blcKv03XtFcH;VW}yxg#uEG(@~PBq}jQ3 zN${^e$=AfL?`ttj+@SXq->OA#6N@dr_l09rEjjrb2CfNg`{}g|ex}B%wjOZ5s{$uo z%fCozA_luUd+wimo;%rZU19cW|3_C23XalTyalfJ@uH8m23 zq!0>h=@%~-yC)axXkAw!1o{)gd=wi^#Ia2Co31~td zVOFLnU@}!VUufVdL`(3E%66O6=c^6Pq zm4dgzh*kuJYcxEYi9U%MaDFrF@&E>Dl^9wc;u8$lzx1FJyXvm zl3%Bxw0`S{IqI0`^HkH0XD8a(TlR|{8LipH7_=>nOy=-adnK;Xbuz>?dU3*OcP5Wl{&Y z6SR&LxmdwhHUsWljBr9`n`_-lLB_7}6a-OwmB-P1RTt&^d?`vY?8}xOj z)%<=$Y;Dxsde1T?kEeTl$=m9VsG-a3_ga}BQD0Ie{@fUE9-$o3nDt5C1TYBfJHxi@Qm6L;Ca8j_%FYjv3KW*dCN zT_@`~$4%T(0v-i6$*~D8QcTcrboN*8a~B_0`agU;`G*$@AFl!5PTDfWp?6kW&e#I0 zbmD%N)yvT@lFc->8V8Ns%&AsmTacR+`uH%msAXmMLg|5rsrbH8b(W|H#cgiD^hHg?z**3p5q=FW3 z-W{FDXxzByG}|0RTejNeB_D>5AYC4@fq57LoYK+X>F?Y>ZD?&Lt`E5kS>+E%$oGyP6b`-ZLTV1`qil5ZSt2DF#`t9jqrt*F)rwKWH>;{)gjy_{Z zi1Z#k44g<{RL8X&s9Ib1Ev&8t*VBUcN8OK z^6sPiy?!FuetLqurb)EO;$6zs#a&N8F{LPNDC+UT>F_eOd*l}hei&hBW65Icybbzv zb>cfm)v|b=SbVt{OZ9F`g-V2<2ukzb*WjGEyJowOzdqlSYYsknWVubbamsDIeVj%p zL~Jd&v8Fv#plnwrmDqIv-2e8BjDGOb%sPl$afWFCenTa4MAh*TdMHkkmtQ!3M;%Gn zCHpI*mZv==Siwf^l{R+jSuq2yzos_*E1qV_&+6f!18mWkGRT1xgw`b{m6L*Q%^jq} z1)VX6cDlXOe+QlFbK?Rf7De_Ddfk^!XAQT9Okue)Ff4?bnOH2`TO;^)bkwsT!GWbx z0B9%pv&l29U!GRYnOXhtlG|HF$t5f8Y$h9UeVy3zf}V3439D?}YyXI3ZU?%ZTYZ7f zJ4Gs3TYg())gq(#Dh;Ej%Z;%ZAk^-nzB;#Rq*veLPOVqp{`{K}f^eS8&~+|Ew-@2W zUkBjAjwqC8_*tghGa1B&ri8UbXEE`Ww6l3zsd!?oijc=p%Db{!ipxLxaP~e$^vX zD*NE~64nBN`K**d5C|#860;&4 zO|iPPu!bST?R*&9$)^vbQt1;bEM}uHj~YMr5nh57se886SsNhx^nB0)4M%~WSI)!(ZeG*RwaC6c z7`S&I7NFymZXHOxPI6*YFRneHp*_IpJVeZl^JFO9E&lq5&hKTAR)W{VypA;#{5=uH zy}VsApWT{iGNQQa)*f-CS3jPHx6$W|$Y_qNsJ-ac4vxdkauzHe&{Q_}87R}--jtl0 z(l*bg^92dtwI5>YxIb%(PFq`9Z7-&hhu81Nq~PgzEIcDOk~&UoT6HCcuDoosv)P=v z<2ObW2+H!VFuTAExihaI-uv2dPdR!d5o?^q-JT`h+Bt?3En=+-p{$#uLg*#7!Hbp$ z=KA#0{ObM5-2iM$8w}HV);XSaQvE_PQSs(%c?iRGb9-yo|7Q+l3n8b{+o-$~t$1sd z7d}fw06~3L%fG~#fye;5w-ZlK)nU~cYoGW-r372)k}%e=UM!aN=CBq&ecSJ&^_08P zU^Xk-#J^-yi;RizPx_CzBnwC0D=^ERS3m*+? zkO@a#7rQvjZACk(8LreYtW4-?FjGJ)oE^$7Hg+@yW1w)V zf|dh5{VV`Kj;;;JrDk)uJ-FDA_;xLPyiq;+Q22?XovAP38}5?(OTK}QpB8w_Fwvpk zEi;h9uX^_Fw3Q<8GwGurJCY1n1grk8^~5h%rt`n|6)R%x^&6{+=gQgS{+9F|=vA`g zcYT_NBdl_26dV0uiYyEjS`~i1odwbHhTUz@zLqU*WT9Vr#6t9pzOZE(XJut_^O-IO z<{qiR#d#X2fXQfh6E2DwFtD7WjNDuKy%2Iz^6v1#%YSW(*aj6<)%0Q?4A4~N)codO ziG8(Zc4KqaFWZN=)^B!mK*1_8JoSHO+z^M@a49_uAJ@8>Usk={Td>iA8rzc*>>|FN zg%P0y4ks<}G7laJjF9|QrN$SDTs~@H>ja!WcJ@Y}CT}s%sEY5<(k?uJ?A`!S8tr|O*Ug=5$#Pr_A%7w#aX_&p|Kn}lc zVa#oQNiPLF7Gl1EW(QtR)jF-$O4ujhwcU4i4WqawvX(~DNbu8(|8RJ%Ngl>CI3I=S|f)FgYQay8tQ6hDA81T$RP zpU|zM9o++&bNMa%rZL+xJf^FBHdlsuL%+&U5QvFBx~_O)@$O8e*_l>5QD7h?Nrpb) zX8!Z}i|YK8D)_<|bt_-jH|1nU%dK@GH#%kH3-v{cThfgI+wW_qOOnTF-K`^gq_U19na;3ygZjoE4aRNCeRVLuRSMd)y3Y_CZ^ z8Z_>F^T4xyQ`5x|7I?9#Gk9F4w^;QSdOOqMW!jg#40^NQwF=#}JrBIxk z)uUuP`)~IVaXf$5GJf5`F&W`2yj(!t(rh&A#6ZUmiM#P{T*XZYN*sD_b&r}#5|~rw zdP5F?xy*j3iq>Zx$@svGcn$~&sj>+qK@{y+SRYR^oCCI|%2EZtD+)r_>t3rtFAn!l z{fAGnpNWwWpSa2}7YU^7P--LCo-8Zv;}Sgynzo2~05$d9e7Yl5>i2h>_9`Yl@ebsn ztmxy9T(eUOPkk=t$Rc6pSt3uAYyV6W{cgXLHo)1xQdB5F| zy+4ui;47w{+B%3+ZVNnoDYD?=?orNILkVkYc&lZzocy5XETX9Ma=zkpPyX|}Q3(|# z2$=(rSNW}_Lhy?$$vF~N3ixx*2_rtKPAAK|^Kr_x92A)>kq1BH+-3Yuo8;9}&ZcgeuP)fV+}UizQMpHNKA%W_<4Gq5)k|D1t{UQ3z;wDqtO*>H z6_#Qx6Kn(uf;PYa|n+IrgO^+_SaWA&=B5Ek{HBQagpO7{Fo7EJ$2c>ZW-Uk&^!XscF>Lhv* zuXVzil8&(aK9RY&AH=A?4N`(Sts1Y)hJ*mE@|>e|^cu~vHgcdbl(PTpIMRsIov@j2 zg2Nm@s#UTlP_sZVZ+Y4f88eapBXoUjSG<_auE!YW&Z7K^y?j=6`2wZ2xr?7CJxY+D zzT^wKGGAi8`0G#F4M!P%jLh7%v{cuahZ4LCQL0ANve;TieMJv>F`#Ht*;IrQ@>w`qYN^DtE)5kkx%QvvBGH z4HqW(&_Ho^^Y%kBsa}W&-(K9a+VA?N&v=F;&pC!mpSoVobOxfQXLS8B^K9fxl0sVE$v~UGMz1NAWu8o_AD4`MCw1C}l zT0(-Gnq(0z)P%@Ie@kY*pa`#p2qz~Iq08+XQap+v;GpH+dRgyAHEB~#)k~50;Ar1f z{ARC5DwjX*yKEN>*F&!Bm#UpF?B?n@zJj(Rb+X?WSCuv%^zC&wZcRP5-eZMIr#a9~ ziR3=nQ*VAoTuc?x?&9?UbgTEj#T-V2P7F$qwtvGH1b1SyrkkU=f4-M0`Cc;a zRg2HGXv%Jz<$R8Ds;qJr+E790>FAx0MKe%9jW?(?<{DHOLGh>cb1Mj^Dn(XaL@6E+ zuKZ5WcEu$kG)1{mI|3Iku=HxKn(|~w;wfj588z0DcHM0;{ahBl6Y=jYk7Gc(>B_0?V_yBR(e2?FkeFYN=+?6Sv z*~~4w`6;OFW6McEaX%PFv3A+PEVakL+7~mc&Ko< zW0k5ES5KHwWTU~la19SFqgHk}9uXbNL}yKiYqjh_cP-mK$pvA9-hxN*AII~}`0^Y{ z6)m~D25xOEZv`oo_XMYHm>NzNyV{!dh4)4Vtb^O!9;|OtWHO%->LoFA8eW)8AlWzf ze%>)0-cBCspMc9}9vaLZ2PltC{0T?g`XyL7yGhZYS8W^Ur9X>*spcgjf6{tNZf0OzH}k(AtnrlxH_FUP8w3rQ;#0sRDRC~Q5+vC{ zYu@CvY|^(uvAa8p`lyB-i8u%5r{*o4)UTO`fXK1sqoAt~Ac=)oYZ^}Jxy#z+jrOvn zwGSBez_^489>+0zc7U4*c)J}rR$*sR%kC(VlTWf4l(}uJK8oKJ`s2bO><*GrO**}N zkC>6S8@#He0{rUADi{W|1z;%W<>fd)7S(Rjqs3f)Tt+xQ>z8EAw$}ITxi&|60Oi@W zUSl)R_1HTU2jUPQ68t4e04O`%Ce*u;MQWF#4Bl zVW7?bZcQN|;>BkzV-#h;%b%S*fW}-JwbUr@tIPb(hT&_q{a_2p9CggG59x?>SKKFZ|5zStxJz|N40?h|9%0#%~rXI@yAj9XkCK4hLf? zynW7E=$Z}YmTI@B7nV9p$`J531rDJ-l$gxM?eg*+s5dQzm>#2H+DEhux&J+bVmgv|@s;aiglQ4(DfdH|ShoAr*%@YHj;;EyhF(;yc5wKS z`mYcT*yBX);*qHo8{fEP!xwJoSLVzavOYzlD7I9+Gw|&V^q6Gnu&8WG1vyXiv5koK zgX_#bc4sk-?^A8|oRR6$^zGw5pL=66i?aOCqF_~dN81?})i$ritn%0#EnXJ_*#q{4 z4>e|Tv%)_>x%ubcCJjNV9*gXh|6vFJXIY~|?vN3}Wqe)syD^h)&U^0L0I+dtd(Nk0pv{OH~uij!9B6oL6CQ7m5i`^RNL@`3~@-eleQF!r+*xwfSc zUf!J}rMIaLriY(%`moWS8y_i*Df&lf7~XEg4Dre?20zR{M$g{)oKyz-f-}UpJ62n= zzxYgoqg<0R`Xp^mA*_iYPGdFYT65FRaMv-r)iHc7KFX`oBjEP!%;Trmzg8o;eE%T6 zdTVP9W<`7P56d$`$QlH5@lH*EKouS$m&Df@+!quwsr!o$Eq;6L#-4PB)qJz!l`=7r zmLY^V!SLln<*MVpj$J z+;TT8<_9%skx$-h@5sTUe{#qZeZM*DUk^SH%UYR*>d+ndib`aj_=7OD<^OCjIG7h* zT)}xbK`y`YAKgr*m)N;!vF|D)g9OC84rr~23uD+S@l#7)l8>Qql*|@exk%j26u?oqJzM;MI{P=PW z^Jml5IURI`A}Wlv6Ni=L`hxn{8@=>QB#OxWgH0UvCiDK-uLg|Zb@|OqpA@q3M)Ju&okXh6MV-AZyhhR+@AJrjVb6Q)X7bH z@!|QnpN_zbX8Q;9REQLPI{w>v_#Y>+<>cv|?l7#^+le(1J7v{n#Hu+CKh82U%$RSI zCjCn$OelZ{JzQaUZBmHy!E%qz$44@l7Q&}YD()0Qgg6PamafLXXcA_BQ0n!A(ztFO)9ZMszf5ux2Av8i z5*BtDEp66)57pY$UcPs1QS+cj9-Rdx|?BiW+uPF~U8WA8bCvuc5=G_9N}`TJ~&rm(`RoN!VCi zi=4IbVuCp%iP!nW_KL&Doj>^4%dzl}^3#Fvi%K`62SnoNPW4(TTTz}CbtK!?#-+IV zFFG{tuS6mXQM8c(fOPBUr0%}uZht@25WhXCQNkQJvzGKo?@&IHtw9|Ef0C!yw2%}W zYK>@^l5DDm7-f6(Oxl(G}S{Auy1D zQfhx!nCgF-NVxWiS*9Vo$sj!yFOxxEN{MDiBVp(6-e`@Oh$@6~sMTRELGT|u*Rpx0X>#A}G=EcGaNkTDE@Z}cNK zB}~Y`;-v0zGM-u;)zWty#A{PJ*1LLvBho4msRlO2h?6!Y-B`YgFp6l}EtZL;%z0fc ze>==s+fMaB(gH1-=u>%R85XAODnnfIGSC$gj0=zJVBa}50=hFyv1O|$|%3E&%v=yqUCX+EtY-*qEVn!iXD(=|*aKY3ygw94f$*%^t%ZcP8rmG%Gm;xWF6 zeuD`gQvZczeIiT2VBq+|PH1eazj*qWCq<)VlJ9oDUyN4bHNP^`O5j$>OHr7Pcl-JV^>@HDD-w0 z%uoy3DiOTBEZ-UH25mTkc-0raxiYCIT-O|axVImSDZFx|hRFQ9&MjQ%5Z`(PSph$c zja!QVE?+LD6cL-X?Bp-@{x8bTGA`|p_kPZ~_sjXro4IDKb=A7o@7paUSwEkN^Vezlw>JG1 z<&3cu_t`khee%j6Ji-!I-#kqtDGCS05(bnP_6-7i6$SgJGrAr^GK)n%2WI^kc&#(i z`%MnFI=s;dO?c&-pDTTk<>hpxc5*#JtKYjns;Ec^KIUt_MY~M21PyDg-nlGQoB8Ur z(P4XJj{ByYr*cW8VtHjX4y}$*osp7(E{Btu*KX;su}DXh>PI*N3(s)0LPiVbTP>IE z%1_x($EW8Qbd;;`5H!iY^zjutzJ*rLV;*++#y`cMzmli_?IHfB&Cztj`vcMYyrwD1 zi{c%Wevn2z6=6j#f1cT*=sA;?xvE(gO+f`_V&Uatl%~3e_}13;jajd465}LMtojh+ z{7YQ~hxk8$Yeo-T4{t!`sb>;6{pr7F)Ly#c|<7@(L4)> zeZQ}O5c*^}=V=Kqc?TW;vr+}^S$&J{^MF%qW&a>MLmpc$a^7uBLXLD3Ox#&|E0p98 zVTU*(``!Mz;|Rp0v$*8)v#xf+uDu-(&Mc zRPq@bVbA=E>Qf!B&QEPzX`|zvb=0g>-$eSclrdpSZjL$0c2SfBweTgv-4yIsHI-wj zwro)MtGUKB!!kEY`Gp%ehJP^`7KCQnQ zxD1Jod`3>LRY=RG!D%t5{kqOJ8AZ`efN6h*5c={RBRa$DMuza~RH1`654ZFOqJE2@ zpq<5poS>^R$T4z4MHZOcdHb#X-`PKv(mN7S@Ld&Km%061wSY}q(l^#8flz34zTCz~O9 zFA3GeZE#*zsPT(cLTS#n<5kInOl@*2j~;TK^X$7!&z6!#%8tuYTeh;lkh0vg5$})* zicqQKMm|rjCUq7MnY$>BJSaQjmiol>8-dIG!Z*b7Yv)PI$BPpzY$XTmxR+yu>3ZKV zw@|>!=!-_o=GdEws>qF95UvEs)?DLCX|0MlT9-0w)l%G_&j zjVSX}tk3gOE*S(;GU|^r;o*hEuf@Vq*F`*rAz8&n-A}04(klE8OAxMD)$pj-fq`n* z=ELz|VcIuW-2(;Rr*YpdM^lVXSud(Hpyx+)H+g#XhqOrr0*`Ysk{{&8e}XVQ5ukoA zF7>wbH(_2tuQZl!a&YoE^Hfg?efymj+ebN}uwy$F2sQEBd%#;UoJ*e;|` zU9K9#@j*2^Ifm74t=9NXkzR})?pvlaz4h6(Rss~#G)n?qr5^9_w@{brX?^bf~ zr=|)LOKNz??qoG@`l)g!= zdlD3|tlO3FyMM@>Q9w8uG8{GhC&zZUpDn9kWpTc%J+)>jQ$)ElpJ2o4HD-cNl*nMU z-2ai&{`Y@K1-^Mj+Iz-XH4tOaeDjB)j3ltDr^^KH=$shg{=3OVRvWu*TVGb(tpz zN_kfLe0ALi2Y)Wb+iE|CaGqg0$sU~inP^TSJKrQPPt^53+W9@pO%+PbCRq+i=-VJS4N ztsC6mpl-brmm?`_!OQEClah2-#jWl|m8XT_9)JmWL(vJ33KFN!-y&-?Q;|B>H|?&$ z1NaO@&laealvQock_u>r@H;#h%oA&aaUY;o%2{%|zHO?lqUbXdaZBnv66~QXN4@$Kk<~XS?csveM3<{V`jYW8WOEMCTd3Yx(cD>;LhMxh(bUbB-({+hjY- z^_{Cb`Fh|rvRhp-!YmHS_iidijTn4@`H%{KtYvxKK&BOZ*{esy zDoeoslc=lgN!~g+8rivQ@6CrLapleFN2?#a3`}HD@)f(At`@A&*0)P%){-oic%bEJ z9_DUztA^Xv;SuyLB~oR&PVd27CSo3-$!=L*_idf>Bf7<;OB%8x?N>#&r#hui&vUeai?Vs{&%Wv`6CC$6gHLmXM?tJ;*3;e zpM%$J$T5R%ukrj}vV1-p+?a9k2Z;(|;mM9i;oC{V+RQN(Q_&JnL*UVI7}N*jz`!jq zbc93I8gg}PT&#?-|B@_8qMfgO7d_UJn!4K&;FW!y z-vX%&!O^O}`P=^M1iuybVB z9dv{ZhP^^(Hg_b4d$f2ps+|A)82e03`HEgJ+}7QT40Lj$tFM^6vUZRoTdX<&!s$nu zoi;#j{5C&LbK6R67RtSVb%CtWmonOE3xvCh}Bk!>(H5J?K7Do-}@rQ zGr1`0^D=Od*BxYHK7?lt8T-fkxgr?%@m!2P+wf;6KTY?wx}d1PrHCOIjr&qzuG)G= zK<8kACY!KE%&l&DKiYUWBl__AE98rSV@Ew7`n6ZTvulNGBa@HbRu8Vk_k z(hVjvPKz%7q@=tVqQ4inC{Zf*rPlW8rZwkbT=95iLm%Ocr|dO(>lUTJdqK+?Ta-9b z3zCwmu!TK*2Tb>XvehpzZ_dzd`80E$ZUBQRpmp+!sT7(6_a?3v^jx? z$>Wku7?gdvYzKX?L^k;QqR%k`qKa3 z_79*4)lE4*#OABp4`&()7B8#7R%&PzYqV5JF$sG3vrx3aXjW*}bSX7qsC&@;Hzuqh z^cEBMndYImfk*55Gj24=-|kG|y7M7tWD+|Hub?{XweIzUARlgs>eg^swx=z3ZO~ zdk07CWSWd)(rkUB+g_JZF1}hZ$P1-lkX5a2R8;K(E^&W1(FM|Gz;lUqjkvWHJZVc) zIS|Qs>IGU`c}6GXBAP@9pwrg8Lf4mzbrQ~*T1fibzjeTNJ`PW$bssB+#W0T|D0oa4 z@XjpBN9^k&$K|ZW)wimq8kg823);jWz0H6o+q?tk>Q1(Z|JYQcUb?CFKZ9!jeI4zJ zugeIJC+n zvaeL6Yx|{A4Fd-5YG}W{v=mM^eW4FB#|y*7HKE63H=_-lYbZZ=?+u|iAREd2ELNk_ zY2S$xP^48{@BL*ZRA|rHfk436K|N_x9W7P)14Gc}4Ttsgki^M&mXw+xgD?XR!#7k+ zJgqt{u4n8uq9rh+g0dDl>qF_d$%008sXxnA6Tb<_|8(~r7^IxvJn9~4E5iZ}?qsSr z?~t#9H~A*AN^aXPvxsZ#@WNDlRykf6%L|S5UcV z+OI+n;`U#Jm8-3v$C~e_PpcH}EKGtb^TIbg_c^y^FVk<8o|n?m7+{&zg&xtA90R~Y zf4uK3G32xBS?us)-)__2wZkLkar>~n9?D9u&v^=S>9QIb@d`Mh);!25*OB%lmZ4Lu z!PU4OLOM_Cnn`};lK9{_xzz5rLgQ&O%D*&U6RUZ8EAXmyB6s%nOcwzeo2iBmR|05q zCmP0ZynJKm`R7K)hKmK{_Cs}^4J>ab4m0P}GrBMijRF-~5JJ~w|C8ekg^S7$-yn?O zbR(2Ra8_L?L*TSgAvn?e`CDZLuicCH4QdDLK4ZS@nj_{*<+lkQV;1HO?R%ZL+_=N| zk!pT*f*n!eN-_Bg6f4wv;$)FNv`Eb;<#Agsg(;QU0`RV`e%H41Gn3 z*=(2ZH7OPFZsCg!iHpe(7`PaYA&2}?#iG?j1eJ4>yE9Zr$!x?TlRmvyWQnKpr4t*x zxdqYY%SrcFATk zS#3Sh3v20bZ5%wNZ3}MX-qxFs5dd9KC91X$-pb1PWPjuymcdRp{BKobl}5$16O*6^ z@X9?x?SreiB29SF%KU=~LDy5fD8BQACL1Oyy9dPDYqZN|rRc6FE|LvSqO)U6Ux+ux z-&0Y_CWKk-Yl+gS$8kYZAoILLaJ>sv&L-%mAW7&nDt&Od1tnr1Zu$4PTg;`SpJ-^`|**PhC!T%(o zZjE1HP}ef{5^s>Rkwq5EKf^aF_PNyEpWMRWoVufLCXH=>FFFNFb1zwYpZaZY(!}~D z)daq6%ADW$6|1d1++j%?75{0cmYw!dwYtA#pcmi&l0H)&kIFNjxEWadbSb9fCaAJD zvT_yJtSg@14$7+?Z{7VZU6OyY|aa*hVQLWw6r7>8R5yyFQ8+Kb;K#6X! zDJvP7QT?|rEQSMpv`sX6vqg=9p~m4AsBl-$eNAh)%KmE`=bcU*IWadJ3{TWsA8Gqq zw|lR!O?-lMi=gtr*cl6wnsd`W{jNJlgKv!EU3lao(O1vPGL5B#KK|Es1)rtdeSh&M z2Og5wY^LY{@^IVcYvQZawDq=mL3(TP`I^bdrulgfV@tWmZ1AG44tb%FeHk^&I+>hb z?G#mq#R6Mk!HO4TWIby(Lyd0o#E1^@LWJSd-%BA((dLUw-44K!oFdM8ZxLpLtAd{NxTPeyp@L`!C#}*6xMv& zWZO?!rq3JOpAlJ$AjcIhX!d6x=2nIG<=FBZaVW&H^^1oqM7*?!*E>dF2Tw2?u6G0>PtHw5HhXeFH!bK^r@%{8fYGbtz+lK zrNXl{Rt_{^HnmDM;l)K-mwg!$JifM)-%2!7%mTvxO;q zJRrK0^3c_K=ioef2R!@BL1WZPlCqaZKrq?FyS9lrLY9YLT9Bp6*#tgk`p2t-4r~59 z1ak{BTzkEtHTl1qGK;$nb00o<B1MluX~bgMa9xPW+~q_}09m*j&S%l=L`!_UK?> z-Ld;Fd94p*K^IiSB{+E=1R7`bX5}YXwBffQ9{P?a@@hCmJ8DO>@nY0_bPNI!@s6$j z{r75e$2Zg|nghG|7A&rn?zIy?Eio-Bl0KdQ>1~wCoNgh=6z+TrQl<~uUT@`ke*HSO z-D_>)jviRTkw{~>qkP);_cpBj&xNXLfzd?e)B<_xigSHak)yKMc&bF}XltEdyD zA>1Fc^`d=tPF?zlSOlRLA^~5BazKg}-hF{>t$<@V*(F+B@{WI4-2< zfYU4pC}UJWC>YKYY!In^vMjnf#a}c{>K>C*#F7^NCJkFT&lQNx^wPZ6XqwNOJ$%VX zX}FBtiRWhznx=qAzRmUGqeQldZ}89eeB2e$zdGfI&b%l*Nfy2w{KKylw||%xb*f{N z#A6bu=Kj?M^h2C*>2oC4z6!dKz2D1tvcBtT&BU583(H#m8ojQOU!dsTlaoqbmcO8HIkyQ0=jsH@87 zMQ(zGwY=xW->$O6p}e$NsNU=5m!S`Ot1n`JyE~FDO6ZY%{;%IWm=mr8(3{CWTRQ?p zT|2%v#TGeRpun7hG3e~)CvN^Tuy-W3>}CyP`&4XV1qSRY0_$oeEHzn8>zaMC$ew;_ z;I~fECo`4`+MItc{o14*HVyieabv7sFe5#$HyXh&$iEK51)K%HtNl!XD63|fyL0K( zsS}9lSc$A1uEN)$3)j(u6^2{de)Qbqz+hw5!$pxFkwJDgBPg36_65ZWK>H&mzM_8s zeQ4(f!NT9TG0Dd0=wuI9r zRy~j3*+x$88|OFUj(Zxuj(@FMv58aWFmlfcW~+&+gFHVrzvu3}HK+hf|0Pn7VNNxq z*O-tzoEsv~m%b(@-^ry{|3nsLqaO5mo7P!F@cb-K{-*`Y@3G>DhqAq+6>RDbhb4OR zvyV5fL9BB$kohrY<13Zqj#Wh>(e~+>SGcP^SzelA)uOx3jBKnX zH6N;~7ZcHoSiFw2Le~UB(+1wRuv1NVkrV%U0O{6k^ZC>o8pfV4@P$SV`SSXoozlNr zWiD;dmmd4BzRK|SvO{bY9DCUq<{)`+YJiK2@k~K|f2K;<{Sp1qI5_JHY4rCd`yixpkBSHCyI+vlv)eG{h??u7;44w+A zjUZ6!{ut#3vE-SC-^c!r-iL*U>|++~_WK<;>3|!TEzyI|b#lZ9RgA!N+otaY(vSIh zv6%i|92t0H&=(og2N*%&Ns0k z>sO-`s=?v4LG`u6f_*Z=>1v&OPqmqyYF1A#3QmMz`>v6i+>~?ZOISs{Ea5_Z0`WuK zCOFQnT;Q(e0;AYT*;C8s1wFO=4w_6dc6OcS?7Uc5f7ia&!N)}+6Ha^WR}K)8QZlC% z3J3*uGRYuKU%QQS>s@`X?Pzw36Wb}{!zCeQ-SY;)0(Q(HHiUcPNmR-h4MTMsGMn+k zw9Vgb3u$8r0*k|V0y!E(MbAQMm3Ka#7`5O15uBa0DY9j84!`xxU; zkc|zzxhx?o#E+=4OaRv=X))Ts13;2>PIYR+Y8(4mDKCm0H1or^qhADX%yLdr{{N2- zurUQt9N@$S20s@}aQ+zCh7yo%+CzxvEizLu88NT7CzA?+O2QHJ{YK6+LWI>+Rm zv@-m?Wb22doRuH45sQJhC@_(NVGj;&lqcG1MrX$|$qjRD;)D?8FC}Helfea4%z8|U zi3J?}T8BlhP0M$NDS9pI^6c#Th{_cKU`dSfrxMc2{bnDXW&J+u!7YB{=xr};-tE4N z74pw>i2r(Q0QdHt^dUcs)NTdg|WHJf4bFWHEUZ+*X0~V zog=kV%g+htz?jryj7%RV>uadyR*&@3B+FeQlpbbr>H+=T=?0&)=Rzm+14RUBt%DFk zxSWF^>LKekg0U*8}yhANvXK8emf zvqnXFWgHAn$8R%FL6mBPEnvhoTC4H2#>*EaYl<;s@U(#XcutW)8yl&^fe~}9hVjS5 zXsE`CWsBD;q!4mDaBCPY`Q_Ym!_d#k!wc2Y6l^kfCHj^reDlO#@bh%n9XC#$>>6A< zT{xjU;q#SCv-p3no+U!D(Et<(Icj9AaHCRXw$Li_ro|QCsm=S?xj(IDy2B+ONctHJ z!!OfY*vXX8(-tneY}++*Z*U0AIl1`p@Mrv?|@!?Mv&ukF?UY+tcuE@lks# zJ4CdE=GslE_tTwkc5fvbCmzL6vi@$TX?wyhBrdSY_7z{2%8|6M$Z`ox*LeIz$bv+W zlnFQTUq+Art-IgFs?}{r+bYfs3X6bc78##oh3ou<4OGMSfUb#hEQh zZk%(nNtlPzV_}XT(cstl)%_Mq@n$_y*{!YupF?gW1<&w)4b8@;8p*h`q`$agvK5LX zu#ShwqEz(B=e*nfFcT%LsI__2*Z#=Y`z#VK;X-wZ+Q!MH{(}t&`<1u?@eyrBw#IY( zNHQYkzm*Wb;YYC2{P@FKf%urLm6Oy^KV@~2x`s3$&X2SRcSipme`3w} z*e_>Oms%&-9CueUI;E=^6*1ALzO)VOe=?Qef0_Dc;fV5cj#z_JYanh}fh5UJ4J?t| z>Cq&yKIxd!3{m0OD^WyM(ok!6?*n#B=c@Yx;*vTN0qO5RS(6^bz+L z#xyp;7KgmlT5>H}D15acSJR}kB+uTsO1d@cv3zJMgB*l0iFY{qoGP8^R zdF@uG3&pwL6eZycT>P>&Cr6yNZhCP%9+UX;uMW9omu8`^jj^b|HD3Lh!0tL= z=6UM;Q|DQULSLbwpj-OUBAS}b`ld(eVEZ01O~XKXz2t@JHNQ@)jj$77ifi!>F*o{h zjO2(x5CgFt?W`` zyb^Ms;!GK*`AYn(T@36}3Z=BfJz#SzjH`Ul!k;YSrMLLOi${D`J!lV$SmAG`gtD!0 zVpA>ijl`GxWMHj1iNe@jyCmp8EH|zD^it2wr2EiC9_+@5Ir?&LfhWT`D5w~8z1k$K za}eDUKlYsax~NFph&+5l^o%yn`~(@UH~$z~KKzXSY9*KF_XrIbPcFdfUV5ZnQp&`x z`$9aDc1eWXTK4V(Eb`g@di1kb*5W$+S-R=7%)Ya4pG>)$QdK6^PbkIXPs`}LR7B=L z4$KWL0MMD=ZP}dU>2u~RGPk<6^(_Tgg-g!nEM2GC$Wq0>msvT|ET2E-W*t~fY^nDC zXfm#_`-pCv#BrI@-mdqAL|qx&sfHR2tZ-i zHqY2z#svuqYR!2P9oND^92OiS%UW+fGo-mPzcXL!aqPK+l~Yi9Ic^WH|EjR+4r&kj zwOC~H!`lu#Z7VFcztmE4H6VS3jaeQLtTvBuabX?mi#UFcm|79~qURs4|2JxY=?Sdb zrr+34{Ay_=>K{ilUk7y#V#_u=El)(mqEC+V z^PFsB-65Hq3pNkGJ+RPll`5rsDLIX;(dR!4;6>@0Df)#qGX);iR>7wiw}@ercy(mAW{XVx6>|Ij{Ul5hU+issY16VH*w&(!8ZQ|Mk@7eHi#5 z(lMh$x0U2(Z9k{k`MTr>Iqa6YMi`O@88G?rA$0K-3FgfFVvnIvTvkKPt7@*RwR{pm zqHc>RF$TOffrsN6!TEa|@D1Hj1S_sWy@MDA`!ArMSbQaj|NH~sNC56e;!bO-19}su9A6_e`Nz;aVSf@T4eqnu(|6 zb<^$b0h+bQ>m4yZ7$&z@q;ug!Ev z@8L^#@O1!&8yj{4fPrk`6chkB=*|p~WX@AuygRQ^i3G%vdI7qVh#(*zet_`a(_Tu2 zIF8DDDYmfok32M50wfqq>Yub+bh2M@B6>zL1Enz=u)irmQ11Z@$COhC^3GR@4S=63 z7ki!kJS^Ayr0c*}cE2TIHn!R2I$MwH+6_Z4t@;AXFVte$IP4#{v;3Rjr!`JvqW$$- z@ULbT`UfAqi}pxnnMFR9{Ns6|A(lbOqXu+#+f+}w02a!XWz)Ohq&H=<<6vCEd|vWn z>-p8vTz{z1b8<$^d!D+P$>}y4FoA6n>R#lE!M(;13xtAdm+EOc;ZPy!w(KjN=QXoZ z4G(~DwC}5Y%24^Wy=}Jhv=F`<%@EgQIxglPDqBz)eYk5kJlAEvObd5|$O!hNreQ3cdp7v^KbzmIBsK#xmvu*JMJ z{lNLN9ZprGxMKOV5-M~)t%0W&N84LOGDM_|O;9Y*d40L;LwuQ!9cou7*7^DYK0n*QvsS)YP_?-hdcP zhR(`kO*_|_UK%C{6>TF^B;7WW4qPvQod;;gY%l;E#61RLV6FFDD6qbjVHwmK9g74* zvCa?mqhu?U(ojbpZKIG=fM!tVvO`YJ_ks7}d$eY(;Yvt#G{%~`L2L3t^7aKUye12W zwcMzUGKcHruO83;JWgArN@Mc2XgQClgIe7S?WCJ5o}5=zRI)o4woE!R4n$!LzRtk5(Ao;LmB z&JRY`;JnDk1MsuFWaC2#<$d8FjpcZsVDa7w^9_T?N}wSuZ3oc>k;Yv!ze)IK$&24z z<&S4o(Mn@N!Kf&bmFRGKit*)Qt)DIoA@6^sS6>>r4wY-(9t+V?^^v|@$SC;KGi)b0 zoV#3P=r6%`O&#=zDBb6R<>)98?ZN7J@*_RFH%{Fpsf9MNDbXC^uQ4FybfuhqmiNRm5T z`&Y%q?9FwJ_jOIL{{5N03Ls*Zr(^?)ORFV_rjBo}^*PD=zXGbcn_cy}QGRUrW zGVXQ~-kt)F&OLt@Qx5Z%xDNJ?W!#!b4*>@$VR+KSJ_pU4wm$pey71Xu?ChOfof znyU{-IvncTIOQrkwRxlvwCS-yDMo_xaBd!llDRzGl-HPZsr`cAy}lOr2E@H(wr#wz ze3=7!=W5ZE^T+1JkivCY;qdiRx9n2`jp+{|fQ#Qdt{-N50P0SQuAJAIZFjab_`vz) z2?c*5VSfDMAl^^pJMCJL4rqt!vEz#SaM#^|mzeVD;~WSapmfpU1?H0}zx7ypqe95% zd$S9FL&?pf31iR#5%E7yYYN@uSemwlJju0K<60En-GAhN1cU3WZlZlT&UrUxWSJ6F zxT!wFDvBOE3D_6$XI(x8agWKLV{z~SueojA zv^krrM$U?zMeo-K0m%UCCDBbJKz%lrV!|F+d+!xuuQup(^HBi%1@7aYi_$by#F~w( z&pp|M3Wc>J^aW4`15T8tEleo!fhBhB(_Hj#9lF~ex-v^jb(ri1gr|A|4u!r;77$vN z(#b_!O5J2q6}?WgsV$5J_`?8} zHj3>baP03B4K?tDue2&JkxjvqYmO>vi#pQTw%AzQ-DR^B?pCoAR_>-f7_R>{mRa!h zNL$T4wYtsMDq*fF2REOZmGCBY!Lr*hpFVBbFI>O{GP@g%51GQsmzqtE6!QCr$L z2{}^U8}w=cdf=GXYmo=#a|QlH__2y>pBe)|xocdkPk(E%g|b(E3noKZks1Rl+sk62 zG@q!PU;0&Ra0j~1eIAc!EiXCIzf90iIjSLyC%fT53H5KKC1}k*Dp2vXEbMUtIm-PR zQd=FQAjxvxDwaZ51T^ctV9ueCAyJ z@|bnvhb&m59$r=AHt_oT&c*%7R@jK>q1BCsXrQS=W%4uo*X+4G3AD(&8z!mme85cf zL*ZvK%={uB=S9$5_(CWeMC)eslWTI<=oG=Qpe7>>TLm+vR&1^=wu;vok7BLNO!K(v zq9dT>)j!D8sW!A4+Kf!db>7~65Tn$TNs!n=XH8YB{;ztf?Mr2LQb2k6r%nccx-%H= zM96FFc*`^W@SWNpGpB2D*fH0Nb(GaNOtzY0>7aC~7g$wxVQ*8o+g2!uE%M#JYGNom zs;DsAzA|FbcfR^4+v~diDlc);jmGnsO+CR!UbN?WLYb0Fhn#Wkj^nF+I<5`lylSV- ztMl0{`N-h{N9qj{hsF7kZyY;`ij7V~+CGB;&t~nAvT6u`9JG78^l0TMDL z7bB8Lwax%G$IRZB?5^?+q&v3c+Nt+rfNteFQeuUXgcSzFWEInfaVdsW+pmT$3yj*S4a+cxj6sbBQT_ArXOT zGR$9@@s)tCFQM4+hkTl9@eF_byW5*G)c$h&Y^s7MpR${f3}k_`BGBrNvvB|x9htS? zw%Sw-n0)HZ)HJo|B@)x1)O;Lad*OsG1|&x>g-TcuQgtt`3v{?e>*sU0=>##WPN#hEtie8v!Ous#BA3I+AyNOVjXG>=JdI{8ZZ-ETSF|j`4M(m$ARh)_Opt_Yhf<46hf?{s#BWH zi04#6+lq@Hvtg$7a^gR!Ky|Z6nMyrfjC1eIx&&G(uh4{oOrt=4PJ z5~~Bydo4I*o8HYc*dvihKqs{Hx?dQe@ALveb?G`8RTIILgw7eog_+&XES`tNr4)xH zOAZ05r%G%9YvSq_2PDzc(LmdX&+X z=v0mWPF!PCOi(rML_-YbuVja|gs zEs67S0Uk!K0#=zVlJ~gGEL|hYi>MK8N!2vmM)88_$DU!M)SJo zzkyw;sL`*AZf=TQ9P7W-04m zo;vI458!lE?cCKeTBS#M7;T<6-o>ufnprQdaWLRcpA4{CZjxO!POBdbm(7qfR%{NH zfoO-Kw?1D*+P76bp82|G~B%3asecA#<>2 zJ2E%b1*FAYz8(95P1O zXQD%0PGbz-#YtI1Y2`9^Hy+_}d`-`{Xm67_rNr%2TAN;8x_UMANVBbe<>(5g$f9RgvUTY@OEeIp%M2bb&Rni!^ zwNZjtt|dE_@KStNY3ASrUQ5bc*e{6mgGBY+WV&o(R@XdWIOBjS_q?*|K=p-)=L93Y zUmybLUj2M<+nv!8pBhT4qwMS{AP5A^c{{|-&vo3IiO)T+{c4;k_0Cw@Spsz@D82xb zrNE6~BkI@VI1QF@+{84G_gym)hEb%b$>j6YHX2r7o8)&%Z_n7@z39eRQfm8h{IPvz zCD{52{-PxiI8`k<9*^u*qOKP);xOR7I(a9bFj@oZuNhiDyQ%bRY`SbT@CwgTt#ElK zdR`-YWgYicj(5V6g*u*pUKCUG8*~|R+cD^KcwrFG+N8I4@4si57XG?UxHJcWprGuk zwkEiA!52QCHrlJ9ZF-IRWHU2NMXwQ{)h;Fa)hr;h-V0hqucsnnfD*0Z-FDPn53v=( zf&3);JawwkbnZ6}-a4R}i9kbDh|_XGVgW_!x_FCYuCm^7$TXYIxL!D9T+goq7?mM^ z%s&jr3zrRxXT^60WLq2^NcHa1<$k?$E@#%-L(fC9ysxmDy^PZw#>;k&7$jh&vB(KU zxc2_`P#=>ss}b;85Uv5gemctIU?C;12Yge_=T&=5S3Z@8Km&yV$qw81v~QSOfZ^!J zV7Y#ZhlO}};8Dbp;fPpZPnap@Yp53}BsJ&Zx@%)(AJsn`O)?+$XBU5HDmO2@c~x^0iLX z2)mwmvMKcaGQ4VffHdUB_81n!An_=#^je#p`r zT{jY=qC;XI=cma{hJ-Qn01QO^38sS-etm>c8$t~*V>fZXCJl0;3RPwk3m?rZZo3m~J&vtdq zr6TBa&FbEeL+Ciqn3^h$~Yer{a z*&4~aER_LvyeuP9h?+sgb60KeYYHOc$e&SB?Cv;fO5PSI-V_nw&JbkVj1c_&t<1rv z3*7U=yMx279p<~6E%6rIYzJIQ5dl{uCb!$ZwYF!A|LQs?PC2!{+1BeM%^9YkN@9J1 z%pQ7?C3|q8pfZ_`q;ALR1rnUvTaj_Qui@G6`EaAFwtdGqfANR%Rq);_j;)L2Pb`3G zwcx4u7}bND0OK3-gP1M96OGZg>t+Sr-4BCSHnq$XYR|Z2mf{!VtO>!=1j|)pf8H1! zbyA-Pd0zzCytjB8V83qxKx4*l6><#s?FPk8Qij6wQ@L%wYtN_}nA z5IS>U?^6K!IYNPvT{JR8u-WXlRgxSGM?|4pEgle_!+;Y9qwZm#2$!ciTzM1UA4kP~wQCc zCBgMBFUZ#Wfpi9yq^-4NkE-kk1k7P9;53tSjXnz1%b$Cv@u*&f9_uEmafs?ZV=jfz z*S$6ynd`gn^6~rXUY7nopV8++q}?R?_Hz8#TO9;-`S)@|Kn1<(NlCNl^IL9)H4W1x z{9G49l2X}w%h{{@L>AuD;p?muJHNZheKYAUvN;;a_xDHjSMgO zz1H}1DU;i(>hQ@-2CpKmPH;5rvQ%uHerhWz*GR|leGx$`zP#jw_nmBY$KNB-=xRnx z;zJ}~9*QmIuabLuWs%~|8Lx>vc}3!I!l^9s%r?T{O~+1V5w@KnC*x=?M0+i;xlKN6 zu=iVKSXV^n*Dmw1{O2IUXI=|?dNoRm0vQfh6ruKA_9XiPfwjeTHi)t`nAI&U;S&p; zA;FD}L>+BcQtNJmh_Y%NRO}J!V^!q>7;_zL3Fz52h*|4(tMVIRF~)Cx;oCCuNMN-z z`e(K+{)z?9&H*-y4CSo3*VGUjVb?C)zJM$EphI+iXP!{F-#BnOV!pv6jJNrq(9 zDDtgy=kzU5y9m|+e6vYcC9cDT6lbDKJJ(-$*%?o zIW1KeUvUit#K^WQBVPHsI2Lok?&i3=Ayb&0F0!tAx`2iek_ob`W)bi9@R3B1H%iE} zpd7QE0vc4+q(0Nuw2WZZkh@5itGXzX27^gpy~H;0@@HgLwT4>&q4C|oRW>M!p1`<& zaTw>DJGRF+tzM%oJGWl1XDN=QVt&omP8d_1i&Zju)Fq=~k((f~nLBNIPu?98@Y6KV9%-_|e@LI;xBlduU|H zc#q09lEjoirAY1iBvg*AD&=0Bh`1juw|z!K@Si=kmzY=JzYaIc{XSpD)76{RjXyMC z(C_hN1p+JnVU%wSWBo)-nr##Z`Q#3)c%2{%blY&GeB5P$o3Of< z-CV0PGIoAU`y|<}=oJ$Ol@Z!)|AVpb3}^H2`>s;7)GVT6Rg2oI1Tkv1)lyZfR_&@S zR*0>rt*A|nmX_Lk&%{iu+B+fkioN>8|Guy5KCa`rkLP$^=G~byzw?{#`I)8_4+yI1 z?X0GUzi*O7mKeXQqN(H1P^bLfII5phc~N~Zml3V_#T!o!svMjAq0Y>@qug-w8fOo8 zs8l(zxKSe~Fb4J124;cY?*-;)BF|?YA=MSKi30N{Tzi+0<*;j%H0$|pCnqhE=KOeZ zpn5#US?HVL-wN}Dhz-WS&wImbK`pF|d^<6dfzwyN$mvZyKS(MW>2UdVHyE{2iJ`wr zqyrlxe>HUw0QEE!y8LP|zXCb*$HK>ktusq#9u~d)#j{E4_=(VmwD@J`0{gySrLpZycb_IO zO9L0~wK4JXt>9F+h@&UG(n8lIn=Z8^ty&x{%R_z)7vFfB?USqx3UMj0!#z-x})|#_suWmW$6V&7s*UkDZBYBs_la`{_c%YmG4!5 zr1E+CSCb3LFWD7H?9A66z!)(D80fg6bQzhJ4zK3LKbb>ajYCXG;>trja{RsTsa$Y? z7^|Y)8r+Xzm}2X)|$gcn}eR~R4awwfIDZj98xh`ph;LJ#XJ}O< zE-w6098(6e6&C3A9|?UL<9C5JI(|=N%>baE5ri$09WS+6e-SEQffoZfR`1Lef1-av zY&I0L_uRyk3VXLgy!|m-HIFLmvX}5M_KY<2HmS^hX{bz*u~HN?#`mPJ4(>^Xd-yzURuwU_A69CpwM+h@eqSc7lGBBj%IAA3wqEX<1E;fFS;6^%rUjwNxkgHi>d9kkqW&6Mr5h;B4;I(Xn{K1$ zIL0N+58wW5*2l<9R!18-Daq>S3MbWkmLoQSL#Qr$0pXG)ie$Jujys488k-=|kfFbk zlEvrff!jP`8-lD75$hW37BAm$;k0KIg>>rVKGia;NLglfA6kuou1B5yr;3KxROQR| zs##cddcQ+mzbDJw{>_nCc5;upIf_kehL%FLJ`l+6^kWC=n=1pT4)P?vIi0T1Ld}5V zboN0-K(8*6%S2EUn`v^0ZpoFpujd@=ODvBwgYaE7&@axZ^BhBe8--cm2ASD)JLtJv zzG$ZTiN!YIs4`lm=Ic`Js@(hI3ShrD3T&kCsKm;WVS>T_3@tP;X@*rbb3r=WJ7f-5 z4k44~mGAD6A%cjGdx9feqOl(CF8V}KKAFq$+%p@B`O`SIhS#@DOR-lE!}b`Dd8iRE zf+3_K2^?fIV&E*$3y=zlC`PaILWz*sO)Rp{JcuzwdSk=NMMj(#nf*>dcU{qjh<|a;NfQQ;~!blUq+MoUO(Yt z5=+jWl*3K^KNd_!GB3)8zbZnco7$`r>`)j1+Ilq>S)60_xt_t0D*D8oS(?{4j3s0AcbA$|9ZH?eloI(C`f)Ec^qPvFWMx zwF?pncnVXL2;0$x-((^yhS36Z1R|~Zs4xaiNDhCC8v;U#ERn~iGYjB( z7As*IDO|tkrT0F|hl|qIBm5=<4J3%YlJnesFC)wJ+=z3oom7={f2mU8Z&`#Aj+QVk z%ZNj7!8AL|SK4X8-*Jcu3)PbPpt%*k4^Z3VgjFUgGhpP6=}GlYkO(SICBM?a_V$mJ zlJJiJn9!H9C*BNYC+*d%2V8FDk4}xYT^KZw$&1r#MxA;F;tmS~`4)jrt&6`40M?bX z*7QKbT4TmO!=1<>HrW*Ua{%Gq%JXzvG?W#Rsr-2Ag`Yq5xbpT)tJ(W$BqN5uuKL-$ za;4w_xld<~xnYo#la24!N4@uRAtA=t(Y8P!+P_QEDg2fcy)NsnKgp}|SeF7lO8-6C?5vLX+7PXAE+x3n^)uw|qz;uVq zl!2IU5B2mPFQB3y*x}|Lu6#J7yf{rK4yHhTcJbt3UXqnDDdmcW`6P>|7+)+g#E*VH z4cIzKF{!m$r6s4UQ+%Iy7is+>HV)+>1UK8p#6JU6vlTCU@|G*@Eb)bVOf; zo_FWVU9MFHkwGXLF28XBDD69aZiGCLV@1jFui9OR#L8J3j z8{!0COT{X$yumz0ed>6!|E)n7tYE$!1vW>Z8qMR)rdLo<44+T&@)b!&zZ(te%M4D% zaMjjgU`Kjzn$l}9h|@5L3K)88MUhmsvbNaCIQpCpE`4mbchQCP-sJA|xh(&XiDj|i zsgpxam(tdUo`uffmYk?iPY$GUa;Qy=vfLhD@1;ByYR8#bc?KYR1pR6&4fIK&+_x6W zoWwCm4`zV;h=nQ8bxb6`SDFm-HqejENi*&re;vmoUz``WoPBm9Zx2xz3%rK~crzsS zr{po03y8!-_bgi&qgkYjy-T~YImY5YpmWkK_PyNrh=N;*+5C+=N<|aQW6BPSDLZ7T zfrXzEJLER$E;=%+YNqTPtEDGJ^IHrf_`_YlBDR?-2T@hrh+z#^Y_*tbT0l5nd2&b*iBxaZxT z!A%65q-1rPV=+ZQ@Dfr=38tg(1BjcJT&~~<)-X<_mXmplA{Z6FQ9YifWD6g^iExHLra(`?+Hz z=*_7ULV4*mQrQe!^;_uXme6(ov#IK`TAG;VkWfXPFK=a<=g4%vdZO)Uy)5>VDJQuL zl$lSS_{Ttv4hJ*Y;NELiXGKY$(XlzOoH-ex1tj3Ba!oA1MoWRaCTBgRxds(+UUl_~ zd9tjvFr8WY{^KC4`O?-jznBDHM-Cv5-fKIW>7S^aTF#^>gJ_A69-*5O%eMEc<2g)T z{5jHb67^$2ZdjCY7H5I)W@)quleXWOcAG_c+iS{>>s~!3hTCeX#tEbsfsi(uQu$j_ zFjW&&x%smRyoeCD)dh}2=(B*xy)C827-Kf?Z3Y&9y_XEU@5HWIu;$st{F1Dn; z9s`@b5PlWYVmTz%D|m0Hk!6tDE`qt!VAto8aqWeq%K1$8Z$Y_wa+1t+As8ZGz-h1+ z51b}v6*IHuKPbFGArG2asJuBB3{miVPlU#YsEXNd2e!M-gx)^ByO|dhZ6(`xH%=3E z&A$_829Z#zpV-oP1=XdVK1!#1#t_jOCp)*W^1Iy=Cxm2nRB4no%Lcp3+Eb7ufhp11 z(54lvv#c_lGeF~Nt>DL8AL3)y+$}|*a9U>-3}3F`DRwzDqscui3ZKH{&P=ceT^J%H z6W1S4Y2`T5yJ>vwYurRlwA2gIyj{8uxGQY=+72t zeVDf$#!gD7j8~EB_%>h-q5!XDwX;Pvj=vu5YVrj!>}}p7R)G70diHyo2RG{4g#KF4 zdwJxq;cKIP3l+iA6TypjQ_!*&n#U@Y-qhw5wpZz@>aIR(5c>+&j%R5I>@o8y6>uG( zCh6=)0|8|zo62&ST%~YldbjKIqxzoIk*8wo@-;G>y+gZeXzRJwLxOx>Lww=8thQXR zHxIM09F!;pXJ+RT+J?lg(>Jm^IJ@nlloo%Qtc9msU6+*V1!XL;(jPLerA?4$CI&AM zR2wh%hAGq?4C5u2qfaZ~)ING5)+>ij{W3ZWu~})V2qnoP?dxJT>LN+6MWtz*$E2!U z*X~DE_M81rS6i}y(l6D##JJVTCVVD7Po4Ts>(30+pfX1%f(EOo)um(d4}c8=VY7w& zuUH(jUM_9X)kCqn79fGcLzK z8uMY|tO1v4^F&px)E_jrN8*FNFFj!S&fMQ>pBhl~^1<7#PA3bE;XB1*R*AOHd6}1b zGesI}Uwq@4NLKo_uk{ASaOYR}x~bb|?fYcYe#djU`|FjHoA?kQuU}!0S@sGsGOyMp z6V+IUzkp*L@5Z-^j9zM5vTZI~EdJb6G*!tn-Jg?gGzZU5u(G_yg^o4?$#)0Y{ht#~#}cu$t+A2zSiicghlURbn)1w9k(!t{gbIFwHP0e;_%w z&^~Rtx629^4DG6bv2)1PbfbYK+zcFVD|SFNVeZPzyL$3@zZ*?K!8s`5gVJ~vCg<6O z0)k>ZSj`1<&YjGx?t=8*pV}#GG4@Lqs4_lRmz=msLay}D#`j5@?0w%yBc&m8tmwVmxx zQAF3<$iJJL9SV=(nc~*PR?YaftZ>Ei+JUE^jQn#Pe@ggqWC=<4yAGHFD)w!kcu;W& zhV;X>9qvm%AK~)ejD0Fa+F`LeaZfa59V;%0bEbpp5y4}VrStbfcqzWYaG)$EVG$t6 ziLJbPA3&CF!4(R1<=i(D3)?zKo0dCX{KI3&LDRwDc)U2#rp~xp&#uHYz57T|CG6Wu zI>Vmg;V8g|_RO8}*n<6U&MD8zzIck-p0YJj^8v0ch-5mPKUy)m+Ob^g^=QrN6=uNg z;4oHrzBMDxjZVXks$iUmGl(|3W@+-KQA0uV?j6-D z49W{i-5q^J$rU|lFjSM5aXk0opOIjgkgk|z3)wu2#?=v<3*aEdYRTSCzk&hSA-OUw zN_5Lw?1b+81LVN@Oa&?9zKFZRG3F5AESps==@B1on~4>go5+`QR!Tq4l!hNAV<)ev z249WPAmV89&4>sKKG-SiiU)Yop<}0E8EM)M9D86Gb@6!LyN7Me>`8!{8oLw z1R@d45XCk6AciRO7z@ebn$)gloH-91v%peZ_!UDysdc+5!zKE6+X}sRf#@yWJ*(sc z_e_+X)=h{ePaxIlFjV>(D#YNa;MbSNjn?HZJV>%;7DwgQrlMc9-0rDqgrAo8U|*#+ zUp*t(0&CFt(+n^o&eIvWJyNhuBtXQ&zmYt0cZ;nLB(+aiH+~dkUIqc;V`Mn=kS+-S4dpoB0g6qJxCf_me*)Z@!G;sHH~U zHE4L@*_G)a;9pJf^3_mgb~+fR_3f9V5y1l=XRPo99vFWoVc3Jw)seNoj^o*U%@?(v?S#G_8P@#u= zh^70EE_?1oh=^Fhq|h36vqe0;=)al^Blsma`vAF2IRGejL2DbFYDwktx21OS7aH*e zVpQsjS5*8UEZD3;pMir&iK}ljwMqGX2xpd-NOW24@@f54*#{_23eq%M#Fdm^$eIdW zxm)qwr>Cm?L&nG>xoQ21PoCpg=lcDq&xqD8kDAHl&@P>;%)LnK6V`|om_Y6*W8Pzg zdNcu?rr}dC4jBD{51iX_Dl6V;V7g~zBp~gThx++I;;Q6h|H}R{0`v|O@&z=G7lwI) zDDE$`HcsamN{FMV9SRHijdTr1p0kga#gTBBCc)xm(qL@PG&O4AL)jE zu)PIenyv~O%9(mD*|({YK0Z-pwP`RE(HP=6x8%zy0Wj-Snit70rF{WFC&vtapJDn$ zoyJUf<{qYRkrl~bczRK>>YWQK;&ZVRP(Ti2r`|-Sa7-9EaCiBTo>~n|EA|0X9THJ8 zik2VMl49~L<>p1~zkvKpq5IU+^g) z`U~23BCNj;LGczScgdR$o}`3IyCD$8EzEnY@Uw-B_mxRT_k^t8BB>_$YD*%R3v8uB z^XIODn!3eJoV-b`%^4u+1Ww<+@oche4lbCzOMUD>7aJ-WVpJNVC*}EQId$Js>XECY z%ni$hH@(08T4%3R_INlhRR~@=l;s%tKS2zS;)6v-PoSO`N~v{nn~^ z;;p&lZphSd-n-S21|#E48nQ4qUIMiD5ai!=Y$;SV8>w@j8)w_+$AQZewM=Zef8$_o zHwzlI^+AqSnBzb`(_8j+-)>3j?Y1(0>r-t0#;uXslHKcY1EeO#P@D6T1%|`7Kt+5( zSreIxnNKUui7gByq~WW$wH$R-q>yntO4F$^JF)vDi<8KsF_6hFTZFR}%V|!tfG<{h zz78@J7HYE|z45&;(z0^|VMmL6pu|)*K}UIMj~##FK)n@yYpA$}&8jNnR`{!2<%Mb+ zd*g)0)xu$0&lIUp_r1^TbI&Nv7Gt-<^&>kLZ-fRbOUr+oKBbVBR&B(KFpHQ++Iu21 zSW>glw@<|ba9>~1k}qSXt= zx=n~nl{8v7A6T!{I{%AA_49Au6@Te-$!JKjqgz!}2<;@L3tv@pbym;6iB; zy;s|^0knjP4WOQ$0Ngz+l4=tA<>>~(Sw+4W>eB$Ar*uM(=myHC0xR+Mv&hNe8jY#mGzkYj2WWHaM`L}fW!87tUrqxIt7?ZBu#_{s zdOCvpESL+Nt$v1w;qBTDuw|YDGm*k}j7oB|yCD(>E!Utvt^4jGPKF8rB8?RO5$~6e zxKV$pQ&ay3gV)JqIx--qEBD;xLN;Ly)}<631miMf&Gy6&XEzD;Ur*1 zlMtCK**ig|pqWpZ`X2cTD`G2MZ0(g$eUy0wFb&sT7lxf`Es8?ONaFhO&Kp4qftv4q z=+@?q$)vdhfKEAnheK7r#Nk+K^h9D3#%Gp_nt*)meHz9Jzkr%*)X*1ToH|zESxrJ z>p};v1ofpicq$lKH>f*nWX#1zc(1V>{GzquS2KUGH`POc4U+lM5ns_kU19JL8)DJ& zEF`vi|4VdPQL*hu2PDnfoFng?hXq>zqwLWnbRCz`{=2-xyT;vaS0gWe-cB7P`QCfq z@a;~W#HW(>=hrL8ljtKSwnKZ~;xh-&|%S;+YPD7S9;x4?e(3^Pgh zO8jeuA+G!J?5}Qy1-+B_H6fmf6j&KwFRkn1VyWia|5bQ)88C^dJmsu{q_G*@tnOmC zsZIDobh?-KGuM_=YE5&vs0 z55`LfOVDUpuYLmGg`n^ntSPDR8up~;Lw>OOoDC_*28y_AyyQ2GzQnVG$&7vHheXrb z*ku5scqLRrvNX1b=`R)Wxv=@8Jfl!yr=|@fRF~<64~By^1-5Cbz#NvsFQqta6eq<_D7Cm={_o=Vj z;B&4Fv1N?>1r=lcaJEDnwE`SJnVYA3`=VGgOPBL)feRn@dv%+KA>TyNQE26jp8`G= z0>>8ovHW~IS@B73j^m+@qbQJ>tRd%bb3cLg`yZF+k#|->zzVsup%||(_$O#whFCF7 zBG)-AP{<_-W;Q6wzm~7&;gki$J%~+BN{~(5IigLuzXP z!&Rn+E56HGS!Zu;zh>iJ+O9B%*)_;zszz#WWWpkw@b(FHTmL9xp_t}%?UH@Hl^v)Y zwJIyZ@ER}8u$;IgSK#UbVIYq0NsX3ybe)j`PhehL+s=yE)1F6v!FaXcp|!+z6D!__ z_i7toVy3a}6e@iZ{R327hVB5HH`^kCQ$>w`p_A9V&585C|E;{Lz6}pmo)@es#lQhp6H2?FI%Dae! z3O2JZ*_oF*CF27Y)^YL+`;);*oZqYOD8|yr-Yn305&?d6SlwenulvqG)F+H-5ARCm zj<=@!iH?e03HpPtGyijjqXN8Y2aP6tu3V{D<5GE5`tg4Na*jg zRY#Je6*EK3G11L-nM_Q`d6k}Jpn-9wW8BsfaXSBM(6u7+kAa>F5ZIyB_!9||+3Td; z7_r-%-GoGbDU-f^d-AzOz73xPrr}zay;K4EcWEa)L(Z;TP4 zxEjdN_+G~SXNCRde$@Ceo|`fTMy#Bs1t_j_KMxWbG?Bgw6^@O$ zR0S_lA9BSFGM4!>*)La+JT*Ljg&-=9gN5FRT!AuXiw+^mq8t(sU;o11y&qEYo5h=c zGI+jj+$Eu0ahSW0KY#Nwi=y0>l5-C-drRAIl<$hOdELJ_v3sGu8ekqHBOWv5e$lNe z>#~opSs#+CX%F;PHsExv7rzU*J&uvZvus>=v!6lQb56WPEZ_F> z4>-ld(UdAuY;|r#U79~|+S7N|eQj1K+LXIzBS#4MZtkeM#-6u^F`zB5CNb>*4?Z@t zoL~ElHkgI*yXB)Zt4wbZApB&M(Lg`T8O}KHHXHT6UHd`|LZ4}Ur&bUbGBi>^ESQ?fldhaWRzjt?PzW3GC( zUo%1>%tMV=DfvsVBxf1HLTIFM*oAYnNY;KrzS3Y;O3oZ~J8J!AAz`oKKVxD7`z|%% zSb17q1Kd(dra9Qbdgb)jRX!M!x#K$q+iqK(c73s&vhrQf$Hutx9Sf=+KQmVUnHhU_ zw9@q$`_?+?ZGPNAUQby!f*HGSD^e`8^gL-E7YWVms^dNw-Y`Cv`g=fUDf*XW4+g&^ zK2GXqq&gNa6sd*q-^zp$M`o;gW{043XI8{(QijXeA*_NaqPgj{2(I*F?R3<6g~b-% zeh1XIo7oZ#+=u&cL+%Kg5M?uY{_q)!Fvd{0Q~%chQM$oFAr@2-s<^o@0I@Dt)jr*v z>%dX2Jgo7OF`$${lemAcsHJ=oow0$ik8a;q_6fbXI@qP!>xeA>3f6CUfhVd*Bs}c6 z?=qzymAs7BTzQF*`-7hSk!5rp5as?{l~Y$ZK_uyC9Pc5tcG)uebD=LW*JJftyEC<& zK|HjBvK|Tr=`2NjOVn|4>&Z*>Pn5N=941S~4%+lkZX{Oe+*yBfyhH2O3W19}ZujQ5 zA2%}cjT!1stTT1IEVT(V)mv9Cb@>MNMTL-fJ?tvo-utc`CxEv;umR<>twk0v4kqK| z3$I}7bsrJL`x<6W(wOc)kYg0KaEd-?yxpllZg3#}*)~vl4T~2>JA`4<#zqzO0mrzm zDj{%WVu`*-F!X(N4Wno53R6thX}`6hJH40ONgL(aap`HZb@K$(DPn)-TbOB7r~x@s zBlM-rfu=)eJLx%IvOMZcpgX)j*1C5T0&u(~5MFTXlGKpSfS6dovCm&_do;}zON72y zH+F3}`QZ)Nk4sXff>S%1mDP5))2KW-qs*lX9+KXHRC{CX0Z8+=&0YKsnk{ART(3Mw zeE%6d==&6Ap|{}F(fIU-GUWE-Yq#I5KVS`StH-@+`qOV9YiEOeBGPwbIDyWm4S-Fx zn!)?#@ixzzg5DaYf%%Z18hpF{88m?tr)UC7PkDZn^!zFEwm~c6rbQl^Yz#8REkjFn zmCl`dG1W?VZ+iZ!TH0SY^L7%=C4-8Nt6D;Ua4i3q$#;pj)ZheXUyW|GveS=r%Wa4X z`H1}P0LT;5KZTf;iJLr(guvu7Y?;lT#_!4dIYs#o;i>SXvsV&M19$I@(mFQAvE~yO z(;iT&K%2Q5`PzSG*G=?$ni-hTx1JUejDv!yLGY<^%o=Z!BOvH@w8krIs(oPr^M0BY zeyr8>;GSu}Rk0lnlKj9qeszALDi>PJ2rtOOGn9B$Z+ucC=8cc`JP@Yc9kgR!t&Zv2q#c+1tHbcU9qEC}knZ7Tci z)l9x~OQIvmz@_STKdpJbl19{!g!y()EAX`Ac1VVp!d&C*hSSVw6mDiZs!O7o3z^=3 zNpZZfDplMUuOT~$wT5p$5CV>5^=;=X8!EnH6qXXtFq>q5oTWOX`0CPi#u;&X>08lQ z>@+^3?giv*w@KKjA84J^7T5!PsMD321+v$%w(qfLoyTU>34h4+&gJI7MkZQD4wSh> zLyM!11{pw4p5phxahM0&fdJ~hq4jHAa}et5;*DogpI-Fpk(%W*Z!-p- z6`w-0tW#oAy$aX9B})5+yeyLGq~N2jdCB6oSQO){P~(G_>lFNL1tE&mz6wJ)0R!(C zY&QO~+gjJ9_tz9@JF&tcB&dJ^tmXCw3jd<>XY!v&fot6Ljsqh2Ep#-ogorYL2hcm4 zFRdc;f#E_T5IrBDvnaIpzE$FrrJtJLECz07Qv_@|H*Hk`w$8IC%;SOp<+)I@#uN%%!e$mi?$kAEUHeAw+Y5oGjZVO2u}4$ixwj5;`p&zDtkcDYaF9xjSy=rtzvG(T8|!J1 znQ-hUs;R+ENc9G$;pkNkrDq?HUte>H(ZGfMVn%CJnTj+E{w22I8K84Y78f8&h>kr9 zq(%E*k!aB`2MUS79XP1RF$a6JnY%0 z2njL7Zt~C)tDJG4*?hJ0F^>~war9k0>0nv~5DZDIN*34xownI2q1~ebGM$H-27Y|r z5Ps77p>rCIFG19C|K)FsFMdY7|h z{*r|Ta4Btzx|kDqk#QybC~gZ7))?n2Wc)#1of%`qz z46jB>hBGZvMJ!z0&Hm9WUxN0Bo5TZJPHP$%cgzp)RL)3xR_I*(C-&g#{`(CBN7bKj zvi8zh<3nGoKYJL%bG8HE3lWPMdyEY!&VMJ}TaZ4~aGl|rDnUm|gd~0!E4!4;LpElv zI5S+Wo|TQiu80P|tQ)U|Kly=&%U;*bEuO(`q}|6C4PgR2f`w}C!~WLOGwS-?RMB+( z=BvU$KnIkqBzGfuueIq7)1qD?)8sSJqq&0L7nV`~J#*ZhS);aNnpaXI&Ks}MQQ49% zAChRRe$)(WWz#+Rlo^C6CKy1tx+Oikrp{tjyyoTbs4dp^r(^$N282N6io8yag~vOM z)Z9(OK!2cCye@TIVf+$|w19o&&98O%j86HA)!z2|)@<863IBrC7o72}<-*K~Z)?;! z!kt(<^;D9&^f*~UP2rB}KIpt1Lt~X`;X?=|^M;zy+2_VQ^L!Hb37cH}AX@H!$FS&I zHThR@45^@U;8B!P%0cA!svZx37^0?~1$MZWrr?%&boltsgc~rK3&dc-TS%LGWm&VwWeJn)sHBHLU-P%5AJ_oZ;+Ih29`0{#P&p#DcI*i z1g8rRU95un@0Q2Ezy? z=M<#4!uFr`jVE9%K0bZO!jhVP+TC=(!-Cb+#&GtR#nTNuymzSi=dIgg?KVekhXlEB zj=Rg`%V83ZO$nOn->X#a#tC++`_Nc3^qFt`fl>d?Bc6lxGqmh$ycN3I#@l%67JrU^LMV~|PuM4~~CDO)xLC&z_$-6tnCq96h&2=nbxF^Z`)cTdBi zkb5O3Gm~r@2>NJ{B8Kb>-!DX(zGO7C*;D$7P%o+s)F#2j@yb^~LhqWRr>%~UHX_@1 z1>!g9=xf8khNH zIn%JDqE}8Vw+UIDhp?y9Hk~A8t-%C8C*`0Go(6?=gNj!(3&Y?Rty)thjFgnqg1i{M z=an|HadWQi$!&HC=hLI_aRIknKa4%OvCTJDX*50hnS)3jtZAJfS7qKz0q>gRjnJ9Tw|ypoj&T{#&$hB2 z>z^S`b6+|q{C(|c)NK#6Bl|!aS$kUx*SQFX$sgB)XPi3IT)!*LuFAPT{#-T-zSWxKRYmIpBpskX)is$$tq~}A6!wq_iOr^x=ZvUw-##uG& zJ4HVA1Y)r`bVh0)gb}{vjn}Hw$}XIJ@f8gz42mLg|Zk ze^i}Yx;#}&ma}5QU^5Y=((jrfn(4WCZmbJ`D3gT6e_BVTAL!y`D07_TS&Naeh>8wH zz!S!_O_v1JJoMcP!!~=WwBlZfctg@Nj76_<+opGt9*Io@v6@F>v4)hLP#mVB+2oq7kRLw8p=scDh}h;mMAdMkb$^z2+HsC%^*>r-@&Fm{ zH$fumj>H>k9I)fn{by0_BAdL}lv=j0?It{xoL?6v=I*jp)6I^-#1jodHJb@6|Xxs_7 zIE9nagW2RPUAMNa!^m5w7o2b=Rx=ekHOG*G{B=t?L5uV?uNTsC&)GNC`vHRt^WRXecz4N*b?Wld+VVfE{obTQ_H+|Cz#7XDsyQ_nV}_xob11 zY%$}!;>w2AGy}B?g=|{fj(qUQ4YI*VXQ8L_BAlTMihi*%&@TtVtWOX;Ti;n^pWX|0 zrXVziEXpELOQSvDXK919eD9Cf`nY2bgll4kL@N#)`cVgv&xY)*=^_BZgIiKJb2o~r z@#d=2C)zoVA#?Eo63KCyk}w@<7ohtY9;V6clcAqqxunFYufdZ0gf~1t_#t_$sj&>s zcli~fg)I*Twq|V0s?H}Q!}hwXI+K^0<;Z&!F?>xD>%5Q@^NP3X!!gj}?>=}8>-mh| z?s$5`v(U2mt@Y<7IUMGE39=9^tki2+U8EO9rs|yb1`C`VWl$L-i;5by-(s7+PG8WN zcb`?3tC>ZqLI-TEv@)#~uf!=hH{ab}ycazpwS~FAD5ap`v!-U^68ddIlAL7E>A;3J zzE&7w)z65DIv*_do?w>>k&W@T%+z#xYZ=9rJ`!5=Nt4oL?*iWR178OmFdNz`>ASWb zulP6KSiBAhl07~MoTr-L-fUf-)u?lst+-}svM=@<+`tPSvoWPUZ5;m^ zxI@`|KwV9I1-lQR1=|3GE~=PS4OtyCBg*$rKn`Pn=vdbRRi$VlFUE?UFcCQW#S23q z375}n9EdXhhuF+luJ!xMLaiW-Co#lxccH?OCAVEw1fVTzkv@(`sYmCvPi^7gas$%)&VKO8Sg?}!q!p?!H5Oe2D5 zb)C|+UWxw^_4po2y345T{(ONY zX7*_VkZht0qZ#9sK(@cc(Bip{Gw6$VX#RrpwgfVN=nyd}PSJR`Opjj=^Ql%LuB|qv zteHed*2N^%5YKWpd@O5XV4D4{P*RU@CtR9=K!5NeJw=Ua?H|Hvl?(*An>$|2BYI0( zbpkrP7f5hOylHrrmnfd-l?$tBok~|hH=bBMXq_&>%jD4OD4ylt3sKF5#)rS43DN)27bJdz zzb>_*BfK5Y&65Ww#$<3PzO{nlL!|WMw_iW^vV?2} zW;pF?;rr6gi-KEn7(?<|8YZdL{JMwZ9ZTpM5a~SJ2#>L{7nIY&S=RaQ4qTCwrh#`K z&CIfAl-_)X?RwJjh$B>oj0%3|VLDjQFknee2;(yS;OhzuNZLl-up%bJwmjRlo8F zye~rkBW#*i#UHi))H)Nog2Cf#{(fFUK$epkvaASnJpJb8EoQt@HAq$y`}vUL`bU`f zKm;oxlJIyXEjd`wE3)Wb+S^00LqwLVNI7Y;`X=<-3ti}A&w7l{d#FeW(fV^~(T9rl z(i(b3S0bO&W}j&sbv{mG=3vW&c#l&#Qh zUPpGg_ox}W?B{XG*tp=)XxC{;<^L#RD3ZH5j%TyE@-w~GG1r(RCW!T7 z0b?c6kRn}bylKXe20QID$^6(#SK_Jc;SL{i)8cN?%@mPxctQ9uAAgFaL;U@e+dm@S zE}wBU61jZde3(_Un*rp@%wRm}R2CUeZn6wBisWZ3cWv$ip8DDNbnoX`qOIjr^P6A0Mbu2x zfoq-reue_NIGna@O}zIncl`WZjw-Tz+VM;~%)IGOi)XU88iqegOI^}(KbQ5gK;5Id zBICELF^1ssdi8$kd(y!=_4_ol=azs|K+ko4l(J5C`M-wdKetsUvh_NdujilS2Yl|* zdQXJ$!Gn^F3?Sa?4Fsx#_d0w26uUoZp)@QDgJ^p!^O`_iGI8k$xf*9ABok6xo}hpI z|MvL?XVH(Ub~%01fi9ONV*=(^^XRO?Z#T{jKS^={-KP^D{dipvgDQpW>4(dlPvi%n zw2~`=wu%^$6gCKAX^m4IWE@9c$K!V2xS-fB#Oc-y4W;n>5HUw@$XFJt0{=_g!I;Qs ztgd^EP={@p&$(A7jzluiAVD0Aot}`Y1F;#RmZ}rY=2af^m=fd5&D)g1|L=6<5O)6{!sz}ovi7UXb1o3c!UW$x zakHB`L`a_$+gHf5ML$l}PaUECjaAm=C?MHU@`%3y>&#nIPT@`6qfqC5`}gjR^X`y| z3hR<--U|p_Gi}g!Hp;a!^Zo^pn(O!6VxLjd^arSNW{&hTvwCZg z#AvxA(ClUXiJ$B9uk%7#roavSDiDV-*hlH=uUgcnwN#_SHqZkQO&u0i#6W%h5{J?5 zGix*To+-L$m~%6KI)3sjtrA)q8 zU*+-3cX^75Tj#~ynY2qG?nsJ)Gh0g-@Y&E*_bj>UKYqvmm~{W~VU~3FdH8iM&eeFv z3+sQ5WCIleIhhvxR{t3NkXVw{t9jdMf%(U6OA|c=IPG%3C=CCRpu5xid{Q6}n}5piBoz1!u4Qto0 z{f@l|xiJO&h<-`l8G~8n)IBoy{596K@1hdSuV!0uwj^1TJ32;5I?5nN|E*i%I;XjF zKx63FsoI;{|8e>M`-fHsm4(Px${uwovT<)W2PTb4PWtHgwy^e>62YnJnPx|VYTrvnvnM+ zbCN;be?0I1`-gzsTLkXryD0Uyci{&K{TdU>C)4W9T7i@DE?mJs-`=}1(7~Hek}h=e zfOy6-!o?u{0Vpx&w{Ks(yX)!#E=*Nf#WY6WPu5D6WGV^E)X*xX$pgQZ-GZ^AR9nGL~o`|o~g@lVwU8@$tyBdICs8hC_?9`3%{3t>t0-}>PA z)8$_~-v4!n|L4Nrf5Io7fAscQq@vRKy7kzq6Q7wk(=VcD^+hy@_3e>RM3hVEe6mv> zM387n^j!ZKNs%|r!x_%h{}aW%J3&OD(w$P<@I|jSI0+g!^vIrX5wV~z{_M&sn5Yj<7q!cD=Y_i9!y3$8NEtGPA1SQx;PY! zq}Uk~-rjJ18*j0_T+x;CXnSTX>rMvUS5f?_R*}yv8A!=SF`DuEp`H!>ysLn(*5{-gWdLua~;NBUi|Z9yxICk2gznl;=bhKmt9U7M&$ zXFx{+flRY)|Kz_U-Xk*UiKeI&)R@PP4(2Bp5nZ0pe`M&^r8R5 z*jtB1*|qD#lz@tah|~-zp^{QVgQQX-NH@|QL#H4hF$hSP(k0y;0@B?%baxH;-SfPA zzrVe|!)L$Gaqtg=9<%OsuXV+FUDtWmM>^|R3?3b4lVv%Zql|m32dKlnvIAB??7L40 z=AJiBAundxRgs8WIkR%BB1;Aj1#qAz-X<9g_R|S`ARh}~QV~~lc+<43JS>c@c{-pa z0O0BwME_*rul0PftHI{(u8oABBp8m*&yLd#(;6{5Gum}aIpUe=g(=U9E^_oRvk9p>cIO|q9N?m&?>0XWbT3JKR`p=TV#c7QOzlH{lrISTM>D31)DB->a}6;H^Zf1u&M4=KG3&!5@YI&oPnJi3a8Z|Ahx?- z^o?U{P`e$|UUk~kif|;_4XB2u*x*{LTO@xN);iiHiGGlftxKoJkNNclkOu!p;WVfF zXx2`7k6tr}@d5gb4~l*K6<*8aA<`qMSiVdc>WAkoDK+QiwqYxOws4P=ux+Fha0eK7 zA{x4sMz+jfmJRmWc5_e5s(dJ;MSxZEYmx@$;Xgh}0Qe-Z-vQ2xE{BQ_-%*E8(VCrS zWGLGBwJMvO{veWa=-Ea*tfphOTB|(yR`UMEPOKGLRMV3jX$7&samw%Fm)QR!)BQgl zLJu3wxR;v)JqC0Bw+(IYTvz?a=K^-_wUzY}cHgYT!HxVr_o7BbKj=c|?@5loa0_wA zd_c9#Eo3f*#Y+ES1)(iO%<)C>vHVo!FYPPaMkRFH@cSHYS;>@n#v%VDXoahlbRmoP z4%qne=UA%aVy-`Db8&Zp*1DhBseYQ{X~vOWow*sh_%SEPXhewgdTx2plcUV9UjM*f zqEfSA_|i)CVhi^4>fNV#B)M%w25IX;oeBpPVuW=2&G7bWtG)lum*6*zYiwfTU$s9g z;#JzWG;%6=1C-5GG@*IpKcOU{5gdo@I|uJtr~tddq=aV);gm|e$id3_nqHvD3K$l3 zFTi@c<~0sm|5&}OF?#+#cU|>H8ADl?oU=Ut7KOTBO6~t8ihqC7@zKQan<;#2f|9|t zyN^ij+P*e97uE1PGJxNkS&(flm>ALa=nKUXBr-g(-Fq+G~PNz40QcHQ6ms;M^~c&`Y!=PG zm;J&)M6dU;g3k&K%bgNEotG{MAe|4HK&eBGPOp7rXBWQ0Xfg_Cv{u)y8E8{F?Na|_ zkLl0+B|9-N$~lv>)H{o;+mQ?7yD=Xb*{M`|B0PxrFAU~?<=21sMMM})U(eaXZz|Zs z#4m;^u#dn;IEXXE(Mh^a{F!?oKWOE&Zm#F$>7<~0rECEUFzQemWtFLL#u}CAnB0$> zE7#R4S=(xx&W8b}8CT{*lf3^Ky7s1ZGnwow&qB=){v?gu1vx3b?H98rG19km)c8s= z_oZsSQqT!}ns}RHz|=&{^DWyv{Zer@_`riMsht1qB2M%{L29s1_x9o2GB;W#px^bs zkeNR$|G)p@tB-vUAVkinw<_I%D0a3Suu0^Tot#2#5?K0A-kd_SDip2jw&(O^0>G<)QBi)Q_%^M5#8 z+1no?L&Z6)WK;h!dHQej6hP&ZOruV9X3S4-IS`*jV{U>~Mh)Njy8pXaP{Cbxnh34) zbAvG*?<-!%UrC@N1(ouTz+JB++Kl@3eCJJxiKtcmZ;}uOeQI zovM@T5`J|3B=iG9?6+`780Xcwy4zJcg?W36epZxUtkvdEuVI=pCD4hTKl~b7$U_RN zJ3C>qt(|t2`%uZLb8^5&B#tFp_{wDr2Z)QmYl>OAv^~2m#TQ`~`7B`kcs=^D6f^Dv zrQ|V_uFn7MA!wB+g_S-Hpao+p3T=LuPJMkz^bdTSe=`Y2F{HX=Zs+w??-PB>%nfFG zUeGfWECti9xgS65o%FIX@0dRGax7ls*9o~Ka~rd(l<4&k?^vf)4P*f3c}y1Wi&xI7OE7i#pu zTi0~V5lgPny2nx>O4`q>1pe~UAqj6T!P${sqH4nfXfG5x?K0K@RfT_YUm~#MZaST5 zZI31GWpk3T_=10l!VAO#J)E(GObF-!X^3m!tU0+zKMiB!IgEecCYT~`E$F{} z->mDQBH=q~DOdN(w|y>?qjOa9&=|a3NP?!$fNnFhnHfh_W_D=wd;KO$!s;!`aJ*(y zkzWo;orM4F$mxO5Je-;zAv)O6+f5iR-?pWq1Okr(Pi-o;-8B?()iEwLeaC$_oXt>d z*Gup8xp@j`hQE#?;y9v)aQf3SZa%okNe0&^Jd0hYWYn?X2;$7ss6q8`GYNdw@b7fD zFzourVCP@&!*iVUw?(E6RrL`oJm%?cNVQ>&(dqSHMvV5#E$UI*T`Zyrhdnczg~ohCxeSx*<#w9FOZ2DIYl3% zpopNn5f@cbcNCCUtVPs=~XKF8Xsr#SgK!N3nbMebA^%VK@YNEAUY)Z zK>rWU)y{j2NxPOCf?iNdA#O>2>%rQZQz*QKhOYk+g!dhf?H6cTz^U&d}U|PCO=mq_G|XE_NM3U=3ko|3vBNE4tI(tBTszZmZ@Q?%g^;M zoDVF9YLB1&{C_9o=QVp*=*k{hz!9DIa{#qDS%>FNuW*X;qPNEU8tH56s(Vj1B@7iK zh}nG6t)6@E&+>p(Y|vpcxc4c1jmE)ovTVXxLys7Jp-azqSD_A)!N=yQcOYyjd{4J_ zBer8#Cnm$cZsavx=u8tR=$V#9+|nE2NaA2XqL(XBI=z_UC%MA#=D*XIj^8%Zqq+X7 zZ~2WQ-^0coSA_#KDF%=r!XEm&);D$OK(<9~ibC`c10kjds543}$>8B^+9i&sSLeI= zPA-$0x@?^gsrXLU9!fZ7c2Bw@;r3%s+i%i7?4TDbN-TQO!}2VqD&qxgV?V-x zjZRRM$BU^buYtN9?O_w0DKHzZB@lGpE4#OQ zJRlnv^$Bc9Mk54K_XzY0mZGR$_nToMcrI7^50|I}gYPpyl3&h1(` zT9{TG62AhbE#!%!OwSv$Xp2%tLX&4UZs^bMvS=2|zTVgU{qWnllaT_{^!Ty0ncxj* zw$zP724d#?ZG+hKsX}h$u*5%%m_x*A8X0ifH z;>vWg@^dT4I1AgTGamoe7gEv}1_iqMTlP>@sm9~KTr1~6y#03c`Zxj3Q{-wDkBA-0 zeBp44Z7LNwW>`oD_BF@+6917g)t*#LM#bD3zbaVUeV~n*HA?e~Q^kr{;zT?^jQm#Y ziorklgy88viZq)I@S7v3Z*db#Qs%&H({1-1b|kO62Muz6F1=7Vcw%&DyfW~sG)bp} z`bt^i1p|LgfmoG=I{ety!lBgt(fS_KQr9Ej_j^n9E0Q7FaMFwYC%P(Cd9!0Q-@#y& zkSg<;03S2ORC&oGg0~(ro0?-OP5uK6h5T>S2-=eb_}`x3A%|vP3bii%C(H2HnNh<> zGbX5dL>@`|I{kOs+IQP(d*dJ_YmrV~8ueqV`~b&}WU?I&A}Nn`%q82eRM1J`_qEY? z{YLxtdcnyQYy&k8zZrGZ&vCe=Y#4d;1aEMUqtA<8Xgxri29()~^9JGA-}}Eu%xZTG zrbKHnEh$?d;_4*-D@p;+%<@qh6@06`Wbh9<{-@iEhR;Ucud@R=3l#Q2aFxH`*+NmM z6N*Fk&t8}=X>s<+akg&m@=d$WuIP=H7#1?6(Ai-Ug{l;Bc|S>2(z0Oz?5>dpkwOKs z3iB^?qcBRCKI$=SnpUve1;d%n8c`qjJ|!<~OUmvNzvRacfz0`q1$<6%(*RnXf0pMh z6G&IyeMIZ@)$fUWRo6R<(0AJ6dK)3Y_M(nhu5gFVv%b>#!&&JP+nAal(%4SrZHW{q z)Q=yFlYRK9N&5d=o1AjjwoeC9fM=x`BC_b45_sALKyc;c3ID>o-X_*C3j&*%rkgfw z3|VUbM+x+xxL%yLZ@5D7j8CFwZ}48gg|T8C`;HTf#iYP&@>86emZU9d;mCpKEOR93 z22)A3|He3-T^}Cs`MiZ}4Kxr%9!WCSKAaNSdkbQgXV08H`ZyLyA~74xXwI_foRsG6 zq=kR~pBSbBLA17=2Og!LgdOaP6;yC~%Fg6i2?lpHWAt%~cD18D3#haj%fw2v<>Hq+ zg0%Gs1sj-jhVQ+tYed3no>!8Qyl5_uL}+>6k{9{1gLXIHdgCaJ!R+0N3k(xA*VBPW z>tx{V%MV8X;6^k{(hQcr1Ib4zCE03w*7hX^K~l5+v-e-ZJIST zYjwdp5_t+FRnvc7%lKp8;$wf?KDJ6%9Hy?{_R4&`7@WM$?y(Zz4yNag)M^{@lLji< z#C}wB@<_IoLZARG6S7p{MM+`AtoPdQ0peRvT&@Hj-l}roaBATHj6HGw;R+rgSMZKN z-eW(d;jHUH{}jW^)*Q+=;l@Hn`>&`v{G}lLy%lYKA@P^c&}zr?lZ`lG+4z6YQ%V76 zg~I1;b*@YD70-mLSqO<-( zib~4e4SWcf3&a<>6(6R$B>j0j0|POGA6PRYl`98fQIozXBOvA9b4Iz0@$VLPGW5PmcwdEW^}+(zqj zvi|i2IQ8j*>0$m}xT0b=mzxt7auML09F=SDvwnWDhm{sNkUb2Iew9`zTVQ@L+x3Vhckg9gy5di z?U;ZeMsPk)3ODo_4Hepd_$i*ouJ(NfM!}3?G%o4y9bYNntE6eN`Ft`Q?K4%gG)G@s z>@2ZoylO--JUq!M(ddN(njH_PS#BRN z#RE)3K?@8h(fl?FW+eOZO5UFN3j1U|`hp$g^B;b2qEXIBsx}Ahoa8c4c*blk+g}`( z8a3qk7t)~m@qD-5*%7I-)9$Swe~kyx8gIB(K9Nz9dUc8MH0<^XCptk6O>;KojGD}x z3t`n9zf)k=OqN?QyxWNRC<^%MUVbzsB_;TeK#B)=0tY@ff)|T^`t89)hrNxtuAQ$5 z3l;PX3}~3Ns@V!^))Mp&m)g&&I>;e&&V%(c6lGt?>tE4jR5gAtsWm4 z2^Ji}Ooh>>>Xu%Y=P6V~PucieY+pQaaVDsM&WLxGB9xS6!Z*y#C+UFAV?~it%nzUwF$9u%y#v~@xgdm@*mZO_3JAOGDjzUam98*+xauOO+CAo^Bh!v4m$CuZl_dc z(&MA13H~Bf%CZfeBQl{xoXy6U?4MAhm4+qp>15#1{}kz`7~&c3b{*v`iZkb zvo7koYyv#*^ZG+Rrkt6A&)kX!DukVg_gnQ3rA1%Mjv!IwYE}kBVCvz!J z-Fw}>5C0sZ1}y!M`pYm!Dzru`uF9Ds6iCj!@l2LtfwN{2GL7YjF4X* zCx`};5q%a&Ze2~S<$ZIiUp43Skbk#)WCxlP(;10^%RXb%)NrHic?yV6zbp!+tb5r9 z>>(D|kUgfS@XeP$U69`A$mL^7Jj3!j4S&=A%ZeI|`FPKzLD?OyY|^*E#h~ZJa#W}US2 zrFeE4h>D}?Sr*Nvaso|vx;j+ zJ*-thxE4hXPHOcohdFX$%S3;fhIV-GIW8TISY!$AX*(k8?-ZS`=JIWH&1Js`7zH#13?Kjbyx{vz(JuysxO|k@=~l{50tsO4dWSym zvx&?q$e_8fH!cmr6f!B%T=RwR}|mh(q&^yUl3t_QaN%)DvkEZ@79*e4;gn zlYAU3(x*IfC*IAhfwxN%rvXcy44oLurKXf0xGK3{w;-;h^2+4?A}S)Ls-6yH|C<_4 zI^ZG+0gO`{l7YpfGvD`1GZn^O)7`BP$H2(_I|u#$ap>c#P^J+VJ{Z7rAsxaXLCxY&^ zs6kurGbrOmA5T@y+V>m;NeR&G)U2oI1AAY{#6uYWQl$XfdBM|pXcRC&NJA8IBCBOt zJ|qe5!=LvS`i<=EJ^)7X*)8i2JHoQudzgXdM_>lnHy!U;x`dDJ%-vzQH;$%dNxSJI zt@Pw$43{jH`h(XJj&a8?Gf{*8ba6tlP;rRa6WTs~X&ut}osgq}0uT4y81=;R%BZ>-PArET+5t@PsDIgS!V%(F%C`aUn0? zi0jecKaf4NJPds!E`ssLALCRJM?1!yt?N?n)wjcPJDeDW`^LXFqEq?a_TCCel?Ea$ zn@#>DAWin;OTPz40e?zB^-h7cuwbM`ny3O2h%%FwyaO95ANeo-SI2s)|=2m1F+U6u$_)$--%Ua$Ga zJ<+lFSrPe-MM4B40Y5Gw;enqxQ%jI%%ROR@Y3k{2T>hQGk(T>y=ZN)GN_zTN14n>u zVJ#@>Ad?H2Reai+k7QEt04T@U{rHB|f|$xWDck|hB=~*(<365!#{DlylZvFp!dbYx zJ%1>6O`mA_80hO;_ZPzxEYDxYf{CbVLqDiF^l`OCrJOuV46NdnpHBTEI*v(E-d0Ba zxA(*o&G>y+AA6kmD>JjyO>;^IKgqn!=W@i!>xN%n2)ygyZ1q!d5kMv%0^{uctvqmR zH%ofHl`qX@*ZQiobKP&KD=kjd`X`H^Bg$3eg@QsS>y^pY;flP%Dx^HFZRGQMlE0Bn zv65K<=hQz2l}JbNV=K89irAH_h<=J`+UGavtj&c5R@uBg?Q~r5JpUZqbiE1(RG^|i zxB<WI5XJ>9v>!yzcDv|EoC)7~!S=7KtfViuIf2(pZ!J#_3f0B*BE$Lu|k zzMuM=LFn+yK}5L6$7$A7gb|NqKa!vW4m>dw87l0?Hr4G`YPtYDs9?y#+-E#}SYP!z zK;?Tnp}RkoWwsnC!*ZWQYeL6;_kaP=qdkl`Fk$islo{~gCc;m}OH zn#MD0+g1!LB=F{ZK^Pg1eQ3i0%%coszy7#&HCC5mukp&7V{)%zLg%dKn6KmGn&Y^- z$!CcW70)F7X5(Zf1i(IKY6zdW4h@s04BZFDoh3Sl=nM4Y2Y?qYl}HX%W0;=wJfA~v z%2L>7)vRO^0C<9M@2;Be$dQuMg4cj5K#56^?p9mF4C^T=gVmANq3lt8@%)TsnVid( zQmT2=i9#w~DscoVk{nGl(rf$Rs5ZU8b^JQq)pkx?FHtBQ5Mz~e*>_*C*j69wM;<2F zPWe8J-19LIsHwUfhUjX2y9B<_-5t>HsmHRdWUT6Q@TJA<$HB&Zw4>m@S7TCrcYD=V z1-!QdV8)2yAoQrf1320Dfr+Q%5TR@M><)LE%0A!6}LO zF_`6)-1JIbAcj(_Gk#?*yEZPBMKZx>|FNHZT3)ifPO_s$mdEa<@_8-Gg3JhLT8Tj} z{$ya=H6>d+8<7%tX0dk#O-Nmf?#bA+o~UD)*M%@oQGTaK0gF3jMT%rH5i&l=z;g8DgBm%DAI_Lnl5u9P#pa`yS!Lwwi3OUYxG+ zd5~)hzRRS3;AbR}MtcyTuXo!E0t=uUo(xG*f+;)>L*^u%|O*&klW-}{sCx^(}dJ`Bu zIMsFM0}362!LAcp4q<}ZMSz^$F0TQufCBWhr|&WY3y>0|J=j5#84;N^El#=g8d4Bi z*X?rm(7Zr9orXjwIrQ_c<%o-E#fJaZzj0M4Y`VRi_oRA@dMpkZ|75rHJ*r!RSbOwP zsAZ!G@Ha#flXa8Jn56DQlc4%${m`3U;Fdm;r-ej}5iL9%LQj`yh#8?yFi}jbwYggTQCv;eF%M1(VhIIz^RWnE2y>=6hSXQ?=<>Iq8^Z4dft@>b8qz}>R znIkIsfN0JOL*wWaPkrRDVP3kdphUMaXq<1n;_{Ir)AYGrT5r(9ejGq@+oO{Sg4+`I z-NVJec7J_E1fBBsAh69F5HVNRggna#*o5Im`rnl%=~^2WYy&K3TpefA6OEPGN}|Ia zt8}=ScV{+tDzoGnHe2JQ1A#&(KWtCOR5erC=vvV_e(Tr+;o+0*!F(-*j&?eal&Y=2 z=nImeFK6)Anh?H>*ZvPeJH#=iCrGmWtmSb>y#YsWIYcpBY1`e5`YWt_Q?QAC7+oqa zqth|TbuAv;&wCPf-0nd*p53S0{bd6?JJ~7Wkhw}Cniyk3NI&}q>Md|xxCDGg9tRPh>%hhMywtvQS2CgG#nas}X zjP&%{F2WTPbYT-jFddhfnR%6bh}Ch=o~S=Is(79V=4PTP2FbQkOP3!bMlSxYL9Dh@ z2@}lZ0tmh%<|{3du)05qiJLF7E>Lpb08=fw>GwgH5S3q_m)|1CGu(zb6{&3PO=%&{ zwvL#e=!YfL7h@@Snr}i_8zEY5o0%$4&{;YSzZo^UQn%qf-N^EOUU!E`y}OSzZhdCd zR)OoVa}N6pcp&iy#y0osoOIX&WKJv*xY&>~zIqA7{0$9wjAH(A%8=ks+}+UO6Fjd2 zzomxuD=dbf6E8Qp^1x2v+r#mD1O}5$!&mdp2|TzHzz5;GadC7qG5+l##50r=AaGj) zy~Bw~m-?HKKjj8UJcz>g%SFRgH;KAiFyn}|^TD3L?)34)U7iHf&{?_ek@#3vzHtd6 zpj}&mm0&ZtW4-FwS8WlZw;nFcHl{ z*9O?>5i~y^py88en%C*9RcQ)&`7&9=_65wYe}jrmb?@KHXSHv0aIf(jdRqXaJd~(sIT5$;>p`RKqcC(gwvdsjm5@%#f_R<;9o1 zq%GAw1h}~e7SOFE=(su@7^N}q)MDRoe->2UFRN`+Ic5A~XX6Oa=g!vaAs|3TEkj^j zY$FEPlCjqz%(*1NEWe0&F>%ZZdyKs-0OZScG3fvY z4KVd;zPfpQxn0ECt!aF_WEJk$xLsJ+Dg{s|HtWcIBm(&hMB=*6rpq?feCp`Q_&;uS z9S~n=#J?1^=6>#WTyD_>-@MRPqqpLOPLHNb6~&$wP9*shby6h+`d(IWwLf2YZ*kZW z(41Bh-{p~tZR5qQJ^@y-T(qUk%`Y2v`zb@UzR;44*N}jy;Mt#?FYimS{%w$d(TQZYNqSbLAwB?MF%VpvTRuzu7Gf-gQ3r3A%r+Q9mmw+y;`zMY7lZe3%3Y z3SA6P-zP@@2^@%w<6U|nCohnPFcxR6DZD>hFhdG3 z8b{`kB&20451(pr(GfC7TmRgK%U=-m^f24|G8^8bduwkees6$$8>R>8RP0D*(@T~F zAKZ4RU%5BOSMTwd6a_l80dl|M4)g}hw$EH!9_r{3$ea2x;{8UB;lR%GC%n6rQVisA zAW!j2sG&kF)T;n@ZN``hcrGHC)({9a*VTm-)i2xu0cFF1`}^+1m(5f6)GIC3)oLBh zO3rk$3hYSiso#bi+x7`k*2R(=g&h;`<0X;j`JZcyAhHVbrj=9v2C#1KC5Y>8+Gg6p zo9EQ^%{mM5LP(&m1~&{};|g3AR@9uKzEOS5=Keve`N!5y-9WEL2VUD{_RG$~-Uwvc z9idsug5E!0VRyV=>gwq6;$(VuL;-JMrS2qm#~)?(YfJ)kSqzH5OG)PMwsi(lUe!bt zT&0A+*;-i)zpq50)bc%6odo#u{r51G!L0o}SNjw62v*y17eEdA zF)r`Q*G10{5jqp!Nt)*wFEhZQ1>Jc|rp z>cw>-5|L!={6WNr&5xTL)SOkaffXtx6EtpoNy1 z@UmkvS?M-e?ub2v7-aX0V9n7UKn(l=aFKflaMNpA{>$i}M!uGv-VPR^_S1o+TI~ps zP*EF@{u@9GfgE`0H{tZT5Hj!6T)|FyrWLd&@{KSpA*27X`+kEnd}HaxE%`-*2jYk( zF$fnR$PdhHu(4?yk$@94E;bBW2>}y*27e0#)<}I{t{b|SdFVP_v2f;?*Ebt&{I1$8 zfp7esjGX5i(dHd3cCH{NcUAOc376k#3rin|ShYh{iD~7K8E%6|*P?4#nXB{2k*ti~ zqh6B49{qLtHlTj}Ko`-i zT1ylk;o+t41*E>8bpd|Ris>@EEf%^SOd*_4xyzVih4n{oIg$+VEoXRe(U9uqgh=j5 zIr96s=zu!AdmErLsLwG8#K@IT?-^>e#3?#iOZQx#RW->)ad^p<+S^I2n+C2uhwp$8>oOygz4-@(IBv$b>g z-?m1~N(I|{4N1C-0jB)f2=-{H$s=>TM4i-qujL8PGq5eIpjCZ0$s4pypa?=Z_}u}m zUURC?eM{}vo>JhEG|+rGY$1#$R}<5HuGJ~DZJ7!$X;9(o@7bbD$bD6x=dl;&dwmcn zymPTCptMAM!~%gR^YRJ+5eiBfUscwmX zZ}!oo0}0yglyoM*$Gk~(KNMGG5-VE{J$q+0iIk=l78+_a)NzKzP22k+ir8($T(&x-Nz%vY(eJ zb$~mR5Y^^&wQJHTl5y^?9qS$6%R1~0(8EHN4|UxJ#25H?ip3zS-;~e@?gJ@y(Uk5q zX{Q&yXqrbkx)D;sKCvw*ymPzde)=(hS_@i?b4uCn0AM`)`gov9=pyrueBq)4cAEku z#U^)3${-zH*cak@XTCwYH7yvFBhHY#d3d*FR{?k&74{cv3bAXvm0pqC{`Qdz-( zKT9;Lra;1}bqhCzU~Rj8-gSRuMQ!5d`WpUFqA0X0=d0d z=1+Sp z#k*49>2x&}VgfIj$79{j)aO*zkGt!Nt~(`~atDU4{B4^SKRs-P2T}?#C$tG&?HIz> zNcnKljl}o^~;?5FX;Eq7un<6Tl@N zFk@Z!b9<2eD}r@>PMwN*2foW%yFtTWO5LCe-L*nA*mx|H>))JCROwoc+(t-IY*z7| zm5x8vC_)lj)RGfa7u^NwYf)j&caV*}u}HZTFE+ z_Ah=xZgZ)~f=soP>ogVDOruQKBq`msKIV*jQqNNaUP|EWzAP^oVHftnpy)v#;zVNP8a zaC_n5#%J57NA@s#IA!P2M^Y!CF3=Z&0^3JwHS*?^N^0Aw7{c8C67DtbMF$mdx@TE{4 zW#<361JuArXnYQO%f>+tCBV@pf^h(KgP*(%F2oe~J~`cO72S4&z}4q~QX!`Yz=HNj zT=Ov9%w^%a>F)flx9jsO$Z!TO`%29$bVB#~$0jUvUdC3h$f_W^EGkQ3{WTE=m z@9{BhxVybQN%Yt#GX>#QDDWBSTeKQ>Wmb9UMr3PSR-8 zr~HE6AC|^8^n!wHX_gY|>D`xp%c`OOO=E-|wU1yc9gnlx@XixNSe{4IenQ$ev8}BF zN52PVZ5+dP>}cB0Fp9;fLbIG0P0NNWujsHGpnnP zV)+bT1&<{{W6nOe4Uah>BVfw=C5i>N0st?o4vnUWBj07++f`jmSYgh#EPPj) z^g7-U3|IT|vueIJeWL}7a<-*v+4#9{3nUqaIldzF(@#YwCRCeaEWrS?4v`0I?MJtM8$FZNN!yb4&(o5Tcgt@F*SqdlI{Gb9-{G)nJM(}gw&1H(_p zHH&83%gg!Q^{VgY_PtCb4Y#-R{5VC166b$ZPJijFA^QaUwOtGw+fv_!969`*oE<9f}h`B}wk$_Pohv z8v}hlL|jIiHVMZaRu%en|-P!R;DJ6yNIx;3~At ztM&rw#+MPi7@1JrlQiNfb_R&ZqN(!vl*|lCg#``og@7w=g1EzX3h(lk+uwG=kXSf2 z!{4?WfYG*hYIW7@7UtBKm0qT;GVw$mYCqzBxI?<}MOM?^D5b+vR49Qw%PhF`^jDM2 z7SrydilJoY=UnI*#WGWu{jkRMSYbDB&}#Hy_`UEBmXW!_8!uMv#&xSqgjb(nQ|gv| zW45;YjaoyxS5^7M@zsaTlN8;$ta=#)pPW*bS#2Kd{DUTIp7#5D>)gHu9OrTkv9JM+ znZ6bwMi&)CvuWBocVi6)-yM~8u9fz(P@u8r)PC>Q@w4~T$D%;nN~ICt~& z1my37z&?JcLoDxGP#OSSHcMTw$j)n#vTH7lv&Q+n2TTUa;N!pP6dJGFZ@xn}rP zo;I@g^A{b*A&Iq>X0=O+ap{Tb%}L-zFE^+50G14dD|j;K!_mKRySt#lt!R9)JO#PC zKE|3at1qf4u(PyfD6H)yf+pe(JROJw`VIfw&>)R53tF0UCDWe3k(d+h(L|qrr=;!t z{ae&1O)-@>{`3Z)Q;~+>yB{_3A`2`1r$l-DLhd6Strd>5AjZzDIb~v8-bT`iF(^Zt zeKN+@kz7xOnyS0?k((k^Knf?vrEsZYfx&zFSTEjpC z0^v>7Q_N9L-HH5glmOEtL*QRfko(`!G)+HrKkIyh;fvH%86RrA+9Lqq{T0j;T#-&Gm{&Y75Zi*SZJ{Jw4QQP1EUv4D#JYlk&4sK4=fz3dC-S! z{f*mxsqE}=mKF9n(R4aXpw5$a_p|_2Cv6b-y{bv(>2$b=c1oswWeO7(f_Y*>DDl|I ztaDi1LA@@tVU$(bMZDAxY?(0p+U6XHMXu z|L@n$*R+(+&F?tLuvC4SNm^SqqsCMC)h{jOj*C=8M>{XU#~Vu^sLIRi*@IiByJG0ftTiVmd~{6Rtbvm}2vp)OK&u`S%r{2@B(O>|e===eY%3DsGDnQ`=2S`AC1ZUGsv~|@17!yKv zUM7s5GT{U5m3E7aF~BWh0g~7=t#tJbFO4W9UV&`P%w8?(56zT`E$rWuO0#ix6uF}O zkI!t+Avu(ot?kg(2fp@5^q5%nP>AKSdWU!DG*Z5vonR4F{<;S4Wk!}Wr#POh<4zc7 zydUhbJuNn3-{3wpM}TaGB~Z_4Y+LF3GMQNZ)4GPVx}<)20cOA2q!z9p!-D+-Afd(yI0>$qD=y4?Ty1QBk z#G-JaDgeTaGnorM>bqDb^~e2?<iSJe|2p#-==Ujkzb026v8QI(6K_qkgJ%QVzitypI zYO~Pytc3n8oH+Z)Mhw0k?GndC$D?Gggcx8Z$&%w!z3^%lo?75?tzKzC_;k3|`gbg)n z&k>#}rdl#MDd5w?VO4a3*elz0<}Jsi&vi>{zZq()2ReERYHvKq4opM1z~$N6-PQnU zETApeSN&PBExfgOuXa12tE;Qnpgq`jGc$IY{i(PUvb!5Sf_wI>U`X3LAae6Dw6LyO zeH!w>9%u%Sk3#>C$GMn4W65m7YhWa|(9k-~qXuN9vKrg-AHC1ksnY`|7 zyf?aNlQmzn`0_I+2pEuOShv~W;)AZHL3FeQJ{+@Y!$@l zY(JK!MA^#Ngke$7=Sve4P`pSYx4bd*>U8*;y$gD{kH?I3^1f4aK7?&c?ICRe!J5?MMa)4d}XOW zPFG1-pzU*OZ4gt12&%Dr!U*Rj{J_WrhWH9)$#k7PdcUr&_lCGN5~a9lU0)cAJ=KPG%zhX9^kvx&K*8!vKg*v8k( z$Ac8eJAeFO{+;k#20EqmPz1{s{v!X9j?*BYRZedb@~H7PiF0B7PWduAUP9%b-q1C( zC6p*$B=-x`96czRXQ-q)1JidJ@AbTjPRcqeyEgo!dDlRDuB)YDY%~P97M#yMlUYS#6?$xF)&&#=L}O3?I1TXE zhic3ivmWqd_i1RAN7I6&bI8U!C#UZ=(^AOXSLes99`9TR{0Jo&=BOAbGKH&=4eRc8 zMdJ%{>1S2!LoMZ@34`jiB!P1%N6vn{6Vvn_4JYa)%*(CBbomk){!O>t_`kUT(o6cy zw<{=pV?3<1)hTpMF5iq#jrUN*d7%$_{^^qa?iMa9R%3ioBX&P8^a-atqMu zA|};r8l$am`8z(cZ?w_CXN9%V%GQNQ$DpPAqjuTQK@xLlCv$CRRJk)4O3VAL$4G|= z9Y;VVnv;rc5#3-c>NKU&>rp^j+TX!-|Ni_q(I=5P>C?Y12()~v$w17{yyJa#Q#ojY zzTw4XGvj2w)|jV-7Ap-K>wTa%St}-45T8_S{n6soFP&*|%{yRcLa^R5O zts0zY2V*RB29!%1!FMk<#DU>(;n|5}F?avg1QT!v;Nsbl#{5wD=# zr)1dY&uG|$k?ql18F! z;eKh7uyk!=e7c#Cp#_ku5_wSlK~ZzTx?@v$$#{fG`#~ z!NzlB*;M$xiN4I7b!ypi6Hxv)cldww0hQB!O`sfp+Ku3dcjAyz>bppQr7PYevzZpH z@pzy(LBpo=*Y|CAt%dXk7%MPwpS%2jjGc8N@z(j_Q-^D#~4zT#4%2( zyyI);CsN8t>EeO@gylXAF`E)ro&&e-EZm+%a)Z617h1XDXdWl1>~`Ih&sacS!Lesv zKl}DSJUCjP@{5*&_#+c8OUKel+Yfyt=8?IME$(Y(F2y7ES&*aCY)M`Be>}Hg%8J0u zDT%N?VQtO25C~zCwB!C^kf4xv(_mdSjQis=&HF{p9Dt}7s|bf`*Y6giEyQm3`TH z#zSbSPb_6G37*)Uk^#}_m514Xe_a!3?^^|GQclBlZK)i1RCWdXn@~U5RH(69d!{|@ z{fxzwvMH2&O`@a$+}*107UiAnJXc8g#AMr=E%ZFxW0dKPmW&FNa&GtMs7g;+@^k+C z`Z;D8>=WWhzA(NE&H7l7_^SGVFlI+RL!$}zy9WB)7BS^Oa#(Md9vv(FECWmo@l;Dg zHz}?g`R!AkCZCl{q=*%Cf^6-oT`$#1tYI(J%UcU~;#}tZA z&p#6P`g}uFvmylgXUGYRlt2fi4^k+WW7QRYIfLHI{;}A|6+6Lj7#|8r0+~Z}w zJG?BF4%qQk1mB9YMUd9tHwV7_d*SX+`$n(EeJc$cVH$L6s!T-6e;3!3$BMB#d5#%Wl5UKqc*Sfy_uKcj6ga&NMe0oqYwe;9Sz#xPEQ|_gLzu|+rg@V| z-N-nBH(%BeZAOb6_{t{+zoern8?F@;5_tcI?@e?61asvyvpq2HQrJG$VrEWZlu%^@8g3I=QfKfV9#?iOYQ`% zF+_U_a7XM99^?%hw~j^wA?APm8Ku`n%WN=Jkx*@FHS{IDtx(ATnPl&AOh!eDJTOW?vetA$`XOaN1#3zpId|J z(@C=FcKI7kAJ>Q_l@s`R=-!tFG9+%3!1LAthZDd$emHGZc({MVwmyU!XIZ{j!YwN ze+2^b@1Oq^0}XYxtP7eq<}dLhVr)B8jQ<}^^QAqKk7{8 zW}Kj^`!}oipa1ONecqta4NOUZB_(qid2ele_tMX)D;j|)SLab-D5v^3Y8rTvQK}5-(4W;%3l+1XfzM+ag9I(M# z^bQW{?@Ioc$MDn#)TZo7|D*Zb!|L0G!?25;rP|0YFiF@9Cx2V_No2v|>!#OCJIGXs zwSlaY;3p9rO+h4Cq2s9fD>N@}vT(p?k!lngj0eQe!Ouri$QcoD2@nmWzwt+JD*kKKCs9rAt5mMYqcVN(rw|O>3zJ2^9ux@Zmn|W) z#M%nGbNxrXW5lZgj3u#(Na!Ob%`wJ(%qgLz_$vo^E8Vw4$R0QT*Owv~D#WCVmevX7 z0l$%mS+8eZ01U$Ld!IpJ#>SjGBjyF@qyynf*R zpA=*&{SQ|K!DshVqKGjMjGxvLYEEX2FNw+N#g-LNNJ{RquihN*v*t>>FP9v04n^Cl zA$c(oHapLcZ<*1lTDe)o&V){FH<47wvG&{LVTB7K&tOt1zSs0e_kzKeVs-4?)PK!T z*Yyh;`ohf>xy7&*3MXG`AvZ{x2_6(yY5(`wSoa$9xI8x@lZkF4Cv&90GxaLgjMmR_ zCfl=m)2YWqKyiBS$-?ius;mdm?~Nk_D$#y4=P@B@qZ8Q*PbGYQ?tD-XDF=St^2KCX4@rHeB}2e+hFpI0w4R9s88^mQWh<7QjF3m-1o^T#oHF4 zQp+Td5ep~EU$F_f|G3TRQl=q$ho-X~aX@~(OrF{asv=yynA|^bEfuDnhtBD#pCNA# z)b+~ZvZPwNCRQNdRLhwNRTyx5U!bwfh;WBDg!Hp-s{NMdWr+G9r2ARGK6!(c@Bi-y zj4B@V^(9b4tP;Jw(g%Fr*g%2kt(2V6Kj{a(LO$AP^zdi9KVOZHn(I5|JsYs-zF7GY zr9F~Sn^+^dVXrk7iJYswjrpott;0oF!EGolc24AR@JtzP9$}mbe;%Q|uHFHvh1XdrT zl{?u+iWjeLC#OwzdjHEmz7?O3d2ub{tjl_;y6NWdH@&HHBfUPJ32gJiGU>h0I_7_m zp7?zLh3pB!nLtDf3PPvI3n8io`cOin|F|L0LISAvaNqt&UoDVeZGIBOZi*Lf@5x=Q zp%Qad?5Nk8OWHhXedEw9#@UHdK(;H4M`z8VkV;Xm<4&A46o7$9EDR1Q3~edOWkEFp z&Pli-akT_~>&iBwWH(dFE@fFP%d4+aC<{jlb?OGtIIt-NtAw5LD9K5FzNI4(q%9zwQ}mJ^@(7fe4$8m&)RX4e$Ub zz0CI)C_>?{kTXJm-#4LRDA#Tc+GK8_KznnJdtB5Q zOQ*^G&@%(%;~7`F(IUS64HzEL^jSkJX`f z&*pDMm*tvJz$($&6t&VLC*+RLFQ8zOL-E&h1~}%g!JT*GADlj1?S&*;H}UVwxORPh zJVqGz&j-wojIu=%+TD+p#=7mP?j9)bB|BY`TfpstEIX~(yo7TlGV;=vTh3|UTyTGv zQop>-F)?wOv;Ny%M)JFd__BarL;H=Rb%LrTv)DKYD4a`r>W!3kf(|N>2A(V|7~^2N zQI}8K!zV=yr#Cdq^6dQMt1-1YY!59fUyuAI3ifK<2OQ-=eW_1C?gzm!eu4s>U3&8( zL`gM&EUn+7x=KbU@jAe~0m`Oc2KyZcgxA$U6qN4_)TDm@&fi~TMEHD<|L`l7+O%4u zwsOI9wPxYXu$8Gk?}$UrYjpV{M}3JvqbN)@C;z9Gde<+KlSj{Ot8R8Dzd)G=KMAW^ zK1Ya83SW5a6oYBsm(P8xYM-J-`&5eK_~O`Elf-Enm4IW*k6&<7iHAab%x^ zzr0^|@%JDg$>5{AG)?Qqlis10yBULB$a{K%e*{cEubBqhp|E~zqaDY1Pcmb(=Cs{! zwS35*9cQc)+L{KAx03Q2-uoCvg%oWicsCMY&34gNs}vu8l10D*v1otwe4uS*+6giDOi|q2s`!=ep^%t zgtM_#1VA?T+itjq<#V-LKaf)gbS*I_wYk5w?^F4U8fF}Q4+H`WI9GyiwUB{hB;i-_ z*dG#Buibsi9Xhkd9BId>+>@DXE!LTgIo>=`)#r+6>T8N~aC8eSET*8S8u4mj)Qrzy+pOpNU^%V?-6W9a= z@r-M>2^;|zev>xl_s1`YNoVAFFjV*0PrjXHP?H5=6v`cZTzdJQ?8{|0e{{6~S8!lLaLHKSYe*Kd?VRy4%CL;cL%eP}BMS zIZQv?-@BML<=XfON&eVAozq-NHGyL|xSKR;9op8zmCAVIe4)v7#iy2I)^=-YWT|K! z<@S~#$eHa_n2?gCJ-9U}L>~N~h^^bF#eo2=SJZ$cWm^YZ9+PNwRZc8q)XY1E5k>TJ&s*sGrua!1*W z*}^(Y+27$A_&zyM$CjFg>rdh4*QRN*>p^e`4iX+vP!LI38tLmue(Fr2C`2`9+8!j6 zA6~rzauJ8TGKP#`kU@E2ADzH)BpjO4O7*Ck)RESalzuguMqRM#kWsMG9*)7DNG!{R zBR`V|-~sjn9NU|lw0D@Zk$ykM{y)hv)EmXP?cONMSBc66d$1Jy@!Rr&-uBAww)Ah@ zLyIh-$fukbQZw<1&CBw}O1%kh&-g{`9E1CDMk`DY%iy7!&cC|zu4_UC#0vSgD{kvn zetm2I>`f;S-c@dlPkbr$>B&L|^|KlOeD3wd$*PAslg?3}YR3ZE$d%Rx<8YpncNeaA zfUsX;S;7px%aCTSx3@GO-<6t*E@4OhFCnl!1~AvL16$CxTahOgZKoM)^F?xM$fcs~ z&%?Fvc$R@wEl4?uS;$JDsS{Ou-9=Ya2=0MMKklu>mj0yG*}JzZD;dUub4J3k!k-a~ zh9TbaGNS^gm7b?^tbmtn!6xS`6JeT~1+ytHCF0*`%b-Fz3zaGJVm+~fH-k+2yeTVaPTiSl#lf+4-K0H3x3WwBCK&1EWI2M17 z@0}i7_&gREoG@4VF(1HUtA{J$GVAZ3qcZCYe|=$NA=UoVL65KCNAc*1Qt}p=c_tmb zgcv@hv~iv*F1MYOuK9ptph7%7_*g!E+vL=lH?viOdBIlT>aAMI*%Ol`t0w%lk$#bx z4dd~n7|I0UN30G%A|fx#d=D%DK|uR!WvZ#V*8h+u(<=FXghM0Kz>;w?oc1! zof4aFNCc)aI0%%a&{1#Imseh~>JZBp*6E`{9u}lf_D;0m@gxT0W>|HY@oy`z{XrrV zxwgV5nwE0h@5F__9@?Z`DA?%XOPaqiI&rs<7=xR24m!-!dQbW#Bh)gaIcY?G*VQqk z2{^3(2bD5QBBSU7Ly<{fDtNVyOu+1h(X4wss;X~5vhg8W62oWYQ}Ju^YrcjN8;&Bh zn_ST0shJEi-N|1lBmbjUt5HxF?Xx=wP@yA zAy%FpZznYvB&oAl6A~9NSAbS5qG{R2zxOH`UfpU;JTkA0Ay{^>c_;S-gA>Z231i9)4%2iJmQ5v4K8|I+9w zD)MM3P&8@l2h|I06$$$Y?$*!?9S=(A4SkhDz$Fp<#n7efm7ejm z?;rpF<%MuoBsg6s%`~=PS;W*RZ|54DpF-ID)_A1Ujm&7fk1JO=JykG1qbc`o^L|mn zxN>jC!Zb3Qa#YfV=jx0>aKAwW?{29#9sN9gybt>a(EC^Veh zoo?6@jq&?gMF(~bX9W+7G4YOudxzE9)ASC7V-24G1CC&tmODl|bw~w!SDaJ&0lcGe z=B5%>2;dZW5mNf;C1IA%$rnn7a%49(2g9J=03c&^&;Q!bS8cVLyhcnwI*tkjiYpBg zc2*g8301fOK*_e$b@fSXu z<+1<(A#tn5bTJrMzrpGry(a#``r%!+$+9m7C=ZA`MYuU_zUtAUsIJa>Jt*8-4xicEI_te4uN3q$sdlHiWv zm7=W*F)}{Fz|aO@X$*(ViP*F$PUqdMrAkSIzd!r?A`sM_CThk6jT8GvS;3%nj4RHB zK4Xql{5Qu?17>~CCHq&et#m75U|qSXQeT2JVqaR6`OdN8)Cl<$n^{k~4)z2i`W1rN zGH^w`dQA3q68J~(DT5hGbzA(WCM>IA&(mt;RL@{HK(}V(SPnBEuv9E}D;!06;Yt{a zJjs##KsP87E9fHoK5sdE(*a1!5`rVZ;cpNr z%uC^QeIWIYm`h@DX5rQm(QK_YMbgiRptjsJ0#;#AiQC-v{eE1aJ#q-c!h%@-!W+VVDyn8z^Ajr-X zG-*W8hjHX!n)^pc;KtfK&SR_t@IFt&?(Qy2?vf5R&#yYj5wN`LH?Dyg``fz!@Me`& zN%&;cru%7bY(*TAPdm!+O@J&*UiR7Wc4c_+48C{nUI76CSntwAv;I_7{xA9CzXTdx z9z4w*oz3%mXhVt-aGT;8ogSXN8Ta&0r>R=n?d~|2v3m*XSkG@M)4j&l>$2uvx+|i6 z;T`;3lHd0f(afvTGvvu$)%A00&cTr>3@TPDu&IVmjv+4*p;|$zA!Gk!ePYL2t@f0` z_`9)F)LZll+w{f+3>+YP9ON$diyufw?yOGM)V2&CC7<69v;nlS-pO!q^HwVs8{E`7 zf@gd~mYIVD39{)7AQ@EZqXF&+69v%r`=h5I1F?BjK8D^N2e7%*x&u5lOp{ax^%-MT z<-h;3?UCNekJYbw-DxZ~mzRi~5QSE;Ul!*4-e;Hf&NJ6WkhEb|6J@13jO z-b~Wv)8qmE6<}gNf?8~a+I=B~`XQX%r$3zRSFqs7u@fu)|`%QTq@(>i)LQoxm)>C^(RC>TVqq1xCAr0K8=Y zpWYrWSt1MbF?fB~p}+;WERss(78Ca~M80s1m6 zdJ&eNN#Ii2Zm;&JZCJm5*0QR7oZ>X^LKJul2(=)f1KDa4U^279?EdtpI@~ortYCIXsB}?s{Dm7nmnbT_n;$ z@EfA888Gg&lA5I8djbGCO_5%p-&cPCg|zSl;DSw-t|ggIdw4Bj_yb0}z8It+lJ2ro z)?){N3^B<8?_V#g2D7G#9C zUN3!P^T<1C<6!H>)MIs+fIi!h0$SC`e9)=g2j}f(bqAvUbw>U5;95Z`ZLYcSc|Keq z)c|`@scgvWAP=_8C9LPV(kZmoG5=wfiv&R>u*bV=5KU*D!kO-Z>#OF_4J(>Boe2D^ zz;gzEqhnGpzDA%1fwBvyTGFK{%k*tIowk81qQ}R0YsW4=D^@QVC$Y)G6v0Krf>v8V zH)@!&ANbzgqi6Q^flqcv(v_p!8MM+b1qyf`l#nD|%-D}8wgE;`qSINs0ULl4haUc# z6~Nm>w&L*3z9NBeup;^9uZ;;V`a*yUn$>AAwhe zQkMhm#DOJVH`_k1;9wqi05-!%?@|lev>OoSyPjLP`EWj(D`M1-uVy5)2P`_9#ggaO zq=6e4fdLtk9BFM0x#yHQe5x_z@yKP`ta1=2&nt!r{*ehcd&XSFtmT}&~+fG@yb z`$c3kJEm9eE6iAG89*LvX^Ms}>iWbW`*LAI2o`QntNS)|RyT%>g$fTanNnUAa(LWM zrQakT{D8#7BT!^=&-?*qTT$B*N|0akWkK_U=F72?&`$%-?Od&ZDMBmTR)J<&Hg4ad zjv%sx+3pg7PE^7lZ7K7m7n}#^R*r>)kf&@eUGlBK5pLK~eeULSh}e%;nYGN?33? z9tXI$NR&lnr)$cNENE_eK$`QXM*8)j1ALGu-=_*UxzgRjTNza(E@^8z{hh@7Fw)&n zofc}~Q2mXIH$lMBeY>goxk}!@MuWhY`XS+`I&@x>>oafFGfM5Zqjk+Gno_Ys8 zJW=D@NK|3&-Uv3pT z!r&!5C&2xTJ|188hRwlZG0iShv|UP-)R{&^R35P*{U3!4_@6a$AJeK%9JQ%lIr`P> z=T5;Tn_})_ia$sl^}kJxvP6%jYFkk0_yrsYay1pefL-a})7+)ns_SBDFz7%;3f%M+ z#=r5p#H$vJx24shYR5wQJFLIA!+LMXc~0A;UeaVGz zQ4hOO##DAt8icYPH|9KVSc0oK^s12lBF9bxEWf@QcFkZ(ZNM>i*7db_qk9Cf%7SFj zjeVo>mfEh=N?g@gfT?zOFwt9s#Yq%wFOu4=2Z7}X*Y?s$iI>O1v&ufU9b0x&X7GI> z0NB81ut?)^2XIO^gT`8WTBpLS_yq)_@=>GH)`6&;A%cH60#NJZSH35+#Q8Y~_ zGgkj&ut#hvi_NPg+_pOe4T_zg|84Qd%|t5YS_1543T5$ZJYvW;!WX|OL>-Eq(1df9rIr}*{ zKft6BvPfeKcoxu79=ur!PEzEZ`k6K`DyBp_yV8}^fPTsoZ(@+ z8qqv1m<~aS*{k{G=68ndTQPtD-+6QSVqx>={|dOlVu}Tb0C(K$*aI>Z=#&5{Tn}(s zzpU6va={mFKfA2F_uBQhLYs;fl}ABGRH37@Q5|>r2qPfY1jKz$dzB{q^+A^21@Z80m{yLz&!E@X?J{xmWcV@h2m9CHD|kg4z{DEkFvkv} zaA+w>50UncZo1w!#-61JIAFU2CfdQM@0|6X|61hZ=QlHhxMuuDElhFU${U%6f+O1` z*jj?6$thx9-SY4?KQjigT3)RY_ZjiS!nxp2aIwF$xi4YuoMWzq>%Lz(k5H`wOwoeH zFaYfP0Ab%3TnjxA=4r?|xlYo_B*4i^b_ZB=oPKl$a_b5gQzW=M%l_j2sN=R_EL9i- zF8y|$tSbQBFF=^da38lFi?t@BrsEgj8(Hy1-j09J%-xY0_~Tbi*y}M=6HM&38x%i2 zm|KV7JU-P?LPvsx@-$>3Xvdw1;*oP&i1Vw*H}ihlK^T~7fwsE@KF~<#gF})o6(;l) zf?*6~Nz5mrT(KQ_G!CC+Cvbys=5wTL!fyIB{kfE!Mw_$9x5ie>FzClx67g=a~U7T$E z#$kF>4dRBAE$zhnu7X->JAHG~Gs2ZORA7|?y>IPCLE$+D!ND}0&>-Fp!|L>z4i#Pm zLi+%8^UDWounzU;rU{n;`W=TVb7%iR_>QuF&{Ok~BNKJ5d5fP84!k{M=Sh0+esqCY zC=UdNjT^uvD%rN5Dokl{@utu@`QL;0U=xX+O-Ajz7EAy<3L60bqAk z(2G9lC~1ilx!l;F8t|<8?g+ra2`A=Q0k`WbEX;ue+Btvvdp2T=&Y0t0_y^jZZLFpM z!;vKk5XV=Wd9L;)xsIZ({dBGw5V%9os7Ou$&%NOQo_S;$m@q{k7|+LM7FyOpWe(!d z4m1F{Vh+(>Pd=okUfm>ECr`8VKRNpJg=0XQJ;ly27;A5nNd`SO)p5EjjVC3l8-k== z^%7>kKiMHNUUQj55OR-}6MX_mGQQki40u^3#RF2GbatdDOFDgqeZMF~e_70yA zfRAQ@cvtE*-5dbLqWZ%4IY5wdiDdt~jBtKibQ|+Uf-{kA2DHTwgLPMO@$BhGv;r8pbd`~*HF3Ff>e^zL!UKHkyL$Yo#X z{>veS%gu&_QD=nk>|B`Dc;PZqfoZ=17M&ld;^Q6$^Sojk&;C>#Jf@pWCeSSU!33Yu zMm^(}-GO4*29*~fmuIqoZ#pVjBuA^Jn9K&!a}3%m(F0x6sDYVoo^Q1z%0^U?^&0%6 zRyRv5`Q@pQiDi)SXlZypf8%1JZX;Tsc8alT2IUG#bA2Vjn_2{Hw(xPu{Z4!}2%2hZ zA{`-iK&)cK;$}(X(-{OV@DR(APDi)X4ZsEJ2MX`?;KXiDLipE6xRhMAFU}u?*WdVi z8RD1uY@kSn%i{c6twZ?jpTF!l08T$PW*xqZ{=*H96`&>TFwsNH%V22ScnGXyR0ZVh7Xuvy65IrhKG!n9WHY91V z&(qO`m=P5?xzu=f1&TB7>)_CW#Ncp0lO=_7m_FQw?x_s!;pKmD zl(6q%NZLv28S5TqM{8erF7OzKX37h^60rWPwDW9J(uA}5aa5?8?n2ve5S|gz+cKIU z?bq`UxO;U-n*I8dc}>uo!uonuYuA{!CRfGnJcD5&J2Ot1$6Oe^#K*B9rH(qW6Ew_g%I*Llhfsn`SxqG(6zKU^McKa{F~hi-tS`<%Qb;{ zmRymPyyK^4QA5iunMflC<@7rjA&7&U1bs=P)$GaPVG8@S#|k}lna;XC!`|A;tKtdn zzGz}L*P*apxs3Q2zv>=zPrfCM-n_-iXaOr5T#4d4x;o1RitPhF0BvZd@rx&A9>6aJ z=8Bx;EdlaE^|h4}7RmNai78Dp)J8`GaL>j=$vj}>3#Awob6YoUqSt<;G$yV>B=!aV zKb9xv^6;#vWzg6?^7(qzJQF5r2dZz@>#MOH`6H91!RN^~2*%iqWOF_8mkJ0~^}upmjIxe2(n; zB`O1glFs zuCKU(*-=zUpn|VLJ4Rjvr*otp!W7M1Ue3>MrGyEyAO^*Bi^!`)tSJ~_Uk!eey=Kd1 zLeAZ!}==!h3f_hWhdun>nSijvBX}WPBm#f53~}viRmN%@@w@Lo>O!aCL^(IiPCh`UYvll zB2bw3y^LB&zNE?MG%YYhAce!IhIM4zJX*7kunrT6_?ke|e6+_QVncm2T_q*_+DLwd ztnCgP;3;)YrPx(UhYGjieI_k-2c)&k+19Ug@{Q6c2+-UqeJ% zO7=L&=t+u`AK>4cmDMVqVNQ~*g}W=)XHtRung;5HiAkn!NF}f8>f7#l9HlHa*a6&d zC&}AIs#Y(1Kk5J1! z2MxDVG*>_th?ngb7mTVXsgxdE4}lhF#k0@DeA+kdP&?Em6>01UI*0^6L{0p+EWV^chwQP<-XWe=7jl$tQ)y;-9VVAc*Uc3Jab{>{v zQY05>UX*4BA#_1_%>Y|;h${2|&tFCqD5?qWp2@3{mSE0l^E%sMw=(NoytMl?Y2ADS zCkghnyz&rz);i*EbEfmyEsea<qL7 zC^+oE9jq7oq0TqXUc8QUjb*aj;h@Sj2V~%mx1*7xc*>~jYA5c5IH$FXE+(mX z;X78NJ1UmXt#kY7R!!^}nc#OXqR6`S2Hs_Nh~g0jh>owwDZ9SeU#AG7ye*4d)U}y+ zS?^ofFJx(l4Pgz#nBR0fhxFRWr7Na=pt$cE64|VgXm$3+YOXu`!t6L$8=rsp}w!;_1qo78793CHrQ|>b1LessvXpsK! zKw3HVOV+R{W?&7FHPKLbo-d7j<%d@ch_p~r+K@aUpAJ#-jzNCosPz47)NNhjm8X@v z+7$O5P+7<%t-E;DwDMVgSj(dXvwrVJALIHsS5&x2>0`q41&d+CbRugdlw&UbM5#AW zJk68s{U77+3TD;L$E%wN&rePO*1pDd3k5Qriv#wV&Uq_wYZp_x#da4Pf-^%qdkc)E z+v)-dYr!@*7?gDfftfLWf>w>&ANID+<8G1ADPCPaOY`k*6p~)+I7&WTPBLJ%34J13 zLP>cls~aV<5+%_JkiW^U1UEAL1Sp=ns#5l7DdKEc(%N$!5+JPrIPgR%9@&W92Dac` z8{o84bL=Xkm(0$)oB?{RSr$^6pOJs>oCV5e4|0h`n|y6y3;}~_dx@)Ccj=9MSaqw< zw(rjP(S1-_Y3L-x`k9dwNW{gx*%@^Wu`^7~;=XCje>B^S2wjbP?`&q~qL)W}d;3M5 zpO#BjoaA9UgDlBoNqt%N7c@w%8T?Fl>qmv2t|fEUXY-A9ZpwQX#VhdKi7g(X?TWgI z={?Uh?LK}-anq3?Zu^gR;E&^6YC;Q}v`(EHTB2w4NAx9mdNL3pU{n}O)0J{>;{`wE z-WQ@o726%6{6VlWG!G%l>}aXK!EZmQYY&a6SzM`}Xcw`A*eZYCh-G z`gYBFT}ksMrs zRaYDu&KmbpJphJf(g7KYc3+DUmdm0V3E18~pvkg=9<3x;*U7i}BDp!S1u{ozQ)$`+ z@~>idK70m2Ku#S-014{Ko!qUv)xR8(nD1K5U-Ucme-U<2d@RJGbc+EWY(XGX2XLY< zAehlX9|*n^qx7QsHKPD2!(9#{Q-IN z0Xf%JJ~-ekwH|2gIJV&$Ap7A(2NH;Bl+q{lzKy1yMl=`43J7D{RXly0#+peq zkYC!x(Rz`(o(VDTv10Or?{<=gAYu@~uBq7DVzc7)JmmfdvlC#ALC_IqJu#wAHvj01 z#Z|I171PGM1}Fi;M#mrbV*>15zW0&ES5YwqDKv{Mq9luO2Vkg&tChzw?;k9HRPfiu zgj1jdwE(;PJ6|cHfV@G2=ZMPS81nuNLnPmTOhY2ua%WMH2xTw?JI?;IBZh}jxA02L z0@~ex<0q)gy$D;zU~gpK8y$2AhdlndM|7J(NBMOwFh+QI7q|YA5f=N3ps=&x8B8HM ze}CfLtHj3{T$f*QJ2vuc>;dP|QgHZVKDM(pT{DU#yI?orDM>K_KGCIpikN;bsc(l8 zhSRl3CjP1em*1R>$*J!#6soj~u~xRBir2GnrjTtNIhNYcPQ8I0@ff|XME^f~e^}P0G5hOoqtwcVZl(i{ z0m`Q35@Mi&d7GhCY+|t?vfhx1pH9p+dyU@875eLrKF@&8FtV1;1}__oac3@ zMuUDJOs;8F1jK1s^4um-Yguq>_=YBkM!(0xfE8ei&=r#;YUn#mdpj7`Jq9M|7Qtp`{;Ib%IM@)ZALD9gFeYQT7yhsk2)p@&`Ln!XK$~K`I;(Jj`47F~ zR!roZ{k)9JEhhzgDN*hE*NH+BlwHD%>`tjuFeTX&dlk;NHg=rEkK~zQtIrZ<&u{%2 zCKBh(+Mcd~#H$rd+&>+>bPU`exLw4(g*uhdut~QeDsfvX7VYL_hab?A0@%|K zbH_Xi{KUAdf8K3G-kP3ywn!!q!+ zli*?74uY{6eA>i1SkTw?b--L=s~s|lBH^*Y|zQZtRQ)tGALLm%F)K=6;oLPYU0S z3PKdEPiCRQzDkxpl!PzWimL=(j!gDFcHGe2jqqGKc@Ok!{LtQqxZxJVIe|jx*~-*S z!raGcaS@sDr3Lls;lC}|Na~hgDwy5f`p(Y zUvwa%K8Kv8Lwad;mv z#Gy3?CNa~Faf`s8Rft|yh;F-oxIZ&qQGlW>w7vvH*C~xamq6OhGTW_wYRZuh4DtTg zzqXCzLM=hk>p)IH0;V5y*EOvnl^iUpVRssn00Y=C-8G9JG+2EtQbzO?eMGjX0AUw3 zyt|*9?EJ22>a^s#yQFs>C^oabXS#5Bk=jE+Yy<7=xJNl<$8LMC4JDUU#4JZ)8kB+l0QR z!xQ~xC2y5tBqt+Scs^+|OEvy@Q&mpT@`lUU`NWahE#lD201)2K&oSA?-+sgb4{No3C}jK6I>$!ud-)2u^u+`y__REbBY+3KNyA zl{HZhn#j^q(B}5~lK4ogAv;ZAUc07#OM(j@vI-s+A0dV;R&)rhaipzs z0Ym8Eh^b25+PM|TGP@~==%yb4FQ1LB*MpoRB;i!HK#{+9{;cWDMcvWSWyf4+My+=w z5!rTkIVsGWfS~`qR} z{d44Q5q%HRa{b}w*{4>!w4)T3k6Agt=beii51ltq+0s%k=bf0{{HG|{E%ZdVYiqTT-86*WGSMO}tnTm_Y*jTDM|B}CEuv!gVxrhN zHtfjq;QBp95QCThnk^NRvROlsLgkp2NQRS=(X841*;u^-s%M)Sdn>vG&om62)uXjV zoU#Qb&3x(tyDDRlWAvUi^UJ04k=;{B5NBKz-tJ+em>z(s@-H(J$4kR6JRUNnn%FjnHpPQR^@;5QG*MOcj7h<L#k~A zjZAfcB5juUuqGoC%ul)5ITCNc>q?dzcFj?DB8?!ktvawMq#dWOkg& z&~`jKUj+_=DL}1#x-bMoOrn`jq2?M`e*RgI-{!sykz=SSL{w1x$$!|LNabkYB&^KH z5|gA+wp3sjSFZV9;sZ6#E!u_lwsKIW!pwyl<-3jxA68{KI!R?oOA(^gKPP*u7 z7V#KA=Q!1K|L<1R0eWzpd|V7(KlF-b8>XY;RF32}q_7i#932Z4B{D@iQL-%zwY(hT zHLLH+%XTS==~M!Bz~cy03af4N?nQaMH?6AaItTYvzi~yO(h*btQjKj(%f1+$o@+0+ zSCQpMSl8^DPmJ5cr6&_q^d9S@D$s4_17&ow?<8*mI<013MPwmCFcmuhfZN0Y0B=?F zvXoc=th?cJf|D)YoZt^X`*A;5MnPVr&b_x$&?QE*r~JBC&iit}<7#FhZOF@Bym@Wg z>E(7Z=iLXVIkmk}?-42L4tB?gOi?g&QFSO+v{Hiq&<+R37CX6oA^*>}!=AA?LfZZ&8r7+1z)}-XyR+1pvsY4?bW|$G5a*q<2ho+$I+s^pm38&$u$_;RG<3C z0<-MtsQnRWMEP||WPRoluJ`t54Fb|2odQx4N(jM zcO%+piDP#*#C*Gdw%WNVJlsz)IYUMUfvRGB={Rbfo5-R$^H-iE%1OaGjAoXQ6jUyn zpLzsTDW%su_4ifW0%f0+<$N5$?8Z&(cDA> zi|03Ag}!h`C|tbNPU`hv_g4LD{Qlu7Mu+kg1%o$PR$}v$5_2-c{XmGE(eIthUy z68`H;|J!E|4E+xn9e5Yp&foUdD{9xV+#cd$8Kh0c%Kt200tbVbA8?Ufb!`q!onl3W zT3K6Oh&#r4@ZQgc@pc{3yMf8uc03TG0oPwcI(; z0!=QoxL7yFef-vWU#H44Rll#-o~qdJo=;O)Dgzgu{O|B;2@FNPN~w4ER==b;QvVqBJ7AKoO33KPjS=~(7N?_3MBl)boWLEPvu zleb4o*|`PNtiXJYW&EAdPw?GZ2y!6qNMLy|&v`pPNhh!AI~wvHmebH&C3^o+dK_>!`l{pC0MQ(2>h74ylUO$nx~Oxf%93W#>SlyN~D5yEx~5Gbn3QFHei zigP3}uZdI3Q;8MlZ0-h@2bdTUP?cKnmqDEv+3}H7I{%&mC;1#d`$W0e-O7>Ke1p%V zf2`~5vMK*!_D-<9JgK%4AKy9CJLeISJMpi0V_ns^$s-8!Z z8~)8;$(@V*Lg8uS{9_p#OFRlgft5x1-puIRxN1?{m@yOe)pQvawF(_zxMGU+PF71P zM2!0kM!IUzDv)iqtB8j}mum8eF1BCw6R@6Th7$Rb3wFDCx;6(Dq_)b|viyo<6^S&u z9}Pr!j(leIp%bxx)sXV9T`H|2PZRbRy?-LX>##yM;ykExVEGQjS(4>t@iHT-Csx{H zr<(20$l9?o&@8$=;0~WHuO>JsLjnGZr}v|meL|LyRi*b&XX_->kYA#8K?>r_PmWu6#R$NePhHJhzWyMPC-uKon*Q8vrva_O zWMoA&Qxrm!<`Qw~Kd|K??T-}-jS5Wss9vhQ%O7t@E0{hBQU29K@w~n)dLCHNXc;rG z&V_VA=5oVppohAF1C&*zVXI$}T%C4g6|T9J&Hl?}+%xm0oiEk&<^7^kWAArlLm&)D z6uPlRk1f|0snA%LqyNJO|KisXIZB9aYqOsZ)iPnNvQO!ob2CxBbeZatrybAKa)Y-n zvr@x)Cw_9f`}>%Lb}ma?D9bu^RldDwXRoef(3>hM-+uw@rk%CgXBJhZSzqR|Eu5_N ze{Pz0SL%)ADa|6-YuLX&_3u|Lx9tA)C!YbLP$nQa#J`?jZa5b)N0ttcV|GJJ*UPcxF z;%Gy1!Yv@<5COVU6M2t$*9z5i{B@r;RXK+E{7w@HBruf{IJtn=O>)DGzAcQ6BUemx zr#xC@nw9#_@Glnd-w(4ZnG7B_{db)3TCC8O-$A9)l9%r50X;Tj~3$#QfwOZHDQ!3Nh;hhy8DO=kzVBJ^r>{lRkop*ck6gWy+lf6F(a>^ z_R)2#a+{qXOK14woaib$?JG4WUiz0qI^Gd5v2$(-k*o42+nt%$$>SO<01+uA6BU5* zFz;X7Hv@CUde{GlNt7xgAJ#}+@0JZ!tJeJ8J*4!au9*b&rEx0RGB-hh2>+K*x|;W4 zdl=Ez=;tK6B`k_sB#%`b2HKJ)J?O|tVS8dS9?4`HO~Jd*?+tg-8GACf=l!6y{csD5 zSrhYE{55{!5@#GXo`>l4ACB~ZBw zfbYizsSS9nE9b;Du(|cqpAPnq1M8R!>bZ4-Cd$>?y_<0O2{-s81N?yJ$M+-vR?o+U zDTIiMNGbceb3Y7v1U#hyAL#Jx z@UvaB3JPNxSVAvIr^CGS2Z!XC5kn=bEQuB-a7c(LY%9x3cUKA`tEyMf6sV5Q-7721 z5rw=@dM21VO}YZU;>kIw)v#geNa=hgckg%E=gwjzoE!q}Hw3fiCZJaC?E=m6DLlVB ze9Q5!d16(QfqiKD%m*lfyPckQi_TwN-}iZY1qx+7_)+m6d(?soD35y?J~>bJZ4rL< zr&FGk*0)~3Z0P-@1$KM1DeUC%d9CoV!G~W@e4i-{q`9HB3c@g*B(akGdkG zI=B~Jr1;Cp7g%|SA*qyw4@Z)lL!hCi&Jbvee_@Rw{Rqk^y@mBES6RGHo~~=R@`)hN zaoh%f@!SM#&?Bvso-mw3a1YvU*3kZmYy-8K|Mx^R5Hk|VFLFe<4D2l7c%APYZ;n?0 z9L1nFk>=6`s7fFi361W>0K+N*_!6YYcDKM?$m{YT)cQ+Vw ziY1Qvx)X{DiQ=m?M-&}b?2zYvQ>%jEIrO}?d_A_UoDut;ZydM~ECp&KIahPkL8E0; z`M^~tc9E4|bgk2~Pkvu%F)#gkCL(2WoeVF_tSrTI&~F~ z;%545vqv3jgQ+kQC9Qn_5AsNQQ&0lUzNAj}=l7c8SAgQuzLLJx4;OBle}BBvbyQnx zzU`ul>-}J95k!=$&abqHyotZzf2Y`x!C;9g{q%3B%kkH?<$=I!RZIA}9JhSlowxpdgpR`e4=>pwW9+9Dk-1b~C(iO=AZ#ilw} zr#%ym|8*D{2{$2FECD}>b4v+=xx;OZ__6a$;Ywj=M}IR8sW3vwMDTSiNrrsPLtnKV zvkDZIUnrfED=F@wt(SDEWRGkuGA0h5W7c{&gzOe>24RpQjKGG%DvDJY3BPCZXp{ZW z-!dhHE|5fbb-|coDRWZ#Y29}>36vf#eM8_xnVF)?sFWPi#ET^IzgzAkzy3c|iM51RPe*V{%)YHMHmDh03o(C4AZT?BYjFD{~x z@&*vovxWrd>*N3FqyN_r`j1iDAC1P2PRxo#E3X~a&G~T!j4@qxMa?ZyJ+RW|kv5l^ zWr@jk(UYYQsEmn+Yb^bE3aq@ekr9UpxbQ6A%=`x_EIKPmt(3s-(hQt&R-^g>KKKj> z0b_fFPzrkq_qOFtbwu9tQ!X0!w5*Ki@6POD9~`{v%~pz=q;3pBcN5hny>m z;Vc#Ydkpv=2hiVsRl)n5z-{iPP#Kf%?N}CJH>Q=;%~?MPryhRh;Vat@6RBR3&scTlecVB(`^Fgw~yCWY-cZ1X8gfB17Z|o z#0}bP2*-zAbK4b6lqvL)e(=W0@8(dvBX*kvH7pz3yhZ7(R3=h0 zw)SFNDL8wAj;@fc+i}m7<6WqTi~2+J?_nyZAZ&{+ZXtvH{7>|l;0g^j?e+gSKmWq4 zG6;N(=J+h*gW7f0uci%t@YbXoof2ZpO_{p(0T&GXoD`CT%f13>+0+g)@?`SX>K6eH zl*|r>bg8UXUiS`*_&y8r_+8C=V}$D4Ay8#{3OSk#S1}hIww-)o|Flp1LM&;%&GIk$ zM&%7Ql_5o?wt}wJb;H@`biC_!;8&EbrxT1?-*zc~X2NGq##S*G4+UX!2Kh1eBjXd)XG`-7TDiW3&9|cj8R4#0@=>?dZPl5d$)wz zuSy)xDa#vB-SS$}+}!H^D$G-v{FBcm*O=T)e(aQD)6AS9?zieEa7a8`)Q8rvLs+!G z=Ml(JzMVNtVr9AZbxJC!Eo+9e-BEdny?sK#f^l2-nc%+^&54{D}HmHK~! z?tSo4qq!emNj;*<(&$w0kIfnoF@!wFmNmIyi0gfTkH%j3y_53I`Uj^#?T(|IF)bje z(`JNI$Q+$}HNrQy2fKZao4?t6zxtf9u%8Sr#dPav*2};6RFJz4k;a4u8cD%Cs{t}h z8>>8Y=v%!QAg3ROV+!s8{jaR~o{@^C={|3}be_?rixLNG(}+~h6 zCpP3)k;tsvYMLc9!=C_)o)ifxilT4y2Py+$sA7$t5WYM-k}uD`f83+nuV8dM4vf?p zAGW@9bOYNSE7`JU*?IU}MDam}{A$Sibg0jNVgGdR67|>xoiT`3X>@_CF6))FsjG1^ zQFRB(DXoQ598%a&oD&08VuAL9`Ggd4J9G=;vp5H9wFVND4F5?PAkSjq*U(#VCA=A- zBEgwN-y18|D4Cm|8DW?N4Z%Y>Ss!~kxi>53HV8>_jqPM%^I?p=PaeNgj1?u7UN9#+ zfvPR8MsC`~)cH=VP)R+cWh3C=B%yCb@L*!Y;=`eNF6nfJxtMKCLrQ40o5$p|MPfwCrcAI1LfKMYhO#(F^l z^+PyHN_71@bOw4HK^~o!)E;!zv2{Lu!LE%8u2qEQ%2TmLNw74+vGU)d z79gD<-w(E^`dY_Nlomskl-$HTG|`$ZES5A1>rbTi&B2%Nx_vBrzv^giL#Z0FLUDe) z0x5i+v$R-7_Ag}MQXWU{`L{wMmhL#vih|S&m%d9T=4j$#L9<8ywq5@++!%=$GdAHf zG7UoLtOw-fMfdNrg57#D-3h^^4UeNg#M&2Pe|GS6MrRambbr~@Hq0onC8n^hT-Rn@ zkYDu_a6+1g*2VVL2IA4Zo8HsRF1c~CFKqg97#mb``76gc2A>_f!m?8}Y;9o4yQGJnX}UL!UHwjgyO9HcD0j-=RbSZ9#yB}V9h$UD6)Iki7G0_(h+|RCv1q65XYhU-lNO8D&MKH(*2QsC3dLIqw6tzqVQZahc%{5v3 zyDF{(HehM15~CYNTje7ERgA;V@yhs_b#94hnx=+zgxSpd0TH-=YFhc!JCj$F3x|G< z(~8)glSV3;B6jGO#Ai`j+X=*Jk@ud&uWqoQ))=$UxV|oiUQ=j#L0wr?>I67oXBtzu zMKv^EFW4EVM0Of;a`))2NMs8u++NV!zZP=Q z*clyb!k;sYQvEMhT0=2|Gr;d-_P6&1+t-(4DuW@X-|BR-xthu&j$zYnt~HPjl{dEL z?>N{=VpJSjS)z08l4mufCq{_xjU&vK_ak==LuPvCCgt3O1g*+j!n%+g?(ILKg60Q6 zsM(-ugZ2x#5>o*aYyEv{mS?+=o`4)&(l!0O_V7)X+HQ*V#-@Js*5zM!%l@k~@yS75 zgG9!%EWc-1hQ;Kss+~svIx^9-lTfN*=6#h&ZY}fZBks(r1j2-$y;Ni%EbZi3P3egP zKU8vd1Dyi%5Y*Z?m_ThWQD`Jd>GUjw%SEMGCMhpzy=E;j+Mlo3>i0BK)5o`RIY9El zO-A$0X-fn9JDdIsRgiVcK8>L^wO41u%4Wel-$JOgD=QwlP|ird59J>hD*XV=YoNh# ze+Os+PDvH5rFAki7j~BpD9uj;ll^bf@yJh00|wJ>kMp1}nFZBN z$9yn$D1GkbJt1?B&^i-!U6-5^516uw#R2t&2i)#xkazgL8TrcT2fgs7Y{h+_Y6#g( z+f-uh-X5H9cQJ=1?$6MRM`p29IJ=xzRbXXZwh!K`8;!t`-B;J6aFd@h;QR<{YbURk z1ab0xjA%+Z`NSMZwdzw7*D8bO-%}l)J9AvOa3A5`&pRwYLQd0X3uPz6HtIMUYy`lJ zt8zwF42jFX6j3Hee$;tcx?Bd$(~Tish(Ppx4iRG1ZFm_8;x#Ms#PQa$j)jQSy&rjr zib7lc##=b+jaU!f|B)6UqyJ;v4gz4Brb#_pNVw8(c1-(64Z6E66I}t!0lfz^03h0L z(EjEGTd!TKJ!QAV1=O4yo17fZfp#|DhRdx&(*v&&U-DNC%fU>i^-2rZYrLlS;PZ%K zfJAigP&&YPz0q4lQePT#7Qpp!-Qog+p-O{kz^Jjcg38afkd3pj?t3ZN24GsV5f8_u zM*=cGy2Mc25TgFh&2pM=4jAX*Y8G5NxXKc}%&LfQxn4chlE0=L)lFCar}xmGLv1e@ zi5<00n>W$x9ahPu)%`%hT>^mp`1jH11Q)1wB{?gfy;UzPg6Cw+AY!V2M|ROT3Q5@q z&YIItoJ#`h%#Pb*rQX3J4`gy>cMtScXe@%4GzyE*n7Tqfx8x`Oinh~z(eW{dNiPLw zdbW*fnTke_b(D`Uk>}Ef7HKpONLFZKYP;=LSqCyFg3nQw^E|imOojnWnkl_v%8wI6 z`haNHtuF#on8-o~UOwIeeG#8KuW5QL7AP-|B@$@eo|z*d&%yw z6(6A_qW(^Qx^C!^qc|$WyA=@j+(uJKalGAbxwYuB=EQMdM5+1y(NoXtaoX;jQ}o)o z)hhK%%U9_Q5$*M`ysQ4MO<)EuSdjl64j6eMhx}$k`Yiv0%byl1sc(f^8c{j@=6l<< zkeN&4Pwn1|^2=}2hV?t_AM2-;#uV3uR~R~CPt2JU0PCz91+246Mxem<8E|=7VhH_y zV$d@?F1)E8^OIy842LW@9A|0=6+LI%?wLu&mM?p6@uouPMsokDnG0TeT_r6=H)o=h zryY7gXKE6`_>nVs-5)Sa@yP%RQ=%D8A0>G!@)!aF^j-$&kc07luNs$m+H;d zM>n$Dr>aJ35&wwZTi+oYP-F^CVv6@XOYV+2`NWa79$`;s|M9ADTb9@nruQMG1Y6ae zzN>XCb`_0&tM|c}kbw$kRW*VKp^o23SeaxNEUue z37VJA7v4EHM4xv0a*a|52+y?r!E#(pO!KpKRLeS?{AH?uR?Hd-62%{(-Cls!K47|MrmL&MrA-E#|3zs)yH6@0*c*;wO2YDY-qr3N5A%ebg0&4}+9agpV_EQon2d{+A%z7n8ZdS2E|i zo!~;IA08#58eYg&)9o;=Q$IG?`~~cLQzNJ8ALXBqz4-2(L?4n<7L_L!YaEH1a@fxx z;NYG_g^d3OC0cx7dvsw$)^$V`{VUL(u3WRS$S`Z&-on|O{%g+3sM4`69aB>{O(B*^ zZMKmnX})VV1-q0JF4jIzhCxwT%Llgj1u$*Ux1vN&e%MMejtJSRCKV^ z%r2u10Z=Q8(}ZrJT$aMINinfA3DFo9>I)Jd!sX3@f! z_$FqXk|ixfP)O1>-cq2%VRt1mZ~RVfbiAh)5#IAS#~QfT?L79m#{3XI-A3gldRP$t zZY@ObdU;1{;qqI&G0DO`fQiWobFrzbW)6}psG^V5A`MaOmk!JMD{*DFf5D?3y;E`i<26g!?`qSLr263ANdKp2@tmUKp|Sp(q|V@ zRNu_`Tb;a%TcV5OY`D)~lXHZ(i?3K=#&oYI?CVB%6IKiBO%hbLB3}fo+RKf1qGYG@ zs>E#V#o7`^Wz_KgKuM@qZ`0JuxMjt*$Rjdw<#4wI0L@+N@A6$>EvYBI|Fd8hYkC7? z|LjvR|7ybey~s0BgV2-jq}@ucV=?X`ewY@D6w(2oMO)VMLn8IA?9y|&jsUq5$F!6| zjx9Hv_#*yHivg8cu5^Ht~9J^>^&cjOAE#KhbONi_*!0_1;xUJm*R;Hgdu2249RYVEh1~U%9Jx8k^1LH^VS_(v?giGjeUT6p$K!tfZ z0cViFnSv+V67AVNcW>x}!2X&?36mKqDt&Z!@%Ds|FA}K0YFiw}EmEn|cNk3A9MGCW zr0=rym0&0hxGb=xB$+eUHQSL>zUs!zQ*K6oy4>7p=f@q>dPcoxJlSh2E6nj)S9v$Jo4>dGe(SzA#v&0O7->avQcMn$AkJ0G$^q88nZp`3E*xNO; zq@{_Y}W%&u^gUU_D$ZB_~CQ?_Sx<5l3Ew+Y}(^x~NpB1;`Re~)aOh!HgojRG0!liwqc z9@3*TEIOb(4v~sjeJlu5*rVCNq(H~LI{nd9X zQr+w2chtty2m8@5pD1L7iSvViThZvIAHh-Vw-g<1mI8XaH8{L(m(syd!w~cRoAo7q zsyJ7r>L0m-xfhXlBmLtRLP3K#O@vQ6rXmcU27Gl7F$h&KSX@M3cD7HtWakN33ZSR% zupN{7LQw~2v=};4HM;&xs$_Ab%BfW(-AYJSfbCIReNuj%YKT?Hg9wR+Ul3AS#U(`)s(d)XAr%L0+H(xR{`~%V zFW!#On?A*-+Vq4e9S?9w(&{^1R>t14If`6Z(^vLW%w1bFR43mgX#!(^jF+iGE@L%0 zrq@$E$%pXzMbEV$)yvRkzQ|WjV!bXW{A-uXGZ`XX6mS+LlXWU5PP0AgsC6yJfty|n zLTXzDE~i6U&XTuFL7IDJ5R#7&oHrN7M7kcN?^8$D5S^)uIAx*3 z!w)&uFt?1mk=KliBi2ZJ@n-ox=pU@R>P&j=f!Bog2%HTb45rT7OH&|pX1tVW+;38t&!5!aas>z&TW28B1eHztvv(W*G?)#Pc2;eP+~jDpBm=2B;O=IEdVL5ao5~_MqHd)&2BW$vh-@T9;7$vxQ2RpT^8X{ z#8V5$Xj9a)OU1E@-$&=jErJ2y2`gKQCHc0q1Rxt&o0gYH-e1k3`3((k&*wb6H|bZg zf{VA>K%q9t;f-mJlgj0AlcfI7WfAyqc6PV`{E8Vqp3-9P;lTWl-Y0Na>{Jy>IoX#9qUKRpJERSRFkTcksf>luI*FLMaP{7 zN@`gOzUR{4cfI$%v#z0DqitU^Hs{zSEVV@Ueq~X;Y8Xx5B*QtaGE{JqZx(2@mp5CT z69%*Ej@g(R-k)>*IKQSk%LZaAj^H7>hP!trm(PgwrI3dwwu>OEZat{t4~=>UY`ZBg zN5lT;(z+)Ak#;o^j1jg1lWAIBbYRxEk-_1jITJ0 zQa5yrB#jdq>sLE0%y~e=>&Njyo8khpNBE}0x$|bcvF2^kAej|m43IpkI`Qxwjoilf zW$reV*d+aZmXwI7<RRd_;%`$EP|@zaV;H_job%aL=g)wr@COn4o8}L9fIWJ1adK ze`t=rWwzCS(=$t=)dfyn3>{ySk-S)&RUq!_b*FzATA*`8eX+>~()CNw5*kDJWT9en zSjP~+jkH_%wnkfoGTe&DQm~{kup4z!-tO(@Pm(&A^xrIYx+}CE2D!v~Q=I`FpvE_` zf@c%M*8{`nq>2j(Oi_o=8VL$SYMn0Uaa{Pr-#RbSa(!*ilxUWCw4mgC^LFQlcLmCw zv%TnA1p`63!#vCCt6%j)m#5zeniy0ehQc?0bo4SCf`*}^RJ)uw()y{O@Y(%~ZF1`2 z2}7cjZ!&wkgjzsACfCIvzK7aT)mk+y%)ZiKw#VK<>KlXNb9ycUb126kqy00#8veq^ z6B1S@jQYs^Eh7sw&TH#(24+^#JrW^R??Hh;u$JNAvc;a(B;yzDaOc>Im+n%|pohPn z`W(1lN5wl+ORR;5^pPHVpVi@XdQ#0azS93{kakx6!;2&HsPtp<236J^tv5)z`x~=m6jP zI&Fmcd}q;b#qN00b!cnfbF?;uei8oIg*@EFl{Zx7`rYj8a&007xMvwXX>sT$fXfqe94FX8pw%w95M3h79RL%8`Vqv@0N+-BA(4mzA!J$^k> z5`=}fo#`zpvD|)^`@9q{WZ|>FudnaJ?$~Qb9GCg(Izds2ZmU_iwn~@Bi2N|zz?+r@ z$`al|^yP?;y0dDC74IVHH{|EHd6>#i{-VRB74Lb}+Eoh*|GhPL1-&d_GAC?0|J&ZM z2wb_{(A?u=OM8z3+tgu()j(3i?-k*+PxCrmX2FiBE)_%xH1_M?Q&3z2Dnqj5QB%+m z>LQY^J^9_7TP$(zC1D(wxXXf{MY`kMc?U~qW;R`Q7Mea}AgjM@svATx9(g9IPYVps zvOircer9Sg7S{33Kw!pPoUM(U&vuQRw-VOcl4jua$83l?4FVIktPIP$c(s@;vX zU0@VCaovgvCf7Xv>AXC`xb*8J8f?{N$J0BUcfO-RS4jMnP4jP2&kay%Uoj)D$&vEarcfTXSqTXs&22LJ!RklkWetNZ)yq;yL zeo=kJV3W?@WO3ViFyt!UvtHAG=1Hw<0u;g$M^NKn@6V(of< zt0PEuvb!L#KF6``3Vs}TyVywtc7*c9R`zpuIngH|JhqZ7itX~mn=KAYrn_Pdi9BA$ z72P$4Q$rg2^z@=ys*%@w&cl-yVvei!omAH1G`L1%Qazo25?U}0)z{NW-W{Z3acu3=ZmmPeIw~ zJYORk);77H=Z%V9mdVfXBR68Ma>jXcvAjrh&bve$F$!-cjwxmR2#8cu6~AxehNOsH z|5%V#K&&ZU7CqNtfiw5a@a&>~)&gb>zT!&!OihPlgEZwls>b@n55x z-{W+>yfw&P?!I>Rc-R%e-e^!7o=2XyJbGQ`^)Y=}+Zxq^_?QOg^04{p8nctH29&ss zTEQr8EeV&tW2N_-rF<}~oSOrcOK(=lzj}A$Jct6KtV7DrzZ$7eK4~R2bZl%!?O+d= zuO#z-U#u1?D1oBLj7xYlW*1&gS8f!(rLzB`7;A0FUF%rHRUs;GSF>+@_gciNI$rdq zDag*Mx`lbD`f9)?lnhMLV4q>A9ihE`jb(~4$rhSHC`IG28$Hp*-1mykB~RBk*=ps` zO2|OBody~QXFORId;o@)TU1Ybc0&30+f8-0FF8*oW>yG(a7BVJDbphjcxlw5;;hfdn-gMXU z&+(X7@*$P`oqROsXHatcQ86^azIYi|vrL>G#v_-k%O^hf4QLGTs*1YAEQ|*Far?HR z2Lr)?&w|Lr2(G&QO58CUPCB7843xL%UQQAdwvdtT9?xYI6qvdzzRG~4*q?o}QKKiX z8gNl&ji7)i^IMDM`^t@d*HnvD=Fj@0;YK=I%vyE5SFxIF?-AjnDRcLatr`vhmavZF z_8wgF1vh}A(}my^$YIT2T7x|$_c<4%MU31|0WWZgbFeWG69#}$ShL8|j{AvLx+Pqg zxmX>_`s>yNBt4Hk0F|&+rAcYxE~QW_!X!J-))98&p42A@I3tX(-MsI#d!ov0jsqCm z2sdy-1_1pDU)~eJ`z8bq%_FBi`qF=L8N(+_z`~fVsFN5VOtVu8&(Bht<^ZdvU*?gc z%xFuedR*G89LfTIKc zR+SEofG?ESr8Ix<;OVG8Hg>;IC!XZrw>H$tyEB|IR>y`gv~tAlt1fN4N#$K|uMmtv zkVTXhmmT+Ei8zN5LAmRf2mG>_&TRO?>~(}LdX@Hy%2pZ}7ghm|k(`sIxAYG4o7DlX zedlgLlM_aCC3p1~=Zsj{bsCbU(C??|r&@oKW|v?^mWyg!`C?rI4Pn zc6z!gDBB$ZJeO{X}ebbIK9}N zHL<>%wQqKPvB4Aq>ntuD9)Fl@6m=^FE}_VBfJXJ?YEUC1^8WQ21==WyO`}~Gqz!cq z3W!d{RH!#?sbQfhW4{&JyAuPU7hYU9*6abJsB~UOnm<%e!2^rJpeGK6Us-K=S zNbC^XD3`PTG>Dl;JJbFkb-%JquEi=PU3tMh6ajC((L8Hx*mD$a5rxm>>>I*XHC+MG zuHCySDjzbkvABE&bm@e%2^Yq=NqF-Im0oeO zQ1G#_lYEm|8(KML7t;jmdWKd$vK-XV#(NP8-)X)4@_lFL0kutp=eVMh*|bp0TM=dr zJDft}zNoIR_D6gI2Pha+$Dv0@&#x;*?)w22dvJTg94vndI<{(b;?&=RgSP9w(Qln2 z3EgoJ`KsJzU8}l|h*mSwkGznYakhG>w92zk(QHkwbJJHd4uWf?odH5*#aY+RX#hNi znoZA?)FpC1Q&M;kLHKm}_oI}K#5@*< zIGg^rGqLqfRiklf5u#A=-ilZvkBE+AT<-di*Z^+XZxNyT>ivBfnrklVzctj=?n}saAbk_ubNK`xwOB!S=_&M?ao!{TVaK0s8^L?La}MLG z=5E4mHhprwHxrkf{y8OUN#^sr%dt>V6CE3^yW}%{>z?!iovu`!uet!i=dw^|Ss?Jr zPREdFH&*7ni*NB&;E~nr@Xoua0Cy14)m-d81skAQ@jN9EF8FyqH~gPhEpnt9CykmJ z+9s>q7=Op_iSzgo*A0y8koaspgW26zW&!Ad+52|FIVcsUa;vP~lIRa{KLd&c5-2^* zQi(AbS5#O+;|0c8O4TbX-r4Cn<(jCEBjYKk6R#L+Ui6+HX5$;mkkIeQs@g={f=1)* zPb1j1rDVa)KP=j*XmYqfjDAJmpWgd3+fIy9GNVW zM9N;zEm3UB9wHRlFMw^d5liw?1W-hiim6)Z9pRBMP0h6Pe$VE_y5vYQnAgR@yn>d` zYA66FRFYjAyl0S}R0X$D^L|=^;tI;G95#km!x{ zYId|&eDnwnU6gqt-b+<%3OXZ8fG*#O`oz6zM`1c5tUl?fX%_nn@E(xa-YK$jdb9_# zEv3{ec1j!K-%AIE8aqg<{iFGVA0et|iW9AL34W3>%QH7cIIAfRybg6DvDn*AAgEnq zP$9P8>rW{f@u>=FJ(*gany^e~Su>Qzovd-D7IvZzsSDs~XAHSLsJv7)NVNdfuW2C+ zX9w3O8*$h-@DO%p4HTCXqj9F@9vpk?P?RGKfpwpg7Yi)(qVdBv7j`R~g8LA=By*i% zr)kW&T6B2Qi!dE;YHTY4MW{A-kjj4|8T>-zL_^usbGIrC-K8G6p|ta6$lVA26zTb3 z>VUr|uW{NkzVaY<5JZFRpA$+$%*ZClvel8#F@x4z#!AIsjjR94nzinKM-DQbyg%~b3J9BJt_wfuT2 z94+!fyQWe@^Ud=wHB8CTf2)Z|M?Vl%G(5n8qoaY-ESnD6u}lfS@ZGi(G_%7o#nJ)| z8#Dx)fSLdO+P$M}bXYJ#~zbmVILtHVbsckiO)li;#$8lU+o24nKg6KZFb;)!vhk-QE|&pKVzii%@}mOxI!bjc1ra zsWq_>;*>85f8I7U)7k(S@Vb`k ziTkr?`2cB!y3F6i0Ex zA#XT57ayLXr&^SlHGh0Tr9+m7v18z@U85rth#w(K;*_M7w89l#5reS-bciHSPP2WP z8a5Jf!Lc2m2v;fQIH8}w@fRzfKfDccya9I7c=#+mm)&H2PAs+7jV@egqHg07r#n@# z!3WZRAhDlQYiMaN+fc*>K<3HZ7Ua_b2d5%kZ@i|Es*_3)%}| z9IaW*Q*md+PSe4lSkb3gC#Z0q8TV~JuVLfY8RbOsMQ?QZ$0wH=vs z??IWZ^q5%%gx|wkIK6z82uQ@+pUGtso;waaqCK!W`P>>s`%<1Eo}o)l4n7AkiRgb5 zyk&j@Q?pCei?7j%7buN`6Sl4#5HJow>f!Xff^X1CesVc&1g(fj-qG`Qsizm&W0H{4 z9!d)CefauN@*BK9FQBgwZgmqzwWDzLkqeE^OThUxvv`C%=|a#Ui7@JB5AO2rYrjm& z;NY8XcdRfH_D%jSVse?F_k4Crb0=OLO{c0YeC@JbB#UoG9#3!EuXo~|q;80GFX#;l zV&T~86?7nXkd>3(;J&$gUF87qQNvoyDN7!QZ+co9U>@Gp_+Il52N(zl@p`U;o@8B@ zdpT3gM104THg@PN`%&#Iucw3Mh0lp){NA&JY<>}S)@RXq_Z}v!-QydV zzje}1mGuxc?#lZp@?dPl)ak2kQU5kFChUDQEX_7v@}fq>>sA4!hD`fx+@!3lH#{kg z?8%_d_H8s*Q(8Dpki?ogce{o?KKoEdyObJuOTyJv^v+nWFIX%h3F_z)T8Ea!dyg(q zBnt2jT$qsSFE^tj6+$fJ#{i$f- zu>md>k!tZ?v@=stn~BEEMT#mX?Lhw^WRw&HFZZ{uKLjKbfsV%6T&tCuas!6{yl)M5 z;*PViMXq)ZFc$vY1&R_?te%_zWkM&1!Mn0XfVSHlkoglKXqhA$*2bW13v-9sS)DPI zk8UycaCSqi#?6VEB2fK(iIXE`FJ!#!qX24&h_dc`8j-7Ti609LCf@FM+SX#C5CjNS z_l%3V4M__pBJYWV5}vHRN!-pnYkwU}X=C{qGja#Q1h)SUPM|&X1?jxr+!-%p*Ecu< zs2#6WA+B^~w;jDLLcG4PpOLza_h$l0p`g@MnVDN&^$U%&Q2_Zowz-|fUGXEBXCD?b zIml(Icx+q2rMgu1QrnGv8{$)Eg4Z=t?TLz{1-7piBwIb};)=itS9sGAMHy{P9!M13 znkoyOA%DuL*s||hTBx%o5;XK%VF{^=?uM(x?fVk%+C492hIrqII!I!_qfZztXNus0 z`a~7zM=8bK4=H(J$ia^Unh}i>E?V>>H2xXE8pT0>B2ywhp>>k{u0(54!1YsI4YP`2 za8X;P_k^p&9C9kZgI(W-zY8NsH67dpuzdE#2t%~ya7{cFi#aYtFD&$oY|Uii(UoKp zGEdmgikIOfh}5YYFd@j8!tB;=UJ}T_Ov7M6pMB0k+GJBs-M+G5{OkhkiT{e8z`-hL z01}82ea4<@7UF#W?Sg%I@b&RrtY?I4aN39EW}ETgl?kA2xleNC`#@gpA5FO5sr`zV z5^obs8%_{fjypZQ(z@xI)TKom*tV>e)#&#Qh&~=&DAZ+3uxz|Q>&bo!waVaQZu$+B znvYyNori9F#yfWP?L=g7<>Q9al;g=8%5K`x|3B#MO*G4bsVfymPRz~zDlqk%I6n4P zi*_T-(9yTZZ+K0Z+7pCQPmU{tG`1CcyQ!@0P(W>WUn>xqIFGGU*W4T`e`gf+*vF|pH!;nsr zcFuR~JhD~zOAigxFFQTLm(Y<^?Vj4QNb2s+wnC;vJbRU~K%X}BT_cpB0Wwq+oG&UE zc)N_T5^PnTaZ`$fV3O6o)t-Dr6^;Q%6>VgBLuNy@!29-m%YsJ*T>P3t`KkT{8S0S7 z9*U=9kRO@Ku2b<6`U{wtmt*k}uYf04gh`K_FDL)=-H3$Ed3}W`(h`~U`B(Pge4u?6 z-Njzl5;Bsd$jA%VDZxIcxg+_9R|;^{f8kHLsTLFH=>Z#J>#l^Lu0W^vjB4vp_F$6Z zl}F!{31)G_jSaJW=am-(3l5&gOf+pL=i;W|sLji44uQTs@16a?g^Lz&bM<7VrFPvo zDO}9)dWRoEdbi|2lJU(y3y^b5SzaE z$`jT!_pR$^%4$VBKO6ya&+A$z=qYTUH&@?-bJ!8LJoglqF3_p{nWt1&f*W^apApfd zr=@v8N$0+2xN6*8gzr0U)gS%LWrF|KhNN~ll6MQ#3Z2H0q zx^Jw7BPz|xJ=wSW##U;lG_|}|F-c*HgDCn9%fGP?)pVXXJCaA=;3s!`ri$boRdavW zw9nVlI+d=1k|r&qUo(xZlJ}3|3HHdf6Z1PG8e#j*;8~$G&B}UC6VXudr&K$*EndFA z9qHPk^Qd_>@nkLUdxOfgW}aCJ$DL+Gyobhz8e1lq|F`?BW^=H@(iFytiTy1_p_)yKMX~f&Ok?#F2&>(gLVn~ivjqkzD<2&v8 zj3UT@r8#0ocL-icNN3fw2(`BTvftTfj#4Wf^d_diB*kpQ@(CJoxGpkQmI(grV+V)! zR!M5ZkQgL0`J{NUP8G8Eqi#>fE|N)A`Ooa>!kZu?q-cb9#VjuRCjy&`t1p0jl(yCh zS*d%^?VOg}dcQ~2iv@0d7*H%_|aHDxbP+!s}=K4!BDO2RE2<6VvOl&?f z2^muH>{Gikg7OX*aM|z$NfO=v39mEs2C=swau;)wzP)dRfyQ-G?0cELc6!P2brR(p zRQYSWkGDYwA0<~kBq!og--o?g3a4pRM#QkdLjd9-a1XC%h0h1BCaK&`F4A2P!3Fr@ zlU7)+|8Zx9l&-&lGOFmw(xJn)`V%fUoy#aR@(V4UL!q#7w@nK}5F5wsO5lY0YYV4> zviiZc01A5Lqz$QeP1p5F&`j>%-BN81e+!Wn(k%$D-l1LnR_+;J?)0k+Gz6?(C;(Et zol1fMqXBX(OPGd<`p$#T_Z8*SF*zE`*iuHNjCc{qd28pYm2grQ*uA(K4ITonq4o0}S=f|9n)RqsG^&{7Zjam`z*I!nKD+F0jB5W^$3 z5pwvHL+&uodjRG^KoV7`zL#8TQamZ1C6zc4JGiIPGFJ|?kNlO^z`H(2Fma(UDJ+cM zS!_*O*3F@;MrQInGoQ9vqaA@(P7Ub*sgRSg=2vx<7X)a%ZhA8%cXfA~1iVlK#$&doU9OAU3V?yfy%TtPHrsnw;j6AKkbfnDM6| z8r@;Bxj-pA{T8y)jEPiQby(Z7PU~jQ$%JZ6JU8{#|K1^@$K9TK$QL=4$s_pb5W%_c z!A=|Ij^w}4Q-M*lXa)A8i{OeqalJ*Bfrn-BKzkJx>ZNQ-1F zWdM(Q$LBE$s$AMS_NiL9**UeV<|lgce8qr0-m&UVm1#BoRth1}|?}Rel@%{8+RFS%fMA zCtaN3=Z0GG$<3fgoc^zJ8Q|{nNiPC}2tB)>0PcgX>6yGBiskNfAsI8Td$ zTj7**-kp=oKz{!WV27%Yz5v>&D=E#?ce0Tq+CeS=o7e!H5>}<}RUCl#_D5gdFMIt6 zIU4l2yrH%V=^E+ijpjK?jk?PWQ}THz57YeWPoDjA_LVK}sif%J!Y2^1En|--^tO@C zNI!E?Z9*}%TzAP4Znx{4CCl|cRCCo}K|2cMCWu=&=M!YtRgV*T-f=yD%{MWjj2yUr zjKAh6`@%lq>04YoTGhqYA@BA#xd({3wYR>>xb&ej2+(v>Gy|b*hP>&XMIGH7rtRNF zL&}H=Jr#65#cgM2L_Y+;rjg!1ieN;TlaXgZBg-!MD*vynD0_#41l1gh{W?!%av&`?7D~4xfinJ?pS@od$o zAh=cn#`&*B!PaBxg282m(VfE<{j^C$-LuY-fI82sBW6O351{RxRjv!6UvZsoBy#Xr zJR{PNZgw0xtKx1tjqpjTlq{6{Um6x3cm4I}ics4;q3yWLsO1YQe()Y&9H=8%f1u?~ zKotABXTLZ5xAKHc3%S`{8=&98GO7q$-|y>j6P8L8ZZc7Ha!O3T254Upjs*yNP@(`@ zr*6ONtxRQ5c}~<3EpUsi()Q9SrdH*4eAcKpRT=h>!DQ1~m4SG>w5ukeIhM(HTs%xj zKRe*BvivvE{`Kc6&7v}4#MH2QtRg= zyF$H`fopAh_?mLjlkT#gP5}<4nHV{7t+C44=Yksvr@MqID+u2|r%{l6MUhOX(zfB8 z!D}rb4Y_3mmU&Cr^2uuW?Mt{7lOXD^6o{9-N=ao5&GE!7Q?Dg#dkvt1D5K||w@-6w zkU#rA#4QS6A(&oxvx2P_sP$ZwZAQ4+#Fu0{=}M|NJu}&~HY6 zfSRkOC6OX8)TAy^_&HujbX4{X^UY1UhuJ|HH}n0v*=T~wsiLv_YO2L(sfx%aT>9X> z!w2Zrc~+L&j|~Z13v~Z&y~DGTlT=B(W{##hq_j!f8(}O%geZ>I<0rUL1Glky!SAJi zDEJ<`(eB@h6tytq-GEzz|AA<-GL1B41?s5|q`!4bEz47n|I&6&s>blMUQq5p3546g z6eHcM9F#7)g7xu3rm(PwAQgIHp1N1Z{EdrI;Wqtw3Xr8c_r7tH_6E8&!Lq53e2Cbh zt?)bL0>JToycal5+9pH%uEeQ$xuJT7+g@8*2KL{YT7u7NR$~`%FX8Q&|HqI28uIM? zThx%cIflJQk>UFqLgyIQ95ox^<->{c`8VtIkBZ1B-Lx172`osdBfz`_D zS`n;m6l2^P;Ve8vk81n)l&O?sd49O#O4q6H0L|y=U+mU@dg~usoe=Lh^Jf&eErOp# ztTCi@vm0-4y#b<|XOeq7u62F$OI4%OSIe(6!0r2e**fKrOpD=KNZ8tN7gLv26&y(} zRte#U%qyyEWw;g<3&<27-=;v%>;(5#T5^M!RI0$-g2H9!JZ1^3dP69LMuG$J|^_^ zv76}DgUka7IE|I3M3Z>s-O9i5Y|Su%98=#mYW7K@K6{|!Eyf8)sYg%@J)WX+=qnx; zh3hF%s#aYPBhpK?+#jDnn!1;>%iHQ~2Vk#c?3g@VU3&P5Cn?wx)HD+*5IOhhocyw5 z!Lrs3?8IJDqMnTmP==pgdforvp&2pwn;Tx z4>1$n+;Ki81j6;$xfr=DQ)0>Cb^#>KPYQL&;c*uTq}0KFIpOW|a4e>IT;rbznkeu^ z7Xyoi&8}{1B=4Gg>8d9+$8_r^DJtVs*XmM%q5uhZJn2kxLhaevqDwmI<(JacbFH)F z-|k)UY~B{Z2ueSDpeOdboBjV0@J-stT>=3X_47x#< z!tbC0K&d%B24z>RS-+Y$h{Y8BxB)9Tc}n8th1&l=Z7_d#=>G~v(~nNyfINgbN%c%; zN=DYv0;NW85o?JEBO$&inpt!WvjO0;^wHped3UokgvTAZjZ+uPk1>9jOOWd@Wl|uI zxf30$a168*izr+HAPGnPE)q(NUR4vMwT^LaIuFC)JciNAG@(EJ%H(t3=v^08p4RpL zEasgWJgs~RJPX_^?j#}=5saij1vA~P#6nKCjd^oGm!Nx=?tD+@z5G39_NG@@QpJW*qftmpHahri*KXgjOEI?+SB$I&W&h z&dCtvs^1fvOt7HxL@)&Pf@#0v%a$Jd*xMdcWnavk=NoHXvf~f>YUIZ9m1SB)3@L|C zG|n=#SKV3TW&VLVkH?pFdlx6ydAB4~0ohU^g*;XCqMNPY;IC>W-yvBMp$Y6br$Qb}hIbGYNC zr!8`-hLuXdIlXqdE7^+`mQl0QLpWXKcicwrg4NmsDn(oylf)q#Fl|YKp!z$n2W-%P zV3u5dt$cp6gvBZdZ8`gg8>aBn`S1Q-vpO^h8o~y`TcG7$K7%C5S*++jC1|?WAd^=P z{8eZ-c1W5T^>sh~tgv#1f)qmMQpi@c%oWWR69x6D zdznDvs>Ql%r#1Q;Qqp-%qD=W%V+L{r6tE)s(hcC*_+sjW52Xk+Td%USw6Zt$9K?pT z)?}i34oF!c|6nVubif-Ysrf3dP9XfTQ!amx$S%0`rN3zVsI}EODdZwfLpV0?PNKYg zSbItxEM%pTtjW9!DeB4@6#-(vg&)v}6OwpVPB0#8j7FUcjXILi+36?m4xgvwkAcQF zfoF6{!&j%w#i(me{UY! zmH|by9sd)X#*Ns^?jO}q9#h*y^J@Wt`iU*L1=ue|?>od+2bxD#WZ+}xUI!*jgt7X*4eQeArUgYQK=f2}H zjv-os5$BPv1cr`a(3eV#H{RJ4KhCN;i$6KMLzhF~*gz@tkN!swcedHD0?{p0{_REU z{Oj%x_9!fp=0M3|#vi3MGB(%-EabGu?8!?fNUxe_3Siq*MxdQ8YSV-BX{*LgRCW zHoxLn*erB|sfo0v9#l--B&34mSoaf2<5R->f8gB`^z34qyM5Wk5nziH?ky891AxyZ+=PkIBgGI>o?B!oARLdhbLq_Zv5UZoo)rF!(qb)sXHZ13HaY;fP z_tKAzbhvF!$2BSjk6|>iDrZ*eo+h|T&Ile>VOJHdyX)n4Ms9g;xO;G>H=7=sJ!qB{ zc1Y^(CEkk5ez97LwtjDMpp;=NSa5X@zG%jaIgI91_-4e(t->wPzkm?cNlzQ2!1zkP z)u}5dVC9&po}6g8>|4@z{MV!?0n~V?acv0SETtmx(2-xRqaVy)EI{?Et^u&_xx9v9 z(T(}$13iw5-I4-*jRt`A&UJt8T0JEl0Qdfnp5ecJtR(nyMf$qnimXTTc#cVEF|U=G za`c9Kb#K8aL~X9?+$cn1bkLn&?p;fBW0FR_2~IV%=$%Em%cLCc$a1Nm|T-Nrax&D@_2tJ|6^yla6Z< z>CuOKK|R?`_N7z0?#m5RQ_+Ds$|DHzpJHYagJkg5dnC!mXKLhXo}qDYD#xU|E{@aX z4@XDP9bk+b$o)M7@aK|#U#ieU^;@i`n#c1c%f2LTpOL^}NO@U#vL-XR})NCKs#`=Fe zd^%#h%|db>eBt?6&TzkqlBOd96uqmIZ6zCk>%&h$uU3ZChCkr^Wz{??-d$OD>dpLs zZjYY7URbu6!Xx;hC;S6}cKIdHMXOEv3F?vpjP`qj-&)|;K6T6Z3%n?`kW77aR z!~Ydl0#w+qGER9i^pAu+fNu349k@$t$SjL_Bs9fgE~?S z#FGcSI%Te{nJOuW#&w_G>y{HLIiFyH42dz?p=Mk4y6~8JE8|<=n${;x=kA?QJR@au zbn3l-6lou$sWm?Hp@pq{-~w;#HNe^Mf0#TVN|qN#DtO!ySW~pBAWAO&xaIvdj|jw> ztfdpr3QTeeS1depilpFj$;$q_cwUMNi=4aj67nFmqZs@|haUlC%7V#Y)eK1tH-UQF zQLysVJbNwUA5mn({%c1&B=fA1EL%eDr(7eUuBy zMf;DX7QxW=e6rIj?C0em;R`}W!b=f~;KW!`Vd$feFyQqkBt*a!Ot zoi~|P^3?qhkGbXGi@(<6qc--6ym^bv>M?@o%#SY2gsv;wh9leO7q}Ws{qY?qvNO$V z+OsHgRCiV86S9x4*%kFJW=)Feeuxx|E$=-M@A7MQ#G-MZdlkwD?eiFDKz2ZieAX&s zkz0&?)o-LT)@BT#KJ`fitZhVM>bWWDElQ0bHYkF0Q%c;(w#Gj(6tVj`MUOp)&H0IN za5$)*#$01=@a@US-f&lv(Is4&l(%#;zFV*JHX9@8x?W>C=~kI+Z*}ihHd_pSZeWLd z#T2@-$%7DBZOh~=AO%&~rhyG_LVTX&$&G#(J%vA&E9*q_Ry(C9bW;+ecH)W=6s6M< zJJ`93%;!xHdrTceUnuZvRBzD0D&q)Q+cf93a#KQE*c$cO3_TmZ+dqu9{wHdT`gMIp zx$MTjyjhx5o3UM9e*^IZMAk>l8N*029 zA|R9wu$!prEf`QI)0?_LO_T!xE@*$y35Oo&g`z&;B(k->rjBU*Px3`OI@ zuGUxooBr%9Q>qrlOZ#^53c-gbyXQJ7tE(uJJOp`ywG~#Ywd2#*87Tq`w6I#ZKR07^C`3iroOL~>J{?JJU6sGTKdDY|55 z9L^cE-v$%4ydsslEYZ;*bnHn`x`Zx6v{ zPYC*Dio_0=@Pm{c3-#vSsT;nd{~hmuGrTq6 zo&m#&KX6uODUXDHaAE1HuxHhh>Je*H+5wNRVi;BKkB-8aSzom{R%RxS$izVB;fdaq z=T6}9DWW^h`_jHB+T*>^g4jRZh12;t#i&90#<7%0k{*HoxzTxn!S*=5B~dHGxuTf0 z!8XjFN@6II13Qj^A?WRiTB|X$Y&&CKs7x(-yEE^si~zEhn5foHV#7CY0K@^YGoB%V zEP;~&o-nexP3cbNyi_Od<&o6CiLf-@CD8Auai?$DXC&RNI6wW0Z4l9%VDH6Mpg z*ebTJ(y~k#GSg`Kncm*)wbH>;kC#PCZv+2Sk$6soTVO_axdaHL_FJqEg@XYIg)Y_Uf8{qh zV_&5BGF&~Z>3C`-W@pbYOHlNpK_eTc(+CPqJtFlti!UP@X zz0NFO@-}H<)4t*u^TV8t?>CJx$WsQSRn4%iOdRwMZTH={pT5}MbV}T0DqXc#f8vH% zZ=1*9P}5X)@P%a96yv;GjE&HDf484b^U9Ub-cCXaRnaH%@HLe^L?>-3EN2wWp&BnBX2L_-ZTIAVXFH=CDri5(dHiJ!9@~2UJ zn!?hbH66Qa&{``?tSQ}E*A}hI)HUQ_Qt{o&%_5}8C+_)Bb;hr>2e}g>vH;#DUS8)>11dB4LSS`l;`Cp((`W(xy;dfBM}`-Sq~KzYkfp!x+~Tl<`@k-CC!s74eNZe zBfT=nx2JOL!n1b1%pWfu;(u~xbNf^FB`@vp?>l=S(-&>$l0`NM+IdH4V*S?_hv(m+ zK#fSLEV%XvYI?Kp=wVTm^soMw);j|9(wF){8fV8JeAr1=HT+YgJG8FB~1fq;S z^7@8hZ?<9Cj^3~`Pa+7Ow7jP>uTzvjF_PQkXVR(oaF#iu8hfzIjZ_ix0u7Vfm5${s zb3%r@rI;%s{iG4YRA2} z0cS37X)@%W|4T)VKwjKvl(J{JHu=y%F_(t}vrOGgmKZM1o9HDlHzARLm9J4}^bN;e z0Vg?f3*NWIPM4~bn**IznK|z~QyX7Qoky*HE*YOVn>j`nboh)EQZ-qXka_E2@`w8` z%GAm({e;a~(hch%FW59juHjZ-%00Cpovg-}BkRaKhJPkKg_(IyeZx#m(4IA;kx1k!lg#+16WLn!TEpISz;0T1DR^P|mWXM{lRss%%=-NOm zhRiNiW~Cw3S=S%WZ-F@)~UR*O;fr%Q9UxfZ2*I;)DO z^jGAv${>4AN?@JWhWL~twPDWa34S#0cNN)e3lD#QUh1BVR0clg#*LrM<^{n` z)ZLSa6odv6tFi&?$(*KJ^xipR@Wep^m9PPD15I@aZ5|a?Xj%I8Q%)(eOoE4QZRI_~ ztGk~n1*@O@pCPePGV=5dHCIaY)%=={W2`Vs!`H)f?`w%@YSd|0*%VWO+u&YHi_yC& zPC8Q@p|a}y+bafZ`4PlmE^36;Hk`)RP)}_^4LxMBNfb!cM>X8@JHMSInOOKsZKaah#xj=J;+OGEEORv;dx#xq-S-r4(r}>L z+IMfXXDhyaCeWvTOLJ}aQ-xssKfDD>_${=p)wMkXL}_~-99ikFPn9ROC!DP`4M2@% zOu#cp=fgpyG-@Lc5>>C8;vAnz4uqX4wNbpusjO(&VG?U+-nPEe!sf!Ai#~Rd{4@)mWnUSFg9xH@$YnanocbYIa@}K* zkgK`|^jk+QtF0RMy0aFj73aLo?p>A1s!L39-xQg-xYfJATL1r$;PYq3vpjKrzh`^K zlCXh;T9?pH@m!VBok#+!wn~Wpj(EFUHh>N*9Ze1^+QU0K!J;$=P0+?3X7aQwOh(zk zOA|(NIH0|L|>wesE=PcQ4us{T*X- zQGIBtCrDL%<@oLkhL4Y!q4GP~HjKs6i~i(pFXvBovV9LDA5iA(tMHOunK0b4C_&+u z(-O3kCNZrrTGAnlbYjEl$U0bUYk6mql5Fq5XoB=ERZ88wiOz8p>ARt3_10ZnFE2q`S&A6+-Oi{zjw4Dm?f=4FEB|3LBzkk@Z9PU?~-X!<4?ox1~P z<(DF!JdGjiZ98Vethi zBK^Jn_TTDK{}Tc$#I2bfn z@i?SLJHZZWIugL(4Cc>QI@Yw)v!C8gpF9H_E8Xi~+1^Uk@sIbfJ|s`O!Q%BFB(R(T zIeCVTCMQX8iC14IR{EyPooz*HRmZW8?c3?}SIAA}YV;K)*tz}4GbdM*qz&jVEu!e2 z#G75~o_bA+bP-oM)g5bv94A3gp=AaAdbQhdmGmj*(i^Gi@4@^3+SJEZRYVW!0%j3{ zd{!s21ip-hym3b7kpNhs2npbeaZJ_{QXZ0Fi%!v;D!9L?UDIU{d#P+3yihX80^1I{ zP`gk&iZGhbXBubvV1GEj7|g4ltLc>{gpjt$dG>g=@^)#gL{8aZ@#`Z>=T;o^{8{zM zfg7ec4gT~>(a&kZ1GXUI)8)Pw<7i%1JQd9%9<(StuU~oYme@EoXHKuMi4+tTFEp=B zmba-VRYAN)PROLPGXFG{|J!)}`U2#AMX0!&RF(U5s;3q8-@d^!e#@A(3+omBYXeL7i-F9$=lO}j+@0Tt<| zKR_e@+D7!J%f=~+xU_}dPe;WaCu6t5jjQcW?7H58T_rWtPzPj^{Sj`>u2jp=SP~@y z=_Lq)_=aQve#H?4ZPn`}MJB;)4(hxZa<@4Z?Fqf-!;?M_lcfy90Uq44Q)PH$=jGD5 zn&9Be*qZCP+VgNmY80PWdx@W86RqTT*BSm#%h?#6w-nmVPUa0`(RM6+sQ z7mfdRE`NM4!$1%r@_0h~+?(_8I5OFKLOUJpP3Nc1(?(Dpy(L1E20fT-8WJhZha!v> zXLW|ow@8nMD^%uLbXAK{rpMnruS7saedtW=treobP8o4Z8U^^_V)4h`mVO2IsO5 zO#ak3s8zB^dNZz4mA(_07(pd&;Ik=7bqp;#fWsia8S1qzZK|%_{2bO-4sh0#G>-qC zocOQLxYdB5HRd;^ei1S`_oVUZ?cx;&mSUL*bX87Cky?a>1X$ZkW&_M$}bCNfqX+s zN2th#J;phG9E%LLEk2Fjg0|A|n$z~(u}|cgO^4(aQ{jb?X1^3(aa&z0p2?{-m{3Ef zZ%?6UFGh{SP6;U$83MR%o-X)B z0fo}kol+IbG>{^j$4psiu@4o#rR86e5&yw@`^(|C3I+xvky?G}rmG^Gem8vTETh5y zn8C>Pq}hGEvswsdnZbDYKyHR|hX9A<;h z4H!?)F)~tBN!{`)6{UrHtq4c5SaO@dWM9*5X_a44b3daH=b2%B^66s}L;s|8#Og>g zcYELVl+DXD%wdaO#x>WRN-s453DDEGF9iLp^F%OWwM<2-+uaNg+^ww(1zwH>;WmCT zv~S^EKsNz>@T?BOC)w@(x=NF>oxiQtTm*dwqTCI{>>M0Z`s!RKZ`Z57JWR zPjfp#`_9m1>*jUqP=Mv4>l0Q<^VRmUt-ZJ2QTjz=9(+DCY)nPGN#OqGB&_uQs+7ad zduE2c5(a14S_a^Y&yLlU1#@ZvoD{u7k_b3}YA2An(+mrrW!nc|05cRG?S!E!zE@+N z07N#z#G3OfSdvA$&drJVz4H;k!BbKT%w>m?+0|y&c8l)+=5t-++c3d~Wr+eH%-?I> zT({ge%v_4!pNOMC_Ki}77hpr3lEBpc@_0@2*-M^vRjTXBuO^+s^G6ZO0hsJh;jmlK zodnQS!ecnq(XTA@Z=IwTsb4vzANj!b)I7jKMGQwl z2(vD!%QZ^%p4&0#1Q0P=mKpi$b^CrJ=^;K$ErqD=}QOT|yLzVs2;amvtumRm&H+{>BCI3x0(Q6K{0o&a)K z?GSU>lAVqVA`?}agaa*N%6R0rTp4j20jrgYu*M}1tyBFeP~W^2-kN9Y4>Z!5TBj!a zZ1V)%moix6G!NaV>uqKN$g6Gq=okmH^ma!rswg^YjgjbW&$&<*hfM~2CoZF-G-=_JPJ^?Y2N_kFyJFN z=~t%-pQ$pQX4)9O^gCT;DA71uIa0}s!hbJF8jpGafbB9{hx1gz};O7eD@3>2l*REsNoZcJJJD? zYKmeN+%x-C=bNw*Z+l=vK+netzM|)Ap_8#uGtsJ%YMxbo1}fu$uf& zaKRZ_>T)wyrxk{Z_w?90B6czsEY1-2SX^)spv%hAg5#-iq{9X*`10e;1P)b1&(v{s zKfY9^{`f5fZQ+Pw0e?!>DH;Lcv7`J;^_w3mx9V@$Wv{M&8s7d~o*D*MH=VH!bc+!p zKXj;XFF&WcvCe(COVEhO#sbXXtI<@FhT%qvvzC;S1I;9&kSHtC}#_sZYh}s7(bs z0la}QivTr^=F6~_+8-OspTpRni2=ZWS0oltQ1yYhPjv$U^c7g_qHY*=C$TtYYv-KO z#TfpH@|-_SyQ3G*UC>lhys!6jNFZ~a5PJE3rYHUTbAw7U6FR0T2Sl6!(ilQ3JJ&+J z$2Bdtds%wF09^i)i9(X37QvDw;0_>PKG0K2kFb4+NVN+KTDuGh!c6nwXys3U4mzgvGaL@vWBYu`d+&| zYQCR>9U|om0HBU(*AmtJCD(jNI+KW0ndCdWHXLEMawG~K2mNWh-VB6jzUxGJA9EyU z^62he_S<)&6TyO@%ML1bIQr3$QWP~3C0g6cQ(DJu31q=V8*2=wR>8h4yq~9Vs1A=F zNlNaXhlcJRn%6t^>!xUw?*0_Bmn|FK&3RfGNT9pIqC`^ir zW%Q2Ruhb$t*z7$O+*9jS!8FtXge=;`e%9EQl$PU7XXXl?a}j}UX&Z{ zS??SwwFn_Gu*Tu*#$^dyuaTFL$Zd$e$4tJr2bQmn|!=8wcf=&|Z=Wh>- zx6kK0u@=kv$}e^t1xYnI`VIkCUe2`K&Y<9g%e+AJR{>a;=HEaiZRr!=cdte^Ulq1Y zUwi;8^8K@G`bGb4WH!vZr(~P|%`O>9A{S6%28H`PpUmu)^taOzJY#-t)%nyqj?ZDP zsWRQ?p85kfdMnluHQI`()bhp55TtPO`F+ZLA{CqC8%B%5hK*UB)m_O1K@>{?xoy>e)L_O#{PQ_X}iMT4T*|C=utS3_heJv@d zX=C2&e+`FjBI*KlvKTBuTv~h2C%eVQsnQO=$cPsFxCVTQljCH}=3d2&2M|Y(6|x2G zS%5`>ZAZ|`zxxHN0o)iD4Wg4TJUM}9%? zd^ZWp)Nq~9DU@w53tO%VhsKNr1~VvE@%CUhNAnwwf~l3SRbqcq=>_8Ci5-4?(gl$! zlb}~NU;N6a1o}KiG^>8A*a@NniS?gRqXmf2a^ZLz#Ep@V!OU1k;f|0K?nmx`&yQB| zc>jxKTBOEbJP`6=Ts{y6lBcEXbv*{3cQxd*B#f#Iyeo&1cx=|YG?o^N*Qlz^Y?>b`9khl9^7uzyh;6-~so7$AhUG>+m`3K?`7Im8S)5Xd3>!BQdJ ztl11w+9h-|G0ClHvNjr9L-)Ec@vdHuL~*WdBbv9>+ka-V`sn&$u6P`i%a>hy*?72b zl%#%?ymX!1AqX84jO8H=S&HQ%^0PLN21?)C%7PSNjCW8PN^t_@I(gT-tm33j7sw-= zgS^f%`>YM@@e!7aHVGi-qG_U9pDdE{xo{=9w<)mO3{X%i zdK_MQS!)cvPwEtEfkR(1zxk?nh2ZUhXymb$EUtLhN^&Qh?`IzizeIB7OY++57}vY3 z$o*z4RX63i;>+E4@I1&iCqh||RW5PAXv$FM5_Dndnu4lnC$WiExuL=BSKk{e+mKa) z=3@e=r}IvB+)E(8ilA2r4mRkqf^tS&ve|tK$|FnLax8Jzu?6TJ*XmdnqRTB)Ui(uo z^{&3^sW+S^A2M(q`-<}4O73aF<6z!l3d3+V?#M!wQDFV9LhV@FW7TwbgwgjTlV;1! zSCvDMKl!w^5nnK;(u3A&0e?N{2zF@@>6gaRGM>dLkAW#JNKW({)#Sw4kpBrp{r=4! z0!#zwT_msRt-quK%lgg_N*{JeORhC`N?D)F=g-XtIckf>!*BzhOY@BJX?~ih` zmjjGwxGN`yRNajZ4no$`X?jY68n0;L&J!20-1t!+2Z4C1BU=g&)8UDDiBAa3;kir6 z9H^$M-n3=bm6O|IaVghpO}ce>jOufL#yrNGv-o6;N5hs>8b@IzJ=vyDl1m<+8EZd2 zIO(*AT1-U4&lRe@^y*Bg+2AbdErI($#lhG3bI54Pq_qVs9MZ2yHTf0FqPVH%9&O7$ z`$fo(&Y_!HD+;nl+wEg}v0#h06k+wW^lD(~ZXm<07jCGigt}>fFudEGdkXM9`N{hf zvLWm0hit1c5M_@7>yaCO5^Am;FNA=yTM>XFb!L;F*EmgX;jtx2?f- zqUKMtzSUC)JO=jll0H4#MYRS}a2gGo`0h+umSFPTw zq!DlUr_0lzCse!KRaCG<$UdYkKJ6yHLt>Q%sT2=@o8s_o)75H7NXb=j$!kdC$hWv% zlj9`&L0UK-xyM59p0qnX;i6Ye&U0mi^f#5`FTlX>mq^J%E_e}?hWvTyZuPIrEDukl-WP&lw*cUB6H$nwu(x)OkC=yc5Z-8jYA@j+SI#)G$ zwX_Ip9`RKNc;c?%7#npv^HxreHqPfj^4kN14qoXo^7q*;*XCNTZcsF9Q>1o@J5cj1 zx;c30)R@iJ%e@`?G30eo@r*d6)$Ez2F!}_C<JOyT>X8~Y-dNN6qbAJSCvHB-IDv=x=&vDd5C%o5BHaP$YObjTq*=zk{B_b&?#@|J6_mID`)VW zD-JCAZt9x3o@WVnG1Vwwb+MkSBibZ+@HOnt4*~ao%+UW?s{#|9mS_ICFp>qEnGK*U z%LRin2KmI5;_v6PU;%oL`dC!|I8aPa@_S5JC~73U_%eYscC)6NGQSrqETLV5$WM&M z4pOA?Xi#x8Ve?JH=Xsj=_!G`|*d@;$CC_4Vj-t!%&G;P*=~9ZN8VaD{}Q8gGFcL7Yog zyfqZCp%rK+*hrL8f>b7Aq$vT?dqUj8{4#05KsJ_5-{#hbgQTiirXOh`fU zSC0+uS4JC$6RxMk8Y35cw_n9#VVhV6U1SFzZp?6Ejp_C7cT(@oTIKn%vV1aY+&sK> zOp>p!Inuf^!HC-GgT#J8qq=yqS0sP_5L|U_{^o)z2hkJ(rR9?;`THgZSUBj}5ZD^+ z;m39JUC0OxKF~7UBj-rCWwZOyc7H4)Y)Zh&T7ei`=-X>9RHn!tK6Qu%?xZjJm|hzn zoIp+%N4)u*u4VIyfzD`7EP2|j1Fg6>r2D(2UD9%?c5`9LV13Sl$;?3vME=KFm*S7I z=Vd*=klY7sp5kwyEXCkpgxAeb>03&a!r^2*{3g89Pg3)+?QC+!1nNG*vkAL$?T=pN z2q2+6M2aI9e;db^%}2CK+v|G6=v*n~ z*Kf{VV+Dp-ZBf6p5Jyf5=3e=&ibIO1b?=43h+Vt3Pf zA1|jdkt=KdBKvc!v2KXFx$Fj7EAj!77Q>eH_k)MEb!R!7ElMOm!aY5B9ERA=g>#)> zZ~f43dS}4thdfs|Mn6ldXf&qt7NEmoz+7*dB?cVQ-uCEJ>ykHFh;L)X=v^vl`d#|T_Hw}WSA9H%2a)vFDc8>H+Pn-c^rnRKqzFn`Cy{`f|an`WJK zrU*6kNaB=ek?lzLr_9hpb+*K3fXL^QM?PipS|GHDOol@J%g|#1Ill@7j#(U6=JFT2 z^cxUYU=9m=1Kniklff$*f#aYKASAS_4oBBzsPUqz#FB5pNF&t%G6zdqe?t+GfnV8? z>0#yCr&WEgpf>?(N`z(2_$hlbjdu|Z+`J}x(86*Ik)OCO5bWwc)>vLPfFAqbiY!89 z*p+zXTXK;0W{y>1Zi%@d^mK>5!axhdG;Tm^HHU8Dy}cWUaCvI~a07rZmQ z3*&EE-`ls~@06^yDQ}}I?*g~(%jU{6BU$KNFs>%216>}^$RoMmq=iFRlR8@U{H?%I z4A%B=>?m~{dCm0t#k%ba9k@vdv-Qk@a^aRCk{@R^KlVThy$L8q35Y4>tuJX^$`9441Zd5q-Ym;@J|7!%&N zqCCaQV~qe;@4`q=^`*T9zb_iR$YYimgVzy~_pm(j73kp#^z{h}{)){5(D5&>ns{xR z^a}i}+e}!6!Eg~eeq0pymYdQ{jg?mwg12nWF#?CKL-YquHQ?C##ClV=A|x6S`>`IUReIUEf_D?hzxNU7HjjhL4}gqVk>jSz#-Zy|(f%9XlqRjxU-#JcdALwVKYbOMk5whrNX^z@=S%+RKKf8W+4 z&}k=RSQgU7EBeQ%zMswX=EucMxGVho-Cq~fms2%lA4N{LPD8t>vuQldPgw~H=dJCP*;bW*A5O;WXtB( zC|*i3Y7<|*awT?F5KMm3rKuDFN8zz_>8a`@$Yr^$Vu&fnbz&>Nmj_a*3HVMgoRA}_@PM}@Wy3DZ9 zIA>oT30WBL3KB6piv*+Agu~Mg#Z4nY@xAL8{n@UuM8$xH&-c1nox~3%xk0H^zA*PA zYq-q{B@*$}@b_utVX871+jsB4)rFRuRH56n&TrIx>%O0UoT7d!Va_*AHsxvqKUFpd zihZ-DIBysjcX-;z+Hh;3yLB|5T7mf$p1l~3WWaRf&frVN+roX>1db+`UnEs zUd)()>2i7QR!HtYwkjU=VbkE;0rjU^es!F%sBA7ryAU7o>W;j(o8hH4#{flA1L~v^ z!8w;0goaIFF@`H0&V(_4rwlhHkRkz45vhy$q9{q%=okMVpfXry_Ioi(1l1u(C ziWW%CAQ7sTc@`L&63~I~Tpp>4iKSEs~liHnGnD4U5%e-xk__B8O(TG`_6p=X^68A09E*5ECE|_}K!EVN1;<%H6ki!mF2VSw;o`^S=gNC9bk$FuSMPjTtuA z*5(9p2_B^Ec?a)#-wnExXw9T2C*1%%2kBByVsgLK_vP~Mn;BvDYJX)V9~Sb7R=)=p zQ#vWLk9fbf$8iU7Z41h4Yfp$)Ul-HSt8d~t9vx~P@9Uh?eusGzPq$>^KicuX@CN#x z{bmMcLQ9wR4r=UMrRi=cNa+KBsX4nW!?vQqYqE$79KsujeoFn8Mm7rtMi(l_kHg9P z)AG1R3r16lSCTFSFRc ztRQCL$AvRSu_V4)CtOlu7%Bi|++AtcV<4K-5(iu8PM~e9UC<64(Al`$>S8xfeZOt8 zu|KZ3qeQx)=_ZqA8$RVYVt%zRGb;$O`eLCAWsiF<3WIu-eZNIz0o2;0-h8Sl5=w&S zU5^z-goy{7J)LWuII<&-lIqzMDs zV`zT9W}fLt>AaX&lPU+oX=ur9CM)AURwv+qZ%Xb_WI|$8$qg%(J`v5k&iNco_HJOy z>a-7hnnc;XmiM)4WW$yh>sM~7(=j*y6?>KS8$F!%YR4p!L6eUcA2ge*8`ydr`(sH4 z@4BaG1CTXdV4G$9G2w(4 z5HDZL2C}wYyXq=yVrV@8Oe^V4+iEhe85V#@_9Xi|CWt}uITv|6?!{M24>9x)tC3Hb zDTjR>+gzVLaPY=sEHP}wps7Ei29FiFC%JPYLz!I5tA1Fsb~0&W~Um6W`>jthJkx>j}W?x$dq@ zqqqUEx7hTaI?`czshw~swma>P zBFHVqn**4W%DXGT+wVxhD*<&02E9t>bhk%5=gzaH<^BzK8mk_^Yue;GUOT@1x0gn?)p;Kb7jwtt=Ok@;9VTvtN|wW zdUhr&R`*#k+zD)Pn^^u*4q!{pJ1Qj@ZW&jL0p6-7U+jnaEb*cv7K9LJq|+;q;g z-hd!C>XsYnxU6UW{oLTWlM%+<#FL5oTJ#{VtQ*I-puu4er9`~K8jFVnn?uGd7iMI3 zPZ?Kv$5e z)(Xbm{qv?PQNf%HA7OCU$FXUiF87D9kHdu9^EVL@d7edj1la5mjknj-6w>e$it^e% z@m|68N>6;5%jqy9DI|J+7RabG5hN7*MELn5peLBJ@|Z$g)mwt1N?IC%BVMpmUDIeO zj0rpFEN7QTbCH6?w+!LmL^3sTVy>Z+n_vyL;vRuH z-vqrOV8N25+&|~iT#4()Qd-mFJLb!6arD!l79dInG>oJYg_A)~fYBe!H=jP(cV zLXL|BS_=z4G(ZPN3Y$nRWYdP(IP=!3$4#n!Ab0&utPKmKmx< z@n48ozHp+XeCUPUHfI)ctNmRe)xi@C?>^sZkE{orIC<_a=osC$nye{p_{I%6#2^O zzUl5!aRSK%$)&xbb}cR2U}wARoyPv0Sc}W+=_HT){zwf?&0%STZQHM^^(clN^8)WB zhnqeea6an;#ZE40dwZU2zy3ez#ot=8Pz=5MGS;Yv3i22EHB|*wM;(=#J$px9E!AJ< zX_W1TpV;#Da@Qp*EnZ`@({SzCxN$EXy_H!U!j7NUhJOQ)%r>KmEl907MQ3@kR0tVy zFcL|W*faSh+MX(TOJ-#Lq50T+r7W1TXH4W;_=zpJk;gLNdBmoX$CZ*!m6s}OP~o*% z?ARA&i{3#)VWt<9{IwgVfatr^lhS8|fDUHv(K=!GZ&=~ze}I2U$T4$6wjq6IbnrT} zdD!3^8I)f&wqoa4KOjnL1y%+_vr5VNJ8jvt_rwFM;YI>c z)H)B|GW8yOmiM!Y)?Sk$-1gqqn-Ynm8%Z!r{{NjfCa@3T!##aFIC zY4E8kRXR>uSYs>DGhn`(Ciw1MtP?yFYShSJ7PMkTiz=3QPybYuGpwzuZtF>!!)xT% z!z&656wwkSTLP?}-^RLJUbZV(rV4DAahE9$2wdbZd?HRp$?2WvYR!<59jh#VEr5-S z60WlDClCdO2P`c@_W?_blB6`o|CJ#1r(f!u!%HE_a(GAx%+DK8iJ-r-?sPIOY`v)y zwi6_xt*)uQLlPVfPqrEiLbvjKU(#<<^Fr~-fzvK+bYh4;!faRsM_LU5g(Z=Ny1QkZ zfQqgR)bxLp>>IR+ zLgjTg>})t32J&dEYc|C2zLbsp5j#Jl4~TcH^!rSqjPzYTWlofkbGrYF4@(M*Lq5FR zVhah3SvwZ?&NECSTkAiY^7ZdL!= zY|EC|OhpVcIweVtw;X!%(pgKG1*e+BLkJ@uNl;AAI;Hk@*yL17c#w4d8<_YX^#Uad z1DE*;Lw&D_7u($@6~Wn3J`u;T3UxslclE=ob7UKR0WdGP16@#uhFjm0qua?QeAPxjK2T)cq4@apVj@2HGxTl^UY~o{pW8k14*M@Aw^iD)YZ+ zKGhfU_QJWu;07yb$c6m$x*gB7XI64mDhqi&|Iw*hW-4T6VgFYN?wOtMX=W;x>*3Pu zd8|GWn_Lyq)PEgh{6|wx3;QfQ!2%j_;wm`PFIZialpYYurVMVruf7hde$!3n89zg; z_ECVksR0~y+YL45=n%$!cxgrNhl?m>Iy!hC7JZZfmH7l$Ml9DUBMnXP8%-w#E<&U% zRK^eVCSSTUaIW$skY}d?WsI?>5+#c-Qc2MY_j`AAK=1f&S`(|h@$(A0{ZK!K)|I%b zlk$~!u8cO}sKXRPI!KLW*lV|;N)v0E|EC5|2%cJ2zg02XWK2cikS6iEBj7um@)TE} zdDp~R!xm*=F-5KCo9@N*aD#o^YrUFvp4myX!c2eIp-HTYx_u2UZdv_f+xjH9 zzqiEIb7v+f4OlYis*OGFw`L`J9XD4$7^6M%3_hpmyqAn}kZxC6UoBvaCN4>@)280{ zzvNkandlK6W?F`lQ#`U>r18OeU@MsL?IxJ#P5ntI8^?6|tkn#c?0F3B-#Xwcd8|%~ z5_Tc?rRlEqR=YKtDFJ#p6FNY()?;1e{%K0yZaMPBgrer$Rxl%H?4{B~pB13J`Yrx+ z#;O#$C5s|Ox%*B*3DLJ4L%}tZffb2CM*=9FgyD{r8tsAQT5efU`R&xKOW_N2RjDA; z;FEfI-Ak7~$j%yR)-KtVFohhh6--*M-_|PZU9p_y<&oULBbPw=J?Nd3s>4k-T?%iE03TIxU znipm8(9=JTjtlD_lzU&i^Z7y73Ot05%ZF>SjP)5X&NJR2xtH2+ASSUO&)AEV?KG6i z=Zn4K(C?7N-ruyH>l;J9h3*n0$@1J+&4{$)DjHy2zjdjnO7Va(1vH;Ju#GB4za^i4 zXB}ms#DpjCg$P_Xd6jeU2ka8(f~yyK0ES}{6rTG`peJ1b!e>Lm89S6wkh-AC^}Nwj zp8If9Dwm0egHQJnC*9c?yrU){v^6xN60&%o~x3@l=X^PnYE;K4KehG%{tXz%t!uo z-2DT&*QbO3HN+yucp6stGLzXIqsW-TP&}eWrZ&Ny#H#?XE;Cww; zG`v?_6mm|?-uS}kt>$!x>N7Ks{u}!iIVx?7l27C9V*NA_Nc8P?{0TQ?N7)-{XUR1$ zBJoDXt<|_4Z=%BmOSuB;n>7cQSz6*yJkq<9v=o*V(l|=dzGQ ziOqkMM>`MmFqX?`LM2zjDTx<9x&)DB*h_~~Xa@vX%yH+hp{0T>4m z;48NM`>gxDQzgm3uR4caEvy+PfH(g*-U+A_E(U`l>WT1U4MhM7l_NG}#c7o}DP7i;> z{}<}>&s%0lj@kUV{g9YuZ2qmm@_)rY#PG_*uF z@;N$mJ~uU<_`a~NOJ&*&p0E6qI+KWa@%EPQFEn;3W9Jv@4W3LhYm`WbxxyH|913G7 z7!g&*Qh{Fpp%Qw}yYH#JR}R(PM@St(XlzI$9{w7xiw>KJ+p}3aCK~+1TU}ZydRy<} z8_}sP-E=5g(fYy8Sib_j)Y~ zYT3z6)djd#+>5t?0%v3oBI^kOA8P)xuhU?`_z_+a`L`bu-W{a>?!kXQ!D6s83&XpN znrp+*dR=3EB`E8IdLyxP!j0qx*1Av{+&#XW?R3=`VZD~Cqj(AZq=|jon{nyEd7Ga7 zaW=uj#aS>8@vlwMcO^>HHV(a=eHTxCZx*K`X}an z%yii1~FQ0!Tvqujw_UaX}u{NJp=D^Q=+x~4b?W=`^ zT4PNK66bKqEByT*OWFdL1lG)F5=OS#S)UqzKMeIKN#6I@9Y%3Fs@iTl+4o32SDEYe zT`CWMSsH=SPxPLyQX(O66AqqF6#e4>LMQdLp(kA+DHA=oeSU+_BL?ajfSYkjjk$*G zNf&@OqgQNS(5jq&C=|HrRG%o+gSf=cne(3?8y#ScF4?@wZO?iX%#QY{u{2Ft8QkP- zX_4L-_S_z*7M7ACtrAX4%<#;~c^#oE$zRl0TVg-^es(B^>P3c+j@XdY-34`U{2dWk=kT79xyM;{%CVVvu0XMdnqj}AE(;T;KFmuus=T;|G6UEg-Gwn9o~-1mm{^6Om-;v-$K?(W;t@TuZo@e zIircyu+r)c6I32XR2}4JY|26zEtkcd$7lOa?jz-ufoY88fOar3LnSoDbI{m5fHU`HAeyE0} z49?b&uzQ#6L(5y^C%)t(0-bc?-~2{cIYZB1QN+XVd&Eb`x-vL@HFV>aOOaf+SN(6o zhJSG%gy8W}l;_b7l!eWTQnPG*9AAdNjd5Z*Ml|z!DcI9WoEn}OaF|NnJW+c53-Y#T z!sTv*>zaK2eP-6c%p6)2M=1n@cjjaAA?A4_HvmIT6GG0z4M{%9^Jfd@z~~6vv0Iqc zD7l^3PCCEla1w&!(N#ew!i8=G3Bez{RNtm~>%cA?n+V7GLOjZKB)lbXjTcP)26?sJ zs{UHNq(1>ST=)x-qKnqW+9*8%qJ>7FSOdEr(30crobwxQE+dZpWRW+)(uR`We7)*7#1`@K4flbfz0|3l0N8ZF*n$d?HFx>U1unk?&&$A^l7NXZF*FASGe?CN4s)^IQW~alj3L9Rbi}|FVFE= z3Pb37cR~mhqEy?IJ)iud#A9%Sw3{M5)i)`}OiJ>T`3#MAk9DVa*Zj9_Bw2IH@EbR5F_xUxcOj$*7>} z(ubvYkA^57C*ke;=X{Pm4fNLwD2?f^h}*l(`6=Zc?VWN*h^V7O8FDc$5h8;&{yWik zVutlyXrwd(HluL42BPkMGdyBpSPiXuM?i;75xNv)5Irnf)_ni zSTwW|DgJkyXX}v-okePiq$COMuoOwI$*>nZWe*fso+TK{SWp9H$atbZVS!Kv5st-f zb74~bN^wB=XhAA{Ky9H5N$tHv{Jh!#4KF4BzqEmEUKbprPj=j;Cb!xS@`cOGPC#D_ z7M0Zevm(xT&@$w2AoM%stwO=>ahdVNBv^_TSRTs@>e2#i*hn)|s%5WVA5x6WOerVh1yBlN3Xt9j_FJn*h`f*>Qr;Dm zb+(okp}_DTx)Un!tRSRisO z*p|_V*T1zgBLO)d;UFp$LaN^GsiZjP)`4HZG0>X~Kmr`LpvMG@n-b`Y+g?jHnL%|w z@z;mhvDp}=e4pK)>bT_$gqHHkxl7RSXT=9v_OTc;j_8-Rr!){xi@V1?-{PbD8(7=$ zdr~mLuYCon+2z4+H`N|7pvcM@Q-EC>Oo1eb;l({qPuopK&8Nzm-eEh+4(GM$)zL1?&Y?7~_uDH=iB{TzQ8gcDq7;N%dri`YPk~ncFpk8XCyrZLSfqB63%1zceRhf~O znh5F=4U}@rAo-xjEd#bLX*@4q{lKXbow9Q51V?4{Cc8~I?F>X5zLV5mVLA(G!6KPN ze}#UBtZx&Hc4P69Si?BcAnA#s6=JrRYb36LOv*yAlL(av2T0sU=q}5(^!oh+;AfaC zDqks#HXuvgc}n6=cGSA2*dI}v?Gf-n*GCq@ zo_alBI$>y`at=hvU1f@(-e#~99e9D%3y$Ia6KsOJTj!w3c7<6$m1 zLpCu@&8v6Vp^@5Bj&tD1WFcb3HA8kY;5mS%yq{;@^3D~nv>b0u_poyAqJX}pI1X-{r{vymP2GPE!Fig@ zI+V)k51BBcW1Pa_Kfuqc>%U2-{@p|W=~Dm47hwtit9aQ9QE4|CqXx^9qblS?06Q6t zYX0@y+?CBJ{83MGX>^xTfm~9Qxd5=jCvPFq;wFp1VVkFCfJQ_1JfQ0wNg_21a54u< z#@~qx0`7zb+mYtj-rR#{yK6)VXQo|~pS4P@@ol4g#HHSzCBDnUr*F7L5ZMiIP0=YF zf`_^rP)%4Gfw!jJ5TrcF&gEFIHs%KB~9*n8n`c33tUce9 z4ir>OH+OSLm-}<3AS}j&a3x@u3N0GqD3KcTA2*iFoj`V&M#a#g`1u;9v$#uk%E^Z% zM%&UgITMiZ6dbXO_()E%&W?_?N@-`-PdAbg2hH_J9IHMo`)&IK;isz-xg-vkiJL+( z_{KMPa$kt7#(lkgkrQhK?b`f_$YuQT6B}h|l4m0~d(kE_U0uiHf+zg2MVh`jhMsi0 z8~hEUC?O=@(dG!p`V&WIOxa;zyAs${i>%ZkTj2nNz)8&Ce_2PP=4O5V)wgSqA+k~K zH3z|%L&4}*{(}ZA!-iKMr*gjI+W@t}e-gF-mY@Ecl=OJCxt&R1G&UC?Q01|)^Vwf4 zoVEQv@F<&oco+~^7jo9Jid6Gqh7xEf1bknvFw4Wx+10~x_8>qzo zj#H$_S~^DTv=`|5zMY`qgO3!?^{*1z(C5Ka0UnA>AdkxE|I>mE)0YEi__rzA8gZfo z%y6%bSkD3_9J;70x|$VaBK&8#pV^u2mSQ}aRXP7ITWjsvxFq1}uvt7~Dqw(Iqs-L9 zI{cHoOyl2|yA3vZyE6i}!CmLSbi#GdKkZweXC1*c1|5f=Gdzww6#?%`!W8do(c>f9 z-QxG|!y{R2MB=EpJMWj_c%6P*C~Sa?jCcsHEO$ALD=`Z#p5u3&|LSRA#_>YFBt2?< zP}HY2M#0h(j4ty^`nHkX;UjOht^mT&G_9iPl>j@O`r`{I# zibsX2P+GcEUKZC?bfB_>>-`D0ONZLycHY1Zt2P%cUEEytp6aSE2}r>u^Xb=Si%HtN zCVKiff`8s;8f`k4DHb#K#ROp_m%rtgoP_Wm;RFa_PR!$myKyf^%5?%PwVbfO@Luf%W}@?rgpaFH@AovS z9y4q8<@#W`SD{jBbRmb?JL-kJp+DgaOuk={icYLY{XZQ#r!inRO7+Fz zw~|%8I^1OFRH+R{&{1r?Wu9}(#Mb*>;2Oo$X>PFn9r9@ zNSGP(MKZ)~MC-FL`}M&gI~861es~OriRhrH?uB@`m9YN1X3aSlAEYx3~0_6NfT*i<WIl!JJqTy4v4F+}7HRbGVnkjVDlh&0w zi~Njy+^2p0rI#Pg;En+*?v&rWQ^;@6tf|I>jmrxE&t(j}7Vu}pGW2f$jAxLvZA0U9 zX$7WKs!8q#bsc~L;WYO99RP$gUU9pfnc6;r+>hk@p(c_>4kTK9&i$t`$0*WEbT-ro*W?z*>e?s~*vO*_Pi<2)D*x`P~Ob%Wull8Rgty8`SFbFq1@i0FN{bhqSgw zTdPNFG)FCzqxg4eZO<*8THFAF>3^Qs(-g3qm1Rqfe6=6t>@wgsBnWzm#3gQz`Py=E zo^wf(#pW_qA58Bo-Jh$@ZpHk}Sdm#}3r2tCmxl1+Y09#BUo*poK-Tt8I$6PFLV>Y0 z_~U_`84p%uf)rPajHLKZk6Wo(i_Utnr^Y$W$>lPW+kXf~P;bYGlP;Kh1J-B!@deLA zHu$Lgx>PaAx&km01qs}q;+Jy3-4upHE{P$zjKy7uw+f-bPCJ}bg^Zv#<)8P~0|oUt z94w3=3^fP2F{r16;iZkba{oxGo0M4weB%;%?N%4ZOt>y?9<4|^767H)=!_&UhS!?d zB-^p9O%f}m+?SSgheg+|bBi}`u_WMst;ktzyB{$#djRbCVZ8O0c`n!VUXy;0#M#`3 zCF#aDg(Pe_vxK^^9%2+|b%&yfvb_bxvWKU#v!l*Mw6pWhR--t7{&KfPTJD(dYw98< zbNX|c=G;o*(4YDdOI+mgHTCb_)6%~qvPN&dy``95*jh^nVH!WqZDD{OB5=!-IK=po zM8L~Tqio%8%mfSeoWGi~U^benxS!t=1tjTu5ogWc+kLWBDA_F8Joq^v-Bsg{{P6$`z6-TwnEoYKIO^+{Xniq0i19|7uYXN1G*K}^f$sJct6JW8v zeFa$A1w9BFtzSwp+AA;>F46Oj50S%MoJ;|}T^%ZFIvXGyH^7Rm-mbK7_4NSN4JxO7 zeq69p^0$+}lql}vEq82OQAcb2k|Fv>cNu)2U@#8iPB`A%deB^F%8zBWqg=Row#<%5hoN$nr<=My5lGFkW*aTWt`WNQMKaA3qZyo&F9H1VOr9t4Gu7Y+!VI&n`a1SEN z@7ykwA=8&~(HA7bX!Ceb;@IFKo`tc2LD>uZlxXx1VN5 z$F%@%VD2Y!UhDmWr}0Bs4>U!Uz(zY3GPiVp;icL8XdRY6veEO7lo*YL-N#Zz;0E=Q z;K1Vz{|Voy((Qp8`o7*@A-PS zS9}b??4I&-*V+(@sRSd9hulR)nB7ya7H9_uiJN)wouH~JQ|_@Q4qTLKq$l-<)aly0 zCLj-rbmu$*6WDLbG`c6vid^MC;mBVSKXdEm%ybwPQ6#Jyh)Enk0n@ijK5d#YU~r1O z5V~pX>>O;H%iDoRg1uUGK=C8GJ6MMcpL4)Hlsfn7l9`_38Vdd^-d6fw~@!0o$zFQ6?qqxjq4whTJm1Nl;g)A4@(^o(J{? zt=DR;J>vR0w@w6-o&j^+{c#~9*lfs8K_o`fUb@)Bdg-SH1)zh@h#Y@+ds()vZL z)GCQyNkIk#5*dbPn_641EkCTLhS@r}&yg6lMsztlL9q^{LtxkJ%CX)ze18 zB`0Z`7*bm-W@p2g0ui;J0hEOz1PIJ-Oyk$eVC{0S%}}~GhbJ&d7n{UNF$-Bo*H4_S zem{R)ta*UEL!gy^_ZYG2W0_xY3q-8)i^VGn2OOoOnHqjTgb^P8X3JszDT-C;Rdik% zyK1FO2c@}+O#cxZi{=O={)1`g&zJabtM*O4}x@RN{ngw}p8f_mu({ z=)0F3r*tX+edK2yw((}*pMhile*TN;wj{O)*_AHAdt0aT2{n`ZKAqlA9>%yK<~E4T zi{1~=3ZR6cx$RYJ`sB#+jengCqvvAL{m{IM_5U&Um0?k?UE2}@l1fO;5F({W$H0&x zAxO70NJ&Ty-KkO{B1j|MC0zpp4Bg$`-KpQrv-k6SulwEK_w3`~$1s29y4QVO*IMgb zYn^9r(dETmzFMp8x})BXTL zpKa5LtSOYKH#+f)ZWI`t?xU4y`(FW?F8ZTkU0wiZMy0z! zpU_!11a%ppQ;@s}Rk8sJ$fd?&*IIe2DnV<}Yfcm>v(rWSXx+7#yK76~(8AMi$DHi| ziz)5ZZ}D&Elg<#`i%^65V1BmMs+u$z4S5gAgSxWOLEba;v%c)a=xcH_o$1W zEyHf}!Q>b_{hGgIZsw1Cd}-0k=&Er~V|^1roKspTPvy>QGyR)&3E4So5Z*z`{JW$ zqcL@>_Ln#sZlpicnF{}0iXEaL8jc?#5^O;iyB`;TsohY}mrL%Wsd!yx>TqsMVi?6Q zJ|4YOrAU=X>?kgzPOCCRZ$awt(G!9)wvBAk9RsCbq|oBYN;fu5I5Hs_OwQDyDF{vPof!1mj;H6g-+Q;qPyS zx02rAtUCh%&j>{nhnvwSVZdATtS`ep9e3D)Mnu85`nLP`x!^9aPUfsPqQxva*m;*QS?3zoxzJ(?jOCS`FYLj z+S9#?lE#wSS-ErF>ae_H#Jwy5XFmg2xjn&VUHNqxv;L~Vt+zwBxSkx3)X}Wu1vb(L z%{y+STv35>YN3snr+Z~@g*pv%9)oP*DCE#I7kK2#EjcP&Fbe5mRCisSd{vz)X}XH* z@1naeTx|wvUJTK{{!ad>o<-2^&Ab<#;_O;~*Ss{hg%oCJHV{jjY%nc(*0$_>_VTZd zlevuMp`={{3^ecX@ka!mzZmWUQ^Lq-;~nL-aOiF^jK--sMPyNsZaRxG!Pbvoq}9#i zFe;gQ$unW~gdM|yVE)CDCE3!-MA5AOEI}Vn-vN*#@$M(MU9C5}QHV^D?HDejED80} zQL(2SU8^D6%J!@KJbQPeYQWxg4P6y|wsj2#0mzOufGSvXOvJc#V&Qg-)0u-tWpv#4 zBhP~bLDuT!&w~$IL-tt?^Ko$?!SH)h!EfiuTO&6(B3xfh$ZO00v^xCen}&O4&BHD= z4Ml`|e5Xn_gb1|w*5u>lzr5P1)K7@6qjEFZt$pdO=cfNx+&K+vc*6RSdf?KI#A7a1 z^*qaCciCVy>3$QrUyHINM#iUvJwd9$!(R?)D$;${5@G>+ZYJ^R+O@#hd62iT$1YMI zlh`wW`C-UQRahtPyY*v}ObSWdeqw6W6b)fCp8b2A!CV#vM|#H%>*zthB;E{2G2V<3 z85BG^j-*p36$UZ+4Wa4TNTY`Q!eY706*#@|qQ9Ykv-~ExoRIPzl!O`Z^xl4O*&VXDL2v z2DIG_!|~Rg1|&!)PKpHtkz{>a&DrIj1Z+gtD8vQj^?HMUyfvsde_ga#D%TetlQZj( z?(hqdljEHL&~LO)ZI-pUQL<{WX|2VN<5800E98$gu)4&Tyy3%}JY&xn>TF5KM&2~l z4-nh7nb%NfBW@_?V(g&P-VlbC9cL|q`W_2l<2C+unt4UndhG zJ{%6gO(MyTx?$ouDdu5@In1~xQ+IOqL>h4&xP$kk3K=fRp~P}zRr6)9=Rk@915krbZdh3VyU*fCnTgF zF|@`F$_B#zn3HEWMJ*Zls$Wg*eSL8H)X7N?PV-{^2*ckb-k6cy#w{Mi*u*x?F<7E| z0W`yzO1|*wcx{#rM)tFN99ZfSSSjqay>-fhclhbo9fepCkQI5xy9`3?n~#|HFqk*_ zz$**Z2eQ}V`23F%>q2kc?TeNU;b;Uu^q(91TmhG-?$5Y6JbRD@oGl~rdJ|+!hLZMZ zi3)S*%Z2~5qfWNzMCw`-IKdjhYGatZS0nq^iZhyDHj_25yc0QUtF_*u*$D}McM`AZ z${%3^F*6YJcz!$G3kmP*r>>XCs&y#>TdTl#h(5Lp4nWFTIxh?@50k5%cy37kNR%hb~_D#!9JFhR^*!F#AV>4@y z9dCtq+3qE~EPkk1!aw5)r`&zfeACH+>qRhjGIL6P`g4(Y{VF>xymT$R4;%Ef4zwjb zy$2c7B-^iZ^&wcAzc7<~gY*aHMg@kwNJN%|(WOX=*m;DBz1AC55Z z`p|ohYl}%eX)?>Nj6P#q4F4ADBaT(8pW>||s`0DaP^STd-~X1OT|Jt&f}t>2HQ{8< zWT+~d^|#tPWsGROXV5!54@`Q4tELW=t^tNe3s*k$U!nZVP^jXpH^j0cNpaZAgK`s{ z`tIw+X93g75+`-ki%oW^Oi~K!UtZei0^#{`Zro6Se|dXcm{snC%arIYrn)vX7#{W z_QhFjr8dsvRBab|o<9x`mYsYXgnGOVc8(PGv5;|8{{#LZWAxp8cw@B@Zb#}b)D&ix zcImhTT^WBp<^3VlLCgakp6yh#dNlFD5F1TUf0NzI6;7rnGzapJgmNn4Bb;@DA&m*G zEUZCuP7FD_F1|`JS5dG#Sw5SwB#MErF(*^5BdM3@OWF2Z(C43f;p z&@3tYAV-9AQp-!r@Pns&>1zBbdks&cq9|*B1ai_#kb-$ti$}cHR;wf2k$e$8AAgs>0SUaS>5Y15xn$5b=j+ zcbXCdtEko}WZk#hmT=!E1BmE~$GlD;5w<)^A&$x7ok|r2p^*f#>k0Z~_b;wSx)R>2 zASB}|Z6MJZMjzH^_bIe9D&+kO4*Knneq6X`nmp`#U&2JB&R@;zEl@o!mc=^p#IMN@ z{=t{m*R>f-Li#&0<>T|q(?~H6@f^kc*?6QC8)hB$zC0YR(pi_ZGk?GLGtH_xCFo(X z#5di}!Hy2J74u%F(ET6#p1z~^R=432(VgD~5*G-8~e4RNh~{2@ye8FCZ%4O*bUi_2d9nWCww?12@k00IXU9w53art~>Nq^vuHqM>>|$VF=G zo6LFl$TiI2d~xvS)t}6B5YzJF-`i#{b=VuZ8=5#(VO^#xk$VwL?d8&jgIE&8Br|yB z)v1zX)TW7B1967eQy6S|zxa@dQwQn;wYlOpLwx&9>mI^#{8>lltd&qG$%MTJl?e!Vs5xy{?U`)>jm1!)1+`=p9ps)Es+wnVK2 z`PbcOboF~~3oBJ?c5#P3ON7SK_pFl)L3gL&yVk&*Dc71syIn!akGuXZV|XB$>5Tvn z0@%@_tMusRct_JwRj?iRk!{zr%JUTg{!k()Pm4Uh>M2iq^1Iz~2F&N1ZSwfD{9E9@ z&lg+@5^D0kws@4l z5;;ROt8VuR>z;ZoQ*yl7;ogqN+-tlQ$VVfdFJ)e~PFQndyqHqhmi2=Lc?&B&E40I6 zT<(@k$!FTQ{-s~&s=AH2Je(zz-*8joXGVpJ{n!za8mVwpsU}C&7&CsH0tUBXIaJ80 zkw(9;wxY*}T}rEm5ro@_7;8oW5N{oem0l9Qp($QitOS0O^{HIa5iZ&C4hv< zg9~JMPF^nOEFSf;gDjHWqgotQk^{ub{{2vPJNJN@S3Q+WyAT;9*3f?->u`t#YttE= zVd_1Bpl*L7y|j)?wmVj_Hda3x<8A}IZmo=gV(b1Ih6FXGwfj{!qxR<2=;`*Wd89@Q zQr%$t*gcSc{~}ASBBJP2tajG`A=FAuAT4`ugjZ!#zLq7(DDu@(aWH{_kKr;b(AQs`SiC8ApAVGEMnLBN3y^+39DNC_;kCq#@{%Q zvNF#^WvPU&ZL~n!GSB!rOJrAyFO%<}$T~&BsLsaifB~6T#WG!6STd_{ouCSCse7gU zfe!1^_El@~Rh6~-i2aYQ$(G5*EpeT;u?$Gq*5=K|MSk#s(4=bPjvFMePnJ63FMWoh z(V}5uxwfGBBIVZP%x1L=9VYSOM9}uHHaKP8SIil#j zGpa$Y8v&%oC51XPd*Oub-&_FWl>GC=wm=FV-FL?H@DwwAACq8H&415NNsh6%E-X*} zgev=VZR-wH&GuM)<|cqP0frkKcbinNwl{k=%VQj{qS;MBh5<<#>UIeB`zsqAluWts zyT@V;!RM1hnaqjLJj0E{!ocqrD^%J7j(Tnd$*B$^l`G}6MhQnh2&@J1p45KbD5YXW zteI%&<^JADcq9wo;Q}$1AUdP>Ru$j9E72w0&YRElkixJs9>v8Az-eH_kM<36mK~Yj zfZN=U$1%ff&^}D&mw&PH{PV~Z)#J+vXT`3wpBPgohZ%1OnH0=FyYAx7Sz_qmr`%yb zJ!hvuh`~mjf_z3!$nLcd7>2T&O$}$a(knsZ=#C?GHDbOEU);#-hIfH5L)BukH=9UI*ck zu~&qQ7`w>&v)Nj~3RF`N?EvxkMrwy`uh8?U5{`$F_sbp^Y;qa)xyRamQbX`Y=_a$)Q3v$LiBa)JLo3>0eB<11xV{_KSSuO zHO($2vgm5=*Uzo+xc6P5HLFP>$!q85VM?$y=Egk=%A!7whzjF3KhJ^4z;HEUDfoQa z$YzPoYO-Q$rQvddr?58v{-Yn%>oHFvx~@^N76aDQx^`;_j(OMlAy9n3#Z6MB(t0Z+#vN z?#)C=?6!iK81`NR^{-O5*piU^-cj=%>ibqWdkeG#uF_7&15)nXSAcwls-6ZL8KpxQ z5&jvfRDsn@O*yylVz*z@6vC!-rm*%sQ$cGbu6TAw|C zS4kZ5I&zFocRqh8v>1V?pGD&HyyD9(D?`(bE2-}}AOXbqu&hn=+=BL^eWi{JX&49< zP?l*NURakW(kjA)BvBV0sA=M(8q$}u%Q%5{vQ4L!D|K~qR}`z|u8g1Yh2!U;Sx{0V zMa{*<{#A4`P)D~lcLA_8t02WO6tm!p)ZLg7GQt^6o?LKfBnWA{nUnQZlEKS0Je8BT z`QWMEoTrg$e8}erhnF)&drM1Xl40~FKQGA+BsU(cm7UZD18?OWyu;U#Pt^Teu1CK= zmFg@GS%ID3!PN(SU8HY?hmP}{XC?ne%f(Pln?-9P)b{@VR>h4&qedd}VoloNQt82o zk`&makN4W9{$vzlIbXAzeb>q5gSSwG3b7RSxlU*v{!s`Q+S$iOcJrf0yGLC|hX7bN zzKbccx~c`p{?sJuFzvx?<1PWxCBxpkpq?Y(0|#^?Jqn{OiQ=GQ$t}HA&_II}!rL^) z(MAfj8;&l@968Z_7Dbr6Owk4C@MR`GuPT~e2zT>fXt|6W9UVvwC&E{6m@Tyt+*FEq zvPU#&L%BJbX;UXoXyOr^+OTDqKPLIJE|h=$cmCB(d74;*+_}59Wcxlm8NKW;66FlL z?j9aIC1Wzf3-}^$FXapZXeDrtN$Q^1<^v$i7cTvK)1X&HigyB;#vWT_56W*rU}l6h zPXuva5YZ@@rOaI7l^K4K97(z-0~2sUwRa?g4r=kVBNWK!kCf}@q+lvBb7pdRmPI|b zSEEnGU>4?I(O5~w{!kW#2i!C8u%4Vu(pRm-J7D{q*QQcI)d&bTP{teK>=k+LSZ*Co z2-jU^JV@h3g6^+J)xc2Doby$5zq!5)Icagxy&<^)Sl++129;>;u^y40VP;tbjDI56 zcc0s)S!}ac2%$$RoXg|wFT|XqhbEBaEx{wnK+yRGfO4;E)2TC?LaE+^w8N8vvb;X* zR)lE+m|9KU209|Z0>YgdNQLWL;xwn5lQC_Fw8Q#7CBjj%t2uzAu3)NzrtqpbSjcMT zC>Z~?vSSVPt~fUH*iL~LVg=ZZG<{pV+4J^pdq4=vaoDY1o7@6QM^EvFj*&+ZL?jL# zw-|HLQBloiu6-pz=l%Y8(r|LfLl2;$(+7w-{balabF7g^pOPpR*RYITL1z^e)>Er7 z6TolR!+KeVjY+WyuJ#�d2RPZJuFQcXnDQQu)nuy^F@-avTeKSkk~1Vjz=UjW%?pDU#z;Fm8b#vx~@Fk zc?*6#IpCE#gU`cczL^@rsQr4l-h{g~;tQj+hPQz0VEfy#+eW~Ob z5#tkHNXFJjUh%bt$>k#aiArL>RB25Wg#(+vUj+s0q>uI2V}^f$D?mB-TKTKKv2jY% z`o>hXadGRx9kfi$-WSvl*%!~*>L+ecjJy4*uMMUi&P9N-^CFr^jD^@bZ?^k>=9A}4 ztb*yXD06LXZ2iXoi9SW>q~ED+?)f~Xh`Dz69Kfl_mBuKkF}V~o5CQPeZ`LH{aaWWf zebyQ`+hX0fOOSEl-QqB9PmPAH>jmz4ht`t2wu>=sWbXX(&HU~nOP_w`SxheeguC?I zw4KB>9B26I1Ih@&kw-wqkjG!Z`-Ls?u49n{J3uc>W!QLpR!R*pZkEzT2yy~>V!U0O zlAnHz@wmsPO0vLLjwKx>n6e>@wewOog`sUYa(ZMaWN(H(DzPi3m#+)qukr;La1*U21C;t~6A$X- zYQKm@*cFz5R1i09W$id?;KBJWGh9p1hFsHyB8Jy(HN>v*ax;%ILieCT((ce+8blE* z9{zOU=TD%r`gvqWo_OrQa+MSbN(L= z8oBUvvs5~^7%+^@(TwYiNipTH6?mtd&s?vnN&2rgS6VDwuG6ZfIWgR)TPAVoV_}s$ znVz`vb-5^X3$(!?WjU(%#$vBb&hfY! z?n}gYxLtQ;MKICYAkudRHy7im@W}amAvmT@ zVim`~1QVo=58Y;uz?V+eR6fpz`m~_8+0#wq^_HaUf!onGlVCRGp%Ry%Oh~&HD z8bAOmgny9Wc3FJo2(rvSL&E`4UQdX})R+x)A#0i=%%-;%k6ZCySRodsg~{f7tbFMzm(`Cn(VAQ#+_5a7&r3j z{P1qb2Ac^pF70sC3`<@&BJ$3z0=BG}kAz>p#%jS2ue~YVNa5ze3 zk`~Err0p9>J0Ha7@y9xut6)ucF4n%&7b|!wre9Nm+YN!o|_3FkZyB4>|i9Y@|H*0 z+~2aG?h?(opDKh~SP~@;_J3QS>C(;HQ211zPb8GwUth(51=dJomc+3+O72wKOYLT$ z8n)JS^3j`i&w}-8+COyZwrc1~;1VzGv^77=KktLaQZ3KM*byM%1zm%ZH+ zsyYficMx-3Wo}T&>8mr$4)0PLMe76T&=XAoa0`|rE;NejL~P-fsb$Q5Uu1<@fkVjE zv=>(%{rYVq^L*7&I-^iW+l$&;F-OkOIXUChh_rBlC(xBIDsgcjX_1p*6)sRyuI~)f zwZ;_)rR6eMtezDfQ8L!!sp~p8DTol3TulqNxE55&q^QX+8Q~SgR{=$A3RjZ-N~1c- zwwGVLinttJ(JI98aI*6r-B7sTO{fZ9gtcBR=)qAwx|g!H^og7iCp(OYQbIOLX4_J? z+#o%DU7GrTr6v18XE2u^q?wA)*yUWV6+3q>`8wE88;CzCQ-)^Ur~cgaYF2e9EQfNi z!#)cuB*j8!7CG`bZ>6>+hil|M!Kd)rmUy2~nY~GUZUq&Sj9vx__+CxJ&RDsMoF!32 zmuis^RhQw|NFAitew;!6+xg0gV9yfklB0t7CC`NyI16bp!f98xahd9#eEdUWHMfnx zd)<1Hc9+UJi#+*Mv!KxezZm<67yO{8YE$;p$640vnorAjNn1+6(+}*_ScVR(R!BD{ zI#;)^o$F>RntLcmYj4>=tzMyC$3^RR8)>#OqaYj-eXWSWUL(B^kH}ov+s4RIwdiyA}B>a+Zh(r$5uf;SHJ2o@%i5(pOq^k~3Voo3@U4m*43uQP1wlYMbw=(Kws_&Ui)(s8iYMS=0)*-CUgfNLm1#+ja{g zF6#2yVXn*_1OG9EyqFTr`o}$M$OUMSs!u9$X(GG9-2Vy;{-)tPOQBx0<(A#oWvCkc zJ5&tey}+42$g+Do9k zGo~3xb59K_BPV!0u6293CB;Bae8;|o_u2BxfZitVZ!BBqB3)8MbgTo zGi3d_o`t*7#qiE6MQ@6O-7mY>hj)wc$|q`wB|rSr?OXJpd+BUr8lGc!=al3Xg zdLpXS*>l8aZb|y25l7dP^eaNDMN1G9<{ljxTkM(s(wxHoL{kYB&!r=JJVkXjsEw)p)qiuG{ourda(ul zb&@@OEHkf3UX!X4%n=@CzyjQrLlW6zM!LEc@jjO0H__ooBY6! z)iuVR&)K=YT@A`aMzoN68($xv)`QW1QVbjii z=>1S|AS>7zoIRGd#Co$zv8DTa_vznFqGY~=C*1SPAT_ib?4;i~xD6jj2dpsyUI?f%SXqoFc>K?}r-UPA#O230* zqI;pLsMnBFZ`AqtVUiCB{Ll;A^UlwHr^p{-LeI6o#q8e9R@7F3EI|i_gc(bxnGdoE zaC8NB1r&>9@KHCYMNG>7{_!(awIF zVT&b3d;pf*hHih_b1pt9@m=TyOV>mXdQorbtQ)jpX_#zyIxu#*Gb3u=iaDr$O3n@= z`H!{!pC1gKqx%i{>nb$W`MpDt$N%|SBa=5ZUbpScGUcU%5&Pc9=P29UndsjY zyDtluqee5Y6ni=|IxBVvo=VNCic``sap&tiVPd1MgpP>imEC&)6vhMK@{L;F(n#8Y zq<5^8<3daAw<5;O$(+TR z_*onVmkg>WJt`-^_Z$4B1^$nJJ+WG{M7ej@?+a)?#W9`e#J0iE^&88Lc^a?I2?Dp5 z|D48u2Nei-5oL(^agk69WMin2B*Iir#aV}iSmy2)k-J%&lsl+@8TsW{)j$Q5R1?Pp z9GX|ed)$;~(Y#+-P;&^JbzR#YR89e52^DR5tw4D#K6QER@mz-9hiutkT};gazE^e{ z#kt8@vbT&-|NlQx5!79T&s}2`TO)JqJWESj94UXfiPfH-mAK6!g*n4tDLf!1mxblx ziXa?B_;nrYLBBgwDE=3&nVn~k@uO4U>N;?PveKkynf%jk zEA3Q(Xg-x5H%eE%$%TV##7kG$!WdY$#1ZVGjLasHO73zbBg!;YR@@VF`$P$T)mJ|8 z;Osc}*#7s-`hQUc-0qW4k_PVkEVgT?TzZ5SSlgw=rch`An9R?(>1)r^457x<&i*&~ zblZ!?)zck@&jc6{C*!mmQTRQ%i*9ka%;F~N=2BeM^45!^N=&nAgDUY}i}pHw-04q1 zG4IgcX8NoAPs9HRAnp*KTQxkh&)FG^W-JhwCV$v77JX*;BU*0f6@9(Uog8o_*t}e4 znqVxT;&M6TpKNnxbXzBy{RYlASr{J!Rp__P@A2u|hTg@;l7otAB6!{nA1pmtcXl^- zDetFa6E>&raQ1?~Ej3=ld>VX&7Do`B`hJD3K%MWycM0c$$GRsQMT)SR??ugNcjTP8 zH?29*m)F_J3%Sgr)xthKk`h`@J5;&ix{Eye%K1veVc1r3#T`2Ig}y)wZ=A$@sxc*00t}JL^TZ_-owJm^B`I|~+r{*A(Y}e~-M+LCl22

    4LM5#+M+ae!mWV(zBk&mA!b+2LPKfc3f$T zN_?}rp8>@YV3Tm+G5aX~;H2JKWtj)qznU`L8MOTd(Oefm*Z{gd~A($B1PIQa_>~yN%A6T zb5h;%9EUT!a&gsOmy6_sTvhNqMN`d5hE=0A%!qD}@jc%}-LeL(toBXB3{P*i$|V>r zV|aJ*P&atvqz0F7w^81&xcoD3yHwDpM`^1CdSfnc8#CAQ=afY+?ih=fjq2Y-_}@BCF}uRad0P78 z$X28Hx+kYQW5f#XTU@U+oWBBi!mr^~Qfd5lU%aSg=D#ucU#?P7K2!+*{q6}`7sh-8 zBIZQg&8hStuu#(h(SpfA9Xa%?-|O8jQPy8}uLAkihxzzFbv_{7wKd!!wXUo{e*2j^ zs7PM3{g&@Ll>jU<^oK&@aI%{wBrr?foX(L+DmWwAMBhT?O^jNx%?Y}VOrvpZ=Qf#e+$ON^cSj<~&M_A*PLQ*U$ZlwRqMX z!-iloje)skBsf|7R(8)`?%6wPe*R!Zg^@>=8u7+%y_Di~C+6})Y9ISXZWlW^Vk|i~ z;n;^fl%Rj580B-;-(HEoe|dv7AL=9G!w(Heysw-9UZ3!|_x6o;fo=Y{RbmiD{Nd7* zetH7kZLZYaelR%q;&`g4R^ExNW_##e>Y<}VZu8KHe7#%{@WL4ouyE~@yAX*|h+;z? zx|EE!ook_c0PBns*tDGLt@B2sY(1e;41V56q#Z^0lHC<-BjeFO*|>V>B_$1mUIY#UNaaMR5I zx+j#)G7X7~zdgz7MZUPrDp0E-J;iYkF58FIO5S;A+E!KyBOJ?Bg11)cf2yujVTK+G z)5HkVMASak{Re?@o0Lx)UMg6aL*T zK!)SH6IkX8Hhz!*vVAdb;jsJ3K%PLzttr?C404*R`)oZ?H{oOlrzm|0V%gQjlYiLM z)XZySJ|bl$mHJ#)&@r~I3~fiTNb!3}ejH4BNe)5&RWBO~9YBBUM3J+0a2t!BYqFZl z<{JeFmul*0Lq(2v`iOT=N6lgjPg#HllD%FMx`q)HKHvAb>;EA9Xp=U027zkAU(!Gr zVox4PgGhKWvoI4#Tnx!eW~i`Vg6A%poPCS!Q(5E*K?=St>XN!sjkMfJd&{CbU-}1G z{Rcx+qHxs;s7iq@J8qw9idOj1Y24sOuB?ciP+=BD9C1=E;ilDd^om#6x;(YE=yB== z7U^gqUbpq%nxiZ3pw>yPF#?%N@M=|Obc!;`_eW@kDoioyuF$02kN@a^Ez!^SVrxED z-_yn0tEM$|82{i~Y$9vxh4sxQi8c&O!xDI0jDybcR6&rq+mq4HQoO{tg~BvKu`}0h z0!n-n1Mv5{EYw93&@g=^CXnIfh7LH6_p_xIbj$Yb&xrLX-h~PAqD~GNS}~E<(|+}Q zPQ4K#p1VC&#GLdmtJ`d{*Vm0D2fj+uN501F##|oklKJn^DxB;ddJ+0um~SE&BHyf^ z*92{HGQ`@@CEYrU!>Z(5YI4nC|aA>S|2i}(V#v9+KE!>nMjV*ge9D`?kKuhL^CxVwVbo_Yt zQOH2WM$mUVe!i>Y=nmOqwpKG|Pd_0d`fHQzKq__G?PiQ4uQ^$9dc7?Ixf#ZbM( zy6D18jmANr4DdrCZ_W$qpkLlqhM5owJ*bc8_DT4zG>GCGkBwMVdg8Mbr62Tu& zr5w42aaGHW%ftM$EgN+Ya%Y2XLnl0*nI#ZQ9vQ7fXF~i2nKQKlLwQsb6w$?q#pDVWZ@3pumw1P4)$wI0SXb39a{F-aB z=t7AUU%>rQz?oc$QSwi3pFix<+GOr$_8iACIfHH{?vR~J{Woc9_Cz8WS1(6-Qp{ZAZiFFK^O8PS}qxqzm{C^exQw1O!-xnKxZ zqPGG8N&GlaQ%#M$41Pu3@ks7Qwd2#}vFuHFszPNB;`lIoGHXunWXfqeGAs8l9Ke6` zqD94gW`gCjNvY znp(_fB=plGtsZ5KrkcZ?8|4NwX~4Q8IWw^H*;($Dc2^1VyZ_w-u1oqPg05TbNbjJBu9rdi%Ryy*`==!Bt7~3-b(gh1!xPy%qFwW=3*)f~8}Q{|HLI zzePj)_VI5_`f+}dy;-E>l%pn5{N)3?I*MN&D9y7Q){slcH|i+d&zAa-$qI>083DoRz{F#a*j;f;h)X76b^N`r4&tBOf~&RYzb55c?nUb*NJ zG9p0SNWzN?Y;CL9oTM1v(zpl8kMp!PpOD2U>_i+IV>1J{isnus;?#+O*+Tmt#Ar45 z_rc&t9d;y6ZzPH%^6&b8;1_VTaL?ItZGjqX0Er~<_)2aXb}kohYZm_&nELHYMSAw)CDHbl4q7ZH zM>uP#5ZS6Lv+BJnF$N|4eSDo~v+5Y&&dWgI4>Jm$W|(6|9~BNVZZEQoxLyfRsJC>6 zv^ry_bF{6@#_f~m0JA`uOJXOiH~4uPtqVIELw}ud_?!Lc`vk?=i0Lr{p4CPy<+WPD zcNZ`UUw^u^s7gZ!i=*^L_!9}|`t-`EN6dM}KL9+S__4}XxM~O=NVo<|_sy7EiKRCX zD?tNT5$W*&eq5Y)f_#t_2C4G0i!1!^>KZBGK9m*MAHFrQ`r`!{Kkb}f=|tDXCA3A8 z`|dcN_@N zPII1TR<{G@fbubQt=`uX3(%i$jQtE4(j!^U-2awv#bwnw`h2>yI|V%ZzI`IK)zK*1 zPFxXlBLUjc59`~7js$<4%9@nfWMaVsHY!VpYH8b8flvsS;6vT#)chf8!y+v9JKBwB zV%angq%g-AQ?8eHeBEV{o%^;-DfC%A0kbN>a!THm`BR-CY|oH1?P1GHe@xbKu}R2=m}&7eC!RHhhI z|1CiBXLfAhPgDhT>6a$|JkF{R2jLSyl*_cIA4q{pnmWwS|NRt(sH-jaad8;Rtmxap zrv=3b|FxsMUSItSjQV_GB`yiKj z-w7)BZNsq^hrT@tP_*M;hU;T_eS6~h%xbqwLp-zK0}DZvHpP1s9&7!*_(Mr}Cx28# zi&L?PB^_T;JdKA`Jc0-WY)uEJvd6|YJ$?M>9)oxeWTsnm*}1q&Gp*}d-FB-c%B`ES zq2s{Mnv};%FT~On{Ho&FPr;+s*Lu+*BHb4GZ%5P!-`?$iGZA(E zBS?FVc))agWPv~P&+7&l#spXxG+cFB(Wv(CT=_rtPFS|m^#cGGT%DfZJTK4zJx=x0 zXSGP^Y%gq&>=7(=@vjL;MRleNc}oRHlt&}a?g6&G!Tr?vYz*zCQ*{F6gO ztHE?PBoL()*Dy&0QNr?S42-96;Bj8}<130h(#CznSbjaG|M8JdJsafqO`N0GTo#Od zG3q&U3!%F>2Iig1UduW3M9rFUbPHr*9%m!e!J%8)avD0fg|N0)Kx5juZ+SZ_{`JBG zMoeeNPf>_i!#w`q9QgPhbX!MFZ5-3+eI!qV@&4jDc7r?6K#w+khvNIcP7K@%tLi}T zINTFw4WmpdO7A*_+1Y6yl~uffyyaun1RJ)v${Z4I7p9~s0V?Z=)ED>O(FVQ6DU zz<8!`^E#@19p7ciuU126k%H4;ye*mAN5Z(bk15qGe6?+ikFQ-}#nC}czp~EWF2nKL zBi;8M0G`Pp81hTF5+$Phr7{aMJ+HU|YwJ(QGxLOc7u2N|F4g{UCcYd* z=LZqqR?l`TrfepA47;sH5`Md$tN?~D$o%?zZR>%q|NNW~?<1lxtv}0~403m(Q04Ih z276K+O|drAj0Nu2Qo!q|teIW_cWV?=m>D|+_8I8qh-k6F?DkzMc9wYTSY37Nb*dcr zQZ9VZwA)Ku{6OYbsgHnMg7vc+H;gB=%XuS404P!$4(jGRjTyQ_VVkvjFjtw|J?zUt zXdtWA3|y9i`+0dBPN|uH0qA&XP@G-HfxaB8AkuEviR4g zM%e;t1>BX?F;7=?2scHnq|%$%Iu8WP+KfPVXx(xfV#cuwg*vJ5A_Vzr2f@gQ>mR$tv_nHPs$4g}`Q7PTDx8 za~o#8{^J8sgpaNr-ucaBTl{5{;EBQ;_1B?o7_nA(O8+vg!793Xw>e38!MI*RT3BSl z4<*7L6+FF>LoVu@I_7zdr0~J>heyFeD?3CD9D5aY;cxy}pRPZe#5|S8< zOQ6L9`X5aCin5VPl^v%=tx1n9^zQ?Z(dTJw)BSq{-UYbE`2zXnVQf@X>O9Y>JDyCM zz_zE@PKd;l4F}c64An;*g>pCkoND{ek@=es@H@T+s#uw^(+`vM<7q?CaW$>!tt)t3 zc%mu$Wh19;-x%PK+1z={9Ol3g@ycFV&~c(Pe$qa*cGRiJ$dNEa4v2q4guF9Op-%P& z1M^%dPmaEyraoYu>MZpStT#}jOP5wx0-~}UAla_oeV`olk`E{eZ(an4RW5D(gQ8Tw zw1K;6uzD;x1KAT9a@I)!{^97f#tIB}wz2FqPJ2|~s%@)`?VGkGkFz9Vt8(71D4&rX zswKWXCd5NzUoix~pR~mbt3p*u@jUB*|f!`X6gaBT(#(E2mx}!?%8Ojji)2~YR~l3_S)p_(G%Aak<3q%e=IEZ`7}Vf_s>f2*A z-FQCK{`gszp4$r_z)B~Z0}cwyZW3S@SsL0)xWzP)Mq;(g(#-Tnpg z7(y%}V@UAmWamM+QCz`Y)`vhEudoS=c1)OLgSFjPt}UR<%xl^ga;c^IC&f1bR8zfs zL4l*3#N1E~sSo(pc={vuu*;`-DR%=|OJk9PqTdMj#;h%7hd``%Z!Ofy9n^<<^k$10 zE#wdLG?71)!|{9^!gr!V4?f$7xde+R+jz##mU}xrICBzG_y-WzCRS`cE!jhXF2#Xu zqi6I2RvRV|R%Gr>%=4qBR^Z{s|!_&%DyA$t#nFv zcZ&!}D%~J09n#?j0qO2WLh0^Cx5(V5@O`TpAruXC;y&wD?4-%mYt ziz2ziSP?KE1)$O!Swoi?GXAoH$d&<8*A9Xt+;P- zQ_~AB<)3lQZ?5N;OMMtD+XkQMn)WOAUj0(qJ)I4x7g`94!@Qnw|K;E%xlH^lzsvJ?uTRtL)5B-VCR!#~L6VTZPDe&T3- zoxAnPIpJHuw#T(**6MC--gV?0F$#g>g6mq2N>3uyJ)pI4yb%bXV5fSaX#9Kot<#?d z^T-&mRsKXD?@0?*oD;^JwTfS;+2fdGx`%oK&S-;UlUWIqogt zJH<1g_>x=(W@sVA((0y_rzJg*1!m^)o?sWg01!)4N=xWO4L5jP^qU6dOwJ6t92MS7C>=34t(D1RKU z6E#4i(6MJ1PPXi;($;1u=Z0u<~V@W!X1$e(LH!R*+U)7)v zhx+^y%l+;Dg{_ygh^N+_uElI-g$0go(yZDl%m52@d)mj%}&W#lA0O5Bkx3=&1 zyZo)j^#Q?={DV$r5nrdXi`h(FCS6l+ufg{)v>$FEB}GsJ{qGIRGk3D*9*u@VFYeq{ zhH->1OE^I0+;hYX5D||09esL_BJ!k5CSPl|On4rM{vc1A)XjF*gKLn|lTf1as6WG< z-0i8Iv8uu!F3BAh^EllYEUJP8$tia`CHL^&~GnOHiC)&$gExv%iaO!EFVZQo=PEK0RK!SJ0ZMozNf~((l!{u$sHs-y1Ov z2=K78m8?>(s~yL{dHw6jZ)+&v9*@yws(Ez$uNM8uaTOB|L(vVaV=* zs(AIq?Dz>jeeLOUTtxp+!$--j*^^v}_ApbhA8WQ=mI9z1dlqRolhNGHjxjR&w4XKD z0A+8f^$kF7?yx*g?70U(fQ_pe?;?`h!JxJxA}|I&*L&leiszNxOp30^19*5i?Xqz* z(Mbf{t581dbx|?huX|Cx2gvoBe?7)+KJwcGIE}*>01bd0mF8JkTkTquOgV%u2Px?o zya%`;rF(#?+gqpauO(xR3vhWBJsg|>PC3BmcFp;rg*f{b*d&8K1QBK4>!AoQ#2KE_ zSjh@z?qdcL`Mum^>+)Mb(27?8kbkQH_#?unI`r1H%l>;1UFThgv&Z1-&oWXHl3knY z0qZu?<((-4@`A_TEaP>Y=w{b^?DPP6xoJSBHFh4*VVw55**CpQvG1ds1`<9F#W;j( zJ%AKHJu{QEPVBaoISq&pR9F<(QM(VjFGSC~tcK#F=-#g2nu?rqh$u~Leu{+X+8OI~ z-42)vbIe+lH1)B+#~na*aM~@Z`H7280Btq~Wv7op?$5;P7gzGnVZAQcx#AH3yz2}K z15i*)#YL|OPrt8)lnv`$rrLb)pdBFPd7hslf-&|529gMT;0{;ms)+VI+)|7!JZ8kA zW6yiR^*n#Tf@wtnh8gF_R~eV5ty=wTY!}wu-{&Zk?Pwldw`O<)^i&h?V_a{8AvC*| z=Fc4fS3EftSbjJS2*0G80^)k6+TV%+-DL&SL$}F>avIX{q}Fz)ed6N;8&|I?h#<;oi5axiz?7HoT96^@#9zz`O)5 ztzVai@Armf)f61S0KagUdGro{*u|eFx$&TWw>-Xajmmf?SobVz5BNu$iygI=dfC;L z>0vLY?JZkCh}ww7b6W=fBoL^!$kXsXSB9||CtNu4-&?%jU+gQ~6uzwMVolp+SNh4F z`oCS*sbogDtKZ%3V3@Ig;oO!GWAj+~94!q3tu+zMRLnu5FwgV$MtO729g}icN5@Vh zuzb;bo-Nc^gR-hyqh3?!VDT)J&x@G~VeLfuj7>U%ELBp6plCng^4(|h-JaKjT!&`| z^G^AKH?NL|P|Z3H(DvFzYXPol1)$C;lKi%r*-TM;JJa zrrvjx-c}8yBc{>OzBM3g7H@Drhtp@5JwwvnUg~M-w(~BiN0R=$OJCZUF-V%hgErSW z(ka4o($F;UM3}ZccsRN@Gm|DZp1WG`L04#4X;-;CP3Ec5FldC$$uJG_-}(4lJdJ?s z?V34znTrGGmgIi+rL!YI)Vnm~PX_#7R{Yx!{UOBK)XWN$r-O}S5=l^ugBs6%EUm9^ zdJveD=x!2{sm=4^o+c7JE0BXx_zlt=lxFLtSe4}4hkRe#H^j6fe$UeFZ+YF{aKJ5btO z?v#VPsG%IbD4+Qn{n zaW##dVO3vp(Sth@3|RnTZQ7nniQA9TEb&vky#L{@qcHJIUK)IP4>nOn#P4NSZngD` zYz*gYLh3ZjV@}K4Y2pI;818>0T*}I+)n*H?gW_15{HAqT;&UnsMBS%?0*Li>cI?vr z5)*wiG81k%elPI5D#TknY&pfv7*5B6&va2ngjKAv{Z8n%8HZwQ7#c3HCs*Bo`CoF3 z2oc~_l>?wIRQ>t6pk~NXGecWn->Zvm@7wM;Pk;$!Y~y`1YZVWlg5|Ya*tPW-LlVgJ;9w_nv?{zIi`fdYej; zxMmY`*#Wq(!IwgoFOLT(V#YHbb`jbz5XbqZ<;`EFL;I9!*A5%H7Hxpxk_B+y3o*B+^75Z@X%7&R&=OoU)9w# z?ORPh03!Y~)&z3`j)fUXAPzrcpb=|K zt6yinMA>4m~ynRyWF-v;e7?G*^?Z*Qg}Ck5>ROPwTo4=x+Nf zJDixhB_CwV8u+vDal3lnt0mte{1ozhD0nzW>e~yOhic;fV?P#;OvbMB{hGxzm2jwI z=*oxt%NCJY_roTk-U(D98i3nI876e0F5@*(krvCA>o6=-qdBkwX)Ii<;I_CdeTopd z?GPD|Qv2;y|8}X41)VxbpZV;iO@-l8`y8y2jc^9EYigLODB1qAfYIZZpElFMD(Xl; z2U|VJ+$a=n2+@GC$;hRr2$=R-GL_je?Ou^fXG!y1`y$~HDnQ=&GFGNnPjF0!%Ov3A zA~Pm&3~ZPGNUM#EomTM;Ro9Iqf^%wZ_$54W2|2=e%LwLll80#HQm zOrc#l1JsO}X8{#O#=zq)5HZdipz+YiY?epDmgpnlg^gQn$X}l=**uaTw6|rn^S?^lOhRN!U3f-nG7B zY9SkEb?1t<`JioF;r`@Q{hrq4;&bHVJA|#RAg|kvTy6`_%ox9bg#AiUw`3QWp3_wP z`o1huVUDemSd=~uzREn^B*0!*-1(FM$gsn)1FB?>iDRVeJTF_pA9S#t09XJ)RU~%+ zOSRLQ4&Ij#?yQOCOi3>}1DjSRiJ6vBy^nlJ2fWtRyr|rFwHA|#ik4HNjPugm^7%wu z64fEvL({;LjYCrw*It={%+^zg{BH{mdfkabBaKcna)`*?eO-*cxJ0HjN# zodMI^8nP~aS5A%n$~;Y4Af(vZLoUi-wCbeDc$739wc3T|)fvm<5fy@uel85A`6Jab zDH17eU!#~C&Lo>U(IHV!g(LvC7b{cnDX6;V`D)XnPkQo~Q+1Ga?{?Hm2(Li!Bnd)5 z1f~~HLbC^~;I2l7m1N-bt7%+kng;&M*ZmuHuG=ztNq6&$cRJe%ibVm~?TfdAi)%wK z$fH-8S&!UXmmv!AJ ztkKhs0Xc|87Mb4H1afVueEHxXt3o7a8StpQ!OHzWGW|;q|67a%sMk7j*~FZ;`z5Me zOL2T$A40~fw0(<5oydHmWTdNk7z&G&MmV+b7LXs!HQw#pkkST^J^))> z93Vk;LPZ;}PGGDy8tN(A{rDow-5858u8w0QvDRxL`IW_oyT$!2xD+geJrX-0xtJcs zuyLQAEe~dCo*KJD?M85NT1r5e={BGcZe9U=NGL8BjbDJ^8u>H;z9aTLNKQqqV(k!x zoj78rDFc#05?~`@%%nCjVr$r;>%Om&s|Pgi*12$P184Dih_Jr$i!Obz1A^FT%qQac zMg8>~NfzZ=Hcec!5b5?EX53vQhW|d_pwEY(-zCLWa>Q{|u3L+@kFUJ1Q&@$JHLj@r)f0gHRr$piOC(R{w$H35QLh8d?Fw5Bpf(ZH>L4)ZzDl@g zW`&}Rfax74Epq$~yWcW}bmhY-R0A6kAT%2n!r@1119E@{%@b+EuasfK+CfWN+U~)D zDClj6KEdpx&5n{Y?@opo0J#GRSD;eo4Y1#bJ=BmlKa9lKr1k@T7!7Y}+tTSTtCw5S|-DUpLqs&5{Nm@ zo&&9`IH66x;a(s?Zh7A=tJs=mz>tW#r>{8AwDMg^VbJzD?@13uQKbL_M%yyT79h}T z;Rk=@NqNSb1QYNWo%Cj^o1KVfWLM6{Ejo1ZGy+IUPota-GDx~VExo`D;Avb&#TVeT z9guo2843v2LL&CAVqCkcJnw572dS_8p5Kfeng086{s_yTtn$3mKpsgY&yU&8wuZ~m zwT>z!Ya7Mb4z88>jH|Q#0F8%z%BLr4}mB_w_e0}tZ9kG)I84)Bs2fF`d zLt-Gou;ou3fVNE1U2poW^hFkK6RkYA=Z<66JVaa`#(4H6uj(oY-9!H()W*XwqYucW zgfMJ^=712!$5V?At@_2K6O%f5eu;7gdLF1*h zor89}evQ@fu1uhVLH9TaM2yGFz5kO+| zRg*-$$H08bc-Y1lCe~+>#LT)6*ON5_?m9}m#^2#K1c;bq_}8FW7~PIkR*)>d3&t^^&R#M6nQAR<}7)bs$FMMSgGP@4hu zN5HB8;TvEqA;D_C{=LpcAWd2=b7(5g)IR8gI26AMOatGy2Jvs;VV5orOWYs`g2^+N z@D)R+q6=Rwu@@ac2Lu~{j)8K*;o#KQEP^RIpU-q}{Q=x_*RTYXYKGE)fG^&TSr=F_ zVFC!G4~r%}`)?kS44N=P^he4lzwVQ77{(^C%ws6}bsWA`N`V~2*_V;7R)Fy++A{C! zQZRgJg~mA2*e`geBk-e=`?yy2d}g(b$Vq1~c$L?sGEfN+786o9t?lQXACK^oYu4-D zw$rSVC9iH)drQw ze*fgox*2TZ;BjJC^IrYKq#Vz@5gJYS8#la^ScaT!+Rdo5 zHw)ao2gnQ(DiiyIf5e@7#1{rvPEs}zjftPjpPa47;wgLP`Q2SEikN5Mz5TfasKBbz z^KzbNm5apyGVbPrN&PkcP&AVNz;!h?zoqXFZP@>-v@RRb%36UmA2xsvH=sQx>HoN% zpnPT`nXKK|jNoP+iScQi&!dCaNHU^i+!CiQ_0sh<-`qc3yfIQIEA%kcIO{g`b7iTF z6q9DK*-07~FLrKl(S3)x*f3DKNN$xAiDDB&<04et{Z@XeSN{KTtwi^Z?d-`nIfQWfkWck<1fv`7Oray!mRx ztkf76b&n#Ca>nar4xjrsIorKozAnmbRN*W)oetpmeilw&>7bMlO1EG++?M(qW5htZ z-!#aO3B?hgEydyD=f*@u8^1ULj2DtcoXMYWZ{|U4U+gt~^ zn+8}`Jv5a4D__$OhR~WhV1wmH5{82&%JEFu6!j{B8OMuf%{0T7c$DcI-z}nSk35Q- zQt~MN&Px(QbmT7i7-Yh2P9ZK<;Xw5&qMFOrwGJ-TU;4}7>!-YYOM9h4DJ#wOU9S(2 z`b7cQ{aM4eb|az2rw4yD(r^i(+TRitv1=-=m46=)0J_KLy3X!xJbTsz+z?xBZJGdA zZ8ie<8{&^ML6yVb4&8saERBGD%Yg`EM$Cfr_5=H=G$B5cCOB^FEbw|8D{tsAihkE9 z`4#WfSs|Pj)p&L(5v2V^bgG_|W`&As_>Kay_kjIaWP1hvU( z(}DsE{4g}6euyuUVUMpi@h{7k@|SmgUT&n4p-YO7gS~&Gk4JMACs^Uf{QlhISW@+r zh8LFWzsE#BZ)luSk;}I-3>U5}J(15i0R^s5JL{vkLHaIZUa$RQ&-Di0C*3NrjTUXA zV)AGl37-(1=>YyGOq%LxwW|NnwUlFyFu4W}iQ@SDGWnKti^ogK{5 z?s;Mo^&8*ZW$~P7BjC0gUinrj+Vpa0g@m~s=Q&rU`uUI<|L+lDeNIq5A0;0Ny}mBp zo<>IwexrRJ9K#~}5N$nhPYY&P$giQ@m-}){qs1ex9D8~V$a9M-qJW$_#JZV&h5%og zAkXMyrKD7xpXAi-;St8;Zc|ydR%LTroD(M3mkx^Ds=}QG=eSrtF~3cE{#FoyTmtOn z{EbL%JD!3Bl&1v7J*|p* z);POYBO@f_8s$lfCBZ1cHqGMV`Ha^U!yiVx^Eo}`_J_i3T=ykh6w*ffGV;$Eri1S~ zHF*J7RY|qv6j;5!S(s9=_;LlsUV}i{pQX zrNjhP!{g!_-f(sX7g>BEg^vU)pmI9| z#=?7qS4Hz7B+jY6w{hZG)6GEr5Q+2l-?MDdA45yW`IfT_DFB+1<4nYv#XSUTOqIh1o~d5qs5&uXkkq0&n_=c z@CU7%(V2ZzVd!wRoK2Q5g=l%qXh8nhTh6MU7!7+a&?T1q?kefT(GqP_#d4t$>-(H_ zeqXOaA2zG$eDA2i5OsC|{{gQ`-w1|9c9EY_TnNYuxJkU$f7lui;L5IOu2fT}5uI{! zA=pgztaR48L1XWr;V|sY`+u8$TP0swcF|N}_{+=t!uk;B$xhkD(zrI#H$7LX z-yHs0m_Lt)j&HKGOCi87@S&KK69*}`i{>L~!{RGjds|cGTQ=2sI>YCl`O{#?04+HE zvnqi#Knx&}rFI<&gzvrXc*BXD2md5b4>+GVdD*GNTLEqcBXk9Mra7kJB{GfpmF~2q>3IhWknJ6+@z%;>#OFT3ItTBVhJ{ki0t&hzF_+(3m z5mChD|rBkL=|SNNg3vSVG_M=w51g-120tA>gkTVQV%*;o_)4Kvi2w{@DAkx$bkP zo7(mDMaHydkDG+YP;^}o^sfk*#MGxY`TN=AVYvD4J*($2mew9&z+v{V1H*v5I;A)y z@0ugXtvV|@=}C#S>ZTI83@}THNrO7+3gNMxokR%_;jKKjrQ<>ZuIboA#``YgBwDI3 z;Dt1$l_rHb?3-pgfx6=#i&xB^l>!|!Qy>eBFxCV5Iu`*wx#h2ZTgrj~s)n_-UlMo> zIwbPARQ$^&Cp-b|03$rScdAU%#WDb`GfiZ3?1x;WwHXIKJ+%ynB~UUp5s?k?t%Rfk zhDrW&&55%&)$oK{J3E@zH-t(z?@Y=NEj299bDFT#4M7I4Q7p!Dm&U#kbiegg@Ga4x zoF0M|d%PH6PhRQ~6fIJMWeRt;OA#vBjHfA}6ndBdpAK+dQ8fOja%4OQ#3Rvq4r*7? zZgPHbO==sqRMrFQmMpwK&6P_$RDNB0qx|cnMh2)AGA8kJTx5`EF$Em?6u<%JE@!mA z(hHC@R*$n|>%nRq9ivuVY9FIEd0hADt$Mtmw`9Fmb)ziT!M4M*-S3iB6Wf{k)~vha z;xJ`UWua~PHej?XtM2O~3TtTk;*(r5XiO*#m}hvw9_ALBc%t_q0jb38RYieun8K`k z)5FAMd+Na$HCDRM;rdo+#lYpMS@)EynaH~((MB1(LIW?_6YrHMKWBRYW#2!A$}(Op zeWD2Kv2Hx>+PmH@sS%O7CZ#G^fAVi1j~n(%0AGNwr#BOoDfZ7b+n{FHxj>K;YsyDM z#31U9`}MZllZOgtX8md^70<<*!$(7{tYoz87^wvaSI=ErJjh^Qh<)ynG4y!B_86Oz z?HKd)T3MFU>!ok{v%pWsezY$-mteRso?>DyM+fwL`NYZ#1q0I|YE*ACVN;|Dlv3Oe z9h~;ZJ+0FZya&%T^72(ximrbMSJ_-@=5d2*!`&`jstA^$J_`$J<@8Bhd}k79J8T&5 z*_Mr(upM9Wt=n&N9YABbx9T!SV~a^$Yjxqvjo*=gO?nAJ%Uh#YuiK0jnzupAtu>8A zg%yant>c!uF^E>5Rv1lg+9WY{_aWM{!S3}iZ&AU&IikKqORkRkMn z+dJTekD%N?VlTVD`URu_z$#69g28IApU4nP#oN{=M{0)jk_ zZ=NWqJQn!4hemi`WG3nAR{e(N)HCs%MixyD9(ytl7tWbC(*|stq9SF%I%!a4-te@) z)KqxjbV7t=LpQBIczy8e)O5;sQt_|K$NWx4(EGw z+2sG`IR1Lh22nB}g7!B=)T=c7jPg#R?gJc8g*tZ=0=^bF_$(UUPjRZnX^Edk*R7h* zVx>r~9i6b48MfS|i=iC^3$)2lk24d4TuOU$2=ypPF+s8J$)Teqrs~`XJ{ecXLLIs% zcnQt-+$U4tc(dR2!kX0ta*`}~l{2pLi4eA^);C#KpQ7LFo@5sNal`*9Bl-(-rih`p z;gP}>JrHqsSKV*dM%8-~G&aOJ`f!ApHY+@2{VxLDi8-9DTwk{;nB3Dl3#!OCJ4%fB zTyn6Xe_KgUW-3B%P6$nBS1=S|h0paN`cT06QWS({XyjBlcS&DSr~0zg7fvuHnur%^ z;}%@YIE7_#BY@;NGLHULGwxH_+*N+|;QYC%Ohx>0U4U#HxAf%Ywq^rA{*2pivBO_? z{LdetdGd(+^dnd%d6!SvL_MF&BG@VhqWekS_;)Rz6dv|}7s)KQv6fpP_L#`f#0iK6 z_s$t`srginEw6_cly(PU(t^T6yH%Dtl(9f6uury1gND$4fOU;8h9bSrf~|0*M6kN9 z4a5y@62=#E_gjYm%jnIOX^=BoZlx~7CLzkx{m&z6|2o{W)Pn$Q>=qJBJWOAU0OPsX zWr@d(^K0drC#KU^%p*oC4U+z-Kyse4dRFAi*M^qC=v7b0E^klP(>AkQ@?9E@X78;Q6ta0*V+^Oc}@X}h>hYVEPC6|QIn<|Z~=1LGOtW!ij74~PH(8@s`d7~-i zIJ>$4)_cnBjq-5!{MgY~C4brG|M|n#9x=OxMo8q3TTMXpDj3m@bID?7atn%j54Ln} zU#~Yu`N6`sCEIq&HAbv8VVw)RO&}Rx_iW$pX{U}=?z;3DjR%*}0wQ^aXaIIOMsm`! zd-VJAz=6RIQbU7eoCi#a&V^d(mgMRH)Ya&Gs$`aZ?#ODyNnmmKwXyaAeu#()^Yre< zjS%Gq8xyJK-?4ybNwPbkZE&wg+6V@_f^F;gi$1}kpoea%^~iF;o1*xf&(YL4*aLy8 zuXbCBosy*h+dcBRX^J~d_#{#o+sGm!9#)(aO;osl-wE^ZrdlE7KK6w^DyVotD#U|58S68HdA<@M4;j794pSLf+>=}mkO{lRl;Y?y|{Lw)M{tfO2O-UU`{Btx%d&MPziZa6+Z?MDV& zFrwu7n#b#JqibOeeC)SIyos)RA8#;=MBH?*7JYd0xD}h7tyvu9(z)YPYnDE(?5$7+ zXfIcxl_nJFO0*(wy$DdUC%@7)a^RzvE`_;4W>dH1yqVx29DRN69dlRu@k}y5?#0LH z+iLfA-|6kup-AI2<19yUO&W2Tzhmv&h}j}Ef&wWc80O#?0fKepEj6iN@;bBdU?F*| zE%)jXgKWm(TYBkvwCsaQd$;Ipu5aY(x5i48G`uft#rfOb&Ms}DSvrkcv0>I_P` zT=GY7YgMSW$>Tk8SdtVn;vi5baPW}$`7mokWJCh;`h50QWfBTA9hL{;Zq+qcxv&Ib z;dJh!fzeX|cL2C-$Ti4iTUGzWa{Li9HM)6Sp4meo18*JS%5z`=?!Oz;uYZ}PiMS^^ zjksD$6xloMODeUi6>csJe)%1jropu`?ldz}XfS$o=UWqX?mGKW!ZIG+e^`P$Y0Mky7cbEXudFC+A<_*~Vu=OdQ4w)3J6|&82?+5c#fuL< zHp~}Z#o4%vF|SBBtsFjI*4<@j#n|Go>>;VHtBtVgplhDaU7ejTVWPliFvmh{tV4MSJ@A#?zgBf z*IaMjREh+(@1XB(J(f4T8flhxc!N3Ds<_S4VHfL)<|=w=GJZEQc*A_jbOmC8;ZXKU zoJ#ClUdKCQ5B&g5oNLE_tXcN7^sB_DcE#s&)T&)o%BRLb$j{XJ{_o?{L<;1$G)EzC0oea3GnB5JLhD z6W}!YRYKodq>=?#r)6F+O_6&>kcdLHe&6&w9#)Z=p-;t!Msnn(k`W?m>sn|(C}*4& z^%zd1_hiX}i`2BM`0`HVeG0`y#X;YmsT8-;jLkDE>|%jw^7H=MUeA2(^2xzV_vZtK zn!=T5f8+3UOOiFR2H$gttW9c~Eg#a|CyTRJW_j(w29%vhv^4go?HHLmjeVQjuH5(e zasxl8x88NbD28nt=tCSJDJ{TX=iSI5R-{vJaU00Y(RAHO9){~*5r;cFt34{6>TJe zo3-*k@0v*uv9D-UOdyw`oYLT1&V+;Gr25~5ci!jFSBdp>KX3Sg-W!*o|J;y&4KXL~+NC z2J0%|L&5Qcj)I6WGbuIu zQRgQJjcnz;tgmYhGq~LGK&JlwcdSA3CD|Rvw82LA+Vhet(;y1NWnAP?2@)Za?&d^J z1zG%h)!a@R?cxMg4=^r^9v?WB2ZRl;V#hckz?ntAdq=gUkq#2vFDn-IHFWgP8R3Mj4E3x8P_EvE zNDXWYl)gJnrQ6;=z*5ZUI4GWvTJOMoXF0ux!o^xf))&*foLy3oRDk~?lSo3A%vni4`9pG`BTOVbjdHT`>fm3-mpxooB1&g z8Y)$Uc3#HGd+zL)@5yrH3Fur~52tDI4o6mlyAV;8jPZvr-3V(`%e@Q^$P=+i3x@3z z=zfu*_)m5GPok)xl{B+tBj7<+em;oa&j$%O`FSEt3;n40PB`&3X)dZ{k-eWjEK{6e zlvc@sgyh&RKnzKLD0G-~^7u-q{ILNIFg?1SHwz z$|E!O36b0bT3Bj6MGaq%Q(7hYjiG2f>&%yT(r+x6wxO;_C)f^lqa9&_irFU0AGTNj zTelB&`)WQ0%$8VhcpiM>!ZS!(y^V;jUWLbJsU1I@xEFSYUzCh^?zup$0wn1uM&iEmY+wl4;UCkg5&oRG7*RjwdV{xqY=E+CgT^-&h7WYrCYYErJf(zfLES{BG&ROCUtCE@_MBK&wo3irN0~$uH zQs0MsHHIVn)P5kMS0maum5W#NxZ^J#LMc&IR4G$y59kp- z!VUd9IJAqHy_j<@8AGkH5I=3$;vq=NrF5sC8Gm2lHqEbU|NJw%sr?BR8;liMH}6(L zkK$bv#pn}35k_>hBQX+AV4BC7hpM*iPX7QQc*)3?2+{-#Q#Obvl&2XW3WDE1b(!+7K3p4!TGNP?W>INFGQiO=IAaDLaV@7HI^rlH9Ftez&T67(kTauZTf_h|ITda@ zdDBX5KBCi+*DC?WK4eRC_P#xO$Sv;lo$p=P>}YAc6!_6A5%b-pVc`Srv`+o1-}vGs z5sOF@IDx06tXs9$p2uv`LVkgJnKv<0HL0l?ToNfv&V85FEofNRO=T7HAFcYAKk7q+ zR-9PjU(lL*4UpPNm4u8|6AlJ+)jn9fy8DhzeC>u;wb1_dIuOglAf9x>a9Lt6f%m;; zz}YLYV>R%jPEv``rYcEw7co0dO*%iBYYja*HW3!q1%`b=$b;Nsb-`W@Lh{xe3h9&572QwI**-i~ty zn6sh3h2DNHBtnaRlVog%P3A5=)gm9LwQ!0>dIeEeb-x;Ix-paWP@5QlWy?YN!;4aRo9_5$@qj>1v^MPa) zrP5SE{H9VS`EBAIipEv-E+>sma(zunoC(WnS#jOayhq$6)v267V&k8c=l}Lhh2$gG zUq+Fgm5@#aUaU6D`gyq~vlzy0d=(aZ8BG45n!uBD&nxe^HJmML8w}l|>m`Qc9RW{N zNZ4X?ktFD8(gF`3Vn%oOy4p>+IMmb2req}>{_xSNoe^q3o^*)-B*+(N{$MVgt}>>H z|E^l{g)bfZWyY4bo4{m^otZ*G1-0RQW7lngkw#A=NH(fkqdO3p@D0w26Ep%-*EiL|%*wX^3Y1>IStjDTx*EG!U-`>SIjs4kOg2J2% z`A|nSSD^naWhzlJNub?&G}xYqz8EjcZ7hm$Kdw)w|Ln1m)8;kIdH=eB=#^Md%K*v@ zr-*4miHSoCj-j7^|?p&Xx^Jj=f@Q)_DgyaHjh6 zq-Gl_c>Q*>#+m!kr5ornOnIo{se0NDm~$G>OnIV57{*FCW|)fMi&1~3nNv8R-IA7O z*V);H>Y`=N-zZA0bQGc)XQ4a`TOzk!cIQ9Tc%19UQ{|@_xrqPFQF&cqHAy*hpOQYg zr)C)@3n*rEV;*sScp*79sOYK|en0vdTSj<+Qsb6!;u(-Qp60nUoR@cHb;_2S2?RzW zkdS?Or_5{sDt<@H)&O6b2g349)>=4;8)UM!3${wku=^!= z5QTM0X@%^}-LL`1$nQS#LX#k5Z&cO-W@s%S%#q0QXX%k9`B5`XBg#QM5|6|hU5&@X z3;0WwOf?_U1Y)-$#{HSbCXIX=g&eBv@ZGxglS0zCQLG1CA)>0nGD_KDd0h|8J`q&O5 z&a+~e$&Qx-Vm?qE5n-`z4F!;PO##DX#jHp)czRCib#Y<7U4?hFLIL;ejTB$rXZ4f zp+2aGIcrC=KK`{i5aj`14C_k8e~qX=&a{0mjKwwM1Jef)FCPOUM(_C0aT40Mx&ts> ziS^#qIp`!BAk~7HzG&k@7#&-o5p=yVW1@Bzdq>jAoq6<^d~U*}#xYK55a;WKXb9~= zd)nbDl@v6oCUs3V)~o5J#hqFv=iE4_bwlzr`8-B28QslP;jxvj;k`<^_9L%$==}y) zt$|TN8jiDF4G`8|t2Bx3Aq~H}h|YAFZ&N)(sV?N*bSo?YsuS->)$D-X=+h5my`(g* z)y&c$wCox+i>{h;CnG5|NhxRpW+^y*LB0KVU zOVz=PfbWKHYQ^V@Ue7&A8$Q9@-Y*J^SqOE*hY9ee^ub{@8uw6-`M3d;9{DfgQIyGA zp)6d@eUY=WtDvZBlgT!`XpFS97GQ_gw`u&P$M|XQi#_Wrk=ypmYf|(T+J*1Ei0&0w z#`?ps0e=_9qMvk_K6-_6LtQGJ7JlP;6LXqQe7n+Jdz7ZkV*XSNt12oq9N5b;J9nV8 z5YANV@VwmB`EqRK(p?)8Vx_50f1g0D@>QmhQ)nxyC4{E7s?)T7~-k^ ze+%g|{2zHsE^irnr7t<7c)57MwYbxcWcp`2{#jPm=LZ!p!b>V9*YHFuIQB%7mJ3B) zU{l6byInLBr=RqKSK`ZXM!kYiyfv;`M)cB4%FJA-xibx4O`$uyad~>IAhEDt-S=j{ zxxgcxK!$yGFm7T5_nEOaI-{9aBB9@z19NE6z(1Y65|7PfMXq6#ZlI-oca0SSNu=@E z<>Q%HIsLSO3oiRprW7GNgNNS3aIRL}H&sRk=4#BJG@^7w6zrv@g?ihH(M6`)&StPl zHDx?qnjjPRt!2P)Kv?$d{DBk6lI^r{eBD}ej%a{kM{(FMh4ZEFSW7lEDH!oB3fk{~ zsE}+$w793t1X{fPGkLQ`L}Ub84HSVKhz|W_+&RtxyBJbV-!;b!jXn?cLJr{kMrxXYhIhDBx|D1b#zSIo!uf7X*-lNr?WPVd2Hw# z@7r?{C#}oH3ZCiVaC`Hm)8Hnz)R>OvEjDvTS-D!UO)x;>y4GV%U^%q#QYu6m+C1m2kh1CV-T9FCQ*w;#EEk_2h4NqKRe(cCakS%b6Xb2(}OTptst#ul+}L8 zZ|gjkhmP#k7{Z>;4EIS^Ozgg{PmDkxH1{eM)W}f14l&VECm?Ci7XnYy%E6O%5RC!+ zl~T8{%E9>@$5#kH3%=RjwBW+)0H>_VI%kmq{Iy3>cXz%f53N}#eF1k7j9SWFhF0R` zlCj&VbiHnCX&o%eIlO|^dGHURM^V^nxs2Vzwx*H6)vhB!_W7rHQ-h{p zg6+XVomiA};L(zXdnEe}9umQ7joof_pzbdNmXe(*en-f?8@prtTYbcxWEJs{vP@$4 z(1sv;=&%`hL_UgJ>+GtR41Qs?apgLH11n znK-!9Xxt@EwshqEYbPO;R}_nJ@w<-*V+Ox=VCeZa& z=dGOV&wpEj#oW4n5BXNLY=Vo?#imbnMP9S7uizxIAoJWRW^c1|=7C3d6r6gzEEqM@ z#MYcP-t%9rn^*7e$z8V3BnI}6{Bsfk_Z%E@9pG5McG^@EAC?6$;yQ#uXlI7zMJQae zgjr#WUaWfZX@8h@KEH>QU#{Lrk2 zM$6l{kC0S}NC4{Y_;?D_;?b{W7!7;Y(3Pm|B&YfFarFCP>+gx?kmnm4CSvIU*dL)59rTuzpZVDd#YZblaUKw)I*s*Hj_Dl+?Y~DYxePVxPwz626!!&FDh5 z=bp4l^`-qxj$Fk^5_!MR2Ft!7JFZvhLUAOmUdmQ$RrXJ#`x6y@?SuaH$6W-+|Hs&S zhBdWr>)(nnn>@R(0c#@=@4q@ zHPk?ocV_K%_Bng+wch`}E1=JmT=%_VBtYT0k zK#0^h)V*2>Yf=*SM%KzTrWy#w>7)eAk9_(6t6BdDnXF`nL|VE;JI=#^rT4|Z(*hqixi(7kwP2 z^eCjrvm~5z^eG+TxPp00AY-Lqm3ggwjpg?$-tD;%vt+MTpTRYJZpTcIbx)0I^!fGV z$*_wPB3xa~(%mfj|3#;v4fvfwU>D$bzDoL?3v@Pd!zQ6E^>e`fmAR8eXx1O+9{Eno zO~pq&-tN~n&36||BkQahamL8h93UFKzLLn1(>&I*G#bFVjz2z?LM{n_6F@BJTI48@ zF@h((9s1W}xGCYUO4@`n_T?bOArqHDS*%i9A1JRKX>5P(oawgiL8?Z7L@}~ErHVuN zS%TMu*L)oQxO@Ie;voIN|M=5D<(JPz8Ken<*EC_}NMeT}n$_lpSV`sM%7%~Zx@Zb)pb6pa5_osn& z1Q$JBqNb~|IzgqbyOwgG^uLYtMY!~!tU}X&C%B1mzSoNz&W>)38Hu(3cKhN)Qcr)k zrKj=c*u$*$mtd#=_a|59?%$u7sa(N0YI)QP=+_w?r_{U7EHd)(GgowY>tbv%o~$uX z#rw9t2}lm9sBJ%knOays(1#&<8nv=QzAJrJH(gbWDiFf%WQY<>X6AVnuPHg z0q{DaRGXdd2jBsq9=Ea7@n)n{MZ$ssOBKgpjo6wzP0>dwYXyzrzfkkYU2m;&uex1DpS6Z=OVxEZh+fF;NC~WLUQBAy zI%RWm2_XHM?H5mL4<#$cjphdv?%hRNW5enKfUqL^$^7ubu>lTaY44y~ayE;1G&N5| zTmQ3qiE5wLx8e3@CqHE?1ni#0sJ6ZAT^5x>-34P=vAN+@4R}WOYEOEnLd|)-H243a zkNFC?pOPD&4x&zCgz`L%%e}H853eGbp)_0e-&=6U(85?5g1|uK*Lc*a`M!Y6f=AA6 zeOu3=&7QSUvh^Nvv*lZW4*BY#Wzg!uMmmM2-Dt&>w3cIGF4B_KW-e_&e!&Q$lfMT0 zF`YMyxf1xh^XqfOpnSRABXfHhwaW{OcV7wp;w!@~l66IL{FvwGQoQGeDvKWy{4XRU zQNMf`#o>JrT;|WS-M&{hDJ^}W^Y(HUDTd44MCmLjnI<7`<1Gfw+s{3>vU-Ys5q_~K z=b(F&kMyaV9KG(cJ&Yd)NSm2ZO*A~DpEx^_TPAJ1_A*@3~T`e5QcvQ5cy2VD?5(&o*8Czr4uTT zoDY>eAwj!h3OIdC=iZ3=x1%pzEf(E(!wngvrVNX8-12#W$oI{|?MH-R@^dp+Gu?_r zpN=}bK`_e{A#X~7>-m2vXJ&ZLk0*nJ{8+)L(F^Ta**a|IhpxqZbwJ90$? z2pJo?wz{zf{L{VZ>JRRd3!nAt7H*7X-33z>u0?*H1Q&mWR_fXqj{APq=YJ;RCo1vG zRu_(V7`Lg}9pJ>`kP|1vB^VJnezIDqeoz@zo46?bP^ix60@)Vyum(Zzv#f*y;5ozV zTU#La%4UxB1=`kP!_Q^?vH!dT|MD;MSg=NW>B^PiX`Wz=0}Z}B}X!j zIlG!$<;2)JwqYO9Lg4xKxQMOXmh0Wax}5vNK;yZbq)6+N`K&kRPG5oZ-nTulu#e>W znxOx}&ec&Hfn*UGFDbLQ)GQr0pTyBw*14#p%2M@EzWZ?f#*8$$kUQv{{?HdbGlqKA zn9wt8+b96ag32+*uMU68lH0IC#lVhZDm?4{seS#mX6P5GU@`_9#J0!QyzXO~EEo!} zyl!!lEsgKrdP2nSWG=i8HX@bVZ>i2gSV(fMz|ztt=_8ZVbQF|aed8tZCwA6P6(T7HtxWj9Hg z`^E4Qc+A-_#V29_fciILR=c5a58szek@;qYME$pkiH`;KGNGfcZty z#%FD2k|0xYoaWI?O*hrDLTAb6NK0s-KUKg6f@)LcTK&ti)_>;Y>osjh#MGvHZaODV z7yx_SM)E*@q{0GJlZRQD(W~nD3&FHqJ7OeeWmTCG)&y6)G{X{ z`6eJ-$qW>h26un{uyBtu<(NlE^Wc*mNgzWHZL);OZc!a5`U#p3~$Sj|p6!}>$H>9g>ZL&MTzs?5B z-<8mu{GT|4%%9hwTlarrX)e{4U$=cEZ`2`mHHKRCQ-j#0{&SP?v#We75jA91-_5YD z`x<6dRtqTe;+CGO`DkhkHQ7YeR31B4%X(Vm>+ZAYPPpT)M2U>cbo$dyT+~##z#<-y zmjvQ=F(71>XA@&mKZ!JUz>8<))2v_4q(3R7U$fXJP*JUKaMUN_N8$KaSOBYHoqb5q zdm{C`oOEEoisXa^Eka8GyXeY>J?uReM%*IGDGuABnGTLlX-eo9PB!%K`m`99dg9j8 z|7N6pjrs%ZyrtYtvjovgP|AV|WKPg+VYd_U_n^MyDY%^dxg#)RMqg&-xq&;Pw|q9m z&?%SBuV`G0d0G+&yREgF|IIa8xKGf@>xy3*ufwRgOH^G>!3Ki~NB|YJQkx%99#c&) z2(D_K?i>*4yqESmv4^U{bEC>tbX7OZq}LPozJ}5H`?)n26A|+!o z5k2V0Y^?Zdyz^P-_P+ZU{mC~s3wm}g9Zewd6Bq&LoIq%nGcY(A^XW`hm|0Uc^6?B4 zymI!bFbT$rU`8Ibj^(8@Tw*h%_{$i1!@--piFirCe%^Bh!wikREz)@A<*e64lq5Hl z!T$+)<0xX$uAmAz~3S=;Pk8kNEk;H_fKv9?zTf(YWFA1km2jPo27-$ACW3 zZve;>w90wz$d9K0x;D!bWo}CNVt;@%pgUJoqPPgNT+@@ltz|8bAB5CZ zp=|BM!5CxWzA=czBs^U{CPm1q-7X;niAsjDgkmfuE0FjN%84N+`7O^r>!hO=0UQHS zV&mPg^vUAhCs6%PNRqkS76AS|_J(d9LJI&un$f_dLo+SvijKiA*_pHS+pa1>66k(n ztMO?o23YH{r|R`($@-G3x1?v6+h=WjqKD+)bO@5Ew4JgRUgGxLr3TPe^gGJ;wmoOV zWel{P8AsUQ4cv|)f_JDsq5MBi|8>sQ@RX4XsXEfhNk}q>UEEJ}Izi+tp%jZ;td0U&qBRzA!C$q8;M7$Loi`!hJ&`NGYI^S?IUr1%Lo{rD7-RNf0kqp0m zy>eOAgx*o5#DI&f$AnjweRU9M#m1P&d2;X$ZJyjkA-h0u;{biz;=|Q$LAkL4u>0|G z2mG`HLwX>HKQ5mb@6MRY0I56eVt5_cz7DG0yQkgb7l|2#IWOX&sC1^~2`&+R%t3s# zhdg2?e)k-ROj^J*lJ7_uVHG|_tKhVY zV(C4E;jJPr(;kT3sjrhdr1nk5fLBu18?#z)ZxfzU&Pn-`-V)Xc?* zQMMXDhNqt%m)$z?GhDO0Nf#|?+z>sdM2J~gd`r=1t1`^@Eblgo_kqbd(p=P;>0rCh zhspP}ot(EZ&gmQG)6kp&8uQw_vtFGx^ZZg;ZGS`xwVUwW2SMGhRQksgqm^HpvBnz@ zZ^ZM)&aMIX9)KB6COTV7_wE4S9de*Ri3x2^w4W?cBfo0kv;P~)de-kE`%MVba{q>a zmh_DNZ*nf0^A}zAi#D>ge11+~pK|R#o%-3iMJ-x6n7BD4yXgqWN+P~$=&$Qq9v*u4 z9Uk2zBLPtHUN^YUC=-6}?PWox0?x=UYRj8{8-K+SiAJvRlnJlbVWUCxhBE(*Kv;CTwn3rRVG?QRihv@z|mm1IJ;_zkKM zIN!&iDG`Ox~M1@C)O{x#K}5-D$1{3{fU{E-<*G$L^n_Y zm)vI4-y+2R4ZlVqrs2kq>$10Y;sq|HC-Y&I22Q08+-bKcxdL77#x@?a^|#AtS~*`3 zE_3?CoS$@akwyKP$W+|D!MWJihZlamXNVW6Em`gyuTeM&GGaTjsXRU;!F zjgjh-yizD*s78|8Sp6eRWtQ^gU(4`ZuzOLJC;HPkE3M(9!0ztwns^fT^Y(dZQF=}u zg*h%YAWPHcKQEm^7U-l9M`0kz2xMxuBd_PfOn7FtuQ6U%fvH zB-i*c!lwv3sjVVB$s*yDK@~4ew(miH3El`eZiC2paKVvZ!LL7^+=n4sL$9B_RpK5G z;5wawy8q4DYEUJ+2&3seJcsR$N;x01229BuI|iPrVbIt1WWMb(dVW7gcTH_{WdESdDb2Cj!7kJe z_KhTjP2ReD!_HGJtD-W4J$cVFaEu|v5DFTp%GzHqd|1-1xwJGaa@lWIVP_MV9b*>VtNe{qUUkd^kCH1v?Zt^d3l@ zXW&goammMVn7BS~i?!!Xx-KY*5sxHgxqe9K?Rp>d*10VAk?dq2cfL?noCh$i;oi~M z2daou%B(V_m+Ap4&H|wHav9U)(*=Q(d4X7Q>L5WldYM0=qtp{1uuq<@1L*Yu1JbRN zz9RjiX5(cY5lG0;A}E%2QM5^0WA!bR?%E6d&c-Tnn~M-Y+#3;{U?6V_zTquXjc_Ps zRJlL?fonmQl=Fm6D{6ipRmK0Y#C;0st z1n12H)z=@cT@Kw*$8)o3Caq9NIs8-yF}!W4I3C&HDD7NJli>{AAS{KS$rv)Fr&Pvy`SsU$?jZJnNT#;S$y{WRK!5gP6tIiy25V8rSdaFsK-v{A8#JB<`cplF zE6+LLT^Zpmvt9-g?qq7D;Q~8x`@yM_sz=TnPrLzW?RYIvSsA};PWw=O@Y=b8R`Cjn zSr|Po$n#gFC^s1(%p-GIHIJ?nRdM?FIfsSzkHl;g7-KZ!&&m^6shRgII^Vvm)#?9q zPdLqj5yt!=%_nbxMe(7 z7@T-9t1#xPHOuxF$}jCNV^<@LKz*08Zj!7~-V%O6aLRc~OG5Q?Lh&S^G=bI<6Fh%8 zXgbU^B9ffya+SlZfAVTS>_cnfmbWFusjlxLmVT3p?**t5EaHy1Dd93v=X+PJpOd}bauynM-Zrj*_7%$^oX@k4K z8ZR34&rtEtMxBOk9fiK+u)GduI3}e8UO^ccM8EmgB7NB0E_eoj))Zs~V&%{JV0BGKIp7An|M8(btU3(Qjw3 zkxz@FvxB)aHdk&ZA6O-01hh@M0iyy6E}4zh!((?sFM6l_{iVuBmj+30kul`rwL_Yf z+(*G5Ht0P&l)TZ4&jYe;Fnj2-B5TmR{I(zc-kCd`eU1C!ip=D{T(r7OIH<{Ziu#=V z=?-t?vyipj6p)7cbSUrjXx1<9?yrX9HzyhHV)qrJ!@wXPN*I$Kkbcao<~7A(sI zELPTgd{u*_+?sg&*SI5v)VemXSF#N1OqP8qtl`l-fI7+KvM*I851C-c zN`^=0AyF}pz{{20bJxa17JX`{zbQbv)dsbBS`Y%HHA7)k9c@?zX1n%#VYjC;?@f^Q`@WCZFw^SOV>&8-A=o=Mzp7 zih?km74M~v$+AX3Ff6DBd#_!!onzh{M=A;=ulW`e=7rkouP1E;@t!3EiZ$a}re$B# zNYj&%j5IxKc7IV+OT}yrwLBOkPJ13@HkCQa3CL{6;d=(nVDX@YQK{$!(X(V{2?R9p zMD2tuKG&LpV;0=zmk^v1Na9G-qCX4F#%9srY0OL@ZAD4w2+M@N_!;ic+K#-02A3ENkZxI_iAT-|}0>xNgsb!=E{moZAF)mSO5cn%p@KD$a)MNmxaA zvDw}Z;M=ibdZXHhrp{8+P+3Nx&qXW1M3W0E#x?JEeGFE?wP_Cb>@j5}GuwxJ58DF7Pg; zT_jg?ytBxoLnS;5jXV+Ak8-@Ma!Ah7cJi|TcdPm>;~{aA=lRTUIffu#M*n{Bud~p} z$jZLIX%I9pknWWvQtkUYJeXfvSFQY-qRl_SCy<)h&A_0%<$7$jVKTze$ zjUi_!6NWB0sr+;;<~n^~t$9yHS+>_y(|B2cef@a!a=znm!l2w+wWgwJ82NcRD|&DV zZc}28_K^`)e`gDr#UspoZ6V5W)Y+l%kTLX-W@y%V7*cj#033W^7z9NoLz5c9P7NIJ zZUOAiVmu4RFH%o0Q%IS~9CX;FTg=vTK#V(`ouzr;Of<@X8KlFa!A@t&@s`KgX{0MuF$5%3p`2hD&~u zf~g+d)tamCcIiDr`Au5|Z?RS%@moGG)kiPmBF%oxHtpOqe$*`u z8FO;DV3vmW>crVvI9dr`C*vTK{*`*pv;yrm_3MgwD$750uZjPwdxap@WLfm3Dn|#b zdBn#0LMt z04mw*CVmPLc3mmdU6n~x37rj;U4=nq8YkioLDGNI41J}1X32vBG-LJ2TfW|3He+hH zC(EGJcsT>A6|dBK(k^lz3CN-;aQB1(3{&kpK7)uQ1KlFJ4X-vY(KmUmsrIO-2Pv0; zMtOD>(`aZYH)?`*qOOB*6?%%01f_0*C2jjgR0c!txDfbj-}ddTSbpwtT;mPB0C7y6 zq;imU5DbuMh){MXY@7zRcSf?>l|w5t5=zccpP)xVJw+p3LR)HU`&ENZ(!6yT+x=jG zhYImJR>~;x1NMTlCuo*wE}e{%-Vwh)a`J0=3g^0Yf}VcFwWJL(@sH%F$5_|5A!!LD z8x^i|MfqE~eQ90deHDI=x81bm@6QXiwTT^@LJmv`xra-Dtrsn1s)b<>JYS7|(u=c{ z$Hr}b(s*AC)VF@eZYPs16+Owgp)5{4)2>Zt=yM?mEDW$WdMF}&C} z<4e~rUT$F6Iw{Pay9Nbp!OGv3&T-%w)*B?+B?vM|tPCw&q~k$@!hy`9P6pdhLtQ{a+>4t9BQKy}lsdYu zdeuwUnCAw{pPTUM&MX;aw@?qYQxWG2x0?12Ev@UBuzwMs`c;SDKqT%?BbmBK=-1z$hy4=o z)S)KWaG~w04^|$2ap3N_9&qI}b1hA|hVb~J8s2rUdQr6DaS?d7k?GFPCmKy(L88cd zaWw%vZ4zYUFju?!qTn525qTODR6ho^l+egd1xhjshtefbMBI%m#!CwdtCRvBueUNz zP_KUCl*0~(Ce|a9PtE9^Ol%9w_;)l6+ghJ~Dp?PL9R<-#7`uM(Mva243Tif`-HVL? z|9BM0XAmSo5=+NrcY?KKTdq=CK=5-Sgg01UO4$ZvNRlg9?R9VX3W8s=<;b46fh-ev zGvmEMDJ9zWGiA(U5?Z-ea}GJn1Dgo`bCZ81Z{$4X!0$u&4~hKW{_bJi@r z=*%Z&xz(qfdk26UjMEAO54nHCXOlQtR~|}}jY`R}n4rtvLH+i-%3=oEA@rZ8owE>FKSvV-RY4ki&Pq*@@nwO|2Why5< zq6mbbWSyu5UDA|*cFC%ZetJ~+#F6W?okuNVuNrZNsmD$mA*?a7A7VUhu*SD%MH1T2 zT5&LV6e_<>^|1@{OW$s3Ec)>+7^~vVnN7kR>`rwN9*QSvrl$#cr?xu z{h4b``hO*2V1UG>v_`c~c{8P%njY-!z=Q`h0vk!TZ&UVsX?vuG3_$7tR1Z>v&5}BU-+6b`UsK-bYSaIT)l|i!c^Q10k#rQcvs^x2H+U;$QswU^q z(|~Ui9tkR(*PkHQqmg6vPurrFJ<0%1o7*y}mV0Y-SUuvYAKQNr1YHhFKz%Vjol{c& zSwSmMKU;YU+tngG#&QwoVS87V+@3lzSOkCiJJe#*am5kli%;5LsJ4H$KBY}Hm;Iw^ihobPRVF;!X%&5eZIFv z1*(D7#}PMxs*4Jc@ta^W8pm#Dn5z&C|+TfY(t+2>8%@4es0iH$+5UaQ-`kP2{!X!aB**Y6zzxgrAa z8IC9OvE#kzsrJ~c9rS@MdUz6>bl8*IO(uX5!hJO8`{XZ?zvjfes0x3-1P<}+bGTRXUjPTV!w`u7`Im& zYa4MmK7yH-pkLk37zOEGeZuha%+n&7fS3%+p~fjLzev=IO+x$s!i4WJML~XXrwPI<9jcMN!YbRL8=*8R*_uRb<*Y`uaSOgbpdkc@jAipY080PzRe^b}c@Z0Z3| z+>) znc(ZxObglzvI8@i3Az?k)%z&nw7UuuAD|07T7^#KM)c(AIxh0pJKT7{uNgQK^$F^g zE!XsVx#Xh}g`*f0{TQxw^+$UH*TD3WexLhi>l zCA%;Cc^d8U9qJ>^*0{lf&W{{Cx#9cnD>1CT>#tvYZt8R* zIX!i-H@QqY*A49TU$5u_uXR~MB#OUUT2vC}!5Op-$@?39FG|v#FBnWipK0`Fe;^UGmPl)#7 zqxrzuN!cmFt;abyH?Wz5LH}g|L3pHz>C*4+a&B8HF1VP~2SkGWK@S%Ui%dAl7E2pzS(<6eVv5;g(j30U!kF6)%xNFE&RrH4?hzr&F$BrvKM}^DSX4pzFPr|9rvyM7~fy}vUZM> z)X|zWLaYZ>#mE7p6kQnF5uVzrq?tC;mzDV*rI+XbW&>E^j^AE#y0H-UnEC0hhrqM% zBfxG%@q>$XECYnAZ1rK=@a?QI({BCtX;{VwM?$AZ`R$8kGwkQ*kAL_HStS|Jz4Wu$ zE75HGB=5k&b#Zm~q2b)~%N;qd2Rmu^2SpGOTdR9$%X%T5x~&mcEV+kzXWAgX(@i(} zIBIJ5wi4$3D%Pi>R)2V81q1vKO&gqh578Dr_9DldcFm}$qs=9oIkqx{eZGdXqj(5n zA>q`^fMFqQ;$*M=g-eW|XuVz17mNevNnV2M_E=nxn{eKDl`ec!Nz51KjSrM3SBZpr zxk~@Tq3egeAQ7L}yC#$N{+VTBI+1!ur}Xiuacid`qqXcnj;Xe73Ai zg5YqqMXgkI+2kuWPW^`c7T1a#YD?LbNXT&{-b*uU{b^rNyUNVyVu|LNF31rjF~#-F zVLJ}6J?+MjRC-)%&@MZ%kLRWexzbFjam>-}DZrq~ipuHwPKZy!7_X)&AoFp~OU_kt zo$w=tCN5%+ibYO}GkkodcE>gZj^u&C5*GG?f{DKQGcYUyJ$V&2Z0R#>GV>y*aE`W- znw(5sN+JcRDJvb25_pq3i$F39Igl}A&scQ~-Nn*!EW8La*-)qa=MzSZ?G zCT)|`7xTngym+D_dEzf};-p&#?xFYO2WtBlugp`V|VSTx`(X4LGX2{YfnS+@zG5>@eF{^t_&o zC4p*{_G5(-nt-ic5k3X$8l7_I+Y5(;EB8^oQ&4lh zKK`Y3*fvtP$1=Rewh=_VQ|h)bdXj6*cj7vxQz45!Y-bhHs*B3D%oHAzj_z~Qg+y%) zFP=m#TdpFvFu$@<^ktnz{A%p$s#*SL5L8zAUxy=&m*}*|9i4%$;s($BMpjoy+r@w? ztLmwC-l{50(C+ud^souCv|=S2wY%+`9;fFT16X^`B=k9K4V#YWs(ACTWHF*YVc5Ey z*>}8^;#Fq;OL3?l$v`AyWv zi_H8obq<FcRE?P-*pz*bnfBHfUy7R~bN0h)1d?*vIap>1U1UGIv5^UX4)klgxg zNtSx0aBG#ssIP|$fYo%rysxRu$zwxaf%{>BZP?FOM93|8MR-pdCm-}PIuK(fhx_DbkI$ zQcEepdHmWfz1uABkw=GBJI_5}>emK|hF6o~)xnHvq(1*WJmb4(LGOo_pqopf z2MDi-zn+Te2Y7^6PlN(>%;lY;guAe7iC;`8{I69v(wZJG3!JjBOo~1oN0-$m#yPGJ zP!!JcQ@%JugAXygClWQwWK~BKvWctY$Oy7pEHVnC#k<}ecKrFV+3V@gk->-D1tS`k z5<^-@8`b)pL0Ix}zQKOI@d#>(`a%z4w@B7?DtV~8xF>5p+LGliT042GW^t;xUK0d4 zs83i{keJxuQ>pKss1#r13;y&+^jgo9%J9AhXpFL~{x23BuTUO$d{ULEV$3(DSidKu zE=IU%a(AMt^z)6n$!YyUvl92sh6xV#br9u=MOq@pAzIT#)Qq(H5EI)_uIUmhqoH|k zmiLOkIhci9*#TmbeG)=&5f$e|v(JCHQ2(%Pg{?<|tH1&1Lf?aX4W;qNwa!z4sr?8J zKN%;BH-9n6;(Xnf84X04UWr;cXs;$YglB20+t#SU8I8elA6n9ksKAH_j}~(Hc|S@; zA@Xo@-{z=;wNaaKh-5$IeBpG$fl@=GG#fC3e27bfzcp?SV1#HNSm?^v`|H!5^FZyjHE??rjBr7sILQU*RXXK!9 z^P19weXbL8fBfP}ljNSrhU;sE=*PC#k;h+MzX#M@)|I_nd{S>5?a7;+!^QXIKpQ)z zwb~aEgL;?oNFc0Xz|Hyqh3ZRSZ4S5S3gPMNa;f7w@!&v~o@L2WuQVbP^1t!yjq|jP zRF5AMUU= z+Vr8frglQzZH}@v$Uz2`4yon3Iml2{CSLrKk3+GB#*Iq9;08%Yk-A%3YFLBUTo z<8LXwpC8F?-X|rVC1zuLV}k%{BSAc0|KgNrt!5iWoq4j5iZcc8$I@qdLuDS1LRZ@g zR=9mLTZhV-+v#U_^Au^rz5b!}`t6f@v@}Ek5_w(ri#5ozlsxcjdn0W8$dMIO>__ps zVNY07CXe%9C)Nt&p}`8(K~1K=_Jdk{eTXVL_6+NVPmv6 z%Gx#1uSpY1s;eMin`(3lwy=?dE&7gkMMP`CbnDDoZ~X2WP=Av}qP`{?)#vXN;W^#3 z?DeKO(&prvBX02_%0UwkqEX3psFR7$_X0@gL{)Fl+w8mm{}D>a4xWMhWM=BS?5^t+ zc_v1})ze!*`T_Bv^s~pAi}Pa*j$Hxfe{Nj!Gl0P+JRy6ei5?Uw6UC4wT_KNrpK-q4 z-i<*{@_CYV14D1`w+|j%GUg0!nuF;ZZPkD?b@T@KIe>YqMx{p>l3@bZc= z!}cP8$p$&Q;pbMiZ&(LG^K#aW*c25o5{!E7cRk?Ra3}lW5${2j;nLhtaG{47=l-8d zT5Hsk_)T|v@bOIDmQTUfF}cKc^J99z*EJ|wn!96`BvRqUuBu%T5X4%-4lLzk@`0vu z!otkg{5-G!6EglK`WN~DMDfmWab#FGG}?t5<>-GHaQ%QzZqt8ylRPi!t^?>ZVP(vGwUXw@9p06 z`OvTcjN-?9A)@UsPv@5A+!6t?xS85lT(Jtgs~NW}U8R1vY@T0J`RQE^y&oUo@0$Cf zN5#kMpO=EP0^+-?Wa$_Gagqapk@*b?Ew6#d_?WtNa})x7YC-R&P{6j}+uQCl*)Bm^ ztU-{78A?+LvBe|+1d7BLIoKuu8iu>`Y|}?Z(`1^z+fe~-*22{d0d6skIEqau1IK8bLWYA$9FGa67+|q+kO2Z zTah9Tu`A=Ghn<9%Zdczl%$VXEtHoyeu~-Bl#9!zkL?Ql6fp(wYFU?)c_`+;D7_?Dr zgt0aYeeZI2{WHPC;QY(T%4}h}*M~R$+$PMu-td@~GF&_9zVm=Yb~CTVta&8dy-h=J82bv?g-W?5Tr@};Wf<%p zk&uVvPDC5B@z=J?4ybpc8WHw4x-|mpdQK(+Z!^j>>As~9y+ZHQQS)UnW`EA2H`Ab0 zr>nLz3%U?f;lef8&LSKnrcY3nTe4uaaL>QE@#mYqN<{()(Eca2N~9otur~Di(cWFj6xC>rM8n~U->S<@ z@AyLDMWJe%$!S4g1ma5TK#mPdV%;P+^)fR)fcasIE zZT=YD)8@0dDzj#O&)@;88^*>x@}Z|OT((SU@u}$r##K|HEM~jwrV;hH{ir)DG6jWM zu^&JGH+(MMC$$&zG%@XF9)g)iir)dsSl4Mv&^6F0KX^=N7o+0jBfd78LF# z_8Q)x$jr8;qulO$(Y}lUC!f;Vg4;JvosleK+n--uh4|GH$bfeUeE!QdZIk!B$C6d4 zJy49wxJ_8~U<#tk+jT*=adD#y(>JaAt-a^Xl3Cm*C(DXJmm>B!$>=_nvLf7zMVq;y zg6P}ZzK`CG%F?T}kMPcHrzUo6 z6DCDx#W9}+&;plNn>~OhvR$#68ZpJqB{!5Sz^jBb!tC=_O^{xUiM5fUB-`+NykqR% z6A6Ot00vXp{SoWkWIO)o3I?->$XoWY2FRChrW1B@H6DFmBo~Khe7|z8FJ|(C>0Um$ zC&)N+DUCK-;0){E2n+v`vs@rsaaZ{U9HnNjR4Fv1_;J6|k$aQzeaID0@rix7_V}4f z+iFD`?Ojn#_dXlltG8ZK3WpDO_s3QwX_I)*S4w!@5=a5t`z$l2|~x>o+(>aezeG}F4JCIG`2x-B(v!|JnHq=Nm=gz>Fga;p~U zHwRNElBU;HN(SH+AlVXLjLV7cH<3({y|mfdPZD}4dvqOZPp*;*jIRd0s}5nu6JKLZsS(EMg#u#L{uyKp(xpALiRuv)65FR&uH^m zRZyO_6#)K3SE&@nRx!DceFC}!`V~ReUajq>{ndx@{BCId7W(jZrGmk7VCT8z5C|-L=x7z zd+*V|5-$FVs``j39eq6q*s#x9y))ikBMs?HFbT4AcyMIi1iyc*Fx|7eYpcq338JYH z)*L2p9Y#n2m~aNU6tXuoVp4TWLNC$b9d&!cMjc5T4?E`#V*AQfeumr7)hE8}8g~rb zyNL*Ym#KXC5Gmbc^CNL~7y6FR;_DtW`Ld|GTrM;1(!=~;?~LB(t{8I!m)u#>$aJ1k zzpDDzLoNSu!e5iM+77(@^LL-!6^xq~Xnd?$;}z`AhZo`*U{~C<6vGO~mHO={)1DX4 zy=6&DcT)7md^kGhylkyz2L3Jn)HS{P6)bW2$##--Dyff{zVbGo^vOf)1pQu#3**=_ z$7j88kvu3>nGq30{l;g8qL)IpT|w<-6K3NU?tb1dm8=k!UAKkLiiC0Bz^U-@~~*4{RG zYCWa8fBg1oNfPi#KK86VcKTvra$p$K0@y4zye^FZrLy5da3Gz+HRkiyuJi)ppK>*2=znhvzl)Nmy7|Ge2@} zD!6~*S1T1?JK0lfHbBva2JYun{XV@)m<{7&f#|jo+gvDipJw0}(#Rb_ibwD9FJJY! z{o{m%^hTA%Vr&7cw5XZ%&52F&qn} zk>zLX|1M7@ip=f4!bF@1AyuC+9HkU!yTDi|IHQE;U)FL7VB|MyY6C& z=bulp!IAOp6pwid5MfI#bD>_IZ!;}TKPNCRh%&J=5LgZiVv{X&0})h6HJoudzb!YH zd#0J~BfOsZYr5ZB28a7=ddMU-x~kejUiS#n*K!)myoNeZ9)D0Q)erqS=^{Jcr;bn` z44f3)?b-G?(bH{nt+s%Gy4+Y7QI&?NVRu#+-lP|~6>Yv|6mn95C!U*MhxtocWJIilLb zUjR_!R-Lc#d%OLz3x|S9p*I)Fl~Z&?n$dI6>-LZ^5LyivQZ8((U;sJoEPGTexoppy z=BazW@`0X+l4)0Um5*(o`I+EEexOSaRDrDXz_zDE1nMlls@P3-4=(syJ@Wb&D6acw z`m7^9F2Xq7Dj9SZWcgF>{7BTN=2#0CcAO)lJSihsl%mu5Fme*kq^oz~kEQ;ZYt#m$ zMi?;9xxqt{26iA1IOiQ!|G~NWXPle)dWpNk4=tv0+S|Cr`M)TOcIA{x#qqPGGwGNM zg?g5%Yqc{;iFBmG{F|%2cY5PIH#2}_6`CK<9kgff%4hwMM98ULv*@UHz1{qH9qiZb zHVKV`#3@u~g2HVs*C*ON)l8Zxp6ju)C~SNbfzW8Y_b|F{I^fPhZe#rhL3_NYTV&5h zVfTOwG&|l=*6?kkP>}x;{(z26zjMN0r1r&1 znI2#F<7=A&O7^bu1p=K@{M_~pb_HmfwYBn(`@orWX2yoV05}WogMkecGyjzCdNrJQuu1QB{9? z3V59VAUO^r;QH~U!Cy75mw$6{wpR<>|6L%SwI;x?kW-q>M;lY2fBpLE^E>0O`=$*_ zwHXCpjoAH=x0ALI-RPDsh;|&zR9roe?h&zDO#p|BIY7TF>3&*t%K*>>z~>B&I|K8r z1-4=3`u!L=NptG2Qeq!|{*Mf!ft(CbtAM>-!uwXzez#oy8#3|i|3TY4Wl*WmIEXnG zlX_vFOL{NWk?riB_Y@g;8ksDTs$i3_Qdiy6m&y#MzObC1T!@lB_hNPX;llrO8*EYK z7ED}yR}uaj7u$D~o_)8}5@`pX`l(UzCKB_2QgYv!c_Z4Yk#6Z=Lo#+F)znSjE#iYl zj=ez@bwPdheXhEX3miN~Hgw}oxP5H_LC9!@wqSI7s?i^zqg=yx39~v@HIbRW^LHB4 z0~2wwmHbX4;N{C&4Jj)SNuD#-U4rTAAh)~s@b~7ALy>}b6`32lN~by{X7`-8zEu?T zwqH3j!u?7*Y}AU(O{IR||D)`!1EOx5wqcbN36X9A>5}de>6C7e?(P&2P>^nrl3ifw zTDnn*rJJRdP9!;v601r)QA*ih8YRbDh>J&(Bsf;gFSUOoFw~{s@Pjgz6Q&S{L%2%yZqye{s$J=Z3M2|0WyH&w33;bC>T)^Ky~=S0gWT_J0&G2wMmbZk_Sd z#qFnlrNN$mpAkE6YCd=4_3bUVs(QeMB7^RvT>hLV5xr6301^glh}@uIz%%{ z3El6kD{eWUUUZy3(dhk|#(LrRu^_8V!J!!1VGPQ{-sgHEA!x$!n`&r?sf>lmr;1z< z>;7~X@uT=tvk%8--xvf9MK<}WLjmjB6%+*jo4sqi$O|K5V-Gu|U{u%;O{1cQHkhTV z{PGA_a^)kpbf3g9Ux#k^bQ0<;WN5Hlku3hS94p8)=C~O#cP+f;K&bCOV)O9H-|~#1 z{V#czAN&$zm5Hf`5NC+9J6ksj2!`Ya(oj0^Z)%2PdOaO@dWuSCH3@y?V)>Su|M6ET z_4;7MY%qf&BE?=HoXf~5RZm?g@&8k{`hN>2x1@>tV7s?(=Y;D+KgiE~KdwVWMlQHN z{@JgPqYJJ8zKv$4E2RWno(Im(4Os7;-@Ec9m-!kqBw048nendRfjAVaKmR={bmeTw zn(Wz7f&*<`X^MOAZardY3XgRrA7&OmLPQr1(Xz7pRUxgRd(GPa8ujbY7H6ytN_|$` zt&)J)@;5W!)XW#VEI~X1iBBNpT28_Ei{SozeqzMl!=$p|02W2*WqABW5<}0Ya4Jg? zad8C7@N87L1}mrVxEtQ6%UvpdFkoszhVD|kOmF(nyxJ~IR@nP{dx9|+{9i7Qbfs*$ z-?-(RZdcf^CK`x?pVyeIni%m=R7HJuS^S5}!xxQvmpQrhrkprqCSypY=ksZJUwH{| zoPKDKmzg_#M%HslL}F0j1imm`-lncc)YZaL{r$=RU-)?Xt?cxCTI`oozx`dJSZ?Y|ZAr;Dft z(-#o6v_Z3bRFm>F6hDAjMGX{)PG6P$udrt&=!1&qhJoG=S8mB_xm@s9`Q*Uh0a!pF zqIP204UrjrDZTWjxjnzXO+eCK9KJQ7T(EfGfDi`Y#k0GB*fv>Fh%u=yVPVL?o6qfgaXjWaAR$XPz zORfHuBZn3_J3GxsrD>DU(%uRfx4%@aEz%?9`0U31(MdB?T1ZM+{*q{b~~7UJ3Cr+_e)dfwRm* z1ETg9jPkw}kKf!wetPddy2QN)|MW92PU4sRx1crq4Cj~a)6qx$eLqT16t8CML}v4w zXy0D)4W#w0aX&GsY>>C5@av!j7K-IWch#J>uCbbZLq_*V|AjogVNalrk>N(xD$`pk z$97a=!pu9U1=G6ft~2u%tjH61pselpJoNFlYCqrsfkmRCf4(Uyg~VzIj^0iVn&fQY z=^?D?e&D^Go=$JqcV1ID%c}c3>kihD9tG_t_8S=J|I^w3{-RN-rHiKi`|#DZuAiulK={QUGYvZpWpNI>`qs2euhg$L#aXkdeElo)X0884=aB z^o+f~np45Scr%)S=lSI8nMu3e;X>Xb*-0U(YafsS z5VTN``O+)04R<}faKaoQW53BGs{d+|oU3aZX3R3%<-D7yF^fyQ`+A+owIlTv2lGoQ zxx36S`;;8(BFMsijv0slWuW*aVLm@e2Bvjno z_qPZAhNqiFHM}FH$Ktdro%=d^01Vr@)&*6w+jZ==4@}1^v<$&0^Gp|s-~rW&nz`@UDIptbQ0C49-YecR$b(llAWyKHv z$Kbnl;7+hK!hW1PAD16xK#-ZOlGeV*d?6t

    mB4dI`+7)BnSaI!)0u~F3uwQRT(Hhx zzlSp=CMJ-bSPVe_p~=W(qHj(lB-*ek^)Pz#}Z zmu7l5w0&wQ{|I5ffi1*7MnZtxY$0K!W~o2VOY_;6RQ)y$PiJ4Jjwz)^$$G{l=~IDP zI=YJ^3d%J)mW46u6Rax#^})UJ{=H>={K>q{yg-vU2{>Yk56XXGo7OAl6wowbB@k87 zB>F}O5Mc!E*eOFesQvb)#8;tj4r*c?JKY;FB#V{umJyEB(}o8mB`L34mL|-*} zq|^ugBkG=D4PoX)vjs|4cX+wgr&IT5N#R2j zSXoR@v!)x(;8n>msk&{0Ua;+3vovGllkomsev6f3yO^VTm6ZXMjOd4oTJo~fxT?* z+O}(Yi!<{t<~;w`DG3#<*)%v1&Sx$Gd#ommV4ViL4mzs`5 zLT*w_&>}kfKgp5*3Y)yRH=l6VY;0uc8ozfjzr_?+UQ3hn@{x=ERFO@kUiAW*BUvsB z8*Xw`L70D`vGHuv{R2QHPF*i}H(|2JOCQYd6 z5k4)w5`ym@sxE!p)~873qtkFUXpJQ)CJdf3(6XBaUX>1Gfa+ROgIJ+bmZnEmW@9Gw zI>eM()c>=vL>Q@22K{YA6G_Y{rWd-n%GN`O8k%f*n(p-69zV&)5sfjo27Ld>;r5`N z*9Z!U%$1fXAK1x(JwT`@;{cJv&?CXb%cPr06GgR?)TtDxlJ6dOPR482H z^D*k}tov1(tqyu!0quY?%CUIqh*LIYTV4ON%mrqq|pI?yw!eT5wo7}=JZ7JZflyGrAOD#P;OCpSzoi0Q6mg6kZS0XFbU{k=VQ~y%SSqs#ac2+6G0vJC) zyqpde?u+sgi_p-ScoaCxn#h6~S@P##Fr-CZXmP}jv^oiaH<8Ao3o_e@e&^cEdl&Ft z$zlFFzUx9$bb(=0Z6Ji!S*uB;&0I>yMao?^^6YBT`KTUiahuwIlV_;LKS`Y;(JK@I ze!`qFeDAFKlD=vN3#{G$n&qXz<=rA!9UEf%Q%4x6UO+zIu@ft2-U2z@=`CQO>H)QE zk55F#4oJlkqiX#*G#XJKHkv426DuC9^F>Pa{g`;Uw8+O6`I$>rcH}C>+eeNtl5Cy4 zf30sDS}jSB!^E*XM;%I~4i{6N)<~%HjoMxW3{JfJ4{NmLtLRA~0=Up($1!?_6KRMl z@w$2qVvEXGXV}BG@2&jqRxA2BBty9(Uh&TZt#wwr( zJ*s%V-V=SV5-6T{`u0eUd3mr7`HvJ`(jt|HBhCt0n`N3?eSMluVOE6Z3yC<`d+aCH z!ZiJ*@GDguce3qSlS($irW(0jRm()45D)q7;swhm*Cf^b0S8|0G;!X*kPRH=n{;)= zJ@4*4p~TU?)#*5C5z2C}9f#d(L(!fm7YWlESa*n<_Y(8fd9D5p>+yZp>3#luY5b?( z+8d?)!xJee6OoGTdn1jOR#)}?O81X+A9~ED%u$d-lhMj>Q2qiM!b)>g=&$E7I8!u& zs6R3v$B#yb$--Cnt_bxv6*FKMO5u zydKSHp_Y6xIaLHkG%0kHh;zm4X~)GCvFKSbI3#w*Kbd|OTVgI9?`wfDfV2P*X z*qqaSkslw~J*VT~7mop;iDSmw2}8+PlO)5Y=C6}9uLc(#o8}2%@@x)Xk!VfSsx|&@ z#e)Y*%HBD{o_!+9|4EMyqnp>i%JF{ElC+)RI&JRS6+$ikvYa;d;=k}t2O&76xd?S5 z?m{`{5Ep^Zziwp`Q-U{>bAupj1gdcHeiN+c*uQD1Z>QGj_?KNUq^X}Fns9&RsRq#^ z$MP!mt(y0z1mvHgtvk{fs!njUXeaxUKK?fz2RprLP#;O_TS(MK`?s5w+#Zqu__t2} z>Xo+37Hw+S#r6L~6hHAzJ95hE>26z~1;8@xo#n(xbPd@qnL&OZHW1q62e_t3Du?j% z=Ud_X^I_T0d3;T4ajASi##110Gp8OF6?xSPUJ&uitU*&%vpuwywd7%Y#u&)WEM<*hjY#NofMtcK$+;{w3&d#UwO!&!IjZ?uKWgG10J9vKFT{e??_|Z+kqF1V=l|`Iy zOS0Y*%%2xFzzp$cPBW^!-HBLb}dC)!-mQK0154Z2{gG3hI&>b4Y z)inn#4pRV|6fVQxR z%>XveS?Mk|_T}M9XDG!U7%)IrDZJ1ygApnh)Zno{e}N#^6M?nuy~O_x4e^d9jWs>v zLGa*EN>=@me$rPt&%!B*zd|`25z0HALudKwJ%-@rgktET4EO$#_7YX?sPvyRvU?$% z$aaxZUN2v^zl_E5i*KX5;yFP({1Kl~x4_EcA3j{sHhJ`kf}C86QZmhW6C3BNUNO!Y z0t6cwo`3Us@`~12WY^^U%&`cKX*alkcbax8mZ#h=O{vW_TPUOlgmVwh9r7x=e(KbZ zZrlT0h=4?BvQnGl&mD*U$x4!`(Sw-bSYlpTKHR=2^2Fw*(%CxF&`HQBF66w&@(6i$?DdgGI$EALXlYD(yyRDlKR|P) zz1cysfv7e6}!|T$EGZY-X~MEUQOnh-5hDwJ^#s2kt~L(1Qa2gsM!5)>eniYz0LL<1e1CG z81H^qIFio}W1D4%vadx?v-& zuw7<(VC8Q%c#ongqqStRSP^cLFgbdly%(|b2NT~CPhQ#^c-NlO`?4$3RUDRNu0nwL z%#5W37@)m(O0rWg=-)OO_JA;;RT1Fj`XihC!{%7R^|%UlNp2{CA7Gnhc(vq&mxwPM z4I{M*U|-T9H{2rGMw8ZmixWp0#7J_^8~Cpa`F;Eh(&X(SMDPUlLJMv__NjB32_e)H zY4H(_gh>gV{f@`eqX!sS(iDI42*hzQ=~u2fCXA(<3l_+!q<|mD=BR{4o}ncjwwZE( zlfo46>++09*ADeb*GADpM>TB_Njrt0O}D}J+*sGV4#!2imS!bj@hJjhodyeHXqHlK zU&&px%FSo-OJ`yw>r(`{>eNo>SVlrH>uh7AhJ|ul7ITQXCD82Y5g@UTz*`AW6+0iAODm!z+}~S~q$;Ez5{USO z*uCNv@VKX#gD8u_?6spE13Fk#$!hR7mkV&4IGX@dPvYtQd*c%AhM^Nt8Z?U^9AqIM z>wT?L)3C^tcZrL`_(~%cuw15sWMAy;dRe$@hTTC>VYe<@r;~7$-f~l_Hqe)FMW_Rj zfGu!s7K!L3p4rEr+ld{@YOmEKy*qpSHNseaG|VeZP1w$R#QQyQV?o#{0|&V+KO#x4 zB0IJzc-LT=Hfi?BEvelHf50z6hkH7fpI=j-0?1xFT(cm&xM4Z?hU^&sSnFBuJtMpV z;)Bf00+KsK_H%^D?oeuZIelHZ$4{1(mVgAODCVFj$y18jL&c$WMbrtXD|A=lLU@2NcMze%~W zj*@W+o|RxKKsysx+xKuMQED_F?oc9R{v{zV%)!|Ieci|1ci}KmDwOgJoD~Kx->`-q zrLrxpcEzl6`944vQVPN_zo$={93j^>57c1{OsVqIj~-{%e5&CcHpo2%-USVn1E`Ow zdzw$k>lVpa;7}vY3jb$!+41#*12k^9qQyQMVm!ros|(vc2d7a<>Y@zTxMX@;`N(PH zIIyY7qRCttNki=g^L`qWZhmlN3dGY8oeI|{AoJhzoN(Lm+zh+~C@s7Kc( zDzdQ;;G{I=OjDYyJpzJoc-{B?cKi!$R{~hcZyiz*h}vv-Ll!P=eOJJEK5!3uZttXI z{0j8|jf~Oqv@__EF>-aMC`-#ERr~aTBcOf3pk|V@kdh!dULg`P7mFqMOLE_@b}58+ z89QopA92Q3clM;)RDZ3gO7zW%m5Pe%B3a@L^W##eab(iKmRsCyGnv|D^&93MEtV@7H>b5vsIM75AduSzc(mB20O#W}3SJ?ye z@h4P>dp^OO=LbaakeRr;9e(&mg|bPYGf%mB9-laNo~B)1=~>4sT@TbhrVsa!wHXlT zXm3TZz2tFRiZ5q(r$E+mO!{tOuR3#)L`;X^NCx-Jf1n~czRKK zdE^-|dgMrEX1@MkrGX>DKJERvPjh2BUx3d1Y*M$gHm7e;!Pr@LGTT(73(hrK28q zL7TXFn+#;9Kg`o?;q3gpB#>-DNxUs8F@JnsP0M~)0N$H=xb^%|#HeO`p(>(mvpurf ziEH!l6?1|I3-u5LSw|Ea>xs=azrbeCr32sxaPy-T}^)`u=zS z8=t#@-1^)N%cUt2aFAj_m2}?pbkDftRO2+JWe(PAh}cvV`#=zX@9}nB5VKxmPnZ^B zJ6(f0lJ-4m#O^p`jkj2R+fNX5-0ZGnxuCvYX zTU_y^K=K&1I#vU%mO~FwamNVm$mn&^LZCP)SI^9kqS#$-W}YzlKbl_#Qc%Xa<3~Ke z!ahrihShm9r@VarB5k1o#?(jsB}U+SZ!_^aJ}=T!M5wMh5P^6O!PxZ{As<&1=*9_& zOy0^Ulq=hUNvIcRx!e^aXMnd1%$Si&{3fh^P?uysS#CS=&-J4>oo^pnSYQ6gCQ3!- zZ!}?rPtg#+@QH%UD@B)D@=p*uCuL~k0h!@yJ1SsS>h}(<+7YVwHajnWPV1Ae=!GJ_w(+~t z=@Ph6BuyvyWojqBm5owAp>82ru3US32CBjOH;-(C%F7E8Jc5+vhdn!>owDymwC)*q zSG;(=LGZByIbF?JSh%>ud;G%0Gb59jSmEcI7Nr^g?Vl50>>oz~%6-vRn z(uG=(hnmLR&>Bj;2P~q+N$mSROuGf`mmDx!$0bkD|1M;COWD3>!=Js_I26nQY|NCd z+KgZrjHc2F+?OUdXJ`ANsdVyKrNNhk+Z4@SrjnT`WS$-m7IB9(vzF_;GMx_kmnz>) z;A#OZMqKyVWw}<)xex&I-h|85oX@iB#Ki`BN0`s&OCGS;GH!KQZW+kHjy~8jpaC<| zSlgmj!l}7JsamPolWwaDfTBaz4>RNWJnFDd=FtO;ASbXsfx`a{pOcbVQ$Tg3{oUY# z$6J_p$Z>~QiTwba4$Y9{hNUZ0QS}1ixohJJ{u)@>yi(1`BTaqE7OuB}ORW*P@PyG} zYz)76e46=#uB6!FVo3SRa}NWi9of+rAf;h zG&_K@4{15|>j0P{=3pklAoW#?x^_#px=^aZpiyMIck>V={l2gSw_n-bg9c^P6RbNh zpHHIm%4Aygy(WGrya81Ks{jy)NO)d?_pC_2J04xP>g+a96D+uxiiurZ@nBL2Cd6i^ z&m693$`wTw=&vsrVH;GK;`VV!9~H~ggyL2HMe3mGm6 z@S?#=w^VhX$)JRfpq81w5+eE10~iWdDES(LNIeDVxC$0iU;cg!Y37W|V<^Ro`aad- zOS2Xalb~LwjN)5|^14l#ofd-F$P}V2p$U?*s=&fLT?d)))KuTx#L8h&&jTZMiBK;KU2W&ND?eFu zvfy8oMDt1d$#nA0#(va@B-&IqvR`$z9_{%dvW`R;VYOUyDPRSqd?qLE1xv29`g%6f z-U5XQfJ{C5@clZNIJ_OI$#2Jv@@lr*ievIP#E1ZYHMqH0Eij@ktv?=1?i4&VN$zvc zMv;V36j+#SJQs_7z8u`q(EaDei2LXsxQ*+g9iv*U29`icO!E_IrPHW2rNuUB?ZEgt zJI6zH;X_GmG=zf%NumhI)t}0&4-K0izuqRg^cn~Rdnb$NlU`MwZFqah;Wr}gI)sIk z0#O^BI#T2C7hLifnWd=!pVqi$y1z&3VTg?Sl}a;Q1Ikvy{YcaU*U7jJ_7J+zOkudtwcI0`eU?u2u8vF}&le?jdI) zFW^|A7;(W{WKe`Xz(ql5sW_U#i-we0{&9mr6l|4LPj`DqR%_k4N&Q$h%WLtDZ?bj8 zj|>It6ZSXlev9fxwqx)c#&;4e0)XPmI_@ySmnedAcCKXPNx&&NUKx4Mg70ic*f@k+ zc`Fzw`o9#cU(`1b`Q-zG%0x~XKra-tQb99V#xtA}Xoz)R>!^{EI(OxI%*YEjmS3?G z+-jPr?DO!$sQ10L%A0G$4y!7t$P8|dCN5kFHgXLj`3HukzNptR%;ZveJ70lD7&%fv zTECm^TppeIzX{t!J)0eEXF`A0SkcD|1sbACE6hsd_ZgW6vQ^%$u*HQjE;#y!6xjU|2Zu*-2xTkTs zR1Kr+)0yxggOl{sAnWq0#XV(V!Dq`K`ExT3TIQ9n-p1epI14)*D1SEtIY9%O>P1aE zKOwEr%$RX?gh}Z>QwF}~GOMryNiX=xMJIbE9`^v6wbs)0N zECp#OOpHH2o+(QETd2PwtIMdk!$mrgAAUTNwG+|8YAACxNxZi|8YHI*$F$9?1r>9Ng?jG^NO>C$b|I~eYx|AVkg{S9xuqMW?qHX1>VT=!f( zZl=DjO9#Qe)xID{*5LV%Ia)Y}W6hQ|N)#_4{V_yM)HP0FL`n3WvDisD?L)+sD60~} zPiG%p*|ME*dv!C2bz<)4A1>V@pnR=3jEI3r?tjx$~t^L(A2?2XO%Lc(IGtr)w}#&9eE+n zk}xj8%>!f%!q4Np@&&K)N9}mVhrzc8H?8Ui_t)YVmGV1EWldG|XZEgY&)=ZY&+gJbdh$cMG|vR(iB0~`ya)3t`6N86V<_!Uf!v+} zEg2tmIwk$#By&ljbY~?}_KLg3N4CbHP z#^nKQ(Qd~;6cXOhVJ+N4be1&rJ6HL^IyCdm#WXq$?aAzJ9bRZRa%xdsRdIWp!p*vZ zU|yG-zSLowkL#DU6?$z9Y+bF@ZDylsp-98M`gV&8kp(}pP%^YDac9!vIzl|eoT3g9hMpi%d;YBdZ;3stb8hi*TTzkUk8{_&w`|5t?l$UI=}{aN?IlbF@ND((Tw#0dP_?R_{)E$F8KVxx5~-B=+`nTeA8GN^ zdyl&`Z=qb?MBLQovc7wh59o%HiAo<@ZX_%SFd`S}d#YowrCn>ad0;>>QYqQoKX+iG zQSfdi8URZ0dV`?qz0PMjUmkz+c?d3lS4Q2dWz+TUDH@xfz7kDeekyaVI53{62&!miqGz1>+UA;z?!5|Q>6pA;iNUnCxd0CKC73i4sl_zJIJHJ7)9!oZC=5vkB; zt%)Z1MtM9+C64oN^P3SbBPT1B;@Kk6tl}ChQN$uBZR@G#wDI&G^TtY*?iP%G5yvN# zKQt|F+MR$bI;oxvjhwOGRRb%O=xlqg@!Z3oFT%OvWo8`91z1KQrhY8<^6gMIc?Bf} zJQf=pIIZ|@$H9vVYq)3!sV$U^KkJlEJfC^@ePUY^9LVJz{k!d8m(L_N2nE9@K8y|9 z?S?}^pSvwK6e+nHz$<-f)*CK;s=BP`2%wYqj@+CwfhqPH6kA1cX>bo@yvVH!@`#fD zFpb2QoN&!$YX>rtw`6tHFEr-&*(X~;RnBAibH##Qu9Jde?%)T%k_)l5t=n1C(4}gI zhI|vb*TE(!BX7>abd18z?`0kDZfqZ#TRp)|$>vs_BsH!) z-}6~$M#J%Cb(uOTJJ_cm+r+2M2|6d~`iO~V(8=y2sg0ukhqtmokp9b3->MfI-(WkY zua;P>{Ufu=^{1Vlus{|DH(nCAH&Jf?IUNjPdg3A*O+u+|-Z@g`Lcf?xr<9@bKACpp zO25ZqZ!K>wp=0POobIYAqkp*Dt|&4s|MSEcU7*j|<(6?`QZQqN;<`k7`he~jwX`tac3pP}cYEk;E_DvW2rt0Jc*~_%LDAKgA z+vZcIz#^sU!5(8LCw0R#;{(F`cVy+mMEAWL)8(lxv&o+gu!JiKR$x6in5hYPPfom+ zM|F=1ntN$`ltf{B?%`NKd1@&m-%(Ksd1p6g!uQ#+aB)eLxCi#WGs^OGf${ehfXnIq zt?y>b!?~kb%W-A8HEdyo0^-wMJGS|{pW2&4+}S=y&OguCL(HMqmiA(CqL%iUGcx(P z0pxh+Ysh3b#5JyAZVuR^vO0jBPV)cR>i5w-#~`z0ZaGl|fLFIbwQ z0$(M!Ya0<1yHzVK{wfNC)>w&Tg9jI%-lY>Sp030aa?=6I5__H(C^Ye*HwHtF z5T!nE5|eZ9xwy9zm2cUyyxar`*5XfJbQFtc7|f?RRMyU^*7M|+oHozc-4tT=2bX12 zWsC6}I$?9V-qywf9?ZOMpXR1xGp>#YBwmzG3oNg8Mn&#jJ~x4vxy}93pz2H&32(%iu!|Eo#GPgPU?J_Md3%2kM3;9qkC{*THP)+@L?|!1RVGl zB$tw~f!=sCpdh1g0l_C;5oS*}DRXB)yMQcEO($|$ICR`LE)^{}_-U?fP8wrxqb>F0 z&TPhJnaf$#+!lQICd+$WF5stym9*J@nNu%TqCb}7Ly0AYDYwkmF9B6n)sxuxw)wU1 z*iA%%&IQML5xyYdVY*VEDk%-s(?D1LFJ>A2YQ&Vk|P(vc2+o=0UpQ!t~^+Bzpft<0}qM|W<7 ztj2R#s<7tn`Ma&j@Jm2j|M~eI?x=zls3}a6Im5`DA#&$)C{64>@w>Tl_akN;8q^6| zPnz(rB+-UYP*=nXOU|N$JX;jThacZr_KcDJ2Y1(Dp`Q>hfckuc69;smbxLh+;dj(7 z$)1g_KXyfno_h+K98?rPY9=~8&D6vzzEa5;32lX69|ek!E&kLO73|d%(=0hgxoUJ2 zJx^M8^f=XPn0_DhiK1m@S9a;5W3tVpjj`j!-UCEs(Cam!Y%FzKKR8Cwd^0q*ew>iQ ztA{ZEJ7T@qu9}dy^y@WSkf)ycXy#6^Q_IOq8bv0(C8EzK%!l`0lWecU-PL0*J~=ag zQQy~BZ&1ie1o7Whjxr5HZYHP35|1$$A7toIcFW^|@Y@{Wx3~qTk}So4BI?!J>K)RF z8$7ojPl7innG=8_NUx^$*;&2IkL)fu-Ch$dr*u2c#I+5Lq-BcIxpV#-R?ULkj(W2U zA<*q-6yi%X!avO=1q9WS)pNx7@HTR`eTH2Kqh?j#B}t1w|hLb(i*{cTYz{l;t}87>v+Z@q39a)DwRaHfw{3L2(g3n>WgiHrn-me9SS_6 zeUh=95UM%$gQFW?{byIQZH4^WC1KM0-b>!41Em=mODR~Kq4cd6lZN|N5WU|KL2lok z+hVSmnOdo90Clu&i?U(ZR{q`>b;d|jxo%)fFX|&n$EOy<3-n0d8L_^y!~hHTekE|*ZO-f@4zik zz;N_LdLS;pqV*$#s`NArw_;CoTpczJLmDZQY`G3OtM3~_V*sFsHWz=~pI>C%d$7w; zHQ1F;xtPzTE)&>qFWj%}X@l@M+>_Nro^@+6JN!1ZfIFCMjUE0jpu_mNRjTS_=a8q_ug z9Nft~Q4a^n*_!O;S8>_uAz2q|P5rTirB$qzd<8*u9a-u=IA{B2H}9jo+|aFqH{Y3y zX(#MRoJJ~;aMg7DFhA4MnW%OT*YhYLTV(kChEU`Io5rn(nAfqrFc~S?aP~8}8Ykh~ zhqk1u4q6HG+5|YprXm(+h!8V!=<5lMw7!EE^}ads8`I$~JVacV&tZEO)G=lFeaE;% zHV!;|D_&4Rf!c(69gfBAzdwGXKz=(Ek;RQBHdjI`BZgQ;5m(AH-*^IzAZ^>iG%@^?k!WvF8Bw68<-QFKs^Wx} zU1sh3R_}qkE(b85j&AlAQ;?6zE$ou0{p;@ zy@e81cX6Hkf0qoecsos;N$;$zFZ+xCpoo5ZG9e^CK>=*clSaDSZx3TU!E*Ru z?BAK-ytlPNV72~GL3K$|Kb%wjs@NEmEGfG2(bqS$i{Or;&I#Vusrl!aV$zEz+pz@p zd73i06G?90c8f8V=Q<o<1`9(QkoDBlSf}BxSvd4Mf znrIO4(Ucjh^i60-f#=w;qf-flO)`v_K2GuAu9H5|-H0n@Vb|Derov9-RHrCi@<=S38pDJo6)Cm| zmeKX)Ka%{_uVAr%$fdY=$g4h(lNe+quG1gazfC3Ljg?pfdW`7zVCDu-4(oalK^lea z4?Nxzx}+Ghyi)#&yY;<3#2XjnYspB7yBU?=_7YVoZQ49xFo{}9t5S2|7u`nremjij zuC_O6WK=jCD$B-F^T}eh*}3BSr~4n{{7K8v1k-Qi3MN#raUZ$R6E+7!^bz(%;PD%o z6Egp1{?c7u+rOW5Y~b<`Sraf-PNstDIz$c_NWhzl-rPkvNH@_Vozu??1VYIjke*JU zzn~l6xhPV~pZvBT-O&ubZiVM_;Z%H9is{fa@sztmK$zl&j9o{LM~!<&4#Tn3%D|aqbOxu3+l6&y`lOMdd!iR`?8`Y_7Ud5~cW=UxIicE%5RBF>wgqk75*qk5a>I@7#A!PMG<(bmT`P;6v^rjH z;0_o9J^Lp~|2gjppL+mWzw7kf;g7Ri{edj2pfP#v%=eF_Gr5)X{*+p&9 zdl$G9UP6671&@TWP-|GLr>0~2+I%TUOv%z*#xyqWieq`ME{bn-ho7=!2zul zUWPu3c75J39^`2ztL4Dfmv4WY9$YpBc|HIB-SGprK^>0Ny z>V^G%(WSg%^c+1}BVv<=GC}b?6Xp6M^aX$j)zE*;b7p-X|6<<|? z56(o}$rlkFCk{HHT6$&s$XiN8*F!CcOZ0qG?4AHW+!x~>Q4U>%$W5u0@7|PV(MO zDj(mZVve&v{?W(iKf#{Nr&hkseiY4^o^&yE=vN_j&aB`i9rad>oIIPb2?gnqT{l>+ z5>>QU3rqHq;##*aIoHUX1ejJTQjVWv9{jm=>2)#IKTGybl_$SG>*St2MH574H*VE6 z@?Lxm-t@OVTyr78N0=$(Sh=&kcZReKtZQF0ZMFa7$4%fW=-9EL%)R5w1E%b;pr~pB zE$58af#;S#=IEPz9q=MOPC^BDMMtSWURckc+Lc3G5Lc1kHQLnYW^#FpNbrTnoo<1d ze}fZ|$?m|jYE25yD;67W)T8*1TR#}u02{7Z8|*8;rN;uJ4f62vCgKTAAFe-{6OV&z z2(rOy#$XeML=chWC+C$OQL(WoypC7yq#TOd?N;A@w1l-?L;kI|u+rdA`P`NqK%AF!uFZ z>Aq9h=j&%y^9_RsBfCWlla-{_`m<&qi)1HT3p&w%lH`2y%0IcNGfo|{-@G#9P_|Io zashP_WR^1jb3b#)BJB^9d2AzjgwAKjZsC6^bK9?GI*we&XOEc1?bZ>l*Q{js95Dhz zzauCi;X^+MchzCgfg2V=Mj<_NQHz(_`<7=K*$)&9PSX>ouXHU%+`^SD!LTm<+*p zLx=U}<`Mv)hVTiNnX${WSkCl(P z@OFb)60BRFqj`{|SI~2)#w=}~k^3pIgMPN1^O=dAsfGy!i?|r@DH@7Ux(UbOw>*l6 zUNn{+hDXkG?;_TEkp&w~1~>Al3re$Bd}44Aw;o2m_cmy99TJWM8Z=$Pmg~T98ViU#!lQd3eDWG1NUm;>7 zZ6{uA33PZ*I$sd&nXEWn%|L&)0zJwRMB4WBwiIGC6SS zb44uds|D$hcwvSBbvwj+I3N`V5szDr*5;*=)mC}{En-!7+lOR$S8Ct!Aj*6cqMJ(X z?JhYBJZo;xz8wUH`hR|5prD$I5+f~qa#R$>kuJ}KqYo(_=gO!n^f<){BI}T;-;#P^ zUvT{`Y<-kQVtiLirsc!tC-}ZEMS3NXFI5%g+mnx&iN0llR^_3g&Ho%fo2i}aEVBK4 zfsrr&B7l%%c~fTlIyf!nYKeO7=w{^>OQm&%>g!h*%&0RI9Ko*_`)&Z=2_5>EHiBa4ZL#-XPe|e+fRz}~}ZdvCT@6~QI z;j$i{<`vT&(0f_G*&?2c_Q|z0J74|#!+VbIceioE&>O|O{|{yF0o7EuwF@g%K|z!z z9Th>Ph=6ngq5>jCy0lPKI!Lb}6cGfeB1i|NBfYl-q)G3+gdPZl&_W;~$sfPC+HQpfO@jpQA4+Vim{UoVjBh2@2^5-^w5nfra{V$zoEf$7 z0&Me5UiuiZG#N9dol-Nrqu-y`U5@9ldK%@3{w+=Jo(M42>z}W9LE|+7bT6P@e4uXm z?313znB?{s0|B%p1HE$PzzPk#X9dYVJt5)ArUsiA>ASazGh%bixI8oy_U?V_+?nCybcpx%tDr9=-!W{b z@6fqtvu(1*c_iInT2~ZU#POJ?=HJH@8j>zI5Zf=Le`TE4!Mu>?&SOf$DpTo^Mygs) zo*)}&@IeNIJnJI~vuauCfx=wFJycb)^&2256@q%6Gd}CqpL9?u2eZexv`ObHiIuzg zoYZ4`rUsb%*j|-y2>Bi(EgIDCG(V`t#o3@5*>`v%5*$Au{(SFX-y`roIJHMH4e_vzIg|%cc zJA7?42-eF$@m{amB6sJ0cVYQsM%D?j5vd~dI(P~n|5 z!#zif#9osH-06-oo^G|ZjgXTsw`)`H+j$0Dd<}@P4Biz>ar+OXU87ilS)^#Fp=CQW z#wNxcwDOqp009<|FQI1<=RG}#d?~<~nxLR_{TF|tLbELmQ1v6_IZDzg+WjSHe}!wPyX@5z`W0>HCwc|N#W>|uyTodk zxC~uz7&zk7X-ZSW4rq^^TAP}WxLy|K%8o&Rl-;JOZliAhGP&2XnoSp^y2G7%ZC?2G+eeyo|zeU?$t0vk@4O#7bF6wIC97> zO)*$@uz^naFL^suFo{c#X-FvbFn1# zC(30dJgT@Sr2e0FO8v6t3Zz~zo0|RmI#u}Igl5ppD%&xg-X$B92;8ctT-E|Yu~_tAK=0bRMWiSf9NXJoaMeW(glmhZS@ z67%`X=CYK}%{kB-!ri)DH|SGqMQ#ao@i&OVl`kO6++1<0KHZ~l06ndj*rV?)sr|@j zjS2y+XFNPlxL+DoBt-mTDl!eOWX_j~s%UyIj@q~o@-Rr*kG zJlA)m9|NM!WeP$$n&$e=c$03#arfhm)z=S`M!sFR*qWudY;LZd1{z!zkq0wD0$s?Hd2^L0 z7RukI_OEAmYs;WW1=%Yt!z0=_>=b0l?H^mabr<6(s=ps{Sl5juW5=Y84PSaxOFn<1 zWJ8^@x|+c$_f0XX<;p+0tKFYwq{v>m|3nxWP$B-i{pFM2rBWp#n0W z_rcSn-*uokJ>e+?IlakT{qmLV-gg={NuGnYIrkvf?O&Js!b(cg z|5G&#)iv8jz6A|lfJ${sMzVFTFW^uaowVJ*``$aTPqRZOe6QdUe~j1u6dj#i{a#t{ zhhUHnRRR@59N+;?Np>Uq`5(F$B>a}5J0TY-uv0B0!dDz@6YTssTH&=UL0`|(U|3{a z@m%E52v*5^IYLhhMlNqK7++Sc@+W~58bpA@Ge=CA5?pg+HX>j8S92hrTzD2)-|J- z77=Nxbn&}oGZBeh%Dae(ow6+j{-eC#JGm=&h{odDGHr$YYR0PBNT@xW#b9$&?^4B& z4!w8wDH(YVmg+F@nTtb3GlmaIsGNG^JAvMG`F*4R!RpJyHoX%Jqlnmh8|qqJFx#v; za7sPbBRuc@KCb%)TkJC`f%lfL58I-DCVodGP0s9rDCHu4IIS-~5*_5d`q(p70ThSz zc*m6G;xE6(V4A9PP|H0Iy$T${|L-<%9FQ3}!?1s`+#Mu)XQ(be0JZzd$i z@E^^81M}gp>B~l>0SD(2z)ojv9V2fad50NkX0O0KpwowJwl9PJw14}St8`b`WG88< zUiFbsMLxeip!-Si#l7{qkR&~l71M_7P*mYNwQ?$HO*T;uta#!-y45FwXEb?tYA5qZ z-x);j@ensr%7GIrAZ*LLy3Q?SzxKPkyh&Hh(!Oferfu7PkCDQ%AX+Nfbc=gv4*Bc% zj1-?ffA2A)5nph{p*WG3y`8?PoX*VUes0B$zd@A6$WY*p(#d8Z_zMVZq(9v1R*PL6 z4gh<(cNs!Y%bH837v0(+B|nQ@rE$7V8BVuf_ zewzEB5lziG@}!ml8j5?=dDrcBYVcOmi_Eopps!hCH%YcneQ)&lVO9Va#J#QLN?W(4 zu_n*C5pVLeqBYr{e2TU^S0A~4m3SyZaQpBeVIcNLg(m1=P*!qcX!pInjc+clPSt@w zqNX}@VKefj1BI;ZXi{KuI_`K>HLu{0b=QzjPltX(taiR_WT_e#is;7X`(Z~?+!D?d zG=>zS-)Je_OQn9MVB2EwvxHj7DE=L?^Sha&!FXaVJSVe&Js*E`H z^+!8edx0a^#6{{SSJN8y7*qu!`W`faXgy|3iSWDvjDnB5XHPWCxvVv%U%;lUh@N50 zvHbp-dI>~i7#30XDr&tm?u!*CsZ#4>onbLI(!Tgj`54(f;COJ1s^q=;$N;^a#a`Yk z_Wf^2Sgh%TKZfMjlquuule35%{v-lceULoU*1f~(H#lhmy@sGCLb; zcds-_({^&>fY{?$dEf_Y(ahvI=N@m$3au~lu$A@+A){ZRcXmIj3oY&00eRpG(c;o< z-*oEJK^D1-mvfndX^Ova;Fc6od~+i{q*NTGlC(ArB0XFu=xW!?FRmp{-wDF_f@|(Wg&yH-?21+Tmbr5JDDUTGYz> z6@B$5YzT!gu^E7ktM(C(9uy&q))Aw=%jMsT!+4t_4M(AZ%b>;gHuS z%b#F`iEV4EH`9Rg-=UL2)7%C!FV?dH&iyCFM9flluq_Y~_~$#inu@fkTrr|L&^^H- z!(y0C^7Ep=uP^PRfPbUF8335jw%I2m|6`DzZ$6E5D@aNmbF+N_-(>+W@* zmgx&boAm*G;BTGXTdcp##cO;o|8)R6_z~GKbsmbizt|Z+5-m(>qmygB7g%OG)f4}HFlLni0zHK8jKT+n(d#g2k*Z? zXV{n*WrE*6cEKiTUt}eY4+HepOHT&1FM7xWiP?w<(EzA1Q-)thP2@LoHf< zeur?^B>T=J=&*XWI5l&u}CQp8Pt64Ly+~;?b;QVOpwo>buL$%p}oR~l8xZO zDZ#T0x!R36s{D`Pba&=Mg4$vjNKpmDyETnc4lk7t)u$AJpKF&>Z_kHvt`F9+L_U%I zq!q?>6B9d-2pXS`A+>ub(7NHC`QT6qZ&H+I&mui8-=M_lZ~K%KBW+&vmWLuB3W6^Y z0Gv8EYmuCUAoAT(Rdk|PNZj~R>0weH-zA%sax!1b!#IrrHw+y8Ntigg$^K3MoW{G#Jp8=jWy_dp0 z*^6PPFTogP2gk(vtQ^L3UmkgUi0@vrbaw;b6>NLoK3UAd9PuXyaYG$akrc|LOu9a{kjeO&_QLgeqaiKdq;G= zL!);(bK4v1UWBsMhdXFN#?Aum<_lYVTHQ7Zn{0>EAkU`#%QMWYa5A@^y60hD1KAE8 zw^JG>W4<@6tU4A@$wwV5bo;9d3eUQ?py)oV-|(q!jYacwcl{WK7z4DTmXcSCyq*x9 z>XHg~sc4r*a62i<=GC`>nKI}F@t#6gVrQCjiE}+Bnf1XI;?;cbdSog20l@(PPEC%T zYY~uoI$RsGb~X{~5wA7Cbq99T755(jnO%(>-@${zkQuC5Ef@sLKL^Taho)B|XJ3&Kkh z%-@Z%Zi2nNCJHY7jTzo?DPWjmRfbBb`Qp}t_Ha}qA#u$hrnA{aQ_}_Hj-Esfqc->J z!N+@uc-+7?>=H%964UAaZ;+$`5tjvEc&5H#vdj7rh-(88CgJfQr4uuE55jVnZvhGh zCbmw_4;E!Y2Y=4%rEpk))U3~j0q9dIROdGq7#ldd9eXKujVfX zpB~X;eU3d3NGiNeddW=_yqn=Y$6+qjwS%rVt2t{d8WTZ72^0NGXc5TH9)jGZf6t^V&craO$8+m}87tu%6oDhqUrX#hw5p0ZF2Y$;j z>h34Kx~(pjLua#k z1-|HI(8~unpwqIpxPeHYN-w+qs3M0lseZCtXL(Yene3RwL>-{)6yAH&r7x#LKCZcC( z`1oktHB$kxlpE z%y&Xn)BKOKDVg#Mf|Ke!`VIHQU|&-W?fdmoT?APzsylK%3Qd;Ck|spl)!=D8;+LoR z>`i7&{7?Ue*PjhR}rc)%G>jDG`sv@&go0_`Ua@r2vL zg)j?7cn$ab7`1H`-6IJwo`3HsgM8JbX44G6TwG!*<0el05v#BsV~%h5`Jm{OwDa$j z7{%blka^R@)aI!^20Re7PiW+!UW`RyCdP0=5z979ez@;q)vCw%1V zAgXrx8WJ-4(mG3)(p5Z^V*;AFttvyc&R^A`(8tJ{lW{pUR>^&c>CQ0_d`i&f7G&Z% z5S8_NV|yP|S4H1c@7r2`9QZn^ChduAEi73~#hXUccP6vBEY}A4$1r%xAVYJj&q*xubRU53GdU^&r_Ir#G>oPi6 zcNtrSk2R_4_#K+()ymYyld-gfc{EFIDGf(pr?Vtol4Vq%bnHK;`rRHG#WrzN*SXw? z(;!EuQUu#w|3<%-zR6nAq?YX=^k8Iqh>rhcr6rjdTqYm^Y(YAHs_~h>RZLd8r=CkK zs;af*1~hfDxlmr99kFTU=l@%&J3SB50R8&k$!r3y*7%KlcaJs~4G$cbxF{ zz-`fzA3qos-a^~Jon(~9CGVwUzAn9!6*|X>D73zx_cJtg8%@Hy)LAp#YPIU24j_3^ z`dR1Q?q9u_eTeKXXe4$mP#3WkDyC>lB7x)qC^X_9!w2zYNvL~wEGEg zZodQ!TzyuLSp)iZbN=G40mk%{F#!Y4^AOZtH9;QGlXb!UwPcvTcj;|vEWeX?1b~1L z<9fpjKbP;E$$tG`y#T!QK59dTyANDtlPt})d*Q$m565S+y^lF>zK3f}>sz6_ddv^4 z`MGc_8+~9U5qOn;(^8E1HCZPNkyJ2X+vCGA>wJM_*YMm99{S*M5}@w3fQNYd#&k@{ z@aCE-VO%nB%erwWgekN7hqO5H{y5z=H*;88EObPa6$yV)*X^D+Jy*Ln3_WW>2^>l~ zhF?J5UpcbGEMY#Tm1qSZXR&8DaSL`T!K$#@3t8X;n^^xe8N!nzaBqy+Sv^>O{-R=! z90mEL|8b*X2@F5*g}|k~9~Q#&=0^x;BGAJ$Bohh^JkIm0zcPu-rkre<$6h-kdiM^I z=M5*ttTc2j4ci0T@4nEQ6~p=Z51UtQ_b0@xft`10~Y z;>41P_1KqT;6W4O2sP(?)q7T~&|?QZJt$8rW4~cm=dN;Ru-_%{@YQf+5n1eU`fuh^ zUcVUV8x(*N-g)%H%#P4FnAe^ALrMYro6}2h@R@&Rpj5s2Gw$E66ag4lf3J1Jv4G!j z#z2~lG{Wt-wRPfeWw`jxew+;Sd=0si@X|fS+jc)3|8AJL|SwsAO#W&s2e6#8;o~LlNX@2+0D~mUoVEmu|cb z8V#W^ug(JXFfdN1k-t{qm$O%S`!iwTW*R#QyQ}2Bd9BA-U`7c{>`>uy>j^XjKrxL4 z=iU}zDaLM%Y*^!C_=v??PSpMb?XY0O+muVLO zJEP3?G)Lq!%(myQcvi{Cq-0iB?eaJ9xK!p7O)$FXw&XE#i;uQ*M3WYLi@GJRayVm? zH(^G_Tt&Yowj?f-jN!PpAt8i=P)|HH1w+E;PR0sFn>!_+fdv(tN*5J0u&TLA=rk)c+= zuPI)gqoU<|oZ;8Ev+$&%Mx&J2=MV6cb_xiMgEd4sb#q##Km zJQe>s(o|@1_zgzGFGa1k#Ba3h++3!~1U0b^J)92&HYaw9veHx(db?>`kAf;|Xq-Ra zzaJf6!W!qdK@)tBfwkgbJn>^_X~Ct_@3wh-ZoR7|`HXLWc9}#qPX*%B6z4_mMGAwM zza`b{-YN~Lg)^z=(T~V_P&j{?{Xu^hcG&0KyL1}|5Vx#?qF%+vWx&wUj(c^Hxa5t}H- z8meJ8Fq~(GEB5ee7%0cf`SHB|g{Qy-Yn=DstGO#~abna)`#(maHcwpMcbQGWa-Cz^k#$#^HD69ol@qp?t_dHM7SEiM&iQt5j6u z=F!<*+8|fr$L-c*gezyjb!17ass;|&_{cvCVA0%XYe+ZdcX{je$Xsi=83*HA3x@%H z6J=nv#EJb0ZemCCCm<@9Z2}*6GUolRf_nA$Tr}FSr(p-5ogF^n4gB`CA7H?-Zh;r9 z)s@L)zN$!LhOt((&YjbfzfO^_Y{C5QF=tw3%?HJwY9+rntzbs%o+n=ww8mD;q-1m_ zsH1nqik_Lv%AHb&^p3C#>-sMRO#{;niIt(D%+}m)dj^lUxCNb~jvTJsxyeZ0JNC8V z`1;oBbjiTgzd>NG+|34BKsy4_<>eGE)ukKODnZ_}dvx0@^`z0zJUZt~ zuTD;SogybZoa<0mdmY#bryKR@Yv3~^JX~*Qa`fPmTNPsFA~DZbc^op8PRne&fB+S7 z=RRwC-+&rIkmHSo_@$}2Z8=0-M?I##a@F0w$+qbI*guw%E#P+y%xC!|3gWLa;81WF z@ymP0l@C>GK~H&S!9vzx;5np0blZ%dx!NeL>DLi+gsVGUO}u;cgR7uD#`W*n^vK+t zTwfvzaG1^A^Zm!|ntm0rPd0?^`6!r+iXF#X@{z_6)^#;cF4nEjyarAPi*Xg7pWK-N zJ?$xNfw!A%dhv|52vjIJ;j_SJ9}E{at0(I~j!XOAcS|3nzLuw!(fN_#+#=;(B#|{c zY%(&*zV}k;x*riym`*>x#|Fd`)E%Vn7C80nZD>_H$G&PAuSARuUZkqkDdQge9PhjO z1)vT%k*~WzZ9;ok$!yHa^d?6S_1?K}XSTPUEt=Xz(-_=0{a}WMd}lAae9g2BqIOLR zM)9uX@T~5}&eSst=lB{@Cb|Oy2K;h1BvWBV<9?II$=p@^+6(S0kf@L;i?@0?Pwg3! z17nZrrF3WKqlgYUap5)dABxYisEY3*7*j~&*$%C)1usjf-sJlmE;zn^+QbPwAZ3of znBVG`CjRkyN!UKqyr)GSt+Jy8%z2%KtFhV-rCdK#zJX`&J3)%|a?fFM%rr-NGw^fN zd!(P8WO{5$? zUrEk9*>kQ9%2M?+SaP^{Ickixj$wa4znL@>`s6pKg34&m{6Kg8lKT(t+f{=$4|b&= zoNe>~iv#yKy-#tkdW_D;Vi(NtN(%2b2qq%F`+CRtP!^kJSzDGA+17ebJZ5%$|i>63wyJg*H!GM-JcEg{!AdeDLel9u`f5{L84bfap0n~2+w=rKRF@7 z1shkQ$5QiaA{~Y17(%nNKguKw5-Q(1KtUIBpXs$<;x|4g%+ubVDk*bK?SaGdtB3`bP$@4k$k9hH7<x04J_pFfE!{ALZ$SZ6D0#rg2gTejm+*F zq8Du}u`XalFhYU$NyKq6r|f>Kjff#k!XMZ~3T&F7AS%Gvm=}hgeNRrJp?>IGzb-Nr z>|DZ;=KOK_gGCstZnXwy-ab3vD2Te^=^3pTN2hldC=WY_0hV!9t%)(_K6-rb_X=u8 zlvY%8@b|cgxhVX615v)~dzR-7lYqBy&ucX=-5<_KhtUY0&ekvP4L_l15zvM!lU&l_ zb4&Dm7B;ZCAJLc$JVJG9Emn}pKQeSoW{}siPVh=S<>v;^l0R2)d>m0gSi-kyaBWo# z+BgjOyg)KdMR%()hUX&-k~NXIzrpz7I`RSWQ@Oke zzRw?3v}Eh$g#Jf{mFL^yGD3Y8&oSDqrWn8x)Wchp< zzMpIOs+1T1*3@*a&q7B;OU^|kwQA$>3qszpwK;O_i-F&)6-vbA&a}%U`$mlMT;{!o ziyEO4#|h{6KNgEzry%ubAmbdG4scvb)t{<~d1fdpx7DFUY?z)aeoq0~^f|AoLszCn zYV6Zfzh&~}m)FJ6Gg0!LhU+O~Z4ipf*IUt}DCJ6~c` zIwYn2Yx|X8uH>%@o3Q3DmxkIVNotC%v_6p;S4!y7c8W5NRO#439A3(x zvh$k2WDXZ2K)~ACBytr)0+FOb(=WS^IE?7q9(-q9J&9w^En*)8e(a)ITj zJM(6&yycqcCKb8q!>C=_RbvYS^`s9U3_e_Y^2Am1pB2(6>pW$p)Eg5&PO_e-^(I!;M0CH9W@;0qX@7gugSzeUFhn z8J3e>Nh*=74JA#rIz;xId}z+{E0QPpR=S96cb^JeF(Jw^vU~@ChiNUFn*(RpXb|RN z;M@o-ddwdzZ05GY(&-_3rRfyb=#~FU#$hmF zKi}vCze@sN*92Q0fmj@U>-Snc%PNV&^J~Umr>vS zk|;d0q3$MRVu#%E`SwzY#W-y26y)m|=FB%(qEx1E@9RsctG1F0sD(0(n6~$qY7An+ zt%V1ygemf&1@*+M+naJY^Hj)okN@Z}7OQfL63|IoxKQ?m;F?0`H^Rr%5qEeRtNdCx za|)_f`AjB)yt~67PI)Iq4NJTyNE$A_GvZwE%G&;FcBsdkT-M(6j~B=;@dW*k5Aqv6 zf&_i^=yAasub{~zE=E=h=-hY=wXX~qUzM$*Dv%KY9wdC_MmkbUuRGyD5CKB)w1n{Q z??b1?a5vz_v^tFP!PX2Lj4}pZBWEMTx+r9L!78xT z(*wK9R&Up@SD-%T=eXlX9Rp0yJidBuZ6{9X5eIE;7&q)VizO1DJ7g7b{<8LMb~>-W zZFU!=mh5cy0^Z~}P&*`Xll--2cd~IwxtCNuw#?nEXsfBVuX(R<)LMtQ&HgjP1h8?3 zV$+;dW!DI%|7cBh;__6|w+r)xQgW+D7avy)jyR5O>-G5=aQD)8bnFM=j1b0EpK7-U zu~+Y|(ffQ6ecB`u(;XGe*z_E$BJBCO)M0%)&C794%8>i|U+(RtD>{nco2}Nc1CPr> z#%9+@9SCz_lJ?;ta%Y^($IZV&T~)}lmi)T9D;!_#h?IaDW7gPwW%Gbyb;Eu1fptgk z=Oo&VP1)-kU=?mBz(64Qps7aH$tj===0a*8E_LK_w81_{8{nJa#XNE=EiW%>@#;$! z#4GM99pmbNSEtJk!*&^OfaOv)`V05gjtQ@;Ul*{Qe4x$M&g(w&c7d^7&Cg0^=+6v1 z`2Ca8(z}2A)dhr&-A2Nv_rA{*KW2SL?plI`Tx7d1b4ADQ?5oArN|kiqI$CXbUu1UW z@Ho@Z$r;M+C)kM}uHniU>xb`6m&x;=Pod!($uF9}o?4Je%rJ9rd=K;DYdw{s%j1AkPk6rTk%)`WY}5NGL`vA1e7G@D1ARDqh*~>j zt$3BlTmW5mncS+_#S0_m9cHl`Q5}(|ul2_8f!HDVFX9ntwkQ!V0#%L85SYLD%)n3l z89`ogO+YndLe1g?T#o&`Bg)%1&ZcX6qpG!~|M?3g+5>X2oaKn^;kf4-_%+FsDK>o$ zelD$hh4$ElIngK6I?xl0ep<|-_$Pz1%CR|pIo0;-_r1_|1J1*1Mvn`+eb?ytBxg>k z#O}$Gjw?e!vnVw9*`k||yDMc-$84L=x!9m`gly7j8tA{ffCRgu|;aLts zZ{SY&vo+U1V*vvlC~+lUXa&M*@qT}%w*ieWejj*cXx|+JVrgW84Z5o1=sOiDDBqhl zSo)@xJ9(pUGY2^ho)E6V3XfN&BT-?Jrd5wAxwg!w%Zw7e!hIZZ?eFpG4joAi<6#LQ zmk2#+A}{ZXa4N)eh3`im8HRa2V5VLScdE}~^FIBq7=`J|U_YjIGLBqe^)4`CDc|{0 zcCdl7;p)nfaXBcaHRvG}jNN80Q*iP0(+gr|@7M8*&F|4(?sjR}OF!k}ykhta&hN!R zGk5W+tb@R|VOPC*^*sdxt6PJwnw?A=TuD_^&xcU*EAHoC4mr8Q`fz|H-{*gtE-QoLeqM?4SnY#TX!gzuLTN9Fxn40Wo6Do z;XSlY(K|yLm;%i550{1O+`euCa@h0WY{mEo-@CdFpe&#yB8=OSwwW$dK_&W!MMSbw z=H<Q$S*_4Tr=aIBJL6urooOs2VXmO6}Pb<-If7qw&)3$=AWuEh)`Q4?a`#^?ow866g z&_LIfhIc@UF-(P2!iGHkTtB9U3f4IepczN%K74wvbPJ!G1h+2)+ZDTkjtoFw0;Zrc zI=bMzCf^bXAcNwCixk)X?~iOK8NheN!e@txeJlhLeQtW*fAT$-li91M%f`PYs164P zn|?0;a>6M+>YPvc4v&VAT1ji~5}Qn;&yCLkL?6SE)t%R(+DdA)i<0I|!kpe%H~8=g zmC%WUs3DYVa*Z!l&T19zT2C=AuLQnH9BQa2&jrRVvDZ&0kK3REc}c4(tST#0sEK5{ z5Lb}g6=sa*^BY}ltwqzNqNWZ zl^Kjsa(V1UzEWr%^!VpjS9sXeZD~f1>`E|Ub>%(Uw`A;n$tuqFZbml-^UkT3)rI!Z zAm21rbpIm9V&EPl>n#;N%3fQQYpsXJdM*68fgNLv99qW*WGZI}6xuVdeyi`dfp>25 z05u?kXM^ufJ#WqnAY>v}LJvlnnA>tN%CRdW545l^LAXl!6~!ydl@mytog63JI9yKX zevinsQ$`~^gIeILV*4{poR&1=P81Q!%D3g`wg?o|wBt*`tRSL9{ye z`%P-ELXxgdf0%DeLs6E6 zR7H`QRI_<(dro^&b)3?isYN^L+sai`0<8$lUXEw6FQHs#p&vL$H#0XKvuwVYQ~E_{ zGL&WIkj+89vl-)u5*>XW2|wR4O!d{t{t!Z^S1=t|AJ)pO2R-;5r4*IttCLdq8-vNL zKSRYrz7fXcM5fEdoPy11=fDj03x?XAx%)H;%$`I(VGct|>B6+`N8tgiS4*XLL=K1t z!5LvnbO?8t$VncjNMwG3S5SkC3P-_4nus0(TMwvtkS^de(9@S!3Wc8|V!d+x2T^+P z)OjR5${wF#>P1eFp8_rbh+_jbL#g(kfx8L`T-FwEle~`_$4!ab?HP8j7P}7`nJvNB zy^BuEG0vDSyLciLQ1u{CSc|w&m=iF8Itd4+Pl^D117V~4V9?HXP1J`JxRVD2xBO|J zxQGupeRTrUtj`j{*XNsQMJkYryoS!r_E^9T@>^o@1$?e7Hz+qwF@i+Yp;5rkND$Sb zO3;i?D){wbu-02Ay|Qd}%ET?`IPoY=t6_7~YASV6O01qpYJ7Ypt<{ z7X%y2hDmh>-J^`mtIa-@e_S_t`<~7PWgHtP-6~IN7S9mpW1OLkI(MEgBkTYu|01WG%f83LJm zrca-_Q~FFu8?qCt0uA25lW=Yibe(&O>#c!%{fCbUExV_Eo|1w4fX+(l-Jw_)C0X++@0+f~rUQcf4+*We@FdzWl`5gO{0)-4Ytj?HP}B{Wc@MZl@S+8@)Y{ zfCvQOPz22TMbGIx%d?RG;Wu33c?hK-OoM&I7e}f#3W!~pip3%>*^0MjJCzI~UCSY| zSqml(k$&lIk$h|0A~h(#!@QaXV2QP(hvvdX#p%hl8=Bo+n+2<0n7Ud}fv9r?I0ve* zSC?Ho%|g#Xivd(ab(6hXy%HPFcfVS`GEJOkLFrFV-tu}i=4sHW!eJ|F3Uvcn^{kB5 zJ;USl^Hum47`cbDGp?i>+tF?2Wq;umRosZ*6}|2B<9wyo?+BA+#1KRK(r>t(OMkucs3jqz!dR4C`T@($n-cOiaJwzWR#El zM{grno@Mh(TMV7N@S8z5eEm)0+Go30rWc?O6%w8|XTK~j=Pw|hj0~N;eUqbbu*Smp zQ-Xzk~xvuHcrw-xCjJemQMQc(=Utk#x`Dx>Rn`~oCIiDQ22DrVu{7e}^HtyRJK=W}# zO81`XcP0T#G-&wf(_}FzoO_NNiVf&@p%8VU=}BdEb!? zdw=r0YhY=Wn}bbbZIo_?#B`PWjt%-595NImWazJcRtYdn%ZEP$?Hbn}rCe*AGqaWY zOqK!pY6O~gpT6*-bsZZq|I{8{X^EIt=b|2g${2rhNtMic-=e1R?ZaQN7|C6A=gnSZ zKekV;aSE)r^FJ@yLjn{){6R8ni|C_dg!lu;A7)g?#b5kLgM|-v>PE>3_298q&jOsS zmCj?hbNAMXd%YNy!>-)Oc{~*W<|(x`89T9Kl(Ff>UE&`&+HJs-oOHcL z_LKbMP7L&@_gWyPTL{?`Aox1BD<)-P!YUvBOC}*zXnN+?s|Rg48zXZmmUT`gW>+3Y zaO!4J=if-Wa{&P(aHxiP=c==a7mXzcVfA zs!ATet&DArhmRft2&pV zCN$iu#+gz!_jN5*xlRo!r0d+b)n{mQi@oWf~b}qaE7sIz_Wk8`2YPac;$vv4!ox` zcOw+$gKyl9=L7gyx%ioO=d&*Cr_xU6PFu+*-^%~Nf45`pfZ<{8CfOrR5!~&`hW*?6 zt(vn~4ZrIx+|9LLI=+3^UOm+GX9=4S7UC$Xk6v{HJcnCHXY+hK*v{bW*6LcO9n}4z zn>sY934T-3J~<@S(QT0$biAU>aPqkFUm5oXCT}xKti6{e^-2U;DUezD%$=3G3+L?+`Jo?;WUeCS|PSWz%A#TJNQr2=a19db-zNSW_V%QYfms0n^r#A*D0JgjW@(3&J{Zi5( zVTYTM_V9OV74 zRNv9)b<%DbjjhoBlPp4(OQXHd-Hw-=df7}!BLzxexwUM)^@i^FaQ0zi3_m}=Zbl6L zY_&@aaQqdR!uHn|*&lb{qv10DJUvzGabaXBdvf?!b^ft8wdCz5_?};1L=Foh16%xw z1Vd+aNzsOW3uEZ|9X61(69N_F8Oo z!2nzz2^G3EV0DM`k_T&VeYD!`|B2WA3p-tTVlmymrX)fFf36s})#b7td$NKRXih=E z%{9EM*1uf&7r5U){;SMyLCU4+oUyasTFT_jx)w~QOrR2#|9jH^x8SiLT%L)cQ^*2) z_i|o+PC5_m4Ug{sH3apqk5()SLT<&u^Ee9?vxP|QRMJAo|Kp=B1dH8X_I4AX@mh9e zw%G)+4wjIbAf=+%tDpZDr~R!od~U=;?<^q8y<+kPLH=h8l5F>%-3pOdF``$iE{M)_16HIEE1AW0I+m$pLaEJ8ZU`wWD|KkdX*g%OX z552jqUs?RwZ0>@0;52EapfDh*E#hCl!q)5Mh1&jcR^5VpKdz{Y|Db{Db{l4kw4DeZ zNDr$!`#{Q^mLBzuSJ>u@ko(2jBR=Q zf$b#$Ri$1yjbFubSiUdYXA#<`B&MM}eD0q1uM7V#+^$$pX6W?##_?%n?-%}#qI)Kv zx4gu$ynn7ZHc^D7q2*IQwAo%h&EOC}`hMgb!s(bkI%ZKfNGch#-F)Wo*Yqk{v|mnd zc7A=DS2FYh13Eu-4dG;7;16PdPFh1|Qn(Q!`CxJXFuFrdfAgc_U5oZF`qHv;Z*0>w zX|HXysa*UU$`!MJv_-of>_#3LgzFY)hFSN-gx%mbZkGL=v08ptc6Ia*qi$6PK`{5* zlweV4`PZ?a8o zf%+V(zaxU@#>kVot~A4s+<UlC254w-rR=e&L-1J zv5-Rum*~?c7RMB+q-N{QM@aw6eysBM-UT#~*tZ}}`>#BPf9$U|Z#Ja_^W^=Y!YBXh z00&c%=En;OoaWdOsdRsAkI;OkM-F^r{m%aB4w zu*N$b_irqV|Gfg6#)_4fUnJEJnFi}m^rr3ZjzF$a-xegX`6a0DOU}Prr~j5ZtZKny z(d;iCJjmVC;isH@bceCoGV7zi`OnXFeyE&Qm%+j;+gEZ)s) z0&@{c$wCiYw2FQz={JV(=()6CL$*u(Kfl6w3+K;~njdo}4?BMsiyqjKC^!}PSGoVs zcm6-VrN6!yC2gBpZ!`Pn=J!wiuhBi%Bgq8@(Au}h|B-@+RbW`SePR}*~B@|DaC5}XVFgwtr7ou(N$?|m8rPbN03xkk%7oiyO^q@_zA1AKSKNF zrGo!>{{=E~=HH|6gCBgR+Z9Z=&lvUnIu;yr0%H@z=QLf3rPF z-^Blalzn+Tn`^grt3@|TCqrxOY^+WwL1?RXtEif1s%oaD7!yS|yA*9zDPnBR5_3c( zv|4J4IYA6nLrBCNA%ySop7XxveBXK7p3h%?@$=+<*1hhvuC>;+)_tO2xHVhyTef>- zRNXYK^z{F?;>)IF>!I_W2w(5-eJCW zPn_?qp`b+NUWoG^NE=2)z4(Vy`gd~v*JrCn5_~4JWc0T-NMK5SIybH6ke`|J;tfXZ zZ`a&WtpN`3`xbf5510shnYg&5fz;1x(g->!@_R{rzaFl7!~PYyu9mj+bojQUkXE=> z?hTh200K?3IXDPpC}KJb4NDitiWn`fj$}g9u-QU8Yh!0{_|;Fr$KE^nvu|5O#6+I``k2a6((a_}GQ z=~SJ&_7>1Wo@vtO4?hKU|NKLEknH6GyQm^>@)hz;i~^gez%U5U`n}!tmAfnmQjt6q zasB^ObwoF|?;ixeJaW`f4mfMsBT>Hy5&pGE%|ns}0P-SgX%9Z!Jjr&*i0ftCP{Z}4&Vt+jO_={fDO~?3 zTYnJi0#jH4DbM0#@SNpMP1_Hx$^vd>HAO(FXz$-{kX`)2`9;^XDVS4~XQaf;EClTy z2B`il@?!4k%U%anwDc^n)2lPh=wIR78)w;Sn(cyyv_J#N^xV*I>@kq1-EWKAFo!*t zSW)SJ%?$wXJUiof=@GLdY{pt^1X=QT&6}M zT*S|K9G46iWd?A*ydDjxQO9ZZKX7)g8qBP?LW&UFi=>b8bHYc-|F?#ZyXhauJtTo7oqa=qnH4K zb!Nx{dLl~L^N^{vzi|riW9)P>L3QQNjbQC?A%$66DVVk9qW#7D;r1M$Fgh>rx3 z;S=$o1!qC2r{C2UgY>y1oCWJ5TU%R~I<9p+$1LJN^-G_*Cr~gd>hq9OCe7ll_|A7u z@F9IQy3viGmB$;Mg^?>g^f{}A8&ru~^+(CVp$bpzKn z-zmqQx2!sW$$y!||Ec@{nk!S_Xjr%mUVMvjJ=cBCIXew5dP+B{xk(zpWP9O_jNFef zW?!bBCYPyAkYgYjH2xkU+YN?Td^ffGl-#gAz0~OiySBZsxZ^okW`E04cmJ{7HT~Ta zVz7+~$a_)Ar#F%Mp+AmSG7EO7w!6W#jIoeXm$uBXoz10Iec08|c?WTj+@NMS*Eo}a zdQxrr{T6&J)^^^%6QTroiX(~}asw;Hn znkM&F*b-;h5kjeD^03;@#w1N58ko9ftBX;WwWul>wTV0NVF|~;BGneUVC$8TSCMVD zEQ)FL0Z!iMdmq@h#EVK5{FoHq-6(0fIooq|^h2(8LKMjpQ|e7@isp;%f-d;dV8iH% zH#(PGGRH$#I}3NVSG)L};Ql6<`nhn}gEBi#s^xmqEps&etoF~(+x~+w2ipijF>SGJ zG0h*`#kh>v<$zH-s-aEP(PQDf^mJ!`4)(mfywBjBNpPM7CoQMUr7th5aUbn-miBGu z^4)Y_{2xS{5D$x~-6rsM(-JX^MRZZ(P}|Ym?Vj@%2!8oI;`H`ekrOAfBsk)b5`V;D z+=nXs0&2D*A==$KE}f|g69>dMG`Q*pu^|Cmf!$}X$R$J@7MRRi&j4ic9;aw|S2Z~NC8LTH@#U`>P-T*=0N1(CfRzbor zIsC9|?v_RQBdwx7y<-&Qda!T+`eb=AZ+eqa&PXbs&AfmG4jsZ z9BLVwntY4FM9gOzYFrGqvznRzJ$iY0`Dwcx%52qq^Q)k3I-Yg*0WO*zkmNjO{}22-u`{C_(~4%i@}e-!UM+M->W*?6wt6W z`oPKQ5WCojZykll^}O1j>sOVVYNxaOs3Ir>&;Ihl#osZ;)hX*sf~~FP$_oh*>VYF7>n9OwPDm<{{pzn zzB3JD;PdQUk}eD$amhDaqk`6}Z8FIF=T9}c`_Vq?ByUf{XEdd?#F z6fUyEB)e~F^43M0VkyS7<*L4Kt6ku6bz*pgFmB_kd=0=V9n5}qjHEV|4`$7ktglXd zki28p^Cb{;C>yV)j$C7ib~U( z7Er+Go2Py4#OQzqSKq*C_WT6z@84RFINW&HOOJ^VIl;3`kWqRrEN?AnA}h*A_A(Q| zTcWPJzno6pBIuT8WfLSzk**HD7)5--Pl{xRUZy@H*tOZ@LgYIbJckAsmqJ=&1+L>8 z`_Z>|*#~>Fck^BjMm~!;RP|@QKb4U6)mJXhEr63*C&J+-hK%qJL`Ct`x{UL z6-ZaOWBhnrAGVU%uN%8w6Nvcgu2bikv37|2yk%e)m6{O-oNB#KTy>ekUiDYl12a~mE;Chz^I>BvpH+*x2fe@-uQ=FRMVJ~Eh3vgG#7qhs%#H=0d|O; z7Cdo4(2tL+xoj;;ss6P4VA*MSo9$w>SbmOnct`#TFObME2ArOfzWK+*61Iq@26fC}v7^W3fY=-lNEN16Q3ktE)#GuQK@Lr*s=yIY1{wszQEXqreF zmpX03DDpLp8pw~2E*xB#e=#{xh}F&usj0xm@;xWVqavL3zM{oR4PaW1UEI4&s}p(% zclwZ^($hgF{wrZaF|B2O%YkOsVX7j7zL!-owA<;sMk155C0C}Fto(!$j_5CR%m}rZ zpA4w4b?z%FV|*nb6p}w~l;)Oqb?EULM(cg?c3PCUf_`j%LwPJUq_gw<$h`8;&?bd@ zih2ox7>TbYJR-NztkBq!5qwhed12y81>~)~-F`VK=fgQJxM!_1eWjVW98l&$e8@@V z{jBNw9i}b!;5`dJle+a`H}E&ybh21OPqPwT)*;qgJ76TkE`O_1|9E#E}U`@ul2 zw!pr$vA25FepL z`FXNGG#0MmNz)rZj>w%cmdLA)IC!LY$? zP5yUlX1t?mV?>s>_sFoTXN}w6kW&U4&(CAMlC6AR!12YZ71cae51PzEn{NdV)c0NS z7{9EzIucWR`nFkv>s{taty{7Q2?b`yxDzmTT&#H?X&bAA#6K6qFIHec<=NKwwz##J3mkgUAlfbuD^P zwV1DKWvvC)p9* zsY(B^DVxP0YD-B z&D|fd@}7M8Vb0ZtpR?YGnP*$`z8%}d2ju+~BucG&N7->G)%NW7DAw4|{b#qs`Rz#+ zcOIYxu-l%oFe+81K`_ZjV_7sWFV6FWTiG@DuJ(m|l;B}knf(~@5OK~oZrZ~ik<6}C z00-CLQj2GP#8p)`%d>jrKWcEZ-*9f>JU^OiqcrMg7{YjN)bl-dw9+R`SH^T-lsvJU z>(PU($VCTDA+GN31%aSU4#QLEJO}0{e-%wp0JVpmyIr;g=`Q_m{Sm>^-)DevxlQ+a->r>#GyDfd;s&kK-vCI?L zXl?y;EFW_+d0>M^8aO)||Cn9oWVW*eZ30gxW%v`!rHHxvY_^7pCYLxU-Un)qEJodrwou*O zCWA8tzE$sIEd(@#5X>mWUxOPYG81~*(P|Yp9h@2aX-~7zl)9SBh!7h9qYhTN^p&88 z{AtT4ht)KEOOJ17hYdOweb8d$7@2r_RQrZE_k<=sD&_K?&f9;T|g+HtM03(6Q3JaNdL zk!HUW3hh^X!aQ4oU&izn85j44eAqIRbZO0bQA_$fj~Na6etWROb8h}~#I>*7 zl9x~8mTAK;geJ1~g};Ae@*pzeqHH0W{b&{Bc}iiQS+H%%Zs72h&jT%*p%P8C>XUPo zF1aZ6==CxD+o+{)zFUv%?uZO^n$l%{AdYK4n)^)r&cl1Ndt#@R=wG@_Z4x7&3R1%VL|r z#!SYoeO$`sgG$N;x{;q{vgVy8m{g?x?xC4isBu_G;QEl0;WBcUiR4sk&X%343#za? z81nL_jjcbzn!jr6*++dS#Sn5sW_K+g49ADSmkE^g8ngOKm@Hb9T2srtF2hue+GbuYuc#n)d$Fr@tZjaToSKV=X6S8PlC8vWjqnuLE{6HGslZ6frZ&V;!9fz&uihoQNL+!=f@}Vn-%S89Dcvq(&M;hxm?2qr@-Gn{5Iat+(v7tKL8qnHS_tGLw@?g9L3f>%o)#=j#O7JJ%{O&#j$|R^)_Do_olM5N%cO#P=`v? zuWS$45A>RJw`4mcPP``bMdh~S_vVTqR8jQ7l=I%G$lOc#Kbusmsm?qS&I90TnN+>6 znSbVmH4Ye8QE#;a(<7l>kdQK!>Q1WR`;dm}+{i^F^SF2MA6u%kR)x;#I$bvWCbHIV zVJ5@ki}K>y4ztzgIDDU92}ty=cUl+WOEZyo+nNXYT%8{YQ?1{gC*Y+ViK?)bHFTle z&nn%s`OjFFMiN{c)rsCi#dM6t7SyvCo|Hr{FZZ{0nc`Z?%hi!M6#6CQS#mMfLi|R*#S~rlwyU4CAX*MC}6{OSs zs21Y7K|ta7Pe^3L)aPCw4Hye@k`8VGjU7c`*DY*E)lHs$QYNP-vWddBC&fAC(k&k@ zMM6>@3|Bbnw55fbS2-Kh(g~K_7)gomh4~rx5|DvJ%$PA+5)rmEz7(bOTs~~GT}tSd z7!VUTxlH2LdUd4!yschWQ*vS|YrQTkWd6B|tHI7#$fB-8{k)^R475K2_N+`RY#K;D zKq$E_&f9>UIlPyQW1ha{+po51MXO$oU^`PqZ9bcz`bI1_`#a}=loU}1bJeVu4D`gf zBu9C{R?}Rx`9gT2stv)k6ZW43DGscX61;=DyXyFO+grgTlE0Bxm^o70RZ_}XE200D zuJOam&w;R>gT?1z42`Px+NFac)Im=KQA<-AfNgHZ`E3bT~r+0t)}c z=xqdjfeoL$NgO^!-l~t#d~)e^{8Z(mxivB?1##l@F#pBR%5IhkEXmX@-z~l8lZMev zFNBuL><50-%G{=wOBG(T{htZJf1rr)C^r8vZ5nB)+-JAv5!W%TAE;*$?-S^eFCsQm*{9n_OqRyUOac$vS8TJof)s43!zhI z#qY+_xej)>UzDo|Tky@~mN7-}?B#>E#KF})2+rVDyhWZYhmWFL*yE%;*ZtxG`P3#F?C?{%7z&v z@FX>pn=HSPIbbZ7vnNJndlkIv`yeY^jF=7QuQEf79-GSkU@cX3HfllVlNcAr#vW)9 zV`PUAMjDpmyq;TQARpIVi$i*#Qk&xE=B@mti3`V4W9v`cKcmfl)l8gLRqoW4QRN$n zu3t$)-Vf(JrGs%F@$1u_v*|bW4f!6 z7X&(Tx;_n8yY)c}toC2N7c5UNx~CX0?NerCf?(#TUf(`4tSRaw}k@}&JL z<)i&*n}fYAkMq*p_qERrL6&f_?x&|=>qM*jA~aAF8s3fEgvvDPPc>kw=0CS#W7GtRyxMpLqrkPmZ9+J)~W?kaU zCY1qm2rtVn9$Za1pQW|1m$2pCgDy=@>Z|Xww7wH@>(x@-8r=S|)1jxXz04_i(0k7y~m7hfp411-4_~uqm(Eka+)K?*DWDKCZS050{?V zXw5YXd)>!8EYQ+r=!~vVP z2vVK;2z_eo=?!&4jb$G+3vp#=VK{Nc&JBvk~k-PRx&SXOuRMh+6>eWRQ z-WG;$TWY+<=@)3x`*O{Qi(RzD3UZy}_I+*7bi&FS8*QI`W^sF$HGljUjaSy3`sric zNwdLQy!y@7SKo2WrK8lK|>Mj?0{=xd}#%T|Zzs~;q0^)4!Gu8q~yrV7F zCuuX8#XAb%CLbA;6|usheU<8~E`D$xxs^JzIx&Whw%IEu8o$~(aJ-w1)dJpGUYgBK z$kSR=E%**3mk*0?G;;Rh*=n9SCoY4|&dO7&CvO@&eDz#^`0mXF$kL|+6r}a}HPa3C zY2uncqy)}KIT!aatb=;4bJ0P3%Pd&+E06_;SqReJW)WAWuZ7LQ_Ies5UL!-NWi%6N z9%w`e>`t%kFd7VbGd_)RW97A`30>+3e5xDG>vzh1(@fCn zIeYuMlKA}`YsGCLNSr~ZSM6h{#oMr8;_Ig$&NRM1g6{-1zI5(f}uhS$`Q=(FOMlJ6%5OPC}B%VWksx2cSPnTTgerVAcmeWpOC8FFe z32}pA3w9IL)tE1-KzFO~rO_h`o0~clb|bV;`O`YhP5f70O-y)jer}!9_L~LMrgi*8 z)9xN3dRhx+4EbK)!`K+OxYKm+i>%QrgiD#9(9#()c8@IQlP|JsIUkRk_D<&hNsF>X zcbo=}_rdi$2EsCi8RC}jeOUM!$_R1phCZ%CoJ_kRetti;%i_?ig80XfCkWQD8!XK2 zfU|;eiOB=X438BD5F=>7+lJg#eawh#<+0t)G=C5H$@bFwXy7v0cqm%FowTu9F)6b< z8Md9UdpceXnJ5q=X9pM|3rR7f-p{o=ulpx2R)HeqAbgbI(fDHaV6}*wnj9AAOrL4y zqg|EuZ%Xach@}dQWGN4puWS#t$r8_CMcePLK0r{Z*m9Ljl7dlQO|U*K`sgmK2q#;p z$LhBQpO_1FOyKMxYhfbxQj~kqRa$kHwIZycU4b*?_KUIHP(%??=hM+u1<}lOuC2)h z-WL6gdm!G~*T<B z%q~-~6)rS;`Q)x;_x3xvj6=nbp55&8o85TKmGa=#=ki3uWtHV?G)U36me_Rru8GNs z+bbg6GLN2qO`Wbhkhr3r{xhlv>qy!79LWr_u)1wV-jo66A43h^)BETvlcBthWD`C0 zP`0pjW7{xlEW(d;D-3IXHCku78n$QB>gxz5Hi|f*{c&4^> zxRCA}$fE}j%Oc-2OLECd%IL%MwuZ_h4$C^o zdw99_;(?}kQBd!sETWE56ht@so8!dwpEDV=yx2BV!@)pCiFzZ<f9p`9wd<^eo%HWtBt;}-|U@>U6UcJP2_FPujhTKwPJQQJR038)S zQi5cffrY_cajk8%dQTg|BEizD6m*dG6NC)FWV0nUf8stKX)iCb7P>7I4JS(V(L*s6 zR7>Se$v=z$wmBzg7Dri_x1-%@jX)~`(Rp^E5bbD6J{$A&X}(iSju3b7{kK=lKm%J2 z!k{h>5gF8KT@Z>ziPs1Hd(XDl0U!{ekw3mm<_HP_A={wv_+mUQn9z(*5=`0*j@QN+$U7XN=r~$?zsa<8dxD{+iI?LqztoCt9RmZ)*qZp2 zT$Mqlkv0f6jiA%2o}^?Bn48y>Ry2Z8f%4 zGYzop33jfj>79}IB$>hnQQ@TOo*-Ds)v(TbFB{})kx_p`k=oDlNPGL(4F|NQl}z8M zPj=`eFc_8cG7OI!VkY652Nh;*K(zVGC1M@LFMwR3Zk2OvBipfVK8_%b2snxFu==-8 z;sK9VSh2$vPy=h5C%$d%zmzAFO&6w=nP5R6CT}^=8RVTCNEsE=lP>Cq0LHu@Sc@FV z6_vsVY`P-mOocBmOADm+Cq69}a#XE(~gbjQWO+)86ZK&Wv+H{@2}aEDuRCAz!5vy(n$8>(|%>L`x~cF6y&b7UjiQDBDz z${s-49X;lwW9l1{$dl7FBU^&vV!QG$2+Tam8l&UOrq#tom6+1L=HWMd7>yqM;Z$Gv zicQ41sL{VR2lftC{4tLsW*ThF{n?U-J{{i>KeJMU!!xHmjBNVx!%D5O&7QrPHNUVM z-3{ZUkaiWf{rbB>yZuU<11@K0kVe`Td{@r(Bho zmqEj*S*S?!Z63ex*A!|4X!jHDXEnVSAO|0Mne_}e$2eBjPl+8#Ik12CK#LWJ@J3L_{sYNBE7=0RF#HnxhG-649sA$}$U;Y0-3u;2O0C&4% zYWS0Vs49obmt--+EB?|8Gp`^%-H-e65$8G7l`mbk10W6uPsh?P&cr|4GFSp-S$~-z zL`5$A(7`BI0gv(It(%#Lurk;uJNG)bd?)e7zh%M$SJ_Eq!9_0Q0pn<&-U_z*+TXwS z?HWjZZQ>!%m2-Pk=2qcP*Z&vqm-3&-Qy}HRpvq+zwe-D*kheaU z{4XA&a%k3opP5OU>gMu!kRN)H6SR0)V&LrQGUszoTF?D2UIv)_+^xq8T(hZjnx_=F zdEAbJ^yzfh>2y9efO{@JrnT^Us=S#58<$Utkaz;p6IigQ-gzcpZMMhR%g5S z1I|>aI^gBz?^)X1Ms`mwMhj>Rx1Q!ud3zB8v@V?-Jtby+rEXF5+Aqxaf9i|C%f|b! zZiQNDz4Rz+F*f>3Sym{W9g;ggTh=)C)Kl=ETD6De{;gmEs{FFh++}rw#SfELO^-vZ z*fn``H}uxkogjX*qpyzs+kg7MpT;41`3gcJx;8O#M-ZSN&1zWG0%9zCIv%p{d+xrF zYxr7i%!#QZ$u%uELEpk}L}$ZDfR01_gl=3B{J+2G->$`3`c;I;kK`+&FFWU_G+x~@ zY~3Vgh>FgPhqQ_QETs9bV{=wMOWXKmLY&)KVEwlaB^q);gf>Y(IG7TR@w`xt$A|vC z)c*Ur!gv0-KR7A<>Mb zNx#y3diFIxa4cea4jURCAhl|m)(}6JWkd(u1uFZv!u3q#N<_-Xz6;5_oTm9*E|CxZ zX{G*aNB-a6ItrhesN|d8ZJB)NGTeE3Cja59TReVcN&TPndI`32NM8lFkS9;fobGU! z9S-MZLHnqoDW!2Mdf{BS(kH`((6Gg*o`0)2|4okj!Zi=wM?QBIjIK(I1hi@Q0w*f* z797)EvR!PLS?5t|oxfaw1o$JjbPL`*VQNU5+X(z^M|ZUxXdX7VA(%|Q`u#WbocLQN zTMMvuH|JiByv<8&Xv>=+4Y*u;jIvOio{+uRZ9fC;;k+Bp?yvrUkSBfQ)9_&JHPau5 zezAf7@ug;sY?XjjpOntCU44Gr?aO*m-A5IVep}jGSueQUcjP4Z#u$x|78;mZRlVH$ zyNv|wM0(@KhM7=oLMiafC+y0DnWHiDcWU+U=YI=vRFYe&|KIWJ*&hqN(8TYA zZ+Qh*+i$lu-2S*wtWLIr!}5NC{2#{(O|({%dh5uYUL~!=MNcMdcU*BJPpH)BiNP5& zg=Bkp$Uu6NByIMAV67+SUW%A>ECN}Pvm$osS}}FP+$nu882W!t>i_-OE!oTJ>H^Iz z&6XgQFG)tEp-(I8na@d?QN&K*>I4a*Nju>$PPEC$W;_*X+(lQVj_9~vlLq1q4Qf^4 z;l8qL1l)GKZDl3uR)9NVnQtdQ<-)~_iwlFP9KZfv;IEBV++U3KfGHjue{Fn)K+5W| zOxNO4|J65J%z(v^rcq9@`bqFtO60O*Zc^0(+H8{4&SzpYL*;~8k#W?jlWVG=crdUO zxaVU;S-bk*ktqq*GF^_j1-aP0=8py1K`pi4ygiW1kYxj=I;b_@?BVSLfy@wh^Zxu> zY-LWE^+T|spt>Ks>>!U|MLJw>FFFb+ncSK8O+^56dn%7}>ukhyoU}8)(s(EbR1$ZCd?ZY53TSL(c zb+qM{N%mWVqPB^iLJhNCEp4mG{_j%}mA-D|F8}%V)xFs{#^l82rNTb67pdJF2DfRZ zxY@FaTBNHxH$J1j-Bg5>>_DuNECCXj2h4LC?!(gdcPApOTX4IqMX!d-bnepY^-j<~V-RTU5leta9<5YB?3s$7!k zB6o0-h z{hFM#wF8^4Z}9T+*Fq;vPgvZfjA5}8uD}41E@TfakYcLvZYNUh>S%Msv3}e< zfAN!nX)?uW{~;L9IAV6Nt;okVS)4k8D0axa&iAuA$iFu7x?mZ-y(pt5(98j>^OUJn}@3HOhVer#VrNph3nB3flBLsquIl=EkAJB*P}0|!GXB2MD!3n?i-WoBU7p9?+cD% z4k}?h5AbZO5#R@YmC5@De7CDQ=ngNJWH@e?mueS{G}NI(#=#Bo$YM}UoIMS5vWY2; z+QF5OCPO_(^ve3yXf5blS)wMDYN>qP*0;8U%~nlqC{1#L@F4>9jnDojzPlBbY!W-yrURuPuIn1@{KLwawg z+zL@m4(H`iD`59e7(=@GgY-sW1U+A3Ia~%g`It6fOJfO1R~k9Vx)qNk6z_}l4DjzZ z(?yo5pZgu;7V_M0X;=beqrrqzAHZJ0`4r2w-W#}jd@T+epHx!fZ?aSEi3xq~xpmkz zJ#-|;w^FJ|IB>{{LxpF1<_G(8Qs?J7tdxN4_tl~xOK^4hq@M2sY;`pnLUEY11jA*_ z!$gTEn}(&3_h2JM5M9a&T4_$l@^`D6waLO;?8ycwa5))_8BT5`TQFDah+U*9t9a~ zRV2q5ICX^bP)SlK7<_n>c>%gTlD5{4BzKWJmqQQxbqkL^K0T^_PM0}*tGg-_y00DK zFgY{`LDZKdRMXM%1GqkVzg{b%Peo?O!k_g+?CVE=gz-q?!{04tHd+I&fT@oI%Yzn( zBiC_ZE+gCZ6bm4SNN#UuS_-$bgy77#1LSGIbRj79X)wyQ#oqTkewQ0zaw*i#Z!P^n zeajeHF4fe!z1bL%3{0!6A7j=8ckZ})7`wJOPBJqHgybRb{2eVQzxl`OV{NWsG{4f} z13gE62gaiAG!jk}``9{B8fI-#q%)wdX>{*FwW9~mYE zjn?`Ns7k82c^{0>(5C<_Ln;t|A&hYDplu*x+anL=$|nZppt2ZdzgA z%vqj~qxIwNg4`_qpvCR06*UC>43K7}yd~305k^>lT)I*u`%7bR+_7b4g*btg2el~AQpc#VIbjP5r3hIgK;y!|{ z40zpP#(!r7;eZB`^#~H8VDa0#xIJU_A&;B9(^;;B#tT8@+F3VtYKz7YPC-5X#-_$z z#0tfC$#IS}In=s}JSEp>{0>O^jgbTXi2-#sN)Elh4V;6IFS*6+RbY}x zbvf0Asjr6zb!hXoMMy70z}aK#t$_;tsz+%D*#vo2H2GtZ3cWnIy}h~Ir@EL#U`_=g zS*yz&!RoHzyjZ*0xVfsoJ%O?aZTp5XQLeahM_oQOaUe~{TsVpBQJS!l1CvHla)UqW zL06e74mEdXWPS%7d2as8%5I^Vinx*ZQX4eZ$f?D|iw0dFO|>XSd3m*Hd6eQ;>f`XS z56#iT7VtRZ{_$aRQiY-}$vEzs7v+vrx2D%qoU;u%u7HFTr_J9oQ`8?wt}ZO9+*Q!{yG(hR|%6E`KsUlIn#ikkgMJjG?9`mYQvCW;N+4^zX zid(-Zcrl>4OIr%4tchTc!UYJ_s-9|^uG}eP5uyl5mr0Fm3&l3KB0cCuhHX^icPNAR zAM~L`hzygb9 z`ne_&sjB)oU2|)og@ix^29O$)NprQ%HltOoTQ55{B@T%4pq%aNFFlZVDDWDnroJpy zG^Vv7?57FfOl@Pddr3q5>IW4atw{^`bdazNW76#XO3u2YN2#rWcrmq~IQ*-k&p!?k zFjKdnGAbFhOa^rGNzeeiAg;R7A zAjAe0SMBvCxf7@p7zATAfjpv(UnBobq(vaocT>+{P&mytzhnea$P9ItF-)sib|0ya zlkcMXEwm8O`i{gEkNMiWmQ;t==9_q4MRMqUVALf<@3)wg#a~c)!8AYai7^3B;4ZZZ z8uEq(5C}e)cshets%x-7+PqRyibP$_++x-@AS=}YnoIIPauONJ3Q}sR!`I(iJr5}9 zO98wbGB~klcu?4?<`B|5mT5{iv^IeD+)#uWgbYZT!{b+jn058)NJFeXyqQu{3O!Ky zj1!|b6k0N7i=3@32{W+#y{;Hg^yD~L@>SKTG6+Sh^v$3#6EdNhjDw4A1&eO=e?Sy@^`ziB z;%UJU&meV(jg1Ks;^^-d2g7`br7WXl?{dYL9{)xajUt#IS#<)!~fDFcLv8i?t@Rjezt+NC(gPLJ+$>8Mz4LztR)66H@-mfVMi!sA8@JD8gzMm-3gv{hcz2E<*Kh%0Sx;xdWJNtT$RE2X-L z_2ZKYXox+@p4(3{{jrJj-!)G&jJs5fNjVV5Y05|yq5unUHGu!4O3qoeb{RMZq3JTk zI+6DoGQv6@CHQ6(Oe<)##?{nG6%!TbMs8y%-HZ^c=V|$kcC6WE;h6v=K+f@Zej7HO zHp$=F^S35|LVKdC+kFRQl9EgZHq{Aw=!Z5$X}A>1*Ny56A_xT)Sw3OK3;Cy4dO7Y|(23cjjm1qu}OBESYoBR&u7R(shK5QJ9$S{9J&ILxcD)r09Bx7BS zX)%Le9lt9!~9i+w-l?3AYdSXYdqSJwm~Ac~pwdSpdC z=DE*R(HA&cz0;{gRxElq3)H6>W_uK42SGR0eo2^Lwm_|w08 zl#dBaLqm!gKmtG-rF2C+zo5RPfi6c$v?Vr|jZju`DyXZ~tw?)++(=st;H557^RJF0 z3v|ta@%IkKaZa@Ml~55kVyBWVRp&R_zK?ByZ8JCvEU&We2zw03)X&{xRb_k(Rqm6S zJiy2uNyv6cbArtS*=PrvhsbyfWnPRnvXWDy7+<}Nu11XzPp{sK<4ehmK*22Wq2hCBwJd# zO>U7}f`mcx!c7!8c~>WYf8RKRB$WYEy0JBq1&XsRh6%BWQtlg>IdYSX{ZC;E#+Fzq zT8_rPtCKTO{{^at7)};ktD<085(i%^n9Hf*iPJ3(z4V6FnkL(N0$kSiFtDQD7Ja_}%HlWvvs=N}@wo;=- z1}+P*CX_jr9;)=Xv>X`wZl z?6`@JT637IowcG}_k{1brX^%wJ)f2q=YST+6qF2L=mRMF^iHi|TBsP#3pVn>V=USC zH!?pmYu!jVQhcY4wBZ}(?qFt~Z$%quMy--@W55_}18{M1ACXB0`d1%2Ow%l?OOb@U zBIxK2>}7=;KoSZyipOeq`7W4d-Re4ivTl1>7>$yeNMFMKUXn~+i2vVqWC6BvX$M=I#^`={7`VYbrhd zqEoPqzZ!k$s=OSwpT93nY^L2%pXu4Q?Yp8otco>3&P&Sc?~2Uc`QuLwwqviJ9Xuzo z|7X8`-#iFeAlKy+>-m}HvSGn_BKq_daTRaMN5$#lA%v5)vOaCfK5SqLn`z^-txdnC z)`zI9M6UI16>fsUdhFRFz_02hTP(3jHW~B&i&cz{KBwMHYz8qTJt$~=Mc0POKa`LV zyz)XVB$E$Tm4y`+9{MctcjGTP@h)7|xGvoCS8zgT^@$d*sR z`=dX!sH>_llia&luIfD1kHRl@l^0<$RT$ajk#!-nwgc}&+Bf)Z{r1^eryw&{MCkcw znQNmY>TssTOgh|Rn!bd`M#FqrV{qRjhO%pDx~6UkD~VCJ4O~~J)-hT{(jQAg&(o$7 z@Qdl$+P@Pcu;SXxM!dBhV=c9>$MgzxuC-p(+!WuSo~fezTCJZSL!e&k@@UFjY=S{1 zPFGYid=U)%ll&c5&M~o7Y_OMcW@kFxG(^02H^@0yY$hko6KNXEFos*qR69`eqreVb z39fjFADyR4&nUBE=pu7#@iY0N$_(#6K^L8teo(y!Z0FFJ#fo>o-0lAm>=>}pX+L14 z`Y&)Xb2@xMbea4MT`FpY`2oEFGx4ee#nHYdLEw;S8LZg$6k5FWj6PEbRD7|^Rgj5_ zv0b+Hs}+2}s))Y?40>rDuP*inpQYkrZ76E_2s6G+K5SK6h;?w#`{KF`1bhG`6?X5p zTByMWexcFel&&5Etm@>N@qOFiZ^gFC3PFUqyU>*!Yq(UHnzBBt#~FJ~{Mt#kCycqV zVt;s_6CRJFfJuysod9M|)1~JTU4k4wc~otBf3fv^DNN0roXi!!lIpNq6^$J_i?mS> z(wl>N1-EY9pG%Aii%Gvm@BhWo_~)v_85hdx!a7h388(wzwqMsiUR+&yY#l^cGi<8t z#WT^@uuxm3G?Ej%8GU26*g7%Oy5oaW+j3u;YcTX86BRekishyMpZ2~rtf@0?w{_ZS zJMBm<Rjae*bB{VR3b$LaaWv%$qu9rGjSu_6?qx0byjp(D7Uul?gZAfr$qj)uMl z*3zYpTfuZ(0edx!SGs6bPT1oAJCOUYlLS%l3I0{R<{;}*$&C1qk8%#FDig?PqRpA4 zY}4*RNvc(M-ne#5q6m!fUfE=yaDR0^TEi)Mcu&GZdJ9)kC;1T}ZZ9Ep<&NazKlo1# z(Xs?~{CDC52sH3yQ#9<_7WS|yA8FYos7t0Y1<3&3vUhNVo~@@YeGiZq2s$f;BYb{> z-p0iKa_bCy@<%97JY(!w$Ig;DEQi^`sssswQ&@UP4&5k-_3675Sp%}KUwC2L=P5h4 ze_`V^t9HnfJ0nH}(cN(fCKp9Owz)k;S)q>nQ`>y+jYi)yT}dYMlHC|~Ob5w1e|MR- zQ8|&@#nFrqnzrHHoMJ*PQ?yqj`R zN^%Ts&c@DnWj=f>hEE!g3 z5)qw(8;%-<(9}4^dq@Cm9~k^l9U?$USQ=x?ZEExPVN|^nY46xf*$Qi45`JdrY!w@^ zcwV2lHfJYpxL>aqFYCECnT-i&d-;d zhW%H2GicYSy<6&W-pn2>FsgMljXO5alCE9#~8QJPciJz zAq&s)=(g-NhwmncI&XofgOLnB7)bs1+USZj+|1@5r)==+n2d&kS?7K2Ffsd46Ld#1 zSbQ&qY8K*TvoDNdbN`{TN(sY@wKcXX?FRG!Q_55Hq8Yc=3CHf#Qwv(oav&wvCiJ1L zB@B3=u2l#jmi1~7OFpK^PF3uCJ_Mmyw@u5fXHymJi*;P|Azh{{l_QTjAm;>+M9z$S&#v;0RsO>p zKS8g0tX4Ka*LRR+clvjpnk;PbCW~XCJH4ZbY}pNCD@(HVs0KPms=1d#!MSi_%$Us> zjl1#f_x^j{^)_{R!DTdYYhcjTO0O|+-LH|(zHp;)V9we~nzl*Wp@vnT?L%}j zkk?KXPgZ6lApVua7U=bSWO8fcVGe5q=HTxx&0~sy7MEMug)dN8mYmNgiytrZz2v3l z3e^9|$Tg}36fTZf%x>6gsEW*tiLC+pGtK1L6=Y7`UMZ=KUw+9`Iqn8u=we}#j`SEm zAZ4b7Mnk9Oz?D9D@rCwyw*Z+~kI%sn3rBJs=ZxEVdm{`GV_8vT7svD7cc0JeAzNmO zTio-G`$(Bx4#1V3LEchDs!6s$y^8@0orK)EUfl+a?6o)EazgX5( z`-*N)6ISGXBN1Y9WbAXAFW1^z0XDlKCZPzC1I0Jd-w4#*DgS6!>07=ulVt1M{-ac7 zzx%LPL?3$khfCj5or~nU6fmTGUkqjfpI6!LNn>=f(&BjE0Eeg$kjk zE;EJ4tX3esqgd^k)s11K|1aww*!1fSU_3BYkivB$UdBcL`x($y*0e;YJ8Y`W#<;%j zx4F5sxB|ri#V_T7k>iC`37x_Qp^{Pr-XimI(al?zq*n+=xkf!Z)6oGL~82JBX)oq1D^DJOj_L&p! zXJRg52a$MVj1sa>kwH`y_x{BFweIeY528I8;%)k^xyskQD^UP-_2x zza6T~|3pR3)20kW8GqaVA%`Rw^^!{yN~{Na)yEZjW@lBDMYcu_cE@|@v@D9aRSv) z=G5O}AjatwT^o)#EUQw9p2S>PF$9G;=bz@>byRafj$vGA3GVMDY#9MY9^=KjkEG^R zQKnVZtJD(OOG}FQqB+&3o1lTrTkIPp(H`@T((2FkwCP~dU%52@?{23VB2-aQZob%J(+H2xby&PyK z^kPqv=F=oczoS;6Ivq|iC5~_0r2E1^nRfmpU{8=UX~)#u-nEHfHx*7}`z7O9)*nd% zHUllkMtc@3BZsm}jBrGA-{!o;AthoXAd3+n(jF+Isy-SdL?2UkwsG^yWE))sT0dDld0{z* zc|cubN>(}()U(r<<<7zO{ z+mwz*n)UA1T{lSi1rJDaHwBkqq_D#j5bIc3*t*VwAp*s>5a56(KyHe<9CN_xlXD9LWl0d^Htp|?STG-cqDeGY%4$NUOgc=OS3xmN$U2TmQj{6tG8A_lETG&|De zsDA{%o^Az(GvjoX?t>}*t2qiF{t>;YEcE6<2#Y$pa_FoW3S2Ryad>szmP&WNk0-EyQyo~dd9(;(6W>n zMg=TOe9`&>7vBO|Q`z0lU3+ma9spG%rolpQTM7Y-O>BEv=6>SPIeGSA)jsQA5~5)^ zllGwDPt12)fZAiloU{RKM_9vd}xpTq9!rG-OxPNe;;lcbmEeqdWJH)iE2Kjpf= zT0?1#Cfe6hTBkj;arq_~p~a0%tjue`$dSaml=-)e&t$Q(jeLireGy%Ng>%~Icj-ef zz8_c?7>dXy;{m}jdLh%T1!JAFXCER@a7%GD)?Q!i>mFYCr3$gqE_?8e;DBo$;D|{L z13@kCmT!1JLh&Vb&>_Czc$$LfP)Zxxc!luyt{F=n-3#gC;-l4Fi9S%Md`P1ey(Xe=2#b@A2#1QnT>9DQ#-gQR*0HCoJUZ}eU%#(NzLab-7Ig_7Ph zHx~z7e?_vTv=ZBcB_ftG(L9>TC`jg52iV#rjhGxXbQ! z>tt^f9#HWV5ZE<$YutFI?Fa4f)i_rV^~nMMqJGDqC@TRNPR&3abZ$ctGGOHE*nQF+ZcryccJ_lZZBA+! zb&>woC95TPO713=S(!@a23cD*XY~PT^geewX)rxWsJ;Vt4sV^7XSc^9BrPguYy4dQ zov#llGWNN2>q7CM=(>z|+wk7D#A~IMk!qc}x7-AU5aPXw0kwmt!uuT?7k{cP&l_Ehl{8>v;e^JCv@c6uAtWafeEh~F zG6164K@K|1E|{@lu??#A}JEs^gj@` z|Jdo%9I$KB%+2o|w3v)$;(CNMwi9#6NlZatb{OU z7rH)SAETRrQ$2|Lkz1bZV*;SO{jh4`c#HBw-?e!aWAwfc=XbO+CiScvjZyiJ$j`{y zeenyr7smk7U_}Z#rlxC=w1}v-PO}{~OH@f%2?JOR>X(*-z)j6!* zpA-R;3`3Qq#VgH%MbdRb=GQ1+(83G{1dc7^!EZWyyjs33sg0bV8~|aGqDN#%Vm2B2 z2J$0Hb_Gi$D(ZJg(s*k%4#UQ020K1P_w-W6^_s`WDCh+?vyqB1Q|}#Ku&%Bu0-t^) zL8td%uN}+6tkGK1VUPASsR%V0Mdy#mv-~>mg1OK0<1MgI<1vaU9mpW$1rrOU${~tN z9!@u+dUM+?J)4vVg6d)0;dE_`J&%h7$*u&U^rB=n&Dk*LpE6?viPf1Pif$Z-&fP2t zTAFufSO5YmDFzDcbMc zUY`T;D>YuMtVmi+mq0t*SSKj95vkvSss+x(B>Y}IuvXVJG;j$S`~<9)N!M;Pq++H$ z`ZtKXip4n?DrKcltsZDVAX<9EQK%k*-Lfpd24xvZ&1ud{vS^h{0_+;87F|T;S}*&mI{a<8f76on4BxB*qB2gb~)Z z<}O3K%O+mTfRM!L<9Zl6Bf)SV+9Eq;k`JAgXM(2gUX?Ou5JTe38NenPVfh<(eJLyH zpgX&0xOj%`UkML6Aspg4F@C%fFtLsTfn}ewtpm5*#ue%hcWn{(j1HZ3kmNMmo~d_h zaF}s@kA+)9n)Wn-Bd&%qi%|+?Ax|b^bnibG(_VZ{{*tx(dmIR9n%a^X&%HeE`kLB? zOKU{4S#ruWV)0Oddzv4EpfZK4I#kVeN1&ODqGr;v;EN+M8Mf`VqYKc43j{^dVmk?( zkzo&J|0FJBdN}i9YAQ%RI}Dw zwVQK^E$1Tl-R(;aT_xN-C?elA9~t>MI9MrbCASBeyXlKAND0FOk)SV@ z;~!u@49E|G)mnMVivU@pYPLrh%!&?=s>l3-|4Ng?8g$SEK4c-KhwL0%OOE?-s^e@; z<=W_y-HT%t4R=!;3f6B5WTKSs#BNUADcE+@VVj$iPZ76SaT`&T2cd+AFtc1}!jKA? zD!^D$C_!tc)bf7WFqc}!h3q3e*f^dku~bE((iUQzSvZ#l*B->y!GmLOe5G0y(-ICX zIP+3PycqA4NE-&krGTWLOPJN-+|1Tz2tFgK`L)r#T6<0n!BQO)<@YLDyM`+qN5Ser zEVUszg7Q>-9MB<-lYEmV8QqMs3&gWM6ZobMQY%K(CR==>q|G?Em-Z=nGksJh7G;)m zb8aAOymg`O8~6_Y&^pYRMy*vGp)cb^!zwU8X6sV)vns%>CqxU|X`VVj&$; zz`e;!H|UQ~C&v{z$wkc_r7WWZngJAqHh54N_4O`&|6NBVVeIjch^um@JUB~9GC{CV z4Vo2{){|6KLAkws*mH1QOP7IKLmTAJaJ5Zi{AvXZ!Pjzq?cspGVZ~m}A6=2zZhDn; zxX>^~k|4WGhdGQs){ySpu^}p-cIrk&;gm2^s*rY zg&8UmabbyJaJ(laFDc@$V*}OfqDP1vn|_3UG`_R0uTG3E1uLTONRK6pokV0%Ta@V~ zs)v1it!`)`O*DIW!Z|J1cubqU)_=ZzMg*`u*?}ktnKan@aV+1_iaMIe$Y{7>IgG+5 z_n4;7WVCBHa%LV}dbgBy>wx=^z#!7*pGyPMhs=51R( z$^E&YfD}63TZsY~#oB*9B;Y!*Fi&P-YcvNCa4mudplxX zTWzFqrfO{o!_sgHd_ZDsr<}{QU_8}KBjf8tog`D!Ns@shWSP%2VGUyn|IJHC#%*<; z&V)QM49eIBu1V5(%Uy^m%w(@ITyfqs2^3$^61z-O%7+rigLAVz)fu6oB~xI^N1bk7 zRHzxGZ2N4_a$p#&iHFiNJ^;H8<>g4Dpg@#h-hkOeFa+6d?-8`Mfl@W@HdL?$Ga_Xe zZUA+%`dc|K_8G3&rF#+!gpUiXNkEIi6uE1 zB)A=$T*mpcZ1F8mzZ%eH(Xlou?ssch51nns71(_yrXknp{CP#D@2`IEhtAkd!2OY} zMJJg-S6xkd@$++l3iPYfgfNc=Gak zh*6UX@|HqSVtcnVaHMpRe?v;2-XU9q^$Dy)3D1R#7hkhPZWFzs)7*G80=npeDFb*R zII1gUc}Dxrl@()VH0bn0>|1Cr8ZN92@`b+p_-2*ct;PuyHYs;Jlw9(-^Ds8y7p4C{ z*H)GGf7W&dXhO?zGZLNIVb#0kI$t?inFHr+XFNan|1wW}Nnw4R8|06pc5w!h>~&^m z)6;kPibhOY^qNW#G#znP$1n$qz(kWlfz}i?cPO}N68mhLB3h+|OJkI6wWJww{@oPJ zCVQXG2Z)5IIdcFP%~DAKr$l6;zk?3NT&C+`q%N|~e1wa5K8X2WTISXc{Z?S$M?^qZ z6BL}}JaA>nykgQ$uf&=}T^Bfiq(_^Ius6)X;J4_*gk<>&EYux~h_zME@ z9Z-IwDGswgjzx6JkHsG=UPo?yHnTopWKNk$q|F#QhiQu2r_-3@Y(qfD^TX?%)9!aq zoa&>F?x%ixv;bY7+)yb2Tir>0%HJ1V$i!>5xf1U~)KNHIb4U6;PgADwE^Wju%uHl1 z+8kgX9YHyjv-}6BvW-KUu^^J7Q77vzqthZhdm=FRc)>aeuwI$mZ`0(3VxH)RXyoUY z@gHuh-h6_zRlaT=vozTXAIt{Zp}qMZIQtE1ze_){(e=qFb?6iHZW;n`CJ08 zHE34yy;aDgk*BTTVIk`!S!`(8SwLbnmnfW>#ET%dy!!#_M6 z`lok~K$)RU5pC{GzE;2mKoeo-)YYx5p-!~HC&iBGrV;s0k0$Q933i$cWVYps)CHZM&V7oQHSPM|uerG9|jNONt*{2B1($UuYU zOwi)?-&aX^n(l+sOh?K<9^h%T1HQR%ntVa*FL)-+@#hhL(^y3{+Xwnq)f5txQwpH$ zP}?XtlA5UXR0`Z)cB{&xrF3-=FN+8g66qkajByZdKA6(mP`e= zof-p4otd#T8{wJN6f?q+@8;ca?bU36XtweTlA8bHM6~8a+^GYq*0`2fdo|E3DDbU@ zVQ5<}820ztf}p)gM!rnb!%gWxyC2*My7%BCR*t8|ExVF#a~z+W)o`dazHls)y|3nW zf09qcdWY)Mp`tZpkxW%3Ad@rzn3v}?x?>dhNkXZr3qQjpYv(R3f8i!+;n{W1xfm4C zB*?Tg<4O@`Iez9ipKNPoD5L-f8ct5S-#an=qyPM>bv$MYXN&7ikQ^^}Qy>_XT&;rJQ2$qhbHa#g3Pne7=m?sj_nkCUMJbK*9G zg1k6JbX$sdhck9rej1xsDgYfoKCZ9TiOuLR<1A80x9tvmrL7 z5zgKxGt-AIBlTmi+v0*y+gK3nf_#R@PG>i${m#OY%tx$+Hld>1i}Qv9kl-MqG(~C> zIL7J;bb&9|#u{!zINItiBy02G|^fA)|+6Tfd0-Z^3Wr&~RdLq8y_%Q0GJ1HwAk zBwyycBzQ=cWZ3k!K%7&ZgDs`Dy1}XAXJ1;o9n#IhDTE!A=#8sHCIYB?sYZ2UrKL}q zrNhv0MlY!H+mc$nTd`8zsBVPFs{4ezYX?b;qrLipD2eRRZ}J?O?cmod2`;CaT;Q#! z9i>l!us2%$x;M(kTxc3xYN%9an zCsY85rR`^cZ^AOiiRRgJx3LT7w;Hq`h2mF@yTyiTW}b~H0Kbv`Dq6DWqzUlY8Bo4! zffg$_=Fk0$KHdw2W5b{=KP?<^34=Qe6QRbcUxoJL)~hT zaZ`raZN*F5fs}y3!ARFGA`ImF!wZ)Nl6pTPoZTB?9X4^l=eY-^qGo zYwZsY%>ozFcvbv#4p38+7YGKfTE6~{yEDIiI$CvJ9K{;WZb2bB7^(*`_m5LRJ zWTq(PN?lfw$F8Pw8azMx;kY!^q5=yL0&uC-=rl!qslwW;2*cSxx>w<^;M$}>i|vbhxM8@ub?&hfBTX>_ zmae_%ViPj5_@cfmp+sOq2xuq;t*|b0ey%>jG$7kA=Z1Q9rL1#xQ!f^;HV^2(f z8#EaKk24|0TV*zZiTC3DJ$0kXT=iO%~5TJk%M@&kfh~z~Q&WOnc}XakEqcxTlkwNyy6u9GF<$LKbg+*xMxP?fbRy7@hq5UG-ot)SiXJJioYwGc_RUKD8Q zHZm+M9Ed)R&A-W+Lz$yjhyWLxNh&8Bygt-1jLvu1siSNUv@2cr*<`@R8bCE^qD0b( zfW;rBeX8d4QJ>EmmiE6UzH`@Og_tA@7>m0 zgbLITXhXEx-Yz7*5{|dwozu`|?%W4DC{)thNVc+M1nWx9SC2d&J;HSN&|C(}Azh5n zS#F>8n;5oA2}91;qVvKy%_aD2$;FpL_bn?1(Qf2s@D~S@Eh$QxO6}y7ZVy-)bNG zT4U(6zRZ$gsut+WAuZ2oT9q!4w?Aau0{ zXK@mG3IA3YUGqDqfygrFu8`0L#=s)^u3{oo)4fU?vZDkC=H(LQM2V|>i3zYI7pTu~ zcR@_s^#q#W;1I{5gz5Z$@mw>ji|Wa(0Uy@>>7NCU0&NmmYXe}LUv4OB-4Vv=l*KNy zo!ApzLlp@Mbu>ik#BoJ4^()TX;L;09TD`I2xO zbsUD~c)^UB4Oqgl_<;!z&-K#B;goTh&Ly~?I%k&MQXXOHq#(nNd1g%=yI@|o)J&GlbUn!q zV~d}}t|(I_tPq>Y)W@^LaX7wQPWEb*=NY zZtJQEY?(pL*}o2~IP&9j&APYqGoEnsT%j9EUo%~b`x|{jFa)vMp32@&3!`&;@ilSc zi?Y%AyD~_^L)p@*6UAZ~C-UQ8!)QRje?9w6{*kg3578=8W$^vq1T44P-RVb!g=x~4 z{Oj&)4QPmag6Z^=t8kBX3oq~87sl6~mVNt8{(+@9+C_W${9BZnD%$yG7O3qPIQEE vP0x*w|NjSJByt#juK!2R;ygC;x9>e*3=xTk4-a literal 0 HcmV?d00001 diff --git a/enterprise-registry/initial-setup/db-setup.png b/enterprise-registry/initial-setup/db-setup.png new file mode 100644 index 0000000000000000000000000000000000000000..1de1d40f222670ac4b54377654db72d7b710c125 GIT binary patch literal 166330 zcmafa19YWbmUfbgZS#f|vtrw}ZQH2Wwko#mifvSEqhjOF*V8loRnNbA?pk-<_a5xC zd9cs(hRMl@!a-w00|5cSiHiv-00Dt30Re%6LxOykOg8p#00F@YnhOfbi3QyW+v2H=7*aG`5CE5CYeR9-JmvGz<({4Pvf(|`=MS;6MS{9d1!8EJzwMjc%o@i+xr9rh`!RR6$=NUv z?}Y?}9?>>8@RX+&=nGEB4hX6P@>`5_yDWP!fVI^^b+1# zdDDFR1oWR{Wq;5+LOu)$z=1U)s&@fI*#z&dKdc-aq2;@j22dNROBn(1-0l>%ICaG$ z@~J_W!0yj2n1RlSJe2u>iy@lX-cX^yuP@)^edtF?FOhtR(SwDEtRVfEVCqr6K-473 zg~g8IBgCT#k-=_}?9aCVf4C)cnc_C`#1eQVD321v=qtgDgZnu;Au6_? zLyrQbyg4h_Vd>9I1af6YjYN|i7zl{$l9Y-aMuE6RR1oGz+z+XvQ`sw7WStdHlyvC* zx&ga={v>?$-Eaz(0)+y9KdL2-6j!iPwII!{h$6JmLEzXOVFnSFh|o_!X-=Qg$iJen zyb7lC?jg`0F)6**4BX z=o=Tm?l38w81HOIq=+?8*<=CvF$;5ENel5zOEfjmaI4 zEbYr8P4Y2~zJH5miO!170pAQZKm!CT@J#?~e1OFtgPFbYUn&j27E&u}5JC#I*9akg z#fZWsvU72A_>z0?Gzz}OqT8ry_zI)j+93i|tA4Q};rkEdUYGfU4kXC^Q_ISXP z9EfoZu1cTBFW6N*jI*HcauA~1B$@sZc3?I=+6~`Uw%MKfG>-=8BmHX`Xp3Uf^paD# z4f*q+@rXFa)xCMY1DH560AV+4D#-W z$_%=(BVL0h2=d(VcSFtglkH`?;_ATE4W%1c+EISQ??C4b)9tt2vVL^z2muoKzJ*d0 z_+?uh6oo;EGLD}jj9uufJiijsODH(=(o*QRyog7>S#jF0gm}}>k%TDXNNJ*zL@BYS zBicqZ%ThYT1o7*87}yymV)e!Da{zM`v$O{D24oE|Ylw6DbLMB)6?5BTCypE&=?A_K z6KL)To`kNzuDGt84Kdq7-l7M3Ojz$=?!FYHK14=nOwvf_NbX3K$nr>+K~EMq78DlK zM*2o2mev)JM(Dik0iCbeb z`ufzHG|RM?)Z(;<)M^%H=5gi@=0VG0<^%JJ1-4v!ncW|Q5Xtak(P-o8!<0re#^**X zbr&@{^~+XNERVFzGyn5Y-cI?FLakvbow8im?W38j^KT502OR-AW)$7&j z1#V&wj3;PmoN1^k^=N)9;#Nvj5^FR!cr>)G$gD7|w5~`txLW2cT}_FFPu8OWIw~4=ST9;TiY_s+X zupNlmJG@M}Lb$fQ=7nd%MrV^^w7RPC?yG|LEN0cBwUBe^}f-Ag+XU!&V$Fyd2@E=*$vO6U1-c~enudndl8trNhhF#dej` z=HbS%{&w6!?a$q0@+qc8$FM_ox^&gpC9Udw9fFSaPM8h^kB|M`t%URX)ndbjJF}6a z^L&Dr^e1TV=I5p-sMp!orpLyojAxj)@>c?|REW?oE}&d+4RGVoYbcL^VFocQC$=N) z8rRFStwBTp30DDg0jUx>GlP@&(Rcd#n(>7fY6a zfV0ctHG!?TMcv+XxAjVK$91S%8d5?n*^YIFtd_p^t2mRnfr9gF`(Etc^jaI!+qsF<|Gdfdv5^bu=$w|UOdw_2l}3Gu~*B3TaJWj%+5qIo1N#hyYYvw-Ie6IY@I!9xZ;(1*SqVssL zvBfbR6JaCkNskn~gifY*I&yYX-zp6ojSHmKXfDkSt_8P~+tNyCPvNjUnki0OXPst7 ziB@8Qv7AI*-5$Y^L&>0TL7Qki)YnvH)E>Mv<|{vrSLXKT=q741YTX9sc4~GAOyik^ znKDe$CewLOx6gW(H4pV1XAhYtSaRC!Y+gDp-P;eC4o#;%oc(tLuEA`(q~DwLf6Vl{ z!w~plylYEC6$`05SjJ7|O>8D?j&<3ppVhgo@6Z+Q%)%H)8>1QLB!?zzJ^nlnY2>}7 znNVA)8~0u=+P~eu-e*;Ptp253rLCj&?zaCcsj(ciTtc-|o!j{C33@4f!ZOtoda0o@ zN=LJM(qR4CIcHIFX|n{jY_0pJUEdDe?{DF(I_s!4=9?z@6UG_5HgVRioh)9K)=A3B z1K*yT@~mZ>$gO!_@(*JcIAL89&mTJ!yXvh~*QyRIVopxhgWFRUwpfB#vOLKyTI*Pi zY~Of7yfq(g9#Zi9z63#Jza`$!O?;P!$bfgpUwNqCpTdE6L`YdQXk@ZzKP_;!zWaJt zDLRO2ZgFYO_BuAK>w?e1t>G^9@T+cjd>1C>A&Y`%X0F8Sj3dqc+I}vvsJ)mhvu%T` zt99RL{@Bs9cQTU$$L+qKebZ5N$}@-8;pdIOy6{6pW6ByW-uuG&QXkC)O=Ai-?UL?Q z+w3$)+uft`M>%&CP=imoxq0KFOFJf^~0dkJs0jS6-e*IGgMor@G$@@k`Iuu3h%tbMq*xH(S;h zs~fI`zwb7GKW{y4pAGHB$a)rg8+d8FEZ;l!rIgS;JUhHRqY4ztIinNGMVJ}^b*w=3 z$ncwnPytEFd}K))``>M%APs_33V(cg*c>Z?cMA5)0tO1Z0m{Px{`SKnj2?!&bk|h? zXp5Fs5RE};WXjH71vs)$NHpQW+q*gn2onw{C&}Bp6X)fb$5zzzjuR-#{mqqoG`&sG z21)Kn^+tGpw|mqVXj9z0w)1<@_s>%Wl%1HmBM=Ze>0e)9aRrh~ARyozb0sw=HEAgh zLtATFeIr`~V_G+ByU*4@KwNGdpO4nYPWpsy)>bx-9B$lzf3)EEeEzGL4nX*iCQg>z z05xejLP1*xV?q{MW?Fgx4>TbmA(w-Z35SA^$UnP({^JIiIXT&J(9yZNy3)Eb(b_tg z(lM~Jv(wQt(lIj9e72x*bhmNRccZa!B>pcV|4m28*wN6z+|J3|)`svey7~sT&Q9C_ zz+VIX&*#7RGHdfIXIHMjN;%}r-Hff&gv_mtZ5%(x z;9>a2NYC|;4*#p_Uqk+_tNP!%(lh0=G?8-&=mk56o>A&>#kJ3+t@j!FY{g3i_ zph4ighJb+hfW(FPmE3^OI-&INRGmNQB;|HfNq%{Z`*&vqi4 zoXhf@;(l2By_VK`ljS%i_1pu&BWIjJqz8!!a*W8vMBj31HkC`);ia;>mo9#Ml9u?7 zs$jpr{}B84{QM4KZZet4zOb;6K(_p4OiYjGezk-qDeQdR^kQw9$5UdxXKQOWMVcx} zW6toCxG+F&#qs7g4S4dFKj&@7D`!Kg&QdIHz2Rhl@bcGHcF2P>BNLmg&lr0>PK3O2 zblb!E1>1saviX=hjD`ubEUhR?(HtT@C@ipG&wu}5zCiYz-aR}R9tMEHSXiE`Q^ydi zFxL1qpZA9;zKL=?n|WQ#Ka(p5cNTdl?Cx3o3Vf=(Yg`bK zF}44Cw<&gsf?Zmk<+Oag81AF_$!-0huQTAg>uZ!ETW)1YTa4>n*4;7p1`5m4($-d! z&vxR~k~-dfCTjPli-BIxSc~CH7+B>UTta!H(>w}FlbOga*42Gd4``#YO6Lp(RWn1s5>R={EzH*$}v1fIfUNaix zK|N$)tvOeSdYJ-Vc(GF!;bJE4^!pCvZU;TWCqJ%otIJa1g>Mb2{fkietB;Kj;zOW$V8}1wCml+)E7}V_((6*$PzvE zQY1`|QCZc(t|n$3T^s}_sMCKDYRKEmW!dwOz7B@ z%Yu_=R2oZkR_vT|ER{3p=lk|XIZYgUO*UcVl_?v}UxqAI&X7v{DUdNY{U#p8$&foCZ1|Esdl;nhie)kRVKJ>CXq09Jq z%!ze_%my_qr>OBWXPlJjx*P{YZ}^aG9|R0E*?z|B-y=Sf5adxxIt^K?nx3BCPc+HR zuu`j4A%&al(KIS@MCc6zr>3U7yu7$rbY;EXR8~?_Qm_vcT2*-zBCHgyaQ+*kp#Hq( zwz>@dVS2em5nYkHVMf+nZ5#D=W-tEGoZx6mmWBIiGGDnRd_gTNnNBbuRl|VeOK~ z&HDQ&WYliLj_Y6C5G-5Vj`sL!;>}bf8`_72I6)aF(MtFL?y;xlAWXfiFb%X9hCL2A(6fr9FqN*zHff0+ejwzFTJdMWR(uQGsaC9B$tJ` zp3AV*K9EEh3SXASW$E>a>-+jN+*K8kyw`E^(>3x-SxVP#@$=OV=xFjYBqkIs_`KGl zos)%i<~Rgx;*GxXW+M1+2kc+h92{O~aVH#*KaySW&o7Q~wuWWQOSGHmpKAuAbS4l| z3))v=55#uVRC#*>0_ZizOj&+XLl_x7m=!;yp?=GAztijR1y-al6hkDNNJAUqGN7z+ zB&hA z!Oal{qg?=#>7-NGw`M@RwY9ZEN_b^uCGl@3m2w#owLuiTnHFsn(uraySAvJZ-GJj#3WuF{swmXsdKxc{f-1TGLev z532b4TYI@$oDj)l&0(|(E&Tm462@tK>Wc|OM6YkRX=Q2?_ zV@$Xtg_r2?xvL~{JZCcf+9$l*IYZ&m;dzw198ro6F0{$_IV&wN!(JYowA?Rl9Zf`a zgS1D&Wo*}Y1Mg8(q+(9To?wctc-$lw2W_~$P67tlf0Wwz96_3*WAvqHb9~%aT6?~h z7nW$Sb@C%H6hNgkHYu{3>gEc+@>O@cMVlOWI??YAJ>Z+X^1a!K)Mu+MS%ptR+`GgQ zkXZsm>6DpurJ+gIW@v>gmV9pYRC&4L>+SRTuhX6D*EIWLesjV?l__& ziqf(l(t=ALKs&w#4z1NVt)xHg-grXVn9^APF;~)4gS5N;=5aa0H1Il!L*NO29gM<} z&EbJFZSc4|v0iN&!N4gDh1BXFAcyqkV?sp>jLU#>-dAyom@WR%kXzC_jxj#JSgC0b zt*9IVkC!*_xt8#$ijy&~6-j55jKzz8164`|#fyO@9YmIVK9acD>?WYKT_{s_w|B1! z2AO3)J+`ylNZnn$+yzQN4yP#OYcQbt* za!&p{nd#hjbUA*j`+zsN04OLbt3Mq7;PJYBmON--mR7ThJe>CSy&1=q*vEz=Y_`1u z=RiE?S?uI^U~+soKkj)WX%;a-2sjWM`guy1hI1d|C;jr&Cn}G*0fato+hSDp$Qk(} zh{(qm6F>$6Qm1*Y4d8lYBWC<68eK0W!NULJPzxihMR!JVCvoF?xRxG@lxD5FeOGMg z__Fn@wY?2bO*^rj%}yuj=)$j>T#Df3@Y!c?Q|<83nukqdNWhaiE&4isvP=BsP^J4{9fM2CC1!n= zn3hmW+H!cEQ0ZER&o4*jcsoC8B+uP-^chA+TyW3>_ltzxc`qiTHr)F9dIqa4nP?!<@#O+QIs(({Cm05#WTCX{vnC%? zdkptIrdQf29r%x6E4BCy?%QcWFM@=o-opLi(oU20@$clayYGau)LgAd^9S~l-@B|E z;NYK~CIn*ACK6(t?kAusskYhLgFy(YAP|f<%j+p(MB{|#aNMMxccWdP0)-+D$89Wz zIaq7OMAPU5E)l)3v)W_scsjaKhHBmCPN>qK9Da(6^|AS(RUztQc^zpTz;v_sHr%}4 zZ*9Q8^28ouVDGQMn6x{)3w7+r5goulBsAV+Y>TROf0u-bZwWt=Am9Y0b=r2)iwyx| zKD-*!EH7ID{+J#aU!k4EQ%4PpZ(AWM!sO*K?qa*8mfhW>JZ%k&lYSR4sdafe6X}}c zXl?R%*;YKM9BjoR>~65!B?g89;7Hc6;4QOM2@CkhL-V60Z(9_NW8gbd+ZbE7(E7cd zFQRCezvU%IV94&{V0<*+kXShn`l&}DTF{&Idc~=a&uqIao^H;v&8bdU_hNSP*ai6* z=^pN;$ilc1W!BqlqgL@_M@8^U#x&tgw($7>+D(Q#-UivxKhkX|&_>5^ddU2lBTswh zg_H^t?Iq>cRHen9g?3BcK9zafjT-qezjF+?CT9-zynzo=fvS`qw1 zYP`ONXe|2(+MuVMNJA*z^6sm4rJ-M<_nt%;jSPzkCqL6SxSpV>G}!qnb`BTdB`z6Z zI`XE&lmG3!B@0QfOOwlKLvxf(Dw#Z<%J6+4hST)|b@cdhyKgL+24zAt8dv@RMgi89 zGS4-O%N==%5^5=F7N}Xi6y#jEgigGC2@QNJlFWp!2dPF^YkaFxZ59#+oOQ@x#4bNp zYp>ofE_&-TnS|}5bGlTGq0f;wjzN$jlqzxsvfA!SH!+if$LTVyrRMnSx<;ytz0pqm zb@$5+butnwF#e_5$Z#KD0WG}KURj!74Uj0=6n_VDih>taRkvFe*W9I7o!c{4a%Yd@ z75yM_2&2tQUAd}T{0t)3A)Uo`7}6|+0^jPa3Ue_4xoa6qC8D7lhZ*Sp#XH?8&0Yf?xv^Wc!} zu}S~Lt8dv*`adr`&-PGMC*&mW-E*360@*=j)sxg=ntb$c+JYu<9-On9YlKO?@piXD zCZD(5M2WvEw5a;X7cmP=mQxf821O;1bGt7%iH-l>^hSJSH}dkFfeR;}Kq@gCl8*^6 z+GTFN$Qw8Bo!QpMA4)!JU3P!(P0n<5ERmOGuhPE=|0aL&A(GLle>~r5&3#k6sN0p7 zbW%5wwWB_4Kx@nWUpUp>Da?h#i@!< z*_>i?=_6`P*JItM?H)(N^zAHUM|>)P8avQhSYD8(crV!O*M$Wm#J!&?ddny;{HD|- z-9YGYNV|VIz3R0$2Ov*q`7Z?B%e|PJV~_Bv^D15+V}H2$(z{}hZ%)_VWYiG+dElMl z=PR<_=$}dBKsOIB3kdARl5mxmOy7@+<(v&fkDG32f>-Vr5MUz=Cu~x?glrW0%A*1p zucjpr)Yhmq2$~nh_<0718GKLUu-^eCYHLUgN{$cCi(iNa z{o3~}a3sWrILZ+nP2GD0S!QG@ck@cZ=?@c~ge&+-BkV7dhpx|$VsIL(fb#YqOh1bZ}duZG$ z^_?T5TeNW#W!DC(IrxZy_}x|-TQER&1o-C1sw4_s*)X^uE%YNp?LujE@-U58dkah; zAtHfEbSUCZg8Xgq7HY=ib#mkch}ALbBX+)>Z48AK7x8&N{mqJrRB#moVIdt6wFB8% zt9K$Gx=f5f4vSVPwr_SOC)oPfAaZ<1*2ptC`@O`wX|=c(>VeB4%A$>T;}D$Li!ua3 z&=N=Q2b}A}nRCF_v%e(bhWZJqK&5g!zF8GYDvjo6dSP+pFCGL}wCPP%iioiak=4?|p>ZnR*I5lV4_6MNk&aob%E15-sI#+T>SFcotXYwr zMsnqF`1avZXH>Kq9ZxeBvLQOc|IBxR+_9rn=gAhzv%HwkoD*VPcdV!SaAcyRVn@L; zq_)c*2Qd34R6`sT8g)PqY4105kD0Qz>NuqP))ni@@X2Uu3s4kNKP0b8g52bL%o5;T zsIxJf3yY7NO@fwHxEwF|$?aU&ertY;`0CBtclHwBkF8AJHg(yF+NDit(9b+4>FqF} zFZmQm3L`0OB|SeR{$yt8g6gTO6{UnJ5>}qmn-6v3@PYz|JDRiMs)oTRTGlA_r@^km zft27kG%tetP}{%0;J6h*igqZZhYjDh=oTtv=)i_Ur&O^!2BV7%I|wspayUZ+U`6Sd z^=>c60R$POps7vBM?rg3Ii#?`Wu#4=*WOBrQOY?A5hBXg4gujKAR~qBa&RZiJ?#d{7|l!eceR`m4#Ypg)SKP%l_k>HBU^H z=!IyTN3=L;8;)|@@i*rQvh$0Bm2~!oMixOSJKuXOhx_@FxCpBQ*~-b(3Rx_#K;d2Pmg9yv;yNvqNYM-&LG!?kfGEAz`&6JfT;(>;jQ$?$82z=@DH zNOiPFu^ioO#S!ZPD!W9}B;|44rG+C@|9s>ZkPNQ=Y0r>(Va|l?1zbEv0y>gk6c#-? zwedn*-7}$`2SBFuGo7%z$%E&#r z0wTAxyb?{sbXADtPaF}9&z47_<*M35IXje-A7`)E{fgSesSa5LYvF2*Wxgac|G9tH z2JL7qWLlt}#Z(3(FO)>m&Z5js)43t~0+LqcSCB*=0OlyETuB1rv8GT7R_`*&ewd56 z$t*Av0V|_cqeQu@GH<76Q&dpM-ke;ZEsGa7({^bL$mgB~AP1t&X)B*v%qg%U+04^O z%N)k)vYCpL?E2XTl-Xs!b#SrBgMmPSKE@LV?B$$rQ^^N{Ft$b1aLv`&{dUKgczPlh z^{nI31?_x(TWsRBs@CY%gVxP;EjMcmK=u)>k4e{QW-@Pv*?U?`Q0>PCBwZy#KDpiB zgXJt2JddMui8IE98HG_iSr>;kU6k&aW#VCCLYLAw3v}ZK9O|%TlstL;l7ZIO@##MA zCveI11Gz~Ci>jXB1;OWepSeVi%aE0SG5}y9UN<~Cd%yS4+#=|TShqkyBE5%kWm9`p zXv2LbbF3foBW24*-=>Y4A7cV_7P6zpdfuXe8t-(_;!4lk9pNijZnZEO#jhyi|Q+%Z?Q1APg6 zmiip+4Wi`cBt{VNtXg?(KJ#Z!(Anjz;iSWwuVx`1o9rat%y?o?69K zjLVhF=ZONq)ZINpQ@yy)pdhENGxc(1)`7fTGZ#w1O3*eZ2tWBq0&%xWIyS zg^3g?Rkd5o=(DnpjA?*$%gSY2fPBC?fQ*}=J9fFz5~H?HD;>%~0$X5w!WAt%(jqw! zT1+4@R)qm=8o)}5qVXH4o zv_mi!>Hwoexwak4%cx@TUclYI#85QbZ+x=`yxKq1N;cMuCW^CSGT$>gc~6ANq(4I% zlD&(ubg`}`B8G%IbE9YJ>V513Gsre4+4OGUfs}%y>7f-LxCIw8m}7etUC04`GL}(exyI-u>%Ewl&HMeupV;z%Wj7uQ)g z0F1gf+Fu@L0k0VBN96F_{`blm)aHSbJADyP-%h^$sM0Yb(`9E_3X;a6Ixm8ZV9>x$ z`D$=2iBi>}iJCU)9yqtmbtYcWVA94tKW+smrX9N=(czSx_d1j@LN50N0D2TrJ}%kZ z^kj#s47n9jE|oRmohwI0n&QVtpPk!fSJoGzt=2Y6>kUU}?z(glqFenUv%EuO@$7 z>THzJe#lK)rFX1j#G@s$iw;-fO3(P_ZrcM-5uUopC%GB3ORQ;k(-${XE#B~+9N#d8m0duWd$fEJe+ikN$(9aYu+Uch zL7q(0vm0jXH;TV@tEf6^YlW}ZN;+0x>6%kb1Og%q@o3qv zO&j+229}wIT(kOr+t|ek_2dA7n>K;r5J_%z+~H_lxxo3X+2@!VVtW zzZ8}+^M9>aTx)gQ=Zt^7eiDYGAPdCk-D@vMEmxea5}2(5g15(R%chkp6I5Dq29P$^(Z@5SndaH`=RTF+(F@uwQ|KB&TuP9$(2do6a3 z4F#B*!Bcz?aLq()f=*Fl&1e-cwoVdQgVEKHSEM%C@H3TPl2G#y&}w0!xNgeRyCmo= zb@*ln6?CqzMg1E0+~19)4z{SWw#N0KyyyDvqF1zU>$uXbTn?ACNLH%r-RFvq%u4H5* z?s}l?izR|L6irfoS)XC59HNhG?RgU*Nt{Xw|G(k4tbO8%HPiN)j(EL&|IJ~1mVinT1`6E!2dbaq*HD}MV zDUO?MWx4naVbY$h_CODC_omCbsoeN9{q>P$WP2@9FEn$qzDR1LrXndQ&_8^ijY9|J z_2%q0Cd+VBPQIoe2JPcg=OaH{S@}{r^AT84IqE}PUH0R8ISMCP+Ib-OmYf-nQeh%{ zHgex=6rTOvgZsL`1($u_XGMWhfY7DS>KVkbND9B~2pF+&x;mL*p?aUCXd-O(jLvD} z8I0!ipn2`}awdVN*u5b?<^gVlbmiNhJ5PCGz9PGKrOBLyq+ZO0qA<3~Dj;*Tga%EC zxQwsn28V)fVXTW6>+LBtnnl>5BC@x%%Wy~XSjc6Ha|+N;LE!eS0!-UIBm{s+?O8+x zA!f&A3dXC|*+;E1tedv>c9vdlgNmX=$Ok(MGro9T%J9{tXgp3ks)U0_(%dd5(35aF z-f)fUpb_Y^cslktE)3zgroL+<(B z@_^74>if9xI1gr&cq+bAL`&b}@nAgBw$h6mUO__&y^&v=ckOAlx>@z}Ry@%zry@Ko z=_72uKUi%V5+QyMd6BbG?%<(Ab`PN384huW{z^Y}=NMBW-Dm;_*{%O_LzhXz2-UqU z2$VE9vu3ZPb?Jcrj&iFc5*Jbf!RTg87*V%+sKd8%KBB z#2UvR^xK8iX4?%Sy0LV>_kdb{buw9^!=fAwSDMw$Tu(nOAJBz5u=lZCpT+uF&0)9Z zTOTBgVd~+r5s;}kdukniRsY0?;Q;G*N|z0DeYA&K1>x%Jh?Jb^fSc74M@VLb;A%&> z-qk8S-uGBsk&g6D8TKFr80=045R!Wr@g}^cgY@CqH#n6@&`24tI0-321p76HyuxeH zesx>%6a)Or6mMO%U}tJEm`o-`5SC}1@R>&u$KbU*=qoc5nem5KozZADYjf?8G^;2F zm7Xu$-_RHIpdy&SX}#`_Os2G|1#neOMvauEQ0a>eWc~Qd`>IAHC@Z0);RUNJD}*tZ zg8^0nX}uUyph9XE=FwzI#U#u*pfeYw*WAzTZEc~DA_up}bLx;#I6<$U*B?)aBuYmsy7D{8Je1!NWnK8c3XV1vIq8RUBqD|>9tzveb>?%-)dp-f_>9& z;eorJC~OQ0j5(wQW?#dR_nUq#G|(kIg^jryiYXU(J@r!@o+b z)}~#2kzSns#EE2_a<+MN1_?j#EXsc-q`Z<384Ai=@J|oik2049H$WeLAMbevVbEmd zNu@Qo)p6d`eu<(lmH;7(x?1OdweFb67dR<8G}n)(lp=cHiB9y7MKTC>Fl}675``?`(fLR@4M4F zCmgw%-Q};#<>BRH$vuf3|J0K$gR4xdfy@EQohC@n#<%twxm;Epfa1XQs-N~bS3F1B zqRMT)sI}AXaxX53VxC!XQ8eTdL*RBbeWj8sb$i@9MvwNm03Q(dBcHh}mmbP?ey<>t zLG#^R#y4ZH@3t8UR9j@Y!h6X2~|ue}qRnysf^PSEy=$=UH@=jU=B+2%@L zl*2n~^uEF{4^!$|l7|ZTeMhgD`kiR3)3?6R z`nV!^ET!3kYM9_oCEc^h-TR<_DqDB9;SKvwGz1q22Y3FlSX%*5!s}Oq{z&EuN`?5a zJdJ&6?0TGvfLFT7`PO9V@YP{%W%% zbI~~ePh=0uUd+-)W}4)3zoyfBu@zym%&)@Fnx2P~30(UZ_B@jVJ8^zXNfIF_7CDMS z*&h_K!huObUT7PxkR>~krWpvC8Z6c34$^nERdfBZWZ9?)$e&;Yb?89kWDIMbqnR{n z{uQrW$AQcubsA@`0$XmU6F1etC*!Ng=a#;+R0fxXNFi_-ze~rPKG7pK?nB+B;~$Pd zr|x>5Cnu1+5t37B&*h@rqFTDt=rYN|$G>$JdV^#*->OG~*#v z8E#%}5ae)yZi^{-a=pVhd6F;O_nD$MEh6cjnPG$g(Iu5ZxVT!e4-=UUat4D5X(HrU zoQ?{0>2i5fz+%NGb=hZK!3Xmi)PHBqlXcU+(u;n8Fn(lmae6=*iKe5+JsppfD&5Ti z%8s<@7Yk624|n}-#k;(|q^8=p6{3^Lxu6*k&N*`8E}a4IHg&=^`0?;23fVZw4uV%R zRZK0s@OgC&+j{e)zTwIpQm^HCh`_G9QZ1QTZM9yOfzMUv;ltF?_kOR_EDZW(-9PV+ z@H(T@cS_s~;fewEhVnLr&b%sJlCLUqjHD_qkST|$v8t-**-e#z$9tuEuuWVwn{)lt z=b{J_qQ;?c629hrvix}t0-njrZ>1gHs5$u=JFmB04Bf@)b|qkksElegd<6>=3Xq8h z+m+;l7TPV%R$)A`*3!NEqqDyf*T9vq{V3u&$H67@nllJN+jTR|(S*e%n`bOQD9kja zwikz8W~z0X#RQzCwVBHa)uXxHcT3Lmx8l;c6W4Cu)U@#2sVVb9!;|iw+3Cs0RcFX$ z6sa9PmDGCub=|&T)x1Hlz&2KbVf4dKL}t3Lq3Rg@bLgp})l}iWoT+xD{v^ zEtjg+TOEr}Pl8@M+;7aXSiVE%($mK%d#*)?7~8$CG+E>Hexf!`UI#P=oKF|G3(?3{ z>?V5+C2vbiV0+GCuE!P-rh**yEnzVX}laCn63EQU4x^)OKsTR+k?c%yxkP#c*mA7yo>xgBF4W; zskdHZsc|Z5UMZ>mZRNaK%40jCjE08K=FTVze^FEFaSA!D)=*B(?6N?gWhqZ{AKt3(h=oBBoQXIqS>oS>hh^+Vhw?t5z7 z@`Cz0kJ{1{(a{us06si_G-i}XNG`2Fx22JB;Y%Cm)TR1tS(#$imvcCFDV1E}i1aB6 z$=>TZLo8SEsW60%OTG3(P1m-js!r~sRhH&$*hoJ!PbbxbU)K0%rMg_gj42IDc(zBJ zc7XaoPt*IyGT<>2)=BFl1l+|9MLbiF4$4lJguW<=^{UA^Q;%14OY+9%B`VjSd={k_ z<_}?C2DiVg20&<(LD2hKdrsr{Sj;C8h4my^YGzsq2-#%9}dwtdG$rOg#I+(C@p>6In47DEyWCx)}5 zVZGtbN@IoJR~0C0MT%J&!5oK$TcAsm6$qKxt$-%eKk*#`kdUUJKfW{;M2cTo(`mOU zC6Y`%s}W%)Cl2^24FQKwu$YX*lg3%-XBEk0g~MPL%4t)}Cw7H8xKXK!6IOzoA$q9t zNvbOz-v`~r$Z4cP$O~&y%lETKgpdB*#vZ&D`GtQ*#DSRs`GuvkD7;)+lY~GaazEj* zjz8*$3c7qw>1i@}!^p)nv4^4doubOrR=%M=yY~WbBLg{V zoWyLToz7lOK}7Q=Nyj)fSd*DZUxMmX>IxgGfz)Xe^E}skrupaP^oT`u`O<_IQ@6VV zMFVtUgvmE9`~7JTZe>OuWG(`bnbw>1>{=VLD@$Y!;m3ONs&sfK;56|C<-pIwszAtWF|qBFT<=KqI+Pov9U2mD@SVFBd$W5`J(-LJ%i`x6b>glS z*#Vo!BHr~PsppKI+{RwuKJMaZ*VbWom3TQ^oulPFQdfGKr* zMxtJ2HJL5v96x{-TsWsSqy^PV@p*GZ9nA2w6{~m_A@CGbZBmh?#0>@MIJ->*!-Cs& z#1Nm;W-=IH{__UD5em9dUX|$E=RND4{aDerkgB#}M|tl-cP4ELr7+UJLzq7=*!=^L z{FDs#330}tf`BO1lt;rGK*mHOE^T_fgjG<>M1zu2BT$p23_SUhf2gNcgNlcHF@6=K z8mStl8c5XQu5+4=*nG4}*81szh`^=*sDiUrMz-%BiXrgb#o27p?+XUqS26m-i~j<9 z{|nzquaES&1;INEBHqU9cp&8y^gH5385n~W$;FXbyWPd-;3gs+O@?BsP&hpwDjeiB zMY8~nM*j~Ie-hM#6awU0AseBazoF@m5LH4cBTvrck=W9qg-hnDhKq@5_`XF-nQJ+Z zvHp?n{1a?I4~hz`pKPR>MmK`GNjn=qP1#2VP1LQ$X~ySD`m@@m@0;!4g!p$3{t}Q7 zsCZA{$16q}YHNe4-clu+*rBvfDN_8jE-SxA6Q5y|<$n~Sp9ts&Dh2X;gcNCSEE2jD zia(|Q`u0e*T{$osB_E&zEYSMTB;Nnv(*G$)sF0qXUXSx{y%^dz26Gn4ZF z(4ZD*otJ{$RsOKt33LMdAt>lCyulkP{vh-?v0uH?8qt3&&3{1rKivaS1Snjbk!5?d zWm4CstEd$19ug<`b#~N7AY&;ou?}ZrE&SiWNq;g=54wZsrydWGt~tF{-$Rh}2TQ~d z@M)#gYKri3O<|TF)zX*5`Hv>FhvXwwR`uj>%S{pjFO!_xYY|e*jOX*gXXq{v-$LAMe?8sg8uNtA$LyK zo&0ga{R~w?WPhMylJR&Gi6pP%qP%2oiPe>w^c^yQr$O4kg6RL_e|$i|`-#KkmEG8f z5t&}9Jm?os``CvX`6?2LaM zBLfjukR>JTMs<~fveo#v7YqIubHM)e^+GZMUg>!&%mPr12Ka?FQ>6T?{NOq59TK1cn+_wSz*2D)Z+a7 z);U^hSUHC9$xR{DrF;mTG^AN6S2y5Fxl9rTxVGi>|8(vEKHMJ#Pw8S|YTJ9N0$(tR zT!w7}3ed3rV^{@z+Lv@MQ9{Z`UmYr{{>#6^{r?_8^bAN8Xk$u{PiRHWfJ&$c>2X2h z&OafEe@ZA8#+NEb8ShFN_}aTzgJ+-imD9xF|A-U+9rhBC5xPd=Sr7?Q-YTVX&EEg0 zdqmK9sKVaRB7+e+&Ts#bc2BBsZWC@Y+F)N&AM%{}-{$+C8pt!N(@sxY3;J z2G@Hd3kw@htG|8?+d4WrdV6z2t?nSwlkCQhux`eVV=yGJeoliFM6F8b*Hn`>f6Ui< zk%ZIE&(umw+Mex?OO7V=vy?x2C_HY(=(>5`S}JQ@W(y-UA0hA-6?9S5#~43zZ@Fub zncSXD&CM8-5i}PwVife${$X3qot@sZ1>$mgR&a1|EG#bX9-Q1lzJrd7QmoJwK$w-`L~`^X zamM;GeeNcnC22F0RE1GKIq?TUL<|Q$pqgBuqRW~#EeZHY zXD}4eK^yX~AyO~%3d(;0hi%A3k z!E1hQlR_*ZEe#nA6%|pCy8a(sZvhm?w`~vO?hYa7;4)}%cMa|^cyM=jceen+69_JY zyF(xZ3lLm`yTdp9?z{KB`hV|Lb#)C>)6AT6`fOQyt=)iTLg%+r<@@N@aKXAB9hl#L z{=7GyTnvXfJUYtbbG3wsTXZhL6YKy5cOCRmHA-tAwBTg1o{^g5-rsuvz4e2CO0K{2 zByaUraQZwuQI<2_0cE5s+~Q*3>0*`6+Sg{YTNjGo!9gWl=JE$ zrNj2pd2{aCeY;*)u)|sqW+346?e+V|tWT;vc%KyBlzS8tX?{bhnj3#L7vDbqLAJWN zxw+>;ZiKs|e;1!TQ6x%{g0Y%I5B@0*nUJ62t4rMfG5x{y)K1{aQ`~O8 zLUQ{Op)Z})Ec_}$1H|$UOMZQ&J%x+HPRpy^K7T`6S==p7mlv&q_C)DJAtH*}t~e?4 zr+O0-g(+kD?Uv@|3>xdF1oYI&m>993FYf!(lmT<5UpiwjH9qD6(|Q71@rdx2gJBUN zc=52)9Ko18~HSo{54%qsY!-Ml~+fqPDWZ2!fwxx10^j(Ex7XZ`!ei(&EaB@FhUOBd6nT5WY3R^e0-KjR93Ta~!B$bin68;-Knu;M8Nnt-DiJwHhM&wiyGk!|hFvO8UMKCDvd8@6m zK4nb#X)b6qAfoQvXRCA3Z)-#pUD$ey6j2mQdwoB0RQfY9STRN~9bWL`{_}QvU!!+7 zSsa$1#^`^q6u;$gBh5Xa3L8#i79zygc{HBwpF*f7BJ;InA#F zSI_6xrTIx5b80t{ogDqTPN(yoIyv3<-K_sg<7m5$Umu6v92+0CUSCoN_`v2lcn~4= z$=~1qE~HMh9$>?yfxI|2M2HLxr<_D*&z4Xm-K z&gZfF9S5Bpu)lUWR~U4bnAMX@i@w&g3Y1rG+MEa~h%Mh~_s8eu>1mbut~l-;!9jNq zk3Nr|{tJVnO{tni7h)1P4lj4gTkl4;s&BC2h{)RX%ixrH9N0*tL=cRnO9NkjLN=on z#CV2p*ZP3TTuip%;@VGpLe9D*S>ra-IIEO#D*$kXbzz+$VACxx-)<+R)j(LX^qo|# zz6AI{|6SA{V^g;k5XdzTG*WZq`yp{reihI`$PwThN@lWKXSfPPZEWIpOqG8rRmdc$`9{Sxy>@fs zAq*rM_O=F6kpEWB+vg@o!Mjc-AM72>WWIAzJULNeW zoB3__BI~PMs*V3~ejFY9L>WxLRz3o7Sbgt#Iw*7N*m7pICE!Ub@~6IET?dy!abz|$ zMOkv*2#4a}>hp=`>&tC7Ay(J(v15&HgXJu=$;Gj91k4Q^11Ys*+%T;VG+4e~foKUL zZjxiuI}z%5Z&+svzlH>ic2PHd3kF0@kg%)|A-?)&n+gfNWh!Dr2eV1_ctk@#L}}~J7|Ro*7>_iJ@VX;} zuW>iTMuC&(5rT9}O)3z+o3&^hu^7aTFCPH$L;v1jW&9Mb+*?ao(mED}ExZyN<6a0G zOZ4|E%@|~Y^yO@1=7L`;I%pVSp&iUgR>rsNqt4RLzg@JlIKBsDlO69o|26#hD~0na z7ysG^beL)`91HIb?;Wl)030B=50FY+%-K$MBvyq$2`~4JnJuC-gshwschW|lf80Cn zNSfapWj-H$5@~QX)+x*~v|js;ga6U~SztJoQ=d-uq0*T2K0qbCQM% z&izopJOA0+X{R#QZ@I2CK$4nmnlwIOeZCXNmfWlh;@LBecx~Yxj4o)s8tGeqz=cz< z7=+O5F!8%=BN+kU5BD~(T98(VvwksN(kyx1e!v(3n)ZyUGkq=+xWap>GzOzo(37VL zI;{us?wFtrPzig&SCIT+j4=Ot#sk^R=6PiKJLgYxxFX8TtOYR|k4V7P{!f|slEntL0-nLC2ZfhzMq|aqPqL#LG?%#s;%H@ zn=XiS)Q{48&HuLZuV&3dA7Piunb3s2gB{hno|QFZc8S!H)^DyGlq7)t`3)XEqus|@ zW!+rzzZj$CwvNUVm$(&5WP$`pUXTXaKr;jhXOFk1GMXU*em<2$X#h^dC?KkQ z@n7DvW1YY9zdl`VS-}{P3)NRk<_a!LuoX8;G7iU(XvqXVZIMTI8&ht4)2z(DX)KS& zAFuZ~>%06`Sv_{5DK=oY+M(;ITYKMi+j&~>dS4K^Gu|kVj9V)8alZ4iD9g8BM`z)F zJrpxwo0?n|th0T$N!Xn=Md`fuuz?v^;rig{xAl%$GMrj{Gz8ZSJvc%eqPEpLnZ#^) zMwBvG$YW=iF@7eN4#)0*;$i{_en&VPC@xvMjcO;(gxe9dj*t}L(jKf}a=_zRq&g60 z=1=frydB%;WrFM$zgnhT)ClV!8oaL7>?JgXhWhD5~iwR8seF;T^uPCqAv7o2T z>?uFXq8u0e3>2a2Q%EC(S{=T=ay0};=4Fa#g5AnS~$ z=p$qe$UaR7_Y|~NWD$+%;c~{b6tu*u&0dhDz?z;&i)fKQ+42-M7Ch#di27436cRv^ zuAOBH_0NAZbvstonE{}Ua?zJ2vjct=YSf}7;&=Q>to%_7M>uq*1dW3Bw?LgE7(Vuw z^}Pw4!EUVDkf7w^{sm~7nb-1u0Ow;<4v1V|IqRwmDWS|}^hO>!3 zLqK$|x$pwxVY)HJwjT3B>0K;j2LOS zSq9ywbRoUs2h5Yz<>y=I)Gj6~k!^1U_y;ft?_ChrQJ`uGnEoNkMIY7YU19h=AnphB zJX(aV8(eOdiX|{~>V;4Kg`KIHY>{Z9>5$oaUC)&`HB2!?-0pYpqP#RBM+U1b{jNq| z3hEhC=nAV_W1v)aGsoF>IHGnZN)@{+*?=?NUE;$4v%BKHqsB& zRbfb12F)chjU(=i)ly%_w-Y14(KBLM$rj@o*hRvH%_DyxTEL!>6^~{6eM)+Py#xVg z)tv*(NG%gVC~O(5&&>N~-$*DtSIkryuddoc#fJc{YdwoS9ZvcuK^s}S$M3!gXR#5n1YFO@nz1Na;lw3mwB9Rhs-z=O!ZN^1e^u6I8iJoCDuNZRcMw;%eE!?wYw;j&LBq4 zEtW#U3D)%v7(2q#W1{}cy(yq5r6m@e45O)0sozbV7l7DWF$^Zk85=4Id;k*Vtrajy zMqBS$`cz8mjnvn`K*4t85KcvWLU; zKd>1V#m0=lJJ)$Hrv(?L&~=z>n2)*O)Ln1DP9bMu8tmQu^96*P^R(3FUg;-<)fNVC zkS7S&X4;zPi_|*x{Mh{}Fl@vb_;OkB+WmU_>XtbGdf5T}Wxasw^E^#Z^g+UU`I#7? zVFBnZ*=s0xKH4I?1&azNaFV~AMUHM0YSaF0qs%b6%vtET{_ePQ!b%P<`J(UGna*?| z^88EW`8+YuO;hZ_c+WNeGOwp%uC2qeV<$r&eARLJ`E;e;B6hZvAp6YL24USeXdG&$ z`1NV(wM43gZ)O%ghOp}_+@vd78nRiZ)R|PmRZaqLJp&P)2}XcknLjRiWhlE>iVIOL zg-A8xDvS7OHpm{ReijdY^xMQ0x$DJjM6MPib^hay8Pklm$Ymck9KZI@#@TZGleo$+g zzTx0R0!ZNPh0@r|o3!7*R&VFpF;00`mpwg3Z13!xK>`D4nNK7FIy)A~j-Fuk%ZpGx zSPTk-qRVgj6cam{zh(Q{v%}ib)!=;llmv}gZdEAU>9nDP&#JrpPzd7_Ngc+Pu=CHj zKXYK;-IVI1wgvM{EAC#xkfO8xT+i8KBoDP-nDt9G&pOw^CaarKvTEw|y}f|pT{HS9 z3h2jjW>A5cQzJS&xqwzg{*@J-9~-nVOz)f7K;l@5VNk!{&s*~)BLUbzR8vyMT*R+l zH#Sjo7lix>-mJp7**cybEWUAqZO++aKi4N8+t;2?mTYS@b3`lIMtu(yKrw--yMTuA z70y}ha7KfL)r*XluxwyVlHae~Rk&XzIW%7k@P(H}Ud|H@cTt0fAupa>E(x~SG5b#7 zfnH)k_u>(h4kPdmU^z2~_$r1iFIi0f0!2AV^%ECxbT?oc2~>o0?uffP(m(99;C z$o*)!$nyd8f)$tGRlN}Hiv)QN`@`EF6OW@ zhS4@p6ohw8%ylf8_ndHN`Jfg8pAwx6Bbzp8h!bRyZ)3sA&QnEHz?<^{F?!p;d zGd>d+`4w0IF%A)q;AlIXjB{=zJQaE}y`3px(NyGay)s=J1T&Et#}1JrNQ{4;DA!0J z<{#fwp%sBCnbmcuqe>pwQ^*EBB)Fn~s`TZ};vz|bCzTxfXlz+2!34BV=cVm`ALmEY z1C!aY*kf{#>(rh>jZ_lGT9d00U59?>`b8)Y_u!r;<@{;E>+(t7$b-;R7!3*+@_d097yW^x;DbU{=1=bV=9@oVSH1Uy z?nggrY38g4zv9<;g&)m)rW4#i?jY#Lk8K=MWB2pT>s{ijXukf@q0ueBtf(bpQF9h(|25aKOP337 zH4@K*7YcV#igIEd^gIVT-%X;p!irsDXq)J@5JWpfOD7Y`3n123+{HuB$0Az22neN` zT#(!j+SuO`p%2}D+X0nE*WYTB+dYo^jp|#x8TC<%Au?MqaGiX6 zbDXtZao7(Wv%4*TgCZ)r%t)bn=B**BuQdp%1&jrYRxfK)+LA%U2m0@9NN9ae;XmHw zA0GhGv0V=~GnPFq2(V1H`8egB8ki7+lKESk&I`u@!~V1z0h7|Sn&1|Wc+0ID$s9z% z`_d?VSoKf$J1>KOBGfc-*v41+s&Z3c7c;@Apc?Y zY^alSdjaia4=y_bQOCEg3Rs)nioV@-w|=krA}*WcUZSS>u<^OFS++h?o9{#gj)!@n z7X-wAlXMHTJ^{uJlJojxd!i#s#OaWq4*D`ff)vO8#7JR~P%krNXdk`96^7s4!?`)2Vz*mZBQ z+T6gWi1J{whbE!-U>7g7nil~3d56m!)%+swB)>Iy=8RQ?Ig~BWk#7_!$d6Chax z7>6b|O@rj-#>Ev!uv_I@N-Nrum;TM&=TkpK5*WmavxpXD7%-{vKAJ^W(m?+Xx}#U9 z#s;N`-=uukK6On#Z!O!Y*RX(rH`v}n6KSc`b0;V~PH==a&lBeUgtbe<%E>I!`Pl0` z7KFA#Y1(mtQ^4GkQD)M$dR^^VT7UxK%S!(hPlIFa`sg#0s#AWTd|;*b-Ucaz%s5K) zQG)y-$tn~YuYi`DnGYLm#o<2Wd)fqvAu_wJXuirO>ezmjM-d>!`r5bReDtyjeCZPk z0q@%E^GF+x9XcBAe?3o;{ROcrUw%Sj;OLYy4t?X-gO7oXrPJOHAs<(&8j=2K^WEgx+L3a~a4GXC%spwK(?ykKglor9(&thW1*(q#H)+ z{-kZlPLK<4jvgdb%rrF_avR%WwCRIEh)|9T#xCbcj9FCz_HhUQ>gEK%S zb5N^3u-yfTGvKkTbgNxbc7?=}*^0_HlhDxO&NQ(VSN4X3{JaQd)rCLM@&<;@X=!0h zHG^?oFqK|C!rJA0b}O^SEp?OdZjElWyKiJ69nUDxQKgk{JUhGtXpG+*+Zf2vht~M* zFm;f)aLR2>h-Z1=gw=xg z_%heGfLb+ZCadjGKg8x@L4zMHK%kPch0(2AInk4(4YL|U>$3NA{^jN4wQZM#eIl?T1(V@@SL=%^qxrO$5`0OIkJCxb|#p_68w6xN-Ol9OPI587>aTsYUlo_;g+4l|nHe^9Yb_X#G*_RLKf#WsLOE4a ziL;3mm`^9mp>}hN-3GQ-s6a2ha|=%n|;-hyyaPROg6le)9mmKqGadFB4Sn zO6faP8f*KptzE&YyP9?zPom0Q`|#f|+jH5B^DolMdk{F>EdjV;37Re6;@QkohOiSg zVRH)djAe0;Q4__x!oU6SSA(bPdgs`Y3}gWxGL7@#q#P@P^d`L1y6{sWI_uyIN~f#Y z=|8n!Ss$u3y5@1Y+K1dS=@WFsT}xR^JqB2Wg9V5(rsN$lJx51Ib$rmxR9qGjQ%vj; zUeA_)o7igR1sx7!^HefdsgHJS)bbme;V6fhT*qaJW+!c5fB%u@1xX8LSp5sKWG|pX zY9Iu&#J#6lz>{He&V*ReBp~#MLKe@zhca6T|h}4$)?3$ir z+>g~GHA0p`9R`j-9--BdnoLOe9Cn4VuAXApxmo^m$o=@`@sx11{iH3{N@+tMXvZ~< zFNJ_IVSxg0Jzi?^W><&qr|9@0^6E#~z5Q9@PFf1?R`k1xC+Ma=bK{!2OPr12%@I=O zuHFst^!@S&}blC%}YWS+oiR;KC5l9ir|Taq3$xrju|@iEsbd}%F{IX=&}XU+MYj>&q#!DlpqkWxgHzI{M6{dhc_J%5t-Pzl>tKBrVLWPDz~Q%Xs$_ zYOGpafpYTDvTTg8ccUskt?J@N4=#!)`0LiTs`c!pa)5$g1kO7QFl)eE+k}U7&!>{|6SYD7%PjCPUhXtl zxL&FoMVc`lA^d6QCdlUU9<&uyHsnCMtg6Xe9^5#PL7U{?+n1YYNJbCAn^6|1kJ=tN z7%8BT+6p;T@LHMjtHrRYCpTofB1JYEDH*uWwbtT}(^dpdJffh&dR~J`)shA4klI z@{75thcqCbyVk2E8nhaUDLi5`T#M>pEhEnUp}eXRv88cOb!=W~0ute?QL#0A-SwKk zKXlSwTgliEG09VNO*R!+=CC!IZYXiD(n;4Y_u8aMhb3LpdWl7+Oi?yQh;4nM1y#U=jwIz| zE~S*^fdsrxU5U?xA=k8mBSi&8^Sx%9S`+@R=6uR8IK(Ts^d`2nh+{-M@Xg~;y&OB<*|xhaQyE6Gw(ME<-lGYwaA z&BBg1gU++UR`sI~4qPm%5KT^C>Gzfd{y8)vRM9-!Fvg~#90gS2Z`5&#XZ-#2#lo1c zgn$MxQ<$mJ8AOE;6w&!s55!cJ!jSw@(f0CisK6l}w3!MirUBZR?xld0)X{7deZM@b+^$lKeTOPBb?*xVXxSExbR_zr>e zown4Ruj*dG?8vS{-Leg%j-uJeLsVE@UdgWKgMeDl%0Mhd)mt%b5GS1SHw5#_K&3zOCgehdBVKq$! z+%#|tFF97vpEQ-4`OAL z6$KZF-gTtl_@oUdqOyW1C=AZ3&+;9vQ{uw7kesSpk23&59DAyAirh5+FdWiIp$*V( zPS-H!N^`s$cXy?x$yYtF_JhJ-OU|Qdac$7L?JV~UZhp(wD$q(HQ4EDJ*wmeWVfCvt z3<)J%Qo#?yn~oTg3HfB46|()kHXp%_pv;_fp>I!tP>|!EK@(i+9H&!gJJBBX())Fc z??*O9&_jm=QPYKxF5E=Lv>{}AwZ*l>_sb^W%h_ac@a#15ab*Z~+DO46@E-W39Y@=g zvvcZMDII#GCMG|6xyY){KuNQ#kK~`|7Nk$c@x=~@-6`or!e6x)FUNQKTpE8Xlfp1V zp+#1HYNoqTK?7rKyy9zjjy&=5EP-AwGQYJdjx%bCd|0=Gzs9%5voDOYr7V^EkHg2RKNZ|^s0=!nq{T;OwV@48G63}l06_Vb@dPhX# zx_++vGACJemy8t&MSIY`DVu6sv;AJy{HtX`_@!)o-5XmCFR15&_&PVil7Q&M=Fm{Y zvC0qeZ*spx*pIf2Dn<@rZD=sMet0E6rpwA5SY6bz^;XMrqR$n*5}*v_5H&8qNwcw_ zwi?&BG(_P*ge(T-&U*w)MAQci6G%^jZNLRL^{R_<&}zu(a_Py!g!~|v-G8Di{SD2| z3qKgCs;8L6NSs|H0<0WDOhIAZqvfPALRP@ov&)He`mSucNihngwV9p}njRZkmW<7g z5V*pu5&lQgNH$@f*9{$`q(8GJDCp=SuQbsy875c}i90`i<&dSK-dKbp!^IPAlQv_# zXv;~kOSIcfPK#pg&wIy-%o~=UuS`exJJlf??=z67)`eXTBLxj8i@FaDp^c=wxwppB z04&hsu-|y^-)y@AZ3~mT1Zot1ZS1dUSWH1IU3M&(pnG<)X(=3^5S9H=fKiTf`w4P$aTkTH`Ffs2B}icK$z(zs64Ad0zWDRXY(r2^{K>b# zrW=Au%aU~S-I~y@G;W_o!BpOTcl1X^u!q20$)qH;1opFS*(F4Jf9^hf#9p{`R*Hx13w(Z*;NYj!PHWXtlG%cB|(? zwIP;?;CN|kHEk9mQy7kh^YNhWvVVp`g{HHVq?~KPz~<4ODxcG3Olq26So&{Oxs%qM z>VdFBpF(CGllRc1o|ZqB<+Z)L_?dnTjvm`3%Occ8VWscQj#3sD57U^Lz;U7)x<9|EJBJDJ^w-|2uZuGX$5-H^(74 znt~wye-4oDr-|P{T&Hg^=-T?w)($t4#S1ay57Utbz)dPlL}THH{o-#OwUS-?KT)=^ z6{Je|OtW{m`4YHN#9~kRrOQ2K_HT@2<1)_zKP42`P1TtB3Azt$S&3KI2blyddxs80~uM-1VammJ+iZNbGVrV9& zVrt1C4~99W<|~@X+$_}tcawMoAHs6D#P3`Rk4-*{$zk4vKd2d1qLCK{sV@w*$CM$g zsJ2^wGVEB%A?_h=j#43N;4aAl2?$3aO&7Hm%{r}p2rOOpRe+JBI=TA1pQJy@Y#l=2 z>R@M|uOu~PJ`kk^CA?kfqSMbP3za5H+u4gY!dCvls24he>b~ZD!VexHo(=6s&0~`c zOnsXzS^q&$eI57_Jy4+*jR%W93obZKDlawD&?9>qvCqEq*xoTTxaiq2@Nu~>78^Y# zXp^cR?Gysn4&rMYIA70cbFN1$hMemJ6JAs9V&A zB^|fvD~9lq)=kjlWi;Lu5q3t^JUUx^N!*Td@hLZ{6-7o!%F?ZOIqP~nY2VGUt&n17 z%VN-4ePe5=q3#t!7%qfnWbT^5m5d=dx-(2&`fBCjL`+@q$?1f96X`A) zW$M36{A6IcB}?kCV@K2YMK-@EEF&(9(V@3WM{$i*eVFZ@8zcXGC3(opY-s|HLWr3P z`O+QoScmUYY3FI2q~CF5!B5PPjyiEuRLR>c+-x|+)QTg0z>!o`dUgp6O*ryp^Diz}NRP z$~IKn@EN3+3imZoz_N!S$q-v-pTsP+d(oe+QTUtWqxL~-AN~KT!ys0|gg=E~-(8i9 z#G}qk@~kmSfqm-WRYI$&qSQFtaVl_HQTh6I3BDV3J}7`5QXWj?RE?Zkm%uok8|aS4 z;UU%ZPr==-93}S;U)ljlo+Lc0Uep*4eL0j^x~SrxbS{`CRm&*BnESFMoA1)Fh)L)w zgZiP}NV^ugZklFfjIz_6JQd;B8#6ZPT3U&a1pXi z{h>J$8ri?vftaH*{hXv-+DSTY@>}q*{~P;+9YfxDR&`*9h@4%@C=B%-vNe`5KBL<= z3LX7q>1yN_09@e=;wo72c-6o%K2GWMFXPo&Dx`|B~ zyB3((J8qiL(SD=AZ*W;PJ%RwBnWWCK3E?HmG#jHPiZo6pm9BgrlX*xBT+s-2k8(S% z7kK&!JRm8-fq}>);z!k9>U@AA#ZfJ=;b+oyL6viUpCTio{jRv>F49(egGiCECs2ub zm&s}3Nym7Uy}PfHf`+cpI?a>#_rVmFpxdlLr&D>hoin42l-x*v2f__X+E{fhUBTnZ zp80oOQ3RXaH>L`NRlBpCsb#h(24iv)IPs%x>SXZ@wt>J42XP^l$bf(mr+WZkd@%zVA>Uv zb)n(wv0?6Ke94*wyZvH6wk zFzWsI(X;b4L+BI2g?`Ct&PGn=PzgI#e>{E&?Z$&HjzFu}ez~fAk<$^A$w?03G9 z=XdHYfcRVNHkD;q)}iR`lZ)%1vSnM36j$}Oo&}>4B#${%c49(XH-%Oj9Sr}C-${Y! z6>S+3iQS0m%D}Fc5MGiRcqx@Q%K9CPGW-!*ct%H!&0!G}n}Hm5@T-z=a<-kl0mD{& zF@pq&uQ7m~c@kC)`i%-dT_rIAFS^VM- z@_LDb@EH|6Q*m2PkM54hF=)oQl&W7IVzm^Nk5O+r5fh)!Ha^VVe<%EI^_4tktmYm+ zxo0n`<#6TdmzPQTDfY*o6H$vZ9TAE(9&xf9zl;^wB3iU2!e*XhI!Ub~!g6 zVc+{?dSppkPDh*KoW)kK=OWM0=)Tha1a5=iE6c@T3ofdDCi{xHpoK5`f0PiRep0Po z?Tt^_{E=5Y^W#5y7)CMe(wjGMZeGwI)Evx)G22PjGVtO+9;F;FuJsdUx@2S> zjT^P7b0b^lWTYEmOD}T~`5Zqj;9Sp(BWT%xzHGtE&}=e@g4+{k@uH=34P)c1DerBf zwnG$+nb5Xj^-=+d5F%a4c4J@y@tLDDcpxOKU+j!KGlxXsIqDm+l|9v3LiEfvLJMm# z!!aWUeSTjUkIFJL1ImuJ;D_*$542q64$A{l#xC_GQ+fW3h;nu$=)Um{VJ!_nTJYEbKjLjv?0Y8EJm%^6YvW(gl{= zQ0*OS_$FuyYmy|-7U>KKa=Y$HKf(S|`Rg4A=GB996rInw1fy42kdCER0QDPe_WW+5 z054=GXN4%Ofx*;D({1{lmy~>-kB*Bv8F+y?a4(f1Sv4+O6B>>>4zamme>q{V^7>3&6Rb};0m&z?l<7+FGuHcK1#r4# z>o*F@#X=E2;7s)OV@_%8$wlb@l`QTTMQd^JB6z@PUhhYUC`6%U zcE-8=J0dX^+ZeKdCCNy7t+>cq2!+eMk?A%TxtP+eqsdtt#-7)soWO6DjDQyhSmKqS z@q&kg+v6=~kw`W{W+3>j<+3X&&4EMghfj4GIa%cfh&(Q2>iHf?2)lx@2)Tm_#;r$q z&CL`!IOM<=Inr_Ijpdr6jGf~0r5o9(4Ya;e!XK(gXBgpf_*nVKGhm6mP zIEY=>1U}pPljpj`e2BTjidPVc8@Xj-+UMS-53y8wD}%vP26@i8&MSLb7aRhnY?7>!4+maWMA;Dt^IaK!PlzwW*0lDiHH;$))ua7hZQ-sW*E~2%&LOD7RffI;+MA9#%s#=sTVEd{CbaWhkKzOg}z7x>talHJB2jXJtf#Chb5*0NP=nD?#`Z+Rogq zCvAsd>4q|&!};%TW&TD5X0NBSND;vgAT;5-^-z%;o~8_ijZY$vy8IP<|9Xso@d`yy z;+!qd#QnA-rhH<8d%<&$z3=P&k_Gj=Sk5o_M6MWi>Up=;cOis9@Mgu74pbe+dl7xW zcTB{;y`GZbV5Y05aMO~+O~W1uDjNx9|08ooQ42hmg_|Z{oxnwYDD}NVNhvrB`-_Z)#hcC z=c+dy6Zy3!0Mu`y0rK8Shk*3n>$pjSOfd%4#>>;vUrn2~cux6T9$BZD3pUZ;Grxk29|4`J#12D(E%sj~3xi&-6N| z+H)Q@ni7Js#QS*YutN*c<-8Y=s0YZpRBz~u&i0LP(_^g(dbjQc7!-REOJw(|Bu=LD zI9uw!)FL%jwQkzg1TySCW98fCUy_(x(^B$viR5m3g?If>%UK^u4tbl--OZAUpKk)6EYw% zMDXHVK4Mth8F9-wA-+XRh0QMcW3*JWz)&SDJQJ3o2=fZD4gj8+ro|7i%-DL~&qzAD z8gH)O@6oXhL;brw*{*V16u%~EoWc=f5ezdDj{SL>JnzK-trf6IJG6^U)f_JXH>MPT zes~XGL^ix*AMO<}w;HguH+iXW_CFh*60yT!cwTotmi=*ntJYQG4!oWXFMWQYUh@F- zbuP=B9hU^Qc^s@{)PYI6*v=@eoYeb(v;kj4O=2p~_Ji+d@I&Bj>TI^Kq4Rz3Cqe|a zy{>kOp-bPhRP~??+;2wbOxtZS1SCNe#Fzd5r7(<=D6HDnR(f99(G>xr1#O3jvfS}h z^=?^#F8lV*ifF5S|4AkOEf$3EGOWH`{K-v{hUv~^T;dMixyF1#w_cLtp5@ZKmq0Iz0`POQ5xPP*V)DBUQGjGqo0gh|x zT=u!(6VxkZb6CK%ahFQjn2xjmU6aD;Ta0ndLz|76QZ>sw zo+zQDqz2|h(I|%SHSE~MJ|lmR=QJ}OsLw+YCkQcn>Xl7=+dNtjxuWY3$IKb073Ckzh28JLeggz=H1|ENq zm61S2)oxJ*+ZVBYv9{1uLUJ%7q|+Gj9iy?tJ)GEAwG>fVm)mELg7&@qT$a%n(YLz~wUD^**-+s2& zZ(jICpD(4vCI;;t(rpTLA0>(iCoj?wBp)tD6&R(3z9lJX7RmiG4NOsBliGHbj@~aHlPuajSd+lg?XtBs@nXAzQnhKDSpO8$#L$8i74*;1bA`owJCh6f zU78C7l1wh4lteg-^Y2&|&2kmt^*fvfZs5&CYBXCcZApL~E_0ep^Ax@`Wky;lECf>m zE(PCjm#x1(&#J;n7Vg36oQ)t7#}?ruQ#Mcq|5jdn8d#iuyBw&`5xpDkOqG+#&>**p z_495OMu8dk_4k81z*n<@>NitLj0{{}kMRJ|mq6qACOvS9{a343D9^dQjQ{b^N?8nS zEa-oZ;OnrSgFx_ZRiDdX!exSu$B0Aj`}x6((S+3ba4I%LH-4`2lcV~g%VuhR&~UGe+@Kt zmIDluCg!qxgX7Ci;HRg9Hr7j*{m(pf-&$+?wKEIdT9K||pdS4wwd)KCedj!h_sVh| z)1BJa*r+K8Ed7n z#0r-|UkO1ZP4<1eRYyDKk~6Aq2Uw%5(0^U9iO`^1o^se`#sI*o9@)+>&zaWd1j2tU z>Yqpy(HZgoJ<4EZBnrbig-rX|!BwLQ;{lhAKy7D(R?DlI!v>)JY2!g34XU)$QSxb2 z;;w~n@J6x7+s_09t@N-OHmef)`qmW?X4fT(*H00WQ|{1_6Ir|hNt>yKb25+NKg9pe z50;BHuVIt|_)4jrM~N07DKP#wy2tll5sB3aq@sZNuY(O1nZi20QqOm? zXN5rl@}@gnQe%nD9JGy}GT>dY4YmqEA8N)LI|~Db`a4<&$x>kQt?9^wqu0Pwd9jnc zI-I2F|8^KV;1Xrm?`bza#hf@x|Evu5^|D$$V|#@>`HHdg-+SO+JK;a)o-+RQ zyOoMct7XlD&~5I%*Wa2hD^zw%@)coH|LYft!tF8#{}t-~rr18D>P)gT4y)AWI?AMf zIwIHAS?@66(N)k8rs?$W$^Xy7|JRLeO+B5lqn$tQY*vGkTeC7d{=E~cTe{R=Nq>jY zkw|K<;lgY2JQ3f2y^%1lJKuCr}!ctO5gZRBCu2!+w6$?eE!v_XT$cGB3`v2E?fjcwbu?PjMj8rx=L+iqjKXZL^K^WNV*=k%U$ z`H*KXJaf)x%{9juGr(j>8$&9k+Oyw6zi9;Ur<}ZmYSK)8LO{{|XS}1(8~H!>?K9*X z^%ujZP=kYKoJ^KI#yDJ`*qV8OO4s#ZoH2tNAx<;DJYsI^nfRaRe9Zr|HG?hBfG!Xw zO+P}TI1~wKqPg=doHe`J^(mdGep&vlTu4ztt^41Pet^dR>KAJ|q)lUh>$CGyoe#OT zU&HQ7&GIbuh#y2GtdtV+kJlCeCr>%OdX3OHcHcAww(zh;GX$cQEy4KW%~g6(PFA^J zHkaZB=lS?(9Jr&Msc>gUpc1`%4K|oOs_95r6-Q?OZ%-B;{2fv1>*2_s#Y1f$H9GyG zG<^*oG?8Meb;eprn*Morgq=dPz?-!qeyjwKE{7qBouXmrr&}0 zT7hb9vv09`tkI2x;4iGIv^0IYk7W)e{C*gNb4Z2@_) zkKt1)t^SGz5dn?0?4i3nfXQMeyO)Lp-pzdq5ex-GoiQXWOA{%f*}s1a%UhjD^A zIL;;;$26S!E1de`U#ksWeVT4gPh|hkQ5H3@Rrtfs=$~;S-&fVOxI~{?W1-aQ%?KA; z9C@7oIz#<079RjtAq1TtVsh?r+Cj+RZL(v$Wz)rQI9Xpp|F69`gbcJe!eZ>s_opU& zTsE%Czf=43i^8}~@?UE?M;*Z`zuL`e|Fukt z*ym=h>7N^<%uICDm*T^trJ#0kfslpXT3=^`7c7##GX)|LJ|gJ>oQCN_4848CeCo*~FUn z8P;Y`d5VI+B|pkxEZG0!HAA39K+AvYgO!rY`x&%ANNr4vM}R*z(2y2{AL&-%uRuke z{?8FH;WM~R-WeJY@Xc7?(Ts4#-mT=m+#s^64p1d0|2t4cfd^&%(-cC-RE8iF zbe$ThZyRZW#KF8Y5;d3@|IZQS(ODdS`n7*CCBp=r&oyNWbYK7Y4PB@8G>%n;FEL(M zS@6$CQ!v1fPEv|u31N@~aopkIo#}8}cOZQAOx&mc$J_V}DcM6&eyk`?KVLNv-c#vY z^ZFBt18dC6l*6dbhC)g$|DU7Hqk%^gorhEVR?ahaaH83D|Mk(DF;i{CN?fnpA4@qQ z{GX3PLn;+m(JE%b4K6T>A)9*p75SG5tEY_PKZ;{9C19; z(@ur#7y6rOh8V?v1(XP3#UA$3PXtx0qh+cMea^GpnU7dcz)$8F>beR(Mu<-To?l`> znf%_n0!7K9;VMoyRcJj;exnl(0y)Y5pCh=l=I%_2({z85I<(V&jl#2HtWx+IKKNt* zU(p3MkSq{CEy<#21H9qI(88;%9wUBT8XK z{J|wfUH`W`a&q#&@&)-4(O#$p`Nz}{3mQTvRS%AT_DKFbf(c<=b{lQ&8)tUStrNCp zik`%VFi&fp#uqY$u!JvZ))#t)E_(C?s3syMv0GS1Q0&;2QG*GSo3Cyl}5uN6RR zGj!t1iG_ojJoaWbjMEDHDZ1})5yJ3+rR3l&Z)eDNH*(Q#pt>}{(M7ne@0oxX}=z>Z^coPcZ|&{@?nG3jFgIEe?i3ZO(zYXFFE{ zACte#-Q2i$zig~+y}Ql6PlpS#>+UWwHm^JN!Bcmu*yU=x3t`DI>bzESP$Zfs7AHkL}jhfU{sFVs^y=zhw9Nw z20jk4$7TsvDwlFwQxC8jjQig;+moO|eXiN0oC$HTY`kwQ4DM)cBjHRrY=U2Y2N3$C z-c>V1X@V~hv>}TbG#RQ`GkZeKXUwBC_ytZB8M-6Jr(9FC)7SX%r}U++Ob_r0yuoV1 zf8lf1(Tq(Ij+aJHZq4l*elKT#7s#B6Zr?B?iR~mgv15FA5C^TQpE%Uef)=gRCH?&O zl^1~V#}k}uHd=K`Su}J_Pt0FyzO(my;Aif?`t}k0#nvEy)R-3vYF*p8*1$8 z0KB}Syva`f8H+sVt@bc4T|@2e@1OVqHFpH zVH>`Se9gm(dG5`WkiWs8Ss*U$U%bQ6cQ1oTx;*KCL42U+PnFV8p#SsS3<+1g%Z(w$ zd}m6sxL~J{_v~r`#K~-toVQ*+n4OBa$Cux^)Oqf@8%Yf&MNYl;qWIOE6ldS_lS(XW zK=Oyh@twE8%D-MIcUF(y(OqYO@-$>Bq^?+&KQ}wpDE*=urxv_|N9Z6?8F62GghtnODwwfTo71_UBnO7tK8(M< zjz|giHSxic_&7M_`K6(^Tn!P}ciyQhA}Iq*-i4#)I6lxFuq^SH-O^WgBq_5kDg1o@ z4l57=F}$FmA4_`>MqromO}EhyU_z z!iTU0SWs!C{c7zM*0h^R6v(yZ(-hlOuhinuc%xI&zA{Sg!}Pt{9rRmBlmY`s z_3St}u} z`lY{CH+$YJ`+S;+Srs_=dI85m@YGN8zP&=6@o4H4Q?gc7P;73&Rj!HZ2S%e0h;m{> zlOkS4lfy7LLK_*vJR#E_%ASKTj;*P;Zq}=C&{lh@J(dtzZ{A85^@#zci;ngdgIgmkavgfPtuBlB~cPc~a+$*FKYb zf;>l_s~f4Y6E&GU*$|VSYoB4h%^CNqUf64s02jw(n#=(tJ!|5{kf>BqT+w&%uC#+y ztSkakqC4-S7!wST2uMk--)SJ5sVyOr!-mf_WXNTzDqAbFn%!3W!66W6hxgm?e#3oh zcUAJo@orAi{;(f9u2IKrlXu!svW+Hgb^eH-oY%r~=V>o*DdhPuSZ@I++@l_vwym^t ziP?F-r};z5r}SW%3!QY0)G=-Cn|r-D!IT!FS_=PQp-w_cJ|n?AUu8OX+3l?NMAB!d z3T^|59gZcP{=I<3k*4^4YV1It*^tXT+pQbW1I686Na^y0K|p}+6cov$FfX=ZBD?jG zrr{_5k-q?J|I1(!LWIGysdw^$;3I)^M-+MT72j(xKfF*&Cb7pQCXK0+Nta#s)0Kzf zUttbA_BI{6{b!FU z2y{T^(Xoh24~W{peaM4kH zUO$DU9p!HltExJ!-@nN#NMTuJI8UEM`BuQHYL>N&3ph7GutJE%kNHzDTlr|;?)p+; zd5G`%dW`vqM-Ix^rFKcr`)ND2SaE3}R(`x9axZgNMqEl;Ar4`*V?$h~*(?VgB55-G zlPMy`8>30TqM%vhrfq+~V`)CPv4ff}me^vvQZ!&*!>b~v{JqKZSD_l4C=3;cXaQOB ze4`qY0!`V+$<;SezC4m(d4*w7@5A^6{%j9;;Ku4<) zXGh~6JSxEqrH!E?*p)f01EE=b~O60ug+w!uORuW0~UeumE!o_=MIV;T-_co~_ z2oHFTW?L+6(*G&j1vBvjUMYT`W7KlR%P#skPMa_K^|&`bqdg^E1VUv$siMEr4CQr( zqM0&rB_SCLHJnNC!Ru5ivtMTWPgsA97KXysdSk0U3)9zQ^#*vEB2v6W*j6iJ_vL{( z=IMH2ACq#Q=S$XMVXK{2AS0=(yk}wGz`#>q@JXqkd_}-<8smy+^wHojvHzhmLw(Qy zk$vkb&i%5|eG1s`VoY(~b({~T;pgLA890y-+Q8pdma){(z~7Nxg(} zoJIz2XuHOqw__fD;DgHNe!qLLs6=FIrid?C>cj~m0=*NA+qg0~{Qd8fO%S8BSe_lATm0ee&I~eNWE!~1Pn!R~Tb&u%| zB>bz!m+2-+vd-w75%Q4BU;ACDqVDgH#`Fo`YHb3B36l+uOfi=vv4UYPOQi&&Y;JP8 zf{}S6&qXEDu<6B~JO>h8 z4FfZb`9|S-vcD+PhR{kV#H#E+f?K?NK75uuUZLUj1FI$^t$l^I8{g-={h_s~uAs#y z)}O4%8~OGwphdV2cd8m>u?y0h8O_;+$S3y;7=1%i*L&>430n0X7a9L{ZI-+wug>AK zitanm*P#8eixFLJ2I`h9i){0|KA@m6`kzpEQfH!2%-gC!@w~;v>lq$nGt{u>CWa z=j0~+-sPivtY+Vv?S3v_NPQJUmRHcfiqc?7jru4aWFD{TPrO1)7j5^dM0U--uuylJ@n@2;7#SN-mtbG5uzQe_;Nc39G(zBzvFA8 z{TU&&Ajh|BHRT;Wpv zH@q1B`fkS~stB_7>CVtVPTP63*czPN9-Tr%sYqF+Sv=@s!7wPvUYAjkA608*+3;#`c5@9}lZanj7Wu?KThS zcbyD>F$xH+;h_*jG-VK#e6>J**ZOYQ29kA|{>YYB7YUeRgsFB*I}691@{~SQJUko~ z!Q0p(l-I;_$y(bqpoVzF8^#-V)_K}}3yx2vRh@@pP=XnV_ZT4W7z-07bkP!3TN4ns z{wNE(`Bx<=@>&9MJ{0ZJhHE@8+#U9c{}2#=Md$2a9<$TcnK^)QI^LNqes!c2rMROo z$kd!JE#Ixwn2X<2!R|*|Wey6r)5Wm5ZDKG2 z5>s6L6;~Le)LJRLYTKZ3^~Lx^1fK88`jvD;(UZwH@tVo<0PTfTW-^ibCaory%sIh* zQWQY*nTd%V-!pOBddwp3GIbnE0CqOLz>Z4pv#MR1N2_VO^e7t`3qzp%E8Qc%DrD3o zW^O~8PU2u}a+YM4N}!N_UVPGbhbRShyVxMpN44t|b8w((ELftJ^>7+$8i%y#Y7XJJ zBp)it=Qp`qeMYwD2L|Z9J(yKLI$jGzOg5!1I0H4*`Y39ZP$|Ld#0a9nwQyE4(^VvE zHB=SH=G2I#7dQ-wgJ=V3Z|NiAO+u64NTwXgBqpH~RbxQ*mM_vpSy=oSMStfre3hS2 zAHLJJ?&k~sr1NMaqmV&krZUI*T=6F|iVHKA?KmUzHI~*D-|c(((CWG){j+ZQU2~ z*LsOA?3-|MEx_K3!K`nXFE00Rs)yXjB*XmuU9|Lt&e#qT`q{+jkcciigds9*IBmmb z3{Rn7JM!DI@W+1kQfw(&Rdqt@hVfR&h@J|v?Wj0Q?UV^sMnWo0P0O{^>Ke$g!G?V9 z#ev~j!drk_K^iB1a=c9vPO8kI2c?Aob8)x4_|vHL$fn{Y>cK>0C^dS0z9`WinunLh4)}Ry0-;gNmC&uI?56V-9()QAVK|BM(pOcbA~T zv5;5|w=|53g>vFo%un!T8WyoQId{rfmY=1Gp{VP?vFF)w1CgL9hl z=gd3|$Hh=in6meQYn=D#y~r0Z_A(a5__Y!u6Ksml^gei zlDy<*DJN$RxnGah$RW?I+<5P2+%bf?l95ZWybzvpVA3eGo+&OJpPSR)dy5hL54%)X z33w?Vrx*ntXQSC+0Qq-`Ouq$f`ZdOa#rDimGks?fk zO?}ntJ-oykRjwYvabe~M2pf(*YAE6-jAx8yw0`XEm^FT0cqDQS)S{0Etn@t%b)gt^<{rk5%rI4clIv`_+Aw0*AJ%0W7eGy~A~~ z4w_3TDMYOkF#@gGr)GJ(8TZqxGST=Arg@CsFpH5H#lpj)^$mh^^g(vimO>yTcB%G~ zkvxI=V}8$;M}dXcb89D{>uZb4wJvW5#BGf+ux>s9%C?^=ghkD41D}gQ0Jm83D$umo z0{vFV<)Xm{)9|Ly*Gs{5D9xhGF24w+K?(*b;7IU_E#dp!EZHB4zL}NZV{63VS#vH&QX~&mI&C#8$-I zyrtip=sFv^Z8N<3(O9QA$o6N<3b-Y8Vsy)V{Tq5o5b(Y0SoRM`$ND4oNW%$5XHcih z80g7K|Ed!bNa82OqVPn+;E>L@$o=5hgkzMl16-%=Md7vpxisEtAo!$C>qlV9ZbrV( z6_>rdu)w%3^AE{$x^R&Y)C-0|pvCtc%a+nE9J|zW+FLvsa{w2lE}5YkBS+CYiWEqH83y?PppiL zmVp7SvlEq-j-YzQz`fp`*={_>EVqb3A}%pau(~P$i~%6=#>F<_HBh#zd$JHBBA>d# zb`rm8wP+Kf%;24V4W{dMH^z6Ph0h{I$i)t{Ve5;j4@h=3KT zAu^NmpT%oMAMJoq-)HJ zX|Z#7te34*)DDvnHDM`MdXTUUPk3M z8reIp5PDx;$YOX+TqNG+0xFi@Mb&q(Vr0oa}`JWMl@MI$APxiqxeh-Clcc~Man(YN&DkZ{Um zm`Dt*{_||Q*01?GpoQFx&M(U)C)m9EplFtuX54nRirPtv)+m;BqD6AYpXFg~{oQ+X zpNSckzL1O{8h^3w2k1H(y%D=N#3r3F(AMd}b7?r{?rv9!*m07SuU$tP$QCWjL0ZMG zMCfi#B*sN+eMi|DieEG&riPMrpBp-c!RuztC?4bRcM4KHGt3WW`gqW6!6C_yt855k z+8m=B6iD6vI5@TuD}of6gh3#dEwu5`S8$-_^oD6namKYDL$IQ5Ae?EiV3&@;@o|)4 zqXhbu!o>2bEGypk)Yy&Z4gJUL@vw#2wh`-IH8#H=VFeqdrMjJR>f%bBLpD5hiN*4L zU8m_(fF3X}qh+@CYdrKjDZL^v#IL1jBxP;-ZV{ zK@}GKL)UGIoT9UWu7?4rwOr_!l&gvyJ4tq z7KqnfTY_RYWbfvl;V%?7y$!C9Cq_23XrEz`Th3%=5HDTksb_V%(dS4fy*E|PXU8OX z`pw*1=yE!kE*l6{qL4zpo8(dR+%Fqj=6g7a&$4bn&#Y^GzPLZd6VKiOSnY`|A{ngw zge$?6)&|+eu1B;UwDhT5%uPtVa`eMc&=KT`fZlTr`2$-oaF4GUYB~U*X7wXY+g%Gm z&f>(iF}7zi5;E492b}x$(~hxP@iJ3_OmeYdSZjqeEp@!8Y=MC%X?%Zdth1;*20N!g zKFeQdtb?jrZuQWmnKKQp^q#+N6A&dT4xk{)CJ*gQ8rh0wjnl-S7d0S@%@e)tRF;}f z(_BgT*51*sqG<&1<3Sl&?eP2&LPIO#Eg86LBn9%tWF4Q$Y`xqNQDym9$1-jCW3mN9 zsV&Bt5-*cS0J8x9-Mp<@^QNcEZ{G_V{O}AnB`xn8s6O=L5J+fld)Ux#c#s-(E8Me; zJfwfX4uCDE<>(N--6_j4S|TXsB1Q?8ZoXp-P3Hge^~xj|k;;Jc?yeNKO7p59F(}8h z#RiCgqOk% zL{_saX-Cua>PA3%HI3{m^V#%-QBz=p0zr9DM14ej6crPGt%B& zG&qZqhz-xo(A(N~0D(Ka)e#(VR54SD_E9>WcYbu_B9#L%rX1ZGYWTMev;6ydzAH7S?$ zTe6DA9VqBgKPHE2!_ekN-SqIgSIC*4(fN{-o)n!ikaNw=2{?!@yk+yP;1+q@)Ps`+)ta)k}Uo_)_Ip41{jsn{jsi*K5rIbUAh8g6L~V3a&`t3SfA zkFjCeW@RU-l4+}${l;F#YUa#|E9@EH@8J)jqh|ftc4cBn=ZZ$&jNNua78?sA0W5pL zA~{C1GjtcxeU-9K#-aiDSz(3b?OQ94R&M&ExIfbs%fk7SX9~7L`tX(f{T)f0(uIrw z={~W%m@V7^D6*f?Ug;pw{#B{hWik};wtAoLFpvSVkA;FxP_R%eB%kC+razRka(5(! z!EGz2$a~o6L45SSW+y=$)-L)%lNdxDbj13y0I^6foB9oA=M9))Kd5@`<0bBnlq8I5?8wk8mb+&{UGl-;t=z=#AuhO}85Wn(^M z#A|mp6nG*|o6j_`LOY10xH)^jwZNm1%9-4)ZB%Wsqz0?m`~D)Ymg;SkkF0d7QNOfQ zR`|BDu3j|5ifR%U0)b2g1rR3Wl=wr(wUd~w&~&)KdzgG06V_pLkE5oc_T;Yf(M7yy zQ4B!3kNCT*rgpevk_u}R@A=F4MOHrdAU8TA{EG@q^!OHf4sY?o>_m2q*L-A5L}0lH zm02@IUu>#rt(*zy1ZmmS4w7y3VUmCH506?FUh^dR2MmwjpB!$E8j|NbVHk1AwWxNg z@{9+2eiPomTq>q!%FJ*MSKY0UbL!h}9PS5dhF7vi(<{i1Sy-kLXGUCq!tX_15-1R7h%p$Gi*^gAT$IL-i+yT> zkJm8a7H6_)lOckY8uH*5@LU<4kL2vJCP>da3r$PSKU^;S>0xX|gj`>Ui^Y}xCNGIe zTr9)&J5Y{@XkFH%ID-U-snVZDK@LR5k`12`CIPRoR#(tT6DfEeM_SM>zb^VpcQfgr zRW}j8!twULmwDD+$W~zH(Ep+DC8B)Z6ZcV))6P#HYxy-3`Z~mcU;}qq%93At^J&uE zC~U|i;DbEmld*h1A5gD#`}ngiFk*?}ew!MFziM5G*QW(lpxx2CdSYPqC`~5h-9+IP z_NM-Y@LK#f(*ZCgC@mq!DCktG^4{|EXq-5>`P0M6>`X@?ab3m_yX)?;lgX$L80xr_xI^<% zp#Ek1GMm?HSCLG965C&ra;zN^VMx9`!wvxB^T=7N0PnyCFxbV}`kmFQdlFjpIUT#> z7X2LaG~g?S0v`j?^fbm}Ma3()naMPZk7dp7Hpl?!qATrTzJZ@fE_!8l&i)rNaoq$D zW~HgNSp}Uia5=xyxNv2Cxp0qaIAi*pIopY?zXbUGrEh5Zu=Cb+{gHoO-mo{QY~HFa zN)qL5@3AsFJWJ!taO$SWFYu*?!q*uNLnD2XSrBVT#jnxd%+*3`H;LN5PNSOD?Rv2{ zWwKlJjI~Mig>t!jGF7tvysu%##^>&C)#d@cB!ea);HB8loN}PY3k|6BwIEK^4bK*0 zOi`%~bp}MBs3Be^ZXRPtgiv$q2lV#twM#x)uS`%qMGEn?r0yQf5WR#SGdIJHV?mZ` z-G`&9&3ELZ*dg@KG}dT6(P{bBc8hhC>NXz$^f(ePh~LJ@QFY5opSdD8E74h0M49Q` z=v@ZvL?#eCDHx;EH0e3pI(~2aV!lYe(0lPkQ|kew{V`e%8*TE2V6q&}l8*9Rvd zbB7Da$9dPtB%hDkN;GM*$5O@}}uPTZdosTQ@F4mhd>^c9vYMiH>|{y3g`PKkk#{v6By?f+=W~l2ORpgO*S$K=MB|Z3-uo~@ z9iwPkw+mv#HM=ZA*)(7)9>>ar#8w=cnVe&-xs=o3`9j6#39<@rR-%D~Tigwy`L?p# zCS`j;(W>5EW!=;q)&d0;s|p<#L4_e04%*2}mCm--^{AC}yW5U!1yBvUy&V&=!+7QL zS#&PHc&RvuXuYsQ*VrP27BF_C5N5`{TdmqY#WGrZm?E)=_~^M=`;m^Grv|=Jm#9Wj zTJM6Amh;ps`NyfbcC)f2;x#4&+6deuCjTcnrJJbt$m}tU+_E;@-6hp{+Fk+2G0``` z*e`K2#=@uDQ)%WQm6~8nta$k?Gsve3E8R%blnt`K1*z@g?86(wuH}+aXwTjZr5YSW zxo}*J<;6XDmznOb$cy~C@e_pO4yV0SF`-CyN%g+ZCm6b2?Klr+=PFJ_;%f@X6Yncp zN(*Cp{*3C+aal7N9Klr8AYK~XjzUiv0TZKbBIDmZx+J#t@Q>`@M>jSW&vaBA<{`HJ zq`s*D+G=Y#p!g1pIB+<5K6Zxh``a|fG?w`m5W%vlh!KUWKI?vTVYNXYUL31{>0{`V zPe9f5afKJQ*%cWxhsz#e3NXsDVo#c3S(J&4ueA-TVn^)Xwcrs=j}Wl=b}Ewk05P$W zR;+w+k^|LSLldbhesvHcp{8Y}uG{)(%AC*0(jL4JGt#2Lm8H9a8m^SSh-C^Fsyi=3`O zUS=}<5I>aVAI3Ajtc#8Bamr<#se!|DedL}lI2-DXmLG3tc{Lf2zw4A5#Lmswd6}XE zmnVLs^zJq$`j3s8U0omVsZ5&CVD*nMLe^(~_?7xbN{hu&eXP>(%1XjijatR6Pafx( zL%F$c;mHuj{%4c$M3Xm~M$2_!xaS>`lWw;tkX~O$)PF*MqH%o9Gjx!;pE1UkdYylR z!fdwgz-*ai&X?NU`;KkrWY398&M_8Po%CA}WanftCq%cT$DV2yR+42XRUbjXrftBk zK)`#cSK0+gk=#r(ze)0vHk(HZ@8&?UpDLs$61R2_$=x;dS+y)#0qWJa`*R`hjn)kt zSp&6b%Us;FDX&9(&yVPYZZeNK1)31<2{lX zjEbG0Z#-vY=N17Ca1}g;t~zicahSk__;(lgE4heoMvz~gAz?`C4u=N5^c6=iq+8GO z)F(!n1_P(tu0w$e=!5m^C-=4dNs3*PyUwI?l*G}E0o)_+?jbvzT+#7%=Uux392vu= z493HD7gg>4BWX@Gk7XRsvvF*A%!Dj!lUX|BH7AvJRs~(7 zB^iJ4sk1!btFJw_*!|ST#7G_qSGooziMhNBhL>*F8|0_w8#gY)53cRT#;5eQ%w~36 zKTO>;zK@vnbj`#VQjI0pmQFk4Jr^b`8WHwwhcM>-#SmWm63^3wxH9yuT5%5AHFYua z{5j-el}F!+kGcV-&v&5zn2MZ?>R})axZJ}}iy8`niGRCd4 zN(gR(vuBcg&Z3w|C=yCiOh!T0j$#KY2=HJ#nP_J<0N-j9CMdR|E zgYA_IwA69P5rZI;vNllj)$G-|mi>JhVzy!33VvaTxpwVa7ulu}gM)Faj&fU*U*9FT zFF=~UXtsD$0o!oI9$1Bw>9^Ww6P}Al28d5OVrl-CI3=BevI^QD$ti ztHRGT;^Lj1^TK2uBf!q#2s9%?Z;D{(^LRg!X%2=_TtV=)lN6LR%VcY<(ej2r&d8%& zFt#qUEfc1WCP|H`Nyqw7%rgTCNUvfw`1h~#3D39;7+nR zAUW8P>tZ?j$+EAvTRV!wi&gqN8kMgBATl4QZ4;gDzC9oXACu3HPpB+ZzZ}5MxXSQ-Pi668A|&YiO15sNMJ#1kihFg2)?crp$V1ucU?B8k z2+P*=`+qzDCG?TVkadVp?svEVB1jLlT9d!C)vNxfLZ}IxDa@Fh#ToB0zSyw8bzd2- zkFbRvac^J>@)vs1UpYi;u4rDw!wVK8R`{4Ct6Y3yASePCr7CpQI0_t_7^$;CynB@X znx>%rUeL9Reup&|(C$;%Ft}_~cVT!27$F5m;ebfxl<5IF!bso?nR@3zx&#SE?SNdo z$KvDKiU^_SSEi}0{<%DsHjcL-z$X&brhQNN9`fWF9x*ZX>Y7w$tuUaX&V@lzFtwqF z)Ua5(#3#VRI2o=$eLY9An|eAb0Zu;NQ^pV#-NamMVs4VZ>h@I0ZsVPxAeOnPT<%y1Y&(h(RL&HO65%5q9wnI)LeBw1+TVLFh#qJLPi4pvl;)RPI;iDNb5D@j69;`noNa^Nl>)WC< zjvouc2)&N;_{-sYL{)7<`Q?0_*qLcbEoak^DjG^TLin%cgL^R(&wgb1t!cV_FzpE> z*hAABs6~w|R^uRw!rLa!EBj*F08N3um52S?(SKrr64s`g0p|2NVsUm?1)ZTODl0nF z@^@3Y)tR`dJ1UGXyFFdHLUlsDC4u@3qZ~9)1-m8k6#a04VR!o@xfriipdbVkrL5r| zZl6YFGoym_2Q^{z7&rmftnm1T@#I)1i^~?gUrIPN`Ibrz1#!GTHxER6N&o|9_Ac=8 zs}jF=-}9du8%I;jsT{w%4PF6UhY{0uxUH{FF?wk5iQFS)w2Fj0eMKEng9@soq^;Jo zAnXujjHphm8E|Wa$?`?j7j+_<|QByZE}H5y3F_=IHHe z?~UIhEF0V@f15+4DdJdr!GL>Hdm7KncPqH}5

    }BU>JkM{k4;)|O&UuWt731Xlk<2+QF?-Fb$dpB=pLa)b-5c`qjpbVUqpKbBQ zU?uEEII-&q++h`%sD>E?x^kklSDn)bU*ZHJOXECjXLL{Z;e$=g?0qeEA}ds4AV^H$ zh#fjGcQnIL4|Aw9^Hdt;R=r9o%f5){s)Ij31aS$B;Q^v&gA-h~c&^iIEZ^(i*#tG0 zodcHOznOZWkbpoHx_3uiX9_YD(A#%VZ@3Eht^w~gsy~6-wpEA8F{};UW3~GkIxR9b+P7Aa+94e% zhh2MArtv~AP@y>W9-jSnY58gs7U=IB$qK+6!Ay8Kpp2w?jOZS2Hd>s2%l2vg6u7;L zQ0$}YY3(pobvi#CkGKIg`elhrN`b=-j%m3US0E$k^=tPLjtE0t3yz?j91G9kCgq~x z;no5gR(Iv^vrZDCPxX*(-YFhT=0#jNFGqq8JnJ6UID6v1p7*JRMsGgs#4N-evyN-~ zB$0?^Wdj;Ixv0KgAtd4cTqQt(p|9Y!%OfulR`G?NJo+-
    3w)1Y zpofL^KA7lrLrCSh?KoIC!)Z^oTDXX-arK2l4vlYdb+m+2WFT6W3zKfbFv;$9r6fr? zZ~xchUOY8paq;V*I2vuK>9zbx>BmPEA4wtXuu;#e7yM0? z+N~;ooo9w0<$wWxYP;d=M{iY`fRO>_lT)8(LmV6s`Ba8g@{2?Gf4=T32q zQD>*IzeOrI*I@23ADZX--q(WG`E!VclJVm;M!~sCYyiAc%1;SepPCIP672yCDFloS zFaqgF1E*8_`D@T9U`!I!xDRG7xU;Z%kn}dh#60{G#J<9rzpWf5bVkIee>4M?Mx^05 z#)vZb@hX6(o3P@j#ib(UjbYjrA<$xu0CVyAuOT!&A=BoqNON}$`A~e21Ab&NpcVkJ zB+gA9L4l`t?n%-8rCCzK_dUEJFOO#RnjXO-6Zfy`Wf_Sn!@=SK=l#Vm0NZxGt-^D&dxnoa2T`5PsJg!_Qg26cv@aE&Mrc4^s>uH0p>m3?b&a zM<$#{eos7J9-`+ON&I~pfpvgYL2%D5pjJy5!1GuBq~XyzY@DOT z;>DlU`J>2>k$E#S*FnD>1zFYg!;m+0%xPV3I&9_h?%6hm&?fw_bosjYUB~8L19L9|5+G<9l&%Yo^Fx?qvKzN7hE^J{5fl($w~GoNH996IP*z zk;q>Cv=;Lj5s`%QjgS?{07xhk3_{va9Kt3SIJ1FYN>^T)uG3U*eAtsox#gfhDusQR zb(KQSME5htJ;XO+!#WWg5DhXo03()3O@+DZ-~0tKCarrBY(r?-oB_hmo9GTLkRRNo z{_wg1^LbzezYlc^^W9ocK=?D5+Ei&f|JKyp6^|avuA%&@(2y2x5+QnIOr;8FJye+7 zWgsTq*8Q?B7xC*pk0>ndK5d@)0fsR5a8MC+*+8}_yBaF5^P@?l-ki)fjBj3pYE_Nj zf`!MOPxFRimC9HZ;TvIlg^Q7O1}`GGW-8zf2T`ouilT17xmGd@D7<@LhnkMR8i}~? z`?_+8C>zGbUx`bsovU9TtY+Dm=A{Mh`D_Q`a-U`?mz?2n7vbVcr`C1x$Tcgepu@9& z(KUF-^@JdVs=|d*{j1-WjdHT$A z+I#W3=pu0sqHFM8R#*N>f<1l!g)Oz5@ssW;h=e1XRxU}((YS_J~ zpiIJ?mwllp4t~~)Z*z*GJ@?;GhI*~YiEH^wo(6!|A3j6D2~<4g5AT~ozDb|z^LvLF zCgOCW$J6^~JgpoX%tq@1HfYe22;*ZtINP!d3HsZ!cP|ygY9ZNZSXFXKy3033&J1?t zz$ktVMzicQEE=51y4|uaojdr!dT=-Js002c7z!;}!LVv~_itjX!nzJTc-t5wgV;tV z$__z}(8wwWOwQW+Y0vc&a$Vq%NXNpBmIX)(3tBMu}8cyay7WemWBdE_)1BcpU09Z3GLTZ@1R!S`| zrMlsb-u7>^-s?u6V_dJ1E{e-Rz0bB5&GIwOla%vl-&;7o;FYtkyq@12f>X9~f1SP% zBlIw)PC5;}C_la|_ft^vA>r;#G^kQW|5uqRz-GxAZScR%!ReU|=Rq$!kgh%a$ zDXy(}N69zFM;^LNrgK!R^7a~}>XkeXKj#o4FL=gz=h zvCABynzK99D4W?CwTRqFw#dY^IQZ=JoSzZuDL`TWfdEcaLOT!`u-xvNqN^}^hikDV zQgAAp@Q*?XjMn&puOG;3X6#@q+Ii~Z@$hxIQYK8o>owS)0M79&@DsTda4Icm`KQte z6su(z~9}#m+m28h(Ug2n6ogkAv0g!yz@bGbiZXta{HF z{~^bhQue$~xHS$ZMe8OcS<0Lh)xQ?TD^z|vtvCwv%SrtPr`ZsJ9X5}TF3h80TO-yiNR;T#3Il#J7O26tP=FI zxPkI3zBU&-KdGN-7*6J=v^Voz4Jx|>-gF{`8!}*V5Lh(`910%Smn&^vOzHU|K#~9{O0pK}M%A8aA<0;5q2=T1_6yh#1T%BeHN6$!G!FO3 z)H~?h$^9IYx_^CEQLPb$-qXT;zt@N{-;H_4`p;fvKtSXEF?^bu%?5W?N7N2U`JY+< z1ZIDx1S7k+h7m`$Psbsn@zD>W@Aw9F`_0UE)ad?;Wqd3Iv9^*>9aL99*gjXs^MU#P ztL|7D{^{?j646mezQuaXhCiN4pTN`KKx4`Lx$7|cvmi!L0=~SDTFVbjMQM#SH!Mw` zVi(&GJNroS{}F@=1ox*ein}7eLPUCkoNu`BXD6SQpMdrbZ3*v|cguAn^6{b5>$~qi zZEBiR0vB3&Gk^u^V4bzDb$4P{AG= ztubPA@5H1PD=xGFt(q#X5oi#|*kRiu~4P$C?i$+4|%w#=B z-uM9|iT@Asit#fj{*xa5hC`olUt~L(J1QIF56LkI-!aY;l7P^rL`&0xG^@wwX&@@x zZ?ovEZXM^;-dCFw7=MFM;$asA4getei@U{4_p?FRuASj{M#J&~Ac?`E>J2)F%bJD_ z_FDCA46>vWrWmD&ZUj1$+z?TN;I?$O>_!=8Wz*vlX$+PbmiXPkrYVKfcJqq8$jDs4 zwf0-P|INg{h<{Rr#RwYd2uc4rndEvl`K@h7EjrX2PEgmb`;OoJsIp-fi<)988Kekr zYPBoMgs{oq6Dz6r&nfgzGS^>21jPpmr6V^zytSr&{>cYgc+@>CDD*tKE2<9|9vh22 zd`dl4M$rJlMrkzKG+&$BDAIlWb6_PGy)94ipLqp}=u97n#>A70_5fGh@mCVe4Hc3I zRJCyAXqj+bP1JL`8@14WwEAl9kUysAvjep_bbnPC!hdS<)lI0!%nBq*f{qoxr<3s% z89@KUMf~0NzyA0jMU)~3WEW9p&^zP=tqbtZlx<^y?3w8!1ru~?mGWbMz2RTjAsP6j zL&GmxpU*;bWDT5}6LfNS^j`-zJZvY2@b6r`9Qu2z{_BRnA2bUq?O1ibQ+5_?V!pDX z>KPqPRdpJhtBG1&&Fq_Ci~nb&K$y3rj3Y&K`bijn_)3t@X}L00Y7J;3Mqh$ga_*85 z!2l;%67V4WUD7Wvm#r2&W87$SADX$tKpPDHBUgxs7-h6D zTiU2I8+cO^&t6zu1k+7rT}OJA=ms5goZ!i!|F2AG`6^ZhMwgDg=>;uPPj<|SzEWV_ zA5>x<&QN&s$1<}7fqoH<9)uRl>^pvaN=vaSB3*qVIgqrC{bl)=_xksrO!0zjIUyvm z{vkjEA@-J2=%;LFW80bGT>P2P0q_P`i>O%C)_@AGd;nLy+9$6qV#*VZF8Cw4LJ>Vk zDDJN^EQ56}V<2VZH@)QkGZ-olpz<3+L7GovLuEulPP@8V>ETrU-wW2S?T`fp6`Mk* zE9YpoHeGq66gN+YrSyRKB8TYT@A}KQLV-`3G2|Cr{OTjy50oL=3X3KD|MUw!s;TZS zyCU2)`f0KD=Yv9~CW${18AyDdIcf|0Gx4Fe>odGKQ|J9RUGRUVhL@Cy_NLn}~VzJHSo=R0y z@P8=Q=Phawg$Ca{)=2pcl}J;X*MGWh4E~jLoyBn37%ARVhR#aIbnTz|laCAqpanI5 zBQpfe(!bUE6X$J$-G^qld~a2f1g)L>OTPK9TXJnJdz(aR48XYh5un_ z3(CTaAe2)a=LbuH&ECCR|I_1c#j=K$iig@iijjG;ljqs|=`B1+Cwi8OvGW}q$vkU~ zb5Z_y9mNNub)}!H+zM#z>a6l`e`-H|bin6Xd!Uf@?NKjZz)$xTMt_6*)M9{IYMRYCM?TwB3V`Ih6jt@8DWcO!-irWBRENK#U zt^~K)Wpod*c&@C;;nPv!3W$}v+n(3{Ts#1a5pU7(6pV-!MwcX>Squ;%f1MVTKu`G# zBxsxtkaOgn8MM^(@Og!(?odNEJSJaYQ*@XOuh(|yrdL^MxXn+UU$#3~ssvj<+jTuQ zw&Z&Jrn?T#!(~`--4xZZuIik_WsHO6aKiO_$MD}x^g*a&q$;Gp(0y?+8+r1JixNSB zx@RxhS?DLAMoAxGKeUzU)b0q(mp=eJe1>M@?Rd@-ZHEJHUUJXTnv^qe(v5%Z{D%K| z-J;=Sga*T+QEGVI%BRWvP^Cn72W8=e=x$^fK{n;r*vAPx492rh+7O#iT$q7o^{qQAP z%{#ZaD%x({AyVb)_w7pNPcHHM-wFyPWfe;r-feOo8xTX<~zsg~OQmoj}x*W_PGE|JZ<7tJsrM~-1A zRqSOp7Sp#=Jgw@Cm!}41zzllFVW>wNL#u0VNIYkb`-=Vbk<)iGm?HuuWXpiG+VrIa zx+TxOY~rn9sq&0=nKn>jSi7;rQ)=8_%9@sWLQOMUN}*UZ9Mmo7heo5C$$61{c<*h^Q`ODarz3@hXmIX-R(twPol|AZ zEFYx5?ms3PUkWsViq>P~q1#i=vV0*WU)Iw6xL>G8J|9WE!96;5pNh*0U6ei=iaw4M zByT4M8%---ET+??#t}L#+XCp6pCw5U$-PLfji5y>!}u~>=wd7UR@>Q9T9xt@$JD$M z$DW$-mt?LBHE6&ZZ55?454>8Pgw1~K!p zurQ*xTkOmpS4N5+y`6aka>`VtR52zYWDWH9TzUY+L3cH#`>3G zLc*j99i*TzQ|!LVa2~v*toew2U!cju%j-9a^@wUzkf6id)fryua7- zCV>+`rGb!btk5(*Ch48XfGq*U5&HXkT4)bSZ__TFbHfQL0Qi%cQ>|Op0MKmWhT4i% z${!ZTJ^MWE*$!clxO6)|KONl^H|4*-m>%aophN2lL%kc~S^4q)4#4YJTG^+P#Q--R z0_c}B2+2jr&aAk!&b5b>z;=K*P&X;rPekD!058?qtakyC7yPVVSiGzY76`AmE$a!; zMIfK#|GoHEM|e}y(?{mLUVMcSMnw@jM5u>KL~^){IG}Ns8JzCYq=J zFtq%8oA6N+$x@tUnWQ1m0Cq}%U0UZD@{#FWo=5q0VlUbL3M(=QApYP{;_Zog;jSszRgP_K*}~>&);F zc{`xS8->lWY|{m}2i@D{ioU6V3E=y(@Eh#2y) zk_9(^zbso=nb{*U{0TTEjfYvA@m!uR5$r;cTWDQ@+;7>oA0J{O zM*n`$YbWs@cx{0-ik%b|S6kyaU+!L;AUdN6WiP>#CjRpgRtTk_o1<|LBARxGViIc# z?*$aWzfCP$i2#8IOtXyaf;u zO8_*>c^rmAXD8zHW)Ww5%@YKSVey13fThFXSUZfsk@F&ZIA7g+CaAmTvbMr3*1D71Det3 zrkI{{_&+^*2G%ov1T5rD6^*@(^F{o~I~& zK5P=P*+r{-zx8?e(dI|^^W(;8f^Sw8cXhbN*P2I!PO!8%kAMeUjq1f+MIaxY_S?MW zZ3d^t{i5QNo`sMo#MurACM2j))1Q=qBtT%)VOoZ>R*@;pb*?(Y9~YNdUi=xmSHy0* zQ${_5BH7huwZd}PGJtRE+r-O-8BBGXUc#Md@cqzn!1^RP^uhkz|FLm9O+dS8{ypyM z?)z^)E47;TtNEX$|HDf79}|61TsLRsxb}D_l|{|Wg8ti#2~xhSsj4t(vSK{QkU*`I z^?KnZx;mNXdYqiTYh<|oq7#Mk8xv0|3#klokkMlpVKC3POOrFkP+}0HEH#he@i#@=9+@kn4^d074~}knnmum@WK252#;1N zCj>PGxoSqG{Z`4o9^;LV`IIYwL+ZRT5s^BroT5=`;~Fkt)#9w=Rm4B1P;#&fGK!>Y zJD-N|pmvF*p@)vGF(V$moqf1KfdY+7-MHdiOz!cu|ZjwQ*&E4f? zz+vqmMQYMGpoV<{aOT2w-HkA|5&WqFmYr5Tv_PV-t`su#u9K4^04<-K8qSf$o9@o> z0MG^WZ;VJxZ?m+Gi{7MCYbL+oAU6B*so~835zci13?euW`SQBo=jxRgNqD2ht9yW~A2h}I)=s~)@ZPZY2PCmvz~2XZDDknxDQl5<2Q7fK z&Vrd~`*PO)2Eyrj09K(O7#EUv#y8S+E6(>Lj;RAN)QgA@EmRP~UHfIJ^&+=sb3{s> zCHfk3q)XV-?#%oMqh)~K5;lm9$e(X>R69Qv!sS1kD?S_}#t_`OeE(NQJ@FBu=*azw z&zl9lpDwc5U1l+NllOeA$E?$MhfaOmnvMrLagXb3fcfwIqr>jS*1yO1zdn2h;1{~` zks`|6jqa9NcSD9$%7Reua|ILf*voQ_ib?HZD!`_cEH36#D0DnLW$xQFs*Zwmo0+`& zV@3hSq?kIGozgem6h;6f?IMk+IVn}inl7<>lt7H?ZAstlRed{t9*HBAu&2J~uzo9q z#@7~%mPmwN@$TRp;4(hvKY`Nd?>F>ZtTJkdHVAsY_|$<&`}222a!Pz4XiM|6%X>}N zzI}lzLp4i+H-z)mQinmzOM{e|VP8h|0`UVJFc$j=M?d%a61+Ue`&=12kJWbabeu^( zdNIhQVhj%gMtemF;?H`ki<+I~Eo&ekE zMG=I`7LD%ck_H`3ub8`-ljx$0mn5kFN{koT^Tb!ChU71l&Y`Rq+a6RuV)eS0)lA@;_9-dj&y;uRr@gA&u!rc4)1dB7S>88F@xm|S(^II@|LMi} z&;Emhm43T_GGJsZ*HtiWP34OGalnJE9$oJkmZIrs^O$2j|tvu^`B`msYz|_7(SGskC=R z^#IC_DS=Dec*7MSTgGRO4UtIJ_cf5SC9__D0?D?)R{);}r}luduHH2H)lrqgq2-ny zx1%6(*CDbIbHyqzEnzf%v_1gxZ7fo6vC<$MQ7~wUeA8d$ zG{2B_or+zET*iDOUy#pBv`nO&vhfUs)Aej??zwnd?{~i&rC2?43sY^2VSgk9DiOh} zifTp-UAVs5NcSz$RzwYF4h7+Lp{TB|;aZ_wVg4lv=faerkhY2xIrU5BuY|KnH&>OB8V5XE|Rp_N6{7SkNwV#w15zCP6KL+sTaY38xZ%vf4?bPRSm|J4iqLveH~Q z5&&FoE(m-lk$yR`fWJD=OXBW4=HWzn{bQta_vAyfv;#D?+6D~t;hXJBJwn6m_`4)u zlIC&X_@IN;e!_GIy`J0LV`;DRe^EDqosj!-mF^22H@KDGiy4Tq##0i=3g#Yh=CS z#XN%W@D2yS)i6okdJ;jWSqDb$hh075p^a>Ta6>zh+gPjHJ(khm$aff8ZCv?2O7yn) zptd&i8}t_McOR7e`bjv#2OabdTaM0hvy1=jo{Spj^^n8j$3j2!b#R ztLR93!rCMn1*qD;*qLNpt%iYWUNc^#N*kOzdn(>5=W!q!5HI=bAP4kYIL3xXN?1gx z9|MIStTVXLsXS}AkdVW}0ene(wvtk7AW=jlZ;3LTEwGC3)cK|lR&%o= zEtEFkqr9=Br8F!T0qG0mv|cS0`)ZQPRW>onwN0S9Ba|X-Y{dYp2jX_|$^i37=j}@u z63IBDFpB{H3EeCH!Nm>Pk%^FubP(RBiMO7_8(7NfRx5o?EmQ1~0NO~+9?@$!k+I;F z@gqiyR9X^aC9T3>aO1jvJRu^%H|~(oPONvur5Hwtq*VsdP(ox0t~d7PHuO`(=Axj% zV_kSlkz%ZtwWlQpy;S2HZ`D}4n$rnQ0KL92)8<>^jDN|}pM2$q+UxU8!> zeo38uD(NuXGdeC+LX*(;k#pdLj8G?6B4~Iumfez|_TKMFiS7p|Fpcu-s(601Cxl}L ztzYgExi_{5rP2UJy*}S$dg1&Xn zw@0OAH+1{0UVRUFtsK+dpp;OKCDpYcs|;e!6Bje|DxP{WiH^~sFV>)UUFjTxpRyrq zUmu1S4&NENkU*~yKyzAK?h(${uFngHce)FK<%))4>UkP@>AofF!mlmBZiC?*MODbz z@W&=x^px#YxY2Y!?cEvgnuQ>(37#L>X&J=QSoMlppTrnnC%|L%E`{rL5LdEZX z;4Q$>9!ZkZ&#Qq?^#M*b>5LEfXlpy^LQv~=ZvM7XR#ZXvu2uoS5r)9`9L8B|tR!j+ zZQrWAw&=`R(TCkRTP9*_jd)=+NY++Z)Aqyjwdu~i*mu{-P;HSM(KnX@o*UHL<~vG> zc4Yr;;$fPGH$?9P3*Z$hgBO{>v2IDXTk?twHtT_wN$G=(@5yPZ!LP^kt%e^$5zXN; z331hYWC#t(av|KnygOB98FrqmLc?eU4OGYPF1wYw6*QYxf+F6mV_d#Jh4iwEj)WJ+QiA{)CHFW0_U?{h-A?%>)d?Vm#IL}>lVnhAR8FRCf1 z8G1&@d}1k{U|1#GC>lzQa-{&9&jky?g^PR{pYQNCwwig8D6;EtOw3hr2;!CX(rMWItm}LfN|3~QoD*e58MC;?2A(u zC@bMM>SWdA$@7+7zMq{8VO$U}x%jZS`wfnD&F!b>?gWLOYzqPy*65a`V{$J7HaRWO6vZ7XT*bKH%pFjuWd zYAf6|7{L8rD4#qXt*9Qm3?3}ScPw1?LUKG1s<@>SQU?bpmmTtOdm81p4*>4)Wm)s_ z{@~s5$_<#|@mxXld7YeUPs5CmcO-y`$6FL2_~>1IiuQ>-F(KP4K6N=;iQHuJsf9}Z zPPD<%Wr#{kS1yBMh2b~14a%hZ^AUdO!y~qklOWE|$@w5L>3hZ;tm0bFi<6aYpP) zt(f|?Pfk%#vTDs(&f=3ahv?>?ZO!nBCHc9f>VC#VVlT@*j?9lz3&inkdx9x5f*P}f zHEU`hIZjlOe&Ri!K2Du?*Hc%lRnyqZl87X4@9|G>WMNctCsm!aK8>{2s`XW7bpd4YDmy6-x%K0A3wk&dEkabaLV!jmMEcFE87j4Nh*8ZdUwz1u+f#DsVfbtUS_oJ<{{5$AD26$73!M`5FY`{oFAylXm|ncWvJ*3^W6*#304N? z5%4uS@}R%NzmsI33J3Cj&imvN9e*^A@#QW5-QqZ=xsP%nJx1q^zVGA8Cc(9Cb5qJo z*a079J@yrXmAF&Z1JVb2NL#zQ7#KaYZ+hXND{a_j4e*h75TeAt(2=tkOJwypA)ZF3P(3arFDY(JOk(%c$=Y1#nJI@z4DQ9qqlOf-uS9D zcBNNWjNhpW9FB*u=@G-8sCupk=k}uMDzYxmEk$zg7aIO-%%$%wbl4b8_6>OVH!InA6spq7myJ?Q{auzAcvmIBm?rq^9fgRjE1@xAE7V|l6 zKV55QhTvGoY<IgPP^(z`U%2M=#I$L$#^-uBjrTv ze>lMjmuv}L64{``F$V-#wcVS@2l?;bc?U~~TTSM=>oDcg=5`M=w&N`#1Vgc0;^ef< zP}m_$?W&R|n$nWJBZJt)zY?*9(hMLDvkd5BX;(K;|9t46xuhpH-L+D@(4(xJh_;&`{lgz_t)w%5CiVerhmv3L(2QvyA%g?KG zAP~ge&(*Pys!gYqUSrGNV3Y7*`Vu?SYt)tO37mTzIufe#gU(=vum+VD`?qsB&65Z@ z`ZmU)&!MJ;k>0?roLgGE;qoWRpNZ$41W!3ycL#jECdK}o7+i2!Tq+eyV55|<^ETrb z4-pBI6dcjJFY)103UPxMg@@Q}S6oKp!J;(~L$(CT;(nV- zo){btKm${|8o+uJ-BE#H;Bexa>y8r`P>g@>I*g<#dbv2R9SwZR|F{1N__Hw?D@4(F z2~gIvRQCib0h|&22yrsgijhQ~kZ%LWIEOADj|K=nzDGfz7;c0R=R4r|2ayVMma5iT zS)8Ug7&L%{C4U4yI1G{}E(E?_1ebY1lZTQMCO%fqIGt`RHa?qRV>An)(ct8ezLc|d zQ7Q^7F*`i_HCV@o18(cH3P<;lG!n}+U8i1bM&*Y-MvhkybI zVBFNw$z}+R3qK!fG4ai0w~HvA4=+_`6}zMdB8Q7|g-nD`6`%djN^J#Q!mG*2kzk3T zT!EZCZfN12Szfus*A6(n9Unrh&XX5V>0;+MGIXlIDaTEjaz98d(_Htz0wRNImN z_feS$`T!rQhHs~a&+L{>uf^uR z$WE%VTC=kOoOkbj(zxHI*KGVu>KGV+qgB9S)T~(9L8t&V-PhqN1S=Z#qwWj+Iwm0c zNfx{1lX7v432VS~PzwdKa~LP+Y-;$(96w@|Hf8ew;jdS4xYzaRU1tVuHS%tr_X2La zP*%fAb3fh2TO}oAsq#^XRD=-O{U)M`@S$l)Xmqq18*(-}a8 zFNE-g?A6D2@e{%lC=xxyn z2YmVo98PTK`7Rc6%DPn$YCPyMs~RN*q0yqeVabS~;3a^c-cR;lC6sG5hb+{Z!_!;j zIeNzXL?7bRM!2+{gp{VA7dv{QT2VYPpNf*LOo@j(`xNaBi}`M?V@2xu;fAnJGd8Ew z=1)9VkkYVn(b-lm7wyH6&&EP@DO7l(K=42qg^MV7?+Doymt|2DUzsmfN;<3@F zy79|b!4p?Z>M|H8sY{EL@v2uUz_O7Rx z{8jJ{wu!K0OwWB#6m|wWgvtNe7XQ9cBUUi^r#a593h34VCvw_A%lJ-Tb#}|a)-#^X zP)+Ou(zLZqP~E%#F6*C-s>=);lA@SDqrUbT+zY;zx-|V7yl%`;!Lq9|0%ms&cPU9e zFaCOHHuO~aTgkt=;on6=s$Ylalf=e97ix~TujsX_a)g9?@c6o^wJ>L_yf>Z7KIY%u z_wV~OQU#B|McwxGP3`CAC&X{kb?jL=VSa7zzpnSGg*Dq%!PibT3n*Po(=pJ}0FYN=*CU|Mm%_GD8LE z!&4@FTdG7YxbXkR8R*iq&tO&c~eDH>H@jEDAxGHZ@VLl(8u<;v~knK!IOQK0M2Z*MBBHq_1XG@))mjLN;|6s&F|iz zA{_pchXz7O@+@dJE!5{?&VAhWM5+HRmt*3+=aDV0P92BV?~1!1WvcHs?@z+RTnC$_ zpy;RBdtUNn=Kpr?pcTT=4eZwD#Ez4s>B#U2Yub;M@8{zDzOVPhb;GR9(=v;_z}e|K zGWK nUoGUz`25_C!8M;#r#u`>qYfp=vef#c$ZnwRC+;kDR6~Du2`dXi(e^>rO8SF&kvs;xMvOLUZkx>adst4euGL`tFgx?JpTtC4gtsmeJ z>>|$kN2%TUXKx0Tg@4x>z{;?hrc->1n4ApO;cl-xP%>)%-3;$|M$9w@Qrd7r5)+Z1 zP1e+HHi;SOL#ltNA8o?f^43`$5#9m^I#I_HM4qT=w`i1zs;aI1o#m*C`0w$oYmK6+ zuFky`B@76aoB)pVkdE(EUA%vlrYi>h<3wE>r%+33mQL5X9wk-TV9pbZB_eN)nPmQW zBn|dFFvnkwD%DR5Xt>t5YuTX;+>hY%Yq7B%>c1DqIx;9vI`I4I69NbDX+NR;2(w02 zG6!Tc=*TClppjyKCoduO#nJx^gV`6SvxrT`rYct{O~<#p|ApbEUp4A!C#PSXm9xTB z{S?|l6f8vH1PGXlD}wloAqF2HsLQzn>bb>0iaPb*GonHcPSfLZRz=GJqs-+Mlcxxo z&6FgiW!#V&GUS?XX@VgNz{;WQ_==ux4zcQ0-NK8vMb+94p3M3*2tzOh;lZpJ;znH1 zW#mLYqNr>2fEsc-j}rk9L;=VwV*99K#^{EOJ)3dOkF-wh=_wP+B#NTJfLP1kYIAKDKxI_QC2<|@LC zz@7(Mg%>vIJFOTG0T9XA(sYW{e~4ii^uR7#M?m}UHs$q+U+=2XY2neDpz}+AG#}1% z#ifFRw}6JGmXKKohb(s5_>_|B{s1q*VtFgY3CgT(gfbeVFNR{V$CabBE4G=51pGas zI=G+*bVk6v&FJOwbYbpW+wV@z@fbEC|Nl@5x_1ntjNu(3eM!N2X!pjN;>0`taFV$a z$~WyrhIy61iV7vVt72nA4-5cr6}GBvbkPCrW~ZOVqu+3czf%qWV<_f z|M&C=-ZP2sB^%pjq3qK;kY-%)gLUK>nvcL|Ju59_7VGqPV{7Z+W1J>y;z zOR?h8*90c)IZ6W{`^5zYjKd81<;Ej9L-V}6e9HfvMLw3I-dL19<<5~C{vmb!!?Sgt zbqyfzVIcuctG6FSU8I|!)IqQ!?|asF#L}(oMLTv2r-h7g&SOk;+j@`A1u!iI(C3Y!wnPc2l;<9BYHEs16Fqk9NhpHU9w2b zGE_WKag*CWdDd;_@V~noLVaCm*|bbwtZvA0ed9gD@DFh{EmNW>0Z_ z@*IAMhn*tVbCzHeiHNQJfV-NDlzp=4%7^mm&9&@2XUL>iSPY`)mc0EtowUCHancJ`wK+Y#K!#bE9B)8_)P8694t1u3jZP?exor zn;1K%9WFWprB-#tk(Y?y`2(|b9>#ux#{vOOJkzuC$J_G98QJ@pe5;50_Iu0M{s~S% z$g&^1tpaEN&~IL)0vRsrL*>gIaM92(wwMSe7WS=*8~&-myv78`VLM*sVaNKxSoA9_ zs(u6zdakj&f$7w;i4Oph{N}#naM*tI03ut1VNhL>_%0@JSb~LZ+_o!KJ6Kv8p&_Ca z5T&XXK)10Ch+WLyX?8qvoyj4%1SC4`#xwX*i|OY$;M{>|fZNPR5MfD>W_EqsWhv+0eHGUjZ?xt_T)bQooycVB}cTqCxbc>6pZFq|~8*Y6tX7XQ~!^65pxcCFwZ zV`M8gt|93SKXdm-u(*5E4n&uZGbh+AzsZ_@5cj$ex2Iu&z??Gf4^6~T1@5W^?uy%Q zi#J2QA^jC_pLtngQmY=qcEUJ%w$RUi6)fvcqOMBolZu5 zFBnN62?Un3o?j}wHqbNS0yoo-KNTQ)5|n2Acenb;yv+(cr*+p;;AyYhnJ1t;pvwd* zU`y5tq#|VOF3-cqmbwu5wSczz=Kj^_P{`yo=TF0CE%V_aYzmw%Cs2flmtbwKg|E z>FyT5{+@(eyBj>_NdNov^4HAQB}Fex(=p<|)l7NQ{*1ZXW>ElG)j;i#a$i_?zG;tn z59j*jx;IrZ6 zg`i1olQi2tAWj-9kjRZW{|pk$0kq3DU6Am@LHol&2yGeH&6+O`O#J&ODTc~*oSub11FWMMHAMH&>tg^(;vXB+Xj4}*OTIeEAN!8Sy&=o zn2Z3_iQ4IvxZf88I+X~72s0?Ns{LVXU_?K#~g0$7vlW)_2UzUQi zQIbH)TfrTOWIOTrb_SaCv!sX^sbPgPOcbzwCz0+cOFC3I#MpzG@_VUkk4-a#R52=-@BXxvd@R$hOa$V zukR<2?@_8(9(!cLB4Y!d$Bnz5K-4JwI*iPgQn@RJo$7&fJH(f(eF}iKK!9En8z?L2 z9z6c&{@#Hwcy*4>4-zWaeimPDDDlc{K2!&+AD5zR1<6c!ypVmoD1X>5?;AzGFd3C6 z^lyhbMS_ozcbj@djL>&}PpExQl<_vT9hAzw2)Hhu zab#Y%?0$)xJ#|R3=An??h@Sn>2A2gxlE#dMO(QSWa-fD;2(o#bMe$7s6tCkWtaSki zHC{Hfs-$}wynpTa^IBh<290+O3b|oe>llq1wZaCxEr+_68z}VJ@9TGnbn(pt#pl;B z9GMrnl;nc2J^g_6=*Z33z@jPF$A?XUhs_0pNK2!GeAp`jpI7$R+Ne8p|Gi7<5~5RG zC0y7m8L8;F;Wf2}AeZcE9yx$sYz0~KTY2oN_?tiH#$ug*1Z6(Dh_I0I5LT0-wZa7N zvX{Haq&FauN;21Tnjy)fvbxvyluP4i)8OF*QBx;weTVz7hn{f)JG9T3NF>F)c@qg9 zh>Yr1OpZ;e>YLq?eb|ycVO{|=!CyA+t^$)#Ln&P56%}mOx9?YVq}OM)&D;-+4;zeo z2?|QmNzGkHn85aU3AjDnq*Zht#8?;mvvj3 zW@$spx}8K(EDaj@X&v)uKyaSKZKMg~eoPcf;oTQVrcU`SS1-2};)mAcNNdwr*;g)& z{br^p4g1UtQ*1r@2D0=(hJAfZW$>36;y&kXuDh)fd`=b|>g33uz=u)$@ zUGF6}0GZ8vElN_i%0&6+bg|2HwaAra<9UhNujk~>-csaG*iwJQpWHrP#m+fcf8Ikjji#$D5ePj_m_+r8BEH;j5;-yA;W57(xj{Ne(bU?;uj2 zKU8GnL69gTHbFU9J2ZofuIU~MM~*l~=$CMo)H>MPb_+!CHbSk3MvMrN*r}JFDS|>& z4$KFF=-?zFk!;v?YLpbbvT6>>608loC&!{>Iqa4CqKMJN^2tJnMC2a}^`t;TUY(eU zE)SPFkC)v9R~2PTG4LebCqA#we#m+?MeN>w<>WNL=C^j8PMwIaI(r$9@6yK##j@!2 zcbq~aJM8Oc<}*-(x=6mx*F%^k?8MfT920;&?4Zcrbm&^#{lI|)i|Oy-2paP zY1eqQ$x~xfvNjBh4^(e!{b3jViDMsuB@YbjcZpxHCj7;&iAN@c&h)Nm+niMiKR@$> zO-P=Ha;?DY;%ZY5>Rf&sPonlXVjD5@hV^AEaoWIhU=lrbmOtXO= zOcK2VdP}Fe%ao6r&2R`#x1)1sF2wMh@bQ%JBivJ?+TgTmIy*t;p1h|@#(Hi*7;MHi z3##e}QUHs8K+Gvb7b6?vWJIEcLn2vFtXfbe$oYZ=HbQ#(1ySdR<7pt>f@gUhNkYp- zkqkzN_I_tcq;Dg4en@4;YnlADn=Mlc2v(0b{QdG@D^&;p5|`sJwFQ3d_pZHKDo^#vloLeR_AOLxVz zkq43RKYNG1ruuA`MAT@AD?w6x)SDWhG->3`1WR@+5~wn%=Ls+Nct*})XTMZfEK%U?rtRV5o!4U|a~PM*iMvtVOt_wT z;~*y#lYM2dOaN%|;rQnRgCnz#NB+mB1i)D%dz6`_24kGUcO|MAyAsZ@h|fgLGy5(^i^cHrkeWl^=hvF=wpD^wM*^{_k&T~R} zqPhSeIpk9`T}V#yfXRU4GSL^oyq#WOXsa9YLBA5N7eo>vYL>5dKaq-k88{|GLX2=Z zJ(-YWc)nqZ@CC7MpqV))THThrkcNJH(D&6aF;uvWrm^As^hI0@NBUoOR8};&_*`vq zT3|g^VyHM`-&MI@W?iE?LL0deu8&=}Zb+yqNC`v{4vhWk&q4vCHT<%9uU0>)OQ0A0 zA(;hcozy&7;c#^P9a?_1%x6WzDWvYQjO2Q=(Bh{$xanJ~p!C%*-FP^4VPqo_vV{Em zYLV_D)j5dT$#c z6iX6={yMN`$mr$A*PZ(u8|wQsG44HCbxERX60vD>OlRH*l@#W+KcM#**S)rQvs?Sv zgS8@}Jqkr3X=MGia1UwIraU>1Hx*BizIsQ-p>L>+Wn;WXSBo}LMPk*k(DcFIMu4Z@ zhz`HWGLcAd2eB#T@`hlStuJqhka|`QvT4`eU~FOrn>=GK3ek*z&lVt(3~5fXX7>0GZJiT7SWG+!EynD^X$Cn2~K_^w%n z#8&ovQlh`eQr(9^4cH&GO8U_)*dHXfY`@Yv4rB=bC>vK$-bYA&^W=?Ayr;v5@NSWx8Xh=UoO7je&D2CDXEq4L1tW3xZQDO`{g_>7YhXl!P;CgkxER zumh+33)YB?w?}69vopF;vH>||xP~&6Epv5K+da9HZ>&El#(REzkH)67{Ud^aW;WvIxglkRmbIT^BkRGH1->>O)}a3R6r>#y2I6gVB}ipAlm0#kE|ffhc3@7*|$ zX20{12JzU2s67WorDXxqTDV3TwG{#6oQhvi0#sS`QE^|%%h46Keo2@6kUN-D!N2Vi zDe>;57WG;10N!~}VLyrriGnvN&eT*zVWa})I!erxVtj9}6R}-2(kI4`X=)CixtC+U zEyT}Kge~=^h&x|hbf?1QE}XD`GO>Nrvh>tAoAl!xof_0L)yduQFG{H6Y4<@ywHv|* z9|$4F6y6GqERzQy5jIKAIt(RDiz@)7ooP`{mqH9NxxHkB9$M9|!ihQXRqCGk$QmXq zXJs%KS}YanGyWyv!kBGv|0 zi~{|!Zg5Cry%}QhY)DNM3ZVkH25pPtT#vYIBBxA%EYVE^sxM1)>{C&)N6Gh8{2Ok& zm62pLgr_0PU9qACO-9LI1t`VG+&>~6ykIryhsJDL^`nFn2A~R3AT$yS+pk2D+XP(%s!9ozmUiu<4FXNNyU0_r`OcbNoH8 z&;Q%~Veh%;o>{YIX07YGmcgSPZ}@NVU1>h5$?{702~J-{&m*j^IWh_fR)^O=qQ!rc z-&_rBhv|k@FE+;&3`DQ2V$8r~%E+%8uVGJErB~=RT3N5jhnHY7;bgaja=(jkDpE5n z7q_7csOB}TwsvWgcS%ZqIZboHw(e##ZYa^56u?&H@neJj$^Y@JKz9F`*N5<3(D%Yn zReXANAm6Zai*P@!W#hHKZ1>sw6u`aG_+nIxaCECFirO!6Aw#s3U)*INcb+Z>N85? zP_#}Gq0?s1OFz$aAl`>EZF&{v7XAn)5|EsUpkgs*x(n)L_3QLJQ}z_jTDt7!2xTp{ zhC9a{?<}v~Rf&iC%eZov>0wg>=T)P`Z$-TYRo%IM$(IoMWk1gT~$E zZg(%!=FrnFg+dL#xHZrFqkQEmdCU1-QOS}FwVMMrpsm3>+rN(C!m@)H;B zxdtg5fA^&l16Gj=B-u_zWw2J@LudRN0%2gM29X9n3-*xLMh7NQ6xi-iCnhjpsW#G% ztavgbyu;S^r!&I7-J6;YAkZf*?@%gF)midzWgFtDysq8nS+&qKxMH>M|X>pHD9@L4O1gF83xJm zla}1$b`7WamaUAQ=jaiZ`A^ocXGIKmcXr3mdvEoS1WQD5M?M~G=ud$B6O)N8f(1Xw zKobdO9Txmm5OL3Y2ek>te;x>>Hur(7OaCjX86ukwj+0l-oWs@j3j!FsU{%V_E4;0f(q4>@&_{YJqgFSI3a5^JJ9Pp50Cd@P? zN=u3Vo8F)K0P9OsBA*W@dRBkDuHR1-T>^I5NY=LSG0z?rmRY>a)9y5mZ{^ieJI{Na zBEuVqnMIPId^7n`)Z|Z35ae|eB1@S1cywgKb$)_bca6e5G8hrY zDWEjyrFcko|8P5&D#fit-2704q$B4Hgb-En6??s2ir%df-|1d|x;73a>-cd7;E@sQ zv#xNUK6OZ<;^1)cg9P859*-YAWR&y5g+NTjGim9PlkmkAk|<{V_(LFLknTzFvVj=M zUNGrsOOZL7=-3f=6!+kEm(tlV=X&q~32*09U)oGt-=E)xldlc|$&+cwY#)mNHMtMn zMzxU8*v!w}Yx5GudV?~7kghd9*zQgXe z?Es=Qd>>nw$}spyDv%|H9>UY{ILLQQv9TisB2R&uE1^iof^w{ax0m5CyQT>5iV=br zg6E$LQ!9{C9-7TI9Jow3bbI+bDg;YJMp80*@*-qZyV++9=!iZLFW#XBb4Yitqz?4J*r}yB zZzZhDGxIVP8Ax3ZC)-nW+;bkV6fLypjq83RdxgNj4Wfkr5crz6iypb}$-?j{)C09* zwUI*%q`G{pMW|o91L3Rn-OBJ7bHcNSfXl*1RSCkCw=qbIuY8eEZ$#?f%u1@}eRnRG zdwj6RO-vu~U65-l+fE1{*Zj4I1KBqMhdozKSK)~sRTHC` z_Q!%RD=&56-uNW5Exeh-a!pbbt~KXKIx|(=RC63IZ41^3*}`1SjE*oY;^<1&22D`; zmETU5r1b^pGdyF8ji8<&V6{E;?(Jn9A|(GP6T`)fHPGv(7GYmz1zb5$XHVp-B10B7 zRFbJpWN;I5LzBN1ai^JdEYPjXsNNTilF0BJci!!A*h*x->Xh(ZIlhZK6DrvZO86BB zWHsAihn3zS>LfI%WmM^s)6n;qHVGFB(#7H-kSZR@uzgd3{jBv3qI)2NFbR8C=Mk=~ zD#gJ2Xbr}4voCr5KZ6ViLTScXhMDXJ9&SCASd z7SI1a6tSavO(x1a2KF2CB;gLTuIm@rgmAa8kAZX)Up?~jdD{}XtK58o*@@9f4O^sk z)DOGZ3S=MYFbezpjw)%C-Y&>f2pS@4t8mcjy(XL|hrxPAPcvGHOkTN*-bY|OnYQ-2 zhA3bGGLtaDNUZAA@L`q`ZXy14KE5r5>6~|c1U|KR2lXDc^@xVu%fDe?=1edEQfUUh ziVHw`7*UmB0{|wm2dIKp8KL^%RTV;aIBYes7voRqDN9!D*gn5>XV5ouVrMv`Lie3- zZ!=Xzzy^oHnFi%WNqplt1ND6_Th*4ll)vAyfsA_DGQ9me4Y{0PW0sD0z#GW1r+?1r z51zAGF49*4TVqxUfY|xJ;gi320mjHjE?AOHp$4Eq^VOXAc;DF$PLJj@)1Lx9Bg0 z6w;1^*1v_oL#8Fx?`if#Y7*TSw?94k8AQWg7h)M%{$J*SlU1S@iBZb2?~OIQ>f6x098W^^OWssTYZO1*Y5Rn329UmrU97AABVOc zc3iZpL`{0PTNa;X_^OH<5l8sk(F=3G=#$p!EuMG7K9k7*xq$vVr{W~;3Y|in4iDp# zuyIQx0gk3G1K_7^)1;NS&;I;6iqTi2XLiDgmbc%T+>^BdfM84wErHgV8W0xSz$O3V zurMa@Pmf^kG#pQKpMpG!>s$LT2yjO@twC~Hgy1W-E1`PjKlU(PGJOvc$hvrGq7Pt1 ziq~N#uBP5OcmFfm|L0{=ln?#7e&`oxORp)&vUI1N5IcUjw2x}M>Ccm_38TrUoV^1K z+*fF!LDvOAkR{tq{ZF5sTq2MCa#xy=Kbz$z^zG|9GGPvnxp-@j{rG`*bw3?)zD94hnhNS6)LBD*)IkcUM`VY zsvhRFtQg+@r-oM+(B7cDT#JJ*v`}k=6A?#sqlRSSX?3w|N=RI5COiQkzh>Zk+=b1+ ztq+a*2PQKg^jB-=rgg}&3d~>t)Ua*96S~pvI`u;y#>PX$7r$uj3X`_fo(5o z53wiDbC2U7?Ts7@UjiPXe@q7eT{Q|F(>#UMDs-xw+hR3u29}Ih2!FaUL<6BQ&e0AGxzsZ$|Asf;uu($xQQ^2o{5i@z7)GTOCbg^4!VlzSrYcuz}$BFzWuT zOn`nKfZaS+-vp2iJytOfq;hAI`6ky3EYnQse=Q`4suk(t0qpsZfX6v<+K3Q6QLDPt z8{tG1OUWL}UWs@BkRV7q&mPFsAMIjUS*=gh zi~chdVmdD#`!=my$zQ2G>3Z?tac*K-#TIEyG3w=aRfUYCMve};hpVz)>*OiD*1@Sx z%n0m+9_F3l-Ny}={&cZWxvZva-NS=cX1cAyGyssl*tnpDAHPBF8ABf>VlO*vyg)c? z%p&ZOW7Y!R-ReOaKBpx4G>aMcqhC)BG44oNPbA_U!&W1th0K#ptJt5olD_h@&ja|$ zqmJ^80?c~=hPOQ5i1W`X`P*W2D$&J!3YAJfDRiRuUc$*%(Pt5=0!282tOM3sblrXs zR?>q$H6wDV_$d|<@Rfz2ju~_w)Bkyuqiv&zSrp1e&n05_32G) z*(Se>~lP{NE_$hqsN)Qkh78^_}(j zf)xvInHM-)3QDX6VxOw^a>osq z02O39-JOy-J10(aH+tAaIB+R$=a!j?+ys?EkT)+QWU1E*fnVQ|zf!HPc0J zk6@neTI|Z`N@dfiWN0@$C=LF`)4o?MnUk2f$!DW5`#=}^(^&KSwTit8QULKJg-BK1 zam#PHXVTLQHANosBs2VfHl+Bgp(-pe%b*;2vbIxI zuM0$e9genr22Xp&;9i+a9-^$f^4n7TZSqHh9y&t4=frMCS7aQY6~bhn2sJ!;Wuax(lRfVqo^pWE4u)&ec{0!!@m@H{$aY`fOEFdh4QB|7><7UdUb| zB5JsS;wJeL&iS2XlWHpWM+c{F8S;kl?RtGU?2=A(s>*kzZE~oU3!k*INkIx;N3H7Y zy`!GM4(u+zQczfO4Incs8XMgJJYX^q7nGD-3P4RV{A zb|wJ)^J6AHFY`M-T5$ET$`L&k`7{9R+ZPYmlH0z9K50u^AguMH37vxrB7JSJL~=@5 z3HmD>Xl?-$66_5{{7HMOZGo*KrdV`irj=mpn5VotqSy4@d#4ZsvvLul6AUk+tk+%x~TbAorz96nR07r@3 zOE%^TNFC!W7P+-_)P>ew^*Ff;`S;C202BMblpdbW@FS{k=`4M5XOL>m z6qbDfs5}SoIcx_^Hywb0)a6a=80p_zrB{c=^AQ{}z9YAE7<5TCiU zc1d<{i%sEPKcTOP5^HJyQ>=bv8$Y?XDcY|4Ul`Z-rB(n$B}2+NXqmUp$I2NHZa%NB zS*$WsUJ*D~yU5!|a+s@LN2}k6l;lM4eB4xI@={yjT7iXQrSBcUQITu@M7_j{^t1-h z+QpjMy@HBcI)4p^^!8p2F#8ROt@v^@l4`o2jy|MWXJ}sX9JMx01~$Ufv_5=lPDuw) z4aU7<$gl628?$WQy_k#k?HaaRGiTtu7oQtPZQBdVjg`OCM6JoN-JC7p%a+%fIi@)P z0R9#ag6)|d)KHYL9|YebKd*M?Mrx{<2%LMkWQ+YIb<|*HP&uQwG1WmXrtBuarYcZAqu$voTokpK#aE+5A+^KAfo(C~;+MhG?*jmD% z%Sci?b#b8wwmT))T_Yq!iJ-a@ zK$pj=ff!cS0j+TE={jV=D@M;_K>=P(4mI?1clYY^s_#|m934~bWdO~$wc9lde{mbo z=tv@c{_^j=^^^+mNQ+!80H<^3h#hTma&M7Te$2w8TPWsn%)qpkq#WLB031NL$l{UI1c)_RToh4OUbH_HC)dM)yB=PmHMHC0IhmVq ztsRqD>z(*MMpMVI_whb_lm=UATl+!#XXl(HWD+>ePe_yvan$_P)v26;`7X@^+qisW zroTCEIz})d1#GidYz+YBer%{;gX(K3a|z=@d4P#)^M~og!0&584qyX0FmOkF50QYm z3FfcIgd^#h{5mWG_A+qW2pz$Qj6X({I(s)<+c`-jl^a?l0zpBa9kO(&gm3D66O^1l z>V^PQ{5GIkD(x&s1(;_u4FFX*$W?oD{$t+ z;O5o8^4g1~BOixPkys|4RV9;C`-fo^GJ8z+$wq*<=|VOQAPR{K`byNtm=aN8X;kQc zK*>YBowR&QiJ8S`2dGFhmCJFchQGu+OK5Ke1*tD&Hh0fRrU*VakPhk%k+0R!3(bC% zG*mROtD0~Fp00-XEhsgc*m1AeHIXb0cUa8b*?QtQy0_?rs{{Sf-JVt+sA1Q~NJk@gx1T|^regQvi9$V)eV_RGtEP}o$Ih{mh81Fr5I6&te*c69*ez$bI z@+$Js!}=T4j}m>-E0rsXwDNU#8cynlMu|oqh!-~%*L(}*acVt}3{)cbQ!n(Bp-B#b z@X$5g}-jd($eYMlACYC@~wR!g?qQV-7lXJvvUQ* z6MOVLCsW_o>s;>-HH&DD#XX-%**C+PXiUhki(mvB29}{&f*Y%ujDS6t4qH$Ke*O78 z=$!WM1jwi?PC{DyC3W=CR*YPK?rDe3bmHFwx|T<3@%{)C^Ue=y-poSuQu=On!PeD2 z!|W~FY>g*#jOFrdz4jo)@PJlI6NHr0YJ+U?6UZ68Uf*aJntbJek{NAjV{1Hl~Hf> zA$4QWbt$q6VBk}dP}BV%M5G$mCcNBQpAdaG%tJ0we(I_ys zIh?hEw7)>nN_q&uhhEfk66hi=y20Y=^A z78Cs5)F#59ORVqd$BW$^ZjTLeV$#Q4_bV^&bh6EbBk?QWj~VM90!$4m7qbM?$DLmu z1aOP@ie(r{Zvj#L)VC1?yQ~`XNDP5V5q9pYKG+o(0Ey(~yLl<4w3Np4Jcze?m?UlL zqXhA1Yph*c-;H5I;9u1@tM)!G_f>y68*x)(NhqB~nm(MV?p3cDRa$@D8X=2j@HF>e zt$jF}oS5>*CTiQ$*uGtUJ;<$I@h1J-+oKNR)AZ+4Cd`9$VV$j%@|=zzyMY*vaJl&V z2c#==D&)ya754SVk=R#y#A6zmSK%2-fDX2+e*m}jy)8C+E@kWcPyUxGP=yR2z8LFT zS%4em1*ThWp_>4cN>Ut^hq)sGXrfh#0mPR%yvC+k`+K~&U<<;h(l_1^lslPY7Wut^ z$$Eurh?GRCm4>Y|dw_1ns$1-8E=Lnkqb~Kun`!ttbie7-%PyamcA;*}prhwf?5HQT zWzO|z!<)b{ka*uPijTH-jND_RcvZ!D;1zT6f>BEPq#WA$*)3o$O;z8gT zM1`mH0Le%M6N!Ep@-(zP;3)iq3Wf(``^f~ZSrb!bpBXE+3^>S=NOM!6*(qmO6S%%t z)XgHKuVkNe$(fv{Q%SXOqdy#GWdSUzA+y%@`Wd&p(Yu`_pA%u8oe9zI8^PX$JV!1B6+AGtzt++ZZEN3Y}~NigkFU<#o3bjx{sg6!fMzqA`Ue7J212x2buBK%r;{8f|9; z{+^D4XYnBxDd1qL@J_f3s{tfXufUkLT0eG!2spg@!kIakhdnR|Japs@IlAqLW}|A& z35rf*`e{dL_>)2^BCdbh<(fyQQVF*=h>9Lfq4=_6$S0)~AtFBdDh~1L4cX1@7=-^0 zqnqIcLCikc;PUllneE2bUueT>9xss^Qy`vDnaFmC9h0hf%^UL8e1qF35A}Nbz$o%2 zW#GwXVHBD14UJNX(cv6Uro^qa6*Ubjd%McNg0^l^gyhVensw{qDvcm*DHI08X*6*BXpJGw0ZlT$aLHi2C->T zLutYjOG2clPW_y3#V9gp#{eN((VK=n%|nTXaT&4UQ&&|rY;nyFXBw8P-JAt%2nSsr= zA^+#zV?~_gwTQ*NviI8CH7axqlI3k(&gJ=B3wE?vaq#bNnXqby? zrxkr$o#tEKg`t&F%m;8{A}&P8Jo&F9J`yj9l$dU$vYr}N+YoMbc*~Q>YQH-`wrwTt znh1l+FVEF#qD+Q|*FF;grxm8m$C?GRlReKqN!6p>By-xdqZTfov&9Ex6+|)Eq79y_ zthWMZr!5Wh?_cKA=4|_fGyFf}m~#b;uE@!v*XGsEHgHIes5cv{8x;yBOViI?-gHsE z6r}&GANDS`<^8SCnt^bl#)TVm(R_VE+EMby)T0Gtg`0=+G-5pddQRo*raNgsO&Ayk zS=$n8qPY#<&~EJu{?@fGEQIu90(0_HGW`vZ02vrk|%0pDBE<@_nr@pQx^tl^jK{>bInkH5V7cp^eX zhRxJSZ_M0o&$$DCM3Bk%bs^kOh@?k5{U-bwTS$$;b*6nmC0_s|YH>OYRjL!&^I1>_3*!x^-{^12kJkmi4?qTG;B$GoT2H0gyf!A+l0^h{BpF^g(ssdf(jRJ-CM z0{^gNXr=(6e>3qkzQMI|{2FEL14_R;Mx->!?9q-F|9uge;a`S(6&!96dXhy<^p!s! zbL2%L`nN}m`$JY9cD?*?{N!C(N>S5IyR~}yoTSgepcS>vRg@N=}==&0q-h( zeYDdjAicdbmYp%o6ijPLrl*Fehbt{&NBY?PvX%%%FV8qPoB6nmjQNxGZUZa0sn^)G zNbbe6bm2WG-?9LdK~3355o=yA-E?rAYi|z#SU6NHBXVJ-h@4lwt&9Citv?zTY=J1T zi3IW|8wd3+6N=1ryL;bteHnRuFjUX%o{HqI#?gVE3fTZSYhigvE+|z19ZOrXV?82L zb}^L;8tq@?47_}y zgrD*O+2<*;>u?^~-S@a4yp7`R-O;|m1+w?2QgGj>$X*JS!hcoiJQ9%7CTll{?}Piu znqA_ltpR}a!{VkqaeUL_I)gjMG?1RFAcQ3uC>ifx7kaeoq+7-eE4il zmvbVFbcGflm; zM1-A`48lduiNa!B(y{S*CFa|slZC?s^F{u&Li#icj6hJyFuE5t)7Eyo)Tm3mfg7xv zftu@VaA6+4td#vUyg>#koMy0-P+_eOW8$WM8R+q8-GjLt=K<6M8d*u`YQUvDpJ1MK zc6MZbWvATY8LZx3wP7mv5s#EJqNpOGzQxEO_sEd}&TKs{;JuAe=mJuOxQ%sddT{Sy zLq2y(#d@PY(HG7g9PA6PnIH5k!ImK-6Bn1|oe)i@eMTz6C>3yeN+nKQydCO1xOQFR zQ**^DICG-OH>6t3Jz@R2%KMNMzw3zWNY&?dOB_DpbOD zAl-G%f;4$oW!F&E9+CQZF^Fe=>AqZqx0o2;zYl`8KIs%LLYT+JleOgyMJ06orgmX6 zFbH~N#P2IRE%~-C715bl>dd>8_`Mv5M@GPNvAFSiE<2hleNpJue2+2uCEFK1|2H5d zmai$nB})TPVr+HJM7s_BQ0Hu=<8OQn$}~JzVZ4qXc#No@GSJvPJzCjxER7!98~=+X z*$Sro@IBwie66*k3P?&PxC~##xXgaSp0WI18eaUF6Qfk1I0ahu1huD*LGsFaW2OJqWaDa_n&Sdnpi z*5LXBiAj}UD0%hhN85PNHjUD3Rrq&Vgr}JJm z04NPi;NNIK1oIgCk$W}w@dhJ;KE)$f;<+fhfu_ABmxKy@l@;7oqmgpS#V=a{CMmUU zksDL$#;M@=r)VWmVq7C6ybEf^I&r26IeS2U9xHaV%ZVrxjs!&rS##Z@Fk$hF7~=?e zeG(~?YoB4IrTT9FpvLn%SZkKhMx@Xdp6hGIC% z)-(OetCZowD-4%zro4^4MDJ6(oKbW;nlD=f4Smb$L54=u}7+NTekB8d}eGHpj? zF2QF#^|g}hApDu(GJa^w@I<}1DW*hF<4G=eRxew%s$ znJ;~xpt5=MPVsbYe!s9kKVtp>%K^h*8~iabIZ*auEp7KmX)WKf30!`*#pB;=JlwID zXkO2FL5cmuksF1v)mG%ovpC|c)Y$=Cyf?_Tg1%DRt4_K3{`#4n%*AwJG z&4M&-*p1cER#IX@KQ!7iFOcL~q{hNRyUIvjFm^e)A&1G3eEh(-{r;sy!e?aCmQ9%? zyA+}}#DEYEk7qwfL{{ztn}YBBTLtFi<7TL&Vg#Zc5xFv94IuXDQohIpX?Uf4d}LmHh6SX zS!^yh@L}mlxbFu$F{tZwcaAENWeF;fv4#5DXkv_QapDb#=Fj~Y8`kyhvLcI7ds7qYgvp?`kgP52 zn3!$BMx!(ht-`CsXh|HZvP34jy~SGP#01?cz2mBu1OO`h=iXOmpj4x=<#olF`~_#8 z2-!iZn8P-EROr5EwR|4cdN3!DsEGE*f%+$8rivKLS?qur{d9!1InXyWwi+A0opdcp zrBQ!F$i@%7HC}mk&WTvopD0N$XHKHXG0eX9R9YwJFWTJx3kaa+ZRuPNZGJP zf~C@8{KiOC1fW)|w!cd>Lq!Qvv<$&<5mB!vpQbbxmOjzgxImyHj%+2zowIj{7bW66 z0T+I(mYL9cM-Hlc*HOG{qi|6$ppMU#{|fY&sz!#+u5FauJ{@IImQY@su?r^T0_S!4Ho_n6c2Q;&)vp6&s;Vyx=JN1Y4(qWbz@=-AiQQi#p>q(bJs1%WEo&pq}6 z%^FfUSgaCE?zf>Ao2L`9Bibu#vbVLSIDctGsRy^VUd1e1m`~C#O(r@msCC^7N2!*c zxq&ow$n|je>gug|27>o?%iu&r032TbbT}+K`(u&K&Ixa=S1nXEGy`Gf#}4y>Vba|( z-*YW>?|$^sp&iKpQvJyo6qbepRP2OU#hTQxGOq#;_6YGi_x;%t+=RM}bof|YRe&$DxC3DWH?qRI z-^Cy_*={%h@iV>jx%ElW>YD*;qH%;ljRYlLa*oQV1TV4fn1v?G%7U|3+|10(8BG~) zSBl{rDfG?vzPw(0Nb!AjTLv>n)|y3PUqGZGzewpL)~s9Kgw#jqJ=s4vHBjkm;q9LF#EQ z!9%*EN}M-NGTl$Z5u6q@3@~?DKm)R1FxM$O!$!HtQ(GOpL}6ao3K&+>jzxYnGfm0G zXmq`;{3nTWsfY)71rbk=r6g~RMYh}%y=K_1`bI4l&1ElH14S}4GOyfvM|RFf62MF& z?u!N$(sKf1mawb}`7vf!koj>ol?Jk%&n>-e5I7eob0{$W| zv^tP{;A%-^3JyU;3MmM%IxQk&^m$t})*k3lwY#54u%wA@UZl365}UdwZ<`HCoAFOL zBu4}^3s-6*TXRWT-?E~~pZbKGA2BdS(4}z0xVZ;tf4jv&DM${wP9p z602TTsvqBK{8T}(IRnyt`4kyKcmd?PfM~Vj+a=2gv`cof9%i9m6(BjF5ln-w0@FSv zwn$YZL%r#birp%B=KU%d~oPsrX7bqeIl>t61Y~; zWN%erCL|ioNcF`o1g$N5AX$PUrXDfc87;n;8HBvv-iLehL{qOo`cVjVL*kiNZO8Vj zaS`(X9i+X^-d@hYPBEOZwxIavmwJ_0sH3kRY!=*Q7;i@86>Qsf2FQRUNJP>#KRaOf z&S**OMsSo(Y13^2GY5XS``Sn0=tipwr$dT4R$2F(SjG!X(}sAJ2_a-@6mVZO=6URD zX?1Z%U&C!SeS;!S$}thC4h9V4uD*dft=b6joWZlvJ(BqZQ?+K&&DGD!wa;4}tSL`?jX8dj+V+KeADPmPY)`?#7F8idG#Q3gY>s7xG_B4+3`Cx+R zY#k(Zz~>aGeSin^hR5UzJ*pTvY?Vg`+Sfts9+>2oVLL?5WJfA@f2rz&)fEQ&xS&~) z3Wz`+RgUl`K^R9w>~-mdZ-@EUnTW0i+23ms?EMvqWGD1GayXvO$kXhCbn#qxCxL>U zgRc(PX~S3VX{^rj?_PAIPK;1H6z) zC28L`i7Rul@2rfiKh#t9;$dQD4$GA6J|li%5>oz3`t&Cm6ZW%d{tI?phSLwG;Tv!h z^-AyRl55XCtkuSD%ZosR^4wN^B3NQ5Al~8zBkES|CTf?s`Gwd+!TqHT2cA>M6svkS z{mRV(siT(f#N+jYT={~`rl{7*TkW14b6C<(qGPQ^Odi_CHK6dj1=ALs^@S=?mIutm ztYIsQUE6#fLH{bMO(CeAo|Dj_fXyX(=2m2Q2U`!D_o&i6BU^MYTuF6TuvVxiKpVXz zCx4DvmT)xkgWK9zXP>F&Bak4R?3qFQX#H&Jk-{T=h1=aI%ykHQYJJ@-i?QW7%1M0~ za)kgX!h?-%JJ^LNHl=w zROD`hy@FTd7h|gxi)56uQQ!)X1)>c7DSCH(L{+NFq3w+XD*E&>N<+ttn}@B)i7m;2 zkPAs`FVVBWv60)g1HgXj!5vk|h@5_}yKmqk8xrEN3Xfo(*l;7j6$Eb7G9$F+v`h`# zQDHaRoXgG+Jhu84w2!du((k(c4C24aGxle4#hSDWT#-eV=>OQw9Tapb9HyMuAGD_2 zo{fd~XD(DC5m7k)UR=y?ALcA-rTFC2Q81BkQ_#fw)XwjC@iF=6=zYdz^}9rbVcX`` z72%9(F-08W-54~B=t2ON=%uIAg(E0YBy}+%;FHsIil|j%%o8%?l<($}dvkl*2{v4# z-w&oFeN6NbRL0zTzxm~eAe0b%6qH31k2obKM<;iMVx%K}w?wH=aUQEa%^xI%@z+Kf zkTE*gl+P&aOT@7>E?A5lLHY1N1pA~@opWEzalk6KATTV(n(ZoHQxals#lbkG*z@%% zDeplRH!Z!~LGAUA4d+$cf{!Bc2;@(y=)Xl{*gY$^k?H0ZJcuiL2`T4wKVvCFwz~u@ zWhdWyMD(=QPihj^0(pqz@QXRz)yEEiHbjIw@gle(HrHZ+2ei@;skfL4@ne+f_Alz{ zxs!bsN;v&10<(3toS%mytC$Y&{49gSO&I%U%GizkAKk9|2*%EKU6M=J}IAE(~T|(<$KuPm=Fd_4WC)Su& z%EwA<$05~<*Nq(veC)2yuDC>)ccsUBcV(9CrE-m~E*?E%0C4oenpQa%=c1_GSwB=#dC;KM~vC zZr|moj7oGH**I&uF&)m{T88-rIc{4fKJ6YHjfKx4k7GQ74fz`CzE@+TvYL@DhmtN> zG2<|Xe>FGVEYihE9XwdzdWmkTe%OyLglwN#4~e$)43409T#rN7rP~HCY)AUj8;vVz z#z5?|h#*x6p8%+iykk$vXhUvK#I~ed?E|`tA$ke_N!z!MgiI4LW!2S)2#T#i<_{6v z=pytx1_ata5qR!H^D4v8{$JDsW9; z9VpSu5ox2}agRKTHDx@FVRL-UB?}^=qIyO>u)%lD!zbPWpE77_`~E?c510aJ>6N3X zL-(Q0Wy@Rb>DaMQZyZQ(z4w4TMgj9l`7IgFYNlIpXb_P1l`DLvru16vtpgq1e)1cS z7i}*<CVAgMG+TbDkAfgu5pMCAPSUnE+aJ zi)yZm$^1I{TA-O`y)s6u%7bht^u+bw^Z~qPe^KBVwEK*~N1AlxEc+UI)ukD8ihd1% zT*a;S&}*^wt_6z&k>1bD-a%#gVZ2rUh zLbK?Y#nDVt!ZH%f_azL`5z6|&Gxs$Hf6~fI8d5xJn9CMT82`T*_3eeF87r&)6^M{q#h^; zk<(gb|BHPFKy!hRLQW(BNc+`Pum#e~>Ct(`?`4V*WtMy8u>rg^>|;P=;k7oLws5)H zZ24ezccmhIqvj%L1M7J4$lTC5`q#LLea=V1#q8DSl7j#KxR66VCSHgVS?B`3&bZpG zx?7G38||aSQv^z3y~O$MvJe+BZu4j$AYt2Riuey0k)IHJv zgL?-uR&Tsp)gaTYPr-Sb`TiN~XVxBU>jVQl+60Xi>uOpY%1XHa^(_S6N;xZi=eD2? z2Vl)qBR;0AypJHhil76lZSc(bfIGe~<7si$NsR;}`>#AjX=daMgoZQlmx>pbF4(9Zs`%j)@>r|=^)qZj%! z`ePkis%w|raW<>Y62~h4*xPT=aS}i#I~@QEvNEt1QZ^&$yzwYG`hxm49ztt$L-TPC zd$SPtNX4LZ?TUt_9%HjmJm6B1M<+;gmtgNmPm+n_e>BOjvwe%uRdDQ#X@+;>IU1SJz!n3lzJm27Y8x#PHbTtkWeOX>4( zvS67oywvJ#!L2rupU`C>Q%JCbK_tVS*;V_IXAYE>KrQIlWU6j*mCoghdF;PN`x|z@ z^#^ROgU9|t8)wf{DYxEr`<`MQAX+R2nQo*no7-3PGd5m{_#OTIFOnMwzg*V!k9NmH z3X4QXuBzl0v>M`nHV^u1`-)?&2JsKN@g+kF&pkuzJ$%&7m{N>a=n)Y`s6N5ebd7!l3lAnJre;`^~%)Csvc{z5Osz! zL!&=8SGEt&ng|q|pm|no?X{V#{aOpa{|w3VZufrfi8KN^l#Q(dip2oT6NvL#c=E#j zZixT(uZ;gew_90xEW>vdjlgZnCf%2*=I2Ub=qu?2?4q7}r`~R^#_LXovY7wX4LW$F zMJ?fwe#Q>GgxTg}H`2fiw{o)~ByIOwZ8yS-Wpi!Kd*x2^0jO@)pGOxHox z6}g$RR(Z>N>yMJkzy0&~M;zHl^Vosth*^ZFsr~l>Iy-=dK5NK*;cG*KaWz>74@F^N zuZd#GU0p-+AAcSQei$=2j78d(UH@2x*>W-_iEhx4PXM1=wtoX?@?P-N{TT?MdX3hB!L%E#+6n(9fjPrOMO^f$iL|F5^}+|VqQ zWCUWYRxAQ!dK>B>L~~$^QlKxB@5?a4)&)un{N|wkef)&}`agejefZnh7(jKE-h`oz zAux47{ckb4za1or7rWQkFoS)LwKtnX5nAdJB6}Fr445v~EYyQJI$QOBiGct4$FEiQ z1STs*+h21P&g_TEE1o9oH_6%rlNWqu_HN(T6;e=qn8u(J0j|bux)^UJLyU>@}3^O3SJTsMnVD~E*=qP?g`Y*wfe?CQw1oWB= zsKn&@EVRt%;(AqX`OA;>+svYT4V?(yy&@>BOsv_TUG5mHysMsLZ7bPgD=PR$Dt+Vl zMrB1-7&NHD^i>e!QyCS}>moaX|G(tmf94FB<;m0;IWzISh9+N`a)*Avr>a4)G2@He zs#r@$d*}9T{?|;4lVHBmBO_?YwR3%;sb456eR!L>Fj`4j#3DUet+bap_y6&Am0?+> zYZnj|1nKUO?w0QE?(S{@X_W4G5s*f@LAtv;m2Ls0JHP$T9Gy9HobQj9KVF`__fvPR zd#!(K)US{tI?H*BfBTGSgx}VF?)8{Dep@xX=XYvrYQc zdvxH6CB||Nn1kLpiqkB%;Ul281?-n$@yucYQ6HfF{9d2RX9m6Gyu`H&Pa;J_IYaAo z(D>s$(2wTdgZ%oi`INrpOzDLCY+M-3*bWeFANf5&(9pTqe)Veu))M&x;Qbq*5vr3d z8mc!s1R6{ePB$<25&RniXA}u^SXZjfi730flq3TBirDoz7}-)Pdy~5q6x=zD?rG}z z?N4^4WEG0AN7`hAfW799=DnEjLg0=NpvA3eot6G|=51i005*Ispp(emTj;J4(5Lpu zTCb6MoC|u*p(X^59|{~p1WiBT^ppvDosO9>%u5^>i}A@V47#JB9+Xiv%T2v<1nmB> ztlw^n(dP|-AHA;__t0TjPq6HpzVnXlvtLVZK!d7*O)qoX(=_#TL}>oHt@cE-&K7vW zHgOEK619}#rQO|p5)*xeYft$%IeCp}I>(SXgzK31k5UH6(DbcWMpc3r>!L5WXu26d z<)WEvf9S)2hp**>++;9&SYHZNr@|29J8{arsyUZ$rUOv%>`(m5F3@TYdZQyP-?-=+ z>;wLGdMp0N3(PJm+hgk9rTu?P96KolKDic%#tTyfj-N(PB1X+*EPWC zIQF2c04-}^5tOy0zL6Pd>%W}%3rzoQ@vcc>!KWL6VFJxMKgw@3%Kq3;ufXFrH6HJG zvo={jswY!h3_h(1&mH4pj!O9Bsvnky$l=pG^60ypa9YOW1@~0{X(?=2pd<{MrF#0R zHnyxjLRK{V@t!39Ws_(%-+Seer(UHA-f4;JTU%jRX2-d@lXlj~q0E1RK5-k8)$%R= zi_#Q$IrnIzmNsgGKZXFaIm~<{k>&6SOCsNeUsu;{8PL-H6v29~2nf{pd%#|mu`>up z|MVIR7Eq4@trqm5pup3F;a}E^cD@hhoyfmp)3gqk5=)7EI{o#R&-rWfgHMwU9+Yk* z)!r=7>u)9p?6>KeB_sRpIjVm$U;pQeB@96ACc1@9b-u$;J>_Kw7%xMvW_q!H?`Fpc z$Qo3YO)o9*oB0FZum*PV_gVjv*!j!cf=5??aY@tZ$OZEx=%KV()v4oOxctlIpDCNU zzZr%GW}vu;yHe#4*io15s`zcpA@C7QazWJykX(F!axA^0e(Tcs*S!DTd?}#LH{?)C z)D+WP%raF6Uit$AcmIA+KOi@()`w6QBsTK27BWqLsTb?_6dOeTDFRoGQZn`JMk_XU z!`f2ORA z&#X{94J5=4Ww%i%jz16z?>IjzfsMK7C*L9syEmb}TFrk-# zYQ2nzp3n7GY0E#U$^J7*-<_dqIKv$*442L`^-z^QM`==PR!;8=lAk_Q!%bnn^(m0K)KEt{h#h0oDI}Eo;h;u$CKVR;j8qxh`s3Z6nnsB_&?pgbClS+%EUk z4{U91fmJ1d#OWR{(69j*gOZt$A;6M?)h@s-v|v4iV1P7366iC%+09?sBmAlpd!{(=GL-5K_dHx4exi`J%R#hUFAFB zkBg#DG;ttSZ!<{T(QEVJ25;qa?DMr{D%ZpbqZ=be1K3@d4Ck+`kOzT>yoo6QI-8P$av)Wlyy{ zI}?!f02k94yw>0{?f{JoK(b!0rEv5v8BqQJOG$t`em#ho7Xf99b+Aqen&1*M!CG`V zRu6LFVC|0x$m_P$++Z+`>%ctqVuagGSfey%cbDM|7vHQjHyTNi3 zZ<5L1ateJzDgZIO$)*>Taa&sA?zdTF+5m*ow$pH2NrCi3fx7Xz5Dk?y$HcR!j>Pl# z6gGi;XftJ2VNA8Av(`9Z ztH^>epx^;}X@I{$&l2J9j`hgzX%1y3sk(f)n+|D${S4Y99=|RmTVRnS4+H1VnT~UxZ}(*$nQ%LrvZL7Pq$Q zXOuO$EG^W1*!7Vv<#gTSUeIr5EC^(DFLUdP}*O+QPwr`4|F(9US-#%ftFcTiT=e(Ov5 ziMOrw!i>7UHz3?(R<4+r6G?JtH1$e-k1uR)tVnDJFxB<~G9=W$NT^#t#k&3Jiw5c63c zn6Hr(9u#()T3CfW=AwIGeiynpX`b#u9;TXp15h1brS9;UPvyxb3kOty3I8Q5lLtO& zeQq%4-PhzqP2P^t5q7#M%(y9xc-2vgOSlIJ&3JIe01eL96_5&Cb2V$M#m4rw9jC*)O2B7EO3vHm%T!)gDB!j2e&-%h!Un z1x7yeC3b{WgCP{m@MADWsHe{#cYGg$$y!JV<1tTPvgE}IV0PhOqyTM`;Qqx8v|yEx zp6_55N%>Ka#23}}^)`UW5SrXQa0%cApm9N!R$r(+J7tZs00o-{3_fNrE3x%gOL&4O zQ=2_3(+@`iplzG2ju093gLh`xHJN=^PC;<1NM=FyF1Bm_WW0Oul^;*SAm&?Hy$)^r z7W6`zTNxQz^$(n}0?AxpveH1@YdoWm)Sz;h)rZY(Lw3hPFUPPhr%?vZq|T(xkAs*u zD${-$;SKGP>#2LQUZ)quHP=O~9B&G}vKB?trhEI?(JK>W^IJeOXG+)ELeqwza)|xE z{Ng`cO#y4DLN!H_$yYa_%BMSX^cBe`fHFgtc@Lkbt}2USxH)LO2ISgW#MXLpRz+58 zx5Op1@UncC@P2}jDeF)W@hwuP!fdazJFN>kXUUQ4*@Sp}FY&o_+nF@DYn(Kr!C3Q? zi~)Anf)GOZ;D_tjWgsB(_!KQ^0@j=HUBmRr;ts+)(LV~nd>{F=2h#TiLK-tlWeHCN zD=3HbNM@AyYX@+bWr*_aL4Z7QhtXq&I#EP;@#2k6|iS42a*hC~t1ENzDy;M$< zPa6Qici!s(`R&0I=3sybgQA;CM8oVhZ(bz|O&LqsF;;3r79sV8H^$m7pd!Qz*nSN& z1aXbc(=Va&BwT1(8eUlrb;k6f7%wn$+_zaWB!iPd z192YiHCQT?YNV`bu24usFCVo&M*Wld&0qvoU`$9wN;RC-dSjDsEUpV9wjnw-{g%3M zDMjBD)fI=L$HcJ*K^264l8(K^(kvj`K$p|gZs@NK=QT5q5SSmD!E z{Id9=(j{u5V$$OZUG@oy9D!p2f@Dhx%Wj8|h@LL~cpAVxx_q;* zvq>b$+ABmwJ!Ts1P-s#E9~0GMC@c~_+#BOTEI?_IN*5gQ8s)galal-_W=@bA5;`8e zbtfu}An2JCP9;@ol;aC;YCB82IKX;;i4BDhLl}Y=w?nbx*`|9_+z2j7D%6vtW5!kS z=qxHOMoyy|p#~`S*S|M(fP8^%xX*`LNov-T+^jX$tfh(8|1y#2}g4F zI-o2C*40}>!jCj<9>RjooF9})-|T`_GOGf@_0J{DnTpOH)Ke-$N@v4q-DNYSUZxsu z*(G;CldsJ)A`%nzrl;JUO0@kXX~<(`*F98ct?&Y+0x$~KQbaU7v4oJz&v6D-a=PYk zS^<^@Q8SG$W(ZJX;NAu!AE`$e^dxn-p(%opDxjxKuC}K}b!+C}-tpQCkhjwiBLV!{ zZ&{n9ksvo$47}9#Wh}^&niX&RzCz@bZJJo*mv&#P|7pS)V+5=;L`-oS3b|zkxFL(J z%ERy`uLF1B$1v&SWimk(wz{#_3zuF&AW0gO-9&0S1(X5A%r%EUbl_c02|@zWrBH*5@xMD zYeBent904dmf46U8uAdFq+WU8b})c7FPF7%Q$%f~%dgjyZgA#6%o>Lf8$Z0V{%7F* zDS1F$7qPKL-oxu7(%X&9?olF|ezmtUjjXP-dcx|Z1TGllM0zYVD4vP&zPs~dAi zp)sS$X!p>@i$7PYGZNF|*%LR%jV_@z?HMj9E^7?C?5o`JqwKK~7RqV|)gHFqW+Q-oyP>;da;GX2mD}37mY0>8X!u6` zmIcHS*B0(pl=Bafi5owvYhH@_HKl0N%r*D5_XLTC2R0f>+34Aou@$-HoZOWVyRwbG zk=By2?B<*=$hu|BrI!N-Ci@6joWWyO_K6lpdU7Pve zN5sEIkf^)ReJ{d=|DJ|a`7{7&xAivp>AranGf8!pT;p5N#;`U%XXpvKy=&@0RO&$C zSMA!!LJb*};cdx>T~|rAX<7F>v;~^7`Q`$I=tCx zIg!tI-<8@R-0Ikab6$>3&Y#?B6iOTuS~rt);p)xkp`15NhL=xz9Lu-zG|Fnp$}UG zn3d!`29);@EZ~p<82a`j#EO{P=JgT^xGw zHfgMf>mJZu6iZ$I;iG^1b#ArmjN=L*KRV1*Zw5uXw!*ZFcQrSZYyz$#g(+_N#Bepa z8X6?4Y>A!?ZICM@QOta6qyCSgKi z>`BpAP8+P|EYUsJ#!ueEnvs!JrCC%*$6)fFQq9`>k~Glsy?GL)=Lz5dXPcM1_t12H z>2|(7yk9=-5oSPa2cnj?m2Vu@=-?E#N%osH(k@vHNC|!**#0=Q3MPu|SK7^_lBeSt z5farLAUjVC4o_HpCU7Wy9In=Qo!JUz&`%Y@6U>K+2%jb_*0q76UFjWkYwn8O@Ba~* zjBHvx*}8wpf5a~46>Ca(l@Pey!%foXzChYbOs~ws5bJf8L#SIj&oHuR!q>kgWL(** z(dK><+vsjcR>$GS7F@CqbY9CMT68M^^I{#35(txhA5ULX>a)wfu7a-I_M=k%sQZ<@ z>t^MLnjdq-o~nmWO+0Qj*K8_EX6-D(QG1>+7AqTSVJqB&!&9&{0CIb~ga1pIhc5oR zuBA5%kr2cBk5|!;8m+QbiZA%5w?62n&#;fy^4KIbXQOc~0pg+dH6?}uSnue@^0f2K zb3{mNmgsSk#oT#ykXU*tNu**A z-?+W*S+A(H@#>98?EfI~hkm4KQAxhnnDO#h{ftyiIHX+8@2~>vg!( zm%;wV!!hBb<7FyU`s4}_se={tq~l@YFpRz|tUO#CV22~Rw?9dOxsK<*j^{*5U`T8g z3Jyz=u7lfOsc!WNv%Bi4QYi@o1;F~V7(^ox;mkcYC<8Dd0UhCEU*IqYx=U#+ zUl?PPW;9u(+&G%)I&?gR(YDYF8FB%6@~v=pBS@RL{f2Q#a@Sufkvh$R(aoA;#^DNjZ_eten2$r6> zhz2&##8NC#qm0d|oU8Ti7KRkoRBJ(Z!K=CEr9aWkrP98y8!dP-y;IcPy?Ns-@4XLD zIw|)s^!1+7J&ReeZ^NGmdv2yfa2&Ew&cI{5;xt6ZLt*SLC?Pbyi#cH6F-2miA$Js4 zLGJcK@;)qrEF<{MTZyI#i$bNy+y_VyBYG4usgEFvEfn8U=@iEuTfZIzwgM<$j2y|{ zjAuQBw0=eE-sSxZ&5lU))*E!5y@H&Rcuzom87$HJ4O^1Xy-n~fMQp)%em&=enD4`m zZ|nCpa6!H z)%feX9sZ1ui63IJqu6ZpHKFm7$@bPOOsCG0)0Isg?=SV6Im*lsWq)Sd8TFusJy#|D zGlW%e54{P1!}OvfHWs>K zKHPURfws-AwIwe(H-L&4(Q8oDK|le#&C>ODi2xL(#d898A{J=PgQD*QVdzzuQEkIK zKvhbiWc+O>TH>`=y#`Eqf_HiJfgifCa8KdmvYmy0zHN+_L#T>g3jWhj#?N zcgH{rlcgArXd}g)nd<*+zf3krle|R|{7&U8=Mhaf+R;QN(@~qZQK!WzJ0T%z{OD@- zcEv3^H7322mo*Mzg#Bdr@kIMEM;@xTMKHIZtve|j@>dmHFz<&fX-CVUJN5aF&(_?9 z*oAJeSECl2Jy^=myKzEmd(gfHMS#$wm?o<1zv%-3n(bLeT>`>EdnCtlzmV(nu#53C z?JzgfjzrlHqB1`bY;%2!y4Ki#EDh z;k?d$ijB)Tghsy^RR?JG8P#IYM;Rxy7ZLfHv6dU4JrSid(jFA7`;HqlaB-EE*4FAW1{wF<;B|;>U8$$UsPo^%m;B9w>&*&!Lg6&&|192Ycu3X&V z(JKsTWquC(;GdVm&!Rq|e@r4tk+zxDCOomOY?-;oE$s5%Yk&)9&XL%9pXZcn} zu0nmJn^Ej23R?u~YsaYbK-Q`7tgPt($9HD-FZqF46#pwhbpEp0$$I=^;KTe?g)>VZ z;da#N)Kwp+N6Y6C_o3ct=VrPll*cTqy_9)Q;tvur*yxRP*-6y4)09lBV)!-d1`DJ} z`~~ZMGqrP`o_`8UJHx;``KykW?_!Usziu1!w#LM&8NTWfdZezY217BbJ#c|&8k2U%xnW>UnbQZ)_^u|+Ge#Y7dG+JJErXq6jMcrIeh*rm-CXc-u z-e;^V3BaC4NEjTpT()jRabIa~p{wh3tWX2=b@D!+ZRe2)caZl#C;i$g8t2d&Yd)vj zBOEJU&NA+cpDj`Oi`DK6@WJt@e~mbRGybX|`|*Xnx_hgcm)`Mq-{M^3yv(aztJphE zPXU08U#WGk8vU!1rM71QekC+UeES*zYUz5(q2spXdgl_ZZy)|8#r4;v;IAs`_a(}` zRi#yJM%0xNyhd+P3z{`?&6f0RQ}qiI&Zqlbe9oWQmO*0#Lh#RNWT0=sVa@}^fV{l% z^rgR@*Bcap)AgmOyMRvaLz}+VBp&doHc&+_&@sTZ>QlS)B$zryZ><1KpHuLRB|)|H zBPQGKot7#`@VhVUFh@BfE4B;0xm6#2ZIl1p(iJk$Q{`n_A&$AFzJh7T;Yw6$&+a2FF|Kx^)&&W6ZJ7rV!TdrNXf4M%S zB_NKAFU(c-N_`N@*{@Y{POV|fKg#}I`r|VZ(kKIzIjuJ7O0TKQIA08PKeK=Kbzl^ ztP4QlL$##p=NemEU}B-W&BD;^?|$C-Hxpuk5(4{vWRVH)(%DDRbqxx4oh}BA7LXtz z!W9-T1p|2gw<-?YAR3=VH+GzT0zGMFkF2(!Hc%2q8Ms<4I+u!Cz9Pu{?ypLipoob; zw@i>00G_Szf}SzJ)hBXyT_f_>uK(MUG)SS9yo{QSUHxmEeMai*td4C7Fg2DsjzUy( zU3^Moxu*?(2cqzQibTn)zqI=lXn#Kq&r=H7f8D%Y0wX3s;VX8HQ>;z$ zBrF=VkQhl$#wsfyz+1@8S$?HDXkj}!A>wA@HnsiB68&i^e@;QBab|!>-6vKXIm}TH z;7Q#Ev2>$iUT!9u(f{@s7nn>3Vsen@sLPPFtrM5(b{j7949SGD)&2nv8z?POiLQtP zQ0Tzo@NWWghv3A(^z`(b1zWdiMR8d;ejzO_o!6X>QA$VV6UMMNaQ9LG5H8bO6?@`w;Rdo|FEx zH(xCk7xpx-fm`|xfHcIH_vyMVoo69>TZ|=<_3IEXX#~W6{VU1-O*WI5p{L7Qo;d6z znJ||mUr|^>+0|G$RNwTnN{U%>r&VrrAhbI65U4n5C_xp#0u@TP{QP{6GEbntlu6@` z_>5Aq=-R*G>;NoxOPa>0T8{k{-|9TG%IU983flFDK$;E zS6QJ3fd~ML3C#;Asx3`L$6jP+&^K?p0a@ya(lyS6G6znE59oy_bfOqA^^(4lGhjo8XYg z`=ezp0Zg6{tk*?##ul+{_S>wz%*dSqFs&(=J#GCuL*cB%LwYTCZ8zK?)#!8f6&uWP z7$?UxnI2P1`j39jozy9X*4M%IG<|HiT#PdzJETZ!_b1QQwgF4^q}ZW(8^9>G#)c`Mtm z&F`-UJt;N=VD$soTq+}EIH{d1$ep+IFew2K-%R=Qc)vZH%sarid%%9LnbYIROdOn+ zf zNWg*mQjyvThYf9V8UVsI4kY78Zer{@W#r2Mzt2Ivs(ec`lmRHvmE62n-l*S*l0Ghm z$D$rl5wFb(!)nHYmhyIH+S4a?T?P^%rt$v z`3qWx5h!4#`Xp6<4JzEbdkQq&OtNInFLq4xF*ohIlZ!td&<|vA2R)f72vs-NJe2^m zk!wbY0DUUQoA_qgFc^Q(j;WM6@xIeYjSoWkD2%2ob9J^<8~N*N&vC)$pr^Q&d&Egf zk#AwTio_nk^gVhdYKbHd05&%4^8QEF5WR)N_aQ$C`!7{n05}*i<0+&C*|lC9ObD@` z5fJf%FNM~J^K#VT9IEil$`n_(z@%u0CWC|pz+1$=1r&&E5kmQa`X;ak+Qf1kx(qM< zp7UfX%BxKB764kM&VUyO&G8z3Rq}BcqAP;j9ge^ROCq9R!tRoo4Y9Rbb91k_+-#QE zmWdK8k)|6NH8O52QIsT>L(;gJbtHE!5ca*J{!1TYQWFhz`haR5wUQkao5lLrf%Fm& z!a5T3hOMMqYz~v;F{%T@gUu4dHP|Ev#BrBq-;a6F%rZ1w za?%_E-<1J|-I$-mXZTxy0k&iB(D9tfz-fW;s5dy_MPXzyyf9z%1Z5q~_@Gz=p8mth z2SJ<+Dl21Vs&$VsdB~@h2@4S){aJ7Qn^v~ytGx#~|T;KMOv~Rt8g7oZL=R5u(&KO7UKC{5TGAr##u%Cj^XX5lYD75F@ zPBOkxKfngImI#y=H2+C#^pQ(?KGiLzsMlx^=ABr zBF{U9<|Co>0nSArc09%v<0IL~{h+6%M3P~COTm9Vzzd26V1DqHe?}MRpIintJ zFK~`MLYyue#=Pl8x`sEO!KnfDVebZGmJEhU20+d$L_Zl7wln>zo1!<8*WJYtG1HPn z&543_Z_NmVI(+@)$p~`SeODj$ad8BqCxfiH*~c*_XjIO!!+D#fzbrZyw|}HKkKz6{ zH#KiK|FIm2o9t175^tf5+O0(ShN#^XDhQ*OPY=3}AUQ1N#`pd$`krQ6HR+D}$Qzuf zvwl@g1;El%LZ(xDq;FOhWyv~(6ro3f#BdAUj#PB0^?Ce6U&%*HSVo%nm%Iu$Cz0DC zbtCULH@$R$h|SP~9rNLVHBSTMGL%!ZzrqXm!9voIN-|OsNDUnyv^_qU3VdSm6Q3&K z=^8JML1<#bCkXPm7_E>=co#N2EQxS>@|{XU0e53Ws;WoEp=gB6tQm~DtgLjYL*WqS z*~zhbs+W)%R47W?RsFvZKX$bNq zHpG6xB!R>Id@n_$8ib`+)w?xkDo46?Ti3$XsZ{o%zF3lM~ew&LwsX`gP@A}rb zFOD*(O}~e?S4`9-7%=vFg?;JWk1xWn3|fU7K@58x7?_7SL`&7Q*PL7=4fHx_%(%Gg zo|iR5LAS)^?igz~BnGCut5&C)QS0Hy_#g3E{>nS`iV?AvILXgQNU?lXi#-?(?SHt{ zl+l(i}ggwa@ffNB0hGw|l z52qPBuy|ua!l77(F+3qb;t^HDM=y8-B_%1XWz2^#)v`-BU%e)06ysw${wCpdi8lHT zJ}B*WcbnTY{ZYhg(JW7x=6Bfr_Y6v-#GJnzcx063WL-u zfxgl6(Ca>NvdW*?koWueZRM7!$Nrs64FK1$bv*m@1*E@KQ zNxyBscob@81^JoRVH?QdyV-PI+{9yqjZDm)S>iSe6smT z_j8Hw5nWnZG>J--a6ETB10{6L>!EydYl7=yKVk=YF`9^Qy@?luI{;LPW*3{bX+#$8 zWf^nEQ!m@a1%)lCz^nc`3@-eKl8&4lq1FH)_S|RvEQ$$Yu`}ZxoZ+8?Ya$;KWW`eu zy613sBce6n*C>3}DPS@sK8`WRhTr2aEIB*>N@cW%Kr8JSMM-V_*elRo+GVDY0&%hu z3aM1;Lme0Q$u}YkY5-xb286#;91d#XIBm@Pg7OScvXmF4!K_oZolgSDLGeo%<7vs+ zJe|i7p^II@++*3X;q+aJpws>j4>0eO;7KD9p=<*wOb9?tguA;GIe7#Gud8c)UP1DxXcg40e=`@$(JQ=c#jMCmdbF%SC$8VDd?se(eh%!O%d&ZhS`! z$me>Kyr}iPK{DHkp8mAZScuC^*kzzM+c<`TsIBIT zYaPlllq$+G`buE>q*~@n&ux^f&fgpjcbNBn32!k#Z}Lg=BZgC_hZ>!V#4*7>=?v;> zC0$@BmW^~M49ybi`>CA2*(RvS!g@-;H>L)C_B*yB<|(!=$BYI`_3P@f~P z7^2txaT>y2SeB(;_doF+Z3u_!_!6U~@Ip!ft@}CJJJBy|>+EkwPalbc@g_Bj)5&7y z-4*Pi8AgbO1)h7{Ol3qJ_^J4tJx{K(3>p)Yvr=+QTtImVWBEihdi`3^8awf=(KN;& zrseeKdgxD(Fk)H^lG!F}w8EIePr;Dx55;!G#Gj?2vA=3R< z6GVymS5T5$G|UZTC!%w}VIX$i&-$`D$+lZIkY++*ap;nP0F z6+Ew%VGZ9k;5=p8;c>$4ehP)G9TAnRX{tJnR7L(Fn&QsgMIM0{)$}+WGCVDG-e0a; z0O`DO!H8&e@Y)UAk1=)^GBnXJ18_;I;!LFFUca2sn|dZnPM8W1bm9I8YH;=F+7KPY zkvN(#7@=b4(}c0gu?(kbWSS`}NoCbSadj#c?%Um-3L$hz$~X(z#Yka+VE)neBD=P^ zNh;Y>!2AR)o4}T7ta3*;*6@_Pz#kExF#Af!#LH{_Bu2zzi8N!(N$=+1sv~0yI01CG zHh<-mB7z}sFtm-wo`_@B;k-~6$>W-R&CQ{ITui<%2UVOVa0%e|kWYz5p0J?ityji} zO2|YQB_hSgB@Ing#dR2J=xRvQoH3+lOtj6%sB65ZB-l`%U#I%KLIWjEU@+FYm9y<$ zoLkzn@ujtxHuwDk-&6aB#h;Sm-zxps8>Jcp@`T!Tu{nVLDRdHK z-y)$3MS5A6Yfm)?+&H6laIUjhk&_%TK~l0suUDfJl{LX@k9=+Vk@%-b(KzxCsU*RL z=GfIbp^5Sj;UmsRN1B%0D~x_*&{@#JNGBs;!5UT*Ogvsnd>uzL`m*yp*^fq}q+KRX zMs73!xeFUoS8i6^G=8IWX$;;?Xk}%V*II#;wc$nlTK;ni<{{2caEL=VIH3+IOj|L9 z;X2(1oNf|Mw5S;SQ^a`21tJcTP0F)DF(cV#Thl!}GYlQ3Bc9ymMi+2;RdXT$J;DGE0oMX`>ydNn64ORRq`7P2h*>&*&GGy|)22oNW&Yvuc*tq4xiAfJbxV$kNje-JxpJA( zwb96}SF%~Ndzm6<8uaTh3e14Q@?p2|;?U8gNlE&zfnL3h>XA6Tt`hP=MMe5vZC=#o z>l%fqOk#R&A*t$RTp8X5S6e9OL@&aPo{1QJX8dX@_<35VAk5A=N%qLGeJzkHLc(Gf$wQIU~1(+Oe7bqjUhcHI`zjpV!Ji9m1&tEy)>-4ka_E~Eja?P|_IvGkp& zGOn^yHhnlu5qUCVdIgImH4q37_d~qKtF2Pc=QBb<;!;S}QcUm-t@-oX^TT;<|IAMLskG$S|zVXS;mYX;M04z5& zv2NyMBEeODbP&u#hk=nvfK$i`?7&V7heN|vg2UZi9p>%Th6)Y!=oka?F4AM9Ovpi2 z!&+CA3^MXQd&(JK-7y6(-Elb;CC!|Yj6>ZJwy98tcf;k$?qveY;4MDkf;dJI`0$3* z1ugbXg_o9j%M2v$-m@jHnJ1Zk5o=`PGTFM4TaEAhh=gN~YkFG2O{-g%8b-tS-JFwV zC9loc8SR%D*QkM>9P5F3{z-TyEJjPW@ z623xCg^U8Jn}YzEWkcRw=8R;)tqnpeY1(3u8t4zPpJH{Z8hQ(JIfrK_)TD&R!FX*i zfsypjo5`+;#UIVdNGVQ;`B4?o?OM~bUqLCjH(_BCkOX*~h|3QkFgnI@x;S0|+Dxr$ z-Zbd%X(!1$X5?$g*2jQ$BXFn4{ql1unJ>PRJ3t4Q>zpnJk*@;>M1ap3Kq^;%CS!`6 zSjKQDpJF`0WmZ`^A-|}RR0=~t2ao>)ppZ3pB0-JR98NFQ35~eTp!ZL4J+4Hn{o3B@>LuIi)-=IWJLoDuqqfuq>s@pWheb{X) z(0V$^M6IY!B^{L_R`7ZpIfHObMud!)e`w*x&E{Qn@K5VqVg^O2X>)qeHG>`-n{I#j zxi6)J8^9xALN+7LYq-M;KMm1TkwAe_ zdMuWEqS*#5gNKNup&q*Y!!cv%HhOd>7%QKIAgMY1nPrS8UQ(OZ|NRTUK>^J>a*9+3 zp`2|pZW9cw=srUq!F&T-_mm)|I=jhqiXvr*_qaJ-`~E)u>ehbs<7Um4G8>JVr4F)^ zIsj(c(#cY#GoD{M{|UAv*?T&!shC_q-H@_b0=fO|Ub7Tp7Bo(XsfLaFs&6k#I+IXc z1F95RY}Cuz3DAqD9T6c}S#D=T_7R`CY1J?7MV$K4#RJ!(=;T50f>Q1MhJp+ys#8oh4Qj=0omXeLtQ>~F2YSz;V$`>rhu=!eeERMp!j86jPv~yeN!)$ zfn7VA-X5ynA#JE{I{+|pbf=O#F4ZSz$lw!w%t=p=_X(i-*J2ntQX$cf4Vj=F^0Hqd zbpm^I+iT_`V@vf2e_?ea>t|JjvkzNn`@)%>zyhDy_Q`1U9yZlFc)f0W)>+FDNcfP z>IezT>4|*MwL77q``|o|a@n97&J2R5 zu|%d#2Z~ky!Boi5I65iH6HU&>^rzJ@ZW6*>F?db$w7gOIj zW13>>{*djvz3v4HpjuE;Pf{RZW4dMGERx6>>9Q;_t*|^9GuGdY%gI~*0Hgm@5qC-W zDC}c=(B7@fg;-?LcZiKGwP*tso5gbEar+f}7cT>*?jCO?AJmItic@UvuT0w8F{@F7 z)^iVkc*&+KztCL(m;=co-$Zp!gEY=EGBUM+NzM~*>}eGSEG^KSKi&gspVD$8bg&iS zD^lKwtv7THty&w;lBoA|P_HaN+E;Q_A06(7G^4ozYcsO(;Lm?xgzRB$EQxW8Io=$L zn~WTt;$7BI*HVG$3Y)CJR}8C?fG_l73mPw|bxcBHo`A7%$XVdcINH_tqDt-0ZY3&Q zVKEl3rhpo!bVjYqZ%P5kiJ$F-%6l1=DG{Cb+FQK}cc}1dE3LKzZ z7=-TpHb9Xfb6Ma&Cz##i;ucY)F+{8PJozau>};LTG(AgYR^UL$z^Io`tkYoiCv1i^ z`*!bCADY++l$hDyW&N@rC2*mSb{5|%vt zry6_^=M|uh)NC{Qmj^ubmz~x@5C}Pmbx18e{5@m_Q5qZcKR&GR3Xn@r;^7Ku4?S#1 zZcaKAGJEmi+|w%$G3MP*K2O=+XrB?B**kdk^K5}%swf$srci9^3HrSg0|Q@U%|_Ao#V2mA z7p@t55!mnM6m~6p%1xUJ{)Te;`wJsMbK`@Xl;qN>t9=c+MK`r6h&hndK=&zQ-j3qe42MvGiy)Z_a}w^ z-+u(;3=%&IbS<#8U(bY;aPv9P0TZ^>T3`FypU!gmXQk@D#GL0j3{d(1UQ^zHWJ#}N z541bEGsA#?>^%qms)ulE#J^AFPsn9^3Pp?$eX33}J-*>-p7nb)Q<@8aOa}R1fJ;M? znR@lbCtff2@2K$&d36lJ^oKlDZGX?flu53TR71Tn+ss$q!BnkE?c?$8_q&Id+yCon z;I^tQ+?j76rcEz+%D#V?MflyufrMpE)rTl-(S>{CPvzrb|F0uXYmd7wFs{M0>30(Z-tgbY^B*mrgi~uluJY>I-~n&bw$E>Vv$26aPK2+Q znZ&`{-9&`m*8DHDU5RM|);n|GsSS?##MAVLe13fYUqlml^mZO#BY7&enh*2PGXk(5 zzst|R+ix-L>!?_h*E2d#OUmJ7j;)W&)BXZm{_WU7!hR+hpIQ(dNWA`I@k-lq{~~Dm z`xI4NL1U~wrs%@ij8X%O9PT?~Blw@&{=bHkFtC841CXf;AtHjL=HQiMV|9o7{ld}m z`5)J}17h%xQeOgo{}ll+tj)U9GtA~f$JTa$Kx3+B*wJ^DnG9?IcK)H6_kcevI)V(cj%*;H%sOT1vE7st%y!)T%XU`AqyT&y5f;m_4nr(*@b>-n|&H zd4E9*h`j!8wfs$q89$!_lb4v=$4>n(ze$7+dgB9fCfBYt{0k=f-(Qdz*{<*h0+qSN zrlrpCx6guvg(s>oT;jUZq14PRww^!pyWs`6WoSwKM?P|_yxlK#TXcLLT3A>pYBNyu zYXaJ9gOv$$}atP;8h*pswz=;>}U!fyVd{BC&qd zg{U9o1JF`|*PE8ue;_n;@|rCd&IWdEApu&9qJ4#0v6Y;h{NjswhVGj$fg(0Ja~6`n zX075GOo@J*4^Y!z{Xf3GIxfoX`&tl`5a|*SN$Ca&329Mj7+oPGA$XYaMwS|Xes*&l)SAThXZ{yoodC$iActw-e=$UrW4}SUw)FbPl#Vcj<~!8=;fV9ibx{o-Z}vM zCfw@jo!nY^XsD+{_r&c-WsprinSg!YJo3t$>Zp$-{ct(gw>(-AX$x=ptm%Hw!9Lz} zP++p^cF`Ibp-0Q2JaXl8ZBR$cRxY|(pj)GUOJ#4185uJ&GjhBcY&3i^nGc4Rb#~*& zcIDp6D!P}l>O&R*AQ<2W5mgK2tfgYVt)U&WX_M(7$1CBc67r}Rr&E3kjjq)AtXI;a zK{Hw(GAlWtL)rj&PLmqbWFDQne6rVhA)-t?^$xSsgmB2_PHeMd2ll+%+whs3b&l;X&aIFWAx4K&&AHI5*b%C{%aw9;#%dOHXFQ@%M->kU2 zY2r|=a&h*BT_ELP@i?}CcJm)?ffj=+v>E428kDfIN#~J2&B;#fuM$*y zFGKo4l5N%g7$JILo>&WUmN6~Cp4EWs=VfYLhFXdy}^~C z&;b4q`SkhP+`0V)-)KUr;}FkbLjpz2lSY<$LzPf9!RF___`JJNog3@9RZo9cbpQFx zg8cYGE%!3z_t|;0FYZ~BaYadnrCOE@pG}4>2bn_nyT?Xs)PpsL3@YGs77peEB`lhG zOtPA5n4cFo&*LUO%Kfste?}%u80y#-LvKk#hIctd4u&4x(pIu2kb{&Yj|p4kG%8k# zX-8*&`kbE!h&g9pwfdNsz=dD$lr%)I`t~VUjGM0C{17KeZVNZSaoMlG@yq`HiXoBj z04sU?vA@u~3zEwM4KX6Dmc<4=iQV94S>m-$S@oCg{o_?Y7!;cwNTTtC)^yPXY#mXNSNT>kGogIM zRvHXqky1WKbyml$4jz1i4aY!rVN^|O$fdld-Dy7R^!`MeM)7|fuXtz~qkxFim5Zmj z&a&*TU(p+fbO9C_*B{m^cqtvJuKijy8!EcrRD(baX*)RYi(4{KcHC_<`Q z0whVg3yls+3UjlW=u4)+h%Ni1E}do2uMu{|&Mj9R-X1?>a-4@#oXg%7Xu#Vqh;88q zr{PVSm^LNh!JSHZ7YE4pC930{ z_jO*NeF>n{H|zstzj?JGDn;jgZ+ik>q1W8&C#&!}#7+lY z($m=a){+#^FUl>tI~N@yem*B&3kdv79rq9~usHzNLT#b@?jqr)MLKMj}H@O1tL&Hau72(;8ue?q^hRPWk@P0n#LrE@()bR1nA*#d6J62Y^cY#rOul_wwN}*8Dt^9=B!#2& z*?E`z>F)Pq=y5xwXsL-#QRar#2%tw47RGyBcma0Q;}_lc!Mb!K03Bo%++!$bc8eHr zHY9m&90T5pR`&yRPPYev(B$Jz3!mM4zP!5+duX}vUvBn_^PKb>;^n!QwfL1&a%0A$1!)pFsjML*4 zk3TG=2~cPpde$9!0t(zJL|=r@o{gQS?(Nh-{wVnUeWbm@&sX3DnkqJBJH$qOCn9yb zBBQ-X5+Ab%_qF?gxCAX^ae(25vHj7yov+BQ%C;mk!1a9r1O?;=CnI&|)EC>-y9Ih! z>)_X(pS@_>{CE79b5p#`wgYx#&OztG8Il~1+z-oTHLq+j<#HDjg_gmB5_<6j4vj#0 zX1=Pk8-j3xML$(|Rc8IuJM(k&_U6614FLS0c&5Fa5jztt;SO(4*>m=;|vs55VIwLS(%KX7+*C z*Hc3{+Pw%mb4``1I$JxvGWY_%u25~d$z_|kmp(?E{kRZyr0GaVdaBGNw}V{8H1U(P zBotBJWt$!^-pc})`hG$Q@v+Jho#T+^&3m~}>e;sHZg^!fwgZg)On&K0U~90+0TQ{d z{R7KFGf8$Elb6V0h#K*g`pv}=Ftp^00 zb6s!jn|kFELF}J^TZg4%HmgA-!1Mt5XKYw4gUwpfH)L|vCy{K?!FLM%W1GjaW@bY; zGbB%vv0p`Aym@{9)fxYYo*IjNsK0GN`zUhlWyeN&c?*A3p5q+>>IgzT!@Xd>N?qpk z$Xz6D;suz6F!uaht^v?3NyzOke;u&0UB0u8QQay_Tded6R||Yoo_19&LPRej9in%0 zHf%mk3DZ3z?;M?Bo_Y#M9ZunDFN2zVZ2@z9V}Wak^*!}|b5obCzWm@e)yd^yv_k9`zT&+>kpYrxYfd`^J?sc;IvJI^L6w4&_pLDD5XY&cK!?M)gOmrO2cN5shcB1 zj{uG58fh>w58fi%AQPoVTry^Y_G5u2I+6yp`ME3)lN!-E@}46kM`gl~*)14bs1UQhNZ%nA;v>R5ARG3mUF5k+`!(c_56&|E0lE z0Uug+b6p0@5-EY^Du3Ni9pSomCx#b8o9=5>(D(;9BUn1bjJco@i6g}5RQO=jL9+C;UYh~LF>M5Fsk~I|} z*?`EYgOH6|j=jY^qJpqBbi8Qz*QooyS+jpFRlO=f79fq(OGvss2E3Ag7rK6l|7UUNUAlUE z%Wv?soowK;Fval09pzOh9U$r2rLH;@9Y)nPzeQFAXj(~eexlvcnispO9H~`y4&VfW z$JK^~6TC9?06Zpkaol4O$!0DZQ%r>49D9vywbq2egxxEOKPIdWu=f@Pfi@@X3({RY ziVmMbOGs1ibu|{F!Sx(ir>Npe%pyZK zGTd#asw)b&w0l$`fX*DLWd-Qu)A)+^L;2J$%XP9bpv)(xOdV()+O(_>af+&Rg*WZ; zS3%qH_bpd}_g#(@xtHSwn?n*UYr41YHBnIXIW1n(l*{#saK?7Vq*{4Js3_5PQjvUG zabpfW@Dojkv4N$(K*QJ9NaNN%r)2K3UZs8TUV)X|Y8**-EZF>kd=P?V2CWkTj zjS!8Rn}X9tlzc;hMG2P@2T9 zG3%jo%iHz#!`r3W8^Qdgv9*w3u}>F^cIVd^m`+1+L->pbKr*sRx`9W~*x;b(y*J=) zmcShcT{+_0K}yqYlGq)yk#6m3Ne+u~76NFwz&jdmSv4CQ$gA){hW*xA*-hdu0Q)n= z)my9~W{UJb>A#QqUYt=J+sCfx&artTiLkdaqL1BL6~rojjsp0g!Abvnb9z?a=$uTm z+DpSRE?g9IyrO2Gq}~}tr8SSiwnC2)zMCBP_4o!&l5NgHWUURr_JfE_{ z(Gr9qcbs~|q?T=k5A9-uZsE0Gm)3$x%q`EP9~Vf@H!^_bv2u;{j8ku`uYl>Z8obAo_Ogx5!0{)hgtJ5Q}3KwGwsYv(xUjDz2v9GVt zl6Ge+tbqNgzq!Obu(C%BKbE2Xne$(nx@&k@i$t2mSRYPNWX2P960LnoD5_L0^ZF8~ ztS==zYJV!$?a7OpVVTwVi(79W&^dQYUjA+C7ZPPlIU*MHcvRatNy^= zFBvzuunnWZd_e0ag2vvd3C@(UYc1~;a7h9Jyl5y)0ss}E-EYFWi0eoicZr>EjxQ&0yP=_3iObE`O~2NBZ8LC4RxW+!UqCx+8uAQmy30u1oJk zpojg(z5AuxK#+wx@C-DT*Ei@Jn%VqUZt)G;jRF0VzqkOD;m^Sxt@Eob+{dE0v?9o5 zb_D#jqwc=^Wv3KKee$BI9$Rhh-lEigV{_Ms7=1Ww5tY@N>vAoIJ1``dLpvYJnU}%K z-Qq>()d12uSw|T0llV(r2gn4o!H^02AhNYBD|;8WZR=8~rQQC658m4Cmlr4f(B4Wc zAFRA*bSs$1=^676g0AZu3XxrU9)Zokgc${1_35ncQFWyW38PQfvYB^p54xso{C~|Y z!Ox|GmF`S=>erAu#C8z$<^TWjdybx0emHFK(2#<@0GwU@ ztKd>(O|e#`|9iNsff9(1!PF4eEL|5Fuxj<=^u6m_R`0InkN_Q~5a5sQ^ZMr;TPJ)(8prDAnm4%E>L!}LoH8#7tGbWEA4ajzy%_m{D-$mnLJ`^A6Z8a=3 zL@uDsi8r5_M((RzJk)QRHj6@~p+?I7*v}fV$kV=qEjvy)3eJtq^0}Mmn(ocSkgc+I z!07&t+J-{l$lf-h_cx547DcoCN45JdaI%!F^3TS<1SM-&E;5StrLVDu(|z-FGmlDMaD35^ ztXD=ms%SaMWrCL1mp&Wg;pgX9w}1J|m(=Uf`7JhAQ5~cEyH1UTTd%K(7=Y)d6aJh* zU|o#pk;ZnzqkU-BlhIn9_)*)O+fv+9U;Q_R1;%i+41~>Qc7(J9^@nN6yF9DYH&oBO&;d07%n=tv{J(6vp&pLT;kh|Jg zz2_pk=D&P>OuPg%86tiGnJ;sIJyC=R@SH=|FU=q$mt_zw0MxTL3N$$igt|HP4IgJ{n3dL0B(FD3{)IaM=l5I#gIXBUkD!tDfQRQQe7fofC|G->g*hvac4H zV;0zo>h69IZ(Q8d0sx5JN2H_iHDi?JmmPRoR;Y!P-uxGZdPCNuPPn96tY8oY>9td( zmlCNB6T!xhG?<~!u=jmsaCkWiG?8y+y<+ZI@at{@R3Cy9JFwPa^_~lXb z9WSteNxnXsbm@yWqk(x_;pVJIC+UUKGp{VfYrLp z56>id#)}C8@L{?a=VH^d~Qr$_H z+BIgb8>(oH{$8b-811Ojrt5v3Yy-d$NgE>ahugPv>kcnPxl$m-+ef53@~V@FEE?kLPraL^4; z(L~8P$==NwA?Ce&Q+?!zp;y(*0&1dF)SPP{cXRg5`2J&Z#ZcKrq3UYV;fsj)5p+#3 z?h!9Y=k8?-fowzwok!Iz-_6Oy&RzM^4Ih5rEpgdCyaO}BAezbtsI$bIOCzC=at^Gb z^Ye`cw3UV+iO@zpZj)bL@*f^ShtP5z75lHhP|S}U(2#TXDXG=FhCFQlK81h&S*U^` zFo=oc=#9J;|2JtKU$bjh5V!V&wJ)d50@DI4$98E%OV7}WL(ha>(#!h0{?*IJLeIqp z6FY~0?S@C{8}9x2ZHm&mmj4O>`H|noX%>dg99va%kEpj!$asC~5LMNk9{`!|JkGZ; z0-& zeFTsP0ZNfF5KN#CTB!UQcfkqfWzd$hMweH}6&t<}>jTs&=&Q@e+2$g{r943N@_dn? zJ{5o3E}98SNJw}JSb=~_lO%1ajCF7Duf?dhx>MkDb^>aEuwb{!*^e;8tUD-sdpmtn>1huhLROlSB=9Z`K-- z!_V(^9ht~9%)_@7tjnHpMd%FGrB&9aCMiA{iUjVL%N!M9X+q(cuKD|v9lioPqFPY; z%>Vo|RVsKYEVv#_opa?JHpMVHiJ3@x4jtGiprIC#C!iQV{Fg7TkEfr;&E|I>qXL(W z0usy{&wVrmg{Sh2^bJ)?)jZf=ICuWFPQP~9A7@;L(#Q1OoE6K~)}a=3lI=u-4)MpH zmpE#$#^AAEoP0Dag~jp(I0^zcqqIT{sfvHS`QLp~{SG17*JBN5kIDns{*Rs(CrXnJ zarOUt?l4B^G$I?X>yYHzSZuh-vpkq{^?!}l&~ynhwBH?X@IA+`d93?*fjUF<@BjI? z6V(ar9MI1Ze^LCr@`LBQP_{AP=KM2+_}AD9 zqR@o9;ak4!FR*jxt^yX`vCEap{m@uYDOh?)<3|8Fvj_F^m^U{afjDFVpTbz2TU1SQ z_$9_9AZ`Mzlsy4B6hOPC5>%2OD=OX$K1jH9MZiHzVLpstNrakJrn#sXRlEQ~gsVxp zef7)B%YOkELNAcgGDxK`{`Ll=%iKFaL&f$S4{iH*S(;L@=hj?UPf{h-)q=a->OG&i zd$;WWN6vW&7`c7|ikEp%*S%;N!@p_&^gAeNs^AR_gMPjHk_;+nWssO=)R<)(TA15m zOj-2;$jVhrDFKu_%6+;eaWB*(|Mt1%8U!mI&H9S~rUgpYwtUh=`0Oq&6`UPn$))T1{f z+DeNM^QdSklB_J$Yb?|M=UAQbC6sOzpM#bxlc9#mL-Fp#K{lZdk{ZimXbd*e^`opK zB?^(y0VHM7jlj6WL219NIiQPi+DTCteD#*?`#&hfj~72URx>d1P`oBLH(tj>q6J_( z&2FH0F^;UbPVChmX9wxVD}Cjenqd7zF|n8a<)86QeK3tO3)IYG@8+=5Gww2c2xNJ8 zMR6n^((U`HYs&>^Dq^Zch6BjR9e+TU2Q0%3_sW5gZ1Ea^dA@&22&xK)$mtT2|45B; z!_OY8#FA+y_TksZDQC!hF>;AFAjbml>sYRrbm^mu{1eKYOOKkuD-+Sa_tSgQ@1(>w z`)y&Vq7o#DlMn85sC{vtO(bf{ft!)sx#=0dLg=XWQ#Vn@@UaI}o9 zP?z%b)jFIY0LctW$p+vmOQk>(7-=W`1nd|HaGJj@k(mYPj*Goa@h(1&7+#a;d{7Tu z0hDYL;8>wDC=Jb_NCS8rtufF2Y% z6-Wt=7pn3s<-v;LXL}&JLBR<(GTvT&Sk)yza{$yt;yS*jKI4mj?>zN@oGZ2-XsQV^ zVmd@{qr`RG6D+^q!H?5H_CBNYN5(*ogYv{4apAuVz=4nnP-HsZlv~y>SsXcO3t~Qx zOUl~g)OR*+WY^(k%l6a5@ z9kXN=Da}c4kOkY^20f-${D%4?{!w*t?_xQch%&fdYixH zt&pLv#Oo{Lsw>b)j>E((qjMQR>z&^g)VAFAxoz25P3`Oq3bE5QsWY@1{)XZRfWw#2(dR)Q z;Q>=RIY~#O>UF6#o!7TLEX8k;-EhB-dU)HY{Nkv(DGUV$;%)v#i~+2Hv()CdHx5}m z`10u97?n5f#!}rOEHgn<6M~RT+L3|M50u{G_MX^U+jZGTx3-`GLZ$;;Or0 z-|ja_wO?7jaYzrP8uPdoh55zd{wJrnwKVrJaZC8riVMvY$Ye_4xOCuni2igSh7hX3>A zg;juzGp$Jff|zkfY(=^!mCb1Ivb6)%Y9sGiVf@)Q`fvS18W~bUERO9?-U3tea{SK< zH-~;YEF#s~6t_cswzztd?g|?y3rZkp7m=zrF2uL--3_SjUrCzqy*Tu}(13er)N!#0 zfnw2{^b>TaB_xt)yMy-jjgIQ-80Y@(lt^-k zk0-pUTP(t}+uQlaMo)^i>-xSya?R%Q6x4e}=emN-C+^1@Gx)4Qi5TyKql|N3l4V-m zjFNA;-t8qq^~9sC?OOFjE9==2uS{O-mo#Ucq=ibP&fy#L{Mr*MX`JDjn4q?jV6vtnQCKz}>s7-JJTCY2V9FD)_j* z;e3RRKjS*{2zo+b&)9uW>Ta218-~zaiI{ARMxmtye~hX>_trE`N(>QgR&XGc&FiLR zh+;6y+!r-h7++grFnVr2D(Gu$Nd=|h?ZLu5stE@vnR(RzhMq}ZTbaXyLm%@DJj zxqZb>n7Z%X-bb0xV4C)Y? z%e1uBoofCz#a3e&$=FiCsB`zG+|8Q9nh6x0ULzfMuBquLUm#z-LMP8PBD~8q>8D#zkGnV|(lQhidBxvqeN>H*rP zdTHJT*%23BTZZKR4k7Zdq7YW-W9qMgakPdh)l$(BoNM7Hpj}m3GMNCjcYILq5 z8jMlZ%8YQif(g3MaTKUF8Xj;~)T=o8zMt{MqqAJvIaw4R_fw@9w*IZu7TLvSxM`kO zGm-GD3jIzs%{*Yp|2FIQh-6*XtM6ghnBo`Nz>F3_5iIrjqUW)vx(YnkHumek(qRnW zg(>HHg*{*GutWK9yGY3J=^KXrbZCG|a7soYwK20f;5+{NZJ?eEO;RKHMM(pn;>q;l zKoXQm`>5{iu66u=#M2A-CmSHG9cZCpE#VP8QQqPJ?ZV!e_UVaHFZK68DnSB_{>83% zkHC7lJQ*eDK{bo3!SpsC4bBGG47l<&N0IAWCUXTmtOgfbqA64#?|iJ-BAEExQ03vS z&sh@q(F+;g-ohsmMra~~php}lx=pQi)jyS0wxNg+->Drae^ND*Mhk*<^|enKJ!|$)x79kf_d6UhqajwMOTDIDU2|~)zwn5f zVJs5c1I;iqZ=Y;fJI$QMS!M_}PXVgrIlYh;-+hR$^Rz?3H_`W!x1Yrvrk>HHZGED- zPneE8%xx>gGa8Oe>H@V??u$Cfs zO@d=q|C>=DKQa(_^w8r*MOfSL3pZwEIc0~C^ld=T+Z-V)m!R-qPKJbS0ba3q%RIOs zyrJXijaLN?%>g8j$*;Y99TjPkbW8Lz_XP7jl~R zom-)#b7aIcRdcWNr70h#embl&SJ0$-U~Wu!M(eZP&=X%$DM1Cj_1qv&iZX@ynOOQ) zWy0B_G#%O5PrPRD_(@#0<+qZ4sAwrDh9i5+-N8hUa~pdd^JzwBct`B5RTPyyh2wLKM%LMzwH?NUCT>g~7+zE~ABLyE zb&k#_nyU6^lvy-FGUcXP><>nwLYce#<|2tGq|w2904{x#hQ}5~pH8!%bNTssB=s>q z8OcM^npg@_Y{NdZW5tlo>-`l?X^_dNFUQz*TiEGpXhlWk(LyAdcL`{MLG@>`V}$C5 zd3rGZKdyfgs8=yRK1^{)Vb`d@hc|x9RSR75&?r%KVgzcns?DsFJ0vHNhf6%oCK_}` zb#%{^IlfD`Df(I<-ah%*v6AhVAEl8%~Dr|DH?Dlrt)7SNiycY96{{&?r$V?zr4i zlagtomScMwstcQ2%43?Jg8-wYC<$RHW89Fr%QlfZpi^U6sFtf2ZW#t;HBD4~iy^5L zm~ua?q>Vc_DhgLhO+TGbZaU;{@KOqpQ45H~MaalPSlS^`^N^~*?~jWI(BEIZ%l}ja zBU~mun8PyVXAq^d^2x%t7pY#6Wc^%>g0nZGIpgF*q4!j+QY!c)U&%xkx>3r2Q$Xd) z8S92mSWUjQ-amb?gp6UOM!|S8Gv}-`8UIRDrPq)FaURGRe17ED6 z$mS%q8~y-GY3L$eZfq^Ub-LfiUZ~L5WlU1U0bkQC-9l+q)vXhQvoM##RD8Meen&p*gv2%)Zxn$wXN4da3~;6e6-Rw72kz zu$lFC0!aoZ_xdHjJKPP=!5;HpAu@mX9W)zghf_5bYK$*OQQJRMd;Cf5N^`J`FMZJt zw2eKpuw2!@?lDu{vI+f|z%Hm3P&9J8C9-FBr#>hc==scv&SeMkpImFpq5iSAD zmW3$VqE$b!RVXy5P;!Q&+OTABcS%{9q!>(TwY2fEBER6FbSQ_Uy!E_ZUlc;?jUv>d z#^#wG^KV=CMqAXq4k^MK+8)N%)D5IHXh`*yslg!iuslFuB}0mL@b8ii!^cd22JhL9 zRwBDrUb(Y%B|$3&_$(UV6g$4Pg0P*dTbdT^TZ#i4lx4Y* zwq(ekrq)oWA8bbyGt3+yvq0{MUzy@5kC{z26vHhz|zD^!3dNeWZUVm8V<@xnf2KY ztQiMG>+KsiI(bz7W%G|dy7+W`u_6(-77cOp5?;1(h)~O=SKJq@d;T=Vm&Ply$M-n- zgSBfdE-@P)+(718jbNRdlu2uj?_R{Y%DT9*NH$*Gn*==9_6;4aRO8J&okktQ7?bAB zdX1XcEVa-_;hNINv-@@lYCT(;y*!)~)$pQIt?%RY&DtRX;RIhb&6u!3357~d>AbTC zapS|u2%cLF+;gT^wDf2AkkY3#Qa^w6C(d#9vx47!0Q&!4f~_S^$&SoE!xiexfj%?F zc;>^9#15^i6gKBCeYbE&lYE^{S4CYvN~oPvKv|Rh7=Zn2h4`v?CmJ%3G z2Rq&-*DB=Oc~dM5*G!J|({9$jXRtK9oG2JfEbREz-#vJfToSFxq1H6By}l#bDznah z1OIeeMtDVlm4Uly=CmtA{$%0!eu$c+{CQgFH))1zHaYRauYsyJsR)pc+}JpkjtW> zDWr3j^TMRR*rGmfbo-ni%~tdrwvE-=ar;z5rtQ4IhvEX+9+2>4jYCPK8qWpmV#4>- zt`FU3^U%lcRg`A7VbOFHp9`UdyLmY~E%x!V>F(_`3OPZEEy)#+9?z*pQ|^j8`9tlb zVa1Pcq^!K8Mi@Hn0nO*o;t8fsCnkj5c~_m0D&Ph6a`__{LPq74D|IaBj@s#V%oe zXoKdZs#ZPsr5$2vP!l{_`P>Ibz4m-e{L}&HRL1QShV!Yc#7{p*QR5qZvD8RJ#dyesPapn65MGW1)st-2WEoz}CnMe|e&8#& z`ysZmD*{;TJzkypC$za!E_!(k5tigzC0MT>sN{vhPG1gkmy7p+pBT-Yj z1m)ICAh4{4e;xhi2kaaospHv{)ElTISGWm{isPNW(+WHe5Bl^#&ya7(cT_UeYE=GO zMr-L|DBfMV9ouj4tKXxp=E%{ud~vv9_KC29u=J-h#B22Yg+7euvjA%<{TV|^`83O4nhYHJABkBiEo16g>evj*! z?Lx*)vp$%D)u?@YevQt5-MQVe)h@w&?tZON*ZHpRd5?X@n~*G(s)Un{I*`7lD%7|r z*e-V20eMK*%#zssPxT^UQ5}jS=*tDy4H0oX4gHU#PfCImVUC*wG$v5ZqS#wWP3Ocm zB`?TBd}mrXRJ@d7D&k{LYoX!G*JV1&vBzHJcQ<^7KnXa@N;b;W%$v+82j%IIqN-20 zZ7p*>ZmTd9Jr9;atJ7M#gH3|#a$8a%K=R3H3BfCMbx)y3nRJZ&Dk6P%R;xNv`{a*7 zX7V=O{BRTO+Cuo9&S*h@?YCnW*4^AxY((s73=NEy&g|h*VVmTP4N|J_>BGGydotBp z9{t0|NT9|^tRt*uEe)z`hK!;*S%~_2HEuaGSPU^^+Y216Xp}pU&`Jt;-5A@=0T&B= zI)=kIO@&3h%1}4D#s!*O?cPE;nYuOWm&VO3@-9;qpoc{G$xxIoODu6RA%|-(0LN{OrtR-aLw+|e`kD4v7&GtUSbvOG{Wv+J-N&@a#JbcnIfdjs&gy14+Zk$JQ)>eA z?KtR3I+Uekv`+k0!&`?WX~A8-sGEC?F;^YuscUJ}Sz_wWPJJ&nK^Njhf#p4vWaDRh z-HXa=e5BL|v79$EjC$SbvtE3C^WzCtn!mlaixQ`9cXVD_0b!B2r~=M#LAa?vE_VNM z7mE_cd$u+9IuAOl$Y#g`ZK^g5z-6YyD<7%|QY)u(^i7KUqgRvcR2Kb-nlZG^F>+w> z-vb{$8B`2~DUP{^>H6VC%!CmCz!lw7Hnk6zW7moN_Ez-^`<};S#*Ju(9vQK47Phm+ z&g-^l-O9J-Yq{Pd+du6Gj`hQ#oyhW@N|GlI;RY42*>_fA?TsfLk=FlehccvxRpW6- z%VVikw=C&byv1hA{KQp;$E;HHN+=UQWqh2Oy*bnM`+<43Iiae@_QT*I#9%<2(-hrU z=F%cYTi{;Qm|K;6T(TX{a`Yb24)yVX+}bRtizR?+#V&!3#UA3sn21aRs3!!8W41A=`3caIvagG#h12{ zU5>EdE0T&PSg>C=hax>{w-Ty|!OqE;$?N{fCG*S-i??F_w*K^yv!5363WF_4avf|d zr!Q!pr+<5+G(K=w(OG)YiYPxTwkhvZdLdSkMy>J}l6L9pvE7hL?FX#vgAA`hI+}3~ zjeOvSs%+0H)cq=35dQM$N8t)Ojn2jzWXNPl^e!FlBWoZuF*r? zioR7Z$cw%sodB_VW<7S3Qu0R=C%6P|#!?Ekpp0d$8BwEa$-a&yZYO0{8~&PZP@eyCi2 zKKiM}E_1R8T;ju3h(R1beLF>ExVUlu7+Jy4+Et(}c{5*5sx{HR_1xBYPI6#vbhUh6 z@ZRdCDCG-`CV9ieM%s!w)6ZVSfRf?wrG3~8TJOh(v1p%Ex%6m%ZJX=^MEg_b_xkm! zwiG+OVtumr5~jRQBj^klyldSUo_)y+qsX}TI5R-8t6Np1j@5jDRmQPrdEGv6H-x8+ zQ?~p(0m{zit1!LBP*Btj-(Cuuf7SldAP9=9@>1!uZi3u5+8M6dx-?_jIq@vxM3Z_N z2u)Wth%nhoPUr&J+;X!*;$Oz{JPtCCyUoD-l94|no5GuzR5!N! zi4+S$NgEU_P`JxVX<8#zq$0%ypn6)kXn3W{@N3~wd6V3Hk@34;EwPr$Wyv3Fgpl0Un(jxC#|}M|-i`mJCx9GuBUcu|c~|!v z;rBmXy@Z3Va*kQTr>yM^03$L0yQYHg; za-y0~q@P*xg@^No3w%*%EYSYf`AR@0|53l{TaS#QXXlbQt)Q6^W@0tKw7WWT7NZVS_TUzuA zdq^cUjv6XGeTKT>ly(ZT$6;sPoU#FpIgxD+UJow7pn6L^hzn&On4A$Z6k}0_4MuT)r1qTxI#n zd9M6s{P`cUkL!&@sbSejHusZ)%zcr%z`G@^-Cm&y=L5G-6QMSF>aHf)KUlO= zY|_O9+qvN$Ymh2c1(mN(K4FfBY;>?)zbnvN;tApjjo)S>xJ^pMbY9=i{h8 z)chMNBSG_qT}#hDnU%q!i`C13P^2y^q?XudYM1r2qCE-9+r^KU=>43`TMeytlsqgBz{G7ykHc zo?pK`#EvELGHSz*frt&WX#HWmH`8nh#u0zNSpEgDM559JVVV*O;&e&gx@{NHYU7BO z9*xX2mvkkLvGSS~xAEx^0)|gaD!+?6w2p-?>! z@UEK~I{#+_{Nb+eVDQ=IrVG|NByuN0wT~3yNlW2EiBK``e_Tm^&APRuA$d1^oLRu3 zhZC&`XYEQ%*%j;V=WO{L0JG`vVf|mFoL`=0xB=L%7xd}S9A!Ub$7g?IJzAzv3x7EY zy0oPBGxryw^VdHDC`%T6%S7nsW6VQDb_cGjPZxa;grG!gJyugRU@3<%M!&{N4lJkM zAwnlTv)=sDM+hl=boNPKmZ5yD8P55Nd;ffoX5j-b^@oAmeYHSBx4X;aRA|ZQGVGRbGFTovi4ak*T#7xW#{uKY3Un;O!7*@tcx2A4>8v zOn=;Z7%$JD=5nJGEUy+hs&1KWddggD1pKjM>F+CdHw1MXH~Xk{=(xS!9l4zZLofzW zRafT~8gsl2xF?0v!(1PgE`Lss!xcQ2}52YlR&&=Ik$JV?e6_!gK0s~8rF%W!rgpF7c&xucZs*720j!i zGp_G96IYI`A)fa@+`g)^j`a*tuOP4x0R&p!sH9LY?(nXc*KuzPJ25d2`}{2qV5F}H zTGp9F7awPnH4t-F4dZ_bUBfhJxF(OID_6UoKuXG39X!=Y+B*vdBlBwC?nHy$kl|jg zLq5T>+^Aelk&L&WD>P_~(+C9Zfciq|dOIuJ^aS_*)|CrO5j!El|3!hoatcgQ5p==6 z3Mz@dn%faM3}q%Vf2^3+1Jn{fqV038O6!4vp5gUqhjF*Wq*;ow8L{gtIH0HnHJ~Rr>Mz_1l5Kw_sWo@!wi^uE@Nh|aj6&UG<=pse$3Qq7yw3f zM4AnN;jxarw)y3pV2N+Hqh|wICW?F=<5$NJOqsiL&&xbOjx8dbWcP6CP@DFXT3F6;D>v$iYz1y_GG1-;WJKEBGVh6 z*cySc+$`|7i0S#96NI$170Yy!w$2WUn5*SCl9$Y5&(14|y=#)#-e>tJBQs|U9jo4j z8b&BUw~w+HvzomG8rA^g4?by9_0Qs$KLeV=a@72qg`TVn=eps$3RK~t0}aXVXux7kgD#`9-(NK784<#Jpmg3OHutT;tFI{fqLoE)4R%XQ&W;n zt+%&`a3TUm#M9=6Oz+R#{u}TA{m(uHVB^WO91ru+ zsWwm!sVr?`O5#jCmAZ_u1Alc?S1V3seyvvOVpedOTTr>H$Mbs$kaMnqdzWtuiWOMS zgfZ6CA}nZltXIkc&ycnJCX^Ua5EEm5dh4fQtyuWv7-qPf>+q@6)uX=@D5{^m)eQq!zoiG!G%F3V{Nn)@oMJE$_i;bL}nib7=<0QBc`@ly9Bc& zF<-|oSC6Y84{_mJat!+Pt{ry7$QIP_hCG9SblD?M(rnTk%CPTdP^iP5ZL_*fbc%|D zN3vJg{s+2w?4t=0qn97T z-4B0=C|A^yTY<)GGN7TDnq=GPTcpJ=aaH_i-aweIq)p zAPs7GZl*&99E0wgcl)fRF=k%3$_PRUgW%%fixZcB?+5HtoKIyDk8@S7$uIz_V!>bm z<)<)Ez3{em>Mde2NB%o1LXgMc2aV9vTUk}F>yBW{oc2(v`s2wf1n!YFhCz$rquPj{qbUl zmNV6;<=rB&EWojG?e6L_@G^O}YC(*|(zTpTYBRg=RbMi~}a+wg$D<$%u)5RK(iJ<*HltuE$dP z0{-TMkb+Pw;!IvnXuh>Q-J=|PCk_VMQutebf3-zE#PzEBePfa-?WO_a&DX1>0l)F_ zZqwF>1Xa`mmVb@cs#!kF%9SzrZM8Rpo{Tj#-KGrS|Gb`pS524G+fV*?n?IGF$*-w( zC#egyVsg&Swx(GH_cs7{D($|CBp4C|4FE*J{u`oLB$SME>+a2ztNW6>ucCF5AL=qp zLBmJ)%)G%G)dOk?ann&&b^RVn!a2kK?4LoJzqGWq;NAL-W?qR4R#ac8qN;NpO;FoV znnDWf*(@r;B`{=}H82@q#OJGbf3t_XYqYFznA{y2nqCjSA|GFrrneDYe^0x)i&wTLtq3F83I{I@y( zAHoR$@1`N>7{%@Z9cJwL1{Pk}G$%kzu1DZ9=XpM0XBhnD;lDoj3(hBK_|#kAdY-Ld zX$Y)>7cu(}f5W{x*dB&F2ogJwyzB$BrnIi#V7Uv^!1aL26&Cog1JoJ!a&zl3t6#kz z58`@dJrL~>vAVQz8bCTGQYBsmSJba$zK7-=Z5O*=ZnV6?R%r$XN5Iz^5+JF4asTUV z`};S;C$Lre0f_Gdv(nwf?O%=I|Krtw$8f(MP!mXfwb*68Ei2}i9QmL2gLNHIAIiQ? z=t>XdGKP}c}nh&wk=^PMv!I30y9A6-U zohvV$z{k8}68tea?otc)F`N^-Xd)s3qQnp%1n->(&d$Qpr}i(>`KMsYeeBVJia-O| zYeENiZC-@R-Kzh&Zht!fz+=MmSU76UmD|Mj?;mX32dC;`HB zbGq#Bcl*DcjCc#%xZ+tuInH3ql;2Msu51cT777_YSrMjkQ=ttw!uuULe);(xAXy~H z?3LPY_PUujflS5EiShqmC#qw!3O<5y)WJ~(~RiAqk8`dwDJm?g5Y9J1mBS;~ZTaAV85n$|Z>V+KB1ecT zeW-F!R8t3-f?m5Q2@b2O-yjLNoLwZpivA1&)gmUG2EGp1JAA_Xk22()vG(4;|T7=0k`ysspY2wm#3^p#6~R=Ikx7MveINxS@`NJ@V|J6M%dm<#_z-&?4 zMz*e`23PeHI|W1k#l`sRB%aau>}p4O~YvGO8LIq&5)SL5Cf496W~Cf8#tq z?t9e72q`T$1141Zhu3pxp!QGZ(l0%&57^#>ZR*Mc#ryf%&BMfJouD<%+DhDY zF}_Z|{;-*1%qXKjWJ`pTQV_0N%%*iI>CU-5{SpD9zPHT8o(mXHKo!h4J{=Hz_#R?_ z1wF{d<_B3lTiirn#_sjTSQP+_iu$m+=Rr(x!s-b(7d94+NguUG@fWz^~&W zUwye#fasvYMvcl02d2fnE*jHcX)XHLMWl@-N8Zfq%+ZP7GRAQwt4{lI(tECHMS2$ zEIoe9A2LYMSGzCWTA797Nds9x1RE|>E5ca*gk)=IVEb4y(j%eqkoL@o=Imy1xFnQ! z*oJZ2f~sTGjUM9v_QmBBgn&eW>JTb|A+WfoP~)AqTxF!clZzi^-8)YB#Pji5)s^Vm zkWNec%G9Dur!ak~=Y7;?Dkb&CbXwbF&4NEXgKi6@3;+{gVu!AI(?>-V)Qs4WkLSFp z8@Z|C^Bb+pNkBG;YJQ#i_)*mux9;Xozxfpl95}i0C0wKh3rsy?$Na+z*b=+PJJQmd7f2Q=lQ7;=@axA3vR zo8uv+xXjxYLdCjQS9yz4RTb+7+Jk=MAU=lkW0khtLvqRrHO@ys%a9AG4TYD4IX?<) z08=rnUD@PA28jo z%it`Lp)^`ud8b?#d$xdoxv@q}4Rj9~fBWHj{)u`;x+`0aH``T z4sm&FYL?ddz4<;w?{^un zH`u0P3_!qh$O;I<_a_##0cD%%N|Zb!&p}_!guhu4a{Z1t7yewO zWFSd!0yE5w2%X2}2#5$OG*Y$8UW`sG$gS|&@?L1kMEX7xd@l1}=J@Z){D=3x5=Or8 z^*#1^nI+_2f??u8WEhRjn~^X3J8fAcm7Oq}J)*61BD>lKfKKB0-@6n-7|_H4Gz8Fm z`sZzvrLP@TE#nfQBiitiJokwOrd?D-IOwQcL5#%Vii`!QXcDY4CE~E@2o;+i^1D3R z`g5>RAC3%<(U)?wG0JK?Q~P-^I`Wgt|TfjtAo{PCeziZ;PpRo1yk@@AlRM{kO1G_?o5Tuk_if zjF5AwJq!hwVEfGyqBx(xOfSr4RVb+vG@^1B*;LCy`G=hVqrA*_pToGfU;-7fFi+bl z>KExF+huU6IJxp^=T=q_oVZ}M4A*1+oCtp}#(^nh3jfD5_5?`T1_ zJDm9`2R3he^(ZeSXAm#v*!m@?IUW7t(9F5f?A>q_dcS+o*yYsN0^l*3>lDNtF8n9H zChSwszxl_iLT}GQA!qVR^o+!v^I%8qV*5dF`7Dm=+gc1&6f5)O34FODx9{5(3JKr^ z?70nBW)&8dgFh?L91m*_t#?dvA@kCB zX#rQNRBw0xE6b%4_Q#o<`w3HUe)ro+;3w>!6R^a2H%C`Hu^o9NA2a1DIDd?2#s4!JQWC=0?+-94;jfH35?c?@ zaaN}jMq{&Q`)3K)Dt6BySVB_iN})tXht%TIog9uqw`WJb`Y1hy9+3Coh#cPnt(W05 z^MqMiZy z9e$cH97P&v-}&Fkhp#eUwRyRLgR}Quz9Rzx4Dq;O)Nn1W_T_GQE}6%}RWPUJ@J^nu zgwfA!w!DWfw@_Sph9R4~25htP4O6z*|3ja+#6uo|mT8iihBp)wUdX!v;CMTEA^rQo zSG3_|?-M9WQ`DD!E7oOnJ{&N;%Fu+XM9~OBE3kogiwQ^eg8`_gk2^A1Ue!A_ztKov z>fb)2=1^4fm5q_ZdE>#bu;>GXC6|N9ou2_2NuB2(>cZ74{AqqAlD`c8Z$FDSXgR#v z!aEO_#5>03Wd}P?Y{%C^ZJPAAujP1EXR!S&>AFmv=y(V}qXwczUJoPugCjFe?KF@% zHnz*0kwi%Ys8Z|6fM4b9pW#B$udS0Dvf3L8y>h{kMe4|$hhm6VoKWc!fF)K;F89)b zqUXYRh+6VSNP=x#s#ng-g;C>5^Y@mrscNw?Ak%rvrN`Zu(;m0b&7WV$?A6P(XlzTH zE)?)WwBh9fxZA1Z{YVmpz3aeYisjJn+XH$4v4X=JxaokooH4Dys5Zhrdy91@(hkWPXK|*yU&WQD9SC(qygRa9N$0Y6} z@UcK`iFi-1I(TPl|1{3AS5_e@HUZNIzVkrP<`lg&m)k3XHApX+_Xp<~khguq;0QH+ z^eQ7;X@APkx_MY{0gRWrruNujAw=<3n1&*acG1t$w0~Swy|e5e{Ttc-<$vh3+Tj*; z;<=UqKz_B8oL1aW(;Xq$I`S;Z$&x+U%mHFOE=Kx#WvzX@pRRkGV64(&v9!88w_eVDpfM)YEL>3PlG{x&^C(_)JY>-QI-`ef8>;exVc)YNr>CZd#<8t5 zpTLgGItym2Ekv(V*k6qJv$$`xWnnJ1Gk4t&+bZ&ytEbWwwu<=pg~)L#nR+=Y>%Sx@ z_OS>ut1G1i16&rGWw~Y;#)GgumV2F}g_O~P%?~lyyG(ojD?Y}}bkhy_U9=p6Aad7z z*El2x*5rPTu6pNaYlY0>$dyzRaoRuhv|Al(_d2;7OJ3Z;XNg$wuAOw!J#Q0GfFhGW z>W`?Gkadt2Os&I)Z+sj+U>SGWrqe*U&Q%Jb(W%Nk2K_k>7N|-vq|&DGFib-J94PTj zZf7jO48(DDp%=^wW@_D)FmG8Ztp^n@>J7OBYqk;4WntLPS~!*4MYGVM=kye7NipWI zInlo2@Fc%FztVV9Jks}K=P4ERbgg}0XhNtkebbId@#aG5y8rCpV}rn5bO#*;L^Z#9 z%=@_UYYWI0Mz-vej&Iie{$EUChQn{SHB>AS$MJbotEv>H$;UEQVP`f#?Zj}tk}7eA zD;v9C=$drek}7fM0WT`AH3*8H$$XMm_i2BUMN+(2`IH(*5Z#5mk;H%0H`scI(oAwc zC1C0ZQMaSM_AGDKzs!89UeKuhby>;v5yw0#*!WC}8zs;4vr>s5xApI$!Gf+d*hF8b zhgdwGy_J}oDzSl^7ab{Voz^+)2MGpfzo~fco*qYJY8w`_s}eC@)hM0;LW1+}J5*F{ zu)f#`_vIo+{|j4g^TQw6c$VbXUDl7}aBd}7^g|rBgXAa%s#n^T?Anx>UL@fk##*YR z0oBbzBw>Wjk&#}(+d}U1NUZI2@UGLjT$FjQ?PR`1+|1E_?e6*Jxr{OD9uslzDE^b& z&0}_6X8hG%*t;upN8J?AouC|+@w)ZKWBxbM!M#~p*LibWUcb=~Od8W&gU5KE9c8rx7}vaHOeg#b%&SM$591>wkJ9GR1bYde?(bU zzi-V@%3MVpo{J{zM?v0yXDXO2wPSLbJe*(56gmpb>}XL=2(>{qf@+rb{W+~>xY^j) z+?P()72FQiUA|A$$&}B>PfSg?J6O%06y-Rk<;@27I&cOq=yXsVnNJs)G)_&S*?JRB zbF730W47vNq?Qu6dAuj`2B_<)Ncyx~=HJ=p3vWCn<{Ny7ajO7<>h?v3*tPc&`{#+1%{)9tF64fs?!`cWhFumwnv_UY`z5i@%Ah}58*iXKJW+HyEI8my|QfW$)hOO z>T{~D=tn+o5^Z}m=5fcbq!F+7VjvG46BFaI6hmaQdtI=wD?$Cu%C#tq)zI!OG#Q=%sa(li=o=3|j#Lb(dW*kswl6&}FX)0yTTa zA9^kceoi-(zxI{WF`cj8Lin&l7hCOs#xPkYVSoaXc%t0PeXm0DvlHbAUEr^lQT@2w z+`Lh6u{M6(T~Gqo*0ee+kR-$$)QMWYpP#mQRlpaL~6te zk1=uDHLGQt14t~Su8t6Lzth(aw@>0?<$D^-w9R?`OeTXP((7|ylXIP5!>Nuj7@QJ8~5?}JuE@s@b-+lhb|n7REP3KnrC|Ciz;8ro&Y zbl`2AZW={;hgLkkS-ay8HsV(-A7Ihhh`S<>(jGYoo_CCisL{9dMTN&aM_{>O7W$CEtJkqw9|!eB+6`y$GZM17e4k zzk69U{-#8|Lj|^_JLA z$m|`m=Vme_!K@DMo5&Tpi`CtljS(}J4FJSpv!!+tbM(x0gG9WEPlBLsF#DCV1vnjU(BT@WN@7+ zzk02-7g3SV0gX=>V*T+7HJ#`7(YxUR^5U=;$1CVsXyNB!@A=&wUC*Jp*M9C zb)3mJ9a`GM3Ep#;ejNlwm20~aj#Mf_(R}_Q;Be5yD$-Zn`djS_84;V$!roNbQw^S! z=|5mq2OR^uzBn)L-v|w&7arl}BBU6t$H&**%Hw1u)lf;$7Amw6epG4fTe?rYT$v0z zqYLyTVetI`sw#R@H@7#{K3=taclA+L1jrl`(o7ATb0&>2$_j_HhU}}d`uK7&pm_3> zY->QtnTiS3)cOUF6DkPpD?;-o|Aj1?%X`KAwQlctq2VG2snz!{#9A|ON7ou7Wp|wZ85sh_Bic&MKGh%ah|R(7D(G!a<$y6F*$Zce@Ieijz=1 zz|T(cNu0LLw7g1=J>$TMV-kOhp71N|DMbi$ZO{Ei5Y1bgNGkRFSL@EJ{Of*<5&F6B zPb#F6*PMF$i)L3J_opg66qNGVePH~lrhKaEY0(!eK|4$_%zk!|-pp9o6(oIk7@yy2 z_35r_#^70W)Qvj{dfob3(ei2ptw*M^do$+}YK;|`IporH5u%vbi7Jz;Va>%yKY+Q^ z50Yy2M&E_M%1(+;z~op7bnjO!X0FtQf+L_u)i>^wQ4|WCO);FICXDXFRD-Hw6S)<4^5bgIwR`Z^VC9 zi@4Y+e%>u6ddK=JYj@rDa+FrAW8Y%5uPv?W>FGia`AZVLT~rq>d)pzQsZ#KP61rpW zt@T%Ia^opbSM)AsD)n|ST}%POnJfEn72ya+-(lfRw154S0zM+{4|GR zWQv~obFE^~%U9P7(^6~DJx>vs9WG6u(pxHM|HSuM!QYc&<7NGrHBa)Ld>h* zV`u+Eew*2mm0WiR;=IhO@{Z(C zwu_WVD~hYsL3ao7GslMRnUWR_;Lk)e+xG%K!PgTp5?uK=Ssi7^y7Y^WP&-7u?k9;) zH|-OMrkfU2T+w~)y;BHkv;94t$`tpi7IXXFMv0cF7#)8HO@}7TN5l*UQL{7gUcBjW z$dFWvfXj0>H|BAVY_fGS@!k2xspGA&CJ`;b-;>@6T zzg^Sy{Dy4x8U*?ERrE{4XSu|dsRnn7b>dXAQ(ofX`b48uzNn7OtH1@~el05UD1G#S z>nX1uZJw`Yty!m+Gnhg14a7CgXx66Wv-(}X?&)B=JzZ@RRZcT1yQLF72czQK%Sh2? zK3JCj1C<3j&$)fTY1L-Br>ft#yI>LP-l{K|?)GXdutwf_ouk{2-@z1rIcKS*GO|Xm zSRMXY{+{z6m2h_n@l1bw5%D~?kT!UdfCHng|6YH1kI?mPCr+;iD&Yn6U2egNl1%Gl zYzz9+ST@*{WqSogCRbo;;rN}ZOF?!O+u$_8k@lox0f%l@tB4H zi2mh_PS8)kToOFVV(c>mesWh>iAw7JXP=-1zre;wJ`Vtnfe=ixp?E6d)as!AV;mz5FArDN}m%5L>b}5#>YB+7(7>&}hdt-y?C-5XC z#w_8k8+$3&el~neB=+uXNFDmo>B;x+BAr!P+o&Zu#aju0SVY&zgetZibSWLg%eTuO*T){B5s{LAIFVk8@y$S@)OYxca$*(S> zYJC0qjYNGS%aN$$D}}x1Pj~s8yLaAo>l@)wS`@DGx~7BF$jCX#)4m4rvgSTsH_w2c z&sd0^k-f3iAvsFdU(H=l_QwZ6eX&g>jkYZv<&`SHh zx_wk%1m|WzUcrp@fn}eVQZ9+x#msgtzSeLYxAmBeBzh!O0(O!y{Z)8p$)G)W$-ZD~ zFxcTio`7>&;RoGs24L47hX9L{%H}OQ*k&o;$q#feEUc-{ZYj(@$E!4u(gHVubzP4q zAXJtwyy$I_U*_Sbw8vptClS8?sz>#JVvRYEePh}dX6Nua#wOMuEh}*eGBi6badj2T z<3bqVcYvF0ko=bV;jsF`1x@?VJvuK-8HRr%rK{&~g4f3d-+hN7YGg`Q~?f zyItCcNok;Y8*&c>(vWsM=V9GjJSiTGTg*o_GG*|Zkf)FD<41{kofO?lC$E;)++@A2_?NruE{pa&vP5{NlVFr2_cPV;?@r{n(q3?^q!5U6;oo;Gpp1(=j7~Bi07VVT6li z*E(Dc8XixjaC6?ct+RN)c@oKWM1|^wn5K~&F;f*w_&qo0SJO>A?KsBAO1BwT5 zP~x12tE8u3#U@qZgjWSp@sRM|Tk5xzN{sLvq%SEtFupl;w${JcF3Hv`<%uJk44?aE zdN8PPH2=}VzS-AIGrRSZq|~=N zFu8N`Q51JXH_zB^&V1qNtK7Mew^Lc%*$$+;7E(wLVdtJSg%$1Ff{F4R%vRfAUh8LldKoDiA#}quvPkpkg4HcbzgG@Y1;wh_?bs+d(cmP+#yLSO zetYRnEbr&@DE9j6D7pl7%w(`8=?%)zwwPeC31f*`>lCVMW7l%c(QnBgDZ1>;V&}#D zK;QGxh-A$5nws44QNAl%2jneY4#a-lSni@j+wu~f{6iZsd4!V zz}H@<38A-ankZ@7!nXhn;YfSkdfNv8f?z9bVWd+P>Uvg}uv>BN$D6=C>9;-I&;H}E z|FBE;JrVA3UR>-Tqs&>{M3^vYytn3_hWgS%UL3bacvS#OXzIMp3bQPV`0@FMTI1L* zmw_jH!sDq5@_#?I=@>o?0M5&1w7VvMyPYB@B)l`oM*||$kBurgp4Y>wOg}byHsiB zXk~cYkS|X$w5>m^m>J)Ik8z@M(K`W0`L@$)S)gjmj{8!igj_^#PB{&hCMwQ@dB(I5PX**DROgoEITcTE!ppx>Z?E z7ML92_gGYLBh?9|){5?aU_Blzhd_I2CA8l+dp$t=@ZrNA7{0y@J&crb)P#HF7j|lO z5_%*&$(Ffg$Na=Mx<3PtEgTfLJPVsM9uF2WWp*(dciPNg8kn(0?6^RHkOo330 zv>K|AIyen?oGdus-Za@R{KzkPFsfaYu9~DOhw{2{XQ1;H7vVO8y3S}GSFKYo5a_Gf z3C&A7SsA>2Rg{FwD>(%Xcu=m$&BB9eq*5_eHP`kmq6`0-k9>Pfgs(Tgpfj^2O?T*b z>|H+VaBffP)$3n=0D?VUyvVmE3O+XK`P8v5xRRIVY5N zKG&C);%s1_P^YA=`x;bwOWovIl;#N@KU2mA^)EytImb-9*DVoTvy(AxID6_+UO>jc zl9w5j7(i_2R5atTIYY=sPa*WkUx#CXjw&Kq)%+XTZrQ5~G=)M62Rw(+rYVZgYKkL8 zt?a6VkVxj7Ks2$xKZ`nghp4r|&uey7t~{;zeGN10!u3YXG?m*?KY&$(heh-`{H1*M zSuM1elb@T?g8o*x8te5Vi5xRAbcj(9W@b8gXdU8wvbW3!(&_uA1q21dgzPP!_B^`k zSWD3Ox(Ii=!jTW=`}KK$n`4qNhm1xh#OWnlg8a0t+V%SkYl33@e)mRZiJdKhxJZ2z z$LF-S3qy+v>mhB&iB2pJDag@N$BFLCKdR{iP(gCvPn4qEx&uiufUBaNNze*C@kw(1 z8NPeC{~%X2xIL+gtUOq5@J^C3`t{;$Q-PqHZ>E<_G4fDs_BPbf_v z%;ot+pomyt0UTJ!U--j`7x_Wy=>WIPd*_;Vk&{J*1Q~uaXP?(5qBjkl+WgU3{>kYV z!|n>B44d4E%GtT50NmIbq;QpV-ZL>`Q8pqR$3u0&-h~1(l^;XC|F7D&Ri-O$iiRH@ zv{?~#LiZJUla8V9gi@pu0NGdZwr;9gI25amO5uUL+3d-lU~s25&b!Dlyjz`$?qgIr z^*gYIO4ha|at2{$(R7*+p+XL2)A^?LV7Kj?hn|W708$hU)5n5h!P6g4_a=rInDcMl z$H`je5<*gMkj2^kxECEOl6TTns{qv5(n~c*i)s0Dl3jn8f)7OrOQ2H5NFVb1rsfSQ z*!ln&0ew_oql*pwHtZxvp@l^~-G7_(ambxs@~iniGV$_4ZoOd%Ex4u+M9-2ej;4c0 zzBRo0oQq%zB)Wgl^Wp>MG~()B*5=*TnWh+T*deM_nzy500&(QC-8SgmJ%dit6tLp8tfq&tV-c`lJ!ki_!CA=#)-?nMW6_;q7FuT+*L`w3rvTJGGt09U_H_KHhzn3V+|xM^3?(+_@L&KD*fagLEw%GC|jQs(s+b zti`q{`-Md>=-a1YDnV4K>9jFh0^XoOp?dMySMdNpM&{f`!IoN`oLpVy7DTbDqxrjF zHgoqj2l`jAgZl5f$H%8K<%QnJN}}Se5zJ6XnEy=f3tYw*<}F=e4r?bS_X>3zgBTa5 znrw0BJ`8+XQm>-DJ7^@%?1u(Yu0Gx0@{5e)=^}O6MLFJatchtj8;1#(*}PksnATt= z^M*HWar08E>(kuR_hNE6WE2Q&4W`8WC`UN;e=iXC@Yg<~EtbGfG3xH^mVa7Ky5V$7 z=>bVdXfk`{6<>ltMt>dWx44CF4!mER2u7ZJu(3e%^d0VKVVTLyB?!ImPNa-` zey4EK9izCAggD4n9d+JKmFQp`;vk!gxrfj`^#-7>it`vPB1t<)brp*<4%D!L3Syr0 zEi7-y?Z907KtdlA#U_`A-1NLFLe>8(Q~P^{stsH3DJbP!!+X0zhj#Vx7q9g7{+aZw z)fY7>s?Xc+N;FEB<);`Bb~DsYs92%s2Z^fY&nwYO+<%)=_uop(9ucg}eHI;GexdUY zCROXxtg}R24!X$=1bV{%B#eYhUe2aysr=!t+6QM6c>_8h?4Xmc7R{E&Cd;&@V5GB` zsxOI(;)GLb6wsc=0L@#nD0=pbi}0VF!|6Rhf=(wAR#G?IZG$!_xwaPYjb7d3BO4w! z*+ICi*TV;iNi1MmBsfB(qWE-7hXwDH_47=Jku?p3XH&u;GP#f*dDG3iJ|8bFLfnk3 zC#B*&0piW0vn6o{_x0|Ip+t@r#=7y{kVxWjHJAV)V-M&$CGy?|T3z9|ukf-0IuGx9 zE-JnTsz_dK$99#T*2fWxf>eC(Q|v~ToSSmE5zz;pVN6HG1=HI0ZfQROp#}$e5k0Ay zZCRJBX01Z#wBIIm5w9%DtN-!-7Fv(n83a!=cxKZJQgG$hKOPFYyqcFB%NdrR=oA)u zwB4Z%A8Rygy93GV&9M#Spd&;~)E>sIoc}B5`hUdXQA!8@cHlq%DrTM+jMx{Gj=x`7 z7FKxKt^ZW!L)awt&^O#21o9~`pgHaYn8-Rj^sju^{}rg@-t_n!4+$_fCshS-3Vwu{ zY_k5gyj%l|hzCJ7F~$P-_|IfjSI6zkThLaqBe&3=lWodht|kEEMtcrgyVrkBuKcIW znoZ(sMb!Yo#Nb1v_fBpV7p32R4up-V9z43V$i7Du%TTC*{Ww={n8ClLzm4&k`J103 zVGs5Q?K=L>M_=lz9$SBZqK(YRSQY3n*P0Q$@yvrwX3iYFfs-^E-2>VqhNz~yC40&( zp$D!xyh{>wjrzay_^YY}Xg(z7D-RXm65`7K;{0>%>xA4C2;PSIQtVYyBIX@93I!Zo zRsD4V%3o_Ox%qH3%Z(_m@(A#`I^1r31FX6Exqkd&_>HEPZ~}eZ?bRsGi64j9d@BE7 zs5v+4y_6glz2(KN^}z$Xc`a_LC)*F`s6B|O>!YqiD4F{DHaOnIYrcQ3>(<@_LP&vk zp%X>_D9WSuNGGV!8;u-A7=t(z68W<(O7D4&gw#7reJH@KV~;+i>_r&3{}J7W;@~J< z5~m8qD=Xu?ak<(2XwB01h{o2QbwO#j2FbPN$ZKhB{mNrK;q(q=^+nr6c@yB zDW1|r57CX@pp*Ee1!OM%alOn|oxmgl*_M1G(P^juW2=1pKDyOzUyzUCCbRz^v7{1B zwy&>GUMn(oQL{)0>CitzoF+gh@ys4zz_Nub&f-rj{(}|wcYC;xU{2XVtFGJSKSM~F zJ?bSf;4KtK*Q%J6v97;&Wm{k9zc4HRs!Q@vre+2I0^DL0y0C3aFcZ@2%z|5t~#JR#@-`H|A)961Eu51s)Uf#s$>FFyz~5$brzdyb4Aj@PuQE(s6w z>_u4qRh0ZEkL$?Y9O?n_vh3u2E@5RHS>AMzj`#gtUqCK{#{^2O)mW8qL_S|^@oiS; z(6d+ZeV6yA18qdH^{lJF{E69XPMh$wKmOpmF7@i=Tk&}SbSEv`VZ=r6=y^Cc%xte!+X`P_*W3!|2ra&gZQ7%5(GMU zyaC{FoG*aELzmr%HRs*vAyo5&Q!Smx8$ft^H(&qP6w7~ZWR=H5DgiRL;ph?a?O>B1 z_9gz(RxWOeo6N1KW;c-onv{c0^P1}a%x(Rrcm;?zeifSlv7m(3)Reymc~5LmGIF%2 zaM|{NXLE@?VjOS_Qgr(d(vW2474_27L8Rt+PYiyitBh}U9gfw+4gn(CLI#(KN(x9+ zCqS-+5MKHpcyQ3c3(b{<j4oQVCv zE95)o?K^tPN#d8=3XkDWumMQE%5oZ2o8hJ#kMWo$q7sQ>y=g3e*WXi03t)OFPu9dD zholypQq{vXs~N__F5Th>Y|naNaD=A$XBPMx4I}R5Rj9&PW^y|Gt6+-*Q*qU&c>WS^ z0F*g*rJps{ml&^qV6hDj0_MSsl9o1(9&Mc~YO7KBmk;x&iCO7w$tF9S z_94!G3Y5cU=w7}N9s8R)&9N_!rGs+m_z>ia-~-y=@}N;7-$UN!f2FDZ)ZZ%p!t{{A z!NG$AI~jZEaAd)|_^Y9|K|KY-RUu`UHhuMQV2ynf=gAUZ_VC=o%Ud;bZ~)r%pjoa^ zF$sZ3q{vLxf?}DJ%jpLo&|4l82VVPPRAEU+suVTS{08|u(d|!YZ`mLGu9R6=?yF*S zwy~C;ft!n8M9{Z4K;+A=*e>vKDIx6`8ttZib^H@$b2hzdvVOX?u%gE2hi&qY^cgtB zgF0m|rDC82pMXpQwec((XnsP)##(t53@x{kKbkHm8%@`$88WF zl1@>R?zzv<)&N#wjFrm5{SnLj+u~C2xps7RGb zzfk#RBhbIf8v43^;AwNEh`HG?$Xm)wUezT)>Ts!S zLT$(|RL(6qIg$LM3%yvJ>~&&$>CyD%P?3Z~DdoY(Etsz_EWaKe4z0UDN|BqvT6d`+ zr;vyG4<>mWhRbxWun9JJh3X#h+3E7#gypk)7z&VdQg*%IgE$GE)fuZKFXM4*9gsGe zpQdQ+41rTF7-jdjqQ`9KbMHnUIWL+C-Oo8_WNqbw#c5wO#3jZ|e7NaiY8q*Novq)g zB?ir|LBxJWp7zifvD-*Ca5b*QI+8!%T~zbw&DUE955q0wZbF>|HO4|NIXuD4E=*BW zu8p?ILIxA@0=D5~5+hkv`i99bJ#D2r|Ge^be0cbz8;PDpM_UqF#=B5fp}R+3)y5#_ zJVushMV9L$)zk$qQ<#X)b}c=@D7&FyM!$)nTCpir{>JxQs)6BP5Py$MHBooZv-RC& z2hynaMWYoH?vK3-w_)~OX?A_y=;40nCY6ICH$>hZZN=0LGmcd^lG5%d8#L{s+A4e( zpXIVW(EY^WK_n<9;vwHNHmni<^ecPE-@hW<$V3@ma6p2#HP+u8mX+rg3=LysG92N{ zjOSQC?6qxu#4E0BKTWCKW}nRwK*%HcCI>Z6kAf5el55rJ!<8ng;}E$@+Hul9-V;Z} z9iDWWyi4?_ejb(>SX zbj@r!x7ZhDN)HY?%x&X8MB3$rCt?amKk>wrtSCJE!$vTHmAs8d?u+7nQ%+M^+?u&? zv_za|7o#I7Jx!Ne=&LrLuEVDhQnS~7_za=9zYHqsXI0`zW%7=8v1fdt(1@Tuj=tV* z^x0i(na;aX{ey-r8G=m)H|FT%{GIgmMZ&qBec@+3vRqFbOVZ$#nKD*7>sOPk2V_B* zYwRj`6uW zB#HkvQO49|SnzppwB@yT!>1a?+%`RS5c#$*CPpUnwx`eRKOee9a^z_8>@*KFqP1>> z4mG4bVvpkRejAg?b^h=fN7r$vBmd5(Z3CSkk&J6-q|zqFYIou;r9^}Q7>t=6?qXit zfq@2SsIX&YNr9S(dR{Fv%xsEFzfTRpzU$ZM&hl(&>{6=NV}YJ$c`#*b~u1*%F)<}d{6ADjvo{V`( zF=buI@ZzK-SFxlubB%RFmr{}B`8J1}2LDhla z6mn<2VWq}<@;$JduPLzjr&h-QVeY9whK^bN(N+0^Qv{`k?4%?8{@6L zYUuj^0>Ljn&;wBfa~@EM$BW|(ej@fFHp%60xza&8u5On?o|Jf2x~s&+eW~+usqWU= zhrUw-Kn|wf{|P{t>-gL-Qv%iV%I~_HNQCTF-}8iDHj-@~VEEF(D}*|7*W?g~1+($S zn2NCogh+;46&lqD?q!&upB@d!@aS*+y}%WD1?cDT5m^EaRA{`~njS2_O^6iWyEwRl(7i{qXJ=nu%&dmEn|MY&c z2FxK>oPS&+h$KKp|BoRDtE~dS5EWo~4+KG$bYrdMF`j;@fN#a!F?8!;<;kl33|G)V zj5=UD7*{?CEeWtt!>kJS1WBABtE%`?v$Y0y;mX55W7f+%y*cC$9CS-U940J>wggl}E5`5Ck9#A%*@=Grq zQDb94Z1A05=#D0*D;M|}($zYIMJQ2D&y=}}X!i?~f<*BZwMy-)_G*w-l^P(Y(a~|s zM21Ms@}=~|w7;M7b0i3me4Ewf9W(XrgQMyf7#pO!2h6;xJjWU2mL`Lp3=!s zLwu#kn=6Gv?-x?qhZWO6F2*=aQG}>liRD9Tp@(X%1VJvtWt9+c@i-TQU$o#1MIEVy ze4MkSuQwU87Eqy!`;DiA?66(6lV1R{{fiVq(C~?|bb5154p<1MjARFNyN|Y+2WPkW;SG#pLg4w zmlVe6CnP15k&a%#6K~ykL_k=bqWFV`ekdfnJo-J5q&G@OtA%hD3Oh*iz z(d9V#1py&sNI65cJj*SR;iTc*L8>j9khhj$N`*Gy*(ey_Y2HdQX;Y(2zgvoE9Q?<( zuhCmjF}GbDi0-8)z|M$Obv5r;DX}>*0Ylb0(`&pZ0w0Z=N(fEA>$uRHRP< zpWe4>fGe#n##fKi(UNPoF1m2J@zS!vc3kHz>xnXiFO!>P7=@if;Q^Bz^cTAokLSL7f@7cYAk^z{Obb|c1kZ>vWS-5}B>>3%R&G;<<>1xA63V;2; z%M*c#MgSJ+JN#NRBA<-1X1>03L&buW@G?*X^0{E(qvwKAZC%#VS)4t#^F=ne_5!iR zmI)Gj`1rJajs~7Qi3Jm2lCF+_%@)Ha0BHfyxlLJ77(`JM-Rb2`Q<==IH7g9To2|D< zH$kdJt1wqyHzY;DxmWVMJCI582EAcwE0D3bKyrrn(!T|fAEGa&0fZ313E+WvgCTGE z0)F^kILNg}6Q^suUkm%i!kcXefI8=L4TFIV?H_QBxIk-}%jeWwGPqaIwLt#%Ucq}s z%8o}dxY|Qtg%-h%k9-8sZs%(|1%_Hi3haf1DZht23s@R!l~o;X*+L|9`hi^U$uAIR zkV3My1lg&0rrd^!wcN{P3;I=t-b%sHsg2Q5Q_&RDMtP@jd~seoawfp^6w>gJ9i@j1 zhY_9p@4A~gVSVhf`Bk$c{jy&U>LhY}27Fmb--a=#0lZJ!ybwqhWxAZWK$r5EZk%`g zBRHJim+ha?#ytrNI&|I@j9d0?uwP}=Hc4$+yL>nS6NL3ytM!3!Y9J#h^wkUxWa2;j zO#zmNzF)2#hW~thAq{x_Z4ERb{0eZx$IqYojmhrkyYqDcj|!|}aNJ#8&XoDXKab+m zZ1+5o=8W_-#iX9}k@qd+`&rXIzmk@7wAe)jlMZLtv5x%GDV?sq-=gtiOumqg@m4S0 zW$8A)z5%9&xc#;EXBi%IF4Wn9^m9X$L<2D7#vCJ2EJS+dmy)?JpXKUPIHm!bFJ7|j zqd+-E04TS2x@{#4i&?H;K>`S*z)D58{A8TVNLP8LybLVL*!Lel{`qNd6a|1V%Ht}$ z^UIiFM1rv&P*gwd>M$olfgB6<4~1&La%AwqG!#Bc)SU#ZmgJaM!Y;)NRVhQy%olmu zDs+IK{NZSbwy3w7$r%e7saz_nqOQr~a;R~Y`{E3s9MbltvlZ~6m(zd?7CC}FWzNCd z@Jugjeilyg;1$~_)aFi)xSzI9(trn7df zbZ~1R)qf?w1-rJxMbsF~VrsixERH*0)+D5iu2rdiD%5vNNJJN~_fxU>8NEX%zbr%{ zn)RCsq%1*@%|Lt0b7&N>l    7X(>M0M(vH-G1XXT62@X%$F&hU4ig6$F8|AZOAl#u zP_#tH!MnQBoZMo=IMSP!-uv{w$#n0dfLG7G z0H=%?0aOfWvFb2b9rG!oY$ws@%e!a*0Q&pq-xj;I-0%#`_0LaY^%usVU;QQ*M77C% zNBYh>yj3yR%JwbluIRXU}i^f>X4j1Q@$`ZFNy3!U~rqR%=mn zObNfoE*QS3Irq!hB7C)uqO)a-boSGr32+=2YlCJF9+E0v)RwABJhSR+ z+H|p0gHZ67Rz?viE^Qb_VS^^Zb$SD9S2qmCq z15YO_9e%}@9z!NZ(K~kiIPK(jV)G8s=PmCo3iHaC6AZYiU7VtckjNUN+|N=Toe?sl z4SW?!N;_ZHMq`B$EpKD*cmSM!@|TZ>TTl+y#mO&X9WlGH_ej;BB1HFTZJ5%fQVe}0 zX;Mx)M&Ut+1&{JgIgx&--OA;Oq71&zEa``+`ysE(aqoc(>V|{R-c*JD2;<517LESzHzM{9(lNc-%a16h=9DOTPL0C7i2G-48u;^ytX%_qO*H7#_C~!f{LjV6q zPxUAcHOWZWG&-9lJv#(Od0|vNZnkeKm=K4Q;**y0jgzNm+~D=YKTqMPiD0{9F}@#b z^c~TCsIafrh|h6DxpHw|jEEE}QJLer5CvtO2q7HO+M5GZ}57 z^`aJR;yu@Bf;{D*tRAvWs}-v1xUbeapZDA~SF1eNR%Kg;U|B{oGv4-9=OhQKJIg9} z0n;F5_Zkjh-Kl_Cw4p773J}b2f){C{9RFiW%w^e5Gw-+t3AHlM9<) z*vy4P|Mf3V4Oxv&ep$B6JX;@YwfjQmtHxHcSH*S`yaXu`p4T!jdPC}UL(a*_H#%;7EuxMHF%;iq;$15S%% zR!^AOHgmyE+_9}7rvnrSkU$w&#Y~veycjb2i|p>umv zFeaVeN1Vrs-?M)g3Kd6~aizz&(Y1u$Ie!pT@Rw$cWZ<8F{{n{gm;G`!mc>X$-x+&! zUW{R+NqlNh1`d28!j+*;D@FH{^L57VuYIz(?Nho*bedWb>(*Mv4}}`cPIYN7ES~Vv zzL<3jwLqx#fjaCIm=P5HjkaI~IHzy^GHhL+{1O%c&vRr0Cn^~LQq=1CokoPi$ETnh z@Eb~4o0PB>FMWnDvCL|&)86*i6sNR+K6uPdvW2M8O&8|n?+~PE9xHgk3rv~JSU&(OkRm=MY2dL7D0fuW2(RL8zsBy%|v@2r_fNAcF5z1^qYD)RdTE-H#S0lFB zQ`<^7OySzvJo*+|b`)ocrUNwPp=Rzi^5U-sKy(u?6*ZS<)5EnbT`1?TDW$YSo6py% zfjJgD*(;L&d=6@0+%9k*=C(%DgG)=CO>PF-4CeuFJ_n-@{-uLo_(})%F6jxuO`fZ- zm(wm>7)EWnEh>X>oYD;{rE>-*xB%*h09CqJ6aFTql1B38S|CsuKa={HWgo2VLZwiP zyq=Nrb>XNSoL)XaI|hz&eLi1L0|}OZtbcUhjHw#_#!gb(i#p<;Zk3bQPc1+C>#4J! zBZrFfN-+n~&&ccaxJf0gp3~g4w|niC;*Q^9!At}DY>tfv40jvW+mF%9MVo+hZ<)=XPe zV+ldYk{Qqp0gFg?=Tmk+`H32E%*rXKh;U#85+g{%d5rq5(Vn*4(Xktyiii^xxqwtf zu&CBlHFNT}%Q-=+8Scup7B{b<1v|N())Z)V``j)%xDTMNSbXm!?!xFC zk2eyD(foZ3@EKuHhZMABcQe#J6G0JA1 z;X1cn*}ZV`i_L`5I0Rhgj%+M9Fl*sfgpTrEOCg-%2YAONK2m#(5=)Hoqulr`rTbnF zu3~$N;koLTyRL;brE6MGFC(_!r<@thm%wbGpoE$;ujG;E+x5LR(GKSkpAkQKvwS-( zP8HZ|5;z+9!r`>Z$e46^ti@@oKXz6E!lyjZz_3Ml48&(sQkaU;CSpI~o3WhoSFzV; zzRnb(I(c{0;1mD&AOBB9(N`;Ais+H&s&k=9D|6JRvG2L2|HA{ov-Ojw?G7z%j5O|M~#&?}m697|n`r2{Gzeh+0_1GLY!HTY!uHL%zd($+O+R1ruJQU84-gHQ@0 z*2iJkE9R}7`(j3GD}N{@5@S=l08xAYSJTNaldZ7-r3eO8!*Fpo3g0&dEYFdXIhAC$ z*<;i-|G0`@|h3kgR`(I0KmtJ@>(i7x!+ zQl~G@koGe7bqlpIX=s;HZ^C-tTyn%2j2a&fW+Y#Q6-=aPfR7q}=}kA7fF&p`E3az6 zfwG0ja&Z0huJIuf%z#7GagiHRo)!l~u@;IGph0!Jm@kgvgXtrxC=PJtIW{&wnYkJm zw#W%g-Bu2Q;Eu*l2jIIx5~lU21YO`B(aR8Sz3lyobG7r@)ShO$r>bFsR6cj*T6rr@ z^vcI2GiqrJ)4(SHfj@JG35cnOK*lCu!hg3fnAP_#q^=Lt+`zg^HATAg>WVwSx4MYPq8H{r*I5G-9P7gho3=N*jFg<2>?^5?lz=9|3}OfLil@E6bUX_t z0LAjK^R;goMOD~gaNMzrpoB5WfByHsyW-Lp?bj5vrhP7S3<847n9rXALoM4NiI*sB zy#k#U`z2#t_KJf&{}VRgtJWwGpY|YQ0%Ivs{-H3oi56oAwMQd7vEjGR)vJM9*TPAj?*sm zlVdhLLhPRJM2Oy6fxCY`y}W0XajGtp`(W*x(Zbre+@GFR4LD$-l@xB!-ed~+hv-Gn z4^d459I%1;%QWnKh5fSd${`0Md6%7c(0jLDRn5y+-lVdZm-~{zn-tT6D7HyJKah8w z|FTuGHX-ap52hgQAZ*jQRjmEg`DVQaV~p{%#_P=akkWg)4+L#@$T6yS5CL z#+v1FH}bil8Gh}^Edc%6@!yJbUaUgzUD@dD*~DI8ny)_OrrS~f0l2z0?5SW2UYH_p zaSU>&3q!?!_O=HLAHO-Q+!m~@btfA6+n^}}%%dV<$#%rHHiuoX zt(+c8y>@+5I+c9v`=A!pSTB({j-;r9>*4V$0L6=p8hHctu%YFl4{g9h*_BZoynm~% zM3;XJYoPG0wEB|5R%Xk2mQ_kHClwIbi<~kuG~f4GK`?OH5HUck zt;>(7;&>$`%o-tN%7d|4sg~6HPJV$DW0?{`maA5wPL%W1expDJoEKCuc5Oze2~*ac zw-=4e*CR$Hr6Z9wZG4SM_7=S+sNWZ7Q1v+qZ=t;clM|Gh;&4IU9cM6h%+0B0S)f{b z6o!obLMIE85_}ey7i2HsrM-ALvf5d_wxXuLcaNP}kDuH`E9OpG=WKdqjt z0XL+)t}VD5KEf-Yixb4nW}d=xb$!ohUsE+Msd7QtQ&-i(8d?DO8Tif^CJ*-J(I5N( zu|Ks|A@eWRDz97*$}am}MPm0%GzkCBz`8*xfCgX1!)JJkWT2l{zi!1{eTJ=8%|g-d zRZJA@c)}}|)9c`hOyIe|mQTx1UK7wxTBf}o`M#519FA@T{p0l@l{(jWQ?RRr_et9% zd9c1~dC7Ltw?wn0JPP6aT*A7E=VSak^j@;&eFw$fE2DQ#!J%-6qCd5t2|zfVS)iwD zaU{n!%LA?R*6t*id6cw6KZ6z-v*Wp!AF#>J7tVa)8O~c>gHTQl?1S~tOiG7;D|NpM zvu;>;SJ0PW;Y9(!Gc6 z6Y<;ib=&1N-USvSnQ(gj>mK>a_^IWtA;XiaXt_WKm%%WvdL7z>|NNEENwR8t_d%t zXQP$8vk6{SsU>Bf%AIk>$>p@oVTFwN!J~e9{1sz6H>j5*%PqkW0sPX@o}=T=1TV+X z0@hDxx$-#8#_!75_p^u9Z}$6pxb5OZ#mRk7fJr;e`}KSO2yP4JSG@ZfFN`oj9-pI{ za9*q}W++R#CWawD@oit&_QC;WPHwL(3n&zj>fy>;CGKy?AB3h{x#ogYmz^AB^v%@LKK1r_=@=AFQt;m~EIc z%3e#OUxFJqEWE32gW0bgZW%K5zF)zFZVTqux_4I1O)9Bl=~z4NEyqrQ;a5aB!yY0T zo+HcK^;7Q9fIEg+aS99%@EFO2GhYA~rpLFv7P^LebiPoa$3((ylf&IWG3cJT@}-A{ z?K@v!aliT1sk^rGUt25!SG?u_`YXE^b`a(ID=5yrQWlrw=Zf=g)F!BWJkF?{iFh|f zruxERW%#398M%xg{050!+ zP4FweJDb(&TdshT%R`^~QlhVs?N&Et*jl3sS@`yH{q zzJ(pM9sMEyk{7hSv{#Jj?b})XPAylib6N$zld|uTb$q5=o(B3yziIGP91t&^@?rMyKl@R@v6vx{U_ zE1>MhYifIgUXB>XcmB)HaJ4L%%cF#)_Bm-zW#IC@t5XH7f|Ue5 zm)|GaJ5ZjWes8pKJe>0mYOC`&L8+q?`i$?P5=WfDUqR+)sZRHx5^wv0CqrCN2q$I( z>c;b51xZU9sKchAwy3j`E@ziF@YvaeJ6}MCHm-pR-bvhaEmqzPSQlnYo0V@;>xZlZ zSiCzD^j&GE8!EY{vGVt}zr%L+RpLc7k7Ni&aWX(K?+i7k#G^%z~)MIV#!6?S?TQjMyX&mZ`1# zX&fpmTqG*8Z7H^tGwo|^*BK)*hSMw4DZ?*Ufpqwe$prNqCUfc7YDYBYs11}avd9Fb zit}}JFfwDu(G)%HJ&L;&R%JOJlj>|wwhd=8o|_2*uJk#vdnccSu**va7zyT>*)9m7~tOrq# zzE`m#Tjtu3e<{V2iol9wfa#JV((=Vh8IbD8u}D1N8J$O8i38N+$HfCW|IulMu@s=* zMK7{$C;?eqD7lDaa?>S6$t&lNc))k(M3*_CH`4K@qc+93#N=pNRsqhf>lq$Uf%i7( z8J^Ia@r_jEn_eZ6y2?GMhu*rz%C;X;{^hV9u{?dVB3^QP=vCILrfMU(j2PvUU#S%` z9cAcpxenW2w4qRC3cK2rnKk)FM%zW|ZMjD5R~gl%euX(>yIqxDucDf9K3qzjH@SOf zLehTD6IA$6>~uhnIP!&Uj)eZs2_4Jtffa+FDU_R?Ybw_`m_pCxm~u-X0>A@)JOcCM zF)89j?TF5yd`)Gs3Vqx}!*_uu zg%{1wS?NegLhAOUPqf$D4CTrvBUr8G)a<5DCZ z@HF?+n~u4w-cj=HX)nbeV=31=S)Hpc{xFNJ^nH;`4`O-|c3=A%Do_V)kEH^WMTCxY z%$n8}if zbU_xrc9)lJSQQ#w>wG6b+vZnl1$4*NoWdpZLJH<%N+x$~2r7*wJ)^ht+0;^^cL;wZ z>Ji)eI)x7cy!S^l_M-aL!Jc?zQvh>p|7+_-vs{gmZSyjg=vJyYe}P_%{NO(9*NOuv z9jgB0`5s!)PJXqga%KuD2nUhqNZrsYg148GL;DH#rDg2Q)KEHZ(};(W(SZm2k$7ko zX8`eDSfN6?SduK9U>zVnK!*Xi{NZRy$L(D2mRRd826aMe)TVTf=IqXBX)KALFlcyE z7-~!nFJa*d>u;=-id5I;QfDsUf>L+t05u%d__%>v{xub@S!1c5|0!mlPm5QJvFBx$WXx!KTTvgwS&3F?1OBmRP*(H;=#cR~|XA9^J2twr z7iGpZAa>d-6=N))QtQg2@%vvL>Q_@l6}T#C@z%d{FRVUFrI!3HzB-gDPG78j_gNv> z98r_r>%`}!F4R$N1TLO|UhQ000c`*htU-dlw?8Fjj0s_fP;5~L+kLJp4YX)7+a|(d%%&Fj1u+eE{S=SN6%$Qzvgw3rT#%m9**tYZhm$e_Xsm8MNUzUm*QA%%F zNev8)Wb7GU@0qW&Ql`!9wS>-sHJ13%>O^Q&Z;e8nS@4VHr*P(~u_UNuTzKE+7bM5! zOu_uH2K}RtQ*erH11}dIY`o{yp?)>Rf`F?r5F2Pl*8Pp;TI>$ww`|*~P3gmNwZmv18i)YDE3o z5oo~F#|c2(MTpL>7v*1ajVhhYPU|}g9RnOW0W0#WgK3vA6#a8uX}}E*zfFf-(!-Gv zR>XO43hlTRaHZk9>nj5Esv~W`STz-?t~pa@0@Ga1Sn6|BzR}4#&g?LTX-t3o;oH7A z0km>i1mcNd`X^J0p6BPOG5mjPDx=CGW}UIL*`^umYeXWGYjGt77_{?+4Kn`4o|NYa zYLcGcGns;sF?3JF=1KQXvBm_N)yu1xap8TNU#S(K3tR&!n0M-NY}_fmC^N1Bv8|V1 zc%v}P1G#_u>q7mi#yWtjG3Dx_@W+|9k9cTFUKd{%N)>l6+~$1t=U9SMJ^%#vIP~kb zW3A>DYB9IRQr(ULL;_uRIthRoAdm4wJxG=bb|-3dKC3r9+6WwpPH%b~7ttYpFcP1X z{^svra~w+a)ycvsr^zr1XoH<#4HERj{V6est0i4+ruQ4aMXT915f)=MeXOvCkbyKh zrpO2Z(wlFD)mZ^AWatBPy(%cRU#6OaJR^LF1c517b)@~yDG&eNad+)?-Un-(NLNxt zGTaTpP6whDwA9nPvAD&0bx)uYdY)50f(?SAX)Vd%P>_;Eu#~aBIlZ_Gd_DsaPto0)rqg{?tX;aYsFiF2avnW)A zu1gnGQg3vu#qA#$$7N}tG4hd;8P0<}^zBVI_J_yyQkXJuuh?mOuK*(!f1N%T>Q}X% z+aN$7*Ig-B7llFtY42Fs_T+fMb)i&o^xAF6UEv%MpN7Gn_#Zo87QLKWvajZtBmJBL z%iv_Qi&uj1JbX&kCUt+gTv9YtINrR`;acH)LZt^Ym)P1A#DMqBC|RqMYfqWy{vr z=)@S;;w_EO@OS`_k<7j}w2Yj)6d_H%XF{t@LBVS+HdDm%OhSKOuUYz3@c%c3!(+!O R@FV~L002ovPDHLkV1ltmXy^a{ literal 0 HcmV?d00001 diff --git a/enterprise-registry/initial-setup/index.md b/enterprise-registry/initial-setup/index.md index 6e1e08a60..a2984d973 100644 --- a/enterprise-registry/initial-setup/index.md +++ b/enterprise-registry/initial-setup/index.md @@ -8,12 +8,13 @@ weight: 5 # On-Premise Installation -CoreOS Enterprise Registry requires three components to operate successfully: +CoreOS Enterprise Registry requires three components to be running to begin the setup process: - A supported database (MySQL, Postgres) - A Redis instance (for real-time events) - The Enterprise Registry image -- (optional) An SMTP server + +**NOTE**: Please have the host and port of the database and the Redis instance ready. ## Preparing the Database @@ -57,11 +58,15 @@ paths to the directories created above: sudo docker run --restart=always -p 443:443 -p 80:80 --privileged=true -v /local/path/to/the/config/directory:/conf/stack -v /local/path/to/the/storage/directory:/datastorage -d quay.io/coreos/registry ``` +Enterprise Registry Setup Screen + Once started, visit: http://yourhost/setup, wait for the page to load (it may take a minute or two) and follow instructions there to setup the enterprise registry. **NOTE**: The Enterprise Registry will restart itself a few times during this setup process. If the container does not automatically come back up, simply run the command above again. +Enterprise Registry Restart + ## Verifying the Registry status From 29c78155486f59212d49841eae88fe1387ce970f Mon Sep 17 00:00:00 2001 From: Tyler Jones Date: Sat, 14 Feb 2015 17:08:25 -0800 Subject: [PATCH 0398/1291] Update debugging docs so the adduser command works --- cluster-management/debugging/install-debugging-tools/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster-management/debugging/install-debugging-tools/index.md b/cluster-management/debugging/install-debugging-tools/index.md index db8a493c3..d1bffb3ec 100644 --- a/cluster-management/debugging/install-debugging-tools/index.md +++ b/cluster-management/debugging/install-debugging-tools/index.md @@ -46,7 +46,7 @@ Pulling repository index.example.com/debug Advanced users can SSH directly into a toolbox by setting up an `/etc/passwd` entry: ```sh -useradd bob -m -p '*' -s /usr/bin/toolbox +useradd bob -m -p '*' -s /usr/bin/toolbox -g sudo -G docker ``` To test, SSH as bob: From 0dda4ce1e356837520ba50eb280c565549a689f1 Mon Sep 17 00:00:00 2001 From: Joseph Schorr Date: Tue, 17 Feb 2015 19:46:38 -0500 Subject: [PATCH 0399/1291] Change instructions for the ER to reflect the new config tooling --- .../build-support/enable-build.png | Bin 0 -> 57595 bytes enterprise-registry/build-support/gear.png | Bin 0 -> 5628 bytes enterprise-registry/build-support/index.md | 35 ++++------ .../build-support/superuser.png | Bin 0 -> 744658 bytes enterprise-registry/github-app/index.md | 26 ++++++++ .../register-app.png | Bin .../{github-auth => github-app}/view-app.png | Bin .../github-auth/enable-auth.png | Bin 0 -> 111452 bytes enterprise-registry/github-auth/index.md | 61 ++++-------------- .../github-build/enable-trigger.png | Bin 0 -> 126278 bytes enterprise-registry/github-build/index.md | 60 ++++------------- 11 files changed, 62 insertions(+), 120 deletions(-) create mode 100644 enterprise-registry/build-support/enable-build.png create mode 100644 enterprise-registry/build-support/gear.png create mode 100644 enterprise-registry/build-support/superuser.png create mode 100644 enterprise-registry/github-app/index.md rename enterprise-registry/{github-auth => github-app}/register-app.png (100%) rename enterprise-registry/{github-auth => github-app}/view-app.png (100%) create mode 100644 enterprise-registry/github-auth/enable-auth.png create mode 100644 enterprise-registry/github-build/enable-trigger.png diff --git a/enterprise-registry/build-support/enable-build.png b/enterprise-registry/build-support/enable-build.png new file mode 100644 index 0000000000000000000000000000000000000000..0e507d9d34db72e8b5ae7510bbffa2bcdeae04b6 GIT binary patch literal 57595 zcmeFZWmH|uwk^DHcL@ZC;O;KL-GjS^;O-XO-2#CGCn0!{;O_43?(Xm=`|Nwq$-eo% zzpu5|F0Ij+Yt30Qszz0f(R-hSDauPA!M}zFfj~%7lA_8W5HxTJ#sv!w{6PmVbpU}7 zMJz-_6s1H&h!q`d%`B`;K_E$_AL`~BDpIcmYTo$A2F9a;QGexB@<>{Of+}j$f|Vlv z+JPD#zUXWZHT^LhiuMWGf&rR-`Y4=O6 zLmBs(td84hU?Wv%G??7A*g_=@Lb$I8-=xOI(-=G;Wue717Sz}8t=T#)(P~5Cgvs$ssQ;-MY^3^K*7Vi5)Y`5`osEW z+vUTL$9b&eT^l1L$qDN)ffg}@qR266Si!hRLSJEqvBVKY;}}ZRX;4VGVYT^?7NOc_ z?8CL;pZ6R8B3$mQ9ym4hR^Qj=;Y z=1;mJ7E)w>cPd-FiUM(^)SweE_q$r0Kxb3|njF%jZu+sdP|-l@dk!TZratl$G#@hT zU{Mk)SU*;TN(=~?vLwZ@*gis(cq~y0#FaOj6SZK^ZpnP+_&)_=iM*0k(YZtW$#1`& zhDy9XDMr-Pc+>X2vecJ?$8x^H;W$bzZ!yH#S4eWDpc zhpP!ydm&C7QfuF!gyd!x69(M74OMf;J@YDBnX!OZ}fuxa5GP1Ef7%&&8%3^O( zH$y5I)iw&JILD+CWgOb5mk?JEZ^cdnjE6C)FsKMOqiWO0@kM^9=cc*kQ-$U^2=BV1 zjG`iv5c>(MjvLaL_!sAWFF|O$ybkn7O^k&@x5F`jmU#2sW1}!C#OMZNqld!xy-w^m zb#SrJXTFZB7-v7kceZgKL^=50>i3W%NeYgIM2cI3z76G4?y_^qf8j1nAe2V=DlyW& zQyqX98oP(DnnZm6iUIyoO3_Jrq7TOSW-sO{a7x-!wEnGS&Z7UD8<9;@;xXz9sJ^#Q zBAMO7cxO{tSa5x*_&hMylC-&VQHZ48aXz`9Hxi&%gnng9f=l^grsEmGR7w;v;E!Fg zrv$hYRpqE6JYlbchRfG$kqRY=BH;%&3@Dy_HodvxdY=lJ`tSmGLru7UJzYF#L z@$HFfCt@C*iWV`fXnmO|D)p-c&h5w+;E94f*ZkcuGyN3WSWo#HaP&hNJEzy)-4Hfl z3x?@;*sfULI5vcUgacME@&h4Or64hwMQP&RQiXAgQY*bxMY|7$W}BW4<;ae>5gLkp`Vr2BO{7m+<5gm-AuBwzc07L+y2 zA=4q-o$H*1?XD9~mW|xC(6bple}q6nQ(#kEQ`VBCZJuEMH4_e^cQAi@3R*iV3p@^a zq;n*HBu3=-NS7{8b|iKTcJrT1KULZ5=D>f#|6KggJz4UN|K0w(Y2_N#Yqc1qSKo&f z_4Au_8{a-wc+`6^s-#;CUYJraRi>V&S*G2m7NlLLma?<44X`z^by@bXZCMmga(%Iv zU;o+#lZ@OSjWzJ8hsK27^w5O8;;2loa@LC01;m@A+oIQ3VwPnjXwbZE$4$l^htF)z zP!O-uU)SgUwW!3R2)B@1vr?l{_&j#YbdZ7GnV$BC0sYr0{2$Uk$h2yzJgVyEgHssTrIPvk46l4Getx5UmW+)Nu9 z8?g0iN}@}?+r%F^ElMvM|FZV_XxkaHv3-(qigIRqCWy@X8kPg&#Aidnb~&t$*Q z!eVZ~PQibITFej5N6Qb&*Ot?k^&Bi7L?6UXJ>;yn9b&s?8)nisT{2m+HZ)?MGD;SU z>a^R4QUUvB(4+Jj&7Oj$-zn&D(M@(T((?tRZ2EyC-0pArpmH`vQK44 zb~Ptyt5IlGp@pGXXf>o!q+)TCaf`-$T?2&U_?_Y5Fba23>Q+MBP}ovN(4b~nqxN^2zBagI`y zGnG?Iv04}@JCD_G#BQ8zRKw*^3}o6dcM^*wD`)jd%1JNA&7I5baDH#L$lBp3H(48$ zno7u5;1QfPa2VP!R$(iEEx?z~$s;c~l)rxyiKYhUIYu_lnd=(yQOr_wxD#yc-I{z@ zX|B#0TRUeCUk-53(bTM9LSKvIFdnLZs$b7c%*1-gBZVNLk+q(YlH1(3M9W6&2(2!f zPkV`P(rxde=m)%~SXegwFt4q%UJZ+M9T`!7R-(Rsi%7_}Ob|!VGL`_{8SOVZ4?%j1 zxv#r(1Js|p9J?;4_aomw+$S}w%G>Rv+C_^?i)_r z>$h09&4-_z{ntO9LD@FRJyjci9c^<*Ao6|nq$>wkAgbwL88@6gxSX)u-(;(KP~olNM>1j6)87-bUXHCgWFBc+yTWD^zYhOb;<_PE1 zTf{80ST@TUG))(@iLz>l6Y%h#;8E$Hc4g!2l(gbYyqJ zx$DZ!VLW6pR6D1_j8@CFR3qoNOa*_d^oY-dg$-bcOhiw*K(J=o~c+LSVxGt z{!Aq>I$rqxfG5rU%zivEzrKJX2~@f`kyKM4Ac6jzs5#*eqG+Yd;U&Y8l=PP$bWX%iMMW3wIti% zem~WrZC%q@!+W%`;C`z;YTM|#y_mB|+gR${yym|e@NL=JcX@eh$>qSXr(GsyjcC!E z&g0=B=0Q;4C!<%JkMilnhJ|y8WB2G#*%0k;ll#<@&S^u<_YH+ZLC%IU_tSHIFkjuh z%#p<><=cwm$@uBJQr9MX@9_zY`STU)qxmJ*yyMH|pO@0J51p`MQ3bc#Rzi~P{SNti~L*j5L%F|{PSlSQ~%3l474t28nI`H>*fAJ zWT#-i&tRaib5J%O7{}KSVN3}8MeDA@pcMuN5iDla-eEg?HL%D$QHg|WZ|~A55DpS3 zE6Llt5%2y^z*fTik{1-^{^-iz_vx324VvPP`nlM|dUKyIXj#glyfGj@0LUuf>?AcE zK_G1MmtQa`d zkEp4mv4e%3lZCAf@k_miMz+pQ{G_BW4gL4ezxrwFX7TTqY#jeK3owxJB+k%f}zj zOWOza!*$o0j>ne**O$Lae@^SId;Vy=*2;R+wNyxFHtw=|dP58bCn*Gu9_t7BAD8(I z{<8%(lf`NO`Q?A#Z;=Iu7rKJ@L%BChop4kjxl`zBkAKwoufkwG0)K9g3k>QD^-_zP z!asZRQjQ8V3-jNN|3^PtFe$%)*gElM_N4xY1;F!A#P|R4@V_rp*B~+d^4%b``Tu0W z7mx|j?}PDo(<&K$;3Jr}2Hz?FG-8;32M~WU*&rN45%g&d$?Eb?7Wje3djF~GaI*Hm z5UVu!|H%B)3@CysQ2ytny&?9emKOqhAI@1enecCO|7{E~X@Bba{{xf8w2g|U<1%Y% z{@HnoEQXK8k3}|1;E~|itvj5ygv+mCK=@C7B})Z9ZZ?q0TnuhqyBd7GWR8?fP`((oR={&2S zvH2m4GLu+Nbhv2_P+Z8hkX*88u0MPYWKY^a?Y2L4bK!tQ-6W%R1w1oNIf_J6qc)7Ko-u1Bv*mDzgl zYXhHjf^kjq2t5zV@oXE=@X`kO2^@#GxB1QoDsR>z#=*uMtq2D3nGX66c0zWK+L?jz zx_rIA8bZ``xA(oY;jC}ow)t`S`H6EhMbiwIF6^c?cX|Sm@t-TgSj<2gPH4u@X`?N- zD(88JKhCFm*~fFL-$^E1>Nr{3=JwZgW3;pEV%ts@B%$}kXsP$1rF-qLz*G_{=R?8z5`d0 z26;T+FAJ`?w9SD##z2FG=9%k%zVsYVUlKj_(2ZeT*+b;7*S2j;`r(z0Q%G6r`?zm! zoR3-m%(t&O+=rgcf@uGIHr7WGp=w{|au`Y$ZLoaG=zH5g)2uoay=Av%*P}Ipt$#O` z5)JtIMG^1N=S$wb!W=!ox2K2q#-l)1*MRe9JzW$)a$U_BXFWe`yCM`d|HBuc!P_zY z)b!jp$CAH(O*D4+F!@fMAi?Q1`m9j|ecK%DVnGGTC};ES;IYqjeX*97Re9%Y=*o~S^7kfUyI66e^5d6bP}R@&40a+fM6IW zhAl-zFbKILT+C{Xysr6=qk#+^Cm+;-UD+@-RCE?_gzT;ve>jzkzesB;lcI0dMIf7>3Yor2|7DveTRQ zunNP|*wlc44E@XVgexu{b28XJP8L;IL=}(`Vb2y<61d!w$WV{c)3L#@)8ya~PP6k7*HNsb@U;O67i1e5KIA?6A+3ded1FXVYmEuq85@m)32) zKH%CxPl{DpkA2L{`J`%|qU%zmKhaaF1J3BRiclWqvCX^8ttLD(@rBcfK6Y%5jvJqu z0OI!(O2GkK#ZjE+>+2)}g&C+|av7y>2?_$ZykCMDNey{A1h}pj98o-dPjD#&vL_Nc zJ07o>eYZcmcEO~kx>X{YXE?!xONbvhjq7ul!>iYteBu%7!!(tmtm)Ac<3nJ1W_5y=AV z$mv&E5k_Jt`r78#*!hD4lFg5Yw(1)+kcq%Hv9l6@!eIVn@~e;L`^jR-q?+~*I*<)| zZqq?@N6M&$lk`ViOiyU@GGLbp=s`Uo!!Q!PAxmQp63;bY7<^)(65Z(kMe|K+R^YNo z!MfqJD@|BNqLkb=&8o)0tFCySS`EB{3K7%F*{KB#W+LgMpZH}Qmdm2^bPdpnw22+= zSh{(10-u}JG&8QH>!$0|S@utOZAmIfA-T!sGOivRTsFUU^M6#&h4Tjx3zZgLu#t+J zGB%tD2jaLO{Qg3Z`Jp!nXj zlZ4&o%hc z`i{!lk+G!6SIUwQzjxh)Uv&#yl}i`Hg2bmjC21c93qF?<2q_tTh?)v!SG;p|?C?rY zvx77+&gsj*Pug2N_Hl)#8oym9dhTJ6+xv4Q&pRf-tFtjPOeR3@zah8x$|8Wsgl>c*cB#DxErmk)Lj_ zC`1;N@ocV_vkFpZDofVa?q{?2vY9HquvllHpFrk4V5+_^+SeT1HINYZ0|Jw}u~|~= zq&z%~{B_N?mTd*!yK(pJ&mjUD!=aT<+#IH*`U2GIqs~gvH+uT~JnBTR%)0gD476~` zN-^ZQz7nDlp+DSB17JnVHs3b)C1~(fr(@Q=&f3=8uTVmKmLi)D7C+>FER2`H1XW8Y zIj6O?xOBdwltj%voEo2%KR+&S+i&ru2h5}^NdmV|N3P8xkyKdz+BS7iL4|bapJ1;T zH?MPVLOI?U)GUTWi%v4JQDNbN8+3!|$wraNkyem7*A+66&63`XeXW= z*KZ8=a%6N8zOjVwg_g_J)}=wx-J0Zt;n5R&^cSS9j79G=qd$K=+Sq|EV_^7dj$9hP zOWLbA3R%#oLmGt5r{=ZBL_2?KI=KhDe}o{N3$n=BE2p`ZrhyETVh!%!z6)DxB5C;;LzLhs5FFm`=R8HTzI zgJQD&*So(5eECfNhVVl4vr`h56|%c2j$(_|rO?_TH7kgN1UF)Nkj4 zI%JbJ3Dces^iIH42`MITm<~5YEa>ziDtF#8dd~LKq#qcWDt;4$A#g(NHx#xpsE#>A zNf_q8n#mcI7}3xTf|K0n^eBn(eOOPb<5WYZ#!y5bAT`p*Q~kR9bXCKK@s5lq!k)?X zn+##bCdLY+kQ3KhD47OscQh-Vy-^fmrx{Na8mf^R=1OJOBOO>OL{7|`?_87J&q~P+ zB;CKP{KJrBk{$f9)?g7pc*;04MNH~a^F)xa7hD5t*-3TcKs=p#?6u9?m>jZ|1F;>_ z@?I2iVd-IuGshyk?&8xNReNQ46mOT;`Je>Ph40*F##6CRbg`mgmWm0x$*??dkcxEj zvba={>C*3z_kSoq-d+?44zd$6l`nuv(v%(e%MBmj+&0_10+u7hM;*~=T~`9y=4^O( zr4ABHn)X%Se>gK4dMYINNT_ov9hgIPFbU#!pNg3Qbd`6jGE&8nGP{t65XO+0_>r)r ze3gn6Y3D<{w)iX(^wU375s^}%SgU)VxcdWqTcP36Kq zj5ElwG7%BBc}$v?zsYrfr`fRXCKN;4j1vQ;jd2D1yA~6Y;CJk zV3WD~h``VjdcfR)!j2&pqo=Ec&N_p`vr{$kJ_t*#hiz9dv>=t@Ywk+e#2K(};kZ*l zBqB!!E0XLw?@Cox++xnF2bly9^a-<8LxzJS6LcbRaSp8xe@+jH1S$=Dnc<@ME>AOHv%x-j~Soy%1Vn)pX0%*QS9$1M6a@vLwlIyztgc3hEJ2 z@rPmlNTx)Cah;EwMRvq44IAW)x1EeWt*bz?wIl};W-g-CllowV(*13NK&BJAh2XIr z10!Cs_H`TLf$BGdjZhZlZ-Sb^Hb0WVcz8x!%hZgYkCib@oLQ%WwUQPq#*bi8ZrG)8-#I4H3vRR zUs5`R^a2^?V?x%$n}Ib&)mgmnHjLQ*cnt6d)ufTn7!t*^o^B8?>b$G1_IG|qeBwD z<4wkL2Ptxzuq!4z)!29a$30X(BZ<_=Ok~-RnMDp1m=&Dw@z+YKuY)>ytEjU= zwR~-d1K!D#bswfnz)Pu>Iwl!>#RPN#I zs$(EVsxea5i`I{4U#W=3UHhcTARsbz_~b_#yeM~Je#b#Hf$#{+OeJ&E#o5HXmnjf#CKOC$uhF8S?`fU(iykj;*V_3am4J%;a^RYDwOMS9?IfQ($$#$Ym z>E8}KNPJc6WDd=c=}26Aase(J+3OV21zh> z`%s1#`qN?<%E#z)3IZ-*%3f1dwlk}dGmg_O7N6V!k#Cm^)9Jdl)yv){c-yPMGKn&d z(qtMOBpJ?Vy72bbEOa`#LEO4Ho^{oTFhZ2X5uM9CaDa}&-_q&UWrR0;Y2B`hW$Y$f z4rbf6rG7s~$?GCRxAH4bh<=PF9GR%Ktj{oI$Ie)CQf_g5O&Bf0U_<*hSAC1?CW5qb zisZLUl+PU&aU2|027^NucObqED+1j?mw%$i_yL@%_Y|1_|I;Jeu~FX~GY)j^nrU~R$Snej3|ALKOe#2{)n zqQ!3#N(nQzbO9ia%V}NKI6VSt5L)?kcuI=iR=@eB#v*pe;xCU3`os7c{BLK@4X~^o zdU5PyzZ)m({*ny(Y0D4fb6DmtpTaSH>(xr#Ox7+rzB7{Ye}^!tIWMeiXofD(nBQyO zd6QIrvxC#$x3?d_gwxy5ce1!ZXT9(8q2)=0j=Ng*C5=-ODrC7*DHh!0dL}|dE$$jA zA}zgfnRnZcaH<&M*)L;9QB&Fxh$C1`VmBhXX@TkDy=HlgRueS!(_56}IM^kOe;;tE zNIq+`PfFX$m-sur!bAueOb0q`J$Oot(9=92Y`PWmE`_^#ovCTW;A7Yx_dusgx3x#j zKH%6E?tiKF_2~lByQ4+p`eZi0Z@R+K`qk)cMW6y1yLl9nWNAJ&8Fq0qsGa^cLhmB` zDV%?+JeC+k?6qT*JHsX9F7$!skiZcgQbc8O@cw&KwHV&FUVE>oT_Wo6iyv$DpslXi z-tK53{&p}Kd_)DZQ>PVwm(kmEMnOr7y{Q)1j=j3VAtTn6ab$c#;@FNUt2i$(Mbz zuWwSX=(6l6=7;a6Yu=cHz6cLC7vD#$C5?aJr133Goc;`ghM7>WDPdg1fuwJVi(J5{ z;-FdEhcJE7kVX3TEvfX3wb8&;Bi&HAhJxqZxU>ZY-|d(pjcA&iOt+E*L1#YGj`X}u zy|w5qkb+DznVZ$DJ7~?bq=cbbosc(gXL>rUDjbn7K#PU5TZ7lY1>nk5zvj1QN_I7E z9fLgfhauca^=wp68NGKg_UcaFK=THULdo^|WVj`VetPOfBixk3HV%cjHXu}QvC&yn zu3!0x@ayxK{_hz@3o#s!dw*jr-YMGhG7TFx`+3_bP|SUQNS!hYlm7{b?QMNbyng~2 znnhj`i)OXq&|*=XE{g^jIx=`~3*K6j}qH#6QYETnhYk?-whit9e&Ws9{}+k0|h zQjLdI6yF`3?kYy4h0xzvU`n5V7m6uLV#?EtpP)UYUZGeMh zs{F`3=1|tW)Ac)QnmO>2WJSgE&UFhM`dD}{_2J)#4h=ZgEV|qSuve`8ELLqs5etF$ zb^S7dxu$1l+xK6J&f{{N-bapE5lph{j$6HSP5@dtoH$z#V;RIJ3v+&6&-G~DtyKUXY<-e*=lY7DBZfS=Az#xgKgiWQ>Z4f^^0^!H*u-m1*Q+hbfi52I4J@C854okNM@&u z0)D8(c7~(;&B#YQtFpJ5x|TnFI%E|Cs7G2<)R`(*A%YBb(!3)ta)T`FEo_MQ{*n`4&vLSlc0FHUxczjqZ zoo7TR!hpHuKJ2My(p^T>>}(9S*XK3`u=T(?y<@i^?6!jQ4sJ z=N5Eh++}Stevj;E&ZYf&%X_HytQTwvNF@}fKAX`Ga%SEyY;RHDNzphl@f}u;zu)AW zuL*ck97UK3qNH!QdBZ&?eOt~U>!ujmhi#j{zFb{UBhmACH6KIhu$z~XyhcoL><59| zLmn$BsBQi8U4G=Pb|01C(`gKI4IEsUzyPV}!F``4iLtX2@sFeC=O;~^HpLuZ3;SUg zdQ#QHnt2)-Z4Y;zT+x!yaUYgJ(T$uM zHZ6ER0;G`^&_}&WCFoG=i>}KAqq{T&>SLFQwf_GIO;G#|ZNT}Z`)1^-s^W#>a832B zv$L4?r%}=OGov`>3JLwvHeR6TL5}$j>VcpelKrx!Kx$L!g)%59QzFX&TmVFfIh89( zt!0T>1W19IqZhopqiG!g*JEZGpV5e^47Bt_^{|X_`N}0pTL(;!8?T?XIGb_%pxl{Z zx+qAKDdH#+^s2BDiQ`TE6>MA`dPqXN4lVU*FQYwvbT3d^D^THxzvDe9gV@vFU@0MA z1~>?bVuWJ=f}4jxf<6U z!j!7$*wEUhkmS7sOi_1gL z=i`fa@GW`QbJI;6BEjnbiNPLDsZJYWQ1D^mwSozIc8Y(IdeMAxfw+?j4x1)121}s& z5tdGXj?D|fGOcO;8BK-h_cNOq>;(lCCdL`Wv&#SUFjr%Ad)4G!j3$zNerV&LrtI^u zPBe@py4QMxJp+&~J*06N7hB20xT#^}=eOY>+cmc`W+Dy96RXkRw1uZfhC)cel6~=5 zV3GYbN}(}v4s;QVD1T%bh-b$j!=w(<%rnEZ{9RC2ZJTb*u40F3S8wK*pMptb>&{A$ z@}x-#P*gUHvP=z?Jd7Ya5Hm_+wu2eHQ~1UYhQV${Q25z?RI#AJ2cstFi+4Bch=|f@ zolK}GM7hY;$44%;fXza&X6+!t%2Gj9nb`;iE(C=7VW&yydYyLecD-GHI!kFDIMz!l z;Q2Lc1P4K60;@)x4AzsPzZ-yOUC8zvRtbRrm%t!l!BYqnQc_deyKTft7!6}(zZ3aE zR&=9~wV{63l3@8pE~-zZ7DN4JdVlCLf=RX6D>gwxDrBKo;)0an9Yqd{w-EurckD>y znb&ITVLD+k=s^xfCVAin8^a4Zm)-r2_Y%M%I>O=5DngsR`G}*G^mjKO0<&3 zPCyvk?Tejxy6E@dkeL?d`y%Z^|$ii!95@FoZfOl8of7FLLXPSP-2J8b9y0|J%e zb`z7WpyHC;0PTg8t9aN?bmHn<9`u3eY?<#2v1U4@+4}&5l12fg;`Km^cL)G zH<($V$ya@@GhYapIZVq^#NI8gP4)hBGuffl;`F5ZCj&YxvJx=#Vrh(Z z8|Vj}GZPKQI3-ZkH->N38a1im)XYNZl0w<2K9JGEm+yqBT&${I(D=88G9xcm_`n(X zbYATp@acxdhlH9|p&^VY8jQ2zUue5@@@%CV8itk1s^w@?039ZeB5tkGqjAG9f4D`avWw$NtQQ7&tsQ7 zMW@2_^u63#g)_r`Gb(kmh7sIWImcKwl97keg~yNn*PEja%|(8ivN;;(GG2 z6@^JEJlEjD*EK=RyEI7L9@4)BW2w?FG{3T?)+;!^I@m;TRL`{wn$QWTFO;tYENOoq zxHMS6S!WW$DxH)5xsAL;+9G6t&VcR0jPAEmfBQSM2*9~BWeke_*81P9J7N?d8WP@SZq@)&lsSwJ$V(f$*c*Ot&A(TyWw=G5DC_Xln7>;rVyP zLc_rHc!--p{+7!8-3C(~EFdHK|LHKi5I-5~$KTETSH-D1K)n>|o|;;Js(6GI81l?G z+_%4v@V_QqmH`l5Bz$kA`|+oWchda86^DBwe+O#*b^?l5K)t<_ddX^ks`x@y2&~ZD zMEq~3__nWLmm`gKohJiWWSgB*Kh;#3b>xb&y>7BdM!VoJlXsI zo>nIF(#}SJ;q#0#a{JRz5&M&%kAS}qJsH&clTC;pTdHtb%@9e6&i`l@Iu1G*yfT3h;~oQfq-f`ne?FasO-R|IR4jR{sC%x-aYJf7j^C zM)7}XGupyeZhAEL1Td7(PGeG>3wG`3GIXZ^^94u-eD77V?k1iR@Ul_?wtX4UdQ<`w zn=znE^B!`{WHq7yq#d|QW?9}>DS&K3!M#sK9C4YY#W;rF1<1+Id|$L%fI?2H*;F(@ zjsaW;QwJ?Z@aYCnH~gGXmXRxILusrM`P%)?{i+zyxD9p_MD{xZU_mB_wN_9UW__S% zBeUB3DnWb=an0PX7uf@ig59}0x&e$P{X?ws3Wry6+-@v~{brK?wFy(u`AboNm^bFU zuNMQhUNmj^rEZmfV?RnNS-)tN; zfmPx=9HWcYapSFO0F-zJP_!Pc7u)wsn+2lWTA^OqDXdp~HqUhD;_YNu&9sSxD?sV4 zHR~|mfgrj8k(36tPq2<%qi$1 zAjHKWk>o$^zyRPNJ7SR`HvlxdkFxbz*Bthk8X=iN@H})*wdizUq}` zrUHR0=Ifh%^Xx+v;)(nw7?m1*rZ6 zj;LMWu04zo>LDWa#hK52fy|R?{sl=&0ob{?=@n0z1*E5;;a-4zO!_4MS5sXc4=NnnoUDC+fb+4LEf+UE%ooEm+8a`s%uA!z9>%v;*cpf*_ z;9*ZF^vxbxRr)H#L~iAF-CNZZEY)t!pHfRj^Kq8*@B!=`=e$*AjQ4@@x`(YHihm&) z(r1V>j-OXbW5Mx;F9AMcX3O*70(6$ENc3%X5x!n`K&*xabkzQM$yb9+0J|k_p+XG{ z0o!RfAL^IsF>!c)ybiG!RX7JLHgJmyi**99=g;n2X{QyZfbimJG{z?|X&HdXQ+5@Q zx&hvdlLq`3mYN2Mr6~K`a8p#ZsCIU%T&UxQb9wmWngzOCWI`#T#~lg%i|kj1ad&;{ zO)Nz37JEdsjd@4t{hrX@Q!t_ZQjDzCIEf(D**yoOQB-&=3_w;h_;bglx>-WJW}<7d zd0xdUh0mdjd9|%)zoeL z-TO{JdajZs_vMs+i=O%gTu}m&8k%`!2S;ca-XDinm5)EMB^6buY(-t_TNU)Tj1OEU z_vs5XmfwF=-vM~fB|t2sl#>ZoeSJ|VT3AoS_PpW2Vx{6ZEYbO@0g?B11ogYfsp<^g zjd9jbfXm{5q*4&muAFq;<$k-6bj0~q8hAeql0yE~S|uK^Lh*9=l7z3kXO_uwjt|6f z%hy$G6D_JEpQZo=6JR1;pqBvQi0@fKRs*mwyJ2{V)y$%@7OAXNo3?scB6m)dSV&3# zlGx$E`%965P8mLNinWGf?H*XRZ^Ukr4CcTHY`5Y$KN;8ERTc1C=Ow9qi_~SZdXeF} z*ZD`$av)eWw#r~BcU5OyPA=wuo)NCJ?gowoIZ5#=fIoJrk+98G#13$MYP7KtCZWbj z9+Nb95u|+kUNScbe+_KKFqcrslbQf||4P?sw8;~zQpK-5@N$W|QS5^%(X*dgzJi;> z3-gkl@xnZHr-+fMg%ktQYF`$p%{A!(sKd4v)`@K%2F5woQE$zv&k#ourl?2~hO zCpN9j*r418jg*lNClXYpHV24Lkz$~!^|Dg1Rj{SeH9BI*j1GA>4#%Q?(lm$NFUp)t zZe&rD<&NURh_I$~6`=@UjkjZ-#BZgz_j+REhII1%c+q39J09zoACWyBw2;~p78Ly` z%(5?9#6cTsZ%=mvasP)-J*7em}@Yq=-t;{#-ty-ht@L0P!YEm`xY^%=poI;}VVp zq+Y4>P1Qgl-t7TIQa?SzbGUgPVy@K1`~6ycSWwNDMxfy;>onu>{O(3>i;d!?Srqv7 z-9{hpI|UTjzV?`pVnkH+I^Eh-Nt@v%g2XhtZx~Wfkl5p+ngY2Y?$bAB!vk8}^*{K? z)*Q25nD}fA@dq|S)${AolJ|<-;pAoa0)k$_)fK}I-B)e6#57BX@;Kf_J_#fq3cBz4 zdQ7m|S`ET7|~Tsmx3)(V|RxsGxr#}?Iz(-Oz4f-xyaNS8 zJHc^KGe$^+tQs-eG9G}7FH;erq6v&sXHg$`H?<@4ZpaA;XH$+vrNJlTo(cq{(V%>0 zvFq-3x)*4#N(jMpJR1o8;NnFa3$}+`eX-^*ue@0Vfx>5(6UEUM(zO;Ql}1g&S<;u0 ztWoN@xDOkQ^(M>&L!!fBW_%>5D?nB=C3E4BDB7A3*ZNb%s*jATX+sJb_JOP*@U}qm zq2t+aXt+1ACl;+9{1E?0|&6$FfcSWCi{s;8l&Jc?vwuru)TXhIxJ& zmh1otbOmujyTIZ|POUAmYY55PFQq20IcXCIUrx^q8paPiF6~Ug{?foQ8{deQFo+K? zc1P$mhUMgxwE<7^@P8egVd^WC*^k!w{1*^1LhC>48O4-%Quu_0=T9Xr0f8aU{N6w{ z1%tjA!p&fPID*S8Y*UC{&k5goLP@rf2E~jGneY~kxMCfTU$nGPFoP7)an}JAceNLD z^-K1XT{t%$LN&Dsq~*Za7QYqEg=0|k`sQNhZPPKnmVU?Vg#WfW_|1{7hozcHZ&2+5&Z~Sh0?0Ul_pIz z5qE~U!_>`I;*!sA-J#8`{eM7!^l|&ZiuaM=a#MmFMEWcp1N=bn?KiWMMF&;pv zE_j|coah?7L$e7%Dowb%GGq?#*rVzj+W8Zk1g+wE+xLl*dp)dnSTu#&Q~-_C1#fX4RQ+S}ouy*ON@ zBhp8j`wfM?CGI#XdJRbvg#rR;6fx7Pz9-vQsyHBJc0JJ~``$$LfEz{m#L}}wo4>Ns zov;^a9*zqWoqU)-x%z;EJI8htNfM7SWGfk}!T@$GG}i+Vz+q28@*U&CnB2Hwc9K-S ziZ|WMj7MUmG=A=cZJBo_89+oGMJV_1i)XWV$!;PeLKg~L6m^D6;j>9RH zFo4Ft4D-n7dsf%?W-rwzg%YTfb32f8C~m>$>Qt)cBwK;#Lio9Ltr%V820m{ zFz6U5gCmv6sE~7C?ZOYP&Uq$oVj_`%B$3;Ca~h2RhHy}&9tel@v7A?BKl;mieGiHO z>J3`G({R`TO~pJ`6CGJ}R86ixl;~2gOrt)hko}`?JdE_fb%HTt5U|TBwh#yMnNIr?=c_!S83-oW82IBi*9OmO zn#VfGTT6Wq8u>(_r`Au7W3tM_*I3Ll^w}UBcQ_*zti^pDQr9mN-ns(So0?kIIXKhvq5Z#wK@d7f`c7 ze3jBrG%6)r${cdOnXY`b+#4QJ#=RM4b3hy$hBjZ@=$C%fc z%sM2b@{?UbT_if9w(kAfu^U|dKivV{k~tGTl^ThV@r~f8N2ESBXBhz0cXL2b#Ro@K z5LgPYWa4@q)~Tl9dvZ`Lhz8ek&UgU}{f>(io5a1nD<=qqbC&z|Z8gvO0RR@In85W` z?0t5b3sZ?ioCzgqFVjkoyAXS&8#w4vykHjE#Y=947R+pq48sba;3e+Hr{eC|hVdy( zUzQH8WhLKmqvHfq1pVXb`|X?=X6BVx*W3X~dnPOt5zW1HKz4x+uOKd)3D*lr2n$Jg zOw_;L`w_eMT8r-~&dOm`_I@u>%yjAkfZNhJZF|^&7d!dnFbWO9rI6tU9>VSU)`Pt` z-{t$I7i&&pWzt#B0RoVZaCxS8gI0WG$_UW>nCYuxZs-(R{yTJvrMUwn)$);W^;(}`@D-zvR_*h2&1XGbV%<&-kH57fd%u^ zWM^AQdC=b`UY(~ccmz1@$S_e7EcJ9slZQvmy70%H7#0rtNR0~JfD#niTMCW|VUuU% z!n|zj4>`sL^aAlT!~0{`&=5(u7{Q=_o^mvK*Gt@<3#Pn-HD@FLOwzx+9F;c~5~oy~ z)L9j%QW$knK0w+(a`1(gv;ZBN%pH-u7GZTu&~f_x+kD#5M~_CmLKaThIc9iNSFP8~ zuUzc;gHJj#uvH!kC3PqsD6xY*7vRV|+MhW%yPo{iS*#P3$bo+!HAW8x&SRtYM)FmZ z$dltYW9$KXO^eQ|SWi{R9M2q^?m1>U)HJ6_vgn(Q*X=NnAILh_uY{G{J0jgYi&CoB z+OdsS+xb|9;^=63Q*Szd>ccJPSI}oY6}H=>+2fwwtn`Z2mto_CC2tFpFK>zDUmz0J zUP$_Hk5U2}U^n*8q%%M>|EYFCvK^+gneD@ux4_G!(%=nOKTGp)l5{-wgpDQhl_Sq$ zUt3r7QowTZVXk$Pxb{b*)T0qa55`13G59j6bs=i{*x2wbyUrMf;50Cct}-x<`ZBz_7{8%+5-z7_3w%BT`;I%EqrAU6;bi6=3BnE`BsW4Eo zDpe?C^n4(~KIRy<-J1l-t(WkwGz>CoP@vAZc^--^3k5@F>{+}Cu@-?wk5EbiSFtciLd&1?kkJP)E3}@o zEmtUy!ZGKZIUwEzy|XgZHp7FELL(r7qg+laOh(clgjloeCF)YY9yd+VffaiQuOCE) zI^E$XxdMr$2&e|{IF43E3zFKAtH7#Ra*Z|D*cNkCUeC~*=a&@b`HRx`E#(k<1Zc$~ z59;82v>Xwm#ct;i8wi8s?YhKAki^Fp$PlzP-%}ZL1oBj4jqIw{2j_w$AgR6BJ%KPf ze_NvTXY+LvKBJUeu8S>BDD|R8mxra);CKyD#Id<3dh22=9ZzPXpoV!7dbcimXe)K6 zSDM`%#Zd~<2+?}j8l0!$M>)D|bD${3eNqwY?_0gfK1(_>C6i&Cti)W>eG%#e#mCzW zCYZ6JBf&80u|f2HErOs_^=RGuW+NGX*0sTGT<1`*cpfItp6w>j+~TYumTf6q{7`H1 zXJ)}jOtt80GV!8?Mg#|G*kw7-fKxMLGqLI}6<}WzKoxL%7fV?B-NPwn4H^oowuM;& zlF*J7Bk#`d_wR(SQ;9|TNj%9P=B;+uOg+Vo@TW9+*1rnXG$+$O5}0df6*$Nib5nC* zb(|sysuLz)S_W2Rbcc1#G1EN>3J^Ap<0tN=xz^IU4hu>V)cguF-%6OMp&uf4tl-o?ltm>0#p&umTa;lBSv->NehK@Benf|3p&onwzD5ZkDaKomR|r zB;$uF70$M(fg}6o=;`0)kUVXu?3pJc^>mfB`6G_OE+Q(bMDJ5J$$@m)#$2R;3)2*w zHDQaU15~4)(-b1-d3SP5k z&d3-`28YWMorbzR{ls(4(&Xd5rv98fqW318*Mu#=+4=%9l_H3SG)Amo9Ocg-Bs>p~OcNbv&{U+sT%j z&+=r*Izo*MpC)heTN43+rBH3xbXqLz-SOB}tlm%dYseNgDpX)%#c>;ubqg{{qfhB# zVL-j9Ki6O}4V=j}n8@YlzK4?_vFti3(odK7JNBBeQYmflonMEGqWxXdePtBdya}6EF|}L+$gTAeGpr4(kwrt7P+Fath z{v@Pa*TJMLV_0(tmBH~nV@H3p?l5zLA|G|jitPvH`jMJB3`Xkw`=>~0F&<+}RY&x^ zku<9P&X^38l7{f}*b#Lmqa0Hebyj`q%KO(>piGO)zM3rNi*?gCmFC1wfIvJ&*SRag zHLA!;_<)_bm+iS!M_ZM|Xx417JGloxb0m!p;$u&PQT(uHqV++@ufJ`d#TgLY;!&ku zb&Rt=n28#mX3-8^PJuxEM@*}o`0U-SJ^ZHvvh6zduV3L}XbUZngRT`u#;nFuZ`tp=<4L==@7d~d-d2j_Cr=L<-wdE_US;&~g;?3j z4I(>NxA!F|>iU}T*N$GtOgO+Qy&%tzbo|me$KG)2?I^{+{%Afh-P`r%WsDkPdGch# zb1wz^ng2yvjj4nfBjg)VYrXKPoY7W{qd`C_f#x9FlDMtRJY3j^WPRKMUxZ(ju{Y44 z7mtdJ5}VMjlMm^-zp}cS6|X;{UwQ;;O#7|J>dfcdE9k&EV}L5Z;Z@q_dctk+hgTzn zD#>{1IGJ|!M-lTFy+%4zyAYW&jy0Dr&PP^g(H+H2^$@R`$lWicm;PjE*mA)A9pj{0 zNcwXe`!{&;Do@-iRCTnjewZk#UNmHQb4vN>Hs_%n_!SXWyH(_Lbbq!bDQinpy+VIe zRh=Ylrqn@)IR&0ujfVV@v2H&19OR>kq|JsHDm4X=<^7lkYZVqgL z-Lu8d7F%btD@ZUoVuvYsV(ARE3xQUmXsVa++ovOWL$x1_QbF#$rE|Z!1=BCPJNmz$ z2a|4**C@1T^NyM0u9`%5(WKhuiOtIdNNo_5x9RoNS7+kx_Q=RI*R7-z@A)Hvne z-qG{C!TA(pNAGe`^5u>jQG!~7*~tBEvM~KQvuAyS@ZBdG0@EKOM$C`lLu^S$qT?)# z`nj{lN7qTJFiQGq7#p#^Tta5JN6;p(aRjZ=L+*eFqB&;bw;t&OHujGVvsrtpU<WmFR>05f9y^}Y3Z6Y4YfE^_u*t@?y-!>L3hP)G? zNK>sZ0fATm8|-iJ@*R+rxs;FM-`CSl#qWj7sf#ZeDaXhLc#YKkJUu$8wjI#MBW?`* zav1)EJ}-R8LV(VpWvbBW5Y-{;^Kkk_(izZ>Bca*8mkIk=R6%I@5el^{GzsH8JjL-S zjNM0N3wH!>kd0TI7IZ+i-yb_&*tHm9cXdRGR{&N3xldxIy$6DPZnvlCZ3`HJP-yeX zCU{veQ-YG7$DmtHm~>7dc-_!!$N-*=*j36SQg?q1Q*>_s96{T0Al)$G)(nFfuwKYgwk5n|oLec`CDi!9mj7Bvbi@*%6e={IVY&5J%o^C=8BtmWZ+ zMs%gF!*u#gG8tvYp`ag3qU)@#MMFCh(5#uVN4F?ruG`ft-NaIUQEcIc;9jh?J$YKn zIZZj{{Fp@l%?0%>P+>v(z&PyJu%=|ty;Ivi^lmrJ6d6vvEeo4E{r&eWdOrdz2$4bok5NBq$XkRAbF`#7{)=WmaSkC``s$6?L)a;&}@{R}Z z`v_Yxe~6ux?n19V`!Sof+F=mxAa+4p8?!<)s1VEm37~x)Fi?l!GPEswK)OA{Tu_J5 z8_)71ws${_q<|o=E<%&6x%QVy%Z>!kd-uex%j7-ldhLp2sBY+*OX60l?y35k3%U%Y z3q8(W6dC+z#{xH|B2(B&Y1hF>7iV+YVZoW(cEnHh_cTiq!xaRyuE^*SwbU@lJtNw0 z)t=VSLks%wbzL6gCLrC2ZL_egoPTBVSx6;0ncli&d07o!y&?LnR#>a`_jBHrEd#Un9}3jXy2bmdD2 zTPYaQF45Nd5^$jmd*cXq|w+IDtxiyZE!)NIFobvk6be6jX7G#PfZNGLvITceo1Pq=9c7qE!bk z34UxN4dVg)4#&vK++J)7@z0&pS5QezmW{(H9@o5iGU6cIHc%iu-Q2Cl_U|lEw?h{S zuLT?N97F247O*dmm|j+3U?8&Rtg`;y7+Nv!l3tj`X1<`VMG!iNBMrR;QN*FJDf}VZ zwAJLu2OazN-d0kgJhQCl$4Xu=HZ@iW^Pr^cUT*B|H)+z(??ZI4MBde=SoL)!EElVF zY`2`h4L7NP%dgAVKif(=T)P{=R?=ia6p%XpLdfIKyx7Wwe{iynwCimF!-%W|DP$DC zPFg}Fuj}8G$wK(VS>mVgX?=(rX8RLwwW1n9HCOxIhUe?j7LaE2c7s&IBPA;?brDx6 z+Ao>wy2)T>s9!JjjqI@qr#u9zEzd0VHAeFn7fPM;wrx!xR0(*O@(*4^B&R~x1F{L> zdeVkgWg`)0GISJr-X$ZQNKCBTigWP&b+RRJi(#0VF=Fb&+&I;PeiliLq{5JhxT^CM zR!VvjE9~w}+Oy{1yhA^82D=!6e-w)yVarB@v~o_7yAWEIjkw)_4?_|_HWgAE7&8YMTS(;hxKsb$NB#EA*w;LXRhfs57X^!I&q3Ucgt zZ);7mI&OpdbXw}HlE^p}%+9j9_=w>)ph?ZyMcO&*3%8u7y$z#E$iJ`h%N@`4niF92 zbAWp4@OgX8v);s3WLRoqN5QMvM#i7zE<3v$)oh2Ok)Dy(2x&IWKhvPjFQlhKt3jQZ zx*O{Hg}g$K=Dsx$cITJBBN#}K4DKd|HU+jPgB%)5LWkz|@LEc$Z#c}z;I3JtCwNXO z*kZm(ti@OC!LG$^!Ba&bQAmlV{jL%^8s;3^v^D8-1mrf8;$ks?qYXM`RdR{_Zp<2u z)0q*<_5BB$zyVae0fu9ka2i{LVFa)CUU$DCyR##QWD2E zYk+7QCWxF0tMAxTQT+2D1j>P4aydO~icVo;FMwURV5MgA6Wi^$0^O*A9NlX4bU}$~ z6_4=Of8ATZoD6-nt!Oc&2-%5_-4+k0!e`wNK%fXuPP9vZ>zx|OHV0kfi@4gdXw^4$ zZxhWi8-8pAtO*1sW;S_?i;U1kB+XvBE%B)vn9o1Rw}IyD$9SQLDw7c4jgv zzoXKW`W9x8iS^&?yxzYKcRegc0u8!KdvRPf?1^hjaG47EN2uRzXsVYATHW%*+Qmh) z(>v%w5N5EtvBRz!4R&RV$d*e&^y-~?RwA$TE}xSQbr!XJI4^}0Aj-}~A|@jK@$~s6 z`Zl}*FSH&zpVTQIto$R$^D#1|lF#f6j(q%n>&R>o=qf#Aii|--N_}N@U`VzW`*{i~nDC(n$-O7Heg3imV2{>&8cQf z{dr*DF@2q*N-W5H3ooVDBH{g8>TID3Y^Enii#7Q%7p#Om^sr5}TnzRlk3D%~!hrPK zY9y&(CSFvNz!*$C;z5h47}7pgG{;kl3|%c$heekMxmOo}9>8|C4jK8qR8t-HGHDqG z=|Ihf5G^H#&AK*CY^HXCj1bO{w}>++bz2WURr%-c<3j$6|UmTlSE)FI zG+(OSB1RhZf9r(*#!yQ4Z5XN${DGwXu|LDW1^=1+W3O9&%QFZyC`0UQpO9LB@R#Ar zFC;|52Udr!HQ&HZLP?O`sCUpJdBKNiqjO34aB5~S5@1vP(3o!>JF-fx=L7vOa zy+7T?>~grzquk5jQ3ykUx->rWZrX~J$+75C^KLsqYJ?44GMCCz%Fq-KX_T;LO1J(s zfhR|O>c`dtLy0$pVjo8XiwatVrZ`DFVm5*r*?$U!Yyd@2(>b4{oCb_c4yv1SyRnMs z8KAlypy=N@YaBaRc3GtOG#gT}VfH^aF23*|IC`=VE#qR8ioNNN z414C`eXE>ZNmg&Bo$#kl>FBWzw~H_Ow8k;=+6+BeE=S$=Qj(tks${DGf-qb$Q{-Ir z*_!T#E~DagUD9)Fi%&w^W6AGm5zK;uZZYZ2S%?mN+-2pHI6}O?B|S&m43+Y&c}Sh_ z#+(`G>U}QoSq=IMmupL>PJ=j9IoU?3bk-4~^P|`FuI(nd(wmxfiNSI+*c3g&ug#E( zg~&=vOZq}8FY8cd}y+5^F>4AP6VZ%ZMvEpSnH^e@q%p82Bcw z#^~7NI)F@PUXPO@GtXHdR1x3#8zt(PL;8Jih(=@K&-_Jci7NDB1**yhj;Yv@?%j*s zf;g5aMFI8^Ml9rypznt6P5}-HpMOt2G3+bDqV`ho4QGFGPiJ~J zDch-5adHr%(8$6-g7AugW4&1e&%oggA)Do~45`6Ma`9O0+U`~F9O*3`=l+HhWnax* zL;dDsur5Iij-(kT5rcRNx=o%?W)7b^ZK+% z5ry>kemkzE3f^j{IN<-{tEbF4zmthEnL~3T8qV|}NcE!kKF!ad^tGm^a65RrAzjSG zW@lGMaxw#|I;?LMAqEz}QKnP(1M@!Gm^6>lsFRxeQusslj>c?J{$p^d#q={NQT>QF zed4@hCg>9L0l(NvTH5H@BPGCw31P?gZHeMbibs)$k`xmOz8vKcm|WoA>q8`cd2!u^ zKe%+HswP`I+~mS(9sK~Uhgs=2s7{qb`N=6*{kfW-V#BFdopQp0_CxRNHaA8bgVRN9rE^y zxcXuklVJ^INHV7mzT6!%=Xq-v4I-`GDh1@A%~;tYS}Cz46gv{6ln#e(BEx4+Hc(zX zbSZ~IgT7V?DZ4khtfDN8fx^PP{TC6QeO$a|8(bq*%1us+#JAKIY!)s`^4uEvnB{Te za&I%u48(U1XN#w?pIr<)*%oZ(y$BA~kji@NQgX(n=cNcjP(uyze^_2x+21pl`&?d}t3p`fX!MF7$&pB@{|Uan{fE5E}VO*L~8P`O>Gg`@2}10n$~bn$bxe z>!T}V^2j#w5+O*`(@Dhm`wKJ&W$aq_y>46=QBAHywX>x~|(!VCU{&H<--CYPj zo~V#n*h@7W9v9t)G;GFbOB*q&&#S>tT8zKzc=B2QvwZB#)yy;L&|DA{TS~zYdprIw zb}4bA&CxkDCOVbs-9!cl1P7E!eqE0dCmB851J^d4U*p{$LfIu~DMO2wNvTox3dBq~ zWFa;;+_QCIix=ZLW;P+Yv=nuVEA;_gdbGTF$XXS+YwLPREX(Bz+vAwLU>Y-wYVyz5z>Y1bu=sj|Eu}F0u z1O%0^?A_%$GAQ^+Zu9t$pB1W?7CZL+*D|wVsMtafG)BmZ9W=iZ!nm7uW)!RV&1D5D z()CdM%Tw6yj@ABy0=Li9x8}I%AoinMF>8Pw44dXgSk)xE*zv`8fCT#ynGIk0$B$?f zT%FaG7E))nEq1_vDF&q;+77b}<2iVmZH?1$ocdLb4ks6}v!Q;T$?r4H?{jdL3fM~k zK0mF}s#L7z%xVm^q^#v62EkaxZ-k1ylWvP?_8haIOORzLUb&)dnDF*oH)1~R>}gHj zEz!!Yl#7PN;GmIL!C1W_qBmAN>qzydc0i&<)OZ~kc<&5o`_BCGdNPs;R_^IU z@xmtzYzIYd6VnR7JN8mJz(QB{!*<8h^c>3=e&1Wq_-{9c*c<eT2W>kcJ61`$}-?{r%%#yS{%-3h=OI`x`?ZjP`Q= z^{oFd1E+}`I$%@99I>YUlmAuhBjEg7o_Ck}lLt}(0r;c(XM(T6e;wYx=E%Q4W*2~Q ze-R`a`>$XBy(6W61B|j9S3&ZB9qQi)w+z^7U9C0<{(18M{unlDus1fsvJUf4XOkxg z*cgui9l`&c{r{YAF%0lW`iW?*KjN@m0Gj%Ac8t}(kN=-X)}BNTxGt$PCglEo82|IB zz??Y-M!%`{Ec#Ew@c(yd+Ow9GV@}eC03z?^C*`*NvU0oDtJyFzUv~wLOu)#K3J@Xj zT2@~Hf$R}jEXOW8CGp2Yw4i1C&>KwxA?;CmBm;2U z^ouDAoplqA`5gDGJp7iRwDb7m0r?{!>p?77<@&^mt_Aa3=H7)tb+6RTTRxA3I&tE@ zSdl-ILkh>jUv_WA2|s`P*m}_pjYiC-Ui(LQJ62@7*sDB%;tR-{ex&&TWW+4m(pORIzfG7r7WAyQ#hVLJN?oO8Gc)O1GaqlKJYDYpBT!y~ZqhNmV_!ICyAVSI{4{991 zX$ai__7K0SmyUg_;(N~6my!{Fxc$k)IHAW=iJS*EXtc!(KOme2l@x{=c%rPtPj?Gl^;5BPQ;J~g8QlN?1^*7rZGiP#P?F^|c=gLzxfC!SH79H7MFcAT z-fjRaBTB+o(*Rw`29QFn0PYVwU5kY0GG~DN@)lMOY_kI{y%ZU#oL743e_nwATK<3l z-&cpajNiCyZgv`bVeSjch3;2($kP1AUhUkQ|AHa&if-I7=UsO1O55a1k|6ay?NH=h z#?F831k6pWS-`s$ns`ar_PR8}12F`2@U=d+W<>C$1&FOX09qtp|7VfYc4)H4Rk+Hg z{W6XzfKvJlpzZ+}j~{UkkYBt3lvNTPH1C`r0pr(ii%*I*zX0Ixdlw;GjcYxU%SwRh z#jgvd>;qZ7JVKRuXBV)x>mPR*eB^)tJqXjLz`ZfQuYPRi>5UK0elKK(TM2$7H|@4l zR*wg_aJWmR_Xd7h&E^8NH8wS=ds27#fJqEkg1?TKo`++=)+gXw%U%zsWtq(ij|p9D zYGj>caMLc@+-^^wGhLH^Aq88l?pNFIEgQE|#N*e)9Hl+pKQ3voVfB5nkRT^;S0J7< zJpzco*22ltS~{j7U~}PKL^|g68^9B{O`aLF^bTV<0n9N6DF1NMDJ9x{U1*{P*G-~N zd&>PrNUSXmWHa=Fy}$s)Qcc^K{%^p10WF&eWcYXEN4o1Tv%dMyLJmt$wak1rH2glj z(0wbSK4Brx<&aN)^q;ghf5FkyoK_gUi@h!8Z7rRq%z#$juia(x%egwxLfWhXERauA zCCVqbCRvXUb}P?=&HyfKc7`m`6EJgLL|X|_3L@hIlG!0rtEG}>s_w2zSpX5Z{P%6W-5MU*MKtyu=Z#NJw6irGlryDqyWcAzb7+SgVyYbu z6MbBpqYHz0xe$F(*K12sh20jp+x!IPa|2C@-u?#L=fb1XzJpo%5z2nD1oHneMS$5t z0~HXUyl;8@ETj%?MlD13LZ*AS_VCklCA#W~{&wx+wk&S!s_*?EXVCCqHN2qZDA?6# zo-&&x6Yi>P>-z}cm{VuO)jz)_VQ>T{Z6PZnxede)a6Rw{JT#bMY(9i9v~oXNUqdV3ivMxRu`gNMNY%k2I2ohT(0TQ?Eex}G;-Y~es17Ot9+Elkn0JM3(zU~<;T+}KUcGZ3hc;b#w?A^OowO{dIkE#FjRs>wzoH`g- z28cHVhBVIrcD8il@#aN5^W`Dn>A7*$7iq+6)Vs*9iA;BI&5zVedHFhQ+Ok*RqsaER zbiLk;WV{!t2Xo9t#joV=BoI@edPGJJAI}4He{#r+pneAyW0i*k1C%Ybb2oKTeqUhq6oQiQB^pvKrOBm5~w5uOuIr*z3z8OaQ_6Bmi;_1R9*w zv~HmyB5^=s4ges#-&Udz^Nj}KFmV948I0|xuYlOW%DsizVu}iu>3)qAWduBeQlA@M zZu>-!fxZLDn3y?-x9FNd$dFvV=?gmG=bLFCC#0`| z;*o{}5mKi=oK)^91m!LkxNDV~Uqo4J~OWw1J{`1DSte)HT1WnS` z%BXuzpPwN+g7%P|)8<8EyZobo2OK4WZA^J@6KH6GbgwLY3RsV+3u8|EszL}{4WA-v z`w_oL;)hOS?QM5e5M89$Sxx0GMe(5&>tDdr*|eI1S1`+5+` zQ$q4-Al@6JCCT z$#`K!M$Xf!(#iX18SqdlFy$|3-=o+(%0`}5%;$*d>)#X{YSS6$CORp9zAS79Rr4#v z)F9_B3o`0_G#S!T_2W?JgB_{;Pk=HI!Jg#% zT*Vc7C4n-bn-yXxCGLMuABks^x?j>6R(q&skRy3QNBgqrKEnMg2~w{~b!9x6gN;E= z>6SglG+jTZOpwk^PMgWNEU60l1>7a2$F4}Zp%f}bknDau>>PU^_HMhl2VOjxBWYIC zS}bkfV#yBGX#l18;YrHbSTg}F0h3mcls>cg zKf@kKglGhCxMeWFqtXDcX$On4fYyX3<;jX>I3e09#tkyPQcd0eEU;Lm67Sk*K*-Yy@^FYjBb29FOMC)EVsv}eyQP_}IHgAb@lXf)HCweXmVEmx zPypemR96AJ2}^tsJH?*e(S&e?61l9$ApcW$_tLh z-sT#(1f=Yb4J(huJyq6GlorO4b`-aad2e%8N74V1s_t_RwWv%1U>Xy(`N+AbZkDDi#L)(Gjd$QC3HJs0O8}wJL&uT4GTzYhvzaXrpy?c+E&{E9 z(!cf5i#XyimT_3fOH1-ZYRb$NCQYcS8Qpf`sVQE+Wx&C@Zf^q;*7LP@K#XA;S|S6_ z2)MQhqvDJJ_aUW29^BTvix@(G(Ivn`D3z*ac7dgN<&tIns;c(HHEVrHm*gFE`cpL6 zPyQpX_cBxj@OVBH#P0lV1OH?@oP*re)qv|)ajl!K$I?>FmdRf6;dU2YnN>% z3dRqd;bflL+xZE7XS<#-~p%?_u5xM zz*;}VO`9?DPGX44V3ui1!$=-fD)d*>(!+FB_+)ldlA5s4z$2Z6yFu@3{IKv#ZGT@U ziv6qwVBK<(41b4>H@7Si|L-_%0UiGf1U9Z%?ekdgY%Ax_g;-dZDWRy7rfJdG#)5B< z`Om{?A7C?7bw7oOe#hTe?j|{V@pERv+U}=`EnW>1c1Un0pRAkwIVdeXuIvxXY zeFLVyI8U(UktPG{6~q=#>(;!Q;}<$^TZSdY=e*5EcIQGZ7Pz6y^xlh^QxUhA(n^tn zEbn(B>ctSCfmCDPJE2!F3ht{BIf*$wUqrhlPuf#xCo~7eAcAv-DM*rH^ma`7&8S_P z3=uAZ5?1s#_pj%G`-aTCTr!++k-uXSogR@?L>|LgpiprC(1 zWPI4h6|)wbig$hf`Ev1_?*y}%+2_}U-+>7nmpt@a1ief3s4>3|7tAl+UrSO%I4=m1 zAnDw=Nz0|okanD=2t;^C7pSq(uR8!=Yui+oJbjV@09^sC)(J5PQwm`@aaDln?2eJt zdWRJTh{Q0I0v&2{bU*}c?xc1sJgg;n*5l$d91af?E&^a%-4-~ z*hc!)JkSjf(B?)%CCbMSKKb{D`-GsEOybhJAfncq=$1J;A?NYa@pF%y7jVuBN|A9G z)947)@TT}gJPjqVt{H?*|0i@2*f@1jv#B7FyKSa7LUQ4XWj~L3O?fLX`=n=Or5c3) z7*~yAaaeo1yzX|@w{4xWsZl%|mZ^4TPGNX=m4K}(r;k6&7;@j0)i_eJHP0fz(Gwkh zVg-UsyZC6p;|f4wCDJ5ub*Z3hUr?WI9X^S|5Xw!Kqju)JnR`A2^2g~Mu|RV%W||jU z7sGq=%&tjVZ=KVgzS?ta1~dUE(Q7Xy-7aQC0c36;>oIUtZ!(`^PrLg?pI zJCGx=J9EaT*=-c-*ZS7lnY4OK`3E(<@-}Kgx;BSZpZVotfUMcK2pJ~hm z`KPUg;D-y~7Pqgb+Z!A0wipa$?PeGWpY!lc2c^8mzjz$ir9fOUH}h>9pvklaFx$3# zBsnm1z7I!dYe`5aN;me)TkCRmX0cHiOZU!8>xotx~E?5PqvU+epXFs~o}A7|CaL78g*St-lHV_3FyWA%K2>%E^Z&)c`}hU;A5$bG!adgcU) zsy7VK3>xEnF98`r?k+lD{kBiDO(jHp23n#ap*x)ZtYdpy@MhcO_h_*sQyD|^^j=AB z>~^3Frg8X7Cth3pTUmmN%;s;;U4LABdQ)c2xrN4P1lzM_#kt z;jbi~?u_m=Uw)>`gXmLYh&nXlRf&H8^|Ox(%aOHI^lxUiL3!b0Ags_<71%c&3}40^ z)7h0CZr?y3Fs~iq8B*udIRs~7+us9(ENMD=8&pMDr7WTbqxn6i!MdGjwGFb=qWmn-C?+b@GjbmWV)`na|bFZRgh=#n`;pF`fm7IJK> z8II3ZvNkHI(44U;AJ7F)b>NJe>lc3JI&7uT=_e(DcbB^p-^{ugmkPwX9dq!pOLF5q z8&D?E^=F*NP}MMT_gSzVc!{glX|jRc)9?pOXkRQMQd#^PS?A~Q@>G6T9D5(PJ|IM4 zv#(t#k-po_@j8y!Njwb<4z#I47;nuC=#l`km5^`^SrPMs1f)Rz!$#Dnmr{G}6q3og zH=T8|3J66P3&cq|Ea1bEArfJtYVm9C2A{9@XBhRQSXBqg?Rrcj@{Pc2b`#t;k|rqU z?WPU3W8E6gzBYJo4Ri^x9wpy+bri^N)JVN;HlMEs&hK`Gq1ERdrk+mJIjv&IyU^7B z=b!>(EcO+l;+W|9du+sM{k&UPEQ#RP`Fv<7%xUEP(`J*kPD!Ngmy@4yzg~aTl<0Wk zV;WK&dvh9~L1zVzJr8hQJ3bSl;90P+*vqvz=R}!;K53lii1Z=)v>dg`#_m?8<{kVOhqme+V2aq$D zsSN^HrOy&#Fn@ThLM!Bb`v~!Y!y0|3tpW1O8(58!l^Ix!|Lgmq^0x50opzD$&~9E% z)fbH;UFU0Nq+4FJ7SJ4Y84vz&aO6;ADp0OC5J1*eBwNtc7X2{~vQDb2zWx2Ze1hBF zQiP0X9;nc7^@-#@lHf&VKCk-+6HWt>ivOKFERL~y>;Pw%7fp9QgxR0(Ajl7BwA zAmHSn$i;Hq*Gqs>0F_m(%JZ8`^=4xhq6NFf1c{qBEQVW#e;O7s7;=?gW9?XEdi;+@ zUdy@PT8~3tA>r{9np}l)ac!^?N&#mfa30|9G^Ui1xtX&!4<*Z{9NFAw&E7wsQ9FE{ zKSX%ABCN&%NBm{UY%osS|C&L-k+d_s$@~2gf*?sC+;Shihe5SnuJBLq^M|jChK+Cd z^RWBFPsfN2SwqY)dqv9pd5|Q;pvY$+G0^|?vfhB9f_T62s^aj^W8)7aRtEjYsX{T{ ziy#9r-HW6%kM*ZdMu$Z3*MR%OWCkWdUJO<|#FrSnsv6oqEfR7lOo&p{|6X%{Upp}( zT5?DgB32WS@}JL^3PO$KkEe)4oKh8_wx;p|R@%;=+>-x{*`2Q~KUsvP* zUD$ul=l|=9t+U^_vvHpHx|-1jm&D&q6{8SxSxkPx&}XN=Yig_V1{LpeCqjP zxpw7@wsEV=>#25%0 zEVo?GSMMhzx-lTjiN|VqosfSJjbEh|RZ=1WwYymf^vXuSqNxCi(9p2R;BL+jmwW1+ ztws@INAM~{rI897;M%+;$@eIk*T2%mp5(8APSsvOpq!p|1pJFc(2XhEn8p=N7@Is{PVV0w+72lS6Z8hX)j;ZTsy1hs)tX75}8B{)E=p2D0uIH64^e=ph1p9Cjz)CCVyMjRSxdk z4w#)1B)MF6RSsApd-N%{kz0Z7apH{X%bPwlo#mq-gYatc( z?5;0Q@tA*KzRcscAI%?yzDdm1qO1!D9`2&-J)8z7LFKNtKYP!bukGuF>XlnKF0%A# z$cYx*3XVkuyk+zg5ju8={5;mqB2K=}+g&+}u)FUldM0kjS;akfHI_Mewzu8_XzP1C#}# zK)W5FLY)jGgp)C}9{h#{Y{RW&k|DknyH<_{{Q72*uKEa6?jM2Ph;Ksj7ph)M&sJG< zT>+gTwZl+J(s)yFAeeQk{7EA`NPd3=*uVl^rCd!59Ti;EUk81FfFat-WhK@m2!-bs zkT%4^ciDak)EESIA)~<<1Nt|~Q|)EQG5F5IEsdz+e<9|9eF4po#=2xsp8ZN&S15}4 z$kbQ;`mDV%fr0^c=+mO_^RXOZNc_uI%mmD zu{wecVt~iRHn?XpDO3h!KZaB^{u&QAHxaeL2ibruYewykMu#Ffr^zH~G{-ycY4Zgba?>}OLg=p3qW+uyn(#hA4M zsdk{Ym@DP4u+RonrcZ!%D`GdxER2h>o~ByR*Cy;WkyteJgKT;uP@K1%4l>+n*r%CT zuf*nuzIhCA(`d5QeQ;yk68b2@jkAXq@OUzlj#Vz?&4fnp zN4V|m$vi^B2)p3dxW*=(;t{>uZpM?fj}wU?w4bN32>$LB@Orv8Q&y}3+vnBDcgq4l zny)w4vS$r+F|``_@?6}%yQOjqQ#OcR?OPeAanwuiT>lhxWb}Q~oI)YdnvO*ED3hGp zC})6ax(BoNwv)NXfP0S*uq?r>63tgBLs)vBWc(ZkEgu>jH^6PC4Sp|tqs09p<*eP66VxDrMqDv(}sFNo|t`J;(e46VM(dv8?q0PmAzJ)q2W<kU5S2b(P#9=L%R~{r?7k7BIrQp%$0P8SQJqNg zw5?i-Hw+O;t@Kgl+`Fcl+9>fG;Op%RR4*}46c*;V^WC0+GRbD0{rL~nI94SflHPv1 z$S$VGZa*(Ig=QFKT)991F5QEL&pAM#CjLrL88YIEKH%zC5qvJgm1&gXVYbGH zPyE|mRZfg zNPSi*{juWfm10HwAZbM;cgW>HcmAay_C2l{&MT*zsVRfofWp;|GtTRk_t}wetv_#! zoqT_N9#vY4>uX_s^4n0~WMvVC^UEDEM-3|!QQfEC+0AK;wnly>re3f##*My9C?&S) zAqL13!;NsLz9vhHh5|nXJ>no0VKj#Y)ruio1!6LV!koOXM|4#oxGX1`Chh%RJolFA zAUtih-v;}%>@T*OYY;Nv$}iS_T;5Nhl%B1Fb9MnbgJNJ3c&c7Tzb|_qOjs(ruOGz0 zN1x6CLPRHSfCe6CKIoB-2;f$H;dC8GAnPX>g-?V}OIkV8;LBldp(aroSp1547eIVE z%&hfqlqu!Cf)PXD==}jOp)X&6DktUxjfm4_`wSd>Q4GDzWvzwiBkrkBkwU_x*zl__DE^L zC&-=k%Fj6a?&@cYSjG;s!TtWFN9IlW_TlTkw#QBF8G2SE51p6q=nxps4ZJ(VY~CQD zxYoySqC!viOy}za-j0LBjIkX)P1AC`0~>b9uqTFh{!+`B;UY>T8cupMS`^M3X6M|K zrPMad`$iX18q0|#9#iqOb->_yoU09^B!ZqJTSv@ucXc+;D0sgD8%QL7a;LQrJf}Q? z9r*49xL8O^o^^lxGA;w3F<-A~T8ZNeKeu zz({%LSe~wSfGgZJC_(o27_6w_EIW~%G{-4yY7dQLKBJXIr-C1K%A-jHQ@C_I(edx9 z6WGmr8-&gD*1r$H4Um5<44{{BIpJrp_8$OPq>?=E>Yg5Mq<`@?G8X2s9>d(7_`TQ& zzU>};B}F4`uD=arr|ZAJSli39{x%!14IAs;vTfu8ivYh_nEw}6Kz!#~SJ(!U zNBU9lCtJHr)-(+!euCIg9#}J4Vx`9qKxy?DA7uxiUXlS?E2biU25v$3e&UVN_8QfK zD@AL*AOuE*&p{B}@zBvN3|_c#519>1krZO4!DUg#EL&Ue*L!xPz=_19sXe7_5mDs=UwgCWGo58 zPH>Qw4#U}$r&OArXvy*TUW)Rs+cT(LVbH5^dUeX-0avthUc457a0yZ!^y1dD6|KmLI5w zo@Ef<;Nd}Q=(%vA-+F!)d36$|{}AAr-*Amy&}a>f5zf&4FVjK{A94 zk)+;~LeP*g(^iS*575xNkR{!F9g+iqn85kdrIY=`osHf+t_0%RFuwuAS82HdO0_w? zuqIxp-r_FrkzRu2l+q-zq#+sX;}RpJhJcD*Ji#vZQgTl&YrVy zN!JdI7x^V#xJ~AsXQoe^wSYrITlDL;=jOfqI-A6$J&u2C&Oax-Gi&~0&UqmR*?8T; z2dO5%w_whKCEOw1XRVc6J0xb=YRm9KC*|RAGHchtYwt3+@QDMGhq?{to=Dy%eY%js z#Y>i%^aPs?dzCt4LdYn~#B6gZ^@ld^b>DMu(*mD*eU=M=3Z|C)zCC9VFzHh*%|?J= zUwwOCVp))tTUH7gkHa@u>(5WTh2iDtD-YTu-xoTK7~z7aRpGZ2?gy@;B` zc-BZ8W-=RNWCBSD%$MkM=;atL87LWT(Q+-AJW}qs5=53M-V%tXhm6~HDQ`(3qlWc< z&KY})9fQ%cyjy7gTLpiH2Bw!NrII9OL=4>7ew92@tXxlFy(J$c&8d%^Gd&S6LokG? zU8Dzbe|9nAnJs7_D4XS$_D*TSpLLDZ2Xd5EShiFp#Yefk_g=##Wm*2_K5LI-01_hw zXKAKzKMn_SsaU6d1gy7zHP6*}Ug0Ba%^K;47QXVs(#N#2=~hT8cTgqZluZ zlmWNwlEL$61meiP#THu-h&wPtMQQVLj0sKxOdh>v(&ucp*=DRq5(n8w!xDQEb7M)x zoWu@)yVo_b&)JSF*qr^UrG!doT_5$0NMjbLrBp?JS@u#DX(PU}FlWZlaz{9HBXs6C zW`1jho3l>FNb78F6#^h?HjDGJa(z}T?0mAKi;VvI*T3?}VJI$yGyD7QyU#y-V>Z;D zZ+zn$W=4PB1wbqsPe1*1v-jU${pwc;Yq-_bhXKSEesMMZ(I5WshdAWB#}WowJL?2i znC6C2#0=z!kX9R}sMKt!c zuYJuOTz~!bOlWvyeZ^7UtUZG$XSSogp(fc^U3C>VR`@Fn(BKq3A1~wcNzO9@L9lYl zDW^~n?u*!q34rLEjz0Qm3fdiWuF%ZH&V^^c`OR_N?{jNLv}lJnd7(8nqM$^oc!l6 zrY&bp%h`fJO}+K*)H2R+z#nGI4)fiLy4*b70)gW!XMM9&mHqXp2D1}jX5D*_;jd`0 z@!O7O&&~?%E}3g06r-Lb4IFeQpM0{%>%k_5JDzGh|HXP6ISVougdh(+|4vp3h(v$? zwwE4!ex-igYO77TcPH2(jg7v4Gd z))#pgwtlyZkKV#;e{%Q4yPug(l72O6=;()D<0zB+!hVNAJ4EVv zdG4dZfS~G@FOIDAI%kif`ScZDEi<3g&_(yYa{Jh69x{gCJ^cFS>vjFv5u3-8VqR)r{P0HOCeKDpW?m?Qy*BS1y}Oy@ zed>y*rp#;@)(5TAdGx2YG`vW2&bsmWXWyLdE-_F6zIDLhJvM8c#5+k8wSIi~kS||5 z&MOjkbsw}%pQ|2y^AC@{5kugSlX2fUU~nR7!VUcfyEWcq7ApaRryh`E6wdztTv&2OV?}-EZuT-I9<$@{x})5A=i) zER7wV!FbC)f_Uap1j1YYV?9I9fFy`M+0(#V#t3ucF){;To)Hace;HJGwGz3k;~mGUQWWEnoU zx3n?MV}gNT!XEjJ-+gmSDgy(3vSReNX2_Wy$IDJ9QYk0 zvPxo(DR;`+%+WDRX!7p!c5}dt`rF_B_QyZ|aeFNGo3o5c4}4|QNxQR)Wn;1}NfaXV zyq01~XaHn}M$=%bhB;|~w5hWBvcM-yn84zT>J+n2$3lDY6-T9Mqo-omHYPX*o|qA2 zuvok4rkkQYQ;Q@=@hxTwl>J3k_w-1_<$^rczW`*ejvKlZpM3I2>5m>gnoN;dZ(KRs zk@pM*`&9zZ{*e-KQ9>dFfib-}~P8sKJ;`jG9dhGi(;9iS);v@fCBIjuZ4g6 z+uyR%A9GJP#7FYXOcg;);NfthA%2|5?Xw0dv8RN@v+?e3P%*H1Hg4i_I-0#B##fxa zNBijB15XU}*Tu4#3;>Bo9-{^gkF3_rO+40t4N_9GXP#jOeo3=!G0{%A_d1dOxHA@? zOe1J-W)p$1I*rmF9H0>79;1Q%D^@RYK5@}S7g^$ooqjnPQ{69Pzn5m&s7WLvpUWCN z5HtMv$3Lcv|m{FIQXILOK4Mw0S{W1Gk5ZHK&i&ZyP>6m5Q`&=j5NB15M5gl{P zF|kC@@ga}aS42sNC5&IX7rY?UcN;qEDE)DJ45g(%IEX2X9x+?4^Y>bK$x}Kp7UvKx ziTTpDmSq_$+#7*o%V}d>J(S5NVsiOLp zO;|A-s}Ibdm;u`+RWX;?Gx=Z(#07$^?#wYte4qX7XT5{Pl6eVQa@N3!!d)_e7V9TH zUKZrs3&SJA5fzqu>3ylx^eH9{xrNX=})4mfjyVYj2it^l>S&a=*XBM z{!%6E(S2JZ0trd-b1* z??I8obGMO|k)H?y?_2LR2x7W)Xt#dP#^o^yIOB%r6X}lyg$CBqmyfkOgUrTD?b5$b za_JARhW6`LOv=W2I+Om8)Ju;Y=F%Ukic5b`CNg_c{=HjYM6t-CFZI%q;h=-EF8VNXaDj%kqSG)9w_U>O?VYd9a zd*XxyRU@1kfh2j@Tla;*CjglF0|@i3WRigWpa1-4HYPpU%iX^3#{zVEvFommKdaD0 z`a^sSk#RnN+7vJ?9j3TpW~64!UEi0!@K8~D94~T~Y!A$qTXu>SqFQNW-#U^0@Gk3} z{-0gUq|V@y6$(-LqO^HCiU}^528xCbB$58$lBq>O_ijmg*fZvlS$A9;qTaV696S05Q7#nLJ9!2(t}{e@cj={b)^H(`IZivJEwCx&N_pM z>k0GLEitDiOC*m*k-w(p zZ$UI<+ePq{*Vu=+x7^6ZL|GU;CDHQQ}Bum{KMcsqXbY%45eTO63eX8pBS-T+MkP!Y0V_uFzE zfZun<_NVQ=k%?r$@}0jH*c35Y%#iiEUNUOv1&40-<-Iqu5R%_ZAAF5Fm9QkVUymB* zW%0e+Ub0HqrNbIO`{d?CdhZ$A@3v`!;t%LAzVB5J$4O#OAY7_VnVxgtV9uc3@SjFC z-UEjBx%(^I-TI}GqmSQmqu!l6v|s(4PYm`D+`zfZ8*aG47uXy~6As30g*KiGHiSJ7ZSd9pN(-8<`cLLf%ps$^W_ypjb% z+B_oKJLyET8{G{;un(CbcR=eFZEJJS9uIoQXrnNA#aMW2J0iAlWm**{JW29m`lFfC zNuEd+{A}nl{R1NlMGm-ufBX=rIk^Ty=UF=&55Q2GM}umq*>O33iO4pt-Dfw!Xaohc*ho z&Yu98&oKS7`7lG9P5yy{0*FP&G}RW&JTlz)GM-1m;gk8~@?~As~RGGE-MwJW8eI?g$SsG2|(uJOf{zbS6>fe?(J{a)c7~$2F>4 z@1bls?9;GSNyVV?Qe(|MihjN;Up9oqL0MH_cTdsS%9`GQ#%pPyL=qhickc#x+TFg? zs3_=RLgF)LHov`YGYjRQCEj6W>-6f{k#~2c`&BBoP5$Yn*@pMN4rMFyNHRE%L)GHZ znUicv!87O#u}2QhI*w+`2?L~8dFrHx(}IQ;69AECxT725nP)VDqs>I!(hST>DF(Ns zsB9QxZ__O?&~;MPxWtDZJg&OwQz#o&ef-&g9YeFX)D^lm#v2Qel+Zb1ri|mxFg8(} z*Blr7rPo7=gYhy-yOnZ%my08&B&Ck8%!Gb6b=K4 zdqKI>RftI{+714S@eG$_pW9V^cZ-fG%B|e78Di9S!H_#3D26e5bM9nCZP=8${cSXm zZ00)HFxoL~f*zI4MC0ZR-9-+$L@&`y*H6X%;SYbvULX9Mn4=gnW~u~jkc~vj1v5os znwjPdAt^TOiLqDa9+}Is;N&k+Ya(|H>Wmh}6tz5rW;dWoOAX;1C~C}9c+MMo6v*aT z2~+5?$}tzAZs3Lv!ChjY$ER3tzWHXaLh)_ZOjko)@=gN>Fl1CFSRho?Yh?qs&|>LC zHw>xJdHgK$`6=rv*q~m(=YT5$5D=o|Mc5#k$m-rNh56()|X z+_=KPEzN)$qlscs!e>_>4%qXH>X1$1VNQd^lCm>75u*~V#(*%_XME%>-Ah(S%%ZU0 zJH}2m12^4ZKuKiVfem^t2oa)A2O@)OA8TBHBK={J&q*#8@T}5rJY_^y*9Pf{%Mni5 zbHJx}-vG6a?w#5ny<@-2jvHpu1dBJ%FA-gO+^`dOYY2oBJ?9_Nc=8MR1^4?{2yeaD zxTM)<*gAU;?QNFF?XvzB%dc(b?wk3Gmh|mjN|hKd3l=Xu>awv%{ASD{mpsWKuWKHg zY@&@_2lqVhphgX>JPEGOO{I{tu~=rY=hOB45+D~mVc4KoC*&Y#cwq(wUt7cQ!ds0u zKqI)}kw4sD{b=JxE@G53_Zwu&IG8>APrf=cs^pkQezzaknaf57eljYY%aiI?f**qdM;P{eJ!;aW~ zJuY?HebcpZ-?Ph__Uh1W`|`*i$G)yOVavNt+sI^o$Ck=b;wHG$H_o~Z{hrUBV9bO@nO-!InqC*%u^_s8)fC#!HR01qBY6*}Ah@7!aI!C&na!9>&tZT#l(` z!7d^u0~xW^VJ6`w=;0T6io1#8MfTU3i}K2}6svAWgiy9$MMH-r4=za_A{);L`K3?5 z9vckS;Zqx7PAOmy@a$rZDox8mBa&u|>KyL#)JZ~X@xPW708#tt6nweJBl5F?gNjL) z9Ttlsst7HC`LTQFEt6o%5A+Od)}6T*R?!rUl?}VZ3^x9XamaL8Su(|iu1Rf>VlY-& zCB_TOiL8X%gUVw-bCN{naoI#SNlPO%mJr~AIm5r5*DV`GTwWrl038zx#shk41_1L; z!7(taeqKFw<5RG~4jJO2ukI_KybK;37QrtAZ?1)RR8uhMm z#`=fmXCWXR_u&c~_7fO#FrX(AKc7tOF-A8hQ6~c%vo3^3EM@6Okc->Y%Kat=bf-CT z$W)JM6WeI~C3izw$Cvox5m`80KXU>M+%?d|93|n?$FZr!I+Mu_MFTe^IPQj`N908P z=a0ku-UN`-Q?=OqiEJTHpG%|Tb~+|59!MPw%zznRNdWtDT$jtd)+41~rgUsQj40Cv zUEac!zrN*J>jNj z3yR+{ugx+Y4P2hJ{~)(-@Vmz9@m?5vb=%l!h>-Y07I5fx4eJp9W1;SP9Bx_KfaoV) z<;!ivYjtW^X2d^Jb-`xH`#;n*Xq^Vx87It4ktce|Z-x?jD2<|~{N5^bSt;af@WVH3 zRH?AbeJ0JA&)wTN8!@0ks@RK2+_;7akI2VO z{7R3PTx3bl!-NMnjPJI&9iyN}vRiVZWkqIYS!kC>FRuISmbMh(k)9;(M7o2-P;8lv zGo%KwFG@U?eRNO^ZMK?K4&#TdMe)OXswUBKNNiuBu%3K%0 zgwJ?m>{)Zw>0weYli`kU*PXEtd2;P~jvUhHIw9tU>7y6j`1NN@4;}d)P zJ_%Ae+wXkz(MN5taNP~I#7fVE2^NgW5QFfD`53RbVTUGTNwQxW6vc{}1%hdI#J8C9 zlu>m9UpAdd)HxrSck%tx=$M+up)j+FAMuE8qM2%$P^BfB1BxJLwTuDgH>161MYGR7 z`y_3jI>TS-pjd2jT{Lb;r|FT=y&w$2hPev;0D=2D!en7gW0QJHGL3IX(VRjGriz~P4f-37Pp2A?#?+f6v9^C<}DK}H~;bUr_ks)T}shs9@ zSr5f(y>@g)I6l5&MySDh+XMIYjN4#fPlk^&M4QrPRIXx2nZ!%|ufI%m|rD`jb5 zc~A1FjU2upUj+r1o?5yRt{dcBAqp~CSr0Z)O~S`7fwR(Ut{iz{+`x8avMP?v1T9=< zX{OrE7L6wx@g>d@m2W1po=#egM^S47wHh6tVzE$TnNs+Y*bAMCVd^mU#R2n->0xxJ!fS&y(_FCD}DHvn4ObR8w!c6n``|rz++|h4RGb^h3F`T$+%3ss0AgXIY z#2zD!iK)(9x<@Kq-@JBJ6g7Kjs1Km^gJv1qnC2Hf9Tt9UI@z?tt1(j(hAn4HDcc3u zG+sC`e%T}p2Ly9GUBX&l$HJ9qJ&PffE&oN^SA?|IoP zj-Hvpe#sG68YMOdjOcUW-(JCz!+`r=^u&%E_dIgPep{``T6A32>=F}JWwfKjJv(hS zy+i%JirVM;Jb5YD0F!@W~x}1yjC$F-P**Oe?LWX`Ou@q3& zeKXp)$QY4do}?yGQ+x=&xOChEJ#3D$(qWy*(gs-}8&}vfpTwT22%B4YM+4Ec*Q;(v zrTbN2BHXcj(V;~VFtJ-b!N4*HZ8#@Sf8~Nvrg<@&XwNf+%juGgUe^k_SRR1(J?_$ zDQ)>d8JqG*bWqxi7v}44V4b0iEsUiHNvrPH&z-T>4&Gw zXlcEEn3JKAIgOo1KnBNB+ykdk+0-PFt+)^YmwZIfMi=u{Py;AC9(WW54d@oSXdDMg z?AR16XjhhwVP>Od>_H#Z_esn#IpQ2I>Zzy^MglP?Y7r_ztly$#9Q49w& z^)tDykBXYew&QUy_l{JNW}8fvvImabeN7GMD8)H<(pM05!CfPAN){NLVlJ?0#-t`G zskGP1mQK^tmUMdg1FX8{7mK2zn#LNb>K0Ti0ae>4-9l2z1Y4rMRUIiFnIUoFkL3qv z+&IC94YLr=Qy?YuVCjo|E5$9Nff{ZT8v1i))$x^^LG9+m;OD6=NbF)D4EDkJ#AWue!;0&UE0Vut!^v;6-iix)Zg^ty{#&hUCycnX=-)3l94}h4 z{p$Tz+;dza%r)CJ95M5|Y4{TPN4Hv+Ku*7Y95j%pAPnNNq!J-C_>#~2m=ApecbAd}0u_PJ(Df)Y!oz6dZS*hV;Td(`}>_t~S`UYY0kGrn< z$K6k-?=x_xjT=;-^8fjoAx^j4yRXoySU!0m#SEn-{^pArHJt{Uur^hr_u!8%9o6Y% z-BK);=CXHC&ZJpF_F!wl9~~=>y7Of;dRP9K$nnQP7`{DXYukYS358{0f!lg7W1lru>I&|W zlogVeEu$t5eEIW|-(`t$HfJC<@6FQ#nQVx53~t;AmOGjDUuNOTJ5x#9quJyBXP61*2vIjh>66WUdoy9^uSU z3p>P~4GPguBK<*!mX14Wu4R2;lkMD_lA~-C$sk1Fd71`$M@aXQcGtv~l1*Dq8=upd zdun*Bhs6S+4>4!4l(Tzc#k}XSZ+fqllun*VYv-oAnqMqE71cBXsk#LfOF-53vBD5Y zrS+}qc+DddcaFHyd!QJI4SK1F_32a*rkjIedtWSF=wM^wxkMmoJA{A(hN^2O;A zTlVlc!Ng8GIxIE?Wp|T1=8+0D*EVEU7pe7Q$(cfCv)l*D4WZnDVq2joVDg7fP@+DN zGr-p1EKi$dm_~hr3d2O5OCESMy=k;pkSf~7FvoUK(lNcoW^wocXo}`)VEzNi{PyiUXM0NjPmGE@Rze){wtWX8qR9rsV}dWR-3d zp)%`XUq-S*W6tUnOx|pd^bssRUE_d*g6<4ou36`nSp%IE-hHc<(|~M;y0{VdG$C47 zY)Eu}M8q7rBB@Z)$$IXH!efugi!ny~O3fZltiGHzMWB#XuqqokA{7?^*dg4jl!< z4I9YG**Xuiw1LC3C?dr#$eLmx;~I-P>U=TpY<8KP9dVwYfiLDbvFFAa)A-<;o+EbX z=f{5#BA`5S#UpPZAwq~?`WpP&%G{UhNodKVo%g}gK0ThitItBa1<6O-d=tX4;z2WRXzxS5btoo z)AA!(s|{O!<%t7VK}wEXnRmV#=HXOo;8LNBj~aT~_2W2Zh!73IoLxFjW#g*mmzEz! z<6C3)<*!NukM6l>{Hyy6fZ7YEs0oS1;R zndx$w$nl5hXY}aNc5B#07hS|k%s0%Mk{IUXKFC@)Hq^#2OM{9oD>9c3wpsWS1$RyG zhyFXN0k-Rjfy?!?BS;<6QxP9`?3=6wS07BC86a>RiTQ+aKOOz49i>e2{f-(BRsDf|vSQ=_vCaorqU)*?M z#re7UZF<^b8hnOa^^}-NDN6~aD+qu{o9&(3Q9=8RAcfA|ruHcw<}e5rEdjM_M?}G~ zdeo&^#~}dXdLwEzk;bZsa2(N9L{WvgM4im`8&!ngbT1V**QQ6A4S`+*jY{n4N35Pj z=@0hod`4f0-mP9Tm_^+R{1(KDV{dPSgPSPMM7qIr9I2lFAa5sl(AvbLy34PlQxDr9t+kP3nBR>aD+aT8eIclC4*;)<(Bzn z;E51W6f(I$S@oYJYI|(<93`>DA|{1YB*%q;DrCY_e4%s@^NwWDCIM9SVpTVeReV3f zPTnDdPrfFWB&pIz(&=94M!3|Cw(Pl}tKpAFS_d$rW9~e1#V&jmoFsY3c??bLwem!P zn@E-Zu)6s~*|@5x`K80mU(>2+L9tWy&mmiSn!U@7Rj71*BLVb#>_E~9Fq$x?Q00nI zq8zy=yX@T8ireJEIQC=e1%suVwY~_YYpO~?H^nUPc&hQELLc6u_W{G#ChPW_M_ zXZ7yfM`k{~npSn>6)YyUktPiQ&a@D2MLPu<2uT5y>BZu%Xu z65;ru%-kTExY9g*g6bP2C4#EME5to~0l>Z@L_cXNEiqn3#`u`iOn;JeR@nj6=fi-C z`-LT<$TK&qCx4c#tQXh@Ce6sa3g)7o=_!FO`wE!W|0BkV8|UVdA>K+5%>_mZvqVwa zrZHp2jIqImy$5@XFcCLwW^iYad8}F=%EwS{wM!;2EZn#^lZcpY`m(~(R_r%hMok&` z3dX`Yl{m-1O)|}hzKESUXS5-Yb{jXAF7JpA5_7f{cwuo*QxbSZX-gt1@n}k3(ScQi zXj9Nke`0rFvwYwPAyRTyh_*82iYpVcFyE#k;T`Q}-^Hv^JE9`7T4BoMA41`)Ccdcm zs_2X5f|;t+GFvAr4WUNv-&Zed6i1$5(Y8WH%fRG5d7juC6kCy@t;vKz2%FRI(94c2%81L*eM0E)du&ja2 z2W~V(u`n*S*_pAA%5!Z~jGbyj#t}~-eP9a0Wq#ZcTyO|47%x*Cgg$&ln=lCkl|{ly zCVW|sNqt5eh}9SM5V=*>aao(@%~28^J$3y2IVqFFH_@;@cy& z9W3ZZ@yRy6$ex7EBZ0@mS#SeBje@d^^(yPJQX8f(u`+NkI44X=KhqR0;bz;4Lo`+> z44lcgNa!VKJLI&|23RnWP3*M_hMBdD!#}fmkaE8m_Z0Y$mi1DpO?5TDL@X86v?^Lq zoSM+vP$8LFVjxM))#ZBb^4B-K&|}1Y51qs$cOESFbWjf&iL#fYQIk#mhlvzDEih?B z=8>;apjzmGn89~+5vB1lH7sd;1fJ9o#*4U35(8oJ|KH`Gf?{d7*A|V(&7y-nmwy!= zn|q&|&M#kp;@)Kph=lmcQgnIq|E6TW(v8A}xp{foy!bUSEPs60%LPwb#W1TdbEA#P zJC5JA|7m*dHgW|WM$_C3}D3hMJO9UT3zH8$6S*U&6+}pvUxvGgi?h zi!s{{VVdM>4$(m!%*=SX#yII`Y{xss?wZk+UiQJzPdIcbY^QsGOl9N23bSVdzyc35 zpcsqeQlA+t-v;tTx}l&_mB(U+n)0UveM8ZrWBE|}rkk3kC&_z7kEEO#oq0i1KKB1q z5@xpcDy|xk*|ArRJx2&lYYc4;b4Gn;Elp8=?Q37dChBgOgY2(W73{sTnH!D**@h5} zg%wuxi2T$fiS8!8HFMcAs&wEhmQG)1F(}6y71^pmDIuFMv!Q9QScq>)uzk;g5uEu$ zd{xk#d?}2>6JA&>f0zK^tGcu$(GdtXQDU{@jyswgW>9|ptJ&~LSu2_(knE!!@32`1 zzsOH*g~;5MRT%Es17_BWfy(9++8VVZjy0I(HL0@YA)S?fUc;*y0)g!Q98;;-Yh`ol zHf8H1E(whpAXfw1u{ifzPeW@F08xqgjC8S_Giy%-C`dr*!svb63ms5g&Lt-aS;KIN zCbMeOG(+MOC9jM(EScyWS(cl8=SM&KkqtuDBs`Xi3^aQLG1P1-ee_7w_DMPFI@rz>B0a3q-D4gD!v@Rd#3j-?>|yTuLGFN^0bhVo ztjq(VstA261!p?6?gbSd_u`g$3<#2mg6iSYTznA)rAb5ORh0DcifX_u&Il>!K&d>q zq)Oz82$+m>R*n`3m5mzZeqE~VHg1T^D*6RvmpLQ#5Zus=Ir1>0fqSfz+hIv6Vi7*s zXy5Io!?I4Fl-Od@y#oi?BF(2*Q6@tj?yb}J5Sqn6Ww05EhsL%8=||y{Mu8>WI;CK5 z_u6Z(SUIsoBQ$=Y+ykk?P(`m*X)Kh&zWeSQeIezft3*y`GSK*{I&)KMeu)_K*E9mD zs0GmzQmip*CTCoh%v6#oZ*z6I9)3mjEtv>0J3{6ZMN9fR)5prDx9+_U?p0>ao%O`4_VleS2^K2xrv{vF`$wwO@B3imH zy<(D{oYZ*!t9Q3GH(0yCmtQ%IW1^5(rq6qO&LWoR+YW40#N+(VS8o_UVai+%k)3}1 z_)C_587c;jnFT*5%ghq7$S?1Il}~6rFn-3U(N8@*;hn^Bvpk|$WQq=40rS@?bG9w11dg-=uV0@6BC|9?Er(H~hQ$UvGZv<_Y^=_=Mj~j8M#2t=*-4kIoIngrMY< ztDohnY%=xPtDa3nT_xgTf^SzZ6T;&Y-?QXZ3b|nT1k%4}CqIHmg5%{!yhRho-*)fZ zo(kaMkgCt_(RdFo=uZB_vroJ-lk-{U-S*PuD=u>W$k266h~vJ>8vNKG;eY*On=~wL zxbABF3=@{2v91$J=ez>k(!g&Vl#w+vwLlP$345`GUPcOfz{mO%N=Z>Cvk&`Q+I3F~=Me zotYWOBlE^u000t@Nklyx;d%ehIKq-1{+tG2J;IPd zn2aObU+aOBmnaWnmTM{-IA9OkzVL01StGJkSyGW6##z#d7>GX-$!>}zvfwX`h=G+Q z2~`NS_t-74Ai<}k7|;n$Cq!-*slW0;v#%soI;po z9rj68WI4b@nr@TYNE&Dh^rGgy#Ba_ziAo9z0SJKDlWwl*dWlpOeAO^7sq4GBwx1u-ZNqR0KHV%5XFL;}8(K$+S#Qs#_W1Xz+y z*Tb^^q?1l^?}>qYp+|-!3;PmL6REjLy!#`o?t)!8MZ@GT`F5E5s=`oFjw%hGK9PZz zVTQh`pkFEy8)7EDM8k!79_=o1X&9NnCAAJcFA{J4Y~m$8mKCwb3J^WI+0=YWj8CMQ z#8Z2zoOCJlzwWnr4VCs+)f4ws*Zd@$ zu7V!5)B0!aH;AuC*%2oe=byX!*{rV>pAm2P^!RxPZHgO{H6W4UU+TV`YDbCpD^ze+ z28mQ+-L*Q9JXZe5n^wM9VcMc!*YgkA43WnQi+Fs3}UaWK9r}{`QWk7a$Oq?NYLgkTmoUt6+y;*_7Czy`gOHi zb$B~sz{(4N%&}bqWafdH8=&_X((9ntXIWtp$k~5>K1RW3=Fix7V6-V=E?9ghWN|+? zG8*3g;P#jP_?h8oU7fMtAP(8RFl8>GA@zsQFg{Mx+fN& z#x{Xd%B$!;HIP3gctrh!F}&*hjk`3W7I*%!XeG4l|Hq3AJd#=Qx2 zmJetRBN}TfF2?{P4TJ@kO(vO=@fW@G-IcgTh_7;%QOtPRfv-e5nep1~84S(-86U(M z)b@hgnY^<0%R+;{m~wO!N-T?T8A}$82mYdWR=bETT#`a@RFpQaS}_*u4M;F6CQ1r* z7|N9C1maf&cGwqO$aqjOdC^SyvM1--k@2V?EyZgWl_8!IAcTtAQH(Kbj@k6L^mycs z+C?)*FM)+QJY!V^0)Orv16P-zLSfiF<4NE->!dd&f=xn*G1k=lzNTK&m^^To69X}d zY^Z92VwdafxG8W7@Z@< zXEq)$FcJ3ezWeU(5<@Hq&vkTAkO0M$9I8TgYXwc-iQVTke)$N=VABanhf8)!L=9?` zU(i&{mOhI*y0%0SBPN&~_#|zVEJK}(rAUc?$0w$tSh?iSQA|c+juFLIHbOkqS(umYHO z|3w5qTQh}oEWOGRJ318P&O4S5edt3hiMKt$Ns5;MBN2Yi`bPDOy)=gtW8juf`z7%dD;3qZ`1~z9&j>eBKa74UTzVlN&Z1+Q zbKH;z4xOI&hwc)=Jq^LGw{S}gER{K#g@M^U7XZaqZsygln>KzvgBxM6@3iI`EZ27! z)Wh9iz!{%jI%Lgt5d+o`?T@T27b?LCi_YdCG4g~e>(V>02#sx;#j_u84 znl^=>*N!VFl|Z<#;T9>~h*ZU4zC%Pt(v-TgvN5`>D)=idLEL|4{H{7-4qPNFie$Rrc6tekB zez)7GQRqX0cMKN*nX~N&_3(JN3HL*LAYc6OM#!Po>eS9{Fc8#1+w{5Y_+joB%Yvom zzP$Jl%(*27DA}dj9PfJQg&EioI9D}Mi#V_rU1H{&Yd=473zPovSdb+4Twit7r?<{t zPK3vk_ZaZ0UHd1&W*-L)8kAVF0;Itv(*ycg1Vd~v_;7|;ld1WuoG z-g)QQXz0l{Ukr#$K9gA@KoDX3xQrJbldVL%uBaHjX5nwS@P3tv78iiJ8iMDVNe*45 z&o10P8uF*71YWz`Ee_l<3Nu&g-THq!{1QXsdQ+5BVmaDdh8x%PK?B0!@Yc@Pe1wuGVRWB(SNxf!h=GgH2??K2TYs%Wp+(~5~P%lz%ASkGYL7);6{ z(b}US*h(My8hTGSwyKCwJ6QqY7f}Gq2QTG<3<)7;o%F>5GJa_urCSkuAna+NDni|Ycoe=^8X&;JfVa3oq(@<710)cJA6g417n1R;DH(CU z^n+;llM*U1BYidj?y|Ij0UJpz-pQs{FZ04HQcfNj>3z&79a^)$MS&L8Bx2{6Tc4A@ zzS*No0<;w%-5Dt81>jR%QBv!Gj9Or^8kNLrk5nOi;l=7$bx|iFH&>35VEvH6Qgy&gie!|!s!xsfc}?%O9D$OIaQsSKrJQATGs&%!l0DSB$X;x zu=#sB$%5sSnprHT?zjp=L!Xtq*Qz3X3X4A`927)}!m1)<_d@!KqSBi0-b)w=wrowS zq6JZ=q?ve;JtZA`b9K2%rt;J`OBJ`C<*fXUotX#SSJJU337`U)`X_TTdO0d{v95+T zh+;FV3(`!V%wG~zvplkHA2Vqtk`!*(MIIC-0tLfIvjYVUUh$Fd_|2(;j;pr($=wtA z@DtvT*nU0knwd6hq1`q;d;XH!#!h|k`36A)s!oUr5}8!hG2#(rAC5}#`F7+)+^?KU zFUkeYN5l~QAf(v5UpKpa$9+@^**!L+0V&}dD9bNe3Nh}Mt~7VmrDXi%IeZPRa|gbs zv5X6iowYg;LerB?SB5@6V@un;5hZ>Zd8uO{wM9yHv11jLs#tcgiy`MP zqnra@iF6{gLf@9*m^#TgUa*ame)g-qSej(l#wPh#=doSsyi+lEzw~smNM9|)j8*9 zxxGJrXhTVWY1M8ou7<25P6xXhI85d;#Pjq{_f%(Eu&jN(0O)kV1zAjU9$LM*o(xEG7rO*Im=r?tvbXFH(kZ*y?I6cAHFw4n z&cHmxDTNC}g&cMOPhfbI#Q8Yr;mXZYdU_8(M`S397OPbwPEd?+1s)-}rAutiBwg4! zkO7j6>(*?0-9CY(_UEp`vPV4%I|OE}uliW4x4XOQyy9Lh+n|t0t0z&2!yluX91cJ2 z_yszIvhkVH0bOQ8jsHQ>Tc$*Ulti^Kr0?##yYoMAW3bbk^Lq?`AGvRT`9t83tKrdG zQl2h7A5&5D>|b+~N@Z6F*vN!X^#gysrm^-luYFY+`0KU`=p2U z{r>xl>i6r4swKgp=E_l1^JCZFs**lPXqMmV=<>mpH@q7}kGcfDeXx`^YHOmD#psuy%!<30i-8;cT$xf~u0A?g>p zU{Q*QIq)f#QC+~}E=RSG1|4b$j3yg=S?0ih=0dNVhZrX@1~34Dr>mdKI;Vst0Ctat A)&Kwi literal 0 HcmV?d00001 diff --git a/enterprise-registry/build-support/gear.png b/enterprise-registry/build-support/gear.png new file mode 100644 index 0000000000000000000000000000000000000000..a829b21d0489f08a59eba43d21d9533cfceeb742 GIT binary patch literal 5628 zcmaJ^1yodB*B%h0%Rxd=kdm4ihHjAVM!Iueni*O|y1PS=77(Nxq(M>{X@_nB=^+Gu ze82DizIUyEt^cld?mc(!=h^!_d!4n-5RZ zyk7Jg&$-U!fp2AEe61&ACl_j_kgRH#q^5kvl#!6cZvLB?$~6#Yewm4Ug9Fpbs&FMB ztw|t}k9~%g)$9(rwEpY)mxKoQ-F?7u894heWjFT@a93wS#n<9!0d#>e-fAJt|E z#0@BLEx|`7`Ysovtq4+8rHr`%D4=94GdVjChT!uEO7ckVM7lUC3;7m(7J2W-J#QGw zNZoRN;>Hh+y^E@52{KQ<6_Cgb=#{d#N>I<|g5#nGrHHT_NDVp}ThZsIr%~T;Cq~h#_3olE5LJ=d( zm-$B#@=p#w5*p|;_1IS(n)FYGScfF4wRb9{@e*4Q_l#Z69i==Ro|v+ParIX?ri8ks z*b?-4S+n+jph_g_9v+id*vR7o;^{6;O1C=%@;=8rvgafNrGrJqos(AZG=#KHG?G&Sa*QuGA~a^e$nID0Y|H z@gey}O8A`qt&|SZg55gsV{t_lLB|<7B#<;E0q>D3mH9(?rV8Kn53%8v7r^x)mH>O> zgmOJh*@!#QzVmpGw}iSbiGRuPi@r1)VkT0Mm<*4Ra{`o)7rofw6I6RI^db3~5=p-N z*WT^MV8V!mU0R(~`fExs{+Xf%Lh1W3j@89({CUWAc5y!x^-~I8F*2Mf0(Q4E~94ir%d!KU|h@vBas9F9Xv~ zp7W&#`_R=F>JZ#gtN|u!)|!bvDA2{=kFA@t-0o~R#1r-nvG3-k^`ZNouX4I2398dF z?@CJM(C@WW+3vj#n@-vnkY?Q(!mTJ<;@ z3uSL>F-fx?(E4C@`Cq5<1cbgR+W-t!Mc}8(-gq*dy~hALWr%*ovEss^Ay4LM4kp2p zWQ_@=Qg}NM>mTODM1qU}^>5s?0wRo#nc z?GzG`W_>QpP8aa@aDY_sGO#4%!HOal5Guo-_>whJNQO=Gr4HG3#6#YhnF#)Z=nKh7 zMKBxv)2~-C^guPmf(3^1U5W<9L_ks-Dd z&OX;Z@0Hg)%w-25oad~Hmb|mY7mF58?hNTn?95wKa4D83L32?N`iF`2rjzxOa^q7m z$9Tku#Qe@ubbsp3Xf^4eU&U)uR!nG^ zm2{ePyu7LPZS#d_XT!!$ZCJSKGEOobGOsgAGtn8J_;`6odE0ph9ENx|VIQXi-@B=; z}tn>qMuv8}%ovK!$+vFnHwDn7|jb{%W!HYP(G9e5tVoJHct>o#SNYrSpSJK8Bs zo2uffDx8xJ5GW;-RjbqMAea95^{vD7Ba&m6V+mrOClrDz+>S@p{=HSiex(A&5J~j{ zz49irUtx>#{()~kylK3}zY)H2p_Ar}JjRrxqMTDjXKQR^ly?nSt=q4@F zE7+SEwm=A>KBuCl38i6+nWlcnz018xgF|IU{fS%L`3J0r?}#Tc^CP#A#j(nJ4qWne z+-dwQY*a~D30X;KiIJ+2ir?7Bu}5PR8T$flF5|pt-U%)tICkspHv}KxXY`;s| zZdz`d)(Bsk9canGz=+uhR9jxRTRmMDR}XHis_C@rZ9HoFQdd^n;;h_sRzKE=viIvJ zZi3e(&+E>cG!E{g_HE8-_KoDf%6Z2o#D93=HWIi&x~;LUv3BUn6kvTigw6O-wgpDb^CGPJ)<}Xi$P+RJ}lK6_Z(-~Qrh|nc1-6=ZvmfyAtw7K%vIUO zE^Th8fmV>agZuT~!AcckX=`!EVkL32rh6^z#RShZJaS72lBJh0WBjSml&&4sLC{X( zd$+N+oV;JRP-<0wX8&b-zmV=a>k{9;>8kM(@Au^I#*2o_>??wsir;kD88{ISJh4QH z>WN12e*iBShM)@62*GWWYOlk+yi-JzXc5k=_Jzx-*9A6O~ zm@$-*3PoF0TAf%1P^;6?iFCUEP8KX}HgL0BYdO+h^&0%FimRlb<|^=wrG~49O_2v? zspT=*ww|zlyxxdc$TFJi3hk$tP1DL7R!~(!CC;CyZVOa=hUIPZ*I2KPDNZMss0&NX znY)j#TWRx_;+E1X6&5p>?yFrh#gM(i^P6Nu3KV%o2gy3fO!Q-{>aMCqekw9P=Is?I z6fL~>!EJ0yznd98-%r9GnI18yi%NQV!)0U3x6edCXDH=_>((&FAmTBR7zc zvFhv^?*Zg$^(viR5|1oTwr%Ekmc-AMy{s6IHxY83T8R#EF8jrR1fNP8Wl{T5r@Uq0cjMm*f#2z`Q1fBN=8C{FH8$~kf@SQ96k*yq_ix^82Fh8Rwg zK5f~+^H-r1N`)M zYJa8|bO35d7X#0j9kot=6>dGd(7mg8@hQ|;1TJ=b)lakLT)(K&?sGleXXMn>-z0Ld z{=?_e=$lK2*A}V}#nJJ}c5}a?ZnZ9Je@!LL zTz&HDbn{1k2QHi}I~^=6dKLdVTl#gie7UkWxE`~_TLO{|JY<)>dw^aV`9O>ad;1Op5P1S9 zpuynJ|0|MU^1Sb$f*oQ!FE&jQ02c6bqmt0_3Io`*+Y>Ux~ZO z+ntF3VtsDB#D=q4rJcz%w)IYAzps5B4gf4E!fHB#OM>tJD)3wt4B!9&1@oVQp{T`l z2moMY!*ui!`l>3zRxVCp3u_lk8?d*N>pdC(5cL+mpE}tfEa<(R9G&69-eL@YBZTkg zf6NdD`oAFv2QdbHRSkM+7k3+aJ}@tsi$NTpo}OOR-P%@IOGfVB^!qn4273g;RTu*C z^6~%-XLc<nb46ovd*{y*gWt5$zo?~5glFADij;l=U$ z*T$#-0Gwt;nU^}=82dR!3Y6;PgAMiDN}hFo`E%H<`czC(5!BXMBthxVKGGL#OR+ug zKrkvYV40nMiBRyx#r9)mir{)3!N5`16E&0+w3mMzR5o=-qdaoFfSRl0u?ye`*hIfS z$rjog6{54V-D(`Ty*zm#7toFybMolxMgX3@N|EP#C`^S3lj%7siJwlj zKvAKIB{ov#EmM(E@_-D3`>jBh zO54!L2=&|V`n=L8k&n(Q`K*HP=Jw_qWYoyS#I%QM^Rl+?GwjQ;4T$J65p?pUrlj=R znPeU`oJ1m3p)V~L+kN78$HvBZY)82s!`I&9Q706Aw2xArveb_LN^G18aY_rgzMbF<>}_Eu8qN zVYPXn{%9p)_j{S&`Cg_Fyd?W=B8k=jGB}Z(q-5!H0OjMyksa~2JLmfg-=KrECEBHG zvdNgmRlztUaUhi-9De59W$Ro~pB~vLi$z|y)xM*(K^)4;dK*VBg`aZlwTD&ZQ4@HN|Fr401-^BDddkHe#MU^CWkfYn zs+vs!W{XKeAE4H3`eN`ltIR$>1GB^=?ZsR`yBS!zEfTZ%9Hu{+eGcmCYyWb+F_O-# zoMwJelq@CiWo!)9?8X@P@Gw)<=NMV44&CV9nyxg`=R&H!JU&3R85kIJ>L~QI?{RQ& zC^p;z4O`qd?lt{*eQ~%V?df?gVKC|9DBEnH{bh@`r{;9<6)jstVqq`GRQE=Wco-Yo+)Zk`2UG#bzd8O;u*~S*yD3uVh zn9;<0HpM>^Q#u+2Bfow%Z<3qnR+@EA&S0E#*dCu_#x|<=v~Y;4FPMrj7RFM^p#5^0 zm68(Dix4uAt+co5*&|b@6Doy}&)-vjv7- z|0BZ^{9J(TyjPIm=h`Tf7I#@2s<3E2KE7AMDF`E@?9=(7w@G<<>SaTka_&3VmnU|{ zxLxdcbXI54BD}MY7;jU#p3BYjPNuNNYr<}>&ibOoOH^qKt&Rf?54)8FArOeT_#)?7 zx@*Xb#K>Y!&$#VMM`Vd=M@L6WRP`4-Rh6o5g;0=bIbf+uuH)QS0|D#Z!A%D9I|B zhCnc6rRx_xro-(1pj2NgWt^%)li`o!Zt|wQ?WU0*dxGl~$&H4R!RRS@T3W54EG~sp*Cf?DYff81lOp{l0VxMZpm-XFO$-{3$P$ezv0$*HsT$RdykS!XvE>dxT&huci&YTxA#2gu&s1~?9S*-3m9AuSAn_$6OeIVOKse0bW{PH4d zt`+vi)xV;F@%?Fi!{3OCM~MUblRqowP_F&}G4Pyz65M=btcBjsrI9eZ{I%GTE#}ww zt2J1s%W6gs*U}t#Kqw`F{3YVcx1-I|jD)C({nY4&R0bilVve ztQ{T+mW%=A_GTQ*zJ#>2FpR~I6Ioq;!enm3Z?J7D(lX_)ds_Q6x?k6Jb}n*Ss$&J= znOf3d>9HU72Woh+%?G)ta4Ch5RirCV;WlpZF?5m(`V_H85z~N`i+j6c1+&5-oscR zQWlmz&*d%*x8NRTb^PJ?P$(U>LUS~byy>nvc#{QcmVVf+&HP#=7aWHjm>`1Emy|qu zX;q*xdDogDqi8jmVUMMt - *Note:* This feature is currently in *beta*, so it may encounter issues every so often. Please report any issues encountered to support so we can fix it ASAP. -## Enable the Feature Flag - -By default, the feature flag to enable build workers is off. In the Enterprise Registry `config.yaml`, change the following to enable build support: - -```yaml -FEATURE_BUILD_SUPPORT: false -``` - -to +## Visit the Management Panel -```yaml -FEATURE_BUILD_SUPPORT: true -``` - -### Update and Restart Enterprise Registry +Sign in to a super user account and visit `http://yourregister/superuser` to view the management panel panel: -If you're running an older version of the Enterprise Registry container, pull down a new copy: +Enterprise Registry Management Panel -```sh -docker pull quay.io/coreos/registry -``` +## Enable Building -During the Enterprise Registry set up process, you were provided credentials to access this image. If your server has these configured, they will be used. If you get an authentication error, you may need to [set up the]({{site.url}}/docs/enterprise-registry/initial-setup/) `.dockercfg` file again. +Enable Dockerfile Build -To apply the new configuration, restart the container running the registry. +- Click the gear icon () and scroll down to the section entitled Dockerfile Build Support. +- Check the "Enable Dockerfile Build" box +- Click "Save Configuration Changes" +- Restart the container (you will be prompted) ## Setup the Build Workers +Enterprise Registry Build Workers + One or more build workers will communicate with the main registry container to build new containers when triggered. The machines must have Docker installed and must not be used for any other work. The following procedure needs to be done every time a new worker needs to be added, but it can be automated fairly easily. @@ -65,7 +54,7 @@ Use the environment variable `SERVER` to tell the worker how to communicate with | Security | Websocket Address | |----------|-------------------| | Using SSL | ```wss://somehost.com``` | -| Without SSL | ```ws://somehost.com``` +| Without SSL | ```ws://somehost.com``` | Here's what the full command looks like: diff --git a/enterprise-registry/build-support/superuser.png b/enterprise-registry/build-support/superuser.png new file mode 100644 index 0000000000000000000000000000000000000000..63459415a0e71a7f1b98668e9c71beca15975348 GIT binary patch literal 744658 zcmeFZdsNct*EihMlrxoD({#{0bapzZ8KG$cHC9$uR!$xeH6ukuB_&csVEj30O`2nt zXJH&OGsP34k)k!GW^ynOpr()~P(eH(pdj+n%^)?aJ9cEySn`sdD`y1HV;+5;B8&)lSFS@7z$Yom5B-FC%& zL;T~`v$b8RF`o*R@O4iv{s=p~VsO)m6nMC6LUNqNW0`?X@!1Pdik6WS0R5`vYowRneI%nRjQt!m3_w`vtQBe4t>LwAHfn&wHnS*{`;} zLOA?>@61NR?kx$Yc7}fQGhiKc(<;4+CztR4_TJ3!(dJY8)_>YF*8TD;ZFIUL!h{C? z%{(^!r|<0VweMZbpS|a7JX5;f%X814L1i;O&7Hs8{3Z2LeZ$%GqXzy4f3g<)W*@J4 z&*`}le7LzJ^zq$@$ARnKM&10O>G`%){WtGf&S%HShc|tDP0;C7kBmFIbLDK%p^cX5 zzx=W*slnyKZ|^qg&2PAR`s9YO#42m|(dS&d&U24lBLCdaUq3XpczQM-&iVd_O+T28 zCBMwtYvM%lc$yXc?1y`Wkv~pg4L@vHzjMdWKmOF^f8b_ZX<xWIPWQm8GW9dcw=GH=(~NyAlPp&JXW5*r*(X*NWuKP{u(MZRazJ0#?y&imF zGDYzV_dM=Y-AQD@VBDSsr?G$?o%^d+zdyO!iPZYz_Bk$j^SAFaO&s*X&K`W)pS*q- zK9%q^Z!~SqrxUOKIJ@#3@%x2H;9cMczlcy!FwWbfpO6S+Gk@4LLUS!)<%;1*zk9!EyJ zND3_2b~E1gA@E_|L-HCy!i~+l60V+LeFfF7el)QSDV5z9Xs^khxN99p9XjtZ}|0zACls>o&EXy%%m!-yRfG* z#>{^$US1hcVdCBt)4TrT^{tY-@t5_ShxX*gJ-D?x{IyTDZU2z{?I!Q>=EF&Gl{Qw- zQnIe6XM%)D*c$}TAGRbn`|tNOPQTw)`D5r7g{6DK6S%mN;t5o2y7Tq%`+2R<%HzFG zrJHbf@o&G)y(_!5dtj~kUEFY7^!KEnUH=5kI@WLVyJy|Z8@{$+R=)*u-|sEzQ`iE! zK5@m5@t-z5`(@S8xvw|boH~$t@`wBOr}ket`O`-Ay){R9ynD8PJXko}NrxA~*N(XGZgfoG{j*sfi{n}V{cgR8%Tt`5_iIy`k$ z71bY%nz-#i4!@{8p$%LMdH_yq_@yDWfy_UPDug^!9^SSdp8#sg*x0n;$l7gtlQ2o3 zq)kaBNq1UsKz-mQAcA(7_7jlazmm3=HW<>{Q}zOMO?-`awe}~ad&-rqC7jEC&l-Ff zCpA?uburd%Il-*?fPIIlnX)WomO8U2OPN^?JbILQwEk!d^4(EkaB0u6-y<%KmMF3 zYW=1Y_|Et^!gE5+@>-39M!n`~T;7}L_~11;>o0A;tuNA78d(|pIxKyf5v-4JI^J}w zDJ$XQdTS%aHlyu#x9?Bl8s#0CJR;n#w+&%begqso5d0@_7Lb}%dc@v;?!xZ}zxjUj z8}8cd)q~Fxo^5<~_nG%a?+Z9qDeF7dmdq);Iu!e;@+jx9UjY9mKg|Dz4fjU+>Evcq z`eZsO{c1Zf9bqZ(^77v6ZCUk#I$6P`KCHH?DXVNiG}X-3wo!|#=;1E4@@iJiU=Xg^ zpcYL{>%Z3TQ`0&%I2EASKIQG)aV9$Xx0L6`5$$nf8^$k>ULKjbwTF0f{@v=`;xi4~ z0&EUox_`ZbaK=a6Ml&M@q|v-{t-(oMD~r|?d9d%WcZtr6#8#mhhcoC_aw}_}DWAP% zIWSaR#9+%S%SdFTS|S}PyDbp$C;W#}g_Unc(k(auF8aR6-a6akHy*6Kz}LKfkg=}b zFh)Bz@+obK`mqRJEe~oNpDHj{XD_bB*Q#n3zg_BFs#%~d=BU&D!Pmey``;)~{o7?#D_`}o+W<_>|^j7Um z)==`s>U+=cZQfYBD|y%H)SlEqxMK^`tjnbN*I!eh=JFr5Bn+) zSMEOt2)=O@(^)tA+vwbA&9?>nn50`a%{xw~UnRdkd-42WYQOB_xLrwOFnQdz^5!t> z95?Nms{^F(dL(-k?sl~3njt(}0}7EOs_TJS2JD=PkO9?i3wm0m*f@!qxRN z*g7FVgy3i~aU=hlTa9YCxLo6(|KU&UI&G#rM3vVV8X^?qKmS=wz6W{l2Y<_HR%+6z>y!Tp}k1uRFdaU;e zt>o*H^BxQ@P=I`KE$>$rG84I$S4~Ow^=@R}7@Wh9xh_1x^Yt$V8sFS%8rGk-{ngHQ z@cW8jL0|zZAO{kj8b)UTW07G`u3c-kRn`0v=2~MB22mG?QhJWBzw>x%q28^58s;%j zCJafLoE%K3%jo$8ybH|3?UT~0>~5ko;6%K)Ql`u>{dv`0J(A|JqKg%OMK8wyYu2x% zj&Zgdpbay)H)w#6I`LCXn0&vS;@n~q95NGpY^nX7-yJg`2#UR+?5!GMj;u>j=KTQv z(Dgh>;*f=%i|Bg%tgdKZ?km1y1AXjv_XHa8Cp*_+d$i)My#VdZ!I2@6Z)86Xo>o4f zWeixEF856Fnk=Q3v<#3H&u{isXNSWp`NB1AiADKc*l{#yPSw19B)pn`p&qN|zV!~P zZLU2o9UZ_fdVfGMqC|rQg9jPqn8x9_q4*bqFrq*p=zV zJmRU!qZ%UcUEP~L%07ijKk}mrr{#ia)u+WFN$Y5eE3OECBNnReQ=pqNo?9zbk!scV zKNeobY}s-70pjM0`u=ZUUpk3MJh2DcM_&iiV` zec6gXwtr=tA9DZjI#BUQ)Q>AZSy?%4w)v@zb1TCAtE9qH&S^?KzC3xwHvJXkCwM$# zyIKWCIV0r9S0rOKQK0wPubjd+ULN<5o$elKd{0~qO76-R;WmXwT->Kz4hTE)<=$5>h7>aW5aLzM_Y!YcmGY~ zf6zG+Q#az z^?%UTJ?i-Rti$Et=zvhqQ^8>Y;b%&d#LO6*`tTrhn>zI-SCtD*2fq3eTv?tKr3-ASqE>Nmh`G6XwLD%&G3gd zd>bLmmASccdhgtv@S^j#k5Byf@!tsiHv<1(M&LDa#|)iUabKGM^}kMVZoVF`{`&my zUv`A=nK88E(n`OUUiuxfw(fW*=cgu83a9&HU(Wux?|%5Q1F^Tm+!=h3Z&-^Z-ct-U zMB$?N%4qB2$uE^kcRzn?-156wd@3;xquyP!_2;D|mw65D%*!yJm3uFL;W6{#oB7tH z^2w>*#;oOzFi43qU!s--0b9^bfdnYg6X5x9iaMUJVUO1b0ok9A)xP>dV~iZ=Lj4mJjL0m-`!Tj|S)7BK9h( zm6P~coSzt+%nj=??_%)JJiqqkE+b^M&d0w}V#=qHgNDnoO6Tjm#=F*SlD)iFq_@Sx zPQ4=(CHK`ofOS)x;gEBTHN71Yf}3fYG(?MF}fW@QWa1#G_ag~@XK+C)_m>T zWVq-XVrWfci-|nDJH6(GVLxNPf!L8nQpmKlke4IoS${d*2hegB(06JHzI>%0J)ma9@Jl${ zH#q6Cx7gPA3&Yi4;fmij5)42IM=M?NaQh^8tZzqzG zsHx)FFGl`{IN8^Hk>LahK82gFcTRaqm?re8udyLD=4pd!0=a*>SZ?+LC$AK|2aAk3 zeK?GD@{=!)O0B0p*%P-Za~b#)DXqm#?MUORKk)0wc)vW2Ct=5(X?5)R#-i@XpGnY0 z%s1pt<$jvCI=KEH*aEX5`n};K=_*btCHE`$%Uz3o2D=z)3OBmEGG$0FP+8yVjT?lD zhN43>ZmI!fnDVmsms@3~Z}+YCl&SDyuT)$J*;|aF;2z>U<*~p@&Rj}|6oYb|KqIFp z7;J??(Oc5aSCSeNKm%%0fB6@y+A0-0hVd%?RB^V?D+h9I~XcO1A{g#xs;7%)4n*M zUtWpY6y0Y2W)Mz6gV0mogfy{d5k7>0 z=jUh+EuGNuz2%|-0+k)UT}@55U6N_RxD-M`hPd}%3oWBM!&$)oqV9nLu9YVL>U4D!S+|h2z?ULS*=2-CCaeoG*HY26uQvSL3? z5q(F!Q{yQ~XZX5NbueUP=a%z3T(BYT+1Di5%iePD*=y5AbuH56=wI$t;D)A64L!JV^{b#d$# zUPDljDlIpZL=q@p4)5#{$OFti=gYPK;GzxUh)Ka91I3P(4&4 zE-0hjtd>cpDlOH)7r#6L-upUy@y$oR+L5P*h4&B(1>4&R)Ie2n0Kp1^?rMCN(eDE4 z_AmdyFR;QnwlC4NKSc(ISb<19o}TZT1^0{{V$d6`B<{oHDAWMm_6(_0EPg^Ffj`J%HwPda6+**isBwA8rg z+8smNlTph|pSf}hSvA3tGf~Y-VNcILDbLJSW)Q|}o(O(L4fb`r61l9Uy%4cmj;#Bz z;5}<$Ua7beRqSi3&^e9@Chikv5JDB9>->UZ+Zz;ISZ7{4XJB4dQxj>#S)}Viz%r0l z%vyBkAV>OS>5JT$+WC-w;5?;YmuccY`d;$Zb;>#NK+U`x1f3C!bjv`?dMOJBqI46a zr#u_0K_j1MDbln1M#`3vnk&6Db$?0Y(~mijqL1$b97T%>>}Zue$5;rk(-iylgf_FA zJ@Cm>eNC27X zyyF@fSzV%P`3I4(=3AJ|sn&AJJr>tfOFZ>Fya%!QV<##YKtii75ETuNJ<9V`6D3`w zc5=H{%3ujDCfDBpeCdFHiY@;ro(3pvcRTY!z6XmJ^JllgN ztc~=J5dRaG5cKebbZhmS@B=f(sIcOqtlk@nlo7vMCGhQ}h^IUdc6T zk!uL*14mW2SU%NylP5)_EI$&$z-W7p-KVQdS4qAh)qM~dnsCXE=FOnCrhm3V6|Zp7 zO>8Yk{gZ0WXC;pKy)t}kf7J`W=F6yNYE(!hp%_fF_mi_@+19}xi%B*df<2@thu(*H zA}DF=N2|{bQaOHIDa~br?PeN#7JtCkr@@OG^i@K0&^4-EV55ub8i5-goP;cHU!>u?i&zAESACf` zT4C=|zHf@ADrJ0J0&04Z)4tODy6)XF`>jg{&RC7ulQF_-A+1IC0+0yo9wZ`MHSTUB z?h2o%8Rq)FFR8mZ-6QIBU}b!9xu@PU1A`o`>yA3uxS5>f{>mtapm+ykf4CrU7=h|u zUD>VKIWo)SSrFzR#U@N)Q&XknQn)X@C4bBLIm*_|8F8>H{hASyT-2qyNyhv9_64q^ zIB zta;V~JVHXtL?Jz)Jz0V-rzxGAky#B1=E*+PL{Ps=HYK(NO`5T8_Q1ls%2Y4fOk_zY z7FC$L5A6lu+0=HH-|&_z`jE9T)0FbEFHh#Ks}pbYD*9BZ9}hIx2~}=noqgbd2B6=B z8t6Rou)(CFeWGGA@SrxkR|3)?6*frm7hCwmw*!|x4Wx9l$7XyouXBRI{Ci!)8jOA2c;v|41>qDR}4bo$PUHq#6T=zd1 zHkUq`K@NZH8p##HE)fp0k_yRaTo5Z50rM*fhst_g>}AEYWmtHjz&ol;aW$NlQ2B&~ z^Bf}s6=0$SGu59lFPihFCy5;M%ZFR44>Ig2#&}9ZX=Sh*wKJ>s5`@-rHBI(}n_W!} zED0~H>$Z^P{S#QpuM5pfDRVeDx|V9C$^D$bUr4@#1j+iljk>bC$Xv%eu2ym{fT);? zYRM(H=ZS+g)fuXb8lNQ>$iBMvUE42~d8r>MV1$Div$>)>9ue^VC;VLZq z<5xZXEmg!af8XPnjA5K?vcenrR4A1x7vbd~B;*?P8VYv&O_|OqxKF2H4_fGVxJJBe z!Hc|C^AP**@w_1wNwCBcEV&YvT8T>*4XU2<<=%{j`9kfdj}22F8|LYp!lM~|cG^VZ zvAip)W1RD9PHv1P&`meLbioufUrT!owJ~BUt~o+WB{w+WMgWn?*VeO2_qJ3hvS0PJ z_q(;Wk`_jnm#4MM`pN_rROB_yfaZYmkW{|B}^Z(&HJ^p*576I-(CWy; zVE957Txy&Jx5Qxm=z2(68BpyB80qrJ;3^+)i%C#BI3#XWKfQ*yV95oC1g<9<@L+N$ zq$`G7!YixJqF&0QOI!}=*<-l=fN;JtQqkpsAo8*qfy5;*q#@FSQ8O86jYPPLK}!6x zD>;6V@V-U46WuZzWFVj;5;-trPG4iRE=<_|iwqUW>WjJ5Cmoi-l^%SWe zq0zmP%E@wD^>=Vj+{HmI_>!qPZn!|6#E~J)d1uJDfnN*YHyO%Q#Zw2y`z@{)**-jA z&o&4Ks|M0g2s34%3B^QWuTvFmIRDP1;Z?o$u#T}#)#v2di4vEOqDBrx6i0p31VFIS z0#TztOWMr&#x@aqLwF<|Dk?^Y8z42zjTX;*f&q58?DmGYk-1_NgUgxgbJevjeGc+G zn>#pA+-K<|0aKERS2{(O#(tYdv^*+7_f1;Bg(Ra9sKCQgE|Ym!-cgVVA$dymXFjH! zuemy|05FG)STCOGtGKh-E?r)h2X?(^5~BY|c!@sL#9%Ji*!x~Rew7SvZ29nhC+~fx(kU6u z>!>CF9};!B(oxGVcdrp`(+mnUgN>jh$g&Kgl?k+;ziQ=0L{*VC!%5?3TBa4K?QI?saHlL>I8Re_8S}!M+sN%xx&p935w4hWZK$IS_5^YI zGmh#e0sE1DdY_RiMASXuisW1y=zT#bu|n1yB}4W!D2oV_MTBt#L5Ns>P)^i{wevGS zYj=Z>Vn2D9cgt42He3S9#!ZJ_GC0C%cgyfbN--c}@853fP+OMATpD*wBf?!QNLd{S>N2N1`v2hDgm zS<+$76dO%nqN9l(bMlWD(?d_5r{fgdAT(jiUsX;7>lRlyY989qh zdihT2>o?_c&4itbMF@W1{Nl7sAkxmC8xq|kZzuTrt2J7was}*B^1u=^-F$Wtn?uj# zm^D~H=f-D!S~F>$a?b{M=@qz12^T;9(L&4$fQY;662RE9n=C211}#%{Bb42iPRO=4n!EfofGPq3)8 ztzG~M8B7HCd!ekeXi{36y-O@C;MbKn@?PWcw$}Ij6|{bs9{qxt!R9rr?)!9Jpvw-i>#fjnd^gdCy`V6z_P(# z(;yii(*z|aqjn}uzMTd|tGdF+?iZ!gJ-FLkkY+iv zxx_^sKMQS}UBhfLad{PFW|eNF8#a??zG{2o2WtsB6)SIU&d}ctxtX^evev+Q9=?z` z{^9;sS+67?wZ8oYch@% ztU}M<(ia+pB*9HvX53I_C45i-TXRKxnh!X^)Ep_w06PeM7Y;J;gC%k*8~+C$>M31?f(!!Sdm{2y0^D5SFV(fAXStdDWAn-R3fRu}n52-t+Z9=b)-ThO!{FD$Y z*W{alxb_FsM=UrM+Rwl!vKsJHSy-hFGMMa;K}`g6m**#S!+;DJ>hosaePTr zN#^U!L#F&gp=z92Wr-}?LAIDH902yPfXQwnpbqi_8=TiP=qg!V$!-`=?h}|nb(9HZ zshSRYiq~;W*%S5qOvYb>lG>Du&{5q8`8QcZYwWY+i(;cY`jW}|XY5#Tkv&3Rjs`82 zD$P33Hi6~vnVDhGRTNPaBxxV;Ram4q)#IO`{BVJMJQJ!aV#_7@DKyAm#6=gP?_}z< z*5K?skHt!3?^Liq9FBTd#UW}n=7_j<>L>fzrCWi_<4P0%9u6JonZTusHoK%O%d{K2 ziX0b{WT3dbC6z`%)J_|Hy0EZhqx5pfd)h^{Cyx{>L$O>Y$6*d!r)YgaMl0h3g7Q9c zK7)Ki^%z0cc44Igtwt^2Bz0}-Y}CpC9{UKSM^=MhfpACv$UE)uY>tyjj{0 zCuP%GE=t3NsQY;h3NlfaBUqZ>332cGH00z;>|Z*3i)0M%?KwQH*Jyqsh~=+2vAa=z zG7I@M!FYPNdOP)!01uA6hkt*{6if3I2`kxCcUhp++Dpld(u-o4C0E7V*p=v27MzTM z9`$y*$n6(oTMCYG?SV{$--sd?9D}>buu)^Ji{s+4DhF46G{I;3orz5>JhWhSfZSD_uWdy#<^=(Or^|gC5pjS&o9)jd`LZYAS4##p zdg=b=$cjD)r-Fcr}CbJE*iN zyl3NQY_T~eX%D6i-OHG6t6c2iJw{E=S|5SjN4tsSj7Mi%>8mAs|_YX;W`?k)#eg!i8o;h`i~@kqlK95v7>j3bL-fYk3c?mvP&B z@pH>3ie=Pf_bgA>YMWy+x^;zhy}S!bjz9tuq;wr#2x*jTc(7j=NW0d&tPgphBL>@ezJmoJ{2f{xO^B2MZynmX4Tw zAAQD_LwWCfnI6dJg(>J#=m>v%`ZilR+ET7K zf*R2DnhWU0vD1QFd=)7dSSs29#(g@@EP{yJu!i_$^FFyQJL90=0IFjG=djHB2y#hj zRM{Gxdux}KOSjB~hZ9j04N_INK!r1qVfl|g81Ns2-GCc;DW%m#w7C{%JyuU=ji+ltBZ4us1 zwy#R5z3M--oKyad*2mN~Kr)jT#-0qf^F8h`HZ;3Y5+BIY#O!G8>NhVDV3jZ)#S;SQ^IPGoEZw2oERiaVCy}tH( zJhSgFc$7#s*vpljP0!GQ|0Y&N$u4gQi9k=Ze?y)(%;93LT1!U zO0_`Ngw1T)W?WwU!Q%lZR#isr{7abg)*K4-M)B^4WaJ1A%l*)YYI$cPdGPQ}e~8bB zuGDzGvn;_Rf@W{=jQdiVt_-o{4nZfUbe^zWN=6RV`JokUF_DTqTo!1?^s}LS5|7~~ z{-5CCyq9rgb7R)TMRRS3p{7GSd%RJ0oEZ61OVqPEX0pas)Kc*fy;$m8ey7A17(y$_ z&T>n$1=_o^5FyJ@;`3+&FrBhQTIjw&w(HI0+W8Q5UHx%}Bp^A0qFaIDnhDhF8fVsN z$CR-gN>b(Y@}we? z??Ow(@>khN^R4&}2Sj5?g*4d_fAii&Q*7+fmizgDKob|gVPVISsLUp36ooLEi7?kl zib&uV${V3(TWz4&ED)?_n=~Mc_J;egWdsrKIw9PH+7FC`_?Qba84SHcpb8^5va*TLp;#1g5?Yn#!rzVpu`#|wFMM0N zZFn4LBI(vPe421w z91Jsnf|XZX-{6s9JQDOg)s(;;26ViX?vISYfE;=LW!$CtfF}{OvJ@1P&tH{p)|*t! zQTs!JbPl`70gQPK#g1Z!98+B$?31%WxKU772&FaZ_bkTLUES1lPvju1YQ&213HM4| zk|TIbH3vGkUiIp~$^ZWv9O3{+JCqwc*KAFg6__lS{Hpypbau&`-R!@j*@YO8oVSA% za&PRVt({z@$Zd#_&|#C24cDAv4?1h;Fa`0$qRaB-+3$X@pG8;HMCuY<0A6wZg1BM6 zXz;~J(Gz3cbZZ>b*5a?7w0(^}6MT912Xq+*Acu3R_A zs6up`J1tz%A?E3X2Z_ewLBsTIG%6oF%DA_;b|4;KVL;@qlbLBs zN%3c%1TD_Y(N)*(P2nyqB~cAb(d;K^=^QJI*2G&~uLKNNqgKv%CVE9?Dbut=~Y zifM#xaCG7#NZb0oh@p|uJEu<{;-I8&z@CXvv92bZ);c0`H#fF};(JY0q?55oNA!4) zjm31In^WmugdC$uj>k#nl-WfigsFot_n?UTX?xQV7!MshU@TL4u8BDFIdPcAHVNsY zvC;fYz+5agp_JojQ%zm&9i91+|G<+Z__x9Sn$NN9V+RQtxHXmb^PuPG%zl6kwn7(y9*q2uC5Ob{700}9TF}(p4nr@BB zrl^Gh@RLXRP(Uxukz=O~bm{edq8y~f=U6X@Z7~e*RNSoE~q7{4C z6@1XPf<$B7xUP%hD+xBIIJzM<)!df|JaU%OW{(}7%q!{fKs07~h)6z74c&A*Bx}f< zY=gU;gO)?*3^08u^xYz9&p<$+{ixVcn}Nu$cK<;ig=Irzop75Q;=k zmBKG2;}8v#)32boTM+L12PO{6Bf14V;VX7=+E%Eu^i4f5C^B5%Ry^~;CXzVtK$$u# zIhX6tz#Tqg2vl@Hwt(wFF=m6T^rq|Fa_jW& zk-juts8C){G7FL96A#5kR~F%`=PpomHP#48PHC>)CmOw95>@7|TOkVc&BNW%S6>zJ zOM!_fe2e5{m~N*<+wtxIi11-Ri~qPiPZwcx@GLj+4xv{YX|(4<6CLBJ_RmA` zvx6xt8ug()P@1>+qEQ?&^+w})&^mH_pglLoHAn1Fbjdf!l&&Y^{@z9h_Lep|x4zRv zSo57*s1^|ka_O6GpzdBLt>?nb4Oey0SQb=VL~8+wy&s@1vfDO!Ov5M*4r*4tgHmFw zC}cCdkOl%(QeS+3ZVB&E)bn-%)6_nyTv$`8uCa4a2T^U+*+txwOzI<0TS-A8T3n%M za^TbhyP!FL51He#YeZg8f4sWV-FLKuo?&lCw&h_i<<)mML>dYyC)3c#3a`YJhpFlj z-};m!gzNBn@nF17%=5~`<;t0%W|HE=djO5=icH3FYqtopbJHx!_;e^9qsYNxq9UTX(4H&FteCTt|q4n_`X$Ch)PbBAjO+mTd zi8OOAR!GU>_QQ^gGu=k`S>>v_GOpP`%Ktq+j^5>_;tr$qvva-USq`!Prvs#9sC87! zx7N;CYn6$&mM^E?HQRceRpeS?lmj+Sm<{%zUt>B%uE$U9kBP~voJW&@-ZG@z8}GYE zxAE=yH}&WhwUH&!Es+Mj6NpgZd=cX(YN3Vnv|+;Xd(!tJpxwsDAH}GWO$0Zo@*$oRfuU+$5yZ9+sGC%#(qW3a+3ISz;3~>`J!`FnSHHDE;Jx zWMtrg@eS_f6n7VPYRplX!nuHx`_f)qJ>Gp&AI+sne~1}xUM}5jWnK+aDcUvOVpX@u z#E+qwDTa4+HMG7STAioPazIAvSIhWSdcZQ>4?|?4L9u6~eJ0vo z4KZlXGg4j4m&xAcMtF_pMcKmf8m?#hERexURR#-gCvZ9wGu@Uf7~R#jB<^g+%{ib9&=lYm@I9Rcd&8oX5BAq zG!i&lK4U~jpusMq_vv~<*nCZR$V^X8(~-#Oka6dFj&?+}CG;lCgzq_0v4?XwU7_m+ zcqUF`|B@&ga<#k#_+f+WPlV@4Uk9nG$bEr6;7y3V+&i=gHDTFFU$ zaK?Xvq+1yqTff~3+kT$EP;q;7U>i3k)IeR>B9FF4n;xCi^%2xi9X4k{v;UL19Nqfe z6!VkD(er4If@^`&8d2RZ3bUwIG^Xi-#2UU(=FfKsl?tH44|6xUxeml+Rakj&4@W`V zoEwW<$;x!l^EaX@GM-5{1MgObmT|Oox&BRiQC@A^&C?&|Zf}C7u>2dlUz$w^l*OOH zE8I|i;u(-(u?6X~&$}{=d8eG1>&X7ei1WDjBwwFZDFkUBUo|=ffpcH9Iik6R>GV}( zO~Cs9jgiLQ8w+(_Gj1ne_{-ZDU@kuZbPqcOD4o3!?Aq5=g8cM>1N!JquK(;V zz$^s&RrisoPt?Ywp}GXDxPneZ-aj6B=>jN19PsBWm{-$)=7Oo_nHiDqt@wQnxt*Y} z5ydPd4N&P|?Q~>Vb9E%9K7(#xEbnt==*E%K@hK@<#Wa$D z4nf@rh+IK4(9ZaUFa2q~JZ!!Epy{?a z@z)f?_Iwa9u`VD`&BonGNogwd|FSsaXOL@Ft96Jb_(R?Di(2tjXRsO(rns1l@f;TFw#Y-EK7z~QxeZ3`zKewCZ}y2KB`x?*IUG5xX?e2qi0CTPyfgyc6-5j(Qcb43 zX=*R+Dq=H=^JvmmM_O4L{$AnqfUer8SG&XYBUBOe#%^{dhMw5Bi5#ogdB!qg4Zf{h zC3D)xv;Vc#rR<_%8CY9{&SM7rfH-6$Id6BkQD)ZbysU^Yot(`YlLnt8-+QW8sC^WUTctJBb0h4W7QwJG=+CsO4~t9-EKCjp-sqrz_<&c z=kIl+HKJzO9mk`ITVo?hmX_E^lEq&fXolRE^a)(JkE@@ia$+ceJK-kcce9~NI0?#Y z1HbKz3LliX@bM*;3CA=q2mC@1%vS?VlKZY;^@f7zcH%yZ0q1M|Qb>BXs13`AE^7$5FU7QHUrWTUIQaAr!?7eANljqhp+}0M_EfA}_0y0EIrB(rf3M4>M zq>74yN|h;sOh$$XBr+4wQbEh?z#t(J5h7)bj8O<880Lf_1PC*Pgn7yY8OV3jy`N*h z@Ao~=alF63su2%7t-|k=Kk9*aob`Y5Av3zUE}XOC-7R6h6z%P&w5p3o zay6IGIdy5#NAKC&rG|3xPb}Kqk_s!BXL`*6bzhRJ*CLL$W89nVO>2)8uBYu8sytp( znoDV{&H>;UXJUd{^ii5?>X>fyrh6Gsxxx1OS27?7pm1FrKpM_B#EFWS+OGb6?5Mjb zqiy0BJ?=m`ffrs_nrJ|xsSWfo6AZSx9FQh$1F|b+BJe(ur_d3ZVqj8N70k)fL5XnEMX(K*VHFf}+E1Z4 z(|2hQ${|2%1P>96HMdTiSm^HxkK&}MnP6_0o&Eare8_MH9eQ8vTr<4O)>?rg&zqYl z(NvMG4>PTCT`c_oho!PxF4g>HfNM?eG~Dhyq5cx!U4`7Eh})lT)133%nm)`uwzo3n ze2v0d`-TE5SY}*$>Fi!ZFN9_ z;lPbwb8GU37{xEW_|=;3CyH6H~#-Nq25(0P)TbUD6Ul z+`RnU=Ru8h5>9fbTW#m3OmVlx&}$5=jEo6EyU(kOPexyFD4TA2yY(!#oi|O3Us7zu zfbYPiJz&+Ct=U$Nu)prSJ_REd+fFg&ngT0{Q6d{KT6h%+Xv?fV*t^~bGMFufmuypa zRol7i5SLlZOZ$gt%6%n?P{V-CqvB4rz+Amnl~Y0@*qV9Xp9g`AU=*|jez`iN&1Pup zfkM@JJC&GHFX68i0Rw~@j6->$!J4gpaxK%w#@!Cgsr-1IJ9o%g;`byc+`)BHH-;;$ z)DCEr)aXG(cR@l^p72*dmqaBgNjx#D6OVzc?By(b`m;N=^jdBxSyT*+bEyIz+FPZJ zH_KjsdZu-LZO-a$k6Qs9%GgT&J{-jK%5x*`=CDX5(^NJ}X+nkkm)&HxE8ULy%+YpC z)e&T4RB4OoSSZA)E6Sa5dg%2K zlJ=2!a1>BPfoj*EihROfhs_*^mqM2{OVk>)s!U}rOOYK>;+vx$`vD&j;H*Sf63s}^eZB@w^@Bnm3yquQMkg3W0`^doo_FEpdslK^A$T2BA zZ$a>!VHy!?7U--Phqs|`3o7UzTxE>c1qxRH4bo&&@a=YmF5hMI$cT(OqX5R8yqF%B zB&z5!E<~`}rs>LU>zFmAw&;KkSn5}g!*%@`;MzE#`>T3c=b@Jj58 zbt)u2ww&u4>*twLe5DKL=~3+%l=f_MWA8r+GM??Dm!-b6)21SJV-EaJfHGeX~-N&f^wLS#5EjR{d@0W0Jd;1t*fwVH$h%qiek);f&wn1 zTseS9AulQ#_nc_OBFIGBangq0ui>wacw(DkDyse8`r0@CeaO~8Mw5CR#xOV_`4E;* z)(-J@4nSxC3^s}BBL&dM8SE&C08{c7UR{E^-WLwRs^R59c}6+AYS)SOQx(@Zdu4)qI%R;U!C3jR$?p`?u zoarje=`rL9`p?|7B;M!4L=^(rYGcJ0vl`h29eEep11))XWTE!;XX98-gU$1Bsr=u^BCW@%l0Ot%2gNy%re zBO*FXd~j+l$R|8DWL6pyLQ!iSoHnV`qckpC;~~2Ax3U#meCRUj|I9fYzzIg;(@uc- z(TGI^LAx8kbv{1o1458|dG*CX&%6rZRFt!V>(Gs$Q<8d9*BK`A3N@|gf3{(;=dOS{&hlG8(V38ZzP{zOj?g6$9-K)y!IW`(8+sW27MgNiU=U7e)rW`Gv#Pz-g<5UVB( zM@a(uy2+uf0N+Y)+MZEu+TxUW$QE-euqy$C^7!M5t_hN7p{re1YzpM$-7z9|83hE9 zX;)|eTl8oWn3>J0?p7C`vk(Z)PfT(??`$vMuvzh3FTwHb)aQM5m@$iiST>A>%)VpD^XQ?fir%K?pEu za#^WSs2GqnR`0fdQfuVXVEG1EPPcr8uti=j zADEKw{qdz*78cMc8Z8$dyJN^v!U%(#7LCg%Gy|ZIL;C1{zfPK!L^p&1;#vWm5t+$O z5R65tkZ?7-f=5x{ZP}@xsUsn595RjDM?XndyQ!7gfVIK^1mVyTd=#g3d4Ss#C&%2h zba19?AU|WWLO4p^^J=mk`PfEK&yGyK6@Cj(nAM4l=%^=LQ^(*5PIwD1+?fRAdj1O0 zsAgU)0)%PY+kBuqOh%t{j;#$ozO}4FPDo$pE z(0!@6X!nhkD?pwB=qc?Y4a{v-X#Y@+gcHQTb8Z`|;&q!2JTW3n?lJx>R{E<3NW(cb zt?yQWyT^EfE6>PKnpSj!%h{QToD#FNW9M%P4;vu$BRRu3#~{$D_=XUUI&a&nsl*+3 z0`LZ*IS@y?$>25k(0%#yS7x?j)3EjrO}nXztdxffzVkT5UHT!<8E;d~eiDhV#9M4G zLIQ*xYF2|5wn^uAy{|lSM=lJK3wyxQW^luH>e^PSnTK3FG#Mibj}wt5w3jnNvG~f; zX?OH0ehgg0PBEdYL8$?8JL6!{bfXbBwjqx8J9KtS$)A1h7XH|XkJTArjjB<#3TINv zF`JYQddLQI;o<@~bmzlgU|Am+%X?%PGyS%JHo<%clI-uoj$~Q3h!FpAN1pbRxylOH zrDB~s?g5RI#{cp~kQaO_9==7;ijsMNWcFs!AF=D0RkV6nB*$bGXNi&7g)It5$;+XC zHjGA7ohXviiQ^hocM8q2!YT{`!ss3|ash8tFCseNq!#H0&Y+~;sH_CFoi&pKv?GZ~ zoq0)R=&B(^*UJ~O34&~dAghSHOOCmkrVNhpf-z_{tvqX|HpM+Hv10!L?ML}NP!6AO zYzvQ;tCJY)GOXAEEDRlWL0UW%EeX4ph)^+lL{-H@#j#3PSaD)hJ zP3F25duk2!zwQyy&QwyX2v)`%Z4!jRO2m!;fTA?Kq%%|Q{B~=NOWovL=bX^mLRSmQbamOgm z7``LWcL;PLe!@IOwhV7fSvKsOU4GSt{KWgCn~b!#qeY#eGSu4WdjUo=@#ZA-RA{R@ zpjLol0EVV80pc`KQnUEhO;DSuxyK{#46I8$KlVW;7%VzRziPo1etua%5bvG{h${Y> zr3N)skvsiJ4XJnwb^x#EL$kuTqM0Q|MO5=x_g$GlwV3HytV?UBbPwiqNh%G_bdv#~ z;D+t^Uv)KXwXMa{4Hu>@cVeZY!c;#hfd#2EWNOM7qFq5Oc^$_dIUQzc4l-;tx0v6| zS+~@|tmXia#{Xa>#6)6fu_x_?$iM7Ao0UR;_uuW+u5$bl_b5GqG}{~*p+g<9&Z7Up z{VoSX$7SLK{>jBgsRUJk4h5A_LIIhr$vZ<#C}$H^YNw1TZ*U42yjHh}(uXKepaC(N zfTn09$#3XCi-Lf%&T(>0k{f!`?{#YM$nXM{Kqcx6tc%WSQN;Q~! z9;Fa*@!t>#W*X8_<+&UYtnL0dB&>JNWIFOJXUv3n4B2?d+dp}h`v~x7o01@{Oz2GV zau*_x+yGj--hw;1Hs~74D2sBlOMO^DJ4Eos-d`Qx0Z!p-BZIfxj6O{-`hPd-VV_t@qmXqnMeSz zRVljIiC9C3?)_`1Ey|^Ykf~{-yo4zyQLC#|l#Nh}z#VE}$duC7q_o+%D;Z$@ooVpS zbS`kAtm(yQ!n_$4k4Fp%RUFc2R;9X!v&H-2nQ{ntrft$=-J4OHZDuW8|$xwJj&E+k7q?&ATnA zaWV7WDp5Pb>0ZkH;4|n};XWBdP4Vk6;%^7EMY^7mUfpP#vH1v6gzww8_0TI-ZI3cU zF%qi}nYp`t*mqc?%XcR`Sv4xV3Jg>A=A?{Hx&|QZ^1wI}I|RkjScu=4J9it=B%f>PmQD#Wh*RkKNl8S-%+WZtt(wmuGMsq3<8 znES$Mu90DgQL6>-m1h_xekptCIu~JgYI~{V*lyc`d}B(}-CWfje6pcw zlI9uiwn=8ABYkW_c!U}}{w#bkB{SdGUW)|~3?k!gNo;#9(5H!s#H&K)$eRc>RgLkA z_j@6dF?Ml#OH(bY3C8ritQ^9;X){I+5oMkM&!jaPR)7m|*vYt>lfW zcDly>ZdpUKgB2zrN@^L$ew+bxv~CJbZIh?p>#Z@`8Us2;0FAh8hie%@vrMEuHjz%y zc%RfSSwZQ?FbUYczeLF|ElxNf`$HK>km#w=eU<<9V?}UoGiEubRfIdu#qlTQjWT*t zhd#kN0>XZB)5?f&QN4iP5H%zG2u=2FwCdaE6a?_dqj4=C_2BgB^OtJ@S+xke4!t2r!kppDz0B=6> zc!fe&d(}&B8qW1+M+dy@s&}edOQ^#{aa#1y(<-2NYg;?E)ow9j3;>LBSscvK5)QM$ ztCzNL)2mu8>>4HJJ|2#)3SZ1A=rOspYm^E)T$7#BLxy;DczEcOhs07ja08Eo01`-D z_~rs=FGK^eJPB4tS9Fs>XsV#k*a>L`B!V1iHf@YCs;bXp6@)fmtD@2T(m2rM0dexgS`WS#~E$=>0}6PIIBrIXBM}i8W&P3>Cd9vkI9V0 z7kh3+Hsju>3AW+Dnex!uw{CMz0sKA<4AiS8v8TRmjMU%8ImDf;`%|L@N|4=zkp?Rh z!wR=wc~wj&{>kgP_~2ykN$eupzCs^9OC#3c>&fb)yG{Bl{`W5Do@w2*{S#<}D}?~U zj0fO1v3Iw>JU6D6nFKnma405W!vWB-4ktl3mE?08yyc{z3hAr+THcGBijl3H;GWVd zr`3UmOxSXKlG@N1F;*CYT}y-V*vVZFci4@{pWOmjZJ`(khB{I?YHC!~&Pvt8xjfAQ z?2r4P_%pR~HECOu-|nd&(3hJL3ZM@X0PAbiXxUG@Xj)s!zlU1#L*=(U5Tqc_IG zX;=#=6#8C!JayGpb>I6VUzYzK9P+~P%FI^t>iwse^wMI3N2r|U@>oBotP*MejgT7} zStaiSuYXr=uV+;I0Tr)&U(@s3Z%^+(oc_i57Z(p+ID7bL{wOSZO}mLKTw9jA#7Hij zwaxq%b74sXlez)Uf-rFyY;=G>3iGq7te{J+U1tux-0hZX;60l-c0ElA_XfU_j>HRV z4y283=C_lJ_%lmD~;ps(e%Rq(yh}Td43eK zh`X+!NXX)WR}oEQjMOQ-EP8EGf zT?6EvGU@BLif4Gjg)xJ>jrJKhPnA}H=M)>>l=JAC#?O6@)HwP z@l2mZ?A(8Bm}dBGgE8wr59qP`G322M!^N*%JeG*v&}dNE8S(QGdooWsFE*vcN}VqE zyLTPD_+?gUl_1gXwqp=Bj~hHX{8$wGcBpNvLi7)E2#HjY7n@;0;OlF9u!&#^3mUdz zbpfju4?}U4QL-l)vn^wSq{dCsPMbI!_ECrPU90BrIAnER0qulu@OmUfK27uGj*r<# z&(UsRt_8)+9!`ATMKTH6wlsxN#o#7+?wwv*>>TeFKTZPlcsYkAT~yezSYL0@Jtq6cR15{sH>zts-UBJwrFu z)h?vsG}*VvWwu3e8}l!^$_%l*y1a-rMJQ_esWImKJwyn{#>3LQtpZ_5X?K7NYx0H& zbtfmnC$YATH@dpD z^n?S!>uJ)BOcDnw!E`qm+Ea3OlEa%Mz|s1g%O>^x>9F@T7RW%bb|uR)k;ir#{wrX}~d zvkzx+m_6U!tS0_=(}FcMZ}{%>d9+e{J^!I*KRh;hp}{+*T4x<0&ZPUczbFjy5gP@G z#Tfy6&*$EA29FT+O#_m_*oDam)?s4aY@wlcs>*eP+PzDvpT} z==&m-9G->j@i_%gZ@0XSKI;iXN$^VVh=YYsYZl+rz+2`}Q+J1%_QN+nb{lvFFM~XT3z;}=8`yH7 zga&zpH&qK6IS(pKr2tQPI5FLNczE@9@o5C^NqBl2R9Zp%;iWO>x1R)E?fh8>p zz=Ul&3X#-H^3DOp(2H)Ysrphym|p?!tYO&do(7-Gl~0W&!@715RKV%FGm6VSU()LN z8KzVG3LFK+r|!?4J(uZ>)ye7y*Y11Aw*ebFNW_^1qP@SE4ewkfkQllH1WjFy4@&A5ou$t!#f2sJkc8qrCc@EnIeZ54XNwp%h!66-x!~pE$;EFDq^> zU6A3xxBa5yTHCoWzH%Gr>zmi_#Ffg6O_`4+Cc779`2p@XmO}>E)4@iiCsyuqcZw~s z-9zQD=2StG<4`2F?AV!v`6SXk=00-hH+HhV1se;9c=y)v_!*8~ffA=^THGU=Usc%0 zEdV({v3;q_(jNMn#orlmYDv-8x7c+skER7%^ubW=BMwFi9`~xNE&Oro?4BaVjv)ylgA*QyO6T?tN zSgiB&+Pu<{rThv@pw%A!gGQ6wdxwqdf_&l~MDKKu((LM;Xcj)#Ycn3U7&@_D7Z768 zA8OF!ellXp8x&~A=7LXf)r`5hVw_}t-U8grZWzp}UFRp3z2omu_}31A;qo*=)7{w9 zW=ACmg`D+YT?NJObot^le(kh7>$0=Rqy z_UMTYGha&fp}vjwIYC^B!HxDiDJbsMtA#NfzAwt2N%zgAkQj3j8HMn`lz5d(al=2^ z!CBcvEViq!=_Ovy&Ji(40&AvX>zlG+eta^*J!Mk9l=7!Mys*vs z9EH8zLTUIl?;T;~T$GR3RPE=^-J9=or{g_0gY%SJ1a|Y>@VR%@kvD4O(a^W%hSGbo z=c5Uu9EB0!h!AkKs^&jRl31NnSB2aa?m#^JYS3>|r@$ZYy$d$*As7GHQXEl_t%PZg zbpv}J2zcexLj`pWi*@QH4KtHS(rF$hFt!r0Y~8+ zvllV2gP79^eEiEiq)=h@acV};uVLR-8L*ZJuWnP0ihX1H9SECGBOvB`@>IuAc8l%T3dAZsiV^4J#5uH%ErR*iw;ur zgn6n51n_xb*`8YJo)QqL{b*YdZTO*CEX$l&ImnGU#d#Hnc~}tNZ-zS2=A+_O^Gr89 zxpr_Gd2OO|BQG*QF)=x3%z5~wp7W9~YJZ~D8!&5_wv;YwjTh|PRUD$@N_6qt+40a# zN2bgOGYFM^j@tWp?XDe0(c%5_&tpvQoS+=`vc%N!E&( zC8l8h;fAHPd8vraRL!A3Vh1wOmpO-T{$G>-Uz7h|FaQ5RV42%_CAz8+!Z+bg>HJqz z)Ixw49~a!B8p*5AQIDn8);yp;QQI0)+|sOr+_u%Q`uez}{d$(s=X^86^-ezxusT~x zO!-fANmKTTZLAu%1p;PydATq;s^eJJeKK@qH^}5BZY?9RDT#To)+5g}n;_nb6I*^Z z6EplL$);at)`tF~fQKOvVkSYj_>rmc1Mk(5eRlyq#_!}ahjuW7zVccBDba8gQ!YC~ zen$?P+a#xri#y}kTjp=g$BpkrOz_WP)05b3PYY>boBSN~D4nR*@JI)NO>sFma|?Mo3_n(E}DpxM_>wxiO|`yH)f(`~BT z#JhNr+;7d(>X&lD#K_LotN`1_rQVvA_cm#_I#C4!S>_}(d;dE`OM8l)8?b7#Gytp; zUsVL8g-I`6ZT#G$D zvAf7h6JtPN#ep)NC^`=rh?HA3tA2u zJCVuxdaCT|lt=C!TVKwqaY=IEIeyxRLXwXp zzUHer*2v8iK~p24zHScxS2s3MOkOLgO7%-r(pV{NLQ8`QQ}dON)=^64s(;`k=KVD6 zlqlsFulrh}LeI8`;fSHP#xO3SewoUhZBV|3v4gBxLC>r_& zfDIDVI91;&9)$eA7t_vp12WIzeSw4Sx=!f-q3i6H;(-6q-stHqsT z;UC|xmFTLx(UJyuNL(%M&-Y#<9cNSrO(!CzR#WDCuH3t~byOS8qMofVls*Va<|rk; z+ufgUn$mH#!fG7}8gn)gJjbyo)S~N+W$N^e$Jc=W9AzqQsHZ)LwSH>0W3dvGbP~27 z7pz%@Cbz!muM^Jjb*R!Q>a`-c`8&wJH^}k7+aSUD&vIw%n&^fHGT zP3g5EnTXbV#IOB&_NhOsh5CCdv1_MW zJ77`YstXrDWYPClvCYnVQB&#ImN) z4`uB)pC8;6KZlz3``x`uT&*WjpTYs24;AH-7@ z>~e_jW~t$+Qf;#=Tg{xU@0&|Q{&h}@yG(Ufx>P$DJ>+5X7!3Zya00#JoUrW^oM12C zdbG?V66A%sHw?zM_aKdPVdGyoPr)MAr(dfs&8Pyl`i4!dPAS`B4_k9y#=d_I>vq9y z44!oGz$js77CqdW(sQ28-mF;bc2GBEsk@CIu|LK81>_s!m0P#dJ+!si?WlpyN7-+w zI%s&zb86=glf0H&NT2OtE|*QGdIk)S&iCwzW+6tHDycz+fz7^nuZSP>XZPC%&b*9= zE+5zn!}K<(MTP@O&%)B=1~3lzYX>XRQ6qNt8}Rbskm@``hzj;kyK=+8vaBc`-Kh8( zJ)i&{$S6!U=MT0Bf?~|Gd`^km%WPQ-j-@*!ql5^fU~C^}e|(;~7wdd#iYS?4D*ok; z#;Wtj5rt>50z%mB2EvnbcVf&<7u=S|^s=A(PUK{%&6wQ0PqogB8oj+vbckS{Soxf- z2bI0F71t;$G-hq^6=}83VgTz6=ztz4q6qJ=8%oAhS3Q}(q!yia+SAf z$qs?u3-lN+%)|lJo@k2bPlZu>dr(|wBi1Ltlz709&m!-{kRg5a+A!8@6EhZKpE*i( z#gOv`jA?NK5KVAp+=FgXGwa|iUQXA2j3^f;7bY%11doIO%AD;)y=)0*X z+D}x`jC9cxi#rg{pV%aVP@fOkT4Dnn+~mx&V@FnHA5|{FsRJOacao|N9Q(x1YC}+A zIRrNL>N$b+Rciar9fHE-V%CVEU*v8)L7kH2tc^Kwij`yih;b{A9~s`qxZO{8HWE$` zd+8BQ9oJarKnQK(Z(1H1jZ8sPT)hPJKV zn{Pu}2k6mnEt3p`CE|eu?Zz=ZXqBw-vJ>D$Xx=dlQ_>Q#^+P7Kx(H{ zH+Jzgq{>l<6Gw6!)3tp>!D2|on6)_NKErs3QT~w0e@6b%+u(!BdVZPn>|^5E``0PB z0ByS%^pJAcRk0C1c3#7+K~211hgf`45;q5IbSP1q$%sZyvY?=;{qIYcVzif3m9iov zW1zL~px6P<@2&j+&b=X}ll$~8U=M37#UZi2w*no(%%=fLRsj>Z#?^UbZUNDT2#SI+)qkD zzg>Q(hQ2>S+d<%C_lKW?!0Mg5F>%0rQVv>z4z8X1F!GZ;W6qGP@k1K&8prIb$xgPR zDL(8&i1(@flO}hBexr4HGQP!-VSiz=>GPethE=COygo=wVt5=WOzrsZ#WgHFMB00KCO+bucz-tFVX2`1zJ?$SWqbVeNq}9pAWhjLpXn zR)nVtNu3|ag#D4c_Y`b$M8tri(P0qJ6s(kkGs6AmyM^fEv&B{$g z-xpsmBDAvbn851^a0zfb(dT%q2j^;oCMmHSEmU#xoEVU-47jtmn;T1+z8@a(-eSgoq=htpRyR6K_0nLHdq9b}f_F zMsAay1yU(~Owqk`9Lt*Vxa<8-8cXtd*^{Vlu4c{IJ1YkVzgMdHy97dNpLW^=UXYHn z1-Lia;6D~Wy>zW!O}E?D?4`=CXq~Ca3mD-(qJMXKO!3DxN7la4Eg*7CJ}c7?#b}Qv zxaqOdYYI_41B!wKejyDe?5tO<)>+d-u_v5X{%gqt@P9A)Kg$Hz<|P7oN*cV=M<;)7 zK;xTHCTXN_ybjX-*n$PuGHR}RAQ8>|F-pWpF4Hm|4MsQLG&U3876fQ+{{B4P8VQc} zZBNOXwFcH{KVGUg7Im$l^dwZw_#SV*q_24LM0_-;GBG`5vLB4*{?eJ_I198g@&IaM z;Grf{WvMl)9-mGsVvsX?b+Zszo$PiUrnc(l^Aw4cs0p8-MeURjeylsx6jI+Qz4DtNJNRJ4u5C_%zeCJpb4E`Aq$ z#59F`IZx`GJ%0ZLQTcnl(OdQUj!1(i14Bp3(^NZ6QjMx_0N=OM;ek^8q0ti_Na6^E zbK)99Le~P3RvS}Zm*$?VspaEwdGk9X&+B;851#LX%#Izz-a8wpa4PUy+E-!I@iuAt zZ?r6pI>!;vde}S>j!G`jQZxO@6kh*4@xA`Q{TXD(?s=%q9EL?Ar?(CfHZHFw)1RcvJKHh-z+__?wd|Ie!>l(86L5 z*`8ASE^niGRN)!$Ynz=knE0+7{>9eQE!L3xNI7|NF>G^zSZ#GO09Cx`5+|)d=?~&Q z>Cv<1{t_t|Z#J7ojI+u?9}BN6J}Q0i zvuTp|Z}R>+m(}<3pKe_XzrNU+a;o_&T&rn^%DFbf7qQPYYtOm0>MI-lG?04E{m8P?nAMh5rNNG8`P?Z<0_cYi`xd@m|_ z6N*Y|vpmFm9NP8rualyJl$0_dLhDGJbfaxl1{#~Z*C=4_>}mVK3DGBa_>r?O8VlPS zqwZEWp^S*~rCv3LIEd-Rcl?^Vq{HQygnIh_k_yF!2D@ob}Ks=>OwV z-`nAw`BT?}JaS?yiQ4RVhi{d92&PfNot5#+$Wh$W0n_8oV(Mk^{NuGoref_>Z%7}0 zbiu6c&&!`w-+;v8pHrPr?}yID*C`)gnJ>@{XD_zqn8>>GD8_TtUx8>)y#~=MC56V@ zO@PHyrMhT91aZM4V#0B5I0F80z&?(pW@~Y}8?~x|=rr%lSWra(g{Qj`>9BbI@iF^T zQNh6AjLYz0N6^rb|IyhgB3JP6?>24cqVEwWHBTCU=aCMZUm7s?YQ8X^44N>_t}aMR z9m^;=fTZzF!o{7>H4bd=)}$texC7mG;_eijH%*6M{v|LPBOjCxfKbHL#vcXNc}JJ* zd&qCc8+LA!tas~N`8AM%|BL9xnjTlz0CQ(TUTuctawSzf1XjcLD`bgii1j^wiuCBe zG(8aeSNKHWYk&55PXwQs{n56_BX}XcHp-~=cfdxO=A`-N!U>A8>^6`x*=rSR{hIft zfy>Ba^(<8=zu!$Pfrmg|A;ltW$VG3zUwVA=Dx$$ z!YY(~ho8oQQ&{gJ(EV1C`_dk_;Q9Ky^c6so1VMlMZ`*5CrjSx-TT`f6z5m87Vs|FD zw+Z5_2mAxar}js!S&Tvb726K>tKdby{o7p?AV^Dh(fc6)x~K_j(+cOS;t!jtvJkY$ zn9a#UPabJDrIQv0ZWVIB85~+B2^2EU}(~7)3dp%Do*hv;J8L_E96kr$q zY!=zi_}gzomWKm%0Hj62Pj|86gI_Kv7 z3iLd@TtK1XFw6GOZ@@krb8NmCoyy@S^7-w#8#1zSw|_;vJ{Qg%GokhXmRR`>4IQ^{5>BNkINZlvE?x*+~t9R zj4aI^Ys%*={9ks*YDgUoFHa8!=00k1fM2b@A#7|a3Hicy zs^?R%b6ZqUX6YLlSc)$CKG5Z+ir}JlGRdbgt>S%ekd{H@u_uO9M|q~c?pUTkN^0@j z==4j%{i8i%y6}|y#^NXIA=Q{?tf`>fpx@^9-Ov5g7Tfu5=0(%~n;oq4Au7sGPdabD z+-!3ic}}^m;Jotw#~;s>rClmH(!1vVA@<23CLG&P_*I8OGxRACvVz3a;GHRxmF7c=kSqu=%7~J&;An}9*jJmr@$sj4pq{OY zjmlqa5nnS|1Fw|UIGcz5<`8`^{&F(!;|}hChWghBoBA7+Y0>x%zcc~dO0i76rc-kE zN)?T1G`A>tcn@F%%8_|*K{cJwVmf3QR%pO|4=aUe%Et6|4$q-|=Se(R=(?%4Bn)Zd2akuBKeMR_49?Iz$*>Lrue(Px`5C02YRYp`_**BI11PWB$<5LmyFYG7k+E#p%ubs$7=)hm(hfOM zm!hmHI~x2HC50+B4=^3PDsv?RSx`YMEhYmATTFgrg?gNQ``8@X`<00Nd#c@d#LgPy z$kGK=*)^C&ah^!YQZ3+;M`LaKVQwNC0%c9utsOvrs|CwXUcx%S+q*SVwW7*3ZGcO= zm}pgJeOy5cuvDXHV$`6K-@i&9o65$y8hE8o4k59J<%Fe*fZuaRQ1cP zhIp+^7@mx5|WrZJ~$ZAfi2;_Ri+I(2w3`k?K+YM!|itO5sHqvQ@IZlE~ z)GC=PUO=z&HpaGVMn|Zclhy8Y22s8_?0Fg%d((Ppbq228dmA78&NATeeR9l=4y|6g6m2BM#j57`;n> zvC`Hc74O*Ms>#vITDU)ub$Cf8ADZUh(%_5{APqHrc&} zX!$BpbgA}Y>C>{Q0u>4hJsgr3*$J{a=2{&3ad@e6{QR++G3MTz|0wd>cK<6r{tdQX z#lt?Wi*cZRtNhOk7qqH_0UY3=nm|02#_{Ls)6<;JSpi-G=s z)D*7|B2%rL5-%3dT_<>SXKX?^ec86&+Koz*Yp5eN+9C$%y>ws5^f}d9P~4Wy$^wzF ziWP?A_ey(z9c^q%hHfZLC;G5q;0S|W&J1J|4VORZF-hvG=bU{C>xvN;#}iZNVeDEh z)puaw_W#4xdq*YxzW?KuB`vYCvJ^*InVGX(sF3+8D@#+$y=Ue?aSy~%qPa3PGf^^g z@7x3TUbqJ;ZgAnki2`4Gf6nip-`}3&^FFu7>$>j8^%&~FgW12*&1qt@nA%Ef$4*J) z&LzJ)h#6EF!u+Y}t`Z|nfwAR4_MN{a*)i6<>GRo3&ZPa!0K4>viU|SbwLYQ-4G#WMe#%&FNU}K5{L=6F)NSZOu2X%fQvaG%|8A zQh#d0Mxxx*x!2F>+B?XPMn^C^$aG$4=|9v_QGR2g`%wsF*W6F(ANnAX$wKL<>I=?% z|IH-={G~(c3q(SXNyu%ZU@Du@PCNr1#tVMwuh9tcxgQ>W9`NMKWO5f1VS!TTh8tYy zcopenhRUe*KY7Bm9KQ{sNE>ml(2;*MiM&R_Yv(Fpk9UC&z1hEYwn?S!AyB9Pkgn;jF|;qNba0$wj)oq$9nOxOgev=0yXcEkk5>i7Oo_6)LYx`h5aa8m zBuS?O1mw^VhLnj^CuAPr#?KlK`3ac?9JQQIy71F-DI+5B#NXzCxXJ(OCw;nXCIqMV zHzqRZGYorn8rcRv3#c0(N%qQ4(gbAg6&ES&()MUad>_~+spIZ#NSYXVg8kUYV9LXs z2dGd`-Q{^U-0q=__=4lRr4NY!kRm7jipO*k28KD#f!brJ^&91=^+Wp!&zkKC@2VuY z`J%_u#d70AMe394I-rE#VzEpq40`;;V9Lc@ez(3-Mfxd1i``;N-(da*r&?{~IYoyB zeB-SJ!*U%z2F`@hwnt~LE124fz?E(&(42S(-eu&e@`1f~kvK=lATOODGZDW*ds=EMxZ#s^)ZQ9H0HgCI&&4~K?Dw=m_PpV9@H1 z0O#b|+qoGljymL3Cqtg=3zrC*P*?=-o_r47^1GO z+FLHZl@dmQ8gtcnxN_YOQ)+2%t*0`En}(_lwTryzamrB74(zOX?lq4r^O<7454mHP zB!SZK6GgZ$@RA1IEX3V1O^Y>TS@lJq&=4b(X#7ga9n@`|PMF7M4CLI(^H>p>(`2T1 zgjcfzH|0ZjYP>Bp+pQJj2{lB0-6v0tieiud(!u)~$==yX?s(flt^#bMjS6Qoz()vo zGnpfF>u|RC%zE)@mo?wuhP!yfv7G(N7+D(EBZOU;`odTOAGqj1T+D)}fCP2!7QqxP zEVzt2-wJBKMM?ZKm;v@S?H(;^FBWZ;h>~m5AqMky)(jNXMu+yNbB~}9$6V|@l~3B6 z{}?Cu&E7OHkhQ=;$lY1O^DH&Bmu!G5phT}9-0r4J@-|wix@Tpk6?Y_-*%M^VD>ZqZ|y0(x~dD2*FX-UYqLw0Ye4~Dm0Dj< zhn5l|0ZF=uuoNaar&i#Mb2Kx_= zbt^dOCR6UQa15v4vGJ3LA7D+mfnU}ENlNsp7k)(?4~zsG4u!qMO41r1m6dHC;-7q% z>sLQjAhysfnGB}91IhrzciO0!z-d*^HAQ(Tw9hrP#I#ikU zri&l4<#q-epzE&owD}SfdjEIGmSZ!5tPROUl=Qo-SBm=e2I(h++2`C&6Ar_8nUns% zTVR6a@<*;>uMoO|)DdpSJX__VSk;To$7>lQ?yIyaQO}9+LS4?0GUH%Wq!yoar9co zBbiAI+^-^|qOH9_95!X~B_05FL18Z!9hC#@l@GcEA3EeA-Dy?3x%1QEG z$x@6@9@+y?>MQ-*WgdVbtxxC&0jedHh3{cWS5RwAdkc?g6Zh$1_r#5dB|M)cE4io- zpDe<6syq6XLZ|W+Z+R5XxL-exRB+BxuOxGJg(e(gb&ukCpfu~v#dF0I^&T-XEruSs z^b7rWTcszCP5n@D-Tt(@17&Y6I@q z(*8?PAD>p6_AyT);Xmw;Chpem9pXmKvU}Y7OGn-7TKy;Pu~t5Dtl#eDRFwV-mswJ0 z#P63ULN@{Aq9aE;PIPI35u#(9TqTUNE2yK+Rf&GksY~CkUP8M!jAxWRQo|dxKqh%B zNRfM`1=@b4Z6==MQYx*lFK#IS{6n2!Rh8yR&jE;PnO<_Ln#nj)!DOHkrEYYC8L}Nu+tj1Rszk`_* z{4mzs1l-dfM17v{hioiMWe0lr-13JbV=|o{pVv^La-TYGJq50A-TtptpR~T>WIUxY z7mu)-VrTuHx_rsJftmt!d@1)EbVKtVVZFkzEb%iLSyd@$@}tpN+@-Shd9quZJgWlB zg81EDod@x8!*Ij-@wqpj-hck4^hT@CjfEb)C^HtgIDLnEokD(YA!``&R=z?<_L z^MA?~L!VgiMtD6YUiRsp9`q~GfW2Z)2ZKPKsy|b{lpY%3D~FnF%0_5uNYti%arvf# zKNZ3O@`4zApd8QKJbgI%EsWer?JIy|810WlJrRM|*wy$P^@5YUpPLog)R4$RlVLJxrQi?m^Z@cdS3LW(5EPU3BRq6fAZb{Wn=jFyz zIdULJWi5dLYx`=5OBa$T7Zv|cEVmLp$O_=J;b|7|Fl=_pUo}DdEiT1`+kl)8{y6ZK zG(71HQBNET9j^1FmX$txE?+4zQxp}NahTl%;-MXQFbH^-@jeyqcAB=X}2k*yj@2>3Z`f<#bp~q&b|z$ z+{LA*(%MkiX=16Bf+Quh(idu5c$FPm_y0}UHdj|am*M!R-JByaI8nDwBbe!}-Fzid zqAbRX!~17qd!axu4onLhEC3fzTj=q;ZV*=-D4w-trG9M|a$HyePAC`_^ zWD3h76=c3vS|?n%Sd%Z~+J1n5r%(g@eAuq>?uf8$RTpcKOQ;0sr}8 zR(N6L1!!5^QPNqtc>*M}VglpW`niM>7WPWrY%{iJf(|&hxZ}{}W@VBOs(taD>g99U zFZy-$kd*-~=ev3_ZSf_n{AtaNLr@}Z3LnmDv_g_}tKK@c#?)S6_-;4PsUH_DWC@Te zji@h}1(&{PLbthbr^wT&-to7n>0+oyzc33+4=1CIK2>KY!dde)mg`6$1PsjV#a zQqs!fnP;OW(=r@&CoW;abj}ELp?f+ae%2;(N|&@Cx5cJM>3c!QzFtEE7%Y<|6h;G# zmgG$D1-o|`5C}lR0knightcHTx=O(JR;^IoH>Eg-FvSX~MxOYW4jV*opWnby#9~?E zgg5rtN~5sxG$jRip#J+_Yq8@@#Zah>j5BgOg^@$+XVzhDHNwYuBNu0%L3u}}fq9pD z3C5Q;F=1eGq(v44(k!dD=48rOMX~ut&U!T4m9E~88E6EY$5(!`mX@S~7cn_-<4Rwz*{!ZWkI`7JIE+ts-x@p(zg>Ue;-b^_J)N z@K<&K(N_V}D{qjhsMQ`HH_u>Y4>xMzJv*aoVKN*~kH?o5!3*vc$4+CBEdFkGUFqh| z`~{XEQnTgfAos=UON;E)Keet^Tbm;j%__5H1k`rzJ(ItA8-DXj-NK^|R0A(fi* z^Xe}s)-M)RrFy|_x&jXw%zjZW1t0sS9DaOmg}S04y(t9v_(^PGD3&E?%42+pFL>R{ zc{`fLcPN-8DraW%M0)G+^o}kq3e9!L`6YWS2_*=DUClrQ{ru~OgJi{;LKMx9LVhmFI+ZOMDn`xJ~P(bR9p<#?xuvv=`F zxBPDVT2M?$@$*O>tgaLBPlVjkD1DMuZvUIA!7AHGnV+PzB>BhmSICF?#0vwQpm4Y> zLUc93+rDKWIi}3C+l`=>SSiNzT05DRCnq2yI4{J~lxBjzgjigV8bOM6MT6g9sl8>` zC@;RRHd7ybO!~c$_DnqekxX99Zdc{2sioAQ4+8T{7HKX6&5Z~g0#F*|S`-4%S}RqB z5W|d6<$K0xZzh*h9mltFx)NgRqn>-Y)S@n?IZ&B|eX0hvgCQM*n1zk0Nw(`1sj!<2E5tKWL6A}VmvJ`QAA#HJAI>YCix9pME#F5u9cS;=9YmeWqM>X`YAZC7GHNY ziMrfWmxx-aq37Y0Yd)(NwB;bo8g5J|qUT)f6?pK?CA5~J!h;~POB*sJk5=v>RA&wD zQF0A7h~7Yo+GTDLNjA!>i;oD@+vS9nW}?D1)ax4A^*7&KCXW1p@*63B!@>X+A11?_ ziPX&2=nh%uznJ-k*0G>5mI{!)@0{Ll4XBEdea`v-niWZN#_~`&(4PW_+)=xEV~?A} z<-;jSb=sG-xXfZ8>fBEBc6M_5=Dxh&Mn1%id8rcrmHF&9BOzcf_3NcAjSY7LP<}sl z8O(6LqA7Tn2-Dc0*ERzUe>HD)k6=)-kCvFh=pKhI<>XgommemaNRms8ci*wi$q?an z44*#2P9Mz&!rxxr2G}0nVG;{9PPoA(R>)l>*+rLHZbwm>-rHVO^lCr$tsYfQ+b6ot zV%9`@su#8wi42)yJv3i%vERcKU|&SNK4h-=vVXtnOrK^YFA-&nZ0&q5yUXx65A}Fa z<%)q1=<1dImfXJ*PdZ$e;yfMMb*A9rI%`WK02ee9gWSPPv`rr!kpnsQOUq5XovXK~ zc6dFR$v(9jVzztZYW~Nrcw>TguiV&ooNTd3lHYTKyrzpeNBgBQAB(|04tYuM5(hjm zzS&d8NNI032Hm}3ul2va4C0|N^xE>RwIPO?S zE_PV{L?h4K)!Ad~QwVuxH1hEwk){0k%;f!^%iLt>rU~N@;m^UwL1S)F3?(1pFP6NatwmUY49L(#H7>4 zR;2O|4Q4R}g-M9#kp+3$ZzXzn7a2vnPb-BxoHo;CF{;?X%!_clP>tN#Gf^z&X;qOvOM%k}Y=&`Pg zdZ;^Ffl*-EDEpkq``1AIxsYorYdu_0Zn6A>M?I?Cc5yl$1MG~rLh5@?AZ0j9DUx;> zmH+|pdr<`B;;&BKL!Im*Su_1Bc%La&o4d6~mEZg>M&FUz&G|c;QV%}cy}>JVk0rM# zS_jEub!d{`6u66-1t&KJR2b$fqY^=Y5Bqr3hA@tIMDsPe)ajM8t%t=j=*5}uM+Kv$AVGw3Uh_l z&kB56YE{;yGPzg)8aMBai|APVTZ~4Q^3i0w1+)coHgmmOr`>Q<soFsE5-W`RwqmPM^SV-^wAo7`Rm=N3PV@AhVir0DFK= zd|63EP|~N1lF8f6gCkIHhp);`TRU4Agv3GpcR5RLbZvi{7(!OfO|I5Uv^7w*nFA%( zRsfw3RADt^iRSh+|DqFYY#=AOX&N0+DgsD_iW^>{E*$iWRh4YiQ{SqC@U}6vlB|C9 zW-*6CO=>1fyP@{X`P1jyE)zn=%y_BScnrPmwv-swuaw-lpt~vtnCGeop8CI&HNa<8 zUipY?&e^W=VWsD0=lbWNN9{`nOsy1?3M?wFzEH^rhRz!H%E)>Wulzwn_I8qNmRkB- z*%A3Wp`zp;iRPg#R-lS9>i2noB&(qT%?y@XqI$SsMe@4X`vWeX?`(g|Txn)FO~he- z=KuF8lIOBAwch=Iv$%TqKLX1jK`QTi5q(^6QfqR5(gu!9+<3MwHFCMvPXK6Q_>~@> zb}^FeF$S}4LG9CyWCOdj5z0WXdp%r~**msUO)PDv19nrAWlIL{F*(-9{!RBNTER)R zeXATd-44x=49xsMfx@bi!dXXqYO{>Vk<+nx6w~=*5v##>pwt!z>CfPq=Lq8y-I*(C zVZXDHM6Pu%8Rqi~k8>9qWiO*jq=Ulk>L=@!$1+p%*c|5hV+MG`V?FUym4XP*3eTMb z97K{j62vv34P>p`DUBoD__}yNth{kS^s+jr7Q|4v&g_!Xm%IW6(><-0dh{YMD(G68 zI&?KGv0vo;1d;RG2@@sD7ea;%a3xG`I}3ECu;Vz^3_z%5c7}K+fRsE;c=VC=e}B{^ zEvTqOOv^jF#m*Wr)4V$7$xg_hRXA;IgddQG`28sX2;5CBqxahh@QU&((u8L)e1q&V_l6u;gnb0d z==Ubee=ZvgN-c9pMdIm9CyVU188M+`pY=-GXD$2+yN}CbnR($1b~!bt*4R{!2n#>} zsy;{60N>gc6}xBp3&rc5$!IBrGAK~kKbNq6ri30=Vw3EZPA+&PEI6VHF1gG;3f&tD zhWhvpzLAmg^_}CuETPUvn>aO`q1`lhD178`oGyj{JGv3Qa`_{)RO!h0V12i(_f3a571|9<}|BcBunB6nXwt{6DuC`Gefq;i4S*~wiEPk zg*vt)VUG0|u;;?;O+xG=Q|ew=^R6&s?-Xcb$u33J&Ra{jsDr(R4xEJ-hHJyV_tZxK zE^tk!< z%1OIvy4(f^1uVLyLV0U?c1Jkqn6XwOZNwX!M&#ZvHRu|Zi#H(vvGm~DB8~}kh^k}j zMg*B1p0N6L>S)mb@4$yZ%DZ;H^644|Or(q&;nk{^YLcf%s4h~qov`I1cnyy^#=Mv$8oy za5poPg& z=pJcw=*?s3H4^~9<1l_#vg)Gn!vjw zXII2cdsqm^ZRaG+hs{d8W3T1sj^vnBUq>y}?rjc|k#)<7I{KTk1_sxw3{>dksCECY~3MS-3L~p^vLcd$G+x z=4g^=Y8z4gT;|_;x_Vs&szwQ+S(ol%RtvD{v~qRdzf4Y2;RgHhsVJ%W;vkz-IQBhY zyUke~-vT7jGrx9-goMQSUQc^Ce@jqW0b{a|d2wB~xi*#rwZLu7cX>9?{Z(t_D2OyH zJ=yewAHUSx5uFnBRcQxXq7-S2Ea8!t#3zK&iyj3_Rzj9>ltIoL_|{)h(76V3Q^OA# zNTuew?hc!JBkxTJKYr|vj7QPRL2o>L_ZEaUF0F##R|&?HsN`Q%jFtAqNJ7B&3G${D z1JC6x%Vx*K?}gM#Qk2wy1eXP3h@r_$pVzW58LMudd-ujB^*ZW*Z=nRAuarxUeCxhu z#^7>IAaAA1#pDGASL0M%WscXvfTtoD>D3tExYkeZ*ug%1+&{yOD6jU z2g2^pMWCKfg(NA;n{*jcqJz36sADtZc8emJ^nQQB&)*yZi*tM1J|lJX>TXf(NPp!E?BC#>2C<)vcJ#(r$g}U#?fow5%%>)ltTp8Hub1ob z{ZEyMgP?t~adndz+eao9nrg`Yoec+VWNT`}&jWeua+wSGXsvjnfI%%N#~dbLd7UP9>Yi0L+d{v(G0k^6&CJ8#- zoE>*h

    {nWKY2Au;hty_Vs-hp)ZgZjdBEQpquhst$%n3J?)b!$hCU930G}fj z$iR0#?>|O9djal*<%}|H&HK%cjeVI1rKr01@~;p=^KlNK(+|0W5ew?uBW8Jd;KGV> z;6rmCvV~x|`u74c#6c7J+o}odm5L`M6NEzXFR6ydD9n2JQk%%l8^|0Z z7?LPJ{x(YJYtjH9O-pMX!%t*hhPQiL`!UGH$f;T#)LnKXXC-;kB-pmr1Lk8*J0d5l z`xdY9HfDb`0UUhM!cre-c;dstlW=AJ(>N!g4cBaix6 z$m7fV4^ANcW$O>>=!-IVSS{t){TUB%(UAY{Vrk%Us5$Trydv|9$u&&veI6peg&g45*va^p~Z-g@=%=o49& z%6F*siUQSZ@yZEqy#*na%#g{-0-&WNG+s8OqSSak@8(++Rae=v;m#o4WYQGe|k<*c|QJfjKX! z=Ez^g#;TF}$M4u{)BK|CzsK5Slpl!HZ!Llk6RRyj?7$!+yj}~@^q(GnS#!nm7`EI8 z7$IiNSvj7zKRt~!o%Nb^`DBxJL(YBa7Df)M#n+Bl-!x1Y(@w_OZjHqx;#Ml5M{slh zDFd7_eNqbQzZE3=NzJ>KR43O_B!#3j$5)2V`>^Be7p|1{X;*q4QQKH~5KD{RbdI1g zqLr^@D-IOr#aHhvAx*rzAlnc)|GPKx8M3wcc>=v(!kV%Lu`(V@X$uaMU5Xwb5re;A z>@u|+{C~(_=(gdIBEqk6Axt~#T{#F;i zQ7e(_iC~ML+#rQN;kA;8raVpu3EVzyda_8O%&pzCq+j`f)xrQYS$5cu6q;u23dpcl z{t)!){s+@hg1MX}I60>hYcjl`4OP6h7EyeglNS&T%Pv_e))PnHo%=|%f%vU<7C2

    ezu2*Z_We8+S?80pYuYAD&pgexXJG9!*uR>o4BU&{~d7zHrbFpn$t@W0wN z{^`K$T)tF3kte;_(^^NH^9BTHw*J%(22C@IcrVxgn5LwoJ9f(E5fw0DT+VWSwzY)xQ*?q)O=S(xJFrn6P+O*{o0QSGnl9={uI{?ULK(Acp!7kNh zuec*eJPNXt z@{j0WVsh}==P$cL}zhz?Xu>f62S1-Dc46&yjx(*ECQ;@@Wo%dmxTb!HAt)tW#I(Y;+udLx5x z;=-1ruKmR_TEJtzkkd~#o-aNB#pW$z!u(uK9)g_8=McZ4m}2DGnCz~}Go$BCTrN9& zK~qTuZw|$ONW%Y+zB`yGJ+*Ag59vxLyhDjV==r`=h`~2xrocaH;>_+7CuM0qiffZO zM=}R^bAQUsz-J~*rj#4F=0Hk9ypo^&^Ao?D-W<_ZJ0Xo(KzX+snCN?dls}B#zgpnQ zlip1Hgvgm{v#UFLcVu{Y+?vG5H1a$wRjK`SV0xExt~yK2V%qDhK%30A{00^~yD8lJxtb)5O0_zXy#Q;wdDvwOs6K-EG`3*{{<{T7kjWQQD>R&TMv zmSViI1Yku;qYq=HL2Gv^7n;%aW~PsDFQaiqoL6O5cBnOxdV_HtM#>2a0O`;FntXn^ z2CK|D<>W*j2PYlC9H}GG%3o}TF>CZum~1hYejKwRK4pD0z=A7bICZ6xQv^rliPOG2 zDSOPzWNxztjPshjcKPJxbamu*f<858>K;tx*3EX`s-U~KbXJb$IN7=Vh_pBrhe*>A zFgqK^@E&%p1m=s3-m23^jmvJf8l3gwn1&~nSjZa0sTVl&ME+OaD286?a)c)6tXgLQ zJGT__9|bOAi9!Yc872dTzFoLR6u%2|TG)_+4d2LS64?B7Qw(?Ad;CoQg2Qury+_Qd ze|oH~#qDrqtgJ*t2(P-~R!r>W!gWoex{}>AsNnx9YFasob8dCAZ_oZ1oB1WO&JAoo z6CbB$qF&<#m*4N%eviCbb=9q}peca?Qp??X7mxs;S>@D({ylcmjg}F1bmA|ralsr8 zc9Na2cdxvbk`sRskv+=pz>D*0rjfobcJAGJ!2};+nwAhT=jjJxbHi^^{&Pqp{HPq> z(3xs$4F9*HKWdFyRlqO2HOI0tR&olmWtQkhjM+~%vPVg{v-n)WJ_54 z?8G#?w4KXba_q~Nq`ldmFAW$+o52N4n%@VJPrIE&^E@&`r88^%_}okI%%s zC@l|KLGv}XNaYi!d1<3%+lSNGz~^YUllHGG{(({&SYN4e%lp0j2By@bie{*tps(DI z>{3Aac@j$;oD5#`AjcvD@1Oe%to*;;4`;X4<3p_X2DgCWX^S#R~sKPhU zu_boLWb;|`4}1k1jMnB13&BWBk?=gA;}i&hz{^QniY*@1(Kl^@2cIN4DQ*!79NXO} zY0LabWj&n{z}{rtj)iD@4?qD@(KoSQDc@FQH$Q!`kEn+mClMb*FUlX4keFSA={KD(u3mu_>|9o6 zwm+YwqpMP8ib_L0(srG0FUj@FOxmnNL4GcK(e{vVlW}8#^G*ctH9`L9-~>QN`rmV@ z_ZsnZJmo(*#E1VOj(}eFN*{K#9E(KMx4}JmY4;Tu=x?@J<#77KQhx-K#3l9nJJZ7* zb}GY0WAO-6zJDhv?%^GKy%)iE{2%_c)iu;`st}z&E86}{L!(CLt;&sK*+9Z&=ze5x z(#>mbmKtBp&(dFlU6s$C}LYX1#JvMyp=(NvnCl`G(P!4 zglsu^%({Myz785gmeMd1^5cx(k6g`-7VXX(u3q&mrx9i9LYYvQK#_i-sSvHPn@y7~@;_1X86#}Q#=8N!DiGFL) zpx0{_i^aw1x=g3ax3N`Sc=(7MWD|t5qKGHia&1i|4+bO-$_)IpzF&g|);tFd(u?3x zX&SxpccOla8}C^vp)3>(eFS_ny#>M{@EeP*RnA{?MVj`hF|$0ptJk0yvSrGL`6UUaDqk ze-kR={!gKMs5=0Rt^(}>jt5h^+aJ`S7kFrM_tFyON!ju}0zOYh$Q-C128 zjGxQOohkM^^LkGeiv1R3T37oKwzK`B)wsiOIMhdRfSfLsXtCBFD&a9=9OSa<7u`WK zfR#jl?XT>bkyUC7dsZ88>XE3`x3&o5`l$-0jfHWIY^3Krx7z`lF3F{6hk2RNzx6rg z)Z6MPoYbiPQf zU$>)#3*0CC>Y#Sdp(6)=esfBtO;J_4jhg(?b$LN79Z{F`Tov}2=@EQ(<;?T>U{*)|Qx@7<3Q?BUyO-|2%5o$UlD1*rkNeYW~SG36#Hk`o&9`?z^<%JJ5O4*E_^kXa)YB^1dg%~brS>CcNZ1$sYg{l zsWxGoW%v292AhzrL3w~zIYG?3S+G=)fLESnk64-795luY`eA=Buanh%tA_~XX{y^H zQK#l+Cq@U;o>&p&ZntiTLx|l!Ip*6UqK^0~pxU{*(Wf5E1y64XuW1}YmJu-uVyWz| zC-Z0XQ^|X40 z1E8P0aT2OVu80a+Q=?aJ)+(e+K*Zxay!_2fj&B2eSL9%w!4kZkYJD*ZYVi>k`ZKL* zuc6;Z;U`d$ZSX}aPbHExeAGq1^N%6xXv(eV>NV*o9&l$RFg$TEVE!~4coUSEvHURX zuu84hLSf%lfg&`DOtIYw%+Gza8lgS$(@kZ{-IjUQ9{}G;YvW{&{aHCDzJ)s!XGh=B z24_aSJ@-tszsB=>T~BT*e4AaQBFmCw7wvrM7 z%o~kcW%ecqow8^+4TcykRnvWxn*?V}uN3EUAE751GX~7&wOO)s#wdjY&OC!FV6rN8 zeb)wTn$9wM5Zut_1gB)Y-adXS{l6QFJOXI1Gg=5?#y_H%zpzwlEy(idFB?l!e&=q~ zz4O&dI*0ng`klKQyPq77$0GY~mRVt?s14f`WD)G~N>AD1?#p$_D!0IVUxwH;!-0=^ zECyrHm(j)t$4~Dp4+5sObXSv2I&n5MmsfLx>d>S>_JZ1#m8GGcP$MIwBE9K(*VUtI z^vs_#HBCUphyRRyTmyM!9>PzhOrO~lDJY{cN(R*~I8uK~SUjJEQ$&iG@4WP)OK(Th zJg?1(9&Gy%CcT_@`c*Rc|7)%Cq7Xd?6A7_9FAkZJoe#3ZyTs}gmRYfzPo@ht$|@r4 zMvdGfR2j5^KZ*M_Bt;49?jH?^?$wLDgy|ZR#y*wh`QcU@pSmPB=hVP=T+aRp=4Gux zG?k#Q=Rs)Z@=cJZ)eO9^j_}!FOv*}s9LoHorIz{0u>iaGDnrOztn7^E>z|K>N?qRX zF%vba-*D3wwhcJz6|LhtA~t9y0e|CdKj6e`0-V8ond$cTe@xg;P|pOUOc3P|0{P1k zgSyk-2a6XU`w8&6Q6`PO?pHlOo^>*oazbF~0M$xOiW(}2B-<3{g0Df(v!B74iOS13 zSRiC8wzkoKSNkdnKdO7YEULZi*&XpEzp^~dGJ*p>_nzwIxWKC*wq3&pFtxEcs8aFc zjM1O4FjqBj4bce$!Jct*05d}~or?thGeX{PUnoGQ-}c?PW@oPa#KK6BqxAm$U&oU1XIl$&O3TDZ)W-Y0%SMs1*D@*=pFU$*HevWL;fx=&EM2a8$|nG=^n!^ z!@)&B-c7uCk?{AAYj;*p$>kLoT6Ze^F`sNX77!5Q41 zIZP>*9xOJk-Utl5BD_^8;2s`LcGBdMeV&u<|5roc=Nyb6E(M_!w`e*m<{wX0d2T>r z%q81Q zrxZwNLGFiBF%Nedq(-X*fBN_MW zB@X@QTs=ppj{-Q3PVdeYWbcL0dC%}YIB}V;17FZi>SW1kAKnn@&ygCtW0KaoV3++{ zJ^zn-PT4cUOTn?d&iEPLpYKo}S_PojIR_o2l_mYHt9i!`B8${tx&oIBJl7`lDcAB2 zc@KxKAIE#Qk=jKrZeIDLw;}r%_L8$y#Gpj#-2h7GvqbCImc@K#D&e}!q?5&@-w}D4 zAn^Hdl-1pkQESJ$;R8dRsH!;3DCXM_jOV&p-ds82V4kBx2d_~G@0S%h$T9- zKTlfltA{OER5qCT<_E2A5qLvTJd?g5ydo8;X}}aM4$&sp)`e)K7WET~gn7=A44*dXRU%j%NjQz8V7(BPrbk z&CAQ6rITyaK7ItQF27}`6w!_ zO7ANrxqn~_Y7KSgrFLx9cWgD>T9lJb7sRc`QouFKEDBu)`3whIHtDRQ4?Rz11Ldgf z(YjS5wKCyyimihjYun|5SD60ZwA0N@LfJnjN-jBxn_zx6A31Sax=|~i(FiE^)8)&x zasA}@V!_yB2-}<62B&du434nLfgAGeEtbA4AnuKdQU5sB#g!-U>Nj;zVh0<9)sxH7 ztjT*Bdzc|1ZXo-I*YT9Ji|q4Sti-LS%G`3|u1crae;ob#SLQsBtsYQ0*H!PJbm zB@-gqN!tOC?2`3jb{hR0Ygb1KR8M-@VBFlndeJ8y2Od-qI6=Id0nRiD8T-plZAzTz z3XjHff)`oa7OA!S1fRj-4s@UALbOUN&Tp^y0LM7S{a|)ev>$c(rRcm%i=>h}dI(^W z?+lp>5g1sGidbc&Cpvxs@Otw1V-S1e4JjPL+WCD-*T9CVE+k1ZEcXf zq64ODNF0^)ag`~d6N)(L>wC@u;e9w5np`#QA#Fc)sQ^h^4dMXE4TZ+sWWKn6Qd!%M zZu$0cgw`4f3eJ|l*fWTodcOXb)Lc_9kN~Xkx+Zc4hL2uk=G$2{J|orFm(nvId6W~p z?Zor@Q&rk-p+LX6M~H$GPXq@u)Ya$xBcX5a{TSZvmtjANF$9pcuFr;vzL*J|ugwzR zJieGZ)ln0DS>Y~M#LVPUuf~c?sUjz^X1g{VLt1B7n2E@`yk6z9N%^~s3Y3}yqAYlu z7W<;P7I}cirgh!WFqoRLb-Eafyl_J<*J^OxkK@BlNws7x_bFNx{pmJ3s;g;n=aJ!r zwA1zb9b)ev8k@SqOEhc(CdR)e0)3(O`t?SD0u`WJY#{D=R-RFS8#;63HwR-N^~IKU zVE0w2zT1HQ+rH5H4|bQ;!t(PSG{pHcDxBFiGRsDqi+z>{?!;IX#iXnQ4xL{QIh*sc zxOGmges4W{CO2Z} zq%b4(8!P8M0)4h0lz7ei)-84`s-TK!*Sb6Uu7jO)UdTxFT*hj?!NeE;bCr%~o_~1w z>FJEtxe?7@poVK%$=VtCSQkw`Gdn|C_cBc6TaI!K{&{KJN<`PP<6E6}Gwdz)b9&q{ z&R_c$ zfo^B7KaZ1qw(#r~H+9^X!&^{&jsBF7DAsqmO66 z;BR#5wVAfim}PIbl3>VxT_x{!1Z+YSaphR0-XiQkMl}=6 z@c@x-+7mw>xe)R#>0J)mSTDDFb}eLZDBF95tNQvYE*o2wG@iTh`uOPM_fmV~B&lUF zat)sk^2R~oSAy!8s%QC!0sTg?E1pIqs+X5&eu&_u3KKej5y5e)7aSBniF&fl4ky6R zfJ@`pVcRzwXOYFnH=GHEyWNg@I{X%On>qjSei2j}dcS4Gc!|v9uN!J>%|`RP_-cI7 zY7?_d&>0REyL~pvt2LwlRx(!IXD>M7c-OR!4&UtCNkOL`AO4E76oK%E<{uQc(P4@& zDo&G<0%%u!@%@Q0`&Q*A%Z+Dk4V$=@YvKoi>{nbPLfw<&|1x|)o6^wMd5I=&5S6s0 z+YunZ=gMqrzW&vY3Z}$aY076nhi@h~5rXD!I}Qhc{6-YFDN6VQB4)n2XG3Ymvv&4O z{;C`gf+E|{CLYf$HGcPlY>XF(lvh}W53dNHWM4s>ilTZY-CrP{)G_a$44Cx2IJAsI zc-i-9l_fW%IznOtAai>z{x2<&o2t#S6`F-MqS>D5&-CsyoqtQ zbo;$lR3Wyq!;K#7l$@*v0n*uN8hfRY4U*>ozO6g-u7sjz}V!3(~mlNj`ZeT6H2fwF)4 zAE@z&K~X9hkY2YF_XT8NIUhAXwW=B2elPk9#rNFx$oaE^6BVTYY5JBh&jyC4bVByv zZQxGx>4(&YKRh6%ZP^vx6E+Ev=v!)l=sg0$f0lF?(1bG6sV7_lJ9wg>R~0qsVS>FP zp(sZGYNT4rAvN6)=xChR8g66YvQ*|A=*@+W7Ml=aS@izzOXbw(oT_W^b`pFh%9_f! zahjZ6^Z&~D-*yi8DTA%H5x3+J zg*{@s0J07#=bIc0i7eoYo=fc~0FOaD;`(J4?*Gq?Ppt9LFA(F}gvF8u7D;E7$OhEm8(t_s!vvIOmI%Zlx&8HR=VOO2m* z+4nd<{MdxYx%@F0cOB}^|K}BI>-XgZz3lyxvhR@MpMU+e&ku1VcGc)_kbxLwujrVK zYZIS{A=C0@D}D0X(r}c>Cz6hAxa_~rSw??3mlYHhC7z_qIVfUq6E5EKNxFqyrwH-A z!!*nlC;vOY`r?qQZ1rBEc#ynCB+G0Yakwfl;-lx;DOaUH?h5M1%T#X1amOqH()YC#G=6}KJ^ z1hXVvnCzH)gR3 zLsBEdmkC%i;hy};KWWJM=JT9MM}qCXuQ=;bHmatSkUJHdP?tMy%XKve8 z(jvF|*dqi*2Tl)kHmQP}Mk z!imQ!ZI79}Y&R3Fd9dQCZ%%n6co|Dzoxt5&_d zoqGMn4`V|ny6+M&!vC+kam*(7L&kpZeW30O2(&sTm$F-R!&!5jtd-`Dm)L125g4kE zhpgfreL@BBSIAq4(PK&M{uhw%?Rp3G*1nj^y`iK9Ks~_-Pj;XHAv<-S(iI@my>}>G5gIc=h?cY5&XvCu@%PFEYEZggki%mE(v#Q zV36$5<-{*QhI1FkHEP{6u!(^!9wePmHfIp9^=N#AnpZ#<_v?Ur&c|snk1xh+X~ILB zH)KGQtCiYV0}&GM+ehPe)Xr7VN(>tGy}x(VSHjC?yh&1EjK8BEx>6LQqk-Qr1|;(H zn1JSK0b6Oae)0d^r-`n%E7QZ8_Ez09XXOkd_d_Ok3j_`6-abOOVg}GGD5`E&8q@5C z=V z#Z+UmdT1$EsfII+GJ**R`I(hY&`|7GryK0n5opIbOV()%?7>0&_sIoM8Uy3QfFc=* zwA90{TK^?c#*!ICavdmrtK58qOev`dLuZ)tr6WDjiSD=;16!AsUZ?AF9XlD{`WEYK z8%`JCLjI3dbcctBU6*~#7r|);Uq%L_m^V>3{n8oc@I>W1^F=DgAa6vXzMw12u_>)v zghx{`bQahBE?{T?Pl|UB+$p)b)AE?Tl_1wA|CaR}laW*=e0mZSsEy1XBQ|5+G%uZq z5il~ZiG;t*{W8xg$e>tGx#3+p;ggn-j$ZkJyCd6k?q_mt(AY=KEh2dc?o^8M#`F_j z_FBrd$s2X19qxOGAB}Kqc@*p!2Ua-0rda~zD0rE*#X@#zT%lWH7Sh}CbEDn7J3mt` z|1OIbIIsSC0_yraVAQk8>D3WA--MAn8XfopEaqu2?P_$A)usgqayQUiE`>L-;L>T6 zyC+~(Uu?Y$Qez`h4$|HIRi8&A_Wnq5W>7o!-qQnn{v%AcN;pS>CB*-UGT3uFYPj%wS?5AQs zj27`5HX%w&wO5iT$)h_?bstGJOU$YCmVK_ z#q1G@!cOz%S#SO@9x{((@-W;T>)1`V5eaLIi({(X$d$heouCGEeeG4`s>{V*cvJYI zSi=P|`~q4>o9Q|C~c{F#EP|A$@p%YovtV!ENcH`oW-aH z{pR-=-;cc5{j@=$rrNYQ+4|K#mE1ZvEHQmRSRN`ek%$E(oQNN_`OT`WdXu8)!}PYO zanHc5*w%~4Ym)LDXIg2t8GN+9s2)tdmX77rgZ)`t=xJl{(Z{Dz%|NQEA0{+gI0RQ@ za7B#FK5SKSi>LIHElR1qHO3pWe}xzpN|Cmcjm$5xRf0qb?p;7m31J|DMuG2i@7*XH{8#+M1+tj0Q>9sh_}g}~c3;6vd3_Qrx|j$gmxN<& zdTyXq7W`6nNy8AR;1bRZ4i$~3ityY_^yAYW6R*}R2(X?9 z{Vc(lV#t#=ooEW>>`pkL#lfsLtgWqFviUvOC%Phpt2AtrN5LKtbI(#i<6@-OgqGp^ z4O#udfx+H&zLJ?}#UJ=Wiq9Q+(Vk=c>RlI*P3C*46g1=2EjxD5M&rkO4ONobpXtEs ztm;)RQQSu3jaRik=Y6Am4t7?Y6NBN>9qZxq?sJB@H8t^LAJ2@Gf3*E+zE-&iI(~(J z^apB^qnwxaFyfPeZ-B4!Bl3!q<(FKy?m$j)}lwu-LeJz`C6bahH{_XI{+8 zCZ;2G?;ac-w^-G=!6o#-qaPGaSlhUMX&q_iv&mQtXn-o@jF~N*8^4@jbXr_f%K$=y z6(yS7XOz%s(;cC=6`-{>XN~%iNMfT}U2Vu5?=_+EhVU5{Si)&|mK6`Yz(fA52PkxaM^TP1Su?L58JRpfrIwj zv4Pl5NnN<({JM;rohwKFD?s~OGk-WHP%JdmLKx(j%d-@;6a_FEgNkE1vO_Ge9tCyo(9=<(%QJa5Wg#Il6y5hK?`i&PW zs0VYe5c89-@NjoRj2%(d7R`7y_;N~_uz#U?IddF-;&wg7Kq0g(M?FCkoBhn3|&^@fdXjT)lr1<6&L9wT6{ z7W=&qH540##_4*nW3oBK3={DoYB?)rS$1?okrciYcnnE=A5F%B zBq;CnkjjlyiqV+niUPc9NRSqdShUJddC{8jmctTQ8 z)6ue5cOCV(cQov?@YwmFYg+3vE55xy&62^~7n$Cqbc};%pG%trOkREaf{i~u_C(a3 z$3+7BM2TrD;j7D7`0J^#@AN(iWTk&Q%RaFXsN09*u;#=(qt?6BJwDdrR%FK4nWUKb zEmb~6W>m5Hd}ZL2EG{ka_hU>*b2@+|rg+u#>Ys5#JH#E@*6I<_ z!lU6v1UQ=UeJ>wgcQjsnQs}`9WgyjDd{ff%y0Nl6uw81c)|yTT_fEMn2o4I11)u$U zytSyqQh!5(DL4WI@_pTY6S^Iu+2!`J=;s^%6qRTBjs%sZdYN{58#x9u^S?})t?{AY zpoE+`ST!qM=%`W9lc%~j4->ATg2OToz=vWsdBP%3EMe+^@C{{)wJ%H6vRI*{#KVdq zTkN(~O0H$e3>wOgG_b|~FNZFCa$WoO*Wn#hK#3TkArFhMgP!+QhXap){}lz? zu-IkXTJUs5hn^}{&mEd|q7Wb#_$|tIWJ@g$*3D_0BfZZ2?-m&$ zDAjo)W3f39YXdla4Ef4hqv*1J1XbgSu+c2&LpmI$x@c3}a@|{`nA}>H|JZ(SDMJqW z+i4$FsJmZREHtnh3pSCPyV1U9Xityy-xNSjF`(1$o7uaft3lvS)u2s1PXnzAjfg@^ zl8y@Z*#xZauJ6$lL~5%MC;fY$&hp~}bX#&1JU?2L!lo%U`Xj@{T({8+!2o1=Z}Au+4_ShZ#tJd_D^172DGF1*AYnF zr;UWtt!{65xLn&Wx2jny)t8w0oep;U0{RGtLXZi84E%xhPNH5oQ5$Z51G%cO5sv-cO7@%@z0VOjOr2mRxnPIE3xsPr6U2hL*m#&EdiW$a4T$6?@lzkW^IUO* zf7VG*9*}Qw&e}msgUWZye5(D+9QTP07C4B*w~##OtW{mB*(!G{3H*LST44q^F)q;pKEQ@Je!qp2 zq)6xRC3?=RCp=pQ8`M9`WR+1XimcIdsjMNN z&&cD}Vwd^dg#s@VU``!PV;V#L%k(=9Q}cc8v0#yO0mfju#tyi~^lf~|6yBHaZ+MI) z6y5Nu>Oh4gn#h+2vOFhvzrHDFlExWk{|evlIf!ss9Ooy9dDztOO_slUL%HgXxLN4q z8+21bsml;q=vAbZoo(>8-hSMfW_NV|c5_?uQ^q-0hW^t5al1=*(hUEU)R7{m7tHGu-pd1tM9;co_EA?h9+JPzitHYX zKRu*N-*940U5$3y51adO>$+bY97mO0#{5oxsJ0==b{G>n> z92+@+Zt8K^>T4C{U0mLohL64P!Lc3qbL|0O)v8vu1e-Ib6c@k!ZbY1Ib^s1Z{c(4h zBrpqb@sX8b*dM=9wmP!gFz>V!$O)jznW*8tuLOZU?`FPPhhi?;@M;c zyys{>uGP-4de_$dfulWZJFmI;Lj21`bQopzgvg);vVpV7AfaomDze~wJ~EzaPtoYw z*DHSQW@E)_G@Jyt@@n7b!>D%i&>x$eSM0Q$v$#$od<|7hUp5T2b8Q_H(n4@S zC5|f7p=t{L52peD?w;&y!fi~M;ud0dAc0dFBWk5`1xnSmx4DcKK z{fGLOf5_qgW~S24-UyY9Bx|Xw`LQ=#P?%}aO7IVg5I#*@jYFddb;vh23Gj4tfOzaD#aBe!V$3}`C1c@cYDu%( znPeTtq8xoW_~?JQG7r~RwKx+7zr;ZKWrD_}Y8x|hU6ib@_xuZ!WOKe;s{wscG^4z` ze+AYT9W!X|)TXo+i9O`(gbMp#**1&c|5%L0%if(x0l(n>#?q=9GUugF&N>SjE5Co= z8t~RiZB-E1cTYV(N!B3_jFy!3;EibyxURk_q0aqTl`DTb+6@VF#dq34t!Py_L9p?i zblagKT)jsPX9&Lg;C>h()nyL=~fowAR_BznX&F!T0~@{ ziEsX+b9l)+gmIkoo@R$xe{>jId|@8IT)=9K+&GPGxRHS2Osc0S{2CUJDV29fH`z<{ z7Oyqh=~VHI?fw)apeKvvmK0aut8ZHQFXPhT!a_~Y)7y1JC`_i(m@>+X9jkm(?Iixd z@%3v0KEJWwJSxYpP1CUGwt7ygZnQUF-tdaiPJSXtqS|7PQn#xgfY_dNkbG=l1 zCW>nLR*z%Wj+XF42jduQ+Z)!Il>Iy2Q#_ae@U|tFj-OAYu)w}$58r+qyS7^#jS$Yr zGv1cq2IXN`8SV&Y2`)?%J- zGzBN(KQem-3M}7AizecVpR8>?(%ilR+IL2oC9lnfZB-ghCLQ9^kTzZrE?m>-fKx{6QxX6#a8Hb958U*00Ku1QHEe)Z z5FKV2ptg|LNOYxL3pvm{_;w<~e6Q55*0dtUb)CA6neLZ5e9~PgcAc^AamVL%qCW0t zbOgw*8h1lY1djXa37ga|0jI$F{~JMxWB&*7-jVoX`}el@S?oCAXKwlwBk=uy%8`&9 zG9#)4&gc^Fv`&^SeRi(Q3OrE-gZmfQ^o<2fB3xo@{jMEFU$Tgk8SlPYd&AX&@kO`p z0zN8EscNvJP3Ikf0szFYPpyAZ%hTwc;nu%9t$!tCcA9q*TG3uiBsIx5c_6x&&NI}T z=~o>tWGq{LV@8kMx3{pXFR<^1F|Bjz^^7@ocg}z6Ld(P&RGa915fA9=Fw}ZiuQUfB zI{VAHXn7a^SH0)I+p{#hIrw2NQ6075F_3-vh*@S62t7(T&re(85#5%j1zdoble*Rh zy*0+YH9Xhvq6#zp#kI@ygb>i!;~xho+u2fTkn?d?2q1iGIH~ZFlU9evmE-r^0UEAN zEcdEk-aOwKR||?N(XObrRxYF?m03?&L*1YrnSM)pY|;t%d>|@asUrTd2rK{2VDEPca_a&OsO&6_$mURk@LEiS4S(AN-mD={*%hyVUW<1M$|zJ1@ak5PMAxjau{ z=`XxVWUKm?iZ`*gg*96qeO=MYw{xdI{wrWGf9YQe>CoV^qg&NVk@Ax_(}lBpXj}*2XX14k_6t-b*z@oYrY6l%OXoBov#=-rh_( zDMTm+td?UCrW+*(zo2fu znfvChRngv4G5lptpZwWhDEYqlb`iUjA*~1-0gvhZ$cm=)z#vN;d8oyGt%9|FFv}KN#{MuB^x+!JM9Jf!UZy`@6b~?hFHN9^30y$i~-v zz$Q4B_YyJ7=bTDj$}7{V?2(AxQ|M6|oXfV7J6FQ3J&pL5ZkLS_mGQNq9JE@BA<%|n3)cMjR+GqiZ&IsUJofA2 z7&M*)5!zqegb`U{b8X8&qSmrDRiV7xpDV=tx>1V40@^MSYB>;VaV5SReOBrV?VH+ zRJ6S*P|kZj3Lyi}Ud|eFYFHM{TQoOY_E0Sd1;q(PDZeQ1lv>~j;+ay8aBq6{tC>6iD2q zX+U584jp!x27VG>Y(c9B-D}et$FN*U<iraA5ue3gGD;M&{Ptf@WTg8#z!O~)b zvB~w~=S(Th7x=cL^|LpDbjA4`R`TcX4*wRlb2Bt4*VP>( zWb*I-WlB;VBS-vY7d5Wi=1B0^f?Jn zJjo1RU?)n$4&_*`deE7Q4wql0qjgVv{DY3RClQ5rUc6FHFAy^RE#1dhH&FO|K2#cc z3gLdgzZb%YjQQZ$c|>#nyncYNl;YM~x9x-H-Q%y9zaOq(Jmqayix*#@cf{XtzWutU zmZDniZ}|>}(@!pD&xJS)21ef$)xD9{o@1mGv{`vhWiW^TS}ar$FM4K^Tn`JnRmGe( z8@=aFs8adL3>y5QJzsgls+B@a{YnLFxAjS$CA#cc$9xU~Y)aBJl%e^1f6v;Gk@B9t8(jeWqdbFkYQp@*a1ud@N z5kp|!*5|9MR8*Vo%K)*#2hE?W_eHcKJUhn*aN#4=^zM?^M6eaLO`%%1&AI4`0yr4J z_*U|T6YX7IblN8KHJW+-3HXhTo%#J~pC{^P2>#Qi-QkB=+R(IS=YchQ?}^ae&N|Tc zniMrhn5Uu>C(}J==Fa@#rbF(BU_fgSE$l(_x^e9Zv3;lY2A_12s;xoyZUjFeUEJ-a zOBV#E+NM#2z`uYY}~?55=S$+)l=ZJv=+byDDygC zoTGIF#;*aKv;=v@yHLl>om)4~Mec8}`J<5om4!1+7HScmZ-z`vH?tA98ikGi5T1`Pj4m`h0G=Hy!edn9neNm);V+-Wbz$T#jCqF z75OeGp8F?A8DNuR;ensz_5Rh$1P0GF>YwpO(qZbkr{0CRbab?Gy{wxeI}Fv(4$Fd^ zJp}CUNMEc8g+9#p{lDC9M=)cT@Cip#*}Os}^+z=G>&q>p1Nz^@y&9p*SV}+ply^4# z5QoZQBSsU=4L6~ZGEw$`tCo2J;onP7>Ma`Wqpq?~tUYN3L1slJ(g!+6uc>lJ8AZ=0_Uwuy5Mev@xAF#!*z%zi6mo<<>>pM@PVJ843(h^6|hUd z^n$dn#YN;F0lb}`!eEz897P8TGlRS1h5#S%?KB&k()qIMcvMY?iw6x1;C~WwGh!tb zk37A9P5CgDX^}OyAv_m5{M z8;mE{0lk|x1d&WC)4JxH4z46AORPJCZk>^i%cheg01?J>CkHRHBafY0fR2Nm?Pgt@ zI7m6M<8NEIKdHpo*Z11S>{H{#;nQ>H&?k(mO@IRJ7sU zDUz5wRY!K-fBXgFX5z3X^H|gjO3>-SOFyWUr?2HOi3r34pOx&^{(G-qm{Aocj~TIq z!|w3jWrn<#O0_LK1fe-0TT@QB8dsiwP*mHG4(vn()&A!}$&VNE(>@*11a`K29}j+Pf6%eK z)^SVcN0Hlgv3-}Mb)%@o60uZGm0)G`i*=!YMT@rWNx%^kZUZCO(T5n~d(0i3jU@Cu zgl29jFBIRouIs7>(f*C!*dSPa?S%uv65JC7h{*vTRo?YkjlPb#mLw+Ct`hVlTGpF7NsG5Svx^#C$K2Q+Wm%-khD< zs^;zDiLX7AsFRhOzOd#+&8xDL=4rND`Kf{*=2+BrcUWH04d5wfsN#_ z0{E*+0(It>;W2bS-djJ7%Y=)mw#g}-RRW&Bd_VuZkUcog?w#p0q3QImj~Mx0&qoGs z^n`RS=6WcgG>jcrN;*a*pW+>+Y|QtP#C8(ou)ZaSSS}nalljwi1VGB~v?@;;r$wxO zynlz~s}$GvM<&l3D5~M{6RaL_5Zt+(aUjcNQY9{EUE4iYlAyJdgOsGyNdJ~{o83$$$33Tg>(ihg!`TQ zAL@JqXSw*le$lSOGxyl7Xnch6R3xPJ+PL<&qvmUk#N4%%LLQZ-_AlN|)`$NxQC!&Y zI8^$EL<=wzrFxvrr7^>9jeb>pQCsUK3G!8wtP@0=1}P-{ZcJC7oMcXwJQk912>pB? zj`$s*>i>lERw`^^yyeHq*D1-4h&Nf!rQex&Xg%Uf`EiwUmT?6GgdW$)Ka_o0FpM&L zZevzq8bE=vyl=SDZVliP(8zK#I6qoZek^0>Ric{d->`MMEv4>qk`D83HG zC(HmHJ)vRPW4;PF@m`j0vcMo|zx}i7?&L~kVJ@h)$9#g`)P;;4R&BWrRHUu!GhU_z zFu*k%4hlrLoX{?z^8JZGHE{KT7|+lI^|tuUiHrgwX6bB7fjT*Ucp^S4-x0XykARpP zY*Qp z;u&o|NwlUEOLx~GBNA&Iv}Q}?1@7z$8b9|#g+ltVc+N-Hnj$-uePa#FQSZ)g)AU0T zgY}pr`-86LAkjdTm2=yb?z#Va&VPxLj^6qt*x+;=M)M1r%GO#91qWc#3T5rZq1+1O zmUd1Qy`0eC#ZZCBvX5)3E22yO$oD?#Mojvo6CaO}^vvtv=Z<}Xq{GRIbY)s58qgoD z&hAE=V^=sP>Mr*|bLl%c53v*Z?)FPTBs3q3p7G1PRE* z=zQ96Y^M-?TfgiU14YEdV7+w@f?#FnSu5g{cA!!-ZglmX?7n5sCxTh z{nC0(=7U|%S^*pBLmYg^M0nU#uiRq$rvfRAOiWjyJn-t9K((&rM!L%o8=u8c!lxg7 z8$jTIh9h%TzwrTIqZBn|^(tBgvg=vK0Js@QmJ(uurt=BG1v-YY8XGwTT8?A+-jf$XC-g57j_4A#mFw#A50_r2zR zx%BE?Vyn`EDg!itbux80oqcZL5_M@5zP0vA-a1I2A)$*&=1HkWp#wHV7`QiqmVq}t zl|B#V@v)vq?Iz=6^L(GL|DY3f*r`-tGZHadcDS9|&9>tkfqQjtvTa3kF4U2Bt#1EQ z%rOspbzrG+v->i0<6dT%h~qY1NqgDp-}a&R!i{W~wZL-IX*%tZuPDvpgB`?!6{)bg z9lujR`=ZaZ4*QF9%hNBp-RPAVX=(VPB%Ky};P|U#T1^sf!_u446+U_6gNEIn+#%NV zJl35h(EB+r_TW~2mrtJ*5H!~401X28KO3R_6hxw`I7roaWN%mFS?BwQRm&fX1$5Of zSt1%N0>@Hg(w~VPdT2jdh&6WFz?|p2t9<*qs!T`ItIXyS5ePd?c#yC+VZirLUnBFRhly4>Ec=%Kz7TZ zaEd{}xU65=h8Tv2ADzCZH3l~{XY7VW*$VfrwzLa-q&G_#7RsTHX!}*aPBR^PTsYuw z_fY1pnq;~E@wnLmG`4;^XhA*3>GQm7z7lhO9Vk~^Ou8V$OQnwM_DN{fa^bV8cL~-z zq|gg22s;}bTusWB1Wt$Y912o`tqtQE^)}gx9ZEVZ2+{&YlP7Q$1s&p<3Hgax7Vv`< za7YKa30XfVylNZvVGb7_8&NUkz@Z>DSAIqTEY8PZZv$xwzP2x!Z24kQx;S4_6&<-N zahPS&uIh}666w$7aQ|v`_cyueSf*-claI*2RIXa=bn#|{AJ;%i;N^@!mG8pP=k_8U z9XUuiec|D=9->L?2ZifB^untpvs3XX)ssO1z^@P^0j=hpH<~xd^TeB{VA@cv}OqNT-OJfuAcd;m3sSlyIl&)@8lV}xw{K#OZj^)qfWx- zrF77afqgxOo{&G9Zn({E z!|GcgyhH2D_>Qm^|CZ0TZ_lTi%;@f$vCYnY?bPR5;&z0q5{YWDZU;u^_l+WX#k7fu z8ke0bJbS1M#~`^Kx^!g&$O;{Cp*bS%-}Kt#^jaDwrkW!BF#3qOvpBtouo^)0++mjr zpGRJ1lt-WR;tlacx6%gyGIH*|!4_i*TtPU8-Bk)<9TG&y5F5LuIa>jtklw+5<`-cb6P7U7;Vc}OUi z&0+DIDz~j@4cN!1XhMm;yh%hI&G4m;v^YXoL2Z$(&-0=;SHzILvbV7&}uG(32vxEkd?oEaHa-7t0RnpxxL298ALfwwdcbk_X}sf&^>FYz0j|{_T(wSdK#%zbnSi=l z)(nGIPMh8MP(n=>?j5#}0L1T708U(5L3*9S}ctSj$Y&7>f# z?ITv|t|Qee@0}j4UB|b*EJqg+TD!$54q16@WFtREQ~)5pS70X)~X?rj#6qX%zlsJ@N*2Pn-9XQ zMKl=CHi(=`D+7Lov1-D7<4^W(n9_n~UB#=ObGv-C0r!NoWgDBl+^%IevwbdwSpc85 z(9s%w613RM@Mh^d<-;z3uwLni4Qb-HF)D(u_;^lfJun*I!9?|w;i3J9QDDt>(6@1P zKssIZK)4L-fNZ;t3kGN?UL6%wr-c1#Dv!R1_&9#=l*=!OPFrthSA5iz3=olj`2R~#~Go9tG_(!IC5xZ_iS7EbAb-E%%K8yq6ds2XP* z+zGgx`qn%a)3SsDOlr~5B`2{6TtAXJ7P}I}2(s`%41ar5>^oyC2#Ah4L7uh-0^08I zAk91D_i%aswCYor#;w9AsWX4q)d{LObSyg6xbI;4GSDSvz&mh>VYFXxvmkfe<)Nbz zt-6O)I@sfHjxaiHM~RDjv>cAO#*A~>qa_gkbv`OFPeG2j*6c3O$HD#5}#UbR|z~kE;l3Bdb9Bm=K-ubE+uZ`nB9X%E>JAU8yx?GiHTb=<41bi*BY7*TD{F>bHlnTGDT zCMfnHm-5jWt>r;YY5Q}H-n56SAt3x&fu`NEfN|oJ|19o*nj~{nE>xPwPcbpAzY#?$W47Hl@*{HkbgX&?7{zz(pkMNh`>3n_)!Ok(b zg*4G04+z-iM1o=l6oV71F99DU=CX`2!4jd&QH;_?u(mQ{tZk{&Q?bzyqHt#e%B^PXga)x1%*9pYt|sUzngSr?LweiPqCRw(5@ zi5^rP&+^Z*+Pj$fA^T;w&9k>Pk-H0(tx^1feZ#IBLiMSAhZ8YByJ^F%WcUQ5mRvHr zyOyn1GmNw7f7d)qlWu&ml`dz7EdM>8Au7$KgiZ&#gTDDcxe4Z%gL5Mg-zG9UDvK7-DBHmc+l529%#^)PXX zWHj{KRCPF9n{$H6If&M+(HNOa0g;}H3=5L9V|I>VMjLkxkz`^^(OK)&jYQB22wS#3 zUWPT?)zsuTSZxXSSx{LFt4M4W1vq~OdF-22nfLZt>pZj2ETqf*Cnj12i9aOxY(1;& z=hI7NQWTXvrqzLvGy63BBE7xVqbB;&uL#D3SIw1%#2K74Jk1Dj8K*y-{-bY>lhkZ8pu8E$Hy(vw)*lUKt(iRgcSeOzQ&usCdpx~~dJD7Z9x|sYS`z0B;f2ss6rJn%ym76?^f=JD@m?xy+_&$He zAM=@jjdTcOOXxDb{EjX#9}18^?h!3PaH*tW{pE6emh*=PJo7Oj$<%l{lvANtDTsTZ z!ht}{f(R(R>otZ)mW-NVz>5oaL6A)<{M^UpcJ;9E>Oq3(hsJc7-jenRv zR)voz^`hs=l6kaIRd*uJ2O}cng|~0M<8R!|6>;U`I*(3qtk*G7=re7r9Jh+DUMFgr zE;*I|l9l%UVsJC#*&{m0lW+Y!rKB8xJ=YbM44%E~n`!9%8$l8d(T}+`j_7yDpd=HK zqyvsgg4WW`&r?nR1^9DHc{ng#1NwOw?qSXYf}<(hB)F1pgNo~wQ0fhl_1TK(@DRw& zOhE{~^X&=-vGWq)Qvs<^KS>$^4=MV$JhnCC?3jEBIQJIvkfAEt+wLi?^ATVJk9I^KI6{xv>lhR)Cp3gcUSM1DGX zUSBr&qQxhYPUK6BG)<|~S#EhqnYF1HmE+7xQqQ;5vm)yR(=H%)WW=}_i+G)h*zYlq z+JnUNjW)$hWNDKRY*4W`A9gFhw_jS4@k`T4!eJtsq4}oU8K+(VmFDG}eUW9hbYfVi zdfl%RZTJk9AWjQ~8P>2q?qHftwZdH2@YkcP?BspmOa1*BFmBfEOn24gi(S85i}R4v z*rp$C4X}P7|omGI-HRmY2QB3%uT|Y zg}CqG2BYj8@?DZdo9ngeSg6M0R+e-OSPIb+a&r7AJpRf*-XO%N*k(FK&jV_4N;Y&( z*^{kD{6wbg#27?|`qe9q(mOcsa_xLinAxMkF126gD9P{d^oVO?q^X|by93~9e>wJW z)l>x?lj!fIG$d7|f2iLiTOybH>9{Gr*>QUhLs(z=)t@Q?BrlZG(A!;79<_0I*-TW` zG;4at^BoxRD>l8mt#;yfk*6ZY$A%{3wspO-F`)$ zUoC338v`4^uIOwkO^m0^>|YFTACc#+PG$$bU2|SP`sHzmKb89l28R&Ais#%9tIias zG-~WFI@&aa=fz%^cRbGR@=TUbhO*o*-4SSiirGT@glTm4Yvmu`6YJg#S2VO$_Ym5em>M$DHt2CsVshByZ$SC-oZo4V%XVCqhXl?bFF9 zsJ)0bKcym4++Lfh+T(mJ$@0@e{`Sw>K<<#cjU_09?KGW3_Y`f7n~UD)U76zkHmzAF zRyD+oa{FQTtJ9`Ri{*P3csqYlC+(34#?a>IHVrL`8&2YZ>_Q6*oofKz@k1fe5V_Y*y?@kfxDKRIh3 zj~)1=h`YyKr51FllBy^>qfr>EZlV$LVXaVqgnHpw>o#X+HNe%7aUiO;s z85=bGIeSr{JW|a#iz)bDizIy&$TeSY$6n902cI~STi}IijFVl=7r8b}QaX{^Z*N@6 zf`cpOe(fJo(j3qlEH!NjsW~k}c7sj>H$r_@DcwnHJJUIh$1>ah&+|kZBma#}5VOtk zRHFH>S?cD>hs~=9zlEQH`jE{l)YfAM`n8O9eW=0;rK@OU?9cOlXvDvg zr0vDEPEp6OOU#B3KZD|-i~d!P*N!yjuJqJi z%ar%Z1=wI}I^a#xF-jk{hDt#5kQF<$ExeIwaz~PA{N`%K5$3fc0i#Yb_V@O^Zh=LG zkchLcq~J#Fs-C0QLieFTtR$}tw<+Zi4|(3T?}TK*Z{>skAFkdys>ug_`5xWZbdOe$PC@AqCL$n6cQ?{qqhrMA(a-#Rf4}E^&%-}(&JJhy zz1=%|-`D%PUf22jagjUa^q;f4Sj8o`B1hBCO?^(EUQt$%!-_lAY=h5yo#&?Y7H?72 zqxr-1(>uPf18;I+W_;v-^KE;E(Y~|L@PwjnxIK7@(h=JX=q#+9XSg{KyorO!%^Cxk zpNjUKTV7T!_g+Alm={2qiLjS51H#5n{BPXb<&+Mk_c#0Z#&tEnUKrg<} zngRxF(nyO9TAPS03CCHRgxTl6LDiC>M zW#gn1G?>13S$@QBF4j;qT#G-8PCCJV#zq7RmRqC*h#iDeeS(dd*pba{3PnfliS5VpT+#_5hF1_ie!4|BPCp+m(ub?{t{Awkb~rEpwQ*5EZ&e_ zf>ob4YbB7CE>pa2&Dh?Sw$}0YFe>6PuS8q6xsAzA@a{(9;r2*(sQw7I*0;brw~^@l zB`k4HVevTQoD@GWSsq>(+RiK9R#qKnuj}~ox9i92?b|~@vNM0l0E%>1wY0LC(W#P~ z-H=VrFiIsq9>#;=Q(C7qOxZodBqxfspfBp9`HwT0tb;mDZbiSMUBAL7y5Lfo@sL=lbA(uw&ipH-nJV|qQb88$Aan0xT_@Sc} z_EY}+%dOPXq?paHNG&51S5^M11zi4Dk(V)#A{QXn&Ls}*iB{A%d5I;C=q!?MH2mtg zCy?ZvBJs?7lLNXxre9ROemUvV&U_!O`xe8<_>fE*P=)Bj+rAP(Y{yXtnC4f={(5-5jkrPYd$OO z^w7QkUHh`V|0}G}$GD<`>If=FptYfNI5MggIgj#9CgJ%T9e;Cj1YV}Ok$HfKun(t7 z3$7T85^wY5+7^27y$bztWGS^##`xLNC&%GHnx%2d0b|8dk-);QHmWV5BiCEWa(N}1 zIzL&9J`t&fbU>vsE>IGlEjmb~d%cUS`%@*y=SYQ`n>PPld&p_)e!z|QjJR9b`H8cs z;r;I(M_jPzKQL*wwR`}8XILkNu+T}`+72{`LDa2Sr`^59X=muUhCjJ8KOd)5*YgjK zE$W|cG3(n!GAjq}j{un-w2s@(2a*I>8`Wx9ma-SIv1~ks^45YkTL>l8&W`4m>erdX zo?WI@9Td6p#MHicnm$glnN{E?dKc+wh1}v!`y9fY>t{X6&{ACb6Z`O&V&J^eVQ#cW z^b^~a0DFA~pqsN-n(eFW!tpvGU)O6{&bmhEb-d#&0SSxY^S>`FgTg{#K>ga4j*sk! z{dsu${fzUKZldEsK#tAw8l(NN6dx2^-W4S!rSO4GYdCgWvEhopwAJKJ7pL*q{r%`0 zT)#_?{cd#Prmjh$Z7PhsPWmN^Y$OVJezgqm$mY6_5_X<=B&}Nv1Wo84_O3v`7Uz?b z&bp!uMsQlPf5f|A`q7=al(jlp4NLi0cWX!y`o$;TR(*T7_+)s6Vl{d)iCV6^rckz} zvWM$4NFbc%VZjr0^ukY>V{9uB-r%=YhF6M49+SVWTUiK?r$wnfRw{YCShrJXuXaJM zI%#w}wT$^5va2l@Gp8PO36#<7-b~Sdez*}G|6r`kuW;s71moPdK(-7#Wvxu>PZBF* z_XPzPm6Oatc6)d>{?o7YOqkY3Xc=woGWn^hqU(mv6>Qbt!!VjzRL-TGLGFp-@Ly9b zRW96uOAXE5yFJ|om>bXbgKa;)oo1*l=rr+an%A8E!@}r%JI~K|I|k>x1l_r=Bynis z@4{x=zXgm2=!l75jX%tAc}rhc>8`R3wLH}>HS0!e*WbkF02+C5GA$0%9+Q=LxX*gi zP}=d=@1V>aRd0sQTcEv*zl(c5v(=|w(|r?94?|G<{3zoU&qhQgWKn8PA>$_H?E$UR(Bub-9-+#rXVKp(?bWULeD08a40nP z6LGycVTLehH*47u6e$%rj$5NBjK3i1G#!|M_+p5WaTl(;C0`SzM9VZfcDY9?FS56d zx?Yn;3&nD;d(O+&%~HWnC2?gj{zUC=9^57RAx%IREC6D+XA~MOMGZT6{0* zotjkOj-=p5vxtmq+!@0J@{R<2KvuNFkqUt~?kxEGeqF%t^o|WGOkLz!4FAXL`y3hJ zlk0p*8!CRm*LtV3D8gRW9A9~(uq*Bq=fh||y)!eLzJ9bRWscqVuHMU;v%|j3bGk~x zEL4Q5y$4M)10A+Q%=F44AHo-&u&S`zOPU`EJZy2t&`|mJ*v!f@!?B}mPy-;+jjE&!( z;T}OOterqm@ClwE`&v?jAtH!N_zNDgbZwV1NqiDeh`rSrtW*J-`MOwUY*S&h{0-=E zNJPpE>FabO2T@m{zopkK4ptc*I{K|`iV;RSrUvQZGd|bRc9O<4lYrHSm@Rh0H ziT%l!zji7(5dPJ`AI6{)_mJ#mhTmsq&h5K!=$TpF&D9<-ko-d{X}{lM%cuRJXkXDQ z7Mwp3)#vC`Tx^@f;^qZy5tP$s&wC-$hAq`!&7s$8-0DGjPF%1dar%6>>y<>J@#Ub$}RSN6IfJG%iHj4&p9^Qv3}2I zFI;-J%9PRIcW_leM5_v(ktq0h+VuM1D|jVFjug0p$K^v~0-tU!;}dBS?+P>@pP^M= zpm4i>R}+4bn4(63W-6JZ!RGo;(58}`Q;+9nb|V(rP}$<6a}=D#Ma>8j!PAfG*~nmp z7yTvO8#}u2%coksc>aY*1nziueiD(YfIG389sim_?|@o-FW0QLjPwTMCzY!VGeczS zDHo3yb&aD51BO+sMc*At3p1I=vUj@E{ASucczyQzw*nNs;?epgYlf759iR11A&u&X z&BFR6Jrb@=f}FEd(<{|0M6%OFulnsZ-x}HTy(>fdd=I?qYPW`qO%r-?MV5jq1%nAIDC1EzD0#pOS_@--qb_ z6n>ev8ad7sBT2f4Yf*hmcV}p3hFK=geq?ReLxJFHZ{pS~bgs?v@nO`fIhoZUFWz^Rg$4E!Fre`NuKEVw$ukfobFGJ zOOx~L-W06#ynYiyXN&O)_{ppNsX(#B5Ek@{=2i#z<7;h~HbL0M1@2sdBq+-rJ8B6x zM}Zgpklb!#bPdG6L|q;p%AOVC_7_+fYa^^f7p}G`_G^F{ygi@xYvmc2K6fwYe${bY zTeVp-pl1Pvq~|prea=~`F*0QG#^fDXq>XF8^H|iwGafExSor%Uqh5rd z><{;W&m4bscm0(6ix>BAbKE0jdt@a(&RP%^NW~pK1W3C+fTrOp`Qc8D2(qVJiZ$j6C+byJ#%q$E`8%I9l|L7y!liNiK;Cq_*sDeX>>;9 zN|T&>*pjWsoH_QAaCI8y0Ja$LYK>9!6t95x%U*NGv1nM>0E?*R{xfoNZdGV3*6|?8 zJ`!H%6K!RYUFD@!!}m)&(q_ddPOS@Xvn|-=y>5^A8xXN4<6_#!@Lf>ng|vu31V6vn zkRIgdo$L_A=OSq-VhP&}K5pENa0Y6<{}UJ&C2fLWsyZbj|El-k#Z^o1*aDzj-{^K}bqAZ2d0tAmFe}kr%snk}-cjN5P)H@{g9yC9y!MeSexX7Zn)Gnnuj)Rk*5| zrpim7cFBXeFKrU};n~56u5{P4yO~VZb_a?Fp<$Dll?3JPOa+qTeDCA#WaGw+lJy9D zI>j%>r471R-(l3!B{>xap_o>-qu0 z(`##{lMfgk`$KPl-I%xNuOT)_oh(sMy42?Ckq55F_QYTB@hn`y8Q>dkCi}_sx&wM@$H`|!%E1M zVT17Zu&I6VOuBLAryd`I#vxsirVsf*SC440*1lLrX&lG8K+v-9to^*gl+VcDWnb=f zJnV#!K3|T4<-~YS2sZ6h@2}X?`Qo7zc7tmI=;~tjkh_&885xmIzdWKiUwJ{IAPjHK za&IKd3N&Tukf?WFadLX7&xLiG+Klc5@6y-RMM@oLbFCSB7A_;}%5=D}VgjYw;!e@+ zkhEIAgH&19k%WIl#_FA=p@pF^*!PH*v&T7a zAzD#E_VqP$*9-VBlJfU#f zlblCQ!ma*?t-|TyQOwhLleBQNBZ0kl!i*!I=k+jp42bH-$&5CtOg7#EbngAa9$W~3 z5kypl3pU*)a&dNXZiiz0my3#lq`v6bn1SxAcsZ5QZIh0@*Ai%7XXH?{}Z*%X=j}gIW zJO9}O6AJ88qw{S3&hm&d9dW0PF8(CvQ+SkqWR1`vMUpSu{KfofUaRc<)vh}L1>DUh zLd9U*8!rrg8P+qLJdat@x;ZQ;@vWy?di{dx9RJCk2jOkv6H5UAmfL|BYyBzo_&jB# zBFN{hMBEjePp^V6ZQNsYCi<0@sGcB;rAZzTeMH98aIswvXYx53!uOIR+41csRW4%3 zZJ{*rssEy04i2OtPkeTrGgJt|2eA(9D@QVUo&Unu|4ns-cO*&T8t1luv{vJ!$NmkE z9(b*5B>m+LvAXZlHoWbCt~cIra3V7xXlYnQkkaMgV&Mjw2JPmF#%>g}*4z%P!%vzu zfg-ZVo{;4j2~eEJQ>p<1NmHlYeKua_?K3l|5_(8MSm0m~ft=2C76zUYL6J&`oYX_2 z&a2n>5Iu6eaXCu*O~yY2wcTLgX(jT;@^*w=XllrFhCGv3_!zeIXV2OX{2DbrnN`WC-oKGX1^`3Kf})fYu~_q{AJ?xVq&f2I=%< ztIBgnBwIs^PDc^C>jvQJktRuxKh9JHFw%8n0O1|3R?|+RK6C7LUFK>QbaAjX`_%t> ze{$e{`?>55kHRMKG>AjlsQg&dL8rK5e%MgWR-M?Zw?nOD|C{B~w^exiu&iu$!Iv4+ zrF)7UU#FZkT&m3jB(C0YEza@*Tszj8X01DSr97n7{A$fMKyb)Wj&{ATa>R54KPhn0 zdg6XF9j$hOx62pZ8Hp#XX7w;0{rd%)0_wNW2a~_6?ISX-5hPDo60S)CI_;}}(V!tm zc*(r7uR~Fj>;22ofn+x&(bEr63zv?@kgDC1$=?<13Y0sa)vhWyJnRi})T}?e^UsFO z=$0eo`MkYCVS>m<(|U|1jWY8LBkt)r=pMCv`xXC63C>+PJ5+J@Q#1*Txgg`ynWCg&^_sG(~GebEy54Ys^}O zjG;ufPV=8RBic;$J5ehbi=0?g(@zGHCI?rmnrR)B*{18WE^^JG%}_D&bPSAQDbV>z ztg}H=zGG8&XPdVCuTc|v1BZ6nbYHd0jrhZC^=2`#8gidmn6zu9_$xu`Dg~7Lz0{vw z3q|6%?~)pAG2jPSGRKioR{m&ycw|<0o%K z?uMPt9BagUtY6zv{E>eQ#^V7hQ5@HM0npQoQ%#4 zCo6j)*9Ub;Hc2g;&vmT_sK6P%ZU4@3w!6ftWbpq+rPG5TE~U1LNHawrPUd@-Aduts z7{hVDd)st8>Sd$dlzOSncB7t!i)&NcZb3T#@F>l-%=Mn6vqlW9xXLuXOQy}T@L~YT z;bt56*qSeG=W3}7=){iOA>Fd;Z3pU1 zz4@l?(9WdnU)^(}7rtM5|BV@_tUC(Z8>fTrXCw~}zdz4%T5qYK%ED<#j1rTu7FZ1t z6`xU0S<$>>^J?<8#;ke?JGRQMPP$vb_h|F$xFY5m%77ZFDdJ?2>SEQ#BSD7wS=^qs z-XAU@W@Dgo%D8*xrmxS|u(2^U#6ACsIaKqxep}_es<9`s@1mJY2GhnRI##9typUs) zeqyYsvxj)%tn<}Byu!XMZ2d%aBw+@Kyi3#Mkz^=sn_lICbX8LU8H}X5AsC!x-4a0zNlTsWOS%j1*S8m^H9ln0O z&41?Gm1I~%sNHB`cZAq35RACY{)okh^lrn6|)J|xGT;00JR45iYFgqweJjW1)DDui_wICMgF$P z5SxCYM+pBTpQH@5B-=JS!6TxVBpb-w`9+}?dF zzFOZ^W$P%U6uGd(Yr+t#0nfE7oB{Q>Cg*J1Gq3EBsEe806=r#Yg*}DAu*C>B{FM9O~4?#t*tdXfvRU*60p?~KT(#&+7S|KdG z3F}9#Ut%lnMMK>r+nV^+I{O<1b|quN^2^xT95~!i2bQ4awG-dk|?>}j*PW( zu3f!_@H8Ope7fAsZlrI zHwYtZpV)P&URM=HvU-yXLqT+q7T&loIQgi%h83l`ivPGy9}lZ>b=e%NDU0fIPFt?)jRIk|0cPll)PXSk4vg=*#7h5!kg*o4D~h7sb|7sIltG2QdcvPU=k%40OkkV zB?1GxpKci7y<|f0jSlCxMK`+(Eg5_GP2)$IvwDAF2bUgGpEpGnM(=sk4etR!NQc?u z-ddAuox|mSRT_BlB9Av|QT`G4p37C*PMHQ=1+y2*m7(Nt3V)9-tej;)rMp=pF?tJO zHbvE(mW``;LE61Io`o zr?x5GAtm#1$~{a0`Z~}0&g|^(NBco`ac9h%W(qLNzL8NLjpgt0uvY|;#OB#r)R*`R zkVWJ;eOz|u7YWS!Xg0QyY47H!TMqO$Hd<=g73N3mI*clATYF_QeKX#8lQZ5E|F%!@ zFTcOj0xlG;r0W+QZGQ zlxE_Jt*$6!!yBL8d{Q+GTG2$nv)Aoro~*mbEJElb#4Dvkj9jNY@QFZ%bnIo^NA~8> z*OekA@vV;7mF~ZkTylX_NNF{X2QVrb6fQFDkNpwoj~v8vLU3sjup2#3USp;C?8O2B zQMOimRN#n1MVF)f=zcAR&UL=jSMAQ6xs&R&O~!^SLf;9C4Q#yVN#lJ=eK4i$715Mc zo|;EQ#SHVF9rYBl!r?p);1tVQve!?}`E+Qm0D_TFAC8QoAHhDo7IvbH<83u#18sSc z{6Ze15nsWMusaXLdE}=?0GBb%R7o`#uF_Y!;+S63!z9Oz2w?HU_|wQ8g@|bU)xN%u zlI4%0Q_*UVAz;tWfT3*P4w8QOv!Yk)X!lG1&kKTZM$^k56YUB6#nCg76V)z9bt z5@ZHdpp`NR{uVEk2^?*lC}{7Va#kI6$q}XDdlm6;Ngb3jCWsny<$j&>oWOy(hP0+W zKK{3vGx;O+=4uIjlhASyY8rJHDG1JeiIr778=aB9x0Mk|I&~v;K9> z&t3EP3uzTa~0w~*T=`oX&Q6ZbngM6z(QJ3LLk57 zS&0S##Gt@pt9u^=n$vhL@KL!LJ`vXW`RfmjAt}Z-xn|z;#yD8C&A_)LLJw(|1FaB3 zV+O^&tV3$D_;_(zZaHk+3%$4OOh5GmVBfZ_zSvr`u~_z(E}6r}s?eX|olO*69eIf@ z(B*HhXqh8_zmeUf1(Q6}N%&)b{!&%r_d_lo>JLHHqxXmv&{Qt3_N4b;lQ20yO718s z;h>C8y+_{{2DZuiiP6oGpU4!?r8#?23X_re>o;LWg2NV@gIyJC*tucMcVB&r3-q5h zqv+xwFuCX+A+LhU`dx10E`I?#lAvC;bvo{{&cX#xdELr{5+SrYd0ee~X)AJOfv zk#vI|dvjkZe95=z{0M8kO4;+DGwJw!%c)XX~B4+UehV9aR=%!vd3Rhic?+=kLPtCIw_V`oQoq&7aSc_ndjll_ao0YO4;{+T0u!H zT)FQKyS2Fv|8hnBvA;Ikp8mey(?M4AQ~j2nrGdt_drN*;{mPRylKuV}mPj9}6nuIC zPtg04A)tgxr8~?!R%_s#ie3BitYX^h40Nmrs$f6L7_KQFD)5ZF*A z9dGE!74BiZ`?Q~>*;kn{Z9i5cJZEJmnv{|ub&X!|;{q$Va2izJTWmKwO3gUFNp9;n zU-!_j<^0v#EoH8s))@uyf2)UmXFrBo)61Tfz$oiD26)Xq6>FBl7$2QBESg@m7>EOy=jk~PVxqD`cOFhZO_hgYM3nl0u{G_y0 z_MvvuDCQ4ZGNCx_@=rIq%)bCZ30WyY^x!f5b$stLV+!a^F-;jNegiBs}AJHregZ&VO_oawyvA`fq9U#Cl|}c5)Zm8tkM7 zexy56@;6Oe3)9FN%FNS<#;N#;k!#WiW+ubSP1U7z-(o(xKi+?R6PER^sn+ZZRCij} zr0>LZxbbI-=m+XnHPd5gPZiJM-)DcJecpr@ych1J%jA@Hqm+l!9wZ70S531vzlm~S<4}~FY8$>K+-{>K~=ucx?o%DM+PK~9|6aGeqZAs~!>7!4i5bEU z*STEh1QWP29nN!9G?N0OL#q{@wAYV}X?D^T9~n}pM&U`plxk6mvS*Y0fa;49ra@iA z%10oXSMR6P#E{bc?tsGw7T?f|Zk69auGnAp>*JDkSW#%5Q$vTyY-xb$8H8#?M{y7w zkkaZb8Q`st{#I$chDQ%KB*;Jyo$=sXtPp%X?=ir_*Yn}m{lz^fpXs9>Xy1qpqwXP5 zq+72!6B>^fKfYyHq_^eyg6e(WV=}2;Gs9pmVjq8aif41H7ePn-|9gra|LYY08Nq$; z7-Xr$t&`3%CJw~T%mo*HKpD!wH)f~g7345NkNiZ5DaYFR|~H0hKC)RAx~&M#@VmXs9mjp`adl2NOl7^fS~3?_rD%Jc-5 zZvg-g3jug@{5ALCO1Hx}`TsrKrXcadz>wo5sFQY-%C{A$Dqt4#b=Ct*K;O`{_HquQ zs+h8hx>NU$($oq2EixljVJ!U^55(V&g1{#e_HBzRWM=X_XAsQ;_|zp8vdln7%T3CtAh7HJWFSP(Zx+fUj&6L=4S#u1`&qX z--fe_RK1RPfT>>~VWO2qr^j{F6gl4<1BFb(O)@^`du4Nyf z5jTg-6xa<^e3-A$!yXD>{s;mVT|CXGlkFJ{S}vz7Jgc5_dI$i6yObCuk+WRp=@1>n zIC(dw^QyTO`*sijv62w<&=%Zf4_U2BP-dyz^!H|tX9PmgE%Z~VKT<+At^Qml;KL$~ zUmLB{vfWvZRC?CCoY%!&)M_!kN&N5-BZntTTb7!gKBo&wF!Gg`%^zyv;rq)ST(kZB zDH^xlZ#@I0Ga~3`e2-4{zXs;=_%3BMIv*q{1_LjCbOGN+u^ybFbVMw3H5hexiD54=fcd5j{d2Q( z@6qE4gN!9!@D*0#^pX=FKeU@Jn{-A7)dFYGxx15}cB^ zDjH|b7i==KBlEqM4EdPOQ#;I^k}Ag(=XXmFQ%SXtm)%}XXNIapj;GWFS(8NU;OSb!V<`HK{+Lq z7oB#0fX|y%6Y6U8%i!4Im-dN^Ey9OmA2auq^;|sq^P=f#SXNG6Thn6vu)=yy*y1N7 zR?H6*kScy^X|R6S^uYOSBSESr2+`&*B!n3M?qSlNv0Q>;`D~f)`6OMxK~%gPp?Yxq zVS_O!Ii!8X(f%{D!VYy#NF@B+)OHv2P^oL3N$1XKusl@+K%ZrqjmCAvBccx&nj{00 z78cx?teb4ZO;G5=84CHyXJh!taY`W%sBz!x*+>L=x`Hwvz?$OBHa|Yy4J#Zos7vJ> zXPfn6_LP675lI+Zbx{4~)`Ks#@#yUNC-?NT->12yxs`7WQSRp&3Bdb(To0zU)4*!# z^~&RrcNrdEVSaBn$O06JU%NRlByHT*UAkL%{%SC(n(1KPbZJL%OJ2^~MQSH%pZlev zNTI)ccaHw}8yC;6jR#GJ^F_P{p=JU35CP*lju(bi4PsMC$zr_nK~Njo2o2u)Jl-F4 zxBnb9EV!1->obG)8g#%xyg1G0@S1zt0g4+nDMpP@a+Y^bHJK->@|wgOM3rTyLgQ2D z-siC2hzcAR;vomL-$%KUFKQ`BWIjNMIh3mit6Fc7kabtMsEG%75$`&*JJp=bji7vO z%uRPvVfmhsLLu$UMlv$<9!u>c(VvpqFOD5nkH=)MUNGg;2*oqo>9RETn>;OsS~3Rt zzQrhy&XneOkx1pPX0b|LzKPB2_;TZH(6{U3jzp_*<=-muoCtdhne%U}oXln}HSIrW3rzx$HpX3QJHO;~`)O!W zM6;z*R5Eybgkt%~XoIh%on&rx{aQocw@6g{W((KyEu`}`~-YZktr!_GcO@ zjJY%Q>oSu&s$}@3YD+Zf2jY zdqU*7*8TKu-^*b~DGG7tni&;2x>F{xv~@-P74-{`Nqm=I1l;d9^*u{~-7=u1|L&Pi zwPop(EZZ}V5mhH#=eYN$ zW78WBt$yJeX>bVSnh5>>Spc8+*rG5Qu2$1eOO6Q z^sL_)`Qd1#x&)ILI8khYyK(qNgpOuqLh_$6TR}w|7wUGWar<_%L-Z{}Fp2vy@x`cO?zRjrDA_-201K_U_ehJ%3zV(TY)>rONn%)I% zm*!|1utDW-oVMv3apu$Ei<|Xv^`ttJMhY7%JsFoPTtYq_>B)))A^bP$DlxS$RRZES zVbIe>}kgw;*rw()8bom zN?h{dyw4H@i;(ITeHDYMO{mP zhbuy97XkC7-gSdD_J_F$U93}mO(avpk!dxbblI9R6>!>?eQjs9uFLa5(0Zqxr|jUW zX*UL4E4X5++Jqm_Ua&-qC6Pg4h>&r7HoybYlqKPZX+AH7HUYRY03Gr8jo+x9(b{SQ zBm*l{)cKOpVP&xd!5yzEXDH+5@GrRN1To7-7$#CkDqojOc)h$oz+8oIsM$@C!l489 zglg>1g^MnTGTiVsewFlIg@+7>PbpmzWHftkGkNxn)cF(riRjDiB%LJ#AF+gV;uXAI z*Pw>Mcst@boq?4z{Wk*m0OgIT$iFh8@YA3A^k>ui=f*zj0{;pmEc-pK&^GmexOIn1 zp{jWrI~7Tmi-)c=sT1rMkMjTFo)^RefGrJ56%S|rp)&SvPGoSj$f$+F08`Lp*iJ`P z1wZx!JAMl1TKJd|7(D9{sstLGocOYL^NDJR40v7|je?a@6~gh}w;aEQQxAOI@PJ_a zT%(*0s6y^Y{-IBn#MZ{7RBjaBwP2XANCf5SY)_mcoprwLxAAkGCY6awrpk~e@o}dd z=V6}TfNS+l4&~MN!s_RWt9UL4{Um+2xT)R?_~f^EyAg3qX`;r<>zj$I>*$7WfPqiz z5jE?dgg4K|{dyA{#{40Czn*!TVIj6Shz0BMj@8yiJTgf0S8-f_|ag&I!{iS6B5DnFKpG^KJFl zJ!L!GQ=Ct~On5)()q-3^6M%_RU+;cy`XiU`TXIVlj$Zp4RceH64g$iB4EQA-T0V}F zQn?^Pxc&lBpPac+%!;ITVoz+|S0gu60kHy@+VELJ@=ILLGs;YG|ZX>mV9VLjl znj**M5OLgrKRgW}Ig9WOW|!^0Y8t``9{&G%HmX_39*oB8= zeF0}$1=n?4&@EO%Y8%?7?5Q{CyTTY?-Vz%R9czv(AxT+D~3G z7^`~v?K&I!Myb_fs#Ka6L4l~-Ecu0YYR$oVL)`C`~7F(kAB1RK}<2*$%V3xpksmIEV z&7Ak5E{|G7VKBju@K@A%i5mBhGwu$9-90fVlkQzWho8||I~YU0`+$@G^RlJj=bI`_ zsK*RU%K5c~hI{mR3~pFrfksV_*5z@)$cNw-{vXwxx`8YW9!3#~jjIbG3ppxuS=DK9YYYbM0+8 zx+30kT9ymcP<$DW-KP8{cXY*6nU=j>+%(rhdDu>?U zWgFXk+wWGGk$hd-f$}}EsypkjS&qArk-h(x5KOP{f#mbpD%fw6S5(LdV|J7>(fWxu z(dR#QC>;)$8cS7?CB~YFranStZJO2O@2CHow383RFdCsClkPi%VedF*)6wL=H^Qu8t}-PCr!FH`k12qn;plr zZZxjpD6dzXm+B!2W6~tvrNQNUKjyV6{)YPFn%t)DA;ND}kQPSMUjEwL9F%J16C!5b zpqC4#x~rl?+w41>s_%8+7Z$zU4En%qs<@Q{tFeG$bZUiJk(>CtIr@K24%^B(x9(zg zY0Lpv4h_xs~|(4e3(rq=mT^onq2yYN1;c5XtG8Nh|cZ1kD9RQ zGvbf-=8C1cYik5Tx&d)2t_P2el+K)5u9vPlF36k1c(owRLBV&TD#V6kSMu*IypTJ0 z`VobRQDH9IoV;#H+fuZ5jWlZBjoV8o%%Qo=<52NU*KjS#)twT19zpDnl8HLAXkKJD ze^6!E&c0=)O;<)*y;P%#;&iiOH`z0306WHVJA8Pu&+$7heM>a&(X%(M$05;n@xN-h zKi}*tf+E@Ef~}ynr+)LM!-iTvM9MugIM>ry{RXhmh*`)Wq3OW2&F&4IVF0NidcUDfTRCA4P=*eWD@DA?eFIoKJa`$HNRSJdo=U(g~QT33UI5D6mf{t@kvjj!KL9VX8Gr10>U{kRb?4 z!l2)r5~TtdMS+Jwz$>Ze@m$#c2_J13_CUN+kENHuutBpa2;dV$1hi60>~-yx`>TOh zU~Ve+It+i)Txf3L;gl<8wLJg)=J=lA67lUl9ce?}lg=h>k(2I@l8lp@18KS{4lJ4= z-LoaAT)FfHFU`cw6kyhfA}`FZg#Et%`$t)E(~D+K{nLv(Zp+6AJy&MNGRgo;Z@e?D zfn!DhSE0A8QK=SW?~%?Pk3k0lnDgZt$zc3&b{| zboay^@jyz+DFohm-5+afgdVm?;gq1PrV;NUf?ma1g#bl&X})@@lfn?Q5ch`-93$1~ z{^t&jN9O+kUii|-z@1x+SqQz}ogr~Ky>b}_;7m}G=U0%cgNIY?k@VOwDv{G8qXRlL zSirWQ8L3S&!|!H$W1muKcj%slVoZkx_)<#U`bhJjS^j=61!$c6Y2Yo%fV-YCkto#h zz~bFh52agd$TL&QlKWi>fl-lb3 zPDR=Uk{HmyGok>?IHIKbjfC>C<2kKJ!=7tFaaA{=MUyiob1~ONbWbu0G z3f3A@S%23<4B?sv?dP)ZUG$V(MBh;Y6ENK(<9e@%mbVWvXJR5U9~nv?84S*;_~Rh^ z*AWahk~XuNlK>BvJooRE^IL;wBs4qUBm!6jT7%p+(ndOn_#rVO0|AG(xGeulZarq3& zlIgP?5-2b}#rkVV81?v0-AW?vJ3>1i9n37ay|uR48@zm?^gZ3Q=ripbo#H1wIFrmI zKXc;Ju3=FYpFGS<$t;x(sV`5upEo5EDtso{q-73ZBaQ%Xim6s6cuCR@x{L{^(mJ$& zQ*~X3wNQ^bZ$EoW9NNsob(#BzS6i)rSP;eVBv_u{%{hT}_|wlDGmkEo%J}x-`>J#T zX)ilJ2XjBv2|8b;2wxfhDm_Y%%FcbC|55N_gh!9T*wH#^vcgo3&hXPE!^2XMh$5dC zUx=v%mS4y8f1EqH|ISfncl*OdC*wL*f^WG%dt>@D=2(aRUu{al&gb9W&i4zEc(YY@ z6rgzmALI_vUb0)gs;Bh|4vt3>FML4n@bfMkcHTRgP_|F@9-USW;kbAA?I@=thHkR8 zydw3zb}!kt4W7rg+9#?GC>QS?Y1bNv!f)cNqpd9QjuK;<-yQTBke{~g=j*AEvzvcRt#){2}>79^$E zDCN7Y-Wbt-;*I3#DrWE4k#_@rf>kPu`^J z^>h^YEw!_AE#KSEKRuT61=QM=vJwiX_-sBI)Sm$pVPCIe?reb_#tO*@?9h1L39yU)M)8L=i0Bzaql`lSjv~2P8~xp1 zUtyG^y6Z>JVNK<-kKQNnM(LR|_AUR}{%knnHB6?b8?IlGHlrR1%SGas;QM~|H9RD0 z*}M(7*!al;>{X6JWLSGReJ2568^m~=!J*FUoEMPG6aQstJ-3Bnvxt&tq$Yp)=;hI` z>ijPeX<|~IzQTiOjXio1zZOQUVxq#r!WcTe`I-|TcQ66hv2KuOg!hi>xG>Z(^wM z(b`_a91zEnr>4I{jqupWGZPEEbltHc1W`I~@m9gyxc?sb=rT;}<*)&(Rt zd(!$|Zrx2S5a+FbwA_GBi^9U|6#4RZ+ckXDVY+u`O#XrfpmyGHNFE}(_?)jzLtOc7H;FS=( zkGuNXXnNts8D!BI+_+@yvnYG`G2Liu&kx%scraLem3vVxnA^YCx67yv$7Hw_St-CA zlujr{H%I<`H#atQ=a0}|&+#M?J#fYL0~xRZ@ps^KKK{LOG0Zpb4&|U$2R@WKN{FEJ zg70KcI0ArC`&OsmZsmE5zJoQP4Bso|0dg?jp@|jSFr+iYKV|>1Aw$r9P2&rZdy#L?`%&^f< z16giurMex`_odqxoEC%GbU3knP)!s7U0=WMYIcTwdnwy>D>cN7X*xzE@oQd-rWB~*LjDt`G#*F zHENXBXzgezRlBvfYKtPOsM>8&)ZQxzs;HUTduvg9#*S5cZz8DJL~Me{oA2-UzJI>| z=6H_qJV&1Ey6^M8&hta0P{FDqfr!(if6~BXr{YF$G+*8>N#b?8n&)R#WC83Xubr{{ z$7`p{aUux^$#;$|FB=)3YPoEEWo&s@vZ7UP#k=%NfWNOu@|F4uIt0ATr_hEuB zD^SkUIQz9x$Bz%yAjdov9+I+;P5;^e-AqhT3^5?^iS<_=oxfW8KXa;yfsZt2y|}}e z+mpE}A8oG-Y#YeNb8$@ELp^eyzMiIG2lPTV23?n?Nc{hmdH3!RriLvSX_;15saH+l z=BIIcKUQAlCCKWDTEeuRx%H2JxaWo? zFMTJ<;q|he_e<2$cnP`)b0+8Y&*C~pq}$nWK4#(bU*zoH7O9MP+mxpUh}d=2SV3y6 zs0UAkliVL@_|>%~==67ukn8o03P<8dzk4h@ux2$Q z;@y2y*H5MfGJg;A@|T%q)o+Zv^dkXNJ`F&2#BMz|o#E~e%iT2&bNq-m%ZGkwjH(R{ zrkcAVzB5J~BJ{(PEy;U)ukJj?WPUtN;x9ry)xpavSg8m%5~Z|HLv*U-Xrb_+?B~fLr-1_kxhN_zOMWbg-x?(D)6CJiO8RT zi2I+JW{UeNQ?-5X4Y~p_6S5|3ou>H(z`t3tZm+J<&E?%DA1#KQIxl2I>nqU3#uQ%Tx0JR_hQRy7bqzz;s!A+40%;+Q@qa z!hYYLA3o;iiv6Lo#!F<3E6jZ5{(DP1F{BH^V>;kS1*sSZP2bfja^>Hr*NheZ&aI^U zme<{AvfV$hCm+%WFUu#-UgrzI+WGVb)5?^YlWmoscF&{hRtAn$KJMJ>;5v(V(W91abA16XM2-6Z z892e5lU|ZS*^N?cc9O>Bi~NU@7(iX^`A#6{p!B|!Gfbi5mXD&-$0_8OrGucD-e)B4 z0ULyv98S}vfWF~TR6VFiiuRZ$fL^-iId}=+vl4GB1ti(JwFI%vr`t);NC;}Aao*{R zq7|g@N$~xdO~KhH*j~g%Gm zep7u0a6!_!{ND<8K#~1Y?&6@9rakC?3Rn`EwD^Xqlf2J2n)5Aqi>6y^xo0{3U$bd|&Q8E=9C_kN(P#Mf> zP`o;m44)i5I}L5u$ln-J3QOjg$9S>nkzQH~H8r_@0(|v&rQkYHH5+o9_9XNb5Z~BE zx?Fp(k&9>Fmn9@Vr}ZgkF4B3@d&+4*=VeuB7bt0X#K;%a`(Cht0@tf^Z*eZ%k-AfD z1Q?s3jmjXs)89nY>(h<|$jjSo2`3|^_m{7S*-Sr1Av`z*KpJZ+Y!oTm{M;4R!4#B> zJBM!KN40j71#~!AX=s7p)3YZN9H% zqxu7WW=+s-ryYGRjeGHVhfh}eHEgL0_)qMZeWM>a?0BwDTaG>nEQ;gQP0e|9xlNl? zBL3zz<$Pj9Ub!mp<9v0`R4&xxQQAp3Q0C#__ITJ0qoxP?G#@Gy-V5*-Op-rSmp{8e zJyqfqklM1aumx?)ZoGVp&3&aJMEbDbk1>I#xkz-ECoo1#;BIsk9g9r)L^W4AwnHI} zZQJ6gh@Z8GlQCPSjQ&r<0YlYfRW{T@sY-=d(pco($U+^oH&ZG=3DT;iqD87)9rX-6 zPLal!QmLvoqZ|LB6TL(ttoU{IVkjG2Wtt8<$AQbjcXEQ(na(*)Myno+y8%J}(&C%bMiwxZhhc=h^(6c0!p%?V4CR{=WC(b?XIsQkDfO!-oAWeN0-@B!8AJ&8K)-tkYAB$zq7#%zW3V z*l3ISSw2CTz0IiG@eI53Yp|AA3JJ*eo$YrW)(LnpXl>aavtZb*(}qXB;d^cg%k=Pc z`5W`qk1nb|F^TNB0=irgr>(#DqvZFoz*OV=)SQ{lnA@V?--aY~>%(urBA_y`wEu^&X$Li|lQaOA<7Cq~O&71>D&~J zc?UTMOfCK9UbUVYyWTj5Pq6r9P_^*4xg%kgnK9WF@$&GNT|=e-p7bPcb_G8<&-NET z8nD09QBv?51HmSgjq7Hn5`#c%`{2k9V@?XmqWCQO$fV0--Bq^Spvk=TtI_4GVWl#@ zlwoFC5*KULwIOG;m1j}4lX@|q_eu0)NM&*yP>AO}%cxjG%sf3k;R^{WM?^|#KNiuM>2db`@vTEBy9jgV*V-)zOsf?vH zbqL$gS^x&cYZ%6bBZaqVERyvFjXX%Kn~qG5RS&ic%)B%VDMe>C7x09E&@pO%Ve8!< zmouxbGPRuog2l!=ASt@>r6Rp!DY4ZGF)hu!sduWZbq^({HEf>u$m_t@SCLy5gobvRk63Yec9J|Y;D7!zH!{tE(1JUEDZhf?|vN- zm#-Hhak0%A@KNHLy#ooIk4a=%?PljGTXB*;TmTvHB=8xH@e08qt=x-p4WbJej6v(E zy+6p%qT_%fXuOdv?q)%l!`No$ffH4vB`LWMtRu`-ck^K*(jzHIwxLIAQM~U9I8alL zun)l!hVv>_PCh9Z;j{R52hsHp-CR@NOzF&;OeXDPDXwGEpBWglZ_t}uV1C z=NY^WR=f{gCd|+FfWXZb2mk$jLJy6UQ7x2j6ds3r4uO33pAf`*>3IAwAItZAGr~?(sPzK26-QdO&7cfe@w>6TmHl$xO)^}S64)${#{q@vYj?CCz?OL>o!x=`%(PIOb8izmlMF zAV_$kZNW~Z4?Iv!o=Lk@9LAe#GyK+|N1nR?=Icdrz($-b^s2x?_Q1C&*dElS9qce9 zK-W-vi<>W%!1O#j5a$y7IGmMP8XjX)L}z= z7~C3fg2vO|3SoM)E6ldR?g}&5FTTTUXCgj*K;mzI{q>T)u(0|NIirVkJi&V>Mljth zFi%7pKy)sqD<7By2x}W06XN?Sgqwl;&pf8r9jCPogKIi9R@nEXT|}2`1Lr%K!(#R- zZ%4VyfpSiNe{5SxPqH7``{B0arSBEG&z(#s%jtqtk}pD3HR{Mo@AL%mS^F%6clO56 zn{NH_-9(T1fs&TN?b$CmI13i}Zw2>wOx@ug?foL%@-s2RYh@o=ZJiHTkq;f;r(h13 zrIa6N6zusFm0-us(tBw$A{1;bDb#q_o*UJ6`(Vv#fM3r%nM6wZaj7=(=}#VccQe{zpLHNAZ{~nR1sxN7D`R&?i1-&%2)LhYzklcCA7o(25e@T=T05 zJ|4d-uTR-#3_H2G*x1C&oFTw&4oV>Pp)?7e-|Q!&X2c+j@9sX*OWexI)V-_GEMr8* z70&$JO?@asLf~~2E1Un2qCD_=D6{HDX0J$F_hrU)PaPsd(U7P0yWI@sQ<4|Hi!Ip0 zzpBXTJ7QN1)Sun|#(WutOO90SJIjikrOOM4?szmw-C<#o(^?dw1)qnzB2Z00DsYwueJ+Vx8ol>xo}%+*?{p*C(*TjsmoLQaa+dbS+rV{KV^luE+m z-`h)w&OmW=H(c`+#$QwJI%5Tml}CzQCrr+NB0UhXPUZxN?O&CBakcY6!-@4mc2)+D zrz_o*a^28?Ys=tCjmC@L(Iry60pE=Zx_L_QUjx3^HuM_HFk2Zs{IVyefF)X4zMk=3 zy>?gP$i9M&{=G$~)Mq=v4y$*H5vXVotgqd&Hv8Gw^tn-Ixy_hlH5Za)+9W7h8lUuQ zg~NO4*X;z=`!ehvfq(5fEl-MK-SpCIJnKK9nm*Kg0y|6@jHlNHXoMpU)Ql0;k&LC( zF?(P7##9c&YephAHa1e8djt2pSBULsjL}p}UFQY+;={5=x`u+IX%ce0I$7+6*2a&nO+@ z?CgT9DnuWhA)G4&V3_dNnJ@b47U=m-GeK0HgPR2np5OZ7we8Tn;g7?5dS%~u{&UTg z^nca5M=AU04r1Pays@Y2bm*c8NEZ1ym*ex0=XmFoPi^)<+i5YE)!`S{KPn|J&UhRn zyn~ewro~G{P9G}#F5uqEcDiT;$(d z5mT6M&>P{*Z5wfI)-u|+I9l4dV}sKtRc|>DlH8$laif=4ABzj@8hkcEtBCHqogqu- zb7I536{JgW!crq%=>TVhJV)bCQ+63SjvDTO(`H~Lwb_}#OHY(WM*SwEleo@_j25MOrwP>HO>2vqp3YK+TnWT06 z4{WtuAEf=ZN4PT44F_+6;4LBQYr=%p3PCatz+-NJ>vbJXIT=@yJ77cZEcpOK39^P#e~;#|2bbgTA!G)Y{VxBK1I}Y4Oq7^T@veijayA{)aQi5mopS zv8AL=|8Is}=2{%4N}Q&^Y?y+@ya%E)I6%j7+Jmwe*g>7;$62a|WTUa>lw*?ZtXkpe z>o_KeKKCZS>Gy3;B!Tu;zuOp86nBDwYO!=JwH@)U zK7#Elme_W0_y&cr%g)+Lv$NaEhML^vW4_d+YJ!-~?uJ*_nMYBKR{tC0?-~VPSx@>T zk@=nc6Vu%k%etzI$>9#dthH^8qIkXC=9|E83MpgQq!d}N&LU!j76KW4^eRw)WEpAR z-?AWkLjSDu6J+A|$BFcw0&=p5dutED#Udo%b_#Cse2ZaD29kkoy?!Z?Y=74q7pl%# z-%);Ln^fT#nXOd)kap2kIYY|XBg4C|Ncv;%4P`y(l=np|7v@cMPPyCDyK9dafjxP6 zT7uw6L(eb;h7 z=rxI(wR7)E@M;>ybb_h$!-_)bN11!~qUQZQKo>n~tIf$7PWSIcK2UpXs(om#_Dflt zBsnFJHM*?$+k6fYfMn{eeflG)tVcDEs)76$!?b{DsnyQ>2qM_u$o;bR!k!SRC8kY| zDod&lPs{i21E5s_RHLyGw~aqP@#{$B{58F`)!Ff=fMr-NDCm}VD${cgwLHw6$96QxeJDryq;e{}hG)?#Dzm z!+p&^CkB}Mt|uO@WZ$GHpZVHLmIBYl=1LmgG!$FZNXsJtt`VG0zkwZkXKKOZbTM=R zYm6OL#uB`{MbWU9^*(9ziJpO_kmma`M3NT?l~`Vy^r}$U-_q0?Pb6k5Mf_9Y+^5d( z1Qu2)vjQmLNu?-OQ-M^(t;r!cVX3)F=5;jtuN-MIXZ{Z?fbU9=F3^qF_xRWzneCY9 zy3LJmp?iAlY%=a$VZ3v0uuhMEyxHyZngWVvzFg<&xkW223IvV%|0Tv3h_GMCnOU?X zD!m~FUG@?^Qgs7?!$9gsT{{);&s5+N#%iR*=T>T&tBA!4X96&VH%Z7O>5Lh}zl5KI z&OP|gcV9AF5o3NQI!;e^rfvvr%qBs#W>qv1Wz|PAa3G;hmA+UyXsrZ3P>*Q7G5i?ZuB_9>dtv2C*9ErxZk)z((K>@1f&RlQiYyQ(LLOxzJV<>9O#nVhtX9RVZYl~^Sc@r~9uZ(Wh6pyNE;6rfpuBNl>s?F@UYkw*F;} z@l-HfbUjn-e_5-j@{|EJn#m&xs=*(Et1P`(v{)lUFaK5cKsS} zU`yVqI*5mtpCLz0jua{APIQ*$Ry#^%RG6@xJ_LSS8Z-KD^ltRBQsgtvXE=e-JqbBu zx}XpopC_g(p^D8RwAW`1C>+lQmAr^;nf?9d7i|{9bw|(=E{X63;Etv`T7?H&GoqN- z_Avn&4|$nVQ@lbizK>R{=ek22W>6TtcIKF9xBT8jV)6844&AXNbmuJj9VVQdnIBUa z*g~#k5w4_CA22Wa!Ll5t<@u89iJYasnP*e+D>dA9v)pX_Zvkn&h9409dz2jl98}j^`t906 zvo=pt3M9zZC|{pb-Eaw3HI(R`u#&4h<6pVu_ixDuvvX0=Z20@eCfYfIZg@!;czxMb zrK`eMpt&r|D{NBxXx~KF^a?Z*luv)%ViF-**)MB$sOrpq9}hyID3=WHNf`p<9=07! z{;E0{l|^f9e`ir$tu&+1eBHXoaPUGj+p65~F3ouS!i_j5PPF4%^RwWuXd+?U=xP0S zg2?)*Y-Y(_O{E5yz?Qn&#I*fe)2pXRuL9{M%Su#spYr*Jm#kVc-Y$@Ns2tU};kP>y zBXPKPq&;2&bAZqOWM0yVl^}iQ*2yiSqRL@!xgB5fm_u@w{T4Z0gksLU@A+ITKx zxYpI8!y=1qsniG$&4b4(MpO320c;pRqw`{pt69rdv9wdNc@<Ye^G z{nT8&wOU%b=O7^Rjwe+PGOv+c@(C+bQDY*hWp%Yf+G~Bc`xma{Mmy>lMCV~VI2rn)7GjI15`3ZcS@S1v~ym%i=b~?^w zU38h@b#n5j5T!$>Sn6p3nDjy#oRwD^@2Qtku63PPo6D^Qe_*NSUNDbR>U@ue&M6vG zx@<6ZJPnvCZkw1!8&hzQikD=I*Kbzl%YGx5DSpc_^%X5Y2v7*)xX04)8LM}g=^Vi4 zwG2MDb(kuK(f{ndy3+>bx;WjP?alJvXDXQ~i-U;YCRwTb`q*wk>g&3pjCF!fXWAN_ z=S1$<4yAZERW0wlrubF_hM`VB$Ly`92}4M9K2zfE-va;T?~K1EWNyE$T@_g~S%V|Q zjpp99Ubw%o7J`WM^U9x53_mpVcju6}dd+e9v%-02mXWPaXDQddarq!rs$F{c+};|$ z$r03eC`WpEBu9oJhh+D;+UiJVjtAMu?h-M}mr@g;cJnAp$k?s0P*VBi zzt1{LSm{73`@Nn%%Dt)|S3y2b$C`_AX{I$yaE<4pV~~JV&M*a9Q2^MJg~G6U z6k$!+Z<^KD`@sasPEH2Jr9!A>-pjx9kqsv{@@{M7P(m%c2MTOdvgL24Rj{5c1fCFc zfcmv9nWZa!p9l1`Gxz)cd|<@?T)4}PeZkj_+2^-qlyFy96H(ZAfyJ?8E2veSFI6s1?pN)e#2<@nE|FLh=fU;cY&q*ESm(i@r@15Wm>2If*w;NsI~ z zBb*`|-8XxFYp1_UcijsZILAAIbM3PXj|r{tM+o(U9tY&chK%*+*z~n?$$|E3;BbrO z1D=n*o#bvQ=R7VsT_frT`TK3=WmkB`tG(lU;a6Obc0Y}+P3z=Fl_5gT1VNK>qu3Kt z_h!Tj<&ft9PnW5r*^<*-y^CAJ;7AFU$lHz0GdXip6eTz6>epG~B!$!*XvR~W#`WQO zUxrZZH|{#t5mz|v7B4XfVv5srbUaa;j?>mIfiecLbNz}QWW-WBt$HJOXVBWn_p`-M zx_m5!MNINfu71tO2yJT56VCfTsZrcP%VZPg)fzU)IMW{oL=9jYb⪙17w8KDf>Y! zReDm4-&=!Bsnj?i^!l8G?o(Nc_%xmGu8)_3wO2E9Hq3HRtCSXQ27-b zD4RBo=o9nQQMKz{n90h-5*R?_(|>fx7@yoNP}SuzZS2p^kPY`JF+3nnU62mZrT+x# zX>}axW!l`$QOs{c5O8qY_Ix#^qneIP<1uqXn!9Y*w*b}y9UH7eQX zrNq-Y^?+-`yUR!n?3gEQ>0hz8B{3>`u-cEXRcR^-RI|3dLlzHc{+q8P}6N;HbHnEWVaSr z@2G|rvz?k_4&<+v^q621H<`be-<{MrW9U|EFjIiG?H`_HQi+)8dZjiR%URGzI0M`g zJ#^Y!8?h=_&3O?Kb4fF^9TZF@N4SB+_D|mg(<$iQUZ;FvVmUcXzThsm z#{4SzVdQzijkvd@=~~>t5AIv;w>4g<@9wE%``licYcj8E@2@F%)3v%aJ;yii3(o(h z<*4@49zRx|FEe%hq!-}%N90?i(Vj>TA;l;8V`aG4pgWd3nhz`Jsaq&;l{E|a_q@(o z6n07HeI^)i!tO;ntZwF-3Dh!el?|mcbSX~gRonuHALXb7dnoU%`ec?zIDOqJnS45{ z344`eXI!`=g=L<9c5K|&`Dfbac9Z_y+PRM#{5fpFPJHce8Px9jaVXx$4N!=tIyy)n zK{LG4fwzE#!ULgoQSo=E`OL_KZX`IUK!nJq>i)y~FJBJS#^W`wXdtHed(x4S%1xFlA6~d&jpy;cN(cVmmnltWx8AW?68HFr9~K`A6W^P!h5%K=f?K+DsT$mG~+(I)%PrK?KO9$l}6`*mB!(wN=S$MvzT2cg5nmbwDi1i zO9Xar^pqT}V!@CQ z-FIh~B)u2{eNt;sj-Tzs1P~<2|I9H2EEgb~uyI4mDnB6Tk*ml!91@d4n9I4&pMfXC z@&6Gl2#{3#a_`M3hWrK{=!ss=JwX0BF~I1@T@xLTrlBd3PXCd{FM7*OBRZC-_*)v{5@*Ism(WiyH6u2w@4v< zBV={$WPeojm5ZAMD7Q>399v6(Qv-EEd+2 z5)^Tcbe1UJ?a`5U3ws%iZ?G%;&RwmVPqR4EA7J%{Mqp%+jYYaPJqhA-k@v;VZGkY1 zE2T8)pFebH${R)@y>TbX^&sVbBa*^pHrl@T4p7m{>c}kNfcXDq0iddQUSH-YZMhCC z^5C_c+cFZnE_xvqJ~ zN{b1{WAtx9J5RD-RW(T(_mnJG|6?&7@x=5Hm8gb_!>ZBuqy8DjmN?qmj5V}C68)cf zuldO6PadT*u60s+7Q8>S<9e&3;_^seIlU)6ud`dnve!dK?47Dckfp56v&?52YahbC zmF+Mp2M@{mX>;ELaFRUmeDt{RI$V&9>RFG6K`pae=jSpKZ)Qop>FIElk`v)iapv}n zZ~G`CP6X-($!oLdZ*9Es;Lp?Seq-A}%=X@5HLYCR;GD_V`k2)stY_*CSN2daAvr*) zL$!`I`_WRI&|RPDKepL^WK?w;N)tX*7eS#PAC_Bc6MIFRlolJ@&1SrgScoMl{V{1- zO8WV8WZG}>*X3Nim60p;j4Qv2r=#+oFcuuz0e^jae)aHe#^L|#Nny8c?`X`!r>}+qs}Uvlb>D0gCMJY?24lJp48E#qq7ZmDjfZB>Hwua`Y!P{>o!Kx14d^^>%|<;l^nkW|6R6C=8UCAKy78+c8K}N51>jk>3C3xgbWBfmiE?iBqctt)N@x4~^Jiv?%W3vE*f=Kjhb_F zxn&)~h%IpRNbxEoRVHp^$Yb={%UcO|GO42kFSM93UY^8t(BXorAdrJ#08Q8ZtdrAa zNQZxMR-yloGu1@}M$Qhouiz>$rA$_vxBSG}g9ST|(`F@=<0lXL9_q*#Au&(XFl}Vc z=doKpWOgk()Dt!PiF!8!A|kRZXR5I2E*wf^pxM zrf%oMjP{%+!95_kA5kPBfw$ILHEZa8%6n2h$`nrKuU1_aPr z^3^vF2h1fRNin$?>oR=0*^Z_IccnEhO8aUGN}+c%R8$F%Oo(saoXZY(t0OhF|qBCxRSBv3?_S?mu$Woj;gI{UlLdSQPDu&HcO5J; z+}5u)7E+!#FrID*Z_@|phsJnA5|YD)F8A5M_)*2PvbxL$uM+TAsKgECiVbnw;V&I_ zB)$@lX;K=^Rvo`SED!OenZle>wBjZTWAbCDpAAkb3RvFK=`E7%vokvWOx$|<_uJ(+ zKkdjtlX=_Ae|E^7Vqw4I^|Ix-fQq4SwL)*~=oS7Yco~~#r2@3uT2>pc>uY77FFRrp zwuPRYiJOv&wV{Z$dadiqqttWzv^IS4w*A81Y=PM8fVzM6O)x@kSmC-m1PB|^iiaeC zdYK-_^3m8q#~R$mwC-D_5NX8?jD5+PF@U4_F~Kvk6OPCF zUVNYA?}s#+TMs*q*(FKse%CRVX-le$ULeinBuVq|9W#FKd!hY@Wd7)QEqv+5K*{a! zpL6C6AN+c?zR(HrGTxc1L^h7Ew)~pk8KJLc_NiP4K2V%Bz#(+q48Lk_hHliB*utA> z@9y&|$LzI)q6ZE1igs#UsNE(Soh zS4Ef7y=~ola_?XlqAts4)GA06s!htrw$vbeV*VpE&DVEjiMU*RY{~DIEo`(uWS-Y1 z1SR63rFe(5IS%qYNpHZ^Y>%gZ@Pw(zO|DqLFJxQvsMwujh3IDRA}yZQvLcw9>^LK2 zuv^@=jvX31>nEmGPGU}ztAZONFE3q2p1ruaZ+E{k{@vmNHml70K` zEE{(##A8vRtAG+-d8Gtd#q8gdZ$AFH3RuLQ_muK2ub>zw1KKA#9-|WH_FOi;g_O5@T+LSbQ1J2o|wYA{;N=<4{v`a0(g%h^lP7K?Q635lt znknAB_dUIJl{jF>c0uavd8i(V)?T3H6!)(_nuErwwaIFipj4c3JIb_e6Mv8HSfO6+ z-srGkPjugB)vI6z?BpEts~5;+Yi7AQLr&TbKs~Fo!xu@ z77C8HmhQoBjss;>0tz#Fetf6caj1wYe;pK6ZC8Ae(9}@V}+$f)QqfqdSUhK1svbXn7!}+nGZ`YNw~Qf@A}Q5 z!HqKR`x}?nd6-}8MDcTh{uG-HI7q*IgWH?3z@qlz?QsEUR5toQ zU?Or;3Gb`wHus>+uIjw12QS*6Qgc!KHURmi9>Xl#dwQJx>3Q?!5@xM@|-LMgFMXMk<$ zv{nHG9y7LaI@Ui!vE#=hJ2u1q6k=0(g%WHA9kIXJPLX1ZD1f;|#ff(IoT%<$_RKVP0}JX14b2=84v zPZ3`WxzW7t;iXnV9;N9|#j5pAimb@~)6ZhQ1Ffa3JQZ+{NgRx>Ug1SgND_qPWjtlR-T%d>GG zHQTni4Z#%_nfCM_8nUi??)z3Rn|Q(UVMXD9SH(V>C%N7cjC_i8AIB&y+cO8uA~SRu z8J-d02g#oj4l`>g+G#$1&6v0t^4`DMgyP`0M90%Ue!x7qHfyuqP^{t*VvMp3`G``msjZ8{@Qd{+kAv0_m%xWwZK;>9PQQ7Pt!?e zxi!lgVGHHDs+xFZiYL!;6@XR@ z#Z5Z00=!y*Ry?hMSe~=N3E7?mms;nkK(q5j65U?gu^im;d>^KOg`Av(;p34?c$u*W!X&zbO!Bq92+?FDe+G z)4400rW+cz?#qq+>hCHvHBTG*Eugx@J>=P>rqa7hSb7;Nl|buSTDH!@PG41TO$KJ~ ze`C%Tv1ru;t=X2G9!gb|R{w#@FU@pWWNt_vP+!z(juPx~0wz)KIXxBD@+gt#Qcl@Z zLLw~FaCAif+Zo9|fwHDU^i0K&%zI%aj99-d*ws<}hTT{v3fksaV&_TbAr9&!RCIiG z%?;Q6uZF&7yVnH{klBI5nR5H<3PP>MOTsI=?{8j-vEFIZ<069u_{Ey;z>?JGS{yIJTf;?br zu0$ss8~+yn&xB;jcfZ79`h1P-^uR!oHS0)fxk0vwuaElT>Ph~rF&=~Xg|Uey6y{|g zqij5(L=##C20uhL^VZ%;DXh<18aGryOVg_@1TwvGa&znyRKP z4go8VQ6t}9|6(`f$}CddOHJEQT8N#xwiLPu9o60N#K{UriL&y*n50U_lwZ}jrMyFL z#82ni2^-@{cZJ%ch(T^}n)AFJ4sk@6m#8@S!e8P0LU?(F5&jC^-CAEh`X=*@tdQJr za=>rR>!Bc>cH6B2`Cn4YvV|Uwb$h}r&zFyt zPE?gnHsu1D7TF3!wBH_+<_{@Lv3PcFbr+P6QEDo+YXqe%x`W_pr3oWPey}+OOyWT;aG#v?aL>wz7 z0~4o#awLpe$mNlK5dORZtSFR;zQH;B`khlOAMfqk1mGf@1FqJ0i2_Hw@Z$hT?><8| zZeV{lVAIWX77GYCX+)Zc&^8C0gfDY6fqSJ|Ji)ALtGhQ;eOeD{6*ea;7Y?s)P8+Oi)zfVjdgvr2i;Oo{ux!lQb(wkl^PCDa5ku?}l?|vC8 zKry?1YWAGybP=}0L1xM7w|BSAatXm?G32fe&wFGFyo}5G9WlvoRwG-U6zalwq7X|F zaDz{~8240G3!BqW%JB1I_?YVrmbTJk;yBS$3Po+SvXeNm&MFs*bn%=oQJZtkeA1is zzolBGYZX1oM}Y?`$p&n2G<)OPmSI=8<;xBvh0=8gQcdY37kLH8Dm2@$L@;G}C^h*Y z_ETYmMi8@^g=h`Q-o@U+{ZI<(q2+Gn$88DT+A9u(WkEK!<((0&sIt-hky}5dY%L-I zt-2fBsLjUBrN*oIY~1`|uCKZGkkJfVRb5}$SNoA(JfW~F9$YDj&T#O-mQ2Ccfn}qg z$Bs*)@`ui6XEN7<=!2NFg;9)#<+d3iLeCv~Yzc+h@s>BcGWIx1HLx>%CC_Y2!G9O-Cit%*IDOsy(E|G&C$!mHbAevZFHLhA8#2FG(hA*6C$~``2l>ls?SOdehc<1Vg_>l8#81ar$EMK! zy1XI@aL++l5B@A><^qn9J6*ms!Bs*U2_MMhc>PhB8B>&f+nqJxLrE6J_~r zpxvK{+Gl8f=jLd{drObpYU9FM-4rGJ>t%daeZ4h=b|IG0aK0_~oIf!RmHeu>V%|B2wZWrDUaPZ*nu zQhzobc+l^5PluOL10S^Ztf`k6%4Dwf!7ftP5)jf6S0e8YhpAI8U)ZhrZIG2R6gSvn z2K04|Io4OtB2BM7iduFe4c}&${~ylYJ1ogQd>dCAw$yqWu9V6iElth6L9?_nA=5G^ z<|xUPdm@&Zm4nJX(HvwBaxVl+bMKiG7cNv3Lgq!>3zV7pL zUFUgT*JriDeTC8?1F^MA$Uf!9?_3NGBEBpq%1T)6cWAGlWK5P+)UEHr5Yia8_bX#N z&n?^>MhYn}G#rmP-c7;-jxMmf@pQF%&gxB=WL4r1MtKuSGPUw&uQgTXH%5$&FEnGf zWw?;#R97>eOB$kfMSIX@D7V+0UVVGrSZ?c6ZQ4x+-;s;;rTcogYop;;KwlE>uwxwlP+P%I8F>3jys&-0OskKfL64FMW4XO% zPP0)<*C_1gGtwU}XMQ2GB$!dPtFMD-!#&bUv--~;9lycgkc;Z5c(S~bTt;dVyT?n7 zs&1@E_9mZukR{%j)|R7HU-!j#vm=?KJJ}hn@Jeno`%UdjEehNKH zH0(qs0vZArbE2Zqeryt9zjRCfXC~r+o&*vqN+ zM>MHzWCj&#C{y37G>!8lJGYbyIsLlGwelnRT?^LH{i0J!TG0tfY*)?VT_umJ(SawQ zvKFUTs&wCtyfKL-Sf9UX|0Jf%VpcSmhl--hQI{Kj&q=yK^N0GBP?iGaJ@8c})HG`W zan^BqsP^(LHyMnz7*o~-F>c_LfL?#XU#EP)I3n!A_Hd~j zOLW6dX#7a?FYZ#ppLB9A#*|P(6Ibh3wLW`@&W$Z`!Z^okOB&^?Pd&CgK-H4UAzRdz zsT_>%ElJT%0?S(1BJ9P;L0S>@{^(4P!iXhyF{eZ}Anyq7cdInjXL|Kw<$qjq5{*S* zvDUHgM5Qt}PJ&y{*dqH%$4Z@Ul+Y0CY`X5!a?fbUa}JB`5&bg`L{(QxTx@iAVI$by z6i#MLc8iwJ_V#HN0Z12nE8;?v!k%B8OX=M50b_0it`8Y*`GlgDSRMbIOt8{e9^gR! ze6aXZrR+qPkDp`peR}QQmGa9p*hYG)% zLj!3AQ%Sh(yeUp8hX}z6sA>6jZ`7YLzfkKjLSqNxcY_gE^Y;S8<01gQ&BjvnM?v}B zAw-WrYJmHE@M&YK>V(JBuxPw8O{6b1=|YFU6+j_H(;|MQ`jDJ#FOM?`NgE-?m_8dj<%Lgp#e zSkD#zcK0zu1Ots=8154>_X%i#Zjjhl3HlS&9Cpd6NVB|Sy)*7k_4s4MFanjT87N{-jtYf8N!j*Nu~ z&qs0n+aYF0TqwK=idzW3=RnO-` z2lA=so~`{FG0#tn+Zp9L5TzZ3k-U zd%a0oN(f2RlHOt+h=edIij>QW!V~gj1Bsc5AC83Fn%IhHRD%zy#mHb#oT=P;<|P|( zbq9mUhV6vRfoTDF#0Fs8T-&&pR=2czV1y%&X>IX~w%I9V!&HBJ5XSwBuw=W%Vr$?1 zP-zIxw|OA}bt+_=tmT4p+RpXpl!02ow_{xOGy?5?$E#Gw48@qmG8aS&m$-eJA@4%; zi9?vJyKx0J0vVMPRYMm0>`M01S@DCPn7t!_0_X@Ykpvpp+e_+WFdsZbuhfc%hSqa3 zvFARMeh)tG55>-L&|wKN|G{H3BGwoNG-KafGV;IZ-?OCeoY`@@lao%4uo;J;-w?hf zOA^jBe2?Mk5N44f+X_XUJz1O+EudyFDsHLY={~_8jKma$4@L}mu zXA0eY5)6|JK*NxfsAD^>Ch98#h8 z#M;1at7>^MaSXpT&i25WrEOxyKw||5=FsPmXH}(|x9ABpJ&%moxR&KrKi3(zF%kB} zGo33G3N8rZAK@BT$Xy;~e zFI%3i{aY3O=Uu~U@S+E>t!0_kIxdVLeT--c&>`*P*Mps_p6;_paqK0i2b^RT31v~_ z*_4gAT1}yu7)Y5X3n@>r3gjpk(U4`^VkXh_U3IV^GsB^e*uIkdO`F!HiyEZ38BJ0& zbfgy`u=4c80&`7V>~Kfg#0^xE)D%%D3{!kAzp~jGD;BV^(TIVQ$qNh8Q72cnqYf#;}#s2gDOmBow8`2^o(Ai2y#Z zUO(_}*N_cD?G z0HGFx20^K3gAaDFDay4eKOU4x7J`Fvh)jhKzS+yS-xHdjYIsMNSbr+9E*loKoUU5h zNytgUJI!^JTnuD%r)kiJY05UCf!Msb0-Wv>Vw6nIdQZhFy6ZNlCRzWwq9x94Gkq%? z%mG?a>Csr_AkrvqAuITKL;J0>E)X4JUUslFMsXbKWNfZ#yV4;oU`cZ@3OqSMW=)f0 zOp6bw_$@WRUhMpOy&!(up383w&CTo#MhaKSsFe!~yzkKt2BWXqn6Ir8%F}gKzzr1J zLu>UXvik9zHAlaDGwi`X>zbQRbN|SQAWLf3PAILk8SC9hqPRZ!qgYx9qSD+MNv6=M zj|CTEc=P#251mO@EXq8H&jt_2o1IzM66Q9O@8kPy&`o9XjFj#qPnG zHJi0W)5Bt!cgf|}!w+(1>0ANXpHD3>zg%K|;7psGN@pgB^Szq$9T!WmkHoI8AHJ=5 zST9ga$G+Gs@9dua%*W4sA<43L`A-@}H6ku&5H%fSV+#`^eOe|$GFi#w<>t<`=qN{f zTDEEPZR>Hcwx&ouS0GPl-715r9ro+oz(MlCm*wxKnt=4H2I6)$%WFYm!Qx*(#R|9}Dh)HAo~}0b1(P20t{>|rw5XB3%4!#@jk?tZ zeYOy5t~@*SGHLa>ye}jCo96o94Wo%+y&Inl4Ty6dDPB(7|7>0}B&mPH))p~WC-c46 zA8B}7i++=_sV%pyd^V9Nj|y5QdRR=Ht41sgLZBR<+@KFVp^_tTKZ0H=toz>(Tr+6} z1v2)swtC-nR7w={1-cF4wr}rt1;y!*ax*Cd<4GNb(L3gWg9$O_b!8pl27qizZodnp zEdF>g`hf^RguP3Uu==Z;fj~E(kL*E7_&|;eVZ!p+)Uu`$#$@CIox`^VpC?J<3mQfk z`1MhjB!h?{OlTQ&3^kj`{t>E6@=(S{510IY;6u-qqjo0rK z!uyZV|E73k%XX;yuZVZU^QI%xtxRzmM=K|f~M4*$;c&4(LA19N06A4 z!TV`KyS6+2G0zmjlYLgC+gu_~5xtX1vuC~!x`oKPOfrbF@Wk+uNdAGC2{q<$%=8pK zKEG#Die4oviN-qm_Y~W9Xji@_3+BD3-wodENbB5G{Z#zm+vHBuzQl{z;m2}aZdC%y zvK|u@H>gGs-Ab~=mH0-RwH!u}NYC%Y6tPN{i#ncb+7lupRtL|X%JsIfahaSg~d)bQp zZJ$sRLk84@$E*dN)gEnUAJ`Oypvv8Yb;B!0hA|6DSeI^9-2)fdz&w4EC)_o}z_f?& zB%h$``WzBfsQ1*6__|6A8h#rzY^cMH(G?emI7PMRL+SgmL)Q_V?e@G|9vne^jU$YE zjKN#|4`y|{UOz4u|ByFc6yEho9VU8+_7jPl}@ z|CGTV@QN;5IqIYi7LDeNXM5DU5;iX~-}QF?&p+4xNj8yRv5OJ1Ge84hUQ0-4CJ!YO z<#~EeN-Er0&i*agFLw#QEpgQ6wDtAj;Yh9vR|bz=K6rN~yyEJMO;n_s@+W=9r={W_EaPeJ&&!93 zgiBn=a^yF<=*x9I6R_9(Po@ypB|IWxddxX-hW~ zF3g=8TFNPCU|#c!Do6y#f`ZDs3_Xs&B3FZUC+d4c7M1FkGK1Z_UW{CueMSP=UD^Zy zxpZO5FaS2g?vGa>lEl}i4dJ-G-gjqH_KIWdy>i>X?CuG=uExKM)D{S$edD*MeK#6? z26q|P%)-O#Hh|YjAe)sZ4a;u$AuMI}qoj{O#He@<*)(uh!Fjdvq7BYBGK+aRha2L1 zrrdw`rsMo?i4wWhC#tr+Me;bxoC^-C1hOFBL5CYUKX_NRalMjg^mg1nw*42zeJ}x% zuN=H75%OztNv{pHDhmZ_nkDWHNe-I}+h#K*yyYRbzE4WT4>|-%62Q9Qs)P^u4?^8d zMZ3+POeF1o)1qee=lOO*LI?NqUQAa(Q}lHY%tmoCWhBJH-KfH*Nx#m@;i|$&MP*Mn zDUQ&cO3zJ0zwmW|%G3vL6#!R{2OObn21r{y@N;{MA>XZIdIyp?yM;0*G%;IHz$_%h zJ%;Tjz8Y{w6e6a^k*jE&O||FI!2XIFy&w)i9&`w;s@tPt6=14GQ}#Ak?f{_d*x6%!iSwAezSZphk&e zb1^0}%v_foP~xh9T4*Ig_t|dU#W60TI~s67&X@PH#XNSNGqZsv?3C8jt=7m9juO^0 zX0Uj<>Y2O`J(R5|`Gfha`lxofTesEf$!R^e8yi|CPsRdt#?LS|I;^G^I<=_Pu|f@@ zm*izXWxH}NAb4f`QE;irx=q@3QvE|YvWfqqULh#U985^7%j?C$r4l|sz5%vvKHIP* z3@z8rELK?oNj5t1*-^sjw>DP9AKYY0wrWj$Ns$&U20F<4E^B7fF1zdim zcL$-$O0{*MyKu=zzpUb48>u(ts0eUp`H$|UZ8&6D(aY0+aIZrWEhykF^Gd9=ZJ05;Y{ahyq^r^+?ZQ>rT{ z6-8Utp$I7-d~q#S5j;Plm4_Pntwy~+51V9k_i9f6R!i#k&14rMI6^i;s>tM~vAQGx zd9TD%upE4UHThGA4B?@r6b^iMufOeDaiDMRk*~>X+GwV9)YN}Y2?!XYo zuiU(50)ZUS!>B_Gi7wjwGoU{KZz56DAPL z+KNjAhGS1zLMN&I&h3VAQOrY&b#uW%C_Mo>#)<%O_%(klHKV>$(A)l>R~8RpKU_x( z>U&p$N&@(w%krPweW2CK)xYf+wh^|)6YtGO0dlFXH+JUD>$fN@^sLi_~G{13s^zZ(YogIu&k z>IUeNUKBF#m)O&~1`k`85#2ZqvCoez@gGl>?ift3M4gMp77qEI$a&+rI_G?ab^Fbq zs5i|`pn*Fm8(#QTrTg_fTJp&4;88iWd?`8WcK+Gx+^1<7H<&M)O0Gxuc_yfAIx;$Y z8k2nb#j|D~YO=8HQ)6LSTXoMc&ZlepUw7q(%Us0H=Nc8q{WO?1nO54)t_Dpb7Q_a3 zpB)Ojvl9b;_7UQkc@N?4l{;tLXWsN&AHN`x^pu%j;Y>v0>>0>^oD(BN^lYU>!X>|iu;y6Gu|Joc0| zKB09++PtVJkhbZAxem$n+CNLi(6;Dd0`a4)XT%wp4f*_(Y3;b#H0xuCuUYkqX;d?Y7|}`qsk&l0_5Eb#M(q$9opllK1uN~tD(YEGxL9geW5Beu&LMP~?mKj#GHo0L zgSeSnRmVQPgvW-zB12$%xi8?-ITedrk4tLY=F;{*Lb6=e-@HSs#-r$qOxHM$&lBG| zo&rA{NS-NSA>26HiU_+2w!vBnP>Rjd8lfAt2E)4N<1RFF2t4o9z*x5~H>ywqrePxm zzB%jma9TlH2Y-@2B9HtdQM3h>DWTyVKI46mjhZ15kZxe4?RY`&EGAmzKy9M5)wOjT z9F1#XkF)(z6I+A6SvU#MzH#e?gGAw^kb4g?^RG@*3|X=39f})y965!+rt*chp$~_e zur2r5`}4?*=%leHYYWem=1ZP&7{A3Us%dUb1{vPqCC!jqER#CUmbwG*4z(pxxihEA zW-xmV4T#{xS!9Lg+=vHi zu|{zy+ky0PLQ)un#F7-D$g$gNhn@yrVwCM(uq- z?cuK+c#q%xG1kD27{3$)nvmQJ#T5)#8RC?+jny*gi(atokb!_D?eXwmUAtL9Zu@$Q z_gi9Mh=Kl~o7LoTN=3It&*TLQ3jD#_Obb6LGeyQsYfeLl zi*OJr=kq8~#h`Vts?Dy|LO|Oa#W7=yKc|awDCc3-X|1}QmyoidG~#T*Mn`*`VfE8c z#vrQ4_xDmgh=o3An#zk%ZY;k6Iu!4B)b9Ly=u4-n%7;98cL-s`&8sRMuOGP|eJV#* z%&O#eJ@upedMMbUOYy{x&<|@><90EDiKEi*8@LNj8ptyi4AZTDUOeJ82d&Zf{@3gF zLIpnl$fg>2_hcvED|<$PxbCI3Nv<1<%Ajh!NRy_=(HVJ)CW!#Duc04H7d?v;pb{bgsw`YMeKgs6S8{W zlyGpnx-F_PyZ17!WI1z5$YQpKJHB5*5vifqAFREJXoT2%cR9U`?kPRs{-mJl7qpFyLcboc3gmy1n3cr?Gn z)MkFM@=*}~s^64^DNYZEq?Njqd3jBDk=U;DBK9Jd?$+-4}mJ7(*;7 zZjTu5x-&vWbLLGXM|R?B*dCzOGz#O=vi=H9&9k$ap*HdA92n6?9SVi>(#FPZ&ujm6 zB0+ak;HIglt+f13wf)#K#>-CP{^n@xJz_a|#PIiC`*&22)3P{shIYs>Bsv!D_L(C? zKOY^BGX7gIBX<48lpO4ckk;g_t5aLUKJ@0*C;a#?9-qifoPDkn;w%7WXo1jmPD8;C zJLC;$2(oIvj6N_SaEz^eG(DU$_7;r!NR;Bj{#%4EV~3Lg-3NoUrJVMz?4IzDLTYkN z=o7r@w6aDAvGQ_T(llc(@k6CrZ+6ZrhJGg6tq=ol?bgoUGli=Bmo}t*uVTo#j@4L!DC#JQZmB{+D?G*INpk{Y3vASP~ zw*mhaMd{k6d;o0EpgO^%>a}=`&z74LVXq0qY&!Jq&vE$>hqCg^8_j>(2d-*R+tY-W zDBwC)UsU7`(J(M}Z>zv6G~`WL)oXmnGSxKGWMvvfk!f=IHPSK(d{VKKCmIK)jK^JQ z+cH!0S+Ve&XvP!~i}h_m>eZ((S?*3%C?9 zZedQiY7w23^rpk1TEoV+87Yws(16*9DJkIAhbibmC#WXarKARn^|?RYq6J=c80X^S zeJCr<)yRFBC%b=HQdcz$f9|kZQq_Fb(sexl=`%n2KD-A@9KPklBN2A_)$HXkoaZgO zhrVj1?KS+qMdtk)B`RStu+j6sEBtQFj`%5ZtJOVGkBJaJ5J6-HFH^hX^4P4~mhmXaNwgBI0&Q-ey3Yxs*TMkI{PfWUy$s{HGKzX0BYZ___o>3CC z`v~-*R+~XSGfEP0vG86A`J01g56-hop?zWL(=J^5zUI-Q>S#R@As<6yNY*{>C zqPuiZ-nokpKh^a++}*UbxItV?kme1|LVo7+(eQa1TETRt_ooE`d9EM`!2~VvW1ogH z(wAa=D#NMa3zWpJ@?TDM$86S&BK%4ky8Dg&*-DZd!H7*ifqtE+8Zv*H4~mjyCAI#z zdB-$BWc-5VgkT||Ve~=kC<~d4Ql8P50SOZm+^q)OAT~aAW8v3bSc&b`);GS%7Z<_5 z7z*Zg$`DkS!&^;t;&V8bLS8cA9+o$^Bz%lHD5_R(+htVQ=R|)@XLK0L{UOz7@@h2jXJJpEd?V zvt^+3?CGTll>?|MbW0#R^f6*h$Ogr(u58sVA7Q(dtZGZ!lGv8)Zn2PTQXIWmdqAa% zYBajpBb(tJFXK}C^pZz0yXl;R4F+Cc74=`skeGbP&*Zb3RneUr$3>G~P>a?*=n1nV zA)CL)A)Srkya|4Rl&XT1s`_hdWOzIw3T6g+3^BC@jgp{sRQjdq{czj}d;O-6mlbSCIUiqscldp`uvtf)G;c)+!i2eRA`|>E6 zJ!ym5$oRIrx>WybCy$2jR2YfW*~h#8H4=FPA{Zri zZq+}#5lVM671K*W`_$bvC$DDVb}Z!}?*KKqOP8QPpOvb?nu;nTKcdg0!h_{Kk#WKZ zOs6bw*agK52*ZG`m|;5HGim|F$Z9uOnsM9rwT{%z3TR#3I&}TIJKRZ}UNu~oaL*R> z=V0z{s|kep0aUu*W(ceZp1s2rHbfQY-uUA8Qao%*Sog9w_rr{&xP%t_HlnAadTUbvwtGw^825P}3Go04L-&J>z0mtpudE z2$|WxN-8xRI-WK7cnB^boZlNNt@U9K=pdWQI;`EQM|?wG@0D(Q^6Xn+q7J z&oAcCFfvYmuoY?n>6~?1U~c1H#lHc(Z+xG=szdF*g*c0O?h5XRZ=bdF0O!oM&VRnp zoWPm-IKBXwYW;)m^4c1>_o*ck4O2{rTG8p;2!$mUSUc;uJ$|uW^_YFTP^ZmB)D03i z5ieHsPFLzB|n2HNrEWW7xU#N9l39ix@8^*&6nLE|KmPl6^Z5%yH zJ%ED7&{citqdwUc|Jf$aX8uR5r(aezO!nwrp<0jC=6b&u0*NClE|px|?yw>ufKG(8 zIMGpX2C6<*+AyxwA-ba+?QdFNR_*&=OUsf}NbbQSz`O(vGr*zvM-aeSi@(sI_2PZ^ z85b55#jfW~+4XZ)%0MOS*LjqV99u2wWkV+jY|gvIIMq2R+}>{%O|uE)HlD#VAOE;; zf@x8QgVu!*qloPq#h4bu!maF+>R0^(T^FZ*qsC2Z z6)Q$o>g^q1w3lQKideGgT^!X^dvxphspBp8T0fRLSkJ9sRgx*_`C=l)5t~Y8A2MU| zo*6rPo{T7%YOxisw#FKNx1vAr;HxkVB56xElr|lL9_X8}Q(=v=G8D1dJd*3rGQw{g)pJJl9O6_y zFAlmkC`MyGytjET1;m-Y z_1Qx&?lvbSR2?oUVvQ();MF0Ea?X>9I6Y9s_@^ak+Zw86}xtaG_lQB4W ze)iyK7oYfNiw_`&e0>wXcT#&$#}LlqX4Ll|KKa)rU+2 zs)?NRiUWcxhZ0`3ZYX>s71E@bhZa@}ptsHbcNTz|A!F&o2d@dAgR9*Sg-g@KDAWAr zYwcg_iF>nj6#%hdc>Dnrk~l8QaQ`6xd*E^T6u?W z>SSqcLzi22@cTgd0alD+?}}|xy}rwG=xv;Dow?p1E`&H|C__$15$DV?*)Y~Br%6sD z><8m!(qnhxOrhBKDD9wK<7J9HEiZyHXmu^wgQLf2SS-5i7EWUfo zJeUn_SmoXR=5a0Ukj(^UU;^ZnIerL`@?Wik`qn#yCqXg>SNAi@S6w&{IEk%|-;C-} zp9j%EIb~ujD_xh(2^T-`P=-q#CwbNm8v9y;2@XgD2EcCI8@gC zx5LA=S)6m6eMD%VhQooi)AT1Y_Lq6xw0|fJ=b~w0gU^lNsEDe|);3nd?^w~*oLs_N zI`{`4A$3=mX6$6_Azt^?74IUIHWLK zdhcBwRlO1~4Nn|ou$YGL9%lByIS!F(^6Rl^S@)B0UN|TKdr~hY((SKRm~lWzwLl5Q zegTOg%2Dx>B?w<8Zk){C;6Cr6W#XB3Of_QB=kd9u={>y)Q$`o2XjadMh^ZlTj_AI4w@f8v1b7Xvmlo~(V3&w6@A#>xoO-La<^^1$!<%=%W2L5rvlNCQ%8|fVa3#HH%;<-wmkPsaW0m8uhpqlg zAxgeIC66wkbdH{0dE32Jh28yM%($lXhCW!gvk%%_ua^(q;k!9G zGWt4ma6aMw^6~j4RoWe?7kafjUPdNnC!iI^I@<40<1xw#79HEAtWP^Lg1Hf^*W`-J zWDtqh*ZciLt)~h>Db9|izO*I!$dMP04zbsh#3YgQmvXUTty737cWRy474 zB(~50GE{To#NH7nqUhTXs`$t%1!@3v!Hn1KSof|@Z>eI48`QQj{E5w$8Gjv?mvFJ~ zaNS?C0D|?=gL0f|2rsM{t6oJ04AX|loxM_`&qXw7ql{%v*X3hrvH$rCXvY;$ z|7AS&2Aqr$&VFG#BLFV~WtLoDCULlC!u28W$U2SAF5IPqbblj+MnhDjq`g)q-gNKp zyw+?w5DyOkSKGq6)o?MkB4fsc--NP>xmACwG13=K_u%JN%)$K45tq+fKk7OF2}^n* z0y&^>F_Ha%tD{ygr;@hRKRZV_y*8}W1-1F?ZsM4pDR^rJV-Zbtaz6c< z%j*TV1`j{aaEz(Yzv-uv1FTPr4bA$-3TPjW2v}Ue*I@OzTX(hM?@BHW9mXaDD9{Ib zT=K7w@<%m}2k@Hl^7(av%Ek_<=9hYQdxm-OnoFb5GaX6y>CYsL0dY9~unlc50dAgE zf^h&p_gx+x9>-}eZXUwQB|F>9d8e?5f~6+rWw@xhiRs~Fv)FB3R7FW`{Gl zFnv*3fi)f}uOmiz&BHArpi%trqS5dC+1`Tq30kizqTqb3d1G4a(+4P_;PerphYOdz zkflbKfCYkDWpVyLrOmnX-VrK$)B<^bYPqvcLW5Mnh7XWU85Gwn)f)S2r6~s}-e!%G z0C8qN`-`kYxuAm!8Q3xPBaji45~nE8uf;Y5hd9vt{}vN2K+O~+F5Y*c7_#mU+B}2^ z-NmJs?EUqm*F!=naSoXo_#XhO`}6$siAVnb{B2lVvip#9>)~0BMoZKp!p3ZTw9!P7 zx~Nd|TE$sCO}D%W0&k@PbuuyZ+*tK+8Vsr5a)a!&asnZ|_1Mup&RaBQ*_4s)!B8%_ zzbso=l;UU3h{t1Nmc0ICF6MPgT(~a-r4rMq1044Uy27+p2@?1svzD0yW&RR8kP?!v z$@8?gd3R#wk8Z&1MW3v)t4AeXoz*tyG6Fjot=+6t_%%dRKLU9yy!+?N8Gf$(%MuF0 zK|JSCn%lWDn^z2b`51!_L%c^#W-T;7cnGY^9u#`o@dF$i3X1%ev- zM|JG+Go|kioUQPYUkWPqa8EBkx92Vvh)d`G!B_Q%%MM~e(T{YD+-aM?lY5Gf@PniS zq-CVGz6yJ_EuIY@G=K8P2Y50-0P(}QNrzt-zI*U{YB&liTnAhF*mY?!-SS#~&Dmp^ zL(3D)YsAZ1e4BGjY4bqaw`y4x%inQ@2{!n()R_t))}vR#o6i=a2hVW-`FhxDLHAdB zRg(HlHS36QHdSL(acR|IX9_I1jWMHLy?-a&-}Ah<-xWf8^veCPcQCb}6}3+em%Kli zCaTKW=cG%-i+nyiP1>8}GBrpvJrsFrYB-Wv%fBb!>M_XK?%~;Ik+9S?G26Qh<$W19 z1J3V@`zVGc;J11!&gJ#A^hfB%%_>Y^OAP|29TwTX)g!Xm@hvOWePwv~n|Q{x}C?G0gi2dJ%- zZ=FB;uK`v37E)aK6=M!~_o0-*;-!S;@1NUF*!d#bVDYsr2hQ{}__oROh^PB&f3BPzPDQS{tQR{Vy9OP4+7=Y@W7qgcmnyr`cBm-^)oxp= zrLh*OE%q3Wc@LufoNnU!sn@JY#DVKKs3vMFf^$v*?az<-ZKb4lmeKwFoJ!C~ znG%-CMbBav(*BwXpkb}NJntn-Zq8_Rbc%e%#m0&>&cIgfjD@CIbI!r;031;4GQYcA zSt2|6ULHn?S=tkK2{|eP9b1S><36!@BsSxAK+952bj~LJ%qs~@605(w7f2;6{>$v# zx>6F@&;H@*x~CIU93UGOh5liK%~ zC!sxulaCJ`PBH!+X3u?zVeh~6aUm*QJP8sVX2N}r{y}83P2dRdo_M%{)+w$eK>8I4 zuPPU)_f<=9jCTTQy5EaC#)kW z1HT^+R$E=XUCWj7)pjmqc1@(QxuciIrw(__u5%dIck(mu!qMi+-s661+`m@Nuz0`7 zz;$k$OEqL@3Cl->Ju%c(8`NX0wN_j^v#HOp>+$?zyUo+33GkH=Jx#u~U)naS*gDUf zo}ik()|%O9yRBhB-a5(CXK~>FQ5??GDFR#P{%88|Y2IA_c{5#x;_*x7UTPX{{0Zb|e^*Gr!+*ILpg>i{{rk1CLtoM0-)RLCCnUh1q<&aP`xtWAaOEa~uO zISpe-&~_6tYAqyF=E%K|%+A+-C&_!4RV%J7j?d&AXk8F^5eD1e`%H@4y0f1v5e4F| z`Q01aik%P&wRXFxf~^-dzxLbKL>|kCKM(-j&n&*OG^b5zP14-TDeOk}92I$`tP-*% zBpPF$YD+lW*Q&av$~b+9nzQ8)#HjAQXOjltR>+5P^Jzw&IlYxUczNC~8*QZU-ha7{ zc=96SkV+etD|kzST`HwJznQZP)J^()+GF!5k4V?OX!V@d%LiJ_YYuZbK%n6DsP_uD zd0$GU?5R*=OVg%p_{ReATW6{~?PoV7oEr}_tPNvTF{_5c;ei=V$mnOGGu!t^mITs9 z^EQY&ppQJ(%jz2)Bh|s7w^t7o-I`07JO6^ND8W@r_6l|kSi-h01OeC`yPlt;hyAs9!O7zkcmom3ijA{#V`%q0h;155y z?vdg1Sc}jf{6d>I9?ZvUqc6tB%{|fy1EQ;5fB6Xz=brpUZq{IiqP4!v8ktvF0Z5$>8%{;9^BXT1aUfvdiwrt@{?uHMk4kHZ>cI&A=Jj z-1k?LywGYqDqQfImXYHjqy1W`NBw^v{R{~Eq$@Dm|5B@U=Z^no?a%{`S2}u-r~Uo( z-kTLs?jH|M>ONHqOVzh#2>!ZE*n@eemk0t!_h0hwDHen%q^dfc<$7>pq48(M`9Qrq zdPm<%P}8E1=$q?;w2=0T!X*tuqG7s{eKut2i}$#+V$a>MOxD}v8VmVXM(ok*#n%){ zW=p}l%X_1{^XEWfC#1BvM)F+xrO5IW2~8oOUF!dqM}KdqP3M<575icri;LwW9LTN` zIPQX|*co#{HSCO$sFsNlv_Lob1{AeFdT@@;gIBXhxhp)dx-m_RHUvQ0w2GbZbo zqO+a6qcMTZ0W`fsnx*^%at+?;hWHD~)p--sZcZN8EJH&>Z_KKOPZ+D$w-Z-XOnhkbCen^34=(0Ln387%xi4q{ zPhHj}T7aqE${3(n`{;A^w%)C1{%WI>8r>dT>W8|z?)gM!@$zav#6KD>h*T?`0B&#F zwdF4Z(L9<*dIc{mOmqFq0Ofu=)uav%KdgS3$4LovV7p|7e=5B*xp!xN;Z{~3lgxUn zMOJ12yjbqws?LU=E28@g_Yf-&oD_3xd_F|?dx|WcYv})p{rM*dFqIOxr?<_43{JXX z((?Cl4~ZYVGx{GC{Kb~P0JB!vyQ60hx3xlzQpN_24|9SBxVt~?3`bPpKy$pL{hW~3 zRXC6(0Z{xmWX3rE4;8H4t?w8I6tnur0mNzp(dPe<>i@l9rVo}4**%1VNWCrQ6YiU%&G0b{H%+p9MSOY!LKkrb-H*9=M*-QwUuQjffvzCh_K%V{iyGTky-HdsT0 z%u{sO5^NeW1TaI;Stf85a!+#?YBX$id_a6a)@J&m3e&?2MFAq|i%TD$jJEUtupXM= zbq)}2-%sE0KlVyqy_$Pr;=n1H^zr8&PyWecWFcL#r+_{}jEv)Hpa8?>bq%72-4Sbt^S!^vrT|=CO-t-nwmbQ2NzlW&vkkiEUoV zLXqCJ9!KVYx5eILkG0GG8ii4@Oa#Wdl;<_6l~jyKY7}G_ zU%vJZSbrBD*7b?$JMMUJ=Kh+CY4w&C-IMFZFXd?@xEbsUEE#AqT3AK}>7v4tO>|LQ zk~s${{wP(Oq^_f`P2lM_ySi#=E1%-5{znl08#xt!*ALDu|8uYC?|m-64i#((2n7HjaPM1!{%I z6cb=@%cuVZA^|Wa$T|A2n8q@!AG05cW8VI)K4QczwD>Gr+q+9k^m))=N3O@bR-6g_+P8&GIe{`1e~A_$bbN!`EsUMctp1 z<662-YDwHZM`~5UcTTBq%}rP0HGJeja=fPn`z8XxCw=UbO;6Ye@&)i7R@aS!318ck zrsnn`PPa$71i~-0wYaD~qg}*Z$2XJd@=pI1)Biw} z>mK?ve=c-^_hz*eh}|#y%U{sp_s3t3hAno!a=9UW@QA(`m*ghEIlJ#iR5d=mUunIw z-2oGzXWoQ^C-$SlC|++ag^6E!7OnClN{^L+Cg_HOgU`ik7;Gi`F^_71Lr#TxpiED| zf4p6uD9MU-*Z8n0efH)3$f=g=iGjS){_q4`KKMpF;D^x z)Wmh(v8~+NGvj$&es7>|UcX9rEa}IJl54WTBcSC`eq+8x9Z5dyy~e<`#(1!y_78I( z;kNd|&h^{(LOzp3Hv8A3ZWh-3Z|%ZKJvgh4z#11Gp3!@Q zw5a)v;XAk{vl;#d;LXr}kN#^$Ik#A*0T)FOr=ILw8ZRtX>I_b{RU)5F2(|u5kX(xQ zOT}E~L3|X? zG>Ed&8_GaT@($(a%}jnRl|NN>uPdQZt@dlmU8!B}En*igjMhUX+Ut69??y=I))Zag z9u#Aq7WPRy%ltBaFbq8%S>n-?5_G6h1$^6QYSV7mK-U{KI^41<#uI%mOx(si?C#ENeQosGIa{7n1{hCBzZbH&^bHxNo1Dn4PZd2EXqr?y-0<2z5jMZj>3^ zaTW^oz}`iH(i88F#LP=(p~v1j>yqEuS~(EPJEPSuwi)!u{RdyamJoQ=_d*36jW)LQ@i=dsvL z$|hxf@4Kme@vF$Kcs&s!XIi8I>kXG)Q$_P5%>s%D3Iw8L+i8@lJj!lx^`3A(oX8E3DJq{Nihde1_+ z2{B?9-Z6%jXzqD0OMccWp3e($bg`>kPZhOj2NkueJ$HM53yIhMq^$#c;20B4K%YU0 z;76E!4}ZkLWR~&o@GvCjnUDm)rUn6^X%{j`#j=Up}8**WP_#Dco+L^cltvJ~yIjTuf@w1{_c=;$z?w8Xial4`H2` zgpcPDjZ=yzIpYnAodV)u1Fjj}I~L%uokIe}5}^6zc9 zh;aNMYm%7{ zAg1>ZoJXX6?mLn`ALCAd zz9Lf^g!=;##A}V<*InbAQ{=LWSdN_=3A8M_T07H@&{ z#pp9;!15KxjhnLp3g!wGLt3H}zrh2$sKEn~5VL8YkB&kpqI5vBl#;6(*7iry1PdS! z$d(jrDk#lzrk&L~K|pWm%MIHYY0JXM-~Abh`k7`b);VVTv~Q&1*#E)8|2vll`Q433 zjwBK!>x@0|`tW>-l(!9w8zX=h(Y~T7T zv+_D1Dt+FNKJ6x7`6~~9MSazO8^_Y%*q;7%?XvjEy5l?dm&J_3) zQ^<$N0R=1yZF54=XW##L7hUAd(HSk-zSQ5D+mQsKg82oIX;pkPZDKQmYbUJ2%FTt| zG(CP9y$FDiL1=J}JmcKR{3nitDx{T$Avp|j6JSg5Fmch_c;7q*JRFabHq2~r@=_?b zsQV8_;0m(~)+U10NS)&z_-o2dHZAy0V8qH(>Eo5dXhlzRAOn~23nJmG&*W$^?2R7|@< zKl>DRXmpx4GD$edUOPyxEdW*vImKzNxx_b1u}t^B6s~WK@mDf`KOz^YEf$&?$PnVr zU7i$UV21ASD9BAxq~g5?q^{m`|7$*M+Q?93bZE8>;tBCgDQX1 zP>Rerpp(r>#%Fne39V}vR>N55ixFa$~A&mZ5{q` znFjI_|}DhDi`m*#X)(*$oW0a=&#Yd^c@7t9Z{Fh8EIY( z_Fx7sAxHz)CBVKWe!|1kRCRFR-}1bkd#O&Ra%?nXR^FCejUG*eyMDenxyCOX z(0qTuSKt(%@i{Au6#0Q{6G#oFNI~GidUdgdnSY+nMnX>p(7O+t$_w#tdhl*Qr(h*f z`T-N?>Yb}jneo@txM7yh1J~uyK&Jl3CiOF)eVAtdEbOhl3qq(LJ~;(-p11PllJqGD8XcTDbZDf(W7xWXSdF${x$7$upuQ zOVvuz>vhL!+u8G4>q<!XS?_WmhUFWP@aq$*wO03xFjsw7Xib}MLD$c0$ zYkA7*-k=B#b#uu5&nL)fdZ`DB_ZdOw=KdEPB@fUz$^+|D`FD3yGmOai8Urg|+)C;d zkj(NihG8?RSNxVnALeww6u<|>N~y9{*A5mo{E)$}EeggHH^>y&a0;f9)_O>|;>E;r z#Xe{A-TJi$AU8l40_4RXbvXHPQkY6MHQcj{4$ulcVC77))PGTfhzml#%I$~GP+x}h zgWM9F=WSze$^QVEZ`0QuF&Dnj_iL3Wwtp5#4oOtJr{ugb3pM$B75XtWon|z4d?r-c z@37`A?$pTO0N*1Zcn_*y*reg0GQ*jRsFUjTmz%#SO{Xy~Xf)D|MgC zQ~)EuB>B8Av78?mhWvRy`H} zPg{uGim=PP8?CBqdNTsTupt49X{^(j>)X`zexzBsO^oAB=tXN&W0--9ABWfRy5`OV zgcU6opz`M@{Psqld7f6E+qeBKGJF3aGvWWS84TC(Ac3CR_DN6E zdqxC}$=`^*SYK!zh^z}I^4dM0Tr8j87;-M!&DUp}UbEHOzkBkA1K!e0sL$|y8Oxh!v@fO1Tg~WcLG*) zY0gQ&;t@5lynr$8s!31f?R28*2*eClMlnK&xl{1NXiEbu!HCMl@pLx%sYLit3_&h( zyY_p%;+*hBJ;YWGvJC9kMc133Jn%ZVyfEUFykLR^EomcGC8yVK$AE z>Ti=?NZt+jxY8Ha-{!#P5t5p9ydT#$dj9<D#h|!=xN7EWP#L zzUX;8$R*^P;{wjtk+-TQ{7Q_7cP~CFEQiRij9qf-Ur#$WhEKfWJ3?rmV(GV>4ql2+ zgyL8xOL0vDmkbB(YGt_Q^tGEO^5#T#Y@Yf22`AXrMH_h`LXaMyr@}kOIzdrO;1+D6 z2kIDpzvu;=QMNOXg?bOC7qFC0kD$YQIP%rS_yz8}szJ7Jr%*P};Wm!Myaar<2cAlX z3lKo#BW^o~UPeGP$ z=onySRg8^c216~<8NM+yA_@REk6e$+37E$VcZTwGM#KlitK*|j#+K_T8BL5&8tk&;|?+Mxlmq0bqNOX!kXG!<5Lu$|w|9aY4l2!~w}N0|L^b zs{m9gmIDYVRw-q4D6TUB5WPB;`LzGNpEQOS5PFZz=1rD4$XAHInlTT=In>>g0K|1^ zppn8MXbR*-U{fbVDT>MhWQr8MA8iw9U9(58x-}OOm2=7Y?!RX+PBQ#A(2WtfRh6-l zR34TGi(sHTS`Z_^b>tCloX^kR#OM7qV-fCYV8Bm5sS7(dhrG6TISw$pooSiH=hwb; zP+_}Q&R5;&Kip)Y%b(^Jg$L``Vc|Vb_}2xrDJ5q3_}Elh056bR$hLE|OQ*G{HHCj3 zXLc*qcG?Vvx+|;@Z>M_+B5Ug3wwY(ZjvCCqJB&0;1#%dpA`q+49um_TNIel<|7WBM zvgN%~2}1#ogFi^-Z}$~W6n@iF7G>T8Q+AE*Rw@hl0GsWe%usSGXS7?};diJXGN2kr zi7LABfz?Qf*)`*;ud>u1Hhu4Fx8)JP*}1SbS!5gpm#C1$X7?($q3K zNMPJ8%a2@qW}O~^Fi5z%71{K_Z!FE;Bk+(mgXVy?6du1N+H2CYz#pA15Wz;-Hmzal zcn+jPWBrUGJnGmq6?}-II7Jx`Rzc*dINS0A@Pyo^-W*^acxmIK*(nAL${Afq8^3+y zwrl*!zdm}D-s{PM65k%WNAQ4=CIVhS1gA3m8o*szraIe`yP&#hBrKlZZ|tt_{8#67 zVzs67lV*n1>RFSj6fQ->rXd9q_qwQt^!t8dBJ7X+IRgru{jLM4VRli_gO@9g9}D+C zVxp8xXWzSb*G}8Xdf0Mhy(j(n`Q7@5Xt5xOn4YR62#JWb>YQzs1V7DR@0q!pp6A;hGrl&`v=qfaVPv;@KT{q>u2C9PzNM`1kv-tq`nPGb z**?|)@HYY3lx*Ol^!z6@v7Zmh210WB49mv{VlSV@WXNz-%cip9tT!Go zH7rTv>e$s{>?N6&2Gb2+$H(=3#8dk*8LO51Xi3u;>jgO#y=mO#lrWmZRpUVxPxQ+p z!L?EaOq%KboXM)!XJ@Ix%=;YP3R{9~AFN-3YJ&kurQFSqo%={a=L)`8r{RaFv6t(@ z!Aotl=PS=W`~Z9iOT7e{A++NN(yp*YpxDe1;RJ`M(SP|tdnmY_jP~<@iz1ps!wkz* zwX%>}(Hh7(>!Oj~%yOp@sle(FAo^iooTX-O0~^lCoS;aONoi~*K1nMC!-n@ge{OsT z`+Fy6RK8}bFIvfM7y@qIDh@5xDP zuH*UQFh0e(`1lM{eHh0SdI*l(iimBa%nbvpFXg98Mt5(G+fWx7A>qv9w6X1!`hABBxu23eI;19w#(zq%D z@|W>EKwclH~uuTR!+u~#+pocOTi;oA7QaQ7JB=NGvxD28PC&HuA z@<=>byz`xKeuqzp+|S&blw0E|Nic}<`*b9aH8?o8Q>Xw@2|I0FxB!ADkvdIKs~vGr zJI?jqhK2oynkxK8E-c^xaS^5xrWZxYKZ>$gb=?B#W1>9YgrKt>3SC`6eC_lDCymS^ z?(n4wU1d@x-^YT?kE-XC$cPw}dqlCHf|%t$mbpT^q`vouuOpOHAtug_ZkSJUn3wS_ z(tQ6nC-1`jk zf_zv2ciPJdRv)O{iR<|9J+f(#!iX^mHkJ|iYkSDu#O5J?Cd;1)JR*-akHA9Kf=PD- z2BiD}=zki&mXPA@v|;I7)^mC2xxv%B3Thvj5oou2vW7z}A&`aZ57QWyolbI)T2Q$c z=?W}Orsz)fjS&wC8K>mmfTR-uAE&{I`+HVKl4@j@rR*LH(0L7juG z&VNUc-Se^-!D489D#`+%06`3(Z8q{W#Jq4m6w&l`UMXpUNhb|wwcZ03hDI!WNdm!N zsqoosMSWchLtQEkcJgNN!+a<(y)>592wt?u%5-@>>5AFc+rXDZX5EtHofuj=SEI|J z02P%SeM%RVpNcY=a|6yF2%lk)3V$&4mbL#h>MZD=Z6;*p#hfM(#<)|q2E!HxsdQzq zhT51}-ESfg3jU-b4^t?Mq@R_oRBHOP8>VN~a49I!RS0W}0r{b=WML)7Z6*x za))h)l*bQU8$7n`HrU=+$Z^*J-ZuKE`2i5-@Vh45xhgTTeE z`fvPGE@MoTH`N2g)zxMtuGRr@v`xkkqH%^BYO*K zd#y|{wNfaw%Eb@&T1#PI&weUuz<B7la86?jv0N;`I6M_kAw(XuvrB6!hF|B}B3oWqSLm zm}!+t5zKXvy|jG!B?pyzhc z=CQSqJk?2-H~{g@b#_4Vc-k(S-JaRDQ1WcKHN?u~`SC-zR@0hL_=cFC9j3!r?ms#-UMBs(cqk z8keC@fZceDNP^Q_lsNu`YDS&P!^;*@4zYmPe*@gHkmhc3RA6p}AVPDl0(Y0d zni~5t`H}7c@enx>pfY@|!ZsLR)ma$3xnU=Z+^a5ZV-g7QmXyVj40@5rAESzzHh|B? zIN7-?ZmRpip=1f~O8-@DHw-a6hMUr|57GCNaR%Wg{Z}_^1|n*}Z7w z5>zqK0#iBzV9@5ErJtuz7<$_1-`lXX^=~NMLV+QO2NU|=i+-QQnf7MWqEp#P=6`1*@cMLFR#;f5=hs&Czo4`K#nWWa zQQ*DvHJ0lwzoO>(eh3}`9(@lnix){`j}OA^Y8Z4^K!LjjM*z2h4AW#h?-ViL(VSCC zncu;@5iC5yoZ}}xjgkjWO75ML6QU}HX#Bc!9VK_`k4{}E2-Y*DklIMb|I<*;&=F8M z(ZU~~y+nHKDL^XnE|A~OU6w1%C?+OIEv>xv$TBL}jU|RjIC%nlzHi{K4{0WHt^&NQ za%xKZ2V3g&!6Y;obUY=|^bqqS8TD2JP{VeIYi=Bpx*yo)%~F3V>yy1$Ihbut&z(WRIGYXx074qIti;L z4S%O`q#6*zQlV!tQRX{0=dfVxP*V;nkMt8=4n-%o$9}cV9ZPqrMkV45)1=et$|4~U zWXkar{nfGe`jp_e5or|0Ij>tFfxntZaME)ybrr3<)ItESbVDaQCris5NBEE%Y zcr2U5inRCM951ezB@~b2ePGTr>hO1e+lT|Ln}3eJmb(SA1?F|tmQuYGGc3z~4x0M} z!*m*Hs~R3VrFo_8b|J%sse-j4pz+f0()pmi1!tCVeiI((t%APx%ukaY6}NnZHz$5n&1nzs%Kcm4qG#`E!6fCKlLj4l8C zv>}0kEFS7a2m|>R0zHm9&2Ldsb7ExvfdVWVmsmHL(l~-dXgNU+WkW%VF&OR=DYl!#!$HGLCUpa;!CP|h$r|QaqyFd zh?u7@r>-gs(5fZDGRK0kQawWE5(^%XnY^Ym2(1WsE@txe%xSymPn&CSF#26wT&W1R zCn==2-hN$SS6QGeXd-ggB?6s&<^IEbf7R!HTwCI;+e@MHJ>IJy`DI7gXWs&S5g&+K zC;17>V@HU-TB{%mPo8jn^gN1-dP3n0=*u;=(%v?t)0kSk!qW6Q> z$MF>~DAPZi?XU(1-WJee7s4M*S;p;G2S3gTClsFG zwQWzkP}#ZAa(h}IFB)MrD1oZF*pOwnRNwb{2w!!2|7y*9n?kd9yyaXstZbsK6W$v(5f&0u6mxsyZc8G3((cVr zTc_$-=WB#m{XZ=LJUS2YI!%vEVH-51#NN7_zPg)?r4Abb_v6a0VECncxrFW-tlm^5 z8NHy);AQw7X&oaY^wGw}cK?}=+-CjZ?k9Egx|(jU*<-P{2P!Z1`lc}y&%PMLuwuq{$hSi?KB5$LDZiXE|P2&)s-B0CTE2c$D)(tdB}O>G~!6@=M^O7;Cu=AW(i#e+Y)=ldROEe#9|WIUi`&d#lC zVtttix-Xmc^CI?nTaURgjswDB8V%I4&;6xv#vH+NV0qy zWcO|h-28!(1Nj?@O!;-K&RhSUg|bn_m|VpuV!{P8b{1@Yc=j5-5^yp&3FM9PIRxHo+{AsKQmUBp}bRIG! zG?8-4G*VxtwL9p7;Of}L!j=)X28Y;jixtXbE-@q3Y-VI`>JT@_tGsCHSm7{fiAYf0 zaBPPz8Iklq8#u>qqhIgS$Ei+`BW{1E)%ly!;orNv=2AiG)QjnUH6^2mi{o=gX*zb8 z=Oz`v8(KcU@JI7c&huoB#0k31JT#@&eOI?f0ei?xiQty2w;q{K)Nl zw=1%tN;T#T`JJ*`<`R$i+}a6wlQME4wq)3J0dQq;gN!bzXt+_ySK+}rP zSyvG5BhNRk?1N)Rz5`pkj1>`m*L_>kr4#(MrV*`U?jsSe`sWj=0gt(^vldVWeWl;n z#Bq73)=YVa-?75{VieIc+`m`C2$YZmewaWZ6zh|}!sF=%MV{kp{?YtsD{D*v`jso< zNGwf&V@v}f$!3d-;p}`LeMLzRC3c1yI=^7CevvhH{av88K1XKKhc+Q z90aIeF?_$}L(DG1>G$dzr9nQ2j~Qf~(uKW4G{gxj!I^yYfLQ$u6NML<~6M0e)C>$BSTSJPR z1U3|UV<2$6<5mGj%l>H;c3;V6yr$oB#=QJ|E(bP^V}_O3M&qrM6M|~s;zZ4>-f4t` z=~1gRCPz-D10X;ajWo{C8Wb&1u$jwDbSHt8!3!hA!>(jst~7cY=n;*$w7c4$(n2rW z)M_R_z@fL&<`0o}OA2t4iccs&kq9QPcfgf0sw*L=}{b_WUl;G@d`Q{`Uz# z@t&W@npN2Thl62cj1Cn8yT|f&6lYnSVrqPGRd+h$3R6S?@-gvx3P6nT6c_kZ+lN!k z(J3nChDZW8G_LDkqyfhW9$kF-?<_Rc5qdeT)HNR71Rc=}&4u z6W}BXxj*&2!*s>KBS11kmPN679}{mTy>wL3hBnwRPyaiRQ;MQGCPMt%9~5HiB}mj9 za3fmeuWUcAFyRhI3`J8YQ6jC(d|@{B%+&9lUJ1osc2H~HS67uv_`HD%m}kb+mrm{u7$WeqvTHvR0H86 z)Gzl5&zCP3r=MCQcg|G5dv-gJ#1+y?HtGL`0~F_eUso0K$;@#UqtOXAR=AVm90K^U zx05NND_q5}x4|4pTm61EPw`vb1t0xmcb%5H`b_jx>w(E{(el-LyOo%l{iS45$NY~( ze~z&h|8RA*A1)Ra(gf@m7rKZz!Frd9zPS0g+m(2nC<^SJ*Vvp?ajs7N8&zOl4IG3| zG~d)aKO)2)Fxg8IssI&_E0`bk*F`h+>gZFo>Y7dgDULM4^^3)t=3YzFP3+bF``Za8 z-y>N}Xsfu{PrGAEd&#d8iHAlqE>>6!0yQ?d`Q^XGL_l2&3}nn&&(8RY7oHGCj52qj z^%I*ZMJFw)cFWXc4SDtO{^$g6toMpq0B?-*!psNaST(XEF?hqc1Ya_p*fHA8K3VjS z68Fr*-&9rdrjd~G7~+KaqCaF!ekTHy8po z`SI2JJ&GyJ_RMmAq!!s@kUsGz3&8HSIKect0;oTjlVNi%72}B-L*@C0fP{X8N)^Iq z4QrDEqvTLZ7=thg5jZKx0O*q8gBx2~gK#6wTnwoNF?X9is@r2}ZnKCJVl{)VW?==Y zI?;aF5@&9-&|g|pif0ZGaz0K8^FCXCG91PSy}E*_Y}&RTdNvq>pW=c)xJRA`jh4a8 zG?UjQ7)mus(QDbg@sC0Hk(Rk={DZ0-C0y9SbFJv`gXB+JBG53*o>ek8$KE2rGTUV<4d0?5ySAxo_sbh_bw8C6v7RW`F+mP!pS;vpy)~O z{gzByCgN=lqFtQxNqk4vmH;y1$j6%adl%saW6Uo!pSX(Gk1bNdU(lzNtr~AJ8Vp-M ziz39rR!lGeO^ScZyRjj?H&EfL$%$iRqsH{Ju%Mg2MWvmme=cnou573f3s9=XXEVVb8X8z#=y7elPmfu$-gf)9dQ#`B3>5ZXr_+|h z)>AvTMJs*ZN)u5!mH~!tK?jH!vvZU-IzT^Fdds$FTf$|e zbT%blM`Nge?F{e-kYk!Vzz3S=TY+(nL-~WVCbFJ zskgR1-vHd!oHitE6x?cs`B0Bok6dbk$BMzPcAlw5XHzq+&%QnLq&13R!)$AesHR2Z zNY5DEnc7P=7@x;I7I&!gIo()_5wWgG%HFq>c#w(ZoTY~VgwKbbNL`u7DO+9c>qw14 z59=Wwjh!vp7er+&k3#y~?c4b+LVmL7R5K3levobJxNd$<52RD2j2r!JzbX@H|2&76 z;jM&qKM?clgH~D6_RKyhFkzZHf=cXIw^>bHVPfB_k~&PtZljAx+h$6gid!reMru^C zWG@e1Iq=ntgpAoL8H5TO^rp`MHTJAew8Wqz)N*zcSuy zvI0-IPm8v@Fv*AJvo#T!k!l(v&uk+uXq9Eg8dfqHFV``7?|>dTgI0g@M1P*(^2ssl z-(4EV9%q~S&_5r{-j>nV{2~_Vd~o+TXfdo_vk&LjB;#4J_PTCs1i}C6{5?_1jH+ry zp3Z$J8hZKiZ{1c$3>*w(${Knxg06Ks2tiv<^k5<*YFbr;slsmrSeT3#S>i z1dqHgMb|J@!gzN%60XvP5QVKzOTZ=;wP>3B_{o?{?Iom2mJ&q~zaS1y{?P>KpYRtD2?vz+Q$XgOIMSDNL%YdX1jT`;1n7HlFpC-|PF7GF)2hii+qhQbk6%;ERwYzRMg=q~W zf8V3eS50o34tC2kfw}zv#5g)Bp~CXgmIM;l?_Nc|Ie z6o-~@naSyUqOf-ipJ=zy^8nS&oSwrsw{P$hy!1cWA9~_l+GLs}&1QV^?{TPk?o4*l zuLpO&YfYi!&Lo`t>jN(O#fHXg-zi zDxhH`Mmw`gCg47m$*3cv zNr>m0B`m~TJp)38f+P33`(6n*&Az$6Z8BK;kR@o<(Rf2lEwlFeSS)nY>%7#C{td_C z4~D=^FFN*~Rqx`^gyA!{&)+H|=y!9LsVpF^AAGE2O5X8)3C&W8`Us@rVeDq~ulAcD z`>QRQ*+$O|xw2CI#@wJ`d|jYSmL-kryYU-*ZRq$k!iuP?y-$<*h^$UA9zs%W1=fEo{66->~s}zH)4?RM&xzZ9a+0 z4!W(IGi6>dZfJN9zl3T1@U~P!x!#()g2&LaKl5&atKMxO6GNdxZ0lsZM#NU#W~6hh zTJ@*$Wxdmwdi_MWT}f{a$$VW#(! zoZjOAX+7~D5x?sKZbJpzh4G(r-?+?YxNZVVww7FRmT&$N>2**&kj18Rj#U)L# zsM2EgfoiokE*=sE9}Wt?Z5WK_-rcuyf9j1<>%9G3W_Pe+%<_6l=i|JiyHpjL^m01^ zEhw7jR%l*Zd`^uFiyl~2V+IxPlC6n!xYKa=!D!xV-bQNM(}$gzje6PJvRBnE0?x#HK0PDN6laF_*ZeW-N6$(HfxKkf-B_$cjE)3oCP3F@UOR(sCf5D&0( zhDw^ee#NCfTpuiYx{(?y1JZSAsydQiz6W9^L@2*va}spQgy3!$T@8V-xKb?Tqch%- zwbN~kh?Co`2QAJdSrH4_m$tQExcyf7;D?P76H)i8xjO`;ZMWJ=S86r7AD_SerNFsb z5}6MLi_}k&Uc3M-yt}v!>p<^TXG`8RQaB-0JT0h;skyLy358hUF9`KdU1FrC!gKCK z1uR<#(mjrHOkgMv(>r-@vp)f3JKvPZog71Fy(lBoa_tZG&w$V&RStKhrxfxvi^w-0 zZk0QbOXI|0FtE7eb10wqMe|FPn zF)MLn*SefUlNMtvY{%Dsa96n1c)6Smf8tqcmT9+_x#VxqqKg~55mqpbNMai{`6vW5_OPOwGdkV$F4@pD#N3~Z}Ll~mi+zltY?maC$zipw^ajk zjplsTtZUn=-0GZQO`(R+av?c~=PPy2mz3v29~Zj~D1p^-$0G5wL!ClVvP6(u{eF3i zot)on{a*>~MGuyYW}|^-ZSsbeJr+7H{vP}1QzL3E)@Tx-qCT5E2R zOmt3;W8m_dy=0bZL<=MH`3#;q++!WwO?VDQXwi z^ER2sQ%N!GEP=0syZ()WDK=IhDl>RkAgQo9LgJP$7mx9t{Hk}L1iTYn)oq1hTJ3fNkeC{;;wt*@py(t61K%zHx@S#scY;#F}X zBFe#h%F(NN@6Sv@!1s2JHnXu5lU6Z(mO_HGyYajE>AQ=F1WEPcoE)u1l$y2cYQnZjN7Yno%YgR_^7P=e#H$HOv zZJ7F8)yW*EJC#|sa}Q9ATh-Xk#l5M$ZFYc0ji=e3(-blgI#9je_>T6hO)rC=~uUl1GWu%9Sr z!ZferI4OQMZZ1AUzFk{IQY)?9=wUd?U=mpRy1z;IJ7&F<^9d8Guta}QO%U7JR_8{1 z!|(JPlcu5X^a09LrdQi&*syQk!gY!Jct}HCU)&IKebaViUsGpZ2M(Rr?GqrjQ=se5 zm=LlIc+G3SIpL!@!sMp-;yli<>)W){di1yQo1~Ry{MdNU~_z<6=%BB z8K@PWE#Q$1irKUA6O8+Zy`QGt7+JNwh`_n37#dyM&a518^mAuChW}d)c@o{X781t$ z;(#H;ZRuXWure##(uS7P#+hVBL)(_yV?K(TT&kU3l`ATRBgPkj$2EPQjDm-oK+JH@ zWblr(vm+Z$JT+S`sBUxTxmeWa_2lKbFv zykqFAo0hVGSYvANIc?(!!imMmN8l~0@EMY4d+FB( zABG>2A+%1-Kf)P3xkKLu)43YOW`{im zNCAVi-0D@MsR4M9qqFCZGj%(hwMs`u%NL?3Lhvr=Q8MXEGdq!QEW6!r4|uV7{8Ql% zi^3%+`UCa)dP8U`P2AC!HmbyfCJ|t1Z6HbNZ|>MI``GP6oo5V=7zGbe7kq$};!#m( zc3MTSCFbgvG$uIVpAig)gDhViP;mPPZuH!rl^kOJESAQ;o<-`4Mrc2s zBZ`)*D_F(tEiuHdneAn`nGYd4R%JX6wb&m0I`X>R{9a?Uvh0jfqi`~XZ{OfTEmh{+ z{6akY|_`yI|XPtYh`_j4*ajpvQvQZ-;6* z8kFfVvZO!Adt6O~hPOT6+^@ZgpzFs9Hytb)R#oxahs1abk@M-+3B!D&c5h=uOcZ?# z$Kmtsc16i*%o81txGj5U<24L>Qmnh1Y2$TE6ARY!SM{?g9M{zQ zriYdKgSxt#hgDq$BZJqHl%;Zml!cp}S4){pH;LL^t43jAw+vL~0$Al+rn9OJMz@Oc zTDO8jL>khiFW#m#C-tVEYWy}57aI{XIhtm<9o$;#p}$$$tt4WtH-Z~qKO2DzTS4U!{)?^Wvdg2}Nbqu+bw(eIL$hFR)HeNPHez&i zX{6(xrscV7uRHO2LdaOzPGCssOs#oSw`Kj8@>2L#Or^)FeWl3>Br~I|pzLwUNZ)?! zmvZIrcDK5ZOaj+T>-pYp7+An_L8`Fp8l^b-E< ztZ_ngRxm|Q0-yF&qCH8hr!Uwvodssclj)?VlAOSh51S}KGHms&x)>?!M9t6z9Xn7- z`DfwQ^NSP50=JPpU`t9WblK6EziHA<*Zm69j9A@zW;wXd&{OegLYdNcXxM(;KAJ{?hxD^ChqPK++BkQcXx;2 z&ct1Vdw|2cs&>`>w)T6f`WN)m{q)`AzQ*X94-JiX;Lc9)yVC*;p$^BQDvv$_tJ(Mv z(^Ao~nlf#{Fp=NJq1l^F*H!saBE|#76rjkw% zP+j2^t0s!44b)Dd(H|4=Nh1R29%cR@GBF$q9`)&{AHFvTZ|97kS!h_0jVdfZM#dnt z@{&vVwn*Q1#;V!607GgiN8YnMMx{ToISg~Yadfdb`yX^;>WynvG*$T*IZ;RIVT(^# zHHBmsm#p8B=RwlLLNW;8nYOf#5G$<Psh z{U4AY9cFyzYIrN4#(_Qq_EyHDo?+Fi50w0cNYe6UjMWw!>N$9m;mg*C@Q+4mO^0vq zI>o><>d*Mi7o}o#gN@%xN-V}!zz5E^@iS`o@kP9A{&D*bpPs2)Uv2BfZ;y&;3+&1_ z<1e4HP&^2I8xFwt_!eGa9g`OGI{kK5f}`->Pwuz9{T0rTh^48Wm8NVKU@+DapZ?nR zhyvfZj@%&e`F3xwxs92w7Q=qT8td6aaqLx-m+wR7^P1*5Y+0;LW9$;J!A$|iKb6Z* z3W@%=*Tiqwn5GI2sg}*Bf! z&stut9y7b~8I7y7o+&W@!=IL1qET5?8Y)1_QKe=s4PiLjT<89W$HT^v^kwdXef8=8 zD41z*lN0-;x;_ZV^zsuzHf)3%^?+oHU==_ z(J@<7AM87yrD;-^)XTCR$b3e-;bvu>czs!1Py%VJ_*Q(uQ0B+?&YpB=&y|Cw^gU4& zeK|1~QO+Bt*=R&k3SbXO2jDnFv|rnTH6szyz$ioD4dGWGL?F#G(yt(7v#YIcF00v{ z1SxGHkM)$4ki6^;;u^?U+%t+xe2NVgefT@X>{Lal>funA)txq6p!vGp3#{YHfBMYN zwA^CD=p{BVBVQ)IV{p_=#tNd9Aw8&^`G3%T9T3I3SszigbY(*5-oYDz#A?Ba?Px22 zWU$YYKzI(VKQP?|ys3NIPuJN--9Z<>@B7#B1!$=kFYqQXl zzl(O{-{p*>Goki4cOL`-&9dH*Xn%;AlDFG&Sxt`pwpcILNPgsPBS4_Tnvy}HCmYa{ zz5j7PSf;)fy9NX5w5+{^5UJYk1U)WY)_1!-w3OM`E?t2v-ySda{RQ*+Dr-T+TSXA- zvhkr?EW_n^o=^8%iJk(1^|E(*B62}xl6#6GR5*@`DL=my^ue-uA-OCHlziw|N=J1T z15`OA?6Xxu(lGS+wZVjrjY~;A7+mh=Jm3#QRTO%z%{oz9--*9DOTK=WO8I7}krP>l z(=3oLf9(HFZMOzuW&1SywFnpEwVosXAK8LAqd;=+RJ`jzeSSq$>CE(I301w@i_7_+H;Hgb@F@u=^qXFBcu+K zP^16G;G?O&%;MLS!k2X(WV!lNA;DyW|0{aZ%iY(Q@JCgBM`>k?VmQd$&>~?ya=?vjBWP2!+BS9Y_A*U;bx_p4<70Ojnw=Tk1A+yoX;_+`_5hbd@ zGhiUF?I>lb*9n})9ZQ~vLvT#!WcWBp#C@1LMTAy=qKB2*Y~luPiJ6sIwxz&C*l?sZLdE)1s1^!Ec)fm^Ckh$Uxme$2U2!TI@(|)?Y+V zP+ArT_vz6E0_`+3j-Qj%U@s6|aI3J-G!f#wayHftg9;GaY|>C{?7ArBwF$DilIE$@ z%?Aiz;&cSO6jI)B>y&XK4D%X<6-K;MWyqNUi8h}9(AkO1b_5S6GAtXB14+aXty08I z53Z!e>13?89E<{v5D;ky*3p#$J?{kqZ=wV^+Qk@5naJy5@`~~pcMQ<4m3l(y_vmJ6 zB#prP%*gT2@cNT@zSBSnMmbGbON|}|t$z9wFf^IJD0uu)h zIU(Aj#3^f<%mSd9Q7V@fi0XiaOI@jma7hM2P}uyVSdOWnx=K`a;mDiUI`5XL>-l=N zY%#}5x|5T&VlSCeKkEB+s5RqFBy=qMpKMb*a|+9wm=Zc41Cw%Ap-121qr7fj&Aalq z{QhXJbnWBy6!+>^n6;{C=I^>)WH!BL-$7H_*VIg;kOx-_w5|IaD*|ermhG>^Ep7`q zKDsU8nZTCc2gshCe&%2Rlpc>4= z-AimFUSHLIJKE&(Q}8*Ofe=o5Q=J_j)NY}&P}1yanO(WxxNE6r#sM?>1NNB5{}t9t zdpQ-RwpH@ZzJ)e|)G|Qmjgsr``DQuqth;l0*M0nxr-u;n4=BrWIb|KS^>mcTEU^PU zliTgT(xY0i;f}O6`0zHyzL-UuNhb~Y{z-`;*`eOZnc3!#$SpV|C|W*LYR)+CavaVu zjE{1*Pum{c4D`PfOqD%_{nG+2nnqR-+z?kz1sl?d7sUoBsL({}0s?uIjyXpBL=O^0 z@am??aID0$y69yBUyjqRBbrMJk#9_bwf`PvljX&KF9h1cgY_X!3(x$`{hSdoYul~Y z4vUTayQ}pIDTQ-1S2C?WP~CtjW~1^I*K;Q0!&OrU4N-DAIDGS`aoPmwF9r%ZEUXZl z4K$d%GYzbz1i6Q-_BRavMA-BN7`hV-1I0dKM5xFjjwdJ@91Yyd3~+BEcF(%*?sMRI zIzF0cOkkj6aFelsH7wnagtVNADP^zRFuGDKw0*b~^&XRN)qNIt3zy(z#fDn(uM4!O z|5hR?&HTiRV)1#S6truCnIfGI(&$jsE8$1_*z(K^)+x z&0PxL_^e#U5xer>nf?{lpKbxJE~*P&Lhe^NENEELVh<$H^Maa;-CXw9%2pH2Ydog7 z`S?J<-p?iR$9>W*OAjW!4V6L24sIhYpOYVNgGVh6-&~?|EC489kUmmKlaI$DZ_6v~ z%39OR#+Q@zEX?InOvs|~BBHk)bdgP@n5V$bq z?PEV4vdiH(vF1K}JkxlynOx#?jX$QYF9(p2FK^xZg6gZT&!P{&)Up2XEE9p6R~W zd8^oz)W@R#-*`U@Cci`*IA8g(vo)U$>9kM9FKb?{kVj_8I9G?wk_`y(_$P9I2S;AU zNJ)$_*M*u{99EJPX~GrfhHW=S_&3ToF-bMkEaTF!?7eZ?e7khtSBwvidIFImqgl7F zjbRkXS)KmW4YB!pwSD!rL^6VihDBr9hgIV(sRsvL0Y8grm7d^|pYsT|92!v49u5hG zV5%nTVp!pR=t*0L^sFEg8K23s#@z8t;j{A*FdCF#02aL-qk~fdYY#P&oS*MrRCnb# zOM`vgFb`AanPmgvh@(R%<+fLw^Qp-Hz{&qMNc#1>K-UUf0sx=~3{-wgz6K-Ni94(=RPUpSL6IPnh-U%Eb{fvpNq&|AKvnEgUo zf%@2n(y#cso?vOd{^%yU27K5R@!uFRx@OF4-xxGp2=E#jlqA6}ZwW%YOSG1~z=3Ck zXLgHYbDA3ZVVXRGdpP(xFyKgy+KWeC)|9Ayzw(k*wHueKmM8J(dC?$P7~D7ytcvjn zy$qD;(ag|2#K6<6?~Q_t*$9+gV@U)jKH994A2j&vWV6}>J}<6-7bk3qc~##S0e}~k zJ)sKH+{dk=;(1<3{08NZ0xxEu_B6;lJ_#YvL-yu)j&1O6g%7&)sQgFA*|i;hMLDVN zxTrbpeQ>0u#b)kN8v@tfp|FA;yK5Z;>e}sa@ zH^txKNI)lI{fkEKm9(HJVADxm)Z&Dppmo+1@cU5JTKf9Xt_91CuF({_JCEuyH^0-I zt!<#6gS{0vLmd8A|BTKnoUL4;=SD@k?+VwFe_svXWkb@riLYh7zSpu@=jTXR%XOO4 zV^XIH@r=8^buhiVUMF){3C$Ab<)p`kS?}{P=^EusDiNYwt9y;US?l|zbLYE!Wr_9goQ!FFv5ssP8j3a&`>$uq%CVYMiFKpK?d4t zoRNT(289SiQ%J=)yP^2L0fVu3XrTx%5gm6DkB9{o)4(SY27;@ID-p(x7n;60S@7k- zL&PA-PN5Y|$*no8DF@`)0!iUi=oDpoVH`63jx}1eOwa5(9@Kt?h5;JBDbZ&Tsup>6 zD{R1Hf`+F0PFvYZSkPirDFpOk+w;ngfblrK*D<4A0#?2ti$ZkMMtJ(%x)J2Czrm|f zcHYn;O;mkG5)u2q00gt)-VhW=JI$jb*?0} zaS#-liiE6ARv}xBmbJjuwmAm&;_sSvHj-L89)kRi;`==b)82jP?`wfUSV4#`bfg1F z%H-(aa16*zuhb1OA=wnw*F@3%yU)KP_29Uy6LYEYKH? zlhtQ6?+4~%Y{0)rpkCu260Z|uAA30t*Y>;i{B_iT@5>*LIX5MeU9Gl$Uz&)r`P_dePbiat1z#h<-_Ugr#nNS4Qd;Qv?Whwp^4i)Bu`;ppWvTv&Wj9C~#}pD5 zkX5}lDG+mIPJNA`J3Wh!jtZ;%xG+D zM@o!qu^{EstCtaNw)*LfLcsqKl1_m4T(se4>KJmC=0cG!am=g*rjJ#GZC-%3y{r=g z3VI5jY{4QC3k^n(MxKRM3mJFtlyhWYyIjHHrlIN$lqHF4B ziuEIJ@mDY^2e=QF;;xfjq_L@4G81^1OqDez4+ai&ll8uwb%+`%ne=iBl|Q(vT{_mX zeAl&qpR-+ivBvbC>z8whv~{kX)Y-XlUAvOsZoF35#q3?29b^sTqDrff65zv4^2Y zPqFnJq-;)+2`Rr=$}AP1p{*n}BViwIrD}A^yZ)svl9x&2K>46Nm1#8E`x7PIvmlTh zWaja__ri`&l7R;>ylGe4@bP=fGIPZA`!=N@?z>e9R0c-&wZ`xa3+}P=+d=!;%MD9iG=BAunmp_E zbK*r*ysHKgsdrDACP-#)LhpT-z93hpz@}Id?vD1$*J^Vk9TzuW%{-cQ_nSYm+zl=K z_9iW_FuEP&Jqvo9M{7se?jHD|JOK}C?(eip45CqI;CdStqfa%?=hGIEcD;1cnBD%p z6DQ80n+SJ%2+TmVjU_tT$> z(*9S_;x!2!8ID+<2Drtkq&*dDxFfy^vno3RC3a&&%)}qLY1Lqiuap5fc^dQIbKNa% ziFvnx?vYripskRIeYM992o#3Lj^eASK$CXWV(>JOA$py>NCwe|SuesM%>D2Y1X6mD z!m1-!F9OdBH5l&jSjAYOvYr-M(ON-+-Was<%l^#!YI_TAIVa^K8%+6>k|hC^X2viP}^@UnJD%e7)u$H|RjD;9l_wPH&UEf*Snw-h5C*#3NN>xB-im zzbpk>+7KYQ$)7rsZHA4!Q#vT{M7ba~jnRya$5L$ViIlUil$d+!5nQWb;(DLmYz)ok zqTUcx`*}r?N9xEj{&Lsem>yKEx7IAv2mlH z2Yr~NAUDYomOP%8Q z{Jj_2*K~Y5PYKOeVBeaQ2vLFQ?|aLj$l|vWi(B5u)ESbMjYI&+`@Dq4)soJgLsj!3 z^-IJ|j=i97W!B1}<$t$>YUmQsxFI~gFm*U}NC7|?b|Jb;AB~rMy=uwlI#UK%s{KeNwO#CJ9u2g7$SZoLUEKfg;_0vBo;s_S~tXyR(Ok83u2(@gNR32zH`=L zAP%YSeSkQDaladbHC#_t76GUQnC*vXIb0j?5U_qyZwk>i5|d`PSl~5Te?#3=2#%{m z2~v?-u2(^d`f*?kQJ|t6s|pDiGor6%?KHx`Q}mDfO5MVQlFK&MAGN6V)FO_C zGp*}~p+jR(=t-)AB8~*CbUpBj3}e}*d6@<`%_9*KAw-j>a$+VO>D=_4fX}iuicvGS zqxOUl9z?U$H2?m621bEUx|m1DqwK=Hc-7nw2@5J92S6PULrn+IYXDW-h>tv3$0cyQ zIKX$*w=1LFhp1zLaiXmFVf!F3+zy|nB;#Jb;5=hydOCnyS_4kyXq*9+|m z{t~qH-@gR9AA4Li34h$ga~Tgnor@DVwzJoGeY}7bm15%C(s8xCk{4VgV}M6 zvWjIEuViyEf9}vkh?9<$rAS zy6F)t|0k7r{zVT7u#ZT>7MQDYhBY3``F0uP|t(u=Hqgq(>rf49$UXpyL_>7 zP|dw%o+QJ6BW#(&{4ec4?^Gzd*1`Y6fY z-+wYgYB57Lq_0p8w<}*01?H+kh=*20btCo*u^uMm^knYDC^HYR7tGMjVTwvQZB@^^q63D-HG+ z)*{V`s8_w)5z$U zq8*HmQGo$LHa)1<8PqoNI<&crLUO->1s8pbY9zEueW*>4=stjH*ji$AH>@uYYo7FE%iQW@@ zRt;1+4t43kZuP9uixO}Uu|>}N6lUxC#)5sM4pUEm+@Gp?*u1u_I8qJsH4lT9H+!L# zqcrf4M*H`k+=bxkGlzhOTv#w{7P~C-{?xLy;J4bwe7z@?a{zGvG2L!%@M*OxtnzXh z8+7@K38TG@zHdkHq#0pQc{xB?2C5c*DOEVX3xD_SPjv^Z<=8ar?B;_WNWYR_WIPP; z4d!QW3O@1OrkC8$o7&yQvC20cmlIo#mSHbm@8Y?!8jzK?EG_kMit-RF)BHXirtQ#I zUPnK+6g%D7TA7>qKX1kOtzX%=niy;uNnd;PJqLqJTN+vTO2#YLYyOx`oc2R=`MFoW zA5BjJbGl8}(AA{-LG!nDU$RU~&7#+U%xH^aNzAC7Qx(YQ^JCwuzj!hKa>5PA5rRw)vzD*^%R>DxT>;iOI&jWsBT{~9$jtW>R=BQ2 zE}zqUn~2xh3{>z-8KEuhQI@v#G~5_FmVl5j)3)Lvtm5UovL>9qkffYuFW!4P7ViD# zt66`|{EI3g!YJa5Aqjj0^7|sUp(Byuy%F-HIZlQG%1><|L!hCv!J-9~NFCk=68Oop zChkdkseT?8be~|NGqlhx_n+NREi1ZJ!1OyEq1>|n8>q|)tI8&c61qx@qiUqZe$7Vs zRam$o;CX}_KZM6|KrQYKg0R43BD%*k4r-^!S@F1ejom%)97@Kf2uht&WV-NgAlw}R zfX$j~osr~Fgn18&{+SJ$EW`XA|Ml1<5!V#ONJZB^kr$(id-xsB1}fYXrTwV{YKYB` zIr%WBHW-YrPk~xw8gi>7gL1NqzJ#8JgqODGeqJu^6f_Eh%mYz<|3I$UCU(MC3DQLc z(s+(h)kvOf! zwuGpw$Ls40e9}&87GtI;x>o$#IMS8F=rs#}I{50`G|qZNUzUSGguWusOCwTB4>kf` zRj8CN)Z+7G|2E9xZ~UpqcPypHp^<*5735;_`SA|CSgi+lyil8?{bxkKmBT6H0~c4jymN4!hUFJ%bbQciMgvUB zl{=m^e~w;M-|!KX9W9;%AC%nJn`VaUHX%B%o1lU2nQr@#kFyVDe?4k%PY~_S8(z5V zj?AZ?aJG%}cNaQ_wDi3fBQBQ-%huXm4H-C9?j7dKX5ZV#s69zPn+w-~v zSPtM2cY4)#R(0pd>87c;zpGUOkLeefP~7^Fao2+}Kx++`Og=^r;_fzx32NVD1Gm2b zv~T%bh^MtzUH?Mg?Z@k#KT6WIlZ`3=##w?Z{+91_%dGDBD8}(K@S|C7oEPG$X5=f$ zHX4bY`BtBQYh9W1yvEDbjGeE^f1b=`ynCr&R1ExTqF94xDAq@_kXWF8y2|KQ8R#yg zoSj{^OQPPc^~xMN;exjPP4@h`RVkHPb$gQ<+gpXLb^;3Rj03%ZDD(3rj=lYSmC~`T zcNR)@Ae@owygk2S$=WYq-)?_J*e-fvUZd3tt+L0Z=$qF;nXk?k@{d&7^_;cjr%opk z+r!Vx{0aVkJ|oV?QoLq z7XfiYcoa5ohGeEtWo6~XX<2?lW$lORPW)|#*YH0TrFQfiz<-*Q6!vG=T9f(r3{cVV zX^@1NH!vI6qNcq45gQY?#i?BF8Gix?6ZLS>n0{UH%(9HT$+qX$e=M}0u(ltKZ?eK_ z(LJM6OhqB{zD2L)*JW}DTfIGA+7^1zyifeMe2oyZ1 zp$JK4YLV2KZXd%CWP(Lfz`&fQm0f|beFXSKF)}246qX&lD4vka2&Qwz4PsXOi#6KF z3?$`*n=<-@H3q+^BJ{&)`_3KQ0e!lpB&j_|uPP_)K_0#yC%)25d~=~xhH!jKx}Nh- zza2=@x^AB*h=PeiHguzfLh*?8A$ZKonGd@p;;$<>m;XP{Y<6>ml>m$Vkyumxs@4XI zKP<0;h~=*p(aa5)GUAm_bVL0O9k(RoH>z;fFu-|{tXDP@w*GgOnkd=PTsS%b+XL!Z zp8`^bcHt3}y!q~9$*lX4vSak7C60w&{MSoE?^d1GZ13@JE$?A~%MR`8tCX5DeVe;{ zEz9_A=YIdV0H^q@WFgD7YQ~FY#&tr8@L=xs8_L(Tj^fK4-L%!BRs#amIo}+&Fu^*z zgur+A%n`ILYY#B|tYN|4$`qv1=M-^am``lP})Mw)duZbNgm^%FhbU8K&B zI2O<;fOrmxzUA)Yd#okq#qaEz)<)VUHnLd7t{sB6$D9Szq1txcQ@g&QM!UbQy*7)nNKKfWz>ytQRlZnW+mA6b$IqKh*XmltQITIZ`gN);jQ>$o78(uvr21jKwAZEXZcG% z{0nrc4t6c?&rNh4w(jd95+PeP3|u&9$bg)cgZPboGI%i*=|X9VPu4-yCyhZ?i-t$K z4!(u${1vDRILAmSm;C7_m!QTIe`kULE98b2o@Rzw26;ilSI6A`4DXd3VoZ?;u9y;C zB!H`pt#C+HfsOF^XA(bw6s(>WdS~hc03M0*Zty%vYPVC+pLRhxDo*ae3+lAZf2f5~ zts*v$eL(NZG}R9lfZoCmB54+CmvWxa^Jeg7E(jIzf)GE9E6188H*XCT96+uI5U0Rr zvCZZgsS!jpBP3xJR6tu%vcRcBPs`sak(p>Yx546#WgSvzgL5{!j$^i*)Jw9)dilqg zki`zWDsvi$i-#bS2#g86pUTX-735LBl#>HD*AKVY%Y_ zhc<)F+doxSHEav?tXc%zV)h@_hp>XW9;W%PR#5|J|HtzYGa;)<;N_mycQYtuYhm!#jrE(j{-{R2P`oi$^h3~O|R-}~hEcH(af`@jBPG3*C9x(J4z``elvt@ExQXL|O(04082$)5eTO za{1a-BU@R(%RO9@-XeF}-5q@^_ANzrG!UNu{sR@y4)QmM{Bxc3_aOgE2k`OrC|3Y= zYGFnyme_hTlVV%h^6FyU{3?N@1EaW6=!f-Shu}!Rp6yne|JBt+nQdyXciWd!&f(&? zYOPSjf8oCfPH}|Z;(#79VfyzX#{U+hZFW248D*Dm;)9Yxh<;9Su{Zj(X*nbGX162m zJxcc5uVScaap|%d)$b(4eSA0{<)2Cs9KMP56scPTA^IMt{l%&S+a02BD6|S@+-2_Q z6F*-|4{p4M0crlZfp71>)efPaxOk_4j@FayEw>Gpp6z9~m+of)q2GRbI{E2_l?ooU zpfk*wr9;!>MXB_N+wiLrh;{iC1}z-dg2=u|Ff)5=KWwz!}(V z=(%V|m;+mnA2^;Gia}6xFlKU}w`?=Q7C_e2olT@2CI@>)_)|<3@z`$Zw}z&+Hh!Q` zJJWOq+u$o0{RDpeaxn=FQ;7&o*UmLvopJ*4&aXbc_O5V<)iSpOcqXk`8wPtU7f%l7 zJh1W@M?o&N;i~33W^>unA5HH4@g1WbO4MZ^G(>AbhBuRbKywDCU1|++S}^eV90-~Ye!pJ)}>;IgJ{Z&15d;O%djJ3 zTC(K&P$!I5Qy8Ih&k8}4qCW)jjJkZKUT5QKDE>gl*{H>t6k!0d8t>7Gth80tECb)$ zG|ZU610+Xe3N%EmYqZ;QI1qQ+lf<&r7vXm%USDDOFH_Wj>rML?a{zzqugMU&naxsP z_;vifN9gqiE$8cxGT-sLp*Ht!E`FW9EH|n}($*@4nMu(mg4*LsFbPLh!vW~oCcxM( zdiEIsmP7H1sE6fP!MlfACdj0tq`qg03d?Z5EMTF1*y+k=g{7G8G_v!&I@QjIZ)77N zjXNT};I6vi-`hUVb#@}N9A^A@?xoDY0K3*EGevgTW-p&qbK&s4=-IVM$!p=`I{>tZ z!uLNRK}QRgL`$w)&B^LuFHm=Gy~S0f?!NIWOD00-0boCuLICSSd7-KVOd4!`HlyjP z_N^HO9xSR$-?{uvU{OnwPgSv(xbVvFz|w4B-Kt+!F4w^58xp>dBYE7H1;w<>*8d7Q z+R;}p0DB|PD{E~_gu?%^a7`KT&_1J`72{T!ue-$H@*6BIvJeb22=ixTPTzi$fk%Zk z52uIioa|DnA7c=fQj1dZjT(){gg=90>9>z^{*6d7082!~S5JwAWCpz)F(nR}F@hsM z=O0F&zt_ei)M40tdmH*d6F3MwB@vcDYL-3t80^|?JsnLCmPpEE7p@8Ot9xh|czFUj zfU`3Y+9#z-Hkr#N=Y1T_+(Xsp)9YiwtE^k3AZ*;>ciYu#R8ALeg3hI5or$jrmT$sX zhd(Y@50{hHr%?-6L3ah}AFaKsrGC=Vt9 zOv4Ad-cN#WSq~2!&l@{GpyQ1S&y!8o#|LFZ;KUU9INxK|(PgmBCJ(`u!767+r0cCp z*aG6~r?R)|He=sT(i?*yVRex!k`I~bh@s7oR>|NK+npRzsHy&@LH9=uC7Jc?%)@1r z-_IjWxj?Ke=&UuT;%9~PA(PSDgn51hJZ?eB#&z}F{gafi*evOEHS{aj_2c$)ZVDPP zLJGHJHL$xfnF+T1m)9Ry4{P!0)%_?iBVl zIFtKvZlzCMA*-6Joryo{-`iVGS0d|Hp-!!l+C#2kZZY)vPeT1bm{REF4X`r}my!b2 z&aygZ|Lxl6x<~baFPzcRCs+i;Q%dyZ96G5# za%La zRiiyVC_cXH?Llpz2$qyYT7WAHt&s_g;z2BDv1gda`~^ya-4)|vYPS`qr4OA9Iw}2YyC5o1O(B+z_E-dnMgn@??f%VbSw> z_a??Q7Yd}!=7hi_`+-&hhZ5V?FB0td& zQ?6meA-j>j$|nN+HA;O5l}0@jRs}aZg>O@jS+IuY!q>C5$}|(AB-0N6fcE&bR?p?&!(X*5Rs#GOZx8#6?PkG3K~8Yf|wM7<)}WnCkMSi;#fCf2j4Zv$s(DqEK4|e z86FZ+e;d1}H10FtT7cbCgjI0ka;K`~>qQmeJ*28~1l7s=k2(1+bW~UODI#RK&LRx# z^s$daQeO#tWT78mrwPt_Q1vL&xW6uTCD<7b%~MXUbLNn|G$ZM1ROE+bD8e!U+BKn= zX#a$TcO837Ei4xYIGM#gL(E`}6a5wT&{6P*>rJTT;gN@9vd9(n=%Q!H3)uLKqmnWA z2;vk&V*c?o-}+(|)(h;`G0BFh&ktbCyLekK!_uRWW9m!GlY#%D_UcrIfWGB>Jyj(s z;kw_JbDTr*BF9ae1LP^=)6N&&6z20pyuv3H$a;z@R-vd1#6Jb1Q>lQT&3nyUT zipC)+lR(Q!%`q+2ZPyL9v&@;M0GLm3Uqi^!w)_Ji`_l+e@tZQ8k8?->0#bB8ehpyo zyj<)lri#?ftl|hvyVLJxcyGULA?{)|JxlSy%BkQ?E>l2o(9CuX`oApX=Q-U%C$q)@ zjjGr*UT1Z1(1OmlJ|-VeTUiQVD(L_B_47Y#EL|e-0|ruS?#T$Pp7%j&r=H4HdnY#3 zkppjxQGAE3L(ISd*&qHrd4RBx8;T`#8l@XuN(!m+nwzYnjT?fNPKIkmYnjru$JvYT#D`w-M?KocwmgmkBacuau_kVL(VbBe|52b z1+MVBi4R~ZBOKpD+t9d-$LOo(Ixz4S=?TTs1|1d^>N#5{)KbEt>Tz-lQ(>9uUq=_1 zD8=^Z%_J`XO^tCasc_Jjg{v8bF?l*DgO(V?UAtzqO5Adz1?oY-EePy zW5dptRnP-z&4w9QHi}6%8ji^e;*xu9ru*}qD>80m*<_`a<%Og&BIw5f%X@b%RoxI~jD3qn{_vDKg<2gM>#Oz|PR)wfX}``8cJw zsgM_$ZDE%?=C8m#i5`!%7k;TsT!s7~S`2=@6Q`KL-aH9t)G8|FiLRJjh@#ZrBHO9w zt|CQEzW>i-s8tzaq7?xCaz}ks8igD6bhpY$%-YP&D`DaLg6+Z2>^bONb_!%Dk$b`5 z$kU`;#6T?gM+?ML9$ESjj4>u$gs>=I9y!km8VJRLwVKX-l=}a@Q29TVOa?B5 zqsqxn+h1}AGm1|ugSyIDM#Vss)HG_5z{Fd;N|sPl06c5x#g`j<;Aad5Ntk$4Fm*;C z)(Zyi5gNO@y1F=%7%n=8bTB>?*As4HMB+Oh8=HyuDk!HiuYqupPavWSu02)-s&HaA zv0B6r>yVCVFA-RvJId$hHgH;`Ekwc9fOil|1K>w*psjqY<6;0#ki+Wom2IU zAz4fGCiW9h6#WAi*>s+fXY43QM!Jqy@XhTp7lX8g6^*j!VVF+16#1ur1JM&b`MnpG zOh)L7>r%=aj~_?CDvYBDue8)BDz>;yu>_nDoMr~VekeR;j#8z?C#^hM1!qmT$Gtnb zcFv%om~2cs4oes_Dw-}Q5oJv?J{R$AzARCy{r_zbqY##5xp^8Z|2Mgc{+Gmpz(jAhGzlpiX=zrf_QT03o9ZZUMH_? zQsk7_?DGbp-jLy(W=eG8szV`;qrgbH6Te?P_!K6^05ezHhPV|g{+3a+7l=q7bc05$ z>2-PhWDX?`KB^_bNBRPdF>aV}yCL;SbGR(m0RLR79XzkGR|uP3SF}A*O|7UF&K@2mhbS{F8D>aE z9(l@?Ox#RvBuzenx%gkCyAz*7K17zWH{i(_#vk2XIsCMxJ!B7V!QE7tX>mVNh3>!q zI(_&&?PG-Cp)&s{VT%o;^8)$RqkC}A0s(_Xt>I(=Xw%n_DlEeBbAchWu%@x=#FRMf zS)>~RV{VZ)(&8usIuN39Eks4M9asS4xEcDP!h(!Mc=GdpKXI=y$o52)4+=OR8Debl zoqepSjXW|^#)uyg6{!`k#yX~E#)|`BySQoyey(>`bH<`-DkRv_Ey%&7ihRtBCO$h4 zb??$4r$5!2q9I7jv>sRJR_`c*$TlYQ)kQW`;cU|8sEmD3?4-Aa=aD>_PpAs5STsd0 zeeU)#yxg2S<|kjpK%G~6TSQk*EdHrUWU4up>9v>xOR;!Iyq!c$i{q;u=fYV=L*`ex zOk^D>-W&X*S=!P${F#)Wy(MZ=wo8TARIc$pL z^2@1?PyiV+e{ti9;E&7*c4$TOV$`%;3_0ehhsM!VsmqcSmE#aoW6C43@c9PcrR9>* zIkhju_~K^&%yFBxXh#1x+b9r@2^qp(tdG|T7TP|dEAi{%R8rr%gm`AClLiJZMPK}o zCdwm6{zrx94_;6L`h6WT0`WiYe{AAnMWN}&#JN0Dn=UuV&SaDqPO5vM14OMwRbaHD zvTivRyn$XBWqQfD>qmjXpnkVGAcjE9_L=%!w!d3BPu&+An(`c6zi-dDLF(&b^ z(*4XOV`I{R&$xx%;Ol+AGUF)>V3JwWVd_b|x(!)Z=+Ngmk>*Hj{4V$@1ua+++QZct z)Gh`CTHqKH!2QN%<5JAi`r#KyR_2t_VYG3RL}1O-1hdRwDo|PPdWw`4wWcca{0MA| z&0L2u)~D&hNQluNR2A;68|V!v*aW0z@>wY;c^o_J5Mmv1$?^7DuSgF}UZj=&Vi9pj zhnXn`r7S4Y#>|er!@DKEF-wB*M3dyla>UGI$`b=)Hp-(fEk>`S-lw#L4=3^F=`?9q zul``Fcn%>b&MCAY-thb~(-9K}{H8pK$N7J_Apf6p=j(*hB7l;TV$c*rV|#Kvh;6$X z5aizy)*e5pVoejq%xECLD@GK?=V8?NB6(Oae zkE8w~XyTXH4IzTdkNs)!5sd2RZKJ<2&V!Np-TX# z6l$nQU^@Ly!9)2EAeAifmViV3;*N?9pUEMbOF}&-+1Dj-a34S(rXrPBO#k!4h2f;3 zvCQnJkdaTQbvnH|`vCQ#@&ya4#CQ6#K^T6MXfjH62FkbnU({+YhK)g5Jh7ZXmSZ6l z-IwGol977j?*lYGKE`4rIi&>u_W1A|KPgx$DFP^vAch?D0!LMd-*xLv!rbytMx25a zZP5R(5AnZO3qg`!HNjWN_4Fa5@1vp@rP>=H+SjAUtbl~HM48)*>ta7Ydvc{tGkoO zD5XDGI)tOhZ~;ZH5@LL@GvXIbexXRL=XGo;Q85Urgk^DwtEP{yFf$uaNl~>5DtN%+ z>Tt1GQr!EjNWI85!>JF(TQcrsfffuS0eq+ z6ykBo>Bck=W2-qN1B5JjrP(|Xt)Yye$-Tf@gz@*OU$I{V*|CeHJbU{-xVjB9g8K7^ z$5o-e0_I;ksbl!z@-ob^v<#YU>*F)%qg<=BbJ_1L!!H$&Mp*LK2qy`70d-to)1wYnwvz|4nuWpy^?!nUbz^bg;BDl}^Sv~- zVXJ0OC(bM{`l0xJv8Z{|ly4UHSj}teoMXqmw(~1WK;jLz zk7Y)u_qRZE>P&ERlu1}VS>Y7CdN$T^3BP){e$RbTw z;Er&L)i6+toze^D;}UDVg-OIBYZ;`zZ$5ybm>f#aY-Y4>Zm242g@I6N<{{)GQNr@&efw^&*wZ~OTU zS6&&KZd}rwUL6o*$AKi(hheGm#fUWkSxgmgU_0O(PMS*ANOQ=oypoZIc`_Q9X1G{a@bE1V#;P_)DR*m|i|(Z9T{$vE2cx`Ap3eCsuZaUf_RQaaJR5H!_#`A`Ib_O{)?s~;b*4I6@6>+7Jo z;CT`Q842Wn@n^Pzzr3FX004YW*I5GWpMcj?Ht!a^8{*!6I~HATfKj+_S;M2Sl|$|N zeN8llw=IMQ7((pGbv*Pp8Vu`*oLE}8(u>k=?fCQ$*0{@NrIJSZ5_%B|ue0L z9eQCs!Y?B}{mz5I6Ed1{lR*59Is2%^$(^o<)whB~J&0ffWzJvG02Ysxl%qD2#qaWo2t~R$b`&}jp< z+0cBsAU@k)L6iW(mw<2!xg+@LHfgZXz#vBaM9w?q1a#ju^==!tNcPWekoTNEC?=j% z)HgWx_{n&uuE=2YhH8`KpY0SR0g3kKpk4#&JYR`%CF*zMN;eHD%dYH*p8n0#>?Ub3 z&Bd7kUwZMB3u!TwryB0uv42h6{RsPXvEmwj7qBn*GuXOIrO;egXhQ)1rW*G+-6C-j zF~4((`l&5rzCcGbr#MTHj}j-(ent&CgCp?s0yQsqs6PJoH)9=%SZ6iWXdNSOUFL=D zwMdj(yji~X*05BSE6+Z~DU4Pkj}F#(E;y^7UAcwCTqDX)j!|-Z10wPunv5j;c5?MR zml?zRJqvX8V%x-=>Gxtn9tqn#Bo=v3;^sXgvUIjXmJl>Yo0@pINtaCjwUP~ za6glP^7!&(t4o~yaqxylSZ60N|15EF>b$M+1W%q;j}M55)E3~7RqoCo@toXt@9ZuhBc(r$%*du>EA3HomPO~GNUm?9p&aR5qoL#;*)6AKBN8iHKeP`-B{_xt!?kYg5 zxxFV7yIC!BX=x&8*6|F;9%fXo*ESDzT5#CI`)Y4x2Sf5YVW4wmxUzY93chyN>R)A& zKvL@0q*dR_6zZm8%Tg75AC5{^jamAh!w|hj7IP)eg1RWc2a;$(6f8)^wSj~kiw}}L zeCBa!0Yaxv#L>)FR!<1MCY5CUmY0h^>FKeFoP<-PvUx$$7nSuh-JVoD!JD@akR+wI zib7r?-&zK)F-4BU%{6_05&L61iAt$JcSi?#?}w*SxC@IrZA^@)HQx__jMP^&x+z)T zGRyba=X~w^O-S84AO&>1dk$d$!|!KcQ<>D1!;9Ix@#3 z$Hc7+e*t=YOd7r>6Rq{AMr3|TZpW|7q>v!I(IAmyWufP{0om#Q><(En)$8T)&6RV% z2U~_}xk#HK3-~9@ zz)bVvobbqZS84l>Tbx+>r9|{Iui_4Va=)1lT;9wQ__ppj-VG|I#qhDiss-RB`QHQ% zIW$%2EY1%$cr1O@ak;dl2$Bw+e-7Ju(tmcv{n&T!n&Rv;17Cx8np4x_d-%R(JeOvX zKi}5ggp)jfO`#X>snCn^BDV3l5V9zfLtr>JjvNL#jeS$s`Y)pEzD4f zei|KCA-(I*U(vSX53R7hBh#Fsdk8`dd%i%@amRSHxBd9}u+m(x{H{(^U>8_!nt2)U zGZ=$h#m(*bB`+|1^x*i6Nj!n$)ZJ%b*{ps#A_A5BjPbCb6E9JKr#@s|#I&7Q>{(QF zOfbnN6&hY*!YFQ7@=1BjD5cr}ixmfJbPK}!BEirzt3x^LNy#J0E`i|hyozqjw8G>Y zQYI>A3eKd2FB=hPP(kBpp5RmB{vzbw9UlU6x8fKNGep054?5Xu(2n2&&+L!wpjcX1 zLo6D7hT2H1um#LJ*c?$dyy{X37qG+AWG7dWbYa1OF9j=I`y}$VNA#2|pcALM`1#<~ z=?t^(*K~-hDvV@BD!o#+Q4|LpbHze?400iJY2-nqXi+73P$Ili7gv#!){Vk?u%QA4 zKBq56tzTW`1$5=OUgMxvVAE4fhLNDK*HnGAu@>c0qLh_w3(>?b@P*a5$@Y!awB{(s znsoq*se=!!qCkv?DAU?bIcqCkQk4+^~_)u*28!@8FA5~W7r&W&d-sjzy|5l!rEo?DndYdftT0CZ*&QkHbm3 zbvwQ>t=QB!<4Z|*`|`(z21X*^QtAARV0;U0vR%O?{wN#mJ?* z7P*&PdBbZ@6zc27C>YN}Nh2Chn#djgBbxqR(89&(c#ZjoJA8jw_{*|;H9o9?RD3CO zD6+*bLIDNlawy&Ik!M&>*w2W9q=oBd@|ag!5?31s1AB9g1#MWiJ!nvpKjWeB9g*Bd zpZe{41Ob_4Yk#AXNrRh#*DI#}?14E(eW8TOO@!(4K_J=#E(5xv zoC4%-W_!XV3k4~{IcCC-2~#hc@LV)F&_)(J_)%Xg)6I>1=`V7S)8{*;Mb{{_Bvm| z4iO!7k&;o0)}&4umSxsld&A1%8*i6l^|?QJAdFo_o|rV@*oN37$G8}02gX*Q9dWSj z#$lo{{~=1wFR@eqFdAV@KnvGeMliyVf#6+JLLZ~dcp`?ULT4}lyd{m!-B2CKHa=7= z%OjjC@0-uu>zsVpm~F2PJ<>Zgy6GbLG+$p>B#Z9Lv9( zO8`cAZJkmfx8RG%S|CW_#YenD6iFDyJ&seQUKbNxWsa$$Cm|d`rHxbf0reEZdhL@J z=A?hN5G8D-mxLF)+o_R($!7atA7guZ?2}7Yt#R)HS@pa^N9o=X6;ZFE@J7b~QE!D4U@gJ8tw)Hyb zaB3^qSbX$aVGUp$Iqt1svNLf3fM2)(1WLghWAUG2DDdWv{>XjzHt}!_?h1S4o0m9U z!wVyN%H@KWtq>M`sKb0mxoMlj7ys$}|judf3enQ729WthBn zKJAefBqTE9oh0G|h~D_dEkEbs<2?E7Y;`vCdU8(>4HqL!wq_|y3RVP`BQxqPsUb*> zwD%w*OZ0eog)X2eaUM*IRW!t?p%j_5C_-yVnvMtHwGd%cGNHjp6!JtC&3miR4cmqdoKt(34l{-Oi{0QF=gqUvo41l=$lUr6o?!2EC zmB)q_$mGu;-ow}RLd6u>I6(tJ$eH&erJj$hj4ZheT^{x7&sTs)>*NJ>jtv31Cr|Ep zZw+Ah?{$1?g`4D`(|wgM+zqVz{6kG!3w&VbpLF$U}=!4RAgKKZ4O!AMm`000}XmK=y&r=qI zTM&5VyfABo`?_E5Q@kVBFh!>%fTl?S{Ecl!))A7G(U(!7Djl(W6xHmq({hVk zlKe*)1*6F$WKAy)dMi9j5?vTkv{Ww!LD9*A06yW4N3`_xz~2;9^6SNL1Pr(3*V4al zKsKnum46}Nc*HpHy&BxlW)biW{RjBMwKxuZeWMS#dkutZtdZKNx58hlY&<-90azdz z3Bp@29ea2UZ-NYrxVyHj7K$bwf)|b=$KD6TTpK0`{B(Rt$^iG~5((Y&*Yc3-^&$q= zO&O94*QjWq)pAuwNF#5|R?JTI9*OvM&eUn`SI9Bl1mnG215Okd+qYU>N=iwSFt?5~ zx{t5>f|BuW61GT< zap@3w72F!7!cLiQxuXH9qFHxM;ph<~5y?#S4pD;K0blHp9X^WaUGfkpg(wWaEhZHR z(@4VzElxkMT{?!rV(Bn`#H1&pxXbVg(-{t*6XMTMzevp5%%HGgaUY|qq2(R*~wIZWTHGwIR&d^ z#ZO-x%j-t!WV9O9Zsw4}h@5=f$hnoQNP=;>#=+DKOk%*a9S1(n{(6$wf``Uf$|a}r#&RXoD;S+*Vnv8$VS!WywnvUUQbol~4Vs+AIpvWRcXIwW3hsyMZBISecQk=Z6O=o^VT9!oUap zf~|a{%L2FEscU2a-qj4Bg-hAbhWQY15TcnTaMO zKvp8K4@P>=_eR~f-tX>ke6+P%4UuJs!fjaez$1JK<5 zc3iQM2Ijv<_2UR-M!R8Owj;GLMWf@89T!!SCmdzw)_hRL)lMKlmu}DV+_s?kPWcTPrYmOb~={pIWh!??^GYImX<${<{}|_0#oA z+CdHsWS`KgvCY{@Vgu}c?ZS}ThV0zGCt>0wPsGgYswJb3yT=n9!@X-^;$m^etXzW_ z{JU^j9!AKfPxQ_Ft-M19A+J95$t~d^^QRG<8B-sTjW{;B7@1&Ko>vG=o8ZKFDRmc| z514mHmVU{h#R&t$s+z)#&lf3&{5;ur8Kt2JJoFz239;4&5h0Ug7jDtE)EG@!(eqB? zeeT?Ne)^&zUX<=ryZ;5(qLO<-Z;l*&L%K2nOP(i(-%j8OIC5J@cxny`&&i#^W&an- z#+~>BvB7Sb2p|5AoNV{}p@%Vl#Y-zmWG*J~SnJNQS*`T0u6e2Q?%`B!J>*#TW z33wCL%XPcmfkU!5z@8eFO|n<$PuU)~;cmQkyLxlo{L;`g{}pwSvOsV^qU$f9l>KN8 zA=>?j?c<#0cEs&JDR}*V-c!|u#?`i9#72<98@!-mB2Y;7)Z)8vEjV#@GDmK@W$u2O z?fGC;*;IZ~q@Y{&%7g?Ahx^`vY}uXxCoS$lYt1M24K(hB4!!fv|MtF|xxqc?Bx^4EAP&4XMN%2lOD|qynh;VmCEI3k zCsRq$Kr|d9U&xtyGE8C0J6O<`&8(&|6-&bcv;TMe?EfTlL;dJzHQY_AzN!B^I{tsK z!1xKp#cTiV;J=_Z{(i)45zbs>3DmLb{hy5IU$4u}jsKrr`d6Pr{Q&U(FaG{!_J7>} zsAyr-f8Fi>j@M=!yx!4Iy7YtWf3N)8pJHI$CH)`L_;=k%7l2c`TUg~Ui2v27{g0dB z!ngcC{nusw|04Y5o0kdJpQgAbpuarr|0U)6pIW^iMg+`*-l42&$eWoGFC@7!2N3Vw zR`v|Cmi5gxn5)nzC>prS|0N;+AF+m(N=xLfPOMZI*h+o{CFy}8nQlv=dkXDTKoN_g z=Z>j#9lMt==h~VlT#Tn&3{OaZ>Ye|Hxz>io)D|1)|J(WW_x(1C@K>^Ru*{_}CP+!; zd%>(--?axhzXOZ;S;4Tsl<1F-JL!LJOdt){R$il?8>gNwb=9-3{BB>r(3}(2K}^S^ zq|;Ip@TNZMUsW^y=jIFS0CMd)64zZcZ(C&N6ofj^~nHmGpz34Fs{o6^lonJej?fdGbW_B zP%-gq_C2)#FNdX4 zd=BFuUc!eOh?N?I%sY0@(1s@`wPT<72Hce%MC!H<^YbrlZ}jL~9Z2Hd?y(KFwA}Z! zSDu>5e2=7VutjYTon(O49!SoOT)uFWHl)8_OS1B&P>ghDK4>s7;D*}zmGm3@O=&z(b^2IS3rno? zM$MPcL;w!CPZ+eX3T-ByiF`u2%s9H7eH`n&JQJ_#p5$;%DHD{wRC@Uj7L@$$U#q;( z>LLyjt|zApH>q^gi7#(Ao;7i!+ONQP{SaS$H0RO&l8Pl1O4*ZK0BPt(DYOy#bkQU0=iZ z_DHMUSnWs%xDmJ?%~lA1NAMY0G)CjK2PTdm81{a4T87|Ew}+fvK%0$ga*;+k|FOXh zb&U8?V;5KdvEK=Wx}kplMblBZyq>7ZoGVl5^YRbOpjfYItHH)8Ref$SNFlU}-N0t5 ze(~3~q!0fgG|{0Ozy(becH+%tSp4nZP%ro8@)YLcByL}C(2Wm@ew8^no09V%sT>o@kI{uPPTUsmKQrwf0a}INMWMYIO*fnjpJqb z;VNhbwY{q?8lGNTAU!ZsU)LZ!(MEp}tN*qJK}&3@20AmzIo$5&-W<}EEskfX<4|1{ z?`miE^=F4t3DD`gzrlWc@LJ=8t81&vz9BiUQ*_e5uogdZU;ZZc_Pt9>(V6l8J_Mm5 z4JHPIY(VcNvNSWa7;s+NIw99mPI5V)s?TnXkO;j#zhHmoU)P<+x^%T28QV6EEp*bH zDzZNb)z$YLk7ka^p`!F7zS<>#0GkOkSK^^}qMWilv9*BH>~{IL;m_X(JQ?xi+m1^s zMShQE!)-xZt1gHWj&BMp-+{YW|{YI46JA1vT19+8mq1y=dH zna_o9+P;hsn|>2r6F=I%l`zQ&j`_>j84Zna}q?=iXW1ua;a(sLsB z`BY^<*UlXThVF0uF&gU7csrEBcZbLJ*}5{udGxCe3ZaH&wOu=@(lU9{gOHEuDC?2*0 z3E1s*0^|yM2s=b4+v1WX?WNn&irEIaYKvQKY%Y546T1U32#H#(cc@TbZ`u8%vP`l|F%^GmqjokO3 zPV~EBFjc*9eh-_ZogAjphvHvt*AH4gy%9d&?Tw52!7IqtDoerz{{mr!c1wRvjhDEJ ziPK{9R9eqjr_7}R+V(nf&g_oLL9&|waILHQWq=!$_;cykEu9Dn#DgVa)l_-fh2nF? z)lOEaefMOtfTY;~qwJ6mtT<{f6FTRka%B{{-B{Q%f+DXJiTNhk?>)U;be3GTc@FIi zCA68#FUUVF&5uK9!`WJl5c?IsQ|#AiV-dU3ZxmlSp|qb@G3=h6L0p6-sEQmSolQ4b zAU6Jt;lFs(f&QdH<#bZ{eSOl}jC6x}iTR_{O#F+~T_CQj2r@IdG1oJ%lkqXmPQDR#c4rP@?Cu~RVc=#WF4#hN8`-;8aeqvNrsS~0asEl3 zs@L((sCWRQ@A$s1x>ZFjs)i!hnn;6OIf3&(D*}v+|4c!SkO?4qD6jPEyUe0y_L6SW z&t}n^2q%Pw!th+^@V@+EyL*xmNoDX{kjVaVhViAqonQc;m#mB$=JEA<4sdQv%uGap z)&P*J_^Nodd%sTZ9|uKdJGi7uw`C+_3^bH8*29>Yq zOz#aVF3DVLtVI9^)9O_tC^~j>n!N6A*u&5nEzK@-G;_aTC8gLF8INfA8c-BrgRBq@ zGTs=p+wz~Axuostqc9FzA0Izh;eh~emtnP&G4Nl2S6QTfx30f?@`dH5WMu%qsM+6J+d&T@z zd*?9~xnJ}xl7K&x`ph;LI>X|H@aRZW0}X?b+A*u$_3cyoKiCVMoKiGs*?1w1(iHV{ z*64+3{eTcx7KtC6?Lb8Gh(PJrN-DZR&(~oumAOk^r@=h1BJco^{ionqSfg!K+_iwMQjo0=ve?CptmVzVmtX znr>D=IjwcCA(lsWu+H3WVI0YRwlE?+RV9_gXY*vJ~RX zthTKbIfZQOh$7M>K4CIGKr2s^52%BANKhOj%V@?pR&!#~8lYDo4yNo1s%pT5m`|?HZ~t9+x;NRicnUGeq?V=MRme~nDY|Z3JD2MD zRW1V6&co6zn#Yu_>R|9owXG>fe&njMRPhWdDDnuPzeMOn;bD}BN7O;XmHw=(cXG4p_P_j{!f>8 z(jqFS{7`4F4!OD!yIhT;!|^%m5OArbX$?3?+ID$W=w?&I{K{v>1`^r?_k7(|h$!4p zX}~ZY{)#fR=#**>C$yS#r`q$xULiQj`OR}&LS_;oUWE|C=e#PlvC~n(G)t~cU=52v z8IGGE-}Zh;Ps{EEL)dKDb-nkL<} zb_dA&A8m&~j6B$Aau^Dx**Cy-VITP`^S(_%#d1Ppe}zpnzjrQrHcO&FI~Ez)U_XF^ zL%np-D{AvZ#Pt-t)8mP8`WTJr8-rG?w$EYJug0>^>i07KsV_8|LuO_P#!OmuQHVD3 zy}SJM6gUmxMA1*YD(Q_xbpWT%oO+~DkS4mgs-Yl?m?W1N>hdsmZc}RiJ55l*^=Gh1 z8^2{{Aus~5DKFn$8AixA`)A!ZIcd+;)coQd(pk1_%Y>gxb{<8|nFjdES28!#F)rue z?dUwz4{7mEYd|qR^N+by6V;QZ0`i=h;xeC!rs>vt{0)!)$x28Sd9#-M>Ga?dShN@N zTAfX&eLI$!@K)^!3&fgn?pL1(UFvrhRLCri;G0V9()-RgYn7XLr_(JTGeqrrfBf`=AlLCf1G-Voq_c z^p{Ou?t^DceXadUp)Ba@(qVa94xnO?t93r9namrV7Y>t}tf(TjG{Cx)6D%Ce)X~^6 zaR85{Q0-XCv|Q2;gOLiUMCmeFG)R(<{jr4FC_g7*}q1qZBaiAbM~ zLY6F*{CXsb?gM?ub> zkoM~W*%xV9FPkGuzOt}pm(iT=d?QO7Q4b-)Bj+}+i%BJ@m)?^xt3b25HmvDre_a|# zl30sshCc4!gm znb99gSNNf#H^bR!f8EM2rpET{dLR*aw|i(3Ks}}kAuqE`x8^XvC6Rt{g#W5j z1J&+x`5yCJIfd}Sn}#yzcPJa=O?@BWAA=Pxtk4XFXj!}%W1V@7&}c1st^K*Mt*zBh zASF_OuQ~xkyN?XFQL6HLy)Alr6xsRS&E$S>74$(^OutfT+z3WLF1g=Qt6p@#fnQhm znWP_nvbG{BcfmPYpUrp|F?d|>1szWAxMID?YvH=xn|ekj_O{lPIH!mzDJz% zIZw1`?8-DDzoB8{07}1yI<)?cVJr5eB36=?9u6Ho07agio{I*#CZ{q3D`??E4yUol ziDb~xjcAJNwPzYh+7ln$v;Rv(<#4z|XRHB`7z*_Ce~dc_8AhU@Ff}>O;#uTMDiTT5*7a~i_5_>ug!2IH!4T^y)5f;A)%$ZYW zay+Z4gy$Te8t=-)yex}apX%qzO7of&O632!x9?|gV@a~mn6OACf{@?a%BaiaOUYq7a8e&HGf>=>R+j8leABADkm+A%&&+s&bBlthWlgQn15<; zlr8BOre$-nZ<-NSE)`X#-oQ&FCBwDjqX*;($mLmUW|f)s*{PxgeXYUxu=y+Zn~>kW zWJ0d%p-2o6*=OwbPr!;7Xs;S=I{uNb#=d7D&9%k*_2tNZ>Q+3~Y)5wV)>2jO%;5sm z$p>Xnx}xkhcjlMrXMTs(0-b|Xi{VQB$tzo%(x-BiavUQEJS9#(%{;?!c+io;u_DA1=k;z;(Z8Kx+G+0oCpecc|Y7d%+c70R+U_|0dnIVg*(jL{qN zj4DiKB1($n8v=649)*2ex`H2+0}j+_khE<{iK_!6y0QxqoLp6s@}tCj%%)W_si9BD zg>g_9>s~$-yV`&1T|qy*kZk}g#MT@-aF5zWrtii;6#)`l)xaa8bJwn;UR{0({^rXe zWGycjk+{isxFL^=uPebeZ?@MzXDqc}PSx#5I72Or9)$~wsFm)@#1B6j`S#@jPZxoV z-G*}}ADQE~@?I0)S>6Nk1a&@{L$Gh}q4OAmPq(MpVh+84ud^6WT* zn25$5FmaXh%E&9kmA`p&nG-26EiK?>zPk~8S6pxuL$iekOQx@%1I(oy&VZ#T<_^j8DKQIw2j6E7!-dV3FTAE8Ha- z8R3E%7#Wn;)mc5TxOo#;6d{?`;|Jyp!?=tB_X(3-^n-@Bn%>|&rbAgnrg9UCzd_4C zX$$Gxgy5#&+#;Fi=+JjM{_WK?t;`S0`k++gsB$bQJl##P-!mCdj&-`6lSo2KKn*_% zt*gk!rPJ%Tp@GjVyED$L5?YLWV#w4oAlpXyY_KiZu%CVMBTJf4iYMnO^*5mF_ee;c zoRPT-0CzhwPM=UY`0wAvzW}Lq4!YaM)>z@L6IygeN=o44HgJeYGX4 zpd^$%kJsdYF)ZA%=m`fyuE@R(|6nC~bmnBuW-oXc@m|aUFSJ_)9*0{j2E*K`W(+0OmqPA+x{At! zZV@8OwiGVIy3g{AAkD%KatokSK~?}yR7?ymp%(Tfv)ygGXpwwUnf88DsOsH!?0_qQoAZ**Fk4uTKzQK zgA#JwuE;%TJ|NKG+lY&_*}N>odc+A4 zHAe!Vzl|DLJnM^_oblMm1+aVZr+t`a>?U}c6&+nEu*wRnle`E>%{g@Hq*2t#Lds@c z-Nl20)Qf4;Pp@ssBA(SWTdxiq zA9nUnrjB%y_Rti)$HwiMd5}m2-{;jz0mk_{nO_1G%%73n8s&Qi_)CB>7Y}jbBg4x@w@Z z(K3`O@8~8k+&w;23O~Qs$I#?ZN~Y^~gZsBFB8{|(a)kiax(h$k%x|2&NOcGiaoDg zP{kY(zCS|lOAmj$kobwR-k4QRnsF|B4RYPM7qNK-uYp{e40$ZU2i>21Jif+Ds&mlt zV0ofwe1admd$4d-0o65b@8joitv@l3dR0G-{e?_2x!3bjcS+njg%pVumgE%LKyV-? zrdKO}c|L9EV!CyJB?LZ4)B~{;iD(2A8>$YvKJ$`%^CvSO>c?~(CuX}pOf7z>5wPTa z5rhf#E~n;Z^}X#pi7;8 zwbyo@6hn}ycRLo#_xlqWDZ)#4*&e&S?SVfg*&S}2p%mbU-q2MM zf}d`Hwgbc2>LvfTd9#K-5SgzxUhQkuJy2w7GF3MSVCM0+(Dkdu2#t+^-K}Nq`iZSe z$f=j*he1*2(j-aqk9z}tzM>UA?Be^)o&O_^b$D6`EwXjSeO_&g#8Zfu-bNEM6YrTj z8AB(<{^sOeEB2zR?aeD%) znoEHSAFa3TXaj$sg1)&{;SBz2fUIeIQ>JOL`F!eY92^j0^mT{HuU z^XgYy9)0eg-~Hf(=I}dRwpR@+SPr;i18H18--D7?#f&e-#jE_vj9iAFYf>tqOwPWo zF`RsNjZ>8UIIzZaN|*XQ%X*Fpn`k`R-ujIwD6NzrgW^Q@po;`~+<)S&L}9sqeW71<-Kk7LHiC1^S+ z<1Mh+Ite*Cq^@ZXTRWNNUIW5!&49Br@4Bhcw0B zFzNA#Rgbb*jxy5n!s_Evc$vB_nlW4ZLkg15(xo-Dro4rA_8m){84mFA>iK>FoJrrW zmK^rq+Efj&>+Mr!k+a`QK(I!5p?ttBiJ|`!rynOTaF8Jlb z+Br4Ny`)O7M;vxi#rjQb;*wC|hT!KsOJmG|-fhU^ZU3Z*9^}|oEw?~Uw#B?TL$Aa zpHRQfW6~^kvbR4&OX&Rd{$dh5XRab0WCcHXOzR-7u_yTC(eJ4^-#5-XXs9_;JG;(o zTiH`*af7%EYL(Jp`1|(91~GhROt)@y__Fv_m^K|cA2#VJU6++n;i9m91zGvlmr5bM z7ojI!A>GY)?w_!D%&UEgK!uIYP4I)-7v8(3EcY-}xP70FjQeN=J5Rn4RA63t2@^Rq za#W)hb^PvUT557a@wtVI+H7|_ZCJ;dL6xgYL|l7*T_COKXe}RqnJ`dPO?pHObna`@ zXfq*Lo0!O&>zD)9n7NyoB%CcIVuxD1AdA%ga)f2i$ALxkx*~i1W}WTjudfr9$nmtf zTb5V?TD|-O$G>KBnq|7lY7B~haa@pIKLgpfpF$~O1zhV@-n{3*8$N^Y4s08_iZ0vT z9(Wp#70W1sd-cYw>T~QH77^nG0cpO+2G=&##Q8#` zdIhLyUmK)Yc@S4${1_D!P2ijr<}C~veAdNi(ggtV&+|qV3%2du8=ah0E;+bUz&*TP{z^Q;3~9Uu4+j21o#D=&E5M_M*HsjLJ0%rtWC*c; zEMMHr4T}A$u=MrBL`0u=)zb0zp?E(#WWoUs-F2iEvf|0Bscq|(h90o4acX{!|8(7XV&$A)s^dywROjj_#`I%#*6-o(xi~o zO2030rpYcUhMf-q(2)Fa3mFdZe9MmbdY9tSh4fZ_c}JDO-r&Y60mrjm(ARd(Drc zzaELl>}vKMbSoFF#Lsr) zv=}F#vJz%5?*hNMaOJKBqG*lZII*72>foB?|H|O#tRD})f?%)YZYMmfW zx&p|SC|D$k`sa=_-UgayKu>&4M!!!;MDl zl%|l{&?ZIPbxx0rH&7}n36CN31F>UG%u&CJHYQ^SI4F2{I&GeO?2)=cYoXP8^TPuA zz~b@9@Bue4-t=)y7iSJVc+`7>k=lMu!s#Du za`tef&_AQnb}My+V(p>!@cpUH_WvU59oQ?4x-IPrDz@#4ZQFK5729^QV>_v&VmlSv zcCstBv16NG-agm)x=;6Cc&=y7wdOtM9K)8d{G+d@{k>ot3IqLfVhJgJs){4k=xz+~ zdZ_ZctXti}wUGgzzt_UmeTZOZu(e^6;>iP{y?28Rv)Q+@?hm4JU)5aa>sUAA%qp#9 z!+#3;J{EbLq|izDG31eJUr*Jo*1WTG3xJrKO5XrDOzGbXBLXNJ_?m-X^lzKpx=nW5 zn=~P@r~}~0`R`iRL4#NH&`bCgg&>CKQb7Ar9s0CJlQaYZS~b>Cfgq zHYw;ctzz4;(QmY4TigB44Sy}C$RXs11Grj{?~vA9aB?XYz~Yzx6qknDce zz)w&^)2(m{h7~7uIlHjwlP9Liz;@oeU_S6&c0U(5d}j5v1pDvFF~v$?KVRXu7@c%I zz=z;S;gIl=uidyHtKR4uQK4|ebKQQ}FCEwI1#V5hFvy#{ z^^n&Wq>jN}={<%&<&8w6`&zUUUBV}4CsKQ;sqZ_(ehlyb1`c3J?!S&fb8fG>qyt0#7EB_d=Y^VpZ1?GK2%Jt--JoY`+W9&3>vIbIcU~INqU)J-wZA{ zz50e|6v3vMdfryCAJ(*e^Ft?2N#)11M_x=*GVQwY%hFb&}-M38`s}P z;QQMKX9Sa56B*vVj$e5x>SvJGboBk+4+;P1PYZxy!?`$yG2<4`yanLyNX6HPxhH=J zSkm(`w6_{*OTOWVB#AkHK zrQ>KNT?gOw3S2VGT^*MxTFyUNx1fc_-4)5&bJz2-drrcZl9JOZ0y0|ikD=DwP3*@> ze!z1p2iKNiG0J1WGxB2ts-#g><&eO3=UK+WENUf%n5GOg^TsW%{Oemmc5H_oMYfl? z!e;67vCz6%7OQVT=%b|9lp*EB7f)L22`A8kTuG+}3h^(QbW*)udu*^bKNGfUYDPp2 z{LwxhLJv-cs|9>cme=`a{%pqSNf?2NXwde5kA5x94vqJFo?;@t3XqudOK0mz^K_go zVOBi=`X6e)?mccgY1i-C@+hs=8jEe^VgnhE6HzgQUO$_(9WIAvSSuHLyPwa^*8q8@ zm(P(#o_NU{99bo@%?bs(>dLdXaTnNA&Q zJOQLcYikxMSPmJuK}4Wx&h}ex1?d0*KZE_nR|LTK9ui6Qp@M9b=W&&jog{6{Lc%ZO zO^EXQi7N$6@ittMtG~=Y%*^W`rh6dE)L*kLt(kToOjpWFtwmUW!gizesrTSF4TC zY%xr)U|gBJ#mvgEW<6=50KHMQQWBQAVwSF1-*@1VUa%JPHO+)#vvu#=&xu(|;jvJz zdHnC}-6aVxfn2stxgUkU+|dA;dN?K7porl{xyY#cm z_%@=?fYKFppjgy~I+v(7CIM=olku^dA37Sa;l=S1i0_`(cfw2O+SOeF?%?kbKTlxa z0>!mHv6YB=Y*i8ufR8@7J&4o94DiX{fNGyy_R1WLmjKVouG3Ao*vhky^NDv*%jZts zJGnic;|}OH9`O9*lWhEZJ&~*%Jm8BX*;|JWi_B>N_EZ%!Jv(~y;RecW#Xgj?>4h_ucqdL%TeZ?81I zGpS3J-NCQM63WPEMlWMnn-=fCdp7wfX;|Moz6NV`FOTYtq!VJipWd$dpHMDa{LmZH z1sY9?u|4RzExX~CQjef&<7)WV*z(IpZ3vVIxS15XzneAWJoXr6rp<+G!}fgMJTrlB zMf-GR7dFs3rw$_#%*9Sv_eiGI81ZCfWB~Z=B2J#Zt|0tR&8P!pA|B(K;VN`_u8n^7 zv$cU%CK1Nm&kNYoi-}8)8=Z-ok14@dfd4}r?r)Cn>WLlx?yBJ>?e{+{&O1MtQ1Cx? zZ~vmpM#Y-Bd3+(IYRV4K#qEdG-otT@kGe#2T~!{&T;1$L=zo?i`d6^6$HXD8>=(*< zRSMuq{{4t)A8DZ$M~r#rF*rmkH1dgYu!a0%%@Z;HWG?y99AOx8+m2wkY7rHMaUP_i zl1Ltgc4ENc{+TNl(J7G3X+A%EYRl-gAB)1-W%OcMeb{gB$gDyiTJ-a4p^?5hyGLQ8 z6_X)wl;<`S4GoG0$Fv?9j6z;e74DwM%gl4}pMazkMZB?*ot0iwch#6bad7I^M_qO* z*~!j$bCR95O0$KJGUsh!GJ!Pfr=viFUnvv`ZT0Xs#$59b>YD31C>d)may>&S>?$p- zsHGn;zaMRL--4w~c)SHU!0HbSJvb*sK=oy;~b=7dkelX>7jlOoa=csp;Syo9HH+x+dR)Kw@Zx)hKQPQ# zd3RJo4hgNE!q$!h+ne@U=}SBq;?~HN_V%7QS%`buo-1&Dg>7whRYueS_-yYTwzgXy z$oFe(QZIJj04}y`3a6`QO;3hvSIskj-hx2;H|Ou5x3|7M3x@ss*BV`WzUo>}H<3cD z6?o^5(XUZlH=ETr-2q#{&q=^1z7*qA*rDl$_u*)O-=*W$^412TArKxerrVoF&WVxR z-+r)XYV7txEP_{4{BK4TJt0JLV)}}=WJ%^2>s-(Iu*-0hyCA->YbOia98({&o2JJ<<&>k)5D3@?7-*_+A4)bs-2uU+UV zv>UoGHrz189Tv;Dx=(2Nq)}w`rn~F;Y~a|J29o!`_1lZW@_Bq`6B-_lccCuY>agSK z9`)!p{^)YhbJ|Ipn|A2p%wbXOBPl?|n20Bp?emnWTOJ;XH+uOYiNi$ZOEh@h3)(Ba zvF1->9FPD+?eXjP+`X#}`wh5!AL&DvD6(k3HJO}ukX-L-Lf<=s7h>ZeVzOO(GJA|9 zeH9%3)tRUwuH@+nI)Od4o#dO@LT$OFlwr9r!#D7mqa{$o28{i!tJ+;YY>$ll96pbI z{z@O}hG336S$|oh{p+1}K&gF!xaNu`8Y>11DGd{nBq}P3cih#}d6(9SeUq#RM*}HJ zA|OnXl7LbX+t=zbA(3i!-z@Q(>tbz{2; z|7b=;-o13ucReo|icn!@d2i%*cIW=;Gh{6nm1Bn0*6}U$T_GEZ%6nyEC>V)*6|KhDiSEpFoCwmW2mH-u6{IQO}_s&gn z6Zll2jSB5XgY}9o?)_QSy>ut0k~rAQScYqV<^%Qdk|z($g|8=rbtSS2$J-0bDK-1$ z!142j_i@ z3eMZnw+;{sLGBK=DiqpVJjMD^IG4rJAs^}Odo_(Hla#M`nx#6Fe3`;Ni`D%&JS66e zzt!fR|F)FdJSwy!R``ww4v|qN-Ls_qCw9m`#E1&fH3)-$l4ld(DC|-;dwo16zutkS>sjvP zisR8tI0*(H!_fBd)0z%?`hFrkDXGH;m&gY)6MZQTW(y|)RotX8?A+WYEX^}0m?J@1 zV=f^mIMch_qKGUDc#wLiyMR1XF(+;dPmD)kKE=RtQ?PaAC9*ly z{A{^mrxEB75-%WiPGwNe@T3zzRn1Da23&QkrZY7zqyaMK5u%c7!ASb3l5(EH2%&)Q zgy?U~15)MK$Xfoj7LN&kFOEP=bw#|Lwy?y5L@RL6Q*o(`R%Hwt8o=_vWRrLM1WNUm zqJ)K-a*O*F6hzD6 zEbb6VX6fk|;I0vlkdxJ7F|mU4-Qg;t>Mt*|HlPy3a48uV+3>leqUXISs`f8R@%~77 zqg8;eWbweTL{FfDo9c>3w8dwyQxc)1u2MJ6MaLtC*nJ&SK5&zPDTb;Qmxhj3_pCaw zMkwXihD#Wb+jkA3W-et3+4K#W->Y*b_fUrWXea)wVoFQ9;(HVX^^Btba>f*{nLc%c zIqCb2qDn4RgRc^|o`3T;G4vfb%GGxVS8=sz)oEvzRszNajq3h+gf$C94Ri`4YWy0I zi6_Sh;LK?e5`D7d(ikR&nAj3*P%JEghp!rk#>%U)`?ThYf~(ND957(h}Bltzzq z>)^isFstOXuMzBfZ)E|FTx=e_6nrL+WX?xlN(tjRs--k6nH;LY=*3}wLL2l;6%9sz zHoz!|kje87F%g|Q>^|MMp=@+JZMokkhU9N$gM2C^ZQ_>L225|#FB-S_yOangYJTxJ z{Ao|;fzGm2ICE}ZYVNkEduP?704PE`#kK26BzH4KKI0Lyw>fwl0|x6_h>RJFmP_Qy!1?a z5u7_BoB#;Ux@^q-?2zepKX{ATXHKemTAwG4$~NOpdk%cEa3EZxcC*lyT4R0H?(uO4 z)UWsg4O>BpX9Gv^n^$w#8oAMC>(~2&JUg;XfcJHGzR&Zu^ZSmejsuJKy3Mo| zu6MGBF{_>zp#F~18sBsd>Ca%2swsaxwyreRch6TPci&;3{}f+8$f^1NU3UMw3jc!{ z#7UffPQB zq{h1lG~ShqDq1EI$eTS!zDzpyf~SbM0_rV^4-H&t(%ht$PW8Z2NM-l%)T>zs-K%ah z1U;tZSZ#ER57dT5MXI}>#XrIhD49GFEzVlR5afLGC!aIXT6M^k@neH|5xD7b(BeLO zPrDpg%F-z z1ee@*hX1rhe&ugzW={XPR0)0Hls-}e?eE5Cq+B|ucCkiysa1j5eC6*g4Q;^~IY=ro*ZTabdy9 zYXaZrKnc(%{5bJiT=vI@+WI40h(WkWo{WSwV2-_-8_nA34zN6|5(eCLBBN*`Z(mf@{UQWa)POl4d06r4;R`Ry9zUb$*5Juf>soVH>4ElYC<@tGGa7E zH!31BDQ6CagpinSp}YpP58`^j`^7*Rw4ID|_Nqx2=i{7jBd9+V(|Ndxm4+!~mHdGw zf=?O-&5JAm>xlcn3~SOIt5hG~4fmi!gRW17na$5@0S$ zsrH_JEFD;6*l+3vZ^^Zdo0#}pU-XX49Ild^>}9h2 zGXrfb$N=yyItu>*^zFq)Vw6wy!0dc z+=D`Lp>1KpXW%o)R9-`|B5@^l&GX|3W$(exJBJ&vUyVqM5db?>s)Fm~eP8Zo9YU#w zX5mlWHhIwAhB%@WA0_{jR?15sUiA9hfzL>~%*e+(iEPVb#2ee$ffh6VM6I93e%czPHR;BlcV2{dL*gR$Hm|{;z$T`|n{z zU73I``@s*MfwHZq+a{|4>f_T03sf;ZL}HQ@>nYmKQx=Mh%-ddndp2lj?p1}#(6uGA z439%%pkMk7&am;rUdHhkk@y^o+w#0XEMekECAYizUysWFu5SN%W5)SGzLA`*FdW+) zo}vlbEFb8l0Do6rcLjeMUzfQ`tQDc>r`(F*WWnwl+2!dUVrJ1J=1W*_!n1Do^%BwC z{3fGt70w{%D;hNTu`w!DJb-d@Kgb(O8^e|WkTuj?eFIZc&M4%=Oi!eZ2^UU4fV7|u zmAHV2jC^=-7Cb_fG0RiL6Qhz=$XyI^I-Fnu>9$V8o$<%>$-3s`Al5|CdIO8@Hp7Dg*x zsInlKWAc^nD`0Iq%xee1bFTJit4e|M3u++vS2s9q8F%laa9_yIfF<`YjFqSg!eic7 zc`h`TIIDV=MGGpL`dfO*cj|d`@%>Ew2ak-|_n+2QxiwN2DmB$^ZvYCruRv#dbVtsE7=GHaQF?+Zq=D_YgDu1i0}IM!sMY}aCY zLo3uWugNA%stvdS5$@Nm$EZQJTfwJDNTf8~;6`B%ycS{JB`s-|ff?0*Ep! z8>nsupR5Tip0Uh>M!bcq3E4%Xw=V_73;igi2z!ov7@3~uv)u2!*{284NM_Xbdn|`t zz170wdqZFG%{OE+H}NpKeLllu%IFQ@30$CWsQk{U7pp|&5+l3sRcNHDjn_Kd4o1aU z!T;_FnBBIb8Ez63P}3f@^-bh0=v!bCFpBLo-7H~PtmD)yTf064tmGs-IbWjb>A9XL*vT?p$<=mPhRUS?#(=;bz z@DzMPQPbY)115s`e)nfiyK+t&AWiQ`?aC8JxxJV;jhht5W0ltMSsevLy1q^}5?~B~ zv9ibAgV?4O)z$IQ07NSR9-AR5n6K&xZze(!@1%AVcefkT_?R#sr#C#ZUOB;T-4Rzx z2s7e)H0}fGbH9VY2fS=58DMp`;L)}Oo??n`O?KwVR#sL^UuxU8Bu1bH z7T>mwVHX2I;@2Cr%~u@OjB^X(5XoY|uH%dd5$}{!KWL_{xz{ z$Dk8Nptxo}8k3@}ksq`9##09l7j?TYY>F)^%;pU#ZvV0*+g)Sjb>x4vN^w5^ zO+EKxlGSb0zEoc=zs&^eiH=`56CY-L0&urZef(Y5w+}(O4O!9uz3>Px>GX^XNn<&E z1$?Llsss3;x2{~Q-t3*23b-8es&yg5ZBJw$iKaUFy&G)clEjB>$6ZRszE4lHCQrXR&o;R5|`@|I-idEa#bBJZ;v+P)Rd=TeoaE78O>+jg_K6#080fK7xqZU_VQi z_a;bEVrkYLya92e!Trmfpg$HrKljqWM_8~Ot&p)KB~R_UG4TUMxiR*iI5!kS@$nRfPZA`;xpIdKw#Q%2AQ@? z9>X)tp}wl$wX%|){_0YBL=^o}DSoeH@6(R|yGTlGBfI-vRVsrDzck(nfOy- zya6{s>XdG?G|t(W2#UU(teoj))(UTWdK_w?gFvl-OoB1$B~*U&Ach?U;rni6SJYX* zTMA+6>L~P2&LawR-UFU~wc}Hm{E=F-;V?2`i^_Ho(l3T=&qOkwxDb9j3J+cli4UX$ z5ua8E(DmoPN<0i6^-A>F^2hF#|yyHK6%Y6_d^3^?OLsWKM2}LvcBD2~N6kVL`uDI84 z{>7QrO*hY^`wyS7dhOXUQL~cGZ6V%NWQ$u7gGu*8#dkHID%PlxVoDcvjAJD!IdIKQ z!d!{LM>c1awKC+x6}wz}uD@I{c9mUx--3XhAxhdMOCT0}S&J1FrMF{C$&yz5Au?g# z!r$l;5rq-Sg)mng3!;e}5rS$vO|Bt&IpY8YNFE<$5ZOGk6#y-8#(4M*z7%hcqS!|O znmv1+hl5WK*{wO8TfuFH)dS3xSBtqv)F{wLi*jP2;SBKEEuf7!@kR}$p;y~V+ZN~d zRS?QN57nU*De(>vV8ggpMNtfDi)5=m`tUeBqb2GXOPz#=Z#jMKxm|SXnbd>8kaN3S zIX5?UMKSg8w%E2JK6aVcc60;%n|Dp)%qAVmEm{|%j~-E0=wv5ZE67|T*B zdp><{R)99v6a{3rw>cl5)w&cMt-u*+XFJIJ_+WX6}*p&NTY> zep3Id5$2+p;{Bft@;}eTJTJpivKPz%tv{Cx0ni>te3V=FPn*L+vH@ZG9##9k+?zF` zEH1ZaZ)U7?jgW9*i+N1dg}cTC`y>2icsDpo-)Fj-26~uT zJX!cGgUsgSSYKAo++x^)4*D&Eoh}i1gVJ8Z?Hh`l>k-Ve(?^)(zccBwHcqYwo#oU+ z?33Q^1Lrvgc$M@}RVs?@?=2dp(Z3>5S(n&Xk}wfvW-tXCoMT{$E>=zGdrjG32<#!3 zVU0@zdPZ6r$ExjpnMYvY462B;v%tL&kQMCr#{62PeJflJOO{LdoZ%?gts6_0W5sTr ztd25fuy`Nt{C#JZqVQc?|9PPeCLrAhLj+E|NQHv~4g#qOj3~6~ljT|M$ z^V1ObCE|wCyGdDK_vZ{10StxPJBB$=NEXQ0JifvGQFoY={2{<6qf!Hynse-0PENpQx_2Ov`x9s@A1=@wJ&rLQdHKWVirHhWv8y)*fTFb z|7=OTQF2<6oEqg~!m*ndOAO&%hL$<(|577xGL)L>MIhb2plFvJ3Ri64xAC^`5H|K(#_R#&m3E5sA^-&qR$!h{QA@mBqEtb<$BA|nv2M! zH1+a10PNfZGAY(ZB%#ICzl3miF9MO5hV~}`4*g!TXO;wxyYvIA&b}W99i>QKS%~27 z--SzBgle*$SHek2nF(bQk2~_uN@L$mK(`6+W(xfK0*8T3<$<)k#HBy8wCEm1^Yu%c z987W@4|d1*X_2U%PYr&c8-_tB_}@R6$s`qQKIk9_&IPAqka+zrnLDlcJyTOJh+E1!WCifEO<8`+TT#I zyc_2#E-RO~P$o<~4zir}I?%*&$~w|+573dw%tHq#&(imf?5uzDek~c`1$tOXQsE!} z4DAb2bf$ntJ8`%hOxww|@?B~`R^9Um)mw(Z*?!V~`hLDOj1#(zSh_g&1*21-g?z_R zdh{4i=FQ}#1g0Ixy>&U~uD7!kp7&%SMz*>DlWEf2Zb?`nP-bKOcip{C3u$KNNtgzo zFH5BgcG6K+`7HRu5dr3~u`C^9<|y3tFv{Q_j(I;(IrtqHJ)uORZf$-9&m;O5=#)n$ zsN0$TF&?UxQ!i<*^NYODB9QgN6~Kv;RLxH$SEPRyu_=Tmzm0XS)@RvLQTw8PvAm!zlRMmqk!TVQU_wt1cuvp3_Iy7z>4-m?F$o2 zhru+77tW1_Crm5QLmp!Fd+EBQH6k&qb4nhUsYm+u`SLW?LFTJUwJwM}C*gKkG6B>z z*f|9u%RCDSN%@&JZ*GpQ;5$EJtZuHi?9|u1aGQEb^|b%M)&1ez$9(rj3Ld z`vDU~_7`~{ir48Lr&ljK9zlD`ZxQrh0qD`*ga*eR5F)bQ>xv^iZDhzy6nwj0Uj;Ar zZQ#hykZP)tPmQ+OJ3cRW3E%PMAYIUA(!i7nDlI@=__DvT3sXQ$ljZudgedgI**EsF zG_>$C_p*hdSSUqb$(8scW2f%k&aGexPsC^c3L(lh$DNe?i1dJNsjfS}1i!TI`fwD% ze@LLrOmqvNe0`^%1KZ~5L4_nl8xaK~o(7x-tHMLs;@}H__xL;KUU4Nk1q@09gY@_( z&K^aR>bGDDw#4xqvenOB8+bTE#}>S|wVc13yOYW@=H|0MqCv#7H1GXx>m~H&^GjX*0BLY@5F7UZhmeu)gK2e~<%0I9n?xTW>DgsEUOG45kojqnEsA1K`Cf2uyF zT~04$3jptx&>WCnV`;aac6A#~VdW^S7fzlOzmlC9|vMGL`}gC3zQCO(f9FL!HrCV%Ve}}q2H&+QxMUE(li>r+=AtQ(oXIwrRbuj~qwdFcX*4ah1xdm? zES%T;-A9*Ecf-Az{GIAgo=ir<1+XWP?}GE7Z(C^?D;O>SW%Cjr1_Ttm(Zb(m$x~5x zbl|pO7E1Vxy}b%byGW=%PR1yoL8(Z`0Vgs-qQ6+O*cj?g|J3R9jgeqsV8K>ZG4MK( z5!RYmI7oU0PEt>#9qLQFH=uk-35Io+n3&1kl75+igAt%CW*VHLH@kBUNT36%YBPdx zxp%hd?W+cl@D`Y}c{vuALq(riJroPY^O`1KZbZu!O=z3a@e#oxNTRIhzJCoV|E5Ga zZ7QeXi_a(<9C!qWsfD-A-cTQ3pH}IkbHh4lKHJM@r#0;++&Ng6Xf|_Rx9Ur zBBSZr)%^KcZ4s{El>;2%D2|L;Lw+d7)@m^snQUw2#DP-5&%SJVZ;hB%8-m~YGEd`7)bF2ZvrO1AQ_au|jnHwAR1`-n)=|p$ z^AD)#WtKvvj*9>v?PK->EZj&(MxH1(-NlgIlCaB)>h*mxl3wUz<5jPLzwNId%<)M2 zG(Ct2ERNuFa46Pl%=ZD$<(j^sa-Cr$;2Z6%LeceaT0$^|E~Ou|9^|+=0T0*NDbF(V z))xdgoYK8S&6Wj^W@Jv|8Y@P3dyS~C%{gUcTgPtcCGHDGB`(Li6b;xW|GvEaUX&cp zCa$zAWdKUXdH>8{&TYAxQ}zLN$559?=Vu1*=R;W3OwFU_;*`?o<%)?L^XGaKjG!a6 z>-Bd8D6r$^*|wV%IgqKwKhriQP{rr|`tkKTzP!PBWQjKCe+?A;pX@h6*q~FcALY+6 zRH7r7Iwl>2S}`NHTnT6@?PME)<~wdeMx=e}C0)u%uRITmeNt0bysT8wcQ1>HprE-T zQUK`Vn~FAWj0V@1j=y|(|<*&kxvi+G4omh3#lA--!y zsi!ILsjc;9;R}1jAZa1z?rWzn6h|SE5#RXaRY(`)m?^^!bYm@NnLcouYP{i~S&1Iz zSNlJoKP-mgJNaUYel=v&tGpnhkbVPf=QziS_lWZdrf0QE>ci zD4-yAYVYoZ`_Lh!X%qKB2XZPZq@#rw*=`#-drs{P`Rl`eE$FH1wRy6?I7}y-T&5YO z#H;wS;#wjtKgH8zKqLl&o*T@a8x|KEDFo$1Yby&09!ih>4Mf(|?ozMsR{e7auEa@P zB#HVlovVmVKf}_C4{m%-TbZb*MR!GJ~%wWrBe$jg%e-MXJ6}( zG-P?olxisrMyzs9Qnd^BvZ+rhpvw*c@hY=a&9hw6^g5iWu%+i5((AHjDe_l#Ovpsd zn_K1^@O=$c(y8L=4-P&d_*vTWz)eoXtr&iMZnpZkV?ny@&U^vIO4hM$0kHmF_{+P# z27MEIc7rPk){gCvpf=D60jPNRnojsYbtRHS41T_&c(yk6_Jo=zYiwr3ETg`=_6@o- zA(*BN}xHoBl}0K3emBmBa~Tn(npK55cM zrtXTJBTHx|{%@(;5rH%yZDsQ-+FiYsu3K^3cVU)DrvfI70t4%LTv%L&R|Ou{vuvn!xb91CxUq2q9O(ujAH_l<@E*#C9&d1^0|pGoHme84{Ux; zyI>_Ru&%l8PO5SQWL)Oo$yfyut9ZtmY@4);!s7Ns7BxhXMSas2rH~f`e15lvF`oASD2z8wmCJJDOPV7{_(tr{P7VAUrdrNQBoLp~N=8qW`)B1d zX_Wbf0@`l=w`KkA;$Pi^ipuKQ$}jalLGA1KD@<8&lrRVP4wBS9e@kh-VlOTrCN9f) z6J2qONE*>Nk}n4I9@cZ5sbBSFAUkJDk;!T#a#Y5lntSKT&d*>6-iiwOvMwoBBl5u@ z{3U?GRaOB*R}DmX=f{CinOP(qoxdK}Q+v>DV>*lYIJri=G3HaJCl}BxotH$od8+-i zB#w>$S-J5951wybsAEN=Trt%wv~OhHH}=DAXt^gCoD{|U5HLz3W!9U^C&Y4u6 z*=Nr^x{?V@s>N~OXO|R_j)!ur{+ydF7|SVxkeA8_@_sC)G=~=q%lIJ^Y6#(n0Sd%sVzcvQj6?v<1N)X+mqI* zY$Uaq+|8u>g`6EH)JrR4krcERtVsq0r6#OigH8qJFHeb+`+rzK0T2l$jx$afqoy6X zs5j91ywqE*4zDP8xH?YGwGIAM<=Z(j0vl&E@}8!=rRr?%v6J?Py1^v-jCT`PU08u)g-ai0yE#PP_M@&WTY zVzSxzWfQ zG_}H=DdCmt+hGF&A^X|3QU#6bpKa*S^}1L8~D@N*P^qn z>t{rx`|9e(ApG!lFC>c0@A+joo+va`kt5Ll4T3z|%)eRR3H&6t{5;dv-^O1^N48ZE znmhN#QvQA4GExd=HKlYx-y7wa7CT|$$5xyi39B0S2K%^tC7MibVp{PcTh!K4Wv7mR zpU^?34Utc0rH;lb^0m=k>I<y@7l9aF@_r?CCtdCM`RPYh2AQl?q5eU7B>0aR$BgHwk_CDxtvmVBBl;j^fa$78`UyDN60xoJ9NREEAntopC`GBT&o|z z#GLQEfcA18=vh*iyPDj|FL7c5H1VHy6qbGM)yy|VPb*FJQSDt?@G2%2K5!qjSMNW1vY{i7h3RurrR_0`b!=nlk8mYds{Cd!J9cxrDq6rjO=01Ex>?fsZECg zu$2Ea?w@$O2k4H?I@TFQ)f)3Z27G$S)tgsn`l9%q$#ddfPE7j@d%h^8Klt&l$s1Vn zAEkHx-vVf$2|O4r8rBm$rd2J#KdweioWn$c7tg3Bt{ zox~gASbFhRkQTpjIho|6oQ*Hj?A*`32xKQ%@7p32xL5>40U_6l`8?kw3~kA_9?ejn zxFE`Mbxf&IAtu)->q6jO%W6QH#Y?HwO-Dx}b^}kwQZ9?aM}5inL50(`M>P@@{r6xH zOKmNdY!FMnfu)cyXl42JC#NCGZhq0xQ0@{z0#$Qkc|8tp3^>l`p!>T*j$pGZ#1l74 z;s@v7hq6;47ke*BK*}xOCI z>CMI^^U5N>K+TM+m^hp^!2(#502MOp@BHQaJ!Gic(RG`ZUcF`Bk5c__nA&>qD#?sv zyeEGNgl6%pB;zob)zpa{UWxyJf~Le-=*5$^A8Khjoe-B##fiX9zG-w47ZQmWJUo2N z?df4;-ZhJ~7Mt)J!(5DhBtjT;(f9mZWRbpv)FV0tYT9-&%_QOk>IgTzhk&bL8rW!x z+C={HRH>OH0TNHwyI=&E5;8upNhLBu4fCh#O?&co300uI52x#97`?fkRzsymf3Tn{ z33|3lk!H3~<8e%w@iVI^+xvEg#7**P+Gu>WF4}g0adU}I1ud;Q?_qw%USBH2tnYRJuOcoj zuRZ5Vc3XDBh#s=46R%HQIo-+(C{at0t;;(s+c&kEzrlYO#q;v{9<7n)kp+@c<2=j! zXW35ibF0Gl;dFQQ33u=m0b<>}F=aiaXP*v*`RB4zZh%qo`u+5QGgw5{DzC6Dsfb}g zObg9l_c7il)vW0VAbjg|<5UG4;@DTAaIUy4q)(O=b|+i&JlU~qSJGRj7HTsZOW2!C z^E6o@6$U@vGn;66^g4>-XcLVd4^I8;|X~Z;aKyZ)G6F(HZO6NKF7Li&{-T_RM7(~Xy*QBm$9uSVi;&=XkFr`!~CPm`B#Z=vKhVxBHg>1 znf{R}Ps2VOPs<&mv(EL0mJIO+qz3VVX1npPYn#wlebz zGUQP~)|2m|h-N1qpJ=p8pxt27!8}ccLJq&Y4O#2DKV#Dw|A062AH^=Or#wN9^veyu zT>J2!c7PW0>Xh+E{N8K(HLXMJr`ghFcEsmLM@IC1XP|JCzU81f)4~3wgj{+t7N?Aw zbvV_M%S5`H;4|s!+Zb@z<~-{+QQQ-TY@s!h?Q5cZN^8y!TN*uxtP(Unvx(!po@_Ob z?U_)}oYWtynf_`4lcJKj{?ZECq6(QE$lr8UJqfyl``V_E3M?6&7TugqVC9oNd;PY{ z1hUtBx%n6?$4`J&QoEX+IwQ?>vBL=9Qt062rIR!B)^nP{-%yT13oQXZmrug}*}y~> z4m9i;iqkM^U?0#pr*}c*qbdB$rAfe`0Ms&x<{yjWh*QIaL3h<(D{Coc2cs-F3R7h8 z8q;xdddN*0kZj_V95GN!;qvNxDMw|6F;}d%0?y>GN*@<4)J=F1sGT^_zWpU0^{S?+ z`i=0~Nodq8kWgbP5d1X4NOB9w@8osKb8n3i${1v|JhR>H9>hNGh4v!J%3EPYwU{>6 zKq5J)j!57Z{QDpO<`!B%n?=YHeh`FvNDBCx>h^_FFHL%SoN9rkac15Lb(SPU$l_1WEcLrdr9E*jpSgDbNz z^0LP4IOeQ}c4sfa8-H^q-K8;_$Sewk6IAyHJCk(KeS+db_#;Qy$KDYep2j)n*(quZ zGEJqsdz2=Z>8e)~4JI?AQb=|zN^rbLeeQ6YWCeKFMbRYFxcxba$h1Oa4N>9wG=#`q z4U^WZ5?WUs2Kcdb*W2>-g+W(Q+dC~pja6wjM-ADtkueD`wYs4%JPexR9yA=EOfwb) z;#q|%oiP6r5d84{gS=xuMO$uRZbMtM-OL54NX*=LQE8s-(Xu<&36kZtu|f!L`Fx+r z4+E->1wH>~Dcf8jJXqNMB9N8nlUQhRA1~E{^$hcM{)Ld)>9Z z9+SxC?Fh{tn(pS1k48+0^tI1yI5iGmb$^ANU%NP_`5NWSm*5as!QO<~Pq+hum5s1^ z_&ER=9k8L>Pf(J*#KOLo^4rQ#g~h9!TJ%m@KNpTd8g`D+N5v&E(otG#e=g(~dt!s~ zhV^v#Q5^rcXX%I3P&>D?x69k6tQjiBh|GX3H=+crhLgim;h`Z$t|!B)6YEnl?8DLQ zXwY@q)8;SQk(ZTDT^~C~zBX?A%cbd~osk5U{ggUl7M0n{b5;^L-|9^C%U3Aak;dl% zmWGTyyc}QCr+Kj{6+NHae&|x?w3;P+P;HprBQIaWXU$;*TA#Z z<3#oCT#j=EYQ3`UO^vkSfNoQcV15wqFF5fdIUhF}lvvH5e9@eDmRdp*SpaQP6!H>M zAN3bGeb7(m>#cnSv@bvV^3g*iWnGap@hg9jn^-*q>7hz!cvg`}B(aC1Rhv#rJ32a4 zsmm+ypwxUX*LUORuHqitdNh1$76fB+Gg@Ah*jV-qZmMp2|8q%o`)^h!EE%P9qLPzn z5AGs-0u@}(ckrS%m)vt4alM98qX!BMJ8Uh!Wl+XJZFDL5iX&QHszITlXZyiQ9=;-8 zEp$8N4XEz5H4@)~=Lp@3I*I16vxS^d3l3GXl=XLxzK_V^eSXGSzRus=NRN`HO_TEY z&hR<2GvG z-7K=zSPYfz?VN_325Uh&=A+U^my(BT?fJx!&o*QhLRPGXPyqN&JFh>bkYZW0#%}n`D|=IV+|U{?s_3HZ&=~6{B5WS7fqtccHnt z(BCYs*qFd|404@{XQ|?8lk_WI<}sqB_2I-dYd&^lMK-Wx%&B~Q8-a32d5!$m6Es)C z_TclDn9xb*yezch=0SHvj|`{=0b8z{?jbyBbhf{vs3Y|Jju$0V zaOmHFw3~rpt#CWt{A_ceQbg314~lYqCqh)uvmSBn*+h?oXYNEL{{rRvIYQogImc58 zo{FvSSl!vkHX6CQ__y!3=beWSM@6UUtfnl!?A#IB0K36Gv5Q6xIyX53Upuu0r&Aoo z`YSp9x=q8KjCBuqStvtnQn4r3-u43Btv73$(opt)U}6R=zDwGKraU|m_?sN>Pj9I3 zC*Ivc(^0OJa|pt8W1tgFy4q#{<%!2cYkjdZzzzARGZuIL1P_3|I{+piXL6%bw118 zq!yQtjeeVB_7&C#Wn~-b?0OLdM|w(Eb21zx?W>fDiGbXGAwl-~tjA>00IDa*W3i|~ zRLeq6T;#&))7h>gSsx$b#TWn6AJxuxS-U7^UK#xTDYEU`^IKuojn$+M&toZ{gF3_5 zi;BND5<>Y~Hpm3$Lz7VD0?=)(O2O-IF7D*M2e_Zy3H(b-c{yGosR(lKZ|8-CQMSdk z3zvN14EHtiPucWayeVfymGAE>lAcb25j-=b~HTLDAD**M1jnY@oF zE9s=qKa|b}dj8uo$9TXqx~7&70Rk-5+ZYSs%nUuuxBx#gDi2|uKDbN_hxq&N5e+e2 z$V`II_mf#RDt({XA>1)!YzB-0-zI;;74|TdbO1RPF+sToYu`wxT*|zUxXC{gyC_%1 z1xYrN&3u03jz=t%twhb&RrULxM-mt)<$r5t^yWZw1}C)ebyi}czv>}SjJr-SZwVs? zRL8eeNE;xqHIZu`oq747sQ(d7^m7u<4pq=cPL9*kNF;c?D2ar9BF3C}O9UtHzh zM_0uN(3551n4*U20F3`zx* zWx_^T2I{BKtRj6tQbXcHMg-_m%MML#T@4#%0h)beA(wuaU$1Ihb&RJuGql$vi5v z?I*0seG$nBzr6Qah}9V3y9^H}oAwA_=-Cg_Yk62Hb}LP~Wq3-=p(x_Vx2~hT1Zgty z7{CgS%c=6D5h>wk5~=Wy@#1HnO9N$7W=rFWso|b{)i^{)wD<9*GdaRBB;^21MAgGY zfaiQ(R`3{QBlR_JRFI#YUPBi&rPD?tqz9tiTFFp1{q-o+e71p!(4u0m%O_336bbdT zRaOlQ*$EmetzQXj6Uex-*Crr-pBO-__OzK&vHsZL!tzvb>nbOfDZk|2ahZS|KA zp3qE(AHQzNOrM7!-+3KxmD3Tm?eoQ?ZaDV@#`FLUEo?iW1HX@6;3A-Er;BK)-kK`GPsVr=Hk-p@BS-aaQ<#>NL4{ zZmurSU%MGinc2XFOgMA~-tS!okM7X`7ol$091k;DbvX{ANjK&{~r-7cRJ>Vo7cYZsr3@DTTkCls^{*9KL1g- zuXhXqvvi!z)~ieXZyy$~DposzrqgGag|B;GRGhTw3>E3x-n8UV>pWD!T zEvgk~G7XfYq*(sV8~&(jibg5K98MR3MD?Y%2~cs}1JHdPJOry>7R0Zvc{a4+SMGM+ zrT*EpQfy6BKW)cr0M8*D>s4(SZ0e6c&AK8A%@x)5+jR;zFmWiNN7!_C_I|dB^|%{pjv|3`ry$kht4wb1vo-| zhO|UH{Ly|j?>@Aq3IEc1awccN#Deg=dr8m(&6zVT8!PhFMgT)+do$UQy((;E;7$l2 zP!S#t<6&nFA7ePLLxcxIJaV91ls+IlT!;cif>J}cyU`j5vk#)2uE)Y2&OCHs@yH?N*<%- z94CB?u<@>@+>T z5PRQPI>N{s3jRiym8xitsmLCjnzx6{Dmcv)$%RYt>YMmHUq2;tuBWY{!Yw@9{Syjv7t;|>r@r(I%GW>+hWW>nbuVYf zU8$J~@gF-a-VcRsib24zGf#38=3!ms=>jPd_0ly5D{DsDzb5--o-EI4oE`y+quSx@ zb*Ma*j%5Nny}NrVz~?OYDs;-wlXrW*^akK2B7BmL@%j>9-58pyTpkv#Bk9O0WEo2* zV&o}Mt-kPl!TXNh_*FuQRYp~5rD=+2)wvM??!y~Qt%k`%rA>wR9qgEF zgnF40NVQL--+&55owCA){A*EzdfFNQv;vAtYdNDnun)PZF*~VHNcKz~QEIY5AGAf1 z_P*c-r>u%u_F>EQ9;7A=|LeSJBW#CN!3`~+*A)a#=*>Mm^pU9DQH=!`$F|Suma`Pzs(|-IAvbyB zWAt3~H_TKYVZW!f%pVw8U*4JNPMF*Z{NS-ESL6wha7;nhu2ScI{-d&i!XV4%QzOKk z)9|jBi#7Rfy@vF>dR3Z^JJ%8*Y2~;mDAq8p@T+yQ!%_#dFB0}__F^f6{RW(E1emYE ze-?68&X`h<<~9%k)6s<_!>)Kt7$Vp82t78VY41#B zk{yVA7_L2zyCH;c_uY*KH$)Cmnnv?9>#WZKN(_%Gs_uJ-9w4k}kK#m6X~Vh>e9f&- zb6!{oR;77T$1yIW6VEQ>e71@s!M@`C5d*!V0p!z@%|8IYWi%pVe-}N=&|j(=cK07s2Ry>q;gU3$)@i%m*(JUaP>{B3R|&4khH44TioCEialNrlbP-UHx%)=+6({Ks z3@VaRRti+58Yc@BPDXYYEs<%zz`neGd_PM3Hbbrf!G;~W5`Kr3%Dp!?`8~t}8Zy6n zBE<$?4;}+-`RUw*4Z=FyLeyvo?MwpofABbUSVGqI%#*!@k+1!zzYBi9hlOcz_#Btn z@vZf!UTy|`sz#pAZSteXw^36I3?%Fz!A7!ZxJZVuzV@paX5FjnXjfd8G_p2A*R)gP zL>dO&deIy5NcjwW##4D1?9KZMX0(wO*<&@`F$F_OK~-ECk%4PZN(PK+wrZsE0B!WX zT}X^g!ZFZX(IrF)3m3Q4{ucA+4l+bjbUW@;&P>&K1ZgqOqz;t&ai-UPtkXSTx-?b| z9v3NIx-lT}`udjh^Ai7Wgk8i&Nf#N(=Pn?xxvU7cr#;6^ZLCIc2clJiW$?w@5$2dr z!&KV2h4Vo^^6rmAamEwPLUd8Mg4}DBN_5r`^Dkxw+B1R`x{ar9`NFQwYDl_8Mo-lC zUk|T+BOA|#Q?sK#JeW#(P;jD=WK=2TZDE`XCE z>W{)$LYMVIe{P-!EPbOPItLH^-bKT3hiw@9Y^EU$LdU-!QviWQa`AFT$uYB$Uw2mHs?~+tc%V{u4b4+83 zK03!nN-Gy`nQ;#Md_x`JyIZXt+(%q;nf?pKpk;N&{?vld@FCibNoDr}E;A#}526+H zWj1ehoM$6s>R?W(MOAx^?z>cr=U(j@bY*;-WraUna<)iq>yyUw3E`@LbiX|Iefom7 zZl6*r#cNQlPqHo?<=dQNRm8oGS0$Hv zL(ecd4HI59dg!??I(i4s;P)9HZ+WM0CZ*8GqT-O*~nngY&*C=^9Te?Ncnu9;qd`@eap!xZfvj_ved<+TA&f zg4udDoH5w8ET?#pbRN2fp4x;`2GT%(kezMm(p>&2)%Zuv`ye|kjwWHuq}xN>x~=Nu z!@W)D^9QcuUSY>p6=TH%<$uv|_WLZz=hnu+i_ff6>zHBB${)*5k~G3#q=A zEkqs(LK~Jd`pAa@!bHbij8?k8i20lR5-iq*kj&>AOmOLl<_4p>1thO@0g2s6<0RJl z#0w9;m;8GGHMV-i6tCgXI;g(#cwF%1;|?oGWEBIcglmr8t5@5^>gC<*LCEADNsEEl+dr-_-h~TdcK=cZ|_magNFvy&QUbX6enT zKsAI6X?TU z6IG$?xf*L8gI^cDF$GU z@@wU3jq`N|4BI|)Xi1dRkINnWQO07(ZXG^QsoB!ymos@C$MA>W>jTeEE+i7B)P=9W zY#AO(KaU8)<}pk}AF%~=Y`6SP(nVrX%U(n4jlNe=_j+L6-c#+%C!yjOz$JeOQQ8?i zSkCRRA1sGEp!jMT%B0kQzbwqEYETg_Y<@!WokI00_xjtr%dWVhL}c72rb!82!dU#u zPM#!>s~g5WvB?oi4*u3MwT|lxUw(HlHBGZs#HrAQJx6Zd??h_i4~mkh@KT9yW9)av z?5T#Ym4oD-y1;LcjiR1@VhyFX5?RV}tvmH%`YY7yQAg!gCE?&2oGtlg6K|GJ2(&s+i5S z_%6#bhH8wmnrn?!$}b%?z^|qN4u-dn&^Hft-VF=+V_i9lF?!;{R2Gbl;C=*C; z@S_l5Ss7P8jUu-xk7#$yNX*_K*-z)NsS3dL8BEm6k3DYvfBy4nQ~jNB1a zvG<9z*&Jy{h6h_WiabXHpoj_AH6i&_J${DZ47uG58!DT;=M=8c*hYxqkev*YB0KN|AndF$Gm>isf?h}RUrj> zfL5O@bjzjy31Yq|%IZT}@)zjPO+OBGu=D>v)!2bWZ^PC>&av ziHNu-91MG|K;1I6P}~_HWubvv(zEf#OkQRA6p+2PM)6B=_uDe+1<5xi9}_Q+1P?*{ zJCidq2(5yh9e%lhV=Pb=?P93ks~D8cHutQ;677E|y9@hSCFHNQ9bLu}esDlrN$%Z( zVc(ZETxD3S)LxtOb;n{#26lcYYC&>UzDl4rwJZuS5uB%DY^g^j%Cw!4M2im4L0cEN zz!21rfA^&K5G7Fi1M<41`job|#M3uD>q@N4kc}Q`j^# zd35B8Yk0UHKNqdD@)X>(GXJ20i3_b|vr8KzrFhBwjiRM>Nu#CY-eEb~noYY?6TLo? zekM747yCKbY-m)5CE+~+YYKn8&)cE6n8x+@6>Vhd2E_`@9a0la9#tQM@T9f6#LanE z_E&0Dp+yr~i+7xt;+$l0tKmp{qMvqYH!>25;~rw1i#CkC32iiE$b>55@+T}>J$?yH z&$N6=G10Hy&vGf!uAV+DlMgLMx3Fq8$x^U$({8kz26>KLFJ*#mO^OLmYqd#rHRh&! zUv@@YEokyYULkMPl7CUipnUQ-KR}>}F&3PfhZTwN>z0qtsr-n!4ZDCHC9I}|b%~B4 z5{ORGin-=J;EdbaQbttOC501FI3z&sfeDzr|O?olZTJf~A~d zDEQ$!-SKnP%B^(;nndnaqWL?JyP-MXec15hQ15MT6M4YJZzn4zvp2)muCUZ> zwsz;S{`Q*P`jHo#2zjv#OKU6>(~rn5BvF2fsF~prs6|CZYFM})I_A`$Zf|bNT`}7f zeFa7R>H=-Y-oP-hE#XeDOhwj58-E~q=UP~A3fU3!qd)``RUA$RQ#W05kwW7zsr}Q$+CHnL0ftp~oR768cz(6!HEI(P9ADJXLF z`v|?DMzW*IQIKC5LmM#gHu(CpnpEfxgji8;6~NP!+NLNw(2{i9DbZ zj`%PPWXbM~g}*gu&`NZUD&mj2oYSIz599jND{u6>A&f9}KeB8Eu1=yC z%%JS!W>!l1sj^&q!a9CfpzeQWe@)K5-f`hdN18mECsl`nOLB!LEm`>a>K6h#oQwSH zv1D*Ct+daxVUhPi@Ith}%QG@aLyG9?T!Pz-tdR`)T-AnL!w)44?foyeZydK3I%T4q zMqUb)Vm_>!w-cI-Gx#|vYu)G`T8k!g6KS1@{%qvJ0pEzlyWL04`ls&}2xJJn@EGW2 zPMc!1qFCzfUlwU~5(QC)aG2&HAmw=xvJBd$wc+upPifI^(6&0_98r=sK(>6|nKlAR@@mU?bnF4(-Qpp~T8C=jYRK6w7cp{VRU{$T*TWAzws= zhJ%+(qjRUEcTGCPrb-*7k_?R`(P0>HY0;683lIor^V6cw=a%Ht)XL5ND>1vj$vu65 z#j&6hPb|Ps$5i`m5Q*OB<|dJqj;4+rU_jU_u%AN?5~Y>Kl?o3=Ud%+=%5}Vs{w);` z57`zFP3qn4-w!Zfh$ZJv&X4rQ@jrjlEit3S%mKnfkq$hq!MoQ+GL}7O2>Q+v)Gn_& z`>XPRI4zk=gW*YqI*2oN;Xq_Y(ChhWlLVP!HRM1WuC~PvH^>T6Sal^Tc49StU&QC4 z%qg2%Vy^pQ)@ITa$}Y}h5$_J{!jg_yhUg1-=t8m9bNMMlQbM?lP`>5!)@dh>!g7#5Lv7HR^ z>9BPW$J3nE{wN07Iy3OojT9fw8v*21IaAVJf&}A1KzW=sEl2qnIf~&sIC@rcwlezL zQG^JForme-5*zyA@OmPJ92&@S(+~)1Q+K-!nRs>5X+yqRTs7=fD z%RA)6>Nu$c(D4;f%-)e4zLwH0zlH>03sBJyfK4+qc5? zBi3ag>}TNH@N^~QwZmAQRe~QX*VF(#2;<2@)^Sy*)GPfbP?|e>DDo-mevyRa3LEi= zIs5C*Qu0d+lyhG)7eIe@sKb$w^j{&qi~NHD@*l#o9nJ_nH9Z|K2e#nVI!J0WdsuT{aqYm3Xt%aau`WV%t4RkMF5 z70=5KFK)I~$-zktu=y$Sl?o!vzCr<^;=`e+dA~vp<-o^cMqN{y@53n?ozpx2n&_Rvv?+_6fOP%VZ%w{j6k{3 z0V`bw$$!Zhu>SD3P00K$=q99`*IVRRKhrqeP%%T=lEwYdlFXq`YM(u>4kPx4S_Mv# z$7g7?zk2Qn=M24iaKq}OLk}!0Nn&~wtlpuR!GvcnqysX(!8Kv1Jk)X;DXQ#}FO^;2 zVxPI|pC3zU%dtw9KD2REMB+M`Kpxi~|G1&dEH4?wF$lDlKU`@|-r~AN=iyxzO!A zG1sO$X{$SOi8W1wnySY+hvVHnt!qUp>JKq+zUOsSh*BNXmw2 z6fJ23WIt`AsHxO7)XJRs+)k4}Bog!@BYaV&3X7mNe+cv~D=!V=HS%OH`_T*SgMWvb zFbmcO5wI-Er1m)WhV8n{hQzVIs$#dNNX=0OE)fk@&%k{%bglti$z>z;hk_nIU&G?vDWT$fE9r0wfu(^9*5)Uhd?_U1Xior2j`cQjQ>-XBf* zst`!YERh=`HAOxgw?v)L?*8{FY+-Xc7WRo>oI=fo9JPyE#L(K>);XDvltwl-(OIjK-G6s3S2EzE@ zL58IO)F06JM%hG3m#jydy*28joK4?H{vi!ojaZT+SH)q&V~V9n#ft5f5^c-9$%lcx zB(9C-!j!IF>|0s!t3;m{f;8D;RBwcR`#Uc%lnz<+8v#lPMG)o>CKSK=RLb9$Ek=rnmKCN=H(`*D25wvxrFT94W^l8L+9I8Lf^v%~`jU z){&uOS6jYq;y}~Hq8`Z_xEO{K94p9X38cGD{CW$?fvj~5s3z)abZPyRsNso$*5I0? zDA6K}GbBhIH6z}xmO=c}b-c-kVgWn7q=&c-k9n20-4r0HqR}@3^mK!qOAT*w22PqI zGt!W-#te*|o_dP@{u$+;inD^iUdB9160|XYMmq4Iup-le)=F_5=ux0Bs(E6PC#b$cZ{Z=suFct z&AYsOX*%Q518A9I8Jb)itX&vNog8ewey|-)&E$jR`(E;)*hiiyUrlpf!%r45k7iJ* z#`l8+-$OEipkP%#g5s~Co)dRCJ@_Xorzl2bh)M6LAKPE|n6xzEZ5Bpg2DGZb6H&HC z%Oc32`9Q_y;po-oEPNFk)T9iMoA}E8*@TwOj2xw3P*|KYkL(DgfNigu zWg@|8ALIO_hS+xhN1e5e$PC*r{?8v~j#rDRA$iEN4V8?nn9nE0jRv98*!5~KCPRJ? zi_@ljz}f{{drsW4x+07$b+SxLf>R?Goy&Q$Sd^1mbb!gake5JSKpvG-bJSpCZkNx? zC#|?c6japN7?A5W4^J|vS1%-u3(71Cp%SjW2BR`2^~f2y_Hfe;hV`HASJRF%d>q^R>XruS2Yy%Gyrz4@_wwHoR+ zT(`_uIEXi*-4wAirDB>iqOB+RymeM@6`q;+UT*Fv~sKpehvf z%9PUnvHsod_&WnELHcXtNHtYM5mIi7^p&U+P|;;j5e@g-kbc>4yFJ&x5g7oxj$#^npO_^N3PD&7mmrXP_6?ej=q3+;$}%Yh9t(FrafPCyy3=&E~MQ{{yR-IHf`rhkNt z{yOBb7{O`K(uvfFd^y6u0?h-SC8$;qP#?I8btsFu7Jl`l*us?qpaH#B)FOxl>RJYG z6;qm;>8t*l2hFyY)6t#a6a5Q6?jKOPMy@Pnja$xHND%C%US=;T77ho6N;dKlk6-sl z0&~YZ;4SPvkgCD=dgLXTh;&;p5If0H*8Z}KsvrD{L--SOr=K7Zqs&&S_M4S+XHYNS z27Q!lOZ8V?QCTHJVHBStgcl9;sW5b7Np|4Rt8$VK`T1J@6KBLFk=iFoR-k*K4sr7Vg zn!!OTB0o?m5BGr!oWi>q9%rpiDw-z0$tc1y6MBJi8oKRq4%0rS(MFUn5W9XFw0uBY zTw9`LCLzFmEAm7aNi9NptjP@xr*XFed8uddr`3w2gFVZaw{_-@Pp3C620Dap9moHe z@c#c3FaANW8F~+^_SqYQlL4ls@7g{|4c3qz0IjC@3xfWDtc_*`*Mso2> z-f{a|y_G@*pJP=JQIfBVY}s!(LrSTH4wN9NA9$Vf)s491@HRZ6G${`ig{*UL0yg|8 zQKvLe6nK|xvCy>SaS8`uVi9{U^@=P@rGmwDN;RdLZBIMYfx)UWtTMo_RYyu(uXbqz82ye#4R+@ql0&n>ME76Su0qROI)30 zP$fd?8pO|YGX+X;MzE7Xdz5qv)>fzZ-$?=vIO*PZ`&u`N8fvZP=#Vg1)N8Q*NK|WU zDtL=boL`DlwKR8@Vv`kHNlM&B$!DYZ4Q&So)%AC@9Tjo?8;Dn-*N0bxc8r;X(&5yp zA>Ix=77}GLM&~=_xX`_+|Dr4Zg*x?@Tl+D}3#bCy@E+W++Qu@gsWYm6%ZW^FmS7J_ zi7#*`p!5nSM3yO?=lM#k&XkR7{)lJKLmjSdZtZYJui&=0Hr1CahJX0_vv4O zfvgmOxY#j*o|wFBD_D+Pb8fLx>w_YEeI9$QdBuM5HViHze$w3!t;Y+;V&?kxQnjs7q93Ka@FY6#N+RN>nGF(H#C{ts}T4Na`3MiwqQ$~>_fbdjD!^j!q=LVl+$d(zgO@J9+Y4m?pzG4VtXps?) z&(Fy#GAJ1@7hc$)oRN(-(%EIE+Qdp$MOT&GhV<4hG;;X$7RmDNtTm93TPqt9F%~?j zZ>D}`$1UcWB9kWi;o;59)9U!P$(OkO3-d3TPt$Pkzl01R+HcT5h`2|M=C_JAsG!K& zelY#VsWbl=gMaC%e;c9D#VS7X*k>t|=g1;SKk*)d7Ybzqlb`azQrY_U;W!V>A_RMA zU=%figN|;NMXsM}U$?$sCwjZ<{|aBxJgZJf^8n!v$HDhg26<21;g;D5ViGo(h)K*? zOn*7uk>Cv>TxwzA);8T|6e8Ejd&jGEX-jF4V3rKs!l2HOh7#XyPH$}s%-Kf-$Kmu2jy?b z0H8B}LcMkx$+VIpp+8G9XexlOH=y<*4dn!!j6b z^q=7I;$_jRsaUJ=Sf;dNxg)cH>QE}#c(~SEY{7CVDkG!dbpUbz?Xxf>_`uKY*&ojR z3J&W6nIHQRWdk9AOD{dQ?U1vo@yl|ujj?Pp)1l7oGfM{BKqez2V?`~4)3}xwz$+)s z3-HO(WG|g(KQ*O+fswI}fDSR--|$-~jNaoNJU*RZH&rb7V2^Co2LMv=z3sH~4H)Em zx!xRn`1$}wAU*ZIf$6C8?OMea>LWn|AjGIXQ*;#k8caa0zWlzw-+FPrXXxle=?fUG zz`|g9>}XmwxJ2jmzPjMhRlSFeG4u5Vqqzw_GVEO0rn;ABHv;Oxi%&6}IV;c~JvYF^ zvlxwLzxdX5-HV>yeLj5ptJudqO)j*aqU02){==u1<@S|!_j~ae|Bn8GN-O$5nx0GG zUWYal9B!BV0z8>4!AF)4`)(~{wqBO4b-MnrhtKs0xs+t(Tz`5ITzWj1hKxr*kRI9L zV;TnvDmtSil>x~qu7Q0o`w%i4(rn+KEsxhFw+Hq*Rqh@jXOOIZ^U|YaCpeF;yp7&B znX1T|_3!Weo7HmvZoL1)g$GfO-@CF6&G%+cJ44_5fv8z~vu<2}_4#s7-}@0@`~0{| zwz<_gI-XM9Sp)Xa$s8Jd4>(?Q<2+yW{Rzg;dF&mJA$@iP(X)Jbyj;cL1Uzo#*a-UE zOoq78d7oc_JgGtB{nO)b&V1cp6Y4Cz2|@!S3+R=*`wz;m+xpr=%rb;tt}&ds23gm= zN$@3n4SG?jTUG?y7anIv&qZ>Cx(YG@@FdT3ArO9lZ@s?zz~ytB=ZgeDVFk938yG=% z=f3+U#Tn~8Yscf&IM>Df5eBDz>oat_4BS7?DhRn551rRfh~^dkg#*_w%%+Ie&W3m- z+Rr87L()vJVB+V7{I~^C;Ch*;7Fb=qAhdJX8i`Nrf>HD68%`(f_JO5kLLOcGSI>7_c_J&|*KSSUB;dH$7xdot)kLP<=u8{pYJl=V>1M0n1Y;qbZ0nh@mRWx@OEh&Dst z#K#&b!8i|?qvWyfAd0YmFH65<5|18@6r)8*}HE2d@&7Z2XC(G9~cf} zRCm;ZZ$SVj(DC`pvb)^1tnSJE4Q*$6#9IIuY-iiyeADoT)zI4){Jcg&u&-6l{5Lz} z!0j96vZ(Uo*S&8d&>VhcCpI38&$Lt!T{Vt+B{-_!yT{yO@uI&G2LxQe@!x`PRi35Dvl`TpQ`f;cyk$NMwdjB0-H z-kyTKuZF%lNIt0Z>V%7{GaU8l$7Shm&dSRxd?sHJ{D(`*UVM!8>4FRo@Mfrn{^}#j z?Y2?c`k-KYAjLWeb=6g}|5m&&1p0t82%q)E9wgbkaj{#W@Oxj@eGC*cxtZczm#%OI z*js+VI%~d97-!`N-|lTgayCT!@OjVlw<$j#U30nX+#tDsY#=>t_weWYv?fvzIzFHC ze6+{4200yfTYIrN064{le%1Q>cVCzil%nFUqn*3V7=BBJ(ffJ7*zwUJC4Hb@=;ay6 z2>|)Eec4i9cW1cWyBbayUxys^?zug$>aX%&VEsOo0j{3SGW158 zARTPr6mxEVetEyIV2`z_;E>W6V=XXu_=6*U#a6o4i(-oE;8%AZx$%1! z@liZq)ph=A=_PqBX(r`d*7jWA`Wekld8eQd5E+5X z`ZN1Qu=OQl`~`COQq{)S;dax#ry%&`qgyGJWXF=d;V=#O1wNyFQN+8jjcj+?eyd{) zKG}L2U)^&Bap>@ap}0d}`R3gU9vN?{KfM#`=njqsghViPwu1T3TJK38bj0SIR=(6G z|7i!VL1Ep}`@QCBDtx&9E)>M)-u3&Dz4eD8Rs+fi`F3_J&{odNK7%2j^4Z4_7AZ! z0nY?6#?P-wn;y5esQB?7&aFG19?xw%f+BEo^nK9X%)Axw-|2lJZ5ZRDv9*VLN4j5t zq!W8TEHp>PD(~$HCO+0bOkMZ7Tpb?`Rj^+H+W30E_*89^kd^fU&)g}th2lEzkgTzg*a{>MWpSq3VNR{IKs$ zrA=uTzM#_id7ph2aDRjgWnKIZ_HT#VhR%G;{GE@lQsDG#{&<$F^Y)~PGp7w~A3M&~ z3`4~tATG3lz~Z<=g6k3bc`afO>dS7L_o0y$S&V&0FA3IqZ?<>PHOX1}z1XG-zwHBF zOoDG$O^yz~hLGS{n%lQR#kJW>SbQ2~QZj^bBmPDHUX^u;%3DC8Q^$$F*v)(d_ ze`3%-A6U~uv^Tgq?`~cnBx8NInKaYaa%Tf!%e1ws9XMWw9M)r9(OyLg!AcLOZ4l@V{(3(1Za z{+tm1^GnxPM0eWG|LaftXOnQF!nx#aX_+(U{pZd2BX0WV=~wuV5Gp+IzlH2SzyH7N z8E&FK8nsx;-2K0Alp;QZ`d?c4*Eau8@46QMm~ep-Hm_O!GY|G(jpkOxn*Y6#=ny9c zpnlh#(^A&{UpnG{`cePXfzTNd_wSMLKlkW={73eje_)_aNju;_c4YsK3KrGM|Hu{o z`#=2c@j5mr2C}1;uyy|TIB>}`{C@yRw9F{~R>e!}ndFWCJr1C-Wc=Sl(s0B2kEqD3 zpb;KAiT@KY{%_#W<)U<9`{ClI^CicQ6XWh4(6rd@*|p9{cxwr=bn*vO|L$nk47Eex zsDJA^ye1j?E!Ni0lRot*R>49qlVRy1Isz1B8pF zPA?ZfJvJaUKA9z-!AplZ+z;=QgSkF^X=~|N(dof(?i%GAOQ<21(YA5FW(B9U2`TxE zQD^o(i+d%^E|(U+ZNHgL7rQZQ6cohHPI@0RzX{%l zvm|X}SDZ(@?Rg@z^N{!@lYK{;l%i#)U$SPk-<0P1aDwP!)z~55bAipLXR$WnFcolq zMhbGx)YnyOqIKMle$is!u;TafaR~-0M3PJ_pReL4z|hT7aQ_zfE+r|~w!(Q$VqW6J zkQM%dkdqKcU}v12ablZFgp!i=Y~Od%4*7D~;HI+>@gb|is$!n@(hTMo4Zt;3^3GzJ zdhVFYl>8Is=8LMw;nvj=8ug*q78Aeh>c|dj&5wYVOt8=ipQ1~#8eK&dlYG?qj`txG z2QjNh$5Zgh{en0jBo&X&FQCr7b4{k1jvMw_d(qF04uH(vF6 z!G_h-H8~Wdw?}yUIeMY2)xv$ddt0q6c3xvxH4681D`>Jz}gV))UTgNlsOaHmx#i&NMcrQZ4 z$|dd^2AN|GjTw8=`~90_`^(J$3KzHUn<q3=73e%M-tKxPURUX?l+L*uFBdSI zIM&7x+#iTzyZ{R6l}bII+ut5B8Q5Fu@DbAtPq(%|l=8;O%%4&|AKyrO5R>g4uSmCwXuZRT4R*XEj8DIuVS|Po9?1RFX7R)RrcT&D(3|5rEWrrCZ$kFWHtFWw7sJDmCY0~MNyO`Ix-%*PSrdLG(qFA%BULj(@r#_O_P ze?LY$S$QHQ*c=A)KC`gIzI^W_d$N1kKJU)!j1h_-voZ~HI$ypu;$EFIj+$?}n>HG+ zvV(lGhKS6P=RoVps2+w4EIa5hD~Ecx2#T5_dSmH!*e{}^W~T0zVGuo z&+EL-i>JbKD+;GkS9gp)MEi|}bmJP17m370A~4jHL)`BEk|FYO;&;zhZ7%ETDD8!E zux3Me8>%VW;o0@%QlAHaF)PL!OXkRgd^34T<39#9nSs;k&O5GbUv5wFE4<`0>p2Lz zTbdE$K$yfh;HiTOMO`f~y_T~?Jigl}e-uXbj(q4b(Ex94L`J{n_7m9^OvL=27#-Tb z4w!^;=qzM(?R196-h_@)_7(W_lJ=D1PIX5NCFx%A$&ngCt*gA|5IpAANh=B=NvuH`28f4q0v?KV>5qUswT?jgSA)35+6xy5$do$M(6n%)AR?iMQ zrT+-bKA->&%|hhCrfAMr4`D)G>TUzcgp>fL&OiEdT59!_p+_ZLbxQvakz??dN`RBrG?K*U z8_-STifu^4oMvxQ|H~;`C~co;IfE==MS0HnKr)$9?@((5>liFib%No>*_6z#Mr4zK zZ@I_8&mmqg#+#vNm@StByi5|_DLd)7JPf@8b*VEwmLJzH>pxdE11dasQL{6uc9w?j zSlC#I#bTG)akrJh1bSf~zj@oVe9=?7Lbh}~?N=0Io(Cr4ZBVboXBO$n9aOcRU)GQJ zuO4}WD}$^_NilbM68z<;;)f|Ev+BoXh7R1m+lfe;Xb{QB$JmO5|I(^cXt?Th8~W%N zB_TH9s>vIC3CVn#3F!eo{Kl;Y3pcxoeloFjHL{nFj*J*E^NsEM(a~D3-;?Y>`qm*cj7D4kQN<=3XknVMwopp zo9M|1Beu7N6vyxOw2E-Y6N-)zRI0gn!@5i*VbXeFB=Sqi)|m9pm#|qK*Z1nu`$H-S zPKKz`Rq;T+g5B3HUQCAElg+p_aI5cw!r>fQZkTGa-X(u5Y{|%1K7mT$PlXG?YRV}A z`v|p}8n>vBLa5MqL)vEx;_4wX4<1&XqgXbd@X_c!_%}q9*_lZE@Mf$%5#X=viACoS z(Sm%~WioJ}-C&PeL^a7qG_!7C7f$efzi$^fgT0MU9w|=A;)d<_H~ntosPKYiffOwy zL2xDUMDtw^7D|2d$AYM*`)LIkB&da18Jg262ID$6uyY3Cp z0+@Cm#;|w|05~2f4mA*@W72EU>buIo^ZFo?yH!SN?vCQSUT#zT9bqWzWDSkLRwT#T z!C~^&K$ir}zrCbHO?{bdswCTnFSmL2^v#UZIM)+ZG3qt>ofX0op~pBx;V=n{*oT&l zbVEOfXd>_UeEzwLc>P-M5F$z+G8G5;*jat`8a-z);k~H=6V(hh>s&&RmMg!6=|;nm z>rRZ1u+g}Fy@v&#GTsV!$!iudB|92`e2he#3 z{)3*1BIY7=I{_doVo8y5W}&ZWYxF5GG6xq)7TbSOJCU&tNiq9bTcFGz5PJGD-(n#& zXne1Ur0V@WK6{3*LjE&6-w@h@8TXE-?sL(^7!FqEELF1MlErq5zJYJbHK_sPx!2r1 z0&EaZ%YG~k3^j|`E~N2Jo%j%*YyLq4OCUv)R)H+80UlxGA zVQ8OFpqFv;fx7K`UDOwM-iOd$N#^CZhwQYESENdI%+Hw!Wp?|r7DAqCDv3eZRDz|D>RRRL|y$<;h?62yRjvKNL2QlTAKF84d0 zJ#Dm)-6yuoEbaxHD}ckuOOAyqQbUX}9Nb18GF8`qEB-_Bf*~#Ks{MevU;|=?t0;br zD7(k$9$Uk+P=MS$UOYtvbk^6enP<@j6F-YmZN!$~j>h(F!?J5~WxLg32>o9kGG3A1 zca3&+R-GsIUK8}A*o4x=B+)=D^{nBHrOy}CgD=nCS;t1N&NS3e^Ycr{$K!LJwZpuD?DsM=9Hd7{>O z?P0{hk4q0;jS#-QacH}(8a`GXq3P+0HYh9C*(x{=xGb8?SV#KJ035X5Crv_)|6U83M2#))XLK>Ht- z8_*v2_=#1eM?`yv^JrI5&5G)|mW6wHT>)novbUJS<>aBxq4A1+P8oNoi~YGdUT~~R z<%S^dO)s8KE{KYAGJHz4H$e3b(*o!^rbxm9JUF$uB^b5B6ZkE;*_|%8NYBa#@!+*Q z-{@~RG+ZT5Gf3Mw*s`T4yXe!`c~PUzF^^EAAG$YO_&$b23cU%!kBTkXSn+XKw8*sA zon~rSyHg%{v6|-Y7}lAWlaL*?osII}cK$`gY##&tIt@iQ8O`^}~oy@D8 zc~aRR29~}WISgwEzIly^wa*2Xdw8)+TofYef)-q%NyeftX%(3Hf0+#P;-GRSscU~H zh*MQ38U9PgDy%)rzNbndIk=)3Z z%5?GjWM!TWxCec*T(+yBlB12m#_8UrDTVs?%gAKDoC>F})v701F*H{W1Ff_k%ZCW2 zM(ouYeQsYr2Xzx&(HauFf`=*Il~cKXbg*G%)~AiOS>m&?yF%q9nT_hC;K zvk1J;qvP~rNsg^H!~5sG4v0ZQHFn&auDF7Ru2*Q zLu_T6ZY@r8;WbHcA(FH%`d43TJ#~XRcBjbnZff94AI7>JhjxO#k61ysiT z^k>i^#k-b4pHT}&b#b$wvBK^<@)xe8nZ`*EWt+uGmf4`I;Y8FHYODC{^Q`Y~DF30o?^}BMX^sOY=pq^0WImS}y^tyBCX=6h z`ql_T_XPEui9`Q5wi4Dh2L%dBFTUVa39&NDO4T%`e?*Y3P;BVmYq|=YY5el`+tA&_ z_vVMgq9f9re|O}XS`cPVzjeNz`iYSJ_WOjy_+(iDjKtDX5T{3r?_7334*j!k4~1$ym^Z9QI74*jHH$uE~4 zJ=;dfD}QKz82F9%g+7VHtQD3<-!%iNzF4o)kef*2KEvOU2RLFq`30uuf}uUJ<|I=% zpux{kk=F$Jk>rAona(u@TOj@_aI&cAyQwW`QF=D8FnYuNRQgUT6R;*1suWH{KUaqw zzX@S&dpig>F8WZmYVh?Pv#bzYtl{9S%7w;jJSOhfuba6j_v#E(>6r=GNLkK_L+ zT{tL!Oqx5>h7a`WTZ&Z`%LfN3*Th^hZmq9}H7XX5ez)bX9OO@Zj;-tU09)3@?=a~i z{RpPSCi~l|o00wJZ}~Q#2ya!J@oxXygs_+M>18#W(Eqz^Y+U0gzZq(FrCYRyjdj_6 z3@KTdbN6le*!Uf4N?ttq^UcC*$j*r@%CtDtkm$L3q?;m&e7t`hB)Njlf%=N%IAH<1 z;TMBIC@oU%njt%7uYKGwue7&L>>94__`8ZV;G5x#yu<4lUELhDq^*sS#`CDHe&c5B z=Gxq8-vHA^+U3RZ(&3ffZrw%xAUkNW7SOR#E8>c5Y0l+y^$3}*u$^W4zO$}6*0{@J+;$8wWTX)*URiYK%#6BVY zqUQ5i<^2KY-JyU&ZBwkA^330AJZ0ML+^0z`Mi?aOR#ge|d&2JT(wJ#?-i4Nu@$oM| zn?m-F^`mKk>gMgD-0LIl|BT?dZIQmPQRRNoDKt=k%y%nyY77&sCnK-T(YlQRszXH| zYp{O+Ybl*BSLmL7HMB{0!@2wK+K!(1+%Y=Ef-Wi-==G5*QdHo)M< z&uapL1Or^E@6CYq5gA+_OULEaA9gm>@7pb;Sz?EQ=^_J*(f*Du)nAg+#jvasw|+H; zwbX)r>?BuY(xXd*{U?(P6+{O+p4p}bFEsrr>{SLLR|*}6DHeS_Y*zN$PvS<3E``eF zD;%sg)Q4CN*al|3Ej8+$Ll+pQ%@{yBvM%aR1}aj;BI!SLH4_ROV0s1~8f48?sr3pBa$y*oF$=n89zs(HI);(s^b+Hn7C8zj-8!_ zn=!(fe9_&bhj8EE%6h}Wv=7(nb{{e$((4!J=eHuk`?Pv9ZM6tci7v$PYewRirQ8GW z`T^g3A0LJCl*r&ujAM<59hbz`A9S|{?$O_U-U*Vnce{E9XV3O)ui8qnIb^v#q`{6%lDVomsDsw#TG_P+L^c% z_&L7wpuZew34IEqWQkdd7kYa`u3DUFpI5gNe)TxTOM;y%Ca~9vSEGsWMZ=&ShUgX%hfHQ=~pLh3I%P)$WLWdX+bek*8Zy%1LL1*r-UI5_zeO+yHx zoL@A!Uk9Y#;72zA=B00HO>^BZMsU2~cbi~+aHP?ZtMbADj2CiOGp3T&w2cwO#jRJ3 zE!GFEQuuPt=dz3P1t>3gaC;ZsLi7aNhj#mMHcQ`+-+Xu@6Lzjbdq|gG!0q#)TS#HS zg}^wgWVDA;`~4cExk>EO*g4O?B0uN*7jB7lZU^Wdo4>oxOfdJ0r&`l=c7jnYn~TwD zjR^;=1pg*^I@G;nY#_@wFbx6-SDQ3nMOpA{CQor;GN`O52Nvd;u9Zbv?fS`5AV6Wt zYifKE`b?P%%Z<)#j0D{$^93q;MAIeQNym9AM|J}+G^Y2KVwh$XRA=Z~Md?wi}=ETXA zv{v!3dH<9Z?`s$0XzdNcU}!fZ@Pk_ii4Y4-L+o^xNd+_CPHXHd>UqNn(@#vZT0b6s zpPhHFh)j6vlk_Ye5BY#8-}j7iJwA>;8W@PniT7o|Fp$~!EDUCm=e^oI`59WFNqx53 z#iWsyEIJ;ozoPz(Y-;ls=0`JM#S+EBJ}da+$-wPAk(FlCoJ0NEWTcCWx+A}X3}aB@ z4Ma~N`{FcYv;HdcH+TG0u182BRS7lnND$WAL6?R)-*SeEB~L&=M0#ipN}+ zHUEpGw-$Q3xD+4rj6JB6MX#cFTu7Vwo9uzHV61TLTh{hObJ(++POQ`ygj9pBbitIg z`l27yVJgvq7KVZh(*=VBIx)i|IlM?=eEb{*9^Woj+VaiNVUsGz#VHWtbTWn(tkQIv z%BZ1DH98P`J!N<&i9A?}I`(L&PyLay?uqMpK{7nPiF^UAKd7du$k@tn1)fTVBsZ}V ziUux6@vHQH*T-u{E|`7L1W~0J=F?B2wTw6=ZQZ~1iT5rHFqn_MiQZzqRT(CxMCE6^@G`bURqZ8b5OTnRF&dOfqr5kQi$)?``L4DLV=!X@pH$~J58sQ9uD{59 zT33QkuyR_;FI*11n_V(H)}c1ED9Y;lwl`eSA6nKo;{Ez|p67Q4yxfgWW564p*C_&} zNRcV723a7u8;dr(<1vHe<%p|8b5-7fpi24*^H2P_IS0_54B#+yaoWeu{ePg`A_Rvr=RVwRHLFZ$=?ucF&#?Dqg&+qsmyPZV z*a}ncpcno*_}zwj^F~=MaWuork%xc!NO^gL=%3x!yowy&>Lu=L-$p#C+VKCE0+`QW zExD2FVGkc5lo;KtRG)$c1x4O>A;~cq0+#Z4YKE4W>};lz!0#VjyoGIPdnNpF9G3u{ zu(mEODS zA45qr3+nl3zfU$_0Z|wUGDN`bdhX+9TxT$gXLsv1Lv7qod8D-W2P)+`(SoT$njSC6 z^SS$gsq4m|29B1iO~a^uD{Zx%NCro`Hr zo*7+4<@dh`N#v+FeyV9{vCUyC?mLih|*RvT_CMNM6D)i_R~XP4n3x&%<|h!tPWsc{biR z9+VoI>PE^J|C9mRzxhFTUMq$S>nk|E4hWI8k^GqlKiijSADGE`;UpEz96$JwhDG#5 zcc6cf%bD?buku~@_wrf-`w$!4URkiu@G+12GCQ}k#-fi}+E?eGl2(5fqZ(_^73Man zgye+ocsQH0XfzkJZ+j7Oyw)}3fe>N9sDuwZE!iBsDdoqq|KfPGTS1)~|)WjK8O zuNrz@N?raebEAzSjW;z@&7uiJIm)kob^Oi&t6&g=lnwpHOz4T2j9kpKH zZfsqym~Z?yooem4w|VaDy)e9P*?%Nk@m{)@MGM9gmz#2G5Rx6L&t1y}X#Uq-Sfr|P z@`tp^H_e;dyPJetavy;qi1{ZSu_vxH&Dle+gW&hqVz-o!ZoPM0qS-%^jK$i<0$-bJU)bM=Eih$Q)}QS;cL3_h$J>0uDiYz zA8Ibry&S7F8^X1P>-Z(wUON8qMA-g`%f8c5hE>a>8FrTj;^@I=J2b;OSK`NRi}oMb z404Y_7WO5t)*F8Vvy*2lZD5aDh2H|%cK4H40jB*2RshgBGtAd7U)N}9@J#ODg0b~> zCy*L&b>bk|55LVhQ;FO$+N^9zxACr4kDin`j0Dg-l&=U+df<-|+c%Wzb^CVqkB9h(mF?R-xw ztbugI@Gb_%LOr_HHI=p(`Ra5h%FpeRV6&<oBKW2Z?`p3p|%jtC|tT=YxGbGUFSCJZ|_E=Y1!lonnwR z*@(6K^oDl>Tciy(u+~IRQpAq~N&|cF6S(+zryo|kaOk5K1g-LK-nO)i#2y8}0x2-{ z%X6xN@#;(W%R}h{D67I&6G{v#>H=5a8pp(L=pHLk^~}+4_s6L#GTfiXbrn%F zBh8f^3-&om$37=N03L5`*Z+E_M*O`;lMgB3|7&S!#JFQ5E{bU=B>f6Q%95AuB*X7# z9qH#c1lIXCQzpIgeR2JXS-XBV#KcY#MXstDdU#^=BXoHDJQMrr!9uArsAitn7vEHA zx&G~<7As5HxiwL$dP8I1$WM;p-sit`A^{<@C$sp3ku@ZOLsYY&;fVThX1>O+1!2^k z-%*U-wX(bzn5Y2R^b9I5SOKAJ=Ra`GINq)oV*KSC*2YxViJA+=!UuF%TofjQg!3(6 z-T8ntL3J!=_t=~jlkPmT+n}{P_4*dN5Q36oMlRO!){#_aeD_=Zn-8{>FAP8pT(dr2 z)}#(wS12{-l4*Gjl7c>uy|nsebj-GXLk;8$^W;pUjDw z(k6(%&BKj*o4Ua#zmP7v=|n$bL_Zat-ff9+mvJ`E2^%@#IxY#A7D=k3H0VpK%y}W1 zk4x-_zp^S26UYFfcwUn++}8Hu(YZgq?07C)W6Imz@cGoC?y|AIq4P_$x{HtR04mY_ zovq+*5hNC<3ZL@(p|)KW4B|w-4Lxynyv*mbqn>D``EK(dei%;~$x!{Zb~6@}&PD6~ zqhx$LlS8~+m+8bV6Hcr`Lz;Eo57s6cDcWEPx|*lBjF`KqpjNZRGLktzsfXccOMmp@ zxg!aVbGj%lF=*vy^oxl>*9)K?emWhyAxY3K`^OlDe@Ol$-+*f1^G&rZ3%Rj#{!9Nl z4QX{xWxfm~|L9Lwf?Z>%p!>}(8MY8*!`sqVcQW!TOZ@JI#iysccihz9v+Of#bw&wNxSevuYL3`M}%u z^YbN<0n|Kvb%Yhv%Jk~j&H&%OnbUX9p=0{s!SH`IkcpPnR5n( zygq0OZTdBl@z7`czBN<;6n7d6sz#ucMJBqM1Mj^=7P>oPTOF0#$vI(Okwvzi^J?Qm z-}+?IlI)1GxLl3^N5Jap^sH&_qeBK_o3~x9w2#__OVjX)F=^8yXr6*WL^K}X#5OCx zGyRlo`)VYhQ)MZ3)^h%4TXz7Qf_Y)$Q$Js`Kh7@JCuz8|r!^@yfaT4bp5*7lTMQa= zV|<%8wSTvgJ8(2?-dIdbn2Iz-LOTxPW17yC4%aY0Ef-y;1T<@75@C{+5T(%nG5o+TCfcWpg1WZw1ZK&Ac<}od}qsA5Qn5 z=t8m=ipdr2&(U^v50}4LX_pN#ahkVwEF$Z(u!+vjnF6gW8OXyO_g(2=)S5S658AsVfLD983Fdw z-MOeC1;d9p9Pe8*F)b*?)0ajX;Dda|qhle=GJuPw@E{NNMxNqnh3iS|%s!nF;mej9 zkEaf|Tql@0KY=JqAxZ4gDEdGnLbzQ0aBpbjV(mtZ$TJ*jjXl$H1dU!ML9wm zxVx*s(K+kROPTvtcf{F*Gvj>WG*daJ9>E@(3VhXygtf_9<4Wf~D}L#02XKhjKobS8 zOiz2SD<#dsYei8)TO8V}(^k#aO*x*={m3RYXt_qa)MIxwsALmt1zLoCp`hAUXVepkkg z$2k9fR&Et%tm+~R#WK%0RXb!qZ=3jH0QCjc@mKvxZ*rgnHSeGCc@ zsoLPl({B*1q{`oK|u!&$hH;|hae>YicDl<8EK>B;D4cx+IZ znmAs6D8id+foaNj5hS&9hG95-LF^B-KlK+lsZ4%j?k7>2)2@_f4v!zR&t0wyQopN> zrkxDPKl57xmj0|i?ED3J>s@p0>a(4&TeF$B zgWrZ$l-!gAQOTIfj**HkO125OIHe3HSOU0d_9vr=(8L!2`QyP~Z$9)!DQitkC4)RSE+SN^wd$01<`KBuJ|Uq&J~{Wauep zD;>-x;h;nZveC_3^p0WabeycLf^Benid!G3W}a)uJeQCZ=rW-ETA$9mlkO1Qy=nFw zW->^! z(47`{IPnBj-3%H$LMw>Q9nCiuct9`8zGuCD;U~_p>i<$8ncFjY+62veyqry<4SoFq zwD4tjbsmB6MDZ-FOp`QtO$%{Ur-)HdAx}cY14eGM$<>az3n8P;Yf_bJ-rp==3~%<| zn%oFh8?0GuZUju$;VL-PaJO$Pe7iIhN!LAjQtWOXyU^FfaKSfowDt}u^$(cIF?LZs zb1R6S%u9fA6`{yx<=1cn!`Q4hc#cHV0rsG!Zs^S?;TOFt9n8|=1>x-4B} zM|Dklss$$eL_pL=MZTJ~FIWU3Z=HER*H&9`J}Q}bfTwC-s-^r8vI3$FII*@gT{}`z z%P-!JyIMY!bcI!k|Ake*hU5k4dSCusfoW`Bqw^Zh4RKb!&6( zLgCu!p=$7qCzrsSE15TjfjVK{7_)B}6!TW)_OxO5Uuhi(3By;f&&&qaRP5ZX+-aTOpFMmU2dI!x zLAMcie?h{;0j=A}c1jzLre!T9o9%A3-(DHHyK-vyO?GFK6U^(2`caLGQ;5Pr8lq5@ z(@oz0o+mZliU~mCsjw(tEIn7L(YV)YfdH|H{o@gB<4U=(;gHG~Kwd=;aeh33T#-BX zpNuKse-c%4-mB_KONomaqw{i2dlmM7 zG>@qQuW9gUfZH!VcH7@`xgR=R9*(#Bwy2~)F>)(CuC2fD99PM=zX9fmZYrGAZQ5V*^<_1f5b-7K=#-#WwfGk2S)COCNYUdctRq8D-KhOW?YW?ygEci=23C*Gp zqaMHcWiX;=X6N3l^r>xDLscZh zvwI0!+Fj=B#l3xu%su)`i|2I;d<(eXWlU5srf`1}eEBaoSxNVi@GML9-h+1?Hh=Zn zyh6f6Vsr&k3T$l59gI}z7t5nvaNLS)iF2oAHW#Y@U8IIKlWg@b-_Vovyrj!ET$z-e{hQM}%gV3h6 zulyHcS9CPzs%0=zHT21t&WK6K!QnWtqU1LU`ep9c7IkZ2_L~}OruP$nzVyWE_r_Vj z`FpAZ`p1eA0a7I6V<&&}o00cZ8r&vh#-RGzw1?_HhVPuNlNDU3IVOSOC=Y|dVV^*=@$^+JhKqdS9i zvB{+KC*|;m&Cg$tTKQTreJ60)$laKdVeAp0=~3?1gnuT{4O$`iW{%grIm+VC3W-S^ z0YRtN@vc*Gx|{4Y#jRS0tmkb{ze}jB`;E*2kDhv914V1&g0kyCUBn|-tGu44>WhO7 zO$g89lR}MT82i+YCv)~pj@rWa!++*yqWRH@U}4i78Bm2MTwTm&gpuEKt&MX^rx;oP zVr98s`oleIQampcImMA){^TN5lu)ZZ^0l6m_xg`oXKu#s)+5Vb8fu_SBRY&yAG3)*Je^-j6OL^hn5H!YmV zH3U1T#Z<_HRksi6e^oqx?fJ{yO&BRHuy8$)GWCW&==r?x6~W4#s8aC$dyltv4A^fQ z)KB<=&-lG_ZWt3x-?e`lbT`M@=~b}hgWhDPXnm-ScY&^-Hb&IpZ$C1Ot3 z1LJQ~)ZAXKm&98xDt4VT ze#&Dz8?(_)ndN@CS+fv9eap>fv@`DfuJ4H9Lpa3{cf5W~ZjIRKqd>>%xVd;_CWPwZ zS7UNikY6{R@kbY!69F0v3Teb0`8NG2n$#UZs}&CJ#rICtQ?%U@!DiPjE`?;Z`YsGM zT-(LBIXsqd<#Vy8K7M%h`rk~qt(acE-YJx|f=^wgoRyv0_M|1dy_ycgBu?=h_gt(E zF?#RR+0JQ9q_*_#C*N93O7@M^f$4SYcF9I6sb+=btBK(~B#-Om>4-LB?^_QRdIw>_fL{%8e-s5USgeae0ik4Rkp70 znTffiqmxYzFFif)<4Aq}&Wx0cC)zYSIxGoa(=l%7?oQQ#f{(6~b+#4#eVwR8U^hyc zk?qQ&Xli8{vRMH%)O>V`|zWVNAB=~S)+C_ zU{q@Q6Sv1(9kFy<$2S&}mlhcLI3b1iH@bF!hFG{nyVV0?-H=TT*Nsd<#kE?7K$2fVaikMa>;Thnn|C6C#8n1*zc5S#S7T{z!d;$ReFvE zMQs)JdbCed@mk*&5|ZPLo5vR+=p{%0>nw~ZJjX()QD?O{Wh`ilO-9D@&*%FtZ-w_f zFVt>v>^S{qiR;@|cfl6~=7U7ttAT*HI^jcjz*gWX<}Km8cVLa=WOSf|9TQcD`ZPnY z2j2+Z-C&rs=QS+yGFJYzu%h8&_TeXB#qunY87XdL*mc!Xs_x&W6{7zOAKrTme zxk7b!kA~t$q3()SFmP_iFBbJLZY)QU{%NB9$EefwqF3yKpu8OX9cqX2c1yhDrs({T z+FiV0m+1*QEeCa^)D#ywTY+mOpRbrkv$$8DsJ)+y`uH+dA7nA)tWkAAN4Ul(+qAY{ zRG1Nf;#HgWP^XHLBP*bz=1cJW$7mOC=W*x$sc?ROM4Q69R;ELlf5jOqATq=s`qTSq zbNoD;!!eC3{tP6eNv z){?vpu#+w}I(ZKTY6K~jGh<_GKB1np z>EO3W;n#FZwno-rj7^6<_&YDszDD+WgRX5Wiz_F?-ZgETNBuKB3$iKWuFF`{-%3(Z z6*ih{anI(iSXQJoLmm}gQBr%kq0-h!0?tSlJT-^78Z(Rt{nT*g+mFr7AAqVgO!-`y z|G|nmsyj)zt77#ImH&;uOsr01^NZJQ%h^jU?FL6k^(=k(dQd7LN`BQS6p2Iq*m8bzYg#;(8nHsY8M$>t^!>)@0HgDpS0XJm0FBtkTv$i&Pp+uY_ReOa z0rMarOsu!#8LXz3uxgpQmZJ%jpG#nvA85Ph0+z_>}xa|FjMi8O%L50mi3Ca2EK~}epW$5+)(kUfN)}p6-^|*;q_Q^`{)0ZWew?DJJ%N*Mj z38n4+S~I;8DMunt5jFZ%b%Z)Sq&fS?bXh&Ue{j3p}wLlD|63lhCe&lX~Y|zL>bmIyXi}zxWB6v%VBL0l)iq<^;)ms((XZeegK#EO@ zgzwQa(b5_gSZ7*})jMPcX<#8SCnC6_O2eHJj=7%LD51$Hpk!CM{y9&t=evE=smS=W zitce4hwY$Qw(@?(wdzhSOIr5(;?6#WIl`dQ6?Mbx0HXPtU5HX(FeK;Kdgk008npnl zbfvrGqhqJbgZIB%VWOKkz$DdY&)0E(QcC*#EZoDm%AazL9WS+HHj?5;At{ zN5CXJ*gLM5ZGA^FnCBMo!wQwcL)DsU)#yZ|%q0U<2gg3s;07{(`>9)KcJeO6||JfI2QjZX?njz}QeO}e}QS6Y7K|EkXO103t1<_hwYI$Bjxb1r+fe{T&Xa^J{ zk!TLYPrgb+2rM#jLZB4(he=ZDoi3vy)Vq4`tDOXDv4P|uijlfMI1Baon7v20RqICR zSUtJ!Is&XMyDD&Lhf=`Q6dy$@lpvqPZjf(Xb@ob4GwntLwn9x8yXrb5b+^(@>-deT zS-_z!Zcwgi;ZsrfLMc9J{+Z2}A|jJco7fAQLP$ywQ*rM8uXjyn9U2KoDnWOL*leMi z*?&unc^JG054ulla01dAM*M9n#|k_Bv$CN8l*Z8U7>7kBiBnfOwOUQ`Z`hozxU7iO zMdJa)^{A@tRdb>SFHZUrfj_fvdXMlOq7DS zJQDL-WE7mjp>&;28t{hS**i5+5eu6UJvjXCo44zuYNM;c9hu2)WoM70SoqHA8=0Vsm z0m_0~$9OK-YCP}3u~zR7vqV>*Sn9t^E4DTCh&o6Pgy&(dy?@S%Es~d&+NejS#v%Wn z>6J96SSH9r4XVEUZ?{Y>pQ_DNpuei%AjunI^Tcxo;?2VXnz;g83-y@6b;$emcPgj^ zo*K10pPj+jo5YTSv>wySYoTsuSqRUu^DoPkw{N}*;Y_dFtj7$Yg}ALX+qV9(-}6N6 zLre|k8RiLZJ$am*B-wEp^>;!cNc%GfEC&OEj%Fl5`x+Y@pYmQMeOrJjGTTQ&KF+ku zw4QWIZ~y{r9=5y}fxe7Fcga?2ngA+HuT7+J*6xd0z?)kgZk?#T0`+*lQ)B$F>b(|= zr4@AQRZry*f4dOhlWYeE*4`yV zh90|>!VB`ec&q-+BLdEuBs}@Up+`>zq)U+gcAm&G*uN5d#yeO?Pz)aE3*I^ehAXFb z`N@qgMA@j3MxLofP4c>_dOqM$zpK{VGCU^lK53f64IM@{b16(OlFw041>W@vWI@p! z0ssL8SQa(x_M+wPIXC=WJaP4Apjk%!Beb9bF~2^zpGeM#*)i0v`~O-O59}Y@@R556 z<-t^WpWBX#u*@>0_02j0{~KzrXls$suii54qiE9Rr?eFv+?nDcbg(eWURv{HOf6L-QdTC^xxyG$!U0t^mqii(S>#824@-8 zB54(gN8jSxmr{_4nki}%O?3>->TJIgvZXB4FK#{F{#EQwq3+CFNvc1pr#k}McYAyD zfrKvi^eeerx#>V}2&RaB+trO9B$9CJVL(?|&QW(?HTbzzU)(pNUTAwV|MwDG1-1Mf zyfD?WbZ`Fbp3`9lUsa|-Kn)HxvL&Ya4;CGD{+AQ({H1H24D(2`DC|Eaa+#`sxwA@{}H*m%gceQ+OCdt$vrxrmn!wB9!=YEv#PQpmCkp?%f+-#cI3f zmZQw{qYewP)ddb0AK6)1>t0E))bm#otXPOq$(L#0x2-40m#F>s3Za47{QQ?=-cMw>H&VvW8*1ONZf}-5FxpPs9D)-MLEWEF(k)ZE3((^lk3_fSGnDO%lpYx9t zj7P3`k)Duyo}#qlO^3PLk;T2dLZ)_=+fjLXkQcsW|Z2Ww^t%6ci8|ge< zH;sh6pSpoEZP-irO!FJ5pbsxIPCUJvZ#wKg9{Q~K#)~$Hs?!p3<)}%0RWc9Av-B(E z?oDe@BAd_M39Am2|ALJk$pzd<76>sRXa^@z4<%E4gQ~5~pNE0mmyqY|Ai;%8WVoLylJ@W7}AzQHZe$zAltHa%rJ9NOet>w!9mS;@1@DaPe71)S%c{0es z>#VusmTlgsF*P`SN;zawaaG+P-oo#}RgxlaU%dEeuv0rQG=vm?AF|s8NJJCv!OS|< z#O3^FFX+9{ATDqESOR~J4#?tZP$48<-6aMZl3$`88Wrq%$femCw6JZ9v}Tc+S>zeu zwf3O7a@xdmB-tZ*CxYybbF71Axjhd``#@m@F5~XdSxm{=fc+qc*PQ^M_V#~cZ}S!Q zh6zCTKYi6t&Joi}Kq&mxGKfdgIP#Mosfde-C#1!RpK^H~ludJMe-2MVUpTZ~RRWI~ zR0JRA1q|(fkQ4YetRTqRMFm;hpIWJZ+>`bnGtFxyVWWP{kZ<~B^4SXbSBIvMgAX1r z;XqaJQd-t|ln%)2j0b<`hEX=M&D!!8+ffaZ`}zBC>y%^yl#!cE)+?N462tes#fz>i zH-8V5+uIQJ@Y;ZbuLbrb(^`!roW0V){~_uv{F;8>ux|+k1PMX9YalTYm1dM6(t^_6 z(%l23bCmQzLO`XIZpndk$6!e3fYAd6_rAa9eqQ(g@VP$6b)CoiI8Ks=H?ygkgk984 zLPm;PZ0AWk-|lRK^wr`)l+kG!P5QI|V6~elb<0j4Qb15_ONA1VVpF+-i!E*B#uTI4 zrdaw9>MWe>0?W(tStObtViX8Z3X@Jaqh6@4mYR*_X15&cdbF#z%+>z~rMi*UrI@{z z*}(4Sdz8`{^(jTu=md+}q~7e&AAG!5X$zE^5V3{HGwyvM)Zd@a#)!l!lnericG@=m zUr%UoQEd#W^{UV=-{%7vGpT5_b+h~!8-onuW9zi3>M4T9t%N1W6r@d;ZS~ju4$EXB z5PK_UWR~kV2{F;+?524OA2qAcHUMm?+_E>ihkX<-%mp%VZ31<^MW>$zc{Pn&eMNuc zt+x*8lJG*T`>$OqWZK$Mu~9tACRlobSGjE@>L(m<>9oV1zXxG_jbFp~;_;4oZbK4e zYR0yV!_rBl&HSPl3++;c2r%ocwKex)OW|JoMYaACD)1Ne+7dnjyZFj*nGx^NW5*6Q ztXI+8Ckmti7hRR9G)i-jHlBQ3v8$PNuAj&NRMAw!QvH}kzVgSp;m#$yY9y0%t2EyZ zjnVZ)K-8&fj@Q=04_QJ6DRvTq476g0${&14QzR}KnGTtwymK~zdfL zna(EXmBqOX}N+BkMSwCXKJlLbFBAGVc z8>&Z1+t;OlC3A?SqhAB@32MdILtgeDY5FuC)kgo5kO`QGZ9R({)dsI4!#aF`b z1)CL;PkjFM-&jmKRQE>HX3YXLVbO>N!X58pFzEe^=5&NT&BleH^hb7!PE$4A@pZru zBK?}(@DDtcnI>P9G4nu-FU3Xr3(&DKw{iU}F^RbL+ctmHe)Nzpm~Av^E`HJ%l&E%J zzn|70rVVZGZcJl5QV~At?UwvK|GN#5%rQ!-e@Uxw+x3*j*NDK-&!5UuyTci4GABH$1wp#^24ka+Sr7^>U{|T$CL%ye0 z?>VFp|DDsc!pCak%2Hdx<&`>}En9P!{1|C;m=EOa%QDpYai3*79$_%Qv50W9MynYO zgvRqG4M+?jkGtH0eFTg~BE=5vT@58#rAx`oMmpB*@%5Lt?!p?9l>3HPu!D7DvvrtU zR%4Gr8(xb*z9wLw=jcxiR(Ag5u%q7!`|grYIAOqM}WRfB4*h@~>AFXh}9+*^VEupbEjOH&QZ`1fyo zQ3@pOclHN-ay%L!s)a)!tux-S9s1tgUy0S!7m0LbI1Q?gSy7(osoZKH^$KYXO_xfM z**L{M47wjlFe|(;8G?_6LcN1;kXOS-HB8T=*m@p?%o^5&8&WFI@KX!?jc4UnFui?| zA}8yQmD`W_T)@TANmY*oP{8!T6L!Yu;)i;V-nkkTD?PT*xO%WPm!)j3-|(64)2ogE z|DzGgk0nvVOdA*&0Aw6YBT@=<%w zpVyKb8m8Ns*Hj(!atXW+M2{|0^&o;4_A?y-#rP*w0u`^FVA}FY?bhUrZOCl(6gwqus_Au5Rh%RH?9PK~qW{k{g*r1LZv9A_DXGU=6o#p44)^s!t$qy4$VFG0O~88Da@S=!=DJuuF%re4iL)cIU1Y#-)!+3DO(>58CR|$!OvVhSWY)CBYQ-X|j7j#CbxEgr%yP23K ztZ$l|*83eKU^}=md1hWGs6=DGxg<^ZGESM9P?(7C`PYSoS7w{;?MVl$S7SenQbj7` zR~z;Lm`c-mcZpdt@VOsR-L8VEVz;V3Z8aIF@rmLtFO_+vII zZJc+qjUW}_S}YM5%*!Jpuu28N-s!>fD1e7`HQjC2$-|chCK?L0fn}pVz}{7t5`8%e z2+M(qu{FVmZ1F=b&@gEJAO9WL-~bJZ(0|m9aikh+T4QwP)thz?&RUQ;_M@ zlbHQ(=V0j!};zbiw5QUw~e{$8qD zpR7orD$Tu;nc%YQ%l_Kd&Rwc4cm{0Q(b#@YtIAuT+f}CShH$}we0h8uDK^b3s=vm@ z7m@sI4ke1475{4b2h40Ap+F7W~>(S;M-PbfGk4hrH@l}w#?`<>c-Ht0gmY8F;vu?H+} zl;ysRw9>FgG>%yw-xK*Sy~N~2dJE-K{^ zXf0p!Z~n8bke7`82M{T;Ek7l{h`r=oLMhmpEW~U6UuM-k z4vq+zxmICOaw>&p;4o&|*pYK>jK|;bhH0f$g;EKB<%oH)bO70Ftkg7mwcR@v!63Dk z9WpGcU#Kj5k_koj9VO=vn!9C|&BuI)eR zRY?o~@F{ZQJQZ4DM1)L2*~jShW$#*`$nYG_mjax*_!`cNSzugG+*jZk*xLA_>(upQ z9__Td(Iz;bG+nldbBqtj&QCY)wLd28msRze)|Q+(eLx;Iz+wDffMa6Y{lI5zYh)5> z8!Xl7CPlo$F>fGxvE5F>!3e`lC61QuLXBO!$~UTd9rF~oY0_w_kM-G2<`oIfXR`IK z!zRMFNZV>9K$L#^od0-8m&sOx+(XV5Tak7sxvj~);bb=MSJ=P;p-$upKgHVHSe5IM zc+{1$O$mGvbB5<_30#Cmvx0>%zgUzUz!MA)y@#H{Y<(MB_;r6ug`76>dZ9q z-K73SY8W4)*4eM^U1h=sUgRfXT^d@QgCNN*WE(@klGgL|M(bUX46Cpwi&XPCXMSh5 zgmVftuRo@7UNnw*ORvorIRehR6mow&BY`zWmdHHi1(J_@QD8)%Dpf_nvB zP&NG;Bi=U15h#|VZyLSxS)pk~gd*;p%m1XWbXnUAk=jo-0%uDV@tJY>PB8XvqW(Xe zmG$fwoAdr}$0P!x4PxrcA@Z?~*^dObGGB7%!Rh{!dowPW#ol9<3rN!K zC81)M3Q5Z5<~g4iaB%%q(U9xloufN$K1o!4QSc*rp5I0VDNMIQ^5Txk*fkmx6l4;s zVS52Jox6=Cq>GuQ<2bKTxX+8u843@++_<-CloXbUbz9awKiYoCaW7=w>$RGXa z94DMYwZN^Uznja$_en5pt&-Z%%(e)^KAiawpb&ItCxF6S>Wm;XMaYi3u|c^XrErcX zNZ!#0lr&p|1YcZdi}`VFvFtL$@ z?)D2en|9j0QzsB8>4vCv!M#<87s>C`AoUOGryp~xk?QH2L~wz}!J;RzPqK}?0OFZtP53C14q0fxE|Q2DV%7XiHGo=OExOzL*kDk0WvI}f-n|p2ZY8?+1@H6L&?v!c5^{ruKi4rtX?KM z)jMT9HzI+9Mz60?C7tNLq*`#WHRF~rP{`jdv0wQmI#ZaO8KOeFxpU4qzoC4r2>vF< zjQ>`Hn}VDNOsU2ES9kot>oPY-e`W?DOa}fa`T5Y5s%E)`)@euv(nEdeC@dmXPIkBP zVJ9WJe@X-T<@U=yG=xFD_Fo>;Z5KtJ z>xvvN1A!EXT*VR2sCU)+;rfCel6K+9y8ej48C^}6R3rPkm={>7zQ_ao{8bH;*izGc z7`D`=&tiA#-n^vYsq>ZD9~`mIvH6c>sgAb!l=3$8i0BYJ%0h?o6lGbsd+O;+{Vanf zEi-~ytiKh;agH<~Tf?g0FTDaN*uESZ!L0=TV(j04+g3WFZv$;OdNZNZW@UpffFmVa zG5R(i*Up(i!uwp(C+};pZaJzpjiO)548CUJ)M{nZHbPR8hd(@;$=SZ)GCvSzBL7Y{;?G;=AL-vvXvW3@&03~)TLv-*wjAHy+uf)*uwR9G+zQo2D%}4Q)Gh} zi!Qj5W-GVtv(e0oBWBD?T2+kL)NJy;T)KO4V})N2ZPu#L?6IPZs-*nqMm^+oB*4F#wT(_G?7 zn+GVl=K_dQobkJWyhB*)vqtsWz%o>cO9^xmqnhMv-nqFf1WSYX3Pm>33q~Szao`# zyLqtT&$YKJT{;9{w5c;&q%CgR#t83z~ z$l#!`@vZY_3IUfn?iTO-m653^Syto+_+5>Tt?gP%P&RbsohC$C&(ASrJD`{&AHWe@ zVcNH^-X_?1?cz_vEGi}FgM^ntE6otx=dk_9jV)%iKTp$)ttZZF z;*#v*>sOr&u*!B)f4euijb>MEQ2a7Fr(WxJ+x<8G)c=U=(Z8n)0GF!X;V=_J87)MM zSnkS-zodn06RC=fC+sY#c(?L;Q+&b0GodX7Mu{ML7IHm71boq-hsoH6PoUlI8#*YZ zHGTGbvg{zy`IwKRR%ZK6PPSa>)ptQ`+pk@fE5d&IFstNKtsMIiN^4Vzjf?z;(w-3w z((U4$TVAN6Q)D~L-8)I#_Z^+R{~YNw6CstMfY;GN7kgNtd|+Ta)cPlsn@h-A+)!nD zBL<@{8A!o2V>Y1j6pOp!B;#2!;EN=KOY_Koh;CS0=>pG1J9boRMPf!lcnT*^g`iEk zVM0Rcraqyv2>yFH&{3bNe14su4Bitex>2j0#_|qU=BvU3i`~1$v9sKt;R5|z4e)>_ zqdU@R8`K5{g(%9s&D3$U*X+V|q%H;pZ z*`KB?Uhm_*f0aEUla)qWkXHX8P)LD$3!^76?WF9CoWLh0nhU#9T98-Hm-~NK)EF#B z?kP&hv0_NHgWgQFJQv{A+_9JiJ&I0#q|79^m>N@Tn!bH)WBwU1B7bW4LoD0jc6++| zBS9K@lxj7}%cnX!c+RODjB{z(*KR++c?cIN{l%|U%`4YJ-$y^=t*@T>{lPSeP+aPW zPr8~wSFP-F0sI>M801%epz(Y1Xw?x)p%l1@` zlazkJY0p&`BXr=UoK{!#)SC=PPlYQ-u6x&&w zvZ=^?&;l^5o?kiJ&#C^5{o~iXaV|tTe2Bo7&lL4^PxdH#(3Tc9>~mn~GMJEE)gzs- zl!A$pm)GuyQK{Odtgi>ZuPxoJuPy44osSlX;#G!Z=Z3iYPezcBcx?eve}nLVQM!3Z z!lLSHyyg<})oX2`^LX~c_eT%OImylp+i^{Bl4VE^{n24(vG>CZ=4FjeffSLGYDr@UwR`2o(c&+7 zgofi8E%OlHy~UN4(}xU(!N#9oy8?c~!NNVHXPCj844%5Ki@{ey5Tki5JuNoZr8CM~Pwu+Z1O2?cfBE%LhI5EzH8a7D#kbl2N8*mvpQnpU z&=4Qx4fdVDq&n2?>-s_fpMB3W^?x#8oO!a@?JAVZOmwZIX{?f~ttT_05GSS4wcgu^ z<^4)4J@8J`4$DY<^PM`FeD}~0@#KGztR4tYaGqKXb+sZj@r4yqO^)<1Ju|j=Fq5Xy z;zdJ|x?U|d@<{LB_>H0VJXLBvG5=L-;C~^K7h0UvG@GG37L_5Q>*{}SN`^U`59g%Z z#~qV=KS9?nxwlFDLY=D&M=t12BGX=09+uyn*3FZSHGahCw zG(337#9qNddA3$9;p+A~0ut!*>Xb+XwkY1fmo`4`DX=zh4KRfDxagD!Ih1hwcsLR-&-rHmuT_=sB`h5Wzdw~Bht~f#N z$Nr>lwM&A3>w9B3xPbp1UxMCjL{HNmc+W*OrQZETBj`{qE`CPLZhL(#Z)eqozlZ5d z8>#SWWj+gRsl^6e6|mz!1uC$~*qEvG_D;iwfqiIAfLC)3mmC;-ut(=j(@Q1@Dn*?* zL`%uG6dvu9mKiJYJL!jSRh%6x=X`qrxIKpbCTdYC_<0^1C&;?C6*p7^Qd91@crKdu zef7(}61(;4*hG%AwB~F-DYK}ctidvi)*X?%1|I^rr7)YZY*1at!KEnTdf#JztR@_M zI42Z9o7>?yHHq0I@(F6&ntgRM1rfOkwCp|Y!LF@I*DdGe2zt#UyxUz=%%_1min#;0T)nC-2+DrY*9qkL}(dV;giN!Nd zW<_MWwy?xh?oY=6_0>^NWMfkrwky%I0=RVaGQgy_qag$!ks^5>1sl^3`P3#|FRcm* z_o#WlU)&^Rc9s6)3Ak?1kA3fo8PD1Hmtw!qST1c#*kf{L$;pNz@e<9qqi@NcQ~jQz z-QW}H&oEi)|K)lWZw=eh`{ta%U{8>inLwm>nGdsB1*y^6f8Wz2$ zlb@!&dBI66?teP?kv&e7{v9GfyM3@zz+wL9m$gEq z-37TdS)Z+&XIGddX-W%L8Z!{GQ_G<)r*DY((z0{g!1^l47_MB9@xfu7KHv%=@ zBLdcmewuVFqvKz}lNwDxD@reagvbZ`Aovrm3R9(&$lF%U451V&?w6o}!${|px-G6qE#G1CWOgsAuTW>YL%Mc(P3ad&G`wrQL?2pU901df zI%Vl;{OW!1c(YYIkMl;J>Eel#Gh1i92(;pJK5tB0Xn^0V4Rr%Q8sFUW8wYi7DQOZ>4V0TQutEhS_- z5($94K4T{Fb_8S_{QIT6w9!mdZhhxct+EdH zEK}Q%UR4F&SsIW}3Og26vLJX^%YetpWL;M(ijJ{Igt0j^!54Fr%jV zTdM-*orn%lz_VrY``gvQ^n(9^igGd`Ve0=(NiVX&cRG-*oYrftExLQ^vUC~;V8T6z zzYVNlAO&i>V>LiC&RzYuOOJ5`>lk4xbIepl8b+#vWB9c~G)0KX`f?ZAJM$?P^+12Z zw^bRxKSXLMZcqG`=hPf#u^wGRzr>zv&fHdZ6^{)xS$QwD5>TAN&Y zwCj7*x?2e*S5NnbPVfrCJ5NzJ-)J8g0S5td^|~ z*|EZ;j-U2jx%jWdy2bSQK20rniMd#hc5E4XC{=bRG7wKC?z;`8+C7SfND)r#VVo6s1Zz)A200|5 zXiKM=efa2qtKAv`$Is_B@Q!*0)?~#i+S!~u#F}(Wxs$lfOotm-1pV`D;3`Zv--=2m z$Qrz?8cb8|+Qw^beSs3L{~NiU7cr7^Rh%E$wh@Vire|}`VR8VZ0qXu`4co_;tc`=3 zfAE|a}0Z*G7`eZd`}=?-~5^~lUIgc5pV|T1RXfCASwfOC=as;*%F0S5eVXj=d8n;ke&$}aX1+?%I8=uHskL>bf&w4D zn_pd1#Yt0GdYk`L&nNd5;ZtOJg16C!r|5IoTRkiiVjt`aUoYNN0ZytliZab1LNqY)Tq;!3ru&K|k|J6O%H8&OJK~|^fBr_9S zw|wjF(I&m#q-Jzg%#OfWW~Q_AwP@a?fesjOJ5}7(-uv8ra*>0&H81ms{zCXIlW^2p zb%Ikq&+NQi!dLmajDHL>x1-) z1h)iN3$&N7pd<#Rt;v{pTemLCLYhQx z*NOMPayY9yktc@6%Gz6}oL?UaQGzkR<+I>4Ut+eOO>J zBt$|(^f}U>Cvz&6nMa^Nhy0OI9>E0Wfsp_Ax8GrFyVDoz{vL@fOCIgZ;ySQ2*zmn1 z5*qP=)zXuS?X$--d+j=R?l<`)mjmb5tjz%AtNyEZkDSGm;C>hF!Iw-eyw0cqxI3R{ zA%^gzZ;;<_h)ymUJ%ib4`sdS)28wb^HDHh}AEg8|v=0uO9C94nAP=S&2# zV^Av^L;H{mh8YUob%vMVmDo^h-)<8PV=rPVB*_Md@H=QC<)z5-v&5nQTHz|j2ADM# z{Zfi#f-Iy%RFu%hEOK|xRXP{*U zPOM~nigas2ar;bk-xw@g#~IbWqzSv!OkknkId=$VWQhx;Z4)CSJuj1K0GH?L7fNJ? zl8E0eK&u8kYQWhoC!k*LulsnNS#1wmu-%~m=cv*d_=ER^)SB^%FJob+p)lzNmfC!H z+DT+saZq7ba_*Yj@94f^!lHfUzH&2sXye!aUQ3)ARFWo1SZfhm$*wZiQ~-LVy%7k;7REU<87_~iNuuzSV%r+=JfrTb2Jr3@ z8(Cc8cT*A^`Nv#8I?}Zn{iNi6_w@;!e9qGJ zYXY-t%jHjW)h5z)2-&`EU);3obru|*Ce&}WjEVQ3=GR_Ad=D{INA#XasDy197`YZSlCKrSwSt=2&H;nRcNX|07dmC+YVy{dY~YHK4%0kdnX$BV%- z(|VRqz7KgNtT{3gpNia;Fb^8+IFdl`4(!;2LgqsZT`#3xIjM+bpdS)L(&xh1CdYr_U0BwLYDC{<{(Y9S{_3m_f7yNs zk);glcU|k%TGEB76x+#cqwEUvO-%!zND1f$A=PPdg=n{rqn~Tt6K=Y2@@AQqXbeEU zFi5*x4BF9YJTl83e$67ddvxX<>(DO!SYB6I-|hk6;#GU9$Iio{sQWX^Js>i+ILj26 z!9&6>@m>=zhfJb@^&?}$Mg$_Flj8UG*@4T>*SU^X(67xvz zTSv0HM|2?J7S3wMzmh==BcQ+yl>my&-eq+1Z0ekDNfW(Vz_HEYwYwF>5v3F_xa-j`H1qQ;|mIs$ARD#1`zFA>L0P0 z(|U}8%0#scH@Vg*=8*)2=kZ0xy4Yn7U|W$(mN zMM)ENQm~Dt;|iBeuaK=SuI;m1M$CSn(g=`E46P04OJqXoLqPr?Cs&=pgE8^(r<%nC zIkGs^{jvI=PG(tOlzz3L4PXFQipbXBw!7`PN32oYbqgv3SsZ=Vg66la+|54nT+3~H z3dow1jID*iTM00`7G;p-8~nx?& z?Ydy$6Af68Ap=d_5~SBW1YYc$D!S4EZR|sOncdIU-v%N3d$Lcm!kVFl15{0`HMrbo z(_y<1cFr4tR1&(^cd2%{^UJhPdI~7?Y~qc=s?GE2nuyO6jozGfKj9NTYZz>7->k7) z#&C4AZ7dUYPFs%z(>>qKES^7L+PIkNTRVljce(5YQ4F*;xI^@xf=;?(w$<~U)_r{J zt=lMITh}fa|3axFCwSMt>1-#wt18$D7n$if`FE}-zvo-Ys zjhmT9!D99;({a>%saPUGB}xeGrCy@nC(R?TM|E4SI)3*hGZ~PO7BOiAWtazP)U7G) zRz7jlkkKPiSm?>j6uo1zZkVpn85(l9bZRODxq)A57zPfBKp^A&Q~Uc>IBzzmP(I@i z$eyJqy^NU{p_~TE`!g0km)KZ*PF3hf_&$=iF?A0W%_m%*qd_FENHDv~qW}*~ z9~;*@&9zX&tn=*n<5%)X8t*vkyQ`G;<9Ehy|Hz(?QNA&pTD*t_9MeWSi^@lz1oS@YvZl~OzVI3PVbgQDMaTG!aU~Y^% zYQD;&dr2Dm*K$S=yhQvn!SM$TPKV_4gyO{)7z zomQ9;4o?f-=Cl#iMq&6VL5hB2d+H5J0vnss{bF%yMQiqP=q>i30Y*1dPUjTJ*jdn( z#DE_B{TakE6Se}BKXKtpB-7Hrk?S-ofj87M#&M&kcGt~(iQ=DMq8&Mp%A1qC3WU{y zl_ki{dNwJV8_wB@xNPi~aLE8MU*F#uTEq}Oh;_u9X6rsg(a_IJCboF<%dm`CLs^BQ zZti;6S28p8Ob>`%=ja>KkYEc*#I^Q~Cp)oypk9vFj*OJosQuQ+Wsl;tqa*E)yyZBtKLu>4g)sJM znZ@SL|5z&{RX`Y^=P>!-3jz|{C<`1`WTc)}O_ptHCXNo#MCdJ^vc9Vd-yW-%^lBF} zt>`45KSi#kL`G)jY%7!vtpkvA*sXP*o?}hHlA5uZ3281Q^)sDGC$F4YlK9)pETSmt zKWuhsEvK7|dSwo+g*6d(?!){&BE*$WN9!=CAXpP7k*^aELj2z6}&5u zaZQ)%**T{9B0&-oW_fJ`{7Y_hIrYN>2r@$Ix-}ENiFy;qIG@h+41U8L5ht+s2fFki z;4cOFE^85S?l@hyxoaM2P+l7F<$&Xk4ZeD>Q|{wWvljI}7UVp1fRBAJL8c+^EKTbW z3Dc1O2_eSWp2#mtHWjYqQSVaP@*;tgU?#Y%!0bkBiIi&^IT6L?F8}H8+ zeH%@R^c;%%O5MP&3({JP#E=nvRjbf)pC&!eMQ8Y{D*d2YH#MZY9VX2+uF zGuryM0K26o=DKq2#IP0;L>%~?L-EdN=|E8welcG^w)PuYvro{zc~)R`x9Ba?;cqYP zQx5~C0vBF5(VzHxsGbxkP=h^_HQ!jgFL-Z)cyVqnx|D@z85+#obo2l!4mt)y<-BT9 zr{gnjbVU-M7YVsRDh}>J2Mv5lnK*dx>c+)6p5XvdlPQG|(yzEL=50#&um0tB=E?L8hBKSr4{0NYGw}uFetqPy>;LjbdSk(ON7}V$ z9q1iJX!;dk_RB(JXiCBW!jYSPHyCm0?%M%?F^?6se!q_DsCE zm)AHm3`6~U7GRN&Q|CW0w7R`cdlK33HGcMy@U(4fuBop$TGrLE8E`u)#MYeEErmW?LNIUJKoYIt0=^heM(l7$fE>4+yKjQ zFXdlJzY

    @*IEVUd3xa;WyAS+HxQqmJL3NCcSR&x)jMuxkgsv$ zv!Xmn%C^mYkh4_oVcKyeHf;pwB{8J{`YzgJhfDjSQ?*@hYxveZ7vp6|noLUiA1c;8 zf$}7Fems4My%69kE_L79o!19F`>{_0+O;mFPpY-%Jh2}O4y=+=2XFRG+)gc)nGVLA z@*KF|*a(%(<+d7OmSLIQT-)edI`n|Q+I6K|8J-c}jsTEDYa!U>(^2!~vgbK7RtXU$ z(0o6OiRW>!6(_Zwg{OG-N{Ti3Ibu zkqPE$&0Xugv#qN&_5&f7#<;w++bT|NuO-u1N5ct{#VLKTE)*Yl%dG9S`D%6Rja zL_j)n{R1yQp{8Aox z3yP7W8;Q+m8y(;VwZXmx3G9@QxRACnT*}YCOFPlIIin`2xD%kQTwz z%D!UmwiB_cDs&DBwQ`?a)EkHmEkvciG#8WO%>Gm^q=+Bd+rV~Bu`qh54c&;nHEZw!6A(* zR5Dugh!B zXg_DCfN>lasHk-J%os2f#w(!rh~F>P3K~{!_X}GngbR}o4H;=vG0yAMsvC4eqBrO` zvs+7@P?`W!uA!T`INC-LFyuCXlg!rGdGmt<75zpo{csykj+`swo9DOgR5mfka7)I` zA>{ds(AyvQo;*44Q1Ua2e%bnyN!2HWRj0a-ola6*)h^dfW!MVVIFq#1o~ziZ$P{j( zuI0wThXHt-dw$}7$bL&PRd@dHsNTJGc)MG`gi%A%GJ7D12mPs_6BrmDo^&twE!>ZfW^V=Anub7v zPbSp^N7<)-j?I#~VE3y8{!K317Y&GvdFM^?sa{e;pK%j;_zeKen~WCYR+wk{rw?Wm zIjM;%__>)|7^H9IkzerRO)AExu==;uTj2YwVdK!XIb#}&>q`fa#I{}QoPx$L2Y;9l zm1ugk3^nQtMHgo2q>7`r50zP`6DA){BU$o{116Q|xA=|vp&4&fJ_YCpOMH}Ty%Q^h z{jQsg@3u6y*%@MT!!KwwY7%lJz+qPyA_}UO|4x1<)$EO*tv021_(9lbR?4K{lefRB zr3B+AA@uJ&^+SASMtXzt8{b0c2Qd;_xa;5~P zIB|-5uDz*)`tkuv-Q`OSjvw+3rc?s$q}_mcIwsVu!cq4&>4RA9xLiYtco^__%E=s$~h09*x9>+oS^ z9`#*Do@kTNkCMu^9?}>9^0#%{V_*=%CdKmB+BgYb&p=#6DaQrY-JB~ujl(wav1%6n z?OQio=to*3=$+2C*jkMvk@dBu9wJBKkS9@rJ^#9Ij$DGz(%f~DguYuzIYQ%Vi^Re- z&$O)EhD=!fCRLs+YFO6bV;|3SItDjmI6k{JfA1=dZz<|}mZ=a@w#6_GL+w+TEy0alsiq+E`O7uxHzi7$OPRubKEdz4oXLYPDXk^f z!ebi#TBQ-$TE7Fzg`UqOI-&;LxfM&ua|59K$%+NHvigJ>A-WFotQ)9P1EX z8Lg&X&fY@Z`U-|bwL{0Il?5b*p?#kZPhNCUqrcL^gT4Rnd(z+UJJ6|L6Le}IxTRBs zvFeTIcj#9VepqJ}Gsc#1lZ2)(5?SS-DxWhE4-TVYa`>vTbmjeC)x#6nVFo00+M!NY zUN5d!HX3y6Nxt4a_n!MRCEqu<{CN-*{y25fz`90Jnu9m>giz`Ex4xJumMD3hdlY!AoZ4!dfat96oBTAS%Pq^2t;mpwrZQX747K_WWPnzyKLK7Ll2 z)ZE&-X9{%uM+JG~v7%K~y4&cz&3Hb5GVuMhM%;0X%-Hs~kFNML^_XH-P#HMI{kB86 z{V3sjuC6^RywfX!O|5-qvy!(!NX(E_QXg>^ba280OJ?tzsKYF>x63h?$uxCqFi<~)hl7b{C~>|1zW4pDM5C^$cEXmZjUR^ zUgf1ZqOs8zyv010S(WUF>e}(r}<(lW-1wEfX4NjWe1Gb7WF@9082s z40$HjKaLajPZO4$w}7yWVmfH-*<23N*Ns|6G<`yjXD2CqN}De=iy}T9K;Nd_ehXHV zxk7etuJ#AxzUm*1yZ#jZ_%`B{Ap!o%*6v`GCNcjfbDPN?8;>MUN1-Fo%sAj+)bc8D z*=o(=$%4Iv%QKbC{S&n;>8pn2spDPJ3_BEh+P5S!rRjS*Wmj+38IAHY?&jyT@7uDn z8Xymn=U)#5DQ56O(`*C<%kw{h-pLFsjH!zvy$?DPR2C99-xUP5;}H;(o@M*fgXX1A z)>z*`UZGinQT|eA)brR+>DD<>VHdDz79lW3+qW%bdp3BN)cr!SV|tskzX@vm)4i41 z=Ql&kd52DQJ&e_2g?$)|FXxNTR#g1lktqoBLj_wOEmY zeMeC@^m`+Fzr0efns~IEYFkZ@J~Lk&WZAE_jjaZ~&s(W5Bs4@?p$*|4MkS?pNlFN1B~L?$57o6j(1xOf!AGK0!8ZOd zOsS4T#R}nVMH6BfmJNSxd(iIc07Tml_td`upXZG6G>M;?dE&jkXwFXV&0yv24~IO~ zy)T8e;|KH%j4(-jp}l7N{%Bby-S7K0cG5{&F))#M5iZ}M=9+EBblJ1Phm0$pHw&bY z{?_)Nn!n+3$CN^8!X6p90T9`$3Y0(O;c~IpROr{~43+LEYX`2B&Yzof>Bq z2&iubZ_x9CaynyquNI#a_u0IfPfSDnMiZ6M#*4J^;)_Rr>>e0u!Y#g3@apdRX2v(o zu=(q4%2l&g&@ZijO2WQBRg{-wXU`2WuO@rgu9>z){r`!sF1>k#}H+lTRr{x7}4h>AKTX;WedYF>us4CK{eidguTS6h7U_ISl)~hL0KT zggDKSb*hI@K_`EIk91J;bw>-Y;orzMqQ`jRsLuLH+8tKP%Ez6`9gB{WMNYobsx{vT zZF*@2GQGL?zt0wOyAFDm{e8tyjY6>J43Z#n2uvBnYCa8a^u0w=*GZKR;H;a8Y$JZd z>f*fX_V=JFTlIj!p~X_F6{QT@oR4@1KNT_ALhyoQojnPKM$rv{B))x6*CF4*;_#TU zzbLhUbuL>(h;`N@}Kl3P>zs!(OeinKsrZLFHpT}W@|CPlp5Kq ziwraNm@D^?O6Vr<17pv_phb%bf5BP)xsGgW<#Zc)8jxl`I?@lb!?4mjvu{FlQ_!9z(sjl0% zR10~0mlVzM!+2#oH-waJft#_Jgr+}o8}7Nv7GTw-%K-XAY4#E;AqTfU-!2p2*#(yx zZqIAAQv4O11~m3$CP@R`8)nV=Ca;shegOJ zr1uMU$*i_i9BEpho4S4*I0q>g)v|rDyNT=pKmXaqCp{KC;xIui2!6(O+=Pc`UH^Wl z>q;eHw?!jmQ=UfxU+vu{@Ao7<6;UJzhNh{0cn>LVLNVBvN<<4GO?Dy0sEI|R?y}6r z@JFv}AGs1Zfa!+*^x&k3Jm66x09i1)~1{-3!p0C{g-0`%$U@*3JPneD zJSdoi^Wk^*ZWeTu3K?^oxg2SS`v0NnI^)@V!*x|lTPoC^Dcah*HG|sKT1AZ_F{)Ne ztym##jo6CTCPq=U_onvVdv9XI4iY5C|D50Xo-cWm_kOPDT6a65Mxxm1lzOn*yBTYI z-%l%YzLj_ogQ)#o4U1mQXrRIQ3!P3Qj#aCLx`#$daY_;|&H-2xU2^%nLwONWxE<>M zaKKxv;z8Vyw+y)I5icZ&rq=35rP7WK*mF8>AsjTroxH%^xu_dn>bltJoJb|Yj8!0`fM5q1n)F{DMxP%oU6WfalKwsJ z3(`7{hlbAK|4B|B&+eJ5bPt;0kAHNbMcxh8r22HI6+6AisTsS?yU%RDTlY6BQJC$k zOU%h2XBneRi$V$Im!z1`OslPKW&LXnfq%zqL>uEQYpkAKCewwNvLC4OB-)W^oV} z#kHN%lB&q?bP;;leg2qi38X}j-wjyP!-yWJyf10gbgCgo?ijihbfI}Kx7Lnf^?o!{ z(9dTAt$PqkKe6wWBhf3mUlr_xz%0Q$%?D)TCSVHUH*3RW9e~W4Kl(2zHM|D6!q4K! z_&I{yo|D<|gnbOlm)#I3ZDq6aD&Urbt_>ase%&n2WwAGL5Se(PPjSAmo``orq0O6q zS%6Z~jg`pNq$!DDiHBj~Gd=YzF^vi*N05MW_(EML|_^Ub*J22rTDlM z03vR&@ZwR5O>v29`MJf<$ryptYUKidj8tCMGr{*T^yQE+l4>!|V~!tjLUFQp)p`pV zAB|4hdLJs5=Ad$ESHJAx%=VMLWVZ#n6Kj-nAW~7QlFcyonCf8L<8aOu{NN!$uoWyv zQ8lKHTvCIzh5qW_`{P-#IEj6HQ?1uwv+*)i_;kRrh=y^6ge6jDU@E}$$xqsa5S%GAZoeUkGLxznj+o8A*7S|=hE>em1AHa@R`O%Pt6;2 z_oE~uud;xJ@QV;(X2IKEU&@#TS-ya)7f0@i*0WX~Bo(s}q&98-XrHQH&!VkjvLe$i z6!nkP7B?EXYW2a9?77o!S3lFS!aje5=Ark*kVV^Cy`jXXvv7I4Gk|RHK#9*?MGexN zRaBR)*Ek{ecyD(!9xEb_^%23mv$8$0Mu_;oWzm@rNMq3O>MHqBTG3Vm)9ep16DaC! zOSrkxboz1~Pb<=dIU0Ur-*>K5FJ6fZH2P_y-097&v^(~(%7jzmM$|N1Aqs~dYtG(s zmMA*uT~+EtSBH;b#wx-mYEh-I{bwywP;G?aY&3+<0_QO;d#ys#*~{2@NWCxjmG+40 zOgZ1m1-;Wj<24ffox)0o*^ku_R`MlS>rN1hR$3<}s6tX7-h$P{OD$gCcCm9pS7gvO zEiSxTgC?UC~*~wTb zZZ!GC^yWbgUwvdVg*A=nwShp6PS?ekbK_z7^S&{IOQ8bVSSo>~?C>T{v|nTxw4JR~;%9#A<&sb)ywa zmYcFCVDq^Vvm}LIo6b)eAXgCvJ=2YJ%==v@&yhH0S>7&bU2jg}2% zyw|mwF;IO;)*I?UC|}CW?|t@nSBSntDU3_3Y}bjIu)QV5@?p$R z=Aa~z#1(zz67B73y}GMfs(fXR5MCpyz`MzFU$p-rl|oFaCS6-K))y4^(a<;f!W(mgID9 zCp32fa<7GT^GIcf*A_(;a3AQOLKVz2Zs(svO3W3ed(qMkLCgK;x4DE+5kHk6PbSj! z{5KydtW?o2Fxjnfw}JhtW+SjOY49ApGx@H=t-_Ko%S;{Fcn5)_d*o~`KZs-<=Q5@j zMcq71KVes%G(A`g=y^oPb6oy~Kc;TPUlSgy=eu`2fRL7(_aeRTON|~#W}a&PsH?Jt zIeTEpNt3*^eS+epkJ+0qJ?g+vb+B_jt5Q?cqnZy@4zrbc}o- zLMA`uEKd~#JD00AQB`XfI9p~XK4=^^Lb;?_RTH;P_68Q=C2=C}(;|scLwO#Zgt20C z{0A_2>**c6W@!4`iX>GU+B*d#A{DBOI{V7hWnWdu>7q+vnU!>JocK5IKK+sMuVcS-Pbrb67Mk|8=*1))*q`4*(~>80>BLQt`J+Y9L0TfN%*b@Q?(eh zd8|gZa~Is6K*ng-mEu3wSL#jmfa|0yb9d#|wj5Pwl~b43{R(wrPUjduekJ`Lp3q0! z&(mV=UVxlx2Swr3XrluUG8RMH$Isw-a@OfAaexoQ zwEBHJ2F8b7{lR8Ug!;XO2#KGBZ|2)w{wQ~7;FYSHRd*6(zF~W(aC>dxO*)1(Hg(8t z0npHQgU;Y97SHfGD>ains#Ch<*`jT(ch-GeEvmzXBR(u^30F@#8avxPCkXr)y#@{xg9Mn7Gr+q+xb?~64fwLl3%!`idf zRIdSHJIEa_^0fUG$s;j&^iHSbcOlxNrwGi@V2)Jr&+(kzae0ZhJz!p4ZVbPzW^6wY(Yj9`t1FLu6Du5Xq?M zF_b;3U-KLT7ID=@2?T{rL{G za~Qy`vAEsVpPWgB4ijeOUX?!$2&DU!Z9Y}pnGH)Rh|)h&c}`b(tU*F}OmN|kfSJayDgFfr^K*lq~N+eyu#>JgA{SJF&(VA)@?Rj7P<#6TTW=cprz_O z2^XW}i5&JpMTm9v8p{X?RUM2#oh{zN{#lC(GjXv`{O3jamKzvaTz@wf9z(7EhvZkj zN)!#XKf?JmpxHL&m6xYi_MN_fdkjnalsk3wPydScc)UMTez0`Q!lff55oz`C{hxnV zp(`Tf*U>EgT0n8X*Ho6$v)8%IXs!&dF+QFt9BU*3k0@2PxIu>Ayd^J(nXA{uQ#mQ# zW_Eo9V zNf2=~bEASr?GJi3hmw6fdzCI>fFg^*g~SZ3)=T9HL`qUGZO=3^jM6u(O0tms_!|#G zjmusq;#r(Dlf)~tvf<6BEcw$D@34lX?Ggp z{*g|sdQ6oA<9UzgbdS`|UYu-VrnI3{4g|ja%A0a`8}mjdVp+(9f>Wb=l>LC4BNi3G z=smXhJ*a^-G!sMA5!7HH7oKzF>sdnV;gh~Lwl&bj?x!swlN0|D@m_<_eX)wCIi>&4 zPZs8!Cq1rRW5rIf8Gn3~f5*-5xZ&mAZ_nHXgK6KpFOUz^ijKcjuw$^RR3K3p z&ifxzz>?|jTR`yRAAlRcaZb^Ut@2Mks++Q$R7Vh4bj7rUw?GXyOlj$@s+tZ-!3lwR?gSLw#oaBf{C*kRc2pTPs~8=~NJcAwUoNBjy#IY#k4-SF!L8HZfA z@#gx5eisqEzlJX)HUc&h&8j~dnMoTL`E8hU<06HjS4PRE^*pe13Rk>kA+of8RDBSA z1(JbqgksPBF~oPxgSM>jsatmK9{oKI^F>g4T&B^*r)NzS#8h-@vo`1>?8(~q-a1!bO;jkUb-_4i+( zxNwkp76ZCQYhpT-?};8hm`famr3Ng~i6};WxauSudDQe=mQG+aGTB!svzdjTHog7T zHT}(1d%FKuaAt-?Kt}apvme}~I-Y1idzMNKC17G9srzfSK)`{2DS}e)!yXNDVe$@6o`dE*Xf0d# zNR!?0MZTx-T=qO#v;Icv4}OzUJ35?J!C`da-uK zQZI&Wi4Ou*8NyG|Q*P#4@~LeR*XDXojY?$b=UUC9gZG6XCA-FZFcMjW)MvLRiFX+U zw7L|gg;2o1LU89OvNeSmM1xGtpvk@8_}AnV=hAU}sFyM#HxOJr^gnw2yCIlwy<#yr z!2+>;&6r%?HYP%j(U{9l6&w6ApDq!6!(8;gbjz{|@qT9iMP4w!*-@i5|9Buss~fnY zB$sUX@wUV>Yatg2I_OI$87L+Y7*-Vg(9^1gMDCF{ivl)8ARf;VN_x`u{bcXUtq7|G z$3X5CiQHkFLFM?RWMtpeDK#6A?v?uO0_{b?kl;@^2H`g&B|fc`D;H%-Odsf1F7+=} zrt&~Ymcf>5Br@DeWZVtG`Khv0vBALxS276SQyaBq=$F7LFNh|Fyb&)p$~E3Fyy zY@C%TE5D(AZw8eadx#m}6{9#scA<~&Y!#>qVa1j#;?tX#uV#w|np99VujD%+-o1`b zYwJWVH6P@z1|y}g<-zMiN)O&vJc%YJK3^w!TsySrI)ai1L?gtw-`QfWtji&l7wC|^0>xk_%bR| zc+)cUGE)H_?4H?$mDVJz+4#b;p6}0u-?ha56rx+eP2G7Ch++DuyZ75K-s%t%!_}dO zmaN)nktV;i0c)zE>Imv1D^ne|guSh(OKO>nSR|I?eZR;l7VV<6zEET^_fwF)^|8u=6m9&&HQ*i?)ufT5SC+Q|V1}wB7*g6w|Da zU^pw?TvD=xa&ci}NMJ5qKh5w5mih#nlhawhwvETbv|N^Ub}7HVXdfmyymY*FYhZo; zGIMp>{0XO{_>(M=Cz#!553U*i@E!?hSZhL`n7d0#$WXu~Pm*isfBc)N42M6&cA{lv zI8dN&ubpl1eY=CIJ5nb~n}Yz*X$QwEoTa7;3wW3PFK31HSL*r% zu)5dy()-I2U{Dny(lVs=aV96`c{(=Tip;V@;mzPD@C|Yyy+JO?jjAH(h8zWzt6fc$XHM5xz)o$n%Xn0Y|#+Dq_a+5vgh(+@piN`Vu; zz(=nXQc#7H2PLn&WrC5C%$aak@8!&<1x?TyPW$^57a zmKhdwLa~trSiNuQ>$4)EKtF*eOD;-(KEu_i6Y|P->5wYe+TLPKHK4-B(R$BdXR{Mb zBUD%N%$(oYp9*3*L!QIwq@QU|G%fkt4;cCCc{rR!conOexdl#1)ow zdADwPQCvlcZ9+=h{{Eahn?{xblejeM8;BBOv`VIS^icQNC&^WJiYlB63eSwp3f^gt z?-2TD9a_p3#V2|i_<6wmKAotopR&*lOUFl2;j6b58}ZMEDAqW8JUd}A~VgnZ*O1``#!c{M=cJY^J$WMCx2GrMtoQl%Fb4G6sEXlkz z3xb^Yka5nTqcdb~D-!vjPfoe}4ZoZ|&y|Dz1}nWEw5v`Bqt2fjTYkH%13UT}Rmy+- zv40SmY8_TsqRpJ|Zq-}+nP3JtdatT=YWywv$RR;3I>D`8g5A(nza{d ztYx{uIU4mq8SOunUVwKCc1x%T&Wg68ZGh-Mo!XIn<%Dsn5fRd?&AbZ*)y*cx`b+Ke zzeeHQVUm8W-HeQxG#S ztuGSKU;ZPuZBa_Q`yhSdzKQ}sj_>e;n(27-6;k1nwKBP;jp0r!G9$mNgRQ0I!uH5o zitFlKoJttyA3*vkt)p>BMspb`^~`ih;)hJX$yYn%_(WHpAcIa0^c)W#1+xwA>c#D>dch2EV%Q}}|Z1aRp+$0_W zMsEV=Z=^@3vNpC^;Y%1o+eR(EGW;`6fn%X2L!CpnoXC<6|`c_iBeHK^E z&|)IX2-;fe%m|pVyA5%##!>lL%C1d6au)MVVQkM{a)#epc zV>%XnDhOC6=c{lkFA>g?^{jojFKMTFkrXY@09rJg_qm<;%`(gQ@42j;E`$+Sm*Q1K zI+o8luWVDo-@G`lwl0)qEk@&K7+*cCCpjpYS;B!A6)d@hw{lCnC%Y4Xk@{ZY`%~#k zRK1nr;Sk39b{EmPjqh~bNP8xIU_jP;$cim=zDtO+8%njdEr49+mJ-1i2HL{gQAD z_Fe7gZlyXN=ngFvx6uBvA8W`4YSpNT z_xMAHmi^!BEgMB zJ>b@S(h!WTXiY{BUfKjyaM}i1WB-o0f|S2X8hH2Gw?$is6X!9WCn}-L0GLA&Zrv#7 zdT{m^y8V;dB$Hb~9FHVO!c@YN%W$RaPOew3bL4A7XpMGiCyq=+zBh{Jef+F3)wsmn zQz?ZtXye9~p%kr~c1DqNzhQd_?vU1-Nmc9vQD(CRNh~^NQIx-5YYH z&=r1+coa}<@71@RjUO#!ghGo#sxS!cxa|zw zRs*%i1&p*&EINaqXcpi0m$i&Rx>MA}#5>oK?40wt(~Az@ zAsMcnhT~EPlGb0dA(MhtyALH~ggRT**gjRI(sLSjoK-*BjK_6yQ5TZWa?G5WYwA{3 z*l}O*3nV9LQn|&)T28tEB-Lo8WpPD2Tje9$Pd@y!(NEAKarl7TIiAVO2&24Szb0ZpsxOb^WeQ#^Yrr@gqQkCQqh|%Il{T&a=R=zf#%{kae zMPY|VPgMLGX@R{_CL6&(?YfqF{61Eg&Eku6Q2`t#u+F4bSJ-C~)9N^d=s}!P-8Ad1 z-XYA-+w3=Xt2y{K{E#!SR)6z8@ZX(@fq{V?gK`FmsVVSqM`j19<|mM?bNomB$v)v?Z7^!g4 z9@cl#6vl>pLts>6pl_7(Kd6=|yjPT_J3fdRx9xS1v#7||XjVV?8VHq+T&?wvSmZYT zU^)5@4mjR&!d?2c?Eqm*HoG6)8og`$_zpMU`}sH!p!y55VP_?afL~)9a!^*-F4T{n-OIAvmZlD*VaMP_R?PuFda44A z;!rE`l-;DUjJ7m&!h~~_DI~w$IGNsLT>fr)$8px$IOz;aq^x@3pQUGeokS#%q&##k zkw0`ffh@yq7GL=oHgAOaE$pmpYHC(BJZ+8>S~{YKzO-nuJ_KGLN#}x&lF1s7&{ zfenNj)9o65gj}PToI8h}cgCxt_Vhj2&sQ%UXPt}9dfj=ohDXYF4~66kJKwTkpT;jM z@ruiTZ~sB+^mWMZ(`i5=RglQ|)24zZ*$?ykW`*q-H<4by>uw$Pr2y@|IYWx(fYMXM zTMeIrZG)feIZCFu=`KmJ2x7N!=#%=z1C@fHh=9yy=#GzC*n}|a7;V1S(5?t ztBokv>+Zv|Uv@8|*yNw~QlK86m&$BV9`}MTD^r*4jpr|1@ArDZcD@>a{L*?O~864`ymwabL1zOQBTTQ#SJv+d4An5^feoMRBm$23IPs?ql?@!)B z-+mwl!oh$uitg%=_{OW)qwLviWsXJ~Rp%7>&!cc)A4evgD&(ErDVv(iF5$et0{K&WdwecdO) z7$=5b(ivHoi81rpPUgSqxQw(vpsa#%94*JUT~fsmBE|U}wS6xA%74JS%*df%0Zs<9 z>d`$SR4XgD+o$*Ae*5O94kUbF$99;b*TM`Qe$R}5`<(VURhMuMQNQ61nOPIl#(4ZS zF=AV2iie-JnS}pw=X?vd;%T@_SRG#kS&x&qH3PItd;@7FS^9eKHv<_52>VyT^0IcT zV2+6rIhk*r{hc!yH@%rLo{Xcoj5PPIq@lqbv{$mO$~`*2iw(nL@#A6HUSzU& zv)qGMLy!MF-++NS`l-FPD&?LkNQ^>Hm*x5q8Fav_0%@6Cth4%TU+6PQaG>bzxn)j< z_vMo6o9`mxKgK&Ne_n6l?Y~6ai^-pfj#Y6wV#j+n$?~do_6%Qm@Cm7F#jAaZk*BYP zBd$g*rV&S_bU;(PrEeAVGJRg(+o=;l)B0(v^1%e%mv9pluh+tI{@bXXaZ(Js!a)nd zCu7^zMfKn!(V%k&z4g9PGFn{}`g!CD-_mnymtXhkB0bH%BQ6$yarUwwN8^(Ck12fg zU(24Q(=gQub5L$j>6=v3yZn>uq6~cuQ}CqeVvu@#uXX#?*=DB4UUu14a7Y9E;M{L_ zC%NgE%op;VrHQZwzv41z-tr-g@2u9YD#nJ;#|!BjLfm47>STdXl~r3m^=9to$eJ=G zv6HOFr}T$IA9Ase1(&tG7&j_9-hA8pP3snAg^Ha#1-y9HW4zw~+ismNQS;Q@c!NRy z+8d1|Bxnz!BhS)&EdEB626S1=^S0MMO?uq~5RzHaHNkcH_@HfK0HI7EHj>GSfS zpCE1ud$gFrYUj5O@SEC^@ZI+rNH#L^J!}J-`7R-^`|{zJL)SLF?^c@6hdSb6#+Too zEtn@bn!}{hmYw34_{V;&Aw<1kWD?MzjG85WHGazfe82XuF5e%Gw%O@#Me^wY7^0~z zCEB8+xTSW&ZYHVK3(L~$lSI|k!C zn7yV$fGgm6;=_0)%-&6$lW(uK&_h}-!7x6p8o4&I!lh)(i;|D@T@Sy2KHQJEx~g-j zR{}PQ=CYof>E;V0N`9WYi5Eq6&F_+FcrekM*p?3%yWv+rb`fn2PCppVOI`h{7ok$DAytx-_i`4`8RquCv>ncz@KD&lI!hU%Z+P+5qC>zTVISqSb%_SOedZAh7s*N60}4RIQ*JP)w{XGUS;o28l#0JqDp0r0 zYD3kDnbV_VNON%~%)I~GN%c0o-Y?~R!`gzMF}-h#_?YxOJr2QpytL@6?3=KE%aM#b zF}0dRc-(+c2hU2A{LOl{W~BOAK+D^?)$cFdfF*heFfk>CjMw&V@TMR;j;80fZ%TER zvJ%`B4<>cXB9I-(ph~&rZ#EeLx}|ih*f=4dPGxi*p?{UWAH2OWk67I_m&-2Qtk)F* zgb_-d!_p?!w}!i2dE)1`vmg1V6fmzP3^nW8~* zs>PvimWV<$KOm3uF22;>R$--H+->s7mGYF0hO!-Qi7fyz*O?R9o6dnLgGYr=-Y zaT}npgdXriy3NFJ;^WD&qqE_cpWqULee6-wvJ$zV!t%?eU%8$;*ZY-eqMyNtW(YO} zf&=&peEd}E#iI0(sy&+JmExPe=w+j?lrnTNI1p8~IyF@NrUvoVXSQ&Dg&2+AQW_Kc z4Fz%KA0aJCwI$Q5sto71Ng!`+q$Z!d6N&Q{QV!m^#|KEq7<5n3HE!Um(8wOc+2WZx z<`KhVi6Y5-;CHkpk>W0SqgedV3#X|AZ^TQ@tPOy{v4lz?$|N2)AhT{_89QKt@;mO7; zDVBzXfJN7RBy-DM}99a>8WO)E|xd zeKI&!?S2ti;{4?1cNUU)m2wwbF#!phKMz)czDR$%*=)t04%LS33ZOf)&1&|i-)eal zFVx=nXgyGth}!9F2me`%w-~nlGZECbb^Io8-d@yc%)d&44@5!oZt5*21>rFS8c~!xdQ3b==*~JFQ zafbk$NiUtgR1{FXUe36n-CYk+&DWTBWt{;`h3!TIZAXmLrirv#7r$jVrT+5s+w<|8 zn&eO^t@6gM+GAcojfD^)ntsxZ4H0qJt(@`>MLyIIm+b3F?OYkUr8$+q1rzA8@)X@>LPU>-LDR% zUo`0f>Ho_Srsqp|w(*mo-+Z&eo1rfBo$TzCKUw3H)lX8{+QZh{=uA{#nH#Y&&aL^) z70-pb zggAT!E9Lp;-DGA}RP~BVJ+3brmcKFr`iYbCS-7TO?+T~pNb(eUjr;3) z%#w}jHu3iikhd)t6PF9o^b+S)r?d(J73FwmC0tkfsg01UCp@a)7-etIWnC9Ow)TOq z49P^~N8)S}`Whx8ntC|N{>s8aHU(Mrjar>z=k83Ts&Y%eNbOsF)8e*KtL3Tg3v7cT zMSUU$*xhnhGj8^TsNoL?E6r3U&FS(K&*vkR4(4k0YJ47grzEF29e7+yLz^ZXJc}0h zF_ZhB!?b01n>01*2i;vP6n(*o%v5@N-hoOBUh9u zsLDWOKkl<=uGv0P129gfs@(t4!hAoG^%1Dn%GvXLK`@AQjt5vW1UXqHg4?W&wH&C-cc4GXz;BKfq4uQu`#QQG#xC^p9Y4h!9 z`Mn)Qh$3w5%;75!ruN3@ z{j|?hn+?Xgee0)QT-P6+(`ftl;i2C0hF2;Wt&OS4X3H%hJo8c|?s$mMUo?L-i9zqQ z0exLD9&)GA6H6Cx`4Zd#A*#6)_f4Jvku;p==}e0j+9!^_OoWm&^rn2tSJ8v9i_r1p zfcJ9h&!b#7#*tTDxEY10Iroike%95@jUEQmd0YmWjV#W)e$wy7E$Ez`j>m0ay*>uW z%SG*2+A{#%6TBFqd#V863%{N+7#cS)*57{J%$)&=y+@!$PR7p0J^t>rrI6b4_+t@z zn$)G!>le=ZfK|*QXJc&qakx}5MY^{O!98L9?_;#R>lqtQSY`xnqe)z$L*vo|ELDduWvR*_P|>p zl)0x?viS9_tqECWHq^Vv_(c@UuG0!O9I(ZFvB%@IZFW@)`fg`9uYFuaY9798l>VJL zh%L@C)y(2w6D08LGB`dsucTZ{P5#XfRq6Mq-@>OL_M{7k4iPgiRvdkI-p|uNi866B zXZoNI+#`350NBGeoMq0Pr2dg@Uuf9{!!~3Rb`lK9{?IQ?x!qlQNivwfa95^yjTDqrFpWB;9+7W>f4jtt|SVdo|+k4&_;Y_|QEWQyRm_Ygj{uyU?J@E3_ALGn)UHj52 zAQjxBG++{3jy~h&zbYdiF@cVUaXeOa*SFBghX*!)88&>73eoBusI9S|;g)TH(?_)J#;WmK`Ot;6B&n$^0WG)e%Vrn(Jl%c-rmGTDp4%gOvGG_qa?P`K!l;F$t21xvV{=`BuP=C?W)xCJ$IYUShY%hvgWsGe&q6`vZ zPHL_|jL#U-5tyYugMUeMe}DBRFE*GNCmEC{RQaXxZ9w#T6dO-z)+$2oIA;jxjhz8p zecqb8WS;0*5D?PQI*}L)i&I}bcKPTfMPn(iam`s%n%djw_D=%dre{HifH4Nk}pO!^YWa+bc@m(AMo2$+;bK#aw zEF-b_YFJ2Ag5w{+xv7y>)3`9|lrxP9%Zqj-1ZE7nWEqAC=lNgqog1vi_`CJM#F2T} z-3aU?f@BVRaeu-(PD|TQ^F+ zZ1dkgpWo8&fm(dscTVxdlroePwXP~CaX)edaD_2uL`R~b83zw%RGWY*OO^(fHn6=; z+RY9t3mBb zW`EV2TBupht|sWATaU8EnKQ`{dmjCG;+;i$iEBrRrm`Ex97JfT_R8sy{I(F6*tT3t z$KZxrSf^YnKhfPevi04K1^GM!4mPnJWjeB+ym)o0=tNn)#{>&qZka1c#z|ia5DDHNW)IGA#d8<(iqydbBtyag}r$GXc2vIyGkw~a@D4E#rr|Tup zOam#M=r$WELf@^kLPYMVBCVZ82k3{<(% zlmvP+%*NwK`gU_hroG83UqI&rX#}%uaLq{T?JJ8(i!Sv*#lv^JoG+f&6mfeF5QloOGv@0qmR!_@PP*- z>y-5h_G-*%qik(~O_{xXgizcki^V}t$)5*p|8__=gB~e50FMha8%*CS{6pU}4W(FS zDzM=9T&KksRNt>UQKa*{9spdm?!1vZ7n7>@C~4!C_wsYbx?m1D*y83o*9A6NA{Y&gymdhS6rZbI2jP>G^rDKT-(aS$wrRK{&Q)^1u+wU&R~1 zmq`g(6BEn_;T=qXPzk>vgGcrP0bHL~5KdoBgrILOG-TZ^cC`IIG~O?5ZhOl${LMQ| z)H`9^0TWS2$L*KdL1{0Am@Ah&Rh9PKdgC&(vL<@~L-=0Igh@Q-DMB96#`530kAMI5 zPodU7xImC%!z-u9qsFEf`Js~HP=sVg_9OvunX^b zr|;vv2mV-}QqcHgMA$SKB%P z9)(i>RBBqc-)hxSUx%?Dzoc$TOH-CHugT++o2Q!^m&hhgXE0g7V?`BQ3$><67@*=^ z?p)&aANw=<_zAkwkjhX`<1s2ucP!((m&Fg-iu*2NH~W|FIc_)4WC4UW!aNzF8*h@T zicO1ZR~RN|XoFH9e<|gk-BQ*0jJ>b6`B(CSe4**nlC3M7yjt7VkBW3-r;yOa1ZTkW zyPquIHw2FcLP3V$VU1s*Mmn#W5;B0ZH?}W2r=Pot9?hrmVdM4C!1daehwg6Ib4~a@ z1Nfc?fnp@e-=|F*-#=7@|8{`$U;TDe#ilK5yEmZ6i!LBH3wz_+eMxCgyID5D`=3+6kOIxaNLTE} zFlGw}8=@z}#%wosicR51*-suuEZ$4%?-AZiQ%Wd55hKjc&6Grab&b@lHxDiWviz+S%@RCVtBo?iG3>;*JpH=<`n z&KZ$_Bc4w9h30zd25QsVj;|atb$ySl>XIhSJS>N`-~6q)sa?vhb3Kbtnur7by$pBV z!Jas-+;XhcZRI85fzuG;UoAb4Zbal9(U!=#noaxb^es~2led98QD>OS)2%XSJpmcK46?a63Ek(ml z@KxE;p-xao;VQ={Z&Rz|Am;6C&k^6QlWeU@Z#V^G_t8qAlTQ`1;OTdI5_MGZ?aLTm zkP6|OCOrF|2&-;nN_!M$Kbw-KbW^Pcdp! zOqRJZ^5>DYTuLE5Pj8|TrTc*6eTGl_(RjzMbWIg07L&-2DrZ)-^3>AF4Q)LSoV)gF z&iu!H4y$+18?D#FzCyl(4B7zV^6@X<0?i^jIz~?>WxSrQGj;u-t_JoPnxLOH_hrZ- zRDRB3eU-aJ9OFr7ljjdEI-kHhgp+>5KR9zW4c5 zt<^8O>tLeYa5FinswnH{tIOR)HKO2=WD4J#MfkjbjF znw?KEY+i}{W?ExoSg9sG-GiwoY&(IkL*N@ShI~+i25k4vSz%O>V@2EQ0H(6eFfOif zSZRKe?5$|V<_~%)Yz&nvNvZ1-U#;S5Z-mI{J6GV3X4I0<)hNQ?fZ#y5R2U$vE@87L z&adj>plb;_uGhD#l`;>LgY@7JT)I0(!W{Wk6oQb{_!P)BpDbkTm>1b5IQ=e~75Cu{ z^nU=YKvKWb(k#ArUPR&Muc7&XQsZ|N;VuO%LueKpQ-w=@e91eC;dDoiPy5tQTK!YM z^{ZpYV(p&!z@KuL+gWW^qzLUG^z6XsbG7=lpZW=__x<|!9_fYC@_+5z$c~El?ApjK zo$WrDd{5b@MSnT$v%asUox00rWYlk3`yKzZTE%Y{ZpN=+o`U>ky_0W(-*F^b`tw(d z<@lM;q!a22_e(#K`Z~&u-Z-jz^$%ld=TU6*I+2C<>o@bLT z*!7$M-mEkKb#IX-GI z?$aBxjr?*9ep)Qn;;RuasC}calsAkq?k-YzZ&`+g@(>>@8cr zsmWvcX7{}3+r2-H+RJczac+#QLVx#yFw2uwSq80$lZwJ#XAYv9cD ziM!i})iqx*()brmhU17|tMxE4Pw!`G`6Z=GD0H8Y002M$NklloJfBw>fAWEx z9XgnF_Kr(id8xTWA%7W9CHE!UA>zyS94$v$IN|=G2anqoljx3=#4cRkoltQZekGJm z+3Dce@u3fY*f!t3PV0FGlc^v4@JGC3(}fl_u}G2c7y0KfG;wmTNe{mL-TVov&c{bk zUrJrQ`Ea{=_$v80m{4iC23a}gp|TzU$AW6@q_=m--|qCY)fZQ9nBp^jzDj&ES@WQ= zL>PfqEssvnfvoZ%uKO?@*bu*Az)pl;9rF})re5j*hTv-i&5#8%duKYHA;2**7v9b7 z!yo*+tAFX+|FP94f5N*RBOmy=pI`lYw?q8v}2%t8R40B;zJ)S zp4hfW>Pa2P`5qL@ZXc{OzwqKxvgjnACEk)8*5BN4OcnScj9M;5=0VWpy>ck{oqyy{ zu0HVdzp(n&Z~SUcj-%qg{!>4_`u6YsmscP7#SgBYz40#bs(dAWrKwGS#A*8NKBhTS zZZ(wtg7HPDCSFjkoF89ig}cqcf>ZM9vls7_JmOBVcCQ_?E~Hnpm+`g7pBTcPSfm%l zncD}#6J?HGjMlZU;srTb47lcNzX$yOw|(Q+u72n*ykEN0Lj>aC`HkOuv9->5F|X={ zVw*z?6}v1Z(6XS_cl^U&xq8Qm9XjdxUN*bG(ND17Xs21-4^0>T$N`=l4E}6Cy&Xo; z5SNlZ{JjjtSY4h*PUwxG!!hZEUzhQhaY6<#pFL>(H#^Kn#+`gFY-4sX?3s3zdxzet zu+FY~dFN=p%sh1Ny5k}8OXRKa7oE0UrpQCctK5N*x-2|ke7kN(WgS6niky*#^`FIw zN~LUr;wpRg$ULJxSkYaxIivXW;s-lu=!gG)Y!u+ae_RDd;% ziI)%zwk&QL*2PI#p33-<_U)e~7}m5FO|PmfgOtnNaz!R|tg3tHb0bQ})HZ?g^U!;@H2toxt>BagAB!6B>fn+omezS07dVRP4 zemMfq`8Vx@LAuK7*zF211Z@Hrph%P+C^8)Pl|<|i?2V$`$>tb}FVrOi#N9aJ%HuYj z*+TKnmj<|p5?_p~T704MkSqM`e4dJUsWlV&oZJ7IdKo9<R7W1)02WgnhBd;rq+^^LT_U+L^cfj9GJ8eCC0~ z&8_Zx8moF|${C4)DwldL3?1edW7rO@nE8PYnZRG#Q5`yAEzE_!=jlYI>%<+G7%#Ka zqJRAdjqpn(qI0Kp&5QGSf_%eHksPsOEA2VXVb)T$WV;CG z<(cUH>GgHj!0B1y*Il|_M*NecNH!ak@R=NXQ53z3nn@3mV9;1kV!Dj*Di$#hHIwmNZT{y#n1Of~L9D|4+O|BHfJ_KCQA4k5yeJLJ^aRz(r z@^+`mi^cRqYoltj%P;_B@b^Ie%7Lx4?-=)3;jq$zWwM0fzpY;87Yi$agMXq zAf`UlSl4!s4}at%t1teluUq}Czx{Jw0P*aSpFh^eMHVH{nfc0AWcd+2k>03|$APlt5C8a2tp3c8{rKwcqaV~m^pCC{v{M*|7kFtQ+_S5f;qMx!Ik%t} zu3HYo4Y?1Y7in2+6pHw=XX^D(ee@FN`w`xd({|ANqx7h#BcvHX5g>mYI#}TR4d49R zl{yl>;L|rTm7rw_aA7{pLU$|?u1&T#=?%5v6%BhIh)0t z&bR1Zhy7yRZ}{7xyo9`#M{U4$UPWHhIe|35JN8qm&a0hv*!7NzlI1z~l)LZ`I*L3I ze7b+zZ?~L$Q~!v4ch9?HalU_E0)<3H7(JD|NiCK;`GVD_f6}{GKlkA`y@>Ea zdCR+0O0WKDcI+OC+(PENv^-Szzx&lUeEAog>cZ+FKR#$-k#}okCsk;25C9F+9=2nu z)t6QE5U%qir0^^1t@EVLxg8g{9Q_PqGU7N8;qV6>l{~RQ=lr}51Jn9@Q{Nh3QBpc2k}{lO-^;7!{ZIn2hZib(9foQJaQx)Y+7IjB` z$}#SwycWBOKY)$iX$<+{8$BqWqG$7Q0MmZQ?jMYAte=ki&z@fGmm0Tof8o9U{Dr?< zq}ccc%`bwePAhXigy!Z!XUIck{D?n~v-QUArsleXW&6;FN%}>80S~HcR6Q?N6fyHH zWL}Lg_0#gu{iD@uC}#C#pgVmo;qj@yu;e&LlI;Us-!bNXscYQlHRg8CaXwSs9ETx$ z1c=T-rYWKu8@*y2WDNZwpaC%{4q*^5UFoeB!#}V~(0zq4)Mjf~f4yZH!0uLxp{Kn# zNM@idV++hMSb2S ziHCurPm()<-a%1GoA#a@Q9@)ol~L-!dV0(dSVVO?F1m<44oER0n*s|KWlpO#77c6+^LW{z?!cI;18aWtfUb zj~L+9!qlJr1OAqmtuVDKQ(Wpl2sXlVk;Zc^mmN`kF8LYtO5;V0ncg5WS>jz&#s9Si zXKes!afolUHWv%k#RJRx=h1&tZK?js@>S|bOa^}=nC=$gCVGSAwLQ?I{6+tU@KN#< z`U*zJ5rrMeqsX5fbffb}=usS7pQn&TicCs+fxjy9Fp6D=xW7N@0e$Hq9OxB8D=g)2 zdRUC1J&UQg!zdb&V+P}6H@?JJ-S`MOp|_11KALx4{PSUW<=XuF^|#%kkiU$tbK~Aw z*R4m%If`pNY=;Bhb0x*03zT&|-APd=t!FN2piC7O7aux!F!`SMXlFU?G`G@2LKf+< z2!i)4IAS6t=TuAwuXmRqoohEQ77;yYkbdTL{t}ZHOu&zJSkVHA z_?bZJL>%p7@cZUl*RgX9KW`yM829_WY6nq!b7N*KUQpwF97)}uH+T^GMW6j^^2!9n zEW5j)Ocq)_^G;IQ0r^34A&AaLzKguc;s)%h3;URk%c3gUJ+Rn=dZvTC?L5e$E1^D* zSbp>gT`=W4hB5i1>g|KoQKTQ$gN@0-PB%Vp1>w=jgUhOT5_J*&Tu1adC`z_q#&NRa^T^?{{VXDZ z`g~Si*9-Rh$|3?CY!&`aVRJl}K0iUZ<7c(wU&M_TeO~f+C7mfZNuR<0!|Dfr_%E)0 z@X!9}>YZ;~t^Sig@qMeW{)*qUA(Zbv`4c~3^)G(MKe_sS-}}dHpXZ9jd)ejL3)v0* z^Q9m0V!anSi(j=X}e;d@O{@qX5`JV$;b#g;?wjd=>Aj| zdF2Zxn(Z!|dX#-0zBNxGo}hUY)iF`w>-ei=W-%?f>p66!58k5#`z`*fKk_w;#Ie^# zKcRmFwM@FU$v+vVDG)%%ZCnSJ{BP%7n3R29FXZ#D`i-Bxde1xAjduIEzq?-D>1TwW z!`Cf4^xdky@+xwXAMp<>4#H}ie1hxzNj)(VdEpeMJVD6yABg3&NbEe&%J7LjDAO^= zJly1`XtnzqGUJU*7;z#BzA{C0H7(QfXqkAjU**HNmd82oc|gv`eYp8U z)DQnSoNtha>)U9qGSA@G_*|1O%Bq3CV-r1eqJ8A6)Pwmv)i3q-uVaCx&-gNgIZ@uB zKKX=rlAIvzjd{LZ-$liZ?VuNkLmsO^^Lz^6!p-a4!s!TtzRi$=}Sq>wR69sFLLCK>`IDk zcb=dVb~oR$D;N|HBYJ7q^)*Dq^RF5aA3T#Kk3?TQ)D}I`C1P7=Dj`oX>CJ#~-tLlGuDzplC>4wniy_O!Ss|u)VQUPg(N2UFt#ZZ9Vkj zTAvXo&ijgce)^L9d8-|zm=9!g6MBjaHW#rIbVtz59UtU&?t=)-JTr{ngMr?12!LqN8Ng^={|aAg2TX;(GG)}(8&|vS>_#?&Jq@wb9J5e@Xb;Q|H zPgnVLo{8R`USD?&JS|jw-7T2>GbkYHkE1GPa+re*isDiTGU)I#g>qD2u^E+&re|J(;AMo~##PrF18HeNoE1l4qZ3x06dA zl4`Lb-!^GHSUoE3q0X^b@uenRm|$az+Y2RN|J;V_!zb-3@N`nG8EmFr&2LA4)|liS zMfz|0E5nore=+?*%y_BL`?$iI!ig`vH^I4RO*aDbQ2L92rVkwyIXW@&j+#R^<7FJf zzNhmV{q5Id()P-W803e_1LOk!g1-U`ZFQ;3`7L!sj`c%q+avXd83xJ~{!IUmOUGuD zoTCVzxNYW}UPRv1yY1t0_{mt=;Sh3~es6igU;57eeJS~^$ZOW4=DDIG7fakQHi0*QAaFozsXaQ)%G4m0xjai>XTiE(E86jD#DSk z1~L7%<#V2O#y0}ZYU%+wvY(TvLE-v3?vnBkU}-+wiL2c>J6jHM90pR;8ecGO*B|ow zXXA9wi|d>Gv3@AaFg#Uz2p9uvOGGa;WLHEMa6M!3gJR#iqtOTg?qC~zUH3LGnqg-z zwT0G$7N;Q02OqwYY6-nVo5hJ-H;M_3NO%c8Toyk(4W=FsYW*>Z#S*%RJVNrVC5R4N$L`Bd zra3SD!o&V#md^P)`qM!@4tE6V4+ChigrEQFh0j*3>47a@hc5Njs5dU_Wvk!NulqyK z=2z`7R_h1-THbiLEdhhS2~ySPr^x%gBN?JC9Yn+JTDoRF=u>6~wh2RnuRd6VeW7`f|CQ2b;b& zNZ0n)coY5F-?F1d4?ef(VL18|XD~#^S$01zr5v1}TNW)*a~x-rEpUvpxL1ooFJ8WD z_57vcU%7+D$=IBJJQ*t)SS0#U#nx~Aj_+Rm#9#Q+tKay!pR+}a!q$+KEeHpbJ=HzN#kS{cl2{}k zZ#PIGxqZln<>#PPc(9Wy0WQGckEUFV_>r!l_zX&^3NX!tE?Zg{KWB7ASL{un#slIvrq zO8O||%TAh-3j#&2_y>`Iu|b3~^_5zD`1)pRlwKWPf!6K4^4xh#at!{{-HaDtk{{5i z&(4uM#dVIB0s{0slMMw((t}9)Z;xZTSb1M3{Nt#EnSSHC{(3u{rFQWbPP6l5?_r(E!Gcg(`=L|>vExWP`aGbhmP&G9+^!e0sDi`G04sAc>J0u(U3oCglwcm5@jtekR7 zi9d+Q%cc9op-7sJ>v0)7ZG0YaEAS(4+6f4s7433e{P=yzyNoaR@#`WSZlEXQ-~C7! zOTYKT8**~3tFXr_f+T}H(e4S1BMGV5KFVTKL{<^sQJ|%R8 zdXe$>n2H8mW+;#0toW2u7cP4$Vt?r%br`5mx? zKWnERvO^)eA#zM&v6FEo_@I;e`jqI_HLlYq`64Obkv0D%9Omk=fsB6YIUX-SG0sC@ zQLTKxq1=QYTqgPFC{VSKX?ZC4&&+%jI}xNMDo%NShddakBYuw$Lg&q>9f(rh)NBDzh#g-+upq)b zF1TDnWXWXQ-nr8Ea|B2|_$&&B-jQG6oeH6I9cJSEw|g$RNo>w%aWLfNe(Lzsd6H)< z@dUZ|T&^hdrXAc-Ne~)i_oE5= zVDKCAO?nq&`Ob^eZ!qKp6{Fzf7r6lf=O_|lc&^C&@bimP;yIDm5|rJ$m=eUVn7iWl zCVf40lAMTtWxr2p!09gpdh-RSDe)nCLrq1(;{2tsI8%yOu5QU@&& zNSJf4ykA?MbB3;+8t=0)mgmU`EhBv%4vZv6+7X)UhmJ#C&}GNh3q&7YU;6W3Eb51~ zhq-=Vs1@b6=od-!*UJ9VCB+do7y&=^8bg{SSy77t&Myx~^;4n@4j6@@T}@F}M=Q5wc#7ALXQ}5$jVwDDozOaiLij-U7aVn#)2$w?fONtdLpo}c<*Y| zxRQrP;938Cr@eGN)J%Jbw>Ri+oXQn6UQ7PeTR+s}{VF*Ij~TBm!Ek>!r_Ah`%w(aU zG;U|HvsA7^KW;~i+a(+Qp?<@IghY~Ilw{N~cpB@}$4Gu5dC}|jum~%Jo~)=onAb+L zvsaen$ZJcP&|&eF1zE=J5XvF~Pkd@V*6;IRfiFY~m*!klgg7IH1X=u~&V)&y`Iwzo zUGrm>$sTd)3#z_o?CBY?wwc+A3Ir}KJo`>jTDi#LT(umuXgYa<5GaYrI#Fw$7zYGX&?5wpCfSDFlQah}w3l7) z^3`?j>q=6*(~exYmQ9o)JI=WbjZUzLLTu3J?FKBB)9rp!n8wlDC1~VKB(X{ z_@Hdi;WT9UynHGPU&*#XOOjG#oq-dZ*Cd>5oW*j^L(bd-wJLzdp}r$$+H?9@JYdQZ zas|~+x4*7l$z{66Z)(>k1}=k%BoV*ic>TTzs*I!MWIOQDKD>o|J;^rX)iLXq(78;| z5B8YpG0EO{lY=g`L!5~6S-rkNHRbhzwFfrK4y+_McMcxruhb@aPC-CwM-I>_*~wo? z62-4fzP8f=Ke7jI`ne4rq}^L9j(O%BZVS#etG)Ej$MVA=DnCgfWuWA(H83d&}PGiu#me;vt+;+u2X zR0p<5Ib_Vvpq-K-wyh8Hc7GFqMz>l2E_vue$VFczA1{lXM3?)JAX0O?#AjW9vM(Ss zfyb$L#DRmD>ay0&ngi*^tArI#m9W@P35#8mV-e2dIy8gN@l!d`!B>da;pMna%h~!H5`p3A%lb!|f1LWgzNIavV zIM2!DVzheAD@aA6)>SU)MM6MeZAN5|m#3KKj)+{2abqezZe9#ZITEDz4EE_oH4m zUPF)I<2sx;0^#W=y?MN%{}4XcbF!CUGzfHh9WQiKUGh_XA`}7y4=dV zLKg|gjCdK!kw7?+2L<5^S%wn92onxe+euaF^k0R98~jkh-_R>(p;szq<7}6s%1%-% zR8Vg%8r0_qe}Bb`{t`OCmUyL=Uq=$ z?5~7H?;jvpbV^?M3G()i5j~<`uG1_>ArO2ZDgZh`!cz=kaOel*q2l78)tK3W3<=e@$LV4z73FZRfngZd{&89@tYK&$A>d_kWE|JO(hX7p90V?LzUD z{3RC@Ps}BBDxsR#&m2kY0E^th5ZZ^~fF8?|{!vI<=g2D&(k`rKC@E4PuD1cH`*|Gj z8HPI*!glyQIQu%TIh329v(!Glldk$@kidCw+`VjOU=4xrUf;Z!wOkPQ%AFV{;AZC+c^aQec99tN>aXz)8%bX`Uo@ zPUg49B=1{;a8+>zT8BM|t5>!f$EE5x10`P`UwjFCnW*^1*P(O3;Dq4PI#jhZR;+{! zjF@!r9Rrl)$15E^LQI{Uys z6~Ls+q;|TjkV9V~@=_h=t8kd)q!t2yoA7gxd;0>b6>u^@N2q%Zp-Z^7V&Bd&bTkFv z$O+Mhqbn4KetU{@zBRQ5gTA<+$x9Xzv+ePFsu%S3j=yQSkXp-P^Mz01tUj!d#Vazx zPh9-2k7CZJs<pzqSNJA zc|EmXKzzeaNhIRO4V0s^@U7IZy4=-Xi!ixMet;l3iiE`&WL|@=s$Y&f;??z>7pC|u zeQ}_-T+rno_6C7YZw}}`rlAS@_QgTyO?caa8l9Hvg};Ox!Q0+>bsWR*g1)w(c*T=i z^&iA7vP*G{iA z8BvLczN3nW5E)JQX0cQ4dAv|L;bH~3Lon7+#V?D^LNIaSM2*;Wm7NZJvP`?8>y$-J zB!WCSSSTP4JaqK`fqZ!f+6w*B^@ zXY7&Z|0UjpSGzl2#xUIJ2 zLN>=t)A>XeNiT1I@UcDlkAK;vcl=3}!VWyaN&1Ohc|td|1>&*?=+qmcJ@^vOqT72L z@#zOmOX!fm!D4lpuYtaE&%fV(&-r@v@2|S9kQ?Q(2mgXy3LOa;9N0@Fdciy2QEDpd z1@s46phWbb&!GeR+nyV(YNO^GE;}0JiL>k)^!EE7+28;5x}AUX?tmVU5dr!Xbie38a`@`m; zUrCp)d;G!qQTyOmyB?=#U;0xke)I(jO{re0UIyq_iG=K^$Zo78Ir}TMN&Zxu?vKb( zZIdkAUp(o3!1mgQ3-gkM0B&XJcGiR22U zETJd)-o9I|XAus-idCPGjU0W<3aJNE5`UMfLucU zt1PyFt-Z`hTVRe^+;_1lmvxJ+8}1 zHrw>tg_nkEjF4Yd#g~aLQK7682{6ME%hnvb| zrlEuS+d-mo*Ty~948pm?r2#8>3&aaPdz(ZjCJA3BCV!E&;q zQ=poa5c`FI6rZq3h$7BMXQ1Me5%NiTpt{rDNHD6^+rjU~haP#|lnOVxDhvj#{iqNjrde(8<*xr}laJ0~fjV4Y=0+Pvz6Dvw8=c+!?%W+^2r%1GNZ*Qo5w-Y60!FTX4e;|1gI>Z3@GyAE8&YCX3Wo6u3 zY`)oTla-gW1?QaA$4tzNe)!2ad-=7u?e;%EZcjY_ipzyKgdcev@^&~EKKUPVLodW1 zcIKoXEA3#b>nv(|Ql+4Vp|1Zf9uU{qX~(rj+cG2PvEkA=4}sH9y`%X4q{cWG|N6f0 zL$%$}p=5L6ilk8ai?<6D9pVdH@wn(dDY_(U9@-!g*W<6sc)Uac`ocfxN8jI)u9sL~ zE}MQDJ#ZsD$o++XziH>*_*=!d52YX4)wonL_GESKKBAUg&eSIxW-jNq=im&BYbM#?MFC;QRf&7%1e;1YSUws z$13@$Hupr{a(>($5oAgqW@z=p2qMAbl8?F5xVw7*{X#3=u!(aarw1- zo&@iH?efR|(MLNla=FgiGi%}?F$_pQz)o*`h#<~?Zisb@f5+24 z6lv0h<`sw=GHJ#Lp&#&buU&}Tlb#EMN#D8j8TJs2IbrQ7*acHjKlw*)0A7wFVJM;y zK8uf2;x&n}M~HFiaG!F&3VT&oD!~_)pF4I{YuxO=TXa%!za$^m-{&CrI=tSz z+g;d8yXVQ?T(99bp@$^TzFv3vGylVDkQujYzFG2`LNjc^=ln(<$k`&>WAAS>*@!nXj|BcRC@y3ylc;92#oWOmF-)xZfAMZQ0Hhks8GpCP@eA2@xQ1XtF0- zXOkwxvBvcpkX@)5G{etpI(fQ=#>Q*G23RNdHvGS3IrcHG)Z-PsBDisUY~y;N?$?vP zo7q7R*QZ)Wdr&~rp1YYvHonf2oden3j(%QpV8PyBJ%LQ7mZMPpNDiL|z5-=c7bk?f zvG!WMUcA55$BVF^R<5&n$E$>}H)1(EdlwUD`aYiOmENZPN)Pcwkv>;{RN?kaGz?N= z0TUsUCP`MBNMHwn=JL{nz1rt>aZ~g<)mwkOk1aiN{wnJnKmIdYVS}ygr8nQR{?p88 z9YbfZ{==p(z5bcSLSLMgewxaM@i%lrpblTOjc=}3+CO8TEp3bvWSH#0epv`T`sX*< zO@DZd3N~2?R$F3W``#`adtw3O^Jd4t-gw)Nz32w}^v2D5PQZ`(POFbQLEAjI7KRsrLoOQM1^PTCmkPa^- zPWWOp*pV-CgC^lW^IKy}vSc8^;`a|OxWR7t{Ua(Znsk2Jw|B6yN*)+8s3s8wQYGte zpLDTZtAxdVN*tJGnxS^*N#C)Vrkh6Sgi!xUEZO#mGwsFK-f>yb_W6hHZtIQyicK@L zKG`$l^D`waKB`6i15dluZOUbZel$_$AMvF|9cM@`+S4j{bH45sUr8sY?YCnueEq_% zy+`Fe5vtSfJo!MIe~y{`Ar@%FuAYD8b=&OVQ<5%~WT(Y<5>z~CMn5F!|755tEuAWv z;J|IxvK_`OZ}ZMRQ_ztyTLYOG{KqSA*j0D^(SCO0-9jn6Ob`OmCp1Yv_=&i7J7giv z{feXq>7`5Ut+~VqJ9ztbZ5bsEV1LaHl0lw%@fADuiref?B{aBvldR##lR?y0mV|=O z(JuDd8}y_Q(dNkpO5DBkqyuc(MHi?dh1jwD`dit{Z@p)oL#MY+;>X}=m8>{a%;|N| z9@j(F@Tn-Tc%)<|B_K{7|B3zTj3aINB^If|iEV!82glpbZ~Be(pLQnUok5@J{1x5E z(UU9S1G%YYmnTJZ*&Z9NXuEB=vXa(@yFXMRtvLBeNhc2~S?ZuuFS9p4{3Ph~onVO{ z*d~65e&qWav-9d35;4Y4P=aO2$4Of4w6hP`!B$^tVVkxGf8gP%_dfdA<6{LG@f8Nr z!A`Na-v5{#eAZP?6A4Tt*Da+a)r$_@)%_URa6s3se|W?WKI6({UrGeQ&e(Ahsi1Q- z%zw#8O0?6ywY9Ck!s0f|^x7@Ahl8ZW$De!I&b{F-yHm+2?iZrXAvP@8UvS7*Jt2vB zI&9EDn|bnX>`#wppN^XO0dCoJ5Ym;r8@11Thz42akyc3VNpSYhVcl&NQ zVq$_~N|b$9l=rh?lJ^xq+{;#3Vq`;IkDoBnKKS@k_jPAgZ8CrLrzfAcJ&rw3?M1SU z$8+M5$D~k($C)IbOx~gQDR#qA->}8zpF^>P#Jo75&Eur{Pxn9R!IRBXjH|?#)d4zg z?1^L^C2-z(%0X5B#r>b2a=IOIz_+WC37>ub1zUdeU9EGN{9+jXHjVWkI?M*K8!~n* zoimrmZj8Q2uN}?KJ$NS@yXNRp^IX5;+8b?`9ky|OW;e!4O>7?Y`ejX67%@W1v_ z3)y$X_fiYB&`-VaFFW<}TkH;!L-7&Gn~&p1-&wyXvvQS7*Gn%rr(O8nT}rX9)OR0r z64bbyc#!3S?|t3Yl1()0E795G&%I=OA9t?3_{O_oZ{FWa-bu)7D2^ZV^{s5w{B!D3 z5`2w(K2q}F)zaJd&b}&mAZgFXYe2?biX~Ww>N^H!Bp4c^C+U5$Q%T#5t-2Kdj{e%_ zw$&QTYMeMjO-t3Mj1%wp<0E$9sh38(vKNuwOCcp{q4Uc z7w-y-(|e0@WsZjNDZewB6J))R2X`_#gi#i$p^}-m^@T)vJ{Zk-jnA;%;tWW*h*iZo zo_Ne8SrlwbZ2z4~Mar!}J!Ji6q2x)T&AlQXUhp^jsZZk}3HL3H>GW0g7-uT3^ae#R zXaAju(Pk^n zJ+D>G@_T299!~agyX3@9ioVl&leoig0CG`ctvBS$?>3SYqrd1eASAL1>|av90w4Nm zr#TS)?$TU*Bv10N6f){rPLXsO^~m>$*Fv|cl8S0YoA*1npZ#N@e>O41&((~%M&Gk* zJ;B<0;Nx25_3V3XTg|R#2b zT84^DUmpJp67WfsG&mvnwSF${WqQO|CVY4@iop$w!@ekydQt9Y<$(N1A)%37mIyAy zToyexh=;oCx?8q`ulNfs7)EB*p&rEVdqxUHdAPc4p0-5xOCIYg* zmK8Fq$_L++f&XG)frB@vt3Z6N)zoJqhj!1Q%jH-kOneHn>me_cLPMX$!S)4KE9hj1 zj!^eXknb+pVxaUC4i8=(oO1LLB1f+VOny=v4E^AMOqL9guM)#}vYJE^LSNnW_VfcqEaY|yC)?cfK_TbQ$@lxZT!OKCi^^+a zg4d_gS7P1`4^3ovQXI)m*`m2GMCx_WDQQ5`L`>?x5GxDSL4Ot0J>*S0zH^T+W~hDr zUKlm+>^Ads!&D*;a17EbnkJ9`NOd~xyzhO}Hd}o;@87dB&ER}<%w`vUe;>Q$P@bMWrcrv?eMd*b`b0B7&vgC%|7caO^Z!8Si8GS7_T1}EY7GMmx2_d z{#@eKp+Dkr+clQ7qj%p_34diinDtB-~xQ%2v-5~8oGwu_cX4p`>_q?NQ#9XyI)s-nBnedUP{%T#HjnhteL$rfr zf17ib8LASlSd1F1G|;ZkKDHAM*wuE~WKB9$pybsf*#39tsL~BqZXLkj@^3) z`}*c%A_?Y!r`-O7e_>(K-IF2J&+0d-htDi2QprVE9J!mVyWA-Equ$yiF=N?9N7&`Z z?q|3C;bGhTM`tU+SUVdcW63+lG5CYp!H;D-o=^ewxJUenqbKM(YC;TnmlElE{ub0$hYa}TWS0>vm(+;tlj@#Sy z+z40gwds_UyWUDm+v8U+VW(VnvnLC6yM4;# z&>^<&=*4W9c8Klmn0cldn-(FNu!GlvP8u({i(e)EV4v*1#jbRfK1eA|4j z73|DIzh=`Z&NVweP-5t8Y8%;C9&0bRm<^wHkofsnI|eJ+8r^zalD_+qkP3``jkw^J z%SFY5IcA*JmRn?ACEir?{nEeRvVXkvvXW^O-$-<$9{!*YhnmoL|JtWN&@tDXbJ$BS z|I-#3xp1lOLJQ1iqZePqcf{@1D^oj_FgAcDpz0C9wgOXEqAlISlyH;6zp;CRm zy#ChP_SQS^I({m z&e`pfWA?Xe?)bfZ>!%k=erliB*5g02cSK4Y@Gt0<>s(a-j7@B`{3ttQ#|^Z5>s*ax znGs(D=bn8QJ8bu{wz_<5)BTRMu2TF_oOT=CT}Cqd6x(#Auh>ub-r8oH zak?7pjZbHqzV`%5YR*2>r;0(J_&9`Ku%lzJhBlMr|BOTUJ*eoS&Xn@9L)&2vrx9^{Isqe5zJoDsk>G$mK?qS=GS+Q4} zA?ED0&4xPsmpa%{^n znQ`K7o3CS=tUlWII_509_p#?Z9-GH5_3th}=D!tpXpna0EA0F{vmQRl4(J)C2Yjc< zS9mD#!lU-HE!XOuZ|cvl1msJOIl!*D{rC3m6VA7RgN7-FDq)ehEnHpN-I6iW@{7)I zD=)ra)?`!I>zI4!K-u9q_eX4@pXm0jG>Peml`(<~x)$ml_Yp)c2ww2i;?H@WpD<@E z{7!O#PaXMT@auTRcQFw9LS9oH46%j3Ais9cli=Ym%%v|d(~rOSc@Z!u$*-m&`~q{S#8aG~1YY6OzjotI z<9aFHNQ@qD`U>F}{TB%FIcyHh#Ki0kbl6`>4ld{a%kx}r42#uq*trcq3Oyvbws4&} zbmm?7Rl?j4>tfyjnxUZz7_Wy8pVo{__%nGjG@6y;q)cE&Xboh1o0U^lFP{(cyK1t= z=Uv^C{J~o`4(QK3q-G0vD^a<H#NMdq zfZCkqfKmI)zh86-$ojuL{udH6Yxg;-8Cdw)3`G-$=-Ug6*@uMb_3w$&v zF9d$wVFXv|BA@nP$gAkV0UCs!T+nL^Pth=Y~@06)p>xdmynfXEL6c=AQqR+cJLKP^qdK0jhfo|vfJ+VCwepW;l&gVNw>AA02?|Fk7g7zjS9 zV96j|;9|cZ2)~Wm>(g}#7l0;XJJ99UXUR|8F6!;e?X`j3aou-+b9(pztYuLp@PvJ5 z5PnslW&3YbUX13dU*CQy4ko^QlFRuCy8Co4xrsd2LqizN`?#H_HF>I$9i8H}OJNUQ zFO@@Ftl=?k$EO(+Q#SlLDZLh8=c2;-0;(O~(I|sjh=fWOhaIZ_b*MJHTn4l2)N?xc z*-6RjNm!bvttGW%PJbn;{PCh=lw2^n)Hia!w}blIZ?J|P^|h_E{og0PV`R4yUm_`! z-K6vcEV~yMacF^gijv>DwDVOLuQ1iQzkU*%)uKIZ{&>%g?Tl}4*Ye_XC0Vm5+2E?5 z9&B6dHPKU)lt;1>ZP5_z2T6+Xv6UEnYt?~8u#Fuzd#!eky;75ieGa_eR_l=z8RN+j> zS>NZ-E^!Z?cUa3winVmlH|K12@iF_^SqJSRzLjJ(k%TNI4AYkQ_1Esm?OeA?0GU|} z^R%~~lE9E%Uk=J|rsSNv&i=lVxjs@N!l%)mb}nQ`#E>;|hDFJ`68aew#nBr~#mWF$ z{gaZjnnWs^&en-%@cz zNs5Xa{q><&CZ0@?>?YCY;g7U08E>}I5=xYzqk_D ze{=EycFB=nv&BcuEpZ{Yz8|YBy_nr{+V^CSAA8%3E#RO2$;TI(%Zzr3gBnMPf8yT3 z+l{dc58JKfB*nf^#<&Teq`%SxvC~65aee6COzNi|zVQ3Dj&@e=E8mpgY^{~-x91)u zeznW2j|pf;eyDgA4=liE@XgMfwFhIRp*G3RKVmOCcHfiHe#6H#so%ga+)rc<=nc#D2mLjcnk*hkQanbx zD4wZ4r`3m9D(Rm^3GdgObhvG^=CWx#s&S%h)yIi$Gqf2rU@wy^5+A^W{FhpIZkOM~ zSDs{J$MlVF>hHM8+II9ex3dZ3KD0@C(1reh6mJryiKB(|4Wbo$>tf90K~{FI{h{38Z$6%&vq*7i=Bh9x_sa5 zq`7^89eluiep0O-jqh^BE9wWIeU6*SpBmPaBt5Pb23_qQy#jB}^Q4H-SF$hHODL$7 z>&V>?eaSX*3Oi4BljMqm`gFaIbU;IMdY!^T?9ST>bTxib>o@i1Y|Q2BVe(JL(In@W z9oY@Ibk2Mi>(T=>C&X_6`bg$zU1k0!m3Kpke!_3|cpm6`FV_mbXdf2%{mfJ+GxNMH zgj|_sd}Y`93GO>d%0oz2Wc?k9#gP{#ED24!@g@=TCHR6%;LAkCFSr6T^68|B5$!KSPkrcVWex`ZEO=%|xm?_LdPG=07<>`4d@#`mNPwFp`n*3; zJr-&i2*Ru56PdM;0PLCaf?4)_60gglwtSq^i6=S>gB61>5kM!79Qz8)W@!e=A(_^bJ=^N=3ZI_5#N2M5v7Yy`RbRnh^Ybx*8miP0b=@P!a#*^md zLvDq|LF6TYNK6Gl@d+ON%L~hTXw|NID;IJLy!;J*dxc`e?X*?sc(JhN^w2Nz8zphdXGLs9Kl6?7-d%`CWG2+xHa$xqyHKv?8?7`Vjff^Q!dNLM*th4k{X8d1}4A_R;Qp^bZ+(kM|=0Ieo2`b8{ok1i$UW;8V@k$1UWk z|2!;&tmyM5qydeC0_glTfL^Y?U!g7J$fOMi zi|g(~epdc7yLQKURL@jz;?>sTiTu*uiB@@?pnH-G&=i;eQm`>=Jvz|U!Wz4kOgS96K+MD z=~ICKSznpe*^4&OThw^Hhq$1stZlz1LImZmc?7lM( z_E$^ygs-=Iqm@{8%V|f1{g6B*n>G2K+basDA4>r#@Xe=QWY+`o_+m^9-N04iAYA?|txL$cMP25*gL#Oz4^Ai``!l< zbw+iw()HIp&bXaSw0R9@JEhJcd|dOi>7r)kBVCrf0^{Z>Xth^ zvCHM-zD8X>ndOF`#d$^L7QPPB&V%P)d}$;fR+JyJs*>@LlPB~|5}4?_D8?(P)t>Vb zbZ@TLF<06E^LQ6scC`&2#Lj_@jzq6y<$O5Q*X&$hZ#eoJw$GMpwVj|?*($N&oFD9G zLpvf#SJ_X=|A^iE4#A#@13>ydWLtgAuH7ylyYW05F;8nd-&WU-vpvRcXba3bo$uU9 zf)uh9A>MA#fn2+^W88dpr*_#TIkJdj_0db(55KXUY)HP$_(ch*SwG=Vhtr5yc5R6N z%~xJRyEtxGrPE3}uz}a#ddJ?>j+xocnw9r^`;MHu+%IHTibePY4`c9}>EY_9?*G~0 z>ZfMz4NZ^t*%9>CGk)M>0#Ax$oFiZIeo^}6AF?h@=2l=M_FQ`Wp|By2sd!Z2noMvq?(y z^khZZiMj>t?8-xr#q^$jP3Tf*cdG&z~8g9M3ld1A~Ve9?{ZLEv2 zPRnLq{*XV)(~;2~1i2wb@}9pPgmr0rnz=-dxL<-?gpvO%sOI^3Fj>Fn{OzGS_hd!I zB;Ucmmfm#Eyb|SE7wpvU8Il!C3dsy9C(Pv9uAarpm&gBr1Pc1~_&*?tFE|T60Zy#* zUcPUTPRhfz{xCoyUV?_B7Bavm(T}-7f_1joSzE69oF7Xbg>%6eEU43jF8ym2()L76 z7W=?Y7SGdQ8P7pg@agz;0XW%T9nC^nBrCF2eC2(v*PZJEZF!$l2n@LqtOIW`F!T!N zL2p~oYomua3WEq%N7zfduo!zo!%jz%KMIfY_Mr>R4JYK5TYw3TC~AQ4b7-hhGql{! z^_=q511ml_@p&+=Y{9RR#fChv-(aM#FqwVvpe2E-*;dMx4AK=)VW4fE!)+_= zwp5Nng`;a*pVj(rYawFDYy*4!_hOAmdsd*ss0U%Z(f?l-H~{JM`< z)m|Y`8mNs!ypkQC<+}HKA|j_wY^%ZUQS!Svu>z)6+XZQT^0lWCxU)mKn+-k4B z{$^d7?82}igKh6^H_{@%cIQ%pf$wakMd2<@#ytGDm+YfY$J?jlC+PE8(}jEF^y#Oc z>N74r;{^RP-s?=5z%GEX5KKZFLTB=ZYv0*=P5bJ)D`ezUL2U4;zx~~gKKU$LZL=M0 z$oxy$K8GD;e^DY$_(4^1pEUZJk~Ua?jvX9HLej26j2)x{T*Pd8{ol-)xZ_$S#JmDgQV_;*F-EqX7wh=8MD%{(+lB(nd(pof1QQ z*GlAz&1bYor~7WcnqKGGcp;zHrXF|dIX3I46>QoCm$hZr-O7$T{akxedal(ei6VP{ z|3vAKSfD(I76(k61a?Wg5?={DQ-+uyZW7hB0T+4-Ax z!R6Q4+u9Yg(XsmIC2YU#HjE??{2}c~dbGeST}FEp4IUGb%AcI~10Zg%tO+?<2`* znxeJkw7ckbYmct2?&qJ58*e9{`*WLN;pJ?hmDaU+ms`tbUt%@8^WOXGY$8MO?DPMy zXPw}XvF5f zzVxc``gmgMN1uFJS0}p=F|{_XDjrK-<5YJtNyYGi&x&97S&y$7hB7?(>pR)3GuOXL z`lF9O@fiDzc8L90w6OcZA0K|q&c5^-d+)=K$_Uc8#THt?me8wuJ;}#+;EmWGab0rt zV3fuik~{Jru0*&+^~&Me zQB$*g$}7$H)vJW3XdK}?JGxG_s~h&Iw%sn&_(Okt(f;-3yXA^C-~RLd2X^0|AF^{V zxylYbMz0$F$!T`uZFhO{bxqOI>CRiMuS89DkYndvJrL1_UyuY3|M&)QiVYjoX~%tI ztAaWk*bN`4K^!FEEw&!2^ zm&Xs<^Kl*h6pK`%=Z=#PR6o`D71CKhwad2-QQx?{ZSvJ`sO@XiPyMIFXXO_XH22?O z6D9g-CtLcd)DIKK`Z>>`?^=cXtLHUttUVZ)JgRZcCDQdxiuLcS-)wfQw9FFr_^&R} z>x_rj6+wT0c;I2X`05+&j}JcLW9Yg<>B3g)t)U&T8F!*LjcY1*Oh$hA4Gc(s-yXZR zeRchn8=^vYj1!MJ`Al15^Brv1{7cy0hyKw1{P5!q{fx!M^Nu>uV;H-+cBkatu$73X z{@?{ZQ**el%-XI`)#@oCZUvuh$I;|xUSFChL-fLV9vGnqu?3!j zU{XNn2eVK1(gXA)MHQn6^TQloPYNj%W_SyMP#H8A0+Xlp~yBKw;HyE|P{QE_hz~}IunlHLYzL@l9lOGP{y?ufF z@Sr>shTcyp7?kTv9)7OH1(o4xDgrhGsVqqmiFtfV<+AeCPywuuboExAj-otxP^YSY zP0zJs13N|fQ!6Am@ncJ`rRc|N1*sST?*z%&Sb|Lt`jSpL-2(B2%?U+ zFqr5}a&-Ph$W#Hvv-6!7!cQi@!eFI-Gd<^k1Kp}#2M8ee+a<2dlVff$yaO8v@ zXF!u2s#S>=dRm+SO% zv7={yo&Xa9WWp0**k)rrfWJY1)Q>ode#EoeNlqwz za-i2-Fv;KPOMU`@**SKo|9)giik0`Xat&d!N9@<{w*}RBsb2U~$WMGHf9or3=qHjx zuIthRPh+DGYM+U2G(aYkv2TU47U6k+e1bBfZLa z9=r3BGyJL0N*vGs;{{t{`Bki6|AE$_`u+3)nx7B0j)6n0WAHF_+QKXT{18ub%sj2_ zzs(qzcO^c)lhCv00pGK`|L`Xsr?-BZ%<330&@Q{_4*#sb`bu`u$w%AFGtN*|bv`Yg z@3+IocJ{S*ST_$es9ra67A+*gFluNd%Z28jw+at3zw*Xg?VE@EK-Z-&oK2rmi;T4A zUwPB|4H_nz#1Eg|Rih@m?Up<5wjK95IAj36OcuJg?rJOA1t%S2!)KeNiVjYACCc~p z%EfIDJWf^MNe__GF7*YmtgxASLVD**mMNU0MvAXj#n-^0E^FF}2v$dq%a6n>^c)GG z$W*@(u~X5s#i~m-)aiYHe$Y19cDE$U{?bW*`}@CMv!9%MsehIpHPX&M;fJ>PA`7{^ zPB`xpd*tcA$##^GhyCNcc%#1iPGS0OecnMk+FY|#+dxL~&3F9PcHHYbI+gyI3>8nm zfA9(a9C*yhcIDYWwJkRolNEP}@9(*dUPFHQFSUbV*d2D%ktS37X*}(IiT<1p;$4$C z>Mc9P&1ISR0f*~Qas=`sh5;Juvac&inIw=+QnCw4iX<)mP_Jw!iLv&0RmplJ?R5^5 zOhh9#BCYtGgyWYC&)k1|J!DZorA0!{iHaY`oN|`incIN;=BD4=XE*)!4>oM*V7uqq zpWEV#E?m_tyKEh^-)^@3!N>U|Y?tKRp;)4c1I)oUX+3h6jXVLos-jLv(p_ikU9^kY z+peE}odZ;-zm1zT#kSt-ySD!xJJ@lD?$WP=0s8El<{hPs_}4pkzM_*VGx zL%m0BlX0&2PMq!-sCX@Tc1p(G1G==+UWX^Bt@M=z>*}HRGtR%*4nOt;mk+T8T7UoG zWA^)pp0GoIa;AM_$FX+A{@<|KW}e9tOLsZ&hcW;bsnhsSST{c4coz!0iIJ#t-<4vzT-EEpIrlg#o;!)F*l8Lsgtb-k%)JF`;@gKGeQYP4 zbD^E01X27$2qd@uHgdrc_Ts;lkS0CcC%(2?f2}IIh(&vBy^$UC({m)hprgD0Wci17 z=7dk-z|LqhOV-+QwWS)qV)pjCf1l!q7AKNxI~~po3Y7g|Kz@^R3ROa#_HZn<#8;fB z+wQvCzOv{drIL&XcG_|yyY0RQ6c^NI^;dt5jEP^wQ_)XbyXrO9(`#qV%H!8}-{+?b zEiixO<*1vXAn}fVTu6c^(b3c&%BZxX>HBv4 z8Ryw~N>+8cGnuRYsYf4f-`r(;xmbPdS$Eatt^2sstxGcPRNUy6O?cd--xV#$0cwuF z^j5pz@IC#vRMza@v`g`6@~tcNU`5Cc-c>r|Upl$r!qaWzb=J(Pl;A8H1ME3=13T-= zTip)3@k`M_+$3JR{MGi6yKHR3XP&-PFZ)8`?@oIiV0S4oI{H_QHHi0W`@myQwv*1k z#Qt*Yl{U*v)rr0zef+VFUVR<+l}dl?(AWUlHDyXDQu9;ng2VQ-xn`}dpS4dvwZk{| z_c|VPC98WMc+Bp7@NxUjQ773|=bUI;Zm4!D4(wykZ8x#gFTLIy>6Fer?uzDa>6|3V zY%#T>THRO1IV5QAp|KV;^G}gVM0eS(mz{6xt+{Gl9onuD1>IC1|&jn}ce?yxiAxctUn+hzK!zs4%|^HYy)JWl-TW_H$9wE3LR$L)#PvdmwdKygw9CFc_183WCr z>Y^4@kqb7%pYwWt!kjV0!I2*ZBDY-^GyH+K2q=q7dYkHCh|jg*a%}fp{JEJmguy>? z2L5wH;ud&vKz2aS-Y({ESYhn07%Q~i4Yds=$#A!#AZ93j9dA9PG2SNONhIpSIiSoZ05y7tsMG`tZQMeIFx<|f;SYO3-a5JI27vz8iK3epTdLG7)TR3 zSyRA{IyGS&<@Io;)06n69`%F3T(BIcghq#pvj^yfzWnormq7e_{lc^HB?FB+5n>CS zOmj%^Wg(L%q*$D+FCQU>fJ|Z#v4(*?i=C7$g&<;*)IdyX4(aT;pE|uFV1!Wp^-$U~ zRNEvg4v35(hZC9fgYK+8^trsSsn~*>q{iT%1kFsI<#Jj1#*p$;XD9C*q7XRE3mpp* zi=!~;1{3l_F;3@H1C!j`UND@#pS!@q0P_j13Q>lz8KkMa8VYjz)NC_yDy~QT>DgaM zW?@%Uk`*Uv;g1Ouf3maI&x(jIvcGb?3jI2{em%#z#Fw$npcifMgMnDwr5M9`cE2SE zJ+=H#b>~T5Vkq?74oq?hcT4>Vc-p*Pl5^6tB=7pp0imSWI2HV15b#+IVLV@Z{K()5 zFkk$aFX_K0DSG}yvP9=6J#;n)>j1Pt-D?H`$6 z35}%V`poMeRrN(!W!z#siXD=C-sdFQQoKWa;LQWwtrDJ|`=d(wqunOulixW1(AV}k z69{@myBK8BokiKw_%+j0gavN{-$r|sn>Z2fA64JSS2}6i-s(+ z`l2a<9YC;G0@v~F*-NuG0$*K1E*Q>AD==HX+ zPsV+g@RE$Ak7$Sm*M4^QLr>YtWB0H}e|3dTJB<!WU?Et1`9iT4xqCQXeeHGIX7|1A zspnoOFDAR4usDvE&F*>lX z6*u&sC7OXx%_woV&Kek6Nx`Kgy)vz530hMoMqZ`<_KPHQJza8;C3c~4kU%)@T< zSL{x)`DUBmHd$$jIueO3XIyZJeebxFyscQk*J8fxk+wZ~SoL=~=qS7V)P71Vg zN!l@z2O;=qz^k3#w1eac``P?+)F*y`=lWZ23!BAn#jF05=~WOraGSMkA^Cdk!ETM) z?743w>tLJW8y!VF6CQCpUUaRr)gJcnuP(Du3yr8kvD)aRY=mB){_;B?xvz9hl)MHp zS>2^qoz7^BkC>~fJSXh>wB@efwAbIzj<4Qc#0lb{+qU$4_LVo={PWIjdwq4As`{I4 zw1Mrk?O40|=3fV&PP1YOF+$%-)*}9ema3}y39`~QWNyRgl;pY&$)`&TvR|2ZcGM>dbI zyIx2plD@sJcD`~;s%cE8Lx(A@!Ixs6w}ro`PKWxOe*GiPX8gKc3lD7dc0BX9=WO)4 zn+M&*N00Bs<^lGicDw7Rt=kIH}i6wXQeZSn!&7GV~DR`aOu^y z-#7QPp+m|^hbt_zqz%z4vB$GJtsXA$9cq>66SUAzOtwu|U8;(1Xujl{8$5zx^?vocKiW>;KHTX*9`1MO#bXsd9QE&h@JZY4 zJ4f2J=bn@nZp-b@tC+RHs>|7L9(-DQ6(5t6A1L`rVKc}O4Ng|MTHUvY9(}@hrNgGP zzKx_~UPCW5cJPmth^TM-?$%%&p`GSN&NE!&i1)4EWckIEfiegBZ1I4edDvM5+``^TSTcinSe_<`zn3?%Les(q~P z%@01cy$(Olt~>WcUtr3REWF?dJLAOT?K?;O$aU)v56Fi?e}a-52<9I?lWb|3tXc`u zb|gNZ=r%>%bGggM-Jiu5ezfy-Hb zf}4J_r{f*%*0||Td)iYP=ivLEoQcg5r&M>#uN`1_UU8nSzS8KP(Ab|Ideqk4cK6V; z>UNM+K%CRR$N&D4t-jT+_SjuFRE^U>$U^1D(%ZFn{9fbEL7ps3(m3`)-{|t}L7)mU z$noIV7*Zn^F%?u5aI$0{Vo6m!l_U7ZQ_LhWuqYNif;X%CeTNO`t);)^^Po4n4muZ| zdnZ#5rzi=C*R3+$)FGZozN{)QM*Ljl0g($G6CD)+n@Oh1`$@dcf8*;JK0y^guEoK8 zgEz4kdj32h$aSD)j<#Vktg!2%=&kV+X*BTn6()L;UNMX+zv=6F9zpdViw7YtPzkjjZZhM2bE4=U-jCoe1@+;C>n{Sk!+&5R?!Q|eb!FW zL-1Q5eZm_*zKeiCSMK3!S28s{8mF*iU@9K|Giwt#(45; zfPPrGKS?np%}&&h5@Z14eEt*i1QT*C0y>f+{v>~K19HNW$K|;mhApwV;M<2q(NlpZ z4_g&zl06is&&qhk!YfI$&>G_|l4sCMAMLOgyYHL7#DK3I|Eg<8oPdXTp9kVf_$&~A zWjtFKx4a$3?er%qD4X=jP;VVNkZM5mTYIn*$_`^Ux9zvs*tXet9ouGuHEip3SFy2U zRTE70X=4czM&-UxAXmdT+L`nx*s5C87_Sep01BOj!1E-n6I)+Z~JFFf1vn%ZV2CwrRJZO-uwycs#lystZ z@cE)X(x+`-fF(IbyR&?z@q-Jq+;n`CkXTeDnWkfq68MHpW1T~$Q@hhyCm-#I=R2N} z+{fa*=$vo18Eo~XM%H5T*P3pz>t0Gy9Pf+v9qg1gWLn{Y2R<`8Fa5P++*=<_u=B3E zsSd};1?IKUqZV+v^19V-@kEkWcems#eTGKss`-UUnt0lL$KCx^&px3fzS*^`{}8p! z2O8i_Ja&j5PYOZqO^!eQk# zb<7!_5Q_d|(OvXN&b~vI+ENOf9k=J^4R;3o<*)D3u6HTyWVd$SbACO3z-|_2MF#;wNAJ*!RsHcvO5}$uJ!wu) zSSx9&vwM#tQZN;xFRD~xyc~h?2)?5_PI{H z_BFjOo8&KMpLZOyyuTi&w%uRecBj8Kl|%~P0ScSIw^FCd0>W zv8m`Kp(&Ds+^#&CPq9e+W51!D%9`1C#aZGi^5>(2

    (onr@il7&FNg2Qs?jxAzL4 zbkF<-F%f#@GsL)(e6V4i?|8`ZcKQ`Jha5>D@x&1&ktj|QQ#ogcSop@S8y)JhqMXMJ ze03U+>)0*rl33hHye0O!p2cqs-L-gM{r79O+*%ukY$Uf%;r94UoEF~x_~PJ*0}np? zPkWYE+14EM&NZiPxQ3Dy@r@K;eK$gO&hxVLvy!LmdX{O2+Nk;JU;F&bv(HQSFNt^Q zkC-5tIP~OeY6qs)VGWUfO8?bqZ@lxaJ+7TuE00-bn!$G3VgpYO^d!Yn(rWnQ95YR) z*VoToS;e0D`wRBm3opx;q_5=nRR#Pc(e3wzD;%#3Q%rqWvOW6z>ul%4POx1LJw6h| zUC;76$=~};bmIP(`W>DB_MxZkFONN4*DU_9lM?j(HQLe(ailVVoG~L7-qUgY&9`bC zv6b{7JCgrY#ewAe`2VqIU($RWvD}i1m)HdfppkSfLZr>Gab!oV-1Ud&*a;WkU|-pE zPrLf|d&~Y0@1?kt{0bTH(e)!wIZv@i{a($nmU`Q>4I`1D|QW>wsitcgR!zYg{L$o+xGpQ&lpY{T`&$d_ch@+D6^CMg+z z97zAk*t5fq+k3ml{gmP#yR%Y`DP|C3dDSDl%%vSL8;=vm*_JzhT}g`L zm18MemF!IIy6+Gl6^A>L@4WTVcsutBJ-AYHj2tnajb3a)Z{IwQ(O>B|y=3~xQ7FePu$Wynra0iN6I-2(C2WS zs+a3=0m6!a#SvB>*9D&?wlnto45NbMb#`^08_Hf?Z#kh@Ec07IXA##!d}VdFdoDi1 zOdG-AKkvLj34hXy!hy@BCrJP6uX`3`u7S0%Y@IOhweDU$mrr_0lGF&tC7BOWyB-hx zdQzAmBWY}-Q8@@GT~7{@fa-*z+lNA+_6zYB=yXDop9pcjb4Qq$!Rq>Pmj7@20BSY(2JBg%*pkn;^E*rPoc=Jj+G4W}n&fCiR^#jScJ1ZVMq998`w9E&3qMYF z5Bw`GCV$Bd)fDvQkEdB&7C!w$g~dS+53bF?+xK&~gJe);eI)zPb*}NS9yC|aw}*V1 z)|UbtUtXB>(6pVl?t=~b^TM(p!7DrPf|EYb`#;xA=-b;%=k%4#v0$S-^v4>t->)Lb z4Oy2nsIT02MdyV%#=jNq^EOf5cEayk))3e!u}p79cNxYye3!4^4B+iejKfR(W#tl| z0!S{7e6VcS30p#!i90p&CHR6%K&vZX9{&px@JR@HXJe?4;hjn~B>9d5rzTUJIMuM6 z0-~&VQd^bn=b$)J%W>o$FGk%fAo^5*^qHM{bw|jodKU zsS_soxjlqq1f8v4cR{Isp9NM`F+=VHf|Wd`D(Hd>`8i!}orlnzO?}M`g(Koqn|>insP!j} z$bv}SVLY1IUHfqiKGjZ9ai)YP{GoliQvKvtE(hpr@!S_XB`V5KQ4$5N74fMW^0X|8 zpB(fjKE_vB*IR-b-WGoFH0H!{A6vJQkr-=}e9z8B?7YP$%@Ia`0V73z@jdO}~MCBcBjS{95M$g>FV zg407w?DW&*@B|#%&lZc>m5byY)$x0tIHaG^>a#hH*mdKEi}$~{@;W7hycEedrNj*_ zy0YL3J{JF>NQ>Ia;KO%-1xH&ycGIuc(bCkkIbPZpBhxvXocNawOW4~~L-6$9xU%dK}75)$x3Ps%_R zu3O0#IVjOUHyj7aE!dvxNp|naOYEkZ(WnPdt;9<$4p3z8mDg$u@4{IJ@hQ58LizH>$$Jj)6n9JIZ(^-LXq3i9fD)*$*_) z|GU46`I4UsgU8Vt2;z_t-^vF&yzREV>?0*6VBej-b7+5?z@m(b&O3Y-8#Vu2Hd4DU zv3S$$pxqPBI5(0KTwcfwJ7t2M#nUd^bHi2in(P_tP&}bzl~aFqq1(16(0P(W*uC%I zCp@8IY;>YM{QN8SHzjN>x#&VwxYk;6Ik(S#ljUzJN3tOGNc^ikp!dE%Js@3@6cq`3 zBzd^Mv7=dvJ6(#A<0p-?f4=^<4WD(EDm0@OSyBg}$7{XGa zFg~HjE_>(w4{iK}i8jrUGTp@B`R17`=p_b7R~{FT751SCdg2m(>&_u1j7MTfr z=p4CJ%!L7f4z?K*}qJ)Dl#Mj-n+1&2@CO z1@{fN-DN9}UdCys1p3@^{k81EYj2HYOW7+4{@s%mhs56=8?CBWfGZxR1DbEX<8Ieo zk8v^6y2_&ycYGAXIlf426J!VFb8q^cUjI7I?FhR-X3jh1@R)c0ZE zZXdE0?-x{q9q-1AhKHYeRxOl^vko&GK(#| z@Iv;|>+iS^;hUYvP&Q5c8?J=cHI^Aw)2bOe4DWT2d{HsLW3J1am@8jbpXl&@NfoY93y-j213R@V_XNk&-Cz9_@>D6$O|2>&C;!$C&&%qS)#E1U zmF?1TJYW)Sd%SU*Q(5Wmw+}s|1j+x{+;hxUhv|;r+-=+K{>>Ph$<7=PV?g>@w>#)p z9FXpQr8qKHJ3_`nUKy3YLR$QFNw>Z;tI7_L%=-~Pr29j^x?zvw#Qy3lygkNhj3sDa zF%$W5xGhSL=Usoh?Y;BX4aSLUYuDQgy}#+a~D1Kna^fietN0$YJ+%Qp=i7OWrpI#rxmmDxWKsa&{R8c?pba5rJvap^H#_v1q zD);YX5mG1~xQDJHpl~>zqTqj3UP%tFcl1$w6l6 z@@N;9c8WAep?-6>j+-{7&RfhpxNOqnZ z3NiLg1MR|U1`!DOa=@rv{9ouQ8DM6JQwv0F;a4zD0*}9?L*!+zgpEx$QaP1zcKQNU z*8NRJt)A2EyAbGfhyCP_--)k6)Pg*VqATG^e&TY2?{?0s^vO3nL|)bb=|Ssg-&k5)2yAIud}}H^MQ;3lmpYPH<5Dggh3w!Cdg~UyYzdUfBY6= z?gUTD?$<$=pHLJA!Bx+0T>bLz7hM9(qJMe(4@iK{8>ep!6;ilQ%&UMJru(_a8V@Sf z_bE?j=Gy~PPce$jdyZ%a=%)q1p6GAJSF`J)OaCI2)D( zGaZrR)p>g`t1l=7;LHz04lyVOUwh}(dJV;v^_=rO%mgd*qt7rIT4D55;cI3`eZ3y~ z#4w!BybwvXDyWtVwu-RLa!Ia5k(0@h$&!H@0I{t!Poj}{!H>P{eoGK>I(>cBYqRnh zzWlKKL=!QIqz-qJ_QhCb-}&i7ZtcdE`g%c6{J*Wniw5_8}A%L64(JaxaX{V)W=EutXCJSy%?1nJ->P zd?>6xb~VcJdho9*|LLt<(uYrKNx!W^+Tb5?)n7a4(yESE*=vnR5TF>Zml1F?s)f2- z=;4V@lg4WkLnWS7?2rcq&>rmvY}D|lpN_NRPC8wSlCk@dCl!$Fqhz>#>l zICckOhbGQnexrK#IPlWeO3NxSP7BkdNRmY3cEuvPFF3Opt7IH4cs4#HWi5)vf_vIo zMl|>iU80AiKVQUVQCEp0!-fp9l^g5|_s)Obv!hQs(-%~Iu~mz|k=RG_0C-~881VV- zF*<*5{1m%KulK7x7F}@uQUVG)*7%~ZPadfxf^BfT@#b50z+pe|L?B;$Ry*uW={u(R zj#9DHQtVcv1%6MSlT19ZryfB~G8q5>KmbWZK~$ml=g2Q5HF-Vc;X9(m4rab{7T2`< zrSB#uc+))(gw58VoNw+qwJX$gN=8Y^7%XsOufzdmC1AgejuKzeAA0m1kCILJ?tWm%j?i;Su@O6-vU;9h@M1J83rD+l0?FC#)_G0Iu4ka~s z8_B*-y!b{N|Cx3nt2kzuZdzMZJF0ooixMf^C)_U(au#pHcc|v^tVc+x>VpZ}?|yqP zJ9zIs?0`LYwEcG(Yv0;oQ`>jj4eh|4HnD^B*+x6Fer3emy(TH1dBMeY-euQ#(nP#| zokUnAaiB-}H?d}uRhRVN@Rd|Bp?d7e@;T`RoxA=sIpJrLS1G}k>+(6uTzc!>X)?Bq zjbv1IQe%fKc4j5{1i8&NDvS)0zUZY6Dgr0l1<9(grD~tL=2(*Y3!v}->k#o z(cKf8h&{3;{EWm7;-SWE4E~z#Fqn)qde1=Z{wnL8W%_CKT43R+IX2sHJzHqR{F0~e zlF;JqL}CcZMaaeFGX%Ne&)NYIyJN>IPo$B2iGj#jw#j#rXEWQWX->^3{!*T@!cnqg z_mSkQ)W?tD7vE~=eS!J@KmEmSzx&?Mv+A*+c`jE zZDcARCs{h=l0}o=U>%8m!FMcByt(R@JM7)}Kd36S>=KLFg7eJjHtRb8lBfh9imSY? zy7FKr;_F1SC;MP?@~6fJ*A*lDeu4z%th{uZ*^l?z#9Qeh+kMz~fph($2W%fbhi!SE zB)vWU_m{P}LmypzEI8jhPP->(Nf(~*En4DtWx(nhapvQQ6HoP+>9$6D?)&t8#ADe7 z;|Ib1`VgaER$^Z5flO9jZfU2%?Ll(%o#`@rPz7Gcjtsr;^nMXrlb@$P$agZ7-*|uT z@di62$(%$ib^#t@FTC^j#I{zZ)KkGs)iYi2?9i!@rLM)OYv}!1P!0Pal5?pT{rQBQE8I(3i!x zEG*`RAP`}WH!pMo`J*ErVOiWSv76Afe=Y>hUXd`3Pi0G?=QbhIN{kf_T^BjDA-ckB zdxF6?kr4XZham@vGw@VE-X6y5X_5;& zL4Gp(CM22}h`H7H{nax5lKnVYqBk!r&`*$)6O{ZT*$J9y@46$*%V2f=ILrSxzu;Xa zjLm&+{Qt3c9)PwL)%l;-d5?}DRX`8{1?15M6cr^=5fzOR<*%{E8jTuFf(mMkC9z;P z7VHf*0a39B3?S78D$+ZmVuAN~g?I1&`+aNX)V&E=i6cU5~B@%49KmT>`UX`Lj4$z-PVx*l-8{XjGa;-ll77N55kz7oiM<$ z?RTdB)Uy3d&R3X7w|?eRCu;pr@kirA%e{#o9rVNDr_{XtRXZ^IRpAVLvxi7B`hP&% zip1#|b%?d^`e6Cmyc7|3+z<}XSKHpK%7F!bCx?y?!QL$SjAx+#@FRSWBN|VzOU4&c zZGSXDDp(1rXvMSuHLlrUW{;0`_OdQW@FDzF(;IwnZ^L!_Ps-A8C4c37=2Jig{oNG0 zIj|LU8S6T5_m)7+&hFkktfO8Mu#-?{9|_fa!nHR7V3fIy!rSmJuuNj-#ULap1d3Cx7JRw zzL7?sea)QrF0ZOXA7;`U-ep*-V~ERwA1XIXdaCGe+rM=2g?yU(LGZNTm(gF=K-G8< zy@j!Wa=9?p{xyIjMR`YcO zv2dY&ORRR#@yb=&{Y<+l`WMAD^%$VS9$J9eAs{!?+YlPb+W5--rC+dWXg24=pkuPR9>sem!p$Jyj41MZb@^_!=)hBDH=$ME|C*6YRx2H&5GbzLs*3;k;0`npotR z%Oa%~NC_^`mlthWTu08)e!!}Rc_^~}`dUcWq9#E)4us2#l~e34!?6~<7p|{GR01M& zyxw}+1*Re`kgxQvMcm&=77+xig0hJcloLA~Ra6$CEcQom7_?|{lmHrn8wrdPZ3H>; z%3*ely#EecrOmY?-eCH{`4=h3OpEv6axhN`0umnWx(9yUWMz8TZHxe&h1vn_kAtYv zjtc54i_ax+10{C&8mf`fr#}D1yZ|klb07~vQV}pB`7LCZNb!bjMT^^Ku#gQ^C&{i8 zz$u&romeNai0rL`etr7)6J8}+ zp*Pn9&<+7CEWD$4+fEM7LDsUN&TfzTwK8=Nyx&fRfDT-tV8fF>^97+(8T2E&vmH?% zTTwqz1J;RyC9z8dmE68^O>eK*PxG=uytH-i4u?{q&A zuTiE?(*Km#_3LiAwWGqq%@+6AH0?@oCqW+s3psdgP5S*GZ|}&fl)Y0j~! zdZ%w;qv(qu5cC&tk!-&*i8n8fbp^r}R$^4L&?c6~qrN37DBF458-u&^{nCY$>-) zuO2<)!r@omZo2VC>8W~kvR~Wk9nlC@)VM)_oa8bk-7i_RAnmd9c0-)~^kT$E8k77{dy78$hn1KN3A z`I8>~aQRd0H3utcSKIA3-ze?8-Ijd_&;8*~(hWENI>sjSR--d{2Gx@e>>n~@3`p9gy$;O^XcrL-XfNdJ$ zw}y&$PB4#HvVj8RXwUsm_Uds#bZIHO) zai*McLX^yPHAqa-D2?<4mOu8ZeOWgu~(^|^(4ks#;GX<+cA%1XH&~x3LoY+ zDlSx?EAtZnxP|e8;7Ip>LHw3>=!@Xc#oFChzPuvYCl@=$F2EyuApqL*44n)7f{f!8 zINYllC(svTt28_hd(pl2uJ^iUuKlYszhILkY*ky z#kGG}ti770A3eKZ%n(1d346;jh@eTeW4jg9yoSE)`LcB6aghEa*}5O$pXd*UYN0il zskLIk+a#aqv*Q3!gS-jB0vi$3Q$P4ZY@|l8k1Zi|z6s3F1EgQ{jh+=ZX-XX%{UxbC4bLzX`T)8W9D*wG;F#1g*YY8te-|u z^2+sDNAOxEw^RRL&&R0MA)!PeK) zxWsez^>jbE-lBzRJ&j@O=|^3h_q<(e#Eg-aLv(;1L(hsEIM4mt0^#SmJ;eC#9#ao-)o)2D!IlUBdA%jDtK#2cI?3 zg$yB#BN|n_HqH1_Rj$8Yk0vd5<$Iwohkx+-MtM;)L498T9BT~Iy0wi>Q*y@&ggx{k znko4;pl13iCZY6PHvx6|EKejFX;PSLm+BeYI&k-vz=*rWyEkKhZq&!aDh6eHqZy%t z^YX+YZbDQ~PQ>*y)bQg878r3pu}$@Gxu~Z?DwCUU0KpHQx^^Z!53l<3BqYN-#nk-V z7K729@Lf?Z2B{cgVldLN1|n58pUohHeDK>I3_ZpqEhZ7j^DdDOGm(^INSYYJkLABM zV3r?t;&vv4xgWJD_gcaEf&|hSg2R$+2TFd?p~0&}mNX`0uEUo3JiDZSFj4IKq3Ab| z8~$Qa82Y7w*8L9rkBJxl5DYu&aT8%aIi)nFxa!MU4_Q9oYa!pJUAv!UIkkf~>?Mm| z{7#z3Z(1w4S7d)9Nu#b9FJ=Kni0c`4{R-m>w$1|$l*oAG@yZY3c}N&}-!$n84?z^S ztMb}(A}>HNMyps4e)6iP^Wf*h%?1Ua!4Du+$^7MVrF=Ea^tP!d%Tah+f?}(kgdj<6 z!VvVNhPYPhq37^V;x*e(GZ+SlJ}tg6A-^`p=V>K0g3$dgy|7;hGo5Y0Y`?*G;lByY zbXtDkX_g=5{|HbPcK2Ba#8mVffBu{>|%{;f$zoc*Gv#6a%DaE|4tbwo7zx5rB zK|D~!CkX?-34K;p;ynLz{0jLS75p$g4XqYO_GeUu_R!~u7y~)12xM_^mllH^q@=}B zcIukaLbrni<@dC1sfTP+>5{8%H1tkDZZ&_Yt=NGm7FzJ4rk@Fg>N$AOeDzi;$1tRF zDjN&ML6ZZ|2XIjH|V{?j3scusfjY&J!P{zyQ4Cjuq)+pFLSY0a_epu{SR``!$ey4WEOy zM9W-#AjNi~1?D;E&PXdT>y#I?jgy6I0w4(j07lS~ZAE+#kRXQj;3}n?wS(Ce*WH-* z-fibTDi>*C;2{U?n=bp}>3Lyai|Vq@IRx*Ss=ngRn6J;Btc7naT&vAkNLNsS0uvk* zqs4G^NAL_j#k^q4P-3B1@YUB$xt^hP_36{k(hgSJOIFa;P2^wjH&01NKkA6|YWZhw_dvp=!qw8+GDgFGHmxT_o zIr9Z#;e#>Ru?#O{r?UhJ(9G@9{qO#GTiSG^4f=2{Cs>Uj0)jtmdn#`^N57yq7uiIX-c={S>nEA;iKTl74{!7!PS6&;sRIo(s0H#2Z5^N^_K>NFIzg4=&#>2tE z7yam`kSjhUV`PRM2x5!$GbE4SfPBk~yeeFB`L&5x*DvPv<2muLcC`X&%Fa~NQv}V# zB5vrjluU`&ULUmYQtj~i?PynlN%R2+Lkbdv;&!FJ={4GgbxB3A2SlMjeL8l7E$PEf zic_-ZTCwK~0OUi8V5m6`YWu;(m!(G@yfiNKd=sqrfw!KJUh>?hr%#>wt@OT=zbO{= z3Qo}=tC0L8?@SMnA5)beE70IaEmz4I7_S=bX`uJectR(!vn_$Vl9N8{Ogjyq`tvv? zwx`{H3pc%pQo7=*s}-nsk%Nfrf9&7#c!58Xf8ce*G44o&>N{wi@#6zu{AN1x!3Stg zEW5~wa!)++i1Z(y|B82bjbM9Tk1mDLuf*F?lHbM(2JB7v>61_Wn&kv9;CIlJWH?8C z)BaVs*=Pt6mFd`>v4vc(x#?GNt%r`)8pC>n1>=>|x&QSx+;iONE1t*Ye!|>} zyyR-XEE>Rz?tXgZb+vs(1)`sVAG&2byh=_X8yXuFvS_|~8ZU>4Nql&OmYms(-uQ_364EaG|F{$P- z_%&X$+eSY0Z2N*h$uaQX1)!uyLW-o>z%UE?0A@Q541VbcQGRkrKjPT|kYEd*G4Pzw zc(Z)%hoEb$d|T#Cd&n`%qcOy~B`3xs`4MqUh)Kq;^Tt05Xgwi!@S?Y-F!O6UXFGuZ zMtSH1Z*v$7nxJ+ROebk0A$ZaZFm_DTd>mV+Y=fYx@en%?v!)L}gvAM&(bCV(yY zmm&FCzisHn-OhH_>E^kARpnz7D{P9*ylB7F&vu67b<*n>g7^mH8RG}~$nqNrGXZrS zyo#_cA%&nZq3+{4_;SY!MeBTZ9-gLkZ^|8@?@c;>uapn^xhGhyYdo35|IPFKp(C)K zb~C>nI(qVwQzoPlEPhHz)}=oI2{4MTOMe0qnC;{fcYsguq)U#a>obZoW^$$i{0pvG ztw`ybazj2-sEw~Ni~+*VUI-gO(H?^a5LXxwp7c1)yz0#yo%7{-f!wey(1R2GdjiUD zagC?P#}3Is1-f!o`LXh%O9f}E&;O0`V%c;xf>c(L*qmB}S>1Hp~KYK_nAG^#FQgP|&gf$m4T zabVGj#Yt?6hb9ya!OYTM!hdd{F*LU#qa_GSttR*kgS_iP7`8r|z>u2R&1kT-iSw%K z`qJw-{R9!?kNit_HCo%hbgezV1%Kdc0*hI+NmuK za^e*yGrTUvJoEYxEhFr37shr@g5s0_-_E;J-65_ZFA3iq?>PBrT9b^jJ4Q$v1UlJhP_(8 zdfQRKlB}P(>7=iIKOMgB?&&WN*{59TgS;a61y4OXJ@?6vO&9(A^7PSDzLQS=-uWSG z2gOJ>(1d)v+K$pKq)?yqzW#dM0J(yEiFWyV(`#Op7B7}PzEqvMtDl zr1wAGcAJ7q`te~;`|fqW^hpJy%~cuf%>Ds8fh4AAGqd|I_~MPJ|=Xp#SZd+wgDyy^S0JH1ApI+D|B0*D3@IJewFuZp&v zsXys@v;z!zLa(a({0>`hF@T{bs|skr^?~{$XfL=O=Gir~*}C0~ijv@AvF+H`zB^s` z@i(O%x9#6que8c5L*Mwa=cZRZ_t^A57hRm*`I)bzi+*{1n#O++tRmaRhD(qLcGs~# z`W5~N|6%fKXv`c$IhBzgj2-5{8$Q-*G2y{?p>G)KdiJT_-4XlH$2*aEyvltpSDaSh zK4VClT9D4a^qTbZtFB9X?y_Sa+NFE!o_5`FyL8#jw`ym_RT|6GN7PU3AI0Be4%vIi z=6HqjSHAIG@jfrDAuw5^@U#N0*{NdQ8a+Q#ATssmDX?jt_?^E18<;B_(!5>QvHwV2 zh`z9y>J)Ov?|$Q~3-k){8~uvlQg+v!c1#c0bteTA-JpQWl^z`)v~>4!+3?0+{W_ic z&F_ii?8osZMK^sV$z+QviU|Y9pj98oq3ie|44ZLM?0UeJ--n48KjCl%=iNW;y8YG) zEY>cE^^6U*OxyS+%Lsh5MLY8ZA!}4(jKw|_kQc$Dc^+ebjJ+X8cFGJsuDhjr9uZA2 z%Bx-IfrdD;#O%&}B!$rrc$g^M6x&O?Z$A5|!_xlu+c|A_&&|AZk1LP;RrpuS@U0Z{ z7buDRAgV1kC*VCBkL(W0O^?pve@uVY!M)`R2KC_`LAdT}1xoCk&}V(^fIOHMGfuts zAGOn-#wp1>=8M>tM-*mvG?YHU-l!85sAVXTQDfpFVZUH`OTjwVFSuto^oW z7;HW8V$1j`2R+mO886ApMjb3H9C-gVck()R*=a@c`~Wz&vr6osUzKlC9eJTpQZ4VaqP-vot4LU_83VM%wu> z>#|(Br}V$A=7~4`ai!;p>~u0${RK*D6aEHWAv4Ji{dt~f`ALtqhs=v;x_*Yf0?+7I znwN5-ZEC{{&ob%~Pd6l92ZLZY=u@Mv>cu#rgRtMgY<$I@>!2!NAR?(LgaPnm>RW+A z2wfm<3Qbs>1O}fLTPClVK{F_SoAr2?gQ!;wTZ)sy&}N@DidM#gwEMp-9|Gm)>zN{c zk)6Q_xQN$1XL(rv&^4QUOWm$?+b~BwizVC$YJP@4_VadzCk^8EAL!rsCxJmA{iTiW zT<6akofl!j=j5>8Pa!ZEZUCcp``^$t;Hdn(ov|+WFMbd;t>@?58o-C|T?9Q&VFxP5 z7)HM!a7nig`r+E@v|4999~;0=xrO<8JJ)%R&kl-y_Mv0&A^)g02yHeNr~L%QgRIG* z==Xf9Eoiz6{cXW8p8+vu`B+>b5Br^&^2oC#x^h1$^VLSs@(+JveKyW#yO3=JzS%)! z#E+^8zT=r+BY%?RUF>?TLH7eXDfTicbamTP;2E7q=OpB0KM~D#>+2d**)lz6_rchm zl7g~B{fz^SaK;WGRQ4ZjK$A6A$KxK^_nY#W{NPHDE2`^>Up6+FGd*8^QvOo+2zT;h zXk=)8jRCW~R6+GfO<`bJ_kH)4fbNFZr9TA;F!0c+$AM+XF8g4dke{iA6LI}K83AKF zl*!IQp!Yh?r#^3T7_;naCWp{9n|6o!7^KsaL^1DyN4&4mgGx zev6(Pz_lRvVZmj?^92c@F$6~=&Ggq7c}_Dx9;Oq76%W;QW2grTOco0}_B%op{-4$5<&h2L#;guC*K6H;p z5dMTme*%plJT1@z4Q#yd2TniK=o^RP7g`QFal2aV%!@wLj9tRRPKnbB<|X{l-2^^` zi`__LH^sOq0m=*;a42SkHz1Yd5+%uzlcxW0}Vqs7BhU-Pc?)pxuq9rS?ypdZ)G zUo3M1T9_XFo67qOatSj@b=#w_SEl z58Q8fN57RTSEl1mctiTd6<0@qBD*-1ofH+MIIk0^h(D3+)T9Gj)mBwHSUZaGX(Pew zCfeFAdu(wXrt!fj3QL=pE&^?Jc=9Cs@3D`Q~`6r|^ zKl;YB)#jV!62oAl4VI)wX}3W>S6p{fI{8~?rGNY6R~)=T&>{gXY`O}WI1ucHhuP6@ zBq#JfDv2Kw@-h@64xQHl#~$AV(Qq#2vVC9FVVp2c1lI&@>|AO8q-%H*^N;>?9`OO$ zrRytaoIez(xLB{_e)+LFEKsD}a$GzIl3>4^8+A_`6f9q?VsGCpV_L>`FkJmC3@=b$p$8 z{?0iU^#v*}(5vg7@x;fZzyH^FiH`Z{z`b@$_Zrv*@4IK6E4fPUMShI!qXZ2hBfB+9&y;A=>hlORe`EEhTW+w0e|3__KyJIdrjJ0L2gGL zx^G`yGB@c5Dwkh%ZJM`)T@G{q7Q`ZX9b#3Aaq78MmnJ&5nR$wS!EDQXTfQ~u#FG7{ zbj?nq*0&+^0fJKDM9*&(G|arQW6J~R@IeuTNFM}GnJ00t9{w186RfBc1GRgzA~q+R zm9y$2-P7f=NYOm;$xrCyn;x*U?*{8DfbowjB)6~|Y_j;iI5m zfp~m-`BWm(NqDrKQUH5(R$WcU^f#a3T19eU&Z7sOUuf)7dofSdMgGYfFBAn|<3Lpm zLRy0&6J86=6GP|%Ps{W*C(I0n-5_UWm72rg*LX20^W7AN9dzux*!x`phS;nP%Wp(J z%)mX(a+!U8{QiL4={M{sJYTP9A-DiP%Y4LdY~Xs9Upug^?gw467yVg2lRzPeA1JUR zmi&qGOws!Mit$RGvxU9gIro>)V^239>wMI}t+LK?7)q5QMd(;M_kN z1Ifurkoh+D&3IDu$#}%NQtz&EHYh4_KjWnPJqB>yczGvAonxoOY5h=*0Q&Nr1B2`Y zL8?D7&*Ck8-1iR3C;VN=oqF|oHHMwT#zZg-5q?RHVV0-q6+!JmlNWqKXOKGq%zi-# zBv#Yc95(MC$f?hN&eosQmbY10yY?@V-AoXn5^#$(VB;M>Z@KsQo3`@VzWewel*j*B zULwf-Y7inH_j}0!sRsSS<>^!2p&r3ANu^)tFZ3`D%mh$Fa-jZ5I7n!tyzHP;Urp1# z3GYIlcX7*TzVM;?fu*-O87N0R6&29^hVHj`(&78+{2aL3jtaS*F`(p_37Qb9+PZYN zm%ymI?7Ka4e@+bGMAiH4OlN}exQSAF0N|(Ixn3SD>>K26aMIw#_j)3S@3K=H2bvuF zCiGzP8pHAUo0)&%(H}05ovZ9!)e{!zW`!q^;Tne_d~m(I-mSkJtp=Zsp%7TihN7b} z47m+Wma@JlJ&!oT?ixUlC}F*%)?hZcX7sgVZykH=>0jgbBL?#<-wIeOun=cU5>>;s z4b4_#nXnPnu=j;}V2c0Y)s?GsL&$58ovP|p$fcQlTh=?$8`B=+mv?xl@H0d8W)@$q zn7B|SKA#_xz9D*g>P_lLX08|VYvu>ljcg|^`DqC)dd2WKG0u70xPk}?Fl6xqy|2{n zDl7F+gPVeobG;q<*UqYQ$I8{N!vi-SHhPCeK>}zNY7vw?=jlJIgr6YAQU1j3j@_T? z>6?lE+Uwauv47j;gwU1O##gp?56~vC_@xP8#~_PgHiS*->8l^YYmMDNCv6Vv6Rn3sr}j6eeR!?{X|q&o)_N}o-h7Uz1lcfq+`dMco@>}e>^{hALK0M z@e5Bi>wFzVu2sna3<_-HwaebwY{|x2xZXI;Uw@M{PoMc4Y$~{EhRW-B-V$9~vXKHd z6kJ4bqk~&y)h$y1FBf;|iPvgb#===JGCUpURb9i@zoXYa>obQ}wmRrpfoQTfcHko&?ANUq z`yE2t$_Zrfdj$j84+~?!IqBQy{WM*5!>@+g*m3*q(mRfSrS-~=d`UW<(yn&XYgT!O zzLeo>p7B`E&3X~=Jmw3he2rGrPS~;ip7ZF1DlYl=U{#I={Xxk0Mk1$qiF7A2zDt3y~;-=~? z4#mFW@MMRD99MRwJ#Of*e< z{`ls|{?f83^wi18`p^2#dPi;|-v6!+%Mk^IbySkjJsEPyT+40e`6~SD!wz>ZIO;*^ z;!nIj{p0^Ta_k^QcA^-SB8U|cQA!QrMvEsHmrJO{SXz+PTY3evOpj{gKPRT z8miNguG1&5OXeKbH-5BRuha)$EgtF{PmD7W6c>17M_b`T{LtZr$q{_gknF-cON(}P zHr##3;o$TU7$&;pdE&C$O(&EVd(GxkgA=}y7yU)P%rMRsHUoy7DO;aHV;y@H1rWpi zUHrhmzGk@+b*1l4JIEcplfzIPdJ`VVZwyV2@MNl6ftfzrSMX~(C&{-mvfSH)xqoCkY3x@;Vi4K_1XqiRwIrT}dt(6EyPvnq&R6+)d!AF$UX7xr z^iY1aJ}XwN^7D3r6WL6Hof8R8WT&x(dJe@i_j&qIex>?QRgj{`P1=bLWoUm=soxMn z4Ow;M4xi7m9N&J!a7UMK&wd*7*VE5>#40&3e`xBrM*Gi>pUnMeti1e;$kKOHXt!Xm z75HY(W2=j@Mm#1AgU*V^kI>-Sh3v4*yj^b8YnC)w*KY2LzWSuW( z(MaRMTznn4TT6f^HtW)#fCS=Zo#VK%sS>8rD&*`Ckx%6i36ChAwE-bjHpmZbF&8Ua^J z_&N@u2fYq?O)WQj^hNsH;7*El&G+fK$fYTiVghednDvYFX0S`-OAwmjnR<`9I6EMgI&w{mIzH}_HMy~ zu+4lJxWs6M%pSH)kJ$^4(jJ=`ADsaF{0TXK^!u{#N4{LIgqfi5OT})QLe!~toAw9S z*ZjH_JU#U2M=~+*6k_C+`&;C~|3olj)bS3)T3PJ9ZaKSl_dN2gObTG|>w?qI9QSK41MbZU9|~4K|@jK3Ki= z{BLgkUApntw`zVA0eK-8_$!nSH_2RzaxC1(j#A2VtSUZlNc|$0E*!=dXM%rMw4Do~ zF7)PgY{QFwAO-pQ21{fQb&3A(N(Cy*7F9LLG?*`fFomBs%xlnL)%r^~bjr93tijn4 zW5+H6mvQI*FjqlyuRQS+Y5T+eDt-6t^A#Xe6MWgz28$YxIqbl6>3_aE9k$1gX==so z3ii6gfnEfRu#@Dif4EHxh53nSPu(^T@v%So`7aeyrNE>jJ2hZC!j9p)4!WEL80DNF zrj92Lq$X%3v?wUg}r8LunX z?uvR%Ie}l^;R?D{9$pq`9<{a;i?Kp9v=hv6YClh>r)Qex2p7Qs{ryu?7($4&Glq@&WPOdLK_Oa=V|9D+mGG}#K zqku)fR+wN+$;dlKy8n*C(tj=dNYF|D3_q6bkbLfkr91Z5CMSloeCVSk2+{XVszg0- zbYb`*2j^)_TE2QZoq6FULuhx|X@~T{rT15$R|ziFu8IouI{L7ENvaDjS|u&OFacH{JTj zbn#_ZxvlcGlLBTRxcB{Ra}U~g&vM%E(krh@=l|$p_ciZEDS8Rq1Z8!~7fOK)d&wi< zdheaKNf&+i)#)KicN1x~$h1JbI$e3~_37*1`=9it_k1`#?wK!6TR-5?bnEYbKcacH zHqd@2Z;KzU8upWArOROpC138Z!#B^p>pL!&;|dTQNPIZDDENu>Ajy; zAoXzY_W?`yO5gg-2dsbm4*ti%#R`%Ke)2WXO@H~oy-O1v_y+}Lzwzzw4cpL|7Xi5V zS^C$U7^lk0U8h#N2gvxx8mGF!zUp)09XWXZSJNE&V4exBB>EjT%9Gtbn9sY=&{x<) z{J2Ka7Cy^cSX3?Wp!RMvLl`Ci`S}>i09>}J@M?LzG}Hr+Vzi&bh7k=cAydVD70Z7 zqJzyAAc*MiZNSVI^tD7_$Ul?UgT8AwZY;$>jKHn5(IR<~tyI-GPI{qo^X@)#P zW)8;lc6+VrV_|`%mQA>rZEwmtOUUCA9~$KNZfvI}A}F zR=_-rtCi*Y^ospuyJ-R?c;jgbkyjHsM%LFwUk{ylIPeLiM7stZsIG5W@|-fB-Ia1# zUU605qw=a_#IuE&Aey9pBPd2j)aNk;&m;T>BMHU#Lp9}@<3o@CEI<{Uh`+&l$UZAz zY)GAT>FzFp(OXg6-MRZSqThq1I8_NgyFpJQ=-S9VQfn|P!1U$*f&Je#@>y=S4;yx-Ys~W&_zVKemqW6B7OE?g z=ErGxCJlD!CP;CS7EACu1aGn1sdrMGfV@`wMMM8G?59GnW=nQC2=U1HWlaY=nlV2* zKLmAd0`bJ06numAp(po?yDrRf5aXfeNnnqEwp<(LJ90#y@+q|y-h#RvG2g9#A7;3q#Kxn90r>?G_?^{n9P$^|R(BNaSuPxVT>z&rJTx+9!srBz4#~+gmz(7HPMSMyK>aA z7sN{|D~$s8kIKJ4vU|D(<{O8;x-5)$=57uXg!n4mkPm3Yisjbg` zBxtkJ%THlISbV52c(5FFPV&0q`kTc^-uVrD*d@t!ME?qVDE*`lYEDt|R4HgV?n~@& z$7{wF)H!dF{06(L67(XXUi0pcr=yN|Xu9{k`gfKB@2g(=g7lG-Pctn9$i(YA^*TCy z5p43lP-wXNnrqW#S6nI4N@kL+12t6N0_%v212E;}Ly+fBKE3RY z73mJmugnhtp5g;K@W=mk#s%qd4>>O#^^k)K7DH%z=93?nj(G3`)9K$oFP;4DbJ7Fu zci;5zgZ55`?Q{RMXrXLrAgxyL*5Cc}8|-r(+)a?8&Or zGfN~0l;=P5)HlC&&QH^6-+OUdBGtU()h|sCf6zf`i+j|+5}J1R*k#9b=1Ff(OP}~6 z1)kg~{qnLO*^OQ+JuN-3d)UZvrHA-l|A}|#^GD=uV8EVAgNK#}T&1sHyjhtG&AZ@Hb&3$&ecPY|=Ke*tB z>2~cDJ6Cod!KL)m2vUq-r_!IYpEX^fA>J0?U;&Xto4hKV^-Ti#SWq3sHhtN)O+OJI zr+n`RX}>*ob-#c(@L_}82W-3L79Dyy`1*IwR9zZH2CgTgG!zM?skDJhERg&b?A zw5>PYAbtLI&rO@?wc%BX9TPA7$h`;oMY`_AlCH=C4;BWPM-#7fn=hDBu?3vbi zF98Sdzck%&?$^_I&b}ah{eLb<%U4aMM;&%RdW8JY;OnAGy$^o;GwFs~ew*ekmfu#N zc5pNPH`~TWe(%5iEAYc@-R;a(PGS>6rO% z-8}KU3ocB{mfz8loBINdWw{4Oz0KvuEjJzeAIej@>bg8nM0WT&^ibx_y(nsqjYaL! zg8A=(K0!STfPhYM!A!HA+2ovQB;U@BRRNAZq|k4DvM|8U$YxXfh!@QX>dm zpvm;L0ox%=G!@1&o62^?Sj0IIjQ)vU>8E!|2=~y}1gfs<*TMe<{+V~Mb2HBi@ks<% zc_+mg<(~Pse$i8te8cXB-B}Msp4esh`EjA2k7^9Z-@*%~9e$_aDfuQ)ctIWHwFnVF zb3bT5irg}RO<^!t7;XU~ya|(cD(8ocN`5<+#^B!9HD?3198Gr^^vFCrB~B|yaiLyt zI+q{INp8%uSFO_S)oN!pL5kh>K~vYCddLxe)YND9v&{=fm^ywe?7S6d`ooTz`|r%B z2sOX0K;+vJeaH=dn?QM*uH40^^G#sUYc<5y{Ct>})DQHp_Gxbhm=$2Z(3Zbx3y=E) z9AGC+q0xlB$z^C*uujyqoich~=LEXrKAUxF#*xA6=#x@2!Dz6lfvYJ9utFz=CO6~h zrw1OGhVy2eq#t;8+ZiY~SJx02_l)o_J%?agfR?9d92-)0UAntVKzFd~(w~9^aF`?p z;Vz6pnNA(&1BUa!3(JXwx9PtwZ^Y|pd`bA2bh*CDw+Gd9_F>InIKL)z@eB7kygE#T zM39vDbgm!z;X6K<#dTfhMKx9B?9fYn$fI0iXsucP9*cyqJs5h8NiulvLisQgNi)lF zQi!~)hc;oBlQ3g{)_W7!K<;A;$OR>c)*!en*+!7bo?kzqU_~Z;ypqAYO`v$vEMfQq z`dxIqc3|k4ju-gW4(v>}C08CMt=1xl1u#y#7S^oA)fF%DqP4XE?^1q+e%jaHWW_RL zn@b}IUgV$s%m5@90JA_$zupUyI&T}-4Nml)>hkDev|s6tF9i2;6Uy#ltlJYd!^0Ef zk8TkBS-;(SaXr&*xrF{h9!<_?zt|^d@J(>ua#X#RAU57g!eB^k!Vr902H7f}uHO^S z*g5P^1j8ViX9kYgA+IbHqi53CFv~yuR`$yxtd)GWS2}i=f9Ri0KIYp|Kl)e5E#xrH z`Mg%={)1#XexcBzGmIBbQz6f){t}C{EY^1A85d($T@rMe?;d!)b~+qPwDFGjd?0=K zw695q$WH-V1b*fP_;_$O{5Z7j<;t^P^;yap(3OY{4n|0{qNX;D(FPp3V`FB%QqO{hv-J zocNLSkOLl&Uih>prNbV$Us|l!8CRwC7A;I4dfiLX-bX*rI2DGMrWH)^TLmhvSh;HG zRjF5AeNB4Q6aLzLkp36D3@WGx-9wj|?r+Jq4ZXUzjn{_4vuIX31gc>}4!q-a%HYrk zeR&5aP{BX>Dkz)m+JAq$B^T|4z4Q8JUL9{=B7D=@f$!f>Iyt@j)h|}lA{cc}hzJ%IDy}z+j_kY1(UUQSk4BiS3;D3Mrtn{3}d%1ZfNHSzbe~F-t zpg%C$?p3GA%<}RRYWNp@$PBqF5RF|POAsNgBFm@0`km=p?>`~!x94s&-Iuo8ddu|e zCq2fWz6%2x+J4*nKaws`AQwAO(w_Z=gHvT=qCwPz+(RS-7;@J39cEsNnNH-6y?S_% z4Xd1n2>WpYRqxO)YtMb{+q^^K(;okq=~>4-J}up2_aXh1Mt9tHtMu8o{6qTdSH8tR z?F23KX+LklqN`H69@@SrkDUdF0ioB=W$?4v4lB@@U6plxaBu?P3;ob?5aV8)5u7tE zs?~ST`}x)B=T}~v_Pp=C`&u~kzNIIII<9b~{TK(uz*X^o%tQ7|fA!G)`pf3ruYdcy^v?hISbE0?KbCn%?gWR*uh{>A zR5oGxSE9%=Duk-6+!D12VxHEV@1#?|m-f2Pz0%VjdqhW`1=B_wte+l##9{uFb9M0a z@0^j2|F?I=Jcap+bV9JAKQyZU-)QIG`f=(Qm1QSg`7ishn4@@nDMa_F7&~Wzpp*GE z+R$eC$hR_fc;2aFFMO$=;16a_l!M%Us2vq(IrVs1@h z$1|RhJ3$Aj0R$KKp{!fkp9md0H8$aIe7~f|vKX7eFu=~ZD*Gl)oVPr~ZXht^(grkH zP1F^9iN5CjW3ZpK*H0Szmm&XTGqF}>F53N5`b9^|;PVj%=h6B|h}wYeV{g~l6pAE$2)FWKq_kDW4(O<3&`U1ZYt8wA0g}SsZ-R&hHYh0K96eJMC z4PBN_TOdv{I&p!;$%JFYm-JsRdHTJbs;G0vpnreU@<7R0Yh$W4f@D1h%-YAHV8k z7q~mMgNf7Z(RJ$;vSusK+VU;yTMDkTKi^P?Dfr<@UAdw2!TnvVpA>%;{I=z1+Vg+V z*Rr3M9>V-$++ciQyx_)$U>!dkl#SPq8{K+k9Io~o+1ztK;k6Vzkm(EZRgvuOMnl_u z5I&I~8tOO2zFUB{XyGwrJP3v-g(0=I@I98GXHZBOw$z;!(iVi>Ht1^)jr#)rV2$pA z*==M}efHOD!QL#VjAzKM5o0)v*+U6$0(`2Xb;hsq69+ebY7p|RLZ zZ~_a+yvCN`DeY3}pd0*f4=N&pEo z5cou;<#f=4iH>lJ7ejU?R>BuL2N04;Z)B7GYcdZ_@keSZ^?fgNPp(9G9fDm zKq0H3&jGfwU1<5tH_u5IUh>Pzs!u)oF=?mmw$f{N^-64Bi>+Pz2wL+eD>$?xIx8`x zwAY^ZSHF-SQXr3cRG?YsHPVHiEH_?*jQrU75!pfKy!DV5{Z6_CD(`-Y%#pot&m*wN zd@f9vTybp;B{QF1v2ta4#R+dtuYdddA}Gggpj!pH=71)9d-MaxH6nLQSs;K?tmAj_ z=Q%iyz@vG#nQR}jiTSqSjnk*T`rqlWW1gS3-uLiy#yRKLGH}G9`=zwHTeT*g^OIlnmD+y0ZPJq;`{=%N7yaboboo`+bZ9O< zpuDEKuW%<*BTz4PDNygB`=tBr(7!_}RpIZ1x1N}eI`+BghF|^4{e^yrPhcFgPoRIv zkIvN&ejVT6X}9+PdDPHR&i5AgaZUNU)A{@mnsTDAo~)HQs{%Y;c=SUZ^jnG*_>0S~ zOxy2$NP7GGKWyGCYxg^i^^Eh35cjWe5C*#jMbu;gow-`I`F0{Tu_GAchB_EqW0 zAn(E@5cgCCg??nBFPD1YFrI?ArzSi-qRbQXk00WP1oRcgC+PuMFg6%UmXg^VU31^T zj+QWAl>F9@aXx;GpmNMN!O3_?s%SqhbibjKRM@M7QEKMz{`y)|=wKdQH+HF^w)E(J z5SU_|;4Jxizgqn3xUg2ybp|lw`OIIx0A?0!WqB#i=Yhd@V;Bf6-=MUz;W4h~+PQki zewyUXrVz9Svz=f^)>}h}R5GKDVTi9!8)7?KceLZY+M65(zXWf2Qvi)0>^0=b4^7D$jL$4sYqMqAGJL&-;fq~_3Q zB)1lz@?T7eW+v-5j>VXvk{ZZ^nxST36!7Ld=VJLsxB@P!aSS?(xB2#(K|T zZLnD}(Lto2nex$(#?zlTDSFr8gyeVYWx+JJYYe*dlje5QwZ9;+F`pu@U4ND5B_eEW zzlnV6%FDADk74*3soDN!GH5eV{eb-7gTUR0cL;3<-u`l>d=*3!p_hhGiZGtGVGH!( zJ1iFofWBR4cTo;LC?|O$FtuC~9-PX$Nh_ zTOP!5=X|-|3qxkIWs2o>i_Ucp+Tb$~b|f1ISpiwT`QkcoHs)9T= zApzmLk6+0X*N4GEke1bvCHyui+8qPBw8}MwYo(tA{Z0K$ zbAMOp$S})S>Xw{a_S4n`JBr1Wi$KCPVjxCiwWmL~TL=5}Q0%6_pg*fRekmvVv6b>` z(p=qqQEujZ2%wdI@+O-I;eW0&Hm01JmGhGVQsVdLa{SA zAa(c=PA_)CzYuoI<%&I^`%o?4@8t63Az2{ksnBzndkYfq+0srQ6b%Fmo_+D<5jfdX zpTpgDxsR@Ep;(LU4suce0I$(zfqA|bmc6*_MS2BAWjJ4fLj*|8*P=54a1lhLV7MG? zHgBO8sR{T{FaW_)YM_W{p!LCQmm{w9^EKR025Wcn;+Yg+upZ}iy(pR+CuI-cXScM` z28%l=%E9md@W*t?FD_FZ@gO;xCXOA9QRpqD2Vl88TR4EGlkMQi2k4f=a^3;E5v(|8 zp@J~1M+FB+Zv+U;TYu9uZv%anY?5C1x_74CA9i&5o%pLtfAOFL)6~l4dUdn{6&2)l z`?6)}`dgLj-pPS14m#lV>jZWX=tE$_deQb=Xs~@`S_rZu_)N5zF58i4 zqmFFPfsPKkV}222}h1{O(U^ zzRzyq{b>WeV)w28^mhv0T;U!52;w9Njvcq=I1opK(&?3cblElOHoY!$Fx^W5GaGKG zz!wGo(B~qcGun+{7=mJuSAh!du)K0Wu!HtCjedvxD2L1yY!g8<3hu-Y${ybO(x;`T zKkkS@5@yWvD%|g#b#B_@up`s^KY6l)C2db?$3aZUOSIF!dCj!_90Cv4tMM1J)zwlA z$oK)YUKBv**SQjKtJlpEBsFgdfi7V$bFq^RHcod;FGxo|`xWV*-h5(Zz%9Q0DUW_w zS|b~tUbP}k-MLEo(V`vpQyQ{ROAHid? z5B%5=ABCSTq&;?4bdvD6=X1R{GvXWnq_VOR_&E7nXZ4Li$Zx&%WJ5VI=6&(huVV-f zJTtAikAkDfuaxh?Vps!E1qiS{`oa6y#=7O>=wqMzQhLj~v^%QWqb&z0;sda?98?wl zNO=OU>If(bEZ0lEz;b?&fO5W+8-QK=i;Cs)5SntLV`wsP{nM-V+2vko=WXvUhF@Alj9PjE2fy#4V;)?cS`-vK(NVHyl*phFgcxc0b*9h5%& zhL>wTorBT(>W|L+{IV<3BcJk|^xS_qJ_6wgeq&q%60C@yAW)DXMcLZ2J65L~Dt3=% zoVw4>J3Cm{{XqVUAn*u6jDXDf1k>eli{NkP<%gN)U=z%9%8xSU5WI>_5S%9(=uh^8 zquI$WM(^5|9dZH_I#Y$xq>zpS4u$sxay&vRSBGg*x=er8H= z8>zZHXUD@kV>!vq?F5*hf4F*2Jt4|^Xbj=s^yU5`gw66sI7o1_eAKS|hIH#ukc}S* zB&tnW4?Tj6qBEQaW9-r>O{=V*cTtmi(II95v%F`kzua7Dwiy)NN;BH+xb|=PHMN^k zzu04lw-r7`U%P&*i60F!q1)mY~r4(|G<8|M6cM0fe+Pd_oAc6cC zM7{u5k_XEwi1W~7+<@!yJ~(7MpCQOL==Lr(*TWgv2dP{$7_Nopa52pw{D3F(H4_x! z=2Ht}cCNkU`{YTGq8=iv91uDS47uZr<9t2r;Sb*povlFRU#G|a+w=6VkZTJNWJ*{i zsWHq7D1+)<6K1*DPHfmA&ysH<2urab5JF3|Em-hYLne9tWv3ptvkf^9OuQ2u#XFjH zrd_hK+*<1|z5YV>G`8QVttY>to9ZdnpTH-2i$<_dAI}6Owo<26XnOu{{YkyvqMw96 z4Y^rf62R#m!i&;th2>$eDSos#jy&KIG5 zienJ7hcMoczi}SEGa(a0gqY>01Iw`qr0!ZtSx;d&Spi|7mh1oNc^I}Hn!u2n+01Bc zahS~vd4g#9N7I2o-L4KiZ#T^T zL-a77a$P;Y6ZF|BZ@EN2v0ifC!G0n7+HdG0#doG#nP?9fW>g1z%{|AgiN1obwpm|* z{zw6XpC0+M!XRG6crG^#Y)8J{l`r%CBCjRuX%V-gI{f-H{N)0@?H4~tIjA`Mr5n`l z2jKK0z2>^>wcFOOz1WVf%#(_E{8}TVqj(E8y87$QQ?EBqvn9`QRVvquJqdE?z$+Y; zGxRVecDs{Krlp5z9Z#=e2Py3UsDQ2M1$tfV>h;piw=GXkc-|}1H$L&6v|vI1A=|7N(0Yzb5Uu%MN{%vH08od)mmYWc!GpEaBOY{6`in#MP2W84k_fUO08Dm|to8GY zz^hun`GbNx^(xIxHq>rxJ!$iMY?fZ~{O6=Mz4s%Q8NnLfIZ=JiJKrG(=(Ah~4oJnIGNfTa&eM;!i;w9VFArG@ND zCQ+=^tG#dh)h+4!=U$lp{R1CMx81(n_#MDWK#6op5OeIfDq0C}B1jQBaInO(3Dl;n z50}q{D9-%^?t=5-r_ncfHU4VXk!iIvPl0w*+QkyT@@RR}&-}~9q^g7{9(my=! zX|{phwl`d|o&!p!R!hF3e@e8n*c*PNw`BEk_z$`jlwcL6$axrz>je(u$n2_CPWiyy zRHqCj0HDz2JoqRtDEr4Qm#tWp&b;uF^w@_U#Dz{eXrBk94HnH$n{Bc|+D z`0STYvySYK(J?-OU?ba?@Ix7PmI)XI*XUi`^BEW+)ErTNhD1^KUA3utr+)vUbc6cC z_FMPUTCn`)x3{LxeCZU^1mE-p2P;bdkw93LG9@9nEKr^E>cv#ra4)02;WY}(;o+bM8c!RfNa)vH&hU*Gz>^uvpP zo<9Eh|4iro=;F|kgA(zRnx8mGQFIb8SLkG?DUIU(U-OZ(o`-jB)D4>3@!W zPK-MrzC;XE>1e;GQZ*>u@E*@r1U4KI9@GH?D!NaU% zn2Ih|)LgE+U6l_!UGwwxIPt$*owrRca_FEwdiWGT^KP<(q( z2wU)j_M^xx6E-RAXRI*X0IF(TD)R{fXS(Z3b)^T+!{?Ze3f%lyhx=zN%V`$%yX{QU zPfGu?*;u?bUC0+9CSww)I?)B9KVaXUmoIZH3?-N>mL(h7actpea{{Wh519U_6v74Sm>KI%>1~Xz6M~gy_Fzn z`rBZ+%6t^FUXgf=AJOBi0TA^z&`Ms78qb7KwiAATuzp`hGTjbVoLA1PJkK@i_!0l6 zs|{$2R(l=D@w#+(mq2+sb$93E&z^n;LDEbxe(}*Ao|rVyse2)3C^x6`v-tk&gXM8D zuHPy&S@v!CoJ{5fFr45h`aFqH1Mtl+&8FBDAUn<8dJHF?imD)wGZrsXdp2Jhcmd&7kmEPHn=_Ymv`g5{8*rcb4C5^VS3MM;~p&EI(lm{0(95UsZaT zTmVI2*#M15=URdF8bKbsVuAj~q81NL;$~8GgeLkS9fb1$QbQR1I`nO{;0Jvp82W9? zAI8l@@Ll{;&^JLlA+@Gr3;7^^>!Tf5WzXQhYn_*Q*ghtMWk*bGtP>P(GtPcTn$abF zj|q{F{w$|K2%%gRU~z<$&3Xcu>9IaS-ysK`7yi)Gq%hMjM2+=rxd~58Fr?PPH-aa% z2}AIc8KMorifgq#`okd1W=1a)9GRyM_6a-s=BuYX7nIkZ&o_mcFw-f-t-x%z!FS<* zQW%SjAxGqp`Ok2!#!8FGr>px5aw-pJIqvv}OlR?@Wn3Y+uE>}2b%}Z;@EL+nhYE+b zR{RV?7wTcO!u5g$wrGE*6ndhRD)6m}pn*^O(d^*jzQ#o=zPkFRoENFV17Cu-FJIZ= zt+z7m&}!j7^z0L%A6?|JAM+O$&wqQ{vUJ(CH>Z7eyLT@d1*k1ZuYKi9(^1d(J1-iu zfJ`t@cc&mNC_|4vZjW|FTc>^UG^^|I?ZtbwH>HmsI&zVRkYgnZlL8j~1EW1)kypKj zT*^Tzsx_^}F5^TF$V>I0hu}q>C%@IE8>IaPktudn#=0znMOw+pl4eBU2-t_t+?P-q9z zf9A{HS?pZ1nx0gbR9|)J7s$uKC8~>zu#34#a#C>8D^L7HI{cu$(}vnbu{Y7q>tFV~ zbovvXljg2kq(Dx62m+IwlOBMYJ@BjC4}N;tP|yr?Kl9ipr#HXvq^uj&Rltn{qy()i z(bnrPOZ)V9_a=BJ!2@;({c0bcxiY2Q-(UR1hxY|3QTL7ScwhR?nP>a+rgwix{Z;xR zAPgHR^^IF0m)h~l!OD3DEdmzt3j|ea`$pH}X#?%!@7(|Eg&u^NzUa@Khq? zBPg#03ZzwgIs1xl+cHOOHZa2rth8qll1hX4zH|u##ukm zcz1_)2z7uWzGJ@Vl|Sf=bCoqSC0VeRp}$gEvS>lteB9xdIRM${Z@4D2X%LmvGCBr^m{q)DA zO*iTf)IMEydHh@6VOf3RI}h{z&Brii~*=_Q^a0 zZ$QDBQk1m6RM7(QGt6qj-_+wMMzYk~|GG>@iv3mzskNz*m)ypd1n6TH;wZqr&8Re zGsqp|dge>?gqqrf?e&)?eg@SskM&a<$1R{wn@Mws+=R=0t}U4R0sYH({}GwZKWfROHge&f)AkwZut?}T;+Wa6pB|pUGR04 z(LJKeX}&RMb*6uyTq)m$rCf_J)UxjTZZ3iG?pp8WO#V5L&t#c29>giyYvc(W&ay!s zr)uwvkHg8d0Yhsh3%-KA3E_DBdD0}>{gBKJ4%dUXd5lh4sh#J+M1yFS`()7KGGDGA z;+rfl1Qx#`gL~*x79hx!vUxOz+0fddZ`ghU?}X>GKCAjybH+oC z-S0LeDuOEr!yeg5k;x!C%dJ|?uRF^_`kC6z6wXv^oa=?W5ptcKKbugmQfQT3OzURC zauF}cjGb&Iw#yd92C9yDTj(!s`g3n)=-{cUAs_cgI zYuJg((G=Zwt+%YWtTxpT!x#&;)=xsN7dU6;LC?=9I~vESDF1@c3$ z)ev98^+r%~DE=oTT=5MJT13Yt*onnE_wf)``s(Jj*g;;e)~SbUR9@G?W1M=xA-&W7 zOey>TrNU7K-ys**7ruBTG6EC*L&?ELIxOR;Utb}-=l=YvblbAw*T;HsJM$0EwjS{h z4e*0p*ii|a@;N;Q{P=1A?Q?_FJnYa1rl%hLXqBU0TJ9H5| zpzGyzv)-|bU?+XN1D@|iGJoSqG?SL)nTdf1Qa=p5xk3l$5v`|oDncpWi3nonKE1_|b1_a|Q2I7hou`IVP>2d&$dujn*U4sO2X zH|gh>Ugm&3f-q>~n?Lw*y7Ky)N|6pEh~b_8@@mW7eM00oFbP>H&20eW>;uO)vuiXooEM~3iO$;0HyNE+Y*H69aVX?X?dL|ulD4%s0t7&L5g$H zD|*WM;eN^TF5>KKIcI`R%g54JA9Odu->SbZ(XMq5d%(`#Ig!_C6O=edWxyN$Q9COl z581GHpfo+}r!G~A;>E+i}Q7HRCZz9y~_KYi>;v9Yi-=ci@ zSI%d~1~8Vh#U4N_p}8(crP?5*jO|@80!SC6^L}x)c8cq#nP)*qKkDJ>kp1@tU0*u$ zob!Z3{SW(aP^tQv>_rSp{~13G>#*o8_{e%Roe>XHrbZ? zL>c28&?%ZpPdeh@w9!DovM*$bbdJNYtv@T+{w1UqWqQB!`98XJy*A%lx8k@Do%k6yANRLX1m;RlaaJs=${E zhV)W8?`Kz3&bi~+4Za`00_3?MwFu_bkawQ*k(J!5;h9E3IDv$sAvT9@wj62Oku zr9S})FbI-nf_hBi0XQacDv$G$lkA1;q-ZD9Gi>!_&euAwQV3tn} zzah7fgNDaGc@+N2U|aG<-r=jMC3^KY5fojnCo9~ z&_iqf&w8EAKNB2d+t%1>YnOdUwdxgAyZ$K1zjL zLreYN_zo7rr+F{80)+f}LUzvL)wUV3dmQ-)dI7G=`3$FYo%&jEbZ}!{SmYj~JD=`v zw>MYp2!2SxZ#A>CP>_Iw zL=>2_?KWGb-FMzG@b-MKAxKP2xShg_`2OG*PmgmwWjS2B=l#+tA9<(ci;Nv4S%Sl$ zn_vjb3#b#uDX2;02J8l>zU-3(tzkd9Udoa8Upa4B%EjW#0^yuLUqKVX!-C#w@6ZHg zb*V6=cEGO>{eV8_UAl50-)lek`E>0~w+tbn{NFzHiD?P93VH?cw05Y(=IoEMZU}U` z`FFRaZ=Lg_q57P7`ja1@{^jM*%QBO_x;~4v&=$JVw`t;c9kj_6Ugzq0q;f2DAscfe z`dyQ9@@3s0SQ(w`&y$R>U-Un3Q3U)s_=liB1p>`ca1bzpga}R~uh%^jOyuC82#%CD z54zMKbUCKJU;nVgQ!E|5#&N)MU??Ded zAnkqs{va}5pZk$de?e8Fo&)a)7M8pSKqttMguSCL`0hZ{(@STeH|&gh^A()L^ZiUd zrz#V8{Ra=`V?nz1mfxjcTzTD4`75u!Ry#m`KLVZzdh#dyt;fM4q@kKUCrX(fxJ*IV zRe{)BZn1efP`m4yM&u+}5U{AP?B5ZIgro8FEiZU-ddrKC^^Q+Ht#uFS?@l2{Ays7y zHeju!vIKkR4K#Jbp|;iv6`=)(#OjNrrwp7$|3TlRcn zr^^VECXmuW?%t(Sc$jx)d&Vy36HF-hA?-lwv1_35rF-5#oqE!{V!kAQOE9#YkjD-5 zW-Ax}0pTYQfNO)rdL6c8LbBg-`RG5>;@SNuiqG&(J5hcZ(yzE)pHOqT4lLydq3y69 zP0%Z3xB)_7%8v^^bNc^io;V!n>3QNC{y9D3ko`2bi1ErhAxeHwWd21^@3>tAc<7$@ zF(sa7n}Jdu7=9?8>yIEfU+Q)j5QY4!pf8T`6o8C@_wSIx>oKcpdOhO#`094CgEb{mG;YYKy4)7@dHS75Wco-1a4C2ZBk zV4A>L5fFUTFjD%j$x+GXP<)xaHeqkS0q=x)^M~BCz03x>mg_2CFKKPH}TJ2_iO$;r^mbzUwz~V2MV?)<`jd#ecoF5NT zD(kx~Sm?`!kh2r?n;tvN@^9R4I`*9VhY&{po)l)qV)K(TN^MPjm=C+_N}pJI!!#y6 z{D{xb`o}3B9UzD_vDr_wuAj!@?5d-6yT&djwU@zqE%KT5XMdRW(ac}rZ-d_EFzf`Y z#@~zs2~v-@^04^{&k_A!QNNs@5cbH89vA+gB`5_LUsE^+UGbbMo>#^FR*(P8_3iDM z*pu=N+Bn_b#RJ{={mO`Kh^pQcLNCs7b}($MThC)%2T$BzfS3C=P|p^Br#yAr;ul=& z(%oJHxtHDT`S`PEAiD>2kSBFrSca>Z>~+tN%;T&)s;hQmC_3?t z!B$Ifm=Ast!}vX=FP@Xt@y9RTx$YYpPZBhEb|BIs-vpXn^JzS4Yhsw?=CQ;@G-e%{q#E^Fb2oj}iChfs&c#Y{Zo?*MIv$K)sNA$1u7!P@Nzne=IyIC-w z9p3binngbKrS3xCg!m_{Rw*a<7a?p7HrIFTHWrpWmj#|ocw>9aifvPTrm}_p(zbu; z;tT&Wx&NcS%%k{Kv=QbqBg|fWxSVhZowPdpaf6zp{Dc<cD)Qwmh)!AbA+ks)s~3x{BPY}7x*T}}OtKg<2!^G^w|7vfQR^Uzb7H~(3v zJ%C@{-uA~oI55b;hy=4Juw{*QH=AaMvz5!z^vdOF%@EXepH~12D5{!LT((pZM9+bbr9Ya(`NX$>Q{-54<(K&3{E#8? zi=E=UTbvfAV+TS($?HM)-!Xmn?Jr4Rdi~#~fBNf(D^QD|xCl^ld*Z!FvB3Tot8%4e zz?u3@6$a$?xJMn4E1U$Nt5^RcO)* zz5egDZ+g1}x;i^-IapDF5R$!vr9>uTtxTMUjRGmu&t83=vQ=rYK6;c9{`EtbrY9b@ zk8A9;^LFWyPrfl7ckCn6)E&2_sTIqtOY0}^v`7G!otkv?AFqCaUYWaisI@D2HK>Wt zAP0tg^ebniUtD$FP!wka}G!)xJv9dbb|M}iG{(tt)1yI*&&i`xgefGI@x3{jI1BSoP`7}5w`5gO@2NhzZ1>0I{S|L^DfTkCnB_qO-D-{(2h%z4gv_wTu^ z^;^IDTJKuFcRkh-$$7|Y206%=NIoX{u_R%yP#)3ofAgp5TSvY&eg5r-M|&=}MmrL+ zbEp=1#k7+_q+2+wAIq05OaJ=rw}st_E_T?Q(hip-|4b}8%nd6d^^m048i=OZUVqGAww^}>T_Ny9Ue}W{1v*YQ%yyB3wL_0_R&5I6=q`P`klEaU+BWRI<`xia8)}@x~ zZ@8sax^w!7-FHim*zG~KLB}&}b)9TDC;d7p-gX>GD&a?&u?`xamAmFQ3|aT<{W--t zc3SMUf;^Rd7y19YeDC)+-AtwGxbs$9rY*PFyt?M(=U4tRoqfR%RaXgkBq!#?WRk&s&$$ka5>VV&^ie_4Iypy=S2(P|?(d02-`o=u{)L!ZPU;bpe*S1?} z+@iQbKZSp597(dcfApc46mV^N*Wu4dzx@1r(|14ew|Y*w@}q}Nl4EE5TIY7y`H=Ch z7>hU+aCq%-DV}4M$YKyI`WT9*W-qiWN2}t^2R?Pmz&>x~MjNFQk9uEv_iJ8~`}Y`2 zCB}cU83|30ejd0c?X$~$(l?KMUHbexUyW~=dId2;fGZ=Hf?e%{hV{Y+5Kh1b@o$SWv9{=Y4+WnLG6S4l6Ax&`I z4~eJTulElPuB-S%gTiA285f!?2#=!`D1xlW7GS%CWhOIux-yyL!Y=kg{;6g$kHs{2_&i!lSSYkCW0euV@T-d^N+WR2Yi@1)pWuhj3v+u*w*yMZL0}

     {% for region in site.data.alpha-channel.amis %} + {% capture region_domain %}{% if region.name == 'us-gov-west-1' %}amazonaws-us-gov.com{% else %}aws.amazon.com{% endif %}{% endcapture %} - - + + - - + + {% endfor %} @@ -74,16 +75,17 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat {% for region in site.data.beta-channel.amis %} + {% capture region_domain %}{% if region.name == 'us-gov-west-1' %}amazonaws-us-gov.com{% else %}aws.amazon.com{% endif %}{% endcapture %} - - + + - - + + {% endfor %} @@ -104,16 +106,17 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat {% for region in site.data.stable-channel.amis %} + {% capture region_domain %}{% if region.name == 'us-gov-west-1' %}amazonaws-us-gov.com{% else %}aws.amazon.com{% endif %}{% endcapture %} - - + + - - + + {% endfor %} From 56748ff90cb8e0536f2d5614495486f2e193a8e3 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Mon, 27 Apr 2015 14:39:22 -0700 Subject: [PATCH 0461/1291] launching-containers: use correct port for example --- .../launching/getting-started-with-systemd/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/launching-containers/launching/getting-started-with-systemd/index.md b/launching-containers/launching/getting-started-with-systemd/index.md index b8fce2f10..4444fd115 100644 --- a/launching-containers/launching/getting-started-with-systemd/index.md +++ b/launching-containers/launching/getting-started-with-systemd/index.md @@ -108,7 +108,7 @@ TimeoutStartSec=0 ExecStartPre=-/usr/bin/docker kill apache1 ExecStartPre=-/usr/bin/docker rm apache1 ExecStartPre=/usr/bin/docker pull coreos/apache -ExecStart=/usr/bin/docker run --name apache1 -p 80:80 coreos/apache /usr/sbin/apache2ctl -D FOREGROUND +ExecStart=/usr/bin/docker run --name apache1 -p 8081:80 coreos/apache /usr/sbin/apache2ctl -D FOREGROUND ExecStartPost=/usr/bin/etcdctl set /domains/example.com/10.10.10.123:8081 running ExecStop=/usr/bin/docker stop apache1 ExecStopPost=/usr/bin/etcdctl rm /domains/example.com/10.10.10.123:8081 From f6491a1310fd6cb673c08d9ff1de4b0435baa76e Mon Sep 17 00:00:00 2001 From: "U-Odessa\\dave" Date: Mon, 27 Apr 2015 22:54:09 -0700 Subject: [PATCH 0462/1291] Further VMware notes --- running-coreos/bare-metal/installing-to-disk/index.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/running-coreos/bare-metal/installing-to-disk/index.md b/running-coreos/bare-metal/installing-to-disk/index.md index f35a379b2..843729b9b 100644 --- a/running-coreos/bare-metal/installing-to-disk/index.md +++ b/running-coreos/bare-metal/installing-to-disk/index.md @@ -29,9 +29,12 @@ If you are using the ISO with VMware, first sudo to root: sudo su - root ``` -Then install as you would with the PXE booted system. +Then install as you would with the PXE booted system, but be sure to include login information in a Cloud-Config file, or else you will not be able to log into your CoreOS instance. +```sh +coreos-install -d /dev/sda -c cloud-config.yml +``` ## Choose a Channel From 8a2cceca7896b7ee068db6b1577128718941e461 Mon Sep 17 00:00:00 2001 From: "U-Odessa\\dave" Date: Tue, 28 Apr 2015 21:32:43 -0700 Subject: [PATCH 0463/1291] VMware needs an ssh key during install --- running-coreos/bare-metal/installing-to-disk/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/running-coreos/bare-metal/installing-to-disk/index.md b/running-coreos/bare-metal/installing-to-disk/index.md index 843729b9b..67bc79fd1 100644 --- a/running-coreos/bare-metal/installing-to-disk/index.md +++ b/running-coreos/bare-metal/installing-to-disk/index.md @@ -29,7 +29,7 @@ If you are using the ISO with VMware, first sudo to root: sudo su - root ``` -Then install as you would with the PXE booted system, but be sure to include login information in a Cloud-Config file, or else you will not be able to log into your CoreOS instance. +Then install as you would with the PXE booted system, but be sure to include user information, especially an ssh key, in a Cloud-Config file, or else you will not be able to log into your CoreOS instance. ```sh From 7f19bd8cdb188d18be3e2a215e1926926d9ae7c9 Mon Sep 17 00:00:00 2001 From: retrack Date: Thu, 30 Apr 2015 08:56:51 +0200 Subject: [PATCH 0464/1291] Exoscale cloud provider documention --- .../cloud-providers/exoscale/index.md | 181 ++++++++++++++++++ .../cloud-providers/exoscale/size.png | Bin 0 -> 38792 bytes .../cloud-providers/exoscale/template.png | Bin 0 -> 34944 bytes .../cloud-providers/exoscale/userdata.png | Bin 0 -> 90889 bytes 4 files changed, 181 insertions(+) create mode 100644 running-coreos/cloud-providers/exoscale/index.md create mode 100644 running-coreos/cloud-providers/exoscale/size.png create mode 100644 running-coreos/cloud-providers/exoscale/template.png create mode 100644 running-coreos/cloud-providers/exoscale/userdata.png diff --git a/running-coreos/cloud-providers/exoscale/index.md b/running-coreos/cloud-providers/exoscale/index.md new file mode 100644 index 000000000..ca2fe1986 --- /dev/null +++ b/running-coreos/cloud-providers/exoscale/index.md @@ -0,0 +1,181 @@ +--- +layout: docs +title: Exoscale +category: running_coreos +sub_category: cloud_provider +supported: true +weight: 1 +--- + +# Running CoreOS on Exoscale + +## Choosing a Channel + +CoreOS is designed to be [updated automatically][update-docs] with different +schedules per channel. You can [disable this feature][reboot-docs], although we +don't recommend it. Read the [release notes][release-notes] for specific +features and bug fixes. + +The Exoscale CoreOS image is built officially and each CoreOS instance deployment +is a unique fresh instance. By default, only stable channel are deployed on +Exoscale, you can easily [switch to Beta or Alpha channel][switching-channels] + + +[update-docs]: {{site.url}}/using-coreos/updates +[reboot-docs]: {{site.url}}/docs/cluster-management/debugging/prevent-reboot-after-update +[switching-channels]: {{site.url}}/docs/cluster-management/setup/switching-channels +[release-notes]: {{site.url}}/releases +[cloud-config-docs]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config + +## Security Groups + +Unlike other providers, all Exoscale instances are protected by default on inbound traffic. +In order to be able to work in a CoreOS cluster you should add the following rules in +either your default security group or a security group of your choice and tag all +CoreOS instances with it: + +* SSH: TCP port 22 +* Etcd2: TCP ports 2379 for client communication and 2380 for server-to-server communication +* Etcd (Deprecated): TCP ports 4001 for client communication and 7001 for server-to-server communication + + +## Cloud-Config + +CoreOS allows you to configure machine parameters, launch systemd units on +startup, and more via cloud-config. Jump over to the [docs to learn about the +supported features][cloud-config-docs]. Cloud-config is intended to bring up a +cluster of machines into a minimal useful state and ideally shouldn't be used +to configure anything that isn't standard across many hosts. +Once the machine is created, cloud-config cannot be modified. + +You can provide raw cloud-config data to CoreOS via the Exoscale portal +or via the Exoscale compute API. + +The default cloud-config configuration on all Exoscale instances specifies +hostname: + +```yaml +#cloud-config +manage_etc_hosts: true +fqdn: coreos-node +``` +In order to leverage CoreOS unique automation attributes, a standard +CoreOS cloud-config on Exoscale could be configured with: + +```yaml +#cloud-config +manage_etc_hosts: true +fqdn: coreos-node + +coreos: + etcd2: + # generate a new token for each unique cluster from https://discovery.etcd.io/new + discovery: https://discovery.etcd.io/ + advertise-client-urls: http://$public_ipv4:2379 + initial-advertise-peer-urls: http://$public_ipv4:2380 + # listen on both the official ports and the legacy ports + # legacy ports can be omitted if your application doesn't depend on them + listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001 + listen-peer-urls: http://$public_ipv4:2380,http://$public_ipv4:7001 + + units: + - name: etcd.service + command: start + - name: fleet.service + command: start +``` + +### Adding More Machines +To add more instances to the cluster, just launch more with the same +cloud-config adjusting the FQDN or removing the statement. +New instances will join the cluster regardless of location +provided that security groups are correctly configured. + +## SSH to your CoreOS instances + +CoreOS does not allow root connection to the instance. By default, it uses the `core` user +instead of `root` and doesn't use a password for authentication. You'll need to +add an SSH key(s) via the web console or add keys/passwords via your cloud-config in order to log in. + +To log in to a CoreOS instance after it's created click on its IP address or run: + +```sh +ssh core@ +``` + +Optionally, you may want to [configure your ssh-agent]({{site.url}}/docs/launching-containers/launching/fleet-using-the-client/#remote-fleet-access) to more easily run [fleet commands]({{site.url}}/docs/launching-containers/launching/launching-containers-fleet/). + +## Launching instances + +### Via the API + +Install and configure the command line client (Python required) with +your API details + + +```sh +pip install cs +vi $HOME/.cloudstack.ini +[cloudstack] +endpoint = https://api.exoscale.ch/compute +key = api key +secret = secret +``` + +To launch a Small 2GB instance with the current Stable CoreOS image: + +note: template ids are available on Exoscale website + +```sh +cs deployVirtualMachine templateId=2a196b89-0c50-4400-9d42-ef43bcc0fa99 serviceOfferingId=21624abb-764e-4def-81d7-9fc54b5957fb zoneId=1128bd56-b4d9-4ac6-a7b9-c715b187ce11 keyPair=[keypair name] +``` + +Be sure to specify your SSH key to be able to access the machine. Management of +SSH keys is detailed on the [SSH key page][exo-keys-docs]. +For more details, check out [Exoscale's API documentation][exo-api-docs]. + +[exo-api-docs]: https://community.exoscale.ch/compute/api/ +[exo-keys-docs]: https://community.exoscale.ch/compute/documentation/#SSH_keypairs + +### Via the Web Console + +1. Open the "add new instance" + page in the Exoscale web portal. +2. Give the machine a hostname, and choose a zone.

    +3. Choose the CoreOS template +
    +
    + +
    Choosing Exoscale template
    +
    +
    +4. Choose the instance size +
    +
    + +
    Choosing Exoscale instance size
    +
    +
    +5. Select your SSH keys. +6. Add your your optional cloud-config.

    +
    +
    + +
    Exoscale cloud-config
    +
    +
    +7. Create your instance + +Unlike other Exoscale images where the root password is randomly set +at startup, CoreOS does not have password logon activated. You will need to +[configure your public key with Exoscale][exo-keys-docs] in order to login to the CoreOS +instances or to specify external keys using cloud-config. + +## Using CoreOS + +Now that you have a machine booted it is time to play around. +Check out the [CoreOS Quickstart][quick-start] guide or dig into +[more specific topics][docs]. + +[quick-start]: {{site.url}}/docs/quickstart +[docs]: {{site.url}}/docs diff --git a/running-coreos/cloud-providers/exoscale/size.png b/running-coreos/cloud-providers/exoscale/size.png new file mode 100644 index 0000000000000000000000000000000000000000..d2a398aa310a6585c7360b73477f913e5ab5551e GIT binary patch literal 38792 zcmZU(19ari@;)4G>||qeV`pRA8{4)gwr$(C?PO!yw#_%+d++am?>XntE#)| zGu_iw&l4&qBMJwN1q}oQ1Sc*gBo71xqWazLf&~BmJlVH12LgiqX(lKrCoU*RAZKr5 zY-VW$1SA%km<*v9{}*leh>9X004>BPVLF|lQ{qaPk7F59+(%9T66_~uTgmpSFe+6W zbl$N#kQxk8SfFr^pC`YNk&zblvYcx?$g79V6sL{-;TRp@vhyzc?>N91NUp&I3QVm8 z8EEC*Lr*aWfr*eIRQwf`;5r{X!Ur@wll(d=0v7a3b#o)At7g3h_2|{4`%686eVvOH zNQ`73RR)g}`xXkwR=SBV1pz1*bQSJ!A7@C$B&J--X|0M?iVD1#vMBs&;CXX_worf{65}Dd|kZ*0hK&qdXYym`Nfuf zQN)p9?d*^m2bwtH+s!SQT7~P^k>mSSTqY^jnIOKhc^myN2`*zc8>LkCT>YTc*tz$F zYseAG7`i()WN(HoN%S9sqwf$au3fg1K%hXVwyIvaF*}-huz!pznj@^#1jMQDMf+V} zdKnmHkPe0Z-sb;U=lVKkkU0Vm{%c>gZxR@NGpVS}M{n3NJB<=}!f+#>X(|a!M~hPj zvLDqkek_;zmEY&Mbs0TzK2E3(5-WW4H zB)Q>whY1VSubaS*f72x+x*!n-I_G1oMd`HxtTb*BL|ll>1)3duX@J}IHy12Vr*7k5 zrd@I^ThXp+wUBonK0^owA2aq+Z%|pi?oW_S@6|40c7 zmp$TeP+1Z+!)}wiumIj)CVr(k5JNvkM3O=BA%;9`4N6vlpL#cPy-ILRw$pl$n}dmO zhPZc@adIBq1M}>DZXMnZe-6BM;pdN6=~itMD8w>WZ2{KLhN-)@CXgV!f;`&4cIAX}xIbM2G=(tj`aTouiJ``YkPw?e;v*5l#2ATD)B&#q zo%5H)>clFHxb8#GhOP^{#RBiM+(He?QI>_7=MNnl&SO4^2+m+QlBES5<^>+xJHn|) zDdz=GbKG;e!F2{c=Fm;+!Rp>(fX?+(GnkB{hxf$QC`yIU^hwk(Rv?!TV(oZ)f}Zt) z*G97;74J!{BUeokaG{y(wLTMhuynyy_nlp%y@PLtBkbrvG5ewQ`fW=}wtn?X%h6 z?JtgA#9Jh^(=O5d7Wh+?BDYS#kN`U>FTq}zWFLF$b1R~)t*x^u?3KnP>lNzJ`u^u- z?6&h3zm!tZp^VN6TuDevkekmcZ?mu~cgA#xnNA&yMRIkTd}$KZ}S9O+#VUC~~#o7EDEEPvpXC*)|9 zxGPqxI0}mLjH}U#Syd_pE+W(sKn*aM{4mub8Y2uM)*@t48pvH_w`EjWa-9X10-jD$ z7CPr!Pf1Tj=WR;8XLZe=Eey>omP(dfN~@>><|@(#C!7DBC2R!}6#@X}pm zVHOyd!e-N|8&%4sEmSo`Ips8RI+fo19&_LYhb74cP2wljGJ&<)s)A`{0r8jY8@#FJ zQZ~kD^%*ODIJ0xJFtaEp7c&-1*fYOpq8I39dGo%eee}02W6W#*=B((B$Sv8H?SS-S z^}CDMi%g1~h-gHpM{Z)LV+>aXa>VFA#~{;sC)w)RzLQ@^HmR&|silCn=7$W~-8U5hh6u~O4jGgz@0tbwkltSf7F zV_&hgpWT0m*C6+9bgr4K+cfdq5*Z{LC>kl6Ic%(KrCDq0do048pzX1))$-qg z=sIIq>fWH7tgr zs!cYHH!(MZJ9J)E-yl6@UOS$g9<+|v_Jd!3ye2+3zLh@@zuMe+qvqhppvj@oqaGu& z@zzj;AfjS5@RV?>a;D&F;&P$xqSnzDkS1VZ;kMD-+oias&{x<|a`@T^x za61W}-Z4KlM4Ew~WStnD_;cxOvTl|~&r_V22WpR19PN-L6>x~!po2i;m=O>=is!&m0wovB}ydOV*;2#c5u=A+6 z(t2C3aoxF=A97Q{{(3j!;mPLicJ0)fhA*}TPRV{vM2wt1uMx|FR>%i^u<;tF8v?09j%s@5*) zu5wZ(+wR(abq=+zpkk(})|A}Rta~-*Y4@h?ZTDH|)_wRn`=JAWjc~6htkkH;sicBG z&(YEZUWv2-i<4$ovRAXU6Qn-2$}Nf^DiQ6MpO^3bnf88mVURnV7R`xY&8_FC|0e$W zH;$vgT6;sz)6G*>P+#zPqc3?}}yBUrY_MscO3(K?fHF78& z)aGJ~6+sl9*Dd+Odf)ReL?nU|ekN~|SJ>CRrQxK>?9nZqu?|*uke4TY8aD@}E|gka zJ`gxnS{iiE87R;+^3DqI=H4&p*|+2Zf?3Y|fF9o3`zSJsC?K3`5CUf?Aie8|IuvE% z5yfX39eIr^IE8A~rARsOmj_;{?Cq(k%NJ~nXRLljWxkPcJ=ga zoE*7{i2j-A|GoabP9qny|ITFX@E^Cn9i;nbgpPrhp6>tI{#NDsrMMSt9*ju#I! z7v2AhJr6W_(H`P$q-#hQ zFl$VZKSZiW)@o*51pm|hk5u|0!#@)LqtMa_Ik3LE>tXgE6ZDBl7~FtGYD#lT!R>6% zG6Dk7?S_(LDxOMmRh59DtN*C`S_tP{ITl-8z6WM+_R^qH4n-RzqKePs*QT*-cSe2 zqaI}}K3dDlYQC5+Wnwi@Z;(!Ro@xBpZPswt(nrJL^?LuAroS<+%gGC7fde}Kl+F#cy>|2hI#a^c}>Lxm+7mH=-@O;nseOT|h zRjiuO*UIPHhVBQJ6k>Q6za0x<1EYNsargUax3F*X3mK7(g~R--Rj-+Q$@x5PtrX+3 z(Oa!^@DagTvu@+-8d4JucpS>HZ-YqvtJW*Ib7{?^QQ_U|`%!Jfi}bwdZuBM|*?7Jq znsTt~Mw_6j+21>IvO4|=XUQWy&Q4{~0X0g1%i^|T$~PFkBJ=ng5AD03!uFQm*M3fi z{j@A&CJK0HGz$eJY-Gl9mS)ZIMtu8^D9~e3;~{ws8Nt83P{pyvxoqvQtFYg|*&mgS z*KrMaT`!@@N;MNSky&%76s`OkA4#eIkd5vU25XbauHh~B+A=E-5*qnxGs~8mxJgU$k|6@ZlPd>Wh?`mM#mY(aD@=jN5eUnBoFItw8n)e~g&E5$PJt!hEUQ`}GboC-gPB@oKGYABQSbws8&% znDKs+wwj=eU|z{CE86HzC(id&??q z8U_Nu#wJHwPCcU{GMvMJz|%D-Hn=;Lx0Wqy85pc}u@<&fl-2cbZkVi}8H;7JYkPAE zB_*X>cNpJ80caph2KpE2FI3dRJSvIgZV|xO`^T7~MMF`F#UfLy;tCvyaQf_aP>Gxvh& z2vy|BA*YiINk424ao)Nunsw?Z8_V05x}N&8+uVc3O^S+F$$4J&B*n#>7MtMTCZE3k zX1TlrYqVO1;@Vg(U1cxN3L8D%$49H#*krFRJ0xW%TV#LCi;~~BehhveRKAi(Efjta z>vwc3ey*gCcAf7d%c-bBfxSOo2C1sg+$%h#GJ)(5$1%f^D4@|t{`?a`6U zSL2yC`l`L>dBdN8unfjoW#A@81guV7?bFtpm?XAZ;RM&a6BLVxR1{Usblq@vpNK8! zyf192XbQ8F{{@MlYA!Sk^s0%3MS@y0cc; z(S5M9L(-`+>wr%Ef#aw=HJ92yw_EeR4q>pcxH@j|d)EYfUUouQ&AqK@4fl^zYpoWb zGtc4U;M6@>sI0UtP_1v!s;L^ke++tmWh={Tnoe;&w0xXCNTc~LZu_=h;CtQs{S@bv zQ`0)*$jsf*dyACyn%^}UuR-^^p#n@^j{Pou(+W3lD1t*_1*$q1P4Kj}*$$@SULi+g)Ll(?h!vE(w2A!mr zcGMitPJE!+^>3b=1mfT0E!TAXOaZJG_va;dlD+5_ZN^uQB(RjiX}JuN`Sr&aX8_^k zB-HlF!p{7$rpsjmad9RsOw$auD~US89gpHcx1BcC&}J}P8iu8ZMZFZ4_~NqTdgIn0%wg-}`?vyroQTEW9|SOkje$Nl@K$TJ zON>l&g?bNE$aFxcJ37Zyj}I=T^~vE-p&m?r5)Pq_GjP`meL8uTglhF`cdDyioI62XECjLtm@pR$G}rUFj}W z^1M%DDq9I;UXg{xh30)&L{G_7yvR)qFFmhF*3d_tP~30FGz+`nC|75sPB_u5m;kiz ziw`#c_G{6ZK~>KfqG^=hl}8qvojmBMwWO4k?S3c@H(LZ#$T_#IYMGUA?_$XybUD-h zRjkg>fwPKF`t<$rQD@`C?zhY6bGonBulOl`e;l8s5iYj#`Q75FtXjj^N?WL^siqSm zv#})VhOkj}jdmmFbeY>;&qpwqIG>#amvYF!rR?G_UaRTO>$nXEmpR#n{QeS2E6Hcu;tvGx`nPZYWL&+enARBet8DcnuY+K zCYjUK_wXYY$4M%A&hSi=E<0MFEG|@<$21KgcDyy-hEqxOmpXIVG;b1nDO)__rZj?c`N;Xs?vSTtmgX&DG($Q4aG+0{F`to0CFcq7t$Y64{isLZ$5;vu#K!)<@Oabz_gYRYewf6No6%hzwd4!b!w{yV6mhA3(9(4KB zs844#0nx+7c2^4X)yM5aWZbBDxjaSdMn(y zAe{<%*H~v%p?fM=R6HDd9)L6R0vD^^LBL$zrwJgXprvH%rdm}tZNjHztCbY=Qu{lW z>8ZyF7B2GMYQlTilxwV$k4dQRXG=jlo~*{m>kD!&6m!_1)$8@e?u6tbuU_G4Z+;b5idZ+{tuv)zjz2}~R1O_(Od?5) zWp1E=PC7DC!W7K=dJOuw?!a5m`)Z=IG`ga`)_j%oaf9zY$KS7Cl)S$?Q#mNh_QLzJ zzh`aV_3~krR1D?9&tC;8o-oP2|0tWyBRK5b9;l=$m*w@^A4Os(rJ~ZD?hzf4QI~e= z_8XX&wtJIV`kME#mRz$W*J{mq%`0(G!0%uTeN7@z(N!(}R=x7oQ=6v^{|{T@>noZ2 z+r>mwLN4sKrr6w?&6VSRNnYO22Fh@qYIvRY`(XJZLAL&QF2cx>{pY)D6kq4_ZaJmw zTA`}TEpfEEo>!Mgq(T^Au6tJf(|k3R^#$9blBZ`y_2ne(d&gMo1S zKHn_(b)9ahlWl6WWJZn)cxby*w{1#i_Z4BEMz$#DcuIR>Qjj}c!1#34?&Kyt(TcQ-ciU7|?YGdgLartxX7so<99+8rW5`cxv01bANx&W;Iu%99kVK z{<9LXk0CKkc*&Ree%f5KMyzSH zxT?#@P;1imvZAhet)1-r`fR_T>i%#Imrc>D?s^TXLM*(XYdiDY`JLSu$T-3Cv<^eG zJoDJmhw(6${S4Fng6+2Wb`i|$vH99K`B)yb6F-q2VE}vrfXN`$xa+VTPrm=y7?>2yJOt#E@ zwy564Ebs=8W1sd*%FI_+e(!exw7}zutk<}`(F7zU+VGEI-A9ewLDDgFnx=w;ROcyf zi%KOSXorpKYw_}u68oaQt&a`5zZqod}O z#5a7GZ9K{O&MLL~(NubkRrSJ;vS!)8CbVixX}@ivJWnLEXNZ#Hm8+Bn&VHhq+L}%q zQ&Mzh=Qb=A z^=dk~-4KR2c#lWTV$mS-&S(t?kh&Bawgb-sA|Y{`)d?uZ4%l z*t86}Ac0hQ+V0H4+%VzQV%7N}{msiRF+A zqI-WQ)hOUwQ&UTwwe%dHjaPtMdU|rcM8%9(Qv;(R@ap||nc~F$cEkG5$3rHM(ZL6< z+rjr<|0nYt5d`{>aI@^75u1!CNjD(H9{}NBQz!_OiHY%kAI@Ihz+PM>Or58%q|vGy zd7-shz0V3)TAp1scT!i2T8X~%PxLpyr=2DUjA|{}@Po9wII)|%a39?ov12lsbd0*S zNTdN9zQ;40cudBxou4s zGlS6xHHN9}^MIzP6m=8t{d6a759M03^#+ChLP=tP>t*ycmuVj4mjbJe^)LRnmvBU} zG`6q+r5@C!wY96L*qtd{*~ygyNpuZirO1oT&MB>KsqzVxD$OF~NwYQJBgLt(VbDx|?-y#nS*>ITRFk<@)UrChkwc<8tic|g*W_a8?8V77T&r2=^T(*X&xavLg-;a|M z%@>iHMH3`no#h_mtu;Xn|y7=$4OJ=LyZ6d81{X0YsnDwMw5&K{~4>{hW^ zq8?)L>8>5&1lj@Ek^t4nikSd~akM<~7h+2mI0zv_=E_mBbc@!NWY3Mvv$4x}K+LsNeG>n1Hwbnh4;Dj$&Y!n;46I!N zE9?5nl6Sc5qnqU}Y)n5PAY8rQ@Lu!{TXCHBSI5O^cf9p_+qYWnrOc6wFFYN*X1s?>U^z zv~V~aw54q>c*kj8B9)+^u3?wZ13l+G(ol6=BTVpTWb0`O^Cg{!+WD z8@#*l5kmnz)@JXq-fGl2^ksr~0Pigf!-y=Zt80^SWfo6HI%~3ne-O}$X-C=e-z9xIIW|B@PZ{T^cqLIZV*NJ*L^>?){&IeG%Il>K zH{O6bAo#W5a#SLGA;`Jiqja5czxcqV-Ced+cJ(h|V>mdwb#zH4Gix)OK&SFRnao9w zzy%57Dkz2irFQ!)t0@bXRfzb{i*jkB#zsKvEgK#qS{g+M1sOi#Xj|G)zaDme}{@=1@>_wq5nMgN5V!3c@O%C0af3zF) z%mmUkRx|Qx);gtNLC8_@eB6QvatB9aTzRz&VHlM(w$4wZ3Lc`lU80Gn%al9gbKUzN zu*gkL%SBeDR{wM`%OhF|%i5E4mbZ&u98`q3Bpj4|g6hQy$#7SVndHH!V-`2iS5|G* zn78uB6Ejzua@aMIULp@fc=?{W-TVXe(1B?CvqU}T_xed`$?Wd!*{tTq%D7aH1Fbcn zV$l3#(gU}6=)6R^K=tk}{x#@*KT+Lcxa7Df*;w!_8K&4_b%fV$(vS6avGv|SZ2n!# zq63sG=wqv*9UiHM#kFw2KFpsLvhyh*mMdbx942b^5R$qUu}I_xghK4163Y)TB-qIu z;v_|)k3`&8CB?^+NAfpnz0AcqX&W225jT;`WZ55PlOWX?7oHtoVB3OOD25gi>fAYT zGaEi%k&+Fy^Cuc@t;Z*a3Ic(6W|NU2{Hlbekaj+2*G0S#kd|jb!lkt85_{rd% zVA`*7F^3~m_Ilt<+SP<-Os09@XmwA6daIvM4qy_v05^40AObSUdPpF3?B91kTT@O2 zI>E-eEDA3KQKspn4O`6Mw@);D@eWlx>cQaOohgbYD{ zQJsR{U1P=;>lZ#Pw;ts*XoV8#&(UdOvp^n*Gwd*1O!hYi)ft2UyQ zWYo>g^6}dvozjb4$W!Fqonl`}7-;T}$UmPp&vDRFF-h8V&ZNR7GnFzcR{G0>h=T>mAt`G1jFB912h z+;1>fDRRyO4X(yA+&;g$>aIdXFt9X*s%`=Pnj2L{i0xy*bA2U_ZuRv3^3PsvW1(W^3*fk@T}qSaCd|%#*UN{N zTQ-g6vTbgV^t{z8M_D|P(eN=#1a^MndN`5tTcF4Q zRXb*Ec_9H8YjJ#`2sp9x!}yw!Yg&U_ytlW^CRU+);eLHA64^Eaju*8rCaEt(KqEI( zWzViwiG6%`{E1uL;TGANkv(ccJb#oD8G;ItadU52VIN8A{QC4C`3d1_?*v?C@o7&( zVnW^8rdDA$@MQ0f*s{v$=zck>v+xg&X$Z#Eo946Hiypq6_s`1z4^~dWg48tcPQjWw z&z}7cko&LEo))5QsKu7PGnl9U!pgdo|8y!=IDL)(%YZI2p)J)0O7&p3Ju?3hz7ftp z*d0#qgRuL*f#{wEBuJe^_lNxN8!6`Q)qLrk_1;4aF&b?KyTjrjdW&C@ml7x8Ga0b zI`rTrz*Kh-Pv+|19`z^+0p(4XjXaXeMycA_b-|QKV*T26k9{Bri9ui`+;xhTyT;b% zUxwug{SA1wE#!>iaqjhNr8N-np~{s9(HCgV0NvSkcXIM~q6)&?GNB?<%hI30Rc`PU zLkHGRrlxgx>Sv*=f{c>4?59OXO<`80oJ?ddU;{)(4m*7ytMHs8ru|g&?(&-g@9QM+ zNJ%Jkj66f+KrI^k z)+%CTlu4t})RQ>o&;%)Z$)ds^*;}FoHDa)*ueeB2XhIy7y;RCpLw1bMI~&b3-H|ad zF+qDpki7fbSM=`g&L+$hNxVZq+@zQ)rZ9XaKY8?^NrCxTX)HP7PCXeO*4F83IbVDelw&xXhakmQ)GuzFdkBTiqdSNKc-t?3xRwA zkkOD4BfT}3nDTv`ap~z7A&~p}hWinmS>M=|8W90*6zt%Th=!6)cI+ne4R%O z9$1r5$jJ%rva98DCV!#rP>O1{9j0_wD=?>#s&FQ?-eeNOQ^sys(DL*&ZJi+ynjZG$ za&vD!St zMbKYPOrq7*Hpj0{c){C(Sy@~zmvJNpF_OK&X*K5t1&M z2*}t8ZsKv4%7zltIdTm%O5yp*T-b%TD3$m*&JWU3Jo$F?EWJX zC>K~sdVbkicK3VG7$=5Tu%)+fsiPQ9r_Ri~j`y2qva!kCqLw)d+)(>F6{$wGT$2yq zH|(PsMwQo!lJneY)t;&B|KzsSOWY)?24-sVzS(5ajZ0Y#DZ?^L8OuTt_hYsPzmMDy z!b(0l3;P0gKUaDcUCKMA$V*zA?Y;BKxz!{J$Sen?`)lz$Lf} zAzoT)HZ4Tn8--IUpEb=UYI=H>mWa+QT|godd$osC>szpYFj1Gui6DkDe`z0P?@g{` z6G=2&P$y9Todr~MD<=0rgM_d~z3p++{2FnZn%Uf}bPIQ0DuB%@6ux2w3+Esv23;*O zIJKxT_2D-Xt|XR6WW8)J`6c_7x4|=dRIRmdW@m#5Bub$F=mxXb1VtfML_02=9^9kdw3Bp=AEd$iV3otCT5s%D<^iqEj<{|7hp^ zqB@||utM1A?uAdnuaBy-CQalvx9MyjoJb?klI49#=`4c(Ebo56Tm$5+W6i61JkH7L zw2*)OKz3M+O^;7gg8=5n1e&3a*@C<1y(K+Tx;ceasZ_NTpOt48lXOxh`_UDT7x>2~ zmCiUQ(8yuKl?6)(2Ie*+$akI!bks^rG`ZM!zh!niXHcL$vB+ZPMxaS7T!ENqxT0P4 z2#-ho0NhlbB-UkF(vZ++2-%*i449Sxew~oS^r=g*$!!o>qt-FkLejLzl*trlx&~DO zW;KsLtqlQvRolxt3Ved8ie}oFKpRtHqaSdKm^awhAOcOj3P%DjE*^HS$R2UG4YuQx z0v1>Hn3a}hC@r1a%8MFtL>>ri2%>=VciyQCOxmVG5?#peg3PR&!2G@yQ$lOL80<7A zjyV>Fp3|dD{z%#Zi*A%p`bx3R7UtAHX{VZ9_9&**dlzZ?=JOJKZNyp&~&(nYQKV%Ym}M-Trz zc|VpY)$BNMq6d%7?%HHM_iX$1jf(3&aCJD2cw?vAz?at3koF55k28x$74J801GN5d z=+@Q7r<~t}+Te~H;&G=@CHX|5bajq59_~AZkx3Q3<{MgLbQwPg^Y(*CJhOY*UKgo>r#B9BqW99w`b#s z+#TkWHQH>uDwVR@Xx5&V-(Ar?IcV2ozUcy2fb=(=mCkk50cB1R+>ev;u@cz9^k=_ zFS@qY8&=`LhJ}sDib+^m#oxh6h^1VPfM3C0{qV$kBUF4Q~&-y55ClieStU z94gt8cU4kdLco=ADwSHj3kEJU>@j- zoFgI?$@Z=f*Z(0SH`vEi_>?%{jt37%EwWjeRGp$LujWe;@wUG*I(o>a9}`P)+v8qh1$otfdjPXx69Q3S z^l)l4=}pC48|v&89h2mPNcuNoxYnUCP@mIDfSqjs0q!q?)Q5qe7>W~MNlP*#33fs? z<{sB-X}0iAI7jBpjnF>5@+r&RIByUvye)&NxCg0nyDdh$%3nOz#E_GOL-^_?>?h0y zfLV_@HKz4;mm#J|cX!qV<4Iy%9J zkTi1Y94t2oiqKOZm^!?!rIbY5kxpPo5)d{?W};d%qqx-8a13>&z$iHxxOpjyji=cP z4l2j3ZO3xWj&O1y=Ta#7(Ckp~GUyw=Dtj1QTGyQ{2v!#Gv`+q-2d>oY7i#pH2n#1a z#daEh!)Cma0`O?FwHufV5!^e?s!l`jO^QxtIA_QFFi~(26+YzM?sFjI*Ffl2$jZF9 zIVJ9Yx| zJ~&i^e47^e&Vhs0s80@qcpgrG>|}H#+yj&49!8VH*LuGy)Fp5q8W-{KG*4fkL+esN zz;q|L(H|0ZYC4o~z645I#WNK54GM?Gsw-E9lu{-eONt1H0i{`vX&SeMiiD0~qg z2O+qXvB~>{+)*F77sNN$ZZe?eO1G8!Yq$I{vfArU{r>J*>p%iW(t=71sd06R@pWn+ zEd4Km49ZA?4b0Ogl(bgH9tN>p0Ke#vWzv?TU&h?#$^ml-YzZV5#5m-NS}F(6el|bE z#ObdQR;KA3g>14rBql(E4&-poLJtI$Ru?A!@QL%QHxW26b4&%1kOmTMN{p(Wm`0B0 zfSFIBwc0OVI9Pch4M;F=N;GA9U1FRuo2WgH00Xvc*1xU3`0yXFRtz0nfIhabyZ>V0 z@R=A#&tA7T-E%)>?el9!{nOvxaE>-n#$g7t?>2so)j| z47{{dxTx+n7rW3nc^ECT;B?R(KXt!rg1WFEXK^MPpAjP=v4O@L?&guD1Yb-$#dCo8}FRedi!O3 z(je4w?hY3)A~;|Q)*`cBLwRdKHM%RDpXIvn^gM2{R zmc?T$#1I=){-|3Wpsx!FSUtOAgaei9+6)pg%hn7LVe54hD#>WMroIVudMSfN$WXq5 z8~cT&o{z$ZJ!WeCYKl2~2bHV3hI;G>fJO4Hx!9#kJh<)*IbC*uyhAKF$c@;3&gr|5JJ*6Mg$>b%d)54_&T#< z;-isYMeTK*L3Fu+6ru*{nEp+XrMp4mvt;k~7PEq_l)qRq&ZY((dVjtCi%O=mwTc#F zT@rcrJVH#l|F74E#PosoN0lk3_)Hj|M;6Jo`?2M(qREA+EDzD^cUZ-5o(vBB_VuPWWUymGx5Kmnye#r(9BX)?M)ZQ$Xa~SQSAX03~p7MCVN;Ow2eJ0e7h9(z1 zA{EPy{P{{nTDmlKXaIUF9;P@<aOeO0Ng6>-(c*JSrMN!%5;3L-8l zkCayVZ1b{eZ`BqFj4ZaT|IXs$F}?x2p;mi@#>{%}mmo+v8?ko&?A!j2qw_Bp+ca)X zdxH)94bu#cXxURX>jP{Qiwc9jr$TFSLYFr{itR8k?ElbW1%`4ut z?meHL7tWk{XL66(6KW<`kF4z+W!y71?GS4$axxBJmkp=Voa?&d+^(TGU@pnXN>l&v zmBWllG}2cGyv>)bJd1xuC^xg4h=hHJ-3c>j!xfn#AJHUI{hghRkm@;y4<9oVkwSgucqcwOfiPMtoBm9-3;)H?_}8 zoO3)_0HH>MgKOPNYqwUU_N$@Y@uk5&SEa+Xlfgd=UZ#FWtJfz;&K1H%XR?~x%^X?k z4xE3@JSxYvZu!tFOe|PF`_6N{S&!*C6|Akpx+rVreGFAFx;rm=ym`hJyUW{a6@Qtk z=caG)#3}1~E4n0qL~(4-V~~<4n@quSFz;oyNdv?6uRo)O%%eP|9~vBui$c`% zJY}4qeceR{CcpC)pc(D#xIM8)-s<%NP2bQVb8a%`4yCQ>_GK6Q9?k1`F{!zN zUqf;FyXUU4mAq9ROGwYIH>11|u}L{60hau21aE5Q3Z^O)*mbh$f#Y_}7pAqVdKr`A zOAHPDdS=q>lmDEiwr_|jZTY8Qy4o|Ylaw4YB&jr$SdHCo=4srFts3mabSCbbQOf0~3q?@X9~8K^&}F*6CPr*%@A zCE?uA_w&zUxyk^xkPwpD)FQz^Eg|WH>Kb|sLQk%SU`tguwUXO@c z9vF}E#JR{Ol%vx$Y&46-w8K*Wdvel1h7$RDnzv|Aa-;Axy@8?Dz zpEa51Njkw5!G0Ka8|J*n`<;PuHiCka#y5M4;I+InY%-1r-51BwJ2-R}vaTtOBe^kA5cpcI9Kiv2< zJV_ecjorphW81dvq_J(=PGj4)ZKF}6_q6xk-}8O{%9DBKoHKi7&suA*4>lM*5#+J| zi%{I5*x2u4hs9N-wW!s>OLvc^;+5w~N74KS8OYDOuvkzZQxfS3)K!8Je19vyqkRGNWM!gfXv>1 zFTnLyAUC?pyvU_AEK&4!(2lutIB$5hiSDix>VBMWLYZJRLL;?+E*Cnrn~{5%jg@=( z!|Sy6(Pq`ZtDiRymX=r$$-aZ_!;y{T)aXMzu>hiAR>kAV9!0ACL`?R@rv-T9rF_EL zm)M874T1hiLaYrxJ>H7-i7iRyy{Ie)IW0Nnl;ty!mPPon_;3xw0i9!lki0v3gat-! zAmj1oyd|j!45bpqTN!M}4pIVwWSI$I9SRy{|73XJNtO`CfHp<=CHu9Iuae*%k=#_6~<5u<|PF8db6-9=qLyj^{)4 zv(wYsvNHE@<&==^R!#b+OSUX95dzd_D_amp|qgm$QjTOgd=tZWX3=nxvKV{!a zE>bR%>EWq68Ty!5icUG>c)3SXpBSENd&9fFnYF2Q4CwnK%zpiOvG|Ujxpp-!k`m)h zR!OYN`~<3iyce*r>lBDpJM1F{E5^KP%1~!n%W$~z>u!2>cupsErZxgTjv7gFn%16o zSi`T`?rKEA?xnc}@>1sOkGW}-H&n8YYn$A$jV^I))vM#nbXM2UJF@AWmCKXp&5c|i z{guk<{T@ZcwzD09NUC?+FFIB zcW7jUY2m@O*pdhb@7!LoF;MzP0I$YLTIeu7dn5LRlQArOj|@r;OFFH z^K-$-^@6$xbna*5Z~MHO#CiS7yWYpGK73;%@h!ln(`ZY_^trK8#_LCXl%tCdfg;0d zerG2?r+fXXxJ0;6k-Vd8LWt6@#AKD#GNo{<#R?h`Z$b$?JS}B~Io)uKWHoc~Iy^R4 z#TRDb?(x{V{Q{xlo-}%5Wi_?4YmMfd`6vP#hbuenO&YJOnz>>b9K)!y3eA>fv$m%I z*M|Cfi#1{s_17Ga#}_VeF!1)KzI=$r+JhH$%zFe0(THCu43#7En(+iV%wX9S_^*Ff z%^p$u+cCT$)F^Z)^X)0Cwhu10wER|3HD zV9*<4BaA;$mmq{?4Fx72{eAf7)31c4xpsH6e*OlAN)ISKfPm8%;#_Qxa(=vEn~$7F zG5&WV95wN9ZdsiEQx1c-hp_}dG;I8 zR%uKqZ~}FRUZZi^EO|16+hdc$V%~UC(iXeaG}GaBKcrsoA}U}fcwu(7$bO1lz)7`$ zmX}_{SRhtK3$79)t!{Z)6$eDH*ta;DeZE}PJ_3HOG_+suOF=fW=Tao)5l*W=eANQ^ zMi_k?m1Nc2@aZ^s+5-tdeM=)hy#e4ft(&&5=4VzeLZqdnIso#G?@XD|iaJ+6H$Zwl z5ZANz{2X57C!tDAp23iL1*qe`TBRrwb6qZQwl=eQP%k|&;CAUEC6zyCIgzTMdok-- zSXj6`-VdpQpH_1+x3~Tbq#VW*I-f69kWT;cTv{p?m9k--@p^yd2??Te^_~Hb?s==% zjHGT)0Fn^M-ed0%e+feXp-+DIrRQ!B2?Bx**E}`VG z5bm}Wh%PUJM}f*vgBda%4u|m6fP-&D3R1`IvMmW1rp0tw1XL#H9h&WRABV`zOyHYB zAm#IA2zPK-q)7-;i9wQCk@miGBLMa1=Vuy6!4~X z83KBrnou$Yt#9N@F?83E_tE3P-7^_#C*5Q=C>Ve;aXP?;ENxF!ne;_5V$a|u@1MT* zuYlNATs-#rB5EyEGudCot9`2;X(G)VLRZ&qt|K;c!AIRF&_pyhJ z3G=r(2P4}T9-z3eu)r?B>h;G_q+VS^1MR7bk6JaZ7pbG_3Uc_Rhxcv$n1<(mTtrjk zK0o`t_s4>r*P()p&T$Q$%5ikI&&Xn>wprUF!R(R!*wjSJx}JiyhQXX2r)xp)?40~X z)j>EeRwpi?cq*gzHeU(W-L>}+9b>t|lEd>CRb|L1h*Vmb}9M)E+!ZNxfd zCIn|EM!ype+u&Knzc4$|FI=42w*nz>%2f8TznaFXp1_C^ zOM(kojKnb&+i`d{_ksjUl@%5Jm89nv7YY$&Al@@tTBTqx6%94DRsq$ZuvK(qWTPXquL`RxPzQxEEI!t!+B*I`P;% z=K~!Hb2jy20~Z^k;F3#9Eo#hTfBGMwoi4*@1xvy#<>`7BqX}cp4&DG^h)I_gzpFb) zl;bcU5>(d5tB-Q2L2-S9?c(wSmgR4HT!%PO6+#=DKlO`!--ep<7DCSd4A~;<-_3*P zBK`{`bsW8TyYOIv;Jv6>ujUJZ8$E38sTGG1Z7^OA!?ryw zhNIIXbkhzm3A`^p!eMneg3`h_O?#6y=L?rL z);#}bo9hkhuY(lU5noZw>G z0(u(SRcK>S{i#-M)=WOcyE~JW^_D<7F7TU@7*zMEAJUn%y}ev!#qLug zhS7HY<=U#bsl*imy6OS8$Q21C=WlQRQ7OpwM7+F1snBBS{>JbTV$l$CW8;!-ww-My zA44PzQUCBrKTbBb<9fvu$UZVgMmefe%Y(hs1xp%g&!q;RrBB&32$;;v{s%+zjFF~E z=@%Sd=FfOvi!m}+Uz<7fSu}w~e-Uaj2iOHHgyx?2j!MoA_}jmV+G?+72WQ;4hX;>` zVZp~$-uI`Y#*&J85H)i}b0R8~LP0ggLg)RpxcUwMs)l5#T3at1?X5-I7a`U_sUb=; z>q}M)C5L$d9~fMGyh$qMX>z|mFv++44BqD&3$ymULTnBTM83{b8xzC>F8wV1j0 z0b02JV98wp0c{iXnR};H&CCGgw27BXZ7T;M+}*@Ms9VSpKDfTeZv%F{Z+i3{75S*Td{iq~{O1PNOui4X| zc&a%gVd#UV<--a9V>LA_L=Ts`zYlKm--82}Jc3Pa&FCNdV*88dlOw6cmAdts^SRS1 zO(*J1vvLt-2r@Z2$0}ai!^$F_$9X9QegnPNr2-Q*d7A}D$77f6_>dqxBm(oj43Un^ ztjOyie2T+iDNSkYB3{Nvm2|uLY?%I$%jHj_AveAM0(G^GJ;cgrVYuZ*nGyE%>V~E3 z%Lj(ru$I zA!tMT_?8KcsSoOe2$Sp>->JUR*6|dZ3CPP4Syf)oR&t_@Fatk*`JjqpHCQEKXBL9* zU07W`0r%Uj$A`o`SV=wJpG-3<=rlm4~-fG!Me3%Kr%0nU9>G)2@z-$fB4g`xwQGVD)L}+KAyY$YHeOt{r;7i z&BQb)TnAuGPW%<=D{H_yfl!rz|1*}8uGIxzkl@!$EIbT6jjzO!_SsNiFPOCCr5Q2R z>u_Dm$G8?MVg~(|m~#>pEO79S@F`efgpoNry`CS5$&_|r@RHQ}(gLjBIot$BA>3)>Mf`$_gJS+{tvE~_{XSE3-OsQN--tn7VDo@$B%(6-}R-x1c#vHvUUxbSp7#MPTUghWXYChC?i1?tM zTaw6%k3lkac0b`>MdLaLmKa_t<}D47M3Z^Tg!iU^`)+>kfrP!ODNK~HPij7bT?IRy zCNH* z<~f@8z6xqvXS|pt)NSRn=!tL(tXDPt)PtZe!46-uR>*G109w$7GH>7}K-dI&S}`!j z)u5vUeWMXu{pG1Q23rQ1SbS)wH@(C5x=rXNLTynn5VnxhHXOS-qK4{nsE}y31MV}g z6zF*gdmja54}ukmdE55spF3IT#4gz+dsc{{QjjbPT6$Bx{4=&7_%*O-ymfJm575b| z=`s}z*^i_`HIW38%b3hOQee#_V&GWnVyS-nnA*3f1Z=%RZJi9|<;e^C39L;c`fJqi zvLzkCH}0HEi)UQdb(1a=pgEn$VkGP!UjL^K%%(EQ_=ymPhmCDd4HF+9zaa_xi--tE zRnCZ)u7Ln{=d@b# zJKSeMe`LVWuQ*CijhZWe9xP+c4YR{3c-+XmWKJZoO)nNEgTM#JPP51jrxBY~zG-}a zyyP|X^Yr7XGpR)8na88*Bjn}cdLM&A=Wc5nW48ge?~e&!cyuP{6yACxSQ3Bf(R! z{-S};6XZ<#AMk`%6Vks0IOII6aUMtp__;Z*E8t(19O4N{s0@_AT`?ICap*5?Ynw{_ zZYKs{aR8R=*{{3sn5iQSLnhk7nFbS85IO8tqfQNrbZ_k_@@=2aU6=m!^Z5aS%>Eh# zr2rubRh~F5w|x2$sm{TvY0ArSG*zL&Ls90a3MM#?dYK@pVIMCzcX9WS@VO4rLs`sg zKiAe0YJp&v*btD#i?Dv>lgI5p^b7>U)T_|EvpW<`1qPigQf;tWB&iwf+0nwE+NYIH zPD(eeMlbw?B$ASrcBDp_(X6G4QJN3%yxv6)QG{%Vrk1xD+)Dn>RRsWa-wlii-JrD2 z*=R982W$mc0O~a>zU+U;rn5&u;ro5Q!VFE+*DlJ2hMw^k3nK;zT>k%;lCf}8OO@3AsB{uWvRJLiM(RYq%2~U|KwD?}mDi`yFMQG&OpJ0YT!at>`I@}< za~T>3YLeMps%y6IXYdW3!M|KsRY+Ai32dA{gU@$Inj!sJ@$qD|3u+h)ZZo@X$~s%; zELxzENlAemDx>i$?bNFVR<8y~fTe$lJCm&b92xzS+}zxk;;+*3h&`{buj$0fJy`9k2O->d1oOg!|UD8oP6y|T*%f!Ga>+OkM|HXNXj90 znVI)9wU8Lr)DpC4$h1Me`B<5BOBswo4TF|J|EbH0_u}{1u3(ld8i-m?JA|BGsTIF4(@{6j{Y*B5J2zZGZLE44N6_?OBR>tx}SWBYSu-&PB zl2ZH6%=nHR#~LL7N@?c!i*(@yT)-+}OYADc9f^TO;G$}afV|pp+7+Q@s?n>Dv4e=39Z10dpzP=4V9hd&(X=r8g1jFP zdpQys0=hF38ZMNHQehI}5~~O(oFq??73!VCW|WwUGSnQL5Jb<%vb>oINw5fuae;Rk z%4MyMJ-3PYFth`f2g&7CILhGLa>ccTGY)e6RT57bdHoG+A1HfAqQVVIC+#$ayhII% z0Z~c{jH8jRTS2S}weG}!QvF#(NKeSGNCPl^F=Mvf3Q=6P3UQN7+0BrIen&6DHlq|a zP|1%{v*;L*{5JWj#@PZ#gh^LiIC`4k@ckrl+P%T7VS}b{ZDdqZfpCxCMGCj8#W+Tt zJdgkG`w?=={=b@5nE~P=adxMmu&@Q}&X^u)1~wqd$@@f8qggjg;!lKHo+fs}0QT_+ zoUMC7&rNzl!#|KNoo1NGXKc@0p;W#_S&(y*`O&Fy0@{-t&oOU&)6S# zvQ&}G#;DF(CZVl!n+DR?in1d*i5~L$F)4vY`S|um#T;98|GmYwoVIeu}*1T>^n`+Ht z2H2M?g~(1Q;*Vx+@`&^j+NKaH#I0qL`#BQMBL$d^J#afet|~F%2uuqIyb+qRm$9-j z>*mY(mrPJo+6T}$7JPh10e+>Vs-c|)bkTKjuqX!-_W`a>I?j|=&aN!&)WvVE;3kh_ zPA}RX)_QKmh3N@wQFE_N^mwVG_V)6%U{muGS)&~Ftc4gJ1i3lz>!1bMZ9ZOvb*7A5+#r$mz{nxeV)|=ck%J*swbnU7jjElb0JY>U^7sL zg<72p!%h9HDi#23QDi(`A!$H{s$OPkCf9sPuk9xIj*VqsX65v2%f|B_j#&9^kVEW;vFeDd4)|A+ zhKjZ+c*?4&>gtz`cH#R?u+9Zt47e2P9H7juN;d3f+Dv%UGs<_GjaK!F7}xA@Nl7c4 zOKZzr#V8e!aT^@G&}gjfjA?VKB~McERthh6x|@g^2_X%xJ!TX9jF-`PR#W z;|?b&2D6ywPoCa1YQ^W0>dj5bjxs zB*wG_t`R9HqF@6=7cQoGa<02che561e;wX7U=Dr6jQI*Cf-Wd=BZqgp1rATFXWQ(2 z2N`T-z?I%2uUA7b_>_R^GKLmp-NmB;5{6LZ6gHd%Qs^1p|9L6?M^SAHT2;Y{^!fZB z@einn3RP@iQ5)6EEQZjhQ$sLNsZ-XDf;P17SWDmefl|wz10Zmd@^x;*wclPd)z?QC|GWQ zX~dFpT_Xmu_Rmk8%4|_=YB#Xp*goF8j1{7l{lwQN>Pi@$fFNg~GTPm`8ALx<)dUGp zU96u+lpx3ncj;>pn?)Ite1I5M<0J5Xk^30%a+vD(5?!Nl-?WF^toL`tsdrp;(GMag zf{LJD5fShtAB19h>1k=2xD^>0vh_z6)F-p~0O{u=pXa92pHr<-N%P;gURN=+h>xyG zzIQgP7*hrg-IBreefQaZ%>KA#J>W>!BT!h4E+rQlqf^m80J%QtVI1GtPsvc>&8`t* z!7{Z9$!&ppmnI*2BrEj3d}3B}8*|j)o|B6e>ZilYAS1KO3|wIw`r(OM4DXg1p4VY7 zI$28G=ftHgCB-LjsZ`tcXRikW z?_sXA&L&?DEUucre!z{1ueYqZ5ZI1nw^WOM0T_Th_}*77?@tRGjmE5{IG8QpU)iG! zZ|L|?*b#S~?CKz5jdZ^5BLpOD0e_W^a$p!X2&o~mJ!Zs}I%I%Ajf?+KItZ8+=H?9U z4ksLtJN+g28&6M9Ek$E9P!pvOegsGdh)(PLIj69cw#%gkM*yK=_y=g~9ak}A6jSvs z-)w&Uu2(FkB(fUI30cu}66ol76K|8>8}9DFS!~`P=<$lN_n$;SX*%h+xa0uVYaaaI zbbU%83EkhxCt3H{u35`sFbJxYkEq1M{$ifE8hCYghz=vXiJZM}x7P3&b2i_TY&a1^ zL|mV5MNEb$zcg(*5coVwkZe)iNhDADT5f@J-i*RbKiwUQzUOMu1~L=m7B`wT91>cc z)*M&v-C`GSo#5l*(1T- zxkTa3(%q-H++q{$6ifbhH@8K?IH<2FUX0hHAF@S*@}t06lye2c^-BC6G0#`K!LycR zVd_Iae^_k@%1_vXByx7OEvW^@%WaR7?gb)tb*2V|GV?JWa0#q8HZoCVu!$nM#S6of zNh=aXTWt=vq;GGuT07fpii-m`dy>&GGOF}|0d;XMo^G6}DJd0oR?bCHW6y$FVn@c( zD?_Eq@HmzCMt7D?k!6RKD>vhFb5YZ}$u&UeI48Zl-Ss2uGx9Z$>YnNlumrRamKa7$ z&KD$?n#@6Y-z=FHyV;Vc?l`!G>wLOBqwA0e`ubCOLfr%C=s0n))bNp8Ij zWwW7t0$V20S0vW2xtW+~{NQVmNEL)ZO5J`>!NadCu@?&!+qsG6eNScm*0lVX?ZFS3 zFUGu2^x~12Tv$)o_J9jCTP|!jf5Gh`!2_@(5n;K6{rnu7wIsgwg~9>B#}rN5`wefc z-slL*3Uca~DyUh2=1*0Wjy0TmJ|)D0t`_Yj60=GpxGP5G9T&Adicc3Lp9e0nPo zM-{x^4POV`8$8@oPRTyo7U1+P^536)LBwxRjV<#$NbB!+lrPvAyAUDN!5&5ud%+A2 zRfX{IFlj0u%N#{oo}Vof+E@h{Z_MXPJw)(VPKy|>!yWW}+wn>a59 z!Wig;ZxWmm_ziLb#L6pe&~HXT3J-s-fRR-UdX&w4vALT@XBD1{?{Q@0!#6WOV8|uvobe#ASyvc4J4)mf!S-ZBue(R$M*Zw!Y$}7m+LlKS{+fkx0{z6 z8rBzhT2<{JOsGPsnKAcf7rA-kpNxf-FIZeXW9&1PkLYY9tdYZ?J){kbY>x-5m*G7m zj*G#*$E^z%@-su};n+b^CAaIa0xK~Y2|L5%@a&fWoMzN{Fjfn~ZT#zf$17iwDup3S)Oiwh`g!-K zP8u!ELloxhMLu!uzOYkuvY0H3$E}XlRTj(~FI^yMw4RYv2Q!);KJ2rPum;FGwVXG( zNqWeRK)2KWq#@ni|K&cr2_LNfhiSCm_Y@aKGP04ZKhuJfp25&4p~iK2E_kR+S6o-9 zpR+*k#SWf!3FIcIIk-t?u|?~L40s{D`c=oAaTtGhJ*00hXz$FD-7s6QYf&h;!Kt;i ze15Bg9#+%bi1`KGH@p50r1JK-?zwODSOPnXgKp~b88+K9o*1p)SG?B{c59S)nN5WF zVmTu|k*Tqr)ud2xpD>Je4}7oqtrdFH|>#V#*riJIYS+!q|3B$kO3Mv3ioG{8RG-MMF~p{*ej z7x(cr);T6FBUIu9ZIVt%9J7RhZv+UdP-XrqILZKl7A|^$sx}4$E2{cR@|2JJPH5;M zsT1!?owk8>p*$2( zxFJ}w;f9HsSuENpe5a33OJd@LopCRZnWtEcwr0i^N;$@teYQ$>4UOcEyGiF~i$V>* zVTvL?&-#=S24p=jWG}iabP$;oux|a2qUF5RZ`i>@@2R7cjl=eg4={%C{AKGdf@3e3 zCzl46dN+fuSDZ7K3*r3`FVjNYLjKOdwznG{!%WRtFd;4l>R@YcthLXwTjP-al%_9; z47C?BILU*$y)ad1`K(O*LGl`W{N*_!bf%0fwydB)NQ-?GIa0>+ci*I@ypk4$l~gGw zh2kax_f9}ofQ>?$@$ktgPG}z!X)M3Z#_7T25PT#m;t&^-x25Cx2GfY{uD>MoRH$3R z9Z`l7D?$~Icp#o}?&1StYFujuiDy}eM#ylX#2(sS)zEo5n(5P24&LWPRC9v-R(y5f zyKNp))%RS&=Ws2*PZvBK9D}LurBeZr^}SY&l85>s4umnJ!zkoW@MZ>tn^-4iWoI$Y zYsgly5s72ytu72~(SL$X3EM65iPeOuk{f$GcpZ%W=3JRR4|D0@3yobYwMlwpiLx`* z%-x#MfOsFfyw`Ox!haA#;72B#D&((nUybA zs1@DWFSrzy$c)Wy(U`T~(sFWcFx_kKTjT{4ErpBd5(9IP*#5(|T7C^+wLc1R_VTg4 z_{!?ci-$Ok87wpWh59p*AQ0cU-L#reg?azGT`}y`y}yt9j9J??f!pp)aKQ{^ivq#W zRuiZSw~Yt1Pv2T;WdDgE8!F(Wcr8a8A|=A~_Pgro2dmVrMnB+7I;OZmFp`I0gj0rr z9?CO9`ca#cQLeRi^$1vpg(Ot{FX8CH@$fqh5uX*H5~m{fxw$YpRVySVra)u;%SP{pd|*V-Uo3`KFLF+`k4k=6#9jh zQph)#{vlh*xybND1@huB|+*k{KZ#L zjZju=V;hn1_^Vy7tzgIkY!5kdnR6u}>8eMU^2|3DmbR-D1a{u~uDL?OwBp1NR@MgV z`^!Cl}+%cRWc^A8gpk~{l108Z>=$K zkjP{aP>fa6%C#sis=1h={({P3R8XgZinXIL0|G)`SLf$)JVU=Gb;4PM5$-3P^`8>- z^%7f{LZGK$^>$4IUu>SsK#t9je{G&1N8hpkyIQgZ0~19j65HJqv@4%Btz}AG{uxjs zz&vp4tc+-10XJG6@rB4?hec#^xk!s{l+&2+A@b|Hilt_RhGU-_<7!f+Zl&krE^>+~ zh{a^<2PBXkO^6qN5QmA&$T-(|`rP~9o;MdH1M059!WM5yy!1#_ z8Bd?hE$k(yYkw?UJ-Z?1SGgj{{S--q1ThAk2dj;xc$(IHtBhffzIHXP#Rz|~qEJNx`q{kMIu(8z^6 zoBcvAE&t#1!bLthu(q_Em!ujyoXWNVxlhS)gfI!?OuCT5)j8!0ymwo1KDLVPCV;WC zmGNh@;DMMjRm;+3No2EZ^2I&bziCOc4mvTfsaXkQJQu^ESqhK-;;qyQf6~Q;b$QG9 zBQSN~4Ga2+c=ZSmhRU?W<64MSJRS(_x3Da?l;lmJwdIjwCDY%4me5@9m_YF`ILAr7 zxwQ#aW4)YNNNN>PjV*a#}B{RSZyBO zLRfFMuEpM2iEAxPJHGZx#o3o??z@-T@9${*UOcQMA|NgtChFx3c&T{^E;cwNz;v8h zBN7{P+}t5aj2fT8KT8ab(G1}Km?=5F8JaA%_sf`$0#&T^n!K}}*YIqOs2$u?=4ofq zgnYUXNZ1yWd#QxlxTwIw+M$3+gxHdtil3Uot9LIisT}`$$BXy>tf&f$gY9RalEuZv z?eS>L96@_?(CBQjI7yCAYb(SV-)1Q(FRW@F(5&SL)V?4lt$ha>2*11#aM?Uk+o)w5 z_i4DC*JiBz62d<{kM4X%^KjZ*qtn46JvWfysp=mz>bZ~_nQ}c~NT<9INXIoQ7V}Ri zO(5TQ3wVkNw#zbJGsTNpUs;(nO9G1$?PS}dQ`8n2{&FHI8dj;-TS(782K7uvut5}C z0DTZ%(1}S1duuNgBp6zc!>W5&qG`M%^rw1GoD#)iY5x0a7#W-vPp@;T7^W$HyGv#p z(#O<=pzh48{6g*u5i&u&%=}mf&ZYb&Uo4rGpuZnq8TD`L&0kqwx!)kwD8!hZq|$pN zfB4z5%=qdqVkbU_KRC!2WU{%N+NK@UKu+7ZpP~hTGN;r=(TzeaAE?SwR#h<#gyBRyHIy@d_p|z z^3T0xq=1lU-EPUN8rH0$gH=B(E0E$1JSeii~x0o5@R?dk&;eIr(lQm_F zBt@3&{lAdb<%Xml{- zg;`J(9yWd>Ez?m4z0}E1N&gs2R$8$H>T`tMH`+6F3iLYJ)t&3(ru)W*yf`m60*ecdI zU+LSEhz_6B*AtJ<(wd6tu-9)PrD%==7xgK$2gk+-K%Fo0txBtKNu3tFG27z=K`SJk z!nLtFErFm5*8LNqW~SALw_GqQwWezpe8N7d`(O~0FYa;uoTedz-DstWNEZMJ14g2H7s6So_~vT9!0#Z=y|J+o z(j}T^?|9fo2j3kC^~~|9fI_AZ&jq4F%&1kWw{IWpdG~A^UcmUe zE?*~(K)uA&D`z0gjsy40ShadytyV-|u2MO$ApCL=l15*GN#sn$PVYT{j0Wt5COGs@ zzD8`oGyEYKN5~UxgZ)YM0|h34ucJ;6Z#VCH`u4D`?ck3Tj^jJIdhE%d7v6q39U-*E zOXN~%l*_p%QmrfN>EfPWjoP#qlrfFZMdf26aKm+D0d@D9=&LQ`)A(=4QvblR_IjZg z*q1T;{wLO49v(h2|BT{2gf=e7fT5uQbIT?P!2+go8HmzX5U#2T!WP6S|`fB|i%=!s`{pVZ( zI{(7f^TT%*@9-q#L%a2GmDMO)j_4{*3hzLA@R%4TWCa)seThfvTC!Aon%K!sf0(gd zz7Z~ItcVf2(d@MBD*lgi-gw{6@jfA~J5<%|cU>R9pilSwb!VC;-b&B+!rbicF4&@D zWP9Y9d-Ij~I!7GNx3`=%KDOz~^u@d!&lx;B2`9KnTubcVwzj4`@MCFD9wp2r4~2N& z>p6-WpXY8@ZGyT5NVYZ8vz6%$Y+t;%>*ns7*OT93NXc7}gP1}4+1L{-6fc-}NfCBq z(!^25(Rj0oI^b8dsJ^ma7mcScJh4?dH4QO+`>2apGjyblIVVP z6Y+9kv!$@_hYgA8=jYRRI2Ivd`Wl(J$%^Z;E8Oj=5BTt68F-UZAWgw>Eq#=~A&`T& zzh_v)xZmpdV4Ts{c(o%zl7Fzz9l1D8IW%9~ssL5{h2AjmaHn|hRliv0E?E$^>+wh|IT~Y0SNW{2~IVp!2;Kd{ONR4 zqg?&j1T;s2euCaHOzWA+_P|1) zDi{Cz)V~i0u!5uSoes_rzMV%+3O?yGz zijWbyQo{WY|NXH;G%)FD_tSZ`ljGw!fpKvib@c)VFFS3_iS3pg${wW#YCybn*(LAJ;_uChSMBa0q;KD=6IyJRwQTfL_A@maM&9sEZ? zueA1u-K59273HJvFW*2n3^b^aAS;~zjC`CLT$7-ou1Yf!Yd6gQ#1Fc11#L?z33ZY)#Cc9{(XHqWk@QQY(_BaNM6z=J5Mf zxw*)TzswuLDmCTkgoUAM!Vrd~G^&>z#PU*bRY;p!ijEP!TPD1|g4h_=FuBx&vj!wg zT#|6BzwLCmmgM(|bs?$koowR%&4-$8Kuoiv%i}0$Ym=QY3l$5LP`DAaN{P^$&*rfp z{ztqE?~`g2L3IL4^O-q+t8_+*kVi|vND5t@w7p>O0F#(=S(&-fN}YUZrB#f4zY!w= zt#Q5fO%nu6bZ-M&9^DVvNivVPIFy=imKmPSCS9#$W~IcjoVME~gCVt+bnBB3-@Y}9 zJ4*+tkBaUeiyPvmsMUlN6_x^0!fmOD8*TpczB1SVVqy}KlSSRt%RsF4Zj=T^Oy&Vs z@|A(`Bxp~hhk9)uyp>p@)moJTig0)e>hG-J z+v7)P8K+cnb`)o5oMC-B zIf&!qY{eQwEB)DS}qwWTgAgO57!3dGWx=YlY&QKE^ z7UopH>(@c68w8E$e+j+x)$B1-~R>OULYY@8IKOVpzB?A zK>^U_Arf{kgAD_X0^7>kS|M4}-M!2fpXQ@oE$>d&&VDwxM~~h4wSH1+;IkO})xz_g z6GuAdRIMQ(037^~7#@mN73beW3IReklM~X)dA&h!2n#AGq|>GMnIWa6sTWo)=Fc%s z+YgvwVV+N>Zi(f`uI2H&K79m#%=a5?D z{U<;Ld@|8IT37L8j+R(qaP>5^%ayL~HZrxhXLbtB*xckHlgua&nR?cO*q@_G@%VfZ>Vy=8UaOSk zbSw0VfkmR;=8hjVy{awbY5%@AH|Uf9D*Fw^hFiU+U7TzjoqCmN;jZ5#y!PYs55@z5 zm43Tc$QEf`(B2tw^jX1bScY>AX9aEL7!sTNCl%+?)1D?1y$D_5tVyZ=02)tG+}BK zNOi@kZm>!Lk0A_=EUr{$@l=1l70y25QhBp!44} z&zYFU_kWIALRzK;{ohF$5@j!DnZRjTfRBfh7+bqj6FUT%iUS(M1VWT@*uVQ4)C~_L zY%#~_Bn)od1gFG89>;4fiMJW2C=9hQavC+>X(SWu=I;h1`3HFYFC%k;*K2lcJydY{ z?3nCEMP)z!Ic)Qji|NmMGP=DU3IM^CO1M+wotYMql`fdYg{ouNv_ zD0=6Vi2+Kak7OsHRjjV7H7{?cDwOnbFr}aGP>$|b9(HsDZ)kInmgY45FeTOaW!w(A zOiY`|vZ4*7MU>(S+dM^A87Gw>q3TW&+qJdiNMbru*uJ3(GybffkAD_YL_X2dg4wfu zW3?7XFihafPL?MjrqKwN__xX5^}+$;nuKiZi?rqPb^Ep^sG`b-K#9{<7D_E;fy;q( z(cr$1R?YT5wMj64lNB&h&GIqAz0k%H6C%+9y)fXg)N^zyBr+IktWxG>$K7L3!PH*z zseOedepBd03Z(+uTSD3pUORyueUVz-fq2ZDtXag(WR_Nd4(Xm{7bj`?m`zo^qlUTd zH-GevOuIFfCO$%DYo7jZm!Z6V1G!&Z0YC+Y&!@kacpd388C(YBEUA3zmtpzqkr`v9qquRgs2|D1Qyey@sf_k zeIxvmFZ{0hp&%AL5eoy`1tGv%0eO~Kq$APPB-q*cJDb1sHSW^f>j#gukJh)sE%K%# zPhoGRJ3%rH9i2a3AaHo;a++g5cH^RY6a%i4%z(v)xMTf^ntkKt^J(OQ*NXu_^E3Fj znd8J9tUxHJH8ZPlvFVK>=DUF-nf`8S~;FaJ9BJ!?>MihF%RaVvZ0HR@iX)*1dN z>TiqV>s=hvp!G?>lj@33dxvc>-^h3)YyM~&3!1lLVpyfFX5}d|G`Dr+(-!QUUzTkD ztQvK(b>_V%OFIe2Yt!%db(|`dkMJ0B?C4HR%U@(td13fDjROl4bAIst_iu5n4wJmx z$)F`pzgG-H$KSVhs9A7QbywTSX3f(j#Vk$r;tmq&4u2v#SBf?_JFyNjnZ&}NXgN0l@Ii0MA}HP1-oU+l&H7l6NXcN`=QCmXntyFSWVS3V(^#2yWeF-}d@?>}cr%5^-*OKLh97Mx@D-ey*SAh2@dL zk$dz1E9$(X;n1QrF1UJ&Bzo_RF2W#s7b8Zm(aRNWbTh=LVe~ReFiDIE(MvEqw-`^NLJQol8>MI~9;orgrx^7V4s6p&< z?5FPh#HcJN`H=1@R;3b(o8ZRVR;6{)R@c|kdiR^kU%7_-9DbRm#M4=IR`*R>tJyvp zz>F-f(GSCF180x9b+e3|-p)f`#|sUgGFIp4-27nW(EV-@cUBCX7CORK1sz zitbZjS8qKp@O!vr#Hr?uI?g4!KfThJspkoa3N< z+sA)fwE|@*cXqb-bM5wbGs2BZ=7KJQg#mWq#_W`J8lTs^@!3Kl$-QX)FS_n1s)>h) zPeKMx_26GgKU)Hbh$bA&vO*tw)7#|n`&-}=YeG~>#$<=4$yTW8SNW<%IdMzxIMuJ| zXj&rJ=doZ!u=?U(!$>@VNl1%&rp!2BGx}-&>lXqv*j?(c;1?L{Oc`*g%N67RZfn8$ zn74;WLxG90QYfQ08%_TET7A<)ASj*f*SPI!#z-{V;AZB#itw#%e8$Rz>q=?}fMi~5 z7u-g1LGCX?G;tC5P+qiv!gt-gt$uIo;9lJ|Ze-=?U5b+5l#>!p>j&T@QLD1`SYL2(pMa4UDM` zN##(oYq$!8;XU^=3s&9vABme+&$fV_{Af-u;P+mP0RWk%n<$))8%vfO9XEz_tNy}v zL5>cAGk5wy>-9sh=#%Q}Bz_5>a{Aiq44<&-k9ZG}&-hh*vvF)nGbLnQP z<4`N?4|FjHTiSQ{8KBtoz@N+R);w|8J1#L;(ix^6+@%irWF9>#C&U50vKf6)0f3f|zP=(7#G_cr05#yxaMXD5cgzE0bn zO@JRqM>bE$;R&=L6XuJ2(3>^`F}n#J0B+~{-U?Be()r0ik|8hI@NyBSqaO{tnvF|R z5Bu~cif#G;4!is;-tO5P{geah+xZaXn|^PfGrM}726(t`?-`ezu&BAXPF+MKOR{=Z z(^eLmtUgIJ%>lZMYDszGapeSX6xN(#WWJ*?aLa?#|i!%RhOA zihfR?F%JkrzR5W|R4E`n?uM-!ZVmx*F47F<%L5>8i~i~Tf0qNzh0Q{v-YdYYFOI#&r|yiC52_GU>UNy8A5|-x659=O$wr~^6Ymyv-zh$eti_Yh zAdmk7PBxJ?r$~7YB>x(~sDQT_^pGmkk4gM37ju1)mx$+I+jJ5qR)cQDRcg+4fP?@> zyErNj&O_==(hw8o_z#lg43(W?XBn`Dqk-^L#_l5|6?}$^E|3yA9!jI@qtxn+39oAV zgSWvFP+}94^z{r4Gh!0bhTBn{cJm1(C3#qC)XmjyRy}OS3~UYFxzCOI^qXO82c{Q! z_$*CdTN|VFr>h;ZIY{0#y?8ZabF>1zEZ=aQFEBg2P2MnYHbGR{+6$yTJ`fdkTFe+3 z38ZVZY~4mof>G#? z*=|-&J+te2{`%kx0X=;qxJRfnnTexc6wlU@ASIIS1ohOw*v}E|R@S2*bY~Y4Z%Yk+ z+MzjAZB>Q-PE@Z67>)nwlO7UzlSy?-t8WXA4t&(Kwb8H`uBvCMBr3>{Rss3AM6)zsF+2`*Y4VG=e&KeZdjy?Th(l^s#7_1H$vyi( zTz+6%!euN^j$F#0QPWu8Y=M5NI#7VYs#epR$56NBKF&T&y0X5h@prrFG=^tbF#poOFVx zFPQrLT&*kEKtdD@%lcI}%h^M*jzs5~hAn?C3BTg&MU&aZtGw?D`!jH>DS6-7ONzb9 zrzYh7J-u&<7%i&FY0P#>L?BFBZ!M()%|44ff*><}9MDoJKHi1N2>SSC21_hdN}x+Y zLp}JkNNzZ-0?5`|6Bs{E-+|}pzrb#zQ zqWJMum(o%a3=8XMkAD7dA|mrBzpSC$P9&HU=|i>f z(AQsblr)U{skdJdsCQv2zx!%67pR7X$V}kt!+*+V8t0Y7ss$k)jkn8bdlV87kXz_! zs+kVMva?qz08I0Fnn`^5d(0TEF-~RPCc)8iShCTO_^5_etDo$op#zhxr=XYn4O$CA zM%>!mU^9^ds+l^y8tI_=F-}#;Ck#t1SnH~rLQfcU~_2o zh>AMK466c)Yzu|fhGb90ZTdz`3nb!?J~~zPXkQ(rod_{IbI><&6Axx79V~l0+;=7; zV`|nh4&Lw^?hR}7IcVY6aCk%(OWe)E%$}k0_@@4HU@VgRHg*pQ-Rtn41H&y}&4#DH zp{$2kG24cS-MUKXN$ZbJ7q3ZlrZUe-zfF_w8!5Chu@|fID@CPrXWTr9u*93M_n^ zS&u#D_aikQ>M9RsuL_Lne~)8jLM~&>nYTWFiCbtV}HZPkrgF zn7*8t=gO59DKEbR8w1i@?z?!2f>=f6N$syx!2vQq!u#6FnJfe7J~eL4G^0N?X^@j! z{WV;Y6FYeqlkEZYC&53Zdldnxt$DT(gG*v)u4ZUthkROHRc%@Lp4Yl!X3>3)6uNj8 zX|Z`dY*kRRMp%N%e)fqZVkNy$CD8hK|7gQ8mZ+9i@&*^(8zZLpv-Ns%+jVOe667so zF1auAWQY=LcB~h7UtGd?9<>0~6j4^FV6X}{%dB|&pme1#X64#qA=eT1d)6&%hjjO4 zbII-MvFZ5C>KHhXoHmhRqY3<^HmKEGxe~~^?sxd4c(v2$&x?RP=Ihp4!ZFJDWOMgW zZn`)`K5dqoLEvdoG_IWUKm>+$r!s$JOR~#eber!WK0Kt4oBl%K>Ajsk0T|*JR5Spg zsxpH4;ee{swOG4ONtTrC+wO&9wM5VOWG6IEOY~!KuRC{VvaC0XeT_m&JOH z{g_7|k}Z_G<4)cL3X52$U&dl9_%gqNh2>;hk?^? zEFXox$ak{moYmfU)OvcMJoKe)j9&E`pkq7{x7A|dt-9$%WJ8Q2_Lfs5XIL=s)*<{tHOVmr!kTif0 z#u4R}QfHVgBPM7f?Z{qGHB#6Ii(s)&Rm~T~ymFs-p+~4o?~!N>PE@ueIIX5d!~Jzx z){6IOA?{1z3{_yVYYPBF5OuBtU}fJUe|T`r*iJAiSyp|jB(&wVL3VGPFY~Cj&rrb@ zC_TutwZ5zhsyc1OMi~k=s2xyBEw7P8Vm#UY8%C7eR}JX1N?^iyeDL5hvnbu z**z19iAfkgeZad^MlQd3B>Jb=uz)ri*O&m2)=r-)boLGiR0&!H4zw~9di`0srZ!-d z4A6ZaFq#8Ppzl7{xau5Y73(DG)^DRXR>!kp_<>tnv=+)};AhIeO_fW;&JIL1eEMVBW?EMLAcIU?cYcETzv6j5AZRqJ%{2jLnbeQ?cfJJk@x zC~Enk>TTSuUN_11MoF=(k4@Hz17S5cmM23h0A4Eu@*v0Q@}R^_p~X1y!i(sbr#$=2 zft}VnW^`S&2O=pBUo)at=(yMsmIcNb|IcFGv5T}J9L{x@-LlJi8t+@X$t^@(sf>UU zd&Qw|2z_)q(HT54wtg+3gu9COm=%hDw6OXv$7vI?8((Ua$WBsdI4ILeM$78FXBa3O zoT8X?NPXaINi!^Uj&E2>X($A$iykF?cYoSuW`WET?;$5^qct$JPgZnI?R&l5Z_4{`5E#@wv^D}1`I;m}%)kK;?8e`@i^Mwd z8m*I=)Fpb65mUpzkh4Zl5`UQfKRSQQPvO7RZ`o());RjVvHnw|`$ys=6Y4Jb2bliH zHJ9UV>D4c6nV$3i*SMpi{%TE#qOTsQSU#m|HSF>|WL{)r@-< ze0BccGwC)a`*zs5lO2G%)Bl(wZr|+Mp(Cil9*;;gN1g5He{7(Jr)#RtFB>Z-Ci*8* zerP2Y;I)K%On>~Z`&QJwn5g7#BxJZtI4)MC|2d{4bFIZ;k<}T{m|INyIwII=*%i+#WqG(Cs!9 Hhv@$SDc~tx literal 0 HcmV?d00001 diff --git a/running-coreos/cloud-providers/exoscale/template.png b/running-coreos/cloud-providers/exoscale/template.png new file mode 100644 index 0000000000000000000000000000000000000000..073427f73dc4e2b8b8932c59c0be9fdc723fb8cf GIT binary patch literal 34944 zcmZVl1z229@-__P?izx_;BLWP2X_nZ?rsAF2@+(`;2t2j6WoFZch}&-UFIdf-T&@B z-#6DaGiT~_bywBt(_Qy{YNAw?WzkXIqd-AHp#$Zl)S;kYbl;ALkPzNJxpQ-yprFw3 zZ6zgDfs&FGs&39!whoq1P;yZzX^5Ih!vur-OblUR1fPSGCo?HJ7i0Zhf8;d28v5rS{gDhs`@6uJO(&V2s*p{9%b|X({YtM zJmzf$rP^SP45wF$1GV%VV5*si$wkQ#1$>01I4?wq4Tg=$raO;|MT3RtuCGOO)~wdx z?LS&~LG+XPSA{-6$pLopl*t5%FOi{Kl$ylSF`@Edm(hRkqV_)%)RkkQzy-?@xMw6c z_GeL9+DEAkU7A~FaJ2jgD6ps<2(6I&D%zBkiT{o!+xo=D zNc>vYK}W>EWZJiz%(_N`s`#qGa%E0q5Kq*=u6n^4` zeqk40AvBQ=lg5E;*R)!`l5O2;DNq49$LDuq+{6n#5#{wJ_%Q3Bam-SV2m?*tPzMsepac5%dn2E@W9nQ@B@=s`}izma!N1wig z_Gav#bIwhxv`_}}c^s#iUo4@z%f3NPZUoj7wMVSjlR{YwEK-?<%tpkJ!-+vhyI9*m zk(xj$ZlybfP`khyb(4n$BVobf^f2=sA5svP=fDyK7w5f84)rwQT14;)>BvJNK^PPh z=0hLwp8?di zNaWa*s0o&G40X^;5hvp1iN=Wb#JeSA=s*L5)c7;C=EM|#rWF)8F zdC+D={4NMTaPvUdkJB!QoD{eg@elbE8SA~h*= z<}dY>C#F-Qj-oN?o&qp&8Fy}l24&lwN~+>W!rN=oQ9vqoW__Yb(*Re zrC39LO}=l$!;*LpY0qJAZUix{!6 z64$HcHF?y~wSTFyXbD#=R|yoA6j)UgeEXnNDRCOBj|pr3jw_T%FSaq(Ja#2k1-F6D zM`cr4mnYv#Vj=AA2zRbyw)KeSNOsn_3^Z+GcW-ZDSFupK;8Pl9pJA^&lU3NNaaHhp zQ)({C33mxsftD=OM+J3`b0K;pGJffJ5{x{bQ|Wp}dG zk!^;(zOCO(tj%wSRNJP$iart^Z*~>lYW6Ot5Pd%Vb7n7H4`nJvx3B%Vn*3!eV7o&{ zJrh0iCHsLIlzPUx@@7B&B^S5p-J7J3bf8ABn(?}I>%a|}0owkOp^~ZJjg_q|D^0z( zC8WPtyPawcKdmwOqxx69C_f2ectnRb!Tu(#{5}1adxX|bT+^Og*w5>_ z=fImogu~wa&tS&SXtT^6ydA54t-+4?yO<5EjU;w{Q`6o?sb5k?W|BAz46L@G>2nXr zVdl5H372#=p`BaBq_6JQMqi8hne6AkE=AYt)yLD}f_IWIX+c)fHH>zn3t=X(ior2b6KjS zAXlmbo(vuzp8R+JFMbgnUsjOQiqMts_us-yX!OsPA|koMUA`gfp~a|vgnn$R^+sV?$WsrqTDDM3cRi~?`0Gjm5lWQIvUN&+i)ma~sPAKxE4Ro@vH zH;Vg8Zbfu{(cqnTG;?BHy7sy{`K2>*GV0}+?||)i$biY@ylB_rxi&wsGTppZeqP2` zXK4RaetPEZ;^lFAy{y-!;IDI7rPAixc6Nfis-a_Rpx2bv(rj`z6X^P+4|07i_Uron zI{jjdagKSdDXrD0DX67GJ}c1Dgiwh+hend&TDnuSu@#{|x-2aFPF6lXw6LHM^qTQ} zd}^LQm=P~XUM+0uVfF-k90m&%IT@{~2Koi6NSaCRmnCTY`r`D34pjem+HKo0gKs@M zULmZ&-}ZcR(Aw+XrxaS!b7i~#lwr-g(Ust`Wi{H6dK;5Z$YzYv;*mescC%`EH~Ou* z#faZ??!oSbXVBi$5yO!VZcGs5o&h)R%%mt_L zjiYu_|0m_U*grXfS%MR1R%?Nt)tl=>FEp4)nDS(d!p#0fH>H=D^`ddte79MLH^+|t zBro?tMA+6V~~3;{&EFhNxfKi_>o4Fya?XE%I#9rl4rZwS&dD_4NKF zo0akVu85#O_6%VGMiXQ`a3K@|Q$_|#_c1KgB+k|n^!g4x%JfrO5yiA%VOY0l?R6Y2 zLmU*zIShptGL-3gY#pvP^^oR0i%8I*5A^J~Q~QX#QF(SHHzEGI84|gS?1l}jm>t|^ zjEjed#o)m~TA=EQAykH2@tue(WiQvO6FNtuCsPRdXcyG;zP$?iJpt_-PC#~%({qP{ zBB1&Eh6btw&Y_^7b8IzrJ#>{61k7FGi4QZoNm zfBPj&W#i%DBEZJx?d{F#&Bf~MX3fUI&(F`s&dJ8f$@12M#ogD*!_B}|mQL<(V~B8aaIp*hqwxQC>c2z&kE-5(Re3r7AI<+c^KVTd zw!a?yk4OIs*FVy?c!{70vHd6ZA}D*DNc~VyVo*RSaZMlSlMZVS!zEvud&>PRcUl-A zdy=%a8lzrM6Z4W~S!EM*v*q`_S^J;2*VjIkMx*s5`zqCX_9uVzgjt)d9TdD)b|~~x z_flDyl8YD#zNb^eBt~VqBaj6zJ^Ax>_fbQ^z{!auY?S%6-{tsEuMys@2HxJSxrb_F z^@mcLAiaZ$2>#bscPAxQyEBcR`2Pw1C65lqW`2@nheLyw?8f@%%On?@J+yHmSl{*k zY1vcP^`9nxTiy~uQ|msVmEv3f&mez0BmV#C3~6ouvV!kly@wFug+!EPa&m7_i;I8w z01|huHJndHs*tl$P1pRHozgN{#G>(#gH-2R6R=ei_;00OSS=!thKJdwsV74?dWn0# zz`9wK=P=Y*fSA#%Y5tFNxkLA%{b7T`xB5ywe#}y-|Mny=utc1d77_~xD+w`KdY-){ zytt&qA|s)Ky*iy1UScSY(hBW!{DfWMxK*3^FcGS;#*@qa=aOj!dDgXNOuT{Du0UBPl*Z}We#{A)-K9yAyB zBPDNFJ3uG04ZzK(OXJ!#<7M+VY+~IM?3|pm8Z$G?IYUE8Km~;q9k4rqkDlIS*#?~h z&PW?B*5qOBK^lu$pe|c^{8rFB@*hLt2w;p~zl~mwx9M;=N+f8KmnFnbyudvdZ4%>L zzdKv${()xyh4Ng2$^_0nY2|$=zmbGvPMT6eE&ZEmNC3D+mD(<OAnD-n?K2+LZDKh%f}DPW)@e{f&}W ze0L{S#aR#pY~TkGu=;QV{@Svr`|t~N1t0Y#YCSMU+nt%2c?fcY2%^e;n58Q!Dm9Vh zPfD7(`~?b95PA6-ui&G*7~%dW_~C3`D4{7b+wG#4Xm~`?`f&Z+)m|}!mi391wCbbLhURMH&c_>2a!ZSDAO{@{?GW$lMVni7 ziIGw=D46r1*LpK1)8fQE*B2I!V&+?;N~ho#&- z3lS-~F;fKXf?fh2q3(uqs57D@j@!eL5{=`@V$kOYH!JOnr3xWJUibp{m-)cTs*ZYD zr;SRjOI|KPrn7c$L!ko_-ylCLnQd3LbwpP(=pN4ysr}m*Kddq!)=ryW?pkZcqs$@s zJFsik$9_L$)&wM@4o{VqK**zGN3PJq+!`WhAb$4#PmI?5VkMcupEqZHDLq~@fB<+; z*3c~dxAio{IvxsHlQ(CD<688@+hFr`cQ@I?%j;}7us>zL?eynUxOU7MLQ~4_SSaN= zH`Zd?b=@-KotxM3)$AR=-K|#^BYSiib;|e3m8XckxAZ{4$cXGH<|C5}K~Z60p=3c}p&I1J`}$OqNI@ryeQ*-Rxen$f za9W(C>?pAv0}TV{t5?h2D3rXo_>QJp_WOtyc2Q_j$Wj*35pia5K?U51RvZ~!=(C&d zQq*{L;dfa<(eiNaLggI+T@^L)sXS>_)790kG%k{aB6v7?p!hSMZ z-&ar28lsM-{bZMy*BKu8mnd4d%AK}SZ7CiyGcppNR~?cGskv#|#8OyxvHF3=*r0GBInIjQBTZ_VulLC(Q*+3R`+xGlcU2=b@OGuj2CyNJ%1N=7MK7p zU_sD*pZ8uf=!v&s;&(lHto3a?2a*Uvj12T6(XI1(kU2bT>CJxTOL#TbfXIgT<^gDo zv-9GM^YAy38(eT=VwF6>%=!Mh0tR%6rQR~x31$IXN6<@Lz&0-VTo2JqYddQ;@AwMs z#&eaT6K@-avyfny>`IS2fl&b5{6_SXOQojaD!GS~GQk*cqPm`137Z`lAke4r-b#QG z9W4fxEHM3Eb*)o}>CWVJhdwg;-HclCJz}Zmb)UQvaGvx2TuDO7E;KqZ3NgA|kN>k2 zwxUTCg}Vy1qN1Xlo7*LV+kjtz*mYf9-L3S%r6cd~03Ti*W%`)926*?R%zQddIi`H- z9TH<7UsFF99hYS1)hBOL?W`1Tligls5gdvStdm6}Q|~!gheji!xD@fFGw8UcHTK4$ z3a1h3$)oV2a7WD^Tx*XzJ-FfP)=~GBhoI!HKAstbgx-rOB~+0y>U2=ZI0)i1VQR`D zlqXI-UVM^c8B%k%ZyTk;ZQ1V#ge~7z`(?gDoVikjbH{@g<8d|?JZa0-jX6AK{x`AcO5QU%n0+ymn>+(hg4Y5-qB}} zb1*m!6Lb%|OgI_K7iOJ0`ZD>r^%?gGd1G@dDxjI26tV5OwflY|@XrjmZrQjtJ~OMA zg3MB|uAk*8fwJ`2+~*q~VW{b~T4Q5Pa7DRszG?nZ&J?0O@=n$dX_(RnHQEgoR?$(* z%!sMTI_45<64;qZ&+t| z65u9kF39BD1*bJ1Jcy<99++`YVHoav@I@s+aYP=)^-n3DSYZCNRtzDJ@gL^MAmH`Q zHtHjn=!@$Efnwr<(|Te(UA*J@;S|d4A$b!Ef{1!1JeWBH^X~m>-~^qtx1WD zcI^W1RyJ?UV8q;IpH@~0z>yTvkPV`LsZ`fD$n({;2C8+ICut7KRh8=3RdVBk`KBxs z$t$ruY#fZ=S7l}s19_spHIXj##|a7rY`iu!2HwWMUE329=-V{WJNMkwjh8jvz1gyz z<>mlLrNSj~*Ttwjcj+@^&iEz!7F{tjZvV+R=(mQ1nfu{1{=XaEqLcaAq+F!-y)=o z@rvif)EFR6g0PemG8fRuuvzhHLOK3mma z2}XUCAp*qq^_k0KdEg;(4onfrssOYrB8{!q2m4l0aLKYEW!sZQkNGkCyW$$(J*eZ9 z_tCiXFZ*BwM*YtVjaQ@tR3~}aOLy&|NwJW#l6qS$0|E2^6YjOTSf+$Y1+g$%EZ%sG za4V@tpetbLu}oyoqWY`P{b3*U z+WEX({Zg>n8i>ib)Rll~6oCI}Ozoj#!(T(>JOuS}{^QvY%H#gVW2Le51}+sqg?Ea4 z#xQK*qU*U0A}&EA^?Kyo#k%n+_kvFJfkW%!?y=Kl!EvQq#>7}D%)fQk_-T8hFH84F z8dZ*+QMryrLiQ5>Jz@rCvwHLMjFYE9V2eaoIVwUcB`|L|uBZ@39!tqX)B3<#n&-HG zit#j=RZP6#QWF|f;gCKso?W56y?Z1VzAY;;5Es4|bUw%R=t-s&0^rmPD#g;?Vp7QX zQ;MZkh*54p_Z^d|wvgdsx3=#HmH<|iOW7A2fhhY3e?`K5GapQq@GU^6vRvKwyxwfk zos3op>{zbH!J+2%dhN>dGQImzzdeTzmC*`+Xq9TL7oej#R_dYlAmF);B$G@$*GJ7R zOkTwd`&D1nZNNUCoZwfErgT|>-rvk=KN3pGfg2yptYqeLo4>$zRIk$5T3Gl|cnayeE1_i5P%(LMV!2kFX}8x*O5$jz)r%D+-daIVv3W_OcO8Urtexk<~%-pqFZp(ag(c$KBosk==Y8nQfVkD)Yg( zk>~AD97(Wj#%o6A$30m}ob$%+&X}V)psu=;iAg5h#;pB2)lUDLj7Rv5PpD{!}o;iyWNOsaVLR+fdYPR(er$r&(sfFtsQU~A`dI9EmwM9ZHdAB zSER_upw5u}@)2Gf9UQW9N!Cf%b$A_FulXN#EqW_Hzqk(_@h`Uq_lPgu+EECj)Gb$k zkMDEiU+t6gWq$&_rSPBPWmhxw2d}D5xlRAcJon?Fd{u326P4d9ZA&eD6lhMG4HLK_ zk@_5snc_!7DsmD9tG}NlO_NmxpHu7!VS+I2ih%>KMn*V~&cUodi12>z_6j{Pm9tJg zYtvM5Jy$-C@u9t^AA(lfO7ZI()bJI zuT-r7e&Tl|{nwHX3JK3c@dmR(Oib$x%+D)MgKT6l(2_M6Fby8d7P4YAG38i58RpKg z6{c1Jqy;BO?!QoW6Nq*GgFiU    eoxn8n&Iy636S&Ljlbb`r~m&4@?Vn}ov(Y;(^ zY&c>hP{Eiuxd2E&K($?i zqw%wj=r`95X|f+uHMw`yse_4$iAUdW^78eJx?GH^cQQ8~$fgl@n1+QKQQo$TAk9%b z2hiusvroa{-I4Z+qH%5(inxoSY=AdV?dALNLG{A=Z)W+|>w#e0uX6ry+UQF0{93_|a!bQm+%jlpy;_2UwaTGsB#-kEP^{i6XrI?%uY zy4`ry@6z41STIa4`Mo`GB_E1#VY&4&jrDjI+qo-Huk)p^*;8ad`@VlVKRfP-QSU)> z+^^K+1yHr4kiPFq5>&vgu^tRO*9p40Ix09fhMbQIP4|hH}2$VI~RvI2$9Dx7{Z(qfqys3o&u;_^k=FiqKjxuD4;yln1&WZk{*vudB`8 zE2ng~LO)O^?l58jB(7JEj{fu{qoGI7VUH!IBX?-nhdtwlPQTDSx!R z%N-!@e_o3=x;;XAy+jp7HD3{L>^#`Zo3SE#YbMii{bT?0f?P%1bIM=uKnO*RF_K%hWtORbn%Xik(cpU1J!65HUJk zxN-ixB=!e{pMqROQIUcwFp~9Tb7ViS(gEQm0wqha$>*z9wgJZ_hpd2p`-Y3kcq_q2 z`zc`do{v%}(|0F|p3)={9pbdR3&&CI1@U5L?%6hN)|H>+u+?9mG7TeXYd~+~tl=%Ni-wrVIEvN_Jr*;lIhfgUnQ z@y5JiQUvXR$*`%vfq9ja57Wjl(EpN;K2=C?Ax4J2RV+0lZvqp+H+IZ16ho_Ga!xOp zm)}wCe;G@MnBWH!N7VT2f0luNQ-UUUNbh=d7` zJ4rID-#nP6we!~vyXdDR1M)Y>7Z>#Afkt&4%ta&iQJ>GZ2R>k8e34@$__QbN=4fo6 zeEJ`jcmfMrqs9yRjf-v&@;MjNG1~W2-`Uxjo}A1JvnL#I$hdYog{4e%F%1fW23U@h z9)%X#Bd(kz*tCe@T>eQR#)%k^hX4K(vN_H36`s=UTxoyW{ggT4@KCQcPU{bmzz@IO z-`Vf63gis;UZ?$eJu0h?o9!*k?BvY~3U@n>n``Y}{8k3(Xj7y(&Qgxo=XUi7jswUC z17RiIj*VEfo6pP}B8JOsTO;rfzutA&H>Vg}N)c+;LtcxST7u5>P1k3s(0@5{Mju}p z+B?8lo_88Z^T#x;r+pe}`uEhBfd1k>_vD-MYw81jRi5Gy}GNbbO`%Abuvw+L4hF@YK{)U`LH@ z`t8rW-;*cOS1U_NbJG|&64M+4AIdzZ@MNh{Q*vlGUV8Slrjr`xToT*t^M+)(2l(xYqA{ zn#_s{64K%EaM6qlICz!Z4G$^xgW-IWVf^fT%tVJ};7`ZQtmoj7#u3NCw;Mi(0j3jH zCbxE{YGo54SF^jdD-#O`r(%SEW!nHv7a`^Bbi~YW8GP{2t~>#LiE&i8z%adM*G+UOtjbF)JLFlm1$iC{7B8Wi~W4lbdDKvtoj&-_aB8x5Gsr5)+g6rkLZn z7C1(I`I4BiEb}!tJB=M}m61uI(b!bqx$Aw=4ZDi2ZmE>4tevj|F5>6Y(=~N>8ZdZV(TO6J9Y5yp2L8<9&MseT#vI=gm>^&u$boZSA}T z14-b0u8wzME%K|jGu*2!;a-QUeKf99%qFY;i2R<*D zZ$127;Un*YcYg|xz3RzzKI4->xZ?$_hyXO#mQ=vazEQe3&&xr?2s?bG(7VX@#g&B$ zTA3c{Gga$9=&HNClz~8%jbMwN9`n+$$DQXyIR_i3w)+uV8rFbrI^mh+s2YciO^=u# zi&L>Gie;Qq@P{K`1l6?-N-e%%x~PfgJOaOntC_uU6HZU9!KZSCy2~<-az}?%Rdwny zGRZfX7eMfaHJVg%Bc-=xrAS+OP8bu6 zO3!_&?L<^tR<#Yw`!r^o{no9}RTy(~_(!2?@j+p(C)A}j^_Y~cM8uhsEKjC5by-g$9Q_KX;|uk8<|-3~P~Gx;35E9Dy)XMp<IR9uf?C)h^ z0cQ;Lv+8S?LC%`Pjw@v*h+KxD3!blj>> zR!U;k(cI=a(rh&nznWoLQS7T;J;g`O@x`(l62iqqTCoc=#4_Ej^lVI7U2dW}a{vbu zf|`5Cg3LgyvGBBaw1_b`x_WDWvz%Z$S?_sqS1Z9#>cpuG`d$_Fpj6L!54c*#v^ zna%MI0Z-D+`b6X_pCHe#7G|}NSfzYVq(^ks3PyOJm0hlzr0ZF(*e{Y)6Ao0>jzUnl zQ11}Rxd2$2p)L|n`P>0KidqajG-`Io8QiQ~T++z+PYjQa;Piy#-MkIcEJi*eTMFQ* z&1f`E3fwhztTp-VxhbItP6qsg7$hPnm{AQ=BpoQ(#f6SD@VL}m!vbIi==0nW12`Cr z5Ir?x7ZKg^6y`qLkqo1yw8X}0V)b&+@IBv0SbUa>`DB43&8T3MyB4Ixg``dp-&x)T zlB*7fopC^W{msq?Agbu@PD+iEo}Gi+%Xy)TB6B^A=(6X04Co|T%#DjzIlQS8-rCAP zD3qLPg6`06ihr$d_0?O)%xvmV@VW$IAt9rr{61U(lb~(v(EnID$BO?t1B9sTf#E4B{TsJjJMfy8dm+d_}B8Y##r_)tWBd9>OsI4&cKWVPptS6gm)A z%N-+Kj#jQzE<$~aOf@~JupGCmsU%ubE7l^`B78SWDx9{N`8rKAK`xab?=d-*;7F_< zp|eyo;cdyiZpovN)$(Vw16Uy2FdbWoG$p+Vf15Tn%p!{zAwbLr1UQf%1CVz`K-{7w zea?3;$IX+!ZTWpKYkq_Fv+Y&C5uCef#ut72WPu#)qMB%x`HYQp1%W8!522j_maiLT4u@8NJ0a{X=nLDNwFUk28!?OZ|kt~W* zt8KBxhKS^y8go(-uC`LRDx5z8yQOMO*rx-IAhNJ8=}8XLXECRA!}aF@*hsxfHEo;j zm?c7}>Y^L~YjAy_nd8D=P!iHDxj72D(DHp+`~Ijd8o{7r^s+j*=M(TFEX3r*`(FPp z(@o?MJql9^dTsHwQGA-6BcwVo|1rTu_2t`gUp45^S{g$611iD7M@;OXN{mVZKiaqK zd~%?tBgY18t_J`D=l~P|K>#6|5zdZQ%|V{B`+IzvdC6Y!fvBQSj;7g)k~||1j2t;5 z?~vtD6jRncxbzWb>R14JfEdjriF}GFPO)j}-hOV);Zjx(Hjrl5{Qy^rS5r76f#~K| z!v}!m7;)4vIMIXU+|Sl27K*Zv7;a;{-6;r9igVyfQAI)ym%2LhbdLl1{b$5}_Xwm{P?-0EBYm=fv~L*nLG)fZ?ijYn;J(Iv@@OcNja0c+^_t z(b9FJOm_8~9{4mr3OiE1QIhD7giAKAn`?|DqHipW4&*t<|$jj9#7JKN;YF=~nzd))hwu_WmJ(CAq z@JAd3$mV#P52UXBVV>*9b>={udlfT;`{O`cfYWj2I0#hF`Lgpt&};AB>7_bl|AYM} zLS8n6KkX}zsn$;um?5Wzo4Lkq6;}U?HZhpr$RdoB%KC`^R-lOG{Zr^6*!Q)UC3nlptG2b1%CM5z60wmQ#UvAa!^9y_VkXEKe66+V0lZMlW=emj-mfF#t`-QJi_$gZ#9IS*ykWae$m8tfKfo=;-y0im>P9LvTfZ!2g;npRly0_%&B? z+Or`Pt7~Di$9f@a-S-v6vs zeC4QpK3%T3cT9|U&`os?BCD-Bg&DQzc>Jg|>SnNdY1g*KG4X&v)^=Uxr1Sgd{Q37v z*_FP_D0E2X#`bc+aebiVrlnYL3|?eJ!~x9D_%sNEMH zRG{YP$IAwEeXhfipe_pXlX|UaRxU{+8MIT(o#Rn5eUE|M86?S>9b9Z33?rh06}_b28DO zIsWzxBszWcu=|Q9^OGwoz`DqAyx&^hPB(dexCx>K`ZV7G7a)?J&P1*}K4brIBvv@a z$^ulBOAp{^lURR$nvnXHV-q*_ST_;H}?1q=rMQQ_HNUGbt z)QxYN`{5nF@#>3=P0@OIdYBe9Y&$$U3N9^`GptF!@CfqW9X!3eK_9ulFWTL;kauus zc&lL=SzK&++et^p#wt9#Zsh|4DlDwOQ3t8}`6B{ocz`(DJ4I!O`FMo;KwaH*#e&Y) z5K5qm0(Sf$b(vg!*gg@rW99fS0*xSK=S0IxF0swwcRgG-x_Mf)v4n@3$8U=&YeHTM zmfoghOiRKr^H)28@JN2N3HHPOKd{J3T8h!hQZ$UFV&p|^2ej>rQ-nZQ&33#^Zvj?G zs!$041GoAm^-l8huJljF9{Rx;QAR#ZoIWa5<>}@8uN* zwY#dmoFXg0LV@5jI)0WxataX{i>#Rj4+#2*57i7O$_+>m)V3L06fQkVem86Ly1^ho zML-87Df^Uv`nL$D?K)o zhyz4K*b9G4Nab@Oj%^2I44Tj2rG+IR`O=6etQ^P@H}_XD3#d6M-j1FQLq|bPJ=wT* za!s9PWM}6VeMi&fARoqerA~agb!juxCrBykKP0SU+%pd5F4=jM<0kUS z#SvFmfs*_!7~$pG*|0UhZ=0K)kn|bCVz8pN-JBuIwJaLZtq=y4Qj(vKeTdK#-J^-# z*!YEl*9eN1?wg0TmzVNy4i$o#xVTuLtZaP$z<`{gVba+6_{iLM?_|Ej&vWzK+XfXL z-gm>Bo1eLbY!Zu#;B4(2U_&y&Pj}=)6i2A2=qXK2%C-nw8R_ZCRaGKbwc>gP2E7-_ z*LRqo!Ts^@iM@idaHBkCL9!#-O+bW+J)84v^+S}drrAQ>NJJ=?u2oeH;;hsa*r(gu*vkbY>i&q_-8_n0pnL=2W*UatGZbB7otm}Gxe(C|Eh9CorLDWFb=`rwrGO$}eJgj*M( zqiAvzsM?FOw^1f(?!mUt{zyMXNdQ)#I*Lih+G zj{9U2HhmD6yacda*O+DG9woW#`7>WDQsd!W+aG#JK9w|;?DjQusYOzbbV3aWy{0q{ zDG9=uEVt;Wi|9HvcrjNj!wqW~BC<$J)({E+pPH6JH39qx&_dF%q07|)+JkXg<;!?s zoxv#Ta&lNm0zc;Pz3*kvXYzF+k5YuIpB-7=YC?2gb9}VYONT1+{ZcaG=5i&mW0$j$< zeAIk&#;OelwO;HuaFOu2y%CEHKp#;SXlHr-N27`!UW^#aq^xK18ZRHewu}E2WB78PRK~tMi z&|y0Z2y=#Zc>WA8N5h?DB1vxQ1UR#G4VFb7!W}jm=1%Souhq2*Y}B7| z*eTUs(unrtOM_VJCEkCNEp~TO2hs`N4JD{{{HgA(0BRhuS?Ua1C;r)5g}aPUAgVeX zG{Jcml{ZcTp@tGdLohPfAQN%Kc6KjFiZT63wDV{2UZMT0Bcf=HM;)$rb4?N5qhU}_ zUu+U+GcHO6Ncr95p1{S$mJEy|usugGz-Tp%O-`94ZgLDXH0sWeabyfST1=drXfKEc zq!OW~ucK))rCRRpSNa&u%#pjcB=TB9vy~>-9KU{@g46Nh?^Utt@zaU9irU+ChYjo) z5r%9Q$~0tYgoF(4j7$8@79IoMvdTv4)r+D?)^4g6=B;<(hE5+7oEMaaMdyA2>5&l7 z<-|?heToNkNdH_6^)s3d&^MgOrr^Kx2%5OaQLRwwoig>~8#4sJ)h2WdtHAh$< zU&<+kYs7d|WXnpnAl}7(?Sn!x*XU8IL&Po(7V{lNjsQ*<%4?%nMM{+r^p92I`;u76 zW=Qy=$5oIb#LZ9$qJ9rD>W>N1U7&rO9sH7#STfxpyMHH6?@$3-)zC5@#8Xe(Ln7yH zwzAq1fd8u1Z;DLHdr@@A4ttsw%D}m!Sd1jiyC&z8yht^^I3n5=Q~T8 z1lZe0f(vV>TyI)Y27<#!@Lo#m>Za%A@Y-PanWQ(E8Ffv!Ou^~zFnf2W{)C2o!6c8; z(AVcgA{ZG`jBG>58J>F$v*nv?^KUj9Epd~X0qnd{rz*rD36S9P1}1*FJq>(6|00ba z1mASDFr1G+N$y()aZC0JO>uIQ10dJk)PeO|s@%O63?AAAD0VaeJmm@bC@=4Uqfhvm zXesnWC0!&ho-B$AoB@?`4)XaF9bEI3ucC((WE&APx6(y|7+2)TNOJ^_B7x{5_)0eW zn;t>h+XuYl?06c&AwD^zIns;^r8Y8Okx)Mo@j3z`YG(=C0)|+Ot=tg#YwS`ZSoVn*(96MCLge1`;E^nr zN=l@Nx<}|YOx#})YZR8;{y#&W6ZpYniCOqtB>0R1S(u^S9KVcv8H6$W|Db8IfP0(8 z>Pp1&bP*d*VZS*`h(EI5f^cY6a9AH>YrpI#+>uAFXev>ExV|tWmXi~W zxyAi18pd#gNdLq+R-uX7#W72DM;nQUX(rLt=(b9iK_0)g{EA0T>5`0t2&qvpH}rF4 zJ{$2Ne|n|6w_jY_h${}_$KKosBv3rDB~7}lDO5m~q$TOS`aTN4g=H%r`!^G&37^w^ zFi4;T&p;CP+2ZpA5$OWZPc8@r#cg&YnuMN;ibVNfbkT1HeBUpzR-ng0ODj)BO??p) zZ0lmc$*F#!Fm**uT}WYZNTGc$91fG3o}L$^7Zv5|rx@vz!JsEH5g8tSB$BiR4qtT8y5_sWLk=y5oI zctFxkVoO4L>_v=7k*6Jw79E(l=@YF$>V#W5XqGGTnYhbrcOj-7;e`|H6ji#-_ID9~ zg7OYGd7aUMkrCao)yKZgg@Ja>g7n~W;$vD@Ga=ZOkz;eR3_#h_#cThk>&Y`krLW)L zaa20H+)Rh$@SVF-q@rmSrF(Z+0u=A#7lPfnTk8Uhcz1+tsLxR1%Od{b7y_7p-^$xD zbLHOtyOC!`Q~Otoi73ARt`uNjI};80KQ5$noPjte>Q`0b3p_p(f{2Fl7c-K(PZz;d z`V+#em4as@rbak5H|9FOA5-@Y)+%P6DP#m~n01!=9=qOfx8X0+$DL!TgQV_QzP zVf5@M#WCn;iaNQnu$`bl-+JXm-lm4r7-d!pNB@H!R;TW`@nKqHjTak81D%5HYx%#vC zw*A#hygln?O`wfJ`I41Xv-W;Jtwa~%8Y zO|p?F!22ZExn3x9fTIfs9|EI|I`3YEqtq6Z_y5uL)?rmdecPyXhcwdN4bt7+T~Z?5 zDIkr6#HPEuQ@T5)k?!tp&fxRB-}_zXI_GZ@X3xx8>v!kwwRo{VNtv%)b+a@1?pit$1v9jstwK=ca$p72B4mz9#AOb=@sMA0fl0Oht7H+Nf*L@10w&y~k zA3k}?yeg>rf#kOr(79@wxHrAKr%Q+bS2Mv##;Jp!t3hxLp?dK@G)yyWG#58oU&=De zUXSC|mkYiQ#BB@&wM_iK#-8IweeM}|zwXwLY_Rv|cksN@m%X=a)==H&V3YiB%0B*n z{Kq)C!=bKYAh?~*bbaI(FO@*DVe*@<4rpBMrVMFriU zv*=)L*`xkg98n(eM;t9EuUP-W%qC>D-zk{o*kJ+FL^c4#e)?Po4iigyv zR9zRE^lei)jn=^UPs~5m)zynj4Abc2ju2{|oBn!~w{-l_`kj^+XGQ3U&`@vDLO=EX zoPlc*O(Vd@R(ds59Z&Yz3He0;u+T!j#J)bXlzbwu4m-BK?BCjO)414qc_H#>5dw=e z6I-%9qA$$M#8p(MvuYbv%{Ft!(h%cDmhBltXw?Dnu{;^G*gnS8!2^$0o!oqOHXZ~H zo)GwV#eyHyqu(7H@rKvtKk+Uca9$x_ z$S|?+uH<8`mZzcE5F^?&Rbz2O2A*1{Vmw>v0;$NP49f0Y$q|yeoD+quE3Ic`pi!pYhMJ zzif{Q8WncqM5f)HoKyCX^RcZT>y=Apg^MH6T?r6d0_%m{_XcYT3v-G?nh!85p~ zt3Ue3+5y&_udsh+_SDn3Y`_y*bog%#MM5YA&+el23_^}DjBV7ZRnZdwq(fPlumIx)c%Hh(w>qJthpjm^X3X$n3~M^4^b zY{FOQhC@i$bwGTt-FMWg-TqZHaiSquD2uG>Rg-X^q5k%t!3l7n@qw$Aa}}zan@9O< z3{*mX_k0v?gf{)^sX>L8Z`nuGL5PowJ8yvx4I>#B=b%6jtw6c>=TC_tc8Z~T=bEe4 zIwkOI79r!(#gumiU~_4Qj}%F(Q&Zm*Ug7C~0S>l%GNBG_A zO2b*&l()vO#L~bkn9LZ`!-Q;NoTHTHmO)pdV|0JWOiF6KWjX$exmZntngyE_YM;ni z(9uD3c~b?#iY!4xLp!H&yoDb6o+xg4nd)YhPc0}3ifx@1Ma(iu*)1D@YEo25+qJN^ zjoocP4(-!pMT`%TAqTQqciwMJ4lNRq1m)3HvrHb8%m_{>5~-MGeeFXHD|SNq-dYv@ znfkF_23&5A<$MW!4OP!uv+8I8Oh0kl$C|Wpd9G^cyig1Lz?_>y=w$Tc>gwI3^{gY% zbQE+3z29FL)FjwwK5=nzV~PB-Ap(((gNdieE3BMQvtNrKpvEDnZ7 zJ{7I-HKH}nCv*JeCdilG=n2UTrt0CqPpzYn1p^XSJ1r->HV z!f9RUuj(sYr@g(olQA*&J}CWZnj}0%-}LosQ_#58Arkwu&3rvbV{Dso0l7iWvzaVL z7JrXM9>rFk>dbwzjc7iPk`60C9sD zBfmQMeeQYvq|;ym3rPs>EG^}arsyyBRuUG5rVk%dTjTV>rD&O#c?UaSxe(n823j}m zS6d!A(a1_3U2)Eu2J+W{iBY-lq?{q0qWwD8H6&jsy9rh=fWz1M15IkdSH7`eX=&-y zj2}}{GW+ECJ6Z;$A1&wd@9cct>EVWOM42W0$d%0%@Z$yFQtbxm%p*$|Yt_90$B+ao zX3%()3~DH{yes=hi7(t?*(38V1S~a4?n#@Qo5r(h(rEoLrWz6{aTq%z>a-C;2=HaX7yVBAa;rMJWA(K8*Q@_c`0GM;wmuoYOHd{E=ujncwX0#+R3L z%69X`A;-mCZBG~=H-29`KmVDGtX7+}KZlHzVtB|K^U|Njm>xUx5l$T1Npq$0@nSQ@ zcW+jdD%@BP951)h@{!AyrBb%!`12j~(O&6|j6m&D(ddXZvHw=)CKV>lCiNSFiIJ9- zPQdMTa?mK)Lc`Fz3*VXJsLOKFQ(0q{d0fnxO^*F*@Pj7QQq$J8pw!@ZS@rrh*-`!X%40T8BoBH!32&f z){M6r&%PgjI-YVEd8ldi-T>X|N7R0S1qL0tuEmY?++}%H?6H7XzY9HkXC^;*^^<_F z9O0ALB-Jdrh`ISsNISX_11$K<*XWO;!eK&9LEA!ez}@>3!lVL%c)VBQ?SKb zORyb~5l}D<);2+s3fbN-N`H$g@tr+)nolTom5c+0{-90 zj$y$n#JASez8KV))`#GMJ{yflyVsLj3tH#Mv!#3|Kt2rTHP;2Sv2)V%osRpG)|XRt z@7*YZ;%H65I|pvUOh%(Fyv&oA&LgW8yWxjCPI3YEp#Ihu>ZxI7NMwxvHw=m~dD6YabUzBw3zTap?Y_ zx+BB#J*K}oeG|)44;8lpFPEMp{Ey!FeuZ2@07BSttCgyt=D|O2|5`ehBzz7{F)s z`2m}j&Be_pgWPA+UR7)8_%6@>pWCti5popf=%Z9s6?40P^?xfJ&P`$ebgh*4cS0RL zELkmB-h{O!SUn*56$W*#z8z+2jFjp9=bHT>LOu-5USCJ(b@*s5tg}t}-b(kaksSsZ-|Ad8$Tu0*uw=;w`=7Ad zIW6wn`_0Ekm{8yt6d1@=Ty6up+EY9{#D;(nW&Qk_#KS|IRX~8^;-b1a;|S2b(8>X~ z9fej?lQt^{2LnGp1R4QB5XGaWzZ3^;Z zhYb}K(vbwEagmXPV@@}R1OVbvni6Ln2$cu)alfCyXM(t>&`SMxm$^D&qp$u%xZN&0 zSXdoJulflC25xn9Loctiz~CSmAD;$i*K3jd!$f0Lx{5Q;XZLu(x>n*SzM1z`Y+a}? z%+EBUWPv*l@8id>+cL`4Kfp18XR7FKo{*TB$y{i*LDg0wgx0hO#d;!l0tM#&k;@j3p>`VIE{9{QrSy#swRz~(Mt(Bfi3wCm| zBK%f3GJZcgl#7OqSE~VCy-$Rbkk{*8ETC6$7jAky*T%yQ_!SJ3FsIQvaE5AYQRs7g6qU4-&xIM$FN>sOM~Ye$tGIb+XR%Z9*o7NBsi;0x1^qduiG({6|dP9PPZ&WLz#iwL-oCn^3^5TBHUbA$aeEKH@Q?_^;?LZzz5cpd}=^PQIzn}wZ~ zlHdEqk;qcXNwx*(1Q`0odl&B&-O0>O;$v!!zg>uKnhjKKlndj{%O_SiIhoZ&esMNc z1s?9b=s8__Dd!pO&^Jgw6XFY8ur80cM}h+)e3eTL)wR69&^>IS{?oY`C(T*>xf2l# zwUY2X#p3STZEbMBus9&9ZdusK+yN_2*G-{*8IMFk4Q&W}K}W*V3yR3kQ7stW#v^Qt z`~oKqGp>-Pn}T!c$m%B=vfSuxc*L)!QKtbZjUheDP!ve+FxhB$lD?vJXH5PpccVUT zl^}&sO6czpIuS^Ivxl`4?_%hlr{72W1UQ-sU`^8n=`l0kl#B0!qNGnl6h->r(>ml0 zYYFcj^e&P&uX;>Cj69`R4+R}qcMtR}dn23-nYwnkc>3TOGz%KZBvrES=Pzm%FhoZT z&dE!(|HTnRm^JBu;LZDj`t!2JnA`I{+Lcc&ZGnV^Yf~6=|L|9fWqWRuwdgtJEcIzk zZWxqsUehVS#1^TCmyA}Kn5-uR2AJ;Kizln8#|`7hm5g4q1N{KA_yevi?nig0EhZpB zXv%EvXqWcyJHbBOVrD~74Lwi^qJ2dK0@x1U@YGpK>{{S(l_~|U7r8mA=Q!&J%X#aq z{uXZrg@lY8Y)Qt^$3%c|ro3eO?4S>|*y5Ur^qOw2*6?)>BPw6&(Pn%CL3%%b(v>)`=0qmd*cNhg*Ob@79#pV_yJKRf>la^ zYhC{P2)AD2kUoA;L@pZ&4~{GAvj=Y`=9&NW7aGP$7iDRq$4Lizsb7(YBr{3f&w2+Z zM0!t)!I;ry*Ec8@+HAzqqmt8Pa8UAJ**O`F$NFHSQ9#rTPP5N@Je@a_+pKa)2r_Bk zhMg@|Jk}642V;A~3M6QaD1sgi?|NCKU6V40G2hx$P|%n{={B zo7zKZ7S1w@y7{;r2Nze4DwF$G+Y8;*ugHi> z{;dk=#Kb+^BKM1dPN(<(1C9jdoleq;XBgU1Xq4@>f>sLsLP59*B|}uk9ZiqcNy$|}R7|frO+KM6Ow#Onl#xPmm2Exg zkR}KXQr}COFqt!iVWWs=Kx5d=Pf37P%^_=uXmRRL&{^U&^RN)dYNJ|G4A{&eZW zPAoP$#=VKjY5TlQJQgU+BZH*ys(+I)bhV8(Xgemzaa%{OX374|* zwCJAH2FN}2er(N&aae=vov@2d;807shHq0rzC;K1vJ`2i5doBF)ipID zjhMX_d>zD;U?!a1QDHeb+0>Pf!u`Es(yG&<_uacPMn>ZW6EC)v(^Gihy6^2>G;4=% zpt#_)gql1u;wKMp0%u|aKgQ-xRF}4`P+;ako`-OTk^ym5Ir-&TxVy_0x)4upLgwiSP=Qf; zjR%MmORpen=%53sJuaH4^m2XNck z{wm^zqZ`@EMfyES@P%41<~BC^%n%C2%^YAsJRBV2gzR;eL~>VTFfHs9K%5&`)WB$J zFS%d3_3V;C++y}FwTP| zI(Ps0RV)RmIB*g>+(&b@wYbFf*Ln{|3aNCJifXLkH~N!JWX5-E>SN8&@N#$ z-bz<=-2*@nM;Fl`8r(UK z$_zDvLIo<7o@jL*U#~UpaQbgU8!@raS)LSEsP6kV+W8*;q`d17fQmIwz_RbBo})b1 zihG~v%^_RSy*)Jv-N)st58tz?2=C2pU_Fs^0InO}YBemrPj3+Y_hiAL{rZPud@aK5 zL}xCR)2h5ks$YC1J~Wih?o8j-CQDR(7LE;nd=KBhV?cLSNDXH1Zqhjz_8)UpJrj=n zx{y*8-OQRxJ}^K5->;(he_*&%Hd2WBxrek$s||4F3K5^jiD8my!EB!DlKqpzxPWWS zPn-i2?MitZ)5+Kh#TO(HKN11c+{*N=8i z6t|J`IWkDc*xi$IH1_XDK|~(89xcPb+_shaof`1ij};pAD?aTQam@9_^;aC`p6pSN z0=LKUxosFI`7bvxm4hN?#Wj8px9(pIzAQo)mr%zJ{3{-I4S$^7HJ}|N3VgSsQ zCr>V{oSc>ONtvnT7KH`oc?A{92HZ|wKpXQer8TI+S!xS;vpMOS0 z^|)XTucW{b>y9*w4J5}(Qp^nuC1_ovAWEa1^Xs@s`3D4;`S=*vu9PO$O5ts?S(unO zr2=|{tVD_%n2v^y>KZw~fa*xNYBcW}T4kNQr|1e`tD>$6KG>vu%OuN`On>r%(^y9E z|3`txq^GB|vapamJUlq={~@8Fr3D2AL0Q?r| zj$ev$w8_M{SMCXMaVyQbbgI;`54c~2Bc*=o5yv!p?Ig@_HiXsSr+wMe0h0948cX|A zpmVXnkdfjo$vot}V!o!jR)e)ptF+tVLL9N9&4+0;tWUH9Q5wTThqT33-x99tOg&!e zoj{4PH0dkeR^r#UNLgd(j;C>n>mMbd8)EZD-k{d|oV9coc`#rKRqmo+I04F~ zUbL>@!ZBaFs;q4P z%$`~ax#WOgO-PTg7Pi2{`84}zCrS|!9*zl`kE|dp=jG?XRUNTKY?M3LKL(qFa@^_H z_kbGKRh4bQz~0Sgbmu~?#8;5@=n2dqi6cQw8#IIK=w4w2FZ`$UwBe!Y;-g$Kx&oU#nQ3_ z5e4Ne^oxxKv*B)QeKgs-4v^JUkB0}pF#eK!+(=4Bx@~WkOe?9Dgxtl~A48(fk>O_HVtzxki=@v{ z4`q@`3sjpYs%gfTeiFkBODBgI`S3FB?OFziMpF>}E;t2!33JG(Ex4hfs}FoU$v|4o zJe1g5wB%@8D|UN}G#o=a0~HjRd+bVWovz;|GxHNcK8^h^ zW3I_5WVV^ADhMshltR|PwIIRj?R|CU!k#|>BvC9QqOrj9#=NP$z1R~nG8Pfw=S@nY zE-s@FD(x#`7ZHyX{-K6AAEbb2iEQ*|c6pgLH1xtVBOn=2zfkj;0rG6-^_!=s#?%yu z-OyaJQcVrZs>A(e*oGm*Y^7Zt!Kx=NA|k?y5UqlO`XXK58x$K0_B+zq0;prTyd<5u zQ#vx?J*epvUfSp}yF54gjfjYN)KpW`Ey*-vj0hAdRMoFOCPgqUS%5wm3KFaxt(~UX zHJ{va8*fpE=CVBE#rV2Q!#etvo#RJoC$bez9*e60&gC*mU=orJE+N6*84I{N9Oc6?{Q2X z3i1_#;XV2)Gkg-)mHd*E1|e<2Jvph&%Egy6FFsAWgo%ev2Eg7FSLb>H`jGkZg)Agw zn0|CN?25JKN}IxNw_~XwM5M}8+}JXT4-ZpfDiFN;8qrA6 za+{iH-6J0RX+LVOvd$1I6reN|;xrC;#a<7uA#Yr?#MipRVe?>J{`%CrcYBn& ziZCWEbT1|0*P8G4VpNmVG=r+KUwAL|n|vg@g@j1g)5h5qVm4u8U8dK2#S>Rs z7};mdx+3<8(4rIbn87SRrH|oCAs!4WbQGSSD;3i+#aI!GU;E`qvtpN^{y;Q{U2B#R z!?z@2FXjdj=&O4ar+g@$C=we>8B@wj5QdNH;v9iWxz(CSVKSUPGGDPqfrxJb zFmqeNIrG_O(?#PPa*>7_VzJl7b7P9Ms2YiNC+rjCbNj#Oc`j_#8ZbXhnqO@Z{m@_a zzAIR6na_fx=HS4GSD_q-D*YR^>s7LdU*|w9PP$D{2URR0o?nXmvWW)mA9J4-Bvw*a zCp5Hh@7~gSyJ$i1Ts1*@aR}{Tyyk&^it(%z1W_VGeQ}&yEVr}!HHQJklyE0{)S+|x z!hI}+K44hG?#vg|Ok1Rto4ch$iAfKHjO&0VISfDI=dK0A2oxRF45;Ev91z>kYUScG z%|9SUl)=UKjTp7m4~20oAUXM%T}1C1-9|dWo$VW!6Xcgt{{@z+o-Zv6*-h&|M%`%* ztnnlR7>h^)CR6S3;S$fPWsh21cBZv6woNLH3U{gu3L|2i9}Q~l@QP-{vs70Q1!>KV zO38;gCp4aP^Ql}@<2%&3vFu>^7$8>0&V4j+Qn zC&aq-sD1ef`PJPAa<{cq({98_?zf6-k<`tFA3{R_c{p;P}HYvJOQNBw^1j{U` zMYj_4y;gR)p_c;Mw*T)4rMM0C+W@0iH#06rF*lggS|3fKE4J5JO+~r~ z$L&A$nFsnlnu)++ocZgX6m{{^h+oEV)*eCpHB9_ z_0Q)RABiWkV|nF05Xm*z_a+s?+Le~6z!oF)PU^K4b4S}6hAxS$0X3Ir;ci0bUp+Li z?{qRjrTdGih&lEOVTSdF=EN4?_lJoNFzvOehVZveW`T}$4t`Hv< zNC$xH33a1BD1{;Wmq&gMqV5y#)WwrH5>&2#0wI%BMFHQ{6#oeBm`&U^Ow>Pf*$3iI z4`A^_)IJpyM+vA_C-Eg;DKaoJQg3Vu3~8F1S1NpxQ4fp#$;wYK&mBXZSW2?7slrXB z6~zJWz>eZb$dH1|9S?3E>ShQ5-C15mi36@nikhUjpD^bAnF@mu)Q_cb1h#B`A`fh16L`N|f$D4x(esF6mJ;z5@ePLnbx#y!POwt++`Os0xntI=$ zor8crz&}`qy!DNT9QW#FiV5{B3eYNv0etxUip<3-7y2_HtWm9l?Y{{53&|gLZZs_< z5i2PlDSw5uqA7K9u6%HHS~Lb|G>Q@>wc18LBza#TRqE)dlo(mtBx$1jtzxmWFO_ZM zM_*q`u^vD-BEti}{&SP6t#pFCg7!P4exI{UP|tlhaLTUK9Wn($G|;q~Pdy9Fb zM$Ho@;|qjXyXmMiI}{I&2QCAzERe__-uZ`4`5MZ9fpUA)kHo@`U2bcA4oC7e8RK}r zU#jhVmN+2+h3*NTOzAA5{=cracOCfuH&;vd|Mi0z=W{kYisylS+MoY{`u|{czjwuV zB$b)K{r&TsFw7eUy5Hv)FJg}YASUBx z_og$4=VobY?ImKnR;nAmbbySlL(s`%6oo+OB{O!pcb?24Dymwl*X}6`w33&y@wPmt ztvo!IKV1S&o&4ICdGQf;ERQzNtJ6gmxBJ;ig7vGOk@>u)dhe6v{e{5gR@D~QW7pGJ zfj^GREP@Xe-hTqMvl2hAZ;UU^{SOJSVE3*KfCH2zBQ73ZkC=ytmVF(5>>j3Z|0ef4 zK4lyF1l6?J>&Yl)LYNFWipK^tSoM&Zy!ZO-#c6BlK`JLtnWkMNm5!qzMR`WWxS}~Q z%E`$ez+a!bLmvHbfP+UvN2?4WSV{WvRXef9{-LoIYKg^h zkCbhn3-$zt^6kEX7jHgu0luHv$Hat$c>38H&f&rRBs-NA^QXt^I%pOXyq<0m3Jz{* z&qrvX!_!c!H!@s??*DTas35IVf(gL6`S}?Lqa*M8AyJU(KFsXF#)`C-a{_lQ>59j= zd#XC&@7vmHa$mnoy4y3E`QXN=JsxsMUZX08czFZnNR8RN{nCsuIz~}yNCh?gb+*tF zCxmwq0;D+6LH($?;i?Mis!4w!x3R3RhwgFYQ>%~L-q z%~Z(EVy*~`*x7(@tQdED-8=Vrd-$=|hJAC~c)R3Ts#-!zw_H1l#uKFhEUGV0sOvE% z+<%|T*8~e~4DFWISaYQqsmvT6UZd7e&SpIq4uI1_XAiM|%OO-E7bTkb?9bGc3Sgo6 zi_vwtDDy*d(hv1yO_M1mM}&gWJk4<{y^dH>;qSwg^22JB4=oelQyqp?+cij`ic4C^ z>+;5Sa3F)H%*K4^iOB0vt+K2vE=k(^5eX99aeLi|Ld&7avrXRSo4t&tgK`&tJ!6~A z<95s1ncG<%*hkNcUKaCdO!fK-tH$%>T$pr^<2`aYqX^M3!?Sc@ZZG@HIyYxtvq)Yc zRaiU?I&RCNauA9j|B=+xpTVMIyE3=o#pUN#GCg#eU1A&5H8Pk~y$)&z2$}9Gr0xa0 za2}2k4(m6-;o6x%*12}`Je8J4_?A3Md6Qi6`1|+t$mJy{4(4!M=oQX;ZXn=pfAPSC z?ddlP!1x~ZVxg^HJ!q7V2^gf(pdvf|a#z03ASI#M6nTxdbu5`_4L)DsWZ|aSF;hO! zfGX8cFMQ25val|4Az@h@L4 zt-f&irYAJe9zW-y3wBb!H2maQds-5O+aP~o;e0yf zKH7>0eQIYT3N-+6vle(5lYJV$hSd-wdj6!g6Mi<@1_sj^DDy97k^ON)t`f8s1wsu{IB)rsA)@pt zY8P;&FHnzhPvH#n9NT~%TC^Ah%Y7QlhOI}{c+&_v3orL0_C(Ct!rx#uNSEM9!z z8!co%M;na*`psWISQ?^It0GTkH#~6F7PsIYC)QkDDXYV^T5So&uBYrYwAhoSEIX4rPtly?C@v3 z%p+pWRfi)IV}mvO>3VB9qTiZptN&Q|e^RU%pdmp22~>+uOl(=gu@@)Fv#ibTLUOiK z|MxQs^|0iL*y^~XlB}{l;eR(LhGTlC{J#puzzmDC{4MzjbuH80yW%+`r(ZtE>ry;0 z8@_EpnXq?eB;Ke}`;Dj(o>>x;=CRrs)*2g_h6us5D^#}rt&#WL^a@s}tmN|3&g`XN zf{;c=E9WzrMY;f0Wx`908WdhUzL~7#bIG&g{lKO5h28LEH+Em*j+^NbmG@dgb&#+} z{`C>sIn<6h#G2cHSN-z@{z1;_Nz>)5e{{5v zz;e$@vyGSjJ82UlfK#hMz5aZ5*%BO@*-UbtSd9}bf6)DXlD~geL|IR+S*S2Vq|w2M zw9(_3cb=yPle#@TQ#ke6TN*22mtvbKZl3l{#m8>KP#Q@4Zw^^lWLm`RkyeHY@=7*u z&YK$E<8terw_26DJhqNfY^B_OVLY#va}0Jhp5YgzS`D`OH&@2`3OQORe?o}jQGKnw z%UoeV6(D@EOI94`fufDZjFVE3>qi4rG*U5G607ka8kFcgG6e-`tg{3i8zLbSm~RQs zXX|&{E7?SYBl#V4*i-`1wOePhqEfM-T2aqsmNv!tvQ?Q)Y{l;Lv0(iOz-XY)*YuhF z-=LV`4B5B<)s6m#t`7XKaG{oW{;}frN*B?-xoyL-W>AUHVDjdxs=$TpnqG((*CqO0 zI$eaKL_6iAuRyV|=&y;VAG)h}kJ%%Yq;}zY6=`L9NHkwZia>QJl0JvT!VjcwBVi;} z`tN5Vl=f>;`M)-p^E|T7SX|JfKjpaxRYuETOf$EWGLL!1$k9`K@z4Q6H^awQx`zZ= zExY9Vg<|D_FdzLx5g7edbsPH*FYa3yo?QyKr?tswqg=1I+te^|mDko=JQX6IJZ@bE zMnwdWxZlrssFIt;HO$tq&)E6*jIxRi7?r5IRrpO!16#MW_j-$Y7*IPo^x^R@4*Gk?~j z1HGUwD_7o#w-9<*>+E$aEEKSs)TuRc5ne7e2JmF28276ZcT!J&Y&kZmwSdlC-*T6T zu7h?)?+uTcY>)yS>wzH$?;ae9)xP+)6J@26lZR5NP?5{fCM4e=@`Pqj%hmibvlf7p&-U`smWP#zz5AY z0!DY`*PK)NHn{!mibh?YyR{Nnb}0vi)-O++y&TRi)Z2rNa;@U)0A0uJuU_+wQ zwCGr>j2I{EiopvL$&CFyR7OV19ZjP21c;|Q8Tr`^b&22Y@_=zvMYj$3;vQW46UZxY zE5e0R7oCc=I1vg>Aig&>qs4^eGV8eeY!*U79)GzR%ES+XFs$7|I!?+6m3`}sK3>xO z?UzefZfWjTiGjH*o7ecQ2Wk0mKcRV1hN8I3g@6~R91S0$C|*=;sCcweZ}upaop*^m zF0b^+8t&bWi-=T^67{};Seow8`_{zhG8+$2;iO|vpO)7merJA1(Qk2(MJ8C-v#Gh$ zkMu44(uV)ita3Z>Bx=N)9c1bd#Yh+2>G?jlz^edtvZtSsDqEeqPufb5jlGPAUqm|Q z78yguL{d_3dFr7EH(hZwZ0%MS!OS9p{m^{+vwBar1B9EzpdVc?-j!SdU zRQ5@fyqt`;e0*G7UL3)q?;rKJ_~G-xB(#qeVcJ;Ma3TH`f(=`c;qVA~g})6+#i3YB zXqNz4lKrGSQHXf{MtUspU$_&uz^ z#1UGPp8A7z%wf3nnkFf!6Y?jG&8-qayu0xpr|sq5W8+QS-LFgD5H*GLl==A-Q@Kx@ z%_x0`ov#vYD9S4Ht!wp@C0eStbd=@I33f+1;e9g83ssnSc+)?%NV5kHqd?vMULi)Q z;}Azp%_ZG79e*6__a#6j*QIj*u4_ZN&}##d1kHT>Hx~>?4!n>D{UN@62v4Vv zI)QzIIb$6cm84*x`nOo{WFa^n?+Woy-6ozkZI?xxNaA0Szgl>H&xFbsZN1%JLm@#y z>vKgBKpk$|pK^^axjnkz#~*%sG8K#J;TFl@`F_fk<9xVGA-QTFQ8;ekx_x-vG@_!W zM4Zm^`4mwZzah_@<$(#pEz9;Q}-se!gU2*R`6Voo_FjWDn=D zwc`ihx5GS9<5>GlNvgAY3spU5HLB<}(*${3R&S(#aNWhFlMv`GZ1A$Pmh^5WkkxTH z9j0s4m#LkQ%ekn-A@_bj3u$|S=&@AI#*yV(d3d}&7N>whpDJHa zA})y5Bd6(}KWeG<0#jT|P}*ZTAT|7$}?=aiLiIGK8Qj5mzRnL2MoE-0$`} z#X+OtFUgB~a+O#?D~-rQs_<4uQ`J^-_3IbDAR8Om9;1PS_w9ie4qFh+Y|WgE8jYw~ zoBczIZXqh&Vw3Yu@HWjxMCr@Cj-9l;S&-_dgT1udk(9LgEuD%69+8Pp$CLGFE_s5o z15P9LzuKZ-oUnCgf{W1lg(Yv(K8{DuP|aaKX>~-G0$%VFL3#;+GroE}50e@ihC{cBb%^P@9*G%OrjTs~f~x$$ z*3^>VdRodnN|=&V`p3w0J|WL>|&)eSNPJc;E!Qk}Q!G-tESyyaj9@VV;@ZI_RuYo?0GQi?2# z^rJUu)H{idsFg1MYX45>=xWWjWc>{hKo&XrF|t4?B}sHnq@g0f7bGIJO>p8Q9ZwmV z`-hS%Cr@~RxP_)AVP(;TsN`dV&^}3Jk>fVn+~KF)r>>V@6=xI#9ms{aJft4;gYV zbmZ=XyuHsH)RV$Di@7INb|RQKar85U_>AK}X?b=D7%YrCL{o`` z1m-L4=(y-bvn*=<*oP$wBMAHmzF#kiXC1KoMKpA7Kp9cA8$p#$;F({h`wQ8g!Wril3R1apzIcc??phi@h5StdNjfxC@cF z+@Wed9OUW45}NLVf|WBTQE9gWE>zOFMdaz{UdH5qDRhy^H545McRy}$RAkqgXYlMx z{lrem6`WhAQAa-rXeuNUag8Rex`B6rTM`K-VGC3;`2@br=3Tv3u3c%^w@}y{@rU9{ zrii&r4BxRXtM>>rj&KACYRQsWtO3y<3aeE6IV27kqb#hKW3Iwop-lx_OHeMXY^zR16y0O8VdBYHI3j>Rtre|^tHP>_b}@fRlyHG8-IO$sHMvy3;v>% zU~Q*?W-$E=Fonm>Z-& zVZ23ei_WCdK81;hrdt~(^dQBD(ha9S{;_p?3A`b5bmz@1UWk1!%<`Zi^ zDo^nG7i@A!3OFwuHp@?3IR-hD8g!Ee8fgA)+kC=dRWK3Mh^p+MH!i&(G0l zxxAK|8LAVo%DL<{r(LP7pBHnz6;H@u!dvOpCg8^|NaY6aOX=>o@?!*uCu^^Y;ztj> z{r915-%em5-Cqsm&wW?@N$SXsImnRw$|ZbZ0)CIBC4!D+LZL^l@$a)bt7|&wT~^a{ z%e}f_*WDTQ+E3H4kSB)wQHddOk%QE@Q(8+uovdg<;HsrYAC}+Rdc59G>ed@&*osMFDHh8CL1pz?(9@ zPvFbzAm)nr2}$2S8EYNwPuAW(RvKigsKnRf5V3C4ZRMDHe@eleUBR?lpsenV8+TqyMce1p~_AdpWecQ znh;RW!`LwUA4Z-S$uGH&#^cAj4X!Ru*Y7+7i>H%ZlB&{=gHz%iX%zB)=#I?)&;IXV zIc!&t0WF#4(!oVfBcB~DIjSwgSZWJDlWt`4XCnB6kNpI%z0>Xpqx(tQW%kgh zyBV0mcXL=s&0;jLg(n|Fl^kSN66SEJ2MFS`e5j}Zh{#OJvzRCZh*yo(mC*L8<*E;R z59S@OT1ni?d>mjv!1f0@LSDQJSTG0KdZEwAV7U;Bh`ZbHy-%1mr6_Qa0YFUW^rX7p zFQlf{;qo#`j3$C$gDRNPpP>SRxCCnhGNCT1V2HIZx%mXPSK|2R_vw(f2?rBvYMqH` zl}Iv*d{QZo*PM!?_Drg$`ZaklrAQvnFCaC`Jzw`+o=y`o$#D-wiPWr`nW#W~W?c5F zY23L+p^Nd;Pf2GmgEVoBmt1K6%xltE@B4+bq9?>;(l|AV9G z=*_TvENnu*5$tm7$0}x9{EF-j6^Q$g0sT8nI zaFIBu#!e+OoXAh9-_JH!aX$og5IYL5dVGm3NQQ^Yc^+w0efSPpk}wM{B}U-^$Bj4F z%kRL+hak{qP}i5~m|D$Mw5d@k=ATEz{0Uo#4R5Y1w6xX$1ANtgv0WT33ylXh7PbL~ z|6>dBhkB=t&wX(BTV#1kAhU@K_xlR{qF}QQo-|~`+XdYix=PBcCF<4 z6%&}Rr+1`LYtml?0*M#{;2!#;L#J; z+JM?WV_&~a0j2}WVLr}?HU;Y}`3g3<=39%?8oFdn0A|iJPih$WGc=M2Qs`ZTgSiD5 zfdQDz#%G&AG6x8~PNI(iFengcU36TB`^0#qSrC{3g*n(sL9Pa@^H6SqZ8>oGPy<5z zT!`br((Aatz#2Mz8#x}j;F%y-15qJ`fiQ@!qec0O(E4vTRFrT1SBat`sVcCK( zyMoq1FcbikDHvy%zK<;3e%(^t;*I$au&1BINP{gzT!Oq=<39_3k=K!37UmPNA$3E0 z{L}+LlL|HwcA^xI(HP3y4;=}K2EewYGIgT&m z757W$llKevX?jw;AGv6|AS$6zaV}+ag;EvM73CMQ&08&O&;4Q1&&H^QMxR|DswUea z?X4R}S@WBF9l$$PmWZtU)-MQFT$qQA<(s=-(+l zJ zU2G=Y4t)V#nu0LHLmqyHWiDbWy|PZdOx9XMTas5nJEu+cG3X`-NpwJ(Qq(+gTr=~X zZgWK#gS>m<3HOR%nw5;b8D{O5g>L+*=_&Xr^!?)>)^m72IDf>>Fir{Py-o%gt=q&| zRSo4V7z`@RIh1aI_u%$;OE^i4OYBQ%M`=Z`;$>hD;8ikJaQfNh*`e7eStuD_bS9Y{ zSf*QRS$a)JS?t=RSl0KH_u#X;Gs$ySGIiJmYH?|u(Ya~3$dSr8rS)d3aF;A4Snbsj!QS=rK7X8?*`_@FiRNsA5 zL@>tCX;-Zqyh7^@?_KdM_sEOn5>|pli=R%=&c(wGM_^3={RJU2A+w&>mA8yXlBd$G z{Yb>&+)?w$X>ljNEZ@5Qka@0Sg>Hpq1*w@o+lVEE*K{pOz}?q9<&p4~5V=UQX233% zP@Z2t#k_FOm=S_8X3nqDeAR3fXEm%<|3Tvs##ip4_15)T_t(;P*!}y5e2$X-lRdfVJ zKjZ7|gu`b=zO5UX#58Afy|hAZTI<=gg@{_s+E_~Tgsntm3V$>4DjLlm>MrUf<49d#CPdgw#!e8K=ouQAdt=9;TgCZR0!{d<;A#M3!|A- zQ|wvYwYd}dmY3wAQI;^BKBm&j$A|rBWN` zPS{g)BeXqQnRC|G$c|>=%I)%KOnvxh#LYI>2Gw?-8kyF9-m1}cWp-j|s$r${tc0sZ z*ZQ&a_|)CO&E@!NQL{zbTYbMmzQwcU^ayrYS=~}cvp%)4!Qgb-*YQ!y-|?l;t7G?N z>RBJ@4Eah$T(wSxS5=+pCr@KN)Hl=_1pIWz;;pK+jZm$TMSe+aNlE@hk9dQmDW+UHIZX$EB81>;AU2T$cy+*>`f4_Ld}BH2>1D@xPCoEBw!$j&Q#`^aPxG_?AUPMni^Zrn6nF6 zJ7^{Few4e7I?3Yw!aH$lw&LqrxxPC1OpXkL3?iiAr}HkjF1|pn6^yy!y7{tyeQ4{A z|9t01)N2l+2s#>Bl_*oN-Y??y%En~ed}{B4 z(M%t=Bh=5ADV?8(#sF3`As-BiHa#7#^AG}T5^ZDQ-Rc$<+|*-g0r3=X{>M(i>Z=$E z>KHKmGjL)zSTMu0s2X%NvO$$QdI7%yk9R-E?OKOHdZn4)*sw5GjbMl*B-bn;gsdRf zBOP2^Oa^}aO7&GZ(gjO*D!dhNBwb8~YuGO;kSu+YEtpm+APb20Rww{s@@o5??X z#7v!yoh%((EbZ-xfAcjovUhdiCnfzo(7&I*a$t>6idWL_ZCN0R1gyOs+3*;Z?QRTn|r++z1C$I z(bZUIIASpOqq|+b&2%4Ty&UIr9#3OsIEKj+Mpc0P@J?Ll?@Om8Od}6Hxh(MiZY9ov zl;#a0&4Hl;j|lkdA}1jPo09l$X8V7%Z!Cfeeg81}`$9>U135AjVCD3O>hDX}l)!&D zMFb?i5$>1>v2*_;#c$#y152X+OR^ytsxBv%ob)gM6$4cD9r<6G-ng%uyb*HaD9FnF zR{?U3Md<&^>A(UGs``RZO!4)93Pl8<(H%qlS57XRcjOv!P%4Sa|1r>;);IrJ>$jX= zqTUE8Axej+|1r&P9+1+Hf7|H~!~gH*TE+-!4;GU4&iG!}aGMEkErsz%%0Ru)fQ-np z#-_$AkCG&VYp&k$p`6@rsx{WMh0TROxM6QJXpX*vz`YUlWHtUa+IkQQ%*9y>*P76| zi)%}c%lJ)|G;j9;>Hf2Hq>!|Bh7IFb{7s75xsz-1>Y~vxv04^k*5=7-ZRX8XegFNg zU58eU9`|AT^`p=9?A{-{H%AIt8fSVmHI00)(r`q##y>fkUWxsRR(@jaI%I^&J_9l} zZX1QicNiL;%#2zRf_#2{>h0@sY#@!U8fsWPUvT|uXJZK!ZiCKQ&cJtu#zo8YYF2Q( zf3i^yXh}x8w6(HJzyy+L64Aa=B=uqBS-EqP7p#CQk^MC->yVIC-|v_N5ihNRKYHDB zk%$jSaoOKEeQDQo1qXMfr{BD2iVJqr;K!kwq+?)6X>R6`0s>J|ohOx*gJz;GJb9=L zJZ%Ec=yJ?GE5Hilfz zg}vz17uAm3f{|-3ZGp*zH1P+9q7@VHx($-W@{!65K7TKnYC>Wh~Z z6_>f=rul3qeG{vR89XSOh<{e@GxED+gX<0s{z}}Ypt01{)REb5 z+NM(lQlS>{%V!TEA0LV&a%t#lxwMOracHwC>=SdDgLx9lgH^)O=ogdky&u;n)OTaj z=^#XU$oFb*c{ern4~VC}l~e{+{16BCdFmaQUIMlqq#uxXE=`CT`;C30-@I-5)qr_0 z6S^w_j4REF;q^}4lN(D9<$0RH4aXbVIo>dx+IF3#2HP>wloIkB>scYN>NLCLpJ&X; z*SX&jS5i=<5!7(vjI^1u4o<3sbIsy#v6002_HaH;!&vC47kBsm{$Xit_VkaAzF>j1 z6CA!dXj;ASk^v?(OiT)XSNTLz5)z>#8dzDSgEv>tHIH|wKnJ*;d|y0M#-B!nRe|Zu zHec8{*oQ83vq5&6@g%qaH1|;*8=Iu`9L!^UV1LT74sA%XX=q$uh~&ta@-DopgLK2U zci~MVDBTd6mI(>oIw$R$UZQHNE9c=Kk}!IpO2yNKV#Xqkz zhkq#N=*gsvN!|usb%w&*?9cAQ131_~tIIVYqaLGeF~^GSTm~{@=#k7~NjuG48?IJK zE4+jACh69ycLon}%u3N~Z$qcxFL(G&@uhLw_(-ZsRcNgGB&B{Ve^;;F(Y&MGPxy^2 z!B6pTSNH4s&DkDY%etJy{em*KMn*=q3h0Tb*Xshz^! zJzhNHk&_E5zgYjk>cg6%0J)9>m>-WO<)nsqNnTIW8GDE{%J}Lx$#JmJNE{7+IOVZ* zi1Mo=!m8_ehL?0l=pGhU<%yl7xkG%C{l?dH;fnIrjc?8DQ><*^T+BsdKEkR<@@mIi z2W37K#ZUsQa{1_+L_%tB))L8Mdj_+)yLGIoNUojVf3eXvDWt0lZj4R=9 zs(JMzkvipf6mv5tWG2{fkZVSOBcjq)z8P{&+ztBN*j-Vw;PKV{J$2qOx*#vOtBYIU zjk4_7dozSh$FlcpQUyAl>Az+J(Y(p!e<-e ztT2@*nYvZvHaAP?oRxQ+O2G~`6**FGCPIF|!~{u6g)5@(?(IbqJ!yq}&S%w$0d zwF*m{%dRM{;Rlkng-cMpiy{UW%!Dmy zfmZ5Ab)1za4i@gW`Fjia91vzp_xp=JWnjK<3^0`!uf#731|b;?I4Vbdnl%vxI=A64 zzL7d`|Fa!d0|S;$QM~e~_6Ot#js1P)Xv(ZiHX9WQG+VD8SUgXIXIQ*?CzU^`OF~lm zEVOZIW_iA-F4Q~6+AIZj=ss=>U7%W8+9khZjyG3r`8hK)B56G*?duzifRD0rjOLi| z?ORzg`yr>4o?fn)cxdF;uVEzcD{{TUy)4CjY;_y?w$3@U3EKTAG^FjO}-M z`21c!fjW1Zs;cD112ODkb-bE!aZ@QHa0_u1_a2@&$=Jtn{r(k3TfU`}#iiQL4jK64 z+!TFGdPD@Ay};07E8fqU6k*P+qiKr4q|hL`sKrRbNx1}9Cfb?aOhK=75^fCFnVOq* zwGwNar2VQ#(m>o)rco45+&ObmTsHH0!1f}8vd|=O6aPJ^P@?&a5_shzCps1#YfitMyG?XfFZnXi7n`hG>G;h722e|B10MO;cnw64Wu><#vJM z*Xv*(>|WOA%$#LWQrLlVu&H$O;#u7D**l^7;V0&oN^Ry_bziQh zGFV(3@(`pzD4?V%RyiRSWr~Isk7%71kM^P9{^jMNS&2Fn3LX0b(Y*LXeJbRq4aYPV z%P&69Cri;+k);_>GOGZ^Bw!U?W}!Alvg*Z64Kg`pLnl5KIxmxiUCTZ$EJ9 zPC{t7o82VXzNKV-bTQdEB~m%7An)8XTTt-pyj*+SqUWL%?7mfihhntE>9N|!aJe-}jsI1ZFN{O(Ke-sQ3dsM(0QsRf+Wp9o&U1(P86~ z!+ddg{LMW;P?RaN za(q{znX@JM8`H4p%*AI;-+Z#y@tvP*e}am=m`;#~Q#J}dJ%kVV`16LHzz^4h$l-TEphd@p zrpEx4xu2h)VR}Eu_n7QnNl7#tnjS$rF?;no6r@>E^d6?_(6=kd-W0AQCRbq48Hp!2 zw0Dtm1MqZ1i0`5g@aOGEnYk%L3<(tR`}SnL{2GFi8U3LjvSij!e^h5xzXEb29M)}D z;Xg+D-*gEu>NQLRUpqKED!}%VdG0JEsO9+1PaT&bF65BZK1F9+8K`$^_ZVUREBFai~=?;}txIFOcVkYm%*_ z#J1LR^CdzWT<&SelC2J_{JHDU0GevpEFN(PL@6*WRZi4lzG_wvj-ESXJ5zAf3uha_ z$JOQ^YUQA_;v$cyx>57?{b!k(KRaP51ACWKvWmUK@4p+hS@l$*uQSLOQs% z6B(?!MY3rY0HLJe>p~%xnfpq{zG8xQYKR;Bv#SR?_=_a{sZ;ZoD z1_ML2#`e)p(`QB}pTVZ@q};RCY#5`K!d*LLCw9eTY~FJg3`5?*p=#On@fr<_7v+GA zbD`xl4u4`aC{fzI$?sgX#&FtA3iktJB-Uu+MFgm6qd5c(6PJ#pOPC3gF+QK#Qb|R} z>gSi6HuHmCN2=JC_#E9&+XDi!&wlsBLJ56>|Ktb0c!7ju8sB3{`|=2o!=Y5kpKJnG z(CbK__}zXwG?{Jqa3>@%Ft%RQFKlr79*Bj<5)iY;0od8th9gw7vGXL1KHw0V*;H5* zA3@i!nNC^Ei)5Boa2ImR!BrU?&OjQe*hGDTfB>($ER&59397fA5H|K!)l{`r;rNbW zl!mh?@M@yz?BrxRAm?!&daU{$p+k4$^OWM*^>I^T6T!~jku@gu_r)mJxpf^#DotA( ztB|(bErIRjWj6LdYf3s$C^q`c(2#`b6wcn3J*PzjK525#eCJ0?7eBEJO24oQ{HUWbHR5Yac{S&rTzIi0|#!Hyi z*?jH}$w?`A-7f2Aic-8;mI!NPLO)+F7nSB!j#D4oZ(VUdV9{2#x8XaE2&6VI0L94$ zi3z0a`s8|%1s+t|{U$P5FhWnYiQm#itVWFvI6%t6!a_oFvMC2P0000gDNXIWxjdK7 z?y03k3`<;D%U`u!Qf7I+udDHt%<|dTHQY<_#H!B7SelgAmT7AKa(%++T^H3fr!(JvgD5hFA^M6X^LXr&F?M6Z6br3L^2^W6_JQ12vWZl>@~ z2OkiZqHtr5C}>!^i#IAhb0fCATA9u)BGx!wB56jfcuE??ogldqKJgn(2`c}n9znKh z_Ju|o(SNhdwWUq?1oIw%xBZYnEda*zCG)J8@u}z;n)cf-d(CuGnBZ0 z{&0C*+IoYGKT(=wt~YP)Cg-MFKJKYKap|?khx9dRSpTJIfFzVo*}812nYVjr`0J&) zq9gBW?({_1_gHs^edd#<-i8Uu4%*+goWw%;#SDu%G#p)}4TlKZ&CumiQt~YI+w(+4@pyn%RwUH;Sq87^Qb`frKl2gCa{K~EZ-p|DC(b|Hbkp4?6Vwq zgo0f`z0EAd$k6fWES}(Q`U@0%4|x$W5lOJdl5Tf(S|7gyixLu*0Z_cqm0$SL0ki`s zl!AgpP3Md6YhKq;fh#mSJo6?$venh(vQ)Zudf1Zaxc~}{)>R#lph}C>o6J)m$*1S% zK;M>S_cdRqr#nX*aO~Aw4*t1^lw{7FOr65=Rz1>g-&{RgwvPO>OmrJh@!%#2PlbSv zuOGwi4ah_we%9OlVjUx{L$o0BhYkAqDL1zo!*=SEceEJ<`1F;q4oG8|X59dDzxMP! zqz6#rQ|wSag6B5YPa&s+_prr8S-j}nSjCCjB)Z=ctqL#*j$;LmY=Ll>FD9b(PwUoO zKW+%C>UtQ27&AU3o6?IDSX*n$5OkkK;T4p}fV;o<@@$mSC1@Sro6D&r$7_g)UyIgyi8V~ z#=Op0A@{{3A4D#!%XmN5#;HW~_IH!_;(R}%6P#G7D78uLk=)=Y?BXz)M2A*=_VAS@ zekn9{nBLe5av~FWdg}g&wzJL)!+6bZq5nBWaVtu;#lpRGv-*;?_kARmHts{mUn$8m zY#`xfuqiScrS(Ha-g5$32H_Sm36y?ixLz9_9T5!pWDe1^kJ(1JRp!*F56}_LA!#0 zl=lYHfGn_#@3xl|h-|%+OIa_C2&1g)TYE>mO6#vpDtI@;gTu`whV(T>YBn5{#zX@0 zyLI+Zm3%n;#zRrr<}DTk(Q445PJ{epR7BTAqZnhVGWaS`-GiSk3XX||N9F%Gt$Jpu zM&|Ef)AC*TK}Bl?Ao#S)6}NxKkP$MKJ9AjO-N%Wvu`Ct`i;U%YH>VC{hgo@~jUCx~ zohMs+xWI;mzetMD@7@_sa}2$DzAOx`F|>{m3qGq05_{UEoHi9o%I@*uu%Ad=d$O!u zc6(;h>>$V6Zc}_YTdOr)?6uHr;Ff%O>Gp$tpGzm{*>M|v&SGy?ZUPpT{cIQfF=v(D zfP%FMDe2VD7Jt)xqz1#X#!oxO=eBH%1kx_m8WSLLOaSnIy!F$(mJ00+%1QXd4^xg7 z059rPGsu7YiSIIMa5N1ma>0?AyiV5b*e*GYT}M`Lrh%M5e?8Q zeLHucegi>B-Sf%6GU?REH^^jz2SV`mTB~N+_0ZwI1A1>b%sK{dfAXb={9?YgWxL&8 zHerCUS*e@Mha|TIy2L6`|HZHt0R)pY@aj;w?79Txjz>g=>n4*w{y?P9dB3)%N20Ee zO6l+8^fg{0Ed%L=_T$5;aPhkiuQ`j$(eN);p5EecgPD=l&sz&2Iw))$TeW>fUfOK} z%6eXhaZfL)tUK}0m2vtjoZ>+cEhn@m#g|=Vg%V!Z4PliD=lP`D-)@zndQbcbR{;$x zOe!x?Udt{kDEHZdcA-hd;`PVWaaZUV7iHP9sgnNwh0Bi9Ov+xfnN#0xIFgXpG88F5 zQ2Qvi$%T?8T^Q#V1Nsy3VXx*fVxnH=??GvHZK}is-z!|6rKT*ErJbhX$mKcI34QYF zn{{XHZIXM%)SI5wva~uIN#83_8yy>glN-Db;i~}wwzxL!EmD^3&XaiUZsRg}wS`7) zxE75LU;my`WJoU=@p-}ZrdBKAyo}UT$_c^ORywWkKuiW5m?5$&ZY&hO72WMf&RC|z z*Pla*EdFj^_^y}rxS_&FLyx&@ZjP4>@%A7vawNkZ;4Yh%A9t!9=y)gNkV=v8a_YSi zKN>!4V*_(?=0wgeHx?4?62Q^i0pC>g{LGjER3~WIpT2k610e-g63AI8k>ff#8udZL z2Zji%5#dCguldF`zlI@k*y% zTxM2EY0HLlC#_R(Mh?|_E?{87r4)MJ!`Ud~7>Ji>rdjjrXLI#83VDZ+ zHBQcAHE}zLA=3Cf3ba=q@VY|2q(>Bhx~wci4MA^2*V5Aa(moCx8eLnBeV|CkUxlK{ zuP6?DBUdFf7KWLDVC3omWfge2bT%nWMm-xpW%{|~?P~3NBPB%S>x83LEgY16dxRF| z84w0Q!)|bTZeV4e@0eEwp(M_BsxY0FSzr(#KLk56iBzM45X1&&@^OxaCWC219oxGi zA%SP!egi>l^hhOyfUCEs)ROljnN<~z(Zxq#8Vdv5e$!w>#}N`tw6l<;$Y-qTJ<2SZA1&V~1VX8y&?!2ZRqU?uB~He0(r zxEmm8bk3^QewkllH!zC9mr?cQaL;;YPB4?iec2+>M{!t1+jwO^D4yfmQflj$pCk`Qy2Mcb z#4fOqM2}a$Gi*(a$o4`ZWdK0SOne7`sJ;A*YFLAMBRwQ3y|aLI+r_Dg@kynuH#kbQ zTQ7XSJh1shws?t(JOAB7v@}!?SBng3E+LsBP36bRcOT8-Dk-p&mR_0d(W>X)y<>`~ z>@z1uD(yc3&ATvrh-hKPIN2{H+ZX5z7~b|d>>>7;jEwVXHc(5)1YQw$SJ2_l;I` zh01{vx>4I@mzNLPze{<6?J>Vk>K?qvAH45J(s2vQbJfsVA#4DJ&@?jF29A!^1w}=; zPIdNc0t;>44a^5b%tnwDBG9$P!A_HUF(zYhlG7swCCcH#W_!JL4)Z|W=uA;e{ zmvOJHJ_;8(-46_IyX+j_2ba?z9GTohWUvYBJ|TtA{`l#X#%dfuB6!%aJt$cU?)KwJ(JcN42yUIDc zEF4xC4eb~GtB`K}$soiJ>i(t_W(N~(H!Z?wltT|;B~{3hCGg_g&t?K{P-xlQtWd)r znNcrxYg86KdF>kPZ9y=d#0K&>@v5Xuv^k*&%wHJ9s#3Z4q}bkk50ps%5V4ZLPBpSb zoRZ55U?bG}=b4}?E zoq%k&Iu&$d(Gw$t6&~*Pej#sKKk#{}#G2iIc@1o-y!?xr!A7VbfW<4ROiXND!4>9Y zw%oSMQPtK7JoG#~SSNS({pIXmXZD@qBE;W{Wb)dc$vbyF;idXS$<0DHYL#cRkqoUTArWlO1{6Fd$R?V4h-WF+a-QatDO~DSo*H z1SSwSv#-nXl}=k!Ui-_RigEL8-`-{~6RLxuiMqq6yv_*q-QLxD3w0kvn~WAfNXK&EuL;rx(5XOBtgat zwIx=6i_79#?1>fvLz0X5DO7M$QfAYxjtSCP)|85+AfEVyfpSD2eqDga=8aM!9~F(j zmm=?Hbqmn%s%ybuhpiWf)}IyAq(5U&DwH^R?jX8;#El7AJP!}s#nD&PV?rWg=lglo zeRzv82S@XFMt!CAhC;YrEcy|Y2@kFkcrO2^9`TkT;-PRsA4aY!=+KMGlL}!F9ar8B zoQ@;8I(!}?@Kl{YcV`Hk_%RFWxhIMmC2b%z`iB zS7#su*T=-tHUlwxMfLkO!oILa|78wh>}Cx$)2>@s*j2t z8&Ht891-`zI^)SC9W)+Ln=Z$BCm7%Pg8mf#zo00<&T@Cn_>)c7f&1zmFE>pCtAO7L z!}1Fb4y=w?TF&e)=2=@to4l`fv&1O#+`y?%2wecVc_`5_qOVA)uzcU=1?Hbj7xb%r z1=YLo$X%08TvFy0BL*OL*8(m1mu6i1U6UHFb=0$ChFyy;E>>6DyvNQZ zZ!CFAgP(n$|2h{7Aa!_wDTX|JsyVfQmN^l*6F{^qK$~;q2Fd;42z0^l?zaGPgM@!oracBgvGR>q3JsZHJlOooT@aKCyi0C26V5|`_(4Ne zo(xU2Mv+Xcx!Z{4q2&MAbQq0wJMh{riL|aGq_6KzO;^$tI7WEUbzocr8^cGIW5k!F zLlb@G_cBWMR)p?f`(S?W6i=D`5q*T6<5kX_hHNI+zWu(4Za@?u2GG7;anGKNd{&m{ zCl5m=3Wbo3<2SfiT6>x8z26gjh3!xym#9fjNiiE7vaW1{@>eRn2orqjGLRH;?m^@n zoNK>f7tJB``b8q@1B~jA!XXoU-j_%GVMwT5Z^MjTONT6Qm($f;#v*tzNESL7pR}{P zo4%Lju?dUsu1xFyv_({ylhX;rm8$Ry7KM_6OH54M*$5-z=#4@$*%G*=8s2+bP-_|G zz-5iu4Ey$`vhwTZze|Umo^P0^Lq4Iy%Gk!17CfW#m&el#sV`yt%B5497;X&L?!nvP z3bf`~TFOi0EO@LTKD6mLF(@XXp^uMcN@fZA$ zN3|4dds*Ic7nheimHy9VM{6DWeiw<^gSHJT6u%)PT_;ji0>2ZWYqhjbA{So<3Z+wr zZ`*JAo3>(jqg>(=08nVvpii5?qffje>!+vogNu?xz9!=lfOFj{gFq5*I@*~gfR{}f zqyPPg1ct|H+wJi4?V9~X>tRKUOw&Cd#9?=H!cX6)^MT#l1afH}fDT2%%OA*96R2!G8eqOo8F7Xm>Y|`#<$rK)2 zhZ@d@4bui)qz(>g7uuZU>F2dRJdnsazsJB4) zZc0khd@)QLZFL$5O~?eWSZQ|M^+cQyl zy$LFwo9kS1ojqa5Sf$-u%=$o!PMlyildoOP7*>X<;>NW0jP7v_Y75TAFnaUa1*p*P zSoI8Ypbwcvh>;|BLn;M~Nq=DBIp3lXC{2?#%+B6@>N zLi?WplHWD+GBNxUJ>u}0QHT~xn9mm1yMo8q`!m=q6PEoRk9Su&JMLxkl}wtGB$#bW zHK{WcRfUKs^KcrW9jVDjoyitELo=VeH=N6SP+%9bWg^fniA5{ z(%rq*N%hrHQA_jlR4s1DEa&%p z*6Ueqf-vprl!(%re97417y@2|CZD$@AN3(}UjvQ!kB$FM1Y zfP4bT5>qgZ5q9}trVKH>`E5H!tzbEt=ae#$kaW#UpHC|h)cDe&^?8h@cG$O`OOW;D zrN`OUyB%wZ{_`Gec+^n_`AM(Xk$ zvIOx53TY|_C$awo1-Sk&#nM zmNE78WfT4WEIC6MhA(O{&eFrH*_D$zX@;VW2ST2ko_;pAlou31wNec(g;L1Vo7)oD z$Q(UB!Q^W+g@dK{m1YX(fO|xmmt5&4&`nDhl`}yQ%}Dya)$12O_1`gPjv!f182|0w z>~V-|ej5^{h1?)O`pc6y&s`@aCWI7bp^6GR%NO`+7UXrod8hoN*~$}NB`eY3^YOsY zwUiC-J#XFTdLJFv_O&zz&D)k{yA{FIiSgcHuXpYTmG-ve;I-b94j;cw@Dw{ z@A=C3+T4vY@yEdtjCU3qJ+E(;I##O!AU3=~fyNlU3QS_9}~{=kE> zg@j<$vMq|T7y+umd{!Z=eV)DW5Xc@y`5-jLe+ry$Mw;|}rLFC;G5gf!p9G2uJQe9(U01Wq{B7wMsZtsmn(b)L z)wuFOb?tM7y#?ya z0(6mL*ms_=BC~>!!<&6pq|0Jq!pzHEey<`0Z$Hx9f4pegTcRo6to=4>D2EiAzdh|9qIN8jXgzNuM7YCasY3 zHA$UguzC~(J5VP|T{s1PQD>nSbobCKttb2qpHB(F=qE)FRM_BT0Sa(Q%<0m4+rlf2 z?Pmi>C8;uskdQ)P^#oX^ctb#wLgVxB&^R)$xPeBnZ>|;5doV5k9*rkHp6t-VHoQ*ia5qP;X4*&EijzlyRJ1jqCqoq)yyrKe=5Xly&Gb|(oCpj;F zN*S&0AW=rMnN(E*8J^vwq_|NJsvmN2#GWXHA3D+m0Gtv=sp`8#-==ksNlE(7()8Me z$nqKiSyEw_gt+8vivLN`q_L9kanlcfXPT<(UDm|`ujCFRvM#LBFY4d56lz-gxJGQj zgz~&n~S4EV=P65hle*^s<%~Wsr$SJFoMTo zII3DWK!76$`un-1KHd6GZ}*c+O(AuQC+iCU6d7ARHS|23s%5b8NUQ}%67-)PYnQ!N z6cT51^Gz>;y(x#IBcVs^30LX#^z3S!?E`(z&K*5Z&O^}FPpRGg{gaP)6o?g3{c3h= zWi(%=WYN%%8DBlwHM4x|D(RY8gr``BNun%tKOB%{;$uwIp(-+%Bq7xXc8hAgoF%lmF#|j zNF|05;#E{Ql@(QCICg)x@}!7r(58O!eSX1_{%FJqr0xNzD&tCB;?=m~mC{ zWZm22cwu<#Ym7qUd1OAOb1x#6Hg?JEcyfchL|%7PgiP+vVx%9$|4uZ8P~W0Znl2}} zsAn=%P@%=olbs#%)z#Hd;CVwK8~`>y>9Dk{f~B-KS2Qf>3qlzG&wZ#pOwxCLgrNX} zz(xDz;!iQ(MS}PdH-?AG5`IznbH}Sj^R4t^`5%A#T}4CMG?OML9Ubt2g}q4lOeNTK zou1pDQuf}27SJonaXOe-nodDYU6u+K*IZr;WLHtVPRn4sBVmL zuK7g7^CGTV`nz7wsAo*D#?ykM6X6ka(i4)t`t0W{I~^N*>Jl>R_A%XTgh^v#Ky%ZO zG#&r>uI6AGq3I#Q0~YoM6AOh5?c2EF&`fxZn`lb;S~^*NXedZeF**tdm4TH~Qd*-5 z`KXn61_YN7X+dO_t%#^`gz3~b%~KQEbpTK;Pj(vMEVIgq|`uMAU1o-rqeJu>jUf6+W8P z6g`dBcYVmVo@W%~8bAF?iDu-44*!8}!Ao?$Pb?hUn0!xJ2>TXD{08@_=>eRBp@7of z69nBd)R;2?E?ftPht@z9b0^m#o*LS7?h&&x=jEazwPjvimYJFB@rk8ZI}00Tz}O3J z2dA*@uYE@^!s~1LO$e4*ZXsGLn3TepBOiVLKViU?Af(#v*P)N=7C7q=c=3dAUnjWu zlj13s9#M&#@;=alNk{>t_e3h1m3bw%BPLv3pJgnkBt{e+#44~SP@6VgEqK}geZ5Fd zQs^tzSJA}=bU?LIuGyNMD1F zT!-w>Gf_wFcg9?v{y3UUo=ZbdpS;rIj)#Q^Q2ReTy@PusU9`8|u|2VE+nCtKL>(Iw zdt%$Rt%)bLCllMYowuL!o%8(z)mLA&tM=M!{qDP*w+Be5sD^QR@?K7&oLjpJRp6s+ z%plh}vTbMvnv{C0-t&mFEv7m2T6uLNBhQN4D-=rQBU7sm2XT+ejxuY9|EJ#kk7eQ` z&$q|pBX`36Dph&ozv=>o3yD()2gTu#k-0)IAL$07pioNG7dWSe@jHEUVH{`gOlB@y zdggC(W|YY^be9-vuAv=>@f-zEX6W8=q;7jtx8gaxVvcrZcITMB?yjl!!v^4lQP%aB z=S@H6{&!)3Nr1{eP}{M6XTibbpQoj@btMHg^#lZp0B{tOQrl%ivBvWiI=fgkQb7@99Pb!$ICu;aG5sedLt4$LyUH(6RDaz#s{JhK?kd88%X4 zE}fYkFJ*h}Y>I+wGKUaMddN!EHJy;t@jfw$|66$-QJ|9RlFSts6s;Ven!+TymM{G6 zdZtOs!0?SI?fV0%4CXI~mByiLVd)c17nf$xaC)=?z2?YJhD)`S|EKa@!zBEF1%T7m z9}H80c~2dkltg`H>Zrq^yLrNRGG-oZy8)x=&i#(6Bv52PiGxvMq>w@_?%l2|ni!W> z_~nygEa;of-lHDscU=>#w8e=YLw-~B(61|9j2LXsstivT(-teZk!8AqP_(Bxw!?Cd}#nzy?4I9ia0gL+XZXLFt+V>jHdwf44 zVkNAcf5U_c{JL2*+TFQ?U#rIYzV5L|deLm)`4-+VWl$MmZJJ%Sj= zvi9F}WeH~PiD+phkik$D8sh08LsesghRAWE-b%N-tCddQz{9$M)G&p`g$X}h zNi;xOKSx>>{g>7M4^K`bfwgXtX0MUsy&01$FV2&gA^lF=M*32aWL;#Z+^!W}H3BuX zGY~;s7c~a8V)EZ2Dfc!jl9fVh79k-6P!-Hqt4m2nT10o_13_sMd(# zmP8;+n^OEtVlp{>`YYI5^wS_Q2}YNN2$}F8Oi4?pg>3`1IJ*n4&8R#8Nwdv%BZZo} zv9h?W+5j|}OX9;B_ytPifKoyzaxy>v1P8VeDvapFjZFL;ZLWKM+qt(0PBX+RAjFDU zPiX!>6vr=EdI^ePqF)$siBM>i3qb@sa7iA8^RGsW&EM(Z#elm0j1$4l94^L~eHm ztoLVGB7(u*csg`NmYaH%BjwJb`(E2r(8PZ4=0YqZhhN7q$0U@)8iICzRlLl6rop~h ziTVLL(RcK6j1m9%5Fh(vWY~PKZ_;PUK-}wl;s2=sU(vv^gMjTo@zZcrH@|NFp3d6e!>%j&j$N!xPe2<2?(4vc?WfFR2KWUTRsM4t+~L8dSRyvWM&;*yJfG)+N` zNw0GtQ#s8^#r_QM1_%NiqowDtQx9w8CC`>K6xe!S1@h}^>(J>?E@wjsFiYl67PVCp zTv`)6Vc;3Ix;M~&7$?v4Cwivr5IPk7wJB59(PBi(i#u6lOwD+(wimSO?-%lF7>2DP z*mwcW(+HE9f_Pm1h&&-yY1O52+AOB`q|j@PzdoEXj{~<6!x88r544TAsD`0sre$3v z6VoVSs^@$vD#9>o{qX3lt0=LvxH|9`&)1^ercUke?_x*Byay6C8V`H1UT{1Qfo$h7 z1yC3hjTd>+8g>eC*vu#xOJ!khkD09b<&AoaM9Wll_OHsSPV7u=pRNiIi8_hyeJ9zB z0ed0sjn-FGI^K>^wn808h4Cin@lWnGNw=%AVMFv_GPE?zf)@sYn?aMiT}TeBBL%D)63TV_wQ{o zcjvHzD@A4Nt*x!2A)^wjHh7{PKz-NYs}%Buof5{IvGsPoePAOw<4Sc4FD~(e>O5%irsdX2SmG5D)v=6Ju70CU?qQ&iQaC($@PInsR@J>#^>(on;pODfuM zYO?UpYg6TQ@i)0A?(N@hg~b^)A;#=;t)>dgnMUh1;P`0HT4Z80G=Bu;#FQ{-NCxEX z#F)ElGLt(s$Y6JB)Z;&ak3f!LiEChxFRN-XBPL_Qg0>i+pi?_)ex9WDMf3d8XN`g` zqWec2*{n{M;8!Hf&7--1psd?3v#5upZ9bg5##)5A#K-ZH%QH{j~w%_=Nj(OqY$? z|G5C*2UBlqJl;*aYQfJuDURCu##Mw@JkLq6zI7^kcNJHPZLYs2G_S~Xho6o41+rGD z{b8(L#^z6}fXga5XKkH{zjzz#v)he*8QGW`_)I0>0dp4}YDeF7cS_5vfY}@xDA)Rf zo3~a1XBAD5PSe*NP$n=#eE!eYUC5m_a22QzKksdnOQ9w3>soi~HFYIIiqpu`vpt%S zf6>F)y`|O7LQMIGKCP$OkP|Fu&kdJpq%mGzp>wY#e->@k$0!y;srw1nkSvvG{>$!n24(^3<)>utC9Dh%qwp z*Z#n+=c&ZRB+?xZs?KHreJy+jpGS4@3yh4y_Z$M|an>N3Khq3<^67R|Oy7FCI04uMGv zl7ov4E&bE&^7oF9>pA(3E77j1t{-|NXsYZHEe^BhQ(Gbyh#uI&Fbv-bIFOBugbIE;PcnjVS6tl!uI&Nx=76uUsHNhS zvu8M97Uz&dBcIZw6}{h)R#@6v#TQHKzNyXON56)Ud<}Rw6b6yUE44Hm_Y-084>r@k zd3x%{Kk{Hf(qLf5VR_<~?=hxgW_Tza=M~sNzzK~j1 zjo*3>-kFOYK3wwG+uRINd#XNm@PJ4oiJbDA$0^9F+Qa}*0MhpeXLIB@9@cqlyzY+r%?I-pZbJE=a@-Tu-)M*-9E)2~ z<*J?D%qvn(9F@@`te^0I%i#YS!e1kvVMn^7Rbk37j}AX$8#hA^dh3BYtlWr;?HQ^% zh9;X0!Qo)$3?@3#(od!YY*%eX4M#Ma1%=~m?PjZiYU?-3r;=8;AmY~8r{N(Ck! z0g=5w0x3FG$G1XR;Xm8Ko)!W(-D_b!^FbeBzVlmaC=|9VERW*rnq3wx8@G=)-n*TA zco%T$IoXFpjvV7;cV^o^c_`FC-D`GxJp0azmVaHp^D4Zi9XY&8?+G_1`b2&+e)yZF zeKWd-Pu{={WBog11dL0mh1H~_igjzLCeVsv^kR&D7@)C3$`W@?u$@H6i37gcW8n6)3?fy0jBvsB(<(b`Z3YmjRZCv1_5sju@o~z~%D|vB7lm_F@ZvF^~tT4zg7w zV&5t8r)Z2WW7UN5Ek|OBn)=ZT?K0jC;e*y%=11i(qcV9 z;e?E}F6pV$p+gv%Vxf4;vq{U8(1O}DlvRJOy%0_?Ulr&qo-Gy)#6@nL8Pd@@P=Lnu zy=lTE5#`Z`hzfa-a-XO!z(C|>i*R|Z0~g=<-fTe!OB6w4S0C<4B7K$#p*uy4?J|^t zdAOm&VPA^dqj|9r?&Xau=10T5(L8c@w#n)1hrb&9z@O+W?*!7OUdDpk)h+H29*R}L z+GQd4XQ*V8Cqc&yYBwX;`Qq%UmgqN{`n#Z`)s-t{8qPtO7I4%RpeUhxX{N$ zNz632#Y`VQYe+hBofgth4%tTfTS=@KLL=LVmXpq>h}ox5cQ%gmt}dSEqleG}NU4Od zi@$VQ)XsJ9Fp`Jq!$c_U>Uo^HOIKa7b^ZLMKf)l``-H4HR5U0FE2MN8B#tpqNl zWr55ne{t%aMB06a#q^w^R4RhiDa32@*p$GxgE;|J?zMwLV12KBiOd-RelM{~h*oz) z@NTQyKg|>I3Au65V@1tHfRsWCo95C>*$GMVnKM4`p$#?p_aiDaG|UNcj}D1f3|;@E zWrbFIaJlF+Vhi2$$lIssnUm`#{}}ADZhySSl*I%W6JcDY&imdPMqRPdF9s|_@;)kBP&$KIses{e- z!u(1wk9eC?|DYhUMeZaAM3ur8Jo{_|-Az10;-_Ptq} zE%i!|+A!0Zks^=Fcv2>bqP3wN3PUf-$8Iym{PuaRk~`Yv@7l&q197taZ==R0@GUFF z=L-)DS(Y*A=huSRyD2dT23Qmehzmg+_#_B>tD_}jldem)z5hrT>2#!2WP z5sn=DYdj`RO@J{vdJvZmaw4C@{x|Z2eQARGoG94AAHv#Ce0p$2{!;MEma#pk8 z+UVakVY)xcv0D68(AR8>$v9(vmny|0Uh6j(hsqr9X*>*2VkgxsVAJZC{;+zfRZ`xp zC`(C;sx^+rPfD`yBQuF_3o3VWt%Q=>JvyNN7aA@4B}Aqs@)<;;fb^Mt?7X7}dosm+ zv=wOsX5Kd?5YiHKSPE&U0d@skl|t}m-ppON0JMp$P@ zaf=4GC=-oPvRmK{dMxz*=*ni3&D4e9m4nifg10F&h8vwzi2*1bO=X-QazasJ<#J1a z42OkHl+2+b*5%Ppuo4`y>=b{ZTWS~sBFz$BRUkxc2WW0y1(c0Fp0dvrdRl64k{R&V_!8r$|Sk?_<7sJa&k?YUqfn z8`Y@#dr*VpJENv4)AN0Bal>!~{K75AXaKQY&7y{K)826!+#h4JO57^$it?$=(iDqKWa| zu_HQZxAJ}#IyT@x4HA0_-(PG$7ap2!zya3? ztv2@cn7f6*CL_(7=~P$|Xk{}y;5U_JR5%ZVc!KIt5yLn};j6y}ixWJy zjOB&D`p+p#g`HJWA+69M-mtK}Bm-drS&&~;GZo%xGa629O02%dTK1k>f$O$6;#-^_ zkQaSt6spOKp80VrOM=OJ=vZW%jvNZ$Rw3xpXN5uESwE*(J~mPI@?86eDdq#RG-<$4 z9uN{~zf0o62~7<1hES9_=kL41V98TRox5uS4S&Qu`3=whEcNxsxiVrK&Sf_IndA9X z)sS9V5$J1ZB5-I1mAI)}#vJd;;&&7p4+-=+NUtdM;RwNrb?*qVZ4V1VuOOa%4FXVYdRmqM6 zZ4fC0sDK3dUeT)9c;l*+()^h89>B)p3j}IWMIc4M4$iZsn)n#OM6YNVT~cij!uYa1 zg)9d^X4~0vxCQLMX43I59;Stphz`*{lRcT32 zB&=gln~iPUZ-U=anD^`r5)Mk77NDCO7P}<5ktdJ8JcC)0G()jxgINmEXKID(dS2iRxdbG^s17jJlhjKf3JLeYuTrb3- zTDltEBGepEq_D4De*XOFxJw9y&I_Kzb=D`-4GJqcDKicUJR8h0B@QOx=m&vHZ39nSxF%Q;^bl_oF>19Or*f5oh8xcX(L_9h(OO+fV$%EyOkB8@pY>Qbmgz*q zesjtGlxrye5FYbZmSG*)njxIE(pBa&Se?Hjid5lKDkZLQ;vTFaH7P95%NULT%d5U0 zm025CNeed?FHNMPi$nLF}gWjoJAe!Nf;v7m<>|ZORn?%n1>wIWZxov@JjCfEBceCzZpug^OtB6@5Lcgr)h#Pf= zK8qJ0RT1McHD_sDFtF^KMtw4eP9LV-HcUiN25e1Kj?msfp(*{`7P2nQDx%XaM-uE%;l(LY-&8M<@agda4QwdMRY6o2U9s0<1EjQnkz=xhVK*!Y0@9x4F{M$F49^ zWUYP!bN+J*Qejp*rSS=wWE_5YpC_6reK5{%F-f$)izo&gFGwHPuNzR37)y95sBez7 zI%BDW@|pk7`w?&A(EWZ|%Y$=RxS-=G^Uj4(sDz*zh@k!2XL*_wTerizMg8*9SD z;`E7ssz3g#1;Z#+fNS>!_CVW~LGB6@?=2(G2R&ISD+S6pb-?XG@q*Q+ zRb@J*kua@KXiNGCepvT@hqXOdjo!DF@3Q-cj4ea)T~`e`eTZsHFcBm1e1k>1uDpT^ z{kL~*+h(yh3;Tj}1FxcF&^OiFrO%giDOH)yu>@@rhTy@J9S@Zj71k|*2fDkp*SIV$ zo=a7{X}%u;s%Em`ttCV(!R(Y*!G9TC5QoF12`r~Y6O|sQ7y6rp&9X2c{C*@#T9dZ* z(nFkFoa9Sh3dYo9%=KtXUNX>WeXT3t5EDCSLLL2hmowT|1n=9h?Zf#t8H|$X(h?B| zVMnMb&Jmak{aYK_z)QBbEh&`$zKyO-P!r#vpCbG@$dQC50s_f7rV<>2T!z37(AE^c zwxV{&-VkW6Q~nvn34uQ`aP@eKgbdXCs}d=~`i@zzutS0Q^kU6K${;D*5EMCm7k&g3 zn89Q?ON0JRNxdeLObu7~UOS3N$*&&f*os3VXxrU8@tfKXKs9KAjK<(lL zO(!<99NGt?x4+%7c2aQYcE;8EHIsQ5%fNHkd+{$IzsjGl7&Qd3#Cw% zd&}jC`drfED5i4axAcXy^1_zr*a*r6R#zmX-hbxVf`I)@jBniDlh6f>gTdoDp6X*x zX;?@_GNGj?gi(I@ro~C}c~`WAZK~ktF#Q&BO};uWIpU#nwPNQkMSK}^LXQ}7eB)19 zi8`{LFWvD#R>9ptF9srE3<^@%57I^H4ogtX@T*;W2RtBP4!OIBW4JDO3fcXxQJ)|s z?P6s5IIhJ=XPUB}SWUuGX4`hACChKd&z4yF8!c~H6gZpVWii6YnPof*EGF;RF6 z`Aq~=YApD{nQf0K%Vi5Af#L=AI;+*1RhEsTyqF>Rjkz8=Ws3>aFlo0G1+U)ntYi#6 zBi46#8zW^oLt_tz2xdyxrC!O2#5NU$39blnFD%~D!Q80eX%jT}kH1XuQU9j*xbNu1 zUX!(%2K(u#()mSASOXDG4lI6ca?8_Ym9(o$jFD?(}TCfr31X;znp`@L6M) z=g=225n+dkq@DfM2>{4i2q`kvC)%v^&WwcWUbo}(pGBd zl}#cyBZ^SPQ!kHpDLO7Uv8LkIm~d2qku!zl%eq_RTJZs@50_F z;BmDcqKC2Rwy+B;vaUkDnHb6Jn_?z2OEQu37zcv7nZ7qdlqoYc-cp~AM<}dRytQC( zK3eE9Z`9>v0x6cOmvgy^`+pfK&xzZ5uk;_q6PUHpc1 zbXRfM;ygyY#;XV4in{ot*Y~@Bb366~L5Wmra!)mp{%~t;RKuY+*lc#T6LmXQ%f@1J zMb-_3ZA87i+v?=Fefdyb-qBuJ;XVZ+B+n_z;}}iS@Ky2EoVteTvDT714V@+bcoc6- zwkrpPS}j$m%RE^rwXs$2yD9pN1+C&IOi0UX8|TTfRe$+vqO}pAZF?&t>RzGLyu4pO+!&-3kz*=|!P_~^?q}Q+BU}PmV_WZ&kvk`&-^*76r1GMpE^YfTcp9KeqPk;!>WnJsRpjRMX;PNYtfidx}u{Uc*7e|NUXUX$Y?5Z z`V?*Rg!L7$xfV|4$@7lR+83)RE0g>A<+3?xmq+8^S?}I@5lU-vfXs${Zi7RqgfESb z1_JA9%eU(&PDeW@OeUdWGO}Ln=e*jc(9dutWM&+-KeO&0^`X$wcPS-GToW@@sZ2&B z$HPfU8%>l7WF`g%S{_#d*{BBl4OR6>RwW?=VKSh8`3~52GbvRheW0{Z`&z1ywYy&# zu!}P3wJ8S%1sy!!?ENSAQfHKkBjUsWiiribOFrP2z;!7`m>U}xwi_rblYD-Dh9Lrpps`vVw>3p>9MgEO-|Jbs?hN0Y!<5%Jns&13wy=Tl@zzx%_mt@lWTNa zGspa9^FLXigJ9{@1wRM9+9V^nna^ zi%d)Pqz0sw)SaE3<1)WPA%|O{v(b)3k{fkszec181R1Ob0zQ}WA_o521b+;aU0@t@ z-jU$p_j8?3G;+yo^f2E*oUdK%9-ad}3~H`w>^HcD#YuX6~uRk zfe!nl2~><#e{e^Bh}R3IL$AdjkX2-{gOo5*Qdy1Y#4Y$YctSpHli93lY~yS@_|tNQ z5JfIYa#B@i*cN2@v649v<|rku4FoYx^+%?U)BIPkLyx4Sq)r#VmvXs8aw{?k-kDkk zt1zceQtM>XunmN5N9Q7{=?I$slDTj2i3zPZifMxQGgn>b{aRf~mv4dx+8~zfQ^^!q zOq@-#yPUa7l>wXhopz4ifiRU@t60`DzBM^{p|8rVla%+DhjC}Ig=S=3Tvk`-ZTipa z^l#V{PaoDf@_59Q5QXo>L{=Y9-?J#VprwW(J;twy*CNNj=f1_aaBs;aK;5BVcXhtM z7sNDr>gKlR`m~9&iQbngM5Ypdxc!kQBBo`f!KSnkez}0oh&_WS{9t8`c)u?rOP^q^ za8)1L!In*?A#9|;CH8wRh!}~u1_9Zf8Rs(oJb#_gb3i!Yf0$gO*Ml`Xt19@<<5|)S zo}Y!)x~+;tp8IIzC57SvmHg=BinB_B56KL=EtBtu`x1rbXbh{GALkar>=*)Y;l99C z=AQS)_uI4{j^ddPDXXEp&-4D)z505p*$7w+v2KyTAJ?93ha#zMN*kx@xgP zlV6elt~KYxC6(#lYDUZJm+PB?U5@pcYE|rF$PaN9O&#$^Uli0-NLV*7 zx~S`*V^DDhdbJFR@SDun`907>q%y#cF+V_UXVX(*`NPzIjw$&W&lE8Nbed-fTeo&T zJFGHwyKO>v^C$)}12Td{=8pIuS9olIXMYi{EIEdOoYUQR6|zI{s8R)pY}KE**}!@r zB3|SE0ikoxGcnTW7CxxM-I0~WO1<{+_@a?|5OzgO)v6I{I~%O_*EPJD0XmvbxhT4C0`92 zX6%g1RVoIbe{h1gRloh}Q#x z1SZBX`vB|oav)Uq%aj8jV69jt$+rJ?5`G)fe<$P$5a0*^YXT<$>tcWL-r+4qm^~r@ zpEYTun)wfp2MZgD!p2_~<%E^q=JxMJ_(&JlMiG&c4DGtALV?g$u2O+9{Jc%OaC+s= zziB_pWk-c62ai{22_yDf-tauiLB?DJ5##0m_ z==1*G1%k^b5o<>DAT$R*>Erj3!C8~~zuaFwC=jXGh%J3$O?bsRX!iOoF%4!_7t&-+Br@}1EnVDMgLnDf-_c6;nH zhx4j!DYd(H`xN)`c9PXzdKj3NT8zy|)qqzXga>;8RFYPCJ-nE7LRPigPoMs#i`LG=zF7da@Azvx9tx43)O5G1#qY*8FrNQ=r*g1 zIy@0z$^9PN@X~i*YLo~ZSnifTUuZ@FC3e|cJL#Fuj(%XI8LoyKUzHAbl;qDa^H}gosU0NQJ~NqvAX3+5$7b9&n@o}`g)mJ)2M#W zu*~Syz8KgB*aK+FO#x~?g+%5~1RR#}`bRnnRO-E${eSf0d_W#TZfN-J+xve?_&iM* zuW{ZgzhB0-h+&SwtkXGy0$)+M&Z`VRDmNy0{Q=d(HLaW0Y5h*h$X`BRgd*Eey#s^M zUU5D~TCm>W^+6inbM{00P|hGof^@_Hru!L3;6$U?baJ=Q|3*9kSSMgkn;v^eRor#Z zlu7_%b(M0pjD0k1hT9o_sIvjic{7fkmwo&!_UJjI9>9-sQY+%~EK8HsSqKe({3Q=Z ziPdDZZHZ2Z+EK&VTH4h+ULwfaPrhERZA>Fu|FL2rRBd_x!>!MYtz7fQ3ThEtTWZe| zAwXktkT+OfGp<=7lBMoAGUy1`q6Z_r$A7dEJm7wcTJQlJIcClcfRVl-0<0VHctZD+ z-KO_fy2xG}6A{tZ`yN2pFVt#W3YQ9Aavj*W*cg8eS?4oZ_r^WCCTKFmM72TV1mou8 z_~<+g=+)ziLpj||adRIh?i9Qfv&?rxl!N3XxJ^x%UH6E+iA*yoa%S4f+NY|fYANxv z>PaRcogbwJm!)TH8~or}!tX01_WjFDO!_2r?GjzObZa$#Ro_^7M#dzobdNMkKi4Rq zP^@auhr}`4?ztElY65&$JNz2+UWfio=xe$qytR%DYx}yMCGI|6FuNIcTllMUz%}|- zxLB$3lR?@&s9a*8@9G5-YDD+s)(kni{*3$jiqgXf=#SXz%;AH;*x~p~FO+*2ktu?O zL2h>%0CNDVm|71Du%>dPBBipaJ>v0);Kv2osaXnG6Tl;RV4@(3#54WNuY9k(hdufo z!5WqSk+4WE%a~dBQ~L&66m~$SC$wOndny0>`=s3Cd4oZR2q_PXL4R^<%S=Gs<1ejl zlnlo*3W?BkA4L4#OJ&oG27nkw;6%4dLMDODhj8Y$o~Kd!u1XESs||_(BLGYbWI@mX zEWvt}?-F2o>37dUt^@|~J(IBV(IsQ~d`~ON+V-0Ps^u1^2sblrAPI&dMA5c!SO>LI za@r9@rE+J(Tbg^u7D3r17<)Mem`NM;qfdHTEPcrD+nSmC#L; z(t5J4cjuZtBGO#>yE*gfMI^G8dfG4qUTj%nF~q-U0pa~M7!%f`b6rs^K#S&Pk) z=~ECjR{NWV6FrI*odO(vvFT#(Fjj{g5zoI`!WJ=lE z%XE%UymA!$YMkB<*jE)_00T6UW*1_i{IK!`;*W)uaPi8H8F1il+l+0mCuwJVsM^SH8f zXkWWae3`NpBW0++n9SW;v!ugQ0Y#vbu#!+PIC}$xdc{WuVTuO#hl|7E5%IC=uuSJh z@^MW}dNBde`~>PO;aY1zpkjwVaymvY8it>8dbuZ7lArRiQh6+Z=w4|)3;-RgLUr3q z>`CbWK#Ya(15g9t5D$%n+mJbNZDA@oE(_!tNIaN;NQWb7f7xvTgqL7Gy+26jF{4oY zi6>D=0=JT*j*{Xg)#Se|-T5_02b2^rfg$K&d|M5)@Lot)O4=fljZg8$nivjyD|~jXBATQBCf%Nfu*>cH*w5(ze^$o!0XIJ;Plj_P z0T7y_&VFALM?Vd*xJA4b`vG9MlsJ|Wi1HK3QpT>=2550{&bsrWq?exiQ;ATXW6$j4 z_-1(1ARrPRoqQJ(%pJH22!ifNx}n}6{7%(bAQG$HOsLBGX(pKpHt67Mryf*}=T>LL6N7g1 z0_z(ImjTD52QZ0g-vWq(MQnZ|w$P{w1}{wv-FG&$?hMUiHFPcNK{RLwb1tczNAlHz z0Wj%(HD}6Ij8%Ve)|qa)TN^P`0`er57D~iL$51T zIfsjXE&$Gv>7?hgStAxis-cD6@WNTO^L+93oOu2J+^Xs>LrESjY41oLSM*!(NF=haTQykxv+0iw(&$0SlDKh;tl<@Mv>>ypLg& z1dhzDB5Vx%2^t|U527*&KxDDHk>5^&-e34oILy;p(m~BW?bFW-C4pRX0lW^&3Q@_AZWniFc z=Eu1$c|`zDuQdgdXZH|5nspg{II!l~*4?1dR3-<>>nN+Iqm3A*7*y97U)Wc@$^6{I z8d6V+t9GRQ*OdG5??+mhNB9G6TdBuoitFXpr%iyK>VEdaarL>_)2_`qIDb!sKZ}GM zX5P*9UnTCoyp)D|h+r14lZTi~sav(jGVXoIb8xrq07vKy0o2m)r(_A#ON#$=b2_kux6f9=IiX)Kd0(Db%E7n;qV(NUU4~7-SAP*b zmwHrwLsBGx)?Yv3aX#Nu=;LT-JZ0-%yYDy4k%v7+T`$$hd3# zPGK1s4(c125GW|V^GQOJeZ>1Wow*m9 z74PRfu4&xZ5`xoUWG4dR!HZ(9hXe0X9t6I)-}7Kd&{lcB1#0hgj({WKjt%M@$qekN zycqn>Cb&DID40**DcT`bq5|%bCs(Z1$6e49Oplt@^S^#08|9GGyQ6=%o=30O9eX%0 zqQG3go2ZY~o6NGO`^nA;-mB5%tI-CNk%h0U(F7;@_E>36?J@yYw@B~;E?I?`B;8m| zc$;Knp!H^#@>gt}L!l4Xf+0rAMRC_NcDRfHZM@4fZ z@j6^Z>X3qP>usJowfdv(J~8x8kaqOaVwbf3u-Dmc>Y2fe^{ms(Fmj>Udx|v%rx_Z1 z@!hYaP=kf&JgpiwMNsE})Y8@AE*a3eZ4Q@1lyXyO>|ccPOA2KwO@sH5`E+*A;bm)i}u;DUzExU9e;)&MxsWFhb}wbNkQ3T z1U4cluMQ4_3Q{S94z=Y3)Mo7dP0fIPMfXA?l=oB-lE>=f_LD#oIX`rZwi|-Q$I-$^ za|a^oDVH!N84RWb!1V6>v({#*wyX}$9J*yPsB!yex0=DN$e-;-s4rciYQ^W@@55+x zQ9QS(>qfF0qyUE6vE(lXV;-k$n;V!=K&_){q+wlfaOyD0N%L)PzL0I&@-IL$2*RFP zU3kNt7_~ek@~N-MnVDKBBo{RBBxzR0SP;$hXYreeo!HVWye&xk?zE&|z!TzM)$?AW zyi`)@GqvH~-K2$v#AkIbzj#Ff^T0KAN(oZH?{N*&zDbXS z;M<$nteHR9k#Ks`Ky5(5%SMz9VUjSzxWiZdDr0gP=qn%Ke08X(Vw;)WQy<%75|@8; z_@`3OhL#pPRVx67ZxiMano((oZAT@k-rld8VDo#m`O+m>UGv=9!n) zxYt$wQXK=-@#h6V6%^WeuWXrS&fDdF_VlvgDPy{x`0r&dTYze>d~$tXWi2{fY9R4@ zKbi0T^yWqbIZyq5mB4JSJCIlGo>M*UKTzzZzPHUiukU!sN2pWs>GSJZtGC|W=B9lR zs&}sY&2y{Vs`Vi?)AO&cb3gj!VmEK$9@&oNyI0;iqp~}3hLGeo6JkC7+m9DG?8#uT zw(bbAFPy}_Mp|x7zM*St`X9CkwK%{7Acg7;W@y^9X{IV?l7B(05n+CKNARwWXLM9` z_zB}2jxw3>|KmUY!+eI}@Di|v`q3{?V2B9d97!F?u{m?*xJMs-v>W-06Q;ShdBU%5T=P(fq*RHDiWaEi)V)X zZ$7!6vi&(&6w}S^OO+`3(aFRf^5V@qV zuu>}6LWM{=V2hw}<3hpULw7i_{l}ydEOcM{8jNC7IbMyIny|tcw9T8#)DKR|vwbb; zQ=e$;v(eQ+jKOMjP5S8y!~o5z`K`C!aM#JqKR!Cr0M6?IR?Wp$ z-G5hq14(`4@%>A84|L5EqLz6T?!G@zfT(rN5r%DD+c3g0VjotbSDLNGP}1julC{jIfV9nrr7nrN5re)qcu z4hSL)Sn|Q1S#;n<9+m}_)|fG43=jZHP^AG>@H~!647Lju`?tUSZL`rLBo2TB&-$=a z01()rpaA9oYB%0^qj^gA=RB(gqXZM><^KEcH--oRMS46R#*OQF76Fw}C*su|5QZu- zlF;_#7qfr|9(ce24Iz5~G|@~0NE7eyfWhF{KpkPP^{Zd~%El6&7d#*7`NS}U<-!3g zebEc$AYXXAhrI&Oa?L&W++((1sC4o8jv2$Pw@wn^YU!SQa)*MOw^sW!QQMsm6Ime! zu8A1ErsnCMyb;PND20W`rD{DS5BFsP)tz*2h;x9k+P}Zjz*WnZabnR*6bT{Jzc6(F z^{)@OJMT;tLl}zMaMxX_3KMi#D%Run-0s~Il&3T02|hFS{nDv{$Zy@HQ~p>w>ctx&b^6#cen=m{GEYd9#GhGL%*7*L| zBO^2kHI==SRB`fM1xWJO+70@zqFj0kjk5q7FQ^dz%?$N&) zYWMGyae5Ddk*Nwm4eK-EsxG=sHe_OHP~8y#`h?0ba6mf)Sg6es<=UZ#RFYnT&*GQ| zQ2sohfW>gZ(P^2~pTu=!vO_i6A}L-B)p0j^WJd?MLRw0d34=xqNYs0LcI%RAVTgR1 z2eqMKg;bGE7}z%ftoThG5dH_C!go}I zUI>W;h~j!evUmUkYr`b&;|!wC0+4y2!F7>B$p9W;nqYE*0t18!?8zsetnwZLeqga! z3~?WZ>aa)TlNgFVG!be#gg(GI1P}-a;}}2&^`Z}u%==HC$!|1(<zfMx|o(TxuxpRX1=YI}?v7h~Hzx(Ac z4@gDX%KGY`|6HJVu8Dy;pWeOqwh@?XW#eyKRHCYry(3m5M#uIk6Me*86RbfS&DaYO-`C^j^Ez@7X@%Wa-_l? z*Tm4aO_G~*eWv@r&#W|K^PhfqtQDn$KoY^0r%dYYGA!`(aZR2f1aMM7r>X2SkT?OI zH~}RuEySc?i-a*fATCXIO2j}!Fyb!Mag5eeWLJe+kLUm3U&ktd^a1zn$3JqNJGFF= zJ}}Jn7El_gc!i(8t&e6!47Dq566+-p_MLyc+&|6+dVX~3kgW60Enl_Y^${S!rYlip zPd#N@#+-VzL`KI_kG7V56!s-1I*t)AhX1W}ZKBG8VSKLChYx;Xkb$ORfuFXmo4YOB z4xPDAH>)@n%aL?o%cy^VUS`)6Qw?$twp#?V_M*AmBw0ZCfQ-^HOkX2#yJhpC)8ZRo z7XSc207*naRFib5enWKza1E+>0I8*A6?R{%lu&-D>zl9Z;jX`?yL)rmHuqzxbFaUq zo3V2|OyrWmFg5VBdgB_GN3I}iiu6Q2L2e1HkVAnWC zoJsPCYL92(mH}1^BXxxIFuaGwBUtm*S6^))%TDS)^2~kY4M6FIxJj63ggS|22=CMIpVTAuOFaRms6+A&i^XOF*fCf`gjkjY5hu?CkZ#kagFtSDKxk)` z9Xl{=*$Q=iOM%@G$RV$^Aq*l+BeHX6x$QRm^{>0yySi^*g`OX$wr#5NiXBZ>3{&+x z4Bi<7lpTBTPz`?TTkY+bC8YmgtA-6rl3iR2bKwBc8#AVQ+ev?K?6dLKKn!3t-nKob zk};s6robM8!4g{s220cd!O7;F60N6;nanW|e?c}pWwLKd6$65b4uk8f#&j|_2{22z zQRvns*$H=<+&iVen{?mXVu>=`;QpZix}-Hx2Iqf}J<*k;JKBVf!T3$rWx5nSqeb(` zt5VcuFa3F=dtdfhfV|so>gC$Vz`UvIH6@56?Y`w12=7gRCoVcIZD%P#9fMpAn2gVCycZA81 z(23G=i`}t9)&2(vfVn{c1%L(K2?X^SI|<)=?>%FG05k*|CU`bL2{r{49>-uwyzLeM z0o7Je-3DMleTVw+h8u3M^s)0oWk|X~S-Enh*&m^{3<~LDD}`*@w8_B7z4zX$2|vWT zVV4B>nmc!{v2w6*ux78n{<_(X!BCTTm^JPJlwp4c2*V}{Hp~lP2LOdF6bAC1eWQ*z zH)F;O1A+h@SThXn*#!x!M*UGP02=@)D4YZAQ0M%S-?!g>+cwz1o|8W1$6W=sW|JpR zHlRuxFzp!c!}^hLq+`bf`{O(Qtk@BF>#eD#F60=17j-J&42BQE&lPov-PV#NAs=Yt z$ES#?Y^M4>q`sM8;B)TWqwY&zYNI@{-~oJ}6lhPhH2i;i_LQ4zhL$ax$nNg27N#lc z3unNnzb^K9Y1Kg74<(mYkuSc|7L?2IytLSLZ=NDk&Qs{1j*Gz{%Sx41UQSMqtvc_x z;|^OaH7%Uka>r-GfdTYYX+Eyr=C#h%d8K~W832s2&wr=>~_AXm41lno`+#~l7 zc3m=3q^fG8Nu`M~Ivv`J$r1~KO%nohGI~TuV`TP;%}ElN7&Eeyxmifm_Uv8)YW~__ z83AE1Ryzb5nv10wKCqqbCIrm^$|?nB(ptB0Fi~6wqqJK9ra-$Muhh;(?8JC>pPsE{ zR}}9y$t6L#fZ8yn)3bY8M6km1DaRP8?@+hxmfcdE*rWlnN$McGE(G-*mh`Z8sOVZG zg+K(XQ!@dZO5N8}WojeViFzC&)#HXO`C=x@Tqo@Y94WOcYQj#k+3KY-B5YGfEt=6u zU{x4|JOY09$=ID^eS5Wun&0kSQj8VYFShUAJNvoIRM)+GrdeAwS6%^2?Zobd3+ED4 z)=H^Od&t(Ut$-r-UD)4YWG|C8_sEw9TfY3g!V6OIIoS*OBhf!$W|+8PP?-Gr#LkHR z3>X1$p{|4Nfsul-0-yjmV2WT%fD35_g?E)_!$|S2qS^#taU77sdkoltMMCvQc_;&A#9$oN8=$9W&z_bC z%1Hi66FW1%Lt5Yi+)@{g^izXv-o(t#yo++e39;07QBbLam6hQzp} z9?3Upk#B%1e=vWrW-#git}lQ2%clV_&(6%uw7RE$_#G5jRahtNqfWEWYBx3mz~*`T zH-@Q{6k@K1m{{7D9fPR)R;?;A09I6VLO?jh-El|g9VG3Pl&0zfEmY1BnCIEBW{VbK z*pI12lIpRo@>?}u!92#kfA%%7^=N_X*gV;#Bvb{;J^wSv|$@+u^9Lm)ENk|iHJ$824XdEZZ!ZC14C33F!HJLu0^{x+Hrp`pPo7L$MCO( z4P`?T)TsQOi&O``&Ly4mxi$u_&ZqWb_fi8f2J0f|2ld5Zoo`jd7_9TH!Pxz=8i>_E ztOjB=P#-l=9}HHE0IiRfY@p9zg^WrtD1JrF@$hrO>l({bM554~t2x z1}^m)h#9$G1U;axjoblF*nQwb2IEx>O%aY`kczzoTcfe-U~4waRBh$6Fmm^K`&bSy zvv;vmu&UQ(e?I&ZZ|QHnyH#!(QWOg3%!XPFS#c4$ zY|~~2{Dt96HN9;M^W9a~b;7PbcF<2%p7ZG(5I;Lj7rh#=QIgWb;F)rCKwot^FG zYWE}?10vO#zpgf)gacwMr2gwdva;l=MZu)g(#{@Ng6Xpha@n#Hw|ez4jnU<1uuptL zoR}_HP^>UTr5c~hl}@~DUPB9H9HTB?T%vj@v7L^%r=ZKQ<8j%tW9I9NXS3TfLRSht z{*w7#A4cv~>5EIIYA@Y_GU%{l2az=EG021&M+hY#Qlwe|>7 zoL8WDgS8Z3W43mo`7kd2HUcpJNzN+?X%jAo6#gcUn1;0w{7CIlpyj7uSmO>Wu3_ED zN%zbj*UIl!Xlr@hrR&@(xoMa#R}+y0Uss3aHXI;NR+N?O17eaUk39A!L zaMiGL=gzZE=WL*g3Bs)IqLU4lmlb`G}Z|^mww{4rEHY_bsIm+co z_OSb(|4}?sjYR~q20-QHlxzGxV&Q%K7=;)4sZ$Tx&c~;pKB(Q`p)frkd~ihVQy`#L zrgkZiYl|Z_JwA564r?F=uyg1raXzzRKEJXzUgaPr05@Id{oN)sf%||g54;fHZ-+wTY}$Ir?NoVi6uMvK3#N^Sd4fNC(viHZmUsI6f>NK1R=9HNC^rl+ zclOZl#z#Se;S<4=+cH zE96Wx&+hg4@#n%nsXts-5Z-8m;y2QsK_S*4<=CSj)j`2&>$*+(=GKBbM|jo&fne&3 zbk-;^H+iW}g7ru`{3adpgHu#KX%C*oGkeRO#(fHrgj3g}N6*C2^UtThtyF%u>K;P+ zcwtknaFg1=ABp}6Sin_*cb@`?2?{=_%KK5F8s{S5H0ll(~Muy#hYLV8H=llmm7PrVFuP@kVVwNToIIJuKZRo=>t0V7-x{=oY8Pm~|A zRMmZ{!Wb#uYH8>m|Ge1eg{y%xdXWqFj9AJIs0J7e7&vaZf4(X{J6x$%a>K2fWp5&cA5FkB7{yPb(_C8{1cGz%A1>P636FLsT@50;9FN}06rma zPZP(%PHv*+)2|M19gw|4zO3rw9Pzg5Si`up-dgIs6% zwj%E0{EzpVpQ|0JmjZ#U$N%L@hx+s5r8zE3!J=RP%N7@>^ly;U)j|b)o<4JjfKs7* z=)S?`h2H1;Bh}%ok9NtaYIEiBq`O`Iy!yzmRe=BzbyA^#*+<0Wjk_YlO&HtN-*(pL zZh_ZVr*3uwdbe>KL!Mqb-Uj+{FvOiSEY4_K3&p`nofO9|H zi<8rGfwgB}T4(uyLENJBz92AkZ8guQpFD7Pf7dOem6i9|m)5v{{`=AL%wO*Q@F%H> z!aL2`B=mIeWKbTT<7xfvK(_bi&NJM)%$HX_LNVyHdbc*ZT{pZ&OP{` zlb@=ys-emO7DG(bIQaya0FWMj_+j&Dg`X$@!<;#DY|_Wi6~3)tu6U1Oj&LjrJ59Vl zfDph2a{yQ`00wdXyk9HWAeg6L{NfijJ_IuYD1jBjWgKQ?8==l%6xpQ- z*agr5zzA7{$9>YI90+;Ap(}AJKl z?~{{9{v!GNN>ZMis7@2?*#7;1w@Ud}Yaw?!p_F>}Zmv9)tFFqWHjTG5_??|yA(tI( zjKNAuYGUd|Jl1DsHVfSt`~QO0K#akd zf`eH@D^kn3j&^Xw3?Ngk?1)t>jC)np-XJom#3-_24(w>SV_<_LQkyEUO zXNIcWpdTA@+c#Q|R;o+Tf7bu=!rGOodQUR?CRc-)TP~Lubn_IIX-+&MfLz9|^>`SJ;pXC-W z->3B3x_CJ?ed-UZEw7#(qTKw!4k4&^pOGqc{g#7nkn#i=e(8-37Lw=1*Vnr}dyl$7 z{o7i;elNg-%#(fFv=6o`9%37X$7$hy``jv}C+122UY)wh05P_5$5clEI0WX>*E`Rr z{*Y-OWLcZ=ojUld?9E`UXvgRNcY|9c7ObzzM>wQ|0XEPYjhh1U&U@S4l9l^Z?`^Fe zaaQXEOaMmF9ABfb=mA{tJ~Gh*IIutB9fmFP>N4I@m>w2S04qQaV1?sc$8lJur=Nb> zm>^;W!f+AC&dFC0*7omBut3m)a03ja>a?zqi1~ADl$Fa-uLYacX_youVl#;KYz%&8e z{NfQ7jC@BE^2azxxS{#;=byfeddF;nKhokF0!YIOQrD;OCy2{<^UbMd|CO6tJ)29uVp2CXP>a{RZXOg%rQy^7 zgHw=_CTG0h{4r1y5`?&4Fjyac_+i7zc$A#r<@?47-Q5y_s}iv#X9OpX&W#ZRMQlIR zTrVpO3}we-ct?3B|JCnTR+%FQE6far-m@0$c3)8Fm^gu$?%Vsgdv5P*F$aJ7yH!=v^w;`N@-%<(9`hDY@Mc)AJ8$iy$-%k*eS5R} z+2i9a&@$fKNt;FQOMl*AUg__Yf{as>iTE#w`3qkt50QqNCo)!YIrca#Tvf=^S%YsYpmHD|mSuY2z3YyAQ5 z?&R;*>wCCoURrBGt}T&M{|yp=Di9dkDAieCF-XK%WO8`puUlRFwn?r?U=J|3JNJkt zP61VcVc0O#la#A%+ve``lVy;se|U(8og!QjYEr-^_q;Vd%iT1gn>%!*+>FUly#ZVS zS4WF01)ym2CRX&g|l?j=ALr>R5u_r_Q-wvrA zco#z7`CoIOn|xDGM>wP;F`YdG=Btzb{aTCdI_%a<-3qG~^h_@d;)r}B5~fxH+cIU! z6!Sn1*n;tZp@B8QYdb6u-ppZm02kL^f4zYlzyS_VDHrDe2dMZs26Kb@pLm4#-+#a5 zgK$6?bB8`|aKl~{kO)7-bcL&z=Fvm1kX3W`AuW-VCZ1D9)J7?0;dIH?MiJN0vusSMd+O?uWTvS zyonj(6G|!EnE%5M8HbDXoYrC{Lz|GuN2gBl=0(1B>v*w>C6;#IzRhJ@Rcx^kJ9dm0 z^HwJHWvS|tPTa(7v-nP0&pw-P?~X51?DN9bKn!4A*!pddsWTX{a`FQj-w}2Jv0@uN zdbGRdnrmzTg;Hn0sct}OD1~Iwg=zA_M9=QPs}+~eCQzNzAtJ|^z)%pEFsQ;Klnh~G z7?9H2C7l|ie2Srv8m9v$>#&8Wk?M$$JP11sQK|7fFMJE`AZ((C0z?q5BY-q)6yatF z3XRGSSu0f@Y|;r8WNVfN@jD0DaqO^Qz)q?lgr2!e#r)R2wMQFF>tpXXuOeD(y5df9XpFQx@fAoR4Q^3R@ziVrW%5@Ztq;EYf^1Nwww19t1u%02e*a8s$lE|CvZXS5HX5Hy6nRJX3F2ChgOW-Gm2 z3%jOREK)nE+bG9Sfv-`DXUM$=#jvHNHPi7p1-EYM9{cJDEeev9)^P)jsCJRdPkr(o z=CV|_dH`DlQ0K+BS=Nps0k;rqOP^}5U4p12ksAc$15Ink!s}$p&AnYK)gu6zn2R|F zj!NAbQXPROPDPusd#n2oCIqI$tDRt7LTwO=mB@R^`^iGc3%>z8fFb~u7XS+(e!N-? zbz{&;DWJ%!3;jJX+ORbbKKNjj-FoB;R*SGR0JER~WB@0yNH9?ty>maTIY1Brn4s$O z_3iIRbqV9faexf54*^$zCRifU2#O!Kg2yOlc)GB9utXkQaeeqT!8H8$Z~(}0!XHhX zIMMDWuhbjq`Vc&*b7ADhj=f4ivXkDy{TfeOh=s)XzC!N>c4(ziEhZ_gIAhYN_h5cD zZ!S}O%K~@jooO=V0Gyr~OHdc`hke!CZ*MbW_SUWAq`J(PeN`9rmF5EQIqroQ3KS5# zoovI()fR`{zy50nF@)M3U2@!Z68bX6J}+zy!~oWXt=|ThIxjMVFZKhhav8j^6<{D^ zuw+0aXf5Zk+rY+vfsE@Kx-jYPkx}=0u_@RAG4TPSJU9f9cq4aTmJ%^3*j?#X*F|yk zkkph!yKnLGT#I?PHhDcX3ozxAjAEnMNGec{N6kT zaE^D6fBOmpnVmbPxWNKysQ3VEsJi?h4roAC=OqYAJ4n@rA^D~)1+GH(X6U&9P6Ru! ztQ{fadl*2{z;3IbVjmJO@&Ej0iP?XBVM;%D?bTgO1xXzNj4&DpNMaOzi`cNUM4*#h zm$co!ykhsU>i%A((_AV?0#_fCEf;oAl!vk~>0EnNS2ss>)m5tAGyyeKez0*Wp03k> zV(O6K1O=PvMud(B|8Jez+SV*_6zdP1 z$8`fSE3w=9)&DGaAI#Zx8ej?6Xz~=hHo-|;Jrw-`TohTo~|z1=hJ;BtX$8G8VJ^i#?TP$9nreI`%Ad;op` zWSmEJ8MF<qdEo1 z0)AoJo_z92%j>Uy{gfqr-+it1yb~&qlks_l(yLJ0E5LbT2-w4PkuPFN`ut!Jj~WkG z3%FQNbr^8M?h1g$acr$LEUT>()b=6Z1bF8=Hds4%mI+KZ6PRkIyoQdw`l`moKF#f( z>dGBES9diK_d`kDB^OKSLexNA`oUt509>(K5NeyjjMX6nA%R&LI9PeIONPM{V|Z4j zevq%Jd<-+<|=F-f~*UqoQz{!+~_Ijix#r zbQVY>t#JYctp$ddfN_0LT2>)&r+~`>3DE?$?dZ`;w@RSput0=?L`~R}CT1EV^NDPl z3dIbiDP00EUw=(^17i4LVp4CXVA2oCFdRU`c|gaK6}d9LKc?M>hwWHzP5gizb|79O z6~e2QhNPGG2z4Vw#Gq11sV)n`x*!aU)RYm3-5Y_# zQ=}Tb<%S-5A5K`^-8dmre$md(`#NnZD3mQ*iFOta=-t}v%`o~0C}MnHUU}TW^w5DJ z_C>Fp`{gg4cGx*h_SNT%_Y<}UwHWUyfCB&pvxC5AUW_%f^luUwqN>#f~{Z6~UXm|2+T{Y!Cngbs}m+fDJZhEC#uUbYRx~A_0KM zB9O6*af@;xTu)gTuVCwV7D2Tc)5sI$B3%F$KnZ|G`u>kJvC%?M^|AN_ECOBuaoCap z{%9ATjS;(N{s6XsPuMK-%UDa$>2~en#lFRByge>37H_st9;lQ4v(G+j?cvq4ixw5z zVutH+uK<{Wwc_*r_lxXv-MUhNzUJCs0As1~Dqp*pr5ePA!`{8+Qt7rnIfv>M!i3U^n=~X(+%0V{OH$UtAkaxFs|;Q5 z)nb6J{;0P!p`ud4wkXw9S+bo;OSF4B$bQSx6=MPrg7xYq5H@LI582(cwr8-*jGcHG z$9HVk(rkgS`- (gWC(f!2=F{$^`Zp98#mBEO#75M0+`)|IsyRlQgT;vy~Xw1lt zu9Ix45X#q6_om7osf7R|dBf-$00k%{-Jord&l5IRuxzkeqy-=Ya3a(jj21Rc>_)VH zlALI)8)*)cnsmHC8}-Z%IsmJ>l2n2%-C(KMFhutgq<^0O#I3=H^Rl&*Z=gN%=Ib&~ zgQEgpu9=X9-#WC zuGw7*xTY@rq!>((d{Gy)D}9cBMqOYR*h-%Ot81@TFlHS`U>)?jiIG4(8cgZz?|=sE zqOi}Q-T)x{=6yvlvWEHb*P-I~*TK{P#sC?7hgkw}vEz>&cBt`qSG}Na1XuvZxDS?x z^ukquFh`6B69mq^tc|Ob*sz&UyP)h=!yv-48IoI+mjO7On8e|L{ z;|}>DJ?udNbo4hboQGWl+;E-G3wfZt{yZR#bEHc>QHSIqQ{x=W85;-yOXLwy2Y^H+ zOFfb=>X@|nR@PX5b2EqZq&gn&_W^tubR-N*$Y`zScx#<$0(g zn)wYzVn^$)GBrV{)b;2?RfZgJj>fm?bxxy zp8MQ$&lwvYe(h)V8xFtSEza4LjjKItRT=;k zwpHvV!mu+)`*V(6Htf>5*rd4ZnA=~JuSxTS+mpY)+U&30z17WJyV%X&xcscilpB|3 zt#dmM?5#G9;K|Yo#TyK4p%0#GNZ$bzOH{U_rL_o#7sxoOE!+s)+R$ zxb>{B+*evrH6|PRS+Z@d*}4PI|{XzU2HRc^UXIc{#kGUtEcRp*JC#A-Qlti$iLT- zLbqzCJfK%2<=QQDsQ9pZcjbInrU^G(j+P#CWdcpLl@;69yRG}OYkT=;c3p+s27I`B z(K$~<1xF9NIqO0`j(p|;mD5&ybQW0h=c9dQAIx>1Y+G05^r53gZiezzACvrw9UI+J zJ^!RYi@IVw&x1E>ogNe3@5ZRRxVJer|Rnf5K3PRzPGq$nYs33 zmw!}#FwRrx7iC%itWrN&QNuWLo{wsfw;wus#LX4hkHqda$P72&OvM0J18$rPku?}9 zcKG1$1^+IvRe&yzV+6~NAB;KqgtZ8=TNfffb&)0m?!LlopoQN1FX)s?c1e195}stKPE76_?TkP zX+q!};IcYl665+4VzQ_+@)jssWfBl}=Z zwRP@q-m7cF0kAm`J$6)iIqr6-zJg`sK7hxT+-zegeLB^BQXkaq&b+-su?YFfg1tIgR^qN1INDt|c#O+vovyk%>hcaBa)Y|`a!Cni`wuEC zIb!ureR=i?pcdC8&h^j8JS&TU0_tjKUXD9ZR3Jck!u9IV)lJYd0SUpjIP2z92LPc3 z0;KeB>WTWQ45&Jfhz+DK@Eku$0wKAF>vGlZTUD1HP|?l{)V7gWivubP^-g{xosX19 zo0PNtq$@3`(&&WG+NcB*?TNwI0eKGj{fryJrimlI5|JJVq zj53QQ`gOLR5v;37`ES`g$&DK@+GVJZ9MQWHF4PF!F1`%^s{I}pE;!Wqf(##-3eZM;BbNE_n_+53w6NrxQF(j zZhYT6qCUS+%=D>shrh+z49x)JAD>m~|MXR{FTom!?IH};#wGBb7Z)EbI1~gh0J0E{ z!(`9SwHH%MBjJ!mJh^e~9 zVDMYMeWS|}=(%>#XqVP96i$YFU_LhN+3r$XCL7x~Zoo*_COOqqZVa3Z{K<*ST+75H zH=@S?tJ8&>SGt3T0X-*e5W8;h9A2TOyQ1$<10~T4$OMSGjmZNr(jsxYo2YuH+{?Fba61Jm(^a;Gn^!6QZmvt4 z4rD)GVNPxXd+YWM2n{@iIOlF^KUF#AP;+3~}N1F`k z-p6fJAK4|anV#BK_sDbnDM1xU{Q`jST?T9S#j&@z(Ys?ed!H6=TIo_-BpWCh-o3Amcds^w06Wr2(t8J}7}%w!8{KP= z*g565T_?4Bo`KepdOvtanAB0n@s2dp_*0^Hh&~lfat4ah6Ng^z`gO{58~1M4qHm+sNuI#Yuu2m3@aB6F0Ws2&*rixh!jg`K9ArB;g&Nvwn%|+@`(Tr*Vt- z@H&;dZ|6+6Uj2Hl-cQ zj9#vNY8$s~yP^Q(WV@84WE%s<_8;New+i`WiOA|Y zCK@kI{jo_Ppi`=xe+mS=ziNSjLjXti!M&QWy0~rv3)rV^mkmle<Nrdj zg6ao=)1!Tc@=Vp+15nF|N3@OzofD<)2 zAR7?F8;~l%ks-jbOe)|~3o31w+xd4_%+rKaVW0y>j0uuSyS?fZu(*2Xme9qg{$I3t zwcC`lLw!`vG23)>D|c=_&2mKQi&bt8`~WyE*tk;nZ&KdcyVl9A+lB_<@gc^gChWaW-cws7ep#+deM zuCWL35=|%r%Rx&DV)tUcO_!J-b~>s+%rg zQB+*BtyZL5z?{K00j3iKV&7fC_C@b0WAzzv`m*7LUQw#))xUT zJH%um3pTBAoA>Q>J=5u@U0myyt*l+>qqEg+2n^Rpo0h3wqDLe^y^Ous?t}YWrqTgm z&eHv)^X~F_dM{fTU~Z=TPG2$K&eQ*Aul>XpPu(?U!bD?xRxZ}hROE^?#r^iK>s>|W zZ(QN_X%W}6V;9#|iw(xgm{eZ_F$Syp`e~GB0a=k8h%(4?{9Fe6hEPGQ))^eqG(e$( zX|7c*gZ!saZ!$^3sLa{0IOChRoDuxz*&_J6;pvM5};hYYm2*M^tA#a z$F&mAvhp$UBqlU7P^P481%Fwu!LC({mhP4L(+!A)GlQ0({)1^bD7K_hDEJ!H6+&CV z=D;wG=`+|SgChc+Vy&o0t4(0FU>5f6&oh8WyGIgK#r@P)BQpEj>2;deS1PTM z`b}HS)#Ni&>=Y~7gREHHhki47;=?ZieXlFp-J;hn*Q1vKS9Zg-8ek6pD`ZY#p*Cw zG9fM(5WHjbbq*CcLRr^~F=WyQ{0;5eSIp;7V;=DQ-A3RHRr!1YwlQK=U?dX6+#rCV z?OG(D`lgI20-M#z7J)~=-6Iq4G8UIb3TitllKwDE^?!NqAp#po?)60&4=qO{T7W;MTVf`9F4wwLR!MxCay=@&V)?vMu zL3X;ja`|&CFaW945iDea-r*wkNz~el#k|52O_XXmP7Ava*DN%@UjS4|(k8x*YDj1;+PHOOuD#{Ckdng@+TcOSL2Mfe;)FXf^gt7pj zqX{67iJiJas5=-103YgsW-th+gtTCIn81=`r^Ez}`ojzTB~gHbtqhgeunyfH6U;zJ#)>ZOC~*o?;uA+Ra}Ni^N~FRXmeDW%R;3lrOfidwM53 zggp-ZC%nd(oNE&5opKE68Uj&(iIxh}0$_q!OboUm?RtuVNKpTT0YzZ;5bA__Agi=T zuug_`>uVD%c1tUyHs62fpu6*m8|=PF|Lqf?Oc7H<8UV`eS^%UAoLYW$tY7EQvneyr z!|raMRLeIHA8W~>{$n#i_yeKJSK2wrHpsqt&8#j5>czYLji+M$5OZx$+atjM|JYFpLKK1KX z2ClsQ9Sb#t-yYxxpW98Q0zEopxS2BKFBNEJ!3TJYCX7|6@O+yVXaUnYImPOjamPOc zKnR@2{*uo$srtIL4UIvl!>KQ%h58a-sb>I|7i<uSx@WKd#Er@vVC)ly+^B_^P_Y}y6ARN{$B<;HVcAt@J2iD4LtKXA6Y4Wws3&h! z?T4DCR|GyU_EIk)PiHw_n8m}3OM7gfHYuL zQT_B6s{`N*^|4T2VI1%iDtT)uHe&s*ZKsXUdHz=AoxV$dhpkvCTOQwMBjv4KN*mk7 zhdtY3m2Z#U1%MCtume+BHsLqrCf;RwN^1wJ!#%jnFr)ZLi3g6MMg+WsY~A+RgioCq za5&Yj)LsY}i?tJYKn;xw4(6q`+AbRV8F-Af0PRg10)_$o!<80lI{*#rW@-z7jN*2- zZfndo?+3P$FtV_Ws0POy=?qohS*F%-LQbVe(;sX;9?s! zMvPK*!n<=!dE#9{ZH%2L_FCy`5BljMJ(qFmXQ6rh(R17J1*=TDN{_UuYp*w=j!XHL7c72V9%`Hi71bI2I6qRP!ScLz@`L7 z#Z3cΠ`-CDb2*PHQXJZ;@tw3X>mf4#w35+G32#gGrpSRwqn2OpZ3mX_P|6=LO?o z)MgCa-O@W+eK2?dy4XgJA?|P)bi*DYOhCKEY_WPRl!0wm*{xtujJ*|L2CAPetgKitKY8dAN40r|%AnGJo1O6xrHW;Y*lC_HGIoS6w0kcZR zP76CRRCB=rJMeh>ib@cG#w5h9F(v{SB=SRAlowz?-y0%u1$YH4;VOdr0Aesf(VjuR zm=sWd!jRAx#))a<8BDx;l;=JjyIcN)dEv9)EP-k%c!Lo5h3NVN#lW;IpF+%6P86lM>iv{fHFtVntX%lStP;aIQte^s> z{{-1hpT7TOe4!3tsd=yX-C5u}Tkjd_S^6?+`Mt`^D1m{F0zU_e4vAIDv-;w_?xOb) zHnln_RDVOw1|UK$NS{v^u%gdn7>*4a;2BmGpanSQ{ilD^{|2aS`-|PR_ul}QvwBSv z8w(2yNQ3nYlt;$fPFnC>tP%_M ze6hA%9p}3)L*)QE@Pn0`n|m670M0-$zrc79(LFgi`Lufmu495rNlCG2^$eIb3Dc)PkYhcHh-<^d$R}bu0G@vj^00IDJ3}!uKoa$G? zlzo>5UIsCY?lBZc9l=Bkh@*}fgc;lzu=6zu`5k7c=>UmL+|>!xJQD?ZV)qx56RsO5 zI};4Tikpc%+Ac!C3A+NZAwjq=cr6o3PQd{y7j`>L{$6+%6E0=t9CgOzfx#=P5q8N@ z{tW$QLa$E9C-xx>?%0h0;HY!jfV%cZx4v8$@RB!xTu0Rts@Cd+NrzQCX<@`m-Fty) z!Y~}r6BO-GB5$ir#xP$NB&R=p=yGWfUyH$ zVE|5E!-f8bYXc1Zxdw1e8<7rxk30b+06^6VlQR7Wrii{nUa3#s9SqNTUwB_pW6}Rn zvu;+M@Gb)0Xak<_)mqV>Rib)=0foUOuWT%!yD;`>wuK?^;NWXE#Ln4<`DzAN;TT%C&c@-a@-sX>-JwP6K{NZJ`0{ z&9eZgv@MIuNDEOwD2zOPpD`=6nA)fJyU32Q+Z6B~4$dNEufZOwk5D`Ojpm zE&&#)@tZg)Vi~^!F4-*z>jTjG+?eZ){W+I%0bo9n!F--Tdq=TD*AKbU0Ah7%pk91u*&O%S zEf3VNtf?-QOYdBL0IZsgR4%=GZ}cSwH1QWn8oEJyq&&xt#cJSEssU7klZIVgWkbTH zRQ`roR!jn5ivU(^UO@$jYVBMFe{iUd+ey`l+8_3)ZP*K~R8d_C4c zjKQkM%Ko&Es%r-8)8?b5`(g}MO*IrdAFF{_4K(H&VBs1`4XO?s^GgmG#4e>~%d$q=0b<2Ery78nXlOzohBb*M z*w0}1#pk6Uyw8z#hx)SDM;o5+h=T26Lmqb-FVDA(zCA95<eE6k0i~jJ&{v$XUOB zy&1cEn=90VxNKl2;oP}%&6PvgtquAohQ%0eGU;G^T%8a*aHhN;MI1-BQUmGJD@3UN~`uMcOsFlZ4AdSmS3n{cQaNkH1`JKWy0$_A#Q^40mHAU?Qe|GBfUHH2mC`}P+uRi zM(!IUAyx&tNysMu^*nB`)8l%JjR%2|{YRUwdDkvy$GiJw=GDhigv!TT`1>mt z+AhM+JoELO0YFQ*-==!bLaiRhHuxE<7uXKITHSCVF4D5Sq`c%TCa6#@0tiLJjYILon~?gHZ0#a`>yw!lJ}da#PqwbnZs|S2L$&_C zO|DB8>;A?lF(dcJ*s9f(2_Ti1r+}++HVR{fy9PiP>IVGj3?4k#wQJYT&VBd0-*tQU zDmGoOUbWsySk0p^*eQS#E(C}dM}X563XaM)aJJk>+eSQCjwf*x=z|vrGY16@_+XXR zDJ|W$H~aHEhp6;W`M4>-z!X6h!!~UuJ+|Gm)!ZAX!ZaMwc6E$i+2W5gMZCV_Fw+ZL z{RvxwYlldJ`-5a{jb?R>|ER9oI_=#I07BT3P8;GP!Ee!K3pmd_a;(I*+_Rc_bQLu2K@X`C*+B(>9iGkStdmC zj4vP@utpQg1c<=NDSo1G89<(WyHa+x!Bf|4C&%4Gbpp$Py8_%1;68xu=lBF-^7T$J z*^a+YK9lgMO@48s(Z6#~^FSX=8~V$yr0~MC2 ze@3Q$`C9Q;ME+zPWjx)Jf54vWuZomk`WX2q&y0c8mES}_zd>U`-{>m;ZTMq@O=HX@ z|FFUID_l}|ZH<4{h5oF5G`i4FkELJlHNXoBfSNpcvVo{F1u8~3PO#@befk(->+3HwW9(iGuM0)QX6Q}E710HV${Jh;zNj? zQfx_QVwf^!q79zD{)3;CN!8|-%R4!MhPECd2d{Xl23*aNC;DSjcN24Nw+7kq^5T!5 zpGX4GBfcVlmjQQW#YXe`&$Y9pN=uca-2#CJ{GQPVZdd#8jJ4`pOom-GKzjg;Z?h$8 z+k6f91i{72H(u27fkr$)Vigigajzy;Kq|2T@hwEmKqe&8WpcY*j$HXopT#paz#&h* z&Z3opyz;Knr*>!p1o$x7cmZ?}NSTR}zRP4dx@Xl`cm7&F2}t}&)>?PZl{Xn^AYU^S zJpA@i*XVuPqaeu}tV{q<#CWyXTO3g?4^P+Ts|+px_1O0giq zY3J>FcWCo{MR}GUz!aZX)Wbpf3|pl>ldEUln|iBDOb+=P16(mSkOn&h8K)-7DQt?y z+UbfH*h3(V#Z{5YL7Yw;`$iMqG1_C(o*fqY2VfW%7g`)I5F<^V2}4Dshw%eOn}0AI z1AinB`HXh}Q(}4!AXcXOEy2ohPRnu!AbeHIa09dE@jW$Ne&_OSadykd@s<|(>Y_y{ z@3#-zMfr&R$pVYEqW)P-U8b0m)%9VRH&`pc>@EQy??2AQSnER}AA&f^r9Cj^AiNO) z#OV*bQ@5#)(q>DP&Mv)Yl#%ge(ui>e!U%xfwOt4KAS*DxdJ~6SZccCMGxTS_xQSNZ zb#YunUra8g8bCGHwryM2p+g57sDou^;6}D?-Rj#qR!UXf;9?hjg@ZQhzJHBU# z`PV_KPbNoJWCX&E*ML@?oGNaWOK>hYT{Z@(VyAHSxSl}4J2wgloN({UzT=nxDGm|S zbRK|$5Q>5U1IK$f1>B%8Ev%q$F8JQc1?E6>fPyr`IuYxSfnuR1`rLv%yB`nnhvY#! zLBK7Vtl7QUeJoalfd!A+b2lzEe>>|G-UI;9r$aYeJp&AvX~07^Y9MB?gk|fj0rY?d zWTae-0bw$*TVd7bZ6^Q)a~0&8kS_fc*tLCXh@G>WqWm{klMoIyS-JDaKuJGha>~xn zF-Mnp1z)SWq93tZWr75VGSF`js9>cWRWz|OsBYIaY=3X7vH$=8OKWy*7MR&2N1h#x zjhZfX?;)w}q6rhwOigw;eC(%{HZkgE2^<1^Xb<|)T1}EnKGX{!3g@-m+jkOcvC);P zO}zjND|8JiCmhu>(V&VusWO)9H^$bmFQxiUJtH4)S>v`y9fGq*!16TpGw#a~;QUaN z0nRde%IkR>#gPlWiT-J4e|FSD0;iJn&!7-4rb2*|HYn34=`%4$6Ij@FviTwm3K9aq zI3aH0{;CNW2dVTo0;x}1KF<~tc-05AAUtRNt}J&*(F+j504){3gu!huK+j^MI$5kb z*_5;0-W?p7Ql4@#a{xuuuPkx~C|uK;?5!5M2aq&d$C+daJ`6zPIxl_<^S}9oiG?`= za8_v1<%P7~SvJocld>QqmLCfQ-iP;B&DUqSO~`-{@+IdsTFB_#Q9Hw=`gezC5`LzK z`sZ3La7xr)y==+ZDFC<591rtO;k+|sH`l~1)B=e5#t|)^(&wlzRwuk?GuJFO&-A_Z zzSB2}|4H-)LSFHH^iw&G$kb!z+K=rWVc~%D%JPZh}uBCc?r3MxZ*T;BCRqlZs_l@aP)l^dw{lRf)iovxM2G6@=wGIuT`C; zu>tKvD8I*T%niNkTNO}Sfwncqli#_rr-R97k@A7+gt5Q7+K)x$jsv@G;W$TQ8Dnr? zfp6M$iGs!>#F548eq1%+$F#`njeQyZ)l70VcXgpotxXyLaz)@4ox4>(Qf! zyZ-v?jm?U5Z9^(7D^}?IbrYO>oVTY}Mw|Ah@pa$-wUdq7JA zwEp#uuh?MC3XYg>3?_gH!p&T+RU0cK*b!Do>vrwb`3kWlV@%!Qp9$67RqCg?VjAw0 zGeQ6n0dG->L=y(G-dbH>rQoW7lh;4~z*IM@1kM;(hY3(3Oq46M$|W$XMpA*q40na@ zVbz8=ZB}_#D{Ks44L>_$Y^50jqU4KsgsesZ5dAd3RwoRqsKTaPcAWuQe=RHsapk^n z)y=lL=h=x`+4_kdRm9kSBW(2w;DN!bNiGu$15<#y0v3@;c$rkeuyZhn0AL1n)S-T| z2v0Lhu>`r!haRC$pPxHbtW0lDMUG$0AXUNBf>^S6Z+U3wdFNpTezM{5Va5egny_7 zE#!;TfB*|rg?&49GqvE@ej|-lDHJ%KTLUmbEr!bLugm8s)iZ*cHT$5-c!SEQzV8Kf z-f985?@W0l6kS2}4e)LrpXjdEb75=-X>mZ<8Dqdjn4${ikLLuR!Quy1G+}`dSiPm1 z=x@YM4tdCve*g9NxhfNRkmRUk~gb=EMwb% z%9r>0D!n($1S0#ZPx?M*_2O>|`y}iX0R7?X?lh(yl{xPwKngI*;uuo}@_ST4w7rcZ z02St%cjM2CKd|!UYE0XI_@LE!u|OdzV}h!8X_ut-YUalF9ig$dqX9)c-qXhxC|2ZG zC*0|d3NT-2seXxnp`RX0|1+rpUP8bW6E%PFdTIDwsulgTY13T$_U%oDNSK_9L5^re zgo*{)9pmj*QuRPJGl17DO-|eMa4mpI^M%rq4GJ%)>^cbWdPpxkDuMQ`Lg8$-<`9?_ z!`e!tqfuEPgd0KC#sEX?I^KLHpr9~FUO)J93$8nV(=r1>#2l+m;+n)6lR$gHvS~)M zJTjOP$IuJU3V{tBQ9Hv5K-IH~2T;-WsPdYsy|G&X4EnGn*lnP$LtTJP%wLwy(rPj~ zBSZ!8e9{aG12(HvUndNx#NXpO7#~*b-p++dhJiJj0D@o;P~9M`NKt=Mzr=1MokR_) zOpvJbT8n*)CNL1#)A;;Sm-rl_zL+!^oLeYxIIHv^z@Z;0=T!hOszRPiAAmg#foi=| zR=8mxXHtOfnr#J5dvrxm3ns+tk~Zhf>0rK6vt>61SScUwO0qBD(%^! zvz_y7gZ+r`9}_3wnovs!Dt?#~(jxsn9W$*>m=rM{C#+EA$>YZ25*`OZ)eW!-iqCWK z7;Q+r#h@D+`W>ue)!yqY5A;)?uD$DOf6}EsVLqs5-?pd0rPT?+n$Ikhcn1B<3kxq} zI+Y&%0H)@&gsSxP&+sp(Pt#kaDgCB4#t>7J@6;7TfG>B`Q_ttwyq_#Q8Oyp0eBV6c zYHM>s3f-ZF5uey7O(f28w|!2 zH!wD~@5BY0j_JL35WNVHP!|&L&UY>= z9bK-30HMat2XXH`XU~?|J-ff1nVo4AEyHz3xn<_3a(SPjHW?$yIvM3_(BpNxQ*AQE z2of6u0>NU_LttiN_OW0waUh*oxOt^ct_@8sr>wN^yvW$wWUKUqT_%zVR5K>ZR_WGM zm5QLoLMp(*0FXh=2mpD1?qri!|4rZ&@4UQGI^CmjK9Sj@^JjG#H8ggOKj08$P5WPkzzY_l+`#)bw- znOj^U<=3@UN11$duBsJRo8dJ!Abk~d0&*M}cPGI3q^=MPFls<{z}P#v#V20D5}<9B z+V`OHV~jY1U?%XDD!l-_k~jP%I4+AKsvWMQnq&dvnMJxmK)ts8pvGKOwTBgIrI-I7 zJAL{d36le@EV#uWyZp!PF6|lEsh7Mv?<=`nrD%-Lyr=>VWZv2W4zsWUk{Jihb%Dob zZ;PHL!>(zS285;^4jaHX$HS8q4G;muU{{3H6KU*WRr#^#GM3>35?NG|7?~rr17u+H zhz%OX_ggfO@tFQ2N)-i9uxDeV5H$AAFE}jgccz*|gK}FZw$S&nwW()0^a9UlTT?9y z9xl{zqSerT-(q#*8e_hts?K@OkQNr|drn+VBs&m*2Ed>h*dZEt_pyetLB$9-!?tfg z=N{I-1l4wg#O`E$hMIHf*0nZHFzUtzi+8C<>rPU%^vLmXonWf4UMhWNJoMMiAu3Bu z3mDJLLD+%;W(mxW-5_I-lYxx!W7Jh#XZIesx<>j0OfyE1sKOKM@c?y^2#Fpx zXQ&>rz2n{Pswz*wIgCDcGB#Km~3NpQX&HV`rX?!uWSPx2|DQlhOo&X zxG~4Uk#yx+R? zI?b4;^Hm3&xm`IXXZ0S$NJ_`p6f1Kv+_!*^>wVi-dRTDg8 z+_2C50<1SvpD`vT6o=3#|XyZEU4uX5{I1! z)2x1!3&@4Ij%^a)yCOtCBF)5D{~ir4OuJd65|!5g7=SDM8m_8lYzzSk*svg}ZLEtG z8w?DQc@DK3woJ}wxxDguKUwfL=(`5MYTK-(fr37o*ZSS5#|@VoD6bCbm>y(6hJfF* zw4MnHQaMG34G-!?CpF@oveUdeA20{F(~*D|Q->i%R4@+UU_$_C+@OGn_mdNl06E@u z?6a_WVvKawGHm=RKaqrB#LdZ7P7bmGOKz#B7?ocT^9ewOb}@F~2?p*Mj3eo5q=DK; z>Ol;~=#KP#s=n)K-+2Zz1gA>0%)k zpfmirIORVZIc&%D)zW#UrPY%;lll@+-qja?hwUnxNM}=6pmuN^6TBNn3S2=>f^!UT<4j|JB)awn@V zJ2e0kzzG9qr*>cxV%N+h%Px@XT*K%&wD2aV6lt{rs>AY~D{eK=gONLvFOmu-QdDwG zqCCfGES_Ux?x0`-Uh*6NPE6=G4H<1Oe|h!&^*c|>`8rv!GiBlowvmO7cA$^!pa6q~ z1>$HnWx|(mqOaHm1BzG#001n?7@?z%F~F${O;7?5o`?HQ9^^&)ne^Znz=MU0g$6q? z>VkR|o&r>yD~IyxNdEATMFpt^`IC3BJxu0I$Ph=~IYkP1EsFrCfF;_>P8wjx*a2t) zegS+fR7yj>@PJcdO!BmkXW$3v9OY;~rs_SUh49|-i?KyH*o4tmr!HmTU~#4`fRHwt z7ZX3%I8_O-0`Rk7yMAwd|0J zi!nmIkQA{gz}64R5(^X(5S{}}(Wl&J(E`-dKTet!EGyD?q`eyzV6jTFh_mnlie8^F zL8Vy$;337Jhv%_rdTHv1@*O>q3J9c5j4?-S3;>-+R60aIx&DBs0BgX510L=f+PGhh z@naPHAWckE@CHzzjl9S35j!Nt7X4=L4t&wRq>p%a+-43?#`}ZOyOU;H z2M@6+1FX{y-WSxZK{pDne!)-j$7mhC($NZF$@sIm5Kwsk)A{PhQz#`f-A<2dml+#y1vcr z{rSId|5JvjU2OL@$@bm=#2nFf=4Pbij6L2p`UpPZW{3BSIg++AZ!&I+6ll-NRDhe< zO4{k6qq9XGV4W?_R${)D39zUZlYyHMTs2wr8I%rmah-t)*s2J)B0bMn2f(82vrT{| zPAee=VKHR~$WHWRwo{SnHAmH4?DjY|eXSmW4o()4(sS+UFW;7ty4dtqe@vb{2P%sL z%T-OYQ4Nd%$)i;&igcqU(0lW~R8?w%N-Bnxstzi{uk?i6569eD>bn0?w>j|C#JB7q z5ka&oi>e|Pp|`=Rtlp|c`2d*80!`Rtc{-5;?8;Dm;W7Y1jdU`x`H8uNt^m^5730>S zBH)UrP>W$R;>mNMGC6=s97!6g;Fh1wwesyu6DkNBC8!J>- zt9`ju!T}a|)Pcc;p6~p*NjF@LSS1xZjY1T!sQ&$^8h4`RJTU`~MISy~a$@Ji6jggA z$n)@$3u%Y`QRi@?Z3P82ryb$-3;w1r%4$b2-I;uMYV9-0qcWf6z2Pqs1trF1B#HFc zS-%z>i>F#I6@*8mvaUx=eEj06lDpX~_LB^p1Y0)fJ0cV9Csgy)H zxrOra7n|fjdY<&?k|bA+N-33ZdPbhS|LI1#=hog58*^r_?tyfTHx}FQjPof~!Q(#; zA3iFdOxz@U({iL;>n1Yx+HR4Oo$)mSmNRzy_wRo~UW{c<$8ty`NGy8$_wTpsL3_hs zn$!7Cfb`k3XUmu|W9$^J%LBmm<(FT|z<~p#rJgqX`s-{xom;4DxEPo}V@?TZ6?HS=qgN$7tWgTHU8k&DMD( zv^fCOHEL8(+s{egdNO@_mOaz7X+ygf8(TI{h@(1b(j>X-uDcwIOMMQ?_k&dk#-GJ#S!IWsZ@WK-hwuC>o zaG^#>*jymd(e-4+h?9>K_dH`OEv-m~4GWc_X1X@6_w3OVnoZQv?xiK;dg;v~l_JJni=**5_3@&$@P0#b? zEF6vE$(_$_+qTKO@4hQpS@;&J1;a#v(3jIvW%h#7o~>apGKKv7irbd$Q*XyFzq!iX zF;sa6X@SdE?UxTe+jv6JED(A5>M*eqwu*0myiV3`DDlvILSdC~Ve{5Q^5%zYDBpokZtvWbOs?b>{u8`P8intXZe zv3<%<^?a}8Y}{C&KuS;H>cY+Sefx^^Jvt^UR^%xt%dtPe-2eXXUZH&-f1IHJR0Ejn zLi@=l8S>$W84;z>t~Pu2?6LlHzr#P@eDh87;TL{=^5n@1{SUAS6ZYV160JlV3Pz$K0Nxp;A|y!6rmeO|qeDh4i z7mRE5^0ob;bYd%&pw+bPd=$9K6QN5RjLImXI*7|^|Z?Y zEG7YbR^eQfYb@HF0KDw7%jBACuF;+EMYdqLonQ6Twqm8WZQWSzxuv&sNoguMxut;= zAR;gKunZa0_JquK?8=fEvvxjSXcwvfkiRC8(jHAb0AV35QVsWdC7uG_FVU8c|4 zF6%di;`)(k>b6YD&MCBOU(eYg2UR*$5!${pOJ-{N`HS}mQn0ZkVa0uloprlPm#Q>d4Rf1Qf{=2|twCSs< zTV+#frhUh+S9x?WBVXW^qg{KlCG9|-{oI?DYu~vxL;135-2vSZ*Owcw=_*%T+EEwL z(*40hd-mmMU3Xf2;b#yqs`n5bcen^~rIr1Oq?JP%EOaww%n%k|2o=(nEn5`Cd}a4Z zLm5b~kZJ*V7}s3q8uvDB+GJ8)obJw?IkOZ1BhB*V%grxbq}m{@pscH}zS<A>3Uwouu8|uO?QiMQT&pL*3j&ZXTC_;} zu>^FrY#F6()WCKszkoe zn>WuklYHk7Vxx&$nu7-q+W1+wZk=6s|KZLC0DoBBv4j(O1K>M#>ZELUT>2hmQZC4_|rZfR2|2)`tlR4dkh(_L)R7QhKg! z*ic~k-gHxb+<>(P_6hl!zO%a#@jr+fGA#i@De5UcaYg0Xt_YTT#XfoelMOOKRc}GsrGVy%mzK$bCA($bqCK*3nXc?g%T}ey zzcejC<&6*4%D8ve$cD|KMQ!o&eKPL7wX#${UwUhmEMJ{w&y4?Ijiy~A6DDq!&%W9s zFY7%(PkBVWo_&3}fvb6ob{ha9y|qKz610us`ua^7GI8=2dHucBI%$=l559l=#b)_p z$`)C;WUo9wZlxT`ERg*N^W}->m&*J9+8|SAZkHGII`;uyZ+*00wko)rK6|^hZ{oDA z@-j~cOm|PN|GqHk;flbo4OO%w30-}zp+7J5%~Dyk4_dU3*uBoS6{(L zf&A!4EiF3$*zn<~z#0nbvt`Tj#Vy{hyx=E&#paOyn=)mJF7D53y%(5S1O2vh=T3p| z^gAkK<~yW|ND`4Sa{c}H-?zS9vSf)$P@c5@M#A;jV~-iocI7b#{^c)!QR!OAX3E_I zcmcZazWZ(kw9)Refi*M(W5?dC0HU1&Bs@r>0Ix^{ zckDQY-(=xK<#v2n2KyBHg zzQL6LTyq4^UU=aJyYH?oS(2;oS*F}{Q&Ur2a{b`JA_Gmg-PY7V6%sDyU4S}cVC>jL zod@dadl~{%GiPSm24L*iByD3;`%e10N@3GqU2Udsm*W6H3a{O|5|bAWNKqSN zPlCMyi&$-;@E28^BfYvelZ3=Z^7Z@>AaHF#BJ!q#Q2#pxlPC9o?v|H@@LXsX0 zU7;&K00y4r7Zk}euP&1#8l!DM|5mbBr7*9(v&Np8vtYM@tFE0BW!Q!7mVmm%k?C-YV%HWT6PppZ@-;-zPg<_4C60Bf^K&t4q2 zLON;v`}J+10B^I*S0F`wQO^OSh7VEcoigJi1DWjf0e>Nh4sAW6(h7LRL4Zj0P2HYp zK-C(n|E*ZFU)CQ7o$FMR_s%ElB&lhPTyTDCNjsQZYEpL3xKDuJTOX~HW}1Gu@~WHK znh{6M5hhaz1S+DHM)HburA?bQDh0XJq!&aYU{U3deskZ+pYaY@a@PSzeCH1d6t+Em z`}S2JaDhqyUNH#=&+%R$rQn?jr@3?IN@{AV?$U2BrAkMd_TGE%DWJMj7r$njSE1%} z%mB!%uO86FFiv{+jx{@*@I2jbR7#yY$JkkjaxX%@!*zu3ouP zJ^GwEihdq3VubbSC!c&`MbNkOF@5g7(|4}VUBA2E0B%%#Tu0hOKYsSvXRf;1rY5$@ zBvM0=kemY4ko2ddqy%pn*k@BZdh}?!4u5Iy+_||1L>_oRo!RcCo{>>SW~PR-QDBAi zas2pnlMG=WwRLORlFseh4-3E;Tc@wSIwb%0Z|cxD=a@<#BbUK-#!6_MWT+iuwAn$W zrk0Eo-YKMWj!(&*hdi03$r;$lWk;q+n zWrFe;iKfP@?4mIp8*re?l~6Z7OOKqo*+$>0Fb*)Ggo7)Ra1H4eyKyEC7918Z)P^iZ zwUGt^hW4sDAf(;Fa{U3xR<+{LL2c}1AJ9*C*1F(-IdhxbrAG15(HcBg zr7-}iDPM1w@7&X0cJ9rV=1H-FGzMZ4A2P7D+<0|2$;m5}KR>xpGII{AWT2r;)_jht zjR6yC%NB9cIXO|KOL;O&0pEnzZ<6j^PVOO@GJ14PlK6yZRS&9ag$u`N(b7Ev0HRNk zx;0nB{N4Lh^3f?lB@9t=vl^K9RbYk+59wN5Y?QSN8?Vbobd(#eCKg!;;pF5MMXWFP z8wOAi0h8S`RHJ9tW^&85-3^$w&^F@jx-0@%jTx098&gry9hJcY+muSG>zt~JMEPFo za>O4jqyVCuZo0|94IlvN)WsKHtP6dbNi*)b=N@|&DFX)Y03IYxH{X1-0*m&=Dm@nN zQKLqgWH&Q2Q~vOWKbYjAb?er)$@s}nexh|MT`43R}lXAp+1i0cFs&)u|F-|`G zP(!llqV(VY-9{JlOj~5!bK##2b=+ZxGj3eEeB&F53bvxHp8;w%NW&fgl!672d?9W4 z?Qh$ugl3qqo^Pd~oaF4MlPMVaZ5~4#U zX+g#32!nczoRM(7{dT&kHBtXTpMRdIYStq8=}%kRqRhhlo$s_zK!&s>-xmDjZnr8L8~uXRc7llZO7nLqp4&-C379Y%n^ z7^|;dooA9oBz>X&2)%QqGSDA5(Fb@;oS3N~B~Qm;dwKX_jgnCID`mVyA_^emP{W`> zI74RB6r3qaN+K_K&*6flOLOG+zi%&p|NGujW!!MX4F*)7H7bK0lM3`(k3!gFx;yx#LFH|NNEE2z;3s1+gSeN-v>$e&PlRq zYli&onMHPbub~D)jg5&iP{b*_m_`k30x3EUl3Fy6k){c{10U92?!BXr<;6rXctC5N z(6Ij@vb}~A(NBO`PX$IjRf^WTM>9!D4xM0P^5Z@sPRgPnfN^Px)O~|4)7oD;3m>Nf zwG#sbwrCz}^?KmWzB2Uuwi?DqcflmmSgJyLzC zOVRPVa=LQO+5^gy&@;5RPxt03snCe_YD0F}hz`bwP)P~{!iG*#(?;_DfA@Up*Goa) zzFhg=XBP>!XpZ1vn83i@I^h!_!&qhf@|{zGjA4GW2m`>7!0-pSVH|Uv?_A?M?*Y&7 z2{40FRgwW%LlWW0y)W)JpQusDc=$M#ax!n-Vl;?$xW2eDTF0t*e;L6Y9iv?V_}BmeALA&zjBec;nK}tc%UySA+&WbkHPRD)sGJ~p1wVttDKc!Qu-m%k8UpQ>+{K;; z2?yoVW~X*SV!{H8S_l=RBTf?DeRq=bFhPNJob^3G(h-MjPzgG6n?S%7^+?alG^KN$yjaWL*g4Tym!HWo;!xW?c7`SWdo!8QfMR(5bqYPErwKu~c_pRECE z)egxKFYz8V#-6J7LI+fO1fk~Iuq8tV^ld4<6#&gwJ1A!$kCX)f@#VB_f{oB>HQa9A zEJiNBI9Vkl`O;EBRzgA}11;o5Ot7G#IFcDy7Nf2dMqipNS6-%nBRiS#I_UvJ0Ff8R zuac=>Zx`&CuyYF1&fVFn4%}vvCwCoim6=_jM)up(us&ocJ9t1VRS(9i$iGMdRh*Tn zT`b2G!~racqX!+)-$C1*u6iI~*1TP62en6~X&RePRf+)0NcC-}hX}Us%$CVB^kk{3 zRky0d%$e*gOGukCa!*I8_lWT6tob_Y8gM~r`8Ps5q_n>8FRZUQHELgi^5B|Lt#oD>lAo!9oqg0tgVBFyWA$=nG1i z0C@a4I`6z#GpMFc*h7sQcR=eNuXPM9&dd+kA)!ulgdGm22%*nDJ7o1jDu=WU$qV-Y zR@7s_fRJhtcM}*i4;@;$8^1pr3!2q4341i+8)-MYo7y1R*~lo>;BzIo65Gum4x`vM4hebx-Dv}q%lh+rBk9LCC1o-KU;05_USX3S%>93RSk~1sG~}AboZ;$ z80?WY>IpYayd|o{3Kd<4cJZ=k`CbJLxpwLgK!S}Id83MK*QSX9nQc2WtyOwN>r03U93c)QM8GwjI8I>P@NKwE&6DDLR zm@PC(7?LVZGqUier-$lv{q+gT{}KR#R0G3oKmZ2b_ukvWRE3lS-<=UVs$KZZsYW(} zNZ29zn0^~JY?%E{N=mZ6MSY8^_q_AYv;O8f>O@q>w5eaees-7#wIC8Kz$z*~+Ufce zmEVUSekfO6b(OZEi9P$p7hkAa^E(F8tw8;cdZH4>4iE`ekdOodXy^}Ah4AE?-)v@l zCmj+)Knc{6IySXekg$jgfjK}t%BO)PE~ zbF!xK@}pXDqWP1huk8DPi#>We5D1EG6QBjcg#s=Pm>9aGBpUGH+D4UN0j>ZRsK%Np z2ylec($(t^N|Azt9%^IMvPHYha3f7wIGq_Md>J{H4T6cWMOv2N?Z4>1~ zX!3A*hJS8T)mW<53(x}iz}*Byov^DqqLQ#=HEst)K>)1vDxt$jzHOVv#fI^COy@)+ zE*YAsZCE!2mrPVh!2oi6N1~Ud`F7ND93kxkV75>INBbkGC0$zTvqRh2L)C%g#~+SZ zom+@jYI_wD1ekf;-jdnD(lq(fqXF)`o?>5fwsaSs(BQYh?~9HCm{R35v2RDCR3 zj*yliX+Hn_^NkPg`p%u|GDHoYIUUGC7j)c-KPHI9%n@os{32n;gHbXD$d2Fa=o4w5OPUCxyQX;J+sZq@pP@?kN?h~GKL1UykMR7H#(N3O11;~tB(BP3XV{p(+q zU#aR(=^5)sRH8_okgP+vQh*Q6Su*1QU;vQ9o)lH0155yN{una=EF_fxsNenWcQ((F z7BJxmAV*%*MBkEyC7|yR)k!v<~0Cq>H@-}P;jT7we zP+L1<9e}UlCu6x!dyrTL%b>2D{tO@2fOe#>s2FjQ3!rDb0k{}HjDLVR4tG&kS0z(Wnutmc;4*yp@Jg=~QYZYL(eIwlJq}a_z$$^#=N^C0*%kwYf_4i* zMmV4qyym}q4%B51u&Mao_r7OR+`8P(+SWEyeA-4i9ltnfd#?JO@0$ z@?*erz;oc7=fK&Jkeu^OJwpZ{4G$g^IK%8tcpP=FQ~927(_io$s00p_C}b-kGoMB6 z;Q+gKjD3SP2f^B-LM-cEFkMaf&IvhedpHRfJSpeuhV4V18eDriJr2OXT;(6OU+z@m z>E%@RQ%F^7lCQP$q`X1tFW<4dIuk-_9L&?@#dU0;use!m2gx(oOI8MP;DvIki?GWH zw?^PM*UO@y4OlQuS=WPU_zq8N(wL(@WoZzCtaidm=sWPZ37qN)5YKnWqS88o-H{6a!gaC}$+>n$3MqS#b)7(@88g z6{YGpMTlYh2cK?`nR9oUFDFj(1&Nb)IQ+yVLq&)%H~aK7ViPrFcLuT*d9JReS*6Zc zCunTOnd%(1OL9{)=CACwVw8-3A&ieB0eeoqV%W>3AV?ULGf_Loj=_6p@_pL0Y4&b} zdvE8R!O$5)cx;3?O-Se!jG#GX7hb=L)Pa+`80e>@q?Ag|iA0RBaU($9?xdhg#5>9< zI8Mr)DdD;RC!3X}G9%b9ZUKTu`H|{KOgbD_E?%6c2M_Yh2%3{_oG`=X0}fL;wdhXD zkq7>s2r9gAVV<5)D>TD+4oqN3KY4PNUeC1?dw8hl^jld(dvWE^yLaysk}&7tjh}uE zw^wDXLX~-#2e3mNMdo5oECvY!dg_Af5k7IzFm>uwvv=i?MWpv7_&p8&H6vQE8X2)(k0#9-Q6P6-L-Ug ziF9{&NH+pXr*tiil;pcU&pGG&dzrt1oqOk=nd?*6z9#H8FOG(}r+QB%wZ{>kU_u8Y;<@-65APY;>w`hF|LOJgNV1af#C7%%<2 zCZ{EYg}q|LvL^<4Xy1T8Q)zdN+Bcb<*|kBP-dmD;Sr>IpSSeOTHQ6@9ftq@zq&mQM z8hBa|dW@1KrfEdc<+i)opcsiBHo$%Ucuqxx3jlq|Z)AE>zkf@OcMs@lgX8HMLvb}$sa5G1$?5}owPfy7CvpZyI6$z@(? zyETQ{_+Q+y392kpv2Z}q!JKxy=I z4v7u%_I!xCk|6$mi9+H)hwmyI$2%OkhA1kOpEVbnRIG|qfoBnYI2gqaQ%+q=MT;;P z^^`nEmDt9}VzN||Gt7T9k-$@Ly2p?>XJi?sf7 zsbctki!N1FfS1syx~C-=@B_@{pT#r_n4ce2TLrqOR~|bfM=QX>Z|`)*!A;@7Ov}?M ztua71vc%9u+$dYhKP`eCYj@AhzK!4xNevUb*UKARjxQJ(ajXZ*nB2nQGQ)t$m}JW> z@t9VqQc`J~xQNw$^jFm)fSrcP9&e6e&(+ABa)x2ZL$G5mlxzBQ zEj<&EU}}F8C5rNou!3TTBS}0H+ecl+T4K6pxZa7oenme_72EliZ|BF-aM_3e(OM)B znC+%ShDALQpOuje(SIDh04;^15Pg?I^j1ej61<>rKjb-wgXcd5XBA@BJe_yV6eF{s z<(9-T#RG&5IYY7hK(qjrYmHH*l{9zXXs69IMd{(y)a+AStynVH%Xz-M9{ng zW_0It02Q%!Oy42w=ITl9F78e^5$1lpK=OB}=U4*1yPoZ`DA1@^25k=sCS%#-6S#`W z9plH?v)ndIaHEq|(2|q*F#1=xC1@4Fq*7Pil~Uj(u`$pv5qdzw>tuw|B7Um$gzWr^ zgiXImtu}7$5oK0t_ z;2CD_K0!46LNYJUEq43e1mWUbbpLV3NY6MA2S_t#@Ci4oZ0Y&8d*k0gI7i|R=iqQk zUgdTF5!hs1FA0H=nNH606dzTY_0P~MXX>yPd3R2E-KsjtxhT?!o;OI{;YSvQ&|B9~ zdCp>mCQcmU1|-|DZN7D%_f^KZJnI@o6eiag1w8Xi;&uU0aT#B9HM&1O^X*t#S`A6! z-)NqmFU_mmQON2Icv642oSe6Ph{k!MZk0>DxiH#6#v)Tw>2B9twN11fPCH1&IxL>l zKF>ffvBNCZb^Khv7w+R48a~{=CLp?#5|vd_^4R^gTr^xa?64~2=ha0WyNT8^eM!~a zk3Wd9@PiuZWYs8$=D%LOzPYK1=<~{K^e`Iqcy4;T6pTo$=T9q*e(Tl#T9Gop0fr%g zE6_1aXL?$&KALo_U3@J6Y|y{pqvUyU=FbHEgQJc)gA`nh{iauiqiW36*|hGjP#3uo z2DJczLsBn9*!uiFl8lX|92y%@B)ozt$F&4nX^jod8<6I3beRpCWnNEY@XFyHJ@}I% z9+2vSZ-)0YGlf0N+|Kh!t8l8f@v19)AUz2-l11M1_V9YqjgW&?avn&?XLKbC0Y6L! zXo(S0_!y9=4P}kgPS8WsFF6f8yPUcWn#|g77Y*!@p^R1AE{TzjSer4Y^9i;j_}(-# zuKJyL=cC8*0as6(Z#}7~!#xL!psf0>12T;S}w`;yW7 ztARNl2RL2M%d?v?sswyC3$p@cL9A-l3+llBI8-E*7<~KDHatr{b2EuY*u2ZRVM-#o zv%OhYGB)X~iVWA)3G@4#IhCv=zFV_`!uY?}qKl+jdAxxbSEUGPM}o{qmIW?+@zYo4tr> z_mG8K0p`$n@8{8!xgFaJDu!REj6NM;xE}F)Iqg}ZS|huXoD*&d^gWBb?ut~4s1*Re z9J!7_3zxyaQ(o1)oeZ1D*m@^x%Hp1-j{Ms@{*b_RT7__yUKCFzCMn{-Spd2BA^vhg z+hl-8pY9V__#e=^Map{$4`iZ(7jXOhCbr#-f4hHvV{8U)0cCemsZm|t4g+6DHNOi+ zXr9kJs=rGGOc$4(%?CYxC?#;bd@mcz$fJCTbnu**1nVT#6AJ{x6x<={Sg)bHpaF&j z#vX=)s$ETyzLp2Kg zk>3d4f?mOE6fINFG`^NQ^EJ3B7wWgLB4T38{Sx?2m00~Ph?m$m=%lch&?K@m8TZ1* zWnE3;D7-n<@oMe^KQ@0bI@WMoRUF>hTjn1e>!crt7E;KS+9lN;o+Sp@$SjKGd=V~k z=PUoirl*qIup!t1b;r-}V|)zpOgAaCMis8O)(`caX%U;jLb={b!7wXr+1NW3S5*Mo zR-RvnR8ID%@yq_R`Ewe58jBLoQ0?))z?7a}EJQrkV+F6w3krS))?amZ`qY=+88u6Z ziEagb==m_6$i%*aWtbf{6b7|TdWIa3jADW7a=)%?sS_U^;*5$8Wyk)L-#jE}_otID zJuV`MFen)49H01MI|0FfR2)LIjSl(b>!q|`a>H<=;N59EL#TfFi$b}7 z60>XwI4;RR)>Jil05<4SUfHg-Liz@F|J-!f;b_^nDZY?DhBP#RL&tOI3cZOE9hN1# zqzvpfa2IA!MfeXs-7|x}QAQS&?&!0bmtGN-NgMe_`5+K7oLMn>%#F|~0 zF4YY6V^9#j4nNS2jXU1(YH@_Y+DogDz6&PfR{=NNO0^tkkc)b`(~ zZn*5}VzRO0d^(ik6k=}B$a&3&;0Yk=$6NLbN4?M@9qvnzz{5pk_lhJtDuE+ptrNdM zZ@oJe2T0AjAN^47cg$V6-0(EvfN>kbLAgzs!~#vepPIrs_tEl~4!_gV>SQg`=k1f+ zf6vI!H#y?y!R|16A=$$8&OsenSc4fyBu;#04xL3nQ=C(xgh|Y%jC>zFDKL%*BPwef zj$&ggNG?oT`6p_wtrEMu?W{B@9ys>t`wGijz=e0Cy=Qv!tXC*OCItq+sNKUBx68(t z>Es%A;E9Ovrlv<6*XNs?6#=e#4tC&hcRv+{ff~$Nf;&Q=0yggV|_}L_z0G5{cN8!GGBWhg34LW?u9lq0XB4> z%DuNqRxo+q;c3L`S%mi_bK5d%`UYcHfH*G& zGq4!or+ccmOim3ai?=n?)^p3;HS+PhBQ8g=p5no&TgV+XfJ_tyGl;xltbSQtIZ-!q zphRDBIdq&NVe|Qb=XwB%bs05tgJ)?Zp2Ri=1&J{R8k4n8(J9CyMVK6ETutv5Wijkx zFUU-w>&XcOBPzNo_6LXJ0R~?p?O2mV5Du*);s%6*hqMlPpJX&7ev&<)SQJ>OeKI5F zb4h)di){4#+Z~mj(*R#^G4Mt$oMj7v0jJV2Kiz|0?%lqVJi0-}Le=lRwM~bD7&E!N z8!%24d1Jwy2^G?<%YqgH1D|y1H-3k{#%X5H}$>;NIxENCyf1Ri0oSWbw9D2m}$ zc8)vM*ol4)BOj9<$xr4wSRUOP9q_lL;g%y&r|ILhh<_E|5zp>XVCj(5`qGAzAoUPN zozxA$lhqI23R+H2Jse?iH?3~K5G91>MZgq=Z`mP(u**AETSU9WPVq*#v$-ZOU>y&# zOGH_T8k9uJaLVH&37J}y=Ta8gJ^aDulkEty)~R3xqSx_d%j|pxX>mO20XSede3b^q zyUShNVed`P8MfN(4af`lnY^W`@;J}`POmGDGwbfd9YEix%j0LjF{{W!kOQvPqg?2_ z*F+x|-ryf1H!tOCMT)nC(6_5v6qhDJlh0T4vyP?z?+-DTIq0tFB zry?9FNUCIrBpTzg3{n?DxgoX+%%~^^zY0ijGuD3s$!C*Km=}`6yQCh>)#j;gbDG`DfdvWFbbw~Fq_xYXH`ld8vW&{(Q<=)#zWR$RWH@%%(W*d z^S(x0+31`fO>N`q@DVpH@NPsNwjr|zja|HZw%8Z1bb6{ zX0Ii`b_?_ndy^37ayCzA$)0lWPjJmRYjQpOoT9zqZN&j&FNFv|Qo@n#9wd9tFL}O< zsKFkS%$&kAGl*<}-|BpO#bsa@G)H1(kc@OmA{`)-X(j-i&g*{g0?anGW{cfDT<0ME4V>-|D2HtKJbC9B5jrMPyzFgc2re@v4R)4=k4`IvV} ztqa@heV+}^WREDu7pBS#NkpY$?z&xEt0vv(lwt(g6cPc}6^L7eX}x$|xv--yvbiCd zEHtCrF~LG=9dBuUYZFsThuRW+eUp6-*jG$lT*mswf|6^en%+OZP`9J~pajuFb#o_9 z6EsTi!YO}kP=ZDKYzd63;Q2l2fWq>eCSL-3XIlcG*S2q(WfGIYu4K()FeM)`RWBT|()i(AvMNq74lZy;ZQyZ{PL`5k4`tP>?+8!~#N>Qz#2^`K z#4hll?)#mZx%NFjK*J{d`KBubx%;oGW~FN6w1Gh`*k$2IZpTh|RTm-1Y?b_A`}IaJ zXIY#gE*ks$aW58KvH>D^QGD$_jqoQ{-c{9c#bfnBQQ&35Lj-?>G&Sx-M~nxOsblD> zB~VaAXPi*11`fr}V&qD+G>qi;SQ6El-m67-(T8V<0>&H^bjbE$q=F_Uo@zo& zzh3~8WkGy4W+=m#Ni`K1SwzCbEt^b^3tdbBzyjf70_JVb^>lDCcN@V9xlAMF(0aN# z(2-$S^q7695AGLl#S#pqG#&~q78?!at(PMikq_h4Xy2Y3I&)yx zzdhAgPM{Lu<8!<>KKq8Ksjglw7^5zy9F)GMic(kv=@|5WX&Il*aA(JDckY8cPecR1 zl{4K=xqKdKCMOdO%_J*O(SIdF1Q7}-Dn3FfB^jvCbp{C$@1mKG zbx%D2ey|7BXF$1a1irm+D+8Ef(MF_Im8Ln0Ei{zKni{0l4TQkbfA62Au6Mx5PN+=>n3wTzU|F4cZCKBNW^Wpl<25z z9ZbyrWU8B6>>*x0eZc&S>gi_4v~-oqh%LV*h~m9tA4(ZS)6Q3%;#VtYrFuqFwfFgW zf)l2kP*Xo{D~mH87eL4$3nH2&?VC6k;`@{UjUFwTrH(cZ-Qq4D9p3OFn-*?V02Tru z-5PWW8+lwz;VPpv{vj)$ZNN_RGV|)yTZno>J2*i#D&b_viT>H?LV2}QaHjR5)4CB- z1!qaVZ_siF+ACLD^sdCTuTW>FcKJbSe_@H|&gOKK>zuddX(^X`4X$U&hSH>56xE8G z)8zWn$*ggb&Zve+SJ%}TLoo9@cE{D|Na~E4&Bwh%@)dfy>4<#R3TQ6&G08Iq+af84 zugg~yWjEQ)a5O$FEG!OcDN{8G835ZpLQQgmGdvJ1ABzHm1jm5Zx8@1yUA7aJr~hHa zHJe0Ey!{0^h6M>LnUxx$oKcOoLDVHRH!Q|auNX*`I!Hzi1q#EC9Cj{#CnAb|L484S z24BaD#4)2vwt9#w0PZta$OH*^^%qVKNE2BLAhEiSI>2_3_hG7YfyMLyzyoNnnZhYg z(0j}LTp+JY!ksDalw)LA>Z>V~G*SN1kq^J;e49uy^h0guX`|QFoI}=E+}ml0$13`_ zUPrQM-z{>Y8EY7|`B>t}*H%$6oA_W%YMqFdY_F-Rs30x?_I*Rw&eMh`Pg58dUq@1W zhbrl^>xQqR>%PKK4rnxiel>y&m5F1NJv`ed{SC-nv8*Eq_GOAab7+4%@3NbgB0plA26eK2h8q(CM|>ljne{AZ+!g|C z1`z>x0GU_t`KETNs1|StMC#_Eyt{Ee*SS~cKigtqWV$tCWqxsiGN5P$C4_Xb@CU2O z${zt`vGiUrD)_EnGT2b*H{m}ga;qeh1`eq zfXvOscjKHhasxE`ZK&+6?5@5HqQ-Y@L2NDb>FN82WE#H_TQcl&shEoh75wJM50yqU zG+u7{b5+tT77}|tga~msv+4Z~ZamrH5sewojLO7|uNY-0?B$xg<@SHMef&%?CtLueS@I{;Z|M>;(pT zW?nN+Xu6<4RkjH+*sm3eGIXj*$T^TXV)9&Xr;=mx56jMK+ZU}?MXPnmx1N1huZP`C za9pFrA#4w~4Nn8BQ)&Y-><4S0!SZJgEiV(?T~)G`izKVl-z8vdno7F7_VHS+eQ&U- z&qhUiGOyu<-|dh$v-9_Y#a&$_Jl}i2H+*k9LWU(06PFcBVBnx8fti||Y;Ji;27t~V z+!-kh-$1;RJk=-Y?Qbr&5)=2C3?3BdD-`u9`$~=?nX?>;Ow4-;P0w;`mh^6`9-ia4 z>Eyj5H5#OIxCnBp+xdD2zG6M7{>KktyOz(aG4S>!!c4;55!<&V#NaVkS(R+b6(G|u z6I=_p058W1tUmY_Qun@|*v@1)$(L=eEe!L5kOXwoI6(ku@5`AZv*R^w9eD%%pevYI zIRcgBC(L8HT>iQcu2LV+bZH9Xp>tvkUaruv)A$=9y$S%ar_)UWbN%@AE!u4PEWkp{4~u{Q(LTyalvjc#sw8 z&?sM*Sd}rcpo0HmT77j2g(he^12>l}%*C}Z(v*VPFL1C;4o^iQijI!a%(cf49a)gz zg@(@oq8niq&AaAHL&P_W<$X;ivp}tf2NlNM2v{KIOXhZ~oC_hP75@gs%d9HB#=`L& z97*JcwNHPE@X`TX_zj3$OJd6S@Ekzg1sC)Fv4LQTU$R#Zs1N%u``#n=s)!?B!V>Hh zb*%;vxLh!ic6dK-M~OP z(X?1-dP72Q{y$+NAx{X!5weUk-0ZYaBRSMq5H)NPfBUP@nme!FYb-1G6@XWVwoN$o z)|gEi*xL&cmQ+$-K3aA0jP;d5Y|z!LC(kbvu)0<;X6G<2U1d#L%JwsOJSd^}$5pVG zxeR$wvPHU~%Rn8jhD)=zu!$n>UbsuN+jtEqEiN*~F2Q1U+2er)hcqoz54jsp)hTT~ z?>r{5Vm;aUL{vUD*G4Ow9e?WXZh`W*?2o5*i*r!bP2(H-scmq&E#*yqT0(FT#uhSc z1mP;*nf}oT?{ z_Th}=L|WvqQ;;JXU=s6CR=RH?Q7OiX0?i>#?Ef1KBS5rzhLJM<6hx=tW0dDFPJ4KP zl-c}1QL{2o9^t7BFXarE@?fY!3mBQhPvZZ6aT*gsDf27D)>N##OJ}=-7IlVRBzY_C z!9Sv0p+trrUE>1|M4_>MtE~8Te6r8C_0Le%;6qJkfi_B2elo8|@mZ(4nPLy!+ST`*l*v8+##_Kp{ZM#FGajeF!1XCo&ww7r@&SPRu%_o>e=)*)-L5NKBfQP46^-EA2dR(@j@{I1I+%g=Ow54ZBGMzP#3 z-4gNJ@qd=X7N06J@g<;2f7$q3*t^0=nRdTFE*u{{`*S;TQ&OlDGFV#rW&rj5A#ho0 ze)jdlU->*UDunC4H4eoiD?6?w(N86tV|z*Iu{v!A!zb-#@~wT z>wolV{kY6I90clEDzs@=udtG=4J*tINxQUPMpo;2s{U1?TEn@}^ln84_xd!tXnmF6 z+_5z6P5*jO&ZOI@6OVmNKQ%Wey%0>Owy{Ykj}(@Sk%$caecSuNVL2&Q~;$3V)OgB4HIzj>)TzM?NY70 zB`UXOf*`kwc8!qfpHH7i(l?*ITR&QorH?~wB4jUi(SpCPKddw|YXrPrGU>H`P>N?r zl;7}>&GmQh=zbdy-+4U!l|_~C>Yr=3n#{7R6@9xVGL^oxX=HJ)Q@g<`@@GMlFEN+( z>Hcs$e2QRr=4w9#O%hVAYVPZT8{fA7Z?#aMdLd|sEo-)60!!gzpu7+47oDp zobP0dkQ{at)s29sv*B5$fm6ji;f>hcBtr;5ELPhIu8jNx^IJIW0uJ>+AxOS9-$Ev# zVvk`)RI`?_!BL(3Ht@~2-A!3JvBK43>_eJI&Qe{Pp}Ti9;4A8 zbhvKlDsj8Yr>I2r?eQEoek$qML`chJRS56=9toET-Lnu~RO-9XW`Ya{mK7>AwY>ys-z{}oW>eFA_HROzN>P|RXaI|Hb*A#Oa+em| zXf2p`2UlXle0=d~OH7SN&~70$O4-X0Az^UEy+}6^=2sBTYm_R{l8LF>_|{b()T@Jr z%Q5u7y?~bn@|YLt8>$?rrG0QnNbJ>V=L7ske?`xQ`i*kOEQd~0&~Hrw>BJ9_Ax!ct z)iGsue3uTv`p-gawJ2;-IDrelZZVIuNp1mpkan>A*Fr+lO+4(Pdew2+F2YLxMTFv+ z{r$AXTP{^ij}!L|%jJA-hClq|fqxFg2?{V-PMh;3Y_RHb8E&BW5jy@L{rAnzg`(Yu z9B;IiY8&!^cFO$UJHs(kN)l>nN!^d&s$l9$l|11)o`7es@YK<8o1r+e3oWM=-J&pGdJ+lsQpuN%G8qmrBlzvZO7|FD>ylnyH|x^b zc2%KHcL$quBE;($YCWw`p-yV+EU-erE5`Vo?G*z~*X{`EY?DE<+{BndR^5_RIO?s9 z_`~)%L^sywn$O~FDsd-fjWs8^QzXB(sr`xQqyl>9yY}fsb=(XiB^>vsvdQope-~?W z0ebOR*YHrzi9c=csLc#u*jzB_v*QXsP}6ZT3`V13%nlC^uW(qYOG$rxEJ$qd(MS{D zXM`Wft&}ZMk*zT&3hNB!oTGfGwpmMXFFSYjVIA=Dy6t3wHzJ}52qKcl#HSs7M)z6)xVI*XdvqU zks~4lTZ!p*h}r1vnGqwB(3Jns_O|oC-N}goa+aNFwrfSq^0VPo$n9^$r2aDb{l5eD zl9+A^a*vV!y_@}pGhRCZRqGm{>jnGY12&ryPCiyy`ARIW+rt&WWkzk`R)&iluy~&S zxH=fr-7SdnQq&M=17L4e*U(sKtsSDbLn%+M3;t)L7cFt=Q>bT1%W0wF04>~|t?kFK z_RtB_%T76yK28fTm)v2J#WE5eC{(7)4vW6|Cy*N)!);EtB|O&786v}LOAZV-tG)O zw9X70*(TgVP&xOqw)#0J1yzQkQ)g@+uMM; z3yiLVGFPgU!dTlrK&`(Xaan}pP=@0sZWCqGA80bONv~vH^f7OQFI&X1EF1<*4iRhE zam`FJCf^HhkXsWn5hh$@7_a{n96AKw(lFkQ!$28K2E=8wTj->(`^u0Bbu5b>lxxf% zH?=BM=Xwp5X=g1Kq;X47+k&8Ya75AY#*~> z`;QS(&p5o$8%%zuEl~HLgRBD)`*MCbA}*U$qdbwo9{(L3`@7SX109r2>pd}1XPNaP z2i}StNZNnLH94keA{~U$>rE|D$RJ!MV>1P{gmIDuJ~se|Ah#1p9>luy0R6J5@N3t< zPgiLRlwrCMYFs|R4+vjvwYSY(yK=?Rd}`2bf~OpRgutsbIRc)oUZG-6X-P?DcN_wq z=cyzD9%HTcYnAnPX*%<%1Z(>lf!Q<=hki13oW;XZ8SVtc+k=~M={Uob%=g<<&h^`C z%eyj&^C#nv!u@z2XZG~SJo2BxU8Ijc8^1wfTu!K|cI%mpGT*E8b}M$4a;BYTi+kUY zAuU+x&~c&xY!YFseSl+M0@U=fRlt9ai%=!WdBGb~Ue834vcOxUv^_ z4B|Qql2I`M=Me3EvsVTrf|S#$ZM_U7FW|94PWx~wiQR5jrW zvsIhAtO!6O3D*#}kI(f0KT>>RKRZF4idskZL!t{g!FEDex*vorwQ7T*J;)WdEjtZx ztvU7f%{g7{4K@PPHxu)xYLWjnlbmPyj@$FxrUnmCA=Wp3{2TD#ec2-Vi%%w1pUD!8^CU%`C?rJ;=TxNbuofflrUP7ArT9UvQ2Vz}|-o4Nt`n09#SQth>!AExym*;HON$ zGxqAgZogZ#-G=~eNq_4jQR;joV|216@81X45aN{q#O#vrsPdosV;r)#+I(!&R4D-% z$(AP?8+q@iwU+Z8<8bW=^yfg*WEmlu8(h{)e-85;w<;-P?pN#E?labFqzbf zHtdWjG#d98C7-w@{14FE^7u~^Sq$JO=q=di=FdL|Kx36!Rn@(aE8(YnXjPKaNm(3G zn_Gy&3O<>M@-qb=lkTy`ZLbvZ>T8^t20Z?`clNpu^lic@17X5Dx0Uo(@TliU9 zDzPf-_l7$xCBwyd1#RNTeyU(Du6c#Cg-#Cs{LLb{Djz|=m)__-B=XBMej&x-YkpMt z3SVh~&(6FD(pE_j1&#dRNwbD8qxjjnn-Wh9_BeBZfI4!qsphvi9#^m<(nr6$z+thDD}=%vE2`-G!NIg6^z8>s2S7carS}!E8|*_^XhJ-U_EfCbaLg> zPgDR-K1SN{Uk%Qz{}JEVQo!K(f=0(i=&>+w$+GGfc|MBl*7!AR!xag}NZU zdR@B)XEFZUI7h!CuL9IMLT>-Ib7%SFpI!b(R^^u^=Klf`Y&@w##gn~}8QFlSQxe2G8^*uB=$fx5Gjy<&yXAt}3||(Ul3f)yO@JFK}mDT$8WW7hV%49A(GjjQf>SBU}Edm$abJQ}jNdPfrbvaT1#|Y9fUBY81mb(~Xn35KHY*#Db zw4652P(iJ4#1lj&^9i_<; zSR>C@&n{rZU3`(EfVC#~lYK!UhoV9CUH$sIVRWayNZ)5+5_;^J0)7{U8jk7%J^$zW zRfB~&On7pXeLP}zce4EQtxJrw2V(840_jpjrupXETmEAr&T`g>1@ay>Hz=daTY?wK z2`#t1FCU2~cyix0wqL-5AhL@2&~tt7yc?8CQEE|H$0H&c5Hhu*^3Lufx@h=(OtWl; z7jC||@bi12zVAVFj|9E~$fI&d&M5R4-ap^^eb;4tAc>AF*Tr_%p~3FWNTY95BC}mS zoxZ7JFLYT?@t+0uReP#5rLt>fbAj;PAAr=hAfKItup zsICBFa6?(W(t?_7vHB_>jc;gt{)58JWB;|%TuUQ!m9$m0lY$DiOmOf_tcMHE-K00t z(ko`h{yDqi!ISk&mM(t0~6N3f0c-^>0y9jX^dtEjWch5_m` zrSL|Iimf8hLqKOdI)HN=A-<~3Au&~+{qf8Wmd{`2hS zJy5+=&Rf30sWiOex9;}Bt8DY8@9B0^_2IDq$o=qv?d{qr2yIYh2BSjOeAm-5C)7F? zDBMw_SiU;PKUj<*-NWnRCECW+(uj@N+T#qp^=LDDKPGfI>UP`Z8S<95oa!9U#&7Vs z>@FBFEpt$~x^U+Gp0TAN3uqN1g*33+Z;>KN2zXeLrWf?nBrN|u=lE-OuJ3eRs%t7@ z@d<0OinRjYd#ko5`3Lo0ga1f&&IhZ0WjPT|au~1y(mi^jkKhl{$wISONfM{<+O&I- zX-SdiO9`m__8D?Nl-F{nttjX@NMze1(Le#+%#V9n?yIojZxH&i?^&IqhSHcK{`1vC zyo5S&;Jf+ph=wpUMwNe;;UPaW|r`AchK)K~RG7PK8(}v=2f3A8HMigfa75-*>NiOrIW)x}Gqo`uN2sX0#61vdnsYz=2TF2V8yT zqWSU}K(Cinsbq^J73D_ zl0F-315&$jnRHEinp9b#z8j9^UfUjB{QGKZlEGCD{4CEf)iQb0HW&wCXa<97$emHF z;(tKE->DQYudk2}BbOxflgH(3WmCT>vf4h4)xFua!?=%he71<=dH`otVcU_UWYwKH zOpCYKO{O}NRVPi8V9|(4T&?@~tNbwsXIy7E8Z!LWM06*oQfYKWowO(9x0?8VMo8V+ z5k6*Jj#=yHz5Bw2$bB;I-*(T1cEK8JLjNZs200r7@KEW*ol;9oJ6ed^j#v6$Pf>l_ zyE??1Tqsiic-peTbTh5sX#3++j8l07dRFA;&my-T#_ZF(1MiM!wRDUuw;?go@`1k~ zQDmjBBtkyT!}qSvFhI@NxWB#<;_RNw0VLQlI+RQI70V30auN_uA92F(zmoW%mcOwz z-92zZtvc1|!fF53a2tCdNEU9^i_b)jxtWwDr}K`a_hmoa{;0@n0}Ryr#cYmXk$uIg zqo6rp& z{Gr3gze*~6SRLtPI9WJnD;x-m(B&3jp!BT+epdQu?Oy!pvK)f3*VI~;ED?{>lrINq z-}=j@s3-64&u)_-uXEWFQbi!e%lk+NRc|<{j>IY^;ZB)zy}`O@s$i0i>a3y_nwd*# zIni1%y+m;$a*^I?qY2$4R@^1BQH~Et2%6cz2SJ$ztG>nIvkwd`pueO2ycXW(9?Xn| z30Luc6ZlC;D|iQ_Cr zW$3c7aU!k4tb80AW#9d6F)OpDE-fCs{c`ch4t`)EZjpt5VWmbISG7o`V!B=Dfgn|CXx{VXKoW02pFIqqW2SWm|CADcr)ueRIJzjS zc3cvY^{OO=(zWg4hRBFSIpXhe|%x3L4)Y16vmv!G=_^ke=m>TI))wa$gA z4;l<4!y<6N_#jDy|d??lwe?Ck1WTudkYOG`>J zuUwlxO`QhVCx2c@J0EJby9F{Lk$T z_wS|9z^4-PBx)$ai58*@&m3tc`WR2e?gQtf^o6b8@BP&`Na}>kFpkbVLz)>)W5sIY zJ4K=EF{)248!Lb=X{Ht|gS%*t@1f{y;f5pcUg zV6WA6-!e5%Y8^(MT2As7-+PCY$gMP@ zMhjYz_E$3pkKCrNp^ZU)68}QarLRL_uny<|iQd=Sx)?O7P^;Kt_T*0NOXBkkFr=Q> zGSP3#`Op`gig!zQ;^Rf4a+gIuTkbFP?-T!fX9a1k`Cek5B*>!=UjBu&-Yb3mD04j? z97b?h^v(CaRb=)X1aHL^hS`)xg{-jwJZIdcRq2#Zb}78KVJ$L39ju1+3LzwIDMY_?!XHh&2-QQBm1 zJvd7aCv-ThZ4hGiLlq3-QW2y8TgmT*6Dd!Z%+G5gRmOHfJs{Q(sL=(M!w-6^#2d6Z za2?jS>)`XdmB$irjLa5%@`DruOtsX)wdatOPK`g9d5QJ1vg}vBBgeg|si`iE5koOo z;%~cnCu^IptsNewhTV`VyV3v2<9C?{1V3G+*UVli+!-oc%rFVCW}yst7$lp3Bl9C) zGWM^ABPZ?RU_MU(j zA0T`^ufuwK120-eEw^8QkYmI%IH8I8&P2tX>2W3_V&{b7p;rWUTi4*;X;QSQUV_SzKT6Z@V;zHe37?+tdhG_rzE&;BYFko*gCc_5 zo7c{Ms&I!BtoK#VD&}H^h|t*p-cpr3<7a?Bp0aEwssD|d1{Es72gzK&YdK$Br#lFa ztVagPqc;?OxzYIZ{CkFmm35{M9~9XQG?o3n&I>=2x2dP6cl|>GjX;-@l{l3@|NeTC zb+XZNGW0}Nx`Jb9`2j+eI3~}YZ*)yQUGzF`IrIm^z&0`^y+)*BgCaRJHPf5@AshC2 ztN*)N(!ghDAhmgdwEkxZ_IwR-K(29_Qwu*|4i4uYGY9>5QzQJV`}hZg^H49}DvZ8? za@>TVT21w|p=$jxJV@?rBr#{4D1eu7+Pvr9yJ;cmNrv9t-VU_Eb<;gcJc4tEF{#ex zXheEj#IBz|~G}6IS z?F&X7(}LdPh6+J;J-Ki-Ci5cr1PlAi`ylMM(00zff8L?s;WgikQ_t_GoI}rn;<#l> z8mx2C+vC2s^ZJ~b+9so!I<&f7frOjY)KaRR(Y(zUPnK`9%sMFp;S(mO_NWHC&mL2F z9&aY!8?*3YT@^H2NN!CFM&onpC;cRjN;Y%Neebv;?42TEH%||Z9}|>FUwQ`hg-q$x zwgYd^mD^&uA|8#ZR;d!c7$E!FPmia>;IX#a)^?0A+icd0-1|dA+Jre>8+ww}znU5i z%t9i{Ho80`F5u8en{|x6Y2aC_#j`B}#j3R+#F7p=BP8|FwLFC1mq;X(YsqoFojua2 zbwzB?R87Lv45I{feP&*4pfOC>ig}^Np>uFYaznQc-2h%_@oSBK%LHA5YxTVZ9Y!;! zT%>&Kg;*bk(Q9dz10s>qTq)#jBVSY>r@OA#`I?YlxXDG%8MY5z$|6pI3yX`ewis*pIm}#~oX{~; zYeW?K=p60dEA3g%l3wH=mu-`2f1``pC57gjG0l{q1}6z$4Po`;+<)ho2|aUzyjMTT z3(?&o1;Agn0#p}IlF)VMLxvI9Llu%-mTM2;&N+r#Mq%d-C44&~=*n!jG|m;Oi#<2} zJ-5VH+EwIq|CmaNjA!J~e*A%kfeysL7k!7R3k4sTU-{{S#jHZ8hWXDzAw{p^gM)*u z>wcTW_EK~;U6$pPc!X30-{pEU+L;I>xFeaV(`{{ccO&VaUPRGVDpC>`wQ@|db@+bZ zJJ!pK*O?`KoImee7mYLho6YiG4zH&i_FcmE#4EbLx1n4!+fPggDSrvPxVhDmw8}d& zuNqU*ig|VNE3aG#)8F6Hxb4~=9S-5EJJ)wPVE4Lzubbk$J8^Z+ZNcQ&z8y|3$UEv~ z4l~dgx+N#6@*&M|A z$M=W#{kVR;&VAkYeXi$up8K40ohJ*5a1=Aw55BE-Qv5KoOek^RUWb>Pj5mpiykgAf zc6^KZcv5$7PR1|jv-r#?LCTDWXg?H@c4u#`7C0wScOm3Nu-IIncH{SRx3mkMDhF)==JU9g({6MwY{4?$ts|R8O~=S9O$V zv`4CK`O_&Zj2_JXbOB4~u{L*>ogTgKZlKcV;62)xDZ5?4T63BcMm*y7hBhTEMeiFa zF?6Xt7EycLun$4qcF1tZf{jUZkeWUC!4?2dUqrOWQ7l8>Pm@X~>|E7+d2F_JDIII; zch)IcGuL)HuggvYZq-Brv||)Sv?g__#c^iFTwD5E=tLEwTn(k+dPLZr8Z;!H;#W-N zMggU(;Jha(+lfbynzsatyZ2QDZ109MR@4meeU+2 z9Aa`-i%q;@V?R`iDDRGPmXXIg=)KX;zSVXw5m6>Yv@th!qgzfaf85vD0y4bjHdMgK zkoILReW%U()pBtKI>$dGQ!ZLE-TUA=5G^K#{7Tra^o` zbyKeMR5SAiP@=y<=Xy~bDO?>_`LezuGjtF%3VZb%@%HXd1@Vc*_M4vu}V+xKMqNy2TDutA%<_8iL> zE?lnAR=@KATV9x>ZkdYp$x@*WSf18R5L{ZdCRbM_$MF5KwY@cpu#gp_R~TX)vL^1z zgTmprhfS~`0Cd+~b6MSPA9u1rQ&Jr~mF;NagdgGm!O6+VdhuM>z5>ZysYS*HcbzKw z2N~OR<5Xz3!zOYCmYcFWUOsDoeptbh#m z_x-5y1y_C=#H|~)Fir~l7KOp!;c=fEHYwkjcG9v@4m)d4l@v+!jQ~hJYLlz&vvDDGaZ); zus~0>Wi_3o26(L$f-ufno zNA-@)Edm)a?YlyJ*OB%;mKF*gyIc2|{47Y(NP4?8Fi(~>yJJ5_oGcNvQ~(!WT#);s zPkO2&4es6}Z8C6U2lf#6@2B;u{OR4SB@uQ?u5y=|W_7)th<}VLS{;rrQ6)~yDA(eM zN3k5rlt9m(#qIIWL&Dqm{5olPywuz^>hh-h!PFm0ixffHIU7D!-4Gd)Po^OBRX%q( z(<;yZ_gAALb0yB~?cZHI`tDiD!$3w&!?i3(rf6Ilh{#c1h03-PecSFkw9c+08*l5i zv|U?U)kfVK52{i?rTMaHy3~Q>`&pkUF=*L+X9?3BPSQ~lR*Ds5&}}64$m8*S@QeZ~ zn%3D)p-$UxE}`K^@yrWyPJA!bIPU~!DQr>ZqMC0VrK+DQO=&$m>ct8=463wU5to(B zxv$e98kBw2b3sU{YJdmAW_T)abmMh@jQiT6GMe5y3ph`|?)*71L(p(+BSUKodRHFF zPj+r$X3uhI)vU;GCbF2t08_yiIWzPE+d}fG0{E-GXUY4heZR*Q=7LnLGPhUL2OS6V zMp497?Mw5dRc$@O+kMD2Uyn^-wy^*9@d;1TN?qfGJ2-T|7K|{+yzN;iYHqd7aeEt` z*J-htccy69DC_uk^H4uWWhSI2Ex33Z7hExuko%}SueU@d=-BCCJnV7#_Q}|TOi45j z7ZTiLbC%1=LlzwEgAH1JjiQ=YyuN|f#y0e=cURZVidJn;N{mF|oYe$QPJoK7Y0A-= z7Ml@uG^nVy+78}3YJ6pe3?5RV~?CwUld}NbAr^Y%1N=zn;T=% z`6=&nsf7^cD1Nyc1U*UIB-npC&?QEGe?Cq;>gy`>HjQ4KlMjjG^L$+<<;kcGhn3pf z6OQ6FZ95H*NE=0+dxj=!VW#D1nxPUYPL9&KnIUP+f>s{$NT=Q+hduOU2b7Jyi?}fd zjm1j?q>7NS#IV3wFk!;Uee&spm4QjkW8(8S&1=J`%7HZHhCWbyaarvT#_HU9bbBb; zt-55!_j}Ii;VaxvhYdo1NwxUFwQ|$#%_>7#*>RQAbxMNw*%LxWT>cW+|H%2f?O0H8 zqwhtWhvCUDzG8fUMfvBEu`YkViBe_FknMVQLbDIY^O`!p4yOa{R{KW3Xu4?!OSD`1 z>AxeCnF>#0td}kt8g7-WSiCF^#nZSiK4piXRA-x(NWKU?yTD{4IcGarWPZxZ7PWhu zR5IZSolnAz%?)|2%Yjy*U~8CZsZS}F~j%vt{uOCzbG++u>#mQ=-6^jXvRq?l|8eOlw!Y-7|m%&4E5wNIl@sKf) zkqvU+a?PRqYeyYwyc{`3p&zZEDLL%s-sQPbNE=qxkKBcuAcimwzWJ6-UzG4cXzK;C z;(Ek)g8<^ldSivW)S8F-6gRRpZ!z}~lNzd(Vr+DP4SP6uvlv!vTC(kkrMN{ z-;WJarr#u^`N8d_CSp@;hGcYz-*mg;Ba;65h27l%zCqYUeBbTZNe+<|%?IcalaP=Q z=!!w;Z)z8l{fr#)(EmajgZgC%Wg8o-AP#J^aoF*>7Fsdt!?-@O_${^dVJ7lzU#G^3 zb!Bk@J-XlT7A9^RWf^3}TtFZ+Aol03bg*G`@XBTG0Kgn zD#ffQ4#g@~$cUlav0I=CB6j9Rz-=SNyiaoD@ixVLZ*cSB+ZxhMh7Md!{@dJ$Yl9zE$s8CTb&x3$61*p7yGg zR=N3edhJC1N<3NWK{3)ji5L~yPonvRmkgWl(=h&bORf0YT%^&QYwL3ZLh9pJ)z^s= zloQ+Q4PU^zo9|ZPxY1z;zL2{sl0XN3atjHkn%S!sW?peW6RR4}h!(b&Ae)fS4jglt zx^?k%WW_~AO{6kt+PX91f*)a1RE$AZfTr-+jn`3!tP0mmZE|2QJ>e(>@ukvfX$T7EG#%v^2ir*%- z&6=jVdm@pWEf{GBXk^3bG?(qnh?kV|*@xE7O-Z1!2k+D@q)c8anj#K&V69oQs-=6w zv2(fipgEd=sKN|`^b671SR*1w4iliGoD$gpS@Wv*%aqJlhE`zKr5xi0Xg>7F@x4cB zk=m6>K`U!0n@LeA*_(#1%M9qy?N5bquF2_eGdLVBHu;r6S(Y=U&KJ?}ck>w)y7ftL2 zG`&!ZZ}$EPPl4WeYbT#L@=-k2eUKeGtgSOXoqm9kp_V|62XmUDEej;kC9rLC7|_r6 zY0nLRx)i4B+|<0!MiiZrrY;HD$2p69Hf)yH0{221)4UZb|;|Ql(Ty20KHJY3iDycyAD8Mk!`dp;W_)Zx-Of0-YKdlpyIxIDgZbt1FF2Ej5+*CjwM9)klnll^2=A!p_qt znEJ%<2*YIvT3l>cKe7rdcm=h7Bu@5Wd$YG@8O0dRjwRM<{tFhDas+hm3DhlRNN~>- zy{_FFKI{?1L5yV@9|jw+oPYLrG6NVv>!Vkk(~@4;|h_inN(0z-2Lph$;s&l@4X2YSqUSg zkVB^F3GFk?>ZYwO6V?w;`?_>=#fXeWRDV!rS>t^Z8}9WtIAq$`DO=19FHjk1dC&BL zWpXXq#xj5SNdL1uFt+u~WOd_LBNV?36vjvxMW5r1T@wwr9lq21&FqTa`0&|r7e9(+ z?P)(lIBW>d7g;AOD+&?%a}RmJ_wpp5T9!54qC@=IEyEog)U#M*Z&@FG za&6Qv{Zjs}tSpo>i_CT^H@6(#=tr0b*XQR=`Ej{d@Rf)jO$401T7%I+1lLio{|NdB zGBR2*T(ke$#Yamq{cb$Po5RxBF+cK@1ENI+PNXDy=)3xhZs3ZTE~CAq2O5S2@io&SJ-2e5LcWw|3^n)n}#^9pi@vmG(K-y%7df1rLb zhlJW&8DG@@vj$&jwCprOFBKC06I4r@^(N@^-xqj}x7A-kNkODpwJu*+{=Zqy8Pl?7t?WXb;PD00rLAG0UaDsI{Qm&J CH|Zb% literal 0 HcmV?d00001 From bac2d922b70206961ced75e10a6790c05e67d03d Mon Sep 17 00:00:00 2001 From: Nikolay Stoynov Date: Thu, 30 Apr 2015 10:32:54 +0000 Subject: [PATCH 0465/1291] Added changes coplying with robszumski's suggestions --- .../cloud-providers/interoute/index.md | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/running-coreos/cloud-providers/interoute/index.md b/running-coreos/cloud-providers/interoute/index.md index 05920d932..e29d00f64 100644 --- a/running-coreos/cloud-providers/interoute/index.md +++ b/running-coreos/cloud-providers/interoute/index.md @@ -8,7 +8,7 @@ weight: 11 # Running CoreOS on Interoute VDC -Interoute Communications Limited is the owner operator of Europe's largest cloud services platform, which encompasses over 67,000 km of lit fiber, 12 data centres, 13 Virtual Data Centres and 31 colocation centres, with connections to 195 additional third-party data centres across Europe. +Interoute VDC is Europe's largest cloud services platform, which is powered by Apache Cloudstack. To run a single CoreOS node on Interoute VDC the following is assumed: @@ -31,20 +31,25 @@ Using management server profile: local (local) > ``` -After running this, you should see that Cloudmonkey has started successfully and that it's ready to accept API calls.All of the VDC API commands that can be accepted by Cloudmonkey can be found in the [API Command Reference](http://cloudstore.interoute.com/main/knowledge-centre/library/api-command-reference). +After running this, you should see that Cloudmonkey has started successfully and that it's ready to accept API calls. All of the VDC API commands that can be accepted by Cloudmonkey can be found in the [API Command Reference](http://cloudstore.interoute.com/main/knowledge-centre/library/api-command-reference). ## Deploy a CoreOS node The following API call from Cloudmonkey is used to deploy a new virtual machine running CoreOS in VDC: ```cloudmonkey -> deployVirtualMachine serviceofferingid=85228261-fc66-4092-8e54-917d1702979d zoneid=f6b0d029-8e53-413b-99f3-e0a2a543ee1d templateid=73bc5066-b536-4325-8e27-ec873cea6ce7 networkids=e9e1220b-76c8-47cd-a6c2-885ffee49972 keypair=CoreOS-Key01 name=DockerTutorialVM01 +> deployVirtualMachine serviceofferingid=85228261-fc66-4092-8e54-917d1702979d \ + zoneid=f6b0d029-8e53-413b-99f3-e0a2a543ee1d \ + templateid=73bc5066-b536-4325-8e27-ec873cea6ce7 \ + networkids=e9e1220b-76c8-47cd-a6c2-885ffee49972 \ + keypair=CoreOS-Key01 \ + name=DockerTutorialVM01 ``` As you can see there were 6 parameter values provided above. ### Service Offering -The first parameter is the 'serviceofferingid' which represents the amount of RAM memory and number of CPUs that you want to allocate to the VM.In this tutorial 4 Gigabytes of RAM and 2 CPU cores as chosen. +The first parameter is the 'serviceofferingid' which represents the amount of RAM memory and number of CPUs that you want to allocate to the VM. In this tutorial 4 Gigabytes of RAM and 2 CPU cores as chosen. ```cloudmonkey > listServiceOfferings name=4096-2 filter=id @@ -66,7 +71,7 @@ The 'zoneid' parameter specifies the zone (data centre of VDC) of the VM to be d ```cloudmonkey > listZones filter=id,name ``` -You should get the following result, if you are working in the Europe region of VDC.Note that the UUID values required for most of the input parameters will be different from the ones shown here: +You should get the following result, if you are working in the Europe region of VDC. Note that the UUID values required for most of the input parameters will be different from the ones shown here: ```cloudmonkey +--------------------------------------+-------------------+ @@ -96,7 +101,7 @@ Note this is the 'CoreOS stable' version, there is another template for 'CoreOS ### Network -The 'networkids' parameter specifies the network or networks that the deployed VM will be using.As the VM is to be located in London then the chosen network(s) should also be located in London. Type the following to show your networks in the London zone: +The 'networkids' parameter specifies the network or networks that the deployed VM will be using. As the VM is to be located in London then the chosen network(s) should also be located in London. Type the following to show your networks in the London zone: ```cloudmonkey > listNetworks zoneid=f6b0d029-8e53-413b-99f3-e0a2a543ee1d filter=id,name From ea9128b443931ee143a070bc897dc5c15dfb57e4 Mon Sep 17 00:00:00 2001 From: Nikolay Stoynov Date: Thu, 30 Apr 2015 10:50:58 +0000 Subject: [PATCH 0466/1291] Completed changes coplying with robszumski's suggestions --- .../cloud-providers/interoute/index.md | 38 ++++++++++++------- 1 file changed, 25 insertions(+), 13 deletions(-) diff --git a/running-coreos/cloud-providers/interoute/index.md b/running-coreos/cloud-providers/interoute/index.md index e29d00f64..b5aebb534 100644 --- a/running-coreos/cloud-providers/interoute/index.md +++ b/running-coreos/cloud-providers/interoute/index.md @@ -16,7 +16,7 @@ To run a single CoreOS node on Interoute VDC the following is assumed: * You have the Cloudmonkey command line tool installed and configured on the computer that you are working on. Instructions on how to install and configure Cloudmonkey so that it can communicate with the VDC API can be found in the [Introduction to the VDC API](http://cloudstore.interoute.com/main/knowledge-centre/library/vdc-api-introduction-api). * You have installed OpenSSH client software. This is usually already installed in Linux and Mac OS. For Windows it can be downloaded at the [OpenSSH website](http://www.openssh.com/). -Note: In the following steps, commands beginning with '$' are to be typed into the command line, and commands beginning '>' are to be typed into Cloudmonkey. +Note: In the following steps, commands beginning with '$' are to be typed into the command line, and commands beginning '>' are to be typed into Cloudmonkey. Long lines of code have been broken up for display purposes, indicated by a continuation symbol '\', but if you copy the code make sure to remove any linebreaks. ## Cloudmonkey Setup @@ -39,11 +39,11 @@ The following API call from Cloudmonkey is used to deploy a new virtual machine ```cloudmonkey > deployVirtualMachine serviceofferingid=85228261-fc66-4092-8e54-917d1702979d \ - zoneid=f6b0d029-8e53-413b-99f3-e0a2a543ee1d \ - templateid=73bc5066-b536-4325-8e27-ec873cea6ce7 \ - networkids=e9e1220b-76c8-47cd-a6c2-885ffee49972 \ - keypair=CoreOS-Key01 \ - name=DockerTutorialVM01 + zoneid=f6b0d029-8e53-413b-99f3-e0a2a543ee1d \ + templateid=73bc5066-b536-4325-8e27-ec873cea6ce7 \ + networkids=e9e1220b-76c8-47cd-a6c2-885ffee49972 \ + keypair=CoreOS-Key01 \ + name=DockerTutorialVM01 ``` As you can see there were 6 parameter values provided above. @@ -94,7 +94,9 @@ You should get the following result, if you are working in the Europe region of The 'templateid' parameter specifies the operating system of the VM. CoreOS template is selected, which is named 'IRT-COREOS' in VDC. Here is how to find out the required UUID: ```cloudmonkey -> listTemplates templatefilter=featured zoneid=f6b0d029-8e53-413b-99f3-e0a2a543ee1d name=IRT-COREOS filter=id,name +> listTemplates templatefilter=featured \ + zoneid=f6b0d029-8e53-413b-99f3-e0a2a543ee1d \ + name=IRT-COREOS filter=id,name ``` Note this is the 'CoreOS stable' version, there is another template for 'CoreOS alpha'. @@ -104,7 +106,8 @@ Note this is the 'CoreOS stable' version, there is another template for 'CoreOS The 'networkids' parameter specifies the network or networks that the deployed VM will be using. As the VM is to be located in London then the chosen network(s) should also be located in London. Type the following to show your networks in the London zone: ```cloudmonkey -> listNetworks zoneid=f6b0d029-8e53-413b-99f3-e0a2a543ee1d filter=id,name +> listNetworks zoneid=f6b0d029-8e53-413b-99f3-e0a2a543ee1d \ + filter=id,name ``` This is the output for my VDC account: @@ -127,14 +130,15 @@ The 'keypair' parameter specifies the SSH keypair used to login to the CoreOS as At first a new keypair is generated on using the OpenSSH command line tool, ssh-keygen: ```cmd -$ cd ~/.ssh && ssh-keygen -t rsa -f id_rsa_coreos #(for Linux) -cd C:/ && ssh-keygen -t rsa -f id_rsa_coreos #(for Windows) +$ cd ~/.ssh && ssh-keygen -t rsa -f id_rsa_coreos #(for Linux) +cd C:/ && ssh-keygen -t rsa -f id_rsa_coreos #(for Windows) ``` The next step is to 'register' your keypair, which means storing your public key in VDC, so that VMs can boot up with that information: ```cloudmonkey -> registerSSHKeyPair name=CoreOS-Key01 publickey="ssh-rsa AAAAB3NzaC1y...........fyskMb4oBw== PapanCostas@interoute.com" +> registerSSHKeyPair name=CoreOS-Key01 \ + publickey="ssh-rsa AAAAB3NzaC1y...........fyskMb4oBw== PapanCostas@interoute.com" keypair: name = CoreOS-Key01 fingerprint = 55:33:b4:d3:b6:52:fb:79:97:fc:e8:16:58:6e:42:ce @@ -157,13 +161,21 @@ Cloudmonkey is to be set to the mode of waiting for deployment to complete (know To be able to SSH to the VM a port forwarding rule is required to allow connection on port 22: ```cloudmonkey -> createPortForwardingRule protocol=TCP publicport=22 ipaddressid=value1 virtualmachineid=value2 privateport=22 openfirewall=true +> createPortForwardingRule \ + protocol=TCP \ + publicport=22 \ + ipaddressid=value1 \ + virtualmachineid=value2 \ + privateport=22 \ + openfirewall=true ``` The last configuration step is to set an egress firewall rule for the network so that the CoreOS VM will be able to get outward access to the internet. This is needed for Docker to access repositories for container images, and to allow CoreOS to access internet update servers to do automatic updating: ```cloudmonkey -> createEgressFirewallRule networkid=e9e1220b-76c8-47cd-a6c2-885ffee49972 protocol=all cidr=0.0.0.0/0 +> createEgressFirewallRule networkid=e9e1220b-76c8-47cd-a6c2-885ffee49972 \ + protocol=all \ + cidr=0.0.0.0/0 ``` Note that allowing traffic from any IP is not a good practice. From 764c7daa9c8d37e7a0b7d29d881526b8a9d5a7c4 Mon Sep 17 00:00:00 2001 From: Nikolay Stoynov Date: Thu, 30 Apr 2015 10:56:06 +0000 Subject: [PATCH 0467/1291] Inserted indentation in Zone Offering section --- running-coreos/cloud-providers/interoute/index.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/running-coreos/cloud-providers/interoute/index.md b/running-coreos/cloud-providers/interoute/index.md index b5aebb534..e2d34fcf7 100644 --- a/running-coreos/cloud-providers/interoute/index.md +++ b/running-coreos/cloud-providers/interoute/index.md @@ -52,7 +52,8 @@ As you can see there were 6 parameter values provided above. The first parameter is the 'serviceofferingid' which represents the amount of RAM memory and number of CPUs that you want to allocate to the VM. In this tutorial 4 Gigabytes of RAM and 2 CPU cores as chosen. ```cloudmonkey -> listServiceOfferings name=4096-2 filter=id +> listServiceOfferings name=4096-2 \ + filter=id ``` The name parameter above denotes how much RAM (in Mbytes) and CPU cores you want to have. You should see an output like the following: From 403b8ad60e9e7c21cf3e55b1a5a080067b0783ee Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 30 Apr 2015 13:27:46 -0700 Subject: [PATCH 0468/1291] docs: remove etcd name to allow for autogeneration --- quickstart/index.md | 1 - 1 file changed, 1 deletion(-) diff --git a/quickstart/index.md b/quickstart/index.md index 2563b70c7..d8d668c60 100644 --- a/quickstart/index.md +++ b/quickstart/index.md @@ -61,7 +61,6 @@ coreos: - name: fleet.service command: start etcd: - name: coreos0 # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 # specify the initial size of your cluster with ?size=X discovery: https://discovery.etcd.io/ From b3264bfbe50dea652ff11cb9208496704c9de5e9 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 30 Apr 2015 17:24:11 -0700 Subject: [PATCH 0469/1291] docs: fix lexer errors --- .../cloud-providers/interoute/index.md | 28 +++++++++---------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/running-coreos/cloud-providers/interoute/index.md b/running-coreos/cloud-providers/interoute/index.md index e2d34fcf7..c201eff7d 100644 --- a/running-coreos/cloud-providers/interoute/index.md +++ b/running-coreos/cloud-providers/interoute/index.md @@ -22,7 +22,7 @@ Note: In the following steps, commands beginning with '$' are to be typed into t First you should open a new terminal or command prompt window and start Cloudmonkey by typing: -```cloudmonkey +```sh $ cloudmonkey set display table && cloudmonkey sync && cloudmonkey 252 APIs discovered and cached Apache CloudStack cloudmonkey 5.3.0. Type help or ? to list commands. @@ -37,7 +37,7 @@ After running this, you should see that Cloudmonkey has started successfully and The following API call from Cloudmonkey is used to deploy a new virtual machine running CoreOS in VDC: -```cloudmonkey +```sh > deployVirtualMachine serviceofferingid=85228261-fc66-4092-8e54-917d1702979d \ zoneid=f6b0d029-8e53-413b-99f3-e0a2a543ee1d \ templateid=73bc5066-b536-4325-8e27-ec873cea6ce7 \ @@ -57,7 +57,7 @@ The first parameter is the 'serviceofferingid' which represents the amount of RA ``` The name parameter above denotes how much RAM (in Mbytes) and CPU cores you want to have. You should see an output like the following: -```cloudmonkey +```sh +--------------------------------------+ | id | +--------------------------------------+ @@ -74,7 +74,7 @@ The 'zoneid' parameter specifies the zone (data centre of VDC) of the VM to be d ``` You should get the following result, if you are working in the Europe region of VDC. Note that the UUID values required for most of the input parameters will be different from the ones shown here: -```cloudmonkey +```sh +--------------------------------------+-------------------+ | id | name | +--------------------------------------+-------------------+ @@ -94,7 +94,7 @@ You should get the following result, if you are working in the Europe region of The 'templateid' parameter specifies the operating system of the VM. CoreOS template is selected, which is named 'IRT-COREOS' in VDC. Here is how to find out the required UUID: -```cloudmonkey +```sh > listTemplates templatefilter=featured \ zoneid=f6b0d029-8e53-413b-99f3-e0a2a543ee1d \ name=IRT-COREOS filter=id,name @@ -106,14 +106,14 @@ Note this is the 'CoreOS stable' version, there is another template for 'CoreOS The 'networkids' parameter specifies the network or networks that the deployed VM will be using. As the VM is to be located in London then the chosen network(s) should also be located in London. Type the following to show your networks in the London zone: -```cloudmonkey +```sh > listNetworks zoneid=f6b0d029-8e53-413b-99f3-e0a2a543ee1d \ filter=id,name ``` This is the output for my VDC account: -```cloudmonkey +```sh +--------------------------------------+--------------------+ | id | name | +--------------------------------------+--------------------+ @@ -130,14 +130,14 @@ The 'keypair' parameter specifies the SSH keypair used to login to the CoreOS as At first a new keypair is generated on using the OpenSSH command line tool, ssh-keygen: -```cmd +```sh $ cd ~/.ssh && ssh-keygen -t rsa -f id_rsa_coreos #(for Linux) cd C:/ && ssh-keygen -t rsa -f id_rsa_coreos #(for Windows) ``` The next step is to 'register' your keypair, which means storing your public key in VDC, so that VMs can boot up with that information: -```cloudmonkey +```sh > registerSSHKeyPair name=CoreOS-Key01 \ publickey="ssh-rsa AAAAB3NzaC1y...........fyskMb4oBw== PapanCostas@interoute.com" keypair: @@ -153,7 +153,7 @@ The final 'name' parameter is the name of the VM. You can choose any name that i Cloudmonkey is to be set to the mode of waiting for deployment to complete (known as 'asynchronous blocking'), otherwise the VM information will not be output to the terminal: -```cloudmonkey +```sh > set asyncblock true ``` @@ -161,7 +161,7 @@ Cloudmonkey is to be set to the mode of waiting for deployment to complete (know To be able to SSH to the VM a port forwarding rule is required to allow connection on port 22: -```cloudmonkey +```sh > createPortForwardingRule \ protocol=TCP \ publicport=22 \ @@ -173,7 +173,7 @@ To be able to SSH to the VM a port forwarding rule is required to allow connecti The last configuration step is to set an egress firewall rule for the network so that the CoreOS VM will be able to get outward access to the internet. This is needed for Docker to access repositories for container images, and to allow CoreOS to access internet update servers to do automatic updating: -```cloudmonkey +```sh > createEgressFirewallRule networkid=e9e1220b-76c8-47cd-a6c2-885ffee49972 \ protocol=all \ cidr=0.0.0.0/0 @@ -184,13 +184,13 @@ Note that allowing traffic from any IP is not a good practice. So finally the VM is set up for connection, using the 'ipaddress' found from the listPublicIpAddresses command and specifying the private SSH key file to match the public key which I registered in VDC. Type this ssh command into a terminal: -```cmd +```sh $ ssh -i ~/.ssh/id_rsa_coreos core@IPADDRESS ``` Upon the first connection to the VM I am asked to check authenticity of the VM: -```cmd +```sh The authenticity of host '[IPADDRESS]:22 ([IPADDRESS]:22)' can't be established. ED25519 key fingerprint is 4a:f4:85:c0:1d:e0:fa:26:94:89:7c:39:1b:57:42:d2. Are you sure you want to continue connecting (yes/no)? yes From 9f75936a0f2388a2d93ac3160b40e7c43609cdd2 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 30 Apr 2015 17:27:12 -0700 Subject: [PATCH 0470/1291] docs: fix lexer errors --- running-coreos/cloud-providers/interoute/index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/running-coreos/cloud-providers/interoute/index.md b/running-coreos/cloud-providers/interoute/index.md index c201eff7d..1ceaed09e 100644 --- a/running-coreos/cloud-providers/interoute/index.md +++ b/running-coreos/cloud-providers/interoute/index.md @@ -51,7 +51,7 @@ As you can see there were 6 parameter values provided above. The first parameter is the 'serviceofferingid' which represents the amount of RAM memory and number of CPUs that you want to allocate to the VM. In this tutorial 4 Gigabytes of RAM and 2 CPU cores as chosen. -```cloudmonkey +```sh > listServiceOfferings name=4096-2 \ filter=id ``` @@ -69,7 +69,7 @@ The name parameter above denotes how much RAM (in Mbytes) and CPU cores you want The 'zoneid' parameter specifies the zone (data centre of VDC) of the VM to be deployed. You can view the list of the available zones by typing: -```cloudmonkey +```sh > listZones filter=id,name ``` You should get the following result, if you are working in the Europe region of VDC. Note that the UUID values required for most of the input parameters will be different from the ones shown here: From 3df17cfa59a27837f6b855b502d0f29ab194bcf0 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 30 Apr 2015 17:28:39 -0700 Subject: [PATCH 0471/1291] docs: change weight --- running-coreos/cloud-providers/interoute/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/running-coreos/cloud-providers/interoute/index.md b/running-coreos/cloud-providers/interoute/index.md index 1ceaed09e..483afcf2b 100644 --- a/running-coreos/cloud-providers/interoute/index.md +++ b/running-coreos/cloud-providers/interoute/index.md @@ -3,7 +3,7 @@ layout: docs title: Interoute VDC category: running_coreos sub_category: cloud_provider -weight: 11 +weight: 9 --- # Running CoreOS on Interoute VDC From 79b96cd8483d534cbb8abe55732f5a360affd6a1 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 30 Apr 2015 17:38:04 -0700 Subject: [PATCH 0472/1291] running-coreos: rename file --- .../cloud-providers/exoscale/{index.md => index.html} | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) rename running-coreos/cloud-providers/exoscale/{index.md => index.html} (99%) diff --git a/running-coreos/cloud-providers/exoscale/index.md b/running-coreos/cloud-providers/exoscale/index.html similarity index 99% rename from running-coreos/cloud-providers/exoscale/index.md rename to running-coreos/cloud-providers/exoscale/index.html index ca2fe1986..066718abd 100644 --- a/running-coreos/cloud-providers/exoscale/index.md +++ b/running-coreos/cloud-providers/exoscale/index.html @@ -3,8 +3,7 @@ title: Exoscale category: running_coreos sub_category: cloud_provider -supported: true -weight: 1 +weight: 9 --- # Running CoreOS on Exoscale From d67ea22c58f768e1ceb079013bba2c52aabf7728 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 30 Apr 2015 17:41:46 -0700 Subject: [PATCH 0473/1291] running-coreos: add discovery size param --- running-coreos/cloud-providers/exoscale/index.html | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/running-coreos/cloud-providers/exoscale/index.html b/running-coreos/cloud-providers/exoscale/index.html index 066718abd..8e2d924bd 100644 --- a/running-coreos/cloud-providers/exoscale/index.html +++ b/running-coreos/cloud-providers/exoscale/index.html @@ -17,7 +17,7 @@ The Exoscale CoreOS image is built officially and each CoreOS instance deployment is a unique fresh instance. By default, only stable channel are deployed on -Exoscale, you can easily [switch to Beta or Alpha channel][switching-channels] +Exoscale, you can easily [switch to Beta or Alpha channel][switching-channels]. [update-docs]: {{site.url}}/using-coreos/updates @@ -68,7 +68,8 @@ coreos: etcd2: - # generate a new token for each unique cluster from https://discovery.etcd.io/new + # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 + # specify the intial size of your cluster with ?size=X discovery: https://discovery.etcd.io/ advertise-client-urls: http://$public_ipv4:2379 initial-advertise-peer-urls: http://$public_ipv4:2380 @@ -177,4 +178,4 @@ [more specific topics][docs]. [quick-start]: {{site.url}}/docs/quickstart -[docs]: {{site.url}}/docs +[docs]: {{site.url}}/docs \ No newline at end of file From 7e2b58442167edf15131a6c817c86a2a8bf91075 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 30 Apr 2015 17:46:50 -0700 Subject: [PATCH 0474/1291] running-coreos: change extension --- .../cloud-providers/exoscale/index.html | 181 ------------------ 1 file changed, 181 deletions(-) delete mode 100644 running-coreos/cloud-providers/exoscale/index.html diff --git a/running-coreos/cloud-providers/exoscale/index.html b/running-coreos/cloud-providers/exoscale/index.html deleted file mode 100644 index 8e2d924bd..000000000 --- a/running-coreos/cloud-providers/exoscale/index.html +++ /dev/null @@ -1,181 +0,0 @@ ---- -layout: docs -title: Exoscale -category: running_coreos -sub_category: cloud_provider -weight: 9 ---- - -# Running CoreOS on Exoscale - -## Choosing a Channel - -CoreOS is designed to be [updated automatically][update-docs] with different -schedules per channel. You can [disable this feature][reboot-docs], although we -don't recommend it. Read the [release notes][release-notes] for specific -features and bug fixes. - -The Exoscale CoreOS image is built officially and each CoreOS instance deployment -is a unique fresh instance. By default, only stable channel are deployed on -Exoscale, you can easily [switch to Beta or Alpha channel][switching-channels]. - - -[update-docs]: {{site.url}}/using-coreos/updates -[reboot-docs]: {{site.url}}/docs/cluster-management/debugging/prevent-reboot-after-update -[switching-channels]: {{site.url}}/docs/cluster-management/setup/switching-channels -[release-notes]: {{site.url}}/releases -[cloud-config-docs]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config - -## Security Groups - -Unlike other providers, all Exoscale instances are protected by default on inbound traffic. -In order to be able to work in a CoreOS cluster you should add the following rules in -either your default security group or a security group of your choice and tag all -CoreOS instances with it: - -* SSH: TCP port 22 -* Etcd2: TCP ports 2379 for client communication and 2380 for server-to-server communication -* Etcd (Deprecated): TCP ports 4001 for client communication and 7001 for server-to-server communication - - -## Cloud-Config - -CoreOS allows you to configure machine parameters, launch systemd units on -startup, and more via cloud-config. Jump over to the [docs to learn about the -supported features][cloud-config-docs]. Cloud-config is intended to bring up a -cluster of machines into a minimal useful state and ideally shouldn't be used -to configure anything that isn't standard across many hosts. -Once the machine is created, cloud-config cannot be modified. - -You can provide raw cloud-config data to CoreOS via the Exoscale portal -or via the Exoscale compute API. - -The default cloud-config configuration on all Exoscale instances specifies -hostname: - -```yaml -#cloud-config -manage_etc_hosts: true -fqdn: coreos-node -``` -In order to leverage CoreOS unique automation attributes, a standard -CoreOS cloud-config on Exoscale could be configured with: - -```yaml -#cloud-config -manage_etc_hosts: true -fqdn: coreos-node - -coreos: - etcd2: - # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 - # specify the intial size of your cluster with ?size=X - discovery: https://discovery.etcd.io/ - advertise-client-urls: http://$public_ipv4:2379 - initial-advertise-peer-urls: http://$public_ipv4:2380 - # listen on both the official ports and the legacy ports - # legacy ports can be omitted if your application doesn't depend on them - listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001 - listen-peer-urls: http://$public_ipv4:2380,http://$public_ipv4:7001 - - units: - - name: etcd.service - command: start - - name: fleet.service - command: start -``` - -### Adding More Machines -To add more instances to the cluster, just launch more with the same -cloud-config adjusting the FQDN or removing the statement. -New instances will join the cluster regardless of location -provided that security groups are correctly configured. - -## SSH to your CoreOS instances - -CoreOS does not allow root connection to the instance. By default, it uses the `core` user -instead of `root` and doesn't use a password for authentication. You'll need to -add an SSH key(s) via the web console or add keys/passwords via your cloud-config in order to log in. - -To log in to a CoreOS instance after it's created click on its IP address or run: - -```sh -ssh core@ -``` - -Optionally, you may want to [configure your ssh-agent]({{site.url}}/docs/launching-containers/launching/fleet-using-the-client/#remote-fleet-access) to more easily run [fleet commands]({{site.url}}/docs/launching-containers/launching/launching-containers-fleet/). - -## Launching instances - -### Via the API - -Install and configure the command line client (Python required) with -your API details - - -```sh -pip install cs -vi $HOME/.cloudstack.ini -[cloudstack] -endpoint = https://api.exoscale.ch/compute -key = api key -secret = secret -``` - -To launch a Small 2GB instance with the current Stable CoreOS image: - -note: template ids are available on Exoscale website - -```sh -cs deployVirtualMachine templateId=2a196b89-0c50-4400-9d42-ef43bcc0fa99 serviceOfferingId=21624abb-764e-4def-81d7-9fc54b5957fb zoneId=1128bd56-b4d9-4ac6-a7b9-c715b187ce11 keyPair=[keypair name] -``` - -Be sure to specify your SSH key to be able to access the machine. Management of -SSH keys is detailed on the [SSH key page][exo-keys-docs]. -For more details, check out [Exoscale's API documentation][exo-api-docs]. - -[exo-api-docs]: https://community.exoscale.ch/compute/api/ -[exo-keys-docs]: https://community.exoscale.ch/compute/documentation/#SSH_keypairs - -### Via the Web Console - -1. Open the "add new instance" - page in the Exoscale web portal. -2. Give the machine a hostname, and choose a zone.

    -3. Choose the CoreOS template -
    -
    - -
    Choosing Exoscale template
    -
    -
    -4. Choose the instance size -
    -
    - -
    Choosing Exoscale instance size
    -
    -
    -5. Select your SSH keys. -6. Add your your optional cloud-config.

    -
    -
    - -
    Exoscale cloud-config
    -
    -
    -7. Create your instance - -Unlike other Exoscale images where the root password is randomly set -at startup, CoreOS does not have password logon activated. You will need to -[configure your public key with Exoscale][exo-keys-docs] in order to login to the CoreOS -instances or to specify external keys using cloud-config. - -## Using CoreOS - -Now that you have a machine booted it is time to play around. -Check out the [CoreOS Quickstart][quick-start] guide or dig into -[more specific topics][docs]. - -[quick-start]: {{site.url}}/docs/quickstart -[docs]: {{site.url}}/docs \ No newline at end of file From 9635f2f4505f235c7f428d22624583df7fcce2bf Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 30 Apr 2015 17:47:47 -0700 Subject: [PATCH 0475/1291] running-coreos: change extension --- .../cloud-providers/exoscale/index.md | 181 ++++++++++++++++++ 1 file changed, 181 insertions(+) create mode 100644 running-coreos/cloud-providers/exoscale/index.md diff --git a/running-coreos/cloud-providers/exoscale/index.md b/running-coreos/cloud-providers/exoscale/index.md new file mode 100644 index 000000000..8e2d924bd --- /dev/null +++ b/running-coreos/cloud-providers/exoscale/index.md @@ -0,0 +1,181 @@ +--- +layout: docs +title: Exoscale +category: running_coreos +sub_category: cloud_provider +weight: 9 +--- + +# Running CoreOS on Exoscale + +## Choosing a Channel + +CoreOS is designed to be [updated automatically][update-docs] with different +schedules per channel. You can [disable this feature][reboot-docs], although we +don't recommend it. Read the [release notes][release-notes] for specific +features and bug fixes. + +The Exoscale CoreOS image is built officially and each CoreOS instance deployment +is a unique fresh instance. By default, only stable channel are deployed on +Exoscale, you can easily [switch to Beta or Alpha channel][switching-channels]. + + +[update-docs]: {{site.url}}/using-coreos/updates +[reboot-docs]: {{site.url}}/docs/cluster-management/debugging/prevent-reboot-after-update +[switching-channels]: {{site.url}}/docs/cluster-management/setup/switching-channels +[release-notes]: {{site.url}}/releases +[cloud-config-docs]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config + +## Security Groups + +Unlike other providers, all Exoscale instances are protected by default on inbound traffic. +In order to be able to work in a CoreOS cluster you should add the following rules in +either your default security group or a security group of your choice and tag all +CoreOS instances with it: + +* SSH: TCP port 22 +* Etcd2: TCP ports 2379 for client communication and 2380 for server-to-server communication +* Etcd (Deprecated): TCP ports 4001 for client communication and 7001 for server-to-server communication + + +## Cloud-Config + +CoreOS allows you to configure machine parameters, launch systemd units on +startup, and more via cloud-config. Jump over to the [docs to learn about the +supported features][cloud-config-docs]. Cloud-config is intended to bring up a +cluster of machines into a minimal useful state and ideally shouldn't be used +to configure anything that isn't standard across many hosts. +Once the machine is created, cloud-config cannot be modified. + +You can provide raw cloud-config data to CoreOS via the Exoscale portal +or via the Exoscale compute API. + +The default cloud-config configuration on all Exoscale instances specifies +hostname: + +```yaml +#cloud-config +manage_etc_hosts: true +fqdn: coreos-node +``` +In order to leverage CoreOS unique automation attributes, a standard +CoreOS cloud-config on Exoscale could be configured with: + +```yaml +#cloud-config +manage_etc_hosts: true +fqdn: coreos-node + +coreos: + etcd2: + # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 + # specify the intial size of your cluster with ?size=X + discovery: https://discovery.etcd.io/ + advertise-client-urls: http://$public_ipv4:2379 + initial-advertise-peer-urls: http://$public_ipv4:2380 + # listen on both the official ports and the legacy ports + # legacy ports can be omitted if your application doesn't depend on them + listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001 + listen-peer-urls: http://$public_ipv4:2380,http://$public_ipv4:7001 + + units: + - name: etcd.service + command: start + - name: fleet.service + command: start +``` + +### Adding More Machines +To add more instances to the cluster, just launch more with the same +cloud-config adjusting the FQDN or removing the statement. +New instances will join the cluster regardless of location +provided that security groups are correctly configured. + +## SSH to your CoreOS instances + +CoreOS does not allow root connection to the instance. By default, it uses the `core` user +instead of `root` and doesn't use a password for authentication. You'll need to +add an SSH key(s) via the web console or add keys/passwords via your cloud-config in order to log in. + +To log in to a CoreOS instance after it's created click on its IP address or run: + +```sh +ssh core@ +``` + +Optionally, you may want to [configure your ssh-agent]({{site.url}}/docs/launching-containers/launching/fleet-using-the-client/#remote-fleet-access) to more easily run [fleet commands]({{site.url}}/docs/launching-containers/launching/launching-containers-fleet/). + +## Launching instances + +### Via the API + +Install and configure the command line client (Python required) with +your API details + + +```sh +pip install cs +vi $HOME/.cloudstack.ini +[cloudstack] +endpoint = https://api.exoscale.ch/compute +key = api key +secret = secret +``` + +To launch a Small 2GB instance with the current Stable CoreOS image: + +note: template ids are available on Exoscale website + +```sh +cs deployVirtualMachine templateId=2a196b89-0c50-4400-9d42-ef43bcc0fa99 serviceOfferingId=21624abb-764e-4def-81d7-9fc54b5957fb zoneId=1128bd56-b4d9-4ac6-a7b9-c715b187ce11 keyPair=[keypair name] +``` + +Be sure to specify your SSH key to be able to access the machine. Management of +SSH keys is detailed on the [SSH key page][exo-keys-docs]. +For more details, check out [Exoscale's API documentation][exo-api-docs]. + +[exo-api-docs]: https://community.exoscale.ch/compute/api/ +[exo-keys-docs]: https://community.exoscale.ch/compute/documentation/#SSH_keypairs + +### Via the Web Console + +1. Open the "add new instance" + page in the Exoscale web portal. +2. Give the machine a hostname, and choose a zone.

    +3. Choose the CoreOS template +
    +
    + +
    Choosing Exoscale template
    +
    +
    +4. Choose the instance size +
    +
    + +
    Choosing Exoscale instance size
    +
    +
    +5. Select your SSH keys. +6. Add your your optional cloud-config.

    +
    +
    + +
    Exoscale cloud-config
    +
    +
    +7. Create your instance + +Unlike other Exoscale images where the root password is randomly set +at startup, CoreOS does not have password logon activated. You will need to +[configure your public key with Exoscale][exo-keys-docs] in order to login to the CoreOS +instances or to specify external keys using cloud-config. + +## Using CoreOS + +Now that you have a machine booted it is time to play around. +Check out the [CoreOS Quickstart][quick-start] guide or dig into +[more specific topics][docs]. + +[quick-start]: {{site.url}}/docs/quickstart +[docs]: {{site.url}}/docs \ No newline at end of file From 3bd84de98ca3334a0138ac8e7d78b0a9d6509e67 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 30 Apr 2015 19:45:56 -0700 Subject: [PATCH 0476/1291] running-coreos: change DO API to stable --- running-coreos/cloud-providers/digitalocean/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/running-coreos/cloud-providers/digitalocean/index.md b/running-coreos/cloud-providers/digitalocean/index.md index 393a58a6c..d131951bb 100644 --- a/running-coreos/cloud-providers/digitalocean/index.md +++ b/running-coreos/cloud-providers/digitalocean/index.md @@ -175,7 +175,7 @@ curl --request POST "https://api.digitalocean.com/v2/droplets" \ --header "Authorization: Bearer $TOKEN" \ --data '{ "region":"nyc3", - "image":"{{site.data.alpha-channel.do-image-path}}", + "image":"{{site.data.stable-channel.do-image-path}}", "size":"512mb", "name":"core-1", "private_networking":true, From db8294b3bd1758a99020207bb28a2b1b24e03b1c Mon Sep 17 00:00:00 2001 From: "U-Odessa\\dave" Date: Thu, 30 Apr 2015 21:09:47 -0700 Subject: [PATCH 0477/1291] Updating after comments --- running-coreos/bare-metal/installing-to-disk/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/running-coreos/bare-metal/installing-to-disk/index.md b/running-coreos/bare-metal/installing-to-disk/index.md index 67bc79fd1..e56e77974 100644 --- a/running-coreos/bare-metal/installing-to-disk/index.md +++ b/running-coreos/bare-metal/installing-to-disk/index.md @@ -29,7 +29,7 @@ If you are using the ISO with VMware, first sudo to root: sudo su - root ``` -Then install as you would with the PXE booted system, but be sure to include user information, especially an ssh key, in a Cloud-Config file, or else you will not be able to log into your CoreOS instance. +Then install as you would with the PXE booted system, but be sure to include user information, especially an SSH key, in a [Cloud-Config](#cloud-config) file, or else you will not be able to log into your CoreOS instance. ```sh From bd7b800a04f3c0d259a823d469ef5a0930d10d49 Mon Sep 17 00:00:00 2001 From: Brian Waldon Date: Fri, 1 May 2015 07:45:32 -0700 Subject: [PATCH 0478/1291] running-coreos: align DO examples on stable channel --- running-coreos/cloud-providers/digitalocean/index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/running-coreos/cloud-providers/digitalocean/index.md b/running-coreos/cloud-providers/digitalocean/index.md index d131951bb..f05f93602 100644 --- a/running-coreos/cloud-providers/digitalocean/index.md +++ b/running-coreos/cloud-providers/digitalocean/index.md @@ -166,7 +166,7 @@ read SSH_KEY_ID # Enter your SSH key ID ``` -Create a 512MB droplet with private networking in NYC3 from the CoreOS Alpha +Create a 512MB droplet with private networking in NYC3 from the CoreOS Stable image: ```sh @@ -194,7 +194,7 @@ For more details, check out [DigitalOcean's API documentation][do-api-docs]. ### Via the Web Console -1. Open the "new droplet" +1. Open the "new droplet" page in the web console. 2. Give the machine a hostname, select the size, and choose a region.

    From 4e4aa980b23830d28db377e1b558144951128145 Mon Sep 17 00:00:00 2001 From: retrack Date: Mon, 4 May 2015 11:03:06 +0200 Subject: [PATCH 0479/1291] modifying cloud-config after launch on Exoscale --- .../cloud-providers/exoscale/index.md | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/running-coreos/cloud-providers/exoscale/index.md b/running-coreos/cloud-providers/exoscale/index.md index 8e2d924bd..67c4344ff 100644 --- a/running-coreos/cloud-providers/exoscale/index.md +++ b/running-coreos/cloud-providers/exoscale/index.md @@ -91,6 +91,23 @@ cloud-config adjusting the FQDN or removing the statement. New instances will join the cluster regardless of location provided that security groups are correctly configured. +### Modifying cloud-config +It is possible to modify the cloud-config contents during the lifetime +of an instance. In order to modify the contents, you need to use +the API command `updateVirtualMachine` with the machine in a stopped +state. + +```sh +cs stopVirtualMachine id= +cs updateVirtualMachine id= userData= +cs startVirtualMachine id= +``` + +*note:* switch the request type from GET to POST if the userData +payload is longer than 2KB. + +[API reference for updateVirtualMachine](https://community.exoscale.ch/compute/api/#updatevirtualmachine_GET) + ## SSH to your CoreOS instances CoreOS does not allow root connection to the instance. By default, it uses the `core` user @@ -178,4 +195,4 @@ Check out the [CoreOS Quickstart][quick-start] guide or dig into [more specific topics][docs]. [quick-start]: {{site.url}}/docs/quickstart -[docs]: {{site.url}}/docs \ No newline at end of file +[docs]: {{site.url}}/docs From 107e8f2b4b396086138fba2df6807c3e2531be03 Mon Sep 17 00:00:00 2001 From: Richard Clark Date: Tue, 12 May 2015 14:04:54 +0100 Subject: [PATCH 0480/1291] depend on the device being available before attempting anything --- cluster-management/setup/mounting-storage/index.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/cluster-management/setup/mounting-storage/index.md b/cluster-management/setup/mounting-storage/index.md index 70ad62f12..ca93320a9 100644 --- a/cluster-management/setup/mounting-storage/index.md +++ b/cluster-management/setup/mounting-storage/index.md @@ -43,6 +43,8 @@ coreos: content: | [Unit] Description=Formats the ephemeral drive + After=dev-xvdb.device + Requires=dev-xvdb.device [Service] Type=oneshot RemainAfterExit=yes From 1e5ad2091f0aa0da1f9768920083ef42ce408535 Mon Sep 17 00:00:00 2001 From: Michael Marineau Date: Tue, 19 May 2015 14:14:15 -0700 Subject: [PATCH 0481/1291] ntp: update to cover systemd-timesyncd timesyncd is now the default so we need to document configuring it as well as ntpd. Some people will need to switch back to ntpd as well. Also note that UTC is the default. --- .../configuring-date-and-timezone/index.md | 108 +++++++++++++++--- 1 file changed, 90 insertions(+), 18 deletions(-) diff --git a/cluster-management/setup/configuring-date-and-timezone/index.md b/cluster-management/setup/configuring-date-and-timezone/index.md index c4a70cef7..6731d8bdc 100644 --- a/cluster-management/setup/configuring-date-and-timezone/index.md +++ b/cluster-management/setup/configuring-date-and-timezone/index.md @@ -8,26 +8,95 @@ weight: 7 # Configuring Date and Timezone -NTP is used to to keep clocks in sync across machines in a CoreOS cluster. The ntpd service is responsible for keeping each machines local clock in sync with a configured set of time servers. The services will automatically start by default. To check if the ntpd service is running, run the follow command: +NTP is used to to keep clocks in sync across machines in a CoreOS cluster. +CoreOS [681.0.0][681.0.0] uses [systemd-timesyncd][systemd-timesyncd] as the +default NTP client, prior to that [ntpd][ntp.org] was used. Depending on the +your version of CoreOS one of the two services will automatically start. To +check which service is running, run the follow command: + +``` +sudo systemctl status systemd-timesyncd ntpd +● systemd-timesyncd.service - Network Time Synchronization + Loaded: loaded (/usr/lib64/systemd/system/systemd-timesyncd.service; disabled; vendor preset: disabled) + Active: active (running) since Thu 2015-05-14 05:43:20 UTC; 5 days ago + Docs: man:systemd-timesyncd.service(8) + Main PID: 480 (systemd-timesyn) + Status: "Using Time Server 169.254.169.254:123 (169.254.169.254)." + Memory: 448.0K + CGroup: /system.slice/systemd-timesyncd.service + └─480 /usr/lib/systemd/systemd-timesyncd + +● ntpd.service - Network Time Service + Loaded: loaded (/usr/lib64/systemd/system/ntpd.service; disabled; vendor preset: disabled) + Active: inactive (dead) +``` + +[681.0.0]: https://coreos.com/releases/#681.0.0 +[ntp.org]: http://ntp.org/ +[systemd-timesyncd]: http://www.freedesktop.org/software/systemd/man/systemd-timesyncd.service.html + +## Switching between systemd-timesyncd and ntpd + +If you are on CoreOS 681.0.0 or later you can switch back to the classic ntpd +with the following commands or cloud config: ``` -systemctl status ntpd -ntpd.service - Network Time Service - Loaded: loaded (/usr/lib64/systemd/system/ntpd.service; disabled; vendor preset: disabled) - Active: active (running) since Tue 2014-08-26 15:10:23 UTC; 4h 23min ago - Main PID: 483 (ntpd) - CGroup: /system.slice/ntpd.service - └─483 /usr/sbin/ntpd -g -n -u ntp:ntp -f /var/lib/ntp/ntp.drift +sudo systemctl stop systemd-timesyncd +sudo systemctl mask systemd-timesyncd +sudo systemctl enable ntpd +sudo systemctl start ntpd +``` + +```yaml +#cloud-config + +coreos: + units: + - name: systemd-timesyncd.service + command: stop + mask: true + - name: ntpd.service + command: start + enable: true ``` +It important to mask the service you do not want to start. The +`systemctl disable` command will not override the system default to start. + ## Changing NTP time servers -The ntpd service can be configured via the /etc/ntp.conf configuration file. By default systems will sync time with NTP servers from ntp.org. If you would like to use a different set of NTP servers edit /etc/ntp.conf: +When using systemd-timesyncd NTP servers can be provided via DHCP, individual +[network][systemd.network] configs, [timesyncd.conf][timesyncd.conf], or the +built in default `*.coreos.pool.ntp.org` pool. For example, to disable the +default behavior of using NTP serviers from DHCP write the following to +`/etc/systemd/network/50-dhcp-no-ntp.conf`: + +```ini +[Network] +DHCP=v4 +NTP=0.pool.example.com 1.pool.example.com + +[DHCP] +UseMTU=true +UseDomains=true +UseNTP=false +``` + +[systemd.network]: http://www.freedesktop.org/software/systemd/man/systemd.network.html +[timesyncd.conf]: http://www.freedesktop.org/software/systemd/man/timesyncd.conf.html + +The ntpd service can be configured via the /etc/ntp.conf configuration file. It +does not use DHCP or other configuration sources. If you would like to use a +different set of NTP servers edit replace the `/etc/ntp.conf` symlink with +something like the following: ``` server 0.pool.example.com server 1.pool.example.com -... + +restrict default nomodify nopeer noquery limited kod +restrict 127.0.0.1 +restrict [::1] ``` ## Viewing the date and timezone settings with timedatectl @@ -88,7 +157,9 @@ NTP synchronized: yes ### What time should I use? -To avoid time zone confusion and the complexities of adjusting clocks for daylight saving time it’s recommended that all machines in a CoreOS cluster use Coordinated Universal Time (UTC). +To avoid time zone confusion and the complexities of adjusting clocks for +daylight saving time it’s recommended that all machines in a CoreOS cluster use +Coordinated Universal Time (UTC). This is the default. ``` sudo timedatectl set-timezone UTC @@ -109,7 +180,7 @@ server 3.coreos.pool.ntp.org The following cloud-config snippet can be used setup and configure NTP and timezone settings: -``` +```yaml #cloud-config coreos: @@ -121,21 +192,22 @@ coreos: Description=Set the timezone [Service] - ExecStart=/usr/bin/timedatectl set-timezone UTC + ExecStart=/usr/bin/timedatectl set-timezone America/New_York RemainAfterExit=yes Type=oneshot write_files: - path: /etc/ntp.conf content: | - # Common pool - server 0.coreos.pool.ntp.org - server 1.coreos.pool.ntp.org - server 2.coreos.pool.ntp.org - server 3.coreos.pool.ntp.org + server 0.pool.example.com + server 1.pool.example.com # - Allow only time queries, at a limited rate. # - Allow all local queries (IPv4, IPv6) restrict default nomodify nopeer noquery limited kod restrict 127.0.0.1 restrict [::1] + - path: /etc/systemd/timesyncd.conf + content: | + [Time] + NTP=0.pool.example.com 1.pool.example.com ``` From 424e49d34c6db3477332766af8949e3a5f9f372c Mon Sep 17 00:00:00 2001 From: Alex Chan Date: Sun, 24 May 2015 12:50:39 +0100 Subject: [PATCH 0482/1291] Spelling fixes in docs --- .../setup/cluster-architectures/index.md | 4 +-- .../setup/cluster-discovery/index.md | 2 +- .../configuring-date-and-timezone/index.md | 4 +-- .../network-config-with-networkd/index.md | 2 +- .../setup/update-strategies/index.md | 4 +-- enterprise-registry/github-auth/index.md | 2 +- enterprise-registry/github-build/index.md | 2 +- enterprise-registry/mysql-container/index.md | 2 +- .../building/customizing-docker/index.md | 2 +- .../getting-started-with-docker/index.md | 2 +- .../getting-started-with-systemd/index.md | 2 +- .../bare-metal/booting-with-ipxe/index.md | 2 +- running-coreos/cloud-providers/auro/index.md | 6 ++--- running-coreos/cloud-providers/azure/index.md | 2 +- .../cloud-providers/brightbox/index.md | 2 +- .../cloud-providers/digitalocean/index.md | 2 +- running-coreos/cloud-providers/ec2/index.md | 8 +++--- .../cloud-providers/exoscale/index.md | 2 +- .../google-compute-engine/index.md | 2 +- .../cloud-providers/interoute/index.md | 2 +- .../cloud-providers/niftycloud/JA_JP/index.md | 2 +- .../cloud-providers/niftycloud/index.md | 4 +-- .../cloud-providers/rackspace/index.md | 2 +- .../cloud-providers/vexxhost/index.md | 2 +- running-coreos/platforms/cloudstack/index.md | 2 +- running-coreos/platforms/openstack/index.md | 2 +- running-coreos/platforms/qemu/index.md | 2 +- running-coreos/platforms/vagrant/index.md | 4 +-- running-coreos/platforms/virtualbox/index.md | 6 ++--- running-coreos/platforms/vmware/index.md | 10 +++---- .../sdk/building-production-images/index.md | 8 +++--- sdk-distributors/sdk/disk-partitions/index.md | 2 +- sdk-distributors/sdk/tips-and-tricks/index.md | 26 +++++++++---------- 33 files changed, 64 insertions(+), 64 deletions(-) diff --git a/cluster-management/setup/cluster-architectures/index.md b/cluster-management/setup/cluster-architectures/index.md index 598b36f92..557908f35 100644 --- a/cluster-management/setup/cluster-architectures/index.md +++ b/cluster-management/setup/cluster-architectures/index.md @@ -26,7 +26,7 @@ The cloud-config files provided with each section are valid, but you will need t |------|-----------|-------------|------------| | Low | Laptop development | Minutes | No | -If you're developing locally but plan to run containers in production, it helps to mirror that environment locally. This can easily be done by running docker commands on your laptop that control a CoreOS VM in VMWare Fusion or VirtualBox. +If you're developing locally but plan to run containers in production, it helps to mirror that environment locally. This can easily be done by running docker commands on your laptop that control a CoreOS VM in VMware Fusion or VirtualBox. ### Configuring Your Laptop @@ -191,7 +191,7 @@ Here's an example cloud-config for one of the central service machines. Be sure coreos: etcd: # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 - # specify the intial size of your cluster with ?size=X + # specify the initial size of your cluster with ?size=X discovery: https://discovery.etcd.io/ # multi-region and multi-cloud deployments need to use $public_ipv4 addr: 10.0.0.101:4001 diff --git a/cluster-management/setup/cluster-discovery/index.md b/cluster-management/setup/cluster-discovery/index.md index 8c2e00b18..93ccf02cd 100644 --- a/cluster-management/setup/cluster-discovery/index.md +++ b/cluster-management/setup/cluster-discovery/index.md @@ -30,7 +30,7 @@ Boot each one of the machines with identical cloud-config and they should be aut coreos: etcd: # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 - # specify the intial size of your cluster with ?size=X + # specify the initial size of your cluster with ?size=X discovery: https://discovery.etcd.io/ # multi-region and multi-cloud deployments need to use $public_ipv4 addr: $private_ipv4:4001 diff --git a/cluster-management/setup/configuring-date-and-timezone/index.md b/cluster-management/setup/configuring-date-and-timezone/index.md index 6731d8bdc..2415aada8 100644 --- a/cluster-management/setup/configuring-date-and-timezone/index.md +++ b/cluster-management/setup/configuring-date-and-timezone/index.md @@ -68,7 +68,7 @@ It important to mask the service you do not want to start. The When using systemd-timesyncd NTP servers can be provided via DHCP, individual [network][systemd.network] configs, [timesyncd.conf][timesyncd.conf], or the built in default `*.coreos.pool.ntp.org` pool. For example, to disable the -default behavior of using NTP serviers from DHCP write the following to +default behavior of using NTP servers from DHCP write the following to `/etc/systemd/network/50-dhcp-no-ntp.conf`: ```ini @@ -136,7 +136,7 @@ sudo timedatectl set-timezone America/New_York Check the timezone status to view the changes: ``` -timedatectl +timedatectl Local time: Tue 2014-08-26 15:44:07 EDT Universal time: Tue 2014-08-26 19:44:07 UTC RTC time: Tue 2014-08-26 19:44:07 diff --git a/cluster-management/setup/network-config-with-networkd/index.md b/cluster-management/setup/network-config-with-networkd/index.md index 0af517f35..1099f7986 100644 --- a/cluster-management/setup/network-config-with-networkd/index.md +++ b/cluster-management/setup/network-config-with-networkd/index.md @@ -43,7 +43,7 @@ Setting up static networking in your cloud-config can be done by writing out the coreos: etcd: # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 - # specify the intial size of your cluster with ?size=X + # specify the initial size of your cluster with ?size=X discovery: https://discovery.etcd.io/ # multi-region and multi-cloud deployments need to use $public_ipv4 addr: 10.0.0.101:4001 diff --git a/cluster-management/setup/update-strategies/index.md b/cluster-management/setup/update-strategies/index.md index a34125f97..ee1814999 100644 --- a/cluster-management/setup/update-strategies/index.md +++ b/cluster-management/setup/update-strategies/index.md @@ -8,7 +8,7 @@ weight: 7 # Update Strategies -The overarching goal of CoreOS is to secure the internet's backend infrastructure. We believe that [automatically updating]({{site.url}}/using-coreos/updates) the operating system is one of the best tools to achieve this goal. +The overarching goal of CoreOS is to secure the Internet's backend infrastructure. We believe that [automatically updating]({{site.url}}/using-coreos/updates) the operating system is one of the best tools to achieve this goal. We realize that each CoreOS cluster has a unique tolerance for risk and the operational needs of your applications are complex. In order to meet everyone's needs, there are four update strategies that we have developed based on feedback during our alpha period. @@ -113,7 +113,7 @@ $ update_engine_client -check_for_update ## Auto-Updates with a Maintenance Window -In this example, auto-reboot strategy is turned off so we can schedule it in a maintencence window in which a script checks if an update has been downloaded. If a reboot is needed and etcd service is running on the system, then call locksmithctl reboot to get a lock and reboot; otherwise, run a simple reboot after a random delay to prevent workers from rebooting at the same time. +In this example, auto-reboot strategy is turned off so we can schedule it in a maintenance window in which a script checks if an update has been downloaded. If a reboot is needed and etcd service is running on the system, then call locksmithctl reboot to get a lock and reboot; otherwise, run a simple reboot after a random delay to prevent workers from rebooting at the same time. A timeframe in which to update can be specified by using two systemd units, a very simple service and a timer to run it on your schedule: diff --git a/enterprise-registry/github-auth/index.md b/enterprise-registry/github-auth/index.md index 6b88a161c..40ad4c9c0 100644 --- a/enterprise-registry/github-auth/index.md +++ b/enterprise-registry/github-auth/index.md @@ -27,7 +27,7 @@ Sign in to a super user account and visit `http://yourregister/superuser` to vie Enable GitHub Authentication -- Click the configuration tab () and scroll down to the section entitled Github (Enterprise) Authentication. +- Click the configuration tab () and scroll down to the section entitled GitHub (Enterprise) Authentication. - Check the "Enable GitHub Authentication" box - Fill in the credentials from the application created above - Click "Save Configuration Changes" diff --git a/enterprise-registry/github-build/index.md b/enterprise-registry/github-build/index.md index 2a8f832ac..123adb8e8 100644 --- a/enterprise-registry/github-build/index.md +++ b/enterprise-registry/github-build/index.md @@ -32,7 +32,7 @@ Sign in to a super user account and visit `http://yourregister/superuser` to vie Enable GitHub Trigger -- Click the configuration tab () and scroll down to the section entitled Github (Enterprise) Build Triggers. +- Click the configuration tab () and scroll down to the section entitled GitHub (Enterprise) Build Triggers. - Check the "Enable GitHub Triggers" box - Fill in the credentials from the application created above - Click "Save Configuration Changes" diff --git a/enterprise-registry/mysql-container/index.md b/enterprise-registry/mysql-container/index.md index 748b5d8c7..926a54d5b 100644 --- a/enterprise-registry/mysql-container/index.md +++ b/enterprise-registry/mysql-container/index.md @@ -21,7 +21,7 @@ MYSQL_DATABASE="enterpriseregistrydb" MYSQL_CONTAINER_NAME="mysql" ``` Do not edit these values: -(creates a 32 char password for the MySQL root user and the Enterprise Registery DB user) +(creates a 32 char password for the MySQL root user and the Enterprise Registry DB user) ```sh MYSQL_ROOT_PASSWORD=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | sed 1q) diff --git a/launching-containers/building/customizing-docker/index.md b/launching-containers/building/customizing-docker/index.md index e39bcb06b..177b6e72a 100644 --- a/launching-containers/building/customizing-docker/index.md +++ b/launching-containers/building/customizing-docker/index.md @@ -44,7 +44,7 @@ docker -H tcp://127.0.0.1:2375 ps ### Cloud-Config -To enable the remote API on every CoreOS machine in a cluster, use [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config). We need to provide the new socket file and docker's socket activation support will automatically start using the socket: +To enable the remote API on every CoreOS machine in a cluster, use [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config). We need to provide the new socket file and Docker's socket activation support will automatically start using the socket: ```yaml #cloud-config diff --git a/launching-containers/building/getting-started-with-docker/index.md b/launching-containers/building/getting-started-with-docker/index.md index cf024234e..5b0b405d7 100644 --- a/launching-containers/building/getting-started-with-docker/index.md +++ b/launching-containers/building/getting-started-with-docker/index.md @@ -15,7 +15,7 @@ Docker containers can boot extremely fast (in milliseconds!) which gives you unp ## Docker CLI Basics -Docker has a [straightforward CLI](http://docs.docker.io/en/latest/reference/commandline/) that allows you to do almost everything you could want to a container. All of these commands use the image id (ex. be29975e0098), the image name (ex. myusername/webapp) and the container id (ex. 72d468f455ea) interchangably depending on the operation you are trying to do. This is confusing at first, so pay special attention to what you're using. +Docker has a [straightforward CLI](http://docs.docker.io/en/latest/reference/commandline/) that allows you to do almost everything you could want to a container. All of these commands use the image id (ex. be29975e0098), the image name (ex. myusername/webapp) and the container id (ex. 72d468f455ea) interchangeably depending on the operation you are trying to do. This is confusing at first, so pay special attention to what you're using. ## Launching a Container diff --git a/launching-containers/launching/getting-started-with-systemd/index.md b/launching-containers/launching/getting-started-with-systemd/index.md index 4444fd115..e7dcc388d 100644 --- a/launching-containers/launching/getting-started-with-systemd/index.md +++ b/launching-containers/launching/getting-started-with-systemd/index.md @@ -153,7 +153,7 @@ We can enhance this by using `%H` and `%i` to dynamically announce the hostname ExecStartPost=/usr/bin/etcdctl set /domains/example.com/%H:%i running ``` -This gives us the flexiblity to use a single unit file to announce multiple copies of the same container on a single machine (no port overlap) and on multiple machines (no hostname overlap). +This gives us the flexibility to use a single unit file to announce multiple copies of the same container on a single machine (no port overlap) and on multiple machines (no hostname overlap). #### More Information systemd.service Docs diff --git a/running-coreos/bare-metal/booting-with-ipxe/index.md b/running-coreos/bare-metal/booting-with-ipxe/index.md index ace54668b..f787d4cb0 100644 --- a/running-coreos/bare-metal/booting-with-ipxe/index.md +++ b/running-coreos/bare-metal/booting-with-ipxe/index.md @@ -98,7 +98,7 @@ After a few moments of downloading CoreOS should boot normally. ## Update Process -Since our upgrade process requires a disk, this image does not have the option to update itself. Instead, the box simply needs to be rebooted and will be running the latest verison, assuming that the image served by the PXE server is regularly updated. +Since our upgrade process requires a disk, this image does not have the option to update itself. Instead, the box simply needs to be rebooted and will be running the latest version, assuming that the image served by the PXE server is regularly updated. ## Installation diff --git a/running-coreos/cloud-providers/auro/index.md b/running-coreos/cloud-providers/auro/index.md index 938002d4f..09132318a 100644 --- a/running-coreos/cloud-providers/auro/index.md +++ b/running-coreos/cloud-providers/auro/index.md @@ -39,7 +39,7 @@ startup and more via [cloud-config][cloud-config]. We're going to provide the [cloud-config]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config You are able to supply the `user-data` using the AURO control panel when launching -an instance, in the "Post Creation" tab, as well as using the CLI to deploy your +an instance, in the "Post Creation" tab, as well as using the CLI to deploy your cluster on the AURO cloud. A sample common `cloud-config` file will look something like the following: @@ -50,7 +50,7 @@ A sample common `cloud-config` file will look something like the following: coreos: etcd: # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 - # specify the intial size of your cluster with ?size=X + # specify the initial size of your cluster with ?size=X discovery: https://discovery.etcd.io/ # multi-region and multi-cloud deployments need to use $public_ipv4 addr: $private_ipv4:4001 @@ -83,7 +83,7 @@ $ sudo pip install python-novaclient You will need to have your API credentials configured on the machine that you're going to be launching your cluster from. The easiest way to do this is by logging into the AURO control panel and in the "Access & Security" section go to -the "API Access" tab and clicking "Download Openstack RC File". +the "API Access" tab and clicking "Download OpenStack RC File". From there, you must create a file on your system with the contents of the `-openrc.sh` file provided. Once done, you will need to `source` that file in your diff --git a/running-coreos/cloud-providers/azure/index.md b/running-coreos/cloud-providers/azure/index.md index bc16b4f0c..e72858831 100644 --- a/running-coreos/cloud-providers/azure/index.md +++ b/running-coreos/cloud-providers/azure/index.md @@ -71,7 +71,7 @@ The most common cloud-config for Azure looks like: coreos: etcd: # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 - # specify the intial size of your cluster with ?size=X + # specify the initial size of your cluster with ?size=X discovery: https://discovery.etcd.io/ # deployments across multiple cloud services will need to use $public_ipv4 addr: $private_ipv4:4001 diff --git a/running-coreos/cloud-providers/brightbox/index.md b/running-coreos/cloud-providers/brightbox/index.md index 2487fa77e..c692caa1b 100644 --- a/running-coreos/cloud-providers/brightbox/index.md +++ b/running-coreos/cloud-providers/brightbox/index.md @@ -101,7 +101,7 @@ A sample common `cloud-config` file will look something like the following: coreos: etcd: # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 - # specify the intial size of your cluster with ?size=X + # specify the initial size of your cluster with ?size=X discovery: https://discovery.etcd.io/ addr: $private_ipv4:4001 peer-addr: $private_ipv4:7001 diff --git a/running-coreos/cloud-providers/digitalocean/index.md b/running-coreos/cloud-providers/digitalocean/index.md index f05f93602..d0c03a064 100644 --- a/running-coreos/cloud-providers/digitalocean/index.md +++ b/running-coreos/cloud-providers/digitalocean/index.md @@ -103,7 +103,7 @@ The most common cloud-config for DigitalOcean looks like: coreos: etcd: # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 - # specify the intial size of your cluster with ?size=X + # specify the initial size of your cluster with ?size=X discovery: https://discovery.etcd.io/ # multi-region deployments, multi-cloud deployments, and droplets without # private networking need to use $public_ipv4 diff --git a/running-coreos/cloud-providers/ec2/index.md b/running-coreos/cloud-providers/ec2/index.md index fd41a5174..523e8dec7 100644 --- a/running-coreos/cloud-providers/ec2/index.md +++ b/running-coreos/cloud-providers/ec2/index.md @@ -141,7 +141,7 @@ The most common cloud-config for EC2 looks like: coreos: etcd: # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 - # specify the intial size of your cluster with ?size=X + # specify the initial size of your cluster with ?size=X discovery: https://discovery.etcd.io/ # multi-region and multi-cloud deployments need to use $public_ipv4 addr: $private_ipv4:4001 @@ -283,7 +283,7 @@ First we need to create a security group to allow CoreOS instances to communicat coreos: etcd: # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 - # specify the intial size of your cluster with ?size=X + # specify the initial size of your cluster with ?size=X discovery: https://discovery.etcd.io/<token> # multi-region and multi-cloud deployments need to use $public_ipv4 addr: $private_ipv4:4001 @@ -358,7 +358,7 @@ coreos: coreos: etcd: # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 - # specify the intial size of your cluster with ?size=X + # specify the initial size of your cluster with ?size=X discovery: https://discovery.etcd.io/<token> # multi-region and multi-cloud deployments need to use $public_ipv4 addr: $private_ipv4:4001 @@ -433,7 +433,7 @@ coreos: coreos: etcd: # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 - # specify the intial size of your cluster with ?size=X + # specify the initial size of your cluster with ?size=X discovery: https://discovery.etcd.io/<token> # multi-region and multi-cloud deployments need to use $public_ipv4 addr: $private_ipv4:4001 diff --git a/running-coreos/cloud-providers/exoscale/index.md b/running-coreos/cloud-providers/exoscale/index.md index 67c4344ff..4f274ba0f 100644 --- a/running-coreos/cloud-providers/exoscale/index.md +++ b/running-coreos/cloud-providers/exoscale/index.md @@ -69,7 +69,7 @@ fqdn: coreos-node coreos: etcd2: # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 - # specify the intial size of your cluster with ?size=X + # specify the initial size of your cluster with ?size=X discovery: https://discovery.etcd.io/ advertise-client-urls: http://$public_ipv4:2379 initial-advertise-peer-urls: http://$public_ipv4:2380 diff --git a/running-coreos/cloud-providers/google-compute-engine/index.md b/running-coreos/cloud-providers/google-compute-engine/index.md index 30e57a41e..a1aa5e166 100644 --- a/running-coreos/cloud-providers/google-compute-engine/index.md +++ b/running-coreos/cloud-providers/google-compute-engine/index.md @@ -30,7 +30,7 @@ The most common cloud-config for GCE looks like: coreos: etcd: # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 - # specify the intial size of your cluster with ?size=X + # specify the initial size of your cluster with ?size=X discovery: https://discovery.etcd.io/ # multi-region and multi-cloud deployments need to use $public_ipv4 addr: $private_ipv4:4001 diff --git a/running-coreos/cloud-providers/interoute/index.md b/running-coreos/cloud-providers/interoute/index.md index 483afcf2b..9b3aa052c 100644 --- a/running-coreos/cloud-providers/interoute/index.md +++ b/running-coreos/cloud-providers/interoute/index.md @@ -200,5 +200,5 @@ core@DockerTutorialVM01 ~ $ ``` ## Using CoreOS -Check out the [CoreOS and Docker in Interoute VDC](http://cloudstore.interoute.com/main/knowledge-centre/blog/coreos-docker-vdc-part2) turorial. +Check out the [CoreOS and Docker in Interoute VDC](http://cloudstore.interoute.com/main/knowledge-centre/blog/coreos-docker-vdc-part2) tutorial. diff --git a/running-coreos/cloud-providers/niftycloud/JA_JP/index.md b/running-coreos/cloud-providers/niftycloud/JA_JP/index.md index 24144a565..650d2fdd9 100644 --- a/running-coreos/cloud-providers/niftycloud/JA_JP/index.md +++ b/running-coreos/cloud-providers/niftycloud/JA_JP/index.md @@ -26,7 +26,7 @@ CoreOSはcloud-configにより、マシンのパラメータを設定したり coreos: etcd: # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 - # specify the intial size of your cluster with ?size=X + # specify the initial size of your cluster with ?size=X discovery: https://discovery.etcd.io/ # multi-region and multi-cloud deployments need to use $public_ipv4 addr: $private_ipv4:4001 diff --git a/running-coreos/cloud-providers/niftycloud/index.md b/running-coreos/cloud-providers/niftycloud/index.md index 54fa2a1ef..e655f9f1c 100644 --- a/running-coreos/cloud-providers/niftycloud/index.md +++ b/running-coreos/cloud-providers/niftycloud/index.md @@ -8,7 +8,7 @@ title: NIFTY Cloud # Running CoreOS on NIFTY Cloud -NIFTY Cloud is a Japanese cloud computing provider. These instructions are also [available in Japaense](JA_JP/). Before proceeding, you will need to [install NIFTY Cloud CLI][cli-documentation]. +NIFTY Cloud is a Japanese cloud computing provider. These instructions are also [available in Japanese](JA_JP/). Before proceeding, you will need to [install NIFTY Cloud CLI][cli-documentation]. [cli-documentation]: https://translate.google.com/translate?hl=en&sl=ja&tl=en&u=http%3A%2F%2Fcloud.nifty.com%2Fapi%2Fcli%2F @@ -26,7 +26,7 @@ The most common cloud-config for NIFTY Cloud looks like: coreos: etcd: # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 - # specify the intial size of your cluster with ?size=X + # specify the initial size of your cluster with ?size=X discovery: https://discovery.etcd.io/ # multi-region and multi-cloud deployments need to use $public_ipv4 addr: $private_ipv4:4001 diff --git a/running-coreos/cloud-providers/rackspace/index.md b/running-coreos/cloud-providers/rackspace/index.md index 3deb59666..cddea38e3 100644 --- a/running-coreos/cloud-providers/rackspace/index.md +++ b/running-coreos/cloud-providers/rackspace/index.md @@ -136,7 +136,7 @@ The most common Rackspace cloud-config looks like: coreos: etcd: # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 - # specify the intial size of your cluster with ?size=X + # specify the initial size of your cluster with ?size=X discovery: https://discovery.etcd.io/ # multi-region and multi-cloud deployments need to use $public_ipv4 addr: $private_ipv4:4001 diff --git a/running-coreos/cloud-providers/vexxhost/index.md b/running-coreos/cloud-providers/vexxhost/index.md index 084fa55ec..3151ef03d 100644 --- a/running-coreos/cloud-providers/vexxhost/index.md +++ b/running-coreos/cloud-providers/vexxhost/index.md @@ -50,7 +50,7 @@ A sample common `cloud-config` file will look something like the following: coreos: etcd: # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 - # specify the intial size of your cluster with ?size=X + # specify the initial size of your cluster with ?size=X discovery: https://discovery.etcd.io/ # multi-region and multi-cloud deployments need to use $public_ipv4 addr: $private_ipv4:4001 diff --git a/running-coreos/platforms/cloudstack/index.md b/running-coreos/platforms/cloudstack/index.md index 646a9b4c9..7727492c4 100644 --- a/running-coreos/platforms/cloudstack/index.md +++ b/running-coreos/platforms/cloudstack/index.md @@ -66,7 +66,7 @@ Alternatively http://dl.openvm.eu/cloudstack/coreos/x86_64/ -CoreOS templates are currently available for XenServer, KVM, VmWare and HyperV hypervisors. +CoreOS templates are currently available for XenServer, KVM, VMware and HyperV hypervisors. ### Deploy CoreOS Instance diff --git a/running-coreos/platforms/openstack/index.md b/running-coreos/platforms/openstack/index.md index 1ec3753e7..2761486e7 100644 --- a/running-coreos/platforms/openstack/index.md +++ b/running-coreos/platforms/openstack/index.md @@ -100,7 +100,7 @@ The most common cloud-config for OpenStack looks like: coreos: etcd: # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 - # specify the intial size of your cluster with ?size=X + # specify the initial size of your cluster with ?size=X discovery: https://discovery.etcd.io/ # multi-region and multi-cloud deployments need to use $public_ipv4 addr: $private_ipv4:4001 diff --git a/running-coreos/platforms/qemu/index.md b/running-coreos/platforms/qemu/index.md index f3f3f5437..6cd55c43c 100644 --- a/running-coreos/platforms/qemu/index.md +++ b/running-coreos/platforms/qemu/index.md @@ -26,7 +26,7 @@ list][coreos-dev]. ## Install QEMU -In addition to Linux it can be run on Windows and OSX but works best on +In addition to Linux it can be run on Windows and OS X but works best on Linux. It should be available on just about any distro. ### Debian or Ubuntu diff --git a/running-coreos/platforms/vagrant/index.md b/running-coreos/platforms/vagrant/index.md index b249a3c97..430854de7 100644 --- a/running-coreos/platforms/vagrant/index.md +++ b/running-coreos/platforms/vagrant/index.md @@ -16,7 +16,7 @@ You can direct questions to the [IRC channel][irc] or [mailing list][coreos-dev] ## Install Vagrant and VirtualBox -Vagrant is a simple-to-use command line virtual machine manager. There are install packages available for Windows, Linux and OSX. Find the latest installer on the [Vagrant downloads page][vagrant]. Be sure to get version 1.6.3 or greater. +Vagrant is a simple-to-use command line virtual machine manager. There are install packages available for Windows, Linux and OS X. Find the latest installer on the [Vagrant downloads page][vagrant]. Be sure to get version 1.6.3 or greater. [vagrant]: http://www.vagrantup.com/downloads.html @@ -49,7 +49,7 @@ Our cluster will use an etcd [discovery URL]({{site.url}}/docs/cluster-managemen coreos: etcd: # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 - # specify the intial size of your cluster with ?size=X + # specify the initial size of your cluster with ?size=X # WARNING: replace each time you 'vagrant destroy' discovery: https://discovery.etcd.io/ addr: $public_ipv4:4001 diff --git a/running-coreos/platforms/virtualbox/index.md b/running-coreos/platforms/virtualbox/index.md index f6a71bdd8..c62aff237 100644 --- a/running-coreos/platforms/virtualbox/index.md +++ b/running-coreos/platforms/virtualbox/index.md @@ -17,7 +17,7 @@ There is a script that simplify the VDI building. It downloads a bare-metal image, verifies it with GPG and convert the image to VirtualBox format. The script is located at -[Github](https://github.com/coreos/scripts/blob/master/contrib/create-coreos-vdi +[GitHub](https://github.com/coreos/scripts/blob/master/contrib/create-coreos-vdi "create-coreos-vdi"). The running host must support VirtualBox tools. @@ -82,9 +82,9 @@ coreos_production_stable.vdi Cloud-config can be specified by attaching a [config-drive]({{site.url}}/docs/cluster-management/setup/cloudinit-config-drive/) with the label `config-2`. This is commonly done through whatever interface -allows for attaching cd-roms or new drives. +allows for attaching CD-ROMs or new drives. -Note that the config-drive standard was originally an Openstack feature, which +Note that the config-drive standard was originally an OpenStack feature, which is why you'll see strings containing `openstack`. This filepath needs to be retained, although CoreOS supports config-drive on all platforms. diff --git a/running-coreos/platforms/vmware/index.md b/running-coreos/platforms/vmware/index.md index 32cd2111c..9fb837376 100644 --- a/running-coreos/platforms/vmware/index.md +++ b/running-coreos/platforms/vmware/index.md @@ -24,7 +24,7 @@ CoreOS is released into alpha and beta channels. Releases to each channel serve The channel is selected based on the URL below. Simply replace `alpha` with `beta`. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes in each channel. -This is a rough sketch that should work on OSX and Linux: +This is a rough sketch that should work on OS X and Linux: ```sh curl -LO http://alpha.release.core-os.net/amd64-usr/current/coreos_production_vmware_insecure.zip @@ -35,7 +35,7 @@ open coreos_production_vmware_insecure.vmx ### To deploy on an ESXi/vSphere host, convert the VM to OVF * follow the steps above to download and extract the coreos_production_vmware_insecure.zip -* download and run the [OVF Tool installer](https://developercenter.vmware.com/tool/ovf/) Requires VMware account login but the download is free. Available for Linux, OSX & Windows for both 32 & 64 bit architectures. +* download and run the [OVF Tool installer](https://developercenter.vmware.com/tool/ovf/) Requires VMware account login but the download is free. Available for Linux, OS X & Windows for both 32 & 64 bit architectures. * convert VM to OVF from the extract dir ```sh @@ -60,15 +60,15 @@ The above step creates the following files in ../coreos/: * name your VM * choose "thin provision" for the disk format * choose your network settings - * confirm the settings then click "Finish" - + * confirm the settings then click "Finish" + NOTE: unselect "Power on after deployment" so you have a chance to edit VM settings before powering it up for the first time. The last step uploads the files to your ESXi datastore and registers your VM. You can now tweak the VM settings, like memory and virtual cores, then power it on. These instructions were tested to deploy to an ESXi 5.5 host. ## Cloud-Config -Cloud-config can be specified by attaching a [config-drive]({{site.url}}/docs/cluster-management/setup/cloudinit-config-drive/) with the label `config-2`. This is commonly done through whatever interface allows for attaching cd-roms or new drives. +Cloud-config can be specified by attaching a [config-drive]({{site.url}}/docs/cluster-management/setup/cloudinit-config-drive/) with the label `config-2`. This is commonly done through whatever interface allows for attaching CD-ROMs or new drives. Note that the config-drive standard was originally an OpenStack feature, which is why you'll see strings containing `openstack`. This filepath needs to be retained, although CoreOS supports config-drive on all platforms. diff --git a/sdk-distributors/sdk/building-production-images/index.md b/sdk-distributors/sdk/building-production-images/index.md index 7175ad3c2..0487da302 100644 --- a/sdk-distributors/sdk/building-production-images/index.md +++ b/sdk-distributors/sdk/building-production-images/index.md @@ -50,9 +50,9 @@ That was far too easy, if you need to do it the hard way try this: existing build. The `cros_sdk` uses this to pick what SDK tarball to use when creating a fresh chroot and provides a fallback set of binary packages to use when the current release's packages are - unavilable. Usually it will be one release behind COREOS_BUILD. + unavailable. Usually it will be one release behind COREOS_BUILD. 5. Generate a release manifest: `repo manifest -r -o build-$BUILD.xml` - where `$BUILD` is the crrent value of COREOS_BUILD in `version.txt`. + where `$BUILD` is the current value of COREOS_BUILD in `version.txt`. 6. Update `release.xml`: `ln -sf build-$BUILD.xml release.xml` 7. Commit! `git add build-$BUILD.xml; git commit -a` 8. Tag! `git tag v$BUILD.$BRANCH.$PATCH` @@ -62,7 +62,7 @@ That was far too easy, if you need to do it the hard way try this: If a release branch needs to be updated after master has moved on the procedure is similar. Unfortunately since tagging branched releases (not on master) is a bit -tricker to get right the `tag_release` script cannot be used. +trickier to get right the `tag_release` script cannot be used. The automated build will kick off after updating the `dev-channel` branch. 1. Check out the release instead of master: `repo init -b build-$BUILD @@ -82,7 +82,7 @@ The automated build will kick off after updating the `dev-channel` branch. `master.xml` but it can be useful for looking up the git commit to update the `revision` attribute to. If the new git commit is on a branch other than master be sure to update the `upstream` attribute - with the apropriate ref spec for that branch. + with the appropriate ref spec for that branch. 6. If this is the first time this branch has been updated on its own update the `default.xml` link so checking out this manifest branch with repo init but without the `-m` argument works: diff --git a/sdk-distributors/sdk/disk-partitions/index.md b/sdk-distributors/sdk/disk-partitions/index.md index 66a5d7bcc..a9b0fdf3e 100644 --- a/sdk-distributors/sdk/disk-partitions/index.md +++ b/sdk-distributors/sdk/disk-partitions/index.md @@ -8,7 +8,7 @@ weight: 9 # CoreOS Disk Layout -CoreOS is designed to be reliably updated via a [continous stream of updates]({{site.url}}/using-coreos/updates). The operating system has 9 different disk partitions, utilizing a subset of those to make each update safe and enable a roll-back to a previous version if anything goes wrong. +CoreOS is designed to be reliably updated via a [continuous stream of updates]({{site.url}}/using-coreos/updates). The operating system has 9 different disk partitions, utilizing a subset of those to make each update safe and enable a roll-back to a previous version if anything goes wrong. ## Partition Table diff --git a/sdk-distributors/sdk/tips-and-tricks/index.md b/sdk-distributors/sdk/tips-and-tricks/index.md index 7e3b2de14..40c28e84a 100644 --- a/sdk-distributors/sdk/tips-and-tricks/index.md +++ b/sdk-distributors/sdk/tips-and-tricks/index.md @@ -18,7 +18,7 @@ weight: 7 ## Searching all repo code -Using `repo forall` you can search across all of the git repos at once: +Using `repo forall` you can search across all of the Git repos at once: ```sh repo forall -c git grep 'CONFIG_EXTRA_FIRMWARE_DIR' @@ -30,7 +30,7 @@ Before making modifications use `repo start` to create a new branch for the chan To add a new package fetch the Gentoo package from upstream and add the package as a dependency of coreos-base/coreos -If any files in the upstream package will be changed the package can be fetched from upstream Gentoo directly into `src/third_party/coreos-overlay` it may be necessary to create any missing directrories in the path too. +If any files in the upstream package will be changed the package can be fetched from upstream Gentoo directly into `src/third_party/coreos-overlay` it may be necessary to create any missing directories in the path too. e.g. @@ -38,10 +38,10 @@ e.g. ~/trunk/src/third_party/coreos-overlay $ mkdir -p sys-block/open-iscsi && rsync -av rsync://rsync.gentoo.org/gentoo-portage/sys-block/open-iscsi/ sys-block/open-iscsi/ ``` -The tailing / prevents rsync from creating the directory for the package so you dont end up with `sys-block/open-iscsi/open-iscsi` +The tailing / prevents rsync from creating the directory for the package so you don't end up with `sys-block/open-iscsi/open-iscsi` Remember to add the new files to git. -If the new package does not need to be modified the package should be placed in `src/third_party/portage-stable` +If the new package does not need to be modified the package should be placed in `src/third_party/portage-stable` You can use `scripts/update_ebuilds` to fetch packages into `src/third_party/portage-stable` and add the files to git. You should specify the category and the packagename. @@ -50,25 +50,25 @@ e.g. If the package needs to be modified it must be moved out of `src/third_party/portage-stable` to `src/third_party/coreos-overlay` -To include the new packaage as a dependency of coreos add the package to the end of the RDEPEND environment variable in `coreos-base/coreos/coreos-0.0.1.ebuild` then increment the revision of coreos by renaming the softlink `git mv coreos-base/coreos/coreos-0.0.1-r237.ebuild coreos-base/coreos/coreos-0.0.1-r238.ebuild` +To include the new package as a dependency of coreos add the package to the end of the RDEPEND environment variable in `coreos-base/coreos/coreos-0.0.1.ebuild` then increment the revision of coreos by renaming the softlink `git mv coreos-base/coreos/coreos-0.0.1-r237.ebuild coreos-base/coreos/coreos-0.0.1-r238.ebuild` The new package will now be built and installed as part of the normal build flow. -Add and commit the changes to git using Angularjs format see [CONTRIBUTING.md] +Add and commit the changes to git using AngularJS format. See [CONTRIBUTING.md] [CONTRIBUTING.md]: https://github.com/coreos/etcd/blob/master/CONTRIBUTING.md -Push the changes to your github fork and create a pull request. +Push the changes to your GitHub fork and create a pull request. ### Ebuild Tips -- Manualy merge a package to the chroot to test build `emerge-amd64-usr packagename` -- Manualy unmerge a package `emerge-amd64-usr --unmerge packagename` +- Manually merge a package to the chroot to test build `emerge-amd64-usr packagename` +- Manually unmerge a package `emerge-amd64-usr --unmerge packagename` - Remove a binary package from the cache `sudo rm /build/amd64-usr/packages/catagory/packagename-version.tbz2` - recreate the chroot prior to a clean rebuild `./chromite/bin/cros_sdk -r` -- it may be necessary to comment out kernel source checks from the ebuild if the build fails -- as coreos does not yet provide visibility of the configured kernel source at biuld time -- usualy this is not a problem but may lead to warning messages +- it may be necessary to comment out kernel source checks from the ebuild if the build fails -- as coreos does not yet provide visibility of the configured kernel source at build time -- usually this is not a problem but may lead to warning messages - Chromium OS [Portage Build FAQ] - [Gentoo Development Guide] - + [Portage Build FAQ]: http://www.chromium.org/chromium-os/how-tos-and-troubleshooting/portage-build-faq [Gentoo Development Guide]: http://devmanual.gentoo.org/ @@ -85,7 +85,7 @@ git config --global credential.helper cache ``` Why doesn't CoreOS use SSH in the git remotes? Because, we can't do -anonymous clones from github with a ssh URL. In the future we will fix +anonymous clones from GitHub with an SSH URL. In the future we will fix this. ### Base system dependency graph @@ -113,7 +113,7 @@ Host 127.0.0.1 ## Hide loop devices from desktop environments By default desktop environments will diligently display any mounted devices -including loop devices used to contruct CoreOS disk images. If the daemon +including loop devices used to construct CoreOS disk images. If the daemon responsible for this happens to be ``udisks`` then you can disable this behavior with the following udev rule: From fb68a6bf8fe219cd9cd8b10921d70fe79f6ed0d5 Mon Sep 17 00:00:00 2001 From: Jimmy Zelinskie Date: Tue, 26 May 2015 15:39:25 -0400 Subject: [PATCH 0483/1291] add mount btrfs volume file section --- .../setup/mounting-storage/index.md | 41 +++++++++++++++++++ 1 file changed, 41 insertions(+) diff --git a/cluster-management/setup/mounting-storage/index.md b/cluster-management/setup/mounting-storage/index.md index 70ad62f12..6d946b0d4 100644 --- a/cluster-management/setup/mounting-storage/index.md +++ b/cluster-management/setup/mounting-storage/index.md @@ -64,6 +64,47 @@ coreos: Notice that we're starting both units at the same time and using the power of systemd to work out the dependencies for us. In this case, `var-lib-docker.mount` requires `format-ephemeral.service`, ensuring that our storage will always be formatted before it is mounted. Docker will refuse to start otherwise. +## Creating and Mounting a btrfs Volume File + +CoreOS [561.0.0](https://coreos.com/releases/#561.0.0) and later are installed with ext4 + overlayfs to provide a layered filesystem for the root partition. +Installations from prior to this, are using btrfs for this functionality. +If you'd like to continue using btrfs on newer CoreOS machines, you can do so with two systemd units: one that creates and formats a btrfs volume file and another that mounts it. + +In this example, we are going to mount a new 25GB btrfs volume file to `/var/lib/docker`, and one can verify that docker is using the btrfs storage driver once the docker service has started by executing `sudo docker info`. +We recommend allocating **no more than 85%** of the available disk space for a btrfs filesystem as journald will also require space on the host filesystem. + +```yaml +#cloud-config +coreos: + units: + - name: format-var-lib-docker.service + command: start + content: | + [Unit] + Before=docker.service var-lib-docker.mount + ConditionPathExists=!/var/lib/docker.btrfs + [Service] + Type=oneshot + ExecStart=/usr/bin/truncate --size=25G /var/lib/docker.btrfs + ExecStart=/usr/sbin/mkfs.btrfs /var/lib/docker.btrfs + - name: var-lib-docker.mount + enable: true + content: | + [Unit] + Before=docker.service + After=format-var-lib-docker.service + Requires=format-var-lib-docker.service + [Install] + RequiredBy=docker.service + [Mount] + What=/var/lib/docker.btrfs + Where=/var/lib/docker + Type=btrfs + Options=loop,discard +``` + +Note the declaration of `ConditionPathExists=!/var/lib/docker.btrfs`. Without this line, systemd would reformat the btrfs filesystem every time the machine starts. + ## Further Reading Read the [full docs](http://www.freedesktop.org/software/systemd/man/systemd.mount.html) to learn about the available options. Examples specific to [EC2]({{site.url}}/docs/running-coreos/cloud-providers/ec2/#instance-storage), [Google Compute Engine]({{site.url}}/docs/running-coreos/cloud-providers/google-compute-engine/#additional-storage) and [Rackspace Cloud]({{site.url}}/docs/running-coreos/cloud-providers/rackspace/#mount-data-disk) can be used as a starting point. From 39617ce2b7468db115fd64b8a790a9eb6bcb0523 Mon Sep 17 00:00:00 2001 From: Alex Crawford Date: Fri, 5 Jun 2015 14:55:36 -0700 Subject: [PATCH 0484/1291] docs: add manual rollback guide --- .../debugging/manual-rollbacks/index.md | 185 ++++++++++++++++++ 1 file changed, 185 insertions(+) create mode 100644 cluster-management/debugging/manual-rollbacks/index.md diff --git a/cluster-management/debugging/manual-rollbacks/index.md b/cluster-management/debugging/manual-rollbacks/index.md new file mode 100644 index 000000000..c1945876c --- /dev/null +++ b/cluster-management/debugging/manual-rollbacks/index.md @@ -0,0 +1,185 @@ +--- +layout: docs +slug: guides +title: Manual CoreOS Rollbacks +category: cluster_management +sub_category: debugging +weight: 5 +--- + +# Performing Manual CoreOS Rollbacks + +As much as we all love flawless, automatic updates, there may be occasions when +an update must be rolled back. This is fairly straightforward on CoreOS, once +you know the right commands. + +TL;DR; The following command will set the currently passive partition to be +active on the next boot: + +``` +cgpt prioritize "$(cgpt find -t coreos-usr | grep --invert-match "$(findmnt --noheadings --raw --output=source --target=/usr)")" +``` + +## How Do Updates Work? + +The system's GPT tables are used to encode which partition is currently active +and which is passive. This can be seen using the `cgpt` command. + +``` +$ cgpt show /dev/sda + start size part contents + 0 1 Hybrid MBR + 1 1 Pri GPT header + 2 32 Pri GPT table + 4096 262144 1 Label: "EFI-SYSTEM" + Type: EFI System Partition + UUID: 596FF08E-5617-4497-B10B-27A23F658B73 + Attr: Legacy BIOS Bootable + 266240 4096 2 Label: "BIOS-BOOT" + Type: BIOS Boot Partition + UUID: EACCC3D5-E7E9-461D-A6E2-1DCDAE4671EC + 270336 2097152 3 Label: "USR-A" + Type: Alias for coreos-rootfs + UUID: 7130C94A-213A-4E5A-8E26-6CCE9662F132 + Attr: priority=2 tries=0 successful=1 + 2367488 2097152 4 Label: "USR-B" + Type: Alias for coreos-rootfs + UUID: E03DD35C-7C2D-4A47-B3FE-27F15780A57C + Attr: priority=1 tries=0 successful=0 + 4464640 262144 6 Label: "OEM" + Type: Alias for linux-data + UUID: 726E33FA-DFE9-45B2-B215-FB35CD9C2388 + 4726784 131072 7 Label: "OEM-CONFIG" + Type: CoreOS reserved + UUID: 8F39CE8B-1FB3-4E7E-A784-0C53C8F40442 + 4857856 37085151 9 Label: "ROOT" + Type: CoreOS auto-resize + UUID: D9A972BB-8084-4AB5-BA55-F8A3AFFAD70D + 41943007 32 Sec GPT table + 41943039 1 Sec GPT header +``` + +Looking specifically at "USR-A" and "USR-B", we see that "USR-A" is the active +USR partition (this is what's actually mounted at /mnt). Its priority is higher +than that of "USR-B". When the system boots, GRUB (the bootloader) looks at +the priorities, tries, and successful flags to determine which partition to +use. + +``` + 270336 2097152 3 Label: "USR-A" + Type: Alias for coreos-rootfs + UUID: 7130C94A-213A-4E5A-8E26-6CCE9662F132 + Attr: priority=2 tries=0 successful=1 + 2367488 2097152 4 Label: "USR-B" + Type: Alias for coreos-rootfs + UUID: E03DD35C-7C2D-4A47-B3FE-27F15780A57C + Attr: priority=1 tries=0 successful=0 +``` + +You'll notice that on this machine, "USR-B" hasn't actually successfully +booted. Not to worry! This is a fresh machine that hasn't been through an +update cycle yet. When the machine downloads an update, the partition table is +updated to allow the newer image to boot. + + +``` + 270336 2097152 3 Label: "USR-A" + Type: Alias for coreos-rootfs + UUID: 7130C94A-213A-4E5A-8E26-6CCE9662F132 + Attr: priority=1 tries=0 successful=1 + 2367488 2097152 4 Label: "USR-B" + Type: Alias for coreos-rootfs + UUID: E03DD35C-7C2D-4A47-B3FE-27F15780A57C + Attr: priority=2 tries=1 successful=0 +``` + +In this case, we see that "USR-B" now has a higher priority and it has 1 try to +successfully boot. Once the machine reboots, the partition table will again be +updated. + +``` + 270336 2097152 3 Label: "USR-A" + Type: Alias for coreos-rootfs + UUID: 7130C94A-213A-4E5A-8E26-6CCE9662F132 + Attr: priority=1 tries=0 successful=1 + 2367488 2097152 4 Label: "USR-B" + Type: Alias for coreos-rootfs + UUID: E03DD35C-7C2D-4A47-B3FE-27F15780A57C + Attr: priority=2 tries=0 successful=0 +``` + +Now we see that the number of tries for "USR-B" has been decremented to 0. The +successful flag still hasn't been updated though. Once update-engine has had a +chance to run, it marks the boot as being successful. + +``` + 270336 2097152 3 Label: "USR-A" + Type: Alias for coreos-rootfs + UUID: 7130C94A-213A-4E5A-8E26-6CCE9662F132 + Attr: priority=1 tries=0 successful=1 + 2367488 2097152 4 Label: "USR-B" + Type: Alias for coreos-rootfs + UUID: E03DD35C-7C2D-4A47-B3FE-27F15780A57C + Attr: priority=2 tries=0 successful=1 +``` + + +## Performing a Manual Rollback + +So, now that we understand what happens when the machine updates, we can tweak +the process so that it boots an older image (assuming it's still intact on the +passive partition). The first command we'll use is `cgpt find -t coreos-usr`. +This will give us a list of all of the USR partitions available on the disk. + +``` +$ cgpt find -t coreos-usr +/dev/sda3 +/dev/sda4 +``` + +To figure out which partition is currently active, we can use `findmnt`. + +``` +$ findmnt --noheadings --raw --output=source --target=/usr +/dev/sda4 +``` + +So now we know that `/dev/sda3` is the passive partition on our system. We can +compose the previous two commands to dynamically figure out the passive +partition. + +``` +$ cgpt find -t coreos-usr | grep --invert-match "$(findmnt --noheadings --raw --output=source --target=/usr)" +/dev/sda3 +``` + +In order to rollback, we need to mark that partition as active using +`cgpt prioritize`. + + +``` +$ cgpt prioritize /dev/sda3 +``` + +If we take another look at the GPT tables, we'll see that the priorities have +been updated. + +``` + 270336 2097152 3 Label: "USR-A" + Type: Alias for coreos-rootfs + UUID: 7130C94A-213A-4E5A-8E26-6CCE9662F132 + Attr: priority=2 tries=0 successful=1 + 2367488 2097152 4 Label: "USR-B" + Type: Alias for coreos-rootfs + UUID: E03DD35C-7C2D-4A47-B3FE-27F15780A57C + Attr: priority=1 tries=0 successful=1 + +``` + +Again, composing the previous two commands we get this handy one-liner to +revert to the previous image. + +``` +$ cgpt prioritize "$(cgpt find -t coreos-usr | grep --invert-match "$(findmnt --noheadings --raw --output=source --target=/usr)")" + +``` From aa39da88b85809d2d06a8863498beac398fb5acc Mon Sep 17 00:00:00 2001 From: Alex Crawford Date: Fri, 5 Jun 2015 16:14:19 -0700 Subject: [PATCH 0485/1291] docs: punctuation fixes --- cluster-management/debugging/manual-rollbacks/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster-management/debugging/manual-rollbacks/index.md b/cluster-management/debugging/manual-rollbacks/index.md index c1945876c..c4bb4cbaf 100644 --- a/cluster-management/debugging/manual-rollbacks/index.md +++ b/cluster-management/debugging/manual-rollbacks/index.md @@ -13,7 +13,7 @@ As much as we all love flawless, automatic updates, there may be occasions when an update must be rolled back. This is fairly straightforward on CoreOS, once you know the right commands. -TL;DR; The following command will set the currently passive partition to be +tl;dr: The following command will set the currently passive partition to be active on the next boot: ``` From e2b75fd1c3e92acec8205fdde7072796eec79c9b Mon Sep 17 00:00:00 2001 From: Omri Gazitt Date: Sun, 14 Jun 2015 15:28:44 -0700 Subject: [PATCH 0486/1291] Update index.md to fix broken link fixed URL to config drive openstack documentation --- running-coreos/platforms/openstack/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/running-coreos/platforms/openstack/index.md b/running-coreos/platforms/openstack/index.md index 2761486e7..f238848df 100644 --- a/running-coreos/platforms/openstack/index.md +++ b/running-coreos/platforms/openstack/index.md @@ -90,7 +90,7 @@ We're going to provide our cloud-config to OpenStack via the user-data flag. Our In order for this to work your OpenStack cloud provider must support [config drive][config-drive] or the OpenStack metadata service. [cloud-config]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config -[config-drive]: http://docs.openstack.org/user-guide/content/config-drive.html +[config-drive]: http://docs.openstack.org/user-guide/cli_config_drive.html The most common cloud-config for OpenStack looks like: From 5e141114ef0243c9d1b7bce3be90ef6a77689de3 Mon Sep 17 00:00:00 2001 From: Xiang Li Date: Thu, 18 Jun 2015 11:30:51 -0700 Subject: [PATCH 0487/1291] cluster-arch: switch to etcd2 service --- .../setup/cluster-architectures/index.md | 33 +++++++++++-------- 1 file changed, 20 insertions(+), 13 deletions(-) diff --git a/cluster-management/setup/cluster-architectures/index.md b/cluster-management/setup/cluster-architectures/index.md index 557908f35..e635cd2fd 100644 --- a/cluster-management/setup/cluster-architectures/index.md +++ b/cluster-management/setup/cluster-architectures/index.md @@ -111,10 +111,13 @@ Here's the cloud-config for the etcd machine: #cloud-config coreos: - etcd: - addr: 10.0.0.101:4001 + etcd2: + advertise-client-urls: http://10.0.0.101:2379 + # listen on both the official ports and the legacy ports + # legacy ports can be omitted if your application doesn't depend on them + listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001 units: - - name: etcd.service + - name: etcd2.service command: start - name: 00-eth0.network runtime: true @@ -140,7 +143,7 @@ Look how simple the cloud-config becomes: coreos: fleet: # replace this IP - etcd_servers: "http://10.0.0.101:4001" + etcd_servers: "http://10.0.0.101:2379" units: - name: etcd.service mask: true @@ -152,7 +155,7 @@ write_files: owner: core content: | # configure etcdctl to work with our etcd servers set above - export ETCDCTL_PEERS="http://10.0.0.101:4001" + export ETCDCTL_PEERS="http://10.0.0.101:2379" - path: /etc/profile.d/fleetctl.sh permissions: 0644 owner: core @@ -189,13 +192,17 @@ Here's an example cloud-config for one of the central service machines. Be sure #cloud-config coreos: - etcd: + etcd2: # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 # specify the initial size of your cluster with ?size=X discovery: https://discovery.etcd.io/ # multi-region and multi-cloud deployments need to use $public_ipv4 - addr: 10.0.0.101:4001 - peer-addr: 10.0.0.101:7001 + advertise-client-urls: http://10.0.0.101:2379 + initial-advertise-peer-urls: http://10.0.0.101:2380 + # listen on both the official ports and the legacy ports + # legacy ports can be omitted if your application doesn't depend on them + listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001 + listen-peer-urls: http://10.0.0.101:2380,http://10.0.0.101:7001 fleet: metadata: "role=services,cabinet=one" update: @@ -203,7 +210,7 @@ coreos: group: 9e98ecae-4623-48c1-9679-423549c44da6 server: https://customer.update.core-os.net/v1/update/ units: - - name: etcd.service + - name: etcd2.service command: start - name: fleet.service command: start @@ -235,11 +242,11 @@ Here's an example cloud-config for a worker: coreos: fleet: metadata: "role=worker,cabinet=two,disk=spinning" - etcd_servers: "http://10.0.0.101:4001,http://10.0.0.102:4001,http://10.0.0.103:4001,http://10.0.0.104:4001,http://10.0.0.105:4001" + etcd_servers: "http://10.0.0.101:2379,http://10.0.0.102:2379,http://10.0.0.103:2379,http://10.0.0.104:2379,http://10.0.0.105:2379" locksmith: - endpoint: "http://10.0.0.101:4001,http://10.0.0.102:4001,http://10.0.0.103:4001,http://10.0.0.104:4001,http://10.0.0.105:4001" + endpoint: "http://10.0.0.101:2379,http://10.0.0.102:2379,http://10.0.0.103:2379,http://10.0.0.104:2379,http://10.0.0.105:2379" units: - - name: etcd.service + - name: etcd2.service mask: true - name: fleet.service command: start @@ -253,7 +260,7 @@ write_files: owner: core content: | # configure etcdctl to work with our etcd servers set above - export ETCDCTL_PEERS="http://10.0.0.101:4001,http://10.0.0.102:4001,http://10.0.0.103:4001,http://10.0.0.104:4001,http://10.0.0.105:4001" + export ETCDCTL_PEERS="http://10.0.0.101:2379,http://10.0.0.102:2379,http://10.0.0.103:2379,http://10.0.0.104:2379,http://10.0.0.105:2379" - path: /etc/profile.d/fleetctl.sh permissions: 0644 owner: core From 8629ac0871e64fc2e670d99541dafa9ee03e51a4 Mon Sep 17 00:00:00 2001 From: Alex Crawford Date: Thu, 18 Jun 2015 16:48:37 -0700 Subject: [PATCH 0488/1291] *: use site.baseurl instead of site.url This is needed to make the new jekyll configuration. --- .../debugging/btrfs-troubleshooting/index.md | 4 +-- .../debugging/reading-the-system-log/index.md | 6 ++-- .../scaling/power-management/index.md | 2 +- .../setup/adding-users/index.md | 6 ++-- .../setup/cluster-architectures/index.md | 6 ++-- .../setup/cluster-discovery/index.md | 4 +-- .../setup/customizing-sshd/index.md | 2 +- .../setup/flannel-config/index.md | 2 +- .../setup/mounting-storage/index.md | 4 +-- .../network-config-with-networkd/index.md | 4 +-- .../setup/switching-channels/index.md | 2 +- .../setup/update-strategies/index.md | 6 ++-- .../getting-started-with-etcd/index.md | 8 ++--- enterprise-registry/build-support/index.md | 2 +- .../configure-machines/index.md | 2 +- enterprise-registry/github-app/index.md | 4 +-- enterprise-registry/github-auth/index.md | 2 +- enterprise-registry/github-build/index.md | 6 ++-- enterprise-registry/initial-setup/index.md | 6 ++-- .../building/customizing-docker/index.md | 6 ++-- .../getting-started-with-docker/index.md | 8 ++--- .../getting-started-with-systemd/index.md | 4 +-- .../launching-containers-fleet/index.md | 22 +++++++------- .../launching/overview-of-systemctl/index.md | 4 +-- quickstart/index.md | 18 +++++------ .../bare-metal/booting-with-ipxe/index.md | 12 ++++---- .../bare-metal/booting-with-pxe/index.md | 20 ++++++------- .../bare-metal/installing-to-disk/index.md | 8 ++--- running-coreos/cloud-providers/auro/index.md | 6 ++-- running-coreos/cloud-providers/azure/index.md | 14 ++++----- .../cloud-providers/brightbox/index.md | 4 +-- .../cloud-providers/digitalocean/index.md | 16 +++++----- running-coreos/cloud-providers/ec2/index.md | 20 ++++++------- running-coreos/cloud-providers/ecs/index.md | 6 ++-- .../cloud-providers/exoscale/index.md | 16 +++++----- .../google-compute-engine/index.md | 10 +++---- .../cloud-providers/niftycloud/JA_JP/index.md | 8 ++--- .../cloud-providers/niftycloud/index.md | 8 ++--- .../cloud-providers/rackspace/index.md | 30 +++++++++---------- .../cloud-providers/vexxhost/index.md | 6 ++-- running-coreos/cloud-providers/vultr/index.md | 10 +++---- running-coreos/platforms/cloudstack/index.md | 2 +- running-coreos/platforms/eucalyptus/index.md | 4 +-- running-coreos/platforms/iso/index.md | 6 ++-- running-coreos/platforms/libvirt/index.md | 6 ++-- running-coreos/platforms/openstack/index.md | 8 ++--- running-coreos/platforms/qemu/index.md | 4 +-- running-coreos/platforms/vagrant/index.md | 12 ++++---- running-coreos/platforms/virtualbox/index.md | 10 +++---- running-coreos/platforms/vmware/index.md | 8 ++--- .../notes-for-distributors/index.md | 8 ++--- sdk-distributors/sdk/disk-partitions/index.md | 4 +-- 52 files changed, 203 insertions(+), 203 deletions(-) diff --git a/cluster-management/debugging/btrfs-troubleshooting/index.md b/cluster-management/debugging/btrfs-troubleshooting/index.md index a8b6984f0..917b448da 100644 --- a/cluster-management/debugging/btrfs-troubleshooting/index.md +++ b/cluster-management/debugging/btrfs-troubleshooting/index.md @@ -9,7 +9,7 @@ weight: 5 # Working with btrfs and Common Troubleshooting -btrfs is a copy-on-write filesystem with full support in the upstream Linux kernel, which is important since CoreOS frequently ships [updated versions]({{site.url}}/releases) of the kernel. Docker has a storage driver for btrfs and it is set up on CoreOS out of the box. +btrfs is a copy-on-write filesystem with full support in the upstream Linux kernel, which is important since CoreOS frequently ships [updated versions]({{site.baseurl}}/releases) of the kernel. Docker has a storage driver for btrfs and it is set up on CoreOS out of the box. btrfs was marked as experimental for a long time, but it's now fully production-ready and supported by a number of Linux distributions. @@ -80,7 +80,7 @@ Balance on '/' is running ## Adding a New Physical Disk -New physical disks can be added to an existing btrfs filesystem. The first step is to have the new block device [mounted on the machine]({{site.url}}/docs/cluster-management/setup/mounting-storage/). Afterwards, let btrfs know about the new device and re-balance the file system. The key step here is re-balancing, which will move the data and metadata across both block devices. Expect this process to take some time: +New physical disks can be added to an existing btrfs filesystem. The first step is to have the new block device [mounted on the machine]({{site.baseurl}}/docs/cluster-management/setup/mounting-storage/). Afterwards, let btrfs know about the new device and re-balance the file system. The key step here is re-balancing, which will move the data and metadata across both block devices. Expect this process to take some time: ```sh $ btrfs device add /dev/sdc / diff --git a/cluster-management/debugging/reading-the-system-log/index.md b/cluster-management/debugging/reading-the-system-log/index.md index 00cf42a7c..d858a12fe 100644 --- a/cluster-management/debugging/reading-the-system-log/index.md +++ b/cluster-management/debugging/reading-the-system-log/index.md @@ -9,7 +9,7 @@ weight: 5 # Reading the System Log -`journalctl` is your interface into a single machine's journal/logging and `fleetctl journal` will fetch the journal for containers started with [fleet]({{site.url}}/using-coreos/clustering/). All service files and docker containers insert data into the systemd journal. There are a few helpful commands to read the journal: +`journalctl` is your interface into a single machine's journal/logging and `fleetctl journal` will fetch the journal for containers started with [fleet]({{site.baseurl}}/using-coreos/clustering/). All service files and docker containers insert data into the systemd journal. There are a few helpful commands to read the journal: ## Read the Entire Journal @@ -40,7 +40,7 @@ Dec 22 12:32:39 localhost docker[9772]: /usr/sbin/apache2ctl: 87: ulimit: error Dec 22 12:32:39 localhost docker[9772]: apache2: Could not reliably determine the server's fully qualified domain name, using 172.17.0.6 for ServerName ``` -Using the `--tunnel` flag ([docs](https://github.com/coreos/fleet/blob/master/Documentation/using-the-client.md#from-an-external-host)), you can remotely read the journal for a specific unit started via [fleet]({{site.url}}/using-coreos/clustering/). This command will figure out which machine the unit is currently running on, fetch the journal and output it: +Using the `--tunnel` flag ([docs](https://github.com/coreos/fleet/blob/master/Documentation/using-the-client.md#from-an-external-host)), you can remotely read the journal for a specific unit started via [fleet]({{site.baseurl}}/using-coreos/clustering/). This command will figure out which machine the unit is currently running on, fetch the journal and output it: ```sh $ fleetctl --tunnel 10.10.10.10 journal apache.service @@ -73,4 +73,4 @@ journalctl -u apache.service -f ``` #### More Information -Getting Started with systemd +Getting Started with systemd diff --git a/cluster-management/scaling/power-management/index.md b/cluster-management/scaling/power-management/index.md index 69cf51819..2d61b8084 100644 --- a/cluster-management/scaling/power-management/index.md +++ b/cluster-management/scaling/power-management/index.md @@ -34,7 +34,7 @@ modprobe cpufreq_conservative echo "conservative" | tee /sys/devices/system/cpu/cpu*/cpufreq/scaling_governor > /dev/null ``` -This can be configured with [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/#coreos) as well: +This can be configured with [cloud-config]({{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config/#coreos) as well: ```yaml coreos: diff --git a/cluster-management/setup/adding-users/index.md b/cluster-management/setup/adding-users/index.md index a5b6f468f..39c6a3dfd 100644 --- a/cluster-management/setup/adding-users/index.md +++ b/cluster-management/setup/adding-users/index.md @@ -12,7 +12,7 @@ You can create user accounts on a CoreOS machine manually with `useradd` or via ## Add Users via Cloud-Config -Managing users via cloud-config is preferred because it allows you to use the same configuration across many servers and the cloud-config file can be stored in a repo and versioned. In your cloud-config, you can specify many [different parameters]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/#users) for each user. Here's an example: +Managing users via cloud-config is preferred because it allows you to use the same configuration across many servers and the cloud-config file can be stored in a repo and versioned. In your cloud-config, you can specify many [different parameters]({{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config/#users) for each user. Here's an example: ```yaml #cloud-config @@ -27,7 +27,7 @@ users: - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC0g+ZTxC7weoIJLUafOgrm+h... ``` -Check out the entire [Customize with Cloud-Config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/) guide for the full details. +Check out the entire [Customize with Cloud-Config]({{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config/) guide for the full details. ## Add User Manually @@ -54,4 +54,4 @@ update-ssh-keys -u user1 user1.pem ## Further Reading -Read the [full cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/) guide to install users and more. +Read the [full cloud-config]({{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config/) guide to install users and more. diff --git a/cluster-management/setup/cluster-architectures/index.md b/cluster-management/setup/cluster-architectures/index.md index 557908f35..55edf9cec 100644 --- a/cluster-management/setup/cluster-architectures/index.md +++ b/cluster-management/setup/cluster-architectures/index.md @@ -84,7 +84,7 @@ Getting started is easy — a single cloud-config can be used to start all m ### Configuring the Machines -Following the guide for each of the [supported platforms]({{site.url}}/docs#running-coreos) will be the easiest way to get started with this architecture. Boot the desired number of machines with the same cloud-config and discovery token. The cloud-config specifies that etcd and fleet will be started on each machine. +Following the guide for each of the [supported platforms]({{site.baseurl}}/docs#running-coreos) will be the easiest way to get started with this architecture. Boot the desired number of machines with the same cloud-config and discovery token. The cloud-config specifies that etcd and fleet will be started on each machine. ## Easy Development/Testing Cluster @@ -181,7 +181,7 @@ Our Central Services machines will run services that support the rest of the clu fleet will be started with metadata indicating the role of these machines, which allows us to schedule global units that will only run on these machines with `Global=true` and `MachineMetadata=role=services`. Optionally, set additional machine metadata for availability zones, cabinet number, location, etc. to ensure that each central service machine is distributed correctly across your infrastructure. -[Managed Linux]({{site.url}}/products/managed-linux) customers can also specify a [CoreUpdate]({{site.url}}/products/coreupdate) group ID which will allow you to attach these machines to a different channel and control updates separately from the worker machines. +[Managed Linux]({{site.baseurl}}/products/managed-linux) customers can also specify a [CoreUpdate]({{site.baseurl}}/products/coreupdate) group ID which will allow you to attach these machines to a different channel and control updates separately from the worker machines. Here's an example cloud-config for one of the central service machines. Be sure to generate a new discovery token with the initial size of your cluster: @@ -225,7 +225,7 @@ The worker roles will use DHCP and should be easy to add capacity or autoscaling Similar to the central services machines, fleet will be configured with metadata specifying the role and any additional metadata you wish to set. If not all machines have SSDs or you have a subset of machines with a ton of RAM, it's useful to set metadata for those attributes. -[Managed Linux]({{site.url}}/products/managed-linux) customers can also specify a [CoreUpdate]({{site.url}}/products/coreupdate) group ID to use a different channel and control updates separately from the central machines. +[Managed Linux]({{site.baseurl}}/products/managed-linux) customers can also specify a [CoreUpdate]({{site.baseurl}}/products/coreupdate) group ID to use a different channel and control updates separately from the central machines. Here's an example cloud-config for a worker: diff --git a/cluster-management/setup/cluster-discovery/index.md b/cluster-management/setup/cluster-discovery/index.md index 93ccf02cd..f15945a98 100644 --- a/cluster-management/setup/cluster-discovery/index.md +++ b/cluster-management/setup/cluster-discovery/index.md @@ -20,7 +20,7 @@ $ curl -w "\n" 'https://discovery.etcd.io/new?size=3' https://discovery.etcd.io/6a28e078895c5ec737174db2419bb2f3 ``` -The discovery URL can be provided to each CoreOS machine via [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config), a minimal config tool that's designed to get a machine connected to the network and join the cluster. The rest of this guide will explain what's happening behind the scenes, but if you're trying to get clustered as quickly as possible, all you need to do is provide a _fresh, unique_ discovery token in your cloud-config. +The discovery URL can be provided to each CoreOS machine via [cloud-config]({{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config), a minimal config tool that's designed to get a machine connected to the network and join the cluster. The rest of this guide will explain what's happening behind the scenes, but if you're trying to get clustered as quickly as possible, all you need to do is provide a _fresh, unique_ discovery token in your cloud-config. Boot each one of the machines with identical cloud-config and they should be automatically clustered: @@ -76,7 +76,7 @@ It's also possible that a discovery URL can contain no existing addresses, becau The most common problem with cluster discovery is using invalid cloud-config, which will prevent the cloud-config from being applied to the machine. The YAML format uses indention to represent data hierarchy, which makes it easy to create an invalid cloud-config. You should always run newly written cloud-config through a [YAML validator](http://www.yamllint.com). -Unfortunately, if you are providing an SSH-key via cloud-config, it can be hard to read the `coreos-cloudinit` log to find out what's wrong. If you're using a cloud provider, you can normally provide an SSH-key via another method which will allow you to log in. If you're running on bare metal, the [coreos.autologin]({{site.url}}/docs/running-coreos/bare-metal/booting-with-pxe/#setting-up-pxelinux.cfg) kernel option will bypass authentication, letting you read the journal. +Unfortunately, if you are providing an SSH-key via cloud-config, it can be hard to read the `coreos-cloudinit` log to find out what's wrong. If you're using a cloud provider, you can normally provide an SSH-key via another method which will allow you to log in. If you're running on bare metal, the [coreos.autologin]({{site.baseurl}}/docs/running-coreos/bare-metal/booting-with-pxe/#setting-up-pxelinux.cfg) kernel option will bypass authentication, letting you read the journal. Reading the `coreos-cloudinit` log will indicate which line is invalid: diff --git a/cluster-management/setup/customizing-sshd/index.md b/cluster-management/setup/customizing-sshd/index.md index 16c9baab8..ad0b20d81 100644 --- a/cluster-management/setup/customizing-sshd/index.md +++ b/cluster-management/setup/customizing-sshd/index.md @@ -53,4 +53,4 @@ coreos: ## Further Reading -Read the [full cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/) guide to install users and more. +Read the [full cloud-config]({{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config/) guide to install users and more. diff --git a/cluster-management/setup/flannel-config/index.md b/cluster-management/setup/flannel-config/index.md index ce0fcd316..ca91eece1 100644 --- a/cluster-management/setup/flannel-config/index.md +++ b/cluster-management/setup/flannel-config/index.md @@ -8,7 +8,7 @@ weight: 10 # Configuring flannel for Container Networking -*Note*: flannel is only available in [CoreOS versions 554]({{site.url}}/releases/#554.0.0) and later. +*Note*: flannel is only available in [CoreOS versions 554]({{site.baseurl}}/releases/#554.0.0) and later. ## Overview diff --git a/cluster-management/setup/mounting-storage/index.md b/cluster-management/setup/mounting-storage/index.md index 6d946b0d4..18437f6bd 100644 --- a/cluster-management/setup/mounting-storage/index.md +++ b/cluster-management/setup/mounting-storage/index.md @@ -8,7 +8,7 @@ weight: 7 # Mounting Storage -Many platforms provide attached storage, but it must be mounted for you to take advantage of it. You can easily do this via [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config) with a `.mount` unit. Here's an example that mounts an [EC2 ephemeral disk]({{site.url}}/docs/running-coreos/cloud-providers/ec2/#instance-storage): +Many platforms provide attached storage, but it must be mounted for you to take advantage of it. You can easily do this via [cloud-config]({{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config) with a `.mount` unit. Here's an example that mounts an [EC2 ephemeral disk]({{site.baseurl}}/docs/running-coreos/cloud-providers/ec2/#instance-storage): ```yaml #cloud-config @@ -107,4 +107,4 @@ Note the declaration of `ConditionPathExists=!/var/lib/docker.btrfs`. Without th ## Further Reading -Read the [full docs](http://www.freedesktop.org/software/systemd/man/systemd.mount.html) to learn about the available options. Examples specific to [EC2]({{site.url}}/docs/running-coreos/cloud-providers/ec2/#instance-storage), [Google Compute Engine]({{site.url}}/docs/running-coreos/cloud-providers/google-compute-engine/#additional-storage) and [Rackspace Cloud]({{site.url}}/docs/running-coreos/cloud-providers/rackspace/#mount-data-disk) can be used as a starting point. +Read the [full docs](http://www.freedesktop.org/software/systemd/man/systemd.mount.html) to learn about the available options. Examples specific to [EC2]({{site.baseurl}}/docs/running-coreos/cloud-providers/ec2/#instance-storage), [Google Compute Engine]({{site.baseurl}}/docs/running-coreos/cloud-providers/google-compute-engine/#additional-storage) and [Rackspace Cloud]({{site.baseurl}}/docs/running-coreos/cloud-providers/rackspace/#mount-data-disk) can be used as a starting point. diff --git a/cluster-management/setup/network-config-with-networkd/index.md b/cluster-management/setup/network-config-with-networkd/index.md index 1099f7986..f1ecb24e7 100644 --- a/cluster-management/setup/network-config-with-networkd/index.md +++ b/cluster-management/setup/network-config-with-networkd/index.md @@ -8,9 +8,9 @@ weight: 7 # Network Configuration with networkd -CoreOS machines are preconfigured with [networking customized]({{site.url}}/docs/sdk-distributors/distributors/notes-for-distributors) for each platform. You can write your own networkd units to replace or override the units created for each platform. This article covers a subset of networkd functionality. You can view the [full docs here](http://www.freedesktop.org/software/systemd/man/systemd-networkd.service.html). +CoreOS machines are preconfigured with [networking customized]({{site.baseurl}}/docs/sdk-distributors/distributors/notes-for-distributors) for each platform. You can write your own networkd units to replace or override the units created for each platform. This article covers a subset of networkd functionality. You can view the [full docs here](http://www.freedesktop.org/software/systemd/man/systemd-networkd.service.html). -Drop a networkd unit in `/etc/systemd/network/` or inject a unit on boot via [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/#coreos) to override an existing unit. Network units injected via the `coreos.units` node in the cloud-config will automatically trigger a networkd reload in order for changes to be applied. Files placed on the filesystem will need to reload networkd afterwards with `sudo systemctl restart systemd-networkd`. +Drop a networkd unit in `/etc/systemd/network/` or inject a unit on boot via [cloud-config]({{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config/#coreos) to override an existing unit. Network units injected via the `coreos.units` node in the cloud-config will automatically trigger a networkd reload in order for changes to be applied. Files placed on the filesystem will need to reload networkd afterwards with `sudo systemctl restart systemd-networkd`. Let's take a look at two common situations: using a static IP and turning off DHCP. diff --git a/cluster-management/setup/switching-channels/index.md b/cluster-management/setup/switching-channels/index.md index 99fa397c9..c078a92ab 100644 --- a/cluster-management/setup/switching-channels/index.md +++ b/cluster-management/setup/switching-channels/index.md @@ -46,4 +46,4 @@ cat /etc/os-release ## Release Information -You can read more about the current releases and channels on the [releases page]({{site.url}}/releases). \ No newline at end of file +You can read more about the current releases and channels on the [releases page]({{site.baseurl}}/releases). \ No newline at end of file diff --git a/cluster-management/setup/update-strategies/index.md b/cluster-management/setup/update-strategies/index.md index ee1814999..c48d7ebf5 100644 --- a/cluster-management/setup/update-strategies/index.md +++ b/cluster-management/setup/update-strategies/index.md @@ -8,7 +8,7 @@ weight: 7 # Update Strategies -The overarching goal of CoreOS is to secure the Internet's backend infrastructure. We believe that [automatically updating]({{site.url}}/using-coreos/updates) the operating system is one of the best tools to achieve this goal. +The overarching goal of CoreOS is to secure the Internet's backend infrastructure. We believe that [automatically updating]({{site.baseurl}}/using-coreos/updates) the operating system is one of the best tools to achieve this goal. We realize that each CoreOS cluster has a unique tolerance for risk and the operational needs of your applications are complex. In order to meet everyone's needs, there are four update strategies that we have developed based on feedback during our alpha period. @@ -23,7 +23,7 @@ It's important to note that updates are always downloaded to the passive partiti ## Strategy Options -The update strategy is defined in [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/#coreos): +The update strategy is defined in [cloud-config]({{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config/#coreos): ```yaml #cloud-config @@ -81,7 +81,7 @@ The `off` strategy is also straightforward. The update will be installed onto th PXE/iPXE machines download a new copy of CoreOS every time they are started thus are dependent on the version of CoreOS they are served. If you don't automatically load new CoreOS images into your PXE/iPXE server, your machines will never have new features or security updates. -An easy solution to this problem is to use iPXE and reference images [directly from the CoreOS storage site]({{site.url}}/docs/running-coreos/bare-metal/booting-with-ipxe/#setting-up-the-boot-script). The `alpha` URL is automatically pointed to the new version of CoreOS as it is released. +An easy solution to this problem is to use iPXE and reference images [directly from the CoreOS storage site]({{site.baseurl}}/docs/running-coreos/bare-metal/booting-with-ipxe/#setting-up-the-boot-script). The `alpha` URL is automatically pointed to the new version of CoreOS as it is released. ## Updating Behind a Proxy diff --git a/distributed-configuration/getting-started-with-etcd/index.md b/distributed-configuration/getting-started-with-etcd/index.md index d1f334983..13a7d8aa2 100644 --- a/distributed-configuration/getting-started-with-etcd/index.md +++ b/distributed-configuration/getting-started-with-etcd/index.md @@ -11,9 +11,9 @@ weight: 5 etcd is an open-source distributed key value store that provides shared configuration and service discovery for CoreOS clusters. etcd runs on each machine in a cluster and gracefully handles master election during network partitions and the loss of the current master. -Application containers running on your cluster can read and write data into etcd. Common examples are storing database connection details, cache settings, feature flags, and more. This guide will walk you through a basic example of reading and writing to etcd then proceed to other features like TTLs, directories and watching a prefix. This guide is way more fun when you've got at least one CoreOS machine up and running — try it on [Amazon EC2]({{site.url}}/docs/running-coreos/cloud-providers/ec2) or locally with [Vagrant]({{site.url}}/docs/running-coreos/platforms/vagrant). +Application containers running on your cluster can read and write data into etcd. Common examples are storing database connection details, cache settings, feature flags, and more. This guide will walk you through a basic example of reading and writing to etcd then proceed to other features like TTLs, directories and watching a prefix. This guide is way more fun when you've got at least one CoreOS machine up and running — try it on [Amazon EC2]({{site.baseurl}}/docs/running-coreos/cloud-providers/ec2) or locally with [Vagrant]({{site.baseurl}}/docs/running-coreos/platforms/vagrant). -Complete etcd API Docs +Complete etcd API Docs ## Reading and Writing to etcd @@ -76,7 +76,7 @@ ETCD_ENDPOINT="$(ifconfig docker0 | awk '/\/ { print $2}'):4001" ## Proxy Example -Let's pretend we're setting up a service that consists of a few containers that are behind a proxy container. We can use etcd to announce these containers when they start by creating a directory, having each container write a key within that directory and have the proxy watch the entire directory. We're going to skip creating the containers here but the [docker guide]({{site.url}}/docs/launching-containers/building/getting-started-with-docker) is a good place to start for that. +Let's pretend we're setting up a service that consists of a few containers that are behind a proxy container. We can use etcd to announce these containers when they start by creating a directory, having each container write a key within that directory and have the proxy watch the entire directory. We're going to skip creating the containers here but the [docker guide]({{site.baseurl}}/docs/launching-containers/building/getting-started-with-docker) is a good place to start for that. ### Create the directory @@ -187,6 +187,6 @@ $ curl -L http://127.0.0.1:4001/v2/keys/foo ``` #### More Information -etcd Overview +etcd Overview Full etcd API Docs Projects using etcd diff --git a/enterprise-registry/build-support/index.md b/enterprise-registry/build-support/index.md index 81cf55dd0..71b803d8e 100644 --- a/enterprise-registry/build-support/index.md +++ b/enterprise-registry/build-support/index.md @@ -9,7 +9,7 @@ weight: 5 # Automatically build Dockerfiles with Build Workers -CoreOS Enterprise Registry supports building Dockerfiles using a set of worker nodes. Build triggers, such as GitHub webhooks ([Setup Instructions]({{site.url}}/docs/enterprise-registry/github-build)), can be configured to automatically build new versions of your repositories when new code is committed. This document will walk you through enabling the feature flag and setting up multiple build workers to enable this feature. +CoreOS Enterprise Registry supports building Dockerfiles using a set of worker nodes. Build triggers, such as GitHub webhooks ([Setup Instructions]({{site.baseurl}}/docs/enterprise-registry/github-build)), can be configured to automatically build new versions of your repositories when new code is committed. This document will walk you through enabling the feature flag and setting up multiple build workers to enable this feature. *Note:* This feature is currently in *beta*, so it may encounter issues every so often. Please report any issues encountered to support so we can fix it ASAP. diff --git a/enterprise-registry/configure-machines/index.md b/enterprise-registry/configure-machines/index.md index 521ddacf4..9a36097a3 100644 --- a/enterprise-registry/configure-machines/index.md +++ b/enterprise-registry/configure-machines/index.md @@ -17,7 +17,7 @@ This guide we will assume you have the DNS record `registry.example.com` configu Each CoreOS machine needs to be configured with the username and password for a robot account in order to deploy your containers. Docker looks for configured credentials in a `.dockercfg` file located within the user's home directory. You can download this file directly from the Enterprise Registry interface. Let's assume you've created a robot account called `myapp+deployment`. -Writing the `.dockercfg` can be specified in [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config) with the write_files parameter, or created manually on each machine. +Writing the `.dockercfg` can be specified in [cloud-config]({{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config) with the write_files parameter, or created manually on each machine. ### Cloud-Config diff --git a/enterprise-registry/github-app/index.md b/enterprise-registry/github-app/index.md index 80d9d8552..a6464fd49 100644 --- a/enterprise-registry/github-app/index.md +++ b/enterprise-registry/github-app/index.md @@ -12,7 +12,7 @@ weight: 5 - Log into GitHub (Enterprise) - Visit the applications page under your organization's settings and click "Register New Application". - + - Enter your registry's URL as the application URL @@ -21,6 +21,6 @@ Note: If using public GitHub, the URL entered must be accessible by *your users* - Enter `https://{REGISTRY URL HERE}/oauth2/github/callback` as the Authorization callback URL. - Create the application - + - Note down the `Client ID` and `Client Secret`. diff --git a/enterprise-registry/github-auth/index.md b/enterprise-registry/github-auth/index.md index 40ad4c9c0..3bc40cb31 100644 --- a/enterprise-registry/github-auth/index.md +++ b/enterprise-registry/github-auth/index.md @@ -13,7 +13,7 @@ CoreOS Enterprise Registry supports using GitHub or GitHub Enterprise as an auth ## Create an OAuth Application in GitHub -Following the instructions at Create a GitHub Application. +Following the instructions at Create a GitHub Application. **NOTE:** This application must be **different** from that used for GitHub Build Triggers. diff --git a/enterprise-registry/github-build/index.md b/enterprise-registry/github-build/index.md index 123adb8e8..d5d6f80f6 100644 --- a/enterprise-registry/github-build/index.md +++ b/enterprise-registry/github-build/index.md @@ -14,11 +14,11 @@ images. ## Initial Setup -If you have not yet done so, please enable build support in the Enterprise Registry. +If you have not yet done so, please enable build support in the Enterprise Registry. ## Create an OAuth Application in GitHub -Following the instructions at Create a GitHub Application. +Following the instructions at Create a GitHub Application. **NOTE:** This application must be **different** from that used for GitHub Authentication. @@ -43,6 +43,6 @@ Sign in to a super user account and visit `http://yourregister/superuser` to vie After getting automated builds working, it may be desired to tag a specific build with a name. By default, the last image pushed to a repository will be tagged as `latest`. Because tagging is [usually done client side](https://docs.docker.com/userguide/dockerimages/#setting-tags-on-an-image) before an image is pushed, it may not be clear how to tag an image that was built and pushed by GitHub. Luckily, there is a interface for doing so on the repository page. After clicking to select a given build on the build graph, the right side of the page displays tag information which when clicked provides a drop-down menu with the option of creating a new tag. -Create a new tag +Create a new tag There is currently no ability to automatically tag GitHub triggered builds. diff --git a/enterprise-registry/initial-setup/index.md b/enterprise-registry/initial-setup/index.md index 0e0182863..24a911f76 100644 --- a/enterprise-registry/initial-setup/index.md +++ b/enterprise-registry/initial-setup/index.md @@ -20,7 +20,7 @@ CoreOS Enterprise Registry requires three components to be running to begin the ## Preparing the Database -A MySQL RDBMS or Postgres installation with an empty database is required, and a login with full access to said database. The schema will be created the first time the registry image is run. The database install can either be pre-existing or run on CoreOS via a [Docker container]({{site.url}}/docs/enterprise-registry/mysql-container). +A MySQL RDBMS or Postgres installation with an empty database is required, and a login with full access to said database. The schema will be created the first time the registry image is run. The database install can either be pre-existing or run on CoreOS via a [Docker container]({{site.baseurl}}/docs/enterprise-registry/mysql-container). ## Setting up Redis @@ -59,14 +59,14 @@ paths to the directories created above: sudo docker run --restart=always -p 443:443 -p 80:80 --privileged=true -v /local/path/to/the/config/directory:/conf/stack -v /local/path/to/the/storage/directory:/datastorage -d quay.io/coreos/registry ``` -Enterprise Registry Setup Screen +Enterprise Registry Setup Screen Once started, visit: http://yourhost/setup, wait for the page to load (it may take a minute or two) and follow instructions there to setup the enterprise registry. **NOTE**: The Enterprise Registry will restart itself a few times during this setup process. If the container does not automatically come back up, simply run the command above again. -Enterprise Registry Restart +Enterprise Registry Restart ## Verifying the Registry status diff --git a/launching-containers/building/customizing-docker/index.md b/launching-containers/building/customizing-docker/index.md index 177b6e72a..1834f8abd 100644 --- a/launching-containers/building/customizing-docker/index.md +++ b/launching-containers/building/customizing-docker/index.md @@ -44,7 +44,7 @@ docker -H tcp://127.0.0.1:2375 ps ### Cloud-Config -To enable the remote API on every CoreOS machine in a cluster, use [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config). We need to provide the new socket file and Docker's socket activation support will automatically start using the socket: +To enable the remote API on every CoreOS machine in a cluster, use [cloud-config]({{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config). We need to provide the new socket file and Docker's socket activation support will automatically start using the socket: ```yaml #cloud-config @@ -76,7 +76,7 @@ To keep access to the port local, replace the `ListenStream` configuration above ## Use Attached Storage for Docker Images -Docker containers can be very large and debugging a build process makes it easy to accumulate hundreds of containers. It's advantageous to use attached storage to expand your capacity for container images. Check out the guide to [mounting storage to your CoreOS machine]({{site.url}}/docs/cluster-management/setup/mounting-storage/#use-attached-storage-for-docker) for an example of how to bind mount storage into `/var/lib/docker`. +Docker containers can be very large and debugging a build process makes it easy to accumulate hundreds of containers. It's advantageous to use attached storage to expand your capacity for container images. Check out the guide to [mounting storage to your CoreOS machine]({{site.baseurl}}/docs/cluster-management/setup/mounting-storage/#use-attached-storage-for-docker) for an example of how to bind mount storage into `/var/lib/docker`. ## Enabling the docker Debug Flag @@ -223,4 +223,4 @@ coreos: A json file `.dockercfg` can be created in your home directory that holds authentication information for a public or private docker registry. -Read more about [registry authentication]({{site.url}}/docs/launching-containers/building/registry-authentication). \ No newline at end of file +Read more about [registry authentication]({{site.baseurl}}/docs/launching-containers/building/registry-authentication). \ No newline at end of file diff --git a/launching-containers/building/getting-started-with-docker/index.md b/launching-containers/building/getting-started-with-docker/index.md index 5b0b405d7..8bb3c9d00 100644 --- a/launching-containers/building/getting-started-with-docker/index.md +++ b/launching-containers/building/getting-started-with-docker/index.md @@ -11,7 +11,7 @@ weight: 5 Docker is an open-source project that makes creating and managing Linux containers really easy. Containers are like extremely lightweight VMs – they allow code to run in isolation from other containers but safely share the machine’s resources, all without the overhead of a hypervisor. -Docker containers can boot extremely fast (in milliseconds!) which gives you unprecedented flexibility in managing load across your cluster. For example, instead of running chef on each of your VMs, it’s faster and more reliable to have your build system create a container and launch it on the appropriate number of CoreOS hosts. This guide will show you how to launch a container, install some software on it, commit that container, and optionally launch it on another CoreOS machine. Before starting, make sure you've got at least one CoreOS machine up and running — try it on [Amazon EC2]({{site.url}}/docs/running-coreos/cloud-providers/ec2/) or locally with [Vagrant]({{site.url}}/docs/running-coreos/platforms/vagrant). +Docker containers can boot extremely fast (in milliseconds!) which gives you unprecedented flexibility in managing load across your cluster. For example, instead of running chef on each of your VMs, it’s faster and more reliable to have your build system create a container and launch it on the appropriate number of CoreOS hosts. This guide will show you how to launch a container, install some software on it, commit that container, and optionally launch it on another CoreOS machine. Before starting, make sure you've got at least one CoreOS machine up and running — try it on [Amazon EC2]({{site.baseurl}}/docs/running-coreos/cloud-providers/ec2/) or locally with [Vagrant]({{site.baseurl}}/docs/running-coreos/platforms/vagrant). ## Docker CLI Basics @@ -73,7 +73,7 @@ When running docker containers manually, the most important option is to run the docker run -d coreos/apache [process] ``` -After you are comfortable with the mechanics of running containers by hand, it's recommended to use [systemd units]({{site.url}}/docs/launching-containers/launching/getting-started-with-systemd) and/or [fleet]({{site.url}}/docs/launching-containers/launching/launching-containers-fleet) to run your containers on a cluster of CoreOS machines. +After you are comfortable with the mechanics of running containers by hand, it's recommended to use [systemd units]({{site.baseurl}}/docs/launching-containers/launching/getting-started-with-systemd) and/or [fleet]({{site.baseurl}}/docs/launching-containers/launching/launching-containers-fleet) to run your containers on a cluster of CoreOS machines. Do not run containers with detached mode inside of systemd unit files. Detached mode prevents your init system, in our case systemd, from monitoring the process that owns the container because detached mode forks it into the background. To prevent this issue, just omit the `-d` flag if you aren't running something manually. @@ -95,7 +95,7 @@ docker run -d coreos/apache /usr/sbin/apache2ctl -D FOREGROUND While the sections above explained how to run a container when configuring it, for a production setup, you should not manually start and babysit containers. -Instead, create a systemd unit file to make systemd keep that container running. See the [Getting Started with systemd]({{site.url}}/docs/launching-containers/launching/getting-started-with-systemd) for details. +Instead, create a systemd unit file to make systemd keep that container running. See the [Getting Started with systemd]({{site.baseurl}}/docs/launching-containers/launching/getting-started-with-systemd) for details. ### Network Access to 80 @@ -134,6 +134,6 @@ docker run -d -p 80:80 registry.example.com:5000/apache /usr/sbin/apache2ctl -D ``` #### More Information -Docker Overview +Docker Overview Docker Website docker's Getting Started Guide diff --git a/launching-containers/launching/getting-started-with-systemd/index.md b/launching-containers/launching/getting-started-with-systemd/index.md index e7dcc388d..03f3dae47 100644 --- a/launching-containers/launching/getting-started-with-systemd/index.md +++ b/launching-containers/launching/getting-started-with-systemd/index.md @@ -66,8 +66,8 @@ Feb 11 17:46:28 localhost docker[23470]: Hello World ... ``` -Overview of systemctl -Reading the System Log +Overview of systemctl +Reading the System Log ## Advanced Unit Files diff --git a/launching-containers/launching/launching-containers-fleet/index.md b/launching-containers/launching/launching-containers-fleet/index.md index f77fa6702..b3b4724fe 100644 --- a/launching-containers/launching/launching-containers-fleet/index.md +++ b/launching-containers/launching/launching-containers-fleet/index.md @@ -9,11 +9,11 @@ weight: 2 # Launching Containers with fleet -`fleet` is a cluster manager that controls `systemd` at the cluster level. To run your services in the cluster, you must submit regular systemd units combined with a few [fleet-specific properties]({{site.url}}/docs/launching-containers/launching/fleet-unit-files/). +`fleet` is a cluster manager that controls `systemd` at the cluster level. To run your services in the cluster, you must submit regular systemd units combined with a few [fleet-specific properties]({{site.baseurl}}/docs/launching-containers/launching/fleet-unit-files/). -If you're not familiar with systemd units, check out our [Getting Started with systemd]({{site.url}}/docs/launching-containers/launching/getting-started-with-systemd) guide. +If you're not familiar with systemd units, check out our [Getting Started with systemd]({{site.baseurl}}/docs/launching-containers/launching/getting-started-with-systemd) guide. -This guide assumes you're running `fleetctl` locally from a CoreOS machine that's part of a CoreOS cluster. You can also [control your cluster remotely]({{site.url}}/docs/launching-containers/launching/fleet-using-the-client/#get-up-and-running). All of the units referenced in this blog post are contained in the [unit-examples](https://github.com/coreos/unit-examples/tree/master/simple-fleet) repository. You can clone this onto your CoreOS box to make unit submission easier. +This guide assumes you're running `fleetctl` locally from a CoreOS machine that's part of a CoreOS cluster. You can also [control your cluster remotely]({{site.baseurl}}/docs/launching-containers/launching/fleet-using-the-client/#get-up-and-running). All of the units referenced in this blog post are contained in the [unit-examples](https://github.com/coreos/unit-examples/tree/master/simple-fleet) repository. You can clone this onto your CoreOS box to make unit submission easier. ## Types of Fleet Units @@ -51,7 +51,7 @@ standard-unit.service 148a18ff.../10.10.1.1 active running ## Run a Container in the Cluster -Running a single container is very easy. All you need to do is provide a regular unit file without an `[Install]` section. Let's run the same unit from the [Getting Started with systemd]({{site.url}}/docs/launching-containers/launching/getting-started-with-systemd) guide. First save these contents as `myapp.service` on the CoreOS machine: +Running a single container is very easy. All you need to do is provide a regular unit file without an `[Install]` section. Let's run the same unit from the [Getting Started with systemd]({{site.baseurl}}/docs/launching-containers/launching/getting-started-with-systemd) guide. First save these contents as `myapp.service` on the CoreOS machine: ```ini [Unit] @@ -118,7 +118,7 @@ ExecStop=/usr/bin/docker stop apache1 Conflicts=apache@*.service ``` -The `Conflicts` attribute tells `fleet` that these two services can't be run on the same machine, giving us high availability. A full list of options for this section can be found in the [fleet units guide]({{site.url}}/docs/launching-containers/launching/fleet-unit-files/). +The `Conflicts` attribute tells `fleet` that these two services can't be run on the same machine, giving us high availability. A full list of options for this section can be found in the [fleet units guide]({{site.baseurl}}/docs/launching-containers/launching/fleet-unit-files/). Let's start both units and verify that they're on two different machines: @@ -159,9 +159,9 @@ This unit has a few interesting properties. First, it uses `BindsTo` to link the Second is `%i`, a variable built into systemd that represents the instance name of an instantiated unit (a unit launched from a template). This variable expands to any value after the `@` in the unit's name. In our case, it will expand to `1` (for `apache-discovery@1`) and `2` (for `apache-discovery@2`). -Third is `%H`, a variable built into systemd, that represents the hostname of the machine running this unit. Variable usage is covered in our [Getting Started with systemd]({{site.url}}/docs/launching-containers/launching/getting-started-with-systemd/#unit-variables) guide as well as in [systemd documentation](http://www.freedesktop.org/software/systemd/man/systemd.unit.html#Specifiers). +Third is `%H`, a variable built into systemd, that represents the hostname of the machine running this unit. Variable usage is covered in our [Getting Started with systemd]({{site.baseurl}}/docs/launching-containers/launching/getting-started-with-systemd/#unit-variables) guide as well as in [systemd documentation](http://www.freedesktop.org/software/systemd/man/systemd.unit.html#Specifiers). -The fourth is a [fleet-specific property]({{site.url}}/docs/launching-containers/launching/fleet-unit-files/) called `MachineOf`. This property causes the unit to be placed onto the same machine that the corresponding apache service is running on (e.g., `apache-discovery@1.service` will be scheduled on the same machine as `apache@1.service`). +The fourth is a [fleet-specific property]({{site.baseurl}}/docs/launching-containers/launching/fleet-unit-files/) called `MachineOf`. This property causes the unit to be placed onto the same machine that the corresponding apache service is running on (e.g., `apache-discovery@1.service` will be scheduled on the same machine as `apache@1.service`). Let's verify that each unit was placed on to the same machine as the Apache service is bound to: @@ -191,7 +191,7 @@ $ etcdctl get /services/website/apache@1 ## Run an External Service Sidekick -If you're running in the cloud, many services have APIs that can be automated based on actions in the cluster. For example, you may update DNS records or add new containers to a cloud load balancer. Our [Example Deployment with fleet]({{site.url}}/docs/launching-containers/launching/fleet-example-deployment/#service-files) contains a pre-made presence container that updates an Amazon Elastic Load Balancer with new backends. +If you're running in the cloud, many services have APIs that can be automated based on actions in the cluster. For example, you may update DNS records or add new containers to a cloud load balancer. Our [Example Deployment with fleet]({{site.baseurl}}/docs/launching-containers/launching/fleet-example-deployment/#service-files) contains a pre-made presence container that updates an Amazon Elastic Load Balancer with new backends. @@ -242,7 +242,7 @@ Global units can deployed to a subset of matching machines with the `MachineMeta Applications with complex and specific requirements can target a subset of the cluster for scheduling via machine metadata. Powerful deployment topologies can be achieved — schedule units based on the machine's region, rack location, disk speed or anything else you can think of. -Metadata can be provided via [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/#coreos) or a [config file](https://github.com/coreos/fleet/blob/master/Documentation/deployment-and-configuration.md). Here's an example config file: +Metadata can be provided via [cloud-config]({{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config/#coreos) or a [config file](https://github.com/coreos/fleet/blob/master/Documentation/deployment-and-configuration.md). Here's an example config file: ```ini # Comma-delimited key/value pairs that are published to the fleet registry. @@ -295,6 +295,6 @@ MachineMetadata=region=east ``` #### More Information -Example Deployment with fleet -fleet Unit Specifications +Example Deployment with fleet +fleet Unit Specifications fleet Configuration diff --git a/launching-containers/launching/overview-of-systemctl/index.md b/launching-containers/launching/overview-of-systemctl/index.md index 231ccb0e8..7f07923ad 100644 --- a/launching-containers/launching/overview-of-systemctl/index.md +++ b/launching-containers/launching/overview-of-systemctl/index.md @@ -9,7 +9,7 @@ weight: 5 # Overview of systemctl -`systemctl` is your interface to systemd, the init system used in CoreOS. All processes on a single machine are started and managed by systemd, including your docker containers. You can learn more in our [Getting Started with systemd]({{site.url}}/docs/launching-containers/launching/getting-started-with-systemd) guide. Let's explore a few helpful `systemctl` commands. You must run all of these commands locally on the CoreOS machine: +`systemctl` is your interface to systemd, the init system used in CoreOS. All processes on a single machine are started and managed by systemd, including your docker containers. You can learn more in our [Getting Started with systemd]({{site.baseurl}}/docs/launching-containers/launching/getting-started-with-systemd) guide. Let's explore a few helpful `systemctl` commands. You must run all of these commands locally on the CoreOS machine: ## Find the Status of a Container @@ -80,6 +80,6 @@ sudo systemctl daemon-reload ``` #### More Information -Getting Started with systemd +Getting Started with systemd systemd.service Docs systemd.unit Docs diff --git a/quickstart/index.md b/quickstart/index.md index d8d668c60..b9c40794f 100644 --- a/quickstart/index.md +++ b/quickstart/index.md @@ -6,7 +6,7 @@ title: CoreOS Quick Start # Quick Start -If you don't have a CoreOS machine running, check out the guides on [running CoreOS]({{site.url}}/docs/#running-coreos) on most cloud providers ([EC2]({{site.url}}/docs/running-coreos/cloud-providers/ec2), [Rackspace]({{site.url}}/docs/running-coreos/cloud-providers/rackspace), [GCE]({{site.url}}/docs/running-coreos/cloud-providers/google-compute-engine)), virtualization platforms ([Vagrant]({{site.url}}/docs/running-coreos/platforms/vagrant), [VMware]({{site.url}}/docs/running-coreos/platforms/vmware), [OpenStack]({{site.url}}/docs/running-coreos/platforms/openstack), [QEMU/KVM]({{site.url}}/docs/running-coreos/platforms/qemu)) and bare metal servers ([PXE]({{site.url}}/docs/running-coreos/bare-metal/booting-with-pxe), [iPXE]({{site.url}}/docs/running-coreos/bare-metal/booting-with-ipxe), [ISO]({{site.url}}/docs/running-coreos/platforms/iso), [Installer]({{site.url}}/docs/running-coreos/bare-metal/installing-to-disk)). With any of these guides you will have machines up and running in a few minutes. +If you don't have a CoreOS machine running, check out the guides on [running CoreOS]({{site.baseurl}}/docs/#running-coreos) on most cloud providers ([EC2]({{site.baseurl}}/docs/running-coreos/cloud-providers/ec2), [Rackspace]({{site.baseurl}}/docs/running-coreos/cloud-providers/rackspace), [GCE]({{site.baseurl}}/docs/running-coreos/cloud-providers/google-compute-engine)), virtualization platforms ([Vagrant]({{site.baseurl}}/docs/running-coreos/platforms/vagrant), [VMware]({{site.baseurl}}/docs/running-coreos/platforms/vmware), [OpenStack]({{site.baseurl}}/docs/running-coreos/platforms/openstack), [QEMU/KVM]({{site.baseurl}}/docs/running-coreos/platforms/qemu)) and bare metal servers ([PXE]({{site.baseurl}}/docs/running-coreos/bare-metal/booting-with-pxe), [iPXE]({{site.baseurl}}/docs/running-coreos/bare-metal/booting-with-ipxe), [ISO]({{site.baseurl}}/docs/running-coreos/platforms/iso), [Installer]({{site.baseurl}}/docs/running-coreos/bare-metal/installing-to-disk)). With any of these guides you will have machines up and running in a few minutes. It's highly recommended that you set up a cluster of at least 3 machines — it's not as much fun on a single machine. If you don't want to break the bank, [Vagrant][vagrant-guide] allows you to run an entire cluster on your laptop. For a cluster to be properly bootstrapped, you have to provide cloud-config via user-data, which is covered in each platform's guide. @@ -44,7 +44,7 @@ CoreOS (beta) The first building block of CoreOS is service discovery with **etcd** ([docs][etcd-docs]). Data stored in etcd is distributed across all of your machines running CoreOS. For example, each of your app containers can announce itself to a proxy container, which would automatically know which machines should receive traffic. Building service discovery into your application allows you to add more machines and scale your services seamlessly. -If you used an example [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config) from a guide linked in the first paragraph, etcd is automatically started on boot. +If you used an example [cloud-config]({{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config) from a guide linked in the first paragraph, etcd is automatically started on boot. A good starting point would be something like: @@ -85,8 +85,8 @@ curl -L http://127.0.0.1:4001/v2/keys/message If you followed a guide to set up more than one CoreOS machine, you can SSH into another machine and can retrieve this same value. #### More Detailed Information -View Complete Guide -Read etcd API Docs +View Complete Guide +Read etcd API Docs ## Container Management with docker @@ -105,14 +105,14 @@ docker run -i -t busybox /bin/sh ``` #### More Detailed Information -View Complete Guide +View Complete Guide Read docker Docs ## Process Management with fleet The third building block of CoreOS is **fleet**, a distributed init system for your cluster. You should use fleet to manage the life cycle of your docker containers. -Fleet works by receiving [systemd unit files]({{site.url}}/docs/launching-containers/launching/getting-started-with-systemd/) and scheduling them onto machines in the cluster based on declared conflicts and other preferences encoded in the unit file. Using the `fleetctl` tool, you can query the status of a unit, remotely access its logs and more. +Fleet works by receiving [systemd unit files]({{site.baseurl}}/docs/launching-containers/launching/getting-started-with-systemd/) and scheduling them onto machines in the cluster based on declared conflicts and other preferences encoded in the unit file. Using the `fleetctl` tool, you can query the status of a unit, remotely access its logs and more. First, let's construct a simple systemd unit that runs a docker container. Save this as `hello.service` in the home directory: @@ -132,7 +132,7 @@ ExecStart=/usr/bin/docker run --name hello busybox /bin/sh -c "while true; do ec ExecStop=/usr/bin/docker stop hello ``` -The [Getting Started with systemd]({{site.url}}/docs/launching-containers/launching/getting-started-with-systemd) guide explains the format of this file in more detail. +The [Getting Started with systemd]({{site.baseurl}}/docs/launching-containers/launching/getting-started-with-systemd) guide explains the format of this file in more detail. Then load and start the unit: @@ -169,5 +169,5 @@ fleetctl destroy hello.service Fleet has many more features that you can explore in the guides below. #### More Detailed Information -View Complete Guide -View Getting Started with systemd Guide +View Complete Guide +View Getting Started with systemd Guide diff --git a/running-coreos/bare-metal/booting-with-ipxe/index.md b/running-coreos/bare-metal/booting-with-ipxe/index.md index f787d4cb0..10a2b82ea 100644 --- a/running-coreos/bare-metal/booting-with-ipxe/index.md +++ b/running-coreos/bare-metal/booting-with-ipxe/index.md @@ -10,7 +10,7 @@ weight: 5 # Booting CoreOS via iPXE -CoreOS is currently in heavy development and actively being tested. These instructions will walk you through booting CoreOS via iPXE on real or virtual hardware. By default, this will run CoreOS completely out of RAM. CoreOS can also be [installed to disk]({{site.url}}/docs/running-coreos/bare-metal/installing-to-disk). +CoreOS is currently in heavy development and actively being tested. These instructions will walk you through booting CoreOS via iPXE on real or virtual hardware. By default, this will run CoreOS completely out of RAM. CoreOS can also be [installed to disk]({{site.baseurl}}/docs/running-coreos/bare-metal/installing-to-disk). ## Configuring pxelinux @@ -102,16 +102,16 @@ Since our upgrade process requires a disk, this image does not have the option t ## Installation -CoreOS can be completely installed on disk or run from RAM but store user data on disk. Read more in our [Installing CoreOS guide]({{site.url}}/docs/running-coreos/bare-metal/booting-with-pxe/#installation). +CoreOS can be completely installed on disk or run from RAM but store user data on disk. Read more in our [Installing CoreOS guide]({{site.baseurl}}/docs/running-coreos/bare-metal/booting-with-pxe/#installation). ## Adding a Custom OEM -Similar to the [OEM partition][oem] in CoreOS disk images, iPXE images can be customized with a [cloud config][cloud-config] bundled in the initramfs. You can view the [instructions on the PXE docs]({{site.url}}/docs/running-coreos/bare-metal/booting-with-pxe/#adding-a-custom-oem). +Similar to the [OEM partition][oem] in CoreOS disk images, iPXE images can be customized with a [cloud config][cloud-config] bundled in the initramfs. You can view the [instructions on the PXE docs]({{site.baseurl}}/docs/running-coreos/bare-metal/booting-with-pxe/#adding-a-custom-oem). -[oem]: {{site.url}}/docs/sdk-distributors/distributors/notes-for-distributors/#image-customization -[cloud-config]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/ +[oem]: {{site.baseurl}}/docs/sdk-distributors/distributors/notes-for-distributors/#image-customization +[cloud-config]: {{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config/ ## Using CoreOS Now that you have a machine booted it is time to play around. -Check out the [CoreOS Quickstart]({{site.url}}/docs/quickstart) guide or dig into [more specific topics]({{site.url}}/docs). +Check out the [CoreOS Quickstart]({{site.baseurl}}/docs/quickstart) guide or dig into [more specific topics]({{site.baseurl}}/docs). diff --git a/running-coreos/bare-metal/booting-with-pxe/index.md b/running-coreos/bare-metal/booting-with-pxe/index.md index 6c771461f..ee1773b1e 100644 --- a/running-coreos/bare-metal/booting-with-pxe/index.md +++ b/running-coreos/bare-metal/booting-with-pxe/index.md @@ -10,7 +10,7 @@ weight: 5 # Booting CoreOS via PXE -These instructions will walk you through booting CoreOS via PXE on real or virtual hardware. By default, this will run CoreOS completely out of RAM. CoreOS can also be [installed to disk]({{site.url}}/docs/running-coreos/bare-metal/installing-to-disk). +These instructions will walk you through booting CoreOS via PXE on real or virtual hardware. By default, this will run CoreOS completely out of RAM. CoreOS can also be [installed to disk]({{site.baseurl}}/docs/running-coreos/bare-metal/installing-to-disk). ## Configuring pxelinux @@ -68,13 +68,13 @@ ssh_authorized_keys: - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAYQC2PxAKTLdczK9+RNsGGPsz0eC2pBlydBEcrbI7LSfiN7Bo5hQQVjki+Xpnp8EEYKpzu6eakL8MJj3E28wT/vNklT1KyMZrXnVhtsmOtBKKG/++odpaavdW2/AU0l7RZiE= ``` -You can view all of the [cloud-config options here]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/). +You can view all of the [cloud-config options here]({{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config/). Note: The `$private_ipv4` and `$public_ipv4` substitution variables referenced in other documents are *not* supported on PXE systems. ### Choose a Channel -CoreOS is [released]({{site.url}}/releases/) into alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. +CoreOS is [released]({{site.baseurl}}/releases/) into alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. PXE booted machines cannot currently update themselves when new versions are released to a channel. To update to the latest version of CoreOS download/verify these files again and reboot. @@ -87,7 +87,7 @@ PXE booted machines cannot currently update themselves when new versions are rel

    In the config above you can see that a Kernel image and a initramfs file is needed. Download these two files into your tftp root.

    -

    The coreos_production_pxe.vmlinuz.sig and coreos_production_pxe_image.cpio.gz.sig files can be used to verify the downloaded files.

    +

    The coreos_production_pxe.vmlinuz.sig and coreos_production_pxe_image.cpio.gz.sig files can be used to verify the downloaded files.

     cd /var/lib/tftpboot
 wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_pxe.vmlinuz
@@ -100,7 +100,7 @@ gpg --verify coreos_production_pxe_image.cpio.gz.sig

    In the config above you can see that a Kernel image and a initramfs file is needed. Download these two files into your tftp root.

    -

    The coreos_production_pxe.vmlinuz.sig and coreos_production_pxe_image.cpio.gz.sig files can be used to verify the downloaded files.

    +

    The coreos_production_pxe.vmlinuz.sig and coreos_production_pxe_image.cpio.gz.sig files can be used to verify the downloaded files.

     cd /var/lib/tftpboot
 wget http://beta.release.core-os.net/amd64-usr/current/coreos_production_pxe.vmlinuz
@@ -113,7 +113,7 @@ gpg --verify coreos_production_pxe_image.cpio.gz.sig

    In the config above you can see that a Kernel image and a initramfs file is needed. Download these two files into your tftp root.

    -

    The coreos_production_pxe.vmlinuz.sig and coreos_production_pxe_image.cpio.gz.sig files can be used to verify the downloaded files.

    +

    The coreos_production_pxe.vmlinuz.sig and coreos_production_pxe_image.cpio.gz.sig files can be used to verify the downloaded files.

     cd /var/lib/tftpboot
 wget http://stable.release.core-os.net/amd64-usr/current/coreos_production_pxe.vmlinuz
@@ -169,7 +169,7 @@ mkfs.btrfs -L ROOT /dev/sda1
 
 And add `root=/dev/sda1` or `root=LABEL=ROOT` to the kernel options as documented above.
 
-[install-to-disk]: {{site.url}}/docs/running-coreos/bare-metal/installing-to-disk
+[install-to-disk]: {{site.baseurl}}/docs/running-coreos/bare-metal/installing-to-disk
 
 ## Adding a Custom OEM
 
@@ -195,10 +195,10 @@ usr/share/oem
 usr/share/oem/cloud-config.yml
 ```
 
-[oem]: {{site.url}}/docs/sdk-distributors/distributors/notes-for-distributors/#image-customization
-[cloud-config]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/
+[oem]: {{site.baseurl}}/docs/sdk-distributors/distributors/notes-for-distributors/#image-customization
+[cloud-config]: {{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config/
 
 ## Using CoreOS
 
 Now that you have a machine booted it is time to play around.
-Check out the [CoreOS Quickstart]({{site.url}}/docs/quickstart) guide or dig into [more specific topics]({{site.url}}/docs).
+Check out the [CoreOS Quickstart]({{site.baseurl}}/docs/quickstart) guide or dig into [more specific topics]({{site.baseurl}}/docs).
diff --git a/running-coreos/bare-metal/installing-to-disk/index.md b/running-coreos/bare-metal/installing-to-disk/index.md
index e56e77974..5ea7b90d3 100644
--- a/running-coreos/bare-metal/installing-to-disk/index.md
+++ b/running-coreos/bare-metal/installing-to-disk/index.md
@@ -15,7 +15,7 @@ weight: 7
 There is a simple installer that will destroy everything on the given target disk and install CoreOS.
 Essentially it downloads an image, verifies it with gpg and then copies it bit for bit to disk.
 
-The script is self-contained and located [on GitHub here](https://raw.github.com/coreos/init/master/bin/coreos-install "coreos-install") and can be run from any Linux distribution. You cannot normally install CoreOS to the same device that is currently booted. However, the [CoreOS ISO]({{site.url}}/docs/running-coreos/platforms/iso/) or any Linux liveCD will allow CoreOS to install to a non-active device. 
+The script is self-contained and located [on GitHub here](https://raw.github.com/coreos/init/master/bin/coreos-install "coreos-install") and can be run from any Linux distribution. You cannot normally install CoreOS to the same device that is currently booted. However, the [CoreOS ISO]({{site.baseurl}}/docs/running-coreos/platforms/iso/) or any Linux liveCD will allow CoreOS to install to a non-active device. 
 
 If you boot CoreOS via PXE, the install script is already installed. By default the install script will attempt to install the same version and channel that was PXE-booted:
 
@@ -48,7 +48,7 @@ CoreOS is released into alpha and beta channels. Releases to each channel serve
   
   
    
     
    
-      
    The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.
    
+      
    The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.
    
       
    If you want to ensure you are installing the latest alpha version, use the -C option:
    
       
    coreos-install -d /dev/sda -C alpha
    
     
    
@@ -103,7 +103,7 @@ To start the installation script with a reference to our cloud-config file, run:
 coreos-install -d /dev/sda -C beta -c ~/cloud-config.yaml
 ```
 
-[cloud-config]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config
+[cloud-config]: {{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config
 
 ## Manual Tweaks
 
@@ -116,4 +116,4 @@ mount -o subvol=root /dev/sda9 /mnt/
 ## Using CoreOS
 
 Now that you have a machine booted it is time to play around.
-Check out the [CoreOS Quickstart]({{site.url}}/docs/quickstart) guide or dig into [more specific topics]({{site.url}}/docs).
+Check out the [CoreOS Quickstart]({{site.baseurl}}/docs/quickstart) guide or dig into [more specific topics]({{site.baseurl}}/docs).
diff --git a/running-coreos/cloud-providers/auro/index.md b/running-coreos/cloud-providers/auro/index.md
index 09132318a..32318e5c6 100644
--- a/running-coreos/cloud-providers/auro/index.md
+++ b/running-coreos/cloud-providers/auro/index.md
@@ -36,7 +36,7 @@ CoreOS allows you to configure machine parameters, launch systemd units on
 startup and more via [cloud-config][cloud-config].  We're going to provide the
 `cloud-config` data via the `user-data` flag.
 
-[cloud-config]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config
+[cloud-config]: {{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config
 
 You are able to supply the `user-data` using the AURO control panel when launching
 an instance, in the "Post Creation" tab, as well as using the CLI to deploy your
@@ -117,7 +117,7 @@ cluster using the `nova` CLI command.
   
   
    
     
    
-      
    The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.
    
+      
    The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.
    
       
    nova boot --user-data ./cloud-config.yaml --image "CoreOS Alpha {{site.alpha-channel}}" --key-name coreos-key --flavor standard-1 --num-instances 3 --security-groups default coreos
    
     
    
     
    
@@ -158,4 +158,4 @@ new discovery token. Change the token value on the etcd discovery parameter in t
 ## Using CoreOS
 
 Now that you have instances booted it is time to play around.
-Check out the [CoreOS Quickstart]({{site.url}}/docs/quickstart) guide or dig into [more specific topics]({{site.url}}/docs).
+Check out the [CoreOS Quickstart]({{site.baseurl}}/docs/quickstart) guide or dig into [more specific topics]({{site.baseurl}}/docs).
diff --git a/running-coreos/cloud-providers/azure/index.md b/running-coreos/cloud-providers/azure/index.md
index e72858831..93a871b68 100644
--- a/running-coreos/cloud-providers/azure/index.md
+++ b/running-coreos/cloud-providers/azure/index.md
@@ -28,7 +28,7 @@ The following command will create a single instance. For more details, check out
   
    
     
    
       
    
-        
    The alpha channel closely tracks master and frequently has new releases. The newest versions of docker, etcd, and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.
    
+        
    The alpha channel closely tracks master and frequently has new releases. The newest versions of docker, etcd, and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.
    
         
    azure vm create --custom-data=cloud-config.yaml --vm-size=Small --ssh=22 --ssh-cert=path/to/cert --no-ssh-password --vm-name=node-1 --location="West US" my-cloud-service 2b171e93f07c4903bcad35bda10acf22__CoreOS-Alpha-{{site.alpha-channel}} core
    
       
    
     
    
@@ -47,9 +47,9 @@ The following command will create a single instance. For more details, check out
   
    
 
    
 
-[update-docs]: {{site.url}}/using-coreos/updates
-[reboot-docs]: {{site.url}}/docs/cluster-management/debugging/prevent-reboot-after-update
-[release-notes]: {{site.url}}/releases
+[update-docs]: {{site.baseurl}}/using-coreos/updates
+[reboot-docs]: {{site.baseurl}}/docs/cluster-management/debugging/prevent-reboot-after-update
+[release-notes]: {{site.baseurl}}/releases
 
 ## Cloud-Config
 
@@ -88,7 +88,7 @@ supported in cloud-config on Azure. The private address is the address of the
 single network interface of the instance and the public address is the address
 of the cloud service to which the instance belongs.
 
-[cloud-config-docs]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config
+[cloud-config-docs]: {{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config
 
 ### Adding More Machines
 To add more instances to the cluster, just launch more with the same
@@ -155,5 +155,5 @@ Now that you have a machine booted it is time to play around.
 Check out the [CoreOS Quickstart][quick-start] guide or dig into
 [more specific topics][docs].
 
-[quick-start]: {{site.url}}/docs/quickstart
-[docs]: {{site.url}}/docs
+[quick-start]: {{site.baseurl}}/docs/quickstart
+[docs]: {{site.baseurl}}/docs
diff --git a/running-coreos/cloud-providers/brightbox/index.md b/running-coreos/cloud-providers/brightbox/index.md
index c692caa1b..d0a3d179e 100644
--- a/running-coreos/cloud-providers/brightbox/index.md
+++ b/running-coreos/cloud-providers/brightbox/index.md
@@ -91,7 +91,7 @@ CoreOS allows you to configure machine parameters, launch systemd units on
 startup and more via [cloud-config][cloud-config].  We're going to provide the
 `cloud-config` data via the `user-data-file` flag.
 
-[cloud-config]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config
+[cloud-config]: {{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config
 
 A sample common `cloud-config` file will look something like the following:
 
@@ -157,5 +157,5 @@ If you don’t have ipv6, you’ll need to [create and map a Cloud IP](http://br
 ## Using CoreOS
 
 Now that you have a cluster bootstrapped it is time to play around.
-Check out the [CoreOS Quickstart]({{site.url}}/docs/quickstart) guide or dig into [more specific topics]({{site.url}}/docs).
+Check out the [CoreOS Quickstart]({{site.baseurl}}/docs/quickstart) guide or dig into [more specific topics]({{site.baseurl}}/docs).
 
diff --git a/running-coreos/cloud-providers/digitalocean/index.md b/running-coreos/cloud-providers/digitalocean/index.md
index d0c03a064..e7da3fe50 100644
--- a/running-coreos/cloud-providers/digitalocean/index.md
+++ b/running-coreos/cloud-providers/digitalocean/index.md
@@ -28,7 +28,7 @@ The following command will create a single droplet. For more details, check out
   
    
     
    
       
    
-        
    The alpha channel closely tracks master and frequently has new releases. The newest versions of docker, etcd, and fleet will be available for testing. Current version is CoreOS {{site.data.alpha-channel.do-version}}.
    
+        
    The alpha channel closely tracks master and frequently has new releases. The newest versions of docker, etcd, and fleet will be available for testing. Current version is CoreOS {{site.data.alpha-channel.do-version}}.
    
         Launch CoreOS Droplet

    
         
    Launch via DigitalOcean API by specifying $REGION, $SIZE and $SSH_KEY_ID:
    
         
    curl --request POST "https://api.digitalocean.com/v2/droplets" \
@@ -79,9 +79,9 @@ The following command will create a single droplet. For more details, check out
   
    
 
    
 
-[update-docs]: {{site.url}}/using-coreos/updates
-[reboot-docs]: {{site.url}}/docs/cluster-management/debugging/prevent-reboot-after-update
-[release-notes]: {{site.url}}/releases
+[update-docs]: {{site.baseurl}}/using-coreos/updates
+[reboot-docs]: {{site.baseurl}}/docs/cluster-management/debugging/prevent-reboot-after-update
+[release-notes]: {{site.baseurl}}/releases
 
 ## Cloud-Config
 
@@ -121,7 +121,7 @@ supported in cloud-config on DigitalOcean. In order for `$private_ipv4` to be
 populated, the droplet must have private networking enabled.
 
 [do-cloud-config]: https://developers.digitalocean.com/#droplets
-[cloud-config-docs]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config
+[cloud-config-docs]: {{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config
 
 ### Adding More Machines
 To add more instances to the cluster, just launch more with the same
@@ -137,7 +137,7 @@ To connect to a droplet after it's created, run:
 ssh core@
 ```
 
-Optionally, you may want to [configure your ssh-agent]({{site.url}}/docs/launching-containers/launching/fleet-using-the-client/#remote-fleet-access) to more easily run [fleet commands]({{site.url}}/docs/launching-containers/launching/launching-containers-fleet/).
+Optionally, you may want to [configure your ssh-agent]({{site.baseurl}}/docs/launching-containers/launching/fleet-using-the-client/#remote-fleet-access) to more easily run [fleet commands]({{site.baseurl}}/docs/launching-containers/launching/launching-containers-fleet/).
 
 ## Launching Droplets
 
@@ -235,5 +235,5 @@ Now that you have a machine booted it is time to play around.
 Check out the [CoreOS Quickstart][quick-start] guide or dig into
 [more specific topics][docs].
 
-[quick-start]: {{site.url}}/docs/quickstart
-[docs]: {{site.url}}/docs
+[quick-start]: {{site.baseurl}}/docs/quickstart
+[docs]: {{site.baseurl}}/docs
diff --git a/running-coreos/cloud-providers/ec2/index.md b/running-coreos/cloud-providers/ec2/index.md
index 523e8dec7..3f8279a82 100644
--- a/running-coreos/cloud-providers/ec2/index.md
+++ b/running-coreos/cloud-providers/ec2/index.md
@@ -20,7 +20,7 @@ The current AMIs for all CoreOS channels and EC2 regions are listed below and up
 
 ## Choosing a Channel
 
-CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updates) with different schedules per channel. You can [disable this feature]({{site.url}}/docs/cluster-management/debugging/prevent-reboot-after-update), although we don't recommend it. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes.
+CoreOS is designed to be [updated automatically]({{site.baseurl}}/using-coreos/updates) with different schedules per channel. You can [disable this feature]({{site.baseurl}}/docs/cluster-management/debugging/prevent-reboot-after-update), although we don't recommend it. Read the [release notes]({{site.baseurl}}/releases) for specific features and bug fixes.
 
 
    
   
      
@@ -31,7 +31,7 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat
   
      
     
      
       
      
-        
      The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.
      
+        
      The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.
    C)d__Mz>hrws#IGX*;cqBiO=Xf&=(hrcZ4rC`qVjTJ#Tt3HD;f&`EVOB)d zuQj?Xkl;_-?C!;#F z-&I~Xbj|#?zd2@G>o3<^Z_u?6HQ~>MS*#oW+`%QFY1s|O{{{)rX>lwBDPiAt*#YHC zXW()Q9>!ZH!}xOHsI)k!2Fu{BITT66v>>AaBnX11)9FPpq7mxeBB6IuToSvxu|vr^B`WxrJxvM3K_tgTk~6eC`ZagJ>@V%X z&^wOkc1DB|XS5(DlDwnVJn?BUc)RE@*F(iJx_ImI6V5Jqj(I)EuEBfzxGyuYoh%HI zt{081_ule3KC4W`sZrp3aYPGL!W8xp{aN%U;N?C~(N9yD>9#&X-yx4C_cLGFKU&eV zamilb*FU0*S?yNl9jg#W_M_2Y7%n(0#-`AE$o^vg z2!bMhjd?%YZ&#e9okiW3A7?$`2e3IoZjtc>EdEhmaTCcb_<8pG++L?#+-D*o__GMR z{;*j3gELOkbK;1OVy9Wo1;oSQf0-Qn+mD=(K5_clX@-OjCFIPKP@%T@x6n~Fn;V2) zYJu1Ma&0tW2ZQjHR!WN&qmm*5PNti0Ta~_Z;l=40`|iG6B)obGeit*fesJz=l( z{!gBgZsB#BB$(*QoM=G~!GGbhsxsuH$SGjmf51?Wk9No*Sh#&R?G$*_JKvbzboH;( zH_y2+opHfW(q&g)pSId!Gs*Jd>43c+tXh&bLmIF z_;vWnI+ClD)F&LKTj$sO?v`}q@u#FWyy%%hdk>cV_TD31dBzFpl>hp6dgsw6rfY6c zf~jBi%xiil(<=^nLOSS?4@nQ+;T~1O)LuL9ke=|+`&qsuqs@wyiOK1R8;D2z+_t7a z!I?z7t1dh%ef#Y5(|5lAI|V6IXQGelIZm$odFBj$$Ndzwn^F(;@plw5#4-?!0CC(Cc690MbA$zj($@ zg75jnDQ<5@qZ*jo002M$Nkl@P;=6(=oZcBFAi`OeEHTwfB>NX z>>|AD{qEUUdXL?9O&6c_pXpzZJ0X4OGfLo>zeDG<58N{y{J6ce)9#L4akUQtH>$2J zdMIDhE&^42G8{^G=7;hegJ38oKMyeU?*KICTy$Alt;Dg7rn>E%zWzTx`Y-7VdKLWZ z-}7O`oZIAIQ}TzU=?yRbll0Vmc2C>gsXGC7Si8AdJ&rT}S{nLu<1M%LRoiZxtoJ4{Vd^n&19DoqXo`!YezJOq`rZoSl_D3(_|A z)d_g)F{{_Xzw#fCQa|;Uq5ahPr~JG6sdLlOC!LtuVceC7e^>H9q*ohM&=^^u>J2*eNl6tT;4RlHRrb^R1Q4TPc(xdcDWp%6tJ zY7I(oL3l$5T~=7T^hweU33L6hE99?B9nE3zYrNvS9T@h3BL}`e01RNkMa8}iRy*BI9HpZ&yq(@x`S=mbx57z~@BMJqUD75r3qvL7`DAm zjyt-pL7i4f*UT-@7u25*j!!wxNCq+!P>cuR*K%ABu!Z>2CqL^4ip6inPnm(`%$W;@ zfOOg^M}4kGgw_{mvYZxzmTPVRI%udVT!3Kjl&Il0(=kZM-zSDJ$a6NKa5+zBAP5Vn z0ThBE?G3%JCN~^+df4I_MiYT7$VWFP-%517>;IF6hiV*X=PLa_sy?qH4$u%nwPf zTRI&{iu{^~*FDEhilrV{n`#IgIz}gJB=Xyddp-U^oal)w^IdCt$-jb%UC83s=utlO zY$+OFgKLSdXromKUANOXGhY7#KUvO(l3Rh8U$|c%WU_FH-sL6`avlaNJ>-5z23`8) zUI-@a00Md;Nj#JKf-tM(85UxDpT~933qhc12M(rZaQnmP%J&O@ZNMB~>f;`9th+Ei zI&|Un@h9uiil_{#7}g&dT0kMEFcbtf?ltRdvSjfnt~_Z{&~t4uEC#Bq>&@dQy?!(A zwFqcGUcpyy+*s_j81rOXWdTr7xPKG^IVtYMq%$eHeNYA$*iyNkQ>mm zgk)6hI>&2GNe-G?qQ&oGK7;C^P?$8I-36$}|Eha97PT!(XcBVuR_uA z-HV+keEn=C4m@n&t0(t($b-@aryZYeS+z<@2HJfnBV?zs8SO^K;xS2ARkDt*4?W_2 z>5PxPJw0g1>m2X4?bhiHFL_pa-Jcz**JiFVPs^7rP0N<{C#FIBoi^Vjz5ON6NPqRd zk2{HgWDkX1$V9ucKVLkrEPs?Chk)b=e1fnu*PJG7w!yvGJHHm4QU{N;Cyefddh8GXzxp zmHIDz%A?cf0}{0;z3rX0NH2QE6aBg2=38YW+WAKdf}3u$*# zV#v`aotA!nt#(S)KPRlr$Sd>%BEI)V(hs7KxI&WRQYF^VK0Nt#&*imomNWJ;&r#_o z@S#)7mG9ZA&rWXs5e|vBiVH`4;N$7k54}~pu6IvMu}k55-uTMEWJ9V;S+??bz zwPd+ymcB?-*ubx|DN=ifkbU8eLUwWPw?l4n{P2s8?9KLmJjhcc6fX3 za}P?Voq4vBIu*BM8?)-WCMQVVnNzaG+I0GNf0&+k;68orZMpeo>7Xa<>rdaqAve(B z71#VGopJt8(h(m#UTjT^#e@A}w*mTJizmg4a>RsEWNTQKWNwR^yYp%aB z{rJ)=)9yRnw-3c~+36c!@#6IA!=Dd{dQEh+1KvkJ=w9iPpI>Qza8kSZ2*2z@)WMH2hvCqUE=@+?MWfz>Cs@?yDT0e25h{oEl3}?vzkgppu}nVos68L%PpP*MB+mc(`roIsfAq8T567I8E>!~cB;&Q2Y5hI|7|Fv< znwH(4`#--(Z+QPP>D{k>abNqi1^ZZ z{>xwHYALFDQS z{L%z03{gzss{xF7BEF1IL^OuNf%t-H{Z)L=L|zph zU$poq2Q0on&&pON%UpYVfy{a_{f+#i_*WOYf_8i;QQF^R*PU@u^uLX+CBOFKRH#4V zOO1cabKL6|>C66NdBJy+YwIE6Owr2{1u}T&n)TOme|}i>+A=Kua(jf5PZ`%5mN?jZ zKVM^?cASCFb<_7pgzgu@Z;<%l{-ggsnzn|rJj0PQU4_0y!%Vmhq`O1qmZuBY=pNSG zZa>6^ZD_e4)r7mQo6?o*gP3+lfzY_&xWh{zW~lD)Y;0hlNWcL?7sFsgmzeY+&<-kB z4Wbnc;&m+1DHEC;oX3X5DuPT)5I%*DqY0!glk0Q?95KiRaX-HSH5l?L@*5YTgRrv}AxL$gRgSSC3ZQ<7T@ixX~mCJ=1w7MeJ=Rzv{Dw22gIVw zdEmnR#i0JF*RE(}hGcr{q1W!}b|YdkJp>iWnclV2gA`gx6xBzQmTJG5WUjnh6=~FAeMtybb)pa#HpnZiFmC6Xazmk#n4PRtl(3%QTE7lBzgCpj{&~?fbRV|R->`QcV}eb5V0-4*&|=Kj z$b-%>CgS?B=#J{}e3E1)AjyeY58_^rqyE>=zbKvmKbH+eQEskWp`EC}myd0<`_B&B zZ0^?`^EyLbvj;sSoJ}rUp7wdc>(g21|ELrn2uT8C*TK#78MgRbD(^>< zMSI5w2fiY)PRB|uE-V_DjoINFL{jEg`npG{UEbpNs6WTeYf8( z-Ak|8_UlUZs?rH3kikco+pGThI4A3s@=YNAzr)?POD}rbe(6`IemH&jwa-(6_sxng zx5R7T{n}4nha8IygWIz3MW5^#*$CpYPkQzH)0yA@>EJ5)F0lxi+;!`%Y{SEn6e&)k z?K}VFD9K!Qt6kFk`f4ZZDVd2_BfXML`d;lAOY+mOgB>MHk|JfWlYMr*zmrjB{F+$3 z-jw>{Vc0>P=r7KUc0iE|LgZ1n||}V8)_B$PvL!7k|O=;hmZSAy8d^+@2@EQ<^dYAMU*q{pM1u7 z=_}tkzrWrXcZdP>VNcVJ$lp8eUFknRa75Z>6D5YPQIZ_56K4EI?6s&AcNMpfIprJa zFW&xv(fcVSsun*TMB=9OQ#+}j^6QK7{}|^~-`@vS;$EdANk?)C8r8#@*3LK>gDKAk zqOzSc{s2$d1oF1I^+3uDI(%0&V4rGD<{RZ~H?l=`$Yp12 zxUt8I3yl*WzVrRmPp(#E_}0O_faSUy`eE;%x*oFM z)#Zo`7>ECtcCNkPe=g~*-F3ZENxg*@9&EGK=4prR)E}?W>(+TaxNJimVrT&cITl!R z#)IBChQf+Z%JudW<6hIC@Y!HmfWZKNVI+>RAr(cK`EClKXKX?SGE#J1(2fs-F5@$s zx^4|-yI}kaf#X7puSRG6dZ2U`RzLHL-T_@c#`k{jfUfZqbc+3!VDLS3UO_EIdkeu# zPu2_LRM#69cJVj9`;o-%*IP2*E;*9$IW&GO6kocYgC*;`Da?+Mf#enjGd`@@VU|Az z6ZXAGnDu}LT)#2Q?Ze`T3^K=K`&9qqD#Pl9*v9|cgO|BC5?e>5v#VSlsfIA?0U04Vj>ro^gthp{Q(dEX$^ktOo$vc@UwQ6Q zZwSoojom*Ou?T4eWWsfucsX4kxwbF;rY;V!|Km_9}$kq zCuKJrcX$cpS(`gN9~&6xkpP_?M=vZpsCe>b!1Gd`0hbR4R)VpkQ9DpU#`p+!;B5qh z%;+@0*W{YcochE0bpxUwIaWJW4Jl8cMxKbUH5lRwGQiv9I?J7yACrJhVaP2y@fb7& z-e&jFi0z~a1c{Dp9__(waLwo&Zf}8if#-|xpY|9Jc`hW;X-!D_m!103zgD}ktYu=+ z#~@9Frwo72lR@ExhAcf~g|r1>cTD<_ zJoXu{pkUXaFt{<%b;!snXsXZd`VH*N4E59(-}Cni!~McZol>Jpu=Y6|4@oTOS%=4; zqGKS;&s}gm|CwS(MJ1ig=@rLwO0cVvebjCaH+>W=QBp%Jnnof(Z~@Ny!FuPAY9 z`9|r$zj$jp>OW4=dTJT>3`8~W&DDC1-{(&KdfNRNFH(M@UNtKjdIvmlU+mRBJ_O6O zcBF$pKD>62vLSb1_P-&p7bUj!!yo-PefqN}+J}3eFLeE-)4!hfI^bX@DaP(zN}ACw zU%dL6L^E~+^9SXa)X>r(ywln-$_wd?hp>4%JuA3C)v6l`NMKiGDc*nRzF#M(grkxu zX=_XA_5b?W^thM5Jze;-pZ8Z=#GUh%q`BLE2k8~wN@|7Y%(q|Z=tM=?J5b4Ayq@(l zU;A#_>7WuTqLu!lmtT2RdhV;lE2L0BRY}>Ejl{}C5z;WqiZ+Tz3{`Y!S`7P|cF; zp~PVSI8og2TzTF)n@9(|{4IKA@NHwZG`JeEh;+g`|0)`-SvZNj&zT9KYQ|*(~}Q-NhR+o$(-H!*da`R9JhIG zGs)p!JNGB)1D`s1QL$pD``lg0v?NBYmdMvi&cx16zt%-4_D8ZEan11!-_CX>#zRi? z!NBJI(u_m&%l|(2wX=rG_|((C7JSmKJ|x=0w_|Khu6Db{Uq*x^5s_$sU-|oj&Y7nh zbdVs2Uzu;wjTrog6Ul)X>cnp)fln>pBu#C^XH)Hd89OT4SH!0i_uv~Np)PoO4tx)P z2Co+?+#d3#JZ80xXRL?Xb7vev0hk6_pjLV_PxyUHncGOpS+J_S1y?OPFcE|h2 zv0~2USNt*^aMUYvkPkNsEsb(~|pZe=Jr{hjK z)iItQf5;2$i`W6`g06uF_nlD7I7g)=C$t>(I^$sO5D&RO=vYGkYg^BFD93+&qMl&f z8dN>*(Y|DZt+3dMpG?UPJ${8QeIm)3A1Z8=p7Q5!Ngw-?+0bJ~%7 z4t~u)rptf1xH0z=_uNIl8_@R&+2QQ0ejudpJh9Uz)Mk3eg2<=v*9>MuMPMQB#xP4d z*c09+*OI^M1375{HX}$hbTeeKxSMY`f@V*MT7%h6WXB!90{@uT<}(lJ!OrI z7jGoLM)k3aLPw@68%iTT5h~ZudT8!1*&l?c)wpU!%+E0Mi{2Ge#aMp|#tMTq2(E?) zq`Sb{>%FPor<{}Y*V+apT)rlfrumOHHVl=)!${s zjCCzVgg>+gJ3F_d*J6MD^w!JG&ks*)e$s1KRXmReo%p_(>zZaPPhB^Gm4Ro%jb8MC zR`E3qA+Fs{?K!9FI^BoP#YEY><$LRob`2rOXCA1h8;(1^1c+f9j{k)ca3>|cdLgXh z+D!EkhrGj6PdR+Q#FjiI=wMCVm?Vne4W?$-86WLAD2@p$x~LD8i-X9>LDe;pPNt)W zzX|U^Lj%!`&`FKPf8YZ%Z8d^o(DjMUrn4z5_~?u?ovp!6Cy$&MOpF7?W|nh{5TrV? zxr`69!G#^PMc*R*D(ee_FdYj)_^uqqVrU?U!4l*bCVp+4CMy{n^SWog{EyZUI0xfh z^!?WO3^|P?--YB~p2MZ-TUg(!BLC5A!SZ5O{DP;qUcuKQ47QtVW4-uE@HuW=>91Gt zHH2BO=nS@j9Q?Yu?5OCu6WuG%7lt`bOB2SMH8RM4@EjIJSV!b2d_u{f@}2v^H+8bQ zT7V&dR{X|v!PG*0jQU)B7CE*AkzFfCdkP40Y+$mSHXspQ8W61=(EXcCE)XnQ=({9gtbvpCh9}dLTi<^nRyKcQ@ z?C_S8m?FN%PD3Q$@oHZZr|$mfgVR^O^_{e85eZGd)$U54Ir+47_lG|*z2LQf*Rc=i z#vCO-1H*~hk3c$?di0;YF+J(6iDlYc&pF7fD{j>LktO;y+${?W8N($M%%~ zf^2@bY9{S*=%1%Iz3(H5M2 z8sF1D>s@7kck9~p@spJZHsHAXUA9fne)8iYjtG~N1{vh&Qzbi+_$itFhh8grug4ym zj{V%1(skGWZUDByw{F#IwEyeBznAtst~(Ymu%UC&X>RX z^>yhTANWYx=`l}9-}>IU(#H}dJZqP@+JP)?#Ky62@iB?~Md!pE@`ujgx=s4z-$%mq?3z{DtWQZ|9?PLJ$wNOdAm(0AKXvfS(wpA(I~K~W9S6W{_~8p7C%n>!k5$b58E%j;8kz##2qNh{t+=Hu1O5;Js3~jbenvIc;@&apXQ%< z=R(KV|Uzp@u!H-t7E(bW`&BFtZAuVZ?__88Yx6k(aqW>BcI{Kg<8 z_$qp<^pM%j{1xa8cig&DR9gI{6+{ErVYAJxx#X$&pL@!XDnfRPtNBgS%`Z{fPwXDbkFS?^6@c8Clr zHyr=EMgOoK;4}M0V;FWKgq#@kLTubgS?Eq>NB(;_Sd7l>0KH@Qmw>FLm17W|-g~25*UR*tm+Ly5@4WX}{hC>xQLZUd|CD;=Ub!x?e!tuUmUEt$ z^ZNbzz1}kQ>tW{)xZ4Zg|2M)t^oYa<%fs%q_-H32XL2i1Qi5b07LX$ZB5~sgDoz{etuaM6g?XVF2 zJ|Vj%7u8(&dU5nYS3f;rn61c54Rr7{(WB%bM9uACFdm8F_J4E)8J*`Js(mO;2lrUgxV>%pcg#jOr!*{fui$ zuKc2Ux!R%4+q9T~=hXuIA{e5cK3$3%_gaYj<)uZ~4q-Khbb5O|{viE`6g^Hmi;x-p z0$=LOPF*xtKUy<4Aq}(b_mhRkXY-8bL~!%?QpPun6Zg_3u{$yHA~A0e9p1rM{$GvT z)$jK5i%M3TaS|CSF#%y+Oj$s#4m z962eAy#FPm#*A2Ezyorv$U;G z?1IG(H^@hmDZEBbA8^d6{{8Q|ReJfM2c}&gc)zs8W}BLA`uZD`Y;&oSm(Du(2kAqf zJV{A9;)i5AUZ+XY*%B?;Y7qB(YZS(D{!n#AAgRp}+qJTUG3um`6d?s<2;3RB5? z$U?{J)oZjP(+%lo+Lh?UQ%_H){?~tNUPs?cNRDtaKqR+Kk!&K_Bqg(%58RelPfK>Q zmLso=z1i25EYX3ICP|zmsbE4oO|eicXB2P9Gmfwe(XLkqu9%uj=YQLaKFPe7rUy-KC#W&)z~Mm!Ih2RhsCzwtH|FAD=pN<9qg)R>&IurOOE=dIkTvE%7cxm3-ixBqet66Rolz z^G}!ZtF%I|eC8mQ-g3*W>6ceuBm2A{9eK>Blt{QbKcuw&+g^s;1y{D;Ig>0QL=f7m;C1E2hlodSiEWV|_j9FNcq@c=mps}s_)zfBMq zWIOl($y)I4WN7?A_7O4*d9f4Nf&1){4%~O|wA20WleXG?Gv(BUo@VrY|HhkdNtel| zzjo$X>0`&AXrFVkOSVbNinyh=6MiUvBo-vmeCCH1j#I=3_~nrA&e#va z7mzjDp@5|H=O8sgHYPBEi`HCc1BvuCKZF zH|g8woS)wFZ^xvYS1CS$gMJR^gT9kRHC50-zkv-@F%Nn%@O|*~^flC_etOB}>5E_eM*6I5-TiOjU%G%}ctRgO@Mq*K*_U?F zyJfHP?DTrnYo3#yvF{#HKL5S(rkm2c-v7aL*X_1V+ikmTS}DJF60X%9I;SYf_M2_G ziTbbY(%n?najFYbT->Z5o9uP);pyrdG+v{9$zn?KCoap#6id{9$~LWk`YC;OQa|;a zryr0WveS;KyPulN{nW41S+av8kN%|WK>Y@Nr(%nDXf?n1l=#*;uaPJD**lnEr^uOp zM|}k2SH?fs53$j9A{vpG;}rdyY@P&HSxcHw+?^E;^o4IR-t%}#y03PMRD270M_-x1 zD;h{Tgk$>_bHL!Sj}qVXQB3t%LZ#fd%3hXf>^aRCRzA9VPW2h%2!}@LsxR9Wj!BIb zCnUeM8sDsy@60exJoG8)k-P7jcDUC)296UizVz~R;+IZOr+q_X3;I>YiQ?5i`Y`{< zkMVAd^&Ix{_{U=(Vk!LNNj~NLYArD!Dm)yexYN>yWKgx{Mk=U4`Ix`xyB43X(fzn%&lFGzkTla(+7_` zA;vI{dwKlGcoHAMeuO*5v-Tu3W!lGvk_$K;iyFh`*(P^s zXZf=DPI#N_gzt6L(SG0>sE3GSe_Vf=Uu%pM8Q-=9Ta8<7%56RLCk^DbRP*giG-h3^ zu_}2S-dst>*?M>o&iVDf@N@gjAIM)u8PBm+=eM7Uv)eQ`JLvFcJf3f7Bc8||8B}iZ z_gd0Wi}IWlpUar5mZI0_jWFZ{4KgH>8JB5Jj&f_)4lfr5vwr)P>rOrL9g_V;`XEpd zY&h(^Jf9EtJ}bED_scoY%JVwxy#sEbBe^^5ZSf^?;pk=HGP%1d!Gc zwir}9gX)FJDv64Ou{EW$8Nd!oa-xu)tyQPLmPsG@9*1t#Yi-aLR5X=-e|@R5o$n^= zVenRcnQdvZVPP}rmyhZUFq8FAZh^tQ?62u$OIwU+9@0CqOlvU``(CYq$~t|)Z|7(j zU%E8Y4n@Y&CRsM9!HyU4M-%zPA5BE9*6t52Iq2wkS`=H`sBV{&jSD7@y zH^z>y!Zpn7_>sXsr+=<4Nz3G!)-F20qlVRA*R++^*o}X=oS$^V}a%4<*r=#lqE$ zJ?U0^&`zmynAXG;_ni!?vL#TI_*jyS{Q6fd!q2eKt3^gH*0T7^f}@gPSV)X72iajQ zLmFK8@M59H0NzopN@^iVfR7e^mCyk_P8y?q5}xuRFZaDuj}{;!8AeGcEVydH)QiP= zu@lo-Dt=k)U8BT~wOTZF(xdQ^xG<~u2OT6iEMG~&)W%xyUY^!zL33hqTD!iDf6bEyu=R!(AoKAj_P z7N=R{jz!;`lu+zI6h-m|$(~w#CTWwzLKcy=Xz$k~3o3)baw-Wav*-*xLO=W~(S@k* zguB+t;C_|FM& zUQ~w`^n(58gaYdenxF&yi6-PyC6&nLNNS5$Aq%JKmqqpoCA3cJ6}(E}Q+;ez$tX_7 zAQ3KfX_pFO+HGKf$J@^maoJawk72UFJCAa!j&-jFFhk8_lCVxnP$qBDcz=K|r zDx@Pn&wNFLFiM*_QPXmloFrc-ZIGy#+a~$dI-!i_1D47jmMT$^BwON(cXJb};3J?V z$wG{DL(=Cg@+iKGujuveay;WLa*V`OB@@W!*ohAMO7a*YqCAb5AITWmI$?@Lip;0$ z5Ko{VTP9IK^hXi~@lJ9>4&b4V^x>o#WQX7BUX^^UXB`_=6?m-4tR&Q0SJ)~s3%?`b zqu7`1=;N<{e%gP}2T{2?uKd;2>Anx$N7u4pY!DxluPsrsAhCU+1ooDAc{6Uk*twiJGX|C00ykJ2ypi$2f; zw5cs81))>=7xY5^LUNeeaU7DooRn3?he%SgZ%Dt;U&T*&(6!a(_=r!H@+1}I1KRNqfBVgI64guOp$p)E*wBTcNui$#OU1bsl7oA{pXO1{S-U5EdY z>==n^h3?{ywg-sUQN?I*7>{TN7P_F>WwRe)clf>Imwd7Kq2?(g`8*QF93Sy_@nS*A z_aezraf2TypeOgKojBzFP7;cEEBQh{@&?Lw@iX@)j6bUQL;p+P3?6(~wxfO^k~L-H z)K^@bQ{Ux&9@|CE@D7i}h8!Qzn|J6`vY8&5ZfsSKq;kYc#qTV8WZ<}++kN>{AD!Ov z!l!oG=~^Wp?tjSh(tm&V>}U(Q<`4R=WL&HQIqS3WM$6L2Kk%+}z2Uo#y|EG*@@tk_?UwZ z#TNQ?__Iw*NB&WOc&^5Y*cm!Se(GQSBLLyE&8UrXgdb--qA%npJfhunil#~r?6@m@ z?yJF}k4!o(*MjGa>|%}NwQd#urVsv>ea~@6JTvlwPjhWQ3I5`T77_2uj|VIVYy`P< zq*SEU01odrhV>`&-pAk2TdS~5hFhesWlai6v%u#_Fu(KMTYsl56?S(aa`%G->#X+ zTH7L4J^ptjXU>+$ZT^ATc zkJ%Xv4(h}-I^{NCj(x#$#7c3UMPUBTAMU7|@tUE|^HL5-MmfQnUnpp=3CVBT$slu@ zn0IzLoxcjYlV1o5LuW9c_I%w0*7&sCblnO>58a*f?d2Nf*_PXYAk%>va5RQCoRAxe zFrDiSW;tYk!L6gc(V-buy(WxfZzM^uT{geyBvB$>$y5+Gg{^1?B%K3AHzli9-~Qj0 zzlbp7%aGs5&afcDf`$(7SjnPrPr2dOVGkzP@o9|fcE!~(JLqXkZmr|Va+2UezvDrv z$rC0_DzdBGQteo^Mm`eysKsx|*x_S7Sm~kOkEm}_;tpS)=#SWO)4%S_@@O81f-VS# zzGhGeTB9q+R}tj6*97JO=!HV$-|$)}*3V%B$%>F1!(eVF5RPpi-H_Mkkfg{#-{50F zxwzkXEUtpRCQx;aNBZoHyJRm-uSI`*aSJ}dHyB!SdR|`p3`0>q_Yo)g|GgN}^L7A(^jBPO1YfAth?#fR?CDv4kT$y7R@R+8Ve7EG6F5q2H-)xNm*GbatfpX+N<3i%29EDOn^ zeO9zjYC+XWHQ=*;_)-LYv8e7HfSjbmqAv2(uj};>dRWw*Le45rvcRnFu>j6u@g#{M zPSz3k!t2;2matFomqZ39Wv~Fv;<-O8zDM!_{2@#0N9`u*k)NP>=bvd7R{(7=ot5C&PK=NUlX z}DF5A*A@Hlxv1&y=Vs(%$MTZJ~&pPZIm3CE=QQ5_PKNN`w6GKLaSNL*liCfY0q z@X;ndg+8GXJz~?)Y&qx}{>*=j>rAHz^^TV!UCa7vQ?jrO1IHZ6kxl|3aY=2G1OjvV z55Jvc7?M9!2m7?W=C-i|@hxuDP9!%^DM^agLi&e^g1vFWyntWj=g79O9OVb%#r6je zB}oH+QhQD$M8CSm2CNS1>m=|AA$~2nAs^qzE@%dPOCtHf`sNzC!7JJ=Gvuq%wiBL< z66~q$+~njZ;kCc5li%TQ_?_f6QRxX3=qmi$av`~+D{jg6gvWlT;=As!ecJC~57b%b zV7IvEyzEsfqH^$yt?NS^U{^zuMJB~A@zhDws#=myet5~1>B-N3MY`bh6TE|K2Wv{( z-uX`H-gmiky8K%0S~;z_L0nAIo!SX?h<|7kKjuT{ZdY>byml1QRUSSif8zWS+4syE z#W&)SY>9-dNaDeMbN{TCtfy@A?05!0l@AwR;lAWAFM$Npp=Q($agccxsZ4ru98~?; zwX#FvD*mFFi^A>qqNz%%Mb8>5;|I_!i&A_S9-YtOo7lYS`PII{Nm7pOLbM_mBhAqM zNIe_iASfDytnmHxeIFityMFw+>E@f$=e~HF+L7-f13va6*`3;iaao`1(F{EGLp>Nk z2a6r}AM;P^^s)4%BW&D>TabW#leCo29n(z%dPVLk@67ui$S!VKA|^_785$Av=*0Af zkCIeG`_`x1i&#{}eBuUlp>OfR!8t!9;85$_kVvpm`C|UjgX5zG;sWuUeoVTwZ&BVn zAUJGL=KkYGr&v&Rdm)`r~W3>C+1rdLRAAhAjiP9$2#8wq_qUbFi zZ&l3ylfz$=&OGVZ^w3>)$^`-}*KXGPXcy>AaNH!0&^LN#YWO8?hX12G`noCE%j_)WR=7W&QW@eo z<6h%YeQXigI&SDba*1&-y5w5=)$#%#xGg-|*^HQG)+BFa03Ol9_*T8Ou!J`n-z4K2(K(9^W!VYGjCKyE|0Idf z<3#L-ex6vV11k$V5;nCjB1A83iEi|ubN9cQepBrq^(cwbx|y+`5|5qCD0vWPtNNUa zUNe&A2YpUR70)_xyY9D1l9ntyu7^fFr;V^z(Ii~%cT@(NdE*20FqVt)ocbV`0xy1p z9^^9f5FE*6%k|@?s|md_{A`P%JvP}V$0+=fvQ{l#p5X1c`HzawHLQC zpN=n0)zl_kxj)MOV!6ThkZbZ3#EB*DH)GVxS?)ZgejBjpwLK`Z!k^lTGmFH-NFB+< zYn?Uz?yaw<^tsG)5CbBQ1bJt=M}jUM;mhUobpY!Ji8k$5;KQ03GyY&BmV@ep!asVd z;+P&9Z@`i#!#JOV^$OxJV|c$s&ITtWT~Gz9Yn>QhLuiC1VZ)z0xCHbKcf;|2O#%^9 z)V(PV5L{<;gU*hlK+Pa1R_Ha7>g+W9%0amEyp*dT$W)HOLTeDZz}G4?dFGwi?Js&v zkmx`T<;ZMQ<+z5k;19X6$g7DI4^o+I(qL8f*-d~+Fb|rT{2Y~jVUIyWL#XzQ2eFyn zrVxID@AhEG1$kLcwS#C|C^^oP3?I!erewyCTauX)YufP`NXk%Z5AQ+7BWzdt5 zvio)N0lwsmz!0brit)w}9E%`qAx5ANd;pGyF#H|1gYR}==ov?3`}T<`O)@JkFVP|a z(^3o?qn$qj45>90ThNdAt&eu#?J>T1@C-fJxLdx7vUpj@dJ^2+>c{5q%cD~pS>EH)=Cib@(@1fJFoFIsH% z&M8#FE-bH6VMrEQoNUD;4vUH`qAJmV5(v+^002M$Nkl8)@GF+L`FF|J*$1us47kx=?n)D(&i^Za^@TD?N{t{0l`$%}= zQw#Kv=Wfa8b#jF81{8lR(h9ee8xV#* z@ae?>nLuX0dg{5d{z?|1KO++z!iRjI4_WCSKIqA{T(4KVpc;IrwsC23UW@#^-k0P8 zA$R-kZnHSNNbqG?~VXmxcJEPebT-JK{$?1>LGA89E8U_NI1e6Mj{HZmHVJ z2{4f$DdWX{IKbgL!b_W~XE}){w_Ri=KD>ydSW%7J)h0VBmUuDfv9JL`o&yhX-^>vKWwh znO{H8`ggJnG+;0K;GZOSPNE~}%XC63MEO8w(2OqXGVAEdwv*{S>~VW|7n@w!;F8O) z&@0Y=WE-t^wo=lF6Rboxu@(Cv#>K>~Bvf|CEek{UgC5 zf6*LCH<92&JCW>7JP`fZ(v0j5{}9fIFQP;DJMjcQp~IXEg)|%e1eSn4QhL~q_ec-A z@Af?EI?g%&2kEjauF}rD+8s@aTlf<4u$_x8nAU$EKrE{tLQkg4a*|9`H^%MpLjx8+ z-2aIf+CYAeXZWpjXuS|Gq<{CTKz)K=(P8}RZ-hsMRGAjJ@0KeVw4yJSlWr%-%yTS6 zU&vW9H4X^XbG2E;615l1=9nei_VXncdah3#m7drck{IdO08Kj7c=&I`h7upeNIb`g zpx011b-!vG|CCK&U+~2b9*E~0lf(_|1D>cWI^9mzlj9Htu{A@{p>p2ImVpGgb?tEz zGA+qrwoTE74k!aYWCXpcX1@ciXbRb>3}YSH`GgWRNu;dCQ}`40kSR%;@*g1As%(7z z13g)HWyitjCy;$g`#p5WwDlI7!bNrP8vBoZ;KD1AUfo}^a86@JkWg> z&fLG~na9h*BaOPe$4eQH$E(I8OrkX?C%&k@Xfz(RF)RH|p>yP*f364pPErrqPfDjG zB6pG|MIWYsEvvmH6T$ZqwKKbpAIXqZUmK4X|2GlvMg8cgKkN!05j_%s z$M^b?fnLrgdYP}29}(|uc9N^~X8GYy)RTOv=eP^q$eZ|tJh;w&M_cqCwh{eBE~cyC zqr4g^iB&Wh$(h(Gu|q=8hxX}@_%VT6(hr|ShIqvl)N0rXK1jQKbnbSLmvB;+189Bg ztW^lzSV)@?0Sli6-56Gk7Xge3p$9>>MOVgC)6AHJnL+!D^`J`~kl73dzs75Iv~eAF zf?fk}dyw(^5;48R-}7Uxo%!}GhVh|rhT7YN?fZ-UFUz$Wr;c?kE1bvucq~X?1!%oyy2X#_Zv->H;I;hPfY1k?=CCM;HQh<|SM=}t z24>yxW4!WwWQY;;9M}ZApi4#h2Yz{M+f%OV62WuK2ScFq8z%MVDc5$q>EILX*1_n9rFqq~kQ(E8=1=s6y4rxF`G>zd&@O`~#}U3)4)HHP7v9#O z)hlcbA@o9hn^1}vDu*ul$e%s&r=cn1OZ5f4_0Tc&G0)3UjgPzVjMAR);19S(7tHoz zy`aS`k8xp^qZ@*98XN&KZ^I^CSO}XOz;jivn_$xzjDS8ooBG6Ieh0|B4Uy7z2~J%{ zdFY`)5r7I=APu0ZZaD7v641BU4afgA2`~U=a)mjtm_W|g4t|6p0uuk?VA9U-6 zU8Y~Kv!fLg$4ojSQPVvibg7WL>GO4w_c*Y|rx2Q-R$!ZYZOc9a4?055ji75I?>Jh6 zSplX`cC>zBmV@;z4#t2Mfa;AR2x7=m1|o_Re2HJHiBIoTgb0fOL!9|WLEIG98z>Ep z3p0UKZ%UTx+uyUETZ@AtEPla*tQBuq*kD0szPKX0b37jiGo8XKS}Wyt*X{phJtP zUKHlO7VDQN*|1uCR-9%D){`|DH-~TpAEE*L;>WULQrzdrB|gM=UHH3(`8IFS?u7fA zj8FV{aT$EbpZe6(Uyflgo(}j6KKNC_fL{m7E_hzt7VW|-hB}q36O}LWVxgJ#xdsYX zv=2=jqRaK6Q}!VHoYQVVBt3ai-EvY5>Pl9|o74Lgp#Y8*a84G#9M&Q3 zzq$VU^gkD0;@1op`SRTIrM+d6KXFER8_);6VkXO9vXI?`Ty$RrCY4M!J4>7+94AGBVeu+ml0)kU_W6Ce2mg379}+M%uJ z58SxxV-w)906{G>OFXfjc~(8AT@_GYG%*9+;SWKY%GL0jUfP9@0>R_I4eW6dvsLeY6g+|9A*j1Y<70|rG zqx?s0B4QTJ_S)$_PIA>{b*x#lCS7&SHMUFdAj#{{^%`Hl##rMHlIIjLR34h4UG}6? z5((X>=ylEaz1KY|eC1@F23qI+;KI-&yyyd_IKtl?FZme=*=5oL`f@xW8CvBhM6;n< z4Lj|~fgcRe52;e<8QG&Bt`&bGz68x)3?%Nb!?DV-Be&_1oRFX6HF7F(gZq+anV$;( z5dDf5ct1b>m{m*>xhkjo*lxii8aysm)7HJpqd#5;XFSLcK3!h*WIImc1h4K{ucFa$ zOxHrKxQFzKTP02+Km1kCrp2!cO|iq`l;pN#opw6Uahdpp9ECf|BOh=gH)#U~3WRR) zXM56lC%H!Qkz9mHwiEGxLh=*is)|O1-FSj_Bu*R1uM29t;26PU|Cm7ihkYHna5Lm4 zB62z3H0^#9h<8{CeO2<)Q^$3ZrNy(T2aRcyz;z<|NWP5E9f#?Ma?B@*6+jNKlO-myqe-BDj3j@IH!##ka+bC~IC$({T91q&kl2EmT?ToQJ@22cpZsQLu; zGi!BDU&}aR31f-uHW3NZPiY?eON5rqiz*27rjN8@^ z5{-Ufe2Av4nJm|E+~Ee!Hv_&G%`iXVf%c%d6}ra0nO9;X0LCVMJ1gG@n8T$S-^M! z2(QsZQ~f#jhh7ue6>SJwtw9lPe67HUgM8`pz(HX$cAzr3^o0(V1u`g&xXG?&`eNuw zBgutDE6Fk@(>nYzNFaDJ8B~%LqtlaIDG%cL_(1;1uPIbJ#zS*r$;~!`*adjngdq

    H+(!ejAq&QSi z*$|CT0%#1uVM(?FB}d}}aEuA<-&6-*_LsJx7uhsXKj9>4B`@+zTDKGWpEs_o?{XH} z*kbF5+j_|ID{^cI+wcSXSwp|VKiFA;gGCn)!nC`Y`ybtl_&OT&1dL=wqOiV6s4k10 zEQ;CeB+o%{rYBAeiytH1&+UYn%MQoAuF;wOCFB54VF!zcnNL-0LvOYp%TxGTf;NIC zf3lxg@Zf3lIs`tNAzJZP)WGs2MNouAcu%P*I}^elcO=T z{KMYh&-6Bh#eO9>!UnO!$#8x>YvDWdq4pVH!U=LA;bP5NjoU5f@FVU!xkTl>_)5|{ z$zUGeYZ5^))(1mNiwa0ZpR}+4Ui5_;1`2u>i@-d>uW2_Hg}vyhu|sLMlnY2{l@FB0 z%eb8b9P7l7Cz0Sw?aYejNyg`TPV%;2^{e}9H9pb2h!<(6bq$81Zz0gdoW}D^qC^r8 zuS;R^eg?S+UzvyoudF#1{asI3Slk60{OHVlp*M~Hy@<}_jAnSeh%S62Ws+>*MQvt& zM2r`q(I54N7Z^#J;EyDTYH^r$RKVqEM`cN54ZXrMvSCp>@LB)D9gFKgJqJJahCtmO zcu*(ohU5Yzb!dUw$yj-pyMndgrLib4y5LKn&^tOnuh5VD`47Ee7fuGyeUcR?l|19* zSr*@=!3i0I?ZNVg9?2PM3uD*^0`hf+b{@5ZxHV?=Od1Q_o_V7(<-#sRAjnkR+;W=n zMIwQ|*hMl1byVNeZ0dKx5#uwRa=<&43%;5jjnwx`xqyXkO9KAjgT;B<3H`k6QF6Dx z@(f!CLJL66xlL$?AKI{-@;Og+Z(2zakpXPpDuf#`5}J5k7gQ+o%;vq z+_!&5J62S=&TN2w_$tDvhz8Qgo1Pk?DDoX@oHIam*e5P?GmS=%{u~W7sn|j z3VBB}`3MPqQ_~SAmM8&*#Vz6#$;(q~m!$pn+AZCEyKM@(3SRx|YjvKf6R@h0yXf=I zRXkPlVZ@gl7sQWEf%v26j1xV6;XZOv{Wbm&eYlQz5_kMpb^x56Q!<%on44LXUUkTRY4-=*TX(yUpZxS^ z>6FvIk(QA3C0$M_NzuFLDmjkinuu%SPwhl|rQN}>%)KoojzFs_@me}$XR6^}7q)Zm zNRL6kigI7iIZA)y_H`Zl2!D!lqQ~U}f<04IK{xMUO8ioM!&fOr@_xNMx9M1TmfP2v z?q%E{(tTpHc~Wwv7bT=;^esh0JXPX(DGx4xa=j=Ke{1DKF1d{A#x=!+Q}Q8^RSiZv zzKwquIq5z}wrA4^ZfK}O`GwbXvf+-c8;>KC1x4(W4(6&jwyzifp#Z5;5= zfe3OugdXFBE;v$Eo*Uvn`I_?lqb&_ceE-_t-5|7~Yt{1M-GY1%*+){X|*a%lN^3M*qN5U0N>s8}g~~Z9Zuq`QXpU54w;adbS>PpEyrB zJ*UBtPv8@}NYob&A(9z`2mMK3@*Br_^dLJSp#+*xC-dzjoS1%+6Xl~$YE@n9L;Mm( zvj?Sh?69iB@unz=8hX^W>l>>%Z08zz=%3}%0z@vMh_+zGcoD#u5PF2GZTf1O8Iv$G zi2SKN%yKke z_=~UGfF{pkHJ$UQZT{zN_yy)t#}oW{+~xao)lQ#`eafz|RlLo5ua^&eH9T#_83_X) zLtKp@e1T_uz+v)Ge3I90%J`i1W=TN&>HBQ$dA&S4J%fRH_8HA*umKC-7x+%2->~KH z1<{V*T%huk`hvt)cak7wfsV@z{9TXlHI+bY0B$Y>G{UutY&h=t5@6PJ!|{Jm0{-$& z+!gOk>X6x7Kj_qmzf2PF>k*;@i-YmYErKH3N%g0snw5o)sEfsiW^T}N5nCqeet6= zp3Hk4_F!^duEBM?V(VB1blpzl41N&$9UXd6Qok_Le23=U>06ehY4J#sArmO2f6=Wl z!vQdURn4M|Ci#(+Dy`9?H{S~u?4OOe?YIN~VF1k`47WsI?pKkd<7^XXiwyaS(~x@u z2#!{dtXC@{4AXM_V_!3ZWHF5|qkNIiV$24khc=kSz>u2R&DA1)q2)lgD5yFvFTy+y zYYU3N_TrYl%u99?iWeL#*3KwPuM>a5zFF{O!J0_}1WkOQZ|QPvA~XKs z#Z}dd+D+sUamjc@q~)qMfqefcaZ3?Qi65);m};3NP+kJ}}aWm*)Sonhgf(8^#vUV5g0Y4?!Ro+7!BY zrYjE0`#C3C!1X1wKRS#f&Q#xb0)K9YJFY(f@@&w7K4?!&MskAWOkzarwpM9QRZWn} z@?ZB|4LRw^?K}AehV;+WiFD$h1%V#421;~a# z_;(zUyh;*CKwV3Y*s+rpgrFpMAg8F8iOc$}$0PF~{`_M;_;Q>>-y}0Ad7-om6hE-q z!E5e~yeh{P?Evf#L60kfPyfo!R~5T1FDnJ=!@uyiA`VO2;#uz1E;m{IdFX?8PP;0} z=Z8Q0h3d&KXjg4Hc?a87GB~_IKa;bQiplI`hFZ4RczOEJ-@L5aaj_tUpU!!@`=xIwFq)^FY8#K}&3X=IN_)8sxK!33 zx21Cq5OHd#6GIG*`_R|(oI1#p_#@fI^XM;JzN=p5jCM1A$M15D-x7C9d@uJ6)edy! zqnrW@XL5w-16-d0N%U7yg;Kc|_;hYR)j9wCRJRSMidMPSP44Rf3r2Gqzihp^UO{dg zftkPCZhfb8#48R@@BZ+y@l3LE93rtrw(C9*e>cXk6YEF#NYFg#{clX$-f7DY!hH6< z^Dam?-+Eh`T%m+(>}$6NU6j=ye(1~mF)>BGMU3OY3V(t@ zN0hbLR0sY*&^-=CzJ=dHchp0FrWYvwi`)W=5X%Kxqkb8`c3q=S*H^=$75z@ITX2@M znW27W8oE8+P;rPYKd$Az@p79!QqQ1|h0!V1hwr%wZJW**3wh`sQo1VI;s zHHGaGmYK|A%j97bSse`^wibF_?@(M|KO(ye;-6*CkHlSmNXL9(Z#iFwcCu9qPt$AY z`9tx)=ytN4tY_$Ka^3H4#D*9b(^n98z~5hP;C+?lXf3{2lLcQBnCWWCjgd!$0|YaE z{2LfIh1mBSK<2~d)Q3##2MzR>`W=A!gqRnT3uXK$3PuJ)l92esd=d4vTO;Fk`ogvj z8EGQ_g}SgL+@J;;JX?uZ^#_%X(~QzFos% zl`Ap9*6>~9b;`+31*i1=jkz3t#EX3VO-J?Sz@ykovST4{(eW_LX#==pOMq{N z8;<`C5-7dqh`bO;y@;pa!I%6PtaU2W)e*D2z^U6M>8>R7MOR43qDveBLZ6}ygND|i z2sFMiAd_EAgit?ztx2F3A3Gbd7%X z32ioj)vD!UKIo3) zL?f8n4>K3Oaj)C#Pr`22i@qi4M*VTFFO{`(AaIWL0SP)*=;9y};>#=XiNp`kjDyD& zd)n{BJK@Y^HG^TW_zy>8Xg!2qL14tM@u3&)v`9ClML`l>W=I0?crw$Cd=)p?RRr3- zlcgey$L*F+r<~V}%A4vqElO)A1Yw#szhTsjoASc>I zFID@QZ_|q;b!~}ey`x}sUCBc=yRV@Glr=j-Vc@AjCf&Gp0vh-8wG`h~j`pAc*j=A% zwQYs#Jo^nro%Bd01j-+v>kIlm<#{9+|NH3crMFyHbO)jeA84xse#&9_aX|^)hYqd; zmnwFYq=B_c)T+kqF5qHOZNRnl0y@hr@HzfuK0T+a=UIJj&&}uZg`9#XVAi+j54>(b zWb1xT@+tgxp!lhm&wB2{2fw=Sq(=t^;e#jeS}a@#o=BGAe%MFV4&`;AHXkAlyZg?M zE=do$|2^}~04q1zD4lZLhtvLty)<2X)o;|U26p}^AW!iF6c!B>BZwxF7vno(&y)6i zP>Be37xVZH4U!?ab>1b-j#_})i36hh6y(1!Ga*|Bw!~QKf2Nd5~KE6f{ z=DTyh6OTe3F7Kot=7x})^g%uS>xyfl%W|CuKl0UM%NZ$S9`GCW1i@ocf=y0|ve5tCR~!A@eV|%YC*>Z+YGU>B38{Oh5g_uhO<#ZknF7 z*Dh)2`)n_4{l|CCJwJWw#4o0aWqQ56Ug@3KZI9QJO4jUnHYa~tqDg#00*C2@U!6n0 z4`|f|a=^wJzeBwjJJpW^If{HD&g z@Q`%3g!{|apVKY}v_R^DbMqHb)QFp$K-WAmIWAZdESBWZ2{NI=f`df zxi}7~95^UngO1<$j}0~A06KQL3P!y_c-)lmxjy7W?`7IX_B&df+}0%i&oEvU&4sUXfO5;!xepCD>VC7%-qZ%GJ1AQHTQcKFfX`Mz#)AAczP)?mm_7{JSY>j9X{7YITf zlrL{DigCMd`@a1)^B?xYZqMx8sS!E8BiX5XN3Nm}dD*ShHveMWKC5v%?eUZ&_dB{^ zA=ENZCC2$Yr@l`4?;5Q@%USqag2-2lTh8sk;MoEQhKm3e3EQSC<7-Zs8FYL>&nQ|) za|nIlX%mK>px3}V9O6IIvTf!E@rg3uzEHi)zNKn8SQ^-S93#UlK-#m}vp5|P@A{0-B8JUM7hLPM?P@egoJ8(fevKjKC^;EV186-W@9h4KVa-0W zzl3};|FpO0``I2;aeO_hFVz@ml3($v2jKhDq;^a5x~}HR=nKlY*L{xYgcBr7U&}az zKE`h#&|T)!;t)Y$!e9DhLl!|Q>cA8la093E%7eDJ-f_*i*C@rI_*W@4>E9by^_!VmS= z2du>zl9~DLG_4=4^Fyv#4a8%-kNmSdb$=bZRp~(P9G<5y&qsoGN86K%F9Jdba?J8* z3N6n}fF#U#-fu6`eRfieS&Ghc6N)DET>tgekeQdzDRk8tDRGq_*->a#n=JTygrL_c zGUI$F^^cGhV?C!V#8rIe`<#f7TC(Bjq-y8?v-dVI+jQGq*Y$kd&-1?Ll!Gmvq}tZ> zSR1Sj;vq49v>a`sVhs@zF-?SEDk7;EqC^`_X^0AmilmJe0c!w>G!g`w_<`EiFBH>4 zgc?M&T1ycNT24Rdd7sbQ|L?!no|$W|nQLbD-uLs~&&#v#`?}V(XZBuueeJc^?Af!Y zv^RnJ`7XWv5_q>z@$J`PaA2>npBakdO#SpB4oOdjl!0xEg@BAF>>so0Sxy3HMBVBj zS(Rgu?Fpd?eET6mCr%aTsb_6+5E zg#ulLx=b+gr-QNM;uuUk6dkNS=M`GsX_24sqd)Tn)Sv0<1}F3jF*+@}t%IUZ6^Ft5 zPW0S{AH6_d6Lf9i=?zl>rZ44)Li*;Df9o5C*XPSliqJ=&@XbyOwo))zEhHP3o))Sz zwfPo;iiRir)RM7K54pAU7k1=(qF48kc)k3~m%Lsn`$sbjyD-_%sWwb+4OE>4_T7J~ zjyKA!Rqp%hr@X{qlwXJF@s);$M>%Oi1kR2tMQUQ#H~Fx}Grvq;2f27)=wQJCbz8>e ze*Ol2gN1$&L3Hwm**}CZ{A&x$k)Xs*wNTQ!n`8sBADPX>6^hRme_#BLcLmgB$qmHeC*(gMbX0S+!+6Z1 z4Hi&X{wl}CeZez_m~kwIP<`o%^W|pbxJXdP^>;iUeu+3Z{FCU=Uy<*8aY&Q3mWN*-ryI_kf5D`O{zf^C^-6u{@s9C2@QR(ze6yOH?9`Nx z_F`M@YH^eD(QziNXn-AJSadY*_@nl8d@AQbp2JPuJfHGr7oBPOQ4i(jcj!-~xZD!t z80}tzoRj#RwqO=p0ir+K0*`MplZS8D0Q!t!+=LE26bh#2RdFnzib5XXqrB@YzXn}@ zUe9@|gJ*<{olVT{KrgzO9_Kf71cDtFH+pOlcMRQZJJAd2m6-%Y`0qwyAZuYy(@VY9Q;t}2di)m z59F5iAY0{pT}}DSuR)y-I)VDc^?0gFM}GSs{+`p<|KiV_-hZkEYm@ZJpYsK$Kk-L? z|LJ@G)So{6u0QmjpZ>sq^?e{xtR_FA{{8&bBTah8&Qt&NFa4U+FZ-Im{qz-|`l1Pj z@#hC0JUji0Z}|0EAC#|G*K1_i70rvB<(uLmNQPD7#encT`kC-kYw}(#XMZHJS*$1l zMSVf~iFkK+(eYRWgg%R$r;vK&sS$AS^E$x9v(M{nz>*KhLAX+}NjF7r;!kz1LHZ`= zr!W?$=%^m*`ntd8)2F}tEB{7+g#K#!iJ$zb(?9j=e}i@RP>U4#Jh*vZF}tQtwQDbo zJYtcec;d|&LlWW8K$^;*LmYpl$$D-ec|Iu)s-VtM*j*%xbmYAntY;Srre}@4E5^$PNom)6=JPXII9FEgZuANW(_!*bm zf^&KxS@;Kjbl!TQ9O(k;n8+H-I~(L?air{K3QV!X#&`Yk|K;>UKl1;czU+&?P-n+P zzy8<1`CmBwlfUBYPQU*@`<~Ok`R{+H-uj~Gi%NRse0d!){o^10g`YnC%CG(E(^vm( zf3xNhu&eU~{lE3wzWwxPfAG(p9=@l=(!9dni*#k{#4*A_Po*687!ZD^`Fw48Ij?qH z&f|sn8^q0V^2kjntZwii)^ljNWw}rjelO%*;8-t?Bj-Zj2uD9w>J5GodXqz!7ePyK zGai z{3iTMyb&)G&&TmOqyhN7230`%3I(n~>N{>%Ipn~C5y#C~i50CMN~IqlPjoK|6^}DJ z?@Z9aVe-P6M~&kpcofsH3} zxt`_v^6E~Cv_GkbdYtbKd-9q6q@NtoFM8<#Lw-C2{zN_*8qvcuZSop&J_w};Qa3-7 z{Uz`fyfrZCN`sO3%vd`VqSS9Ql*D7asE5qAzts5hSpA6c4jb|A=B82OgVL=Y6d*B% z#Q2P+L#DhDW*jr3oKN=pLf{bfhG5rzQpiSDu+ail*Y%}=sUC_xs-Xz$>t}katDU~G zSdRHt<}ocl_|~8GeFUD#Kl;F^mzsRhYiF4K#s0y4Ir>p+o;dY2@wk{~a{%3FwZi9k z8I!qg;flzM?vzL3F6Vv_zG6MELM~Scqng^Jo$y;N5Y1AbvCfNLyjJ>}zf@E2 z(%UbAcMBEYejNq}Yn}B9f5mAQr!as0bE%4hB6g!3ld;bg?BPI2haq%Q&oBmMoMM-} z9GLNJK*CX+pZuU+!NH_)+>FGjj`dYYJVPeOaGE&Dl9GI%FXfgX5@K=&$chqAHuFS} zyt0F>M1*YFnp`jB(z%$JLO-nNhc53#r1qhOFxWn}Aof!!KPI!8bOdt2<|oV4e=zSZf-oZC>IT8pK|_+4 z@c>AT5cwMoF#F397(pJdGEitNzhQkScr)JA@3}vtozVM-3e9zc_@;704IT6LtHSrD zA>#@=G|`tFl&d>=ypg^bCv>SKK5Z?6DvP}+%fc9Lc*c%k=|6NPtolLG}*|-X>&2qT>Ya8W;+&KM93eF{^pE zgnh|B;kPt!MEeKvqyen9!+HAyL$#C5G(qW;bU4nP*GoB@zU*HRSd-@_8}+!+$>KR) zJ2CRD=r-kmZ(!|&h6nqV=Pyb*#4o-qpZ&0_U##dSknAU01$mmiEGk@!U&W+jeBu-m z-^unBIQq@vS20(v6+plPP9$z-8%n^)g~^=Qkx4PTPN1XG9{wG9FUfDXDK31RU(2u6 zZ$1vK`XqZJOg`c9B2n10O0q$fD<8_yPsFX{HOevYAI!Uc$_0KX&@; zPyRGk?1hb={QOUxzTjtno_)r&-t_kiE$IJ-Z~W%d_y2GIhh8uI@zcX6@5}kIP>#il zEH;(jQ9E870#xNC{{k&Xj*tE)>Jf*AUpj{8vR&vKyItT7zshlUp9vJ%XXVE{bO?|B z1dc)GVO06kU;f2YQLp|+2Vei|zVY;b{_y{uI^b2$ACoSgYVoLE|16))PWG=g{xU92 z{WtEBV8?pVS1hiisaPCS7PfPqWd0Um@@qX(ZkmsNaYVnDdI8^v2Z=&sKNvI%VO>Hn zq`QDNB;mh9SQc*;f3gM95A>K_>^#+R1`!ASQbzVKecSIleaCP9XBU0Rmw)PSIQ@oS z`}L=P@z?yy(~tb}46YVnn*L>c`PoMmPpM9~=+OnQ}{ht5u51#&wf9K!x z0$nfE<#p%U?aqs*MML->Jev((^ajCmXupdGjE*sZ$!|JN_sL!Hxp5;j}A3oeLI z0^*Z(h;JQ<`Al#H9_HR;GgUJ$7roeBfHCCj-toq8zAxm59Vh(Z-vM|`bj?s zeJy(B0ihTR{BV&b(j1pyFU;#m&j=v;27-`81h_xWf_T6F6akSeC^P7CLq5(P|DNJ4 z_}5?v^t|0QdRC4j$Em;Rmlx3~mNp1|_^Xh2Gqileen4z~yTDMj(d%bDZ0|2&E)l;V zIc6l=`b)?u;w@RJQ_M*RpJfWs8Pwf3f^BRQ5EY#-#qcH3w6wKl;I;boHKdL%@ zD9eY>&zEvbjN)I*PKyNa>{|RtjBwq^eU8CD>$-_MqCE7gmMm{SbObH@r@l;=^6%0| zLjvy>DtE4Srw&>lYRgZdstiwtA>(5 z(DWiJ<$lx;;v29FCU)&g(oXCjbi5x7yD+=P+mP=oHuHZ}Zg0MP%4^W`avpo);)b~r zJ@y&U7nzg~b7L_hdhk+q9UILs^{pf0_#nSgk*B4;{wC;$aQNs05lAOG3%@NeHG#ZI zt(7Vioj{yaUN4-@)W%XAh8F$p-k^U zjy(%WZ$fwBZIt)EIZr4H=CaRIQnhhv&xQRp_NE_(YJH`n5 z34ERQ6SvBTe)>Q)WqeJL%1R>N=?scq{VyaPmoC^*$rmc(8tGcTSvve5$HCYEO70NT zIxb;5L1-^HFdRQ%msAC@D=MzRI>cO0vimlW>-ZPCc0Y^Ti{ct!PrI)5i>viehvaJZ zDj||54T}S1`@iwq|0BIN_-CE|k-z_|7#{;k65gz9nBuH^QyS&8Oz_n$mIed!newQHguj(_&Ye*E;0|1AU~?@3ria zKMO`5XrY#0|12HwDqMOi6nI=^-iF0Tn!JGmeR0x|@q;81bjV*mPM&hxPzBfgAFU;V zRu}}EQofWRkW>q!cDHZ%lpHLu`vxthl#}&=*lP13F|(U!Y))n$>tc@Z(dm2s#Gg6+ zE5H3aPQURRe!1i9sCE8L{P!ha_(^}x&#dQu@~3|K^jm)0x1YY{cm8hKyB6iz4}C1` zpGCUG{-K9ESx#Yx_ruSqS2p{-89&+2>|dmqqmUZJfsWf1Lq5{oxpF-p{)%2Efoe*P z2MM$sRK8tfw_Hs;WK?7J{p7Iff7bj`9{0mVvJb}2GT&bMMffZDihiOZj#J`#QE~g= zH{*OMcLCD^qZD$CMBMKMCdxk01_0nkZ>1fe<92>1xt{7kC%OT0(0Wn5Y6yR7!*n-5 z%MDVEuLp!{r6RBF&Yo$BZS`}ME6zvAJyC%R^5hbFG$5ACEV z2F0fMo59eErRwv&^0bq7eg9y}!Fq?zx;z$*-Qd3;u+U9XBp-4<2nV@?wZX5XCeQtn z==AXxD6*8`4+i@|1lH~c!~Z89+EpMpWrn4{%gu1aOYXKmnS$h z&u6j206cvi)FFKESld6&>rI+X@l^E_#6f+10^-l2zjT4-H|(d~Z-p83Ro^kcO54OU zEEXenVjgnf3%S8>3zQ~CxuX~IEwJdd9~3#^4YD62#XM*$AhcAZ4J9wv-vxvJVpscN$|3cG;w_IANT0_?V4wH`Zg!rPZ(`W& zP6SphxjCXq9-N)tgrCt5a)z3lT>JfTV)j)|3P5&d*OJA;YuiC)iKb~8d&B$o?z!VIaunNRu( zor0hP7kGrS4GGbNx;wx`l>CZe^Bu6Rp|S%y zcIF3+6h{pBI?+Ao9eO2K=exnwx9AVN2O;XQ92=o<_{nZv2R-B!%z7pBul`NHh#_J!ynfoMd{$ZkDVU9j}8P`uqeI9j&e+t$4q|6B_{J`jmG zg+Ax@B0t2Oq+$u|@Z0{te{uRp|G9tp^n-u?|7jNQv**uG|H*g#H>bZ&_W!Nl{(HSh z_ra5opB~|ZytAtoE6NAqe;z#0xX;Zj8D=lLGoCGb-*tYBbNl(N;IlUF<>oQ5EAzc$ zEV%5q*sY7Q?11dJT~KV>?2o}xuN`7sp`ZQZFZ1o*%}{k;=_am2WGQ5{>*&8F?>Lz_ zpYlwEWGd%3VJW`=@xk0c^?bX0bKLtVemN?b8u=1r&NT-QM-ji1CuV2iC@JFO12Fwl z&|mnkg+&h#B8rb0#ASIi6ng09?#-_V>jFdKd?WElb#Szw#8TL%)F!u^w1D;T`O%V}EJxA9MSz^`mKD8kf;2;{tO!zD7>Sc*VUgbnKM!u;Mwe zm5*BczqjyRJ0AuvL$rXaU|&Br)l-Pz8u^siKHtf%OaE|#ZT3UYzx2QT_ziW+uUf6w zVZ8Pk8L_yo*mvjw8-~u&FXs8A|M+oQNq^rBrXLlprndsB%7Q-9ZqmRm^|gMUxY5`0 z8h?>5I~+$pNxkcQ$#cC=oXdPWuT3V-M{(u+{&wL4K3ZY&CH)xRPDt!)+FlobQvd)! z07*naRJqq6zVU;B06aFtGswe8%rg?PGyf6AFUti(<+uvNAce2MviOn3hxX6h50y;u z%TBHz^XkmELp$_vU*ui-XhP4igro;+oypHigMG z=P&KB?Gwd+KX@rO+9Ua5L%ZTU=0>1swky`DavaEH7B{ZhVaBV-U9SUu3-XxD=UBc) zj|69TSKq?EuV3Q(!Z42s{y=>RVZpGmJ$CziBp<KOFBW(*?qYhPDV< zJKvGO&gAX2_iTOjTNG^AtTcjzba$s<(A^SC2}qZODBZENq=b}GOA4rT=hEHblG45O zE-VYX9NzC-=a+MRf5dY?bI;5@vo*&9I3FaJ!R~W}b8=fnc}GGPy0}inJnxB7{n6(8 zp8v)*UF*_Z*KR)Ev@;lg9CG%9iK!u)tR!BRYJU6(VTMebLKq*a>O<)E-HlM)RS0leE< zI%Gz`vhuo)_`xvPedJW0t5uiv!ttRnI`naRd|toEtM%VRfl5`RLFfE>@4LJCC0a~) zJCb$;oZsvi?z*i|#~t&1$JXtux{HRMVvtaD1s0+&dJY%rK@w}g^SLr(&|Srx*h6+G6sC#pvhqjH3Zsuv zuTVv~j(DM$We=l=c);@*ozR2i;G07;^xFDyJ+N|u{UmqzG{p1|VmN^!+?1nao5UaW zGGsg<>czGgM{{8w^iAm_?0zd_E~a+q_(rJk(^+}B#|C`tk!ZQu4>^Kqb|LpcT{~%@ zv)jC^z=5me2ShTc>kNRNDhoYXN9TPjtMYpP>{s6QqC%=lQLVLJLgR3KJ*Stb>7TcJ z=nxpU3#PM;iIzHgaf2)PvD_tX&NAR{X1xy#)$1m*Ig~`+#_kZ*l|d2+@3E5T%w$IH zK1@66fRD0JTXR#WI$@cRe?xLjzdfk9(J53CKuGA#kj^@y8cnq@(^5z;L(&*@tkJc1 z?SW+VrTE}y+!-NDrMccuT;C)%Uf0ZgR55sh_$-Ec`5<~DW_DY)syt^-SNIn%zM|!M zjO9LX!b6HsaX0CEwF5M%rBg-d5h?G+EC%ew$s!E4*6JY+LI{zq{Tt8$#*?MzZkg6X z$J!jr#R+NCjGm4*MajEQ-#1OwRbW9_EWJk!tP`?xTs&F9-C+7Zl9qr$wp&GroZx#z zggMpI?5txoi;NbP$-vHQG$je;U?<;}O_dKwxKmZ%_JDVxH9hCDD4<#H9di)7$HVmG zYm`V*CFlmzA-Eaa>NN7zh=!zebtpC63B(FXpNr_^a>wqxx!3yUHNrIIm%d_YsD@bM z&-&syBMiCgWA)^WME@0(E0$v`7t(zOzcS0)aR_Zl7P8cyLWbAfoxTGv8@OgZSRCB= zSIgX#EnN`P{=xxn`sJ%PjVsmf?JiwWN6^4ZL)lJ4MuUR}J6CVc;mf9StH<=&qbFwp z{mflfEP-|&EH{MSwQNDOucSBWfiW!>o}1|2Z{|%XL@Y45m`6%b@h{eA5DiJ_^RXE2 zf=*^+Bp5D6c>Iw4-KN)++#G3>}2G8Cdea%-uGaUv;EkQuVHc7%JU!*JOlRT*fj9W6W(b zYkh8e&hAQd?tb~K8nI;suUz*YmWWOH*7CwJj9o;+TFpRblI0N>@+Q5sp6wTt@i4U@ zM_4zKQ-p|%81-g-4zhZ&6n3>x`?_^47U1fyf9lotJlL{}Il$!vkX)blVoFGkl)0l9 zUsim|`aM@$L2~eW>0h}zO}HM4Gsg4=O;vHBYONtXD+|`zNbua1%!K_rlDr6S=Vhf1 z=r8Q!i&wSCuMyPH1Pw`7|I9118b`4%8aB@4runtHmEj+de+o=#iyxlz0>cKjwZeqQ zEbyxl?Tn14r$|rWiO}(?Uwws`ccgg4fE|T)t~KMtoK5 z+UQ>Dq8NnzZWUo_7q#shp^`p#z;fCz=MZXBxWInKccos7SN&&q@atBxG#Goy;~vEg zFh7lS6s{8b2<=9{yI52IS4*B?`ptFpRCGA;m^;df=>=bcTIftwA*3Yl9?1MyNwJ56M9{7wJ6JxPbx4vB1jn2Y6rT zCQJ?uSPw-Sgd(SwwV(v^Zi|KKIPM*m-&H)58+0!)+7Y$lJbt2c1Z+RTky)}a$RAMa zmpT|{G5R`dA9^}|FYv}uUtI;qrmR$tgm%ti&egRLg0J67N_F}Rh5mtb7xMbX&*}IG zbU5It2pcJr%=Xl%CqQIhlBg0rY@b~tic_l;*SY>=YRZKqqYJZ?#)LeW6^xbAJ0!R3 znP*r3Roy`)_`6mK%R(oqgS+m!Cd{lr zs5p=`DxlLA4H$j6&w4mvCWJ4iTqq<10QpX-RnP|`!eX}zsl&+o7nmVR*VWys-{-Lo zN*tZ%iY(mx00$i4a~GKfJqY-GX`Ek)WczZ7jbp^?NX^zU?fgpQhN`{s`Y77sJU02Z zrB_MP^1O_uWEF}%Ii`Kp&wr*Vlzt~qSl={yMptI<{Q57AM|+h_&1Y1WN9G$^fcz+? z=-IU`c&bC{Yhh>SKhG(D4_6XRh*V^!yfHkCmy7z?n81CeMshahF(@?9j9n4Je>!I=(HCBZ}+@1zn%=ih@;sYXSj2c$JU@g=XQ>dtg@=atM%VU9N znBN*~WkxWHNoc6JI8bP}oxjQMVOhEHV9FR7;)nI`W7+R;xA-lSaM#R`KTCO~koi&T z%dR&@n6eOQrPVSE+P_otbJbw;uK=hRasSIsR3fK=oY3aoQcHZl`Q7`~D)dW6xsEh( zF9@>6X8We14@_Ote{bk|r|iQXSQAK4jmih*?2Yxx`|l%6^S$N(yv9ix!Qpe; zyEHZTd%?FdGO{vngkMfnqgOj)ymu%&`t3St&c#JxJJ9IsJU#hwZXmu- zrT$a>SOMq$E6L-l9_zDw}DD?=;rM>)}g7!>SUjM^d_Q zHZA{u5%YT0T5aUqMW*@k{h0KaU#fbK9bAj}#+x27s9eWUv#JQ2)s9x;Xn#P*shzak zJ8p7W>9 zsNXgb`YAd;sacy-M0MM}?w~KVN*OuO0+$m55Jh%Wuh%*<@l96+Ln%JW8A46%8k6lH!1L}rmZK3S z*uCeX(E4JA>^}{|>qm3r{$9m>lCOSnAx<1rARa|8dRnh8Hl~E<@%0d+8r`%FDMsg` z&D_vqYYw6JO|+rfw?g-B@>`~Zj)Nce<}KfZ}DrUz>n<78qHAx;z;2~sNeGt zXK0wp-dbz3JHp|!F&6bq`w%6~qeXrWr4Q&O*kr7@BSk%fL_+)fj|l?`qFn;02tM6` zx{ieOPY6D&=LDBqg@|AL+3}M<8*jXu_(VoZ_)CTfa6HBkWD;QFL!zaUhC+^nRd5Gz zdGV<;iWku^z#8s<+VOiX5#m*yoerg=CFGa`(dHc!JL>Uk6OQbsbX#+kp0i4!p$i7U zEZBuR{#8%Olyg^}_b})e7@9ft?shHOvbir^sk5aHlyR{n6~#Y^HL6QRIaVYwdK{sV zWxLF3UW>M6_@v!=SUr|M6invkycL*qO!g*gG2U*8f@RCs_hM&4r>>nc04kTXc~oy) zSnmmKP!Fl~Kx#f*fZ?uc11Vg%UkqfjT{KTmS84_W%%?l8^sa^-}YAY_rW z1`W@4w3_DF;1$nXlct0F3$zFu05dzZ#{8?g%!>RioTyA6iQg<=5FRMMj;*4zm9>*o%rNAF1^4@{K?O5}H4+lE zjy+Xl9#(OlUL*Mu!ay*&p^41`#!NLkC}hX3_}0H~NTgRc>w}B{v77ETw0!&@Q1b>OO}#FcA68t14Gq~>KhBvS z`h>`r9@4|tGKCS6ievf+)6FWhXX5D=_p(ic*~!D7p-!|os+r^C!`c%)jhxQ$6XM{) z17DihDtOi!`WNE$yMsQr)EsM5UtyZrMH>6dh+2ui76k0tZzbYfdx}rhfntX#V(7mKC1tVq-mY7UWKvP4cI_5x2r}_RIala3MX9iCbwnP0!qzLsl)fVEYAc*=Hoh&a`_Y zT1tzo;>5{9PJ4h%3t6XJ;X#vs(K>6@uQzNb-0&ob_N}_L1u5R-nBw>u-Oj7(#DuQM zyu<_w60#J}&Z2HCZ#)Z{7Wg#LPuY6rX*bLV1t*^}nfxV#St$wT%YE^BER2QsACLmm z3mnyc^ai0%>W+D)6M_*kw>ygcLr}wOCMm8uFJ`dZPe^&_YIT56HSINjY;+8I$R|XA zO#iru6396z*|H_qbU)@VyP_RJU@@&nIE6S^K>gu7Bmnaw=W$1Xs*(+$iGf1s_X9?X zfHmJ!`^ReQkB%x-E_#zdV%bu!-%k>QP@^3T{#uhh-!K21%AFs7**k&k6$Yf+dy*C) z{f*pk+OdDBCZ!YhWoB2#2I9M^EnD!qjd15biO1Nz`kW>}dbOo^O8|v)p{Ad_cjuSe ziEc)IWuA@bj{$6F>_Kx8JE%vd(xq%CCUD~FggxoFSaOhi^<(#Eh5UU=8-BQKcX(GO zS`SKI`xM|JC;odX*nQ*kmvdocQh#SG;fTMb>FbaH4snE69%TSBspTToUdX1sgP30> zk0Rmdy)eTIo@dlzY~4Oux+5rTuhB($`tiHs+a)xCK%kZnZoqu@w-BD{c!x7d4&v6$;yayB zFE(3bsCjLJe!384=d-w%fDJ5LG{P$}-iG}TpSc^mt|FVYJ5!xhmfys3Nwc@|4iDsG z#2gUamcw%L45>x*3|+(rIB7_*BvsWe3%~t57PB#alLYi?%sq_gGL@68c8sc_COF0T z`sp&`63Q|x|52%dh4YKi_v^)9S^8EK#Mg`t^Wi5ALq>N@(6(w6%)srEH)_DDmXPV@ z^HV(&C!?gZFG~O+)V7`+eIO<6wOB}DjDd^TIn&gfh-y3iZp*$u?{>_1#>MF}4hWkO z&9hr7z1_CI-zuvaLAzeIOE4LdqCdS(kah;;uGQgUaviiB%%hkZ(;g!ERN3({7w_1L z$1+^Sr5~Hm7$-U+Fw>YQ(Kq#K>c0C1rDt=eSFTTR`8PD{3bJu;-XkSr2~^XxYj+va zY{hIIotVlBWPVR`_Z?`zboV<}q=T@6Y|H)eO8F3z#P?rF%5yi?8SHAB5aj^C+l}~b zn*E<6k@@bvksqIM%jslR?{BL*cC<68jZS#_exN;O7dis<4OzZpGT#X9M5qN%jHz@n zP#aPr++s$UJtMn_crrVJl(e!tMm4^P#vvrRo4d)|=?@dBt?Q;|q~>Gyrl*+1H>W&v z&ezkeAlv2DA%SNWOq%i}+S84xZY8eMxYV9K^4gBhBB&F)FBrWNDm5v=zl_9V|66*7h#PV32nhSdh5oXqEciDc|^CfiYQZ8#hO{c`^ z;T^_Z?D6=2xpE_Dj|c0SGaaW}o%@UYdlm?TF$e2$HPyfHho^GnQ4w8&!q{KY?&Tm9 zc7(08Q`n&ujo*Koeju>aa-e+IkK#x{s(&z}!!EHH?w1i`MXyeXtx@pwAcHWaCus^ourLmf~Z;Yk33% z5tiz3vwTS*c6$lmcU(f&>6ei(C97mju_nQ)03Q@x#jl<}{3#Rg2n&?fQNRKTqYO#= zH@EUT2C8rq221G(DnotnAz`)En!jF--|1CS{5LT2mme(c9QP%e_Vk@D;csS_ixvJG z#uIs!P&<)a*^9shlP3Y1p>xb9l7paGzjUw^KghE_;H|56O>Mh|ZXq~qd~;D2YDX*B zSX^n3G_@Nnrq6>XIY{yqF&`{UA;e(T;Gr#nOUcu`gXwmIc96u4!7w0JuvsFiQ0K%( zZAn*98OUp+$#!|aBYwz}Xu1Yo+te?xNy)VH?kBlz8A$i6lO5=?5$qRcvl^rNiv%?y%j@au|P8a*gnWy!+S%xxoLwiq5|f-ch?^RU6hV<|?Bih91O_K~u8}@aveQ@2V6`iFJF0Mk`u( zV5pwJ-Og`3r2WG1t`j<&d;g(SUA^Hq7?&w!!SzVi37+ke?7a9&uZCF4zHUA$P=k=XmW zWRu!G;{nuZX}8$HU~Df)s0ilfd6j6_@i|UBN-V4<&32q#^+BOmb9>}#mD%WNv?Vur zc>9Yzc@~Ku(+)i8e+_U9GyD!uvcdv&vZAKGm)+LN+&cfbJ^Kdgbph}1f4rOzpqHJH z;-hl>THjlJzWh4a#v|5i_nV`Ef)XjtIVqZgfL#1!?bn6V{Jp!kF)#W=y4>6&xuBy4h z&{40xS4ceMG^5z>53RuT1YfbS_cDmAf*``nVdpsTkNFFi`B%^TIbv_IL1^WFI2;aT zLSj<^uPtj^8!xfCtjTM!|9$-KU6>qxmNJ*$@v9#@li=mLokZEHxN%kGmiXgx)UbgS z@@p+aJPTR+kI6~8HzvK7JgP4#t}n?0IT3*ya!WJxe!hI`Z^GDIIhl$2@r%iVG9C!N zUWxv>#F=no0Q;xcq;t`qa>>k}k1I;he@U`Zgzc!r3w+GL=u8((9~s0^mh?^u<7yMm zsRzdA`9)T&L-7)YXC@W!TOED9^P6|RTwUj%;vETCuI{0`t3D);CVhZfQ?(}#3dJoK zCU*D=+YNQ8E!RR-+p}uhe~2C#{n|&)fTPr5%5vVJT1bvJb4$;R?+3Hx-pl2~N@Szo z9Q=-Uyl?cAdmsLwoDPeY9#Sa;uDuc6hfjVnJ>X=%i5*zVPjTF&k~Ll~Ll=bpVLkax zOV@ZVsL+_^`RU8xdX}r+r?$HuWe9;j;9$H0?^$1_?4OiCe1(k1S-i({EG5ir6Wdvb zND#?cGyl+6``ZP{a+klVq1VOjOGboHZf}?FVc-uDlG(MziuN8l1h`&HsM2>^Vhf+IQlD}jOUc!DRa^tkJz70;`c|Gec zdhm|11n_xsq307G`m3W{iQdq9+mgn!$yM@%+eOMrU$!;~3yD_7t?%RO+QB_Fy)DsX zIfsX_7$^cu*r%6gv#4=-_Ucv>IjSlYYmnqZ(ZNX?l7ZRk)3|}9Ijbwb`P+~Ms(eA z%OQbcAF!ZZ#LXEWz@Iz)e6MAF>Qff@)J+ZC_D*Pr)5pYh?8UwNc=O^1izNDrn1c4s zJ65DZaz$K^mEmqhp6?6+Ugwu^??dkB^?9WhoEftmVMG+m&LY9r8tT4qNA#M|uqLv% zpwFqtDi09!XJM!#pNA1D#i%WFmj`WwC2*7^uTiu|u4}^GcMdKV(>3g3(Xs97V?a&x zo82ygHCbT57~oWfIq+TmBZe(l3u`1t@Lf3u5=o}6ImI}urFk|CsamG9<|`#}<}J)U zy_9YsCnpCdfkro6*N>iYmyz2!+DOySmG}G!OzNjMO4=+1X=Bp!gxa zX-S#J4k07_p`Ko<H22!bc`Dd4o@rh-%oAd!5J&EJf zp{#*oYkdADvL97#tt$MgAg%dw;~o9J53_A75bR(NhW2EOI11&AoV@H;t%fO!>z`@( z+7~cRm9uZsyYuZ^AJVN&&||V@g+;J~ocW`acPM27m+PtCn$qha580uwd=d+zetw-U zXpeTYlQiMLqtdgQX3bC=C5v-*NYb{LIJhqqYWE6OV!CuHR~}rp%lf^jX@V@b^=RqR<(I)f1ld1bI zB#i_yXGfL$%yyT05(naw-|dxB4>)tbL}nrX279bVFMgO}ZVNWr<@F-%X^9eYS0JIj zlxHT~6+hZ$8w97@d}G|g4XKS}fav19#cTHblPfGW5*~%5-Zr7ejSfyL%*QP4oWM2a zXfp(;oCO{IENh?c^Vrmg{P9BT{ZHz;f$!$N_8$t_q#Edm6Wr|-8mt_v>^gp-Q-fy> zEHNtA1BDZ8dCoUt?9U2Fwyl~%X-{pzCQ?E&ut#C`KA~L+&=y-7 z$1|kqx6xurH{=sw?7c7tn7XjVM~w%87+M_six!K=S-mV2#@ia$8LlNbQy>{b!9h^1 ztBCIq2=o5#9(?0Umdk#sNJX}~VTIF!Myx_Yr}tkfxrd}pJ@X&MQ2X?v)$wXicdq7Z z>92?EB7WhDbKG#Y@{L2K1qw}o&-6ZMXUpnBLN+~pwnS-$@@}9J?Q>Z1k(s-3bU)?Y~ z`^!eoA|=x51LNSzZ;ah|bK=|M9-H!tuY04n|6MdSd|1;CdNi@Cp7la5STok$$f0$` zw(iMTA7%=Z| zKN+#!4AIv75U|!|P4+X36u0y(vA*0f5>vPP#yXZGvmi&H&1`5Y{q^afut90{cHnd%*bxCe0M{#Vw_-x2>+*UeHSxUKaPkGqz)H?EtfL{)wJEO>iYln zgSmoTn}6K6Y=3upp0Mjco3O6MYsC-$l}yO#2``}z-kIFjx=x3H6@=3yljKBQg?EJu zA3LCI3QMaEDC#?QxC(cQjdf&OMpx<+F)&i%uv9Z zUe;53o}>X}sN1WfQ$Y8Y@+0eHTOG2eF_$VZ!UqTAm%uxCru>QPUY`1U@qVlfNiM`r zToU0{ol4^|omEq35zZW?gUPv3lT9D=kD@#Jg}63e^@>lIg{J$yZLh4^c)6?4 zvO`fp$(3#Nf9;5-WL%=I1Ax)RlewtdNvXIVw;jfn3x> z4>PB|%_-JbW<)XleafgafuV;K{Hul2h1Z3ns6jPD#c0lyQ4l};dCmdp#EI^urgR93 z3dnwtr$o22$0;BW-Zoa4j|<+f>2FRK^q{-)t%&Dg-g=<}k;|R(C1fPW*B5R{)4muL zKiKGFduwaBH#wr#&dwpbDP99D!Cw;rRL3Mx++f7e#zj|W>7xfzTs@|`8?r;0>Z1K;t+Fq5K~X-DJwQC4WKW+5(!7%z z1jvZSvzUavnRB==WBM3pbl|Kq10aJPn%8DA<5D}t6${n~Y3Nln{_rq-^eu>H`N!JN z;6Ckg`OlV=SZ@3bcaW$JMT7`VDFmz*&d?WBX-U(B`g&MBS;p`YE>g`+T%G#$$u;QA z9#U#$-`9EKC?{8p{BcabxAHn^BjNA;y9JLiTJY)-Kr`e}J5=9K?K|2~9LtSUdXE1( z!}n!OtW}xx`l(B?$mCUp^X)vIhY&)X5@Ha47rRm%F_^U#Q`I0f@H;RIMsz^1jG>>| zf|XsHrI^4hG@DKO23H-%Zu#AiZ#%+I-w+kM@}9jL*W{NNzhA1Dt)IJ%OEf7*+n<9+ zJwZ{W;pV!mWo&v<&E!fV|9{zjIn+UNeKTBA=RQeSWZrNw!CI#U+kL@E zj}KLTeh8I_($u~o5=62EfiNNy+f>PFKj~8pAKjTtTanxruPxqSa+a_q4!7~>8MCAB z(Jrz5UqE{vGHXZT=A{F@*I)l6#0(bsQ^?kftw1Joo4Rlb@<9?Vkx`;o^MfsGuaX21 zuM6je+~Zf4^c2Mg1Ju7X#jX?%q<#Lq{n#@;jZh}MVh#!itRBSWwDeNiLzH&Dzj|b1 zklDv>fUd-2d3$AOlFEROmbr_^iOL_#{8dKozD&4Nd+Q~R1xsP z`skjReV^>*R1o>eSEr-*A&nLw8N?W6zRtj}>eL%V=aOeu|S z&FEl~#)C-#=H$3g)P&#SX<2sa^6{^xT5I*;Spl@hO3PM#LwnueJ{1MHP{SGh=ho=O zR$XgPjDH7r3HmB{KV9l$zARHI43DuGDoq9ge=9Z9&#$Bjjo`^Tdh($oE>Aw>F_!&xR;!qI9iR&y#;@wI zVC*40kH=*K`hTwNdX8jJ#47170(&blE<*NYayMop8RALD4plJ+Uk;uJ*oma``|1mF zvy^t;4Vh?m;bw<}fM{V< zBEC5^Ca=`AWCiDKn41={%jJ6+V1*S@ps(C-{9EPe%!9R<1$??5M4|0_z=NaWcj@ch zpfF9(Xn=-yA%C!Sz4IU5c(YSuY$-Jwz1|8H*52`5AS?cu_}ju-4D1tZ?y<_k9YskV zlPa{kI#Yd}o)heF_76h2Udn=p^TRWb+m+kZZuRnhB?GO{aU9c){o^4(tHZC@L|!>) zbxfrHEfg`}gChl6_peOE70}2FxTX#i@4YAoS^*Z5x30N8z8e{_$-E6rv9dT ztiez?&Dw|Lgg(Zuv>B~u)|)`vVR|Xu`uksmlbE9rq+BE&;(GAb3rhYPZUpA>k{G;2 zWOU9({KXwxhC50$l`S~mXP!E$U4E z(mO>*_VdVdVT^{` zCH>I7Ax_rq%CNs`&~&+T=K+ z{~+1#($R8p_DTYrP10wiLfF7G+ns++oKBAluW*xJR|1V)M}W_(xLV0Y?IhF48~i7_ zXoaOuU1l+7ip8krTDqtd*AUHAbNJ*JmsGM0gAFpHL-wZ9w}i4(H2Sz^HWiEwS4U5` zbcOZjJqATb1r!d>v0lYLgpljP$8=sQveF%+GLPHWUK9^&3T4^}Y6aqUd=3y##L2tW zH5&XpE#4su0JnyJy%*$fJc$|deiG6h2QRT&D|G+nlw(Lz>>&I=9Zc2rc-c}p@j^AS zu0UTu0nYTwbFK3 zc)mAx51fke843L53V{#~Elm&uNna*S<@Z2*6-t=37b24vmQ*M!6f({tR&anfJ~xS4 z3cM@gy!*KJTse)Lsw>inXT-) zD243M2@pRvCw>tVEeIE45tZ+J%Bvg_%zpJCjp!w|9jH3L>pyN_zS@&udUiiEdFyX) zUib1-<@|bQTG29L$fR`>H|hR=B5ia=b9c8c@~NWOdJ<%ti4bDBm|5*L&(_A9U}T4v z!sfu`%Lupk8!{?SKpmHp_FjfGDupIl zHfi>K2@MJPm+s!Kp0Qhr+$EH0=%S=6lIsLMOo+!@^G5!H(cv%om(|R@=P6g{?LrbH zAAA%mLuB33x16j?8vHaB(p|mq`6UTDdCve;5x(WN%+e^eNeOC7ew8wwz23I1nC|KN zr2>z%ZT)rMvVT!u0ml^*z>KC_nl3L?`*s%lC5e?W+N8 zB`!Vn@zf0tkNhs1LAQ`#5uu%daL>7K_9@lT^vju%AN1JBxus{G!t7%@$f*g;&pmn` z6wi(PhWc(TV;YW)hvI}7&NKnYbLHL+OL0G^@Mec{s+4D|O$sy4(%m$#Ol?}7rPrLF z=R3#jD3G>lIMfn?yhjhX9X4W+j=>eS^&L^}=~9tL=5jaeZWumDMTcMktta5>Qa$;0 zoJnj40Y&^f$KF(pG~ejB=@;X&=XC2aQ*e%FrRn(|-&1x87>DcSCWzy}r+=-Y>KDMd zkTW|b6+(+bq=8tg&yDf794I!Z27iw4Zn$`=CE}mT1wqg2AuJ1p6%tEwsDk84hm`jL z##G%{3$@xD>5ouuA@Xw-aX@x8{gFaI72Q2}#YPGJmD0Hqg6@fQc6&pV#wG&XvSGP>9L5Q}-O=?UrlN3?~EWA(eDHw;GP!>e{yc6xrtV>KtZJJ`z#a!9aJpuw%)C3035m zxp2?BOWl%^qx=dwfuyWdAdjl@yHNI19o?rb0L@vKf7BE zhP?LmAJVDUhFwFK-*V7ZUzLKU+O6J*1V%mgNX&cPm<9ih8p$rHMF(XE4*$+t-S?M_ zd$ztMcYgI-emC}c9FaJaS7El8u50MS;k;D|-oepP*<7wov&97CVOkX416%L+<}clK z>R&Iy{DU<~<~P4oh~dd+{n}_fNql~<+v+}m=p`DTMv1TM5cWr!H$OKUdX06}-X9BK z6#iJq7Mn3mM52=DA=ThE#`#GL;WIZcuKZGJ#OKObrRV2m7clRJXGcD?ebHHO2!3Yr zZGyJt`cmoH!8|fjZV51Wqi2HjC^h9t-`{E6ZLeT~5(8K8vmwk+8{E=S)`}(PUoV2D zZkTG@0b7oxO6$L8eU6bnx4xlAk14p;fX1oP)$}au_6y$K(+h*Um9$k3ac!kVH(RN3 zKa88jK9$z0z!t)&#!i9(2a;H7E zR>;gqNQkCJ0eHBdvM#ntM_WS6(c;aFwPGSzHh%Iz^5TOhS_4_jiFo5qQdHb^aamN{ z$j?f(2hYufAU=!u%zME%9LxMtUsxA`2nZ)S7p`Vp@+1uImrWGnY{xr6ul8{Ll{d`Kf)36Tv} zELd3i4DFDT+;VGl4k%#NBv=-K$$a0au#5#b0FykEkT7}iuPu1fPgt31Q7&{iS$3;T z&?f@e9g}mxaKljyOxNK1NpS_*6G&#CzOH_%#Kk@H8CGaA|JPMbBl-OLNcj9{{#nj* z0aDCK9e)u5ea^Po=8lylBoBFk_jk*{7fh^BtTdrT?XH}{Xk)=HJ!t2_`|i0T$Aju& zXG+ujN?_AGAe4V(v5Ai5*P)%*0GdG7nx~7AU?${L*tsx~Hq(*)S%nWmr^m}<+~mvG zdMAP$k6(IPG%YZj=y@gla_7*(e+QuPcX$o20|lyX%(0N^IBbuFE}K}- zeiX-0K*V{aV~qFqcxsFv=C<($^$t=#RDS40J_%nR0wLy`a&xUx7}d0tDr8omLUSTo zapTPHFD51zQ+EPRm0$iP42)dy1%Hs9{w!e<99tpspXN$dvP+N2h_s@0t9gaw8VNCE zc(NHS{xZpcKqf&*q3oI-Q=nJ}Xz4><9 zxv;-G39VkVd#M%T5ZW`nHmQf7GvdZip=oQ;2G^+<5Z@b)M(%GdO(w{0pFTCv8K|D` zO94&4PnsYNr~qSwD_`t#J*Bt8YGC@zy${4D=yPqdKBx3YbY+rYM9IXM+Z6Df`MS%S z!A@k{MsM}AC7Ol+zz>aH_U)MFFw-vCP{L)le9g0#}^-SHWP#XTfl4-cbKoS zDijz^b{{MqDn8D>x24SJ_?)fQdb}}tC=N>m6LpvUgbuaGIKT*O8JNcf&Xq=JrXarI z#P^>Lf4%q$q39Llg{1+Nak4LQtN{3_Z?QU4D~IvEi~()yFSFo0wC|HXVk~7H*R&vQ zWyPz0ceEJd1Y3IWUVLaJ#*Ex;p{J7RE~g_>`Kv@Iz?oT~Xw7<9C@ZH-17nObyb$_} zm7X^yG=}0VsCKLuwnln{P=q+Ds@ta(rg(iTeaYp98FTBqB!~P^C@-y?Z(^h7Y_Ewo zzV~`@5%5;dt6iacSk3O=YAnczCp?PwI*PS<7I0)E$}Qx!=xh`!0!l>~gd(JN+MZU% zAWx}0`QQej72%qp23|}8ui-V3?>nI^Plb?U7u&s{Mr3oc4>yxP!mVT z=08ZvLZ7>}bhzt&Yaw2Uq-OB2AiZkr=kBNc!y4;r=bD?{e==XDV{V)-c4ogisR05L zGdA<6+8V3E-j4V7sl3n2!~_UNNqj5h_>03OTNu==J2M+{42A*2{SMh#!?Rg12P^z= zwv<6ZS-oab1Kgg8&}{PdYHbUTg7?Uz1kqa-w4s>mC575Ay2C$DS_E_X&E~!(gp1`> zW~b%69+9mcp}!RPdA0F4kq2vfqPVS!aVV z;I)E=d%B%~_^xVWezA-U%;FR7_H-Wg%%K=H5`T9OLrf+TH-bAKwt<;MiTXL^=`}-q zt5>}esM#7jIK956__XIlKtXwcbj?Twu z)!D;@!V&Vj-l5};jzvrr_bpikL}Pe^d~-pb0Il$kyj2gC)mXF;wy)Q7fk*p8f4-wm<%FQ-JWteF`A^c zRS;*~y5p3s3r*Zsgo*hY-c%)hL}XNHj1nJQc{&D+k&9j!$XFje?GgkV`CBAcZoftj z=~y~@#yu5$Dp+9OgUu~!bD4m4zd~?vaQutqwvtPX<9##O4BGp2bo0W{g6xg_5nd0+ z-HSnDQZ$F~Rr3?Z=Hs8~W#p+=nQB0wKgr$CNOy+Tx9FXxJq>i-F^4oz)g23O(kdb^ zqHGz$MBu@ihDsEupUQOz#Zu5o_5Jd=j5by2ZC#)O%yZ%_q3J$7&zD%CtTz%{4epF9rtm;ehfs|hI#d*Iutt(fsz9k_<=6DvqB zi8RO`{Zmk!wn@1m>8&Cv#Ea@|sofLr@d%Q(rT}W~*Z;7nv6G|SYH3&p0+}yFk{Y^g zsThaYHL?+i0T(!UPIGFe)*Y34DR9K@ut+{6*`)i4)JEb;-bqIf&vPD7Bs(4x5KJZ} z5jUstCP*P!MG{-4fz~ESG0EIJ*+-%#vUz`H0oX4XQ17Kuy>|a@i=>MnG=r4mtzJ7f zHak)_W*3bMnHG=@KHn&Pi!tLO&7hPU_NPPnZJTm*^=r`Gkr5&F!O*C1GWUTMcS11L zhBf{GOLpM^M8n;dDv%?!GbM;(ym^lDoZaxNa1?fS&3b_-atMoenJ?o1WdWSp>1LK( zy&Cx%=)DyaxfKQe$`Ojeqxp`7gxX^&4mj8s@QI*1q|6gYTXjf?*w&y zEWl#v^1=rhPZH3w&tj8i@|>H1vDwI#KgUp1(WN9H{N52 zjeyda<_{s#@Mw!yN;{d@e|x=f3Hu0jW7;_AwFo?ydQ4<(Ox(IwFMzdwlRpXde8Dze z1H648Bi88il>xiDj3(3of&7R>?fh7btsauWlI@RY8pg;?sIbz#Wm*=lstiR)Lw6Ab zm;(G5T7Xu`y*KaWo+|PIcimpk9Ns2ScY!TOEg}hsbgJ{gu_|Bc)Z|ukeU+&9BC$vJ zRFh4l%RL9Ey)thtms{SQt39)tq`%ClxbMIn<1cnzgmAXuvbwTTYR&lGwUE&auwXwb zf#2`Du-uxlrPtBE_2)@}ngu_-3`9ECxq>$n>fJTP-*Pd1f5I!qizm&0)P1%g-a2fT zTHKtx8$r}zZg^~v`{@VAg|<$v*uG}xs*u$?FVTU2W|7Od6d?1RAvP7)ron=@IRby# zV!Pj;M#d64E*zWpQi4?l)_&XOd&m2jv%XTGB);34v!KLP%vQ2@hPfRN! zu@~*J?EE}uv+u%WKK9c#|&79J{S;n=*rdA{^rXrMQT{g<5-=k#vb#oqIYSEQSsR)_$y zf3(AHh?1zD_&}NX4xq(E;#NaULL;ssr!Mj@`ZIYDw$~1}%B6h_cst~Ui*!JI%jIYN zbl$IO@~!@5)9=Bz=$5){Mt$J9KeC^)e2*VT&>^=iyV!d^_zb*!x8%cOOkc70R%m)U z_m{M6^k9A)p^;R6K|>jX;&N7q2LF{kuq7V`A7dbRYV#IU2YSq2%DoS|><<##RXy(Q z59~Hhd>uQ5bCbpoDCnw>I3UCzc*U-vgcyOCj#te3CW{~sp1cBb&UeJ39Jq+vDevWdzUrzx$H52Q)pk>^#3$~58Mi;;)zgZfxQQ3n0};2Ea_bN?Jno-@%9VOSzRla^ zs`H7z(AN`6_U1bwa);LPaMtseTC}Qj+|+~-CZi~?e@~Lpmx(LmwI7nb^0A02g!OR!b)n&sUAkn>-~jxc9w(rVs{f5aeFKjr0=jZ%e0(@Rvxb7;uJwkw$gwvh`fkV z$1GnR!;aYvhh2tPI1u$!hxQi?itB7*c5a3VZS=#`n`%WpDklAH&Crsgu~w=nC`d=yy_HcOK8$yu<#HFa2N< zA~(((E_NrKKYBdzNh8MF0IgTsN!ph%hP|vo_@Pz}?ATA-K7_2%dGxqB;!7zRY=(iY z`MX}=(ezUNFj$GthFcG5VF`cbaZq_oQ+@hyC7P@kdfYwUroLCpC!g2*$8ozeKC40W zHo#QExRSZ$ouFZg;wh*Sz|Z-Ief)&9}5_#w3PB02OY`Ju<*K8fiV=h_J!9Jll8 zZWiY$A3O4-T%|$FXA>4Z(7=Vl-ER&Zx4=?j&4MdZ(;#Q9zfETlY~R2C_^R#r3lU?Hz^ zVZTS=%9^Y3<{b5JO zR}0N&*dlfT{(6}DObuM~H)=+uu9fHPwewr`7tX^N?FQ%og(&6T3{4k=Wq)dhR~Xf) zE~%d&gPbY8Fl>p#0ZY_&j8Bw0_jb?btQAz|jd7eA!QG z{i?_bx`6s~z8kcA5Vm@#s-|xWhqztxB-UWjB6Ekt4byVA|59IqkNyCMibEW4GjIOV z^Y<}d8*u|MJ?mj8NxWjHW5n>KT#4DqJEkG1$uzbb2e2X16jFwrI=NTicuDOLdxCFT zF6yQISdyV9AFs`yH6Xg3Z-5Z(0 zVO_A{179gn$AKP6G{dAt3=>ha_^3G^ig~c}ASI_>0sYD>EtX?o=c@F@3!Xd-=Z<4$ zps$CBjru(x&K^8HVDg2$psxi=1EbtUpYsVtD}$rPF(pdrTlT>sIubWH^^oW3iJwpm zzOWZ=XnWw*#XI-*LVm5VMUSm^uwEZY(O;NADty8-laUTMZdptaDZ-DE8(~N`@=TJ% zq7dZ8O-#vK4}cQHFp=fJ6}j7xk}lPu?^2iTn_ueOOF;;lmb?2r_8kUZ3nfm`tq+jY z3Ij_bDu`QQ55fv#N#K<474isU9n7L@35i9)Ol%JFn$$!7^?q+=?`pvKy1}p$lM9__ z=O|R23A<-z({#M2+_L{2*F(xfjD#Mq!IVQWgH|}mbviCc|N0xpi354bv%lX#9zke3 zyaW2OpP(7^R|Rd+;oCSujo=5B?d*Xq(qf9<*`w!aFMMjAaP6rw4*etRW%4PEL@U%_YUeS1d|p5iIyghhZX&+O!s_9fCo88)E}3 z3KbqE?1=?wR;r=ZV?zlN5Cf&o9|Fi+Fh$FzOdP z0dp?#Ns^9d(@N?b7HHsg)cKC-6M}8?Un=y2@isVdg*77GmI`n z_>YF`;Whkg?QR^G1Wa!OJhyD|XbWwD)V+h0`mrLyAg!-^k%wIyMjhlPTB*+XUeJZ# zs_ZX9(zTzIek1z&`7OlO>R(FzVh;W2V1puKUFe|D<*o z{VDPq>>No{bNo9qr_~Snp%vzgMBrK6u6(_^JNi@P1;0I@JjF(PvMKskCtPXFv>wTsX$^C z#xEYM;2`T{$^yt~xl(?B#u9o#qQ}OM%kp3XPlF+cyppbW;O&+GcO>4WkAei`yt;I1 z@Q_v@7rSK#J<9lrHJn>6z`Cdx*miy6^p-v*$HNq^E9lz`xv1mH?#_IHIj!8Zuv zd@aoOM2GRTLKALw5m%&YSY2_UVQ}@t2fDp@s{xzxDu7E%`#S;b}gDJ;r z^I)FhZOD)Q;F8=rv}t#9y(YbT?TFaSJLq|0i`Nw8P7@iox7f9Y871ld3`U$$i0EvPyC|4x^tm`78K^YquZf6L}A(HmAD$9B+rb`i1FSfze+T zxBHq%aXU})61OY9ga^m%X>a9*onv;#?V8k*u81!wVtuDv1or1CtQ6MX0$2LWy#H+F z#SFY+e>?;fPejYoB#;-c;z?)Z74iuflY!C~g|Lr=#9>8_+$8o*OC3P&k!0)YhrHT6 zu2HEjK6IKq$IEM8Uig*g>S(Ki$`jNFK^F*>s||8eY3F&_Hg4eNglRNBgf(KD6?UeRPBiw8sW55ckozEdoRq33X!Z|Ax~b_D{) zwDY(<BnL?_zK%5?#2#ZDTXHW z#@_*NGd`a~LpGq7T~xY8WhLTqvCoh7AeliC2L#* z6is38weTMI6NCo8{_X&UFU+wg4Edoq^soo|;V~Htarzb(nmm;M)3C=r7s>@5H~Fz}oy3Mrf=@ zsuy6izEnR9+T(H z;=tp7aCv~A)qXYhmp=Y#pZ`Q2+kQ6mD)SK6>F>KidNX({;hA0|-iVF8&~e5iB`(&1 z(LQxjf_8oLGcLreTMfy-t+BApVweW8WFd%0oBg9W!j!48G15ZwRy|c4nb%t zAdSCEZ@mO`wc90ycRNQlKei`7Ei?aJ@>6*2_xxNH<@%pmW;Fr&A!p&3semb)A~6` zv`@0fz|>O>7$8GZJ6xC7njEhm-=>RObjXxf9w2`%=vXLhV1Mnd^fSqI%dcS2G3gM7 zO{^6Y6uPM>_MkQV`lS1G6YDm85x>L}sEk|OY$6fg#Eul)I9lOf)Yp$M9o<7Wd8OOh zq1P?F*PKV@*aP-L49=oOVoc)6cpZoq(Q&<}IFswXvRIM$v*^q}KC~~WFIIgFA}j?`I9m-s#;KeJB{&E4(1yLOdl z%eXU%ccl@JU#osaMEB~(#)E&+kJa`n&UYgai@)cor`)>hVZZFkj$b$gzuiQ0bJNt{ z@AU64HSx`|-|5>OLaq4o%JD}1sm#ARZg>A;1LlagZnQ|Mm`;@IFiuo-duU*HpC^9R zFb_a!?9v}GjCVjUabv9Kr5QdUEYGmZo*D{_UA}vgWkVFg>mBd-d5_CI2<;-VeMr_F z&vE{H%k!#VtRPPk>7kwQWA`I|CB|ZrJaJzc=fnS1$mgoOJNi}ilM>JNfj#vqx%IRY z`j--G9h{V9zLeOV`|z~I8OG^me-tfLeX~}8Yd~TZKE&v%%xJlo@Wgm zl-JMv!1w-9QSzfnO(-QYOTWvpYjA!JY#f^&FTbOu^K<1Ga9*yQn;+lGmwF#r=(R#0 zS?>O7VvJyc)H7%(_*S4Vg5@{}(r?u+6ma8;i^cN99ydds3Vo4l{*KmgUBNeyCSn&B z7Q6A<3B+PT>>|T?CU1=Ack`IjXp5(sbS-5g{BWG!Pg1{K~FxBFY>9A(JcD9oNZ^7RHuZv~B zwkrB9O`pkqmPdb_Ux!hjejViw!fdbDNE^KF|F_16i}Ppl>}fwp9XYi^A!zL%rM~Hb zpq_jNgUFTC3XNpt3t7gFYGJEPoUEpH!3XLkJkb#t3`4=SkQSEkR~#Sv_d40f(5~py z^zO5t>7ujJcA2n<-I(KHhi>+5bwuE1c@(=(2uI%OgGm#`OTNvic<+|jP@fli-7Pl7 zy`fQ__?z^P%`p0h$ZW@a;Ohw0FJipdhDgMV6~&CN_t1wXvA7|JeoA8Z z96zuoh%TpgglQ7PlcxGx%)1n=MyiL|USc}p|GY?+NjnIKZ(XNw%@Q{u!Mm@YZI#2G zxe_RgaB){$;P9Zy_KyNl|UbH4_~m5F||T(DBK)LNHJ9uH?}*i&iXL{%Tq&5%z$iF9S*kLjIeTj3K-}6mr?FeV3X_o->=Xgu80%HYnyvUc7D*ci8 zcl{7Um}Ba7ew>rE%>zY##javJ=5H}yY^l6?iMR>5M*VhZI}pC=aX9H2>YKl`OYru{ z8;i9R_^R_s&)n`e@(9~=>xv!G#Y??9kocXDeY$9on4Qo(>?j_p_uRYmiYOxfSnE#~ zl>5t7LkY!imqSLuZWXjGLbn(a#pc&(JMS$%tReiWQ2k;=d*C$hSh|WxT-cZWVm2m$Uqf{8AHb<1)3=E?QxsE9IJ5 z^Br{a9dg(Qldcq8mwx84|%7qw&zGzdO)k zB_{90PYcN)Wy%E*nVmn<0;}fKUk#QCrW%rLu^K9Gz zhCGDjLm6MXo8>6KqMtVnaiCmRar+NFp&Rm6l)i}Bebbz{J#~!iNnv&V`G&vt^}HMH zYDhnTTpnsGiwJ``ct||`I)vL|CmZ`s^~;+lkF-ef=5%wTojDY*bHkq-&FyJIf8nDE zwo`P0VV{}?HLQ_;)n8Ox&)o?=F~7tvGGR`GKQA`GC+b*l?OnyEHs7>g+25YzCV`Y; zx*4wM;i`OA^>JjJsfl}OSd?`)h>im7ZmHt=zNfARiGF+PV_A6gH^=RQj@vbsZ>8>L zCqv#Jm+k8>`~8UUUG;N4)llJ2B^f;bR6Z;+V~6LLWwD|ZcB6Qmg@O^cYjK(M=@CQ9 zYS!0+8J4)6-JZv|JuIih>^z8$4PTmZg&g2#K~Mb#fb4Hu#(yu)*J~7A5U114S=<05 z?!>|{6vyoPN&M^iYe6iDofeV5BalmlP6lEX$zomL0eN%phigfhN-j{0MZJMS2fGkd z@Qj4Td^<9XHvxRi^X-b;CD-RKUW%635qqq${A*pT{rXEkznJ||tn^fOk!}|#fp+J2 z#Scx}VbKW-W!#T>c(4LxIw)v`~J;}1631KgV;76N!M3qGP zRO)JwdkuGQx%=E-7(FB2>H>H9t=PR9yDbl$U;3GTW_{j0I{MX~a#O!+?R|GypYedJ zt5=E#aA6DpUMQ#->qd(eX`6?=(W5zO>5t%FNF`Q(!fwyGo`PbuNnBVSgd%@;sj~y$ zkkh*z74J@yZxVCaXX#D0`L3U-d`*p6RW!%a}#SVW~VfuUR}zYMv^247DY{Fh)68qXFf>a}suQqHeI z6)|0yURk6`a8dHWu)_sNWs({ylP3fpICzm`0h3>?4|1it^F{xyFxyZ4z>Ddrg%f_T z5vOL@j9@|txH{oW{Y}x?4eE=2#DW3ra(e!nJkIQ(R{ryPQfT09g=rT^ugPu~>QA)8 z&uZ=Trc3xP{YKE=&7WDGd;REEx%AtTpv*wujqpsKJ?#fABga-K1ao_@&6^$wYUQ)k z5BbC4YTTnUN6x!&eu0yI$j7nP^yJp>cELvrQ#{cjBt9#k9)fv_w?lsPSC?cTLcgUi z(_Qqx4Dl!QP4C34AKq!hW}wAp#MFwdJgMP0D`ITo5gr#IKB4Fo&h3ACzSLu<31ao9 znw)XmPJF|kj-f8-AqI@yx5){MfaSIZDMfw#^?|h7=&wqB(*=FOTRTj;2D}~e5`4)2 z7%Yoj%M-(+9ig{K)|+TW|9seW#5cNSQ^*4QA-UWV^jY)~sUBuKi7Bi%^bBV5K^Kb@ z<;Pg0$fRPja#0@Q)7}bvpoilkZZA8`MxNur-x>@GkmpM^i2ZZ3i$C5};Kjsl&xBIA zK_Ef5g&!SD$lS3iAavAgM72Q>pumD}cDS703(xFn&2Lm6Pd#S8!ARWRQ3&_R?-b&f z8AqAi#wO`E)AN?vLOmZpm*!q^U6vDmOrLhU!IaNs92@f6e>~|*{RwT*Sqsf)Xa6jT zT5he-dQSTi#;}6|;X4%G4g-<#ryOCRDxY>!{9-#yI?QULW4N&NkYDq6y8?oQDV{KF ziO-6thhU!K%{+(DFA`;{&1s?B^my3cBD!g@rRG-7r`@GqF2>oT$4!6fAFVL$uC^bX z)r$#A

    jWq+T?wXs-H4?k;Ov5XU&Q;2X}G6Z^M-=%e-MM!eg$TMT~SYY=Ls&4+^BZPM#~g zJ}-281U9{%zy`gGBAx84{>WG1uRus?ft475aKY;Uevm+LdxCK;(uc^noF_xj!y> z`cK?@dF8m>b0cnlUN7lMy<$VAuNI#1XLGUr1mDN=A^*@o^LT7cf~6C_L9bAW+*)DM z1)`LHH8efoEB^2(tY9eEZ~tx=WY93h6NW8uSg;K+`bV{1=6bCV^OP+Z9rI~FUG4k2 z-FQApgB3I&+I4$Nxt-BV`6>NJ^9SPBl>4fGGaV7PhJT*>$)kDkr9VW{4V$ZD-&e{V9RwU?4mB9y~Nj zxdq4$5U=EmaK<>fSXd|r%Wq!<%0=ls)x&Ws%%3z3R*p{-cyMpj<0}B)k#P9DhRhe< zTx{!!Q?Fka^hJbfR72sWeQ4?jgGcxYyfsjw5c`O#9l{@YlFuGc5;t8nP_!_4!T@~> zG^W^P;{RvwO~5Uws=M#q-M71GpaD@CWfD+C6i`7UQF$?O0u_AJPmQ8tL?5RZF-FDd zb$SvK4Mw9O4hfDS4#6PKe2N-A6%|lM5fEiYWQHDZf9t>2-gWBKIdx7|?RD=x_w>J@ z@48jB_pY^md+lBO)>&s2v_!xaKERui^SHMz7Y_DN06t(J@~Azi54(m+&;IQB2NoF! z$~E7%hl$X+iT|LUsH$T{JsUgNHsPTVY&F~PZDq8Ft&qAW`%!`mGALrh2VFQ0X|JK^ zmDBpszX58p_M?5;e_}y~EWji{xl$WM2caP^DNSW7iZ*16Y9SL3GV|a+EL8E0o-XRb zFWlxoQ9#>sljbMd3(ynhca>7tt2YZh;<$3-SKD5+TP|$<)kTW^T0e3SKQcQy%7Q2Q zMfzR-%azas_W8|M;AD#WNk{#Xy*V;Y2;h$`S85~i2mT<|{y@9deED>{-($aOLxm$I zhg@I@OOk=v(y*wxvDsGRtnE0G3yqq8EOXov&HS7mhFE}%Wo&`nIF1iv#0@Qjx@Ikx z9g#R3mSSCkVF`b*hbpiVYkzF`z!UD5x)nZ%_ON8f+Fi~RAC}qtWqvhE@1f=5ILTVi zDqkBX&>p(xNmys@lkE4Aqx*FzAGz>c9fu$3e1O0I@Shls{zo60lyxXRBo_xkpsN1u z2LF+LS=Opvf~hC5Bb%Jk%}=5w;h-(!16cVd>u+2MKDlnAe7OjzJ>&UQZkWV}w^*TT zaG^A7evXpTp4bJ?Mw>{A2=0JVD`nx10EDncI3XB7%Hv^Ukx|hF0NNF$;E~YBLt2B< zmWzVcOb>td{#^OHOS_;Z{h;PXiE(7v&g=~p8zehV`Fyo}v2VSpz2Jz?^oxGmdOn`> zdXb+PZ2i$i>af(|V4QVSbl)%f0sU(8Ojij_VAsfbL(ju*yKug2a=nInCH)2;!D!Nc z6p8XM63cZQg}wNp=TT7Fz;jltZ1AOuV*M{i(7f?!DjRT+295h@i3>NICmWViQ(>_6 zcb3#v4869Ky$`*_j@WZqQr5ZfBLwTo1NUMbtDo0MhnmDXWJW({nUVGTtR$t_v}8tQ zv2Gvecu`RuB1et}g)crKX#qC)SmKk1r8>H26b3Ur6H5 z04az+NfCS|XtX?dt373D4a(u!uy#G_t<}GiQ6HaEr04C}w{5f>KYskii{HE$$E6sk z<1|M~U7@VBT%~|@w|B_AgwL&3$hg3@;G1hUu5WPN$W7e~dgkm$e&S}zud6Kj0siVV z&lK&Te{CFem!g(z7%wo?PXbuO`@^_$us15!OeTX`NGUoe8}v3uoG7XDOV;>ECQp@2Cq9#uXsL= zmtpH%wXezfKJGTp^!laCe(G00iSdf{77{aI<$~vhkW29#QIuUFZ&MK>azKtsKf|N+ zIXTM8KTLV(|4p(UGsl&q(NAz5>p0X0NA!8xu+~RACNcBMf6|!EO;#%XJ}A?9CmEHp z`5)TCs_s&((E4Q_ea6S@Q7ldZw!&YWx>M^ifixqHl9-h|?pC<&i0j}o_~R9Sq^*~U z5fd_|5&TQ_a5K|?m{etUw%_gH2>!q;|HI_1AO4_@Hqo1XF`*(792r>jn{@ierCdor zWRiMXBSS_zp&u;pk-#ABiJDom#3HIG?a4ts-c|bBiGD{vw3X7W+K-xDM}A)?{)B}Y z_Ms&nz9~l8fxqB`^z`jYeDDaixYwhwmP_STMt$T2{1s($C2Yipowyb*YJq}i*ZgLf z#D}`@Z+s{PiQoX$S9Z{he#kGsXgN8C4|nlk26o~)>OXolTvMwS5)W?H$_HHdhqjar zE+U)#EY&xqd+lZIPuMt#{i}9IyLtc=M+r#N{eocA3JuDkO{aFFoml3=4-gxGZ_z{Q z*77o0^Hk!WB&<~Zoc*L|H?^N3jZ%JZWR0WI`VY=0Rz7zgE9xsxy-n#{Bi)xF<9sVb zwVe!!u9-XkLF;B`o|FNW{5@ByJ{Yi$<0X2w-DSkyj{CSj;UD@G>o8mCfn3Keju&+_ zG~uyt4lVe!Bf3j3eM;?gHm_}e>4ir7kFKQ!5nd;P%oO^1IoZdDFloG{AV&T0N_0pP z>lOr{A!sW}JT5_bHCH6!8q<9Q{fex0v-%+!)^+AT@WkwKBNxPV;EQ=OwF9m4=PfZY z>I11}I>@M(+FNcv7YU`FStp)TeuBX9*I6!YAz0B2kCsP~4+ITaf8n0VK*83F^(79XY_harD8Kflb)iQ25)1{Zh!m5c{FlK<;F_ujD(@Plcwwrc7Q4lEJffNc3wlugdROivzko z11d>fx5&Z;&lPc>fy5d{zf2-^)J`dn|Ij8j{B3}1;`ydNkHsQS&f+ILNlr3vVx{;JQxVs_u2StA97fWdx@|id`!D&Yi?sWRs3Waqwjbw(C~R0pJGK4j5Y5j^ zg~&Zysvb}vj<2yYOL3U%w>1Z5*KAVW99wWG;7(HK6|eqD?T7_U)Q6$t%Vqj=bv)<= zd;Wv_67E+RIk-G@(I^*Osew?yW}^!yU*GFWWue7z7ZC!4*Q1=mB6 zWC~WabEc1$ijL9q6LXZoeXALZXZTTUU-Z-KXG&8<9a5SDO>WabfEg91p%-C;-7OYI zrt1%p$aIJo-{OxrTa?NoUgjiBe3+V&Oj8P^O<8EnHa#cy;Sc3huAHV8M`8Z34d?7; z<>Z?9@DDd<4ce09>3mP-^(!=4ArCYl(dNLzLOEFV8)Q(#A_ITW!Vh2t z9{fRC<~tn6xDh*~T(Z-G6tPg1Oe}Om*w6~LB=HOp-@d>C#y$WR9fhA>u2e3S zS3TrHlPSSgG}ZpglLer{aK+XG*YtR-W)-#f<%pL=<4qN*D~B;4qfXokL5lEDT@Iso zhMMSysy}z$7e%x^H)(#N=0Q(TY%BBdXs->$>&Y#S(|YdFZc)VgtBVvj(fZL{#BYpe zM_F)1zevB!f4LHxz&UlXV9}HoAX62J?rk`D>r|;1H zI6icKfnGWL${UuT9SO{zy?MngM} zzZ>x%{7S0o+8t-&XmgYBb$k#Bee@xoe8>c8R}v0-rGANrg2}vnP}FI`O<7gP)Ds_r=!h23%JLjjP>m z?HNCeY16NZ6nE45(e2W(>ne+WK!4eM(o{kN*a3x_N!V)_^pkC_KSs}FkAoCT#ZYXy z(pqu<8T(B;q;RO@SPLhStk>3WShwTeC6f&{b(k(vYnz#|x?H0BzSPzF(yvX&$;fhI zm;ZbP`_OKV)L|Xlv2in?XB;PLAFelIKLwp`oZX;nt4$JYCQtt4BKF~>XsXAt#sObQ zticfIrTZ91a%_XFTd<{a>C53d%H&5nE=7Cuq;kmJ2hSP~EssO7X7gpka>7H~%aMR8 zn{srOXi@CYmK|j5Sgcc*$QykSw5UORdKm<~V*bFod6RsRMuPDqn|_c?Ps#uEd4RNm zzx&j&v^^M%aye4!$_AfB#=7Jy$T*HQbFrmgOH#k6AD@Gx9DEqhMO9)1Xj%B5*oAd> z3|_=_ptC-27al`1EGF*K;0Af6SP}3mLl0lZOMcU|=M~e)@#Hs75<_<>jCFp@ky2OP z#ajwscYEV}gG~JRJ1qsh7V~xE`73hM{)e7j_Jv#WALXAv?5rO!NF3&uG+tCW#6|qbdDLJ&M#h;6uK>E5*t{LJP16%c2ll^j;>hEd4 zEJyubJ=bL)br!?F`)~7zr#@bL0Fx57CK8iYoW!zZ!|P#^)JasNOrJ7|n#A$+`T$Hb z)qi$Fma?daI%ua<4wtXnaFfI4CY7t*l%XkZ%H1XKOMUGI2MIe>AL~}N+sxPQ?Y5s| zUzLyb1NzPuXL-_Y&3F(1%gndbeEFgGdRzzU%MSzuf(;&4ptye6uE!L=o>RT#n7Ehi zw~+X-Gku#B8Cfi7!|b=kbZ-%dDCmn`Of0_HE6u?-bDMSHpZXD2s^4|>i)y{po}(PmOE}fImmJ4ebzT|VH~YKH zXXuZCdfHEEzRZ<24|&`Nl>eOh4_XJuuF@(_{CJ5T+-98wCdeqJRppOt{U&)a5{y^& z&+g#sJIov#H%;rp@~iwrpv7Si5qes8=`X zqL7;9ZKv^ud19}c=^@c(L{}rRvukc4_!^laZVBfYxsytMkJ6eX|!`9o@x2dW?^$;CYjSgQ$MJ`KYHZe(Q`O_G9@ztnIZu z9u@HMx8$#|3;p3C?f#DT2Iej0hxsDTj}4`+uh7SFy>8DJZQX@)dS3o+)78A#VEeL; zk#o>N*D>N6*hhxxR9^LvcIBwrZ&ER6Kj-aN+wH!uexm&o`%CPw{^}^By+yko`)EwI z+}SF7d{oDij+c_Zp}*k=vZXK6qsMVw6fMRTW);~_UtrYri`2os+K6>8+R=WI6J4ZK z!S4}4byWK zv|U^;T{l~zRkYhxCi|UaROFt^fAT}o=ntlqc2)d!=q6|e87?y9pdu#G zBr!pk|LO5IZH_3bH#wqwBOp8`U>OS&S|^|zux@NZXF8^u&z*<9+HS3 z;D~<6Ddy=qC99jd>o;JR)BMt#ryQq;(s1^1Ye#OPkmvoV?DZJF@DY6Yi8%xh<*9JdYkjBcA|Wl8gwTo)gB_O|{Jh=;@YauKet^POf^K^+Nh z#NQk#cvrQ7c2*x_0U0)67e4UUIZ|vv8ybYDC5^8f9GK72!^X63*C60t^XW1sd&+12 zR(FBiX?47%I z#9r~2A;YWPapCXmc9

    mK!DW*0ZAYoH&dJP*DsWd1weFre8aa>UT^&(?y0+)uTwkwf_Y3MgiFH-C^&9SG2vkI-z4dtW2kuMR z^A_d_+{Z@D7oEDvaXwZ3x^o-kE!?vEG1m`z^>y@)=>YUIbhab_Sa;c%D#|jQmkw<< z5cI;6`opJ(7^pa@{o772``SmlIxIbj1TZ;a%aLOy%f@%JTs?->$1#V^{)EO&!gys% zV*iuO{w zF0$$eUH6SMY*RgRrNS8pr0Mwql1(cPDTlW5+QY*(_^0%|_`CRDV+RdPdJT;#$j7QV?Y;3vMKbTFRzK@jo5ADf+xe{ID?>}hO z?9G!la3*uSByQFZYG?FV^hv}o6HU&e{@>nP2id;NiZ5XA6(3-n&N86eY^NX2%7RMQ)A0*Vb@N_v9Q_~$qK&j09Kh z4-Yvi!=mYtzm7FM>*k$K$HjiF2e*pulqXYr`O@6m{N4H~_NR=WPWx(K^vgbfiv8c^ zJd~8pTFsGBuiSBx>Z^T&{tsP|*#}e5Mg&jDFL<*8mbaF9QA-$KQ3=6{x^9;*>*JNm z$YzdpJ2DnFb(kfx=GNzzauK|VOSd7w(5DFOz~2fm10U+Imw#AK*~k7;bD&;45bec$ z2>b9^!upLHRN{5l7JMmXOXbvnxDU0!Lx`Du@}$JJfeQ{juFc4q=F-~rn}4J|F{0DB zsE#MKqokkb{!n^Dx^-MR0gXO`y&f`+1ANwF|17hnwQu97`TQOAiv5AHrtNfo& z7J1Z_kNukFi7bh`xo3OE30>cO9HI26^5t<6+mHRw8!ruy>vdpnbzY72M=OG}qZI8w zZ+rPa{Xq8Xhjz`eGh{>VP5VnU)cH^4pt?BH9!Gco*3p3rs>{T7RDr7hblvY_PaT(@ ze%bR?n&;v;X+Ce(&9m08(yY!mzB0~}(zdlbUV>oH&wAWyk5})nUH98ww^4a$?cqm} zL+1U!wBgUiP9UwG7rPzQA9n+6InrgZAbM2W$<<2@o0}i$57s=1KW^-{goop}{bfnv zr}bs7_F7CV-v9tW07*naRFlRp$34)3)z7rA%m<4P?5o609s4;F^i9ts!El`f^{v~m zA*@-qF|1t&xj_R3@u6e-LvoAdGhvJ6%fpr{XXJxP{F85lN?+(R6lufUx?e(5Jb2L$ zRHcl4a}L+(*}w>+o%MxxW3;*gT-J`ZeYs%WRhco^guoyJQsZ^rSW>rc@; zOA6=w`3m!$nrUt+zbj4`8TC^;ZQfCRyX<4!qn?u#^R&IH#9DQoWJ_6#b^F@&x@KRq zZoPi72Om0GVB(Una)qqh<=?86%fm`p!y|Cf*4f5W+rgN_XiHyjSUR7| zK_VLr+QWwRHuOpB=yv1JxXF^=*6sL|RjzLz)}r;{;}1GOM>rTB*vJ>^wVpYgoVAXO zQk&@+iptosq+CGs)C=Uwo`PVPKow|UH4iD!;NviK>r?e;r8p&v>iOwD$t9uKNjxdK7bG0MJN@P@o1Avg-S8D3P z)@=O@SavhXU#&UO-46IjC%+T^KI6c~L;XBu*U4J1N{95-7oIj+yks1G(oNcKwv2kI z-jR>GXNTiOKc)V1l2ISHoV{gGT+j9{90EatOmK$;5n|Z zEbyTa)8ZKUT&3ZkBXDbW$DT)0o@u{)jT?rSp%24ukkiW`>4-%7@zJfhn~AxGMB=8* zaPLJnnhNoUWA7F44%cS^^HxyzSXz1u7#cT}KJn_nluxJUl)bXKeadxIrpHy8cA?qe zaF!g&Y(G7a^=rG!xSMum37PO<7t!4M+Y-WEQj7AEuxVO69ypC|rmvLwt*@f`CAs9j z&m$ggO44i<#H;O{VRNxqS}Pt_Cl`Lht~%tLmU&Km%_}iyw)LT}@BLsa9r-@e(hmo_ zXi8BgtKO4>78fxe;#Bb3t8{I85b4Ppf{$1II>hC7iQ4uA{nwLnco2U^jAy;sy^o$x z5N>1t@%79*_Fg*;<%_p_5IFRR#rP6F+Z~wa8(= z>f{k;5ePi4UutCXvd2I3ztl9E1~nduw@`S`6+G3K@{=r{Rb6VtklE=~Pq*@)w`7bJ z7CeSH>3chw&YXwsWjj^XtKOp06?tjhXR0&RY}15)WNcM|6b^d8MVOV^##DH(Y3xwp z)4r`q)g-)MSoJRMGJu+MMO3fW`9N5;&taxzd&gQ=QV>cvCw1yw3#+NQYvxun;|hKM zZz?@AWYt>568yvjPF*55rMLC^G5Z`eCJ(&D4LbsH4-)rN>V>UZ_c`iJFgZu?=t8`J zTGd{bfRxw!%Z<`}sD5p%)24tKSf@~XOljINN}()ME69@&f8f1R(yh2aV8@#34+1aU zkTpRD9n9unj;4}DE1Bd02*>yr3(A;~R%;Bx_u21n1u^gSiAUD48jm6^^iw3ZV^X4F zwX(HCf!9%3uxc{Zip^|lb-_S93#r!MZ($oyHQrT$h>Wa48uD0*d`$Z?T2O$VNH~eH zJZo`H7;d%BvuC#r6AD7pNF-yqmWhhDLc=kEfCH%R%2~7}ro@5x*KL?l9!j=E-D3od zq^vlIljq-A36XbfQBsy2?Q21b4ba`XABKK;Rnfr2qt(T1MR2sN|FCbD++o$+_ zq`fRGv8|B<|DL>s@SaJvFtuOj>$?LHfj|8f&=@Ds7V0FIPEzX$imhXGr_dq`$)4=; zr4p|fKze#YFH{el;a1HAF2%=7d%;98!_9o+>Znj2ZN*$sg#G#Why$sMBr|ye$lzpm z^K0ltSh2;VMW#}&C~6_%GyB(u;{NEBI5Q&fCpmCPF~T%KOh@n}zC8zo4Y8bP?+uGz zZ6j%dtakC^{@|QXzfs=}=csr5W3yvrqbYWAKsP9p{f#Ph*O7?PVn_K6w*s%`6WhlE zn9}4u#^qE5(-NpepfcxcPqU@dpTT_9KeXm_vwVcxGG>Dd1@Vg6TsD^%23?TnQ(NiM ziAB9*uyPEiKLgxHKY$~LoIXEj9v~3p*Uz~#??%qQB0hSqja3!8{MjQX$jdnAR&MEB zxrM=uOJV8g#Fk$}QoxjVfpkLqr?R8w^4rB$R%!;Yh^UrF{ikjt>#$2Soj0c)5JcCL za>UhVaSWkXeOv;w{aj3^>PA3^z4Mp*H6`$C&74HM&E)hSX5(P?irP~d{9%tbAgYPe z%HMuyg9G{?nOFIy+a)>`eSPymGJWU1g6uoKvr|5=Ijf5ly$3FGq}}>_k$9Xqk$f+NeTLDcrLjQHYnZj%Ps6et9i?aa%y?%5LFqj}a+Gd;aa@jXxsV=aIaxjuWOl z4-UJ}#>GihghJ0%JqA*Z>>eM`Hy7G-{6_v$D13qkaeO-u&p;UKix;<~W+ zSH)`7gi4&IJ=mn36M?0R(eJb>Ym1}2=OQPo!E;@AMsSfVy705z-A0pYa_wuOpInAX z2G(tS$03Lp#Q{`UgsPUy*7mfO^}Y1sx9$)SdF{qtW~Fhg+0nC!Y$xX8A0?K$+n#3f z)UT0tv*i1k3Em|KrG8INqD40zoJ+S$$zZbr6TjywNFQj_daK-NfpxprvE(AW!_Xnk z39>98?T%+_6C|ICOt~{MUls1rGq$F1b6&zvj!QoOoq;1TP8RY&@vgY7>C-vZo=~S3 z679<(uytjq7PDb_nyE2jWB*)A-N_CzA=APy;kRVhl-DNMGl%tf59qX9=iHXVGo#;( zxUie5W{ZIMa$A~&d7shNd>u|kex5E1VHnXM=+o*6a133BDztg6o?F$(in`mSpv83x zO{tJEVp-!Y_lk?%PhmhT4xPBQ&y^0YmON|NU z{!3Y2@g8zd&ngP|+2+Tu{F+#VM5oQ9qhl4;K`#rDW%ZdP(I;Yah!50jmD2|EpawV- z`ij(2ms3$rVM=KZMC8+_IZnRB2g9)oA=QxA<9PrC`D0ycB44mLTa;(kZnNu1B^RcL zk`RcEA4T+{K2!)8M4qqOjLXT4pq7bkCRLk+h;m_jVcbTyp}U)v@3$(mKa$7h=5roo z*dC-bydo21`7##K1T?`lc*9`RdBmBwKom$7_;c)KsQ5dD)r}7gCYP!cE`Y&1uHD*l zzf21?|1+SJun2 zp^gRFQvX!zqYXWs4a3WIm8?*75N)8jd#3T{0Vv|~$r_%J$NuJePoSD>hVP4C2h?>z z7GGe8`RP-W)ejXyw59j@n^tx~UY+Fm*MZa#5Tffb?B1eH+xNUHvL9XNzP(^*b@fv< z5Y$%^pp~c+e@?Us%T2}$)dsDgU*&*n&2PcC{UFvHW(Ci$M*SmO-*85eGr}bzEsz(w zy=l}}OJU?2H~~mxNr{ol1HE3P<7kYmd#s+@w|8&q$Q3;`wJ(OwBQsNhk`(*P8v^mL zs#0jTE`OD~EqKpGvjJnIYQl5E#wxPcRpXQSz2uXBDazS@LKUVxRMhq}!Gx z6lpHF-JP3@Y-X|R%e>D$_uNNwy-4z#HJMPo!@2fXz0)Z9Eh2+m3&Y&ntD3wI2Deg7 zvHM&Ftv4XV%203jx~ye?*Pip?cuunBt@l>qjkDrCH_EWt1^Xyg@K~AORlHNL)fW+g zhzRSe+a17*GwO%9zEm09TO)uW_84O<^4y{7~B9A8rI+bvYhIlYwUc?)<9~ zn##q3y}1g&R$>vC4G&hit!=$4_Rpmda67JEpT23mbDhNN9#mUK*_$BSkGx+I=enOL{|$)dv~C7A4ej})xZVW2vAO|&^2IEt6&1jkGc`$eBU z;xy(Vr2Ht^X2&80a#|_;#vP`ZxGhh1xIq{IUye++bZ{u;a^!=HIhZCfT7Wr5_6+49kXBG9|6hwP^#tdkN2To0YAss zRK;4x^c%i2!M33&v zcc#^adWR7sDO4Cgu#c=xxazo9Z5PdvQ#dUBDRUl{wUWDr4RCvhl+IYo4gBIhN;SNA zSa4j`V6p{Xs)*Xn1$2-F$v7r&q4H|JFh=~A6 zLIS&ul0kZcB%7GezF$`K=Qt=mMy`2Y!OLM=eMRkTCR z%r@u^Wk&Dj6G^Xyia^hdAJ^`tw(5sNvq|F+ z8EqcUs7h78`cdlhiqJh;SA}G)6;$n{bfy(O}GaI~5^RC+qnxqE>xzzEO8YgRHwxRj?g}LRo^r&tRV%$En zzK6V>9@&Xx<~Gr>@N2TVVco;l7$O50#OiZm*QR_bVj#-LWiuXb zBFzwfG}Vc``x|E)71d`M5Brg4U~gbKUs)qf9W|dNdGijI z!p^5-NSB>|%!FOW*A|Hc=)|6~cT@ZW3M)Pmp3+Bih(?Fs8(%^qK`TZFomP<`RhPSq z%=wJR{2S7U+eI@jX9fxpxf>>_kYDOL zQzY;7_|v|x^#nzQ+ETR5i6?x)`63Yeu2mv0Id(C)tU~zs&E}Z5U+=J7 z`A#{s>)k@HtH(|V=gG4dt0&TG*poMJ6%Y{x=iu>7jWkSX5A~D;9Ab=Z9$db=i5@X) z0?DD&<)$Azhh=KN25^y*sfCNX%W}pGx&h=LU@0MS$IW%>Ms%CfTJ_=0+xsl~M`e&o zq1T9)Vs-L@bCg&G#^5ysy=S)GHS@-`3LlDaZ7j9PE6RV{!=U(n0-tj@U)d`4ws)>)!cwgV8O4pD5B5= zUT8_w$0@#kB7dKqd$qaI=5eUsBl(U^YTyHX(L4B9;28 z*ADmH<;qAA7U$Lcnz&JBbZ!-XYN!>KyJ4Q3IqYYI1cnm#=BLDV-z6VDGc7d<=2&qh z#|?-P8jKw)s-iF!pJvY6g5Ajs#{~kk;h5WcEj=JTZ84q)XwzQyYZY%=uHIey3NM;(s7d*!%q-ts}8+mDsDo z^@68f@Yb{U6!RWY1PUk(CEj}RcgCGEJzI?-ml=nWlzZ#iRU%uUhV>l_m5YaNLtX1bH;Gd6}nXU`fl84(*L-5BlFx zGxhCSzpeaKlFNpnfI-aei0>9iOXpICA`1h7CUDsk7oqfi&J^oVNQL(pxv$KvXY6l| z3n<0CI~JI=I1O@#)}rriJP5uG#NcvNt@6HeE$?du^^%2E`RKTdwtbX3wvcR#&8<#ZZ?9+O*P`*BMU@(dseO`)_;)Ha{lDrpm@Kiz+@%oRS&e@|2Pas zwMZ4f=k*~Ft(qIoc&K+aD2n+&A3-OtYBy&mUC4d(zU5q)cZAs5Y0kq?-GN(T7fI{4 zXQd7EDTMb(4b7;25j!S4-eeA0=`WOnI)2!aM>K|1cweeokshVoAn zrRBO}t_g6dhk5}Qat%u-kRF*w8ochkx5yUWp(0!Ox1=2*-`$Tr=<;TTMQPq>9Hs6NO)7z))s;*($9J%_FTH-LCl;ntMU!h<8_;!hj6atRFNYm?~Ufq*OMMN zzsQ2{FRaSuNL8ErUF*DT&mw(XC3kAhW-&KgPSMAUtiAdKtewKs%f#ZU3J}eURJSD8 z%~sw+Gw;%z1ztTW^j@A*?w`!bY={%yevlo~O~0WZ9m%;a$0qhoig2mEcw)U?a0_2hh<`#jQjKR7R>H5XDzD8XEk03eI|AV=M`<$aM@}mLbZmD(;QNUP|ouJ9<05L z^-?VKeooU*L6FSgTKMleB-xSr#;9J6bA*cu&}<>D#I25Xtn^uku-#J7TG#csfVax! zuiQ&Nzu4Mx*EPRAplg38{yinqu`6O&2a}vR*RCxyZ_M)hoL7@DN}~gBTC@8!%JIc~ z5DEsNB9G*KADhnBoKc$UCIm7sIUwlzIJEanL2S<=m*tck;pSXBnT~I$qe+T`w^vA7 zKy+(b+FYDi^mxICZ}-62Zl#bI7l0HV*GaN6Rr0$aIN>fNLRl!wB(Xj78oSE^-~Sg ziFzdN`l`&W4bTIZ%G!wex87G(+1%6J zeK zIlppSnN+8rUo6%?;L7#tm(;oRE!%Kf4{-mKs1?bEA~`jikC1&iU-0QFPKlm%`2N1W z0#buF*XWFmXEURcDuO6(xcCj|YqeNLMAc-74+<<&VNlgN;Ba*zb+p8X^|w`~##9~8 zuV(S!@nOZYOpqpAMqGjRB@9J0SlF_ZICG6X>JOSefK?VXv;X2nm2qe?lrQV5z$wcj+w16Pc}ec4MAQ)L4g0eze7veJfKW z^z;S)>b=+zbDQCZW_s>zl%+Tes=Nuo11OYb-=_zf4|Sm};C0;x4!oQTs8? zR%iP<9DnvgRR`pH?!S*<8t$5(6G4NHzN?y|Ug04|{`!s7AmWX?Vw?4!4>|*%ld89a zN70ja46l>QOo&D&wV|HE&G5@iwKdy@(7;jqAB?k+_t7w;k?i!;2cpn%?DF-*v9J{# z!{vzWkM(&uCH*eswtb}$OSNe<^DC$OO)T>V6#TeFkO|8V*0cN((5#_)FjUICx2`Fm zF#WcVJMr;Wv}-#y%}G+DbSdQWY-`tO@TWhnl!>7yAMwmagYc&PyPdG@q-$pMeahy0 zWXkGsx7@4_7mP}2MDn!IHJgAMVlFgIkWAk8AxwqprdW3lRw_5z!~YCEm2-Qycr?uk zd&&jeaLDsUm<>|?tL)-fVpr+<$n8|)?odsK$tDGDsJ9e4^UZzR(H`FGB4uxjR?Z7@ zTUX(wXj{DqTh{5(G)NEH}D1Y0?KqBX%#$J=4Iyy}TVZd4S%Ev`DSVo`E64_cTYJFR{djinNroDP#E{O zduzoaHIkUxm^z!98~Y0E_V~zp892D#MEVv?ysE`*8PbX$WV&ZV2ULfP8N7cyLy7v! zM;Zt2kDthomak%>G{K(a1;Y-(7L{&yJfuK@gPZg|fz-z`I^a2_*hiE8*k72mWG3(K zTkjxZe>o^%5|~{PIIUvm$lg*3E3$sS1#bAMV1&<_U*cdeI}29GVg%kd7qEaZW0o#4 z9!5|cpRT7sO>addt4qu!{hFmv-C?IET8|q|Qi%2mQQ9zO_e1#f?Qb640puY` zELI6|s?(6Z{NQWK@3+xA9bj6{Z4-5NTUu~IK?>_qatRNba>|cV9etMJ)YVNeL84{! z&@ypsKgwf&Sf{Fh-1nGqG_2QffAjbhP?n3Z(OFkBzmbs5O~iS(l_wW6jT)zCxA)B^ z7m-EYPVxhpkk8y58@-sIjBvu><_Rw=-3I^V(%%j6pV^>_XfOVKrAwTsUAWOnb zH}(A)JT9+Za9`?LM)Ed7Dv z1Via)?gZNLAye-qR!;pN6D6`6hG-GhzIPITZ?DX>2J#}OxU!C6$^Hgdea$Rz4L;hH7kwL@ElAn+K*Nz`0_%FGN3~aD5+t3i< z2&ScUG55O!GsM4Me`#DFilh8s{K{|Xtq=$+H77sQAJ~FbxxnXgE(3$7;iTF`_h9vt zC=tLU;HNmMDA?#^zx(|cxb$|6rb~~5EpxW@6{+)mfqyF@QTNkG975Sw*a_@XlGRwI zBNH(fjlYCV=lQe#wGq7b*`*lc?E3Z7CP~OnlShc>2sR09*sBQy5PafFR7_OHlVBB- z2{`K{RV^CWE&IE}^lzuDT^WlYe%yA)wJa=T+R5Mc!c7UqlZ`#(=?%O0|1zz2XWT|& zz`EqRi4SH^aXeV#Fr zwzTu0`(+a-_D|Goar_@JgxSU1UNK~kNN>5WI%wQ-KQ%J=@s zc+TCu5$p$|66mFl(~cAL#<4nOQ4IguIDthF%OHy7wj`&z>ZRs6S6Rcj8q3XN~7* z%9c`=9|x~Yl%*4KV>Ij0LWlCXe_;sM{51&^M0V)UpTi%@x3LVjlQd;A@sNH_m>joWP)vt04B09!tFbzae~7J_lhT`YJlM2C`zJ zW<^Yt257!1(qE?v(cuv3YJYKb7;#WEFvjRF+f|s9vN0^Mvv;iJ6a97Yv+O}Qq53?l zE4qyqnrt^K9k=_$OO7n#6*47?mU-7?_5t9ab{}90tgj_iRoLEc9Z{B8 z7#oY4=}IC`{%x)Thm`<+e(|rc`QAuPHc)h|$|Za2D=gS14etqaVJ-0rm{~kxBqoD* zLm^l&%a<}JCjSMXOp0WH|KaI>It{<1P|YM)y?Sebof_|+dTgXP28%#KK?bF z$iFg8`!;8|El+7v-)L`*TjFl;L=1sNB>%k zZK|$~?9)u}GV+i^QIC3z*wgfJ7-X7i8-58R#ELhRG?OnY`>MiJZWbc}L|S&aU*P{d z9OhJnqlWD?+eNFo0N&$fwzaEyH4p9Xe}D)tt$iX#s_UnQHK9tGHfimmHSfLWddzmJYfjX476Y|vHE+^8|3j z#6%67=%rA#r2+ON`Q+N{yo;HJk~v5~ptXzY&*bwB3qi)SWQ_kgps^)Nyl9%Y@74HF zysJk`8j#1{_y2~BTfyz&Tq^{n4O>Y(=BdL^nu{PA9D?ks2&Tvg>UY zW3%vHf4tSY&a-)-s=`&FhQoU111)XUdQ5fgKwp1!J%{f^k#ir*gwHw^%e+v0ON*Vz z%CG?T#j$G+9~v#rcY94{K0cn^=?ECr7jffgQkygdg+QBV1qG@X$y)5Dm}O?QPORBp zZ0HvNsfuoRHT~{CN(Mfn5^G#-H!}72my4gTN@^GAEUSh&^}0iF^={5KLnp}SWB{$k z6Je%IhkT|)BacuAvpl%n+|Ya3B;6D5_Z*kkgYSvop!K-L=+MxP$M@pM>t0~qGDzVN zC?Kn_3*yc|^!+X~fd(1i%wBi190M`FCEm687 zv?W87#3n|KC9ZDg7mnzZ$_N{Vwsi#ZNd%j??sn5W;8~c`G%-HItQds22JTf+If2{6 zea|(I0aHiaPWNto09*p<@XK{f2r0l11m@_#m)|-@ z{OB~N7bKya{NX=FR?Dq_JZ{5r6!_;=h|k^-&=?^YWNa88y=G5GpbCBl9+i6p{H?@i zYF5ixt6kv0reX6ZH1p7Cc9l@};b+THqEHCbHwAxw2zh9T0hK`GYQ^2=`ueKuW#rO6 zc)f$SOdAI$1YqGqAyRL9Ghe*p?9T{Z>sHug=c7dwss*WQ;=C&O^9A5LB%!8uIAeXr zi412s(yXGq!5p!D#^F4cZ{B@knU2xHLuyBRkC}1ZINQSLvBj2NVD-WqC*8IaWqtYB zs}7NQ1}~)-duJQuxg)$@V&hq~@^&!(p%cGV{s6oyA@?%Iz@>Wd;k9dyvIE$30cU1=bq~NN=BCd*GD?b>I2(pgx|!Oooi0xcS%jQr0SO z`|f(ALt_4rP8lU3XP-J=Euh00SXUs>nWsehW2%dZ{=WZmH#R{7W&0-ysYO*up(3A8 zvC?~D#$HVI%*O0fJ0A(BQggnI`v?Cd9A6MB-$?Kr&Ze0SpU5Q1LpXcI)_PH56A<5W zV6?tqQAYZ;*4Y%&6TY4uBm2@M&DHq&JWqg>>@-;XT$ZujMpeu4v&*iO4$%ns_Mk%b z@v^Rs6oY&18M?X0X{ZigEg$NC)*RYBUI~5!)gIO^%EIGd5_}UB^%xrw?7rE7(*_jJ z40Je;nTW75Gp_}wMJo<@mSH2Sg+2AlZB?~zS7)1pO`IKW0PLe9>xNm)mA}bmnavpR z#UJO9d>$~M$VNA?#6gf9{92e~H2RR0fsy+)-P%Xp0x5b+!w!_}zOCwfg#wm%(xilxYhJkeB7Axs`pHi!0`l%e1j z7_gSI24dZg`!g?^pA%N@I{~m{TCP6})7npU+4#ObA;om4uC@QB4+~~b`Ja7J;?1|w z%5!M3ghH^}lfeq2`>^ZSjTFND?gDHJ_2V;pMNdRg6fqLFm5pc*Hu_xY@Owf$e1w-w zd$IuiIr@a3+p&PWrD$j$9~OL(NYFikNQjrmlC>d0or)8sz~U@y+&L-B`@Sx*=i+o= zJ4O!NV0Y8#+lS!Vi9$VEfK-Q`6h2&e|}?k(})s>&D$&+hxbu;f9gs|7d0Z*9Y2{ zuuO5Cl}EC_xJ_E<^oY7fSNmhm?`M<#SyCUJ*$xHD0NbJGBszIghHT1bgTHjl+{hvRo z{#AK>RxD=4BYG)>jdmtZe1uIRmx^dh5}$Iu&lfvE%@#fX8!BA5Wke#DVII1^R5h>T#4(ty2)mh{QWZs!v<1frdDU$aoVl~K) zU;UZG$DtJp=_{@`n-ud`w+QTh(YfI@&wsTvSu>m?6(7hCpp0p9-_mu%s3&8JT@T@U zan;C6WEGOy;h`b_Uj8Gy_57@em%U`}mi4RmM_lrjPm~ZK2k5if?uYFSrAU`RWGelv z7WubB`iT5xNiIrP6opPCg7v$)KZ7rx(uscQ6j~^|M=@>5+x#B?`=zei&0#r zh-8uY-H}2G$)>RPt&OKNc$kssh%G^4B`?)%U~NjBdRF8vdHeoEzT~hw=4Kh2}mnv1#p-V5<1BskL^hZ z(zddR)_=x;|D)pJgYsI}=4%c28x-Qo>#UC-x+&2Ss41=pH&S{AQ3OSBNuF3N+{RmW zh2}w0p+JJ)7+6lfNX<&Co@~EQ+oc^2sov3*WA6B>?a`C_d`!6ODYSWZ+b^On+x3#J zTiLiLw@Si%Q5koNv|ChG`+xER)}^H@*8OwrOUmEPJXMt7Kt8u($O_r%rt zctwz^V7Crb5uZ^Mig3x_{;#tD)&v2R$9P5k>$?xK!Einei!VkZuF_k!0}*#CRtCuz z?*&l8njKuWc~=RYRz0r{w#c9fz5elScbf|%a^A2>+uxYt{=_!TEKSQ(?aR)qq-ht$ zCIL*|H-m0F-{m~?T^^w6>9Wp0HEdcOxo`f&@Xnfu{;fImztNQ#(oa$FfEI312`?!u zx8@%c#=ng(7%u1L$DBtN{ht}y|5>WVL-CO%#4Sq1i&mC_#C$ah zvDq{FqWPAfV2j}Sa%Nl)`@kerEEiz;eN;?S04e zc*dkxR8lJ$)H86q`uG5&+nR0O;!wY2OTUrk27Y+&%;0<5VUAe@1aW=g@^z5ciC;MY z`CQgc#>Q05hgLSIdFftmkPi%>{$iFtKc^ z0vasmE+NE?87_01F6w-NulWjt_kfv%sDXc9ZS*C+mV?5#-?hfWNhcA`%?5^~qcM-? za*xV}*8V`^2(wrXuOIWeJ;Wd3*-kl0yK1Ip&}sD$kw~NXcRbB!_qA;|uByL{7c_Z& zh;0;&3*f8{1fulnm~%jgyq<_}#nHa*#NX2}J`p{#@qiG+^wf$1zql~?ELu0o^b++f z0l6#pQ!>)dj(H6seYU5Y3ypB6ES zRQ*i^zUEa+0VVYEX9$`=X$LJdvrW#pJ2ue{?%T-^`;WTDvg$@zP}z1?DhhzYDlF-f zNB6M^>qq=93VTPyYME3c9Xc7SfH}TUx8hdR3T{~H=#vgc3wUBct8IV)5C|mN_1De- z9LE*~lzD8@uRFKhYOPiPAEeI!fGiTfBf1aadsq~8itWd1VAqDqju*go{oz4;@)zKp z48P7SvWxs@8imAUWLAL405^~K@B16tv$5NuEPRt6pDo~NSpFKl*-Nv!-@tD}_I|wb zE~D~1&mu?XJ*?&yVDFC40gUu2sLcC*fBmEj1bT{N)0Yy*MFBG)@Yz$gqv^Jr<5~DR zct=9cP4P>urP`|9(I3qE-Q46(-qjmft3NqRo@V)ADe~zLo*p=)X~{UxUG}Hz+U~7d z9uFG#OV|4-BN>#tOjzT!oDz?Y0gu&tyuV@^ImQ1c3s!kvq=Kd+HBFjMk0IwW=Gm!z zwaQwYqDC}RoQ^KgvR7-{f8jhjy*bB-BFzVf@_qc-M%wvzN;;qf&xj&1^I_mS(x(^1 zn7aN7l+rOe`F*j$Lhtu#SDc5+^J78~`9ER~R&(DVh+71!vbQ~4l!2~|7stiPOXgn; zf~0;jY7vnE7`N9p{{CXb>(D}H|8Qv1#w5i~3^PB0@unRK%)GX0pMJaKV45vryV(Tr z6x+Rmyg*!f6@OrahwHJ+yt2tpa8oA7Mk*NR|vE9E~E7aK{|Am}J$z+^Pq^G{EwAn6)fLS+>7ZX`m z5o$yo-)@$diuaVnej5!Cvr0gH_#^iqvWCYOVeK~lo~3y^ zjNW|k?6=`7K^IVMnuz=_1SUzC(x>#W&}Bbz8Q%ZB_kC}bCq`cjQA~t+@L&@4gJrEi zlNqO&U})IIW_#w!$%jb%w(IVJ=YdZ=VZBJ_-kf_Y!GPW6)GpFp)8dxXdMUpw!c2>$ zs&mx)!QS(;OuWsv$Ful0H1da&APzyhd)P%G%0s!=pvDT;lQgV-zo%+q-n;j2_2xCH zHGqWJxeQxqD=qFk-ih4vo=Dp#)$S!Lo{-om)}=q3=ZWGCejs%QXv0Z2 zlUD`jm-15WWQYsZlfZ!YS(axr_8Zq|*y2p77V*k?E>}R)QKN;SLUoXCcXz$da1i+X z*U1wotp4`nx{UQJ#_P=O{sTen2%0^o{x<4d9*!z0mWY$`1;eY?Ggn5Caf`Bf9Q7jY z{=g*Yc4-@I>Xunc#qgsu;a@ef_K%p{4rNwd-^C9}Yqfd!vMA3NTo>ckQ%9GmJx-U1 zJ84ZGy?!ZMIcOnhdF|B)y=dknCVZoFx*OWbQCDiF%vJa5!Cam5gK^t2*5rk%O1ha+ zjo%_WtWa(MZdrAn!8%_dC0bKruqI0Bg*zMPKWz~=csRil!iZIKvF|YrgJ1VBVs(Tl z+TbMxYYq`p^>8(>ql-rASH9>y-7~%e%<#Swns&wKx!Ly+Nzza=NySYA zCNt=X7OVr5wxw0R^#2CYTJbB^cn}(KcodyoCFht|9ninr45>TywlZo*40qh zN}cAS|0I5J=vKHz-2U5TEq{e@a)&y4IT5JK)~wrzpc1^*{hex=Wt20%#R>mioW}a_R|Z5*6|D%U2%kjPex{8Znww6&*!W z)Os4yU@%H^zAzZh;~|dI(6t0{FxNf`QSPp6izdTckAFJ5Z+!#in}l(lqAd(X9A zC0+}P&Q+KEMW+ZBkjslWNxA1Zutu5V zWh2x2srlihW^1-nC68AEZEmHJZfC3d%da$pWACy!Q+l~dfkS#Uk17Wl^?FI2r)(yd z9VTUxI!=z7j%TPI4n`lOH_^G4m<#)P_?;o)T;{jCHN!5BY-AZi+oVo&Lf%0uE^7|J zH`ym%l<`~x#)+?eGoZ>zH~R0(RLrvoCxs9|2HG`B1I#&)3y?Oti#}j_I9;y?1;yH( z0>S=z>IE%TEAp7-4@~Ab9pvxZeQh_xHs=$_7%t>R!-`jIsxNAmZ$iMFK zs%&!o`_Ew1jzAYo>$g!-&%FHO#M5Kp8&|2td(q8Oq7d0?X;ed)B<;jLCt8s2%OL_J zURF%N(88xp2}T`6&=J7Cq;2r`Q$5;8`UIewDU4^!F9?s(7u!`3f z3yx3J;1>eqUb8%3_3@C~SNwQsyV`4hClbl|nBeR)KVj-u#qRJUC9hVK|> zuwJ|7e8JG)+-UA=H>+#S*$>-6t^LkkZ`K_?KYt6vO#Xncsi`7rhTP~vEf|`G)V4}UH^>=;1hxHYDm5= zCnLELiu|YDB2xhH3UnNyt!Dg|9Z^_^^u^of4-c@iM|F78!tE$HjIv}|9ZRv-zx%1v zNge=KRtojH8Pp*|_Pv|+zE_=we<6SMBt+;`J>?~*q8m?~bbU-1H2p0yD-!$xr~`T< z0|KM_HIOWPK_Gk+waGK;8c}gkAz^Ht zz=W(+7YThD^}4KbY#S(}!SSZO#q{<3%89U-4ct6up+ih|zat(5u;o%@e`za$r}Epe z>!>?>K5}cYVE5VO8j=9F$AJO) zVtw5fmFv0b*1SRgump?p7WU=?W2W&+ozlRSpFo9j48DV7391o4>wA=ktPxFF#EW!&XNyIqoy_~nv=N$q8 zT`~!r9FO_Y*X!@~)9N%RoIoul*i?#a(o*R)nD4{Ux1aR*fT!+%=H+a{HK9T1xN?ug z3(;$O?{QsHj5jU%3#Dy^#Nbi4Zc2cwnG4DpF-JpuYdBXoZ|90u5U4KGw!VAon^vbA zC0ER2dNsLPh|=bDz30mDM#pRNG* z^UV*&3Su4ui~E2W0+kTmCPy%EGRLgra{oILLtH(rb}WVJ%|0pRZ+;{O zLt%F3NwiUVdtWj3D``N0l?YdJUlkgI;6s8&!z&_`*_Et_R(}4IqlbsX1LG~;!#AA* z29P$M*UB1-K>3^Hm!0*Ce=XAbNsdZwBH_NTyh(5d^BUyoi z(KeITeB%rd{SFewH*wwYsqe6J0(}4$G@>2I|9!2EGvMpBkPiKaO?_;^VEAvYbK~jk z3T21h_gBkp@OhTn9C1Cbv@)(csm#A)DnhC=?k!y=i}iA0m&h9_3d?TebvxgI zw{+|e%&;Kf=Xl$7NE>z4tzd$prNXQ7135g{4b)f;`p7rNpO9eDl*PJLP+D&z9vfwJi#0c<{)@8|H*5v9|7hVzYRYp z(5YWAy;tLg!|RL#1SR`;lV}u9v-P4TUbVMHp ze&zRrLSCmzI-eh=ES*!n@f1!oTV_sAw%oLnWhsr{-Z7Y_US3Ddx%Ol7$YcVFD#GbU zpkC2luvc=IWICUJLSwF8&}0oZSf&-G;Rmhsp6VzN5W%<0&-&P=fom@M>BiHsLLhUtLo^8;($-Ji{xhpbHn$Chep-! z@~R{m!=kLU#Ih zGlT!(=eO5E-vxu!UMGlS|Kwl1;&b~1+;w}<8JJ-)WkWyAcNLk|UK}x#%_M>5mTN`V zw{*=R@A=84cUU`D*q%||ZTS1G4`${__iVbHyTr>u9Db*1p$JAx#kYdiGpL{3?l7G8 zkszIup0*bRZt47?&(^{#Y7^8(eb5#4*L>l=#;fo`*CSOpA2iP4+zggNmSTtIpAl^M z{7~!XlzH<`ra&;@{VDD*Kh9e_!4w@CIb|`?=IAb#NEAZ1vmp-Q*Pz;v^uz!n8VPh1 z+U9y`rk0u`k^<*j%fDuklF>h|1(LBwqK^DR_4qD84)>h&>piweHQ46ky_!u4!_T@l%zRWMh$w8gM z(kcMeT*eLO+AH`bfc802n3$6Nvx^6i!u51eyh-67Wae*|uJ|T#ZhMHlJfdome}VL& zV+rQ^iphKHY$@GN#>*Htf6ZPRYShJ6*)g5gFCf5!i?&R_GvC!&Hxn#u?JWbUwfm`mEL z$M%}W$78IxY&E|(2VoeVNBHL&fX9A4w1*oey~afMSW)h6e+lWmL?9CSisy5Wniyzg zio%|^J$x*B?Scp|0#=se6xF|a&HfullkvTOWNB%$flN+mAybxzA=_ZjICz2));DSh zbyjB8h(-YCEz$|}1T%5-aD5l5OMb`6JJRFfL!VNCwEj{PH|p2%bE0d3UofC=GQm5- zmOC~Rg8V*cA9P9a2w*jp^ICG$*WzHY(R>3dk=ukHKY2=P-bYqqc-QnY27If}0I-zR z@`t^0|4S?LN8l@Xd7f<)?bUfzHAzYkhmrfD3!x{Y3Iu=3hJzEt6oDsr0i)=0QT+o` zP~e4PRMA)t;+TF;Pz?@hj+g>mjvp#2DGe^Mcg^CEbGrTZLMqtZ#Hl}RF==+$JIQ_k zoPP&NYf54n0X+=G?$62FCl8s2HWKaX^aqUwz$G;8?TlvYV(?7|^QpIn!UZ=jm$bT( z`;6Y4dhwHAUNBa24L>f9RYgxZwkahVf&4@Knj*prAi7@j&G3r%OQ5SoqkMyV+27xv zA@UPkX2%<~JU-m6!|d8r>FC65^q1Tg!Nq09Sn4FcfEW0IH4wVoUMa^p14+NGehJ|Gv zu0^-}%Z)mYXYGu-9zdjOvMhG`o*p~Z8BQ4@7K)1|Kc%8=Q`oc5W7T}pUDl9sO?NS) z)IaH?Npq<55*GE_GdSXBFz^D;{_&$EEc(18u_M4N_xPj%vaN1}QgWWyNbyX2VXB7D z1X>9*!iGXbd73^52<_x+(O<>w4bfvAJON&^6elu=-DrCgZO@#V?^s3U}`%Erp~b_4A*Uy zJ5kut3tIGuCYH*2gK$j#Z8VWJzmVKJ7A{4~upmJm-A%HATCgBI>Uv;A68fP}=dPJq zs>cN_y}yqEk{Li~$7s!kf-a6FT{M71ugZw2Xs(-u6NGU!XTem;RWISkGYO7LRPmwT zlxk!r-;ze$TNoy_L3j0+^kMcxSq8fNK>*Ju(5Ev9f!&xnwnDn84+ z(GL=F45K|L=>+phCQ^6fSyl+@>EB%xLSxfGmzo?IrTgl)=bzfzhPxE!?;6Xsdw2kR z&|3BG-1WF!Q#avV4*(&kAKR-#YIo)tC=yoWT>=H_i>M7m@Eya{Svp3c-M z3j;U=oAt{Y*{ioq)RQgU0Y4|%NPpGg$P`;vQ{8_m``u?)w8^}?RC?RSufE!&uG? z(koKY$x@5H$F#{th~_FtdfuFO>UjBiW6w=atK_k?&oj7pF+VBUQ%|LylWB%pPaiQ@ zmb($7*WYhks-Nx68fPn3+GmHt$ls0^%c&Fyp_6$Y_HPefEYD0xeEewG^{`bPBbMZz z9uev{+<42jP3cmL#nj4aqo`Bf8Hz~P65wc{q6NAZNGNVy=I0uxhO6-nmI^tjbIiZ6 zzLXpiAda@@=#YS3<1Pfuf1u{9H+HlL#K*4gcZ>;&9pqCFc&9phkfAVmIyN?LE(NuF zCr58QD^}T9H)Dvz;hOW|A!x&Jb6|0sfNX#_{PfSyBx=D67_iVH5M<@>v8R|a!|)e3 zCaCI*40oTXf^-)lV+zcuUb-amjc8&KN&9bh8RHQj45Gh@S_ksEZu21oH7mz-y6O4m zfz^WE#%&aB3yTaG4^e@yTu&lJA~q>G`TR*m3CbUQGgCWkdqKn8TYVJF3;9MZP3iHQ zGSj+B+IqjqGLwB(?cS)AIZ}klTYH^tk1%Pa!Ex*5P>d!K;>%O&;vgoJ@Ne4S|(k>yx&F`}95GTzwREJtcnY`(vs;zN{&+!Tgh29V-; zrH(S*RN5fTD3{LelTpH#2dm7s@v6%DXmB z{HD49vFM#)!s3$@A;D@c@`5dWP9g|T*dI|7!tZVt5U?#U?e9CLm$NeC1_BTXr#tG8^&Z)LU3G(@VnQwNy51Te@dn-W{2)uEwHun{IDwJMpAfI=_t@ zc%vw}jLc5h6se)_-`f}P%O!oJXS6^T@6v+Dy66(a&`%~-fR6)!in=D{lwD8WU)wS14MSW& zrkMie@cm1M`M-PIyH!-6%;@&0t!)+{JqEu|6)G6WQ^2W2!wVYXgE6Gw)Xk%R4>ajg zL_}evi~*c4Ucin_d=&L>ah<0EQ-_}%KAJ3PVKJ7RI65U`Z@f7xI(0`yPKd{9Jds>T z3Eqezh>ubxaV5Umg${E{1)`L^KB1GpfFC32Ly#eb<|ffh1CycAn=9)`7ZlSOjp$0h znwLs|RW%jz8iZ#+h)Bjpw71yX{y{7LT3(2bBB&Je6r7ynSytKojuF!mckKovh^gX!FhTtMj+4L2YCB03k|jqn<)IxlBnMVcH#6Y z+v{)j@5+;!ANng@%FnaMrHAW$T2j(!ml14Q-hY?Xwjlo+jcT*_o=&TBscAPXw&Ehm ztL@0wuP+OI;f8g_zm@Mx0zzJ!)kwamS~GZbrngpmUX31=P&+fCUc;h5bEuK3sLf!n z=1R&!OhXOvwzdw7@8S3if90vM0N%yvl9z*bPq(`tIoLs}fSdPty zk*8uZt1-%&7y2pFuH}5|BEkv&+L@<- z2*%-(_X}sJS!~j!ypqhM5t?JpuV9xCl#9iV3tdDSm&sdSnw!na^HAKj9TT z*ITaUi4X~nDyYyIuQA*#4e!OA7D@_M*v<;teH9qGp~yflG`Bmhmd*9nzeVJ~@Dzcm^ETS1HpDkYTiv z6(qK4sqf;*U1BhDfQsCugPXAtmdzukL4>3dD^GnGgeZ9rxL*c1CHm2n7(r6#^ts?F zaGG(mStzZ8Z)4-GXsu>85^&;&Ibd7I)*Hoc&4${A!qK3ISx1Yq-|bca8wy4 z((ZVElZ8%MZ)3WfVTs+#xE=lBa759=BV(w{&hi`R)%ORv7@$VzCS9>nM&Gxp>6Y5M zH2Gq}_YLTC9~U22qvg&X+MTFEWh@HX99>dPge7hr9t81{FVuAzE$=?r21M^d;qbd^i^Oc&@Nm%HibKAbK_3Pi`KVYR4Mv9Np8L=R+UI5-`!`^Qf5>1bpR8!o!mF$lKnhE zIvK3V0F_Gn^CB3O@(s|!61slQv$xM&5zlHAk~}jF!Dg^)5*Cc~d=_1ujZ#dz&5IBd zTes}#PBnqc@+B1Gv2W-Y&`jIk-ZiHRQCz9aJy}*#Qhb%r?NaTBIbCJxnoodMFRh*- zB#znFN(*E_y{vE?O^;_M53$&~0JJsJcYvD5K{$428_+Xq)U!ynj$V!X85<&)&#?ZBHziEE1a8P@LtD zginq$2?X@vySB%x$5gT0|(yp(+M#`oV={e&lWz4I^p}KcEcWA|twyDEi5Pk1_xx?t9coVhH~cBm4eLMURxWEdG`bw1&4hr*Vr> z!;ri}8G2T2KX`-Etf+L+WYZX|$wZ|TJ8=So_kr6X>#pI@hRy67)-8?WT)%vqeWPo4 zqncXGgPE{?@kp>k>B%0O^RKZ9+JHA&jN;Ir{)uwZKnG=&ogfmnoX9h5Y2BeGt(yf! zx$88SQ_-TCueqF2OZ{g5F}5%X3%?6ZrBq|IblxjO%vCPp^N1q(he6T=>al74k4#JM zm+Xk%J7p8pEx8#l5E@WQ7n^tzB$$<$)f47ZzU_?;75M0g?=^_YWQ#|XY1UtK>FS%G z=NeWfy?!BiZZmcDYbh%6GLxj_$L?4$oGXKLAS{kSY2`>!im{_`^v` zJ^jiMAjCwer&k=)vMAk*cVCl5`6NxB`@5R|epfzi=WOLWiqo*Qoo39sVd1c?T>w3$ zKx{}Bj%WXFQ6#R|di*osOBt*iNE{hewxNJn;H2w=ZO|w_p7aYv} zC{cvqySobf_c5zQlWoUt^b>_bncm{z_`Ar8cvp+g`k5VghVJpxE+1C_B`}wh8B#rt zeHzk$nPx^45x|FT0WwYJCWp327tOwm=Zi*|YfV#<(>|$qBYEwAK$rA5U1Te z{ekja1@Wi@9mCCJ`SUH5LFVdfhMJ}^R$F57zReDx>$YSES}~W$R8IQ^JDX6)`-^Fg zR|F0U^w*On448V|X`f+WQ41_!(UGBEyC}MuLmnpiC!)9R8yjqCiIt|Aox^_Ks5U7V zQYe+pQ@w&}ifFm@TMYdeH0Jw0qPwtd3naE`JH>-*mlBb05gyed2GkoXsMRyV^=&^D zV=;tFmP#3<_JjvM=rUe1wcQ(-bGF$+Q~kCQ@$^5a^PI+GsG8qa2;L6?T@-U%)rDhB zf*i3MJQ?~MDcjgq!rf?<;z{gA6%eDXp^8lM!wT+Xb)x5r6w*=L!56L5(y@g5z=fbX`(2z*6 zNg7rFRn{-?x7s!I>@-A?6)?`~Y`QNzJ-YW}N06m7c z;wv4PBQ1f+V-@Kn?`)Wx3HdppO$`#_HW$#Pd{tg#FmVmD_)5|Q*a=DpYRmT5qoo-o zH-ETy11@!(Y80ftNoEN*B@M|cJ;n;wvkbttsz zQ6@;3`eD4$^9$`L@d`4ARPuV%Ln zudsX4ZU_CztUhj@oHXj=PPBFDTyIK#34SB)u>^w$9irH*e>8HUuh2H`eRj6awDlNv z8E07y3FJZBh!(iU@&9oT0d1@TSAXr#E|;?{jCLBknmp5`;3%Nm{MAjh64bs(7JqR2jqS0;7{j*`_zSP zUIs<6RvNDca?t{3q*)8>6{H9!_vJO&!1pF47WEo>bJWzTM{sj{E#J?}Sz)24g(;$| zIz;B~bhbng^V8I5O%96rT8DhmptrY45-CJ+bXJ%bs^)+s&q<%B=;k!yz|z zL#Fa>AAPboZ2=xMXAF2h$~Wz&x%3v%yMT6iI3+exw*@YkZ#Q|AJc-hRsqM~g`*i0j zF2$nc-7ADYJrB=dTVw??V?ZvdU=Nz+!zX1dF0Uz_t)H*b6PKhTX2|9jH%NL2hzPgZ zk(e9|nSySf?1~=~eod-r58dtSKYn@^I5ACrO>?;eYos6<0lxUrH?SaaUw?MqL`;cKxiGvzC# zF)dQ*xvai81F*Gr0#cm8N~4}e<1}SZJbCvd+chB0@2kzdaYtC)V0Yh)Q%?>cbn6v0 zddFt2QZ+l_c%S~`>v)2mTj3MMzi8qJh{c??l^{jvYPU5@Zu>W)r`GVjFv?d9CvneI ztU(W+M@QKY&a{iu8|(#+ezw!gFYmE)?8{KQq?GgJ93lSD!QJ%y+l&Y7U3?nL29CO& zJZ*}@sb$%>w$z34&{D~5J+Gq){`;Xbkb2S($1)GLs<|$y=!Nuj8{E2`%Vdk-Jh{ht zpZHnPriLSt`&tl{P7HLOOsz40H=QQ$T|_jW#lv00n`WQ@cq6>x>~&Mmxr$`LeUcg{ zlQ?4YVa~&2?dur|-H+QNfE$`qv#cL|N0;Qyd9n{AULtk7xGwgGzMKnBV0~S=vi#go-u0;?;4tAY%k0gY4p#^?7u4 zYv0t)_MdaGK30KTtsp`yUv{2V_azI5*4>`>*0^rT?qlzckK~t_Ox3TJUCbHYDcIK= z-(43UB|CP%u3Jr4k9ZM&hEtz1y{x&R7gup{7?mI=@Ob(4%V%50lVS%6K6%L1z9Jrk zxk$^mk`^#D7W-3U0}6Is{^If=FQI_%)>~eZFH=y&S1@rVMRsKPKnr^Gr9UQ z?YKIokwe1{3f|cwDqJ>iRmri0q7cT$URhMih-n-a*)3D09x6YV(S$T6&y$cB87^nW zO#@hKqA@&u6$DVbd?vdG=~(OIWQpI>^4u1%@)#6xq=c4*DjGn25`KO~XUM$c=G z2};{LJ!$aIe1p+R{8wElAknxRPp!tJc?KL^A7*0%#Z_FDUf_2qJxT0BK5O?8Pz}B) zR^}Yy%>x_l5`*9OuPXRpO>T~8RtbeE>U7mN)d1$ylyQ0f#ULS7wX6|^>)nXIaZ%g+ zkFIUW$vB29NX7h5MiP9VD?pm_-Yqv5a8Z=bUpnZ3w;4(!%!VzB+}nK-te0jonx1s4 zb2>_6t{ESUr92klJzc z?Rhg?I8;ZHI3=DOlaG8GcAkJK?Kwh2Y%oZTqW8S4+{}s{S|>DZn7bbBqPHz`(XV;j zjc4QFkMWSsbW)CzMvs>5TPnpR)+XF{DDOpvIkl)yM|(8jcR#kR*M_(2rh?dm&KS^x zsjY@GwUy`sAoI{$kr;EYeA!3*E`vti8<#uqwh3bkWF(hXYc&s@k9GsX(ypeY2UO@>;H zNBT#dq+JCLT7`F3h`Js(nRqFqQ;Ld`nGtO*>smK{2XpZl{$LRLk?w7$3{{}cuSV1& z0#3#~RjK5rPlc|ImjRU@l?-ws=GmYvdTY`MSer#I!@Mj9m$gIR*k@(m(tXBX)9Yh* zs$CmW@(rGruU&KIeu+RB2i4~2iO{mm((5D7Tz%^-`sjIlD^`YkGTP{y65!$X=IZn| zZhwBpY6@XIUutG=##BZU!TGi5$4`qVDQwAPRU^(>{Wj4RgXD*Ve|T4n<7Mq zv`@!Ng`|)M{#em6cpMi*GCDK|k_g!vm0euK)B#IPQz(U6A9UHp{eBRWO_sUamG|0f zh-Z1}M>~qc2Qp9^Q;q=4?X5`enL#)~FWAru^LvC0ezX?w0)3^m;e^S6irto4+ zl$#U-CXM+Ap%{F(U|HjH%rv1W>dw&gJmoQwyag-(Tkf<=b}(*(PL_AezexZwzxrqP z`R~>5OE^p)HB$VcNh~QqJ=#P^W+0pBk3vLPE+rBjzu}V`i;b*=f-dcn4;_zQAfO;c z=!!DnK|L z#@!J_L}l1I@x>{_f+VY{(36;qyUwAYei(X&8~eAxI%EBQ^Q=U)uegFtqb1klBTruO zUklRDNXCygihT4N_R`SX-UdMPz^>p`K8D*%Ij-HDtizl2;4}{X?(HIOSymQ}LPY9W=WjKQgq5|!OCzKJ~=Mft?&uvRxNZir&bP0{- zdT58G-da$)wqW8ZyC6p!S}YoMhvDH6F}`YJ#;kfxig<$T=jjds=a05fHv^5$q0fWd zj!iTUjk*5E_?lY@7mrNi#d<3Fbo}W!`uvC9A&sna=0c(mh*9JDN8%0o15oa!WzSnj za5}&y+>7PabmcDv1`3C1?#ugIp#5)&GILI?jv}dFTxlfl;$-+6H?ht#h)Zgh`FpwENl_P) zM{OlAxps3B=BXHPS?X^Fx=byW-*hw$wRv?&Zw-45zYi&;GtyE@i_lEy6lRL(JTOQq z*S$%#_w=~xC^J$6i^i`{Mhvm4^YgLrm7v#g&0NVJVAJb)60Qep_L8CA-%_H#l9E)J zZG6xrP}K$zs^)m+=svopndBP4Z!ks_-KMC?+iBD68zgO1>7$$(4)lRm8{v|3ONwQ# zPkU~xJQufDo!Vr<`cs~5_|_=(6a&8de(@Z*?$@qVruh#Q=W>KJ#oP&w$)0r>1M#yd z%^;;J`(2@G%RbVxj1PD>u7J0yyol(o9Q;X<*pzW?p|mZqEiI&!7N9gQvma1bNMv^s1FtDm{obhiyqA}4HX}dXt=}s8w+ww} zEn18a%06Gw+xBz$KkfoJOWqPFUUvC1oceaT=RAqQ0b&9)!F$oy3Rg;LDMH58pK~pQ zuCy*x4|iJ?_CTU*GK&!oBas!#S3r_jtHmwmW2yc!^Z}YCHytw^gd0s9$p)iq(YVzj z?6gCe?5J%3(oXYe)4o8vZU=#^T$dTt*@|Bi?BK)jSCH0uwQ?>8?N_b+fCivIj(nXz z*m_JLUg=el_6bRDPFJk8=MoGIhJuNb=QEO&3rrIZx#iy(vsW18Q=q2aKuD=bV;h)~ zrrv>l0HRNV1(0Wy9W1<%9%PUou^SHQtI91aK0L{OnS}MKE}25D;Tp<~Bn@d2`fO8? z90qSDtejwP3AU6bke=E+KVr(I@@f{IQk~9ejid7FsyVNRot|PJAN%r1V4xk;&PS&Y zvD|4Zj*Ay3)egd@U@xJ}0Nrxt&oZ`r(%(yF{JQBEfB#_UYL`(?w*X0qvBH{z4BRXv zRO=4yTVy(Vr7maG5kk%e_|#o9q6bzR`(vBZokDGjH*}Kg=#{j1`>b+H0*s>vJb4F0 z7^trN_VsWJDlObI9S@Q8TT_>}ra^?(SM#yA#)nq}tCwH3t7IDVOkKaTwO#IGNHrml z+Yny%S10JPaeO~^QQd+Xya-7nIQ%j@CYop8Cv@iY9SQ5u)n3v|f>rQ62a zYd7C$Dqe7)^;J7lp z05KgbJXSTSBrj@#K5Q7J3O=}Hva#k(P5DD!2H``6K}H;DWme7mXnNJ?;`lubA<bTPiJ3Cwq#o-LGi>ghq^ zm5do_zB*V$cVv~FQbMV-D;KwKy+QTz|_x9&!**KurNQ}Jl$mt0f#G7!8rN&7AW=2fZGl5$)t~E*=IX- z0FDb1A(Cl?Xyvt=n=rTdr`}{wQ>tA@}hF58Rf|*AEi`ec2R0gha)Z34(!vc47g-IHkDko z#$pa{oR78@LE&j7Ed z+G2Y7ia(z9SL<*@ZCOA-_Aj&hqgIS0|53pFgfOIJdz_Do4<)poQ*fAY+OCOYyACm1 zwcc!PZN$hs-F6((3;#$*_!>5SHk)bl|JRn!U~7pZj|!+Iv(806Pz`L3VW}P#?4-T5 zZzQLqrk&KR#5T$sPJaS^x09xGx(=*gKIE;OjoBdfr3ADKNax~m(oKDyaa7+0?))4A zkRHXT6oblN9)NFD48xN*E}U}7$yKE{w*DOTVlQW*LDlP}*s9PiDCkBta0(%&pn2mXPi_)(4)n1*TZ^jUYR z*iI=_BwPvA(eZPrMAP1(VPEG$@r1CZJ1N-Bg-QKv|LE5J2$C6K&Ed+bKMFNpo~Nmz(}lRJ;oy=JMy1H92~K`?PMhW{e`(p1(paN#Pqs`}@E9 z=QaJ&3SU!KmyAXx)}Ri$2wf5&#)H*apZ%JH{rA7{hEo3S60D4@&RTvN!G&zZQk>L} z+zFr9VjI}P@Ziflg_i6r!=ZrT&`nNyT1a*H5z=myIN^H$g|bS{98P8%csh=w~l{vMnD{FD?CE7WBh z4%gB1F)9aiNd)8oTApHDoPa4D;E@-Oe6$c*MRC!ik{$bbDJQv*%e<96>5*Ke1G?~F z;C3N>T0XA}w;wvB++19HweIIgf0bSSL`3{U3U-r|roV>1ieX@+`m2hAlNqPD=%o7Q z&yUSz@Wd)5#p8;uCc#{^bMjV8p7S!7$RVJ4Mcbuj*R5HTjM6)}sof|*U&!%9pY7K; zJN!@2)`G2MF&v|*T)0Smk>wz%gl-(8&dn8GjsxVg{Y@E_*@!B9td{Dm5v%!0V7pm~ zcLfl6&b%)wz&l}j= zZXc1}o|BBcf4}=zZRC>}?3^_#c$i>D1m>}N$>n*5$Ty~bT+BvwCg)Ts}5c7VhL{cFi zd3{n{Uv_cnHC~FV<pJv75IPSAgR_fW$fDLbg!~Z#in!CDEVTEugwpK zN;@?IE-0c><)oz~z_F6AveT%+xxNpBKg{_{=x=RYkXUXks! zdl?vg+n~Y(1dG>U!ux?w!Gi1UqyvTW|F>%^r3kPOy+Q4Yl}TM5XIn!ofaP0{ErF^> z=-*G_KTgVf5TT|RR$OQh2C4 z?r?V|gI-(jyuY>4b%qCn-<-Hvqt1S$(;|qj=A~OSs6@jZ>wzE;s~n^&3dfq7RVuEQ zCeLnPtX0h5;9~)-moSUTaH@ZU9PQy}7H%=Me&6*!pY3-fkus~;*pc@ z)YHyT5%{^>bk|biL)*{yxkWXg!HA2CyPq%qIiMpML%1GEd>oAP{CpHge^7vXQCNo@ zG6grprttBI_d`u81#sRq#}2w0U)I#VyE3#P#K~imi|+D; zcvtHR`wUL^ObC&Fvj1Nu->0Sg0ShbaFXDqI8bJDVR7_c6AC@+cjCn^N87M=)4$rY2^?iPBAuv7W!~uWoR?gM_NXmh6<9hD08mejIF{v!(by&O_~@+J9H1OGT)cI; z>Ryu6I^?%b?J#^~-><{vWT2gMpIpskNQ2;G-}+=5>Z6`qym(* z`q7fT=mPTNv-sP%=M^gh2(a<|$nNRoew1EYKj|i%=;RJeGMW{ltFuG`?+@4+w08|_ ztgkMrvqX(vgxP7uR@f$8?rWr&pc8Tx-hI!b4Lhw4*IrWFsRsX~Nt@iUAHJp~p{99pnR8t4o59s?l2h5092VHIR zCH!MM)l(8QlZvB=o+St3dZxx3m(Su7s*`0^w_Bf=u`j(#d-lj>bIy{u-zMS@b)nPG z8@a2JqvD&$Uk<{qo%VFeKK|WbI&Nr@vRi{3N^l>~N!4A{6-zpnh!%JcyI)cr4oD*7lQ`}3FrK-hDO4KGym~q>_3+dS)v1{7 zXB;yuDAxtxtx=A_E)*FKB1V$e4mP?-HS?)(m-p8i_UC2$Yzr%-lTqh_v?J(Td*p=) zc8z(6XN@n!d-|XBW%N21+A|@~0jg)qwa`(Um0+O6(LThi+NVnm?`30GFz#kmgNvD? zp(tq8-cWoKJHc74MBi@qTt=uBkcyF~^zW6#tEy>sQH#L-6|4M5H9o=O{p^l5Y6;qjVBBs9n^V%I(0Z?RURHB_}ElL067sOfbY| zBdvjk{d6|_=#L@%Yo`DADEH$dOb`Oav8@|f#=PvX;`^9|+E0^GahrRDg(pA?vb?k3 z5nJi{2KZFtlIxuvk}0M{M*~0*8(~3|gXJx2q~W)tQ|hh|F7(Ato$}->tNvITS?&hl zlEx;pp6;K2WT1a9a{hH>0{T=d6Jlz@JLh7qV2brAG9gaQXa@CFH{=?8>^P|*`+z96 zk3ime;|UA8B5Sdgo3-R{+AhF_BxJ8C;T3^9f`Loq?zY+eeCvEfbNfYurz91xFgaoe-i@~VFQN|Fnz(B0qP-ONM)PgAh0COl>&n z?b4IK0|9*NV}z~Cri6`7V|Eq}n$sNWZ|PD6+e$}uhs+s7z$x(H3b~T)Ocb|@A-i%W@-~$SN(7X0Z;EV>$acwzwVxYTA6>@bU7Gb-N@)L z?VvxZ?6foJh$d5Fs3aLTlxAHW5-0gZv95XQlS+Oeu;xV<{mPuqx<$vL#Tv9n-%?7$ z;yy?dLJqN0Re|5BS$D9fWzy)sE3x)xlw)3)+btUnm_gqO}gjJ^L~*7N}WV@uTJOD>Q?F8EMR zE*^YR4`Wct)%Z+I zHSS=f{r4mL_eI~)gq5@T>?a<@*t;FYnba9@GapjAeJ+j8Jx8JemT?4^3SUJ2aac|Q z#=Jf@4cViAVIq|oz=CZY+ME8|H2XytD}ff@A!^+a%}B1q6s6udq;(Md9B{z>Sl zXLdXLAB%;59k2Hi@rr{OI+hepPBX<|c3`m*f!OUp-=V2a%j9OuFJJa*DuJEtgQQET zurWAV)l}*BlJ)O8nHfOEsB=XWgw=81ciQ;2%TUxk6ry_~E9D2cQ~o~V|Nc?n9<6uR zV4l-b^nyf09PmZO|sHHOkKR7x_==yT47(6(+kHi zU2=&zM@Y~GfNlZ>Gdm{C(~qeu4R+#PpLscV?E>Dc(~FBPGHTg#kYO=wmF!$Kr38du zIHMgB|1S+Ja5^tU1=fgn{Zjd;2i=zqDq96cQ>1`&QWC3^Mlj8^or}90amY(H-4=Y7 z+Mqxx97J4Oq|O;0T!sX8+k1_(_*A3*V~6#hszl&b@W3#k?vbj+e(4SNPj!0#eW7l9 zQzUn*HDn`9_F1N(QAS(C)qtH|aH9#ear}Hrgb;tdbFb#;5_Q&|w4F*Q*P44YcjTXo zCjYYYD`0{}f8mHmBSlYcYZ%)EUt-OMj;7jbJ>RcN2Vc~xL3p^?GWwK3pGw9@J78Ja z&NVMxRfx5;8CmIF7ndx_eJ0)rawJT}V~-ow-+Ucj+^mG-+I#swB=4ue3ACU^YA~Zx zxY-&en(UQOmuAlmuxZmf`?*-SJT>qSm}1X0AO*ORp$X-;_i@|kG)^=1att$ow49$? zw5GJGX<@M>E6+9He_QgssBf&_SZ;Dh>s;MV|L0lT%uHJ6HxG-z1-A*r z|8@F{XptWkxH8a1gK4LgkwYANf{|54fQO6D>>d5sL=KM1Y1nt0*fuR6$8UU-Tjs14 zmxYhTeW-{oC{dKlN}I1(ip3^qn*iJErOeAg1z2JRQPe&;^`WvgaDi`e*QAWsw`F`n?StX6@)h|I3;CV56Go0_0u$|lZVOJe{`clO zbFvJY+A{AyDJtu(%TP_?q~90dVDf>=*|nnaQc2AF&+Uf^J+hP8`3&7095l|IYvS20 zn}|V;Ii0ap39dOn|E=TIQHJMdWr{)7gdYVxqXp@`g^5G45m+iOBvcpf);r4vH(FGIpVZVHYvLYX2tOhedDr>}5I3bY9I zJct~je}aL}@lr|<`RBw1(S)X8+DEp_TUI^2I@vqWKJEVHLjA8N>E%jEjF}0E2WWLz zz$42>oh>ES>3R46INI>U#+~#VOfM5%EZSAGRaug1;A_R2U8BYmoJkxH#V4fbPdV>vbA(43vFcQ^^Q%X z)G$3AF~Dt9mhX?BO+Dkv|Evyry*oHNUpYVZpa)_v&(fe!5Jl%P1@Sfg$Qw+SXZ|#a zl9Xb_T$_6JJRkFaC_~R_yf6eWhY8%ix0tkixQpH*iotJ`E1&Y30l9yNpxMKTQFJgM^@W?KM?QyUv8YU58A{P%{L;4D6-%STUVefsgwp+d66x9+%DYwN^12E*1+O{1y zCf(sARtr<5h66vkp6yfi)ju-%$A;|ls4tn~LH*86hbfVvk?9H_Y5*|3I{V;Q*X+kq zhlwwaS~oUn6Tl6cTwk7<{QUmS>YAdqxv{ZP-JjyNahXE7=@3JKg7m#kKuGFKcpR;Y z;`^7XC0c}dKv<~@XC~F_ZE4UTHC5!%%!^GPU z0ypR1o$0pO2sw=W!~*22HOLwBmmk4rb;Gw1*)sSIJMW(!%;}UF1?u(p3I1HXa|j%D zI%bZ>`Tns0HtyPmFpb%_mX+3BPNFrg=_Gs~p{5SFlhHA~}yr zuaKKY2$|uiKJ(Tiuz#iJjNB8tAw!TCren@jX2R{IU;u%kucuLJgpgWNytcmccx8Gh zB_Quas=d1wp0Et#qKKV-YvQu&y#M#LDx`oJ{;FhrT$Z#cL)5>n8^>ek4$^%lAf*1m z+@dY2g_Yzl8?YkI?T@@=>?%>F#C8tN^)J%0Jyt5BR6~Niw?EuknBQJvQ&|YKBE;F1 z`@&7nW7@I$Ey*2k-JllZqHw4Y42WXm!o&insUi&G3kd%4Lj7kA=kPm!Rlx1M&dF?t*#;A34MfS(3daWXoGk5~# zeLt{%+G~||c5+ILQP=$n*GgmsGepN08*%v1CXDYOz~y}NBfP^m0B>gUY!@2B8F}Rs zS{C%y#MRkMil8CxU~zSE$_Z$?IZAlj0DIrZ2ik%XyH;gAlxskO4tfUQvKDX*y1JUD zXoU{L-5cQG(Ld+BUuo%|#ZqDPjmw^a@$)j_v-8aDH z#-w`Ai4_D}PJ&z5GaR z7QOBz0uD}r#0M@;&gAXJiPa{J&^uY^yZQTDG5use&(H@PL92Ycu&kHH1Q4Z$cHGSO zgbq1|_zr`Y)1mD5{-AvW)K%{DK2Y-4xWvJcP!$ywe^je*pE+hQ7^TbiL|wlEz=5v= z1!e-qA?y=O0IFx&;)198$%XP*^-w}4acJZ+WbhjZhb90w%w4T>Y&PFRHGpXzx(UdS z>_BA3Z+joG%gljJq-x&(k<86O+_OU4|RNreqV@dIl7V>b5@VD^)kxd=ueJ zV|UzA0k@H$T5cJukG^Uu^Z5`%Oex@Y{b^Utk(|LtYYO>C#Jp zz1(g#%9~(SyZX3#6VOJPL7zc=UaZK+7p^ED#+>b_FEG-bOz|Aak0ryASW#J3JU~Ex-f@@+o_pB-ioMqPn|Dyp= zZ*NfcUCGP&-2kQ15+%LSQSgAN+yCgmO@c$Y;Q~1!7x`s9RSGMIA z6gtNG9Tt1wFHl4ggo4V%H>kCsv3REn}&CNWfx{XPYjIkKSC@ z034DtPTMXJThh;XoN<8LY>z}Xapt={1(wQV`)WG2Q+uGuUq^HNKF24xhrDzV>?(w( zLb)fK!h>XCe4_){zQ)I&3vg+guFtpOj6j8=eb527!*EP>o_B%oH30?TpOx(8JTI4@ zEn9jBzkzGBg0FB>^JzX6=&;#oHd-)eO zdS$zC?1hdPwCNJSGt5B~az`xA<7Ipwg%bAcR+PfEWH4JqCSw+$lK6TABlng5eGkdw zMCiywQyHDq@=z~vA|grNAD$9n)}b(jF$3gJEHJ)iz)TeNh90YJ)j zh(Yaa=#JihDxs3g&T~(kM8Ut@wf5X5g{W}X($UDJ3C!^mzswVei5SZ~$M!1(&jEPf zfxsLfHve#oB$}Wnha9c4cO7{@yZj>l_VeHjZ z`j#0(9(e<#ZPgB1;C3%@C|8jf3>oPJ$Zj=cIO@n`wRDtG$@e3r2XB2Nce4}R{&PV2 zBerJIK4O5!X(x@u zR9i2^BV2fGC{TT5VLK|u>-i1hj1KL&is&yDNEo4oKg;}bi@+?!IgZl0ewPCm>kMo= z>=(P$X-SL6*mX2+KzMwWkWBIp%GD#tIv~=)cTD33y{Kl?fpML4;2^r_(ZB@=r~RO1 zsr9*LIj&g^>L`5)4q#umq=@q2nCvI1|gH5`A zQiirDTCLqT0=U|g*B@DaYxR}LRHWc0=)Pi>1uanaC5A4k5cJGhUaTJ{)r#It~Cf3-HQeMr@VjAuaaFEOA);5=)a-xX7)6v0paDuzpG*>$J1 zs~>>b4$xtD%BC6gGg{63r6;4>LtOKeTicmZ97d%XT021?GXMhA&uY(NfXrh@OjLwO zSqd<_OMvsOt%_e9N*HAOJ92{Q*Jmv-)%jEA=jBSF7!sA)8SUi8o!Q~KD$?9bI;^H< zjylQc)$Xs3eH-h6TH=fB4N9WI_}X${W<V{; zqEZe{#wKIVwzrY}N+kV=!t{?C*z64gz%%Z#yl1MgsZqur*GCP5i8-?X@jXv_bRSp9 zH5|AGGTVa9h3013SjuodkYXHYKL(iZ6!ld&KOWI;zH=6ustq!UxiKfluauaJK!kI7 z*ViL20B!27TzfM}R2dMDRn>KH6khuqSI|W)^(U~-wR_s7O~6jNBgmF@Tt5lQ8swDz zjHdKCx){YHvg;-(MTV?K-glR>(7VU|OHJ?xazhElXTgPni}y!6wj4>zjJ`jiNhsez z_jrcMna&(%IE?Q@31g79JtwNNd)oufc)*x#cohQ@$Yk#|FM*$n-VJtGkNxa%XyP2m z?qj?K`V_6Ioa^774ff9{bwX!J8l{-|WcLEVhF0Rbp@I=e(+EU*Tn@SSn{S%zRaDqe zLweBIRMjx@WPI{V30*fbic`On%%NaY=4t3cjL;e%xrW}5wxSU%&$su)Uxr;NR3}0X z@~k7YnfIvB;CsoF@b{^=CN1`6Yi;-SJkE^aNqpzF*07J~hE<-WN2Yq89hC~#GAMF% z3tXg^_-m19D#BB>;~pv)bgvjyqoaBnbr-Z3n?-6w4PHzCv}sNax3-`KtTnBAeVrcT zN*4g%jRzA$%G!dRW1|^(8ZiLwFYaU(%C(Jw&MaDvNM@VCeTtL6Hd5f;R;T zW(NIKc8rIEm_7?1qn5|Ky?i0D3ow{O>>;x6x%S=(0KfK#7e9Y|w{?>GTWaJK0AHbT ztDPH0)sl+)NMm@ZB?%lR3_0YB98!a1LoIH%=iz|5JIgM$`Hz?cVl zUqONtJ|Q>lv?GJF-!N^7WVl4N+);v{hO;^P#4AZkx%M4LaNTQ7#JAx(gIAnsvU!2ix z-0>9ne@`X@UxrRJ-l!{2I9M4NBP%iSNR{#Zn%W2vVs~!_?BFKmMQN^N{45Rim!FiO zQcNs@Y#u9>RU`X6lXssADth@NefA?c!%=N^;GLE1sZ2vl4f*ZtsS%Qe_Dj1ax8(XO z9u$1ht; z|6rrObDaj3dbZQog;mE#d?M8L6c_?OU+HQXh8#yL%QM&Slm#VOjPUgrRnJe~^-3m* z!l)lCyyFA-WcXrW9o6V!G<|JUoB`ecRxYWLd=wF#7LZfV@M0PMq#*A|NjD zHtjKR)FL_rk$uKTKkE?n^RED4w#Qxut~q;0vK=R!kMFv^e19txdiM+4tjVcUe>p^!hx)PB{#Nz|;bU8sH#M|@=%C3(ji{!ff43Z%lCJE! z05#tMkaH0zNLWN(0awl4gOw}S?V>p6S$GvnB|A=j1XMi+n7arJ;RSINrP+A)=V|mY z&`h&r;}&=`^|>LgRqO?*tVrttmde>&y*NDaQf*Ys!8(Ur@K{uk?m3-ux8ke=dSy}c zGbUFHz6!KIB}4!5qZC>Cy}skoJ8#VyJ^S;NvibpT1)>MX5izQbHGEvh{6jmSE9(9N z-8~^jkS(`>>>@_Xe~pkW?qP1e^2bCVrOPpY)Q+vN!te8B|1(-*SQ?YQNKH?-zLLGT zz(6v0c~H&JJ}svL^ftRGnZP%Kz*yKl=3(t91=OeX&SJi|Cmpjt4<@dkcS{N^1=VO9 zLPn4CTt+*r$8*&dCpNiPX4usGiWP8frik@jC_2JQ4iK3Fy@@+r)O{mH_fdy=!?=l zX(nf&S5-p=bEiOiOveO&$_J{Oj_EmD3VOCcmuf=peP2$gqLjI(8~s7H{rlnm6OlXtKL`45Eu)}Z;{Q!g=@)G#pRVk^28kmFc!4BFB(z+4w{X;g1W1zC+ER`-2 z5AGlBa`=)5*UoeN1Q<&91U`gAaVOW|J@B38o9klpfgff>;`%8at8mAfuLeQ%{XkA$ zc{oE^KV=BeU7Rl`URv+^gn%->EW*%;Wz+fIuiTyCKE&6@`*twe5raw>#^sE&H(<8V z?`OC_xg;=N^^{`8HMKM?MaaC;_@&lvpEOzswpm4=^vFEHEOsz#rE1XZHHoWh+3D?( zJMfGGhN+0R2KTAanZ3;(kwOVkv4FRZ3?;?nqMw1fqm)=FvjgsMU#Sd`xX`rRxaUfP zA$B%L(ox+WnUmJa*FiuS0|l`yobTJU76YSJ#q*MLAgnaK0h^Kb93nrt?+e{hCb^!} z^K{pJn>oKHxck>8_ASIR;>ERh<$2GucwV!I5r2C%N~mNY>`M?UYLLMl1(0a#A%(-U zFLX0zp+v7>d~%STynEU&r0vL)xok5N1l(P9Z3ADF%P)6^umXLh@OR%i3SS`KhkR=jJ78kgHdq{lNl#ASZ-9mzXZ+S5D2A2f|zb4$w*XVFgI> zpEYE7Kq5K-&^bCvwKQA#u5zf(aVz~l0i~_IW86edI%?QAvXx+y`a&zG!q!J&8h1PC zyaE_a)u9|i&Oe5W*%kdm9<`MqFe@!@=yY6SAUwI zpsoVLoALn;t83!g#$nf~djnsS0qV>b>Qt{|FK?RS7#neDoRdGkE&M^1UxU`UXD`wx z4s1#3w7_#dCmXIY2`{t*@n7JF`DDQj$Axd3Q(OK;R=qpm{TRyEI=57%N}W$Xj^mP? z^8+4)NP&4bS!!j4zzdh13g0sq!Kb5|p@E4zX5}TL8)g8(-xSAb6p* zaJj(hnVvcrcbL=4e8y(bj@-P_nfqBB^-B9wI-3Ao_x~@GSRo8-sXC;`76NCD^%|PZ zj4rZvsp-@ETd;mIpF_+oYc9$3W8iQ*C7a5p8Dtw7&gizmJRk8g{L2q`Lp5Wj-y!K!%L=9Wh9QtRTQk&cWR7$DV#{;2B)e|qyTB+f_?&h$?BVkGW<)M`ccE)6 zD`t3AX?)Lm4r7vWQMOfP;9j{YT#(&d3g6cg1o1xpGN^|1T^($gc_#(dU|rW?6MotS zB;R-t=w>$bXGJWZL%YFP&kD!~l+XYU`=7uVLe|)yZ(^PE6;oAjP+<#mCxz1=Q*|lA z>w7=#iT(rm6w55OteE9n-?R1VGsiUlnJbP}56z1!yBhx4SUT)tT&?+6vzX1?868lp zoHuG3>mCgIruH+hEP^b?1Ce%}Tns9!ow*{G%8XMYNhF|V?i)E8=yr1RQ(A8lMi1m) zrcG;C^;eCKSn$)z$UiTmGodc$0aZi}AVbvXcVn zjbFJ!Jpmy{A|v!jrOxMFo8N=&6UDhWQ!so9)vR;K$4PNc1i;#yzHGN@99Z6$R$sKa z8aB#>YJ;d{_AQB#*Q?0HexPmG@Bp8s{YOc)$74c7-e3AHf20_4Lg}ESIUg*k#YH(} zTgMV$)4V?i%Aege9X98zdrTAtbX1#f1F6|f*<6n{%EHu}*(Ebvo>lHt z2EF&o#r!%t8{YmfAoG_YB=bf*R(KOMP>>e_no68RQEO$;N+tOl>R;0vBhgnYC-;&( zuI?pzSl*FsRo?r2RYN zh(s@;8;&zd2HZzlGh)ut#}+WP`ZqU|6psTR@ygW~K632gRxZ+Sn`SF)xmhtrmItBZn_MQO%RWUB2MsxTS0O zm}JU#mr}#kHT=Oq9NO(uU(27CzmB(rQZU1bq^SE1b--oChN5PT!kYbeDP}Mx3#UlIf&yBXl_s07g|h5 z8U;Xzdpm|D^qi!zgbNfZNK&tm+~ap8c5R+*9oQ4#(6j!UaQwM5__w?mtoKA;p~Q0i zLdMAX=i+>LP?Yke@QJX(t=v>yIB#@PL70P3qih_>aWL?qV_HCafVm3_r|`-Z{(or! zgzZ@|cr@F~%kt1J<;4%+=lqGO_)o|COOAJR%PZS3^W{(=Hq347`qjIlx{Z$T%1>#o z@1liXgjGoxvXc?pW(p+9XXmMrYpHBSZc}FN;;$4xVSm*Dl^>a9ciyGjkD-T~H2me0 z{~D!#dBc|9`?0I3d7~IpcBX~2!mTV2*}&dI7~_^X4d~J(tvblK<*7I^L}Y~a5j(^3?)0VL z*s4@;{Th9L`L_RXW_ij8O600N{&uZdg$F!@jB{Ir;KSefzdI?4T>{r?tXF)xRhIB^ zV>xLk^lRGd*FOK-C;k%q)esv7yVkjAO~hkeMZgD(J_%_^#%7D#&x?QR;MSni{Y9Ty zPk$E{5pqAi>F+7wKYZc;`uOxSWHFw!RZNvbM?t3sE;^0{>3v_!%43lvHcd1Hd2KV= zLAq+3TAN|xwG3b{$=I#Q*-S0IVB3$d2g^ zn!RD+P0Hj|&1`7dbi;`7$jv9@#XJq1CLSIxHHP)`l}az1_1Zfr8Y2^$a=Mc78>onp zh!2M-13&-UST7+x((t{!fHniYIwYW)%tdp8xSDDv3SDJD52(_w|H@6Emhus1-4Wd5 z)EJdH)ELRr^{S)A+w}vIrBFIK!ZWv;&)If=z)=3TmHVF;c|eBP0dfQy_$oj-Gt7;M zn`Z4uyr}N3w&!`{&PD5sE?RgMcW8 z-@Aj151$VxVfuG8+0c*M1ta5FNLN#B4^qb;#`Hm$3a|yLgRB~RwG+iF)n8i$0fFd$ zBMkiaV)Z&FTO`Ep8#r{7ang?Ap*>&T!g#>n8xCUeef^Wys({}NCs-t;jYwm!(ym`RKWNx^dN0GEF)agfp+2lMl8<5!T}`fG0+iE0 zLVFmlqXwPh{b=vsSv|K9U899+<)Oa4>To(fAc|)_GAo>bb4(L$6kvLh|3Pcr)rJj1 zYi~ccSKFaR`q$+8|GqT8T*hc|;-`Q<`Z@1b5w|cz%|$aS!=@1njO|KHb7wtbcJkua zKASxqGs$^<0H_2?1HTO)l=#9;uBD_;^08f}+H~!+hH1lwyfHWhwa%jJP&-tk{b&s< zD}QX-cze-;Y4Z^^;*qS9>g#|JvcILr|I?*AazPlpJ<=0G+M+neO?Ps}I!FUXr%gcYjZKV zOv4$4;v>_xw2Cf=oqRvAWM6Nb2m0ma+k3?GzZn`_ zL1ayT4i1gT{Z&aTwW!TNa65Tw0g8QZ+GeOqdTf3~|1qPcL2QNdI5y2WNsAMuxI;(u+6gO%-VqH?m}nK|=8vJ`#7&0}9q1`Tw*q5btldDi@brdY zO=3~CeRYM~RGgc+PT?)P3+J5Kzj4@0&y&GBOvPLM*J-)=ePt^&r%<%1&Z+mC;h%-R zpdcc6u@P%ZiIhompd`_ekn1a7n}TZ8I0vVLnBc z64`k7eS>|dMbhi0}Tqqv|idD^%F%vnOV%8GZ}pcV9=(5SVK* zDAQGULLmN=G3BIUP$EZ_b^%dlD)HQb;8x3c4NN~)y9S}`TF zH*~`YXU;r)pgNnkZ=>S8yH(<81x3RhiNabEc@vf-YaP9T;r-i3l}c~MWI7<;RT*WG z7s%!zWnGA3c|i<0`jlmmg!)MI9Ga(r`QT|+C%Liba>unp*eze^-15Xt)rYEw`Z)tN zwDBAI=F@EhcXu7CgPnZu{`TDu7iuPbwJM<#_vsnSLB?L(R@U>|X$s-z+?l=IHsl2M z@)hXNK;z~Q9fJ-@@MB9%4snbpy+?W3S!arSlpPFxMB=d%+h$P6noNBAU-+Z{>%VVE zB1ZC1zrKlN2#dnVC+g|{sArO|HL!ggul}4st(5fSjt({<&cz6|tyrB%#u8@B^t}*~ z7XcfJP8y5j+ZxP`t8;d0!5jl0{twq(4|8K$dSuh8%TmnD z3OnV|ZbP~AHQ@&0a}|OO$>Ea)?OL9wPZh@yHK|JdvelZ}S1xtNZ`S|MXHE6`W>m{+ zMf4MyO!?87ndW@_OXT<$>*_D>xq=EM-VEZ9roy-0_b=lvASMN$a|Ri4VxyeU=Dz2h3qR|2Z|Gt^YSySl*p&oR9!lCdkB z&0(wuBrr@0YR3p8mooCqP$(u2cZRGQ6P&B1s3=P7%oA^yC=4*lzjP7@-TGp`H1F77O8l-#7%|xw1a2-7Y|;> z3miJ9+!=7McR1=isxovdC|T$Y+qxav2Dg^iypF4acYUz`axMRzU#|j$Ub6XG$Ub59y(x>was zvZDmM2F~k-WII-O_I7O!%MMHZxc@H~Spm6%mxhNY?ZoAycM1>X>zIm(g5d6P)|@>m z@3OR42Ar-^;F%&q*kMe1Nnx)tMPM5D`W$(Hm~@wA7b;(`!$DBg`TJ)omA>#WfSX$4 zSdef{&O|kaP<&O4pE{&G6Fk_KJUEUTJD+wq)2AYczzLU1{yZP*Ec)sE zOZYQIAL%|T4>4vwAGhcX;J3^RyKQ^=?>s(#c@H77gN>r>YN1)2Bs~tRt(rs7Lzv=7 z4QrJ(MkQ%11tYIRJQ@=D?S=O{?7VYc?=K9TXhYr&XpTIg={yO(`;d{6R;kAdSfv<( z6yfNum!+JAk>|F&=F6K;g;sCHpR~f3dJbg1M3Hf)@}-s!{ljdxD3BxR}0?_kQ}t#s>&5Esra40qWL9c-~Yxx7b~Ed~}No%|QY1 zk5*eHPL+{NdjED|JOuAx^~n2Pw=pJ2cyJjROx8)|R3-Ll)+obO4C7_qP3d#*k){XY zAUoqX_O;VmkA0zj^mK zZT>JyC~Fj$R_eJmJ%;iUJ%x<9Mp7nYiI}@7p8y9tE~xNR`VG?S()l%0$G*;k6?Ft z5XAy}w#Jl3zOiatL-M$!LXBwdbri=glZMT|tkaap8O|m7;=pOPuEYZ01flQs%3$fk zWX~gXzs9Y`>C@=?kQs>PsiFIy^zOxmK%NTZna4@?R3zW+oU>_!V)38T`ciXu_3T_m zvBB&^ZKY?&kE&M04%pleNfQdU34Z9e&&u#^# zyzh#@@1&x_f6Df9VlC$s9EQdD>n#np?rB?^N)%U4=&B`hnpO^D_!V%>~ZV9=(a zxMrpyDvZQA9(wJ%76aKJEG{v?c^>=8aET5FCln&tVIH|Wz}d*~AiC%0j^U9y1|~jk ze6bbOcP&IhLs^(?w;YF>RPHEymK&1yp&R8ZYfh$d&{t3KKDB&wLMHSeUN%ApjhU}s z%O(m%lirQ5+P)j3(IJX$q>v5*D}Y$;LjF*Q28cJH7kJ{@>{()AUVoGIqUI$?0S5(;t2TbBX@#U#$WLGxU*A z!iDs(@{}b-v(x+l~_*?bC&<8qVyHh!#R29eJsnV#c}UhS%#cHGIB8!a@?y3(w*wY2s7 zYotYb;x#?3rCIeRVdrbPq}I!q_q0ymjq5cpFd7>hmjN6TH4V*{(#w2~;zFy4nY0CJ zS|^yaq2eJTvmc#T!+Xicvd^Q3Qu(DjA8(hi;Q!-=G{=5VjoGyA9G95ITv6Gi#$TXTq2R%o_&_C`Tq}sslefb0wf5`sWTOp$<@HXd5IJJW(YYu?XawQe5{1vF63Zf`k*z0Z zb6sIM8nyvx7z6@;3t~bhh&!j(d!r-wwM@k&dEXz0#+N4LYz2JguRt261cnkR-b|Q% zSjo7K+(we2Vl3r9K0Doz3uPGG@G;<@_S(vf2jNE=XlL`&4XC2;Ml?>p(=y>BwSpHH zFA<^RcT1-@MLH2F`v7RQtjIhkS6zUdH)+y>XM>CSRYSqNvT6$VK-AhW+K8q)> z?@xZRH}FNpcW(EA`fJhVu++$j2gl^fTe0CdUZ!&YrI93raL4-#K*Vtvi9`3u5L-w! zk^yUHuY*6eNiOBlX6BS(uy^t8WNa?Z>-ES4Z>u*15C3+}ZlMrRBZU5Z$U;(Z>%C$( zCXN$bit7g2mh;E^lEg9&RUDyEO-wQspV^)f{*E{ks!P^I6vaHQMT`vA_p*f8tVPxp zk|Rl8wOtyRhNcvCv9fb)Qt|e925Q`y}9 zT=!HYor{`9(rqhoL&;POIW+=F3!5{DlZIiu8tGjAjx`=%ZfL1CXtGW4YZTvnEAqJ* zK-MORaOEjv2-18#60qqfmBMA7%Gq;pzMdoQ8^TQ^Gdun>bmxsG75le4kp)-i6|46j z^+R-Y=z&K6r?i%#kGurCrbGbpFTJC;DW;1E=ZpB7aF^$Tkhy7z{ROakabL0#OsJUY%z$7L#>_=#0VO1JM}UhEN!=X_f%H>VuuCKA*H zx4m9vYx;WnXEzu(O8?LvDHFd7y~t4-V~|uyMjp{8rd8LXFq=hh)EpFiATeBcrP^jZ zE1-S5R{s*KQ0&Tv{LR)yd6}`u2{UAokYO2N4Dn(XdzSR#rE@-0nQjM^p7MdCd!7u? zzmX|8VP5QE-Gf$Uw7Cv_5X{=s>k{@BV#ODSPx6P4 z*2&QB9L$6b#pvS)G(&7(ICJ|z8Ld9Cz`E}D9773We4${-&MT>~L zg?t~1xlqjuc*Yb&mm)|*ma(MxD%wWNCiYKH0m$cqZ>@N}UD#tFVT1M}DM!n@J51-t z>E}Ot@*(3hCUxucu96=7m#rCjP0~+c=)!wOJbo!mNPO^e|B}Q3=@p{5t0Peni>tGp z71Bv=xJIT0VWq6M50}3%!X5uF=YE{4HZ_ncHu|^$xqT^}yeFnqpj65=K~s>Yhrs{8usIvQ5&1>IH%eRLt& zlfCnmCS03(9;xuK2l=LED(UGC?+~l3UE|&9FgN@(e&vJ4wiQJSUsUSjxU;QJE=2@+ zD2JULQYd!zu6>=cu&{6;&GkSJxgTnlZ2V`2e+U~!GK;GNsuI}&yXfP0S9{p+tsZn3 zvRLNM9N*cp(b?QN%4TEWLxRT zrs8g$2V4F~%|oKBokl$u7@Bj#)azXWK?+ z9}K^n#d)X`BTxTFKl=^>?bFn_bE%jeKugL`Mr-JZT!&Tk(vXX3t*uFU=Q^LrL{zJ! zVDUpRXA7+n+#p-DQ6eR%k0}_7CvD{TvJE;LTXx|&Jwvbn{@POtGWX@|c0sMh+zs@w z+>n#)Cg`{hGvn#o=NQUa9))h07JP0}d6^Ct(8g=kkK%|ca%-aT3Cn5! zKOqs+l85G>7+Rs8ti5`16f(q$)Pvutf8Pk9#wy~vRsdqi)?tVc6>LvJfOCrE+>I{R z7|hm}b6pC_HBWS3io4S?S5|HOam5wYNcO~t%%FW$`&sdbqtrr!0wG>fuy>{)Z5Q24 z$uXLH2MZ6A=H1Y?fv0ijHkF{COyUz#!%j?il-xkE1?=U72;Cz5>g1J$ImNe*VCk8? z>6^F{%q(PznjpV2dn0?T$X`C8k@U-Y|Ic8YE{LhYQlug9?nF$pwm>ZuUzvElpJ7*F z?rFGti+zDLe}lNL60Z1D0msAmEb0W);K8U5Z_;)?y^fT7_te-~wcKUUw_?EBsvu%P z&wWQpuF>*hGRasqYxxO21Q#15{ePb0d>JMmb_Y-OV-k$A95P5hK>EW1GQz8t?AxIN z1LyIpeJq2}-N>#C7j2}OJZcpJa!EFRN%5MvP2Zx-oKzkfN-OI%5+hUBr{KCJN2 z67i+=!)Y(2+?iXtV>Qq7s$M)CETTBiIwOluCN=nbufGyE6}}Hflbu}sDBYB6F#oko zUTs3KBs9?9$YAh|4yR}eHh-shX@iTmtz2?UvqtVJ0VB7jOIf8$PNCUbVc%ewmZzHb z)g1lSa9(kc{h@pe)`EuR$1Ex4N9Hk>)1952)s@;gt)2WdK5v-O!|p`5=$(Ge-5%@< za&Ft%_OJ!H*FW@m8$}mKu_e%SgHy4Eprsaj8iX%CKHzLoNMlzLu({03Zf+CI%TI4U zol?VrPM|=*!89uEk~rC3R?A_ZkOris;jNJ9{ABd7lYC<`0i z$m&!W`tvAl71Y*hLW6>g0SGlRDk^Hid~|e_bbGQSuJPUJ)^NGe(Z&di#Y7?c%;dzx zR*8fNLaF|zs9Zp`}mkWhw{T#=~$0nLOIw|Rdh=^)CX9!JVuTzQP`#nQhtx;WW2sjH|^0sge~XJ=m@GRw0 zcvOKcR@})+q0}$;`%d7k`EB6LA~3P)esPj;y6GgWshJ=f&(t#5o5*gFosmJp5q8XK z(jTth=9ggH@=9^I^I)~l&~XQGzKanUDD*F}cJ#*3=2XILM_XIln*e)<P)D+gnb^=O}JDA8-Z?d1% z>x3P=a#tjBGfmSx`k~xQKKbm%P~vmpr0tup3(u{soCWq1doRblge;Y%PA2bCEFN~Z zM}`iO+X(PgUw_^iH}o|{pg6m&$%a8ms6j6Gq&W0_OrToRaQ5Z&GQ9uZ^vUL2xbhAw>j%f&eu{> zLin7ty)J(qXr|-}5M|_7dAfGcowdEFUnOefWJ7E_$fBz18+h?CXRE5AE@%1(XSu!f z?LtEYBs^+WYtPc1ak2Oiy&wiL*bK_SSXpF&hS1i42R#V$D*SQly}Kye>nv%x zA5P*;Ss&7}Al>si5rV^E2FBWPkppNN5E3& zl{dT#`w{Vys5u&`S4Epk)K5|(iDiMezo7+hGmRL#+;r2sE5KH`|L}1l=M#!+7BcNZ zv}dtvQdufU)%l7_MKQ3|hvq3Hd<45`*~P)N^6m?G_-U-lTPm-nN<9Lr*xRyW22UR- z*JcTXt9&C*#wl0H3-IscPBeHz+N0m3#KLVFimAG1{`Iw3m^&(?{`x~)U@of1hQM?B zNr;#ju3pY4!*d1bYu%i{N;rGl0}vp3x!02oCw6CRl^Gh3Agt~q;0sY&Wx{5M#w?S%E7*oUJl? zQvbwaWtQjNWjkxZ@Cb*H2cE+fLN0;g5l3cU`)>2a+2o={X};cWUI9u- zyNaiP8X2+gzW)xQIDBnWB}&2Y%UIj%w$v?BvCCV%5{8C`$%?jckt9iZCw`CqBe;S6 zSD@Of#}oTmHojH$dmja)_M0gz_9 zX6RO>=U$Ea5C!t6ExHlShn>OW@GXt2AFFdLFZOc;m254R_=nu(^*q-Q$pqRfzo9dg zuTxH3EhP}1(^WSjO)V6h_RI+IQ0)l}>v}8yl0AhJ-R=$(QSVYK!w zAs|W#2uOp7bV;X_Al=>FISk#>-3=n$&Cnqs-95B44BhoTp7)&d9?!cz*8I(y^*nRO z-ut?K7a%$#q81IoITf!fq!O6ou`^dn9A~Txs=e^CD{b#r0r{yh#9j2_6Ct{OK<;;N zMx=LdWX4Es(GlJ(!uWcTHBLu0@A6n?5<>)s9)Nhq1cwqG-kQ%!3H~uWphc1YC=TH&%;j{r6Co56_PD$(9h zh+2*});_YSrRJXUWua7Yf!CDSPd9W{m)?fLl_Yq#V@ zO9!H880o_rGH(dZgdob}+KYJ&C_v6|py&noVJO;i)=<~Y$nDpn!@o=%0GfvB41iUl znzkD8!b~1?VyW ziV`aT0&6Myb#Kwy0sgvS_Tt<~75p8J@3Dh4YvxPdF3ITdgd1&Cn#sGa*dbzxmj~#O zxP{Jyw3t+TrpAM1Dowu|41Y;N9h(66AG_#p?@gBMlQAj0uj5i#V%0V{_M%=Ib{~7& zn!}T;5Yu|KQE&HP=%Fe?(6IQaN>==lur zl1P^Y#=JEYhLC-Hjj|!&G^gqJdyE)%KT)YtwDXQ8cO|3xrFfCalGuS>GuTTy#C*xW z_5*xWPIL(&Ej;|F9aRVpr!oir#PJ--{DkZlY9=LE3HBM z)$0(+oXS^1(kaI@tirtuZq&u*SbOdlf;zf?7-BWj-oLN(lo=uNP|A@F#-!>#9Y;z2 z8PMs@Mecr?PiH8?HZ((nRh$t&)6c>3J=cm(x}ou{7P&xl0m~?=c{sn+?c|E#Siy-H zaUgis4KvF78tN47fD;%#03^mk_t0a$q1gtZcq*Xmh(PEB&VEy#rLR7GY+!)CBj*U@ z4Ff4#TUxRf=NcvEV$aOXoSh9Zr8lvS@lEBKwE&EkEr86F{5Q&N3-hA@z%eux1OoVq zhyZkeDfePOUK$D)qhSkR2G&{ezPGvkMf#+F7XljNzs@*Zm^yv^(v!u~2*{E<0~m4y z?=WTmBCA{yJqT+5!JU*;rDJ>r1- zPXYes6Z{QPm5o-57AcS2_b|YEju~ChRIQ+(Kz_q#4=|tl75SGyKjbA&2)c=HA{v0! z%ylj~w^v+2Jikju{QeBQP_rr>M>lJTAc-gSZFKb^M{1J&%d*LYF^=+*Wp85xvV13e zL?0O5U43Q4Pi%oj;WV{64DwW7GToN5ylR*j0T3P?@hVMV7K>&fvQ(w)&%0W`RXrsx zlIDJ2ix4;TJbdI?BO=VACWNs!NtTw@;+F9CpPiAlKiPEtfQ3G5e~5nQ7rt%dS(c$4 znNhCMa2&cXT%r~4L7vD);~FO~Kdsf%puhHV_ZyyZ9t?SIx7Ubhah1i?7V}w2tA%|?_xP^+s_HR0SbVKBJ{`Lp}c#7nMRTo3eE?U%m=Ca=cEE` zaavuJUhk)2+1gAmdX8`Xs5=rpBp}N=xatp!RYt+Q2XiZ&Dp?8@*V=-s5XfTlz@Sf& z>qTZ}y(#V;=odHkmLz|YoTo*s=eL)w9At>SZEv741%!S|8w;05vhfWtbdwH2ceE&l zFXy=fVjo8?IWIkZ=imCl+a?LNKj3e^xbfS}JixeyPiG`F+yx#(312}!;m#{<;>>a} z9V#tjx9O1?7-x0hrwiodke%tNsr~f*zmxCM}S>{sB~*XX?eGMl)|P1BoS56jUS&o`AKW4P-B8Os{**fu<3w5e!A9bqqImq?OLIRS&g{8C za2X$ylN^`_vcp%22gz5-e-HV1VQSFR&$BsncHoFxzgJVmrH5o(Zz2h_?`hdD&)U~y zEh0Zl$*TI@8q!1G#r^v6ZGjLOP{{{s~B6tB< zh14S;4bI_931?M<-;?_KpO<*r`r7F0-6)Ns2O;nV6iEwiEewOD70usbRu+!bL$+?- z;`ny~9&Qz%{I?u>Nl~P$PcMi-)}9Ait8eoP8sPl?{AD|CGB%lxyr<;RZue}W*Qn`H zmDH%vZR6>~-x&CdC9P&MTK|Z^@~Q95&LA?0tI#OGfSbQdh;;l{nEQqd{3`v&KsfBg8(~` zpm9V#txLq^9zidH&@e&n!J+=k3x!u1_c8wG)kQ6uc2!-q&Ds3*BD&KqSe!baWu_*R zQY;?)jPwnKTwU9E1{Rd-LJzQa^i-1>^6JGr@5){|rZ!_N%0*#++fcgyXq&#rmodLq z670*ox4IoApWJkl(A*%yc2$^p(c+?EMun(5x3WhRJ;naWDC&SYO&+G=`?5=+S(;~Q zOkQ0rV+Sh2JS!!KPs~e7w$Z%#eg`?i7QI7$Jrmdc3(jTo!FE4lsKo7Kc&RDjPFK&x zY6BYNhP)mYp%A5yN>O)QjJ*S*-T&qGqS{uX*MIg1gMzt5aQgf2@vPd{A93EZtmAfQ z7$B;lF&J$AcD*d#JcMlw_QnSjbZJ4mKd@zo>JqB6D_n>Aj$_SX7{)ei%6@-r>u>0t z{jnOZ5(3c{3sBADZT_US#%1{{Y@kF%KbXac&%W>1JQilj{wOj0bJy&Q(ufj&#lkfk=%IFg6@|y*~Jm} zR%T^Im@ReGtKUG$$=WU&wiGM-2{+x;m6Qs3wi}2O>>KMM$g>_I!>-HL-tHXO2?(eO zxGuHyHJvq~1rPI2R)8Bfvqmr6JFD*m=c>O+>qXvTz4V)J!`_)FSq8Bv6nm_4A?da0 zhh-FAt0Id2;<~b*t*chnVeW8+8S|FrZY-EaVE*Bt6@*v_$Nbd>{NIls46{>h;%3-) zjQP_@t89uJgAoteBcj3VwPxsJu}f#&T(xpj04>3WPtHQ-sYCkHmz>8b=jUAvj|mxg zRcB*T2ubRs!1ze(;dT{7BSA<>=_iqZtB}hPl#y_*f`dugh+vjQB8LqgE0Ihb`fR^M z9qmF1P={PE1QC0_BdgFuYE8-yF_I3J;G!d@ohK+CH+!=a8B~5e*6>0!#3HsP7iV+z zE<}NuRsO7=U0|du!g__C&Awe+TRCq&ckWIpOpc#mq+K5G`6Z1*f`yWKc zP#l}(csT*?ZGVXEGEXhOp13A*PtU~|OyCQb+rw%9Qo+VxP*4!W?ONK!#RWN*V)mDx z$z+~nbxAshO_)pzb(J0$_eZ1*-3kC1IByuj*Mb^>JQ|I{CF{NZT5p$3_~O>nafE#? zh39W;woiQJ{>_^wV0ZrSH-i5e@#Kj(o77q;0>y#6Cye6?woG?_eayKb)>_!;cYSKl z)d<4;(cu*&M*7j&R##@1uT>uS?1f6o%(w7E5>MW{b1Du|6+0+kzNKbqvqzcOT`i)qs7HN|`0Usiv=AiXG~%9++X zU*_-n2Hk-pW@El>h0$yw_Ju59aXNyf3%WUa6rx+%rv;b~_U){)(G&|YBuZc{>3A&O zq)1FOuoZv)iW(1m`4FdLj2)$WfheVnLbZ+Xn)Fpc23w69f)H{h znK%K@wgONPGybVT^8IdsSLB)YbR_1c_pa0Ht=Vw1-_Jl3%@^CI`K8^gf`gvScnGTl z5eYanYb=wEqS)2iS)t`TZ%^U^L(x5@p}#6H3v81v@;zIxy{ zu!{zN6HC3K2iCA8R>IJG_~~7lpu#Bxys1n?PIF(UM}dPh zUoqRgCt>;y2cMHg+#PXEx1q%|_;9|tHw2TAa6ez6qsYEcLuU3Zbn@&XJiPS*o`!%$ zu|PVVar2|B?0#;NwFe_16mc!h9Dzc#)uz)21;QYHagBWUdld!cSFS~pF!Bt8L&pu3 z)?iJcq{fR%8h0I!NX%*qh?pb)cSSrN>um&$CPmVUIBU6z+4Pd7-P=N{eUV+1!d~Bs z0EA5g+|PFi*uBRNBsmM547=e+*xH2YlxT0QUt3n*1p~rC@~_OVu!yx$*j{-Wm?KPK zJ~b&-uit%-H&jVHr}NelJ^>Fl`k)%xuBP2 zaB*vMt}f%vYNJZ0s&$WRf27kS*HThU9Mn>a+@D8gncjoaekGTmZq2cgU`el&P>SwI zH+nC8`a5ie^E$0=7*~Zs+&cABh7NPJ#94i0#fBHHuhf;Xk&W`3E zb6i4Ekc3#I)nt&@sF(KV-Wr{(vNAh|EM$XKwTyYjR%umE2Mzh?aI}!ntG^@lw1zK%qchhA>;DKjI7pHeSuXsI6d zMlZ)pEOxDlcq^DkEdZU%E9!xfF>XOJ393KNbB$A6&-SoiO<4Z2|4w9yB;j4@qOT`i z4?-u04+2x?CPy2SqexIz&(rVP6kVK^ofrE_@B{n+!&Jcfr+xfkWcxNkqUA~0oXW;4 z6kE-P9_$z1-mnY$*9~>QM~}2j?vqCPSgKWCa-|~m2!rbDx9ck%qs#Q#6npjIQkgBn zq*Db%KFVg%F3_GC#JoVMBLIs%I7K0s%UTp%YTBUBNtzs>}nOj~IZSK>EXIvTP15R+&`M7Z;ZF&66YNl;4BOR*ZF{uof+GV{YBx**0j z(QCg%{SSk}kKD~aaE)ItUQqOha@U%q*yTwNXECIwuf!6M9ON~Sa?$z|KoPK(v3}R@ zvfFL~fKA+1p4az6xFA`cy*zal@SPcWaR(qHF{x6=zdGCjaJvcFPZx#NIFqT?s~S3u zomI8&1G9do0PiW=8aFxipJ{gvwJ+((S}-rndCX<}1}+gKNyO`7E$tg}2{f4Kou186 z&tYTlQ%EfpG^QxztQM!PN36g{@CbYj{^rOQ@v(z9f=|tiNh|e*5#v{A`|{xBRP0Fo z0_H*;?Xy2a`t~j5m=pdZV#bJ>%*TzPBD6eBK@nF zDP9QGm@xgCvv0Cx$t2X|gZrE62Vq>dMVw(6a2Kf?vv)m|^&JC~F4HpE@>%!IWO69l z#P4+|RFJ2)KRo3x7pKX3xPdE>ud4?SM7gv!9Oq=zLPDcNinz3=nl@LN^XUFnWp>7X z@V#ER`LM}&N`P{nnKU8G{ZZ^jI`F!JpW)PP&<(?SXxCQ#jXgXLE&2(9c}uh&ak>*Q5jetPGqjh6A{8Q5eDcE&Zw49?7w7CC{~oQt3PvuQ2d zgtFSLzhZS5tjqd5WP?oR=S52&n8G}!WsK+tBPX+AgP#MMf?^PwefZQYk5=gcepRvW zM;%opG@B|CTv9HL){5lon%p@Qq8*5NpP6M%|1c_ZisAOUpG#}q1l+|tZ4b^CsMO?J zG&xxH2%MZuKuL!YI6M{BISnOHDEePcb9V`9e)BSM{G?4_RmwzNHjfzyc55)Y%BrD3xV@iod?k&`s_3sz*!jZ54 ztsLC|P^nS+-=G>tfP9(uxEVeX?fHkY8uZmDH?K#sH^55=V2k^I1{cF;@MvXQ@-kBY zk2@ckACUNHk=`Fki07mtnte)uYJ0!|Wjs%-8riO(pAK2cO&{*q)J9RZy#3X3nO78Dc{Cx%?l|h(Cww`Sd5%?rHL$)o22X==fIUx9Lt#pNPXsf&IaX@djMXFZN?h5Me=iXxI1KzoO zC%pF`5NQim$g2blnRoOaKT>`tmlAERb1 z@|>=kC#9FXc8@oED~IaEG9A5TZ0ES`@pmT}D_i#vueQ~`bz!1hiv6S@jkhFzaGOadK_O>gs=_%Zf|kuLeagR-vI!i*@^Z>O?_ z4>w#C4vtth*={Ux*}e8w&?M7?at>EG=|&1cC^!iFgIDvkk6#Rs9C8>xaTaw}HE#G! ze?hCP%;4vz#?U$T@LBimdnuyMNKv(g9{ zczCSripuE*PY04`__3JsIG$%}d5vs;_)J^981?AgpEiY2-o0sLr#0n^%Ya5X$z(#_ zaF{O|AH1C>?o$6~WZ%N)(y&}ogwHZ}oaldewe#_~Bs~}O^^r4K>Bo`aqA2a5bZ#eA zr$=SOtsb7Vq=(bte#SyRaAB+IXTLZrpr!oW=LH8>D8Y4M@*bnTmdS;od+QQUZ4?X2 zWMdu1qp)}@J=DDIf+xw@GP-CH!XsxmEZFXuM3U^XZfLfYuQ``_(A6eK=O{BPAbR${ z3WZ}tvg5s^pSiZda{Q_!d9@#jsNhAz)hDM|7e4`FP%;G;)-~kM%E+uv*EP)xxbVl7#?2o0?zA8Hhw^M zXGu`9iQA*ond)-%d9}^85C({*ndY@_jKNDo8SHzV!pV8 zWlHLjjqYXkY)%OcLY^=Hc@HZ&Y~d4Nr$Cv|W7<~M{sh+z4NxRP#u$_X$(UIlHESB6 zLqPw`yvIWw$*gxIo%6M5cnA;+)1OfM^k=JHklAH!p`m;^awAF0HWZsCSGNRE=X5^) zc64CscMD9Iq~L%cWd0|HwE*qFw}sz=RfeMstgbB!EB@BDI%- zj*iGZQ6W9o_drxip)d(ct_RJR<@^20DYogygTC{^6xj0RBFXLUvDz!5PO@#u2qN6s zCZp{Xmwr}y@M~x2C3MRC-Cpu@)0uA=8piL;O6A{^*&XqUc_B8x?ov^^MK6xCIB6s4 zD6~%$d+E~LZ+V}g?>U1e{e9^bPIDr&B20?I76jbxT&Jd^v!RSY#jfL~-5)1gwyb0) znvCC{ty|7auV{k|x0&C_ga?EoZ~Vj{66BfrsGSApcOFel?sI>5%0iAO8k$H;@!faY za`(Nz0Z8xgK{vjOFd{gS!3ao5wzxbyVDMmr~QEb*+&#Pp#=A#_P$`40-fDYJfi zpsAU$gPjh4-vz$vOL{)sBR-S;+*aE{in+0J0sbl)RkwJYIrT&-pT2^34VRZG_l|?# zd864g8T0IWWUwLpRF8Y{cJe4G0dGa6Z858D*p&eIsrvN#p@+lsDo{ebx{FG*b$j}h z80J^pw_%HuId3D_?`ecRp*vLcCP+$CO;N)+756!Em9pQ^uhl^J| zf)2cQ_d6sWp}wH9!J_Gwu;SGNs)R}RrS1_r&8tafWMej&NVKyJHo3t^@G|*Qqcv<6 z|AeYLj%_r_%I+pt`zls0WsX|#nyQxm^mULk*tb1LZkO=xH-0PPdrD9ZHAGA-Om09a z_&83jlr+vJvNVrIyE2)E51oHPkEKpBids*++?x2EP*M)ZPxZ3*?V3|$D_W7|CLB9A$lKrnLW#)`k9Z3Rzx|u$KkJ8?ivXN@6>T+ zdo5|5rSi$;!wJ%UZa8BY=m3BQCpI@X&+~mG6KLIx;@wDEAjq@!81q;$G6f&6FaWUT zWF1^JVZ_wo^}MPo=8qDhCEKe{SB<8;T;$DDqDy__;#`LhsKku)S3s5|Nj|R)E76-} zzq`LFVIB&T78i32u62nq1+dt!BrLTOpvdVN4(kr)V;BOyp66+ALmJe1N(LS;)p%ll zH&63hL)6g!RBKA;S7BCRI3BsaRpL!fPL=|JS~`(0$AG-1RDiVURv9_QY_DABcYVtX zhJCJetvq^y!xeDK0Mffmmw`|!+MnWk(Q~;Ii;J|lxVSDZLdlqzvkr@=_EKEq*xs%I)PdqxSd`*Fa74!+vscAxCNsnL8%`rXJ?vP>=l7A zm=uNCmWz8WDiTwFEZHgyosoo7r_7Rm_x4A}{cVDKkY7612=UC~agrpl;~r%z{b0Mh zX8YJv0tVC9_HPfN?MNq-%D$)TcMr=3=UsK()xq zR>x-Y4?Nh4b%u!QA!|XOXLWB!UK6u5t-TlerVsw}lFuP`R*x_IVwd=Pwf*gI586~4 z#`Whr`=G2<4tpI)B^&)}T_p>Q&p!Ma=r1UYhJ{6^D>J)&qD2alI8NDhLo7%Dr@DZP5~R+)IS4?M~v&%SkW zVoWX7;As)g9_PHk@-lfN3(vj6Co_~$-jNqX#$w&$cSY(Gfv?xSrrkMINRt-sMVUXY zMuEwd)L0gO8EH3|7NmA@SyE=@s?)$;8Miq8W#AmAIDG>Vmm_Lw4<2ycTRmRZw0G(F zq&jGpy(a!!>%X~__Pa+htm0bfTEQ6S9hqr#tm}0L!kqc4&y8=c;M& zK{RTX;O&9ga0=GFV_k8vBy&3;^BbM^<8pYsyF9C}^paV*U%CF4+Y(`uP4&<99dIN7 zt++6cSxgi}MB!fmxK(^`aBxGuGZqVW7!nkObpEugV=$ONv+eXcFlswh)|sl|*G^U! zreKp{QUtAYprF0L{qF&ztqG`?995c0c- zu%<-6k=e&c8ZqrXNJP`EaL*YxF0%I%fBc_XGr5Si3a3{X%a=zNq`Hg5)MOdzX_RWB zVtmU4ukpQ}CyfkcU6j6V58{nw8uvYW6L;`leMG4` zcmb_p1Y`E<+%6^3@;C(=VJ_-=>{#BmW$EduDkOtQ4qqMr)yyBV2P-$JJ=x|zSY3Wu z06`YG>{jfr7gIz&A$A}0GS)-tsUOupyQN@F3u|9NgIuTw(t#q8^5->bM5BU|@@8|Z z+g@GD4F*vclAK31OcnPFb@Lyc8hdH$jQRe4mFb)Dvq#em%nGlybx$?`E$vQV%4_ zi|S}L;u{c04V7vUDYV`XT#aQf81zLu_u)_7tBj|9`>?x$QDEoOt}Wnk&Exjv<*Yqf zASL~%2I1?E?|Qk67MwxdFO2{xK~sB_&t@vUXROZv0p4rfPzNB{We`_Q z8;cqylF99~jsGJLclS$?Cy+QrWox@luH6oVL>P~xv73?z3%6nd5k19Nl7?FJzqn3J zsP+p9Lo1>IB6Z_hB7XQghB!IT4Qz+-t_dERZsNCkWluo32pffUD@)t$cDl)2g$}#| z6%ip&<@Q02j@~qUM~V9vb0d=433w4q4(F@mQZ~3_UwPl0|B09DWAJ{u-Pr=l;^;QP zXf1-wuITu`86C!@NPk$t-`158e8*q<3m&-NAmG9;yB+cQ4XKv+RvmCMB@}8dTMdc0 z&KAU`^ew<%RD>Rvr0n(3{2He49PMzPz;`q5^=8YG?uVc2S=^4n+2#`bSa&Z;-*t&M zb||f#;ka@%ZQ7AyuZDF0S9La*vH$P_<3Kh;(Yo()`>KmP4HVtjSV#`3iB=?=y<0I_ zii2&0^%@!Z*E`UvKVabYJyoI-U|}|V;o5!|ZE(9Dq>3Ah6v;dcLl{!}zEnJ|gPaS| zS`pM~FJ|;JN2d6ehb#96^87{LS}Y;-fHz&P&?lZf|H2-W(gT6bT>K%OJa|b{5Dcht zR}OXv$w{<7#D04u0+EXfu36vVfy8x6N4*5fd99@Vv@87AjEjp|M#qZgZ<5D&=8$1b zE<75m*lq@T$@`$kHD1}iS11?lSHAJ4i*5WpF1u#A=ete&;&=VYn=gk$DU6oT`&`mc ztFzTN^NNBF)(MwXQ)eXFy!I~)Z%;yvwzzTI4T&)Ax)oTLC5Q;MN$gbo3=MrB%kjoS zw6rsJ!0p4+#{|ryazN*sKE2 zcgB41J%*f$kb^CH!tUC!k2}gA3j6bKKNmIUz8NBSlSf+5Q4%yE3=AM1773$?R@wF2 zO>}E(NpW%4MmIeh=)c-7Wg41_=ASf*rO?b~2kV|?LXrxU`c?S%K1>Sy7~ADFvd8*; zjULZJE6c}mtgN9}r(Cc-62A@y;!x%kX&vYsYVG>ntp#WHz9MY1HkxJWwg!GO$2JtS zZdtyQh}F(Y$wPk{Il)Q0KUuVdd;1wTzQC`~J8mwUu?T1}rQX?pD+4$@Mvz%9YQtw& z^6$X09=YDUOPF(m9PH(045T@k5g|~^WkG)s+N*m46K<1P`mejZ2EzB1D>hqzs#XgI zK>Q)fzg>vG)%ji8A`7>WzzceYnj^phBpx$p8G#I>l%h!;Wc2Wxnra9{eQm{DhhiDD z7I*VE$9htQx*(Z}fq{J{_B~9k<4#4JhkI$%Oz>XgufLIpOTdumZ{n8?`$7x2a(Z^Q zZ~Of0Oxp7BZ>traGo{CuauW!RvAG4}Y~mnc=l>`vnTt@?yjpnI{8Q-v1|PctF_8Jd z-!IFD-$gYwlb)jzP?Gb%y2VZw77eoU3xGKA$sR;X4>y4_Sq4*T>@lwHVEpuazN_kH zSx!0qg_!H!>ktE=DrwZ%ti8D2d)A^npj(QT10zz}p6b>->JuQwqFm4@To|eDlA<61 zamfgK8nOHDWB1h8I+2he{c6N9#uRcFNQOV<9xXt_xQv zjUhq%hcBoWKwDP;VqXWnEOsM?J{~4vPU{rPda1Pp=BR@w9%98$OqTboy|hLN^*;GD z*?JGRp>MDdVkT3C`&*kef#jU$xW&HPb#&a#CyY8$oAWIDK&zOOp5|@SD{Xk>I(ku1 zkIs5nGoRL5?|NvW$lmQ`*s0)s0SiHp9aft57tMO(=C8lXF)B4qq>9TUo6Q>k)g~)K ze7=4MbML=N!^fUhImS~PNqQ(Ux9vWG_R#i4;>bpY7AM(=)t&MmN##ml9grtDx9}MX zhW`{cZE0(HICHx@wAc3d=Fx&)+)1wcUH_DDpCk3qb>jg7SWFH3hX@~|x*H6}US{a& z+qx}YesUO|5T~GvFdC@aP@l6K%X(Fp5&$Wz>bN_N63 z`Yiq#uSGy6m1AW_xEPsSEYBtdf(9idlBU?9; zX}nJ_%j_}P8*VxHAiLxSURZG6;JN0@dXvW%%>zqb9%ZaOZ*XR69FkwOC~KU8ZNW@J zLD2K!0y8yy@F(|txLjoWITmC*2G0kY>cS?$mBcgxWRincCRJ1r7ZCu zZM6YrB`U<7Sza3o3)SpTU8>-(De>`iYChZN7B)|Xde4eezpv0&2c`;!JVrYt9wY;W zEkLHe%9iHNt}?_*tU~V4Hrprbxk8f&pD-dd`{rQ=E~<*yD&5kX;MEXBst@~x<}i0m zEXGP7SylGd4=q|8#S#h~t(HTIUwecJ_6V8IQAcC2!xQnWK6~KJ&q`w!_2xX9xw~g^oP1%WReVYW+1PPZo93im zFeKu@m2?c4QW9iu;Um>uNX}=4`Ahp%y zn&lu-fsSv{jBK?Qo*8XHs}DKcGV|E#8Y5Z# z!i?;2&^+kQT|}WBQZH`Kv&n7p+j+u`NHO?J9^2Qjb$A=XrM$P4E-Q-eR@m3U(;X7G zUZ3HK*89wq3^&_Po~J=fsWBCWkA9S&QjjjxrAcDvEKo0u?@Pw(`j=*kF&Ja)e`K(8 z==Fx2!nYVNnKZw-*Qk_@;xg+)8;i9_b6@Zp^+2mYoov06W!LwxW5368 zR`Onb)$=;3j~X}_S$Fl%MQ1k5cVk zs?#vViI~=X=_uqfaM#C~$D(L9`58kASv1f1s^}Lv{Kl6+?zxL?xURLVr1Bajh>|Ad zNL;*%evhF&A0JUkLR%NHxHZZTioht)I_(1B_r11!)DOE;`QfE_NNA#sZ>4ersot~U z@1Rs%W0>8FdQlEw_c+W2Yik|z=Xn*+KstDZ9edXkPgAMs20UJVyXcja#5zaF{Vjz? zUkHu*B3LS&`{PFi$l*uomYuK1-2Xie@n5YWe{nT=Z?Ds1^{IDMWW-1c3b}SEm zt{jAxk*P8fEW2F4@Q)URZ;`4DzLNa15 zHmc$Z!IYo)^`dm1bO_(bSS&UgA& z-w&;I>Fxuz#K*b1^$P4HS{;k(6-$(*)v=(o$o?%RhFA15mxswEE>XE;T!4WXxM_>$3yF8dK9Wj(r0Y3Sfj6I+XlhMJc&Dp?V;!dSYxehr$Xp8WN8TFz>r(x|jE^EDmzO5`le8+IQa4ayLW4xFSu_l_^LK!| z;(o(T>-UJLlyCGPawAO49C-&!BGETpP3rLpnAC=kv7as(r@WOMMPp38QFv%8+^=mG zATFTE+E+AE{c;)f`IKK%FN4t!lb5%6rQa9i5q_ZeJg-mQdbsvsHn4c0-_IjVy+Agi zRf+x6`aOKoChPK!+>Zmqe^vAXYcIixFKx7kS6Ye7>OC>;3t{6B!jOB?fHe6;2jvTo znn>R&dS;nHc%?{rEcEb}fOM+00fmVT5*jrJ3Md9fsaCGqGC@CL!S9>HRN{RzkFz>~ zo{03iEWOP4U|E3~7zK=e<&^b3=%M4U_-%Feced4r7q2v+{P zwb(g9iK%L`0gPS9r>2XKPG^u2&qF4D!4ppkkhbZfMe&n=KeZF!P}5z|rUJJ$d~L7@ zGZ`* zy;BRl$KGw8NFdi~#`y{!pga7ANhfgqXVbr?ROtOSu3a1X>v!1+b+ofTWO*hspY*MN zNlBS>=h5sP`h$Si0KaNau+5-y{fnDbLN)2H;OLfg{$Oo>4Z7+dUY5m3agcT zs#X;XEod+Bu(f$zLb>_wRlS9!(=s~E&&Nn63->+Gc*XbE1+x<2e_>9Sv9zeT@g!7? z|D5jsb<*R1L!4FN_^o7x;evmrLY)Xw?|ZpSX%Dbv{P8CF?3PzQA%AXj0T4m(X^O6* z20}56^RKnA{?&N_E9#9fd@3*PM;?aep3uR5EW)dt2-XIGXNY+lL-h79&#-Fq6s0Fr zC+Taq2G)IK7)fy2PeU0{BH#IqAaR#jcT+;L9+?zVi?E}kBlc_v7Ng-ZFdCwXM7t!O zrDk+}OvIb{?oc?)YY-a|!oxMtMEFnsdpLS(U$4li!vLP6{fNOv_-|hI(i<65xsF zCG_!PUzC2kpPW{w*1ZH-M}01mU@7t%;Y5##HUGA+9`OGIzV;)R$Z6-s@wf_K-{d|q z8%zCUHbzU}|2gU~=8;x9&}oByK(L0_@Zg`_{Vzr>8s!42Fu@{aHHQHV!S3K@-7`Ry zqAiaoI4zTufT-vSMeliGUN@c~d7?$AlABJGT1;!PMf&;6j1_2gj_)kwn_=)8(YEzA@BjHk$ z#FUTF<&CpxzYKRv8`SvjXM?uy;;R0hg8j~ySBff9H-6Af`^q`<%G`2SD7edTiN#NH ze-L2BhcKA(`lv<~*p5bGvoE5>zIRvF&&9d>_F+7Ofsk-j;m0Q9luK5j#FQZCHzPQk=N8^6PhDlKSWNre-etDTKShYn&S68s;X zhySzh2pwbE6X6n9lMnx4A!Xu`c9uW16tHY45dLV?Jo~E#EIy!mmj(zCy}S_JEuOb? zXB$`;7_eziE*gE#o7f{(5X87R3pY|+qgDPSKFAUu)$hJW%5$WrTdjKr`Eu! zc92|jV&A%exFHFlF*R|k%c6`SD!BhNi8J%_0o<=9yYnToP=7YVrT9(*JyJz9MA( z$5{XC>hOO+GUMrp5u;x_cCJ$*N=gJ3>nU0X_zIlE-w_kb=Q0)@+-7mpU2Ur`sILCy zL?6#z?`K`E=;!vE*m2XNJAUn*omF-7SfHbcCZD7?+xe5HZKsxlzF!dkv|u}xS<`qI zz%rJ?{`JAz2i)9ca~I-!NAaG8Yy}^u`1M8|)Qy$y_yb6GSS`4B%O7VnScFzU`A6<5 zc1(dprnQ|0LyJFQeo?XV$CuldkG+4*)Xfy=(byE!gl~<5V@N3$r49Ea$}}Mi#-b4t zoS8EP7KI=IJsn(fMS1|xqde80`Uv!PzwM9WTZQ~TkaFf1C~N0zS>()rLinV9D^;r+ zS>2n-I(~$cda;A_uWsi*=d5I2@O=sj9XnuNx`uEJAld}z5OdQN2)>;?9QzBi9{Wli z&~9>=S7akHJ#WymVy|9zRcXHZsl42iH307NyreX_qkN+~D51^T(mE!_8*BYQc>M3x zY6_plvTiuFQ7A3_{nj#PlH@0xFsuJ~c1DM<<+R_<37Fk+!c`Wy_R)PkGtt%$BGNk{ zNmW`S`o(AW1E5n#dgW>Me%A$Q(8ow>1%Vc83a>I>uz@!OC%k#?~% zWnf)yP2j=X>0;XJ1zKbIxx~`)wB)BZ)R5=)DO|V_KH%A@1o|=eXErA`B1iy4WJU|v!i8^ylNFYb(vZ= ztBM{QD5#V+Dp*5uC3}78R=jJcuneGy9xg+Hl1e<~!8}PSg}A&LuNr$^Gc`#&o}bB- zODYu%h+IFbXa;o6tF|qWMtC(8_>7K>0I=iGCmFI_L%|SCr?!`@-JG%joU)%sd!H$O zf(N78Pz0jc>sL;zD(b#FaF<5ASz9QT8um&`SvqBNWR8_2+>rESH(=X837<-7eus#%e3&p;yx^45uW8 zWl7{m?rUo5e?%6(h)9@zK)R|JEgfBOYbiwrRab7~W>78lz~C9Xv&x}O6+$aNAf$)t z|L^zlAG=+i+>7S7#vw5o&1}P#AQM6{5RtO@f%AzWpW*uzkXW3s^hN6aATMAE zuI=bMOxVINNpTSJy@ouHzXrU)H5F>qzm#Nr|Liqds^(p9EvXy#kU>V;X4bajse3@y z;eO%C&nvBAaV3gN+&q0+^@|H%)?qAh^Yv(gQrHSZEoxMqt&2S9}8s4*X^8 zwOo|Oo(7odxe%Axp_prDV)X!6nWtGxh8IHl&KOt9#HIe#=^L~D0dA+yhv(AV+r0F4 z^#Tl~=_E0cHdYa?HBBw#AR(uM|9x0v3hP554vq^Z$&w(@WmTX6I=9Xwv2adEeE^*L z8&H~h9A!tldvyj+sXG2XxM;6n#r1}`^BCTn`lO{x^dAk?fBtJsUO3NoyNK|+5eA(& zEZp48=J%=Iq1!zC#C>*A(>^5k-{x6UUyUoUq*lrjIk9z<+mQZ#^jdcg`fS`(Ka_H= z-`IKE?U;eF6$K^A>xyoeRb7Bwm8YmWmQ{awdOQhmoaJT2gplwkd1#gL-5>WO+90Ku z6po<~=H@W-wT{S-BEN|eJT<2I^hQ^0UQ|5>2a%7TSaG8wMshz2rE9~AA$q{TuG||> zSecnih87yno=t(af-niQnmv0nFncl#i_k{v&mab&p$uhAr03sDMc3U%4ZteU?iTS< zlUl|h9}G#&Rg(L3G7qSjehO{>Vd6B}-i2hwm3Q~IW1!I&iXW=9<-+C8EL2N*@{??y z;Dg}H{@d~OUpos9*$clFz{wf|&n7cMBOG(pc0D39GT=1(zhBV*IrCyZAfDVlbpqmL z+23!e(SOuZ^n}Hb(uAA4#p!Q+Mv??ntY6@zlVD!yLc0ZPg0rE*Jm$L70R!Z+qR&r` z%k07j^-`L7I!le;z+mvORdM+Ol~3CN2CK&td~s13>thsAMLe+u$@F7Yj|%yB9`U4R#$4z-N;9&nS`tnW zX(Gc>WpS-xbe2_Xg0WhPS104x82x0-6x(G++s58rock)==C1mm_e?KSH~*wG$`X^7 z8e6O{(57XSHpk5YpO&N2pF~I*q1@|w5Mt>X)`^W1^ zpYJ&raut~qZ`9<_&+d4LsEO(hiFazHO~h>4R435s?k_IWhm~aW|vIbs2|5$xrxipsbI)Hv-#cq13T4twM+#6!|YsJA15Vx)%8SbCL0V1X`|Mo z<3%!mZrALrJS7LaW*Sb8xz80vnz_5w(RX)w{mso$+2cxjzF=-Eh3QiTg7s~W?xr

    C08MB2*Cdx9~EIKz`bjT)?abbRhefN<>yiw#c_&9=_nQ1Og(I! zIXtLARdpp7sa25GRWh+C5t&49{2$cAe{PNcu*m`m0tQjxHs?egw(NunICxq%81?Ko{6CWS|Ah|z^97$Lq((UbG=)Kw9A?Wcu zTBuCLz~L1} z%NS-HYz6h@3YCmiEWVet1Li}hjv}enCPHC&Xv_lD&}X`?GF7m|a3RphdVSZaWc%l} zX19ATo8}g%()-~)>dPN4@V!>F+z;^U@^@BwWy7K(J;_dl1p@*@9TZ^kDg>1{lu}sFL`kUsg zlf71Qc4-i4WEnybbXT*Ga41O4y)NFl#1Twu>s$M)({u?ff+u^TSCH zEgBEwpTkc7X*>T|d5`~EW0#2}6kJGE-Wx>7Sgc^2?We}yNZfb!t0b8?j0E5y7LB~7 zPaUENv;SRhd#oRX%D_DYWesi97DcoZg)p#tF|f+bB3=_sIWyI@GbQUO#Id;4Ip|;X zO0vCodqbH~GuU5m8FV+~?MLYlCteZ#HfEiG>61ikDCZDYC)MLyH7eQaX4DdID#sd4 zxhvrYfmX~CxS@Yb2>-j+jf{VF$(_K#`>8GkndwnF;MzK~L1!#FJd3D1Nc?@MLQv2v zkG}ZH@83(z@gx!6Uz@p(H+aUiyG;_}F1M+;X3o@x zCnBYxVb+FHlAlNrgF^P%gWrpJ8X(?ishM1uShY;+P?S#QQetHCvG3*P<`&%e7M~PH z7nP?xbbD@NYH1eL<&Q8J(I_aF$BC4bkE`~tQ#1d0Apd=Z{s7Wkv`2C;)Q&YG4C=5L zbCMS!Wh(#82Be=a089vaTVFykfDJXW^QZQ8_Hjg8JWcgiY@~ni! zqgVPSN6aj=+bG>yRp!r1j6ZDHzdw374y2!m3Tj!DUiGy{OJtWC1Bk*J-3Oov-}nMU zCJqc}qP+p@Yjkj(BLs|;cU1XdhUu|hT&WZK^Z~^?)_lSQc`11Lk0&|LfC5W1gl2!VXG>}&H z!ceOvVdvOnB7ht7f!Udgnm5Ge>S7MxaC1(^mZ9~Ufs`GT4tBzMb#Io)$zNv?NKeaI z$KUgx7=0>^ic&wS8XO40S*_105XWmi9b+^*aVtn<7e9xC-P(&Fmaj7NXP(9ne1s&V zLGE?FFJ2(bd4oTyRW7#b@i^l<_SpN$%mApM7~OZwDU0&MuWMO}yO$d*g6`5}vOjL^ z{0L$vt^t%H{6{SaD#T zi~y6#9dJcNTE13cU*#-RD3fhIn|vp-l_0h@piqQ@PPO5Nq}oediKC;P+Rwb;|2N9a zmvo2#2AXe09|sj`(0|~)1;L8K2Z9Y$zwfUEc@bZC8(?4AFjFhLg7y zg7P0QLBb01w7l+QhS7ts$%U8XCPp6zH#@!|fIlG%+i}P`>~4we-&P`PfXkXV*KKQR zYDt#aRzpb#AEr@5)E*U2P-K97k~A@{5k~|lS1?WS&QF-5 zdmL9!*|JAOL<3P{4!$ zJSDayPKRNR z;3O2rj)IyhazG)EbUaGyFaOy8z+e9PosmDjmz;bAa}DdtVSE&qF<2x#Km2}W(h-gD zGWFqKly4R=CdW|y_=|%&7e=qkY4o=+aV^k`n;p<7Yr(m=n{B)DGoR%lj%kNzbCmq6 z(C}C51rqJEo{%=r^5#lnop(qe>Rej2(PaQg6DAKq_4pRu*Z7Gf77<9SVD;gX?wf^! zx(5BKe#Xp<4JDPelJJzV9hh2;=(t@|UbJ6Ce7401O*XO3p6$N)e|x7tMvHb;;xC6% z5Doa>O9VbjB191P;!5(&mWno(&c&3%VVfOdC1-6QaZ+DjV&=8rwLlwbo7ypa?u#4f z9#Gi&`Q%PqTd1Pr#y{I~)<~`G;H@|oPYMEoBBPQ%(MU;E>K__in3!4MR^0s*iprHl zEB`|DKRxw-2PFSuUCaUkIFX(PQntkh-M%TPkL(bSxSIl(CWnD~BMM2h#+E1mwnY}P z0SdnSmBhrjtEy7KC;jn8U8Kdnu!4pUdU6mX;#i_0(KdC8+JWFMNS{ z9o1vy9VNp_?5Ax0H#Npd!jB+{IPnUf#K^xTBl&ZLDa=J5{bp~Qho--@HBXLgjX|b7 zpr*0jklpn`;V%5jxPRBf)BzJkHWa*IyRjdsY*FDr|Mxe;9bz1t5I+7P4$JDZsvbJk>iruK)j@7X zNN`nVidn}v2hH_qdBDf|N=8x%^6kOF@sRFWIngBdgP6Ebx~RLL*zDDAD3E?}L$=*- z0#RMZe;J?se_M!`0U>>QRA$#}WLt#l8@hJoccjUOx4JIm&(7uy+0Tl@^6@}PKg1f`N(>)Hdh__Y2~nPx)WYYX_Q{)A711}CJ^Ib8R?q0821m3qDMzVnbp;9)1 zVo@g8he#;UC@O&Tl-I3lyFI_Q@M(lh9l<(tDW(KFk|lL)j+mRfg-ZHTJPa0QVUlU{WP=W?^6v`y(jIHL=27P;!xei}-~9yEnUCH#DO+sJ}pYhIhii~&Tk zGNib_jVru^5wcTMMDU@#sq%F~rkq$l7)dL5(LGdb^M1O+p2*+{`{Zvj5r7)eh0IX9 z921j43r>hURF23@t!l~><>2N)qqxS5AY!F7enMQLzpvE)iLbp|mc*h=j%WT6vZ+&{RCL9F_mIRO zVGU7=n#P-VO8ygr6;`q_N+ z5QByYwVLv04B+!ISs+rV$VNwp!>QeWvNRT~63ZN!$2~92k~M`o_vFwmLOA-hruH=V zRw;F^?i|Lj%7iKI7!Onif-3VnX`B~6R$k?cD$h9#v>K(MHZbKdBkF^zovK^dK0k0T zw)T*3R=dlEp5QlHe6h6J=L~h=4wKnc)JmoS@bah&y)d1d-oIGmV<|R)&8o z3Sr_w)P7X6LO@}fdA(2RPd!&L>}0*uRrNKLWAX(Rekq%H0-#*4(vV>eK=0CSK-7iI za?6F9gW-~L$Kkh)uEF0amidu)XFOg z%>HZOQ=Yo;$G9lUiN(4i*vcumGyO7TK>_B1JZ4uky8ukMjXn!1UuqTWEmSnx#w)k4 ztAl^bwb2Jd244^g1&UZ@gCGUiYi*m{@@<~g3DkwKDC*SDj0=Gf%rH}y?)fB=oj*oM z)ET6511nL?-jAc6X|9B9$p1Zm)5U#7q~8EU{x!ifs`BECsPJ&!+~r*9KXyXs6_IeW z2x7I7Cmj*7lU{RN2fL_1FO4c9+H zU)lUnwXx`pe)kfNeS!i=F$p7E-QF}HqYLaGdCHN8>y!7-T8%+>faTn%w7vOYbhSfl zGf&WwZP7j^@U$ds$ZspuA!@*)z=XG(AbHWtc&!s4S;;dC5c@}MSOF=>ZiVf0ruh#!6CND1op@pyz@0`I^H3Wf*(w4m zla&IV-@1KWaEwF6jSh{X0^#}l&hrEEo9aY`!AQJ*6gjwk`Hn^3#aU*s$T%c$r>09r zR=MdZUN$EHWnTF-<`^E&*~QTxnbM&kh7b~*a9{u(L9~p_o#?8VubQ9Pes_@SG#bpM zmLni+S=SF&gL{7OB`w#IMXf}*p*D4~l|9hVNS@!7*)-%E$fNx>q$qbA>t<&BI!|UO zN+IuSN-E+~$D$w}vB>aD`1F06wXzWO*W@M%sFm!|pq>U?vdfF&Gg>tUQqS&$GvB`o zy#KjgAf8@PAqU)VM`ykRNT~}73t_1?`SHC7`nta(P=K@a(pSsyCw2XnbSo@#-C_q{ zjA^@QH{P{fT+WaW@bhWYeTb4DadI@dLanc(L6FFTyzw7-N;Qn`Vj&ABw%eT$S#e(%j43$R1QKz~i zo*g+k{kY{rOGJ!bh1{*djYxAZzRJ>?C12;&h4CWivg*TziZKF6dvwJhDzJ#tp2Za& zibrEDWspG6#KX*b!vEhU4nYodbzR-ii!9GfVS6n(yZdDpe$4Xn@=pQ0j}TcW`6iH3 zvCde_^NQSGMuyUuBoHBj^Ahmpfl zz0L^m8~U_7Zc|ysJY6-2mcepvU-W8_9B+is#^5D*aYH=UwP>xfoBVJU!8ByY2C}yV zWIV@x{tQmRSjC-wAWX^2r4ueG=^V|>(JrpPjv&$=bV86LzJ_c*v7O;(Q4tg@5>a!h zmbLfeKSuuCsL=zqGU~n<^rj}(rK}p>cz*Y1Rz%{b;TceFZRW(H));Atm0*s{FTYYaqM;P&uh-+C;T)KKkOn(>ddUtg+&89` zodoWV4A04qek7B;G<)EjAyn!KZuC!1-w+OfU(a>&_VeiFsmL4ngv~5;;l~l?#6ry_ z6ehf=;?K06F)>>`*J>rP>@oeR?C4NYSFem({-%fWU>SOXc=S!4usJF;%js-wJoy0@ zhayGD>x9370kre~9M2HkICIKwY+RIEY{Ntr=z&2YgRChlDTz5cGEZQ))|0(c<+L*0 zQc43uLyUs0Xu2v=usg!DJbc6Y7O%wSuH=CU4VBps!~zFdN#3QVKbP0bp(irGdX?81 z6bT>`k%Sfcx_$M02gUNd`XM%p8xlNUJl=+VVz!9rTn3IFM?^3)5-{yd7$WdeBuUTp z_nOlW0|#D_mb&`V$fG7`C({^9jYZiS?F@9pe!H6sWnEa>Qkc*!OIA)HH`<)EO@c>*zsrKY+%o@+8JH#e8hx-QYGM6F5$Ahaz`%QNl=G`fhZj7DIm!)nNH z4R|=0azun#m|yCfDW(y@fg#H`x|bGTQq2UK(reXtV*Ow#S{Jeo!degK?^J z?$*{8$-;XO?w^NSXtH0+v+taXY8QlFgDiC$s8iHYmkD6PbiehlO^}%$3$ez>Xp4=3qdR$(bhdP0F zGN^&r2H2Y zOfc1JA(`I8kKcZ1B?=a+<`Z@QK>G$#(L!Bg__P*)${-#9Y0GlSC?HTaS3Zh%hns2S zKY4P@a^i>0vV1W`#o;Sfq4eWNj+R(>H9=+p$i)K|WKY|BWnwz}OcVp+kjq<>y<5*FA_h^Bh`27mPKRXpKiQ3+2gGI>BB?{P9UL-&Mt1Vv1 z;m`#jg8jdTC>S2Xiq{T|daQ)cB)>1FyO-eHJa)8!uur|s$ zNKmlRp@@AT3)Y%s&nNg52Z?_^GLi7~O@37796HP5aW%vvfmU`_roa~>FFCSTyuxX% z1p<3U&Ama(35@odvBT8%;u$>thq_uxelByYH3#weJNdc4O+>?rl`1kd&_b=g49~c= zzyhP{A zou(7&1&KgU!Fz82c=GukC#jVMBJGtwk&l280*5EIiz8#he`8%&y}=~rsJ8WW@e@P# zCS#`)FxWDOx~XcfxbCZ<91jkJ6#HTa{S&WP^z@_Sy^Cc1uCw6+qmCet3TnN9tB>eY zO_o+@wY@|r>^ti)^h^P0OeRK`;Gam+MOHFb`#fHA+}fMtxrBY+ydGZ<%ocrAQTBA5 zlEL2EPx=@P!?4+Ms4Q+Kc{O z_dbxVt8T?1=^rZ5Zg)2SP(wTmfF+h1qGYC~qnk4`)*2DBP!sv{CONCuoLS;_E>vv- zUCpAQLu<>oFj!2){<1P{>K-g{{dBwPkx#r2jv>v>7x4`$s0EKz2i{JHD6U)el)~r7 zH>0uEa=lt@ZAz_HV@6D)d1HxGadc@&rtGo*)^*6Hf6b07oyaT>h`#d{7v-0h;@J`j zzdBZalnJ~0t@Adh5V!wmfc~9f?`t_;8N67{F|*zf!ake?`Lyu)U5PiM3(twgR z(X5ofbI(R~Jj{~vqwx>-T4C_h)4Vx-=vUQo1j00HT60-EcY=>JnX^zf?%vk`A*K=! z87%~cIE47;bSZr{VmI4VDs+tKhVA5pI~&cIrDhSGm9>JC0PW4lJvl)kp!JuIMC-qK zne?lwuSscoFZN^3H#Ev1aFlC~bdTRHt8fzsK5PDAW(w7LmBBYLSKkCbcH~UMdXmmS z^s0rx$iB zY0x$*TIzNGf^ix**_sI=775g!z^YyhB0nQ)M7NA(rXiI>%D8Fc6)8q=c^2m8O$QG( zTFw`m*alMYb@V!ayv6e8@*>_m)t)y#p&kt)kB_$TB=&JJaM8<$< zU3qZIkE3Jy`2tb+|esesvQ zQ%y#-CWfilX0pHd9;H{d+7UR5h%H&$NJ-Q|Gm^pqkm>PS*hxA?A`!4tO+Wd8&0KsD;ZUD_-Cs`>H#~8j zr?flxaq8R<3=3WHMv}rVVU9zfH_KhCXuD8dF5DE--^9~J%$1$rIP(#?%=$9`CnA93 z#}XE=efXmgF1yLg1AMN2!`#l1ffBNNTPRJ2~Uq~yu6-bM)Hb^BypNH;+^{Z zKVNFL{~YX~uZ8|?_88IbJ(kL=-RiPF{2lY`Ead8Z?Rn9n+Z#%W`F1Ne>wL6l+v|Fi zoQ=0pA$4{63)qV8ZW5(vD^W>7QV7AAlk0REvFF68RvAw@g5-q7bK6p5d-fAX|Hi-% zeyJ3~NFOSvfBWQcWyqg}P5^(=kRT$rfux$BjWuoDP;g303U_o@?y%}OE@5M#jMNb0 zqnujR^l-5TFSegi|6ZgYr;2*)6D60-$M9s6HsD`&gduaFc%26*OkrNJ%B2O!S-vi? zf<_1wL!xx4XxQVGD8@|229Q*oM}OJUSzd``XqrrA(*)i*a(2Jq9@@FQe}YEoh4d1+ z1>;uR(OjF^(1bsGyRYB`-fmCe+YL#N^P_SzRa`bMU;#mR|gLLmSzbZ$T_ z(I&GZllHMw%jS-ik>6bNt#Q$wRSp1ZMA-3n=2wVWO4Zc`7F0bQU%6xrLYra4P4-daHqNk)3 zGn~XGa}IFQcH>#%5>#wp=e4ipTwR7AEOJt;$H8pWmxWZF(0_!;Zq` zbPzK(&f90Q-H}Y-a<-Yib`Z{Vv$e4qc5XLaX|&(DC#b%vG#v8oG@P588=5WAkm8>8 zwqFM*R#%*qR0r^ec#Nd~#LfnUUeWsbYjBaF+89PGEf?L*H4;}oS~b}f)Rz^`TXf=M z)UybQ@WMz3jD0f=zgG^c9Sm2Cakd%tW(=G@^(O9vH<=9G~5zWb&GA0U4W^Gbb z9;Jmb+ok5~KftJE8T8Um*@1hEe-kfk<08a6eF|DcW{$&f#6hVSsy%S7y25+xk@)mB zH1dorY}KmBVvl~sYHS4Lx2n!G=MdB=@8H~&L(oS$RMJbPqf_q%m# z=q;64%_**5s1K-kb(I2}nVD@zHs6-r*{A|$8+UP*2jOw$o3cn)Nf}%78K=wdX(BJ# zS!wpZP3%kUFg4>aNt&UUPt2EWl34%Z87HG&@jQ1KSKq#8R2O&zRM2yZi-(yzc2ihb zST@csACHk1G2DsVW3d-$wZdptknLWzh$Qa~`UOVhz<AlH~Oa)dvtjuL)8sZ$BmN^o=$pDiUfd<9;|-jx84WyW$%$ss3%Iyxjo+V4u;I zBN4S+?PRe}^>Y;g3Gi}SGB;kn!|&wNPwPmPD})dYh{FJqb(ZTnyrm8&i!khb=qtBE zSi*|7;?kKroIU3C0y&Rs0I*}|Y4qaa7mgi>COCPxu4|(yQYk}7Lht_WxNPlDtzJ!$ zkMMBuqToCQM;%MMEx4ob2f01@*LP$_+6KP3+1B3iqjt&_xdeQyjE3^jE5LOeIBcj49p zMtjkd^pD|$qc<+T1N12E(35sQsgy>a0#Qp|74yjL`=HS61|m|upn%(L10bwR--hUU z+vRn!fe7xya~%%gAiQthj@8)mg2IEI7Il3QWazFFE4z`I9Kb z)w9~b*w+&ahUC)WWzYIe9^t5NOxGuI2>oHqisvxM0;Gc7H-`4)%TDe0HrciebvzY) z0b{Lp9q)}RJnj^?SnZjDW2F=2aFD24m6oXSIcaW(z-4pH*!&;wWn>Ar@qswM*Q!u$ zE$4Ai{Ne5hG_~cKx|l@-Dg%uP_o)nq;jdXNW2XS})yLsKy?kA@o`3&_(cL|xEGm0) zPikdy-mQ|MS4Xbe5oVVzsvbx{5WnkVCZbPPG-nmnOq9h*Q*_RN1wh5%_sn0d5m z6D(8r4>11z*6dlN=3^V~KZh4vq#_*~R+_v;eR2aTz3KC4lRii+K~y)6-W{;yshuBw z2;m+%XVJo+-Iu&+b&)+^NjT4eGaCG8E0Ln~$kX@x?7`-zYW=G#R(PlVlZU1NKBn>hSX$PoRe)2jWco#Lx!e7U%Ip2ia;C8goRgS9zYM@T?)+KsWy}C z*BiYY%R+Uq;R;1Mm!g;Ww5Fwksvd9&f{Cy>w4oH{=)KFJ2&lN%%fVXM|e_uYhvR1d}x1;heqXcHnQXqIfPG2QVrw# zZQ?_B5c`RgYZZq#$A3VSPs87@E zQJj+PXCF=El&g#}!s=>aa4ly}CR)IwfG{}UQXWH^B;elTvP_HW={<&3;yXg#pP9D> zycX|Ka27|bW;}0x^MJH=zrnpZRk!6knZ6Q|u#)VE1_G`=kMD+O z6n$UX04^LNF?_(|VG>&5eL6!#k)y4q3r%ysR#R(oC<*NK3ou6^lMD|;@o9@jDbV4F zR^uRU!xMX+W=tePgE1(eXwUO>1sxKi9z56MuYB-@y1&Vq;l1X<#k7SddO<`iy>bX@ z(Rv=Y8Z|JTGh0vA4UByKsrY=Mk=YoiBlL6-yog#~0}R_MBwHQFb{G7-RWNE9U*7bo zhhoeABdwGmP!aspg@#Ng>ehgHV@W8lXsdXEvua@&&M?h%DwWx2f ze2JS6)j6-)*@q`rlC@xY+3NJm%`P$?@fuvc`p+to{=%oA}Qrxh`GsY|y?w098F%0F=Jet>0M7&8iusKhkxF1yZL_^tzNrZY!aX ziSh6;z)M*25&gsqh%ES$^~R__v3c26?4khSP@z~_Ev%^mWX1(b`4{%(;9p4krz=f! z^@N?2$QS$xOuDpI^3{S$ZO@OVabuoO7duOzRUg7UE{VI|jfUUWP68E}StDX>8O>$& z+aN$8)Vo33%EH&3^WcR<{ks?-eVHlZ+tT~Y`+S+lI{^F!Tc$WVkF%iOjEM$Xo<9p= z2E<4%_(p|(Y^`TnOopr75Sy%yW1pZ#qMI&7#ur;?_}4w!3cNWrvIDGnT%~I?Z3JTc z2v1_yTFX`N&!H^$_^x*dc;wN&-i##r>y!N5=&1!MlU;S{l4d)02w6~s`|Yb z+u>H6%p6A&oB;8X>4B>)K+;oJ^poS3$^Mtw^smv|%Hux!Vu=~K51H)HZzF!TI>mtB zbFxhTB0-bn$oes_Pt>=_TdkL=={!h+!f`Kgfa%nYFMyTd$KW?|hYGL4MLS0dE$Fr! zP1ImCW1yDVpwiavI;7vk>}Kcl@qR!G>ui1bApL3`uZgK+;#cEE?ob2V(3UWK(C-v~ zN306mla-Y+y%9QpXxtR{)b_*fwfZc;M8 z&x^Yk0>^g&k~^d*LAF~Kk6OP+1v!IFJ{-2}ds&>{j8VfSO3>3pG*HPuc5)iUBdxE= zu9qA`xa1GmMEY`W!k@;|T7792Y-qPe-VXWoSFntgMAqeyaKtQzNmvV5sJ1G1f(r zWE%p3;4@~sapP_B;#anF=f&6fS#aQ|1Dq^AdHV$s(_(DlVi2Ur4sFmXe7h8!Sg@6T zdqUP~PEvKtgpir>y)Ki0r@1 zI9N#C3_`}`sjZk0f9}eR(XUOw)QAJK)3jklAA8|WK_&g1VMCF_0sP5IUvnkQ@l}Od z-)iP=Kn?fexAVF_snHw`|8_UKZ}rydw!_9dRoc5z?@a-s@SP;4c(~$D!mX+{(3=Wu z0Z74Ue@NYB?we)(RKy*qYi&0{V?dSDD|{pfgAO4&V|4LCIF$2*-Igl4qh(wg5O<1u z0hDbvL)hLeF4{-fG&lSnvGhR6_ZB-N#=i?d785w~Kl@o5@M|z4G73dN(Q{uy2UfLE z(CIG3(yi;4;M&7!+gfu%kF9ZA$GH}u7mQ4(S9;rvdP|7QW#Z1~W54WnF(Q&3U_&pI zZ&EGlqTELMHf~^f`O7Yp!oZ(hfeiPB90kyWE(*GcJ1Y6%@jLg8OG*(*V;TE6Vnqfa z1Lz_1yi-j^Q36K6w#;Q}Vgc9F$<_cQq+~+LOFo!Qf#3j0hNXQ%-5=|*0g%SL$z#$o z<{Vfg@?3IVcQvF|WoLEp3MDe2}Yz!(m&STIFpcV-ruOJL7id~YC z>)uk~$XGq^Ux(2~nyE-3FW-2NUp&NJ|8VuoM-&j_Tp#+)J1N@(t@67Hag@!iW4PpI z=$rfmzL1kx{Y~wK)g@h_o`vVbB_l{i7`%rFC9FxuiED~`t37W^#q67o45R;Bw#$_` zx;DiD-~pVPED(N;OyC=f^q%LcCn`98>f4mg)A*8qh!5%FPxasOZzC`Y#gKPLl)fR+ zJRMI-gv`(2?Oq#yee>?!&-)=ny7#|2+>k04(8D?nKb*u&Oaf_gJkluArwzy5yg|I- zW9A|vou~VPoZb=Si-wcmrmsamYqqF32s;>5KQR5#Pl~}qAocb{{)}h$_mnmg8yYp)p&b&ECULp9kn# zPO*^@8S!wi_TnG=ww$It|2F=DHK*h09v=X2nTvG2AbqPmX4PzJVP;k(gWSJP1Q1PS zFD|M(9~9*Meny054!ncuc5^T>u18+nkl1~tY9=QaQPt1oXyZLaBovylrrgOETH3IK zHRW-!Gtx^lxqyh~vkr&60kHngd@r9$7W4dx1C))d{_z@n_!O#9G{1uTt|sx)K>xQZ z^MBhj=w9B*)bK1^Oh=bUox-23=%zJV$VQ6$qhhKgIuqSRaM3LoRQ>&S=an%$csmzh zx*mT{Xn9$yjMBnGPmLpF3B%&*tU82Mq%lTt*T=xd-S&8D zEaP~u7&rw?D$N}-)HjFmm$qs}p1&JdIG-f#Ats&=q_1K^D(?ES*k|LK+GCZnn!a`h zt%Z`7ZL^ECJau_OOL$q0iQVoO*DVPTPaqywh-WapO!?#^e=jfZD%#L@=SMfe+>0XH z?Fag?V1yoa%2xM&VkD+kcd@RFe1%M`f&**>H=hm{czw?V#Vy81#2T0FnMW;%jP=Gw zS~Qxkt``253MM0$o@sXcwB}(q5S@%bVyR^ zDrk^=`;Tuo!yJ|0rV_uuC{!v6CO8461tupaKQR2ZP47bD_Ig+o<-M0{04n?80HlKz z08=;zs{hepDDN)Ss21sJ|0uoYQt#2H7dhqFJ*2utm`(ofK*(M3vN^NVrN?(e7=$V7 z{g{crI33Ri$dk<8=#qB_SanvTtiIoLAq4H3&Hand_&>F%mjUUk3GHmfe4?^|0qd&k zqq~TnV9bkYwH%0D9%lbv2tgi|5u=7wf*$h%^AK8dME=;hRST}6WznuW+y*=KZ50x@jILd!w%KbI!&xM2 zq)=Cmu#_Lh#0+y8JpcEA0xz<;y`0{QAB~Yu;eEz|^W}LpFiMElx#s(kilBdz?Vi5C zYbrBGMu77;9e!iz_~~rd$mVy%IRH0H-bt9yydr`lCJH7T8>ZI|G^*O${{ao1N$Bah zB0RjBMb%4f0fkKTRHZZ-OMxt`+%%43eK4^`dm5FO4Pyd~@ydtuMQ|!KUK*{Dp}qPF ziR#WB1hXGJcPj$F^gFnbqEx9uugF8Nm089z_#mi$Wy-9RZ^@DeU8#PgZl(_Jieu3+ z>6-6@4 z7nl|hR;0l!8Qa*d_X6w6A&0iBaJXG184>#8&@1Ntgdz`gt+swJ6Ng7lf`WwliAW4Y zsO2fMrREnB2HktQGSy}H_7`! zgyYonx>ySBg&$)u2J1^|2dp6)9M-nY7MGxKz^wyC^yn<>rj_F5jZgf}appCZ)6lBjl1nC)3>Rp~p85iF^<-bZ%p z!bb>=N9^^~=#o9P?6_59!G|Aw(U&=ZE>VV40&K|3IWuF0)5k-jJopj-}g31uflzr~c zbD7~GoWc(EB!>C9_0e78Aed=19PN`bCjUkkA}_UQ7+y>eU8}0Y(LCV`5DO1m{9IU6 z3ft4E|0lL3h7IupL|ZWRz#vwl<(^q7gkI18!>{hQnM(R0r=oel_~^ukPWH{;V)bd& z$Khy1&J$am=~n&rBY5x(e&|FOWRU)6?xuNYWSBaOVWgUs9}S>Aj(BHD=bk)T8uI+s zt@;k46G&}J{pPhZ?q2Xq918!RiVTSB6Lfb1?9NLuaGm$mX*|++ttUcv0MfVJQFoA? zF#`Vjdbg8v?nq@_FUf5;5~TZ>{Ps5g6+)Dc_${=a6|rwxN@(D^BtR4QzumZf=~p7e z0Xy%k2{ZGAC2p6`02rA;Za1@rAGDZ$%mN;Lj7qA}1zVC&>A>LQpka%a_Xx|dDFeXs zQD+w?d!`%a=RRveT%7U^-zbWoJ8>Q%@XfZJqGXj0H7z*}^t@%oFgEN8ij`ocf*?OJ zUsD;j>-Vb=hvt)!qLsCdXOGV6(@E^K{HnHr;6_5zvM!F@&6&HOlC$&dn|tKVuMZ9? zI|ukQ=N1>S^Qws)jvk*I5$n>Bf^E5Zi+d4KByJ*bdnr_B%% zy8zJh(@k3(_P6?swJN?ne-@%16vjoo>WmD+ag2;SLKhqguRhtc<5Nv58Mjl{HEb(s zNPMm%$OxijbmAYOwM+DWOpO00$SIP2f1m-n%MiMW8uu{PT;T!Mj_&@;R%_^+(a>Z_ zs2+D(O!qxg853MqmM|H~R}SA-Q7TU)emJ-^)q<=%O$4md%=DVBJ@ph?Og+wrH_Bx@ zGB)3DpIHDM?vo(Gt@C4iHB^$);2AHQa$B1w#;siy+UUd674uFbLF)VA*moe;r`z%j z>y|Qgh6%2p+ILl+r?K3koKj6d+b9ZXaNoo4hxl1|FnlUiQD~AO<0$q2NU;Ugsk#I+ z$Ep7H@O=L?)P8rYbq%wG=3hxleoiaM!1J~5rUD%CY+-yEn*+I0Nsws?qiMWra*H>1 zKsM_wTJ7uM)c%Src8nt{BnrIk6cpMZnEirwp3d{1y?jn^fI+~og_oGeW7v{I06&uQLnI9E?S z3*V(L(d-}H9XZnR>4mH{b3lJP5RTdRViE>q4J;8xpZKPNz85zw^agJjd~^bN>}MUMPvnJTE@-eMocUCnjLt}H52&(q2O z>!nu$jj#rkwH|G{zP2666CPdefI1j>Y!@y?psml)&@dOz%R!A_et~b7h zj^)XfA8o1JThp@R+Rk)9%f(v3yNgaR`?jEoHSra~%N6v8 z!*O-vwvkPNi9li*MsMMduirKCr}T8wZ~4tZ(#=5itL5SFWWk{I7q}Il*Bxw%zuzaz zNweW`+bSaQ)1SrT#@*H%z;WIPd_;8YYx~af&`rz4uvrt#9eaYZUI@d^9D# znVRb><+TKXDv59XiyjV|1V5|7^DRL7JBEYZm ze5^5rRhe(+MR8dfny&?MjT5nE=w8fSuEhNS_L_u*z2vSb7j|V*i@)D~IyTo7VjpUJsbF?oaQIFR+AIlVBU0C*jg?h^D;;UTkG`ObCv{vZ-zt}0P*(NzBWk9T@~uFhaa(; zW_O^B1aB0aF1y9XH$tZ=BQuJf&QW%6lcinEB(%3ABk{kd^L9}A zFfcGgsjzCN&fTSi>4VhK=yjWS%wL5AwTJj$@ z=zng2(u}1x-{8CTAwFt0ftg8jF}O~*kre-5+rxoAMmol|gC&EQ8r1M?5>UsEPC+Uj z@`u$qntRkC3!4Dn%&^qDFwn14vh zptl?(V^Ox}vo0C)xISB>G~TLhboa9D#BORzFI=tq*RpU*a@g6~*$+ucw03rOs!bhc zh_Rk(N=izjmd(d!iV?L}Y3Kn+@Ef|%)bq;}?w?Vd-$-MF>(?BpCtlG>Hy8$Rpn37V z-XxX)e2YJpVQpc56ksvexg!hG{a10EK%~p!}r72 z+4dEgU&O@~*U?9mGA!9%AU_)se)Odt4cY#+7RkaD+)X2&2y_Za|3nhL3M$iY`k{cg zycT3MqBJ9XJd_5II;MdkI6$f(3t&a95dd%X(UKBd^ZaD!G3hMr+Y0IH!yZmSyq5jG9-)XaKTZ2M{5f7VBl{)H@DTAxK zGjs0OR_8q~9d-%bD`p52Li|=*5>7frHy&->P361u$!jaO6zDjHQC9Iunt&~V|1RU(#Rxe zp~N^|ob2Aw5D8poKD7>?^8p)&a5ew&R1t51`CfBk$P z#F>nUa`zP>vEIXN{r>GnDZwyKsImXA&z&dPnV3xB{JfnE>q?7S%YyPkdDC!P{+gY_ zhRxM#1s^xQCp|X4S+VdO8(EIC(Nv80UdRlCM)*A_w7#YW@W|fhD8^C&u707530Pgneajxy&YF8G% zuhw(yKp0+QJzW4scGV1%Hd4MYqpPE!bE&P0sR??=ozP&|`!fq^xHDny$yGntBS>zU z1)UW=lJ=Y1tlZ-H9X^ zjMJB%Ll}0KQ7$b)iyd_xJH~UqxH}G7YciapaMZ1SPJLdrXJG>|LB_*|UQ4)5g-{;4 z;k|sS{WyKI0`U=EZgVYnx|%OD$6D+7?BFX}OSI;R&U@e7cz(XE_^Ft|z4g?t zU@Nm=Xp+L1Tqd&him_(Vjzwj{+HL<#ld`p9qa2DFM!k5Y_`(8 z(>=zFj4%LW^(ZS_?|D>6uD`9rV}sdljes`*u#b7!gpkNf1auml434n_Iq}tru|}tB zW#KlEi=k!`Qr>CL(qJd0hDm9F^5S=dniO*eB+18)6CDt;5a-FKxs6dTVR*pb8XOIX z;KOrs+g~+!h(|8eFMR#jajxrNuE!MVsoow>lUgzIInrN zhC8O@nHnoJ3F={)+JCW2+BPkZ$sumezHY8E@&#*fN-1-z{QRFBpR7yu;TK$#UOxYh7(jR0m0 z!1bS;s9d?=3!4rbdPw?Xq0Rh2+iAPy#Eu!CPy+_u` z$!V0AnoNWVl|aV#Efgr8|6fh^AL5_E`_Xi?KzQM?_6jjQShUu~x4(*&5u9SJj zU%_Cq?CVi*H_cx#aK5GN;r@s3eXxx{G0ztVjOp@J+pvHiFs;`k2b&MEfmD~=SuE%*#LIyVbEr-iv7}O-*Le^U^4pXqFtG29=Qe|XYX#%@kwiX<1 zX+u4wz9qS3?D*|IAY1mVs4ZX;tRr9D+TbI>dr;}0KcsTLwD0EE$38gDm}Vbn?Kt}4 zI@}=E$re$-(qmd#O5O z1iK`5D+F(~?phfV`Raoj3mnV2Z#N%RWPVY4f9u=;C|Z#hlIf>@4s8mTWEVOh62e zi|>W?P6Qi=Hw8%aX5fG2*nJuv#Z_X`fc3-NM6q zl#hwpue~!rl~692iSidE3N9{MP*-$vQjhfaC6Kldg$0li@8YVmW}GJys&+@;uv9lA zVMO!2N+!8&{+I+BXbx+4@Z)HG5XEm9jbeiyePAcx zzK3<)6Pe0H@eeI~zhc?L`56;~`J=Zglv%Sa{f=+ znY9YLZQ&t*e3ZoqhAUNdg`aZAl6W~ zZ3-J;R!~2YQh*~;S10{o2pR8Y7%8mKB){bQip*a7h+kt*>4wKPk>sEB>IKOz^XG6I zi#Lyip*=m#tXsLc;Ld*DEg91n{oLc)be)e!lrf=kpl=Gu^aK6*`7 z>+Rrcr15@s!46O(n%Um8;gAlCXZI9pfVi>K1uk6V2N>_hc%B=Xb@u6r`^gF0%MGvdryV`3Eu%Lh({K9 zygPka`8K~XharvCG@KH=q%FU(<)_D1IVD3Uj~;QxZd(-mi^xH#R$iEWh$EiJkAd>U z^NnSGK*3H{9P4JH*PKxX-rj@Lz>v2h*B)HJO^4i)OjfQy-QMkh_};!##>U0zsEZ_H z-TZ9BqEaCd$B|X9yKs}xctzE)zx|e#L*eMwuxa)COCB|fTVQr)MJcrj`3H3AkY`*l zcc|zId*mkhNmkSA;y(N2?)G*VL_{qN664`BZ(P?q_U5fEr}BK;O%Ecp(gJjE{?ap4 zjcogdmC9fk!5a>1xmJ3{{7Y+)h*biv1`{N$#pg|X{WV0Ii~Pb$X4~NN(Z`cu1vf5N z5~S{C+uNyh<8(ZmG~Y_udHeAS?3>w$i|dq^OdO;Hw>C#pxa$UHs^zUIV_qGc*!Qf% zY#Ah*>Q5CCm3c5g4>y?Lz8R}dF*$oR{0v)JtZlZ+vUh@}h#3fCNyuZZDrWF;>bfm# zIP#{mTPgwcqZnA%H2w7P{uf?Akul9v^_RNulLH(@#6IX!&ouY$?&{bXsEq1UR~E#> z%9(Q;{0|-Clo=?LXzb*j8TKkkJ-Tk(3)xh`s}GkshMzgh-)j}6nH2HZFSg=eckbTL z)k+@TPpVN@Mw9sRwama5Xi1RB=os zJvJs;5&xVlZl9t2YCXjeG>Zxz;l+h_dydZ(*Wz<2=i*XT#jwvSM4irMmufp#Eo;=g zrtrs0#ScKlXKm7Et~6 z2Eih>1%~B7+nJ;K^25r7rmd%He6A`Rl3Dme^0BvVlJv-%Nr*cZ_pUGm@5!H)N^0Mo zQ{o*RXD)$D*kC{v@Y5|%XQPo0gSLFg%N5b)a8QX~I|b^rKZocSEau>6EkAIIZx%P@ z;2laCPB1twOz;1pb>Y@O(Zp}I9{*}lMFOMd`V7zElh+2X=)ooboWuA9a>Mw-RNmod zqDqwvypi$iveE1InlWE-gFV(*OY1rFTh*)uU;Ei@*q^iNna{rQ&VMge>KGdbsIQ}C zu+M2TJ;95hydaZ*-p0RoMZOSub{S*el4>umbRTePL?aX-w?tcENp0XU`nX_JaQE{J?obk4_W7#^z+Ve*qEVWfw z)UeEByS#w%pfPLBtn}LXd(1V zG*R%k_R@u!Hf03{XQH6h9L=oe#y0s(b=7q~^!w&7vo`&!--;CP57=Lf8uW_$Kq#jv z4nGL?HjjUTe!q#aFLpRe?1>TJHTBM9D%ZHR5+q6|UKW_4FST*I6DKdWdH#SXZ*7P& z>|c%C{%%}p8F06wB(I;kt&lCFfw0m`WufbQ-^-@unzZkd1o|M)VcP$o?u*k|wOXW4o z_2_wd{V-NHHa1klppZ%n+UlmWae4Fe-KpRaT&*%~)#~VL%uGpsls+;6ptx@4e%1@PvDeH6%G-B0!Qr4E!B$g5!qrux4 zP%K*Bz55twOJW~(%PkkHOZ!v(6Saboo>D=$&Edy$H*)lbG7KoOd&9)m4~JsQz5xcX zua!+&b1}FZ!!Q<`4d43Ky@fXF_2`v5ygfdP8Wq)z{pU;K!p<57u+{K5T#e+)GUhC5{nTnXjlHBh%wd7v!9FnTtI|AM)6zzaL5^dEi zduiQk2S|2{ke$rmheud|gF0~N=;-41%A1tzTdyrlmmh$#F!f&|p6}{I$%TA*wn24E z-h0_%u1M%TaQ`8pMj7-P7RZwPlujC9-?$~_H+K*(T%xUP{R&m-sA4$%#1l(l7#d^> z^RG28fmDINI0c$K~~B8C^{4iIW#el?oBf) z0|RPNQQxK3*X&D!vdbpuhPVcZ(SXIMR}4?IvHBU62y)Pw_qdWbf6GIbt}f zD{}>0ijxK^Vur(SF*(IiCTVSJ{N6xeA#TM} zk9^MBb9DovuwO8A_*A4!+p7xaTn2NQu~Wv=%rl?uQH|HMOXXW8&alJhgAVS4;{+*M z%(uf{Xi~un(*9byY@IGpNHM8faE@d)Y+c~gHZUN!;Sm;IE^j`OdpZbqeQ{J38>v_@ z*#G<5)`wk>01+Fa{`+S#2tgO2P$0%E-~EcM8vSwJ*H`wGt&kZYma@+c58M;i$0-PQ z6Qmy_mp}@7C^}#h&$(>s{Gh@ruGHWn@Y91EMBhW7>=b2BP7{?kNXb)afkDGOaPQql zwkMjmy}Qc1Aheqf5k-2eao0`A0~gUtWGiDAVYZEQ%iQY0Xmy%zII>B2&0UFYC3wD+ zgMJ_a(LHQLch=$ri=v{W#57=-^vLm0aBXrLH-1OK^{T+O#g4*UNF3O1)h7A8JOio@ zs@*Q)!2x$;4iQ=5%DL$Cmjz@OjPcU9e*M(*RVv`yZ>FdoiR8dg z=sVw&Tz%z3TS7N63A-2qN9pwdUX^FOtYE#73XNJffzrdO}FiV0>0G`yzwo@_m*f-ceA?JKO$vJxTG#$VGaCWbd^5 zY`BS$#8%5ZZ$dVUqoDm|yH0!s1-RRin{y_$1S$>*ljPRXCez<6qchY&gr`66mz_!%rPO(YPOo5_uxTmt0qLy zjtzmyz)4Gk?d_6~2B<$2ixQ$cUOqo}&bDt^*s&T# zqeC+OT>|~hK!kOCOo^TpcUMx~^c+>bSwZsgLNU$oxub}GEtxRe@)B3WOpN&VquZYQ zbIn+%AdFI%l}gBJ$0slQT5k`}Dmt}vZL8i+*?7C_o5>f$#KX1F^t5#&WP-~#+`6)o zA%aZ}bBFpm#seO#cy8?Df|m1vqp}s`B+iC2dQ^W(UjDW_qowe_#M>ehKj;S8B1aUV zSO+f!>VmCff(=h}V%d*BO<)=~OyD`$&FEdqb5O26ld+JJDM}{V8lz9T{$ziUPw0D{ zH;~5a`I=6%I^3vzMP#kuTjdxpgW5vE0ld=tz4fg;j7Ti{wKj_q3LR(Za&zt+ZfvZe zJdtde3Cq@9?4r*EHJq=lg?W!gyGk_CGHCgQbtl*%qJyNV1$lBin({0`O?rKfs2 zobb_{!}0O&GL})tR(BkAe`@)Nh+^mwr5(UC75)L1ghtj*cI{^IG>$GoHyk>+qGv40 zcF9G&w+S-acXM@x2h=Yq=QuXXtkm!NhAO4`TFaAwaB(VaxJT=u_wSu zzeuHGEn;7DxZ>cCBw%*78*ooQT|JYWX)gTaplt4q8>hnBGGbVEc^nfSS zzV)@=8LZ*Pa$Pjh+S;d7kXkEBhZ~qH4@Yxt`JG&YhQj#Q=KS20T(7pcF{lxI6LD!? zp{a{%O%w2FbraXKk9)=MWO9=m-Rs&EJGkG}!={DQ(k1)4c(i<;(chZWZ_L9`f+}jF z5lA-jsO8I0QOg%(zLHGcfz1!r{8JkI?^^y03{yxUa@!i}qPh}8cxN&4?m?Oio4tD6 z1@h8D^gU78X@Q0I`lim!rnm0JT72mawTy^ZH#Kq-w+Eh^!q23p7B4;qwRD+dstDWy z5BuQPkO`#@(!_KN9s({5x;xAPoV}V%2O{6#m)hchkULf*r*qfz^B?^Fp4o$9h?PyT^fcC4hsR%JEyO>3Ud9_j*EOA zCuSRo-Q`Th^b;5N+&ClgX2^W~cXkY<_ByVVNF^RVW7r~QWIS3?S0i(VbMMUDCt6~N6Keq_?=&G6j&RDW#HfZS(a{n@{~utFiey5J&ZONk#N9=CM-Ge(T=#w0x4<+E=i{5f<` z^gu}Mit%ebb1HXzt*rNF)j19Bi0LG>m}A1~(m%y>Gyc4Qof*QS1ZStGlNR#kK8uI# zM!ZZD!h>KDicnx}$3r58BDLY~MY+yIhhB?X4_dpLiGJ2z)N>BkWs(%$)`Y-NJ3Kd#u5WHi0*rmqP7mEB!~V48XU^OTY7;t z?bU=~vV?u&RB6ZOzzc651Hbk#%ZX-s=lJd;<_`|O4x>0{-g#6i)ch(iD&ydQb8)gE z%a`X1xX1Tdf&$AxT-Vfust2x0K+n-}(9_Q{|AVi(I1uq5mW}iN+ z$Pi2Gaf+@$!rMk1*4s6h64 zB>IB!Pb>RTW#mvLs1jDF;qmot0GC>|n!_Yy`81?@_{y#=9wRac19AiI2NhGT;B3`G z&|NB9CIFo}N!THQjtkTgq zDY%ip{A_E-gNe7S`z8lK$S1miuiiIYO}ACH&NjSig*B#97tk_(I6Ibn!V)g>3%=P) z24ORfsyflkk{Nap#ExSf2}5r6MXzbO6v~vH)~eEM_VMx)g;a0>L?u!rW7^BN9}+Cd z$B)50SW)b#rpMEY1?~nbY$1v5&`=-}60bcgGV;)|+1 z^TS?hPQ{X=D6@gtc#Ff7+NW_VEoP+yBKE}bvO`MY0Y}bO1{?)S1oYw zDp~tcb~1p>q?=(s8@@QR0TY9lRD$k9s8ilYd<)*oo-juf-{*YkeaC|0WQ2*hCGtmC>zL@16b^Dk|Q=UB*Q zrZAGRUaq1h7t>5Uuf*Pp1evZ>&xDr68cc&^;OmuZ*9Vq(t!ljUQDlld^WR^NKcwS= z5kvB6T5IgR#CE!)37@A!-d~h`-(^+gm=IF`nw*qo?uPZ6cTt6h&Jj(HE4F)*s)4E` z3FGY$G!WS}_?bEbyE(i5b6WJ_8o@W$wbw==pO@5+LcuSj(hA{Eo@0yxtN=Zo8_D#s8BEapY(`G2gf zh5i_|uOm#VUxr04kjCr_axranQOob7-kZ!l>c-+`_>H|3f%kqdB5@_IN~O-IrT~He zj65j)Cd5FnkF5X=6(pty;-NvD=j@PWrR4_+i@m_wP7VH$3NzfqoP%xT{SK92G0~X6 z{H^`_CAJ_y7E>JYozM(iXZ&~e5NOnUraONyAz7RArK@%;7^}RltxhPD#x{KwDiOyh zRt9nXJTr_AA|#w+c+W*Bq)Vx#`KE5rN)BFP1%gHAD%WMC#ao}ugIAn>eKV)CICJl0 zvCQkCy~Vw6eJ?Wrl9A6Rgvpitci;IxpSQo9%x!eoob9-q98w-J?(rsbs3Ao61tG^9+H$vs?p=3#9Aul_OxvP~H8^Sv zSm)2Bn5r2~_a6tsNt=96?Ceff`}20|A5Wg~!sh&A+Kwe?IFycWAENr1f1 zn49^zgj{5Rt~W5c-e;{or85Fag<@~$Rgiv51Y@{hko}8D`nwtV`H{SH z5x1h*a|=>LdwE=-DEk*`0xi zM6&gfBzGu115s?Oj1Z*wrI!fkccU zI!}u4AKUsTZ_XrPv2Ii-Wh%gmL&;v8AS}1Mu9pTp5~3d>Yvm7PrQR7NX+-FaokuGw z<-t!#x^_mAbrxvkGsEyQ6dV*s9(k_#CU2+DG(oHY<;D6QZpo40SId29|ASEH*L2vnR0n=bZR|Jm!}mf)NJQnZ_2Y? z|Ni8*JiK$f3Gee5C^{DW6n95gly{B@PeL$`V*Q0@mu=FRldL|DTdb?Dh8ZGo^4Qk} z_{J#Py6!%>7v^8ZL9H;@s-4V!jjz&!f8sUxHz=Q7C`#M+Y3xTiz4dBP>OMP zt7Lx*X#Z6-M6zDQkpWS!_$d^)jBtn;mHRYGxSBd5dM@*{BY~X8n|#41UGM-xL>grW zN|&4}DjLS<<7Z9C6UGmC8J)4L1BYyIrv?CcTpvFSZQz|H&D2dNT-5uk+5MA3_m9WU z1Yx5cd2I5LA)?2a)SAx0o94xI>%^OA;MzQ++9}_9ZAslHhw-zrVfCp7aYP7A{~-?} z7q=yEp+qX%xN3ZDc?V^P$E&W&uFBfhvE2-#3VInh^c)lNanYvLkn=@Kyo165$vWk6F5Lh~B?&uW(M|j3g#z5r zLCP?17Vq|0zD=yIlm%s8N~N_i|!452nS`x_sKY}Do6j2=s$ns7y3*R z`f9_a`L1su4s5PXMKcUl3IyS7TlM%XIL<)0V0K{hN*yjH3|w@L9Uq7KZ)jK>c6w=)7?cOL_V{MZno?x~GtS%jg4Ouek=!)IL%S|(ZqAh~sv{f*i@x`+hRz;L2C@q&m8KDr ze2hOhSKeS+O7JjlZkW9lH7MVx527^oiQ){JFv;&)nZS}a%VPcNM)~JO_HR$d5y8{3 zqjH8H2J%t!n{?-&(^0O;(Y}yV{Jsf#rwqh8s)fTIp7H3uZq#(|(TUGP%D^Vc;512e z(HI;W;3=Q*2E_I(qmSEgD37-4q;t`%6&5`bCRSKIW{@ZtG0{ls@SD_$|D1 z@QdiJl6L65YtFt+^JJDicHhAd&AB2>oNN#;m$gx& |Ke&1^yooS;VquM~Sl+@#{ zfi5jIwG2fm5_LR! zQdxDix>UL_5tKtgEEeWomXe0fR;w#Gd-*Sa3$Xl6UT|Qbf$8C|C$GEG@fu*U@da5r z$=s%lS+~QMCei~*pW@@ShyFzZ7*d#JhqJzHmXa|-Zs^fU>B;C$ChqRF8=D+&%Qrf7 zDqy}aZB_Sq4=uD&H0ye3$^-wOPn6Ow^Xqn3MG^FOFp3BTHP#;ls#_tgW7l!s6k5(g z`wnt)wF4L5F8I~Mo3!GW;C~h+FKw~N9`WkFR#UIt`Z_Z@X%$Tvmzqkl_^=J+eoYLN z5;wLs+wHJpB6aQ{*Q(I_{|crO!6p!?F0FUHw@cVB<7SkPW}>&nR`514!pm@fWR&GOziD8qYL+GBLs9&Dz{AthlAJ!Ny zC^-rlcM{EgyJ&kar@WLx>;#-c{?Y37m~n-0dWgScl(WV@5-slomN)iiYru5o5uqh$M+wkf zuEHUUhXJwq12Zi*!>Zw%?qgc>m?wrMyMS0F4Rn2Bu4WEv2cAwtn7XRwVsN zOZY<6epf9C8E|oE^init1Kz8v*Y12JCc=4aH6eqF|_ge___%A7R6Z3Dq^Y_Lif;_={@=`!&& zx<|EDxywTPIW}1bZZ1L#3X*@%2cY^a>wkAXIe?AmwusWPpOiBeo=W)bML|URk$J8$ zU4=mOVv5`Br3J$}tdj&`l1Ul(>h9Ur+g3PnD#upiM-#V)<)OSlEY7p$s{UdJPIK$G z^=0-Wwxe^F4B{I;dNsuvQ)$WS^`GLcXk(4{#*J0xkNng`UR{8Z?SJP6-P9mg@SqvA zvrFo4EoS}=7yoYtA}9gN(V5~XKUrJMW_w)JRJoXL*7%EywY)__y#NhTu@vBNqTt0| z5XnqEWPIR#6HQ}NScS7$yGvuEKJeQM6M>ImfT6v7cThA#%E#C^{vM(0;m$%&5s;*@?*D_5hT6!-}t#`zuF_t!Pb;K9(s$+@c8 z+C0$lFcs|bObx5jQ0As`@7#c7_Mu*~`DAqssWKxV!>qt&nl()fNoi)i(9mqHU&8!lq-euIx|` z_TZ;YiPLR|hF_6$uTBMOktMDMT-I!ArL9LXcD^GgU|}PSUcjKS%yY|~FzD-Z*Ul1E zeR0bUYa(~y_TX4W4+m##t|I<>E>(+YVB5}m!~@eq%#j=fv@Qq1TlC%Px8F;i8y7t9 zVJ#h^ep2q#G0jQt+md4X%<4-SDz2d&^vH$3@2bp%rCZOd3}H}rqz?!S;U&f^q;z)79?IVzUU9p+-tB3=5TA$`uA6FGD z4}K=+Tp8ld$E-QyTIAx4EwOqYwBl?e>K1l&ae~z>cvM84q*{m~7Ai*XohJ`-Oh;sJ zcgB>34F7%39=i@l_XbB`Re(VPk#zm?ab1d@qpP{QXGZ8%IM zf&O2W_hWx6QVv8?kxB8cPuo0{&W54>tv=??qF}XM3 zH~J#BTSHc43?wIFkoToiw-oU#Pf%3#lL#ba=_a3Wzbf*w$wak>-E)}!kIX5cO-2xb0}l(mjISsilPu) z>IGb#kt8pxtXvt8Qu7tt+$(Y6tRTn<6Axo%5Z6nQU)tFLC1U-*;lA-vehql^=XYEY z(fho%W4k9t}!^Dq^)he4zKC4*c>ytnP3DW9*I7_k%?s~)*(zXA2;UZ}izV-5^H z=JpToaTrE99*gy#M16itQk|;^t7DA#CNTjHei+(n8^gowKB6;LvsK0I{>iqgS2tb> z5N(CRswo4*JVS#Yz%-HlU0Ma^ z{$iPUk}-3qv+c11`{iY=9)1Qy6A36BY=mS&j!Gvw}-cX8mYR=Z_{4IZFN_ z?WnErMP7`aShoUi#`o5I5QYqsnya^WbxB9Sp;xX`flwt&dl0Ux+J2~>jVcDML%ohxklVaVMv<^DSIeg%n35Uvv9 zVDAO)MdB3jjXrL$Ut3J|D5f3f+t7RUdL9p%xbPcE2#8y>tLQ%%(f;Me$c3o?78RqQ;MsRFu zUCvjEOLwc#I(Cua-yRTsFM~@`VO1Y4B%mQLW>c@<;gQG|#>)N$s47^r>lzh?adaoF zuHarO^iwZShM(}rctlzX-F%aN35LUw;<>ze)A3VI8ZhQH#p7lIKfKFs z*^M{F?2ZP#1pfXyDBB+{@tPp>t7C`js4pJ4h5fRFYp2?iFCBk2YrXS9k8RBMMQ9|H z9M{Uq>T6-9cfWRGLc$D@Wjc0~%8}E$_1_)2f3subf$bBem$T!Q;`N`WY`4hx7d90| z3gU&xcV@PPVl)%&V>W+4CCGsK0WrI=hdS6DcZEjq(Lm!>*rCq>g*rT-93 zcS^;S-yZ)>3W~zp<7sR{E(wiaVL&A!Qc6ZflKkN@AZ`pMBj#1!l7tfNtax5-iona} zfYpWC$ox*6`W>r`aTvTw1?g>UY!03p6M;HWo;??X{Qu(sWea0xZy)V&dJ+<_Hda&G zg+h0JY(1Q%j8_2Z*?$DnNxfiQg`=P#KTP+7IrGa!kE|@as-H&%z&sJRFI{pVMxpz& z2~BP78HNm3lSPHhqsqLscxUZFv+eus82}q3{IM7>Q&BfzSuTbpe?E7Vmx3P_!HC2uR22s z(^j)RzY575Hxrxm0fzRFF~kb{HVfWE8Wnf?TX+*tb2ha-Z#;QUpEnkodkgRE?7V=$ z83u(z6v;37&nGDegyZ=$T2Rx!=m+ttX1(JLRvKqx{>10$)tu>W63m%3bfhxU%Yv(Q zN>fLt%%L=%(cyH~u5hEq!uSz13ge$m3RM2(M~Q%FwaTjt{xu zzmDR8j*xFa#dE)ZT2A>u40IIj*B2i9ExBzpHNf9yx7(Xy|I!l+dUClyJ4;KL4oj|Y zqWXloL*+Y$vg}7LFOG`={`Xh`$1fWMAYD;Wn0{Ci9>+Lz3f}&3G?FEU$BHPp{FI;Y zbX;bQ=B*ea@K>W;Ra-08eJfX@tE(``cpd;6wtq0u%l-q55cOKrwd1zIRmV)<9v2;h zT4@Gyvp~@K9PgA>HSpd(g6?=2U37QL&+&~}Qy7AbZ1j8Sy0jJ?ZJVaaaobqa$=iaj zH2+tgNQC0Wuag3C_lZstQ^CCYa(1!qmXGHbdD7gok$af+6jdhZ5-&4@pRdJI%-iQKB;3(PZ_G37KldniJ@CD;!`;89m9B(H%uN7!oPUx>h{z32_QdK;g{j>< z*WK`9B&*X}m;dLc?TS1TN-b9tNz~^HomL>0@Wz7jL?!mPBE{|Q(=P=+Ng^k0yFMOS z)-Bw~zvO4hDojf1_M%PI(>^2H>ebawvAxQ+nHycDwp|F7<+@MSQEE=E&c(lAfi;NR z?+yVyQ;Vu6+Q~3Ql>m3}d_Z7b6}g*ePiqCe7)N2H7+4$U%cDXiOuQQbFwf}^kVnTy1HV^5&W(@d!+UQr=WqQh zChdJ6S-Aqnv+M7j3hs>T%9vec|1BpPmjgd6c&XO}OhNlxSy`zSKw&~OI{}ci%(ql6v>5n! zRiKlzO%@ELo4Y6_TXxgPU8cs~uqW`_aVS0LO&Y3Q@9AFNiz<*&vJ$KM zx7+}cL|{2|D=VP&{{ASSPU8_VH7#v#Zg`;6Vfmit>JOnu&Acjbp_=BC9P%;T+}vL! zm`&yY_=>)eeQFp|Y{jBJQ*i7=I@2~{pmW#E?6X0WCU^;-=5g{)la2D>r2#QTX5*3$ z?46K$QIE5B>ui3I#X5A=43gI7L&>M-(Pv9QitkmU8XFnyy`Wc+447sw@xd4(G;HuV z`zc>2xEnoUDDePuTw>aVzq%7ZtMr+pQuotw<6aK+u|f4;^N@i$v=CN7?0X`Loe}Rd zOWNHNv9RFpLO3-wHHY6x3-nm%=_@)TFz12!4u}1#oe}fE^qy@!ML&&AU*XZjIE%yo$QqpEWJj{9FlzqE3&b zuv^Xn<3!glrj``Eyc#|mwk?rq`TMsjrgD4-8b!tnTD(l!cpo>@9OlaPn|{R)RKA-i zm<5PnOq+f>eKu&B13DKLoTAAE=al$%^79XFYj^P9>gp2PbSlT~8 z=*Mb)`d57eoJkQVGHHqZSN(`RJ%*q0aHorQX#uUR^FIztDs>^ZQXe;)&U$GE6ULNm z7Y$97KhIhEFvKCiaYqzHGgZ1+U{=M{n*PB;X@1IX;}~1?yaNQxFx7@4X$4%z1Nk7V zL#-O@Ff0}Wj|Ve;yIrH(w#(0MCX#$S4?Bq|Q6?|sc#uR-_DHGIb zt2aYFrRz79R*Nus@@5DZX%R>fEScQn+jO&2MV1@**A85Xk;4&7jbU3O83ysi6XYSqF1wN-L?{?6ZJqX|6z0M zUy3&3QsA$e=mR23i#r_p?ck@CGX-YD(MdL~_kqFwTy}Fm{j+RMai=XRmtV}6WEBtG ze{>zh#-3hnK0G`Yc(8CfsIQ#8Puw3@@NgDV_qwcGx4w_`51@{t?12XX z&bl|9#~*s(!JFIildz!DdQ|~!Lr?<6*KY}TMwTmL#3T!n3I?)XhIlL7lnT?kW_%e|LM;D@=Y#reOQnd^+sn zc5xKjHmlq*pY?D?OTzDNTP@42sJaZ$@rXBVW%}rTehWa`J)cs%c!Y&%?zU@1pTmYN zuzbjOpfSD);32UaPUm&n%e{Ztw-mN1%y3WjTf@z=atjLRKp>c@YdvSq`*q}!b(@aM zAVtErnQXeB)OPo2eJe?Q^y(9f-}iG%z~ch=itd?}ko&z!xNN@ybR`RRe_=&=4|{*H zKM#Cn=V5TiW_aSe=sKb3-a}+r|JTh9Ji8D^FApPfgRcQGRzf({1)o zbJ@sz_AA^^hq#+Y5QO1`4(r!3()c~fv)<7EhrEH{%dc%E9YU^qHa*n?po|uW2dmqg z7MstkR9nXs1~c}{|Bte_jEZZ^)`k;8a19Av4#)DOn00ei2#=AJ&EN2GW&AwKV8LFkD`BSw2uTaJpa&%?Ya z6+dJQv9MNi2giPugTJ0QWmvVrNoSt)IUN-D^m_d+HmX-IDG^^U5(*CMG*|{ysy#R@dp<4#cRT!se!?Z+jWHKsx$F|aUdx%3n+1+=tup5!T(~TCrtnvP}spNUUB61YMIWUn+ zOjm&1v4P=eg8`kT_i*tsRKP^PUxsR62g8CsTgCf5wQ+7hh2Zv10s{Pa^7x(F90^ng@@DrnE7~UCWo0ytz>M{ z45dW9cW@7LyWGBCToNCSsj&lq6W*vKB=G=9)i>=oZBk<4OMb_(0I6|)+buYvtp3LP zZcpBKzj2(8mE|{vEo5=7-IVBlJVY}LQzIEAf@8&v?CB01Qb|FLVjM{jHf9~4HI)-n zG(`?F@WhO{&$1$W9gcK;c7IUeS{~=ahxZ$Y#(`8UL#+cD@3eJ_hUM*wk`KWB<#N`C zGXO8##6U>%S7paoOQyCmBkm%PZ|b^Ito!?TK6UM^EQt01{lImypjFx%kVp{4MtaYVUBU-Yvl7JJ$2^ zY*CXwY%!SN{5&SaI@OJP?#;U0k{h{?~t7lw}Yaz5| z?mUxX-ryBK^*&@pfTQ+a`}Qh~0^+n~Gn4?FMRI02C}Uw?oBpxB!_%kb5f`f8I8%By z+X`IhdsDy=GG%CZD}N9#3!9EMGbVAM$SD=KUFWMl@iA}EgSVe)wXR@!%(#|M_Kz); zmo`xN9JaLpa^eC&Cb=o2^K@0=Teo1)%y53QC>lq~v3Am=y`zJj@ZlVQOI`R)inBB@ znJ;ZK5KZ{A*yNJ+NvF$P2S$3g6u0!m0B=7oB|pYj!|79V`aZ)EeC>ntx9gC}F;rp| zaPRdZ3HY?&WAc!Xk4HSA4+XRY{%m5|y4jB!1@;25>X413OyZfa^pL!a1MN_-spaA_dt7RS4=kygm zn`xwU$wSNPBO~Ps1dP*Rj;VoyH+kOcZP-!K2u6SmO7MdlA5Na1?5sfmBIr_`fZYl& zl_q(~?{Hn#@io(Zs<8X%+U(xf+e;<2fY~EV305~=Ohwkm53eHuJhN(V04UHEB}NA4 zXyZ3KkW46^Nv92fP1eCl$vfsGNiI*cu)vV1S6CK^u}ytI9+P4JMSib%3r%@DFN`S`>Uck1b+vUrR8Gq&uV%s_WVo8vbIIeW@WXYaeiZ{945%QI%O zq0$WAVg_^G$H|?EboV52X-72zUq*r%Tt)Vn3bJxK3=b@9nyGMj&D=qx!yXxe|T_DI9f6a zSs=|5YhU-jk{cgrF>`Ixww>!R`dI5Rxu?fp*SGs^aE+lu&&y5jkdr8ABg<8Z*VHM@ z(ZSf#^!gFI(M0LR{gtb1#Eg7%pgqZ#V7-7>c{l{0_4GJ>tJ^ki(HZ-0nKEe|Gm~$? z7aPln9LGQES34>hX6YfPdN{H*Ecvgm-||OrJb0%Q1}Vf1KtY zjyvqTFq26iI*41Zpg`w=T|L!KW)I-k2~jAK4FQORICxuVY)M@X4wIE@Lh20)e`+YR zkn-zbqkNlD>rCvV6#3+ntR8cqzH{7iBB#BzZDCstL{m55fTbnvWJN}cEhL>mD`(wg zh~6!TG4PwjF9Q}4hyNO2SC(t)ScogNmiHRGZ>!6&_V#7{;)oiPi}FKbu2jR;o;5X>Cehli2&zgPTraPaIt=^#Sfyo}V_{TB~(2N7cl~V0NAbqNRuH zqt>@asEcA>+i|Hfy{aD{b_DFchNs}v{{wKtB4r>7ALoFZNqvAvD48bO@b8$C9246#us3|xVf&l7wR~Ud?@z;gBs#2 zQ{_qS^!c9FE1eHi8+HLo`#Rs}8{ZfQqmSnNVNP>8u1)oK@27u9wHzldQvSq{U;2wy z;h1<{2s??&au!?6Qo)!itSP$Rr&dPdK;!V$Kox<@Czhmb%hNJ~2 zA==;BO+Y0))V11u(}5k@M$MU>haZhfAXdq9Tbg-L&; zw!ApQon)5~3%`itPi6Giy4iTb2xy2jjS&luVW$3QG|j=TL8!X{gVQ)yIc^bmASblH zy?|z2kAr#qco}YF^dp4k^5K|*?dbX88rhX6Jcl2FL?folX%uji!9D7u{P%+cue$UC zcVjHF_s%7d4qR2ZSaK^c7-+U3GZH(!ZW&xgp=Vwbvhh_dInD*)yVq$xZ-qq=-r^lD zM@gQHd|KpZUn78|a2V(x;!@Y<>Bm-#_OG6CWq~LHcfdPnqDq{DYi0pCV&M{PQxwV1 z=XxfiLJ3ow_ZO%{_!wT*0x}CS67t;MlP2-UUx|2fxA@;STsTa?lO1v&_6&>=eKWy% z+{7vg6ij5X5v{UX%`6QWaPN2;k5z?B;XazC5=Ah zqkK;?CSJmJ6r02T5yL!%uqKw-jY(rY*ei_?8;Gy_JW>4^|Ls$y9i6wYLgwSKkr1p9 z_dW$T{JpJG9yS)u{gx9405}!>JwLRZ;rpo(fZVt8cLCI1{`&?s$HhCv9e@oZa|BJjD;mI%QsX%?0rWn6Dw0<(u^YbEV6a zOyI*0d2iZi{5c|klhy&0XGm$eC0E${!D_Y^bO`Q?Fha6xTn|o>WNDrN;BI|5q~mCG z7!qCs-g%s1^_3>jzVR;u8b2r%lwyta0)R4m8f-(mvCxe$|In`#?i^}LC8Q+iletcV zI4EB65691?3t=JZJ^H_PzMcBdu@T$njhE-@7h52Zmh#vAl((Dg=(|!EV@{(fgH3*)E^XQic#xxb`jRBZ5^<fy`o-y7;jn8(qyw#3VE&oWcG(PPryb3V_n|Nhtgth7qTixy0=TioGD7%`ECGey!n zU}T2l)TMq{0nl6q+t0D)__W}!&;tW5&nJCnqp{lTj-Mc;GmS7G{@5ZOs|cN=vChq1 zSw4MKR3@WE^z?K0iE^#V*@wRfkCXm$%kePm?^-mJzom4lMH=MbtoBjO)t4f^d_b0k zG?$G+EVy(IWKt_o?)Z2T^=fC5f@!f@ElJ%*_7u}zFR#+%LOdDaK7NSbP^_;xZVG2i zG3I_c@`NV@F7MVEB^W|N?ZrohhIii2pj3vNDQt>h8jY-Of{8Wh?Xcj(Nu5JKg4k>i z=e$?ki1ouQm6ST>D|%W1n~@9b70oAOy+)$Ech%|ULszgI zZ@0tj>AaqQ=4z?rzuIm?%loV+Q|0wRo3t>7-UXm1GDSU@ZuiQSAsk(6lCEcJU|k;_T2(r zYE}+`aZJ8s-}P1rLZR@=1xOycOy%3`ebn8EFA327wAW1RVIO;%B>Gs{AJEG?^BE~xQ zLKKy2H*OsCKnO^7vLnI-Ii%b|)jN=K!>a zLPTe4Zjm9(S7!Cq)#HmHuhbCFxF?LH@246U&WrcfQ*ED3@XNpYXnp;oa(_&CfvjsT zKDlC-LEdxd3X59*U^6XXQRhAV0E(MCc&ZpVP8O2(uQ4R%HXd3|w`&>DO!#Np%_ByM z4vl-E|CMKnv9Gu9;(;ejIjG$^0_fZ*O_8hemQHP}-PPbZ8m^iA0ou2cfL`i&zAeA7 zB)w0+RKxU1%{23Lde4g_(d3Qx?)<04D4UyW+-L|U_4$?^xl*Tk;QbZh^o=VO*RlQL z$#~ia06qLvfkZMPp#4rQR?*6A3_r5D4VlTh$8H&nHokP&i*aN2;$vko7-#2XPrwUN&9pelkPKg3;#<`AJGF|1|%c6wG z1B#sPLnbv^Hjd|;Lf4%;JD^P6C4(D=WeW&x;4r!q^SQf9YuuAS&kX^6{;4#EWu2lj0&H}A?Nq^&WnmiAubuhP){F8tA5re z4eZ}ZqtKr^YkV#}yQpeTTkAf3(^X-%VCrofc>4X$CLrJ9PEIHdhej7*0luE8@R`X0 zcSL8b?2QUZF!k@D&40~e%aQjSrV63%mZo&s{K74k!q4rvetb}nvs7oLHp%iKwZ;hi zR3M*e`x~hI=y&3L8R$a$M;e>fNi8n{tYMaJBC~T8Xd970C4XH*`xo`zas{s_PTNo_qa#Mp#~VWxh*OD0OipemPf%97b?&$ZdwcnQwb zb}7}l+4(BRc@Lva^ZZ(IccCU&yrjt@3*FdUS1}Ae1{cxKdZV{iM7*muVkS1P_@%qNdjX9ET2vkST>{DI!2UX*Vg zW{dzJT$>>x83vtdY31({W2r_Bsk9cQ8c;&?s>51}uILJc#h10XR|%TiZB^P?#puHF zq#epK;iA1Rkyj}RJen`*n4#1hr-E02>)n<5DHH;_sg;>UoogEQDJlC=74qy8({{Tw zCH4Blp3|i~|9KW+(u@Oldi6Er*GaAK1YsPFo?C7##m-*vVBxekVUp8F0yqZ9F6mNN zKk|@2m4}bL#(AkWEcV3nOVFzmTht`^rN476cT8~0?PVnJ3s%4s6%|j8h z0Gc7AT;3p78_B20bN7d{f!vy^y?W?K%=;)jw*Hx1g|ja>x}i20>GQ4bHNVrjwiCM( zxi;fjLK8D>{5rb2$D)a0Jm)#%y<0!G_kOtn96un2hNU-JZKfk{IS8F4^HLQ5S26z| zzI5uxtoQMhx9eM;h621|F|Gp87Sil67UOPK!G`r3_UvA}%?U>tR`S+Y_f$!Go}<0$ z7@3@ot$Yt(5{^(adHLmJ)I%VGJZmz8S-TSvE7USetqqF|zMCU_*8=i(4pS2xE8_PL z>2$=l)-E93tE97u8HcGKE}FgNHV03FYZC8PJx(Gy<49dcKlQf}F5TP+Fb|nV($>q1 zM?agwp?M=5*WWYalz(mT^|DQ4jw2n2Cf)aQ-;w6wE?;Y$lWg~{51zGD$U|0o`Bz)AwtPPS zmFEMlBlP^AFBKkocBN7g;z(~Y=jFz0B7G|SrskJ@@6&BGI~d8L6LN+mh+0?kB}YPE zO$zB-zkuF-sY84eO)?YxbxkF-FzxO{pf4C{c0FBh7EjgO1qs@s5QW1NWM0z%c79tB z^F`kQb9O5?8i$7!`SSF7Ut}pIgwR32Iujk+R`2Ki#vE+j6xbV>_AAfCq@@ghvnP4m z`3g1ffm4p>s8;>^&5Ea;3_YG!Xc$ntquRd2)fwIMg*5m^Ff{KKeAk>YLNG3nymr{j zPuA4xme8Y8p?J2}R}gKon4;u3T2-ykJ({$H+?g+okL!2bjo2LmX_kpTTaWY2pJhqu z9{WG4F2{aTtXuz#rzqREe>vqtWWn(>k8ncxpAq!`gwnf|{-|lZ+)1qN16`WQZ#k=e zJm0L{r+BVazI11|F|H~Rrs`E%>XGuA*s@cHf2V{Tcy()7Y}W5&EpI@Y3nk~lzv3aY z1~sT9rnY<*?0q^rcUa(S8@bF1F3WztJ)mtl%SLuNlh>_6ZV7}yCuguyQhvU)nYr`S zQm;zg54K5VnhCgO4hTm79lk_x;c5 zDSlOw{Ojj7yD|*tdz1FOTvNl?i-zZ_6@EzJ*XuIa*@5~E8qb?BGNTzBl1GkoT#Svq z50ImX3A<8bpL^>Vd>T zS?EIm@3lMx=ngs2O=F~^i%_-rprfE*-|GWwQ+Lr`Nj!~zw<=;}GSBgJ)Vb@9SBu6; zSKT%`0_!>F*^J>=EgA<8-5S3@m!_;li9tvij>f~53GWBuf(dtf7g%&M-Zjf%vA9q= zRMez-|g2?6@I!x}Z*y3}hB2U14{qB_yl`+bpb({~~`Txe+X z9KrA+!=u3)?+(tLQ3~X{**Bzz5r{vR+Vvt{aV^_=FO8cL)*s#UJRwO>X2v!C+=pPS z^qS5%g|>MHey^@2D0EzXdW58_N6Uo(7L8wu_! z(`wL6>>EyHTdsG~dH^z!L{>XfnNPLLK9D2ZmbY*Xu7~pmzukUmjK^Pe6}|fwe>Eg9 z8P#bIhdLGm*JJBzTjC8%T33e_)28Y&|J1SCW>H~n>wbEoZ1;WMsDTGzKjjUs>lbiP z9406|7;_Y<9HgvxQXl{&v;vCh>8TD4oIwWqndge{D(S)1Q~mQZW_2#gc^kPgp1R8x zm}6xi6_XBM15X*ZojKRSODO4Z+77QdOR8^qL*TIt`kI)BduN^(IKNh+%{5I{SRuc7 z3j5MzGKBBV3O-X-96UEK!Xq#RG+r=C|FZE_X~RHVd0u1$7_TA(Pv@)rchB}_Almo4 zSRlGX8kto@AN~~<*C1qMu_9gxOhKRL^{C^EbIN_+$CWylp4B-n7K?@UPUrZ{)Fp+~ zUr*ZC0z-$H_9sgLR~;I)Bjt}h->Y^~_KNT9=0pDc*qVj?%0s_?{i?H&r|f*EwU;1& zZ4?FV{2H!8z)~d`^HKhGnW^W|X+nc#sV)3H6&mkk$~J8FF>Eu@4dM1OluscIK$V(D zrXgIrbA2Ga8iT|y#l(BT1Zpz!6o0oKKBrgHL^aybC8C)TFf#aR8uQUM4O$%t&I*|}7vdBkL)u-MR}-1=rieXH^g_PJ628|Y$Y@hSH*s0S zsid9P0XUX23=h2+@{N{2tu*;;CUsW^VpG@isO$T9CD$uqKn}V4TH%#nw%_k976^Kt z^LZu zoJUsP>SP({^Gy}j_FwJVTX1_r4&g6N2ArAuaP;HQya{`N1Zj8ENvg9kIlAO zENsZ+`SF`wGw+xVdSIsc9PqJ~Vbj#(ZFat2{HbIymFlnpy_77n3DF+0WqgWiIP>vZ zu!i&=4H+?hNA0MBjSlq$(<*h|Q7TC(CvxX;&OJfEdveo*K7;}4Ec>^+9C;W!r~&{q z!RgPfqpDMo*pM+V2tqI3FjM=7CNM#dH*0p^9%L&T0?H$RzUMjsPra(aWx^GN{QM4V zm+`kbeb8fL5{R+MPV64T&+@k>FA_7ZO)SGESKYnmg{3&o z;xVagi1gI!Fs)9#(60HtN5W9h%5+L4w5l5=s;S zdmzL%12;+N!&2_2qr=Ja7okge_lQzoXrT1Z_Yo9y7cZ_njmgR;6}HL{sN zg4&i~=qU?z;z`7H#^ZZRY|5n6sb2A=~(gycShT#j=cnyNIni0N%w$9gb+4^ zaA*D-bemkZqbbWJ2`4Q^qwhDXz8yLMnN|D8(mW$lWdS|s85P?FhXF#fg@v={hbhI_ zoL^&J+iX=wIT$A%b1i9X>$MhBIT1P@2c!1u;y))19Pbiol+_z0dCPx0`M(LDaubZ+ zr+D0dUwtSr;&w7W4GddN8tBKIbrMYDakX`-nSVc}rtFmZ9dzCb)9~Dl)4n#kdV5xu zj@KyPEImoX_U*p8&1toY(DKjv=)Y1^N|Js7{1puNpHlFpO9+<5q=bf6TeF*VtUsJs zKAe*|9(rF$P%PKuqE1AJrc!-bjWb^(5dvokbu zpVPz%af3Y9lZ|aBm4{IZwnM;|D9~}d?qwGXFO_y!Qd{NvFbm6gQRQwI%j#k8AnjpU zP$7rS-&f-bed)Y{cr$>S&fWj0zLQ)|SpWe9qAQgDHVkKX# z7zmD``IS>PR&Q6rkTD>-^Z{e+%j%yx9|57y@*f07MOF{e^{S1-SPnEhB2G`xpIfX# zOyCBe`6eD&=UM3$sBOsMDO)LcEO`gRN+#CDXy8D+w6en4U=YWNmH0z42(tJ$_&E1)q4TwiN@a zbZkw0^GtGeSUoIpOF+xudd$YH6>rqVNoCWDRMcJOPNt!!M&dix7mm+X_`|vYRjF@c zDql5W%ts^7Xsm(GA7^DnH{~w-0zux^MSgj0%a)TU(y`ieYU5xLOCb=V!$&~x+BaS>A3K2Goi~yI_|e9#3JfaVPwTng z53}bS^x(TNrv=);>iDUmUO3A{IxjD71#PGT8wQfCd3TkFQG41dEjW|vMZ?mqS<4sK zzlnR=43Q*%bQctgPUp^lPpJ@DGB08J&{P&UMC#7G>}c?YWG_0fuF+L*2Rbt$c%5X6 zJqKk$MfI?#lJB;4bH@}ktVnT$Ah|HS^2W<67^qO)3ws3nui+Ly9W*3ox*Az-25{w3+_cRLL(x5fzW7jUty`e%b@<`iC^ zALrf2qE@@0d!a`?;#AK|2i2-AI!fDE9n$USnwR9Mj!Vk6+B2BE`JC9wD{Mv}M-TVL z7Zc7ti^-)YWDeZiW86CF^7T=xYK23aF~}|+jw*+A&}ju|=@vSZ*dMgx_Ny7r$oj&| z$>wXAnof`q5Om)?4m`HeDjm`_?iSzP(@7teUaYLBHRt&_g}fjl+IDrJ>P?lYIDALd zU#)hXa@5IM5VX$vY#6@%G4##Nnp7OaSD}5g+dX*N;gb7V8}ZxyF}s|eTOQPg z(yYMw_R2Dt18wbBmCI*K?9+VKzE9Jyu(#*6OraN8n`<89 zRtjo%lFCE9oH1qQ4wc1SKh0GX3Vz0gPXF`tIDqL7#Pn0e#l?{{-*SbfQUEp`5YR9b zDNcFx+LtHoy+wSPdR6yZe1ltzuqva0#RaoWLXF87%DWbUZbS?Xm}=rAN!X)p5KR?> z?}`~69~}U|l#UhX67Xh(memiyUc|G1;|@nakXBF_Rc(SP_!@<=%RK&mG6K_k?B2z*lB8`yx+c7rc8)(umcLP(^Aa z@pa)_puKhwbF5*P>9i3*c>4Ng_FEZ`wW^;9Sr65Z8+$y)Lu%$y5yJYBuEKYq!=C1= zBE6J6{@2l^W8U`o1$pakDlj2^unjo^kooVG0_H^Wg)MMQ!2x*x7I`lZ7^@I#-l|^s zJ!Eqf$8p`LC4!o}8Nuiq)kyUL?MLZNkAF-u{840j>;bgx`1pffbNS)t_v9S z>&*oDMWDBuAoS%c7*1GG({Ll+vtEpPpGOal^jmi4{ZBk6trtsRpnrZIC?apOjyM27 z$vC=h2G1ka+d&eE=t7Zj@92NLhWjY6Dkl{R_k5$h|0|0~=)gnX6`0^JfZ!oPPHIC^ zjvJA__Uk?*gil7GdjpM+PJwE{e*FfAw5tXsYOQfxu+w2=KYskEFEjaW4c`2bUQ|Zw z9o^}ZcbvUpKo%6>B%+OM0Dgh=OyPD0(STPZR;qwjLu%X{>_N29E+rTZ9wH{rLo}k9 ze9wkLMtETh_ohL3ZO~~FNQ$q$Pe-c({g7uN%SC|X^pNThEL>Z{VJzUZQ^%KzYn6U~ z)n(KuRhj*7@xUh2JFjr$s&2-JfMQkiuxVSBD;E*%*XNSf$2jUjTRbhDh{o{IZWZA|#!Wk+KaqsX5Uk{RNsoIW%=at{{sB(mP(x1;d6&i_Bahe=@Nc1T?rS zzGatBP5~6`uaIAScRcw)*R%bbV&O4AbDL`1b=3liW$LOLn2Ny=3tuPRgnS#NSjHS; zw~^ct*>zcMuwI!yvZ-5Fq_m&i6}*&SF=U+fb&@gGG%N5ol|ly(3fE-2{R)Z>mN}8x z5q)0H=ZqV|vkvSQe+Kgg9;7Rienddcy;|VsFq=^dB{N$G+o63NbsPuZzq0pUf=TWV zq+Xze!0{O!?!Qj>vsU}(7X63Gn0+L(&;E7SpU}+Zi#V<4D?c5QvVrUa$nv~R!}O(o z3M#-1Z4h8A-!sxneAi_kPoH%DX!qafW?e5i`Oy2rkCPa3{qao#g1dzV;llzZ3NMB* z`oi(L-S^^g*fu4beQ;I2VyS8<8c@7~aq>2@ad3jy<|C85ige;)M=Sq=iO1i*d|3a% zlqVLZ8GcCKukQ*(Y|aavz4l70k|0N@nSxc!iM{`|F3oMpYu#iwf5Xec2iE$NgDI>y z;oflOnTuL~(~}JIdNdl(@CEjRob#M?Q(yI%#7Q*yZ6h*-w@qnB)PJlP{~y0+VL*SB zmbN)wYEsn*Tg@O7iUY@zh>%LZ$CDtQel6A)>O>UIMgEyD2XwJM+6tXjVgjHGy{7`u zg}!A9u6h^J^vaA4VRF(32PPkU$Kkn;E^yG$QZ_QdhZKI#5wP)e`6^Pxxja@Zg9C;6 zs7UN)?KUw3SJM3zGGf}j5c?y^EC~kO^_py${T;g}Oiq`0-eUIJc)p9c_X80pF(rYM z8_OF{c1#~+CL|l4mA6{%15Lv_$sa0pY>N_~-@UHkuekR$6tuVdpe^Cnm zVgHMil>o6wy_%&gfK%H(z(p$z8~Zi=sP&7|c2VecE~z9F!>)B|>y+jTj@ zOB^Wg4sJcn6`F;7D``&hR>&qub=*x z-T7xB@DGEI|Fd|B;IFU>2s;3?e8ul@G4Ieoh$Zry@}zRG$a%-W;e_{E8*pdom#44}ISieo5Au z_$y?8#I%dcfpd~q0HB-+LxUalFEL zk@xD2oNMz`x|7+et1uii8UePD82YroP{>4TX7omRuFu9!WMFhoG;3rylutMtGifAR zs305~96bEOjko*>M0NRYWoM~*MrB52Z~u7zxOjgjs8|`G6dyb9a7LYJ$nelD6QI$^ zQy_BC+z}2L%r=$&WM1w}jrKw3vnFGXPg64ocFT-FDPt60Gm*_)5$>5g)<@x5_3SIO zC%lb?tPP6^7UB8%GG|b&@AN=p%D=L|{)ZLu7(aAujb<`+8qMf%+ot1?LFQeQ2yU`m ztGDDtZDBQARpf%%VD-s&eeJ|bqWfcIqgiADpasc`Clw)lCq_9RM>aGoUe$qF_3pcc zb^F0oWvXs>1R*?6wdC;OlHXJ{gD^&?m8j4!Li==Tg zuSwIReX>bK1Ge_7-9*9$!?m$k_pd?w!*C(};(XBGz%aL;#XF;z=ki$S?h$ehv189O{|9^iXQC`ADwDyJ; ztG)+|ws;AalR0pazcrX-u1~LVD2`0qr`pXdHQpJOH8qg)6YgUc@V`FQi4F%4$I^|^ zCw#@VioQyG`wlZs^Y%QM2Zt%=3Q)?EKP~zM{lg&7+Fq=pa9ES)e12*{&Nky@ch)+eKLFZ+()=Om& z;!jTAwBtB{mzh8+8Xj?JFy||Aa5B!%UE3i;C{aC2GwE{VbMsykLa=E1EjVLz`VkHX zIi$}8OYS#i^51wC?_QEoR})|ud}KF`4qvPYQO+GjV}&k?U%Ht1&Z+fI8VZv(n&L?D zuw+#VJ(-44^<-&(2`=Tz@}2EU2ZA|dRLoM)7DoTd&e`~iaC8iZ$y{BNaxX`Lg?II} zUP>8BvPuw~(AxIfIAt4dR4jtGup%QQoIxdE2WQQo4TJPqS*0%GZq|+GCwuW)0OfE# z7?h(` z!J@WRx#=g{uOAfs6Y1$+68!yhk=X-?jgT)U^&4Xl;IMEZFilepf zc4gBTVkiJc#DVy0>g%mJMa3DBe#MDV6_KEb1#={c#9SS-S1V19XTnu`gRO8Ug^Lk5 z!j@33D;Hr7c=ArQ2&2F&(Ft3qzMipeT4d#ySR`4g+864)Uoc;$_BoTk(p&g-*%rfLuObk%(U@}D5zvnAL3KV+Np)8AX2{vL zL7{V45sCShghxoEQmy>O**{3Kf)pHNv$+KWl1t3wWTwg%%2@4b~aXyMEj|z4a{GI2xlNQEzM%ce|U7RaH2) z+Ez)AVYu@!f_It9-_-YUe#)z_s6`4N3j&DaP}Jd)|5tm$p*-{{ozL<=ay;hdqw8p)WTH^vLWocBB#4LL_~&bvv96r zA&$N!*Pg09ykwD=nQ{?_$`XC=kvWhX2IxMerQ|(Z1>k;;ZWc5(=fe0K8Z5SR7hSWeMFbYA!phWL2qFtm0-5ve5SA!l!(ix>8(Ca z+C?sGj7M16xC!bg@;R8u&u;;WJ@nY!BHVwR>C5iUDO#i@ZL;$YS|r|FQn5VDM?Jw} z{!f9_-rL=Mg-{30eRUB-bG&P5MO*io65aJW+ZFuLA$}7SpQc}}ZL61nS8ZrNJ*+D4 z7Zqh^)6K}TFe&yZmwYGf4`800mlIu;`KK-t{J#}fuDD>w#lYONcwSLc83fO2N7VN* zYO!_UH02E-tTGNUx@LhqRGOAKT?ZOQ@1aa*u#xHJDAS;JebA?NWxZv9LF}SRO9CZn z#{>c{H$mExV()8R$Msh0h0EqK?_3>DvvpD$hVQJ4%axD%Xep@-0Rv?wUFHmKHl@^P z?)qUT*OM5cr~0HX|B9LO-z?(lK+#_MqoNa_Mtw!EC(#XhK|SA8LnK435F$2hg5V2S zm*8iv_iU9oA?Q4GFg*qnnz@maZz-+fV!<02c{Mdg!-bP`b5u-x&!u~F$?7Z>Sqi^s zX}9W<=VI>WO-IuOw!N!G{>BXv12^hVjB&bAw7XupOR4L$mzYM{Ke2*xZoRO?iLNg* z;s8Z-Xv^@W3acH@2K6|N6DdTj){2mQlXw1t@ZcJZ(Lc5@f=$=0F`@SDgPnhA^S!2C zi+CM9mzc=q-!r{{J__P^8H(l%Gfs3j5_nW<-mr6s^Wu?<-jGQ77EnMe4`bP>FB5;p zQfW3}(Y@nYtHe!QsSOjMo7=~pwrpLK$*teNDeae?j z@OL!eZ_Vf@_992f+awJg_NRm21Qiz{_PPsuj!jG3(B^Ie%>zJ0i~F=QKHRxgRD>h2 z8CGsn6Din@TNDV^zoOSK!1u;8w?8Hq^F3f74KgCG1CU+I%W2d@>G(@!t$=Yr6IFpT`iQ5OSn>88Cj zg;7iv=%V-GvC4a&6@ru&mK7&FdCURS{2ej69!-Pz4&Eh}oo$?;VN7A6(v*xibXHzY zw7=ZnzhCr6M^oq;izURW<3WWL55*xNKycv?us9nZCk51&d3uaN%=S6pgo5WsmlFrb zoYkFZlWktsba>5UAOiRl!jeUB!4B=+8p_!XeuQ z_HjbeF>pt!liZwMkMM1^n`@XQR{x4|N{h97yY zrr{KdI4#Ww>emf;Xun0^)t8y3+Hb3SRr19zee)$R!%{9WQ%^vs+Nr{(OPZ2p>0NnA zfbw@t+6(wdKfhl=^Z?43w(NNALKc9I*{R_G&9;$EA_{~gXxw;Yc)tb-ux!l4cm{Gd zoWuz%Y_;g3jX#rowl+8;my(r6jGJ&nAw#PI|0*dz<26sw+QL!}aVJM5`-`{k-%G^H zH*j1~jQ{nZ4SY1ux=ul_6~YjcVYm;~4%>!qBONb^67 zemiH==rOXes`ReXU6JoZMhqORsUv-u9C7HAf_i%=PRvvIBJ0&1_I}Y(aDN->XO>6( zn;Z8ZCj+iJ;i6i5vBpIY6_D@xcFBO{($7J(heWV%!oKLs8cR}c4kLnPOt|?-?nY&( z7_4}?$e0M)LS-;!W-PHIHvQY#DkJA{^Dr#O3q<3^%T%Ke$k!tOx1Il!Q^1T34dwFb zeKonLT`=#@-30M8*tJSdY`FP>-QQ2)5-&yy^<8whI?^R+Z~^n~Xt=qWa-xPU)Yt%Y zH?FgxHWr5PoC-QF6gpkGy7yIVC<9Q)kKM0f{d>|FD~O9$X)IpM#`-yzWYY*xx-igO zy)WQ;VH84Cy8Zk@0&@iNtHKdw+w?a@oK%rs1-(Q?FArDi*lDXiPJM>IO*tzvkHDI6 zHBq_pBN^7J?M-ZJI{W$((u(+Ts6bLmqsf(}VE`ci%as@?qH_6L4+)JP3JVLX%hJ*b zSa7d|12*$k?@pHKb9L`YN#hBa6yDaDiY+`o=( zXh{CeLqyw#rcaHd_&EIo*8yDl84KszhImF`QNE{egiM?ua6fVO*v=^R0dA7+%xPF8 z>Eb+rob=*wrZE=uErxa4ysoOF8T?y{?=11_)zLTJM%RG%>*l28bbX3st%ReftbGhv zvPTi9r2ock#fb>kh4%|N7z1HXoDmuU771Wf@yJ5Xdo$n(vB)+bJUOX~U6`|M(p!EM zlJ=}^#?l)uyiNJu4d)3}W3}p8LtdB{{4i`?1>Q=-O4e&K?d08N(xsiL*+!x^`(Fg? z|7SizFc0n2Mex%^jvNDK8Wsym!5}eU^NiCZ3UhOgN;#*Ol!!%i%?a=%;R{=#;9fD$)!AtQks zNpn&D?cVEw@P<0 zu?#`+WUpBohNrTmS#t)3&Ly*XCw7D+`rzDQMaA}hypIT=FkqJpC0kZyCv*JtTezUl ziKo$e&3&g}&ilEo&@reTGQz)7tyDYUfCveRgV$`A=5)UyqJ7%#Y#Y zWkO6%k0E(n#-L-i0*mlydp@&^8nZ}#=#l#HMSErGy64AA2+= zY7bIFm^o2w;C@RGRH;I_$e_Nn=U+GapI1l|{D`Q;QWE!qa$7H0T+}0FwlVBft1#?-#c^%;NQkLm@}y&y z5rBVtO?#1{eceiIC`^F-YbkACKnXbVfu$<5sg|6rA0=@xIT-XZ7F+%oVQN|=|a z<8#y|4tA9E^I_uOI~qyiX?RXTB$Xt%xfbdBu{TuL$q*OKAdkVlQu9lxdO3?cu1onO zet0fruBykpG6opgh|zkXE78JmYXT(9bor2Ga`h2JG@mr)oUql4HY#$==6nC zoFC7QRNKv=IB*geoktIijwEcAs19w?d^MUR;vxCFZjKsMG5%z>L{F`ZBS>gsF<2da zEBR+OPq$Afmcv7+;|`}x%lfaxjcZE5>>Q3b=H+_PfF#G9rg;_bU7k7kx36mysZhog z(Ifm?$jGqCl6!KF^2~SCeJEW%O38jW4o6I)PdL(IA9~_z5g##Nq2rPGtu9sA%;eqT zc6)v19IpRl_W#dx02(zAIWkc7Wdl<&L}r9`#!_-qwQF1qFx-fgzjrH>V^r z(%!HnbNf@T_k`Gc0Ov_BMWK2?pGir1e8NEVuedSP|SuU z1tr3}J|QQ4N^t^`*4N+vv9Ff)!v6Adun%!3{~G-IqG+PEtxl!6r6rB=>+A&Z6QB0~ zD0|DOy1H&jI3W<+A-G#`5AN>n4himZa7%D^m*B3!4jO`c@Zj$54!!BV_jca?p8Ivb zKNw^G;EZv`UhAwiXI0IrxZG&f_#*Qx4aJXNFcaevGS-)%8vosbUXoZ40>GKO1Azkx zpCGvB4OOQl$t%QcE)0y$%+g|mqGl*@_9J__(jtm74i>imBV0%rksHIG% z`4SZmi&jc%V7Ub>_ivt`f)GN)s~FU{RH9eBtf+cobiqA7sCo3J_>M^E>;wg$c*=QU z&_AP-2)=$FPS{TDU#A3^Bs8M3ZalN&oQ*Z_wnPRW6b%+w!56oNvi1-Ss6dtJ#`N#@ zRj+WFeHf}5)#vWe->7@E=eaO z^KvgMj2vYKBS67z1aG~#p#IHM@-143ECf(3j}w##_Ok}}qda_z>0(1X(qzf^yXgPS ze`YEM+#6gwNo2WOhUN^WAJZL_ph+Y|-ty3TaMEZ$bs5EmLP{Dw!nB_M=%cWcE|Jyx zWT0HjTF}@>az!;Z80rd=E^h|Ow>Z`$nWdih{@B?XK7PV=S8J{b5UvAMYXZDMJT zVjwkDnWa&?vxIy^fV@CcU?G7A$q70tJX^@B$xrEV+RjK2YBs{yN>W8FOjfg=%D)}5F zIsSn@icJGggA63fqlpjEuU5XRuP{qV37}dISq<>>CbR#>nZ|?)Q%orNA|`^B|AG>VdGBX##xEHB8UF)`y7LT? z?eRWxuEdLcIQklbYyg*XF*b=A*g)1i9CFF&V@wUucdIk$pqY}X|1vfz!Fq7wrV;Pw z37ZTdhcKHasi~;c$MX9qH8hkYi%DlJRLldCX29nyMG9r6fuW0$bzz(e*J2>#q-5`t z$2Kya*)*0?YZMECUaQ5%tRP~o^ND~X$n!MG*MSO(8kJW`Qd6c=Nn%tC?k$*bJN}A4 zf7^gcZi;~=9hjt`)vj2p){mWc#M#`u8CQu_1AAsl*GA)fD8$3f(DX5BIGY-i_Jfp% zk34xM+-TsxahVFo_^CL2Es zZkejL&YDzk%rvX;S=bxzbz7hmj>2~ zrso;-j*jlbL$Se-5~5_X?c~&4TDXPa2^e@Y{SM&v9@huWkz0} zu+#&+HV)@swUp~k!NVQzZIL0F(lgfQpdUo8Oo-0!SCtU;u@@YXw%MD zhhr-M@Dm~W4L(APnxWg-Z|1qiXLc8^!+3tg*~Q5@fWUl^y<5iOkgm$pShe2WJy!QO zivAhuFzbX@H%#K~LEp&1o@&){6DPu*rZaqyut-Op!K~I3tsyzRzeTCaCXPdZM;17Z z8CPa30z<|~r7Zf?9l?glBR_6GR={#Y8HUjr0Gw_A2|4{=9t?LOadC0;YihYaph-KHG^sI;{$4|>KYE3P~vB+1pefaPK1>@W)|5M=V$W2Z|B z4V{Qe&Wuso+PF1gIFlM`vQW}eKdPIGqBz|+{5U#U*~Mg7gTzExyOgW_Y*CD>dQEQb zdg{VM_bbM3yB8ml)gZVHy5LT@0^i#+xVyK{(i;&gl6_4%JB+d=!k&elQR5)lR@;KD6WEZuzbQ;YGgEDkr{u*8K3q4wPcHU=bx5_n@uW)0L2g<7#O(0RBFFl zyK-o)85MS)`63uBmI(1vRjx>2f)^jgG2+|n56WKLNU5vHgp>hPRC`;?^#R`Q%SCnL z^jo>iiSla{MBM$JYQcV?IKghTkC_5PeT%u9n+=(0=vcH|@l;Z4mnDVrU+48^GdXQ4 zH+V5oOh0JN%ns0~maFx3XI0t`d>rKHTlHge(OrBFc5yV{Fm*AlTSUDmE8NZcXwj}o zMb&u1Ogg}cDL_gx<*Z;6!IeCWF)#y8S^Gss=(=zhN)Z;t&Vu(<+xx=rW!Sl?1Ca_>@CzG>Cl|1 zmBBcv&X_pIp-YcwHaZkLa)RsNB<~(7+u~RvtJfyW0$1^Sa+{d{|GjpUb%XG{J_L#< zw=Vk>cB`av%^Km{>5tGQ1qD5u?OADQX}UdaZEb*UH|1QTUG`npeVSEe?BJmE>~rW% zt^woc?y%p;p=pV!izOUi|JXMzFzKiice$u%xb2X!n91fC2V~3+aZ|1X2nW}1{P3{G zTKA6&;^iSdu)u~CfOx&mTOuZ5%pg$Ee<7kGg(;0I?OXn#pzl4iZ*(qeF=~c`D67&p zg8XLYN)*#&XFbjI8;e|<0I^8FMsr^wD^ca-IM&3@R>fgM%Slh8Qj=V6$BLZtlQ`u_ zNz&e|F3Ge8eR4V4Q$eWDuic~L*wG|)OlC?+1G`*)k9ynkP5D$hcU;nDuW{W}ho{6i z_7cfB7FO~q<66!s8;9O`HI|o#8_5Q4K9#x>2+(a_@ z#Rhj}m2aAflFc1HHs=UBOQ7%x_hA_F3&{(2E5r)}C3sI|I7du4-)fIYy<}nA&kF!H z2qBoZ7;*OsFx+O7B({bXElXh}lYjVb7DaN5?W=1s|EcQsXCiwuzETE_H(U(QiuOyq7~9qa=|>|}@ZWGLiYer( z&n|;0tL-AelsZ!4`3(FHKJES)Qkeu+eNq{qS1NS}$!Su8$Y zg7sB%eB=-zSJ)bwjDu9njXbBV^FLae*G=stV`Lrb4FQtx?m-$~Hv~WAqKEX4?-duP zS`fXe9Dd%Snp>H($cNROozbX9IC#f|$jGbK7{|dbdHK8;ZMdbB3;$ZzQj5!o%~{K8 zA*bN!Lg1w)lcPyuOh_n4*!Y=}mTpsd(p{&T+G^hb6!eng5f+6+oK)gvP8<1i)41>3 z$3nzG!amPDa-?~zZaq`Gd&St=C-6~0kb-Y)Ls8JSHIk&Py@GW2k0vFm zjzd|DQu8i*t#$Oi;g{JZ41}8weO<6ihQsq;&_?cmB4glVb8m4+3+L>w(?c~XJ*67>?lKNNjxnjrOJj5i zu+Rd+U8v-TV&xX5lxj53>v-h|u&7m?jkf+9MhqCSb+O?)Pvb_fTv4HY7;6Og#$#jA zyV6lR+aO;<96g@)Y@E-;ia$vYy3T)R2tlqCAaRnJ*nC;!R-1_T@-3)2kS%+BI=M~- zJ)6pvco{mZZk#T$%KZJ#fqGLo@{O!kSa|prFi4-r&DKOMZk6yWG}#bjy66AMP2+J8 zLCg?PX-*CfmK^W+vEI!?6w76@;yW#|txM*i4se6IkK8J=pFY6qPIV6Rb%&3N^?5Vr z<{682%yNQH$?OfgD9NtBeXmx{L`8kiE#Jj2(bt2$(*=pR5)m_MQ-3wFuo08Hr$SMd zZ{CkyPoF)mV5}YH?#2P(u(92j9Yos|}XzFili7_@TU7=XM!c(Fj9FO~`{RCO+i5MVR4Q1TM8JlFlhz4(_u_R3jHN_k2=qV1O}(3_n+ zX8ng!C4_2ABIKTjtMC8i{ly51qWYDs1BO{tW4sp;clz8Z@!``a!{eX~ajc9KSmQ2| z|F!#Q0+xZ@SK-9s-qE$*%}W)_VFd>;R2j|q7?E**fLd(1cm2B)V(Aak4^Ss!&Jx{h4o+N37L7ZNV!$7;$B1L9=f#ya zW1VQ2o_*$&!8UpEcUB4tF>P(_&pYy%{+3zk>9p`4=wh&$94Nis0G@``_&lItFUj62 zJHS?op`S4s=>9eV_aJ2r4XUN3rMQd?I+-N8*t)v9Ap+BD0s$Z0(_PikT{B>k;w$oj zKlw0le|ZC5hweWB|5uEZvwQA#4Uu3DcJ|ae)6btnM7sP>mfIHa@rZ~Rfg$(ADb+DX z1PGjW2mdIQgcSb{?jpg`X_ouA`B>++2#Vcto$1dBKbk05Z~q$MhW^Y+(f*>XPuB#uf<1a2HYLzDPga@vV^-I(~fGn*~ zP>113C19|r%pN*89P0{2^ydty=rfTfXE0TMeBPQGT4|{fG03(#Ot6*6=0Y0w;^H%w z#oh>QMvAU!b!ZxI5^b>Ta9|#H9D4Nf&)ZZ~Y21j*C_iBe7CUI;y7_dP^%E@Sc3hdI zFC`U{2o*p1#ok_s!A>xZ*iG%z_II4H}f5N(L40s)BBwFa}_yY<{(vqt_i^N zbI{Y!rmXv+ZK*tB=BO0&wAa&F-y%(yk8i<+^WM$KwE~~%;xK+9Lli6`;=A$G`L}i% zB^B~?iLO1q+cozY?K(L*Sw>zys^sg5{uv)lyYE%9Jwp3KMw10Oz~1u3`3T;WkiqrS zjZiyIb=Vx5M=^}&-IcknXQfJ}alJMspGYujkL2GCO4P!*F~U{aaF%dk&WyH>U80l3 za3P|>s6a5|?t}AcwB&78=pA5T#S>tJ99rN;7)l;;L;}N5=&qf2^Cs^NKcE-Ac>cC( zxqB4jDwhv7105#vx1DM87HJ!AXyA4lM=Xo>oM}3tv$@H#lD}11#{s2x&Hh+r zTxprQrcp+sL0pgzLmHPH+!gZyp9W4WX*DUni_kR2Ko;)+47P||eh4!7#B=2#zo9|> z`P%M9J&DnP0kBbPJRtB#t~i*fh`)3`5C^uc=N4=BU4)?XZYJQT&3^~@U|59mEP;+! zIt+a7C$k5EV8lIj%eH_w=bg|*37E9%2!DbhLf{1+=EiW1@;#v;$R+rz0Qb}av>X@ep44*~^y z-3lyY1~0Gp?;bvd!)+b-a+0?-A7%MmY-`S_Fg7}^ZPF*_y$6|PhVN^^^1iE4OVz&tA38OgkvVAp6^)=Zc^cbnj7jRvKG|H zIL3yOPde;npARV#9-opfzCtU1g~NQgb%lq%dd?Cy3@>bxeg=eQ@?JM!WwIr=aGeq`pUl^QH{e$kO()B7|UYI;{XihSX$pwQ|q zAGeXW1<#?{zh6psqX&HCY~#tXp~gzEji^F^!MDCy^jKGWvj&+Vh0|d9WN2j%dqOS$ z{wH+V7j2)~KIY?-BZ@5?M>Us*$Mh_d8!bP~UqLVX%Uq7SP~WpXjkCkl9(d>Pj&#f- zVH(JXIwYqz-q`+qTm@kIlSxGBs^@D0{g>5DIdc%xG5R;^5x{Sprbrehyqm!xI)@%dp7{PSZ3ajWd&ZE#~!P zGD23+_r)rmaM}8d{XHoAjK3WbZ+Tq2J6a90v*)neCAnNKACxwVW`Ng?-!z$+J~jJ86TeAZK-Ef+en?}9?XGiv>R9Bb6&%ZkUC|{TuMNCPn-i?vhm+^ylTE-g9p!Q>i&(k! z>3YHY`5w9h=KMxz!FD57f-v?q-sHN_AvoaY+2P!e!ozTb$J|$InlltB(pC;M$kfI~ z$8d=i&IZ6v{cz_WVHscm;b)s3dC1G@X`;RF2MBSy9R1)h3=(JSquOJaTka3PS}sQP z&h1=fZ|Xh!zhDm`>+_mMbz$kh+?~x4u6N!y5Z;|s>}S1|tqYXqZEQ_^ z!i4sD3EVg@z$Cl=PgLvh?8 zbhtyW-2F`HvL^bq_{1PvfQFU^8je#As*0-VHE@$yEO1n9I4BPojx_*}e<$ovcYUkHhq&ug&LkThu2dv`8OG0aFnbKLNAcOmG?gJ?SBl z^6?azP`P;&o(G{;In}ZCN1(uR68H>2189-O8sZkvJYGACE;B%oHmjSE32Pmc(qMITdY9@cv*lb61aqk}fsz*7gV zjF#MY9%J(Q6*`p?Q6>UHZHZA3^b|3mXUJM>i9Y&6-M;i9{O_wOwtb~w_j3RtRXI-Aov_v892d0q1xW<2)uw%S=avnW^iNY zM|Qq=YTlGy{S9JaDA>XQTtL`}iYsuBIlesIq|e$b1{@e?gh|KB7TaA&%dSXCN%fwg zk`CVA-~0Vi_oI`03+2RR@ zn!Q;##`tJaRVv+yjwW$MX4`rAto*=BDLUaq3zg1h$5iTR6h)w^C%HluLAh(_K7Wn& zi4r(4|2f+RYqN+k`_h~+C-z9y!zve*MtBuwwv(vzo58mrSCF~nR>wqxt%ihD$T~5G z=+}pJJsOt7DaEdy)KJ2&k}YzZDGw4!SOb|uVRE~>jKwB~k*oo1!iaf@=@%@B8W~yG zv@jyPjpTC2TI^EW=F53G$wZp2s$CMZ>4h(?8hH-onTN~*0iQt%_H2*C^;@+d)2P-Q zqu7_dIWlo;Xz)@z&CFwN^6&8{&4()yJb74M^w^(UX0Bt7BNqz$oaQ{#>R5%?SP}uI zy?=c3ZBy}(riNziCLa8KL^D7{{Ui{NaomFQ#)6kuH?xUDkxmz~A!os#GT2U%7cQSn z!ZD&t{#>4MJcxy1cL^-(Qj6iho>#VGz3ioSiL-^?`5gHo4XR{ouQGp7&?Z%*QGR+j zC`v(Ddnx{)Jb}XTV@@_=vm((I=LFL1W5W5*7Z1O9Z*Z26y%E<4>?3 z<)>@bZ6$XMB$e3B2}@gaC;!wdf6?liY7?AxFf}!m0u5(;<$2(F(l%?h)K435k0Kv7 zvw|b!pjsyu`kO#dfbA>qxtqc;juOC%?szLgi|HP6Yjj*ya~gIGxHw=-MfHe9_aWmP z@d`7&V$eyD__(874Ae^Jg-J5vIhgM`r9^~g3HhjzFi}lEU`aLu-h$tsgcyNtld>d_ zq}v^ZR9=~*XKK-U!z-j&lcPLQEc;4?05TQ^d1;}HRHDLwtxWpBY;WF#f|FwgpO2(( zdD%7~?u=T>RM)&%YYAJyW}(8w(cEp%&1!n0o*ZKm2n>)*G1X}`k3LH^%W`=73QgLR zZrePtOc75h7Z*(AqiNfArQUUMHEWOzoLgO{0zQ!!w;R#vOd}Q+7L_J(@$p+k&uc`R z^|Sh{Mnx+=4>nG8{3v8cb3ghXbD^t9K6nAqVt@nU!mSv}Jq5qb`HRiHXOKHqdOX1_e{j8w%N=J0#p3t~ZCh8qy9%}Pn);NVdHH#gNElqL_4 z2Gp#%wk6jup@&?PG&~B8DY<#LrPw67vBabcKD8_UXW7dfa_aIUY!4G?CJ`|7;wOEN zXL>S+P@Qx17Z()F4D(Ys$LNb_v8#vBO6i$1R)0)gW7kO$vk{ViP9kO&!UZ_6hN&Fw zQ+{Upr@WK(6v@Ls)eG=0HTX@X3y-k|`Zr9eS z13s4@hQx-M=oi;ZSrCowxMKt`8C9cn&W`y+LdT~2d>XhM8-64{Y(DESMzZaBYw|;v zckO$~#now9k!*dMx{TM3PsGiEhMGBy5EK3bfH41vM1dHDa`7bQF4F-n66MmmCfGw3GLW(7L`JH?p&BLJ`m;=>qvt zS$u<74Dt3=k3+PSIro0f7p=T^<<~|5R!z1_@$$y0aR$Dr@bT8xc5e&WRb8 zHUXaw765oes%(;;7&}NFo*$dJskJ$BTNZdWhmXJ2+C5o08g}VWF4p#SUwwP~i)}|X zi+p;vJfXmKnNsGsRn5S_C{TJ`_d=KXe3P9 zUP^Mwb~q}4rRe4jGnG$-ba@wmN5+2(uz#i4EaJXLXeLCsEL@`AuUS_SGPw`mxp{cx z%uN&IfPlM?exn{1C%>5E*-Ly9J9kL>N7#QWX&r@_lKelicy;yH2k4|H7w zlX{j61V&DRt3z+la={Z~(y^Y}IvVx7%a9`)#YhEX%i<`>ZznA3`K{eC(9t(eq+Brr zSkVrr2exF%@k*z_FiesFe7c@K@gXr6Ahjbqs=0KzqtN+h%K60o$pT3Lhp1v6$pke_UH$z1abk|YnS0VOzo#}+;&@!?CBgad2yR6(?G+KvZ4_$lEwZuT zDv2__)=GM16ctefR1!DiAb)C0@nj%6kP@I>k#=V*|g1cy&(&k`qU&?y@khmsc-;qqAj z(Wf#qlN9y<0(gs3>_=e+@RL&vpTdNJh#22%*8L(=GwC=&yV>C1D7hl#GMf3s{IW{H zJ?9ioUwZ2`246w#IM&JfY+3YUoSXvmsV~f2v?BK?9=Py2AqD&UmNg=uJdrEP%7!q6 z{M>F&jrNrKq+OXwGf)}6sb040HpZyDxLqM&Deq7_R>)X=s>TlUcL= z5<{i{zuZGtArta`Bp`U=s3hsPwzP}`a)l?$Gh1%_eMn4!;P`*Qb+L&cP>$}TOK8r| zQx|RPb@`SWQ&4Rxi-*xTZ*sT;Twz>!7XwgQmvF!0l8I@W^6-_BHpv$ipW4kPxreMC zDt2vwr5KFzycf;4#<}f6HdYJWz^V)LWY`blh-TiU?UT(XF5q{I*K-$+v~iyiza2f$ zHP51To&M-p*n#Wf)mnlRsCF~dwB7J@3-Ei36F$yQA6FS#2K$9Efv$nd+b^%UQ= zCyyA@Ffc8eji(O~b34(pwM{vmwoOZB1RCV!h%;G{WCx8pJ=7zQ_T>d^2~)>%hbmD% z177dMIh%ih7ecHd{5i?zA?N44UVip33otu9byxU8Uh~j!H=el``PdO*V%oH?fcE08 zGbcjMe-eD4+U5#v)lzva1*Xub)7ZNf*{U-zGmS;)an2gFoa-`$&iO+y#kxj-Y(oLxe`KSzT@CZm}IRPQ30opfccx%*?k9OkW2RoH$ZK&8T&sY?kv z#<3f=1(8(#5J5yv3G~@Ll}BM+_s=le?wFpx;@t>%;nhR0TNTknRw10oYX!oU)k3;+3& ze|&7KvEol?6;7k{0`#BuV4-`S<>cZC1HGj9|CD_E-TX%&zHLH#pQd<`i7r>U54HC+ z>RBng6Yho>iC^xlDMDhBa%&5p<9Adi)1^X2QLM7+X}UGvGf}?YtZfFfIoFc~G2m^c z1LY(i6`f>^_`sV4o0Hjb)z|g)E<&QVOJu=2+wM3n=$ddq`WV?W(it5rJX(G z>O%kGW;w`ni(jBJvHjlo@ALL&H_4j~OfLgGtercYx%4;fI)O&;@f>fT$OHwtbef5I z8eN31KLHA`BOA{b7^kB@m!7GMo^^{z3a`@N9d|q?OLW|2_aA+9aNFxWxVczAW(XaS zpz5CC`;8p@@<_#hzOKAJB(dtDrB$-6%Mi~Gs}59(!tF0I{&4TnRh^+@4VA^yI4|F6 zNjQbWeIS^ruMCInj!p3WY{|PfuzpQb9f; zVjW`7+JaR+iti{B_ZX~^#xN!AtQ!I7BV}Bz(w+C-Aw`bMcLK9M8?C6jj1I5(UB|i* zC-yJ-#ckKspKrl{r@k(0S#fa;V0tcLI+{TZFx%(gG4IhLzwr-vzvh114o&x?=nJ0S z)D5;t5Xo*H@YPnEQTY9juLYbTC?$*1fdgxdQ=W_z@cl^EHBfzpffM79=n)_IZi zZJ-<=Db`{b*<8c(W}Az2^>%T3Z$`+}Qw$eRkjQmw_vm00%y3&amnA?rvE*r8Hnm?c zQ)|^ltQlt?9~kjjkrISh;su(Wdi_j3Bo__+$krn7@IJ`kZF~AU)u<&< zd8AYsZOfhatLM{Q(TyCQeTL`TcDI18O-VG!QZg$e!xLv&{Qdxn|4sa(>_GyMBbnJ~ z2J`wa{U_TwgI_n(=^S>1Y-j}gDJKn2?3;87va)O|(@4tnUqKu2K2M&|z6iv9jM2K_ z0<5pnu??US9-8S!m=!7;bnhL;4gBZT)bza)r1Iyc?|yeibmNjGaMn_%V1Wdv4b@y;Lkq~ z*4{Z+gI}H>o{Sw=-kSCJ-X;4wV0vGb86>{C zDc}1+$2E`6kA_xCk76xXMl3%tHfF~BKH)wE&?_a|_PgyNwH^L{xHSMYg37Oj7t>wJ zF~8Rl(i$uqvN4Xr4067~$srPc+&@A>yjdU$>>@a7p-R_tO@d>+KQX8~I6DB0{YqtM zS$gTn*|;Ca?>87?Nrf2%F2}V9*9Q%`6`OyY`VbJ|Q3$j<6?$EVdQ)0o+qx8ZeerF3 z#ra!GQB{`fTP08ZJhzYycqys&%ZWiyNPmXex9ZUbi{(Jk+Trq=6NG+Yg;Ls z&A(Jp_p$}pi9#a#!uGAjrlwLeg{Nvt3EYaLn>!1FY!CboZ49`&BSBz2-vBOWc`h?+hl7b5}>EncfiHhSOIkQWS ztNqrHmp!shIaH$@dJQo>uFLsGqCe3dmCe`uoJ_b_;(AUIv;e(cfs9sz3*zPzkU(>$ z8`)tPjFr>*GV8=R1Ry*VjjgJsv*j^T+zeCSx=f0Eej_Afcz5^$q&`67VGIv-y|3FDWON2-tC_pX5A^|7mi_YXu_E z9QUWF_kN$WpZz>=IhYx+s%qOlVVc~IqmUsN5b%Wv!|)e-+5auzce?a!@6?Y#XY&)r zDdIiuyC<_99|e3@0A3#lk~7Nf15OM*FDa2T>hW(eOZ9JYy>VnhfJ~y#p(=0XT9-*e z!s{LXFc^1iRdX(Seg8VAGj46i6Z{J}oel9}1oN>gX4_#q$`9V?i@;##fisb87U?|o z-PGjUf5>pB-Pi^i8=|ir<%z%j-Ql(hlZZ z0;K9)*0eYsPIAh3qimD;`2B1y6W0Bq1}CZ&l<97(d+_;aFjNSjs;2KP*hQb;R_3SXfC)O8PMS zNng+Dj(r5(R_86i64_{(@F5e zq9MLlWlQHdFK!xyZqL}ZcIg3+7ccb&?GKAe;H|!s{&8HHVYj|G(&YYeEw$#%oZK3{ zS$F7sbNND^`#9aEsCvYP_Dg+S`-ocIy!=AWR|7#>jV-;?!}YlQ>HjKi4ibK|GISpQXbZWr%pB|X}jVJ_iq8n2&M6A#}N36jc>^}2XUl?FOaFk zua{UZ0S&^wdMxQVp*Jz46XWrzx$v!-Bx(&1g_Ms%+auOjj7-H18-4Cq&1 zr$@YCh+7@ggS>1@Dv~P!eIHBNsiIhLeV@G4(V5EmX#CiKPP708w7!qXzCy+a35{fM zp#xvzUd_%mK@yprbu3wxT`bUVN$YrjYcQ%{yp1vDFW#MsY2^6iITfs8>}e7&v->{w zv!iKH!e}N*xPWswUCY5InQG25X_jz!a(1er5bT}S8(eA~wmwe2DCGLJE02vx4qRFX z{5Bx077VZ|kw=^Xp(7(BuQJNJRcL{aH%qSBsDATpf(T)kKz94kq=Eo_HCFtnTqXlC^fn`X!pu_hJUe{gvS`@1ni~ zAZ1+}LB-&hpH1nP3yt@Bcf<`kg(MlV)m07C_x^_xYB4uibKt_(k}g2!c97q-hwZjg zOM2J6?{6D6319IMixb9MgxB@fxP|w5TPyi=l#O$kO2;r%$JoH<+z(am*O#*u1Ac0v zr#pEIRjk2r`D3F*64J*(1J&kXxKHM{W&w`xs~DeW0k^YOt)9$|6-RyCdCv&V)94fZ z1T)u5cu2DkI=K=VDgn{Uo(*cBb`J!aGF$L=Hl;w)8L7CVsE{!$IF!d+ZX1Ou&M`k~< zy*}fd3)$)%ciN&PtI1d<)oYBRir0;darvDX*M?0sqtx`#Px>zKp}Z=wld+@ z=I7Aqh9wngP@$?`z3%-~1+(@|50!SuuKZ~KZ+>;Da&Gz=eEv0`{-(B|yzlgst&7BH z=;&KO+-DMCH#`|&!tZ%q4tON;@gvW*xK;sDGzoiz3~VB=Qz4ZTo|U_(RaD7eHLnc) zB7lPza(9P4--|%$s9HAaX=zcvW>0Uz8{B@S*6#3WTV2ca0SZQ(&d(km&2wAF)w@fD zH#Lit|AZ#MFuYwHn_l?YC7<146b5%R4>bysWGs_JL_T>%Ccz#a9Xy2BB2({CzgIc8 zm*@~KIrkp^YTLal*n@x;cy#koau4DH9h_0l`BusmVioLqo5TVz>>$kHwFORqn}+O& zGwjB;MgLypJk~K+V(Fi=>%c(e6x5S4E3mD4<>NW~)7#2gAvg1ookO;~k7_{M0Nst? z?M@YeE}wuxLE1TYh8}(Vsp_4(qaFI&*w)Fd(Vd^;mqdC6B;Tu2V@(zjl#stp+I3V( zH=h>xQQ8Y)+Zg23tqpT_Ou_9%O3FT?T?Qd9bBP>#e@-?E_c#E}rUgGR-|8Dj2gL<_ zWT)j)Z+9P3C9~{qN&_azj&IG0uz+gzr6lgHh^28ko!GSS#w@b!Oh+v(|GxOW z)f=qW z4kPQYmz#_lz@a64OqDcjg;mwB5d{!1Rbse+H}-?IP;q=8p6kfd>vCx}2$C{bE=MnF^EAP7BMI4F;Y8YC+`{mSCDn)(zh}e`=6K<#BQ>kKsK#JA?T2&n99f5^uip>*yp^t|gIBUdU6!J`qAKKPWxD z%B*e}X-?g(9lh!vyRNp*=MDzj(i4X_e;&VEoeAX=XLCF$l`3RhtdKL>DyUQs4AuQe!%|}*}jU3e& zPq01*f~*^|Qvrf780j6CpnnW?qDA>dFS0IBG+k`lG{RCISB8M_j(1q!CoaZ4q+CqA z4`b_a+rW?-zj=p-Pp!c2+<)QQq4{iVo2Brf*mWer`pzE?@+hH_Zqc)%{{rEPkD68J z`N3`*el#912k$=d`7UjnVFEVH9hJt+cz$FwYx$+(Nz_&lp5~W9V~jWRp4ktd zAk+M<^P(QQ_(vIjG#)LsEi#DMcJ%r@)O&(GQ(XyeY<#QCWS=h?+k-Ma_=k&1 zzctXZ_ofQ!v|Ra=f4qGBa?6QKySvnd$gEv;WsXS+GT+^Sr$LDrM;R8wwdLYs)oTWn zkaxn7uuz!^i6odb+M?K|Fd1tNOJwjLu~nGB~S9)l)y00g-`%8 z7xFw#gTW7DDja?0TzSU*?=k6(*~3G_6QiHj{lBx~l)Z0Zi?{|m?T~8`P%JDgP_VL2 z@;+XzOiYmOjAe7Quuf^Q0D>(8wd^gJg$N&F^MDkTCq#;z7hv3hRbMk5&^KcD_2txc zHvhez|Mk2k_68{!OS{=YMT7DS#o&~eLXLK|>4hC5Ve$@0J0}?R>phk0NP-v9I?v7X zDjar^k}!l^(^%VD zMR%L*1>2`sCO6_mCu98fs8d;>*1uf#ZbbD;+PZyNvj?<=hkUa%_4huZ(UD1|UlWGl zB*$g+bfWRcnHFK*A(~!L70JX!GrL8F==|6BetlR?|JfUf_vPjJsonK`iSu9rwIh%- z3sq8oYC(B(uV6_o`s7JWDPIreko5d<@cyCG9P8f zUBK^DT2eCR{QTUnC?+Y1(hY$lF(CorM$u_e@_|Tchd1S4inaeJ+zfSLh!I!`^D_C1 z7$T{rm+TvZV1gc2BnX#{bkR=~ImGN77Dp%P&&y`V%$Gj6uRq_3f5z&+wfBWv?;Mx5 z2xWHMsw*G22_@Y%rk1^FEx{@ygCfY!JSMd{lJ+|1Qv{&GX#U}@FklhiSU6_XC=pKh zkmOt!rA|gVB~C!vL#MpEk}8r9Q}c?F{JcfqJ>HG`R@F}NI@bV9@=9%mLE&Oisobm9 zc?lAr-;^&958&)6YwD5gLAiTeh2>*yTS)E}C^NN9=nh!if#Y=aX_#r4TJ!t#_Pd}t zFh6au%+{0TeO#FuoBdQxWK_UPg=t>AOGt-M*p4bu=EwNyZI0fh=F=%wc1He_{P+g^ z@cg?Si2&bY^+t*RR_=dF<+mUK;IBcv)yFBV)h#oNp4vrRg!Xp_)1FcmxP#3?1h@7E zgYv%1I%dKm3k$=4Lu1TL96O`_HYMk@-0AT{a)14veZFvcxZ@qfwAo}4xh`h zn<^h*)WFyCRwL~elZ6BKR|il^J28MP4#?6XS0}@i2bQ7x^1*W&4o8J`6NrJq0<3bt z1}{H<3`)e|h5Bb-ANky0gu2U<+RdO}?T0n7&UIk_!73TQ7v#vts`qwy81*EPWHZjg z4vp?QBITshSFXuz>o)`(pIsCT!S&`i5@LK1|2aIw?W&}GfVZ{TuvEJhYPLDmkg42m z?GM|95W9Xx&$D%9z)w=taH4d!P8zC)noB{7F~C60g6!1~tS1|h=sMcQ2s8>SnTtui zO2jh}g-T$Un_(L;0S8Pc)A-CVF@dC|6($?dA#KPD3erHUGuTz5p(sM6o6ghIwE1l{ zQc>3PG*?uke}eyowfcJ+BjgQ)L90=im!VP)@8iDI94J@o@;U*wAfjZtOmbY_{`TQ} zGyO7)zzT!0{QoI+x+ie1E7xmL2Z;TGvN9P!ibWmbY*w_msM{gjb9iXolJ zSh8kv3W|aAts%LEN;vdms7v7_`Tjv0Dls0{1v}A*Bw~x((Xi{YV`ItPwC|p{DGE)K zs5$6`fKiZqd4YM*M^sXwB2EVwa2ie62HGPsW62NWItR4~jkn4izXbCLyfwiT!gcuQ zB>I<&4fq&JE4aaJ6~V8r;}Pio7tm3qAI}2t-L~YoN=Ontxp{_3m0TYq*s{uEy%}v2 z(CtoQDzA}3W#rjNQrm*Vkl(@Xdze!l%%W;ydQlyQMn>aRvx*N9M}VBKB(u4x#rt|! z(Ssax50yyB(R8tg*fE@|;IJpp9ii(wA^r(n0va3tQ%c3yWb&7Le@oU-Kt1AE+ODGA zQXXRkgQ=UEO@|}(cu(3o#v-BcFRwUH;?0VI$oE~^FQ%sVG@rfzkXsh9eZVddUPt#O zrhunbZemd^p!6LJsqhW{#JkrKw~4oAo}iZ}t}&(0D60ndu?~dZbnl@q6a^HCKRrP=>J zqxme#H3M{0l+DSd{qJfYo^vZx7QUbp8o30>m6XKa;*J~u`RRLiZd}jMF+S!NR7nCpC3;i zMC_tOh4AUoh#nrsp;i3Y1%`;La))&vP_Sn#pJwJg_LTgMy7rtLJ$CplxIL8uLu!;Y z)u;nm3&Zk?Bt+y+;|DFXN7Qs_}+^?BW783_4pKg55;q!NBYKqXfemJY*^ z%PxIVDmM26iqF4cj{m=BLq!NcUd3WIif>_Mbx{l-YpkxGB!R=R2&)PDlC<3aNx}&W zQQKJb$4W}Z-8^VNQC0EtG@exD{aXzl#gEKl5P+Wn*&5wGK3$QBLAYO=o7;{i!eRJ4 zD@U%Vi($OXI2!u5aK8DbjJwKc(3RVh8NF7&3;uod|KRMb!{SQMzn>5iEVvU0!8N$M z4er4;K#<_>62jmf+=IKjySsaEcXxOX?c4qBw%cCa{&%ozhBME({r-GI0+3HPSDD(9 z`3&SdO%Qrju_@8XbyIwjWJJYS5I^;h{hLSoPslOca1mf4CZ@j!}zLf3-o===}@qiK3=3Kn3MpIgCuac4MJ0J+`oHG%MX zjG%_!Lz4~IMM<;5id7J8J6X$w|5SMig(4sTHR*xf#%125W`X!63KkRubZf&^=k%B1 zI%P!-74oS3=vcW5R+j$OV2j?B>FS^O()y=>IUb4?N z3-#N#%==PXVI-)$M<_WJDRT=%W{2JAAbaEkc*A)H?SvO(p9LhtpJSpyK?j9%Ew02g zP&v5@X02eSK&kYkO#ug$J?B2Cea=EC(EQ>fa(b1C5U`;a6jqIqjr07bP@z zekFQ|mkQWEr_=dq!nAK)As&6zTqb7Eb7xp0;(es&-_=(SGDEbAK=vy@`DI^SBs~Z#w`2mZcsG8@E)Hr0r20O%(+F zct?_5&@my=-yfdGOqB`J#6oQPL5Zz~sM`~(vgaWI%{ln{;qc$?$nn!GC*ljSqEoe} z@x_R<{rw@+*unZf7=2YplCZbXVPHN|)v^t!H@w!)$3gG0<{`bjgGB|tAoW5E0qQ3D zrO=U?nqO^(B5Zt}o^JBZW$a|GI+7O;lWj5&)$R6vsb9HIDyn~SyS@K+ABf2JZ?NB( z_=$eP5~5OMZ5FxW)Y9666XGv;gBRX(SAT!Tv$x_4SU}7sp6ACH-RZc96-$6$Zw)l<9_RT+Sx~qqln;@?Z76aUDi)?D1e@gcYt;bT;gEyBx=~ zwaJmu$yRX`RkaN_T>lbXm+c4Sa?bWS&(OVTR!Be*e$3r12|A9Gba2FQC^5{T$>lR< z*u^x|Xc!63iR?tuMgvk94|R=HQo#^prx28X75_$WvZN$^o?CrNa?e(QD-Hj}VGv{& z!HX3ga+E5|Vd(M1k+8l&s_1x^6~E-Q%0a0y`@R#5x!Q`nHUaMR`mg}l^xYD+k;#uz z5}0D5n&?(Zx#q@UQCkfyMdCr$eC?uZ&XIm38E#wev3HMRjGlh7 za}WmE3Um%bv0B7Db~*ctq>s5Rmu%A8nC>q$$_Pqz>#OW_+rC>sr$6-WE_!chzwoE$ z^0x!}PZxBI5G52|wQ(s4<%H*a2HMf{z*GVwr^4$6AcKM6acoUZ5S4>7NM1`@3q)u3 zm8I8!*qaRFpd!4t5vb1BChQ3EbT-$_&yM8u1r_!IFKrnKUGcuWufyGBh*urqXr@p) zKpk?(2QE~b3Lb6?4p{Ss5*C*rQOH{5YaAtq@s%QH8yVl5^!!Xik#Pk4HaNf!#KC;2mD|NChA|E@i2 z`95st*?K|GxJ(S-*yq(vi^$U6XJ9ocxCkA!BxS(~j+ z^Mj6rkwzeo0M_5f%SRUn)Az&%mBN^N{ke!J63W*fAJv-_qZF-PV+gh>GWi<)+C+)C zT3_wk8bO<|uR_gC#-YFBF4zwZ4<~x1RcFWL{OfFP@!VWXY?tJW_A0Z}$`^SURQ?=1axTxZHvsx{k1jZj~@wUZgPM4&1E zybJa3q6mYCZ?LXRBzWk9S=1%wLjfZ&sma+geX8bl#0L(E|KFax7X6z&NiJiP3d%{a zUMYe0)TQQ0^Gs=k3p?yYrBHh!FE{bt&;#hV1``K=y9X(J+9KIp9>eXY3yX;27Y(E~ z^0*cX?QXBiPMYjaCuom;_>dHq?JkT<=J?5uy*qT4O}=XvEZggaXUHiE)K^rb{6Z7% znfx9VD_T)ee2<}#5%TL@Koh7-Cb$B5V_%4WVo^Q2 zkjer?c&zv9;6p54%K%&F-+95mAiswM?7*(YX`!Js(b1=3elH0KT2-;s1=X|h(FX?# z8B2?F65d!^;k=glxwWjb!#zPW|8$?hby?2&Wq5p8Z2l{mGePWRFVeK%jHLny97YuQ z_TmCg1Kxq>F^KD7kGE%vmzzdHhLaz`Y*ByfCfY8v7qz+O(`Dfj@u=rZisGUl0d;Dq z1YLUcGbQ420q`bU!x3Gbh1Lro50VEQgu1jUVQ;_w33jVoraVr)^)fgGzZu%$r8|+Y zQw$9l1#0GLAaKG`QBgpW%OyIOhxG3nZ2#`e{Pz9RgclWjbVLbX{(f-WLvR5$rcw9L z*d=lW>L2Nx6!e5N@NBu+;oYb(s1y*&Dx7|Ku%mlq%-QLL(DdPa?#MHRZ9;4~=AT+u zJcH+{Cm3)M+cPsU;<2}^Ga7^hoL|v%(Gla}{BY_{Nhz}&gi2o0rCgUKrpBwk6dPVa zn9XTxdw9q4)o&{{GFP;e7)>d4tpwbTj6G`dx`@FF{)vl=&ges4JkFPm*=#Ywq6;c2 zt8Cp3JGjl>-Lv6|(;6RFn#sKgO!B58yQTuREv5sJiJMV4W;6KfKV294C(HWVmvnHD zS=%{Aec!%~r_nMbM!JhJzgn9H4h-eTI+tohR6pT@ZCzPS^fG*G@e?sIw(m0mNMq0**k7WQG_&&Jq4Bt2`8yaSd8>J zn$&~Fz?Tb1sFW&TS!9GjokbbFd4aF0_*?X1{&d|IG!dL<=Ksd_}r$-B}to#?5Vps-;TeKD7#MGfYsP!l_Fl?jj^) zmoiQ^MR+A`KCd@dslQxSp14 zNMjju-F8aRU=@XllN6x5@-&7SI;)j#9+<7+-Wz*LiO!$wxHEIBM_Kk)PO#`_AIOPV z(Q!X^k~*&CSfhgFvT#@2B-MPBZ>T&XC+RwOR^Lj=B6LSYg^Y>y7T!YU`lEv&J6 ziV&y5Rk1!uAb$M+yyt)EXFUlCUsN+lHBlQW$S`S&0CLMyrQ;M*+*iWgR{~^wBAo)f z-yg3H*8xowugJ?e!@71|uJEvu0Cc?*uvxpafe45^S7aUtKzwWK^2RS$N{!y-5Wbe8@<-;W+vh!M!IICct>>a3$k8G>4!U$-6+ zB)1?>(hFr0UD8)vQUNYp=}72LUU#++tH$B|3qrm~w7U3Bx*RXbK$_AH8i_`YqR%^L zzge9B@F4w2dk-!Eyz{)9L9LZi$Kl}nkNM?KjcH%5f zQfa$Id$uXn(wfi1i?gyhD#YD9>FH@hA2VIwAOzMF@I}UAi2=NvX+Wz;z0OPbwoXas ze>-72A^x846menSm~e2h zhW*OVhlh9=s*W)1DSDQF*9`a%Pq-%+(QB`UT;Q1H|{hXt{n5^B5*utiR9%ZRb zYz73wUEq8ra+EiihOZ{(5G77<2zf)(@bYWPr{SX(`i}D?iw5QLVjFfgfV=qrQkeF< ztk9wXU<6+h5DCOv9onU<5f!(`Z8Qap9Yv_F0771+mZ6$`J=yCSIUhgm?oD=1m9G;t z8i56F&6NqbZ^|dyze!fa5_JEs|F=4E$gY3G$xY`mUpdnS7b`-blW<^r94Syx%Z8y@ zikIr+mxD?wP1XXHu~V&DBg6U30Si zBb(v0;8!Q_K7QNllSB17Mc?XVdksKP4xGXlfGm=Kqy(@2X%CDW9li2D{gk+`B)l zu*KBd;3qn~lPk1&z8`3Giu7t#!Ka*n2Bo&A9p?~xItgV^ue7GajtuoOe<-lZV{mk4 z_YO0Pux&6mtOc2*M87|psE!v%y#MK+{ZC(h-h>3Y8SH1$Awr1Qg{X>5kI5>NeLH*CMIc^Y(ce8g*1Mq4p7)l>d^m~>E+mYqh`!>Gx}C`Ac%(nU=b*4p zLm!PQ;6p9`vYF+BxDje`kYy5K45I44%|YmW=NfH18xPgzrWw)up1>K`gF8jmihBIn z)9sY^=SPc)fbh_z7uV}(X%a_Z=nJ(}I6Y;N(}XUBBWrBLCG%Ocw3TUrnno~rv85Fq zv8*g4>?S70YfzNeU&w4I)LE$90)TNegB#)-;L{!WMSsyIS$t)La!-pJsO9P52 z-tLeOCuCY3Y?pv!>wuIVp7qkO-R zk1s$k`voohRQp8iMAnoNOdZsQrx|bhvTc1k8`e5sN(BP-{PDJEk6>3#8+jBqgGFVY z_Ls;M>P6}qOt=i;gvP>pR(78z{El1govlhPdN;*xG7jSZr%y?sW%_k%#lTp`8HG|x zj!TL!WmJO>ag^-i8-v$U&lw$$Yq}TyTE@18cr@q62^%|0RI8YrAkUhuNR8nnxtcg- z3}fYVV1(Il^jX>pKD@zSJ}O~`kgnV#Xw*oJFhQfpnP@WA_4NO2J8qoYGKekP?6hz8 z6H!(&R4@=EW}3gf713kBmB`?r*v-&pQovwE^mRx`NT`VKVR(Pcqi}tB` zDAldWQKA4PZj4?}Ne;5xvp7rcpGF8fWj69)M#4n2wFoQu2{(OPHAx30$v(0`NS5rs zs(8W&(Fxpm*BsetIw@VPVenFbC_Tm+#8vag<% ze;3(KMvhw+8&#cMV_yav^%xME^639%x6C(+{7sNhW0ZRO^|~nIkj;4TG~5zg5^&=F zcJO7ke`4i8RWb;0#rOzbeg~qSfs+ouj`Iyon}+v{9HhqD5tP#*4bIZukp*rG9L%aUBLY8)b##zl5>UU#B)(l`Rh z5UOm8jNp6t<7>@|L1-3*C%q2wx0DUq7LThVCtP5x68y=QMhkZCV)$Xgn)l^W+@Q`p z=`8rK*yg`SVjr5JbBc_D($i2s>SoL&x4SC%GS!+ls=3nILWB#Xyy!kcCC8?xCtUZ* z;+cel6bcA???WItVOOB*LKq&#ZztPvLF|cg^t5iTOiMD|xBUviA9ZsEkppqPs_n0; z%mA^B=RM(zq)-^|u)Xhv`4GL<)rVVHwZ(ApPKP?8vyDq`)@)knO_(oVa!_Kl@^_#i z4Y8xZ&QcYyYayWt6!@WH(h~cj>Fxf+Qike;9I}>?iCs9{4eqr<9s~1aN2nA1bqo0d zW*ze-D%oxrHDUm|B3UGjQb&*5gKW{Me_cPV3NA4BIwEIPw|-iH*T%lqw!DYHth^1Mt_hv&6R5IPXvQbk>{ezMT4RU1=3`K0%88Z zCSx9}u+i@0QuPH{Sh)Tvg4$7=RZ2mU~hLNEx4y2}9FiUW8K$-}5v;Df8M}C!)(mC7E|0pV!`wFK%!fCFS zR`b0g)7_m66(T}Z|6jJqd=O3oEge1_(YB*2wo^K+Bpv@?0nn3Zvoeh@?1Z0!QGDqI zA#4>A30hpg7PTgiC!&(64Tq?NrrjLPH=E5DlKJs^z z6j&)qBM)yK0_v-ycNu!q1~5@zVl;nILJn&5i?fU@eSg>#)Uigx`nUGg5*Y;=ZMOme zCP~QfWTCf;!5_zJOoN#U*`)jOOw8_}R|kCs=Cq1o>xNM@yQot88=>qawl0ImYE9DL zUf7EHhv*X{S6eBv(ndzF4Tt%VcWt&5qL;1U5N{@VS;;xYG@kRRkh9)0k_9!z0)R?;2jJ26Qx1G@{1yUdXqr7JVmit$!&Y%A`0GqxivJJ zCZ``-zwvHn+1I8?cyA)5?kcFFmn3S4Fc7^22PQwye!ji3&mEByoV5RDNn@G{_ro(#rdGaM%b10sH26IQS-vx~fuM z6IIkvKAHI$WvQwHl+=>HVz0|_(S-uu+E+>p|H2!qbqVBPe;?^cZERMu2iXxmXCZm# zyQZ5_ATLgppIMRCSA>s6B=i?+VC6zDbcHfLhiv<*3|ErVyYWV-ir{4d&C3gszcm}i z9puly`0LHryJx2)Y|GIqJ!Te&iUKtdSx3laEk9u4jI7J&%|LC5;gYmJ{G~d%k!k47 zyeuMNXF#1WI$=@t^>LW((IU+&Jg9vQnqsraI`96>CbOuCs;amWY$3_>oLU&P3*pyk z-HxU+LLr)zvirX(LAMA;ioRVh^IvTVON@y5^qcZFLS2exRA?AuP)C>L;q1-BDIO?p zaQ=l)Hmrpj=^GaE*9KP>p}+`qe&_Tx7tiN{PYdGDcTHPC&~l&aKCRkLuOwx)8M#TZ zcF&N@L%t?OVXK2&9gP*btIxbzHs4Y7T>UIlUv!nvW;x=(GEt7ZD&W?cE{6)Q+p)2m zsM7o;GiW>br3O4IrEbAjtuGK=d0DT;!qeEZ>k`nJCN{vAj3ZW}AN+v&uXF$m8)tNM zpC1RMKnJuZQ=2H!xh)|NAq=`4!dIj1)MNxWD!jI0#(x>p`K_|@uNR+TAvriW0GVmV zOpu~t6u?oJ|?>Q4_v6oKEOl)WB?H~{z02~J`(a_kSJgY z-_&zbC)#-2xeqtWT`6jPD%MHLm%4`5u`~Ut-OhuU^Ga{v)@x1g$Wv23?XJrasSGDg z^siJ#V*U7<<1g>evw16zYRC7QZU!x)0|Elhb&I^dF_OhgBG9kdcKVN-b*C$!J=fj> z+M)Rw6HzDSMmIJK9BuJ1Jfr`w75`{BB_^Qx_Bq@L&5KA4c%dj}M7AwTO+$jNPbq2| zy?YawQDm3v?QYLXu)+Y}$yMAbz`q6-?%A}=7;xmn;$DSAy;zNCGx|cTvyz2MG}k=k zWr@7nUAF72YB`WQryar0WWVpI#o=H&VL8FAM*GD)BngAmImH_+JYN~pz>;ZE^k2En zzgspwQV1wS=g~(7Gp~MK6BCmxDQcUg8>q7#0Gu+9AVN^{w9FAIEB9P|BS#Ks(?*<&n&1>dVt^_jokCsL;b)7(n^9v+ir3WtsjISr9e=mvbc90t`c*l=*9QW z-Pjr86^0{BVkC^V3#7fGx6nusI9G4%8^!b>JP9F#XJnkDk`#tb6sJ351BiW@7Ho?v zbCat_Y|JOBN?YA`I7`%hOeJ+bVwWBddujR>;+us57XH7NMj5dC+s4kyijHcX?N``< z^RVI8;5cvqr~Q7|*qA)9uA)=2yP$5rG$=!M1qqqlGcrv(>+n!Zo#G;rLH?}K5RN;Q z5s{X>PB9cL5_SEwvnr3Wg)j zAV?zsbPm4yp{!ZjO~gp(PufwcC1!^NEN)){kmm7cQG&g;(e2D#<$l$%aZ5H?(^r)%X36i@oWDl_76TE%JP&LUHpH z8@LgO53kQ=QShXzmX;k&EnTT>pY6dd@_Bd4q}V8LZMW%_ejpO_uA=agVZ6&Lep*p2 zi}YIMJ_jIjPv?Ijz_0O2T;T;4en4INS$G?zJav9vxF{$p za(hscO(XAn4~~Dn3QFqFaPfWs@8^_S_wiEn=y8#OYbGBvBn*6kNrj{&-lM5VS}Lg2 zO9g?*dtc%TKyxEPLJ;mQMgdX^`Lu>jaAZsj{)yFUjNG;0Yx6V!6pb9@{iic}pUshL zu4?U_Ohu|YP>8HgP6n-w)y;mrBJZHz;#NQi`(5_*a~X!~qyx3ge6eo*?@APBL!2^I z7E3eIVjAer|66uD#utc`St#>vF;EY7ydOb*|E6JYg`{ZaXl{I$Usn zdoRj5+U0LvB{p#`qlJte(}y=TJxvQzJ`p3rU4N+BH0vgZeAFMUm3z>_j0P8WC>-)M zq{Z)-c6K zaBLQuv>UatD44iIZ#3pF=!sN@JU$w9Xui{|J?VOvSy`!QUbmA)Z@>G@DUGW4xd9Y~3^cV|4l27bgdhL}CmM$xW{lML z`r(9gRE+d!!a`s9{(f#v_9q}XfrUm<_jUQMnhT!?@rO@)7N^`N)ze=J6}%TI;t42yYiXaQw(LdGtg;GRfO}`GCkH!dn}Z zo>vf=la&l<2tJndLgoZNClyPzy*;7ZO%HvXBamr|&)aCoR>isn-!;`ETiJMiLo#HS zcC4TJ?B!7YJ%N?X=UhP8R}l@Ho`4WCg1}B($jDG5LGp89KeV7Gw@2xOgG1~qJ%0|C zwqSY|CZjdbk>riw&*olHBY3fqDH~Z-|Z?!fOX`+?t7)zQ`|>tV>?P5}4J^z`%6?=6E( zLd){T% zcj!Wdd8t2vSToPcvlbh{7BAXJyV_gRCkJ^N-Rv*E zr!o^+cbJcB2t1-F;M*5bF(q_Qc8MV?U~=h7>uMFnsVEg=v6#2I9c@)^=db$dx>|v= z{Na{Lu{Bo$3IEMFphpm;;kL!OL}B4Pp73MudQGRHsy9I6_nGQ%*F6#ti(d3MQ-bwm zXq3@0KI?XdRUw?d?QU{6_eWK|_^b|ddKr>YM{<}QPYpKpi47S_k4yPV5}NwEHqg_X zxr>dbhxi56?!PX7u+;7bom?Hv(f?ECOpXgdN32?56uu82yOp3CZFk0MspQ}O@D~1@ zwc4gpg%}dt|61b1nfAqN&ZJt-V=+#$TTIV_3#sqx-u^y)JrTrGw7$YH-%0;5qa-+Q zjJbyM?`T079ym$;zE*9!WCBc1rsHt)|$ zFA2ecM01$9s3&dyT7bohF(Ve22jOS-ve-1VAnG;kfx4Y-w2Q}>%9Q(I&&>xUFWhC zHevrP$Oa0^|Z3j_dnJ9w&G0 zlu0LR~r+`S?&~q_nZ0kxV`*D1io&^7ncaMow^Mq zY~8za>mW0O(ENq{Sb(lI0Om83Nbpwn$)Q8W`;mGm?Jvwtj}7+ISF{@&sS@5SX0ovTV?QzSYMjQ_38A$&X(YT+*@^%J63fuVu z`G_m&wM6!~kva$SxHw)By_Vrv^2qvIA;DvnCgngXADD=0+OpyLp~Q5Sp_S?r13^PG z0Y+eOE`!!QeU$2NX5#l3Vaky9c5lTOlp&HU)3hFMPAA9GX##h0iwN(O5mW9b4QgE) zdCo?`hQrE?9~w<@q;6<9^mH`deEap zfS66eK3tt17w1MpbkJnNgHl1qJlsx({jS@>{fP!g8epyT~+?laqSFjC6D#90{0NSe&Qznw2!R zrY9#!YCQ9bi>t@X=Br?|0L?G^a+fJpLsiaZe|uHA{Er)dUn&9lGZNlF+GRVUNQ+2lYGdlon4)$P&VjS%4VK0LlB)y9P)u(4_g``pWVGZE`lluvnehm@h&r%(7V14%$ zJ^KiwX=)heMD#3Tm&e&U|E%LrZ6Ae&X?bmfmC*eDt|tblwssemivCos2l_moLCwma z@-$rL$zMz`ZE3g+6}|l7s2=cZqpx_Jj+F4^^3 zv%Bbf-JhAglPb9OpJ(m8dRjq)@f9b=!4H32slk=Ups~9Yd42Z12N|L(Q))H^&Xk?) zgU5{JOh@$gUa=BupHu!j4P|T_a6!}44Z`d=J9&F4IQZoN13P!xtMmGYW4=C>_X`sg zmj3&S;ba<=w7hnnEppa*Ujcu}IoG%)XIc05(sS#Kt?J!Glr=d{%%yL-2K&`lGPk$~7SR_M$kzMs3LjKn;m+ion zB!Ny{wt!f{Ik5y=(TP*E?vC7|g!I*OTnsana|P;X8LTb27D!2^0>bjXuA5)f6(4XZ zDz#%Ln5xAeR--6Y&fgz)PJTp2@T;l))>0|}3Q$zbR#-#{PxE?3Y9A=znnQs+Ju>?E zAX-zP(HRgdzqp_~6flEu)%n9x=oZ0=kR2R^0E_-nqvDV%6{4?|#*MteBHQ+0mhx5I zTPV>Q_D#VysY7&S4FaSSO(6O^y{v9_8z^zV>DTVd=DDD#r+5V5;!$XLtIqeMq3#NY z4QJBqkJoD(&sd5D0K|UU@(M9%XRZ0^u6ZNTh6}FuV7|IPN?Gfxoz_W!a!)tUCB0tC zukB|{yX&?fe%b0X__&vayas>?m@e&@l|18I)Mx;NQ>0Yvt1h2}<7aO1=`;6Cc5{sL z*9n4CzxuBqiHN(kwdTJXRJE?^rfc(}o42@+N*5-*0J%;}eI&X!sNgv5$J3Y%fIeVQ zG82t#eESSTD$uC49$BNn15hi6eomW6g;>l^t9yO)$X$<|V zx=>rN}h4Ya5M&o$`eHK~{)=Hl0&dpnS1V$q&{Fh?Q}02p^r*N z^+U?Tfzr)Gx$mdEr{i$9@0jwnu;?C-GPGFb_$7D8GAS{? zHvE`p-9LyJelSlk<(WyLwt+K(8hR=^_zuC&6;pp1o&BZQC##4Cu|IhC%}r_wm!XZN zS@_ap$4jSvr@)QDt&gx6q4jSK`rPG#uUc^TtS`4)+A+1xd#K2q98WF65XJks5 z$#l_YE9=_k=B19HxTZi!rPVfaPo^aKI`gktdw?8xbhI#Wf%A8^%TA!e^VzIZ;VtA( zl`f~9t)a|;e#HVmYd-|TNWsu`iXU0=n6Gq)JRxDDUL>MPoo7E2X!bBZ#`x%)Wa{kT zz*-GjO9lu(wu zhvwHS;fY2@z;RP`^UHk2icH=P7ZTuw^P}#n<^7JboStdP(gJ4bu&daRG)Dp_KBN_m zj&$p~X?Kd-rE2ZrccqBRPJ9Obi(&I`aewQmn2| zshii5fHM5FF+Qp>-ImTfhrG_KsVd?S3P5`I1{9F5TwGO~ihxVCblt@o&zWK3g-Zy678?fz%=pxPxzl?! z|7Wx8KapT+ij6)zdM(pvzV%_}Pk-~02>0RpSH9Oi#h+63NW;_ep;i`MJStiX4F;4m z{RbG7PT}aIfwP-m*b1|jZ^2Fv;+iR<@z$<&$R2z>3)~G2+`fvON#42CU1Kf=}7pxRJ%?Td0rEcw)oUM z%dly)QkA`hHLl+Ds306pxVt)jadBrK7no^sci?;3zo)vQk$M)YSN8!G8}eo# zt=zaO-g*8@BIEZ}>@l5^ZqMkT)AE#ufyad9ul=(?2i9{AH%oR@fNGjUV{WKp6m0<}T^k}EXrnf1|h}_bSka(|py1+rby5gmU zYm2+Kfkj&Nyxxne2|)nQT7U`t4l)sKB@H@TC^4Djx?8hdKz;0ZK+DLW*!=YT0zXSF zX}N5ga$|Am`ZJ#9WuJUruqrmT=Q4c};)q@y{HwEWx-0`7j1Q*PbOhj&Zr(>LPiVv; z|7mTHMi?}Lyml!TTr>hda5|v|Ji&;qJk%sp@y-0u#mcq1F{7LTF<<%&$D=At6$Cx4vY84SDdXXgIR8vc_}e>bj8kn3f6 zN|ZMordmDzAvMB3;He;KFyH<{){t5#0Q|{7oGLnU(ZUyL>{4{pr^Rr91 zn7(}Nku)8@HS4nn&W)H|urFlkaws5JvCG(qFQ2x*GMLmu?RL%`eS{LB=;q6JUgz?7Q8D_s&ya@C8DG)2Bt)$Nv?k(}Ui2kw~ z9gDmnAhw}v9X(FMq>Tv-Ng+ctR#^{SYMO;~bM(24;5~{!)Tkm<;a)q9Ih>`iloI-W ze3r$U9G19MJYhA$PVs(R&5R}ldN8PTDaSkx>6`mGdj5|K#={m`@W`>(?u#8r-GOts+TFM@+OTyJeVNy7Y=17b z38o|LzS(Psp|5PJ!rLEj@+p+b-_z!$!?#$X)EYk?+1PDTS!|G{Oi&|E8wz6aS!vyo z=CqjS2VW;0xr%&Hf(+g0k5TV2VqJc?yQ=Su92vOwMv8?*h4e={B+#^<)wdsqUwPjq zLDbrLJiqj4FQ4I8#yG^*4(XwCxVwv@l5Qx$y5w5!PrA3aXOEQELk% zNd5OWXWb8qKl0}n7eCJ6qjdPF_=qCIBx(UH!2U^PZL_`4qvPXx{m*iW-(H~z2rk*r zn~7CjD^BEVT~OZaDmNR?-~8EvNT=xXcfACrpi?pH0zh%;^!5&uhMqntVK165N7t|C z{rn2dLdnBgu@(_hT&kuSXhz7WSbj?&<^!8x?6xF~v@g=zwnhY6u<+vmp85uU)5QQ* zbrXL63q+V9_n8z42jiK|pQ0zW@G1L{7CEnU7OVn|HSFN9gQ9ZkzP{Zvu@bCJtf>*+ zypax^vCr}`=aE(gl9!5n)2jS@5^3HzX}$=R=q5<24EhK^43nQt5cK%2%I@ zuM)cp4f~E1Qwbo0MYq?Mm>XCHzSdWOLQ5sGt0qZ7-;mS<=p3i-hM4HH^BJ`s1G^ES z7ihvQshe`X_cR0G$xHRrg%4`?C-c(GrTL0u)wB;fzO_!ecpA;uU274pbnn5YZ#;-= zB(v(3=iWRWL}d?DBMl)@t(Kp$>mzQ`6vk_l@H+41o(gREoiv>N&@Z!YB9rVGRj(#t zuBbNYPW*kry#zYLLnPkp{Mvj3yZ%eQmo*!ulA>a;GD$6b8z@T*W#q{Ap^xhgMKpJ z@O1U^;%en&_xsVvX&=L6t~#&PUt++1iDlE;={Jvo6LA?5$37$GbCmDFYEW&R+aurJ zp4*CQ-?_UTL^QSEWn3M*!;dbQLkL6TYo=HV3O%$QPTU$X&P*2RcD}TcR3Q0ctvwT! zM|O|}k(!!6xl{Tz*C#`(OuTO|L7@RF8W~t+Pwmu2xb403=$k z`je@Bb-p&lonE@%WUYdSXdIX39E^52T!=$E)C8pZHmPH$3KMOH*n1xcaP6|r`;?m) zK+CbYLqhtWYOS=Z%{3Vsm={Rtv(IfO6_r(yaY-GHewjT*v%i@+ZbfvL1>`ix5@5j5 zf3RZzzu+Sq1ew?0e#&nrFDZl6rY~+uJ8|Sl%|BxIYq!)xg5KBo9;hQk)!u8_e3Y|QRqIL~STbfNg5bFtUokS-zp0p`Vq>e_ zdaL52f*{a$4t`*t=K1OUnekH_YK@FmX&0nj>w!lmAty8enYey<7_Mx0x6GrlMA@#o z_85zS$r?Z8Ry)-hLW@&(Nj-a$Kz zUdwdbW3}e}IWDAgHQ?dPd0LH4rH@eAPLsdxM~-;4lXu_xmsNh8q%f-y_}z8|odfij z+a~7u{cL$wb$sfSZ!gXzL?Z@HuCgA?GA@AlDLn1rA>b0*7C~#vm6i!&_Gy=taD0SS~l0@HqSR_pG_=7GW%57}Tj^b1-tW8WO|oVt^+PXjtW zTUpZ3@E>Nn!Nt-nom;5zf4wza3kunt+E{#t8#cHc>s|zlyo@m@Lh=S4ve(7C9kAR z$$O7M6D=Yc-iPzp3jv>_R`cQaqYI{^@k$ChSYU zONLAwbSHgD$K%y(xR60=1EG|yB4f0F=v)My|BCq-gHCB#Km(VsJpy}i03@tG-gz{0 zQ~GCLEz9kRn9fyIMsCyG%un@KP?Pr9?8e z?mg$Oy$YEK)a{p&wV&`a9U(b+fNP4D%@#y`pVxu}6B0mQm?B#`8^%HNW-oo%$RpG{ z`O;hff|X6Bm2U}IrSle%=lZj?4C{iWptV!l>#YVqq#1slHKBu=q~E!Of6TE2 zc)rkpAxn@wqn#HKTzR93G=4{ZCU}+=qxTTNx4pT1`Q&!O;Pk~L#=nP-8XA{CVIdbrR{hdfN-J{QQXQRAtYOy_&2IeN2&JsDPcG)Z!fiX~X1X>pY&p0Hk!=otK zj0qd|4rYM})a=>XqnK3OJx3iE4T}*U&}$znyUKFTmlm9Dtb%^fm_jB;SFC9ldPLAC z1K`L|Xt18~r+)j>WIUpc zg6U~x8bSCnNz&?SWG*SE?$^$;?PyS_ZESi^qK@|W_dLU`>)=jiij}Y{hdstDHe)~B z@%URJB{pWlmD;l}Z6xX&xD5w~xIgyHo%)1+{CWfpY0ZAX{OWgL!}PRoQ62wEAHkk^ zhsNh`vKOpcjF+_|*!_F!mk!A^OHXTBwFjjSW52dQg?^ON7Tgu;-hpnXC(6ax4%&`i zpnZGeh@lk>r`l&4$LX!8QKSEFV27_1m2D>@;>*?HA}LLfi9(Yp%o2OCdbN2QxoM79 z9V&^CD=?*#kfVldc2xm+9oR2HGdzlRBJxIF4S@_Kgo8WE`$2a%!>^f$I&<<&A`YDm zSTKUSe?jUS8b~fZrm^lkO3y!90mM;h+yVl81=~d*dc&;=5MlP`%heI^W_VY6^72f+ zY{XZhPU(5y6ONSXr7KLZh+f=#QvwXuv+)iv5^kNx0wX;36-?dY(9U}8zPYf*d!rl> z3DFd}@kaMW|~x$Y|ff<9+4nb~p@5?^}+z@njRxnF3 zJQow6F0J)j?`I8DqBb`T*e_@FygGX~fGHg~tyz@0mC2Ej4|L*j>b*NI-`O9_daPi# z;{|rB4ijheCXSw)0@zC)^AQ0Xuo-%@A4%+41b%oAj97GnRnogND7o{Ku=^ky8WVR_}VYr40>X?>;% zs5$W|Cv?=q-f4rQm7GRX{2$Ka_uFX(o_uZ}B#-fA@Z^!_2_M3Zjdx}FaRk_i zbmn^{gxhJ4cCjK!g420pE5sk)C8O})Z^}D2uBZrH<}ng<{J18B)k#GJMpD~44t${? z3EVvH1_*A9)%^6%p+tfm9+y?oSwmFjn_X5=suSp)ijpwsX$RiHaPgePGgAl`;rYaPAm-gvf^w4vX!oIrUeP_10S~hH(iavA+p5 zD``@meYLS&;5Xsov6x8o!6*?0 z+uhBsKO|RlFdya?aF@fN!mufXCTzw=G%TeHCJu z?3DGvcyU4UI{y{Lr;uh?>&WwZbBTE0DE2g(_=L1_`M0JH7uFSq_7PB!22aHRO>{jG z3!(^yEheItX69DX`o3&(&ob*Kk?l<)G0ZxJXOmZbrpuB2&O)Q=8xF)wKRCP2dUN9L z5IeshL3uSflBf$Q`Sc+lyF!Tr?~MQ-gGD7X035=&s+eZ(hg_)bc{`YXk&j6o9nj@O z>In85y)?wkTSsVQc;{Pf;fF@h(Vq=D&0|Q^1Skyb?41dq*3tvrpXNwljA6ELldHI} zPzn~Mw73|M1*i%ok%$h0S!{3wqHz_A=_1W%?OM(?#}E7cWUOuFLmUzs*IP&KSM{fW z48|8+2M-UAKErGDVnQUBSu43*X}BG#;#MEf zs40kn!&wy!qHOHua2qaq7CU0U(Etpe!?+h zvm;yv=Si{QOicW>+83+!In8%nKJrL}NH{T61V#qVo^37iHszWxc#Ckr6!G+2ai zt%vUzp5;U+iKNKRbD8is@^>i~^G0dX%A3}HLgT1xPyMv4{k(1-jjpSggT3~S99Mbc z7{vL!HKl^f9kI!WZcT!RY92EIREjy*X_e`RAt`r@EH>_MtDM|DniozgFyG^DV47T; z{;_c#3+ws+D7)@xIJdQbh$KXBLG)-*q7$9yy(jAEB_TSa6CuiA5Tcg|qW2P=U44>+)+Jr+2pXtSDU0qG z(9p5PMQ&HFfPOWz`>v*gDf&;Iuv|S-VmF30HlDb+xYN9A*%`p#Ts(fG(W_T`ergss z3v;s1SjbFSiMQ^7zkxs?%p*0|)2nQ4*~ra5q|g4*F`f#?N`Kq=D(A}9Jx8qpmx%;7rPFs3?X^l$ zzY<_h28(WQv-ZL5}Ap)diGhEE{kO%0CE{l6BhwBIn+>q>n$6e0aA8|}Fc zDelGD-VOIt(mc#hD-^!(`}}hpKYkw_+1-5W?|E!LFj4^5Oy|*rFyA}iHlJ{8AXq(6;jixC~iU!8qVy(f=vWj%jYx^9k^ z`u9?N3l6N^j>`+aUVgpjIpy5#x7z`2TkDj4V@>5#g7kFMRAC&}(({xORt)asU#AQe zbH9y0%2iviW0yQqJq9WsDNmX@2`$`z{pzMeZKayxy6($bW`@!r8Q+qpMLzJT7##vIanAAF0@Ri0bEY05qM6}H6`x0>rD*lE-W@K8;QL`hG( z7~QfbLtF0as&_w1k-twuyBww<)d~Dh7iY@uMAfO(ygPm(SK3ANzGvFIrfp@Pz|@zNXpf+%#)MsQHwsdq0bN zAFVet{1xtFlx&8%YaaJ)TIz9O7K1Dy(HH#*RU;`yGrW4n^$u@w9xPp693j?$wHSKe zRkg0NE~{RZ{#g@~ld~Vxt<_vY52Mx-i(@&dD|dhe=I*n=UZ*S9uy%{c2>CV}$ocSK z_Y&M9N(ed`&q)Rr=?#}WF7w%`pZ@Sjr9uk~?Z5RO^|AyL(X@-3Vors6pzF65&)0W$ zPOesAc$a?0ul(_2KyMv>v(InWC-w>Pu{n=(V#Y;PcgZIO-VG$h3&e-6o};!GzBSkc zRE0d16xc{0sjnss>(hej?Qup<)Mm!o0!f=Pn%#lOk|w)ZDlfu$JD zPs&m^Yjy9kCtUh0RI5a2{SczVeW9h5=5uR7XdLbF$Ef_>cbqcwj>UGZ%<{BOuRWm5 zDG@*`of^Oiedo;`GJt1#|4xPVFXzA$y^sKQlD#C%?vw61tcxO`j`>c^sA$v9Aa43g z?+IMLJ2b7to%I;c)psdUft0HkE$T?nqbNP0HDG@jG8O5vLb5UGS|Hxwl=i*ezVL|G zb$+-p0SgnW%XZCgIDAk6(AScu-u*8jcUP*5vf#U|iisrWO7ybaNv{Dn^+N?@tsejG zt$S7qTzOokPwfKV@5&#laXK=aLQXIW<%8*kD>ka+0r11;oq^TXMWmmKJ&b046-#^Y z*&cwk_HSg)%*{D0zg_++U{Qi6Oe4)bl-$=(*2t^=2!0uP=dl0_Hn21OWNY=q z)ruimX?ryaQ`eBQ?-9~TKq&mknp}j?s)dyOy)FQd)i~R(&1lOwugD)fmK>}vel9pM zVl#)F>A1>Ljs#yEP@!%$T%}6qeO6-GGp`DZkNdTP?!!}fyjxV(Q&E+{=jePUI};NV zcWR11`n7-m3}oJAzM$%Cy~q=64A;JzmcW&Acz&&e`-gnGPJsZ2!619_O|{b#BjrV4 zn81F8S~45L0^_j5|GeM5<_@+1%a2nBeDbqcw5BR?PVO#{i)aX39{tf5lzlIm^1N+# z@M#F|SkqB1zA3r1FYMm&N6zU1X|pQ9Qe|QEtfU zqNxYg`dq|?&~6c&$PV-Rr`+QG9-rh}4)k45>N|jn&g?m03CMWLWdF$G1?KZ&wJg1O zg@%y^G!ylRHRf*mW?xsm?Y{wWsaO_~`(NY;hfcoI`>qm4{}M)v546xWcHn);&(jEwh^SW(>AkNSJ#>F+GdXk-cxfV}uvg|EmQ0d%mkX*VfB2cvn{&=MQ`RV?5r;&=ReIVJ%U~4le zB((nleaTnwLip*F^kLZi>FJW@%;Ad|R2<gtAj|nBq zrA8)w`SPVL;;26tMV|sKryk6$-ig7@Z>S&YiLB0Lq}q^p5DMDyJC9UTaLNT%jYaPSo$8Ym9a)e0*{HkJT<>!K%7#j~p z@#-xEaD@8Xn49MS4I&xQE3a;5_D<7WN3%q*TmAKruQ9EeRmU+nCwd>|_T@A+ zH035$kN2maGg{AmTFpZ1+xn1kFLr8(K2wf!WT^@3SUJG^%MbB-g(kc{zSgZ^Cxjbu zZY5&E`VU=g96z;@^nndQcR$@&&gN9z^OARXCAWUDYe^cwosn|hSK7@dx$E!07XQ=e z!!DbnNl71hycJKx>H8X^ZdWEe!PKngI!z9N7)CF7(|?=L8ZwA=wR{#>Pc63|E6M?? zwtB5F4%hL%Ij(U4U*up+Wl;E0phK;pmmj<~)a$)mkWh7@K`eaxJog#bqz+$JYNgBE z(Ms@fzO!*9&x7|CEO8Qu8ibTtcKgsFIhQwl^K{_p?pD+M9F09^{-3 z9js#?T)MIMcyqrExiKRq# zW%--d2r$^VRn$5gosIT!+kCu({T}#1yt)&Kb=YA zeWZ|%Y@;0ozu)_2XK}1I2X=d@jpw|7Y(Ge)#u}Es3=nwuIC9I^Pt_DlJh47tMjPtV^qFy4a^&Zdv(AG6Ra<+;->FdigrpV3qPitF1R; z6Nm!m;!yC=%b8J@NQ#L13mK&}2-Rts)E2(uIo1~X@HfpUY=u}X3}$)Ag8xTcSzWnC z><9%?8MJM&pP8dOmoxqU-)r$tn|LSjH#)T?pCPyXP4R{SmmDdZxcuEOG(3%GutVGu zV|?3%T!H`})3vd0Ig&4Oa~H(^SYCKFg`!FAw^uz^l|$~pYC>Q|k_jGGj2(B=DoL7j zaC`YxFHMc_!Fo(QFx*Ha=*g#l%mQGiFb}A9GO4wTo%cm$z1r|pCSnIlxC%%WeQF03 zj@K_paMv|0!f#@T$W6toPInz+@X<2sAF@_(%hf3yp8yfK#K;q=lm zDwsI+`7THum|ofU%7rrsT)3Dr57e(;H=aqt!L>V>l2`v9t7pV|Q z&L|(oOY9ueEtv&g83k})nz^$&JfL-<=ng~oGCvi^X1wzbZf@T42g9cz&V(As=(5{? z?63pm;N3f%fUjfZ?vtD4`)~cdKj$G@4%6NkKCo3U0VzPZKP`W&-)itVF3uaNnHT>5 zeT^O|zx6;UK%NOe#M>W#Z#mO@(N`Bhih%+DPP1VU4Gj$y*CKBixxwcfgc1yI-@bJp z7DW|x#L?^U8aeKAr7kKJqWASN-rz)gqSf8wSXNcC<#C)L8*$IMfjM^7hR~nt6*q|< zu_Dl~K*S%?R*FgHO26PxJOsvxz;DMKJg~tOI-pRqUBP^A*q~TK-DaM^jI#E|=ocCn z1Gw+;{Vx7EV8>!6eAt%wzT&q6OeHVt9)6N8weBXq63pH=+9Cx~+`QExK`I+R8}9&? za2M!u4IQg?YWuN^cz&K#^q^WEM88sPNiIe=0aV#cDZLhx7H%l74*dS#Mz_2Z!7j@* zXU}QgqRbeqfIgm`m3q)7XZBer?2cLeJJl`D<3j~E8mHk`|CTs&*ZR#$44X`#AUr%= z9riT5YUC4E2$OuA`bl{^pUR-Y36Eis7vE-R7`7iIbs#FpUh z#i>6n-?I7TfG#%^?ns?)42vyz`()h?J0us?ykW$Phz*^3I0^=rcgFl6=nCuSaR1?c zxsEmcCcYhM=Boh8YZ8EN_~pM>budoekYZ59b4=Z&^KzKr9VJo$(&aGllS` z#(=uE4MH+xY+`Cus3%_e3%RzI&4cv`>empMdt)JZ_tZ*0^Y~=Hg3rjk{3Yj2o593> z4Pg9H^L#z$-QmpJIAjbV?Q&ZdGrr0v1lvy&tR})BWG=QFdNVk60U-zjAlAL{&M4nXzswc17K-*Q+G(JKB1T9aS}q zEedM0$OV}IBSP?wety0{(Iw_)gB@?M^)6?0!1hd)nSG;$nxb z`x532f~l<+EG2CiIN}e5=|-cAsU9fz31oKpj!}gVQgDeqSj@SU7tZ0Nu{RR zbyw4mnUB|`#lGWTS@D0S$N$R*1?8_mY3#!;qoLiTH=2<4-OnESVcp1QVTz=DTj13^ zqyqLE))uH}ryeme%^no&!#70!yNyc#55Hz_(sZtweuaa6e$zBY_hh7MHDO` zAN3gXwF(0n``b4OkvK$5B5{XjVYOC3!`)V@p;KjzYwUu0&#l{71TmxS&Q1dNHA*$( z2byO|ImO<~1-4r$6=%Jc-nmXU@%aYm-{ zYA%Nxxd4);(xgtdik2~>4eDz09@Q9Zq?|(*q!SXz7+Vy*@;Nd*wgG)p^^2ytt2fPd zBG7+@cXX&caseWt-5CEe#!)me#N;+IJL(t-{!fKR|AmwQ(Q6-Dlt3XxIUL4eFFSE= z@S} zi)Wo?*ynf{jIxqPbThWgIZPbdG}>uKQ|Z%4kjx57EGt~=zYMX zQ1F(Fa>TZ;t6!2WlCv@d(YS?%P?JXzGiq*2Hk$Ym?j(PL%5fNP3+ucWsz}VE$IpOSXGIG$MZ>E=a-x6)TK?Bjr0;I&S%PQM;Dy+8HJ<)?O{D z`o+A6x$HFZ^jxkCn|5sG#Q3wm{O_U>TFh2m?EfJNy(*BkGCO?k20uRsHY%KYHN_Sh zGI-E2Yo}r*XS#)4B%0kH&3(K%+X4~;ORxda-%r9IQxJK}&liay!`IxT$X&z*rMBPu(Dj|zOb`Xcns7Cy%&iQ!!e9sUd?vj zy&>a~{~Q%0x4k3}Nng45%FFvQ9%=((9lvl=-)ux2(sJfv6pf{6(S_gtc= zOV;}wdsgFdR1;hBbkP@WM9Q>KdP}aiNAALG)6RK%*K0pTkG3;^XNPw)%3l0=HS?;<6n3<#&nGl!9Xon)#8Fk9TVQM}#-$+7wO*zty5u zUicWgh^yw;z1KZ`b~h}AKtVsXNLB^aDe@i(6uLN%-dQlu017UQi#DqucSFyu|Gm-h z{~5o_oHp_EH!RZV8}v_%j=*XkO?1^>VuXhMRHU{dr^NH=d|4G+jc;w8vC=KNl5${o z5#uZ1f;!J!5x}*;@$a;YLGcRDNZp|OsX_fl8<&x>xE@$$W4!Jg)Dc-`TFNg_} zbQESp8+kryr8pFkP4FES167zyE;$v_)x3O%WL#>St^OFbKDNdcJTE@-@%BzOR?9>H zc=gyGy=@rCCiAuWPG&DUEAHTMV6Ub1XjLsECGgM@Sr3nUk6!i|+DtKz1P>%`*il|m z5nXBy7rpGxm#{|K(_Lb?oqUIlz2!4!JU{;B zzbuf$1&5}utiw>3HJ(p1<@bN8Lxq z40XovDkARwyI;tI9A~_+n8RaRz(bkc<|VNw=yEH?W3GOxEs%u46&LeR2!42JARE+i`PFvq+k>ukFeqLmJ;8vo_d(fn5M zaX)bPRr2Fz)V80GSu$$5vug_oiqolp4C}y~p29q0X*7MlE!c==i!o3W=}NmMExD3Muz*UY^i+f0 znF#%T|KgO09fDw6jd2=9O;EXq6b@12&5&Jb=H}@~TAG^a25moQ_doW#?n`4sHJdLV zL`v=pjqM~=zPW%*w-uau!B3_FY(2q-g2aE6%m4VFKH}ls$xn@qMtUC4p$2K+uFFOX zH56$?fGdHQdy(%+!X_>SwNoZm5s`$Ww_hnnAFktPF0bFTd&Bl9nBTrpB_u$7bzM3Y}q!@Jqhu_Z(H&mQV;8p9Q<`Iho{`r~&b;>J4GGhQu0S>ys` zKEzq%9%519DpZE1^vWC=$0Dv64@(KoZkZ8C2R9yvg7l8YjQHrKj>(LJ(_83XTo88b z!-r7PM@?`<%{n4u>E!47p^M)^di`C}KYa*5clk(Qnt18YTSvemMiuuKRq)vtqaX1E z9iQp=e-i36^w5s$>ojsUlhNK=kEI`{;+ISvPoFEzvkE6gcp~ejYRe@+DQ`1rHCv8n z;C(r#h6kHkf%|jtv$@LC6UUF$7=NlK0J#atxSI;r5ZdV_so`33m>mZ&|>XUx@m(&{|ds?7G&1 zNfAWekV4rszbSa6C(T28Vc*vFdgvhAb@&(qvzsI}8W;BE!)6{>VKdSYDOdf$CH98t zq~#tG*(w@642c`o%s6=SE`~H+k&&TD1cDIpCtis2pckU&_RW->m}NZC{2x5}udg~8 zu%3eTV-kiQ^6ce)CO)i~_I}zLNt&Z*52K)$f^=+DJiGTA@Gu@YTO)q)Rur&858fk- zwLfHg@z9dDe6bN{etkVod5m55t;jIKyGcq9;v`k<5-VpuX~d_M^tgY#w)Qb4m3%ND z1{dL>B3-7he4XV%%2irJRo1&Xgc-Ex`P9LGbCUk+iM&`Lu=!Cz+linw6KM*12>w7o zj$dE|jFFN`?w`MJ>)u3wa+i_|7u_jNzJcmyiTkMV(E9u1e?7{7{e8eci^t;jQ1sFt zPtrNHeSYrg8^C_Wf+B~_1krLe{K*S9vBc*Z35M%v#Q zcScw+#&K5SlPOOtYuthVQQl(paFz%lFPUk^TByYTL5qKV6@r0d+8gBH{4AZ$p~JMI zGPFIYT~gB-kel1?h>V+^j)1cs5i> zVyD*PpK_1HSXIotUu=&j-j2`W7 z5oF~heNpP*+}J2}M0@!oPx^uo-2QpGV{?}E5}b8`$hk-Zc{?p0J1yy4fTdp2UPlcO z=rVZ7&nA_D#bV~C9%*=6$XFX*8t`pdfZ4)Wh*+zor70Yn_9QC--jswVfDS@}tt>!4!Pq zw94sPr;BH6KMQKDXe!aU!gw5c8~;?Z+wVjYxw1{@Z}1!xOqFirJloB_gWig-i@B!t zBioqPajPCjUU;bNj)`Dt_PSA3SOwmO<$4-Q%=`a<@dV@^=Uf(E?z!@OO;)^EIzPIU z^KeHJd#Ighs{OfPno(w0%JHKq$K~1g8gUw85sI4t>&6JKI3Mg#o7syoH{jnxXP7@S zY#&vadG;MsjDz6fu9I+Q6Eq4f#$I7USJ-$=5S;-`fxV7g1HOI$=JCY@9;cl$U!gID zILoeBPE)@7OqSyU0+kCmmUJhyFZw$Cm0;>TcJ583hc7vo&glRmnbBJ_JqA-X<^AsXASFY{S#7!zUl6K;j(SyB`C&pQ}%K9~)zlE4d$`mN4kk zx?||Tr^eMNY0ot8bCmr^RsJd`2TG_%5I4?MB9z#n^fS4)wy$t$KSEW+e{Sk8`Z?D^xm1 zOV#1Z8jAKnxJ^rz{OO-&@PB^L#^PVnd;fZ`KoReBTEcaR*o&6LyV7}F1o*%E+~|S$ zZ(EEDoJDn{!wGDfV>-UQ&VQXJR%DMq&K@JKE_HjGLQ5jhL&?}}*kH1=Wa*Z);r;#n zmH3T&qw^bQLaH_RQF4W`sz)W3CW)heL5H{kuv>Rz+R>)NLW$n%e)yrodJz2>eSNz~zVu{#!^cP5~282Pw5KwICLK^^P(AkUgH#B_^ zvFayx(*9k_6}8=%A9bKj4aFI_!K(9K?N?W^Pa%jtj^DaJ#pHHPP14K!1?FE-Nz5IC zD?Q+9nUl^oaIV(Y-fcBI)A#90<(@q(qtGVp1>NozcB7GApBr^GuNS`v7YhH7hg7}@ zX~MgP{SDE%V~POSvTSCui6AP0a7$=uJ-uS1OhomExR1`&b8QM)&a=c)I7nzX*mt+r zOFBz=&S4+E6?)Nf_!pGom)@86QHiyJX=lin_nMe{ z-sCEbqT6f_PAMip*eB+Pf`oz{0iGU|vP}>nKhJEbwm8jMvj`2O7uVEON)fUO)Md z&+!07X5AQl%#`DAaGHGZXwtHpI^{~x46Y|=y{z#~d8Oj4W`Gmoc77qo1syu!HjjIU zRNlRKOG~zLuhO*Rh#(plHLl~vd^uox>ksbVf3r57Gg$lvNs?o#_OOaxg`c~1lzlTw z5wL3CrAaigK23ktm0_m8Q%g(b?`>!*v8Wsmy3Wu37LtII1ce-*tdDJ%mAl2Vv^J*9 zRdypkH-6h*1HA9mDf3xAz6!U}!?j$!Y$>k}5Q>QuG+cVc0*^h8G`PjnkS5~@)JFFhmN0+Z1dTk-8&>vMn)_I5C1Exovd?aP|2hUq#=;fT zBa2MUrS^s9(*q?I(^QRNs|hNlIjx0?ZsgZayk~5HUe1~c|EMR0<(@tjV7wZT)9lCw zbMAPq1iP2cbz}cpzRSx_3#=*c-|tbs6G>T}KSovUf*<0Z`6B%863^7cCmAYb9^fRi zfbQ9*XiQB<#Z>D#H9&|&5MaZ>2&E`p@4bG0=IbJi@?Qs_5GqA34fxzWYwm-B-QsR5 zVLA9pdGQTP{+MilK_xLFYWyi~nwp$?K8=ay%A#t~jLMh_@LBa0D0_D8r_1=;m4v!q zr*Uo>tx&Fs0M6>}Qm@o)<{}{OHj#LGbp)cyV$+p!WnQhVqWe7*^6?i>SMhb?DQr_7 z-f6z-AI$J|8zFN~r`T?LE_UH1InaX9-U(+Fj1dU%=(<327BR=xBhOdTwG!srwc09b zfiqw;x33`;zlG%9*FK08EwSMNx*!yh?T3%gvvG zVjR8I>p(p>*l=H`GMC6D59sm9-k8+?|XzG0l+_Q^L<0& z>!7;X-QB@>vAVbcjgK1YoWxQ&#)YndeRSo1w-6J19JpX(X^x=vj_`f zh;8-iLFi}izWsWACE4^c7pWdwprct!9VM8bUcj{+K+2-d03}#Ot(5_q+5pJ(p`g)D z%6xKAOYN?BlZlWTs;OjvH%(sQdmTKF=mEbJA3^D{e3&D4)2hdpZjjTvj-P@}L>c*y zQyhbe!f=@kCR%!hTo6WX4C>*ddNSJ8Y+tp(JUcqpylsFVO(7_$NzFgF>ZvI{DSS3V zXUup##le7S;H^JzZx6$h-YOD_M_kNAFc$rq>33NVW0|Fi$Og;4(5m&YhdEyg+lWZ+ zLJuB!OhQ$!V^&_u(1!p{@S=@94Eu3!r<%_mWDYgAElvXvczHhBjETK}U8Jk7K`8^Q zI6r-MH;ep$(VZrkEs>jh7EQ9FeyuY)vu_Hc|7N^0^dN@X3msaqRaT~YzU4n4%_z86 zqX`L-ek;qbz#MQxo|VSEY1glHq*nf2-29CmzYo)J=NEO>gvMp4Fq5A;VksDqsNFGW3X0qbr`+57Fk95m}Ui0ic@nE`(v$NJ~gQ)RXs>5sYl`|<4m(J}uLKGjFtigPZ{GZe5Ng zTza9hE$Pj}!8LJ3Pic5Ev$*$oI1M2=3 zGZ3L{gAKM8#W=XbX%U&atFikMvnEdCV!xyCzzCQtSXnIP1vF%bKW92|8J0OUIj6GM zDB54BpiYsXA3(O;b5MjjCSq4ZA0IeEyRYR2zU<_^SusfUR(siM!!_kNoe9$Iv|#C$ z>Y!L(4m>sjg710yh8J25@Oezk-Kn6+10mpQ3uGRCl*>J}X_^pQ%Yd@EN|VBC=}-n< zu8=`$4RMa%FAjy>psvUT$DBvS3%(VV-DCXepqrk5XX&&T(CXb9DIPxSsJ>D1y(r=Q z)TLT~SOtB7;>x~9d69qd;QH?A+X$I zE}Nmzvz&X2dv3m$0S#&aKH#ZL1!cY#j&;u`Y_PGAy$4-y`VwbQjiQw;zpj~lw!r-O z_XtjSnk;ZswOu8+F67*CHW2WmfP8O}q~oh5Af&D^OZ0?tZoT<(#G1H2hsvz1^lyK_ z2+JIKZVWdaR2mwNI%4Z9xM2-scG>AEQ49X>;Uw2}6&2pWaSux#%~-lU(Ci)60+u}o z1%=MGfR(q!*vt$NJ#I1WyN}ETY$#n`IM+ytNpe1hjSYKE{;cK_h+-QJbR!YBmDrOI z<4Ja1$=m4i0gq<(=0yEFIsc3H2wBFl@ux7w3&pNQsq z9p~1=k7g3wBJFzX+5ms^r(Nj0bqf?yD$Zr6)Uyrsp^MAHdywt*4I0O3rmk$?2OCr2 zqtiuIgPbpUTOKs@_XJ?CO-zbiH}%GdW7BR=5<8$-<7lKFEt=al=q;L0>p+zh7fL~- zFY(L7kjLVqCM1QHl5Hc^RD0sjU?VMfpYOZ}Tt|`F#IaWhRpY zg$#`@OB>mx_>sa_KUxIy;$ zQL$N%c{rKYebOYxp3DzktdHtandW?hfE>M-pcEnK>*^Pt&R?Z6n*lQ{aRP#=((Cw+ z?OmeuTutYjzF;6rgWSGI$s(zRIfj!RV7v{EyFZb73eKW95c*QO-f{}02HL&^KDkzK zL)2&+5^%7^>@G9Aw<}WfxG#Za08iTqbhqi9q14a~ujBkaLzlF^%_C+&8D%rLobnc| zSW1xFiPI-nS*i#s`Fw|@XOVfF&%%5+;~QJeK{#h^w-?6;U&4B+L&l4jP{LO!0P&B|`r|zSLdz;J5()BYgdt?>u>Z z<^%v^ZTyW`oh9^}Kl(B(yUvI!ixPc;Z0?99jwa}twt%GUc41&qTQ*okVRayl2RC09 zdce1N#dJ7@c4g(0n)w*;QuEC(335IL;o|+d(+a%T;HAwvO7H?Ia7r5TNo6%`xS2+~ zY-Ib3Alt;yM}%3Li7}~E=6brYA$_4htPG&bi06A+!%kK}dM$^0jSmp@^`gzsG&NbP zg)t-cn0?7A1G7QW2qQjm_H|M=dXc#IiB?nl-}@tAKYr~T8w~c{zbr2 zjS|Yxymh$`O{wNfUKWEp1L$09^!Rw~OoL?5V9EiEsG{^Qz;^K(1MUL^kTs_gVzP7_ zy;|_rl=%~Z9v@K9v%EtpKhuqgnOHf=7a{OqorpkM@1P$-I`gd1m15VmfM;tbctZA) zBi>T>8@v|=KQoH^_P+K%l0u<#YvZh(n_5Bs?LQljwM+V%%BnwK(?{yWvJ+=nH!<>% zYGK!`sWnosMOS9V1wLI1zw04yGK6}mo<~HaPXlv$LE68kUlfHzJ4(syTe{O_kqH#0 z0uciNq*mxM#72DDx#h*4SPRfLTM1ype*ydjk?}gpho+BzCVo2%A(q&deeL_H7Ezut zqOR*~-~dSXv6N7+#ozM<)`1UtDqAIJgp1flv+JeqAeTv0U?2vK!Q!6i$#IV zOv2nJ2oTut#R&a}1-X*HM4jX8Odv#%m9;M<){p5yGAG+J)p2t)dc~frJ*&2-CI3m= zPI-lGooR@(gAr??OgVh^d)ocCy8`Tc<{0-Hi!UYaml%q1+Znn|f-?X#45#**_$o)p z;0?fJys%4lv5!5HPI**4RbSoSw&mntmjna@D-taeKkEiUu3+k4_}k&;q(h*ZAE^tk7vpxiV)64N=@|&< zCe6ZD@}7CzrOI1z4xHs^K-4FnjoM~Eld7x>^7R*6>%2-Hp4|d>k3`5xk*fA}J32^7 z?1v-}zB!RPhMl`RHMqnA#mXTomo}*!2zS*o(`_5|#B z1V;8G=Ci)BpF(vPobM_=g{i%%-?1aduVr^l6 z2VycPHy`O{WP+R9;ErDZy8&nBS% zAIP3E$u#}3qEPlN7T?y#lG4&~5raTA5m5cb{P~*L-e;`4fHpZuqaOISa8_UMwF%S+ z6@fO~Y*xMZ-LEou2*ht5_~gApqPvhD)u%NiPc;|P?k{Pp6viB|1f5vqMX6|Cz0qzdmITxbbPa-!kLInKSg zhd*Yp|C5!1aPWHv&9>C- zVIo%e(#a9p8rmtmtBMCy?lI>rk4vt1V?5P&xGdaLwY3Lt&P7MkFX0xt>f+NsOVB#} zZ}kh&4lQZ!UxCNH9dx5***gnYEt2l=NQAZ?IEQ>e!2098+a-i)Wr1RxP^?+o>xFD-GMn*~j6E>pP~{!!Cvk{Fw;kJ-z=%uPi5wBTq6%?8=)!!uk@>V8%m{ zou7(Pkouv|QD|$7#H0j`SR43z znw?2K)vXJU+-&M>FFD?F3Xe*0Xj(Ld-fPhQX|+ka;mE-<2?B*tlYF@Fv%q=Ul8^BE zKumNNS<5lanobzm2$O3PRlf7F=}z)dakY!4FEsP6BWUYi^)@+R-Lk!|UtE0M@boMq z4@6!xD}Q8yC-m45Jj+*o@mZiM6YX&n&=)YvZ7+~1V(<}NM%j{n%?C;C1R7G)B({?6 z?H+VP7S2p}8W8re)@w=Dys=6^IU@6s`<0d-D>(+gTpqn)DEQ+57T zO0CQ@DFf@rtodq@d+GQ7!oj8yJ#R<{-f839dfRK4CNOa9g&2Am=g4^w=zvbdP#O2R zs?l)gNfCR{kcNB$Kd_9?BJnT=a-6}dvsFTiB(yswwP-6EmK;gZ4*eBI{bch6OFm(~ zKW`$r5=>s+5Fp`RU}R+Tn%`Vd)R{GbS}ZDECGQEscDlA{Z2|0Gc4LJtgpCvPjjG`P!GnMcE(2*mf0Sq0bWg^9kA)xLdNz=YpFh8g_wPmZ7m?Z7F~)RJh+j zxI97i&>&0JgkDfO-Zunt*Mr}vEVdnXGib?~h-g9NanoS4?S_sr0DoBDQ@^GfQhNuM zADq|5C$g0su(Pw3TADW&=diPfC2myt@N_|p*mm|!a~4LLcTf(d4r$+XA_{B;Tkd3T zH|L#)v&3hSuIT89Juov6i1z`zEv_;#=dc|cn6c!XrbMWh+p>yrYa;s-L;7MEhAUih z6l^b@kCAS}aJgrOPZj0h6k9@ zdu?H)a4_4D!mZavWiUJC-EHLYDSRsyi z-KAzltLp@#zl`K5*$?GmGh}B^RUv)DNZ@3Quz8+DMJh9isBcGbbZ(s0rHYZ%^m9JI zU9Po~%msAc7oEK?-z>y0=5(rmNN`F2K#Kto5-e{cIh9)J7M~awH`u1^aWBvWQSihu zo3$HK$Y`$)lD5Gx*hSi?NF+gVkJ#`W^I>9URTV1M&w{L-?!wZLd|AhJu034%2 z3U6u>k7&yNQ+`^{ja+}9LFXLwh*kIauQv#FB!+%hlyAF8K-psB`n7RgH47kf#R_%U zsDknx$kn2G=76NQ*&u^e;6qP6G45nu9h+G9Qwhy*N`cJezLpdaMc#UVZ=k1hB1V2{ zMX4AvyH)nw+YQS&(Om z6;fmOsz^{M+CV6!7?k}ucXo#x<#-!L!VRHq){M5d-%H=Xrm-E0(E*E>o+`!i+JsMO z-jDF)XJB$08=DEc=vsX)VtXod^ihL-e)@wk%*f6luj@Se6r(WkE=D}+^!9`er z9Z$PCKoE(dm{r+(;Be~|KZU+rIARL#p_%;m@5t@CaKaT4p)g9?yDLIps6^5;)m3k8 zZagDl?DK2iuJfToNe=mrKl|Opa5`p-=HMTHZY)`!6P}=y{#jf5>v7+=Aoon^i&|Fq z=<&k^uu*NPl?H!b_wujSw9M%UUDhnMB0hT6YWqR6@Vkg(Zi_4>;cHqRnve=T%VEakJ%_>2i5*0|H60HWsNZz#+$amX8&_jwOl`c~Fj8gHPW$s$ zWBdP6_T}MFw{8DVTV#qSc z&S0!#r!iRuGxNLjJkR?)?;pSSp8KCVIy#Q;e81Oq?&s(HoGiXldaAv^HJ8Rr{JHg| zHf|c+7D(e!6^`;UZOv}Y99Q2YF{Xk!1Ga$9mmVlsJ-CBlk6Sg*xX|ub6X$owcv)Kg z`tfAN>*ZyQ!~G*_+N~0b6>q@=#g9jEs2V zENR2DCt0(7NLhP&wIrJeL5OgolqA|fA#ZY53(m&f*)!>csoAZaUnn;ToaG&totUpG z*t5AIDl1}(VTjz;@U5XR@rC2%0yz}8A4Q0FLuqVnSssqvZZo_!k5lou+2N#f^iPMd zruu`D99aC3EZ#nJZ{CMnK_<%9fgmpK{6Qk>VBCUZyVOIeQ=?7mHFj{{EVD&6 z)4e+@i~jN;Lu5g89Onh1{7;{phazgNL!%p>z7tZa2u#?(LyR@8EsBK3HeK64uLuL% zPk$l-FnO1kN&KU~crZG0WV4WKes}kVjDSL&k-4DHPJyFa0ciOPc^ zw9awr95xdn+^)S~>z^0JJ&?kNra!e>WR3$ke&Y1|5_(%Zkdve@hE`f{H!k#niZ74t zsiCwr&FegWRcZ?bb!wGC%wuwnGX&~4Ar*)xX z7x_v>(w^Pq4;mv=kw3J$iSgaB>ML#vL;Zp2=Z8EYrT`}V&wltn+iVJ%%+i7bwNi(> zJwr4ds$2ukr=KGV_QX9n&1sIrWqDf$NWUGhP>?U;WCO#|!nOPfjUR(-SD`vIr6%<1 zlXA*;r7LZ+Qmk6W6qYo-j5tSUPl@pqEMD;6 z5AMAq8n}`=dXr6{~4u$tD zc8Si~%cjXuG`1Y>GelPT_3!8$eZ5p+Gwv0Jjw)^n4FO}w9KTja{GYS&37q{3bxixX zG89T*t_(SGvr4=PcVSJpxvd>PT61^`lW>}; zr=HF?EAEnU(7+i*aw}c~tORc76bqn`x&siTEZkoD#x~r}e8j)iE69adD_L(px5Yve z9>a*``^)amcje+b6^SWqiS)v2CU&a$ zzg9j=)zuP*WJ(us@aYOP#bdfoOi|77as3mrAa^$!|`!x8!8`=j(ZEuN=am zMn2dXiR4aHa^-la3$*gfpA~B|lI5@exlkdEF@TF^7KbQ=_fKD=xPhu9+ass2$AhG5 z^GQ;7U=E2CL}+m0)Jv1!*rV<+rfyT#sUO=KvuL~Rfx{6eGGCFLtF$p(4wdYqgPTjG zPyB9xYE_t9E`rU@2kGY|cKSB*&V2g(5P+yko*Oc}qlS6(Fxt_GVBRk`?$v@AujeHf&t73|_4 zqi!Ud`kS!G9_wV>djxysTo@0i0UK>Qu09iHYW0juT`5dz4fKW?$na-aq$P&6JV2e> z4Uc=^?s85Sy&;f)c4@Z;Hf+#&e7{|oynG!fL-Aq_P!!Up1$lc< z^}1Sr7>m~NPh>u9=l{Sv9;`a;|0t1=%k3RRj8!C0PB4O9^kk}dCZ(TuJJ9qPEr68^ z5lZYAQp~j^8+7V8dcI8qM4l99g77gxa5O#0b+?}#CuWRT8DCALGh^v~*_^2jto!~H z@-Ua+Fr`M=p6eU6B3zLX$ar`q&wIVvr;Yr;U(rG9O7*i^lgWntQL6jqQCS2gh*i>a zg){7_Bn{R!_|6HBw)f6De4|qsnqC=?%X(IPAsLNF3FKilqoV=d+SeenfQ~ZF6g1(F7gnrv z7%)!=m{sO>GWRFE`oht1hZgtKa=qs$JSTAgWAP~W&?i`{qeKIOIBhzS-yyFe{;$B% zHN>l`^;JvLC9#*%n}|)3*jI(eRvd=R2(Q#)Qdqfd6Vc_c2-q>32a{L1_Zxf50))OJ z;A{pou$+LBjS-8{!y_fqMvROi3}7#pl}lV|?CMeWa-jrW4mBEfM-*o&tSXF-oO zqAG6sx;VqThPkcQFMgQZy9!K8k1jhNow;?~$2CK|{%I;YRy#9@Lc)6mElZ|$gS`S6 z$$D~X%254O6uSk1SAjCtf?cb%%9zo_?F>f26eFH5{x%1Sln|U_{nm1Qz0b1j#0Y9O zn^9tPNR^g~QrPv9q@yeNa@DQe*%uOdegDw&BbSG@sXXcO;$*>Q{Z|qF=wTwV-UrHk znE-|Y-qnjA)r)3g%thdbuM`*^ju@9}H3=ffD`NfeeL==T>sNzzzn(MLujk&MiW1t^ zu-Khe#cqx)ygJ?O>gzkYkG0rI#HcCme{idvSJ;ik#}OQsyr|a$b+Q0wn zLZK3!KRzd|_{96#>L(5MP(}&Aq_yXD{WYb@()u9$RQ}?AYGwkEMC~tWRD(IHMsKNy zA(&NVt3A?|H=!gYU{HYGOTRpbGS-@N8NK$6^3yA*&VT$`;m+scop$`!klb1`mrwO8 z%-yDbW9T;!q;kE)E^uUbiM{Mx)?Ny=7w0UWN=$K+mmY9p~{Y)l1KG$fp!@$IeJJI>p6l?J+ji#>jQ0PpsJgvAf&4 zx%=+IkFjj$iw65HfwL}{RWEk2<-2g{gk1BjTg8F(QK{2ue|_P>t(V{2`S9>$<=low z;{M_jY{Wuz12ll+XqW5E;a17OqrBb%hsR|{{01)Ak2Lhltk_%DYKpAOP>s$wFJ9A@ zBRwTnc?EW~m)jW;45{M{W;Mk;!GNowz81^O=he{siMT7LiR@pqOwpN{56F<}$J#y2{cSJ7IM zW6(hCxSG<+xs-$9H0ntq*~^1rs>NM!f=H6A`321*80cFcEGbsR!iNnISp~zSrJB?qLU~>W}|IpwZozo zjsOMre99lA^}5ENyYjY^06?Cz#Re}fJNPDAZYE8!A_SY@(&QiOxxB*j^s=uw`cqoKD7hcQF?)+_qGQFTL$ zq*|hIKg>Yd=}>W?!pfc`X8`Pb2RFI>q9VRbPB~=G>PK!uUw@;AzhLh8`l8+QTktlCZji9&D7B7IfC^X&RDcB8Vazop>u#)<*L=h?yXyeJCzpH zrJ`-WFX_f;K&`(rtorcVZQl)5~4-_v+m-m z`7hW!;q`YqH@Q<=dQEN@pLN-FclxK-rDig6$%*fr3R+ssJ*KF7ga#QqQ++7delk}c zmMk3n(Wt}`V_kXZ<3uHAqFc{l-edBa1AW1@gN3Pu|q` zb4O+S(`9dVF+7_oD4A*mkZz8h)1w~V*;gU^)qVs1El;o1xa(z1f>!gz!O+AoC zYu1Gg`Mwkj^*^66iZh6wKBKAKV?LcjT*bHFImlIht=4h)!|p~}crL!Kc8AK|8vKWc zg43-t<4E)9AGAbc2MGM@Z%VV$@D4}A+^kNVSe4|Zf{#~q)14(n4jo<1f!v?Kf z1v(M5O*-X)7TV30_@cCKV5tU-i5*-^OH4%*;ITS_*Mpg=F0cEhD@lNB z1j{CxAzBABSqaUjDK)$#aw%Aoom~srA{2{O%@@*2=Byc}efS z)sG&jxu`fQ@zo#8$s&AgiJdm!QpnjG>F2C(KN;xcnPWD^$JM6w4pws9XbN9G`et5~ zvlcY`KH$DO@1Npi&Ruuoz8{8mPNESLb>!UlNJ}l*A&I9(Zt7*@nOpMMtjvFam5HZkN3%GG&h-l<&ww)>5+W z3KHoXXddR8G1E5HFH^PW4ucK){|pE+rF3a^BT%S@{eBD6n!w}yxb3i@o_%zyV&I(4 z+IRyFwJ7KUH7B1g=BL^s#)j2tQ0L&LGq1h1eO8H|Qw-m9xQ~9WlFqq!37+oPnHaYx z<#7-NHiV4tAOSsD@5@q`(DUw}D??d``Mr*T7Xu4hF@@8^ITqvwiYAdaXlD-@Wb9WK zKq=3(-&n6*JQB2_hCv1lc}e27(s2RfIfJy+gE(F&*+;V+Nyo>G-mxpZQGQc)h@Q8q zRS?tVroi%!2-U?--3Su|+z!Bl3aR0;5BUv@8jEHMWivr=7a8M4Vfy}4uY|?fhU*IY zxc9qUDya%hCVJHEf5>M~mHd7C6ucX=d$ zs~X5?Fs^a&XKpy&U%k0vW*_5WRH%HhW1hUHeS3R)9iatG`2cJTRd5)Q`qwfcawWKT zN(5o|7}Mc2bD!+UmACq-S`#Ch#Bji5IO#I=?T=qec^6t!ut8v4n^o1PryR7)NrPSi zhH;w+&FwXuOZ}W#&?>^LYMBNH8EI%a`ao3qrE9VVaW#8;DKDuNGt+z`N4#NnUtHWv zj1$$^_SGWzR1)iODQLAYL{>IUt6=ZAH2J!kS2euORbR{Wbm{}E^PZ$iqDUin<@F#7 z_rSowxw$XvF_ibD=GM$Qw^Xb-DP`zOJ!y9cwbgDlR_9ghv&ufvKNbYYzT!~lzSAI; zjh9af!1Uytn_gzCuH_bH7P-bkt4b`O%5aTV3!}i-IW4FI61;o2%KqS)Lj9civep`a z-i?qlKf#SCI;$5+HM?gd%G6yG@IWCZQe1eRM>wDdHOILQUI?t5>tJIQMoV9jz}88N7_W87_}8134kA zfawuniH1y-LK)mgAB_W}@ylL6%xy@);$m>i2W_w+#&<#awgN4>nR@1iCT6-3+t1N@ zJEouEbJR_n!IFnhhQ==IMa)%;Rm!LRJCv;A4ge#|b(^0FIyd$#U=P7C459$b=ppAP z=e?Bw)uJ=xSQGcmL~Vzd&m8}f|DrHO zKr_+DlaoPAg&7s{f(V8LUpV-*UR~FP?e9CZgs4~EkUr3}Zskjt*fZpF+OTVn);CQ% zA@Vikt6KFL41oMwx{PNWohT@WL|Qd?^}-?#)lo$}Woqx3#k zX+0W#_Ijt&)Gw)3@7hSK;?ZnQKl7|{7c=l9gDzhM87)(uW@uh%O{y|A2VD&3x%_f{ z7ZRV#=C6?=k)}VD(=&W`ZIn4vTxn@~j+H1S?%nkHK+kMT$#ubqda*UtZ-y4*rnqB( z^_X$xq8M)hYE&V2%`o)Tk+HGkVxM-FhU(YwT0O+?#XjT9eq3MIXz@>Be9wR21HkMv z{Y_PM(WX~l967Q$a^puT%cnnlySSYOevPA*Gh?JI1oA+OcPNEi`^j_2ionp3pbV<>#pBi4dF};rs=Z^l@iyJi(R_{JPcN3#PB>Tqs9bVVcZYyIPgQ(FBGc#-hJ|j z^cAl3Yv)M&HgPn~>=fWkYe3GdE-P7(4C`xs@Q*D@i<>|+{@0@47<|HmlbLndQbvF) zDR&A1f)CSGH*bx)uF$=UK3=GRfqMG&#mJ3l;1OUviy4jo?h zrun_A=-qle>EcY=+`(A7xNz}u0L(1F|9qE62#BU6U+)<)j(aMg^5bBwxXOwCYKDbs z;UIkSohXT>I2Z4}@{o&hG%?)BnFpf**c|WjsR?545X$9lVz_LQ`7dPUbD4e5bjDov zU;AZiJE=nJKD){|auzp5hnPww4IT4h%iN97{##$hi&)O9Ei@4uq;~RSdE%qrbpPtEjp2H4^1W)G!(#hH&1huSNk8hB={=KlOlU5YJ0#Q*@-X5Bab5!uHI6F1dJ{5#y-8 z>{5{RGwB!{DLklJp>QW76Pm$fFeceBLxWv8%Kuy!hvmqeBV$rMbx?>th=g>9%#iUx zq)j|y;5O1Qdd-j0!YEN3(8O+t@FPB%7~G%9B+X;CDU*zn2NZ1OZmF8Ac&ZJ-vzQWk zE^xmM5IN$-i~X8<5o`wgrJ4IcjJf41D}*eLkbf)W4EJ7nwkJ*Glb{j>)9Vzl$~jTz zTanoXXA2YnV@WBz!)1LCw)hxjRw?OUr$i_Q@2|xW)yBwqeuDvD@!o6Se|_C1KOj;m zyFsQtmFxReUg9p~92fH%#1rpz3K=ixLe1IOPS&Q{5I<~F9}xHLK*bvLB_%Q=8d40_ zs}P&sZeysGx#DM3^9j@je|?$HI6JQ5)}K-hc70EgX#dl{8g@shMWkNV1`*`$kESq; zaEs%6Dn*;@G2-l;O-mIb_{Z^wU^0M{Im`B`XgOcv=EwAP3uKpMl0 zP?ycgatV8i*axD&->O)KC6^r)txZPrCPY&VEyyYOy`Y70jgGL2OHFXatvE$yvkTk; zretVBAqj*>g~a{CegJm_etvbpuIGw_bV+o)RL;i2|+~paZuK zkAB+lpRNudyE~UT0>+PqQmOGtPr1E8WH+b0Mbmy$&|Yh5+tXV}|JP#0-uQT)!kx+d zTzu#@{*`0O6MI^+-O0&69KdLkuBfnWIccH7$W4Xph>@KOzglEuA}iD%!U{Wd6XbB# zBrlz}Xwp?^Q@EsA>vUD?^3I?axe_1Fo9U#m|CRA}@osyu!^EaM4hs^9aQTcWTgG@R zbmk5(wU9){k&5s&ihIw9cqFQ*ZO9;%mQ!lsFX@*qMQzo9s(2K`5JpWQzfiamW*|@; zvnB=*rl&}`|79dMubQzMbUF%! zhkCWhR&o*Bqr!A%z$X}(?_tteG969S0RKdBr7}KhEXWM=v8du6sMP_GXP;lD_1z{h zc$x;a{}FuToDsl_hc#?&yjA<0&Mda&-S4O{qd8(s`18`~O?8mT^ZPJ7o0H&V?ue-- zGjAWTq6I1Ghtf9wro_BZ_Ge`XWVJBK5tf>{*a&VEYKLCwsqXMUAzS;%`d}8a$*j|H z;aeEC-?UPu5|cnZe=>F#`h91`XZz%{p@ZCRtY%IBcDQsuQ9b^ zU!FIFX0n>R?eNPx7Hs>5mWYIItx5?nIw3sUoB_W_bR=0;U}CjSETe!Gc)%|!?0Nzx z@Qu~^GAwpOG|^&N-aDKKIF(e)x-9xc2>_NEv8*9vzXwXlAM5)PujEN3U>iOwLvTMK zqYEWc2|<@>tn9sQ1e02|Z5tc%o<;&bpB5^rt;{Z#{Bi6i=-|9TLVbGFc-|$QK6|wd zRonx~$hnrht&>g~{KU z*s@apR{iw+)f!ZH$+XjgsBqb}WUoBr>Dhgn4*9si2>~yy!qh^G`WP^%stl*9^em2c z!8MLlO2L&36|TQGI#z`W)J|u< z`YGuV5Z-|~h6vB|UAHTS8ccQBfOT%Xp*9PWD%EADggY3lw@2ECp<|`$Xk-#NmltsQ z>d}7l{;kS2*M86YD^E1I7R$<~lM2^24l2U4Yu#QtD>65QhI$XVN;vIQ117y@T4#;o z8n-ylFAo&sinT#o=>s>|xJzrfbC^%p1q7iwVL|1!blCl&i zD-hiVDE%USQ~KqA#0*&%%Mf9ol77+7@o%hE81zyt3|VQYw+KTY(q&U;1j5JVtvu>k z`e@pjNYEK>b^O4TgW?a&IaudFizz>T=Eh+_xdffaosFghZLRHVCae@P`uDp%aVQ!W z%;#yoA|O(ybh!BzWYhYB$d;v3%M5|Od|#xY6DLY-m9y@)_FFl0#FqJJB&&}|i=}|o zH38%AZ|O&UV@>q7i)<#g(_VirL?s(1pVfUFtDA`mAnHF=O_Q2uO4c>@Y#^)3xf8sX z`-6OpUa5rHbAhChC>5>SD54x{{Qdd;Co&g!3yoTSY)LX%_t6rlUlNfFHd!yhaH40` zDL1gNk2A>1Rw9gXsM4KSUrao!pVk(;Zg@vjES&AS=}-di#)_B#O6qSs{61qmR)q&W z*A5?dLrzRqtr6ZAjd+`3*R;y#!OQyv{-bWnE}_Ige`S=Owd%zD1a#!N(f!g>(y$`~ zH1-eJf+IQSRzJRloVZeCgeVwS%0|n)@Qi21jyr6D(OB1RMlc#HQO&`8Zux2|KacH} zi1O>YDw`0wQ>$F&D@Q-mkY$0)#`4x-=vW>;9HKvDV1SxC84(A_yYGNc2-(RgcV&Mn z#P*Hjv9a^1D-6Yj!(dpex>W6csfM;zSjT{ zZfKEG3D@-uHHXM;(_#Dm5AYL*ydRBv1n{6`+SM|<-%Rbo!{TJdzGtv*BGF6l%vS;@1xPT{Q$74dMFG4s|@*gTbiB-Ccb!`tUC7PBc$d! z`5Wxut~fpy({=+%uayP`J3rd;FrK$ybjJGFH246}o%z`M!Pba+?ys=@7=wp}+NM-* zO|Es5JA~Rz?)(xdCOaB6jW_rqqm5MQZ1D8*4=hVT&O3F@%8l<;9jo{hc`%eYMm#cn zI;h|zymX^wb9%hN^k(V0+lX$?HTN(xlQQN&JIjVz6+-lbOlOuU;1Ou&Mn9Z3mQhIGM$So>wT8**)ql z)5UU(){Ma;^&zAubbAlXe^;-om2d{J{xN1GDmpm6NYXna>dQ3-%Z*RAOr?z}HTn3{ zwP&Jf)qE96k2p<@OHT`#&8C?&EGJ+GZu=el!u&BXVSXo7wEm&UkezCNNs=*o<(U#T z>JcsIPO$65gRYEj&NplIo^?R?Dr~z!;IO^_4_K38_j#)^ zA?$9a7V~-cJ&BM0*->5q9R$h1Gzz{?U{ZC4AP%^?1m0~ z+Q~tmk%;uS@uk1OwXe8H<_ik*@xg#PR|)1zp~@iX&JXUk8e0y*^o)+uIJ|fE`^ix3 zOD5K)$Qr9Q#_@Zp>8*mTa}wM@^O89_I@ICf8v6@w=?n4d;RK!HIXzubiHQ$o(+`t0 zX=?))(%phqT(~W{&L)Ax!p>e6>dfvCc^RQigeNzUp>)#i^ zv$CCTy?~4PoR%}W<7#GuUL(j5%$b?3`}na?U1QhlojJ5c$p(k5!9x+>laxaE1-sNo zp3*VfZCo6#{pb6s6_g~6EJ?6&+7-WjWB$zUo6|*_!c1Ep9X`I6$b_a)PDh3 z?kax^???jfgR;&&$U2R|8aKfw729cPhL+I;A{)kt9ZRYn} zCsECr$qIWiq6UGb0D#0ARa8K%`aXvj^SQ7pSGTq&SbAp-yEWRZOVYc>7Vy@+b%+wF zn*t$=z_JggI-9T$zI45oq+!#Hh?*s+WH%!q(+Ft#d^?cj{;C*lKv7BC9Y?0M6?EZN{R)VW?us-x6ln=e!GI++u}EZ^YLt z>eHFG`zHr1Lsp2E*Il2U;V&W5|CK20{jGq>$}V-4FC?za|@4kMd{S5 z0gR|tz~h^cp;2e+*p>wdnW!;V$zMm|aDILPyvj$hQ}U`$YQwJ)@l^`T8ML{fnd#q(|j_b{9Ao% z+(E?q6<736tKstT8{}1#do+z`6DH>B!n_NY(HCao+h1D?stuI)y2QXfI)zqd0YQtl zd}Jmc*O_e3H5P4PRjLjm)Z8UoQ<}`sT6tp@GqYM@;f0dyyEA{DjMyd(ciOKVNI*){ zKYfRUwnXLm=}ChJ=w#HlhqPFA%jm-~2KuP4?eIg@jy7oN6kMzH3BIn`yrK42SM|Xa zi4ERGxMn6V%8}?D|AxgZssHEcWgR!^MCsq>7+uq`a{Z6QnoWH(F)qCxBW5n8m5r7g zp)dGbx3*{cia)y5F8;tZ1uFhktuLwzYm~w+k34%Wp_Xw z-T@S2t`w-(gWQDYD8y=s#m+u!t#Bnx;&6PdR4FH@Y}5=NQ!C;4ac;wTb+<#ZxUP^W z5rY$r8IQU4{^RuhH(uiyn?KMpZ#O%v4U7th(z@ljnlm+_KE0f@MK5vZ7A$l{Bho6Z zT6!lQzCu5+VteRvh?&{1Pt&n!m5*=mlY2A@5#-0rB3oowKTTNE5Db=O)tMr8F$N#{ zYX|5hAY!h9o;w*iqi=+==Bnd}>oW$fn3r}eoBQp=+c&kmUWsD@&LX5$My@aUr=~~Hx?F_Tn(d*`q?t&Fe@|j)%iz2cA&FC4%z5>VBe9;yV#=ioD|(vJ`e>L z4Bs2#Hqb4-{@&f8GE<7}-QCwCgMHc!zy^5kg_p6h&~m@Qeu6)rsi3QRt!4uq+RA|} zIvYL^C911`!pvvi1i_uPkM7r!f~Ujv8pz^LMwhwF8Zw-B9~*VX>3h|toT#8N6p3vF zek67;pQpX{s@ng6&=^>VGY+_UuE(h84Mq2e@)tXGbeTP*XP0{ z-mAl zOeJ-kkN-3HxWq)7-oI1dav2UcdxbuJCBE0jSYPnrt;E}ftGiFeyWWu}G?#ZKFy1*# zfh&2oT0~8Yr3)D&|je|!cA|^dMv>!HGg1|U`#r?u9C%Vi1hgL z#Hhe`(0yq+IRTgcnd2f{+|9UW#2WAFF}HElri;&b?-83zA$0os9L@tZN$~Rx@5XrIT8eWQv`?i`8>WrQyn=Nb2uXYJTUj-71fBh)3vQ) z^7`)gc`7creiR+WWNok1AJ5CH7FJtIam~1Qn2>#(JL8_^&)M5Tn;b5`+(zby5w_=u zw|fjsBgGm+va;CoN`_xut&`AJnEUl;Yc-m-NXGueyAFZYH@=4Yk%Erlrb=l3dn6y9RqNxXFol?=95yjEoS~v_U~eL0~zP ztN*#RR=$M_+PSVU&q!OgvJ8^pw6xJ&O&>F4SVoawV zhS|pXrnO3d$uUq7$pU~~#!8f5&=!rR7aiVv-OVa@_^yXO| z-O`v*I^-fBpZO5@O=98u3ybKiyuzf*=$U8TGxTRPiPH~0U7Shy(5gGys}agPPFnz< zl+p+y>f`jBKomzqLYj^_r!JURyCf=H0*p4bQc*Hck2>OAu^pza6$ZeLw$qJpO8X-LuRo1#$o#j_!Y83 zAZu3f1H90Ww6+;JdsAFSS_Zn-vu>t(pE#w<)V7d?&n_%9sw%EqFtZ{+Ue^B~S>S*D zm!-pDM}9tA$_>gp4!tTbeXIZVSxXLO()^e44+u zuzYFn4$%OB0LR^P!W6?PXsB;$?o7O2O7Lc8$-3}lD^X>@pkiFAa_^w1hHG7i{985enQ=ab4#b>j?yO*jfws;7)q1F_()Rc<z`lQ^~TDa#rLH|M464EMm#fTjt@Y206iIO4~qz&d;9<|$S;tA zuFCacTk!VeK(i|f|MBH>8AST#?8s$jHi+rSU>I$N`;y3=;0X|-`s?Kbfp0o4+Oi*t zWb;K8mPp;XrM&ce{UQ{ex{~13HR~G6Xoxg6Cfv@5D1^9scnou>>A3doF2;U9$3p{# zX{<3ZogWtTsxZ}c^^sN%h1xWKfZ|iHFWB5CgVWrr(R3~_Z^NH6=!{dj{-(H!H&(AO zKw@sAJ6YMZa$*iPPK?KY{5C!NiT*Wh7D($oKB#QLcsA^osZ@nvJhRx-B!K-c8IF2X zhdU@P1ndi`DhiCGU2c+VGlgn@EQBPgD@3=$JGzUXbltJZE3K$>)uye|KzBeFarr}U z%TDOrn=&I4&^d+vN}Ot4LE6dw_gT_w-Lg9;qs@?A#LOa=tvvvo_Tt#Cyu4om_vo;Xv9&-s!ZV9Hd=u z4dcE;7fR^p#bQy*ZmE&c?mFimJ88|V?ffi}hBt(T`E1nq*Jr#l5axwud>W(C!U4kd zpeyG3@HF|}mN%_!Jf7r!Io%b+EWFA-H{Vvj4q(dG_#}R8I!=4Pq$5HO%XHnzwKLWg z)uumd5DABGKGkRHH{`!zd%+DoQ+h{kg~pl=-5&;z^*bB8r)NSyXpE0lKbemYuPXZA zB5P{eB;Wgj$H-{ZjQ^%ku|-^`o!us3#XAuW&)$GY*F4niOrq^GhmCYaH}1}nEHCDk zK@zo>b|b1VtVNETAO5A3s-Yqi&7z3~t5VD?<@0e7?QoyBM!M3Xaoq)6F0JB!BgIFz zhqEb-R+xT+gUB;XsJK(!4FBHtKh;YiT{+daq{48;*yyeZB|8=L1~0!vRrq2Qw2-r) zhBi|Q6kboXv>>e-%1*p+HBld47SG=bBg>muxxRQB+7E`YN{@}6m#i^)K)9uA%H3UJ zIjFK?XjLk$_-tdNd){tDxsOA|NHngGpZ|uCqWPAriYSfd&GOM7fWZaoOOXI2k-PsY zi4cI^PpB126R4QjqxN+Y(}&Aw$LJuR=@Hn?5Lg z5?yX&VC6w`U~!h%ra#%z9*$M8_!b5hMl14Y-~J?6bG0pN@e5=(>b_2CCU&-J>0Glc z@(E~j#NBVh06V%QRTAfczdzVpUI zpc>2CV5z3>LBT2~buhHPgEvVU5h= zE$dVM>~c4J$zlhgv2u;S{>BGfn`u=nV{I8~-#=zfsV;?ow7z$G47Cmh3_*2cwyyov zOab*iYRgbwxsY_yv)9BquyKp#INxDp{s>ug~R>m?P zPqc-VYr&XqoA7}sGWWRvQ6!IDM?S9S!QQaK+TIt*dSzX)`rwAIoNR#$<)L~(o>Wa@ zFm18X@B_;|c=!)!%j+wWw=2f8%ciyBN;jT@))24XGZ_2uz#B-$sj}%QZ)kp=w~n6x zZ)$JQOJ?ls#%Pt93v$GWh8Y|%{1J>jQw=IkPi6(&?y}vNk-AX&4f60gbnU(h8Y{Jr ztYW-_ev(x`!Z~oo!?!U}dD%+M8eOJ)l&_svKd=?TS1Zam;mOzDeRx`WX+S-$&`E{1U_kR^r0!YKm zu-)q1M7R*ifj!L{*{F5Kj~}PutF)q5MeCnLf}K-a00scn&DjHQ0w1kInwsB5Xb+is$?B^WA} zC{TqKYA=K&7;uz&CgDMVC>1j^9D1z7PmcIfK4HkvptFQ%HD<$u#`}|fJsVbu;IJ<| zFy|Vjv0$}$;+^_y(L#P`bAS;4HQS|^Kqyt@z&1xvq!)bux4 zh3BiBvyrHBsHVIB1=c`?PBHWy_j9}-=s5?;D}!AxM{d&;M0Bc8s`H=)^b+DRLZb@t z=fxZ=9O?r9yLXoP0PhRGacEZJq0t2K3wO6V+-IUK4Pu}t7vZRAQIwQK_SzdC`x`%K zX`_M`uuT9J9f`a5DtjTbuhh}#%g{yGa^UZf!reb+UZEg=$nhI893Oi(A}m%%4&D%} z9SNH8zGFFWA)zeRb!XN_jjeFgPZjp|i5TuL+l(o!fMu!W3zwpIkN@V7zZr2i7gy~n zuT2y9#pt|u#Yf0seFul$(BOu>A)lbF!cG47rya__L58|NpNt%#PTvps(tQw_`~PBT z$#^j5roJ%hjmWsNTgj#)*QE#l0ai<&*B0Kzke?d4dioh~b-Ul=)JCF2^exsd{e04} zbwEe3F;!Hx)5u+qB;`|AgIqe+oh!rRX}PDh8l|GNq~xy>jPIZ?&v&>z0keSN1&P?z zTaS#Ymiuh)mtxm`kjIEkVyTODzlaYR<_4a+*ZYV)t?p?Vs=Tng33c9^TqyY!o9L%d zbNr^Qlc+Mh4k^uo9H-OL)=s5vlu}Wfs+mDkukfV#jB(!pewxm$Iz_Dg4Fn%u1;zU7 z(ZSncA)|#QJI@rOd*pz1oOk8WxFVhVwrw^ZDrcm9ITdTV`1Qw~xWs@iFG^Eh&cO<8 z&&{pmPhH}Y$Wk~q`f#`Z?jy}mX0IA~z(2KKR_jSiGQ3vPIDpbEdY1Iy!|qN3l63cGQe3+d?A1mlYeL$r+MQ<;;f$(N7Y1?f_1UDJO$&~;+kd&5IckzjvcxkJ; zgEmL~fW7~9up4|LBLJUlCRwULgQhmhvw(9Lt$I7X;R`jlS5axE#IrcQLi_nYvlaI| z01k8&fJFQQhx?N~Z#mYQX0SZ!#LbqujF^qL-Gm(tUOP-vUwOoQqH@%7qM@Ndq|o@? z$=RuB;*mj4M;$Ej+)fzRM)nd%ojHY|(eDvPjv9f~=YJ5jDA~l}BL8wyqVUb+D z&RN%m4Y`4JTw(M&?%llfOp2UyT)XSJVH@d?aK>r9Zl9X@{aq`4J-Ko3n)!mutpy*@ zQX|coD~kfVOQSxY*Ch&qw(A=D_OU_a;*`WMD{~me{hu)sE|fB1-0)ZT?lp5xLXF@H zcxJ#_4PG*ElQmV5ywjReOxksEs;7npUW@+HxzQ3b_2934ZsWs093Xi`uajyrLpoyx zs*-Pj6%ln+viPJcb36Cf>~mJOolSZlh)K^n^7AIlx+QuCRzx{Lh(HIKRMU$rK9`Df6aP8@gU$V~SC{;a3dBiuf}-k%fCpoF?f$Q=OM* zbWS;$@v}{v16RHs5Bfg6*|@?krbiF|7Us16^>Q`qqw_$^tR?`8B}4Vr`<;zrVVI6+ z#+fJ!VdDODQ(yJ0yS`rMMt-SQgUeTvG@pXJ?(xP4Q(tz*u<6|95y_t4(2BC)a3z?VffL<29fvlM(WjGp=)Y!NFPod@q;)4rzeh%CXWi9Wfmxl!) z>#A8bL(d0oa#Nj%KVtlMMo9`leN!@{OQwecn+dqzhKlCp8uigtq*;<8Foa(MLHI@6K~<9 zu#u@yJvXZ9zVXwFSRb_Q7orT0knPlvZlE&a>K+50iHrZ9TAcmJ+pVg_nLhrd>!^=N9FsiuL=xFuq=9#9826AwTM=fC^_{_J@ zqL)HrMdZRYBrnoO)jZ`N)OR+V-kE~8DU3gdzE^3*FrxP3K0**TQ{X2U)v zs0=wH`TVa<(m#S%|ENObU10l!GQ%)OJ+>-cm3*O^O??I1OEz+E2f@K31sT~$!Hw4d z@t?}U(X5hDt`13K*Sh*{N2E90;`K?mh4*5GkLYKh*&CnR!)sP6W9+Ck6VcGZKw;-@ z`Mrn4x(0H_m(1lo%H(#ccEEJ^Rv;G*><4Eql^9zh;cz6#=ZFjPb;1XMirXgy+q}=G zb9Eh?wyAf%l~=h|e6Xm_6a=5kmf0tYki)b<28U5W(6FePmVY;l{XTPEHxRjUyn|$M=%!S2=Nm zV1DwEpCTho-M(P~k;0GDrym=kzDq;7>g=`;HbVqO4~Sol5`mcZ)-)fzYHGxU9;&F> zioZuJnS-qZV2-)ij~XS~i%H|NP$DEE_$%u5#D+rFulf2Q=5C(PhnO zZn@WuxEM)BETpnWpj+o zFTjwRUX**VU^)J(=yQ%NfOm`g_681@euZ9T<>zNen=p5#jPhoH&_I|n3PYMul0f4eJM@A4rEK#OUdk7F1sdh&Bf3$L23N zgaM1aO-$;*!jM{T6dCdyBY;2xs8|WS;qG{;W&+|HBrt&61z=K6VR)%4+Q&5IW0s#x z>^{aUX9ijmcO^k%Ifk1 z2B%e^zxA^;p7{(`(mg}GoroMuhbhj0{dfNessUji|Y2<*~M;F1xyA6{q$ocL+he8X-RCho?KE6_i;=;rzg-M z9&eN=R^eUBVKM7gr?Or(?uwDGB<0X6R>>}n-jee26Q1nt_6s_`Ojq0f%5c=XFJZ0} zJ3JRpb}E%)!l&oB0 z*UfJ+;)xz330>o>Ux1JO{i+Txq~bcnv8b}gx`dYKt+qBWbX(qiyIUbHNO4?_b=6LR zoImlk!G((O630=-*GGL&xL<2<2m#DV!xc~0=e#1Xck>pNBFEKU6tbv zh&9u@uPZ-Jqut~Zmy1l-sv>@YRmmKJ%ih?j z%so@UF1`PNIDw-gF~yXb%yF35GA*5pmEhlSTS~}o<#s7hK8lZ}ydqo;DJH1pGv$~#WNzl_!z=Yy7cOmS!h)a$=SBCO|{jqD5N z!vI3J%A&NvIc*ek*k%8%q>H&#m|g3NW7xO}Ev%lFnRKIX!&&3c6c?o#@eVn|W|&#F z!+VW}K$RbX94W9%;J>hC!d37QGNgSRHZ#oMDa)|}%-zg0zaWfb<})t8kq*^mZ8cg1 zLG1j3I&W1xqj1V^@Rnm+m!E+_+J~Kg}?dzJ4hgR|WWf3PEZpU^7&;*<6262TDVR*3jT%bbCTTCk9JMb$eGkn{JyLD1kt5#cW)tzP zM$%SQYqqs(q%AGA)rb*E%^-+TGe`+y1rb6dlK1v}pXYsl??1nf=P!TwxbMq(U*~m> z>o|^6D334nLWJ-1#B{&^6HnS*Ss7XJ7JWPakWpPt?JvUg?TlF9{ju9y+1_=t%&$kI zs4a?wjh+AXSl{MfDUkArt+;;3kS5T6 zT_hO@zMgiEZ}$sV_%o0n6W`zo>}s>MEoBMuXbzpxErH=|iFsAG0EMZMRZ(@L+gQM7 zG4;~jh}`{od$8tT&j4^aw*R)Dr;SGFNOZQS(N$_G7uL+O(AC7G>x*Jb{|!5Btqi5~ zZVYb$BXGg*aM^BwzGM=08;?y6{iEy)X&(d(n+x7r>nsMw=8x(?y5_ zAq)$4^^7Wl{fIWIx)bJTsZn>DQnIQSdC89>i=b!t&RcP4TAS>gN7_alRPc00n$6Wtq%wf zaX5>Aupo4OuCK3e2Eo~?O(O%1#Cbj|g}Utw;&8~c6{hCE>433~q}q}*yZKNF2WtM9 z2_9QaDwCIP92@y;AXEJ<<$3mrI|1$^S%ItdVOhV&hoQib@!Dhe?L0It$~eyLBuU$p zOBGI;e5(VPLb2y(s_Cj9&W{A@ffE#Ciek}(XW^)?n{Z@REu<1U==3j?72htflX^3r7;{%jL? zWu%j~i)VB6+7{!c4rhtz38>|6 z&|`=!`pjih_HI+U{YDq9tL|$lI}<_gA5lgqip6U|(-SlGRC}L5p@Th>cw_6ja@$2l z&)7iW4vX;)Xqn0Dfklubm(rC@2sV|~Mk0PE^LA5rwj9l75SZ7`CTGB$M)!NctqQx_j!HZ!Fb7Fo)yWHwiNPQ!>h z#Jugpm89Y}(sBL)u6M|aEZhwmHx8oSMrm)$0y{ULXgi&`G$4xlk9+nXvecpiGE(uY z0sS-saU5yAfvi7>noKM{(;EZcO>>@p?`)Xi#kWJ1Hn&RMYsp4#syW`L6Hk*cGja-y zkRX_O({HANZ1vERNDj3~0LbS06@oWhEVk4dUqeMipLy!kEavFH{PDnH81EmKd~K|; zc7rwGb-YHD2L9yqb#)L%C8s3=iuslPuAtq-g@-3wUv)d&F0mT_J5!|?cGFM5Nn9UxIv2{8HUMz~2r&*Aa(DUNQ*@0Bt}RP1qDhr9`Kpq_`A!^5 z0&LZ%roSRFK8RW-ZjYM~MyK2VtD|fRr&ug`AExidNnR56rEtH-uibksAo?g?%}*E(xqD?&BhPzhL6&WPn_S z1OE-wf{el~Z#MfCC!j)BYvB{*FYysPgM}({SUA&;T{e>iNRwq_U0&|ylSv+V{wg6arNsy;Lr-5v)zkF>s?k0TX`FPITgM><} zrM^pdJdr>3qPNpCGOhqq?)rlKm?JUF|AAeNHB~lDRD#oP*dD#GaYS3N9(RE@e|zV4 z$^Q(GUC=MaKQ8v{$ofxogCJ%zJO#_l(Z5UD4YWr{=HuS)rxX^=%ph7FDUOzW0N^3| z?L%Ebpx0@xTdbT_v0%5R>I*R0L&ddP~X6Ds|PB5yjJ!p9I^8$_^X zNMvwNBTzlMkFTtWY&aC89oi|5c3KQheKMK5SxZXTRYCO*l$qdD(foS|bx^{!ieB)e zhq_S<`iOu**wX6Fg%K^GG=m*_t6+T>kp0Li&RCxH1gl;rtPkEqIPa@#R)fuAVJIkz zYT;2j<7>fSO8}z~eht>aYWAzC?B<(5fbe)fP3p{*f)vR`Z{vuF(uj^zVt-G0jKPZC zv8g|7m!1F$Be6Vxp42YenL&Q7I@m0}>5wc3M>yW|<=KL+yW0_1v!<-)@%{W8R62#Y zT{Pp4W{YejSqXJuJG)ZWh-?b6Cj?uIF4l^Ur;42aw^>M}j&&kJ zX2Uv*Iqixbqn;-#mh47`h{zCvPTJ_eZm<~t z#E)1X2pN&hp&ys@JgzKWc@BGAHZ!CDzC$H+fsQFEbgw4*0Q4$=fo^*ob0JbPedtmY z7oY*b*DJW~X@8s+o5ZKlw|J8k>lB0lKRJTKtBf$-{@rr}KYjz)^U{rGQ+(=NIq+ z$On)oR_Yk_KXOCX83M~Rm2ME5xLr7tSRB;f+{hR*WfyX)51djIx89lrG`OAyO>H$F z2hBJkEXGu_fxC7jn^9aBsBQ2Gv|<37^u`OG-wm36RQ0vOO5aRW<FC zX7ug=e9{Z33z(c4WST|Y)|F1eI2GL4)6>(^l^N)^@paPOmf6&zFQH3+LTiLGuxT5d ziQxa-AS3Ixts$8O?8!ZC6b1Fi)t2WsL{x_|HyM@*mQkOB$dGC> zKzkVKo1>q@3ilCnegSOFX_w>+)ayI=fX{(N`~vQOl?hOys#H1ocjmJ|LqvX< z!NQBSK3B@9#lHC+4#<#ztno=g*M?&adgLGThMZH&vmu8Dmn-^aFckbCJTrFv^<_ z97W+_sV9G6C!c8xqw-#e=ZDp)1zXJY7xUc&k+UV2Po8T)$#cQ|ExQWt6k)!1Mn*CM zf7)~N(6qbr2ZN`mDwhNPM-xK?ex$s@Yy1R1zk6?$l_HUO-9I?;<|#NccP4r=^&IYweG~1l>_y6WWGPG?z`5PS=Sm6pIm9&C7<-0_-E^co4* z*sdW19QG&0=1)WiW}p|DxPd~%9|Dn)(K!g~BYXi;VTdD_krB3Yr`sK~uq$VI^=DvT zs!==PJ%z!r^cfJn5@BYkT&y0nwKBC;;vg2z{BK#6KxNkPb2I#-ST{i#xfyA)E_-og zX2@FyX}>QH#E!hg+1lUQ*nt@)=Fz*P zJoY#O?~47V8Lr=+rgrG}&`gy#fHU7u2>TuC+XukTxSMwq3jqMEo}i1*jVp1dedbC- zo;F1GPiQtoMhqLVZTQVceH0ptf$ZD|dND!6_3jHN0{X);Aj)8!(zzRAJMi#>uRCO? z!4c{fp@H7L>DY^3Y3+EPSjiT1Z&TTZ$cliC|5lS(aoD_QCVD4r#99l12?KO2+;@qJ ze{t#l>Mi9QF+v~Uc23QsOS1s)Ltj5nX&CR|0(oJ*;inC(Uu$)`Q#gJ&4@~SpKCy== zbj<8Z%;eRdL$5m&r@>M53yOO~g9I#_!)EGx>>0rqvxmYZ+~bxufb=jDbkReV(BGHGoHms`x$Xc0e!IrN&wA@;oyhCt?bm&xWr#$MSUVA6JtRe&vD?sCLR_5n{_ zqR&02=Ht?6U+fegOQ(vk2&( zzyEB%n+gzs6rAk_@cN#D=E8KRG|9Z`>{++wRm-=+0FRVRWlc=j(}u!GGnz7THJt{3 zJ^?Bc)(@qXFCl-w0SKmm#KM!$-NNPtiTvaS5AofUc?V`L{MY-uJYwBtr@82Efbj0z;NyY~ROeej&b5fnW(_&t=&RKIiq3_i0d-nru@MfA?`M?3)#*}l$ zR*#ueENg8CD+!&=yM5cOv$E1jRXx|!w7!WHmsFj@CR}SS+YFxV#g{>U{L0l#Hn6<@ zUO6?&-+^C%Jh@9#y|_?P^k&j8j^|Qq`or;oa?4Bd`=dPnN6bU^V$1W}y@91M#doHv z^Q$zocfj`#4z^Tlrg7~eGu`uA_=uc^$*4cn_l@$0}% zy|-gm{)I29qQcD1&#^ely)GN#u6E?%wNq6)GCBB-GfjChx7jZJeBuNnzz(6hZuu>! z#|N8+RvhX!Yn~s)7NDvCU|*hcaP%&+Q{Z6L;m=Jx#q(Xw(p(;Q%BgWgCnGw;6quX< z`5o~B``YP^CZ1OZNj)`NG4^hI8t{uz>Yk?=yLt2<$}!P$EyTzRN?8F+-8Pu1`Wq_^ z@ZC(Pxog6GfbP#Nv6*TI^7PQpL4Of?ve=B~NW2BYb$FNJF=>37UNk*HaAAFl$r+hN8|hj(8}No!WepQzToEfRWS&RL;rcd_f4;l4pY%@Gh|C7SnQ|0UJ=|9znfD)43H7@03l#q<_+Qx>Ak#(jI^AsA!G-ywjz;PI zd>(&f#}ik+uAS*s;OF-$Z*Yi4rkTQK;tSh_)IA|0uT^d@_nO?rz1-cmY)vui+z;+QG^Dxn zy`pX4JxTMfah0(>|IMCo6u4rKs_Be3HsESz zJX84FA2!b<%f~NB2Qf$#Wif~A=e+hQ`yn{-ZNgV9#eL;8tkUpl!7O>IlQe*_x+COrCb4v zr3dfM_LnYn7k_tXiF32ft<(VYqW;fkca}dJuk_#onAY)kjioBVOX^9ai3%`x=PnB- z<0IC;K0a}{c7^Nj0ySlLh+jY|+)1epI8OjUCUE23BQxOS$`c~vhT+ZHnj5=|0C#Ww z>p52T;whvWNEdLV$4}BvCVo4tG)tXysEE(w$wF zNIx&$cQ8=S##PS1f*wDTgJgwM?qE`#wU=#NA^%ZMxnEj5I#r2#^lbcHIrQ`8xdzAx zpj1$1DweuSa|5rKysn%r3;w{{KZ=LyD+gA?!<$`Qh40w`k@r8cECfBS{vZ2-E0cR> zXJt)QhVk9%*y&v}0gIZ#9bP8muE5o9J2jsIJ)Paj@*dJuGGRb{`d^&WWEX{R4JtK( z0X&|hsr%aE-@ry$=XNvR>*_P@eKt!jj#iTfsp=h?Jwg;Zzd(+p(**+{v`5U|b0JJ$ zp#1}mL#Gy8tYhWHk19s#RzRfr{+a@ru3&-%E)Nb?tLg(XJnpHDkE!n+q?Srj{M+H zuaRv6e%{<8C=!{EidwTF?vz#2U6 z_ka=6kP)o&LJv66I(EEfT|q}2h&}1nMfoLx)dqIEOD&anUn`iZ-L{gEZE3ol_N%!= z_Jpfy@{~Fku)noLn^PJA#8bwG){(#M;Wh^w&uL}n zd8a;XPjDbCzw$R3*nlcvH=wINUzpuDXg_YI^Q*Lv0$8=N%zjw=pPG};`%o(kMeC(@ zi(MJ%@aV6r=DND?LCN6bQmXI3(JrXUY<@sB)DLc%QD|;$O&phw&4{}Mh}O9z1Q2?h zPF2Tdal8d(M1RTeZ!1gM4VVxpF&^^e0>WtpLo*>i&Hw+xIe8b79UnPXB=e0HHaKJ! z-KbRjLXW^rWq|3_hV;FIFoppW2p0&z()VzHL?r8AL5JFIDVj;6o< zmp@K#JjxaPdND*cR^&}sHo_Rw;t8sCs)01yc#*) zy;AA_Xw~FmnGjB7q+wEGr3!1Er}W+t*jk z2jMi%3S7-u5r)=+&mHSz%o+Q@{A)ISxkH#sNU@f$>)yK1Q=;F-M!9z7WK>l?(JRw5@ z)El7lvnyYj*DM|zj=)I zOl9iEZoGg7w?K4bHeSH!Z3E!&KiNb@JVt39e#JDgOvS$AoKNeX-!OztJqIH3;Zl|}-YbmSV9BIhv5g2FH_QqJDJ+Na za%nF8G1OYH@m1Lp3A}+^ustgnpE54!Smuwxw-KkOf+azMi!W_ltdRYT1 z5pFqEY_&*YVlQd7E1@hoJLzC^CS&ZiTa$}O*-tZNHX zH?93E+>CIF(Kbn0WZ%dz_)FGVw*G*qK0VN9<)0JdmR6i?IdJ!)$DL2us@AYGsvap( z*M1Kv95;;}1at2+a5W>9Bi1=7=B9@l@y$?`TLnvBl-Qyfy9{v>TV zYKy}^`Z!pe8Moog8vYgYn#?24xCe95VX;mX&(N!ED<#=430ny~4=Kz`bwyTP7any{ zGza83DG%5^s>p=^^?8`Z_DAt#z-gn&;qsZLTO#dx%q;`OiU7+^ir#ouQj zK-yjSPwRqGT#S8Hvl!h)g@cBgcP&5x{mVE;O%cbL^r}+Nc4N|KQOK6URk%d1`-UJW zAd7Q;v8+Gm<8{-o60md?GW_s@6ru69pZ%M@5S9;dmRZ@p>HPb?3&7rI(>r_TGgk*NtKOJ_vfr zuVf_zZD+_rTbMqX&~9M(jq8!53bY;*H1*##wE> z*jkpZ|0#|^_Y95Hz;tMama{UIYz-J7A*ZTKp#I}?UW<$YwxPCSISo$?Us_wfDl%A{ z6K)2J<=N6aKJBYo;oqCn7uY;t!KkT3!&a-vg{I&Cr>6LB39RV0ou5p03rsg zQ#4c=T^wMA$r>b?Va-f*l*c{B{#)?jiT+>mqxOg}S#ZX)jh|v81LLc(zB$Fru4PlG zH|{ImzA5B-M2ZpoeIe~>9mkLKloN=K zq^X;TNCb^+GzU`XB;4#Bwq2&>-m|8{WGTzN${08DAlh#ATS%y<8!dwN^k5OY_X7SP z7XueBOX%l;PFK?p+UXydsnJnLj^)ZQa(os=NVYUxQ{XXP&@`;oq$Gvi4g znGNs`2O*XRQFm8qH^h@l^^s$DK}ag2BGXG^+d6oRv<_D5LM?2JEkaQEU+etaF7Wm8 zB>W8cJ^_uUg(Hgb=fHYmCZrSbocG?RG50&+xw>)C43KUiC(DeNKvA%XB?SmDwl77& zns7~%pzKb9Nf*WSMJvN?ma$Y>S*-0yz8#EHMnvv zK7#md2Zm%%*iZs!RYf8JT>!n5pG;XA7-Y6PK5PU6{iixfb8(K zB=L=JtRb9A;aLAP_jxlWOcvWq+j+s2r9bj)f-11!PvUw5npg(h*)*wqBzzT=64T)hnR4 zGUro>{q(|G5djr>m5ts$t6wm^@rPv-eB-oat^mnBYM-@6*Bh;^vA|_iPehVftU8Jw z-c3GGwRB^U7M+L~rg^2>TJx)NBFeOTR=Yixm!@=2ejzOebPz?R@E#C_R!*Cos$K+- zgO(ki5e28$#Y@%hRB~)P*IYxWpvt%r6&nd#usOO8L2z0xEoFz75P0u2+4#GTWr6#G zvHjRa2}J_W=JV>GQ$xJ>a+wy~!gexxT%~!f^skbQ!b#KU0j zm&_yJBdTmAqg4O=K*cX2T1C_#kzYjCC1@>3)MPmV%{yKvJ1#)lRzh%u$|#Bww1foy zJ*$sS4NAL-w>T|GjIp=M2F*fRm-odn_=v9QTnildZ{LC1*L?#iIsN=xFI@Lclv9p9 z>y;|dW5d+)7E-v^Lw_$Yl*>LuOh=K z6MfRhMs!d)uBFnePr4{TluOT!Px!W$Zu=evJtyNEO?aKs?>?nxsHA=0cL*(LV7BLaeM2wDYyOPjaXa{GX0re)WKY*8|6+B(LPU$3gp7_@+ypTgUxSH> z{(q0ejSbIAv4#Fsl8FlgBEdzfi(ceLK@mBO{<4b}2sxv5MN!1UQ@OmaD&gv{mQy@a z`Hm_`G&$93OrhK#rq`s7^J)~iM)Z6(?GwyW$PTg9>Tqe#qZo?*%Uep;^M4x4jfH{q zykFJqjhR*QwrC5IMc`i`5mcC+6^uuijEExgG%ctQEgF-HVJKm`w}hiE1vMG^dyG5` z9<&Oj&y9!HR%W4^J=dAW9ZDM-KdeHYwGxrZ#QJ73J^r{5y=t0FKdv{!tH25CnQ&!< zGTXg0YQ<+oY~bn3iqlMYCan6n;=smD&h!>6bp{HbqPd~&i*E;Hg7LDrg_z*XVb-dM z{!&Qj6zBeDPMBGBGq>poo&rU;?r}sctM*W;PWt(7kn~OavbHGxnb4EP5vcDs#5s*9 z(b0P_#FrIb3aw_D1NFEtvm&~-+Q#z=f`fZ$#SQ+kKfq5)cA$o8kE||xQv-Dov<|&Q z#?s$PQdFlqD3qY9*bjNWpuRKr3Mz_S{dO+rvs6zf7+Ql$T?lGSS{V3|Q?-DOnn{NK zZjXN&;uGaQLUxtHH30XRFO?e)LbYWKI%`K2;P(AsgmZpi$dD=a7-4Ws-ro-Y&OlrO z5+cc6z&>f`DyYUZ4QO(W_1DD0puXEDpjvXMAg`H-Dk|)7Ej!}x)|RllI77RGpb6eS zCufuby20&^D=8AQD0-})-n^_EOWQt~lXqOWC3)K4$(F*ri0}ZFC8~3(*XqNbsEXtJ zh?XJUilBW8g-Dc5CKoOO!#hIl%F&7w+D!1uf^lXy3>aGyCNji-H2Y1mS?=;1KX51_ znuZ$#(~+K{$#KcF+sAeF&m<)G_))@+XE)2yBy?ycGd~1zKSUkr(Dl~~l>lpXL1zH^ zvH-RkNCyA)e@nwXA^$RBerRifpuP2D!XH?wO5g|UjWeYrY`mbgztaODBJ&o(AND3> z8oD91y_yxcmK7$hKg-{?DYMnu*QbLoSBy}OGbxGF!iP-94icY`lhY{9Q}|NqmYCur z^w>rg7=!Q#)pxVY9W1gl)eOU1Ro9{lJqUf*QF2HSqDUAXN{R{09HxdOayB-gs1%xn zUL46FpzeS#%rkB;8R`{fbws-ITt3Rz8b)s=_KdUSv4ahdR zrL2yr&&xO6ebb9i%Rm~i0=A{+5GHo^b=%vA*EAeGTe!VviE4q*J|%1*9!W(N=(~+B zGrzgfk_B{BJmGhIMBDr*nikR(G#o`guJ5{+exeE9mJ5+Dr6UWmFWz`3&$!tY9BVQp z7PUUzwt^~KYdLm>HQ+uR77>Z2-f;+GY9(~FmD=H7kFu5HU9T(RQ*%F6n^ZO}r9y_M zAsKQ(YCOir;oaZW=9PI?Wfc)YZi3JkruoYbm_@TXYyD*W8CupTug1JE4?fPWF4HKT z)uo+T`s7o59x?aw!V5N>)}spPWb9J!8epKRemAy z*3tecvF$9+40O6nf_dE&GliewhfHkKN7=m#4jJLOchuX#>wb%oq?jCyt-@npj`Ag^ z-es120{sq=aMXxLVZ93dJIkIYBeMB}4hb8DB{HtHQogGnDjb`(^@@(F%BuGxL)7s1 zOcf>r{crFD%}+ab-M30)O%7#j zq}T~$npoYHHwg^6GycHBdFbi$K)BsAxGd=V_3bZZh)EhBFzN0H&Z}4C*y-WQk#7Uz zQEdU5(4T?S>~PLt{+o<_pgO z){nF+A)NKcoWeI~e&zE##^aLc#16k2jtUrDI~PvHMWN1dFzTM#MR9haD^>!hK~0Fs z@RW&rkrNE1xBRBm!l4z#kD~ z>m38W+6g*xY+Y8(Th}L^`}mCTLf3r~C^q&jcZ^}Dw=Vf+7j$IFyHEn=;JB_}I=qf3 zY7Dm`ommSCh0n^5DIZY4;*U#A2%54sRFcfM1sfAG{MX{CYuU)GZH^oNdyuVnLt`6? zj~Wou57pX3dWle|+>Afknp^;Ro+-|2No*Anu1Io#%QDMuw(g9HYc26(C%Wn zjWG5I$xwF#oblmXTt4hJ)*JShK&#?vtn2c!TkS00K4SWvamqo6+B~>u7em)a{g)?20p+ z)%U4(`JBpe<0Owk%Zz8gmc=TMM$|i{s#5M%4nZ}a@fZ0 zSzR6GdCLWl>#dMkOlZMMspQ~N+tYPLl`~;|`GvNBy#$f)6@q#Sx_|<%%aAyJgXyy# zprFm)$_&duJ$cNs7P0=II9#`I{*>YirtQgUqp9uYgK2E|M{cO8T-4916a&QU`R4R{j`mrWf{GZ*DCBAc{W}SQ#=XyA7)z|KScn>cB)D?)R`GrHhwO*D31vB^ zi^LAA?Xk_Nen0(>7lT%DU;Bz4QwJTyeihPmPeOBpY%N>hbC-glB)eL;Gi#nD?vF|E za*DX=$$*%$lZkp67UFnSXWWF;$#ii{Mi*8ERhblWnPGhFz+L{Z?F(-mYF9hC#XO6Y zx@I~f*E+Lh7P9s8I=)Mb^;YSMs~)YrFW<5u9xz)gc-gJ%&DQbF52^6ZLrB;6hZZ}n zc%^h+RC&HI9+8z_bI^TQZ>4{f{d6_wK%E3~DUo;{!%urY;#$aMO^a`#jF$Yds@7*) z@sL9wAGb82SPe?}4|ooGHQvs=XO!917eTrB<3P^SgUM>IdPgelKV7n(hOR1mJ#5lI z!x-)JUPP8Y;_QXzd{!FTuJ8E~WX7kxgOukVZ^I@=eTeK6O^HYQDEma3y>J{Jw>r|s zCk`B14YRE-3!W*ArP1oX<^p|ISIkcMpO;CSReut)PH>KW2la`LM@2yxglx( z@DD08W03Y$u9*Qf$4gBO)cfCQT>E~YXO!38?7!xDsDGYJ-|zB|e7#xX&-?c;6YkkBom(Ow`zSC z-qj%weInDw|H+z(cYe(fYrbIrNU zr}xBGedaQEA0{7qW>_B<+4k9MHOem0N{}(FMh2S2*bXyS??nm+m`Z)rm$s6&2g!{jo8E-TdU;J{xvzKp?3eM65~BJPa>S}t zVoj!blwsD(H^mc1r*%afE@U7zCEiNKXxPvUvlN5)jsd+Rc>m^I5byfDZh17ZVRV}H z297y%<(`-+CsV|(EA|e)!rdZeZ4eoLab!qT&$;qlG4EJya;UaU<{*2kr%tGL!Q z*CDd5*lM2`A-KtcIoQ5 z&gZsmCoP^LeW`|c&h`hz!^FCT?Zn7@pR~sZNIhENEmwcVcPS4lx~F%VO89<$DHrvH z`1P<`ZyYobq?=7W;N{O0bCk2%#B;UKxA1AbpoLE}#ZMp67M4*aXIT?!Gf=ctTrG35 z$}c+Dpi3NmJ~kHngO>-pu1&L>F&o~jiw#bu&YS6L2kVYz>k&uE#qYzgs9TZ1_<5T8 z13gw}oeYH}*f>C?4J|o|>&tE!)Tti?rgzfrV1=JO$&OIWm9D!ooqUa~k5@|i0I6MS zZoL}R@o@VWc|aHX**34!dx06;1n;UEoL|PpO&Bss7L$+smarA82RmLMx&`@5B4}?H zA|%!mzKO7*2m7aX9P(Kc^l^f`b{w-SVbD(;6SsQCE)=d?sleyu-2T^+BSC3Fn~7JA zgXphGI#}$+I(r?B)m~T~-{8>rmwU~|K=BPv2t*^T_B^W>I~Z$*Oi3dcGJ!rH|uqtc`_+K4daKW$~#k$v~f&8z#! zYiuC}ma4*~ng)~a=z8-Halv=aN_j>6;i((Cuc2_{j(RMVSCZ%lF}g!9jnU4uZVQj( zFvx?1H-__x!yY`SlY3@(v)>Ff=x}mdk-etUi1%Io%=mf5>K+sHN5{!dQ|Q!Rc8!&) z*`!ofJXdD)3|Q`H-FGYXOw*t1WjTX2;{$WqS607FW+#}MQx9dt1<4+ZGJgKfj!jMd z5&0Qb_-dFnl2>)DAgna;Y8w6W#eEA@OZX)7+Onz>85tn1C`-}Lzm`|$YfXm+kOm-` z&|@0ad5E#CL|T`jZ782kx~?M5UcFImBf{Wb)8G};grCG`?k3KP{8v)pLUHiPy^`mm zcrhzq!`Shdl>{E$=NG0Dcs*V;M<4fS z^|!A^Znv#lTLdbsiHb<$aK3D(DOwq zXPZ=p755?im~=Hpjb#jEm$Om*3C;x^L-xqn)^=uGjl;z044sG|-x7w(u`rN}e&WKj z5VfM@D_LI#aT~FyLDRA@#Dmu1+uNT4D#;JmzYM400(3|xR`b~U(#0xL4U28?o{+;u zRf(9mWsxg0!qOJwE(q|oBkRQ?8@IXV9_3VME&dHtt8q25RsV@8sTDu;q@R|?Z!v9# z7mztZ&;7XYhE3!waMm!n{hUPk>ZuEpo0#>`#o+Kb?4iPSHg&tSxNbXZ{EwNb$2hgd zLY&ey{(ElAlkfdUwuUXt#WO8rvLh zGpduBSY5`fo($qSU`ZN&oqC$~^JeI;AU-Prp8c~?C(H~M_lTKXnl0qHX+lsU)n1?K zZ!VrLn(Vd{yzMMD?ykXGIM~WprQCY?+gcl5R_Sulq`cR#?hjo_|KD|sg@GTgF-5&q zAG#k;Jhb-WiQMza1njeWrkUq3?W6Q5yw}qM6(y0k{)O%hvag}%%V9_{a=d=LQbTn= zqDL#rOUik;PSr=pyLN24sN^0<_*qh~Lnx83I!li^T;SM>>-3)*zp35AE^}Gp;@G?w zfAg*EmMFv3jWMQq5Z*7M@%|fTdbGpLVSA84`4<>wrD$(oc9QeSZa#(aDCniFyhDw_ z({qcF?D2jW({ILEdVsNYz`JWArtHj`XLp+p=16h*#ot9PAxH7}mq+_{>1ZQX9;!dJTgQ2A#kjQ4;O?L=K{--y z)H}lkrtE~Z{BA&}@-MxuS2K_>)J?_DL#0X5sBm3A>XkSFjY6tYQKI-%l0W&(XS~Dc zl_*sG`|$nGHa`|ct>g9vp)a>kB<*Z~<7`mvwVhKahSyi_c&`{Md&>l_4X%V%2r~{en+S$ogvZ^*u$M2)-*AMK7R;& zA&U0x=vnu?_sTOzGk7jvI|jlZM#Y{tVOCPzdkywXxzxWGq^0gP*TOfgLpF7?s-J3k z^u}{k;@(+OT2#FDigXz`oL!Aydy8oODlfEjjuOEhKMHZTlO<2u`Q?PyD|=$Kg!6BX z>qbdq4qNfu^sv~ouhQ#zhQhIRB`%FFMd83~po4dS8g4f&)e#pc9?poL3z2*ytSF!2 zRyMlD&itsU3AYi0sOl99xn)Qc>sRt1p~^6ROdcQkgC>uWS`#czwUi5L2H#F$@S?}? z>hs-r3Rm|Y*TtQH`YOA1Pvd3imQuogXr;^{{)elB%Fi6QWfjZ=Ph2r|#x@+3pW1j8 zNjhc9iT`xVwC(;2OOuB$UY?r!6Lk05<8;M*@Gm{O=(d#IW5xib5cFa2-Q<;FN_~k> zltf(BtRc>7>Y4+aQ3azukR@loa4)9&P)9@)JMHT ziM`Q~UVVEh>NIA)2q$==cUYVho}Ff<*+CDZ%qaQ? zdGDX-2OObs>VvDY3dd#EQ}2t(2gd*ThDPJRWa()xUIFQ>na**3==}&+Vg70}!W1O} z+}xqAXQ-RXnLk^m(bAsmsTVm4@4tPwnMit!@*%sSzlRPvYsbBS1$oAyzI#EXAhY*c zlX@($zM9O7zOvKJmdcJwrN9??&dsgYufqcY~7qkhNfMey+D9E#Y!bYrX+*`TEeihEw&O5FYLgc)n z|J{qSQ|tOi&H%yfN5!357SruqfGY=X1C1l1&$mDi;TqvD1TE-BO}wwCS<&0s$cL~D z>Wx3kgUOou;tuz!B1FcK?w|QW=kSc?%UbO&kRNd;?&|f^Oj|MOJiWHgIM&}uqoPE9 zFNZcSm92-68;j43=!wc5^57Qp7T-Ng%T=!FU#pYEMttqcW6`$;Da5t?r?;OhJ$y2| zP1kaMoq};PGe(Jl*1#<{Yxc)CYSFX*JPt0E4EH=RzQ|rX)}}S3A5p>|E#|m_5eUfz85tO`KK&nF+|)Q8m0kK>WD7%gbV3Xh0)PNvIWk|Tvkn5j&k zfC+B9Ml47B?8C7T*X9@qby(sb|K!R;$im-DGFHA$1Gm;`?3SgLBxOE`viqGzYpH> zoRudTycUCLzV_x5a#RtbyjY=(XK2zK5oKs8m@{$S7rg4Hm# z0%6?4^K{r$M}W^PPAan_4Ak2G$=p5V4P@Yr?U9Rtzqa!@Hzz{96=0KnpPCB4ufxX` ze+Q*3bRin*1=s>LCzwX*k9t_@EAhUIm$vjHjvs1(DVhbX-AfQ?>N>6vbbm3;_ADYH z|M2Tif^nZv->C>Ga1Y;pA568Z@Ng85E#{5*p$BmyKeou*-Qi8Wux?qL#+u}H*9d*J z`jdNLjopL10uRUik5kE@G)4{H0?QUykDGV0)*V4UE}VED1vkgsS+gb8aV zXQQy&mjt9E4i;`uKJ$o0ZQm@%I9VSU;#@b;{{|N*bBMYq_f>n`K$z>e2`OY_(_YlI8nPDJ>$Pmf*;Jp$2PLCP+RBRp zYYrG)r8#6%+X|*Aux*d=@7}QJcVh~q=|cfx%3goc_mMmn>$9~vowtN;%?B&szOz&F zU;lN6WDyVN+`K~lS>>T2H6(^Gjr@>x0`Ut|o`1mfi;oK^fwcZF7Gza8xh!-0_X3-L zKG0L}|DowDyrS&hudgB^0wU5mgaS%~bc}$2D50VP5<@o(ox_aM9iq~WgeYB7Lk~!o z(%n5l%rNoe`M&G@7w&bRv-b75_TJ~}u{f`~=5v;l%Z>rHk=7Vz1|3tde!}WE$jo zva0=k1JX|A>recCU%Al@{k&hFnR8JalbGImmtWlS?8=?FkAB#CUW=inOCSVAeVYV| z6+|3z*&`MLgmo+qhN-Su5zPeCSyH5qj{>m5=xm9gR`I9nzV$7D#=?XR=Nsp!Kbr)Z z!K)KfdsHu$t_WE?O2gO!&t+pL(DBPBseAtK55hS$X3m6Hqmlc@xX{Y(i<#I=1VISa z#-i1NWIhsW%h%W$U5k!*psP@76+iBJ-TD|K;C0p zFQv@*g{Jxo)5;2K17p2Rer*#Rb&to7?FT;_z}{GMK8)I3X&)0R+=;%2+wUHm+(aj` z+*XOm2^A9#tUaDn5jdMPGN}vvw99RX%cqR}WPLE=;~6(^yc6qM^=ho#>QB0FNYm~J z?@!LhVK3(H?sLAst$+xtsnrWi(h1bHc^R16cET(ZeA?8807k&RgQ9%LT%V>*zkk2{ z4Dx%K`S1+=vR_xlT6kpHXgP$4y^AV08!Eia+6}-&dj2iEYwcGt9N>7Zd74Lv{H$s- zz(s+!NCQWp_!X&SvJ(mfwg=Iyv;!LfPstvr){OGMP&o#7zG7OeZd3crqkR?o%P7Sa zWoF_NOXNLK>RiuJ1#U$neS7}&;j&)vFPYd(p5H6GnM~vthnj&>k0f2{Q__m<-eyY{ zF9o6)CAiLnw+*zn@V~iz8H4Bj?oaBw>z=G1sz3R=26(ComB{Ag zp#5GY*b9Ce2ExsjC3bkUk|p0!kdFIX`~@WDYwij^8o6`hUBWsns4GlX3{@<(^cIgO>Cg`>$c#+TTzJZjcer6N z_N$d{A&hqfP%`}mXWrOypBV#x2m7}SLX4VcQ4=Du{OH&V(@efVA@l#=1psI;`7`lp zcSXNJi~Kual2Z9A+I#Mkf2W=@%MI|Bh@*vq%7Iq-nJbbPTAvOf<2OmY9hlG=u)!S9 zgYkVPl7`A;ps==Nk^fBNa|a%s@J~MG7CoHFy$;~5c#jQSqx%4gu6AogrD~DVAH9TS zUMUv!kGVimyUDDo#dVl6N}*D2G^$c`;ZKR*(LypzjkpO(I{T2Cypw{sfgHQOE)Mnh znAXib12$W>ofkmMAngAX>m66uTPh?FM6m^t|4*=#r$J0(V%-_gaHoG2P2yx3f54Z| z=QcE112TT!BQ7^e70&(pR7J-5%7h{&i(ZGl7-Z8L*A$>RLwkK>Wvmu)81s7Rjm*+p z876j=OyF7y>FzU|58wlt{8r;1$iSh0qzddAN8>((W!-n`Gv2JD1fNIDGguOn*C`=a zSB`oo+2ZdJG+Rw;04iWX{k_-cf?%Tl6toj=>M({;I8js5{>+R-yvF-eTf@=llZPctkL5#9b$h5I2ceLQGxG3y4No9CO3fTC3EW2}-S?)fjRGR(1l{3GhdDXIx@=fDn{YfXgNt z>uXDXpm^{i$7sIAlnZLqp;@o$^ty6W_~iRp5Vlur=W~3kil)RK7Rk|axyn1-n6mEw z@wWbYE2Z_VNg7T0k*&y>CnJgb7+Uz%KT4b7M_Q4G9H|=6c$5aSz591M?ZK%?xD}mG z5uxOa8Oa4Kx7~uo?zW_^m0Z&cc_uV)LirtV4DNlUuvq;o`Iv~6ec0=N$&1C4}>x|T~k8TwWAgl?EQOxooST}Y0&+1IbCGjtRBQk`v%5nB{`Gd$V@Wfpq*!)>Z zCeRH4tg;Vf1Fs!l>=rKPJWl!QhLHooCaz-t5F{ZJznkgid*4fmXSksPZv0+xx*6J~mNBT;BUJ7VpY7 zX<57$LTsD^^r`M0mYPo>zF{UqSH-G0F?JHz&f}HJm~Ud3Hvm#`dr#Ww`)4=nvH>2| zq}Lo-%3OgA#{0Elu^=^aV!409M>GZf?>`2fV0ip2Ewih{Q}VOir%Mu@qnw1|g`OT! zOscQ)4L2ddGZ{!R(Ps9*;m$F7*ch(xBa(H@p8iFRh!@|-J$V*R;Gcv^W`hyf0>p&I~ZQMcKandLzcX z%_;Y;=kd0s?74w_4vrff1_$+S6iVw=6*Pn?aM7=s4&#NTzsD?a%`KAuATO4=Bbb+= z;w=TzQ#%Qz)}V&Hgv|`gRsjg@YDShrDnx{j&rVPsJt9H>)>h9Z4!#`qgJ2qo&bFRH zhXD2}rc0r6%zaJDZV{5pT>ram%sU?Hmx|5lr@DT_w%)f3c3HMMN*WB*!PPkL_}m|# z2l+BxU9EW*mlU5y?7Z=6}79k{=2EhJYfxt^l~bMKhEKP3YmD# z7{t=fEcYTZcY~VA&VQl8v|IfT^3BHwenscm>wKwLL(VA*YsQ8QxDw7}!Z|vn6Z9vz z3(qrZPEe(VYy>q32b>Cc>rq%Cy5D*1@1X;@)zzpNohhPP0cR~l=W*|V?u|o7KGoUh?m7Ts^^o8FEwpJlkTus6 z=PS3?f6~H|vU(MRX)X=Nd1K1in@|25r8**y%|mi;7?I_ezBa&>!b;V)W z!C~zlf@2kZ=LFUU16W)3N6*Cge8bJJPk)O)==~ev+q56Bsl&Cl#bW*ZQg1EYcPcS3 zUyMN(^sQ!M^k?H+4y(~Gg1^O#|+!Y@&e?fB{EES&MSzH{h_8-H|-Z zw?i;i=%D#aG6*w%@}yW`xi5E&9=-$&brXe#ZNVc3xbAS=F;0p$TN=BA+VbS`wn+AV zToESxgUC+?dE01y!PESu@uI4S$!Ph9gH<-bF)EW+!_-sfTX$~vG7iP)WS~?6AGLfD zp2=-SnM|wj$e!ZGa{j4y7+`-}xL}k^5gQTVfE_OQtp0O{CI-X_Zhz!i511D?{kUlV z$B7;{#q4_0^Inr(1ryPgZMaOMnZ@mYBAw`?5#G+MK$H~rOx)N$$(Y)SLly*14Vft%pXMYtJuEUhKn$$cOJ>$!mkBVQ9+LbQ6L8oS7oA?_?ndw&){#; zYfjS~G0Zc=Lhn=r5y|9@y6(!zWp2|G|AvXfXER%pb4WzlsNInx(6!4_z!B4y0D5gC z4PTgx?0D_=r^IRu^Ei!*i|!M=lFz1CSiXK>_(1U86P_DXY9wLPn=BzZ+)wT{7|DI7 z;QI24rBaF{%Vc~Y-K%21){8zYI9G)?^#yGI1A*aVp8s+nN!zCiR{T5f+->b1b=rxo z$D;4x?eJM@`yfdD>f_vo=71721DGx}1gy0b`04Eg)2zddL%D&*wf#_kk{K;?z#qM5 z!2Ms}hknIJMwp;I_oAQr>&kA5W!Y~rGT?%pa$D5bt%ewX+#Yv)$*(obRa#T)1iDxG=7BNx>_e!Md9{=V6#_q(QU8j-TkuJb*zr}M* z*Ji~-9{#6-z=dm}fjFUj>W$cOrk*9bMovK_8~)bgPUb7}u~c&?(8c;df?EI-PAUOD z=iC0151Rz_QU+*~TB}QO$O}7pvWNMqZrDQqDh?WlhYkhLtiO>*?VeJsk zMi-_K8|<}C83mZ0$c{A8y;8%WK=8d{Z!JOv3u-fXzf`}1tz8TU<~-Wwo*aGM-+2| zdv|W#Eul1IpQZM?>+El}oSR>5@y`VNe}CO&Uds6agF~hdUg-QOeX8h+?Afj)rpwbT zyZRX*k#$mU^}q74d;6g^198}OJ1G-mvn9GVQ$gDHr5j=hjXiXA_5*d8VXNp#% zys;kiMC^*WY*H)NZQ8fgUkF*60yJ}|g1ArC{+;F4BHiDLVWQM?6C<-PKH%A$PE2}( zZkUcDMvZ!TS=_vFcH3VQy2L%73t=eJh0naJ6TBw9D$P?qp5KXi)4jbp^d;D>F-QvD z?bcms|2k{=f=Z&IiA*GCzc8|}Nj^yFBE|n7`dujkf937?o#9uYjCSB^aen=o=D`Sj zkLPCJ;X40c&sq(S5F+j1-`YLt{Qju&nLlZF-O+`4MvqI(`vJvL@vFd1IaXx&5>sU5 zV|Nqu*mgY6{n>S27p{3j1BW@%KvEwGUslw?7ewH7zGG2ezChC$9f8l0D}H&J6ns7HkgTg<^QlIYfQwts4xf z+F20h-*eA;?r&AbU64fDg-I>}NWaoNxP0qW($nvSkKeN_(Ld<{sg%iFHQ4$pH+DSe z==AMX88PH)a)w%i+ZXXNxWv_+#8nL_g3)GPM$$d5)t|7I3x zP8?l&n_^MEr4teww)^8X~vT6NpCf;?nzq{p4VdF{CBlLjFz7u%_x!hOlvNez?wOo5?pWO_!) z{QB>8f);j>A3+&$(vRp;<2JumdJ|Ke7&8NB-ZyVq0`#JX?5jbRRGZ{lc$GElwsDoE zCKg(H!guX}rL4PRV-WzZ9@~Y4VdY^BZ~z35iGpv0BnBzl<%}g~0HaSv4-XZg~3;NDBYn=GkalIABJWL=wU9LuxB*@(#cS( zRFQ-ghBYpj2vGuhDv!a0iroCo8wq$iATT-L?dM2&%^97JkoBL~@w$ zpWk(jOYdF~48^aqHPoR?)CMAA)XX;{`%GNYK~8u5rFv{ho}}Hxk^`0(4wfcGys;Y4 zPbgMk-!gEI(ms)PDui7Swr8cY>idK68!9OlqgwWGp*E&$`9u4M?cY@<^0{{AcjN~~ z`%RvG`FUu!T9_^9`$g`5u+mE1o@N_*lHR zCF`o8MEVP;QCLzTOA9m5M4;_Elvh+Wg<39*jEYkdEa(DNIukgx4ooSPMxu27xW}J> zi1-4JmZgazD9kqG9X@!1zGPv_V!`}RO3%wcU(Up7kD`jF~0)7=)AzUlvVJkBh3 zB3sM@e&fm`)2X65hG)O5cgjS7C7d_Umf0fm<^zNdg=jE6(L3IV!RLG$VIuJ4UizOO zp7i>_E6xdnly`qpafYcvxT0Ha)kSQT_QW>%lcFX0y&Ly7$%iNI%9vJ$@S~UjWw~{g zEW>(sRh`SIo6U#+=wxr6ov!ozJqWmH=k!#o)H2^@4q}`GrZ-N((esS0UiPOcfl9GM z*&akfDf#Q2Ty_9#k7GFg?w|I7iBA(hci)ZuRn4ug&)=}FB@Gua9GxAeL3Dey}9aL=@%vxU!m+G*JW}}YXD39_+IOUdgbf&KM6esPl%qYb znSWRbsEEFB928;&Qz>Iq+aFtorZ190FZ=Irm4~628)>gLS=Ol##=y|dWU(cRinVU& zd%>4rBO9Rk*_s0w-tYMG93Gd-)~{Ew9M0GWAa7t=3-wU+x*Jy*aQic)K5pLdbOaJ? zD`0d2X=%^P*C&-Q+bi57)F5yJVu-8aR40^x&SCWI0U)(y8G4phg+2S}se zhN)j%^BhT4*B=acaA+zLX(k0LQY{S2vC32(Z483kTlcj((9bUEtdb>S#*WKSS#Y_^ z3}^#5o_>HQD3!rZT}eZC>>mxG$C+-;w^ixVx&*c>6YL7x362NA zetU?i6yV$ws(TJ;)|V z2LEtgws=SMS&JmU^%tu46z`dg5jyUaA$zBzxQKlXQ`}Bj zbFsSUeFuaZ!(?)}=F^w$h|eaE&cYN1CUc1|1iQl&LoG=PR={!k)w^HPR+s2^V&xa3 zcp^2H#yVcdQg#C(;GXeRJ^^y6OCi6vu+$K8fIXik+&}08y-2q@D#Q8%Z&v)NHv}B!4jJZubC(_T zkp}_+Fjw3nDgx2TMh2UT*Bfn&^Av0QuE0S5X?8 zwc=HUv!}bctgGG}zaJ;3U%2<8HEV>ARqIO1=nsVjG*`JDDMG8t4_`eSOvlO+9DJ1& zUG7+)Ds^{rae8mO4b_|b%DHO)jseC>Y1@Mx&Q--{cTY0@yQzKcOSxS4Nk(G)*+wYx z7DnP*npu$pisEe5R9&S2%toRogk(3!dD z3G5w-<&dIHw&SbMg@S8#9pXdc82h>}S2O7E!1Kf&+n*@|siLLZ>yY~>Lv;FR{Msj? zJjEsR4~zGi{|0sxLL(Vo-?A#(qa1?7a!ggOWvfI2Otoxqzk^Bti*j5x=0D^fNY?%E zib2<&;#`A9$Ld zu;b8ck8~~EQ>1RW+7{cE7tqaD+x(ndEeWsU-4;Wwg4$EqHDUwinhs^3eC1^;!ehbW-1n;)Ep{G5>M=GLOXWqzOq;%eMyTZ+v{ zx3LXJzwWL@baTJSWOUsa7PHYjL}r?g_v4yaLDS2^xrd~8$_Z@)-*7J#2Wx9mSzS0=*5j4B~GKI~X8 zs$i*jFYlIoQN}1zp%oKXIu-}Ly93XtqMF6uM$)KHKW`ing#@6_liT?ce0DGjeKtH{HOK5V7a z@FU}{Xz&!7roMb zCep`tLC6h4%`?tTU@<*(N*WqoU4B)*0KJWC1+Lk;!M0vY?3^(UJx@z4LHK`Zoy%&_ zTiK0q4ncV}?)M4BRbmHxtI*okzFab!xSU40-U6S;Qw_?OJrG5imCb7*2IxZ?s5Lf4 zZ!5dOUp2$MoVN=Qc$|Dbbuk@q+c|5PPs&yr$KOse!NyxSF(6=GKXUokn#~`W;bF^k;~HY$rcN^g>kFA!KO05ztM~Q4 zZ`m8&PEIQP{7;S+y)F!wj_7gc;g|gZ`{sKwwd=p19P3|< zNS}D+ulc!kbgB#_&}mb}l_pAem+*)Lv{+$tH&DJUgrpRc=sbFb2$bUHWSG zJC12xjGeXSdfkFxe^Duj_0Z=ceS3{ci)8GcfBkSz=9$69o?v+0m@(2?I=`g3H8$Je z*h3*@rgqaiE=*kOhll0m8&-JSQ}QQ2G1K&E?j&&o0d} zIykX8n=^mAf0^H_$tr_Un~9j@TN=q1Q;zWQF0iQF-&sJGz9YG8?SF<3&uPEW0&+U( zl8mtuv^OCW-Pd$S>SGJdL@I4`Z*sQ_@}1xm3%xLC6WgpFp@3|8`R?%z{xD+=HJ zuvB%swqU)rOJD1^K1L!)h3oK{4Ecfj%iyAh_4NiJtH?!@Dh_~9TXdzkJ+rxQ3TNXB zXptq_uvbxDorpyqIRJdy0*O!a`n?3kE&nkHbkk0H4I(9X!h;l*@5%qZq_kepJ3vP? zUPNbIdR%I&1#!9@(vo4fegqHTwwo6~BkMw)4LD_kTm=!6y+b)ZTX5yRRt{T0L5u(a z?_&Bq#Dt5+!)_W@7^?EaGvRCvECwoLzqDXA#44Q1pzZ~uYk#$#=902t>58#(1}%}e z(aj`2w>t)~nk?Tt0fu<<8y!r8sE%?ieY}~Cm5Qo# zT~Mz2XW=1jRO>&8fVMgAsiG7>z8}P6@4oO^B01Biz-ug@=lwo`hsdZ)wKUjKN?}7 zL}}_E%fyxAyKT&EeGQtUv5)%X;Cs21iSWJ7^)xW7H21Ctx-gq4I^D7-5OivARHv`i z>hhTS>rY1iACTXwf<#-bF_(hOvpsGty;Dfb!P6n186Ldr=#k-hNp4=-ODL{D#nVa1 zgb#~sGP6Fb){9u^2<08iI%#$zU{=JZ5!A*m;*uX+X z`##E3SW`Q(OEP&@$*MKimt%yy=+}j!4tTF*GB4n%(s;fvu6gcr-Xu>;;~=!VK+-cy zn0RHxPePOkNNLIx2h&;JQ#dj1vnbKCAJ%`}UJreluTfO#M9T3vZvusX4uPzH;(4SG8kClWArla8$m z?JxN8u?s7-obz(YN^zbv7$`va(Wxgkn*`MZ7@7?Y3atlRc7xUUU-)|tfsHIq=`f<$ z7L0otQ3$t|Nc4a|{&3tK|Jy&rjl6qlQ|a-*5!wS~8z6Puz5TUjuem)*Wby^4#7&G| z-b91Iaw&i|Q>iZHx=smA3UrQ<{3d}l%z5tA;*~@%{?4i;j})7&AB$~H-B$c9(+%{L zO)C~(?mt%n4pfZTS`^IE0!Dp9j4p(QwKMS>aP2gf1)5e~#bl{;X*SjA>ypnF-9HI@*7sp;$=t4V`EU+lWr^V!> z?M*wS)&mP&3o{T=S25A_Swggle%dB+7kOX~Gdwdm*KJ4`de~-r^BY>~%n0?jhy?D_ z6$HDwoeh2E19)dAD&2+rF&V~6Og#?xy_@gR0?7nDw{%OK!QdM|Un8zDkR|36-F_Z|i6DNFdVnAUx;S?b@Jr4)F7dD3j}Z9xY4& zd|8vt0vEBq>&e(*E8C5@8q-Hx^U@y^VmyLy*>8g%>D55xD{V|gyl*Wsxr|J%4Y=`9O-bOtyXNqm`tv8w zj9kzme@FA|5Rq-ZVrS)rCzZF9qAKa^w_l^2Oi?>e#XhQh`yXO;-RE~F_-A5K?e4i4{@gaWY56?&E34jA zDDcN=e~U6Sdl=--=-FVoC*7q6`8t^2xC!A6xwxE`WQu~+fBMg|({+0}s}d;THd@UD z|Iowo34Lr$7)F&Ec5%Ut@nWZutG^O&L=_S&-__ZD8 zjDB~@>Aus=WuGr?oC4iPh|(k2e}-eFV;osO5-fIOAYpiCqsWsng)1c$wn3i^*|w`* ze$)Sly(IU*4+H;{g?D&qWm^-HYjL)w{`rRyCjzn2-(d^;Tf(WGPEJ>t-CT(H$o%~C zrb4t0^~4gHGIAr=TAFnyDPHkj!!v}_4_^Chy+BSBjWQ2ECafFqL+)ze64#13hKe5R z|7S(6V$|A=ZN{E2Tx#)wr#Uty3SwBeiRE7iXApn06gg#*a5X_yRJg7 z7VkxTU~zYigOI4uneVulXJQdZz{gGbBI7H zV+ORGA>`{<@4$*(Y)!72UHK3Q0^SsMrrXSfjnDi#-gD?-J>bvv#s^4iuDZm)%jYdD zjb2MO3&d4*;kO*%mzzz)>Hu69&8MgJlhq#GDVdCM^N%KL5%a4jM@!Fq|LA-}ZfPw| zbc*I#^ViYSmx-zGFb^b0w?#4nIl7q!$~%QZqh_;w046d2S)N~O&WdW6%(vAfL(&0 z`khbcub^xX1i9ClN%-U~nyho-QUz3p-3_fvJ)P?PDnW7W=|9OOKLP^kaxtVf|Ku?8 z#ww`Wp}PJdN@YvPN6=%)kD^bk=pG0zc1FZ~)zECE6Tw^+0zeHC5orOh8Tl%83pP1W zf9bAwt8{71T}YbgQ5gLvkidcq{|Tf;G^zaZR|h)A+Cj$iY#BS5Dch^>49UE{zj$NU zpHYMN(0|>pWqy7AkpQOW+b$P3pUsut+)BWnffEpwALKZ4GNC*ntA1qiY=rRylCbZ_ z!a!?F<+$|IL~DudVfN9yYHozBoH@r+f^ECmGTrsenuo2=e!DISHMK47LKhMgLMEvD zbd6AN`hoHNd@5bSi~e&5m5b^bGO%~8DN?83pidMN>VXzo5)O*r#E-nDc7GC_dbAh~ zi5WS-HCHxfl2+^(pb5gNxcB_&oSsHl3VUHDB>4*3RXvx0PRCukwH$`LzIX4+>qZdr5#F* zek?pLzj79xM3A7d1FC`*ZI7}M!6#|@g(AT71B$@pP|mr#9+5jAO7iq7<4b4{g#U#!R?E-y=m1+1f!cUt|jSNHw?v{9$Pd*0_!9>3EXx) zL!MIs(=%NA3U24zKD8LG6}V@ms41GJ0-H1t*yGc?bHYroIG!U+oz3t4o>^HT)QvLq zmjdU7!)NfXk}0^WopYX6okFY|*Vae9q(>I01V>QMly%ehomu7b{tYK;%yasMkE@TsNrxH0aEOBfeodioMNBPmK^nk3K)P?p zv|XS?fhr+-+#6JkcVkg2JP~){tYmiwt-Jy)Z%ZTQwg#AyWaX4`6PUtU5l);Dm>x-DT zOOyyUY|5`nqv|kaH3kt2 zdj3#b3QFIE8((>lT7(5Q^k$rpk$;E0*w%a^I_6fNgxi%N+oJ)|&(@6~({Rd#Db@AV zcQnE=Ufyiwp%-kIuGZt7(AMGPUM%3r+4k^b>(zBeAMs^k$wn1*fg@YNAU621O3{nC z`pvH!*7>qKjTXxKm92AsV?DQ&53jn@iG%Bg9#st#)Uy>2bBU!1z@Ny_Q_Pk z9f}cw{LujFHj(Y*I`nJ}L6XL{rJy9fW_#S*jTSb7^)+LcIu@;N)m_(w-CJ0*hQSI+ z9s1U-MyjhH{~8!us*=-eHl9cPo3UCr@<>O7p-N7hg0Es*8!9A=5=_eE%z?m0CKIX6 zO_zxUHyp~w7qn1;PJks_oJb9c{}Fls9OFAow3G_HB5# ztX*6sEA$oN98ay!N&T|oo+8&c6S7rzNb2b8urjd*|JnkkS25R=()P;*72E^@_61cq z{JM`u9r|EU$oc;Wc8jd#?Rx_WUJ9$Ek9vA@Fgk5Ai86~A^BKgjnn2kv=zGFv)AZX9 zk)CUO$ydN1w{0`v=kVFhc&5V-j=VQSXvdbVKQJUEb7&-xsOS2$Lypy+I13S@|=fNO(f#jH-X?m3FMVSn;3 z8l^vIrZMQ3qu=sr&Q!fX@n9lkg0DIn?{igF%@%5Y9nt0BNtQqIF(FOAR)1wq)baQW zJ5|{7F<)~8h3B_78=sj6krHbzNPC|mSM!l^b5t?$a_pu?W0dlZyQ*X@D*G|;b?1SS z;>#Tnoq+4v>rwlel7!`^yjY&KShN(gtkSIZT?>;7E~2qo!GrZms)skTcwf>ML?*Sw zmB9m5Xke7sh*qDvVC)#v`$rZE3u|J=b`r96)r#v~h;^|+$&ZPt5(m+tH`{o5^&h)1 zXyy zM%gzt_*S2s3ctZO-vLn$uk|m^H*rW^*RP{Dxlxeu0v@0}w**vQ9&y^c(nvAxw$n)a zy6fAt=#f5xQeMItWvn_o;r$~Da`93q$CI|j57S}@#C|q2yRt`1Vcw5U{!ddWb5lnK z$E5kHsuvsfZBR5%`)iYIO*?y>uGXvcX`GE(rZW;f%fgcHsAxAtwxl|g#{X4!{HstJ zbD4bub2Jp@xOy@DV*X?v)AG0J`RK$44Wdn!>asF9C4hN1|XI$ zOo;^cMa!DF>M?IIXA)T711XWOT zb21^vZxmO^x$T3q%Nq92rbv^M^ji%VEz}+{UGeUfO7xCHnN(Z zp?S_rMHfyBZlr#Ho@*~{YbmUUp*3T=#K*Svw)1ZQKWwvOeM;nPa-v9K8wP~Prf3gE zF|v!5G&}QXq>u<PnJ0GdNq*xP_cEvWYRv>uYTXaIfH= zUdl0N028{m?{*=!5119==95zfss1?0M0Xlum6F&RNUj%&Mpu@xYium=^Vf{FJ?j}G z>+MpTKG}%l!qz^+WkBNa7e}-*o>WOHCmq2qj`^JBuI%DdNlzr*eAQAnb~3YVbnFEt zrq22v2&UXyaA2VvOX1P`;c+8wgMHbOvF6prWeBbdN}SBuq%AIdQK4_^`aqFi*J|wn zzk_BCty5Z3^C*jc(&r}Y@q34Pgtxiv5ev2uet7p1J^SS;8+Lwdl3Y^;W9l4iU#}_A z9k(sY`zHm2%8d%Ax?pmvvCJN;yqL%ZH~6l^wMzCkR-^`S>)EQ#XC6*_(YJX0_PG^=z!Z( zKFx}cLQ9QXu7~>zeK5Vauov*`yx$!36DH)hm2OB_KnLxUEUrxWe+OSSwkB;)uQ~^9 zAro4K2NzI~N@7*ee6fFYugltd+$yg!Q%OB*sfB}fz+C=YKTbK5!{RRu8n?|H7luKxy}$Ph zaafV)`Z}g>0lr`SQ$S^m4%xGE`B6XNayUs%^AcLfn<9^M(|lIy%E9+SYb%HuFQe?wB&|5`hi z0aCVbxqen(A2ie@4Q-=xxv7^MO5Q}!MTT|bHw-T2ZzZGfhx@% zh);@Z0{EI}u$*A~MY_G4ySv!|9zR7~-fj(Xn`;X(6xA-lp}6IqB{^UUk5#)F--lDQ23YdSFNGgF40KgYbWi!xSn_cY zqIi`bJzslD69*@9%1X^fzQ`Nwn}Mv%=(}-IJ%BrPTv4VoTl#VyE{C;)^=IjY$xom*5b`m5W%hczjg*#*sQ0k3jaTpvOQH-?Wi2fbKVTL?Idq9!% zq3N;T_7YG+w3qIjBfJ`WHNTko)IueT*Jxs1*$9tNcCMd)`n`NQB`e1y(kCY97};Qy z#}bUnZmd)XQwki;QTd_bGj~ES_o`MsT6VYw0*)>^1Kz)BQ=&~=r@euPleS4jSX3{G z0$ZP-QSBNGxHMl~m)NNWx4|H=17|R)RQ9BFX&pI!6sd89zIr#{%IkbEtCt@#dupDS zJ9kfe4>@<{QH!ovREIqP=Iq32gsy&g#-RN*B}YKJMkjExf(H6d)g;C%a>|}8U!LFd zd78@u$<1K>&k}iFl7HK08j>~Ca?_^%ckwrJQ;;&4T?w2eE9uaoNTWauzc z4<{HK;tqT)_32N%UXGEaxaJXZIIVZ&K2v~t8@cJcz@g}XD~Z!)H$wW?Ctkee?@OG@ zouJdE0IC23l9l3xXd&fu8jZTHKey_am?NX!5NeMc{2+^$gAt@L(5$E<=u~M2VI~j1 zjK7m*{cdYPWu&)oNyV}6NH4J zntptjW_uO5o+yzOtjzfsuX5piMS%zJxqc0fm7>3E*Fe`XeVWA_>4t-NH;GI_n>cDHU3%;=g{#mX%Q9q*?S zxcJ7Of+bZHxF>U}AA*TpYXjUPnH*{2Y@QLhMQy8d_z_+k^^P+LAKh$7;B^XEw%}qz z&lNlRZ`aoDO?&Eh=8xi|O1r}LBV#7P_{>0h>%So0IF#4XCmx5HM|);Vxo4m9cE7xa z6lsApP|E+7i2f6Bl;`P+RzX85?@<}fk_v8x!s96>%` zo>W?181K|fAG<^r1u=`wY_Ab%q(?3Rxb#@D>O+5paI3LXwFUQ=_1jbZ(h{)@NVBy# zi5BMTilZjVF9~l8gOwLPcpJcchVVPkd`07i;42x)@LLys@4K!Z1yb(JM zE)pwW!{`c~FpVIxgGkt|}iFMyp>A!u~icLa6UJV>nRjus?IIV}2|>AQ5@gz2C%)Y!oQaHEgFVumy4c& zJ>0jZ1}(~mrB~=k*zcEcAn(W4V3xocMX_12NsIh#mMgx$2sY(wx2nE>UeiROvZu_` zQ}-Rajr^2b0xeFUZ7*jz+l@;NxQelW4+k?qbXQWR&DC=x`bDBd1b1M={;%_8ta{(e zSuSs9_zxVy0eBTs`08#_6y>w_3Aj~1Zs}supBAtHjP+jFJ8`c>PK-_HG>l?A?C+Bz4&JjyH|3}k#__N`^(f->-)vDUHTBC{*qxMK!RW(yp zMJctbMQmauEwyTIYNSf-+I!ZF9YyU?f>=QkBO!^K-@UKR z$9UX$zubF7lYpF&RQ^_$A-hd4>C+3Urn!DQ(r6+6&R}OVgD{}Mc&nh`OqGi@(*vKN zC%gV%JmMD5pk(fj+Ausz)fp$*H?KwG^59_spwiJaQ^)+C zJB8qnLZ{U|!?hp)q>=FTb=q~uWJG$=QG z?O_CmW+k3$QyCY(i%70?@fXkS9eUfI(=;F5IC(B`K3Fqae$Zb0nC0kLF`hx=Jv_8r zywFO>g{v-XSs;;~DwGJsyHvu0K1p1AamMRxVN_y<{A@^<7?;rZM}I2hePq`M0%&Ux zQxA95pc?YBEaTgzTep5vb~CQ_Jo>Tls^PLG^JGZG{236<%MihA6(a$g6W5FPSdLRF znG+l7M!xJr>N#JkIwKiJhegVObidZBo>-+C=c`i;*woL?gUpwml;_9y+u)V^_=(H_ zo0*0-U5=#HC(D9TzOjJqU(S5n$K4*`NgkK@6qnuy_~o|0v0Ag~)#AKo?Tl_#N|ttu zPg#Xky6YwDf0A~K)w&)Nk-0TH;qU#$O&N3xd57WfDjFE+9KXPBa+`I9i-)0tMM^Am z-cS&<*DWwZJ0_q4>^T*PSpZ`3en0wPw}$A~RYKM5l^-t8h`~&(uZb4a)m~T6ajN78 zT{_3b68`$WbVVFLV78_0yQP2_j@*!Tl0mllMhi7UG^BVk0M1QuIJrqWm;`#eF7&r= zJL27|A-qZ;|0t}<1^1tQ)4{)N{y64tZECk%`$GmfV2J&l4Ix7DU~EP%!LD>L+ebN zT`19Lb_?2I#B{ig|1ST~36eV193LJ~*L4#Wcr^3XuUWh6p5B~_qqbD^m^9P>X8~v+ zC8kp=A1c|Ec(31l(JSHLpRZp0>(ka()()_M2Y^%}qIu+f->3+zTT0+X@|++4t;4-AV#l>`01 zTx5U}q-HR;*M4S$4p*m6`MO2V^$3D1-}d`ZAMBv^D=NBflRCtRl~LOrmj1nXNv_MM z;}(4p*30Euj(X8=#z(i>YP}4jHX>qYEan_w*ka zGvZJ|^h+T zv4_-ZHmxTt6S8Oe`Yz1BZP+5hM{?|0EA@wiqxT>;89D+$BYRFP8(YJjH3h_ae|N0k zMF8FD$m+rU&fwSkL{tCiO~CZ=5fbD*YO7r zt_()I-bi&=G<+`jS4AC^?LL{LSeg*lkJT2Q3x2UuC*)jR{r>K9uWa~va*#QHviGeG z3t#LPUOelX?vEpo`ts0!)`?%VC+44VFjj9F5f`I8%e~{10yi}+8We@>orX-lly61q z3k*fRJ?ecOpS`V}pr@Yp=L~d0lO@7%ZrGQ2zV!Y=5Xz6*c7Vh~_Zyp!+iAJ0!gJod z@Wu7Lr?&-5`R2;tIHTEMUJsI4Gn$slz`+)0>Qsr@q~WG ztF3^~oom?W5lh0AtVeu-3?DkBt+Bt*tjcq`ge`#TMu>X2y0QSSUlwXBt~As9QdH0F z6@%AkR5EsAZRM#BYkOVvlFX>Ee0ZRt&89KS;*iA_5eLOzTB-`<6M|}vv3KeL(Q#!h zM-TTN>1=$O9GG>D5&bj#y=t8ANaB9?>WYazglBEhjhYYqNvfW5Vui3BWQ z;G>i+8uZX$`h(RolN7!kh%(9dfb?Jf$~g~5Cc!>Y5Hix4_FYC5vMScW(K*%>c^Ehp zZ;t7ue7xG5hMd%Y(SvuSwJ9#XE>!FAR1Gko9QO2AIC9ED-7Yg-1pa2ZPz}@c=%Tp# z)7oLbb#a9o$C00*VfBGh#^bfYnO@wCjre9WSL3-i&xh))Op1*;@xk$2git5D42I3q zo|2a5IBa%XqB@m|B-qq`T>UETQg>z9eWExvk@D#WR*`Y#$OPso?S0_-=JOrJFcAEP7s!ol$_a>BK$+@4D+{jwz11WWT@2+pdlTzibeDQEq+Z-ix9o1O z8k6#NH5MP9OJ7{m@33dan`#Ybp6SBA@ga5JPIJc0Z$B$=C#hib-xB)&xUo0xjt{<_jfGA7v9oRMeFc z^J-Ee*p|1i^0ut+sm5SWMh>3z&+aX(F7S!C^Y8VAJ%iO{anZFfpKvtJoG`2S2ulIa z!d{OwN=V7mI4u~bPwf%~=ZPKR_D5v7db(ZfR+7A4>lQlXaGCZthgi= zPpS#4L#M}N;1q_{?Rc^TEaRt%SDO!tp^J9qYM= z%l8R^`cJmp9H?e%NECFMhr0Ng*T#t$$VA$jC?`wWX;IjKex7&OJ##cSmMxXXET(?2 zD6$1j$~|9qy5+56Z`!7t#g3{&^>*(<<^&cvJm1&?&08+zV6+hSD?$oX@AVrnitR0; z?v~@Y@3eK??zOHY0buWFBwY5*7!OPW%xg6lImCQa)Cq}E>t6rw?13HCh7qpF+W%CH z7)fHiGJsGNE46OL3T?hC`wNo=7q(sXB^c@BC_e|S7Yb{3wPAYspWV<+Mc5lsuQ&gR9!x{SnG>|X9X@o>A}v&r zAx-UWu$w5*{Iwm<2xSx*T;Kq_h*om$sq69O4;axC9m-T3B6{bsdhp^(VZ*>ErHF>C zU}WkaM$|At?2E@0H!V?=2z8$G0h*owJY?4L>677gayQ!eVM+a%m)6XXfS+`5q(8k9 ztLRD{At&paCSW%}6Tg+_p@G)vU`1GW^fsLm7{9Vuk4@5th8jr+G=H^S02`g-y*kKd z-ezp0nlH9LwMO~{g~RSy9g&ll%imL`j`+br;n0cYy7{3jr<0=Z$3b%ClQGl?+0KnC zOc%{P)K%4B)nJeyq`N%6X_w#pV$EZ_n>^4#y#a`$omwji%8$4jmWIqCqY?g|*^$f7 z+N2+!ea41S@OYfne_df}lqMtK$$3@J!p4Z|_I~=QlVT#k>ZZMCrp_B-8_TN!7Jj@m zNmu6n3nqkAPF|*M1RrJwaGl+^NnX*pQ1_^cD|)dszleAI41Cj>W@;tuYK7E1B24^TngmVkBZF?#1lPwsZ**YuH)x;g!v3?^?sXc#4x z91UXz9(1n@VPf*LV})Eso0jl^fr+0=G5>x=-|>E6#!BO7x~^pk_YNIL`ErQKx}oce z$c1)n@F>y;vFMOB8{W4OWgX}Rd22pArV@YsOLyn%42A=^ljcewLYeangUD6n#NYb5 zdxJx|y1jOq>AHe`S>3E&~1=gHB#gP=qn;=UGfFu8AMV`Os#l(BQ z4FJ`kZ7hH&yojoX2=kcdYTKUuU;eM!ynF|3a+=H1cr25A2mI3RQ5a>k|U^!qtV`^qWJb zv$h&+wlLTrS$>sGD2K){Bv-NGb3^Aw)mr>;=`cqE|eHkGN$M@??iV_j%n-r+qN+-?Q2i$o&YQ^eu5{Jb#_3Dyn<|KtH!qD8Qqa!kl zdd5q*zHU>8Cr4$<@%(S2&H-eD+FooyQ^d})Vv{;n^9MdEMDfnkTXDX5mCwtTdm`NC zaqz3WiiQbt4VW{%z+GT%{h4>sWcp_6$2FjhQ@LLe@EdGHR57}AqzI?-zS*3f*kM>)h^!KfAhiWI+ zKLksD{rZwDhp8G@H_^bQBT(BwQB0^-W@L;apI985v1I~w5_B1?N0B;5UTNQf{KgEv z-cC2M?4zqOE?*UA{yLsYI!Zx~Fdua<`{+YCTIyxf-jcqAGYdn$WII-8U&k7gJDRQX3odR==Q@n?5NMZ8B+;bGrgpe?2eW{eX#q$c?{A&A?PBlsypVP(W25mQwk6qT-8ZQTdol3*vCHC}$1w{%v`vZf>zSr0f7@UB zo8wQfy3*2@lBwEB zE*T;uj`R$?-x^x28GKdSd;S18-729;H2Z|6AnT%E1Aul`!u#wDWS|1q`EZ8ke5IV> z7#gJp1J-K>&*ssI1i_ULTh%)%_nC>pg*7Io%Qf@ee8z5*%sy7LaME)R7N+3q5p8)f zL}iY+E&(M28_@Z}*Y)W3!oy|aX&A-2;s1KOli|}!ItB(3dyiLr=*zEn zPpR2u^zQP0LG}H2&C@ULFT66r>wmUxBvG;j*TU%$(xFtT*5~lP3owAoGExTZ#LLU` zH+oe}HJD)>EM4&Ce4R-a86Q!rS_(MEHbDVg+Yq=;2w)U1^QipF4GlDI#|j#!rWD9u z_3r<|71tl^`T-D~?f(f&Hc+9gQLHIoOL00#b#8Jh^5n7NFf{oG%}as$q;J9)MX?Ww zKPHafsy~BmI=%bcnPtgg>>d9nS-B-t=LrYBVWIx_s@RjqeSx@-+5Tovd;3H4%4Opp z4(0Covudm7soodV*F@Nt-JhnuJH-1#w3?cr5|H6$-iG+M5nHs)fyzB=ovqDu&Xaim zttU|}eG#L-?Ao8FlmW?qWpJUicPG#fZcSP)Vta2uqQf{z@rO~f+Q6Bi97<^R_;650 zaUC0|c5C#jp$s!ZV0R^TVa=Z4n&0NhaBg?yjfag=6gVU}a)28#$@O9PLalG69k@h{ zSUBKK=a1jh{DKd^(ph3qy+O~~$Hpn@IT?GB7h>!JHwr9+=`AY+aIEYL${)Sk!M}md z4>{S)%&E1kNbT|Al8Wdz+>`6Vw_H+2X>;D&3H}G4FGXN~;g^pnB2v$SylrrqzRPg} zIs}~3%g1Q`b|q`<;MME&cu2nOwEq**ZvJvrZ!-@37d2>j&miR97o&h5e&6zDfp4L< zLcRsO7U5KnT3d6>MyY-Xp=kB>UZ!)p*8RkdSg26JP+L@D)^CgBXTf9C3=LyO!0w3L z{hhFH<%nU#K7R4Noo=pES*7N8wV%5Huf z0!1%^oYc91Dl2f+<(s0J+L5dkWn{eaS8D1Us+y933E*wc#O$7MbNx>btz16Hyh+>! zY`hu1vlI~c*NDrOtAN?!ssUwT)zeXzX&UoFYU5s~1hPz z#!M%Ss5#TsW|Coj70Z(*?}+~8>YdRcyT4y+?Ps)F@5M(zKd5fwK_2j#FK zq1j+lrU16x>OH(zvdw&(zcDJL{`UTkUvJcP6@ih>B zn4Q49LvF=dQc<^*bW5uB7>4;VdO^<^M82S3leltc>Frs9<^0%>5!Qt{n#!F)jeVuW zi2p9eFIMV{cL06oP8*dQ=-fQ~3s_^2)^}6V&tmO=YC{l<$80-VHtR>7ypdat6w056mZ=fsQ{x7d48hX?>=$<`pZT?xO@XzHR?~xrNcRZfy zDNL&u=-6sUyk-3&c~ylwk>GdRx4Qn*^(}$9FOB}p0*3FZ?y7`z1;anYCWRx`8QuW ztscx@H2bUC|D{SkH+>~tx=Qrp{9Mqd5c*IgFUh6tg%KxzB1ckga=f^RCu;%^LrSLg zolC70&2}SLmkwoWFU*p6gP@S4Z~k1FLn5GCo7246%HyvT9igD_vS6-bvq835$Cj9i zXUqETueZEra!=9rDvU&n&p)bSM5M*BZ4rY=VgB8Bx^|^FE$aF#WSf8-kpI?}n5cG~wFCW*+acJIwN~zFA_5_}9cb_M$7ka& znU6<=&c=Q5`Qe_*8sX5;O6ia4NVO(J8Zmy+&PR=yxM|S%wWh~lEaAePR7Nvvu+#DB z>*w;7@aPMM*0N53&*0{c^#hABc35A{H$AYk z=#BZIWsNN#+np#iJ1EtwtscqgeY2Ax@iw)M@rQKed%a+Jvv*p^m@>;gc9;b1XNOMA zD|AOCtWVJPm~EkS`TC3gYOEJBWzjN_7%ZFt>*pFu$R_%QqwhwS7*H&y70~MfgJHJT2fDUSbR<-_rwZE(GF7K6A zhxc>0>0l4hxz5_3z^h;Pzgs`^Y9_C$xvf-)mwjn-%{VLD*r4tF5S5(b zwF+QM>I+f+e*XKw+k8L2vm+>V|2`8YO~i78Sf}08dIG;64__n~Xnj2lf%#ub3G!}B z49K>w(kFm~p1iW~e|%}uCV=?y2>!5+Sk`Y4-Cgd>pxp6L@F8+io_-K98FcvXK&?5! zt_T`Ui6AFTkmSz?pZJY47f4JG-mH!3Ay33j;nP+EJKo|oU0~a7C?DCi9E^^730hL6 z0=7mNV3oUWVSRMS>VDj2#k9xgeV|NYM9CjtLP{J5&HA?w(|9^bY7 z@u?rM@xb~Di`Ggf@5RZjr{j*Y2@20&yEu&lZPw=(+hW*{{V>@S35TZh3;iE#(!cB@e-DESW;|=(gKNzO`J!|tDVqJo6u`hbtS_!J) zcCwSR4f1g*^nIoOr<1btKd8{piCvbYMl*mxP`~jec1o8aEz)OiG3?eYOi%rfW>M1d09vM>qKPTh1`%iqeiu-vCJ^u2NCuCgm z2N9M1xo>>U%zLYnSUr7Tk-=^;&T{ejI*qf->2ddEUYm=mgz*5(@2%spfBCJn_KRc2 z8~U@Jc|%QahowV)cjtCwj6Pb{*Hk5t4PJRL^`@HYyG=O`v>1Ub}|H<+nA|&KT;XfuXr)Gl{uz< zSG4%o7ldK?-i{HWs$!Alf?^#@NA*9j08c&xL(=g-p}RmG!2CMrre?usJYU$|@W*F2 znMyB5uu(TZXWRkbo`@}ADu_HRt=mPJ;DEKq<;uBFd`#q?o-=lcbmG6rtcg_cQA>f$ zZ5QLdQb^Rqq|Tj+Cm#ceLoN%hmLS*R_v*!+3JmHG&|!58-rRts5X~{c@McVEkYpf4 z#gOpv(78qKob$pE_(4L{+S!_ouG3QP$0Z6W`XMtyyZuF5=`)|+d~=uDjM3dM@7_r} zUi#reHXR!LJ|O3Yj_K;puG0Yz{t_4XY0M%2!`gNZ&G&6$i>_XX$Z#+#G@(8(lw&Jy9)%KXHyVgKPu z7E!sY4jkxw>-sx3|L+lE`4sL{rTOlo>qRK<4GAmv!KSz6Idc{3z^(R*&YDg}HFLMv zb#@aAm{Qi&WfottL)c%<4qNfP1vp#S9#t7`LZZq4(C%u`N z|1owkIaxb?c8+X@(T7xt1T~^J7%$!)37beW6%AP}_Nio&`i%aPYev9f{P3x|KLYZn zTVM=uh*KM}x?Q`;Xttoqbbf@@T(obfD1OIhhI`SdPN5aLqCzqXy=Gad57L1pKZ zy_8yxPCNd{Ql0W&2&pytW|vAxx_wu!*8q=sG4g7t=agHkj2K9EP0TfS&pZBXpE9E&j6}?k-;Hp8E`1oMpnqVm0 zbfYj5sy@bpKJ~cLMYgQZD&DJ7ukIYIEc2+Iu?qR2u#TZZe1p^f1pUI>61pToR+2*K zgvK}}3$yevfd}s%N3F$m-5;{#6FBxwY?wNDioHdlB9J98DmfPqtRIYPk8m|c{PwT~^N|;Y-{OuWzR2y^bn-Ea@`DG4&zKL9Do}bSqi~wkt41_~DKek+3$yRaS$724U0ehnuqq0=^|rI1vjLEm zz>9&Pl@8IhY`(yY6AjU^*g&^M_ts;$Jvmwd%6jRP{cuBYEL4>4cBjeHAGu-*JsxeZ zCO%^)8BQl9=06@h91jPoIuzDnR8Oj9nQ%SUW%07Rfb9fwTa>@%=L2M__Y9_7G{-vH zhJWntvI6J~%4#>8CG_!_lirC)SaVK1dZ0^NIQjJKi^ffP^3PkM^D6wPr!jhS$G^`* z`xKAp%N?|* z*OWS5&Zl`@X1*`|<_=DTaX|T^(0B7yEU*i(Hgx?wO%%Pk&=$~3qw0CyRmI0!#z}+A z+%e4t{1i>z_bF(qzy}Nhgkm&wSQc%hC``f(4dl44J%EI0a6(s+r3!6lgm!zTLo^7{ z(JlKekn*DDlcdG7wK~+hQO`r$M`|lx4g?+#hqc*=SDW%p^9J^y0&{Zd^^Dd1|B&~9 zuhtz<;J6=_;(3=hu>p?4rrXAYyMi9F89;w1bk(>k2g*p9^&0fXuDrm zzB(brcx29fIL8c&&e2szbjn&FncWe@6SM07`S94peXZ zVkCOtN#42_!927HM{m5vBmpDh|ob_6|=iW z%W;Q$uRKuZY|~651qZ_9&Eq8$0pXY=jr6_RsZO692LJtN0Ar058Z-Vb4)n~2_H1~n zsoEKcS+~`Sd%GAE~Rk5lv% z%Piy3k4=C}kGZZZh6YyKa}`&9^VTZqWE=cR9w3?dL+h&RN~Go*)eMPA$;=1&>+h2j z;?^VNNLBbd{Gd^dA&=pX&*9(fj)Og~sY?&UnI^g?L0=ERS({4qTKBR}zHmV8b#?{D zkb4sQfT@=VIVz2f0Rn-(u+S@) z+lv`qmmfrHNS}6pTz(O^Do_1x&G{|VIIKkHpxej(zQO2c2+m_U&u(Rx<+zR=yzgEw z$9_Z74BMF3T~d!>P;2sx{#4!BaDf&ZX5`YQ}6q;e@^ay3sH`5zG zLvvu`{O2S5Pk&encIwBY=jI7Ks2k@s9`}>nn);NF#y_{=+Mr!oYqW=2kyo0chGhnF z_r5|^<~s#zhtH#&0t)K;_(Vt2Y|_MjyW1z(J&531@HAY%bd84oQFFmvW#5>3xgy^+ z)k)i%tj=f4lFKV` z7A&S*P2NG~fBhm%9cVL6t;S&w1e~V8=i2KY7U4^?g1@3SN`;6J1+jHf8tCID;MYHz zykM5@{tEk>aTe$EvfF?}7u8w+_~fk71)2VJm#lvEoh-j>6pw3WBBvLw=mYTcTb9>& zr@(Jj^Mwz)|L8(rGE-_jdJFK5!oje(7?1I#6K^J%{y`GCYqa%BrNeqn()ppI2M~=( zfR6UG@qu3I!#e@(l;8T3)><#=8m{}Pb6-i1t(}6KRAd0vV0{$Z?`oG~t!0#EUW(nC z440wJ1nc{EfU^aN(pArX2;)Z>4&Fm%Py=ObGhb1R=pSuX1(5SslnHi=MOwuH{Plf{ z+W5xfMw{UsP88XBTPbPBOIRQDx}f>|)DyeyB+EQxZc8p4QxR0weODX(^7;OJ#Nz>)n|rnJDDD!3FK>|Y z3$H$P&TDhWgEWBqVyQOF$jSQ3@{#GOnRL?O0#ujj9D-d93n;hxfH-{^WQSV$gk?X@ z`xC|(Uua{cET%xWAzu(X5pzZVdxs#mz-7)|j|vk~zGi=v;2QfP(XnqEkfH;c8TsvW z#&HmjZw!z~Ydi+jwjKtJ+c+CPAl|#>(G4>Z_Ma~h67D322Hu=eVUBt)NRU~sChmCjFVgMlksKdcSb|3#MPM`o!o#rn0M*h9!BexyPtpjvj%;8 zvL%_~!zb_dm-3Xi@N$(fIKzpgY+`i<5{$}X*}Mz1{8Tl1#65Nc8`3Yi2~grEX5ea{ zd)Aef0Q%Dp(;sa6W%l}Wc-&8OM9vbZ{xG+NmE-gP{1C$>&f$5p*r)5Us_{3D9*Z{i z)$ld8{XAuEL>_JMYX8?}oibDe+Zm)_;0QqU=hJlOHA<~1x2Rz;up>wfLTWwby8ee0w7J&DxKBDAR=Y`mA{W%IAm$W_8bM~2){YvcI{;UWz=+5neTji- z>D*3)Pj}3C|G~G-D&8;MVSXU}=D)OIwTNj9*CeW5oFvI#(j7j)jOrL_gz`%+9iZsD zcZufWHqPd6jxeVXRe1l}%wu>XybiD`>u}h4oFz!jU$-;UI>OAGgW7QW<9|_>Bu%z` zDrgY2c(Z=Z%Go*3h{2yJjzfctjZQ*n7=sc$Z0?h6k>&~h-r8lY4xnjL zAy0>aEGI!Djvlbx8a#NtqP&sHcX9%LhJ0QEHzIk1F0K|<{a{^6qI@zwhCq}9Eu$z? z4b0^0?KwqpBf9k2uvw{o^_%jox*~>EI3(W1m7fQq z=t2(c$A(XIaZ?oqy#IK@(&zvXGdqNw6JmguVUun(9aT&<0(!X z$#fg*`{F}rSMugg*%5ZwN_q$tPL~Hi6wb!%Sgv{#P(MA`(qTt&J z2QJ)d?F;U*LrrL10c~Aem@Dzio4B%v;n0ANChHh|U+%^7_Ce$FPA)%?5+1Pj`{|%W z#1rN%ap|898P`Jziq-+UXE1Hdd@f+*3%SXrTa*{ubESi*64IKWeTZlMNTh*6uw2pk z)OTmDh41Nb<(2w#o!bY`CnpQdo^>92kMUKuVALvV5u;oY4Kt@rt({$$E-k#?j4)p$ zq3?%FEn{vnL!lzqMQRlq$nky__R4xVg`gt?sKY zem}5~cP8=>*?n;g8gWu7uFxViWHP1pH20t_ei3fUr^b%Y8v@otse?9`L zqK$i;)*}OE@fYr zkoh~s<OmzG+cMjuWBS|8ynFf*$;i#q31`E222}*{KV6_>&yfH=4GQ#Xpf%Ps2IRmNqpH z9r?4)Eax_BOSnfvr-RyNQvg}ZOnWAN}AQ7+fLmv!bVYa0lfLd|9e_o$7E8|xVa?~7Jtb~?!R z8~s-%@7Am?f+|MOeBdpF^Qn#=U^X7P(T{NHxViFMh+!lX65sz?zP(Yhi(4bF9;8tm z@V>s9_a3dSHO*6ck;<-nzkR;cuW?fyXO}~^W28di5(+)lov)r~5hkgt8{ko|&qVH6 zxUSIgi1c33N?kPlJ50b3U!9`q8?Rh<`P@PedC&x}-}f{BD-zAkCk&Z;^K{Kk)>jW~ zRL^M7)w1jDp#eve;(L#;y1+^v0!91HvwthG>E3>GP8XeBdw`&o%WlLwHjx*-Mi$af zg*H8YQYJR*eOL)OqNaFXYs+rY@!7Pps)e{K{KG$!Xnc;RA7s^vz(P!WQ&~-N)jFhA-T1UySUrRW?sB42{BVR9noeJAdc(mRSZYX9oApS5nDo;PFj9UwPynh$h8iKcbm7M*Cr4bzwcKM)BTez#dzO& zm%|e`lFIu?`Otl<{!&!g$!u=EuD0xBLRayxihh}C4FADjZFPy6G`_$9v_;*@NJCe0 zW!ze9y0yOll?+V@z@wv;r=S{sxbHJ(`Sw!NhilU{-}S>-l;!^0xJ5^qUY>daW~XB< z+sae75nxXvY|~`gv=O_0S$_LwMKY)?1I!AXWOjP1=C}Q_{&T_G9_q{CxVOMPsIl(x zO#&kHS-=-pgqo!#(i}7eYpO0UJ{BT7u8bsg{hdroeu2&qRo!;A#5#qqA7=G)cI3IP z#fC=6_5VGLPsA!Y4SXOAA2&iMT5r1d8INOC<7h8Dxo@Z^l>JUg+wOj*?Z{gcml#Wr zW`36hbH6YjojX50p?C;fU}*$*4_oAsanuIwKmp3ntb1)KcqdVUuvRObvSQ`;9$ckv zHt!R$v4&u2$xbF|qgAJRimkKj>g5I%Swf&ndYpxe0OS@VK|Qwtvn`6)z}%AG3$Kp< z$V*SA<8?h(sGtajCq^<^IPJ&x>YzuHTw%}2KhnJ2uD|))=c%1wxqsI~j5k&5Q z!}&4VwGCOKYJ&4(Kix>D_ypsr|Ia4LWL_Ad*5mx}=XI!DR&aWB+4J6`&F90Gb@2>R z>C&_o1*f)iV+$--&hLmX9U@I;U1@V1U$~mDxzA__nVy5{S?I&r*E5OA?*+(T`5?0Z z0>8Yv%*I}5U{)yM-GnfDkCvn(PAd&ZCu5N=yALj8aC_*o?JxUwg)diQ zUs>&->0B%1HLO9{4@tn>Izuz4|zt<-|-`7#zCyx6D-=@FG_ zaL>-GQ~*2OGFfauxEcnfZ;qy&9r{=;k8OiKv9Ag@s1O_bD4ArZ!M1cSY-rFE<;`t0 z@2r#8u`uK!=bYJdIZh=zbQ0t^#5=fvCuKTyaK6i}1}_a-v;H<_BU;V2YMQoO)K>!d z;RB7=Q{uH*obXPY9^yTl^%4Uw0|PL->&!xymGDm~A~9ZNG*VL=&prX2T$FV}-H{=F zI>8dLE+X=8Jq#pv zJc1Q1C1Jzt*ejFkTm<@Ma2X$vANk=F!|lbzj$;qEF$xj&0Li{xeeX(HuaxNbu&=FZ zp9X_=%kPh*W_wpF(7vqrw)wB;mqc^4BD-1YmB(i^169lR%G;8uS6c5O8;f(#uOQb( zZ`4m*_+$nZT?83Vl4)MAZLAxFN>n|!PZ|C1cZHw_bZ6CP^HoZC#P4CUfycirHe(C% zSlE|KH}cKy^i;eChvBNMGjrIFn2yZO-dXbv>d5%7bt)$%J5$zG!2dk={dmEL{;ajG z@hAnEQbBH~xF{dtMavX`8o>13xFVD_o@az^kkdI^Ds^9g9X>%8p$=Ttl(%;n3urmG z42(J+y1TwJ+o2IJbAgO~q^JCuVdFGyIQyvW{$U!+48YnyZRi3nyr!F!z#Fgug_k0< z;*3~>=@j+H(_M@*>Mb%%uVJ_PSkvCj*&|)(c~144>TNm$GnLYG^4-Eyx3|yff*fI) zF&=E6KEztMfnq)WlHYD;Nfm)*St9`*y99@9!Q8~_ViC~}6Q;(3H*;5h%Hpp5XAE0S z{`QjggxK`+=LU=QA4W>8sLE>C=mDgi;l*xE#&@2Cn4O&83<&H?9mMORycJ94UYTUj z_v&9>YN>Mq{-|Ch50{^=qzJM}LCIrb8EBuen)=!9z^i=3-QJrQMA&+tGN&hVx+^g+45TI z@PtP|J5ajwbXBl-R}$f}NjB@mGWU=*nWxba@a#s5;9BG=BR<-Pa7|t6WFtba>JF62 zcd%^s*&fW!?@=e(A>Z_jG8hc zl=X^DfZ}uLO?cruQQJRzrEh0hu)MpR6)?y4mVd>J7C)a~b^0&V(5p!lB9L?H`)NXB zfVT`m8O46lj0_&6!7uvYyRC9*BMd;FkJ_S?G;Pc?H=Ba(@TOK5&T?oB3E^6vE3=k< z`>-44>*j+LY_mq#&OdW!JT1b%PMJgL9+fqyLw-v!J4u?07`*oV+%{(_K8oau7dj|J z*Jtg@^rrbq@1>*+b{r^zYFj z=kGmeO6++F-&iQCOvmm7*|m~+I_@|Pq*ZtJ6#8>&Vcf3t{>s`Ez#{3;c(;8V?{#L(FEcvd8 zKUcCCpA~nh@VdC9D((8j6$Kl7N%nLM;>T3RKF2EtmR!411<~znS4+VpTmIKe zy9-qZV8QqAClwf~CpbROy9%4M`;gc8yv6+Z=uhsGi49kuhMAo_(68$A>j|H z^XR{A=RqAY6kLKTqdb1Y>2zo;BL}mlcp>Drr8A9fJK+cW^7bAVTql(k?P275O+5yu zjgOvmiQlAikyK_M&pekzR)0zW`%cvVANJlWs_Cw2A68LOK~PZXL_vsx6ancF6%Y|6 zDqWBwO{9bX0-+?JBGLt!3 z%kKKi#$4}X-eh;hBf%DE94}(kl6AH@w_44HIQ?`mZb;kFuV%>1;9alR#V5N#xzXx1ws5}{$hrkgoJvq(VW$Q7n zQZ2u&o(gxN@*Bo00JJeqWotZZ9BrG^EBKJ8A%S1_6;ydeBCBn*C2;;>CFn^kvyg4W z`q0ES9rd4~UI@5}YLaQw{Wvy$igv#O1mqaW8aVlUDK=W5i1yg}?rPVAYQ6M@!3UR+2=(-HYpUF!8lK z9Hn27d_2eE@q&oOJ(8!+bHu@0q5tIq(7FN5f{D@JUecTs+?+BWnlDww$R+8UVK#pT zw=mqnax33+3#ZDUEio@@%b4xNV>NeKhQ~v*1i7bN0RRdzR3LADvJPGEAiaE9GAF)| zSnnR7!C1$c8CmrM{E%mNnW?#D85jTg2H|PmYANs}5=Ld>+OhM0acyL0qW(hk3XxX2 zmOx21cSmP_;9=h(Uem41rmQzwlP6+#xO)ob;G>a;HB!mLQLW)_`Z+Vewm=pV|1@Hu zfzAuz^0fH!^1G&*{O(|qA%3C^V#N7xJO*0O#5N>`11uW^=*7_ihHt;+DI^VH- z;ecl(cdj9M^Uq5As~k7w#xItg*HTk)=|xWEG38u}*x?8{u5Y87 zO#WB|ZwfK zl;QBQYQ4H;8CwKA2jTH;1UNOYX!1p3*!hRUfmb=le>E(x2nJ6a2woiJh?h~3rCe?v zN5#k_DZab|&S$4yLLq*~ycIkg`*nHec+(TMy^*Uk9-qGxZ5q9^9U7awJij| z4q#J@8H(ez_7kR!B$A_*yyY~VBbAhDXXmdm&aPEDcvO(ZH5i0aO+IYmL){nz6QNC} zC^_Hw0uZ!20J}S^xd(I%(It{MP%AR)!2HI%se1@2qhxSbCQ*$d0JZsCh~T*|-^;=l z`1P7~i~v$Fw6ed{2Y6iPz+Wb^2#E%^S2hg?N){c~eN|7RPs;cYHLJRJL}50ZyaF8caty$9%fHIck5FWltN!wY^YY#jG9JVZ9=%8CllAO54fy_}>vbl7g{ zWq3opLU3-&Q>yE{-W}^_g1xr;>|M1$18D#D*q%i!-=HWe0V;Jf)S~ap(?NyB(Ec>i zyIh?9D**JXmE&oGE5h?4>h>s|+_^uuJHE=V2oPYBuuYf-`&6n zTU1ze(vL)GTTa|7==D!aPEqJM1PNbD_jwrNkLzuKZGIt%QN^izB&EfGudbvtg-*M2 zd+Qw;9_TbCAjZwD5hZ*(jdsR8j)nc(SgK@~B&~T^02{l6ZV%44?W0L`lt=LI=B8zU!i1*q`ys#XZ+MCP-2q-exl;tGt^_ zmv0hlugU!~ z5#^8?n+gAzd2W%*Ia?hAd8IElng1ovMK=qfaE*9+gQ0k|KC(x+DZd84xfgg}rRqLr z-BdOxZaVzn(#8eyE3O1>B71vs1#RoS{Pm3lVbGc1bz23EQGyj+D$q2 zbqtKl;5R4dUfM!Bj_mwo3-KMf2}VzWeY9gCAvZPvap;YuOVm7-r~{$N)Kg1NAquVP z!7Yvv-HTsaI0WY_lR+z0fSZm@BrRe1xh@2w~o=v{fDa!!79)nEke z9?%GPJ;G@Wlmw$Mar056o=o&2x9aarKL#i#bvQHzp)DH(Z8EHVZYefxIZ$2)!#EI< zWFGC-fik0eW~7e1Qeq$OnR?7UWZ{k<$N=1)eJHq@$%1wPY3hHGuI4rAak!cmo97<3 zf*qS7M-GCvug>fzoZyixJ1j3*l~KRVMoGQ4OD$DMdN)>1jdYox;n$XW^V{L1X&gEx z3$Jpl-dV6HHckJYI)|&-0^hBAcPLMfxR&!%q?l;a<7JBB<<^ok9J_iU*AP`M{w5%PQx~(PuhVdkm@h>R0g{O;ct%sp<{*r>YQov4CHPVQlI`rQ z!h_t`UOfQ=VICLsuYIOFH(XD~WH(CR&RWBM>J=F`)w;`CEoQD>&;*PcbKdpp{(1em zX~IHSrsK^RsxpA0_ykmGp@-KEPRiqxtAlEIytB86zHjE(qOs$$T)}wX1kq@nx8cYW zU8a5urT1Qgk2*~V%F`4sstRK6*PjC=l(f!2)w<_Mg4a*Y%v**~xM%A4>#ge78UXiM zgVNu=y~Q)qv%;f}y*`}Z93L>6DrP4b6KF97?3|p5(K-+0 zO;f{|r9_UGTc5=?XCXoW)ur%K*XDfU#>1dLH|yf3A|o%TAoHjnGkiy3CwE(aKy~cS z)&cp2@!_zBDnX=^7DagpQf0vUnxHxO+p4OtCJ`+^{~~1cBWMZz3+F=V+LF~&>CZX~ zT}oVG-IdzOGXzMtHDr3ZVod#th4wH+Z1dv^*raNV3}?w%{JO5}2;MZBiOd6zuBrWo zowK%juzA)sM0AyiRKp7KD)r0~rjC+-Bu*WUkMP6`)yGJUW4lMy)g-&`r^r#aNgY_V zm$5Aidyzzj(bi>e<2tuKnB+OGXo4-=h=E|A5V;BlSU; zjB2m!9g5$fpWNjj^Eh#eYN~Bx2^$(nN&)^-M6XBhO6(+;5_9R3=YaTDAlReLV8Z>PFDye4jqm5qKa1Vunp+HZ=2S7w5nUk)POs zI5~0S-2VRa2WP|{Uy*q#X!eYGaWw#`4~tao=}6@Tw}S6=V9SkuA*X(WML0YL=r=wN zKhY>*8oHz&_sgP9UwunZVf%M-f<8x&G~`3s@e9uA)pE*c$3X+?CD_{D!Zl!B%P4R; zT#1|Pt&?$M_lou80!&FAY=wNdXbe;D72a1E0xQnm;ut_@&kS`#23n_|>dCM>U2{eV znQL0XeDC`_@t^E*P--gO=MbFQT#OHiB`{NLw+m>I`@^H0pOG^?SHnlce2!~#UJ0Nd zcfeRrwe7Dco3vkYWF|AT)!wJfUBm0cqk4!@;JYP2u_}%O=epCu<-F2m^G-jj9@Q;c zp1mOO6!M;c?;BLE^#)COw61kYDbqZ7@XAfIGkfX#zorFK$H0D9DoNtbww9VmztOyL zhurr2s-f_6RV24h8>Wn!HR6#=I74wd9qC2h!?JF9OJSV-nuD2!$EBZW&UO5URViWN zc_H%-4zj}oc8PTIK2I7$e_7vS9es0M9kXeYUS~tD&%#R@;gS^zpS|8F!@T3-q!n`7{^Tn5 zTATZ9eUZwBIW13^)Zu#nEFi^HS3KzB6KFC#h>7J%SmJqP{&gi_#!mVDZg1~mO2gRqOiD7XP&5*qysRXQ*(N$zf(yM*Q*RGq5+u)uC1&1~ z)@3YW0{B)XaBS>$pxlt%otvn<10D=F-?JMNG;&+)m!Q(+BO82WGG*4=Z1*yJb8rLw z)VZh#I=6x3&d(6E%KcCGk zNvb;`UPQuYwLdZ$b7(<)#_ABBP;)t_`VIRGf4T1MbeBZm4!p3-A}&xFa-L z%~_=-VDM9>P$+Wm z#oAGcl&m$%?`a5nW#C1}ZlGt-f_y4k{ezo$|~7Z&J`)l!rI)v z7RM5B9BNgnirg`dUs$w7eX{@Vw#R)RFhPKWF&>=CpFBQV=y|`8EY?4n33*UMOuu5c zt9)c@>GnaApPG@b8i(d&ggv{bpuj)$ew6 z4|g!MwFC|d9R;720e+Tpo5at$A6)Jh^EUd!BHSe{@naFGScCuh z1)ewoxiQIyU#rreE4oZsP=cRp1O6O)#QiX89O!z*Aj!mBPF(-@?IQA$g6>Htu>Nvs z#f`)xVTI{{olG42?!fRIaYc@f`@;*?&)H>Lz6p~cb9)WU>uJO3oyjLLEOq?84|=#m z%23gt-CcEwh5DMdVj4Q~$40@Y3Ti2w&BV66XCGO3CO5ry_holdf(jBKa;|IQ{JuNg zC%M!l7dUr+q5ErojHjCid4(;>T+f!S_NVm4nC3OhdKdMz+BwWGFa-H*cfF;Bibtn$ zX&N#2;7sEOGYzym-$Vo|Oo21dwCC5P&R{rY>~_9i&PJJOzJLA|1!gP--uoSig}lJ+9E+^Eg9iRD?}q>2}q_ppeLH#nhkvZS7LR zvt_05t5$cyTEpX^;!GGuV8XDzC-=rE$@;Bjr%}dcf^G-Vh2NU($q7TRfy#MAiLMe! zm%tF~>7p0@zlCWetMdn?PK^Y{h1mLV7K4`k&t{h?woF&N|K>dMI6D1P2DUdK{>6fB zMsu`9H2ej{v>cVgcz>H&!L^}>s!jlkwk=1GkXXpRb-zYWD_*w`;At2^+$JG7gRZL7$K*e6m2>U3YzqSuLmm5Cp}k0 zyyX=1J(L&ohW2zV{qc#rjm(Qn9z>O+js`n8L)nb?0~NMQ`wnv#OMvt0d57#&Qw^J( z(W!0GIm&|X_{|r$^HoL@XzHILKO4*k9h`>y2|~NJS^EkzyZD7<$GC~_=tw0#uJ`7# zE!r7-*A@G$rHXsc>xMRq?$(Y>6-sy=oLFD3=n>Yfiq?V(b3&H(kEs>phK+IK8gxhI z?GGZmk=E^`sm_rLoSX1znfEv}O)jI#{mJ*Rb)_BAEnK+bF1L}HM@D68Uf}$B{5q9z zTF>&`;@&x!CP-5^4dx|ruh}fx1&*{z9l1DMAXPo;v}g1MQ~~(Fxt<#%G`iZJsIIgS zN0BG_b)#QVG(f2Lqv#%a`YB;e2>#_enA*|=SibW+~e3k$~gi<>ay`L}P znR`g)6uVOudC|6KYyUfe+y~g~ShX0n!Pc<<;HuBKttK*afCkfX;n*rc*Baxvo6FFOn?bd51HvQ$#@1v5MR9|N zQu6ii`B3@l=@pZetLyC3zdId2y=_K)JQ{K8qTc9FGDptijxhAC9X=#KL(Cwv;Vgro zBpmv1rLU@E<`;L0MYaE;GQuchsCi?aG4BH&4S$=Y$tDK+JokpBX$4nk8PF|w^4kj0 z^;JgtC?}mPUJBgHV*8 znvn{j!l(FGk6KCV3O)iK$;Qzff$*P$gEA*=FQ_3t$IdJ)RAE}v*Pnx-obGyDgV?Vq{Nw^@cPX1WC*_dJoxZDWpO^DmpwE8W&HZ0kNBS-5VYwO6eaR}RFE58w2 z;{;PNf1;Om)bZL6bMaJ&cW~+paO|zHeO3#!`Y;I#R~lKXW;;>AnRoN?3D1kHtI>Wu z`gJQl!wL7YB8y|&IUyk7@S(kQ-qvZs+LGpy>`}^lE=`Z-u=1oI@#2#8w?_#A56UO# z-F%R#%|T7&S?wy2mM3O|L~g9&RbJDJfLf`#5+nAF)`8b&M7$!Yk$E=>yBv4I70RQP zptXJp)H*cGqjBvp#-uyGl z+brEXC#Lfc8r2P88dqw+jVvuIyYD4l&PM^_f9%vy3@PPfF*!~}?@+B!U^V;OxtKiL zzg=skNN?$M&A=-&h3LNK1xT%Zo08Mo8(f@nL7-<}tpj`?)$x1B%PC>R;&?Zv+*l55 zW7?)G9G3<;$iWtjhL;F9rb3z4I0F=ohAQ`DqvNeY0g7 zOoG&hlyf4T?Y|P6>j{0k4zxj6?_cPa;vg!JId}IX6_%)qN8E#mGyTd%l}hz_+fFNt zc=(^LwZZ1wJtS3Nv*5184I~6dw_kKR$Wo0$4*Ox$6xBBTilcHAST%WYavWY1y z8)ibKX}@}=K9Y2>`|UHz^rc)PTK!_x=?A1e@QTc6GrtmDQ%8c+;n`qU0Dr~|XKZmd z#+I?K_ypD9C!9bhCf%r9haX#Z7&l-&M$S4Rn3|-yU#ca)tVn+Gt^^~rs330Wvj(-{ zD+qg~c%WLlzf`Yv*4H%u$ef{_3fLO| z)p*-8?n`sl4ysh+1vs^JA;#ZABi~X)CDoRiqMq12yD@dbUrI_}Ot7Ovso~xyR}Vwy z0Hj|%yz#%W90{m(@9H*Hw>$PKnvgjFxHrE0o@F^!d7fE*2*h!j76 z7T@_e!23+jV(o;}foJ#Mx~><`^a^OUIvB^A^iQkySEh9Mncr35 z>SuLbPB(RIGMkpQ>%Cc(t)e&YkkYOL*hlHQDuby`dWv5dujJ<0LocDY_&8*z|Mmu? zhPGps%Hda$RQ(LwO|II{&3@D1J)kg{-qrd{88i5hGtw?cK*W~3n?tSS2eS1jhmg#~ z*Sq=x&j@x1Xy(s%mfC6Noeol%#C?>M+~MpgjzM-3UeVhIc;Wt_lDuaVJq{$YahSlh zhY?;^4kS%G%3%%|$nYO`7 zw%55aJ4Zc+K3$!D=F-?$VJvB4|3&<8RJ4{p*|agxr$3E&1;w?JF}`-E zt)Qm&T7MB&cvak4Kb`5Oi#^Ne0-9&ESI;s>QeGo4yaFZ+OMdR-?mbDk{&6?>#J)*y zWU$wZYz0T}iBx6)hP;Q|DCskl`q{{Lm~=w8F8ZxrMzh(aD9KJW%mf{-M))GN-%1Rf zc)YCzKK$aavl;GR;PX}dRidp|z+G!wL@D(1aE;ucmU}Ml;Y8Ej|6t3CNFrxIch5}& zdF$S3IlZ?J(8!CY9OstE`xPvnM?V8xZcs#%l^5CENcDZIS|r| z>XqAfS|oNb7MV1dNZ-IonI$DVy)GG^zO?GM6Y;RkI2_u8Ga`~(1ri1}YtX*KkREdp zjjq-+y6Uvrm4M0en?A#GW7-iC1w8+OK>yt?buZMvY*5+-MJv3@-TXn6yQRkAK1--i zWiT=52B~$)xZ%pPoSHATg+jetuD7_v-ugyxYm`%$J7b4}c6Mo>^DUpW`n0Xk?HZ?- z==slus+|Y;o6gYRNf1=KxNRmBFk3;k8U0OxdWU&y^@kLkRdo=e;kEv*Z#DPtyX{lL zKTBqSri2{ctEG?!<7e^1+B%SmG_O3Z+?U3$kS^*zXla3 z9ksl^@%%-vOv=%)Cj#;A3D6qUl}v%keUobe@85+)WvpXAy>whJxbIQ;1*n|3U)j-a z*QG4`RYz|AHyi7&PoI?$N5Hd2(Zxx|O;;zM=w+F)*s4q9)3pF@e8v6qo6I!y<=*|5 zI?Yo{P`6hN>64sDvSV3Fv`!W=SrclBox1t)=j8u;s5 zt_WklugRU7QyjCSyd|?!+nMZGG2w9V>QmSV&R`6EmcJ=t#O%-(!D?b+31BU(4G>;Z z4KVGw$G7+*-e;N-ZkO?z6&l#!TKzGK)tzhNgr`|72c@JhVYE-=Qz2MJQH}qcAmvhb z+1h5C->Z$fOb48atX$B(q1L@$yT!mZUh-0>!J({1t;0bWDZtF7OTxLVjLqDIEH+j? zLb`&`6ku5FnMcdCtl$B0424UGG!eX9V46JW)V6X-X7h|iV&jZ`qNwK8SL=~t1g5wV z4(Ziji+(YysorE4mAv1%?RmuBW;^$2!Anz9RDi`CWR!>K@Gi(gTm$=|N4^c^_g*q4 z=*jEK6c2OFI!zyYml5V;jLHCnFkcs`a<|4;(Wkhkx5$m&UHD-5qMq`Lbz4Uv6-a|f z>?54{pG$h$&x}Nw*A!-mhwPV>fMBSf{?s^HUQ*d z2P#z;F4THV2Tpl0gnE?Oj@_vnZ(nRb`^DPL6@B#Qyzw<%L7d^%zUF(SakrbCkcQa7 z^a`vC&tawjdTcjpO%}liiuPNlNw^dC?oem15zSuv^YH+KTiWo8DV zly#5nb#5!mU#zrensz~7Ajh@BGpMp#fRK%%p?`X3(=!sjJTQ_>@{t4CHSCZAw0q;D z=pUl^%&z^M+A;gg$C+}sQHM)4V%!(YsdI})urITY%2Jf}qV%_#NPpEd|>5vHCMUde>+5` zxK|0p&I=i+o_YA}Qp;|z#igCYt*;NCu7UY2GOn%RZ-$VFcY3+>GY5P49KH6H8#p~?u`!%S<1$$;uSu&G+ zTBXWE{mwLupFP(BlBsY-iB?XU9jfy_tctF-h-C$ziX8Z~zzU;zo(F9$DBF>Is3l%M zG6kCWeP{KSt)(S*VtIiLh}+hcjANiu=;$u>lyLDREFeYab5V`9|7F{cA;myv^YG_W zU!pSN1i!B{ab0B?x>m_% zH9#8qbm--<99y%!U`KbtFji;3OIYrjZf-4ITYk#Fq{_AW5OJ%vY=UGHFt%B(D>!F8 zff3YE5$yQz68#ib>+ODv_{2_TM!u&V*ELvkf$ZnU6C<-;V`OWosCJjrDqZ7)i^dA9 z{I!(;<(7G|P_amntgLUKd8HSVbHIMqve8yXzz^y6@eg=uhb?A=mX8lI`_Y-FP0VwN zh5m|g8=8(#hNQBWpDKI!q*{ZZ6jUijN8>qsq;Qna&2*cF0Jy)Lv5!o_;q&%(m8HZ1 zzq%{2y~U~MpFqiCT@s*EH$%oy zei?|bs}zPZMj?B;sEuQMZRNShf3jY6c-)f{dJd!N1(Nq8El$+GCl)^`8nu2945i_9 zAAbtzdHYz3>w2r?y{cz#TD~q@GaHlMK3?8@YvQm8^y(4VRunPfeyam4Z_WWi50n=f z(b4h^v41etB8TYJ=rySDOA~eBlbXz|{pZZsbx#n+kL33FNT^#sh~LLjkY=)b^O{*I z+V4*5wV!JoRTYSI`{x|@hQv-94_HV53AmI;bXshr-ZC`>@cuaZ`g+$b?F&)e4%Z(1 z*3ad$kNLUw)Ol9qyiK0i-TWPhFn`O_Af(4dT9kTr{m*8zdoMoWSu-=nnjcX0UV-)k z<=4zpo+QU}J5pP?ZCvM)rWEED#QR+e+OD2{&5M%Y^4StULJg|jQO<>mnT{)|i*j~F zSipqEGz`YkwV(EC`*Akp(8e*kxZsVw0S|Na)XPgwC!CLN1&cg+G7a%&f6cHSM_ zBf^Kf77Tl4`tf{hKJk;NMsr-}M4-3L_vu&7_;Bh(X|)En0rxFtAXmBMU0Gyc>dw%o zQ}1FehzsYFoU_iVt$A`@B8*KA2|fcg4adN%$*RHEimJYHk5Lh zmCUf5U|b3gG=GIQ3)mj8Qd8r$Qcp6*N~&3k-51_vnW9fd&I-3w=!WzhOLI<@aKzCzwF z@OIHEHf##(VB>$d8_fP}%UHZ;d~hMZ7OezUZ zwbPKV5hZ#y)*4$kfiA?cfS+CC1}C>di>wXkVR;J)b}A5n3mT{V3Qg;}s|7Ifv(AN!{&dmr%hxm-&q( zT5npr&gbFj$0w5124 zm3^NT!G6kvoPqwCDTB+7cJ)(d#~_g5;49V#vm<=z1H741d>1($v~#h1S;?1TB}0!a zwO|E+hCVDM2;L}85M@bbvOxT75*_Lu^$nsDKV6ckVkCXKvxwh_t?_GHkQPT>PFsSH(rnucxoL0Z0m(g`#ZjpQD@k@D)zo?<A5qds?N%{-j?%4DX0Sh2-i66q=lj4VKc%_|?_Dnv=h{ zpt8LHcldmUi)l_y(_S;jQ88Y(^juatk zf1K>S#vATeIlrjp*}cS@<||fNN_bXq{~Jro{hTvgWSFpPlA!KB2y_AYeWoqQC+Bfg z>xLg=cdT}(O*h&dk@`ckDTjESK$4Xav>u1%TluF5m2^3bzSYLah+=;<;wNa-Q{1}~ zM2Y#+t)A%QA3m3F4gsn*VvlA`fJS|5?#Jx`V&}tu>%Q1yBEg& z9767h48Y=&Y4W4)4e6e?^-{~g|bd>v=ducdc8IzsL z=46+|T$hpc==+$(kaex8&k>|Y2ui_oJ>7+W3^5;r7i?@0xW0Mh6qt&x;432 zc}m)PJ&vu_Ir74jL{Gm!bCnfqY3KB+DR409rd!_8qbP0Sc)MPI#X@_8E~Sri+E1t; zHnZlN?c>WlG-yzdSbE-_!tYUc&S#_6u!**)*!qQea{utn04V>L^61H$!jbZ+QELgU zJF2$%3U6m`Uv!Sqz1w1d^E{*XrFhn?R$YwWhZ^TF%2qPYdM-EOzzbrbm_Wc)kiP8`ow%yc0wbM((*3?%qq&Tr$5!N-&nKc{FWQv zY88JWlu=*N8_lCO9A16zrCs?!UE)7TAwAb3|?%pw%GD0d+-AxEC2wfE*| z#KW6fhAKm(vXB;N^J%Sseuhyj*I~^?{cFMgEM^jqq9@j1sU2uby}ikw{_($G*|61% z%#Fj%o_4h0=-H3^K}*<}&R*|3f_+H0euB?ob!^_mDy8pU%ow>GDjTd+A3Mu-uY+}w z!u1wDSS&88Y2*r(Nm`_bMsBVEn0=syB!#e`(O4<#OOj?vHp-lRQpqY+?#Y|^J4!X} z%AKdsrDDjOg-f^Up6ZO(=m-x7N!*W} zpb?!7=)5vG)pCLs&ng&Kh@PscgtMZfwk6c~IA_YlSb_^tc-lGU8y{z>=#w6kgUd<}qpwY4rn3w)&j7U1w;kb6@k^?XRY^A{Z$M3<@ z;>;g!*mV>-xaF+V>IaoHr9G!N(g98#0ZluLuckTno@%~t4L7az){nR;PL=5P$+(Zx zDS8*VfVV9aBMoGutZX^wUs3gQDJw7|)lCP-3(=AuFNfei8+^Zj9`5Gt(v=}Q+;Bc` z5PUV&>v2qdVEmV$+G~HCpvwC2%fL+AUz8hD)<10M@3z=J_ce>0?rX6lHI%=Yc0bq_ zT%TCUoo`NnrU_t;ilZfQe*nIuo~b}5^)o#sH+n5^)OHRQ^9i2#71Iq*v-;a<*3=&G zI?B-Za9B?8wc6Qq%9;ZK%_h)X(8UYzDhB?E=^{i)GF!+lWotJP7Ja3t28(d6Hu07* z?k&GfUf0_Das5@{2T8%{lCFloRWJz;k>3nsWvT~VSl>DHeH|okD;@C6d1OW%-aXGV zro&*rDz!cZ$=h|D=~vfVm$MgQFF&~X9H-n74c|77wf@u<$?C?4;8`S@fxr>1T&MN_ z5-gH4Pil6aIJZ9x5_Qo_f{974>#F+ivY7wU0I{!)!v}b$8nG-nq z&=wp2r3{2?e|ZO=G(465=jZZ2C(22YIe~gPPG<98%3z~=`eoL9%zUEfzd1|H6R2GN zcY;(Q1We{%%J6?p!l@4}|JNiO6ZyX;f$0(de=rFlK~7cFf9x7;s?YD!+;r2ylip6G z@bpdBqSm!F2xxo~zMxI&vWWRnyZs>&TNT7vGi&2D9n#n*Dx;DI8_dNQ4GnPo$9RNf zivBgIXp^*mYK$b#*UTGM-vZERS7`Ni-go8)or@YaN`xM4?}27-)dmyek~1a(>2Ejw zSbA2|4f`ss|Ks;QA7fg-A4i@@{8LB1$~~LFZ5=Sw*H>RuTUa~yoA@0#`%8yGrE^XW zP9D-&`V32Lh-(19*d=$?Jrj-CPvQT;Dhkn;BqZ4W>DLUdAG7?t|9x+2v|)YK!fE35 z#-G-{1kC_rujUE&mm5K7o(Z2YvXE<0EmddV*S2*8P&eDOUb^!J#7E!WoBZ9tg{LKj zS^rkYNn%Fcv>(@f`d501b4(0y=3MUGe+U6SXB^?V)-E3jzmP{DSQ5$_thj% zuitF^FAVDhmH?Zbix*Rnb4@CX?wNCIMjPFaio?)#i{&=-47oM$!(1O{YYE`k6pH-h z>xeqi%6HFq@9dg)k6|$YzP-?eV4WKOXG?2i$~8N{UVHmvhMV;e zSr}aN4onaf)~~Ch4lrA4(e<7+ASPej`k#go`1cGZVWQpQM(K{K-Y|G#>veUns(z21 zTYs&izI0$gY4i%;M!Mm~Fkh3wV$tM|zuylF12&cwwLNem><3k5NT2#trE7yx5i8fY zMBJ&XZ?1=!JTduX$Fe%A1U_0BL>fks)(6+q?eGgE$3{f^nY#UScN zl@0MxGN?+W;*emKiP$a)P{aoPYHtjZU>cXnTTIOK=hCIG?V+EhM%eHAT1yyu3JB{{ z2{tsngZ?I4*pElw)hs+iG8F$Y9H{9zZAr|xNata!0Lw33M+WS8kR}VJjrtrJt~=FM z^r9u6!_`A)=+lxjgBiZA6zTl07yp+Fz>wFFdR;GbCJYtN__NngSG)C_XZ%&*yeN+`oc6VK zUGsl*I7OEkTi~HjrT(GtArFpQZ6~8#tQbgvvPuoYSC=&OjK^yqs>)dayvHdG1>ZwJ zkdv^wc_FlcB8dLpC0z;OT^S6GksdnF1mGd^nSasr3g6|!e`YynrLVT=L_q2fhQG*b za)bT^nz{zo&6Bpg+woSE4zjo9kNvgH27}0p79##v{=&0~zhKSh-uM6f`3K1TaY#$g zbkK96h>qr?IIvoSWOZI38Q@wvU#n{hqV~2&9PlmI%bih8WfW8z-_ zY`y;aI4V}C45cq!nI3r@;M+Qs`>JeW=CDd2eY0`zQ%x~bDBZ> z3;Hhk#b5B52s*|Qi`3|INPa#%xwlO<`Ey;2bSk5U(XrGPt#k_wdhO=5{adIH>4kMB zPj5Cce_-6n(}&xz2bYEqX7QUZHKC-rC2}_K$0Ccg@@R&y4TKa-y1x6cK2+JbQRFYi zIA!?#|FvGLTr~&p)zVCx@m_t*1QwGyetB{!)fxt!;=Z5$Hykt)*;=vKaD`K_Medqj zJ#$MfP338u@P3EB0b%IogYn#Z|L1-70fvC+Vd?1t974s8v{v_~s9Vxsi_y zv2G$(G4KoC0>o(7!(pcoCZt=*Glj5Kmd!Es?RYQowH4+uybz+1cp>)x>-m2{Q{nw6|a#}&`-&(GQQ@o)&0OYF70MpRo-VbAxS4o3n6$RQQPvor|e z&@N4;9{;mq?bD|`eRc!A8o3Amhke9&9HX(%Ar1kiN`c)rh3k36emY)<6Yi7WHwc>t zRgN>Q!mi*FoFQRfp&o}i@b)5XYL-;GxrYJ*=6#ivG6KLZ3?|xkhm%*-NEHp&sWrEW zBUZHeCC67(RScUy z9XZ$+8gaN9o~+1&sz!9>H`%`?YX3&WCRm3e1Rw8zyWgEZva&C(qMqdadM|IJ)$7qZ zcsKsxuFWg#aK7iO&TSc+6}4LN`5{x|K=t0*k*gb`-_GjTdH_bz8(;-=77wBKwP%8Yt!jN zPetkddFE@>BQyRv6jF0@79|Fl@hr9-OI-7IBaO*Sj?sEuG+#wt2-Eb8JB9@KW2X+d6$S$cNN`@P?5VSW(Z|U}F$a81#l)Z=s<> z+-u)IyzBMn*fg;!eV!=TcE1v$Z0_#D1hl-a9$GqYC>(f)B!l#?rC-q78_lO3+`I9( zLFJOAxZ0QyV>P=vBc3!B&+EbA!5(zYjTZmwRgOVG&tm1ib6NtFpC<9dYlaOYZ7Om0 z|LDAZuOHQXRJtUh!w+(bn^&3HYraKA(JD2p_vZ3nSK0oV|I-|V@WKnsjAyj`YEPSx zFK+q*8xuvjOB6S3c#vR|@^uUDzI`Gkhh%GO$H)s1`uxto&ey;oN{`iW1An9dVs8&# z3~Lhw+%$eftv<)Zp_}`SAlDfBVm$#q)>Y2rvFo?~3hp7!t$YC>OVT2?Hp2xS$_Q#RoWjntdVDh72Vo1`?OPhNHun0i+}2( zDMb2z*m}>PCcm$1*n$Gm5)e>&LKBcC(mRBrpokzHBB0WHZ$WzKMUhSvsY;bD5ITsI zNbkMZ&;ukPPk!&r`{{qroXLmGWF~W6=j^lB+H3E{9emWcQHyRZzdYNNb9cXK@}re` z{kp|Q{9=Ov>9DrCa2g|p6jzGUf@p=g;{^Kb6#bN(~o6|`X8s``WEpvuZtghhE^Mv!2gd0eT)F;@+x0kH! zN4^O;SDz%=oMAhO3L}AnF!hy9B9YbHizP_IcZw8FePe5Yyk?5em z?*~1Q2MT>-=E918tE_`3M-vPDV)R*n@ zjM+^n1_SqRb~EYw#2xD-5Pg%;`uc=$6|&)5`n)i)^$5j2E_aysdzE>S7q^E9ELH0* zl4#u^W%n@|;xpkr`@az9OVwKyEjwR+Sp1j$*6qmd!qUnFU+;;_V6s0D^pF$RtbU!Q zS)CPrL8EVvtm60i5ZG5Iz0m90eLZ^U8In1RJ@9x)@$)KiCLu+ZV&K`&ShJ;Dy*3J~ z4+n*>M});uSLZg2+cI>_9?2_CtrrgaC^>Y%2wkQJa@Uxdk;VOJrQIda-s8sQpCS>q z%T>kt^D!}>Dlp^iB82~SZZC8!u;0+E5=cmcx>jDgKh_TH=@hoTK7j_6Hy;0%%}lfU z#){yvBdy4bD?xcZ*qv(UM2bMZ%m_zn-l*d4dn8MWk2ztK3c5iWYO5dF3D zUV?uxE$ASZlRh2TFKM?GhzF)=vBmH7JNvxc8i;1vzUyofy4Z{kLOUqn?Fioe1!)#D za_3cvPLH&RH~K~Aps`KPxZIX9&2a=T_urwmy2K`eeAf4i%Htah2cGplFx;07S2=|% zKAOg_)04*8uBR8#8Y2m4Y-bwymxobS;WXtW)5Z5<=V){Fi!C}W^adjjj-9Z|xerzo zdUa8#0kw@iDsS9&J*lHv91Fzx2dnDzMJO%CtrpGp+~Ff^Dh9cpe2}9*G?UXkCB1ed zY%*VjS9bOW0*8)HrHV(XR0&%USjO^ch?>n_2Smxr4) z8HuykW=BWDPlFG0QId;(F>-u94Q9vs{wABQqMNR;+W51Qz-)?CX^nJ~{HfX;>2vnQ z!|08ww8bDpxo3%Pt9l&4>nO!xp_PE0PIQFysGoT~a;-wkI*H+tH|xXZJ6mi&&P^0K zp;QI;|Bt-2&0KvcMrYmxZx_SJhV=T0$6d}f&fXkbA3bmm?sG8+_-%zL`45g6$dw)B zZ8%@BSQgbW#oqV%TPOBR7?JOLoQX>Bw^772W!@%i?S5!N74hccTje@oOjn2f7MA|$ zpM0=KjE-Y&vPjBne%zW^y^Y)+t}OO`)87V>BO8RbUuTi1`zW|uh_z+m*?$=5lV?Fw zdfPYEs7%9_oi~Fh{2WT0ow(BiuGlaQz2b_;oQflX*!tiAkEOPd1yP2Ej~l5Kf$vX3 z8JoX09{k>&SzSD0T^w%SQWLg62qs|bu_F|9m#NUp)D4Z`Q;pH`4RRe{m6MS)XVfrS+wKAQG(A?VZT1DOic5p{GbCAJF_907~QMxvlHKfi-2B4Yz(@j%%aA zwG}^mhmSFA&hsOlAvynSr&a>CHTZNY5kHkEu6U-WIG*jZa7=T{r4@g^k=1&cCD^-w zKk$)+;>V%#{?z-~Jcojb-SuLJE)DXVl8cM3$vu}w|4zh={)w607b&ecKHzA(6OO|D zJwu%0KVi%laYd4_j_f6!GrTx#Cn=UD%@N1vif6f?wekrvSCAHz7u=b47q<%o7z(-szu260WYPKR5U$ z>ln^0US@38K5ugEwNUUnc{=|eG{|kyOePa**$mm3W%KFdQx2n8x_CErFoA!f=0h;Y zUs2B)t>}>X)Q{SQOa%M&7iG@gRXm$J^Sa19fzO|Mv@Tx!pR)y~3}5TUgdnph=|Z z4-jfjlW$4Tsrq@O_YdmTIo_hzyqh^o3;>5iaxB~3gd;_#z?79Bp{CNy1!5-ZH#3S@ z_z!&5d7EFh3+xx=5}!f+{BIN7r4!2kOK#!R>rBGRR=@&r^A9kP=3d6fGVpn$QWzxN zt5%|Ef=U}tP>WVNW_uIcNZ4d;y?E5hH|50;M8ME=E}`oesmgk`o)fX~dWPmfOv|kY zsogRQ$BY#zj59n`pkVC!@3q(R-aRhyF)PNbFt#@M4SD2_;w};iz9(OZ##8kT@f0kL zU*lsJBAFQ#j@c1kCxb%S8HeQwmnat)eloaaGMr)(x#55;d}!K6?8hLS4C-93>74Jd zOS|VA=JGf1JGnT(R(N3@)X>1At58IVx1pJv+KCsm-XsWBhYDCY$z*nEuDXn0yold0 z(B{fL{#-OgM{$|ouJ@jEkr8sn{MXLnlyFcLmZS-E@l@uMTFW+X`xLJG?| zq$u-`9W*?I4Z6UUiK9sNK!t;Aj4fMYur)KI%5fhN61#eP3|&|6*#+WCq!jkomoG|M zPAx?dd)~AJ`NKR9r=x!X3YXm*=0*=Zc!%5+7>tAZt%aS1_Hbh&j596EVUk3WQQ3L% zv^X}iV(JjWGC@QRbKwa4wFi|&jW`P%Nu6$RS-|q_qoP@fKw6Vyba0Q=c>SuK|GWNp z?U5dqB@`uF8|r+X#<6%+XVE8Td>QEyFjr6qk7%xFI@2^w+)reYoetb7ls&8&EsTeb z%%&oc>q8sVxB;PE`5THAGeKZ_uVy@__z0Usle_E(r!PnY#9+rI$(2u-0XCu!Z(G}stnr<4{h6L8V zy=6%DA8s|uTx7S%O)fhy&fVv>Ok(Aq z=y5L2xY$A{h?2I}`nzlCd|VW#7!jzmx|H(=gIewTUL!f)Lhk1!c70UzSlU9{sjsK{ zU*$Q<{$-8_FXrT#MQ{{vrF+01?#-D|y++q$#pFRe^khBDWg@@(o#CQu)LDO)Gv;W8 zcw>F{JC2JO?yR~}W<*%)xUgQI23jR$X_yVfj;RbJ^1gY1KB#evUR^XAs--6cpAX%h zE8%zOWWKr0nkuBWEumlOvnRvPaGy1zDvq9YcT1{x3&*(=XT{8H1iW7o>Vm8M3)=%j@(@=;6xxZi1Z? zK<(iqUJo(&L^x1%^6T}{i8py5&yt1jQGcUBDN~aM{{uNF%_mJyUl(t*L(ZnEAA(Tu zD24N&L=inXhD0kK^=Y3(1j5<^ZjMx=hx6*(w20^5CyISp;vnbjkuNhcJYC#1bIn;$=f^nS>RxmH@kpNHQ$ZwyCC z8bM|KB6I5uIkA_wSbDC1cMW_&iTesQo=2aWgSWjWpM9R#p!(6HINP8Q@k`$L;_~i9 z5Lb)%LjBS7UNHO1G|Zg1!PhBt*AlzPvI5ifxS2p4^bw*3V2%t4OptvI3B3@F2%dkt z;2Yy^Cug!iIGR4PYgAuE)D&-t*{FFOzy>M9eeIPeZw(Cro^2=WYQI3m4uv_~9_|FX zO}2ii(fQ$^f}cBPZHxqjFrfJwUfTb;z}A#I`1d7}oXYs%!|KH3NqrSFAEBq=dHb^- z);6=K+dsqm+V^*|sE2Gm99}6YaIP+NVxN=;D_f%&NBpshu=W7Cg|J}vq1zjsn?Z7V zr{_{Z=$^tab3d)uqC`KvGq=B%KAAll_=lV!<(?p`OJ~L~9Sj?!3|)=MbBDG<&hnFQ zkSG1m%GbD|Xn=R0_;D(ucIaGXrTn_$xw-eV8Mc{6+h3FI8Flw0US4yL2|ibir`jDL zPHWE;eIa9lF(aq%g(*zT31>!&G@0F!IcwSZ+qRLABa@ksb8V*RrT(r5!F4| z{rXj~8suPizNtP#KA=wepkcMtwcN16;zLI`Ik{bG@FjOO4PPvyumoVcz=49{u?TOj zuT?X1!lvfsS=fwV{hZbHX^~=v^Zf6Op&VHUFN@Doynw6@z&>zTDC@7V)LX*UWb42` zA~Qq$Gj=l)UKy{r!gSfnsiifsZJ5`RqU zb^}>+jm}^l2tyNupenrAt6Lc;n=FAQwCziPZr8{9!b~4X{uWc-9Tm9Gd(0Q-T6*xj z)Cw=Q+g~MYPmW7B>~LK)?->uB<0bx{AA6`MJ^zl|62;C!7_1VCTcJ3+SyU?)#J$f+ zqGkVL$DkJKh`}w^*RidX8497T_@n=op_YuG7uV3lx)2qf{3PN4GG+a6TUlYV<|cdx zOGj_hLWcc!Sq2nC7CrQw=E}3s?{sdcFoA45u=CiN>0zKVC{nuEN#0}h$cc6$O1}+I zb`fbUPv~PW-5N1Rpbc%Y{A*MuKEE8;I%=>B_!bC+hYXNpg3A?~;U#&ty$4X=e_;oFvqYHlW=Sf|A)usu<;C2~|So86@V%=Z4^S!dCdgZ%W_VHhN^>G<+l9eeng zs?eNZQmogbB*j&3d__zS2s|5H8Sfx4pd2z$LasNi)UmqJ& z0aMOiw<%<9bLbegEKjz=CD&_lc}^o{v>;$MT;j!lbsMyy1w~b(1hWknlbEn~8yCG= zoMlOL0p=^!8oY8?u0gk?AVI|&Z4{Bxry38Gk(Ucm508+ATwj^j7tyy z)s73@MGwPGex4n;1qp=?!76aCSD3mkBgoJtqSXUS3Qb(i^{t29EGNl<&ib9wJptj^ z@Au}a;Sy4d*IQg0(PzpyIO?1IDCAK*il)4sbd%ebt>w#@;*NL-s=(f8wg7dVerTr5 zyb}zSnv4lLVk7%d@_5waaBs7k_Q8%^11~fc3n?pvlY;cSJQy(-0*eC_&6^DUCoG6N zhd9_8DrZmZwl!XBVKeN2F|a4#B}tyh9LATu+_*L~e@6tj!mu z+-+W)jy@;ltLwN73pf?K+#6PhZJna%W=W8(QU`NfH)%QkXStH$wt{FjpQhSZE60qX zQfJWFmlt4zQn$-HAN*Qn2RH7-K4I7JKM*CW9RG)UmGh6ElCQ&nOXCZ?QELh=6DXdSB z?YldJ#2stN@{Cw;((+t2)WPun0_qU+-HEb6hl&;kM!p|VV(o|uQXo>Pd}S{VDJj+G z;{nT{n@@-obIo@)m9YY?v>CGO8D7(Z{+re-7p~dLk3%=IpS+JbBlR##gr7g7;Q1(A z24Zq=O%FfRq|)8zICa1C{Gc{c_{&j5wF4{jWDWQ>z24H_@U31(K6?ZfQhG}{NBH%a zH=KTT*f)kh`HFTpc#NaV^^OT(RH?19_5m12lA#`@@-(}Dt^ciIK3q5sWB)KVy+nuR zg-5i6VFL+BFDd@=y_?zB5nTw2rdqR6o=(pBVf{J92i8e6Gj=7|ioEJ}c}6umR%m(d zDhTu;z`UFsf`1)wnYDDLoE`BeR>T}}&R0Vl${`Mqb-6Ff+jU!ae;f57ivWM1fz~?p zKzqSYt|c7ZqnFkH29bPA!&18Da2ViwwG?|NLme~*jei*!This-@Az?_{AZ2mPPJNv z!|A9rpiC@Py!6fVo<3J|D93pjJ8i`9Oz>wiud$a&WR}XItWLt8k6!>2+Lf-C>du_F z8l42XhdS#=(|Xn7Ci<|qg~=@Vg-Q=d2%xBimGU{a1kH#=Y|Sl z*p-HWg2(R9*hjCad{`humIFt75tYD=Twzn-F)7&ZK>}S+CnRQu)dPy{_)I$~d<8uo zNF+x%)g+pNGmEj)?M^54_|4SCTohKy5MI8=lpE4Q8U$StV*#^q9v8a+vX_m~$fyei zUxpI3l*vZ!)-J}Y(N+mj%h1K16Vm(rk@%j1*D(#n_ZFF(nBx4f3~7o1kV{4^wf z(?TTBpxuV{vt^{$iu}mtF4kImk#|S>FmaIG6jLwgZ$!<|b3qw*^y%SH=Nnb)yugb_ zjL$FF%mx-a5H_)|fC6!yXKYQGT+0L#4JKA0Za?a({?D*N#&fvZ+(jV0cmBN9yXn44 zcZ^_WfnxEjYFErSVWhvT&$ekkr3<~xJ1}_Q(*-Y-G7eR|GyOtxk>y$b*7+bLzrk_( ziJ1EZna5ECV}^x1>M1WvK(=625Y`DlxTX7jo=>G-bf}?fmDWP@#s2KTL$Upa2ZW{D z)HNRFK7+M)&nzSBcuA=eDzvbcgT*=%l8)M~u=(_(I{U0TC+%+5EbQRJea=uYn6JYV z_wF{xfj*w(UW8H~;Zpc>sz=WHmm7Ip2@l13?*8D(#$fd@gKpxVXie6_NO2bT zKcJ0H8pWE9K6%WXUY2$$|C>Dt5@LU-_^;4DU+X`2!$W=ggde;GXf5!xdR|;^u8_%s z<|!AxqFV{D*}w^7n`!Yomv_nUgLt~+@K}uS@cMDTaDC|y1HqTF=fPCfcX~&wTo>eJk9x5uiYhQElZh`qdE#N@=ON#A*S)iy)HsRAI3m0OTmxs7z|rQEl*4!w|<>zk-ZrSpXV zv>=GGTL!oe>`-6C5j}#i6Ag*NSp)@K(FJ1$Jn%eNe#Y4HHu7_e2}J9HmM%0x88PrQ zjcp>2gohppieI7E*t6A>h$_(QW`!+WzZfh@aRw&G0iy3f^Hu`Jw$(ttXwd)K%se$c z!nWilqc4;cmq5Q#)CW4V(K-pyoT3}Gy)`i!(xG3EhU#ITJbT^@*ab-PS1lYHg`8~N zgPZB5-t%*vTZ$u7+hiY`Q@?Ic>(p$8*L=A;9X}xtCabZa3jq%$-^*c6GU|n<(WQ7@0RR9BG?2dWV(p zZSS?CJ^h4i*VG`?vel+mnZ{;lf5l~(bYWWsv+Iri3RogJj6=zu)9OXO`$B=;V_Ja& zR!F?+&LKx9{$8g?UX)yGfVUGD#)SI>cQKuU6z^fmtHCZ}=gl@D8hgAetoaXzk-jw2 z&%h03M%B7`L4%c{)-}tQpI*AI>PizVZTKNEYwuT|uWgjYb z?V;J@w-AWNWRg2m=$!r+VxYASod-|03jB^6SMfCkePcs2Uj&90cUc-_dVKW!qpRIr z!^kqG4Hg`VCA{J^hT`C4XgvIJ%;~VMw%UPiU}xarLn|vK8F%klnQi=P(Lc-2{_yR5?Rsg3Xvm7u{cy zvi{!_F8DaT;kkIm7L|ndRbP5U6}yC?^f4g#$LoFTW-3IG<#+ya?7LFs=eCP7eFUwS zIP2OBgZswAE}IJEYn&lnmA5V%RLbpsa*9}WkuiJG@WDWps`u5%mI2RbLRH3Eu6BM- z6g~UI^Mxjl2b>4WBQJacu?lx;+OKmngcx+OJh|&WTtZFGtf=okP{=~?yQ$t^i)#Jl(6v?6dVcYF_ zJK8z{!*a)KBBY*?fsA%Vu^0_zioXcEOSN}CZU}YSjQ%_5&EL)L+GYkQ2LI+sSSF^8 ziHR3&w`q)k*3BvsJUY3KjU}4E$Iirpg74U1QLg_F$k?-b!bC$naXjioSGh9T-)oM9SmV19eYGfnSVPyS7_mKER7y%7200-rnIyVI0Wjd8NN;{eb0 zh{^ZS?__M4j9xnISv8q`8Vq=J`pFY%ug7)#9cE0qxNqN+%MG7!4~H|4b4>Z}$H)&_ zr??xm+D_D|2nQu|B#Ly+OhzRT)NHK}UB|IU}Da|RxQA-1}$Kcrt7aa)rp ze=T%>1NtP(MnX*&3oZaL(RRV@2~ywU8<(dh+=qO`0f?QMfW5{r={)PB%d6j-auF~+ z?t)b*-m<+*Qizs8R6j4C$X^yymPmmXLKhklInmF+MKZ}rTLrJZ#Q#& ziL<5gtL*H#%VAsvyWL<^@2-Q5 z+>|@8h7&cB;$)Gp)p&bwY3#`F^aTO)Wruc=IKWLl7lPl)%kyTe$C3tZJ)*h#vZ>id z?%z*qobT0N@mrl2fEIaP1ZbhXrMI1qD#ttxA zHRk2_He&nR z{%)3T@N9oGr?BGLIlN*c682$C^hjGe0Kv1tb-CO=3|61BC{Hf*qEl2{k$<6xwTy2S z)Wn@(6+nDHyr>07TX_D_KF5z{7{8~vNB?3BfwoqH3i{SrU~{qCH+~gtF}Xncy`+OW=|UIF^WEy;^J{s)nOym ziP9RHX^4KKO&*8H-CspenIk;wK_ce}MnFL*S}See@^`>=LEu)lgi|K{A*h4B4rmVC4o$v#2o{A*$u5V}QIbSa zG53H?IaJuYyfu|ew-I5kDm9o9E#YY%h*haxQNn!WgBOGGkBhxDZ&H~yJ~8tB1}k|E zrvpiJ9Vxj+)&58qegk!)q1CfDeRX-%%bpd*4x5sgckdT8@bsPcnw);x#q~MDlNY1&2{r6KRc}Pw=b75}-W+5O-U9TqLxTqvB z{iCwxk6{q#Z8*oP{T^nQ8g?lF_v`MgnJ@jc4(Vbx3H0y5f58c?g}u>Em5mp~HfuX7 zC*kJ9(8le;tjD~N&k%cON&BKJ=Q3_&diX0~r0_kEnLFpvH?~mfe6k3^PoA)owB9b) zy1XqKB&7MWYYe)8;Djbg{?L1@uZ~FoKhh?#t$o5-9a($({Igv%my*lrJB40iL^&1 z^}WExkp=Qoh6eBdNZm^tm@(8MWA$dRjGy`J*NwtVuKDZhvUHWpbC2Y>05lpWx3>cr zu^hjxlM9EuM;|3kO_v#80v;(pzBpbtFP$1=#472#m5^z37ID<=$bpuP^GeZv*?O1Hex8N&>Z8N zTmZJ`p3D3`@pjg0cWwn)8Psy-Z0^CpLK8LuV7uRw@mCJh#(Baj`K!#}$3MQZ4mW%d zj>Z?!yp9xrkqw9DiCchy47F(c#s!#rF6p&g#=)vP8Qrvv%*K};Qe~Ok{&FYJa-Vty zTju10Lci@`H-xX!QlV&T1_y7k73S)!TI5}EZ`tgepmtmE z)4{!c>JLgsD%$CW%7!}vzO4AgOs0bQy((V7@10%iY#G&rp~5(Y_pQ3id|ldW!>$i( zs2f(QdBe*q+1KS?-kF?=B8UQWhcnFR9uTNBY7&Fy1bm*2Sp=av#Y^&hYASkdM&I`l zMrB7mJ_g)Gy$V9~1lnJGyKx|B)_EYk#jQxG60Si;0Oa_8gD3QAh3hGri}eg^5^WQK zd6I@d&2V94HJo0uc?|52Jua-C)!10UX}2|ugA5PQyb2k1n_;%@r{e)xtjzDwS_#?{ zeG31ZO>(`mCHa-JA+>X4=m^B-O8*Fc(t3|-H!Eh}=lMp;ud?<`tK}(NUKPCMV-5`p)y`EP+{@x&k{ei&84 zF?6uDg(8NX2Rid|j#DDc5dghLaNj#U&dhw1r1aObbF>`;?P{PT&<`vTqO&P}xG;C` z<374Sq6sYxRq=_dbDGVRJ!s$zQS5?Cu{|J3VA=;@FGN1V<3%70T}(toE8mp(C-(20 z0SRuKSm!A-|Ls{4|FuMjSmmjm48vO9?m$U6&7_O1t9BAWd3m`s9|Cq|w`w5Adkavpkmv0f8_m$$OB39qHQO|Vded_UN=z(VI#7jh3tMEIK z(H@0P6+atR%y&b!W;1BfuzJ2b5Swy}QfgF=w*tyQ>?Xca^Z!zvWu(ZhrRFBl!`4Ns zSw#dGL0;9PCYq_fRSNGtE`_d@Bf@Ob21)fD14M^vhIBDU&w#C2R zzE@An@@X&J+;r<#ES!`bYa1zj_RVE*n^u~^E+$HAO>yxbSuGEjiK0iO!_MpNXCb@YG932}U{rL8Y^T-qHkwv2U@qd<5DB(|HUw!zSKUNU6 z(pL90b1kn2RFn5fEsZMq1GGE9cf1vk|GX}fG`4}f9)R4~N+1_q>Si>*kNUAycR735 zoeleKvse+vsUM#7B%>I(oqx8T7#1{;aUklPD>_U4rsQ+p#MiU0~>}eZ6@|ev=ck>UBf%T~)J{apFm< z1K!uYnVge#z~lv>0;h^WqVx*2tN0RtIV0i_f+|FHGU@!`-6}T7Cjhxh5?QChM#ML^ zj$sBtlPUb8V1u%lmiGS&wPR(bk8h|#^VcH*fRX}I$_IeN1ZmH$S7D5KQf#hmH+2i2 z&Du2 z*|HRb7S#iOeVgZo9hUbA?oi$KZm7wid|+pOIj%_=|I zHhYGu@_tXMx%!kq>^d1SQ2L;UG@yNpl-%a#hscE}5&8-YukbHEbMaK!yhmUsF>ry9 z@ttqa_8u!q$t>-c^y%Ku5vfNAK%Or&ikKWZD*ZJxn|vGLK%=W1%=m4Wz29os1hk}L zGNn>~L`$XfJ!u&!x8CleLPL&1X_J&7MJUsf)Q`H}DeJa*0%!eI=*w)3Q6y1>k4t7$7?v z*S1`*qaI5wOM9FgrMxsDsfyMqm|9v24k3Gs`n)x>$!>It=rB%CQ~h7jLz0poZ_>|V z=kh~gxTV<`{aCuPd4YF9Z1EKAnRZv99_PrrP4$xC(;wHC>)OwXSl(gxK4sa)Xiigx zSSF2sR#IzG3maDb1(k4M!xHH7U$H$>PFY};{|#Zx4@F*QIt+FuD!k4ctT^0+bZHKR zwW+`Tm=+@jBp20w=j*qKEW|*sxbopWqM)n1R&}@%u<939w?qw*MQoldmY$u={pI>S z+&NoeRDb86LDmZQh$8g23+KtwrUzA5%x#5SCz<_MgV{ohrg{0vN=P8_I$s?6V}N9X zk9sfo*_;eYE*godZVu%LCSwnpQ1^BM+p||f4{zFKfE@LK;dS54T462H+xedyGv7ka z!WstR-@%bYt7eUtT`@+9g@HXL=W`x9VwN2wO%wD222*4y#RMXg;>5q}y+4x*xSMA_ zsW$wM?Y*y(z>Xy>3K<`M*Ed^5RShHJ|eDnRDB% ze1Jc4GRDQe%vU*(-y%J^@XP6c^S8kwg$bB^w}0m4oOOVhaTi!5KREK$@C$5nYks1a z-Yr$GDVsx*FtR9nKq7ek@zqMd4O}PCV-)y%m_A4`n6M@kKTvt(QTBEtD7qp1PYU2` z$-ldH-SahLFv4+VaC*Lo8q=r)G~EiB!KP(*xGfwz_=ef^i&V3D=ET!H5P1!iJ7TiL zK$^|zRnF^Zv9XGzzoXprkHIh6)nW3J_vk@!ub-}q?tA<=x!ukK7AX|arlM^eD}CKJ zASOCov=CdeVH4nf%Qs=!X@*KaN;6cCJBE40q38)lx(rDLi948i0=&FLLFsS)hBYqa z{(f5<^6xoX!v`rr+dWMG>)Q*2u91Mk;=k8)AC0K((vDQtR!J8T7T_0GIQrdEC2{k@ z3%Tge3(AF?{KZs7)X9$XC$cZf?~wi36i$@a`9}lO=np-4(+bNt4K>|gPbdtWMHGij zovsG6EF)r~>dLLDlf9Y9*C=k@qd!^Kc4Z}&r>Z#w4@lVq-zMGtO(ab3Chu`5gmL_T zz?pap(h_NUMrhzLhxk!P1jV4KOUwK6hLspvyKK3>CUej0r10_C4L z4P{H$Jy#2c1^fzvkOi*BORfl!vUoSm0C{inKrV1o$ya6az?t?zSgx}}}Z6!}#w zX8XuCU!|3%E2VEBNAeF1Uvd~petNy%$;NqL@gH>kB1~+wNJkQI6!9<*+yTIgY8Mv= zB@bOi^X7^GYOeQPf~#9ImEQd^!<#@h<6o<2$LPaj(!k_yPH7_rC z_?YXT7S(|(n@`5PC7Awwvi^|Ch)j2gpn{Wx-%lpU@_v~JBwDyJpYX<7e2zcr?2*!Z z9kL+npZPxS6a}}qTq~h8upb8^)lZ*LTO(N*ub^`l6vC-pn+_8L^uJ4FEJqjZD$p2>nT_|Tb?F*J*x0j0I)09oix z*mNE2cuz@i}tTxy)8 z2V?R4if?TfrOr9QJ_Gu*f4Nhk-)a)SU=DP+Qr#7!pYO9VFZ6W-9+~n9LERw z(%lHdL$jun8gB`eQo6CHLUC&5V$W)`|2~l>E$Q)`bwjLNyHPo4)NFtHz4x{eT>C_! zU#+$n`0V>t<4K*p(IDkPbu2!luNr}pKoFP$*u8@+u0F6u#0UYL|1ToXK;^4S=hcUk z&=s`*@nvOD`&)^Lm_K1U)NCwLV}k^o4S90jF8om>{MD9*U^og-Tg;#OO1D?0-p6GW z^FzR^9ujREqs)gG7S_z)qCTXNz8f4g)$67~&a$468oM7OE0IXkbO9*m{r_hHxLuXD z!DDtl{)r*Tmef8x$E%$5taVHL29w14Qej~s(#Rlr;Nyv8%BRaW!#p2<;Y!lF)qKn2 zS(>#C)aIVJ!MIHdziWBV!H@2$HROH7{|;v{P+$%>RO zCsFa**JJ#RVXCjW-}@tG{@1Dqk0EL95!T&9B1Zl`9e{4x7Xm;1aiKG-mkJ2D`w)`2 z&Gg#1vu#hGykf4}21PWmM9C9P1g0z}Q1sLaMCe{8w1t{$^l+-ts#%s%I_-aS*O{r$ zRg2;_qhL(XtB3~r?H;>fGL98`$~+{@d zOOL0QwX|@R^EuHkGJfMSK(9fg4~6%msetkQ^dPHs_=n<&0Ky0EnNG0JZ=fvn)7H!K zboE{e0iDIBDyNRg1L1zg86!?gt9$SV{b96MAa6`3a9}C*_m7VI-+Mv*IF`ZCX>zI=Hf#B{i!Ff zHb_T;MNE-}QtL-i;E98?EguQ{Em^f~s5tohEPKiK`2g%S1||&B50iS5WpHX6L(}N` zzOUE|(A*el0|XP6@nk5KQrUsIt>(k_Ks=Pd4SFLA9sM8 zDPPEcL*pbWP)KR4YgT7rIkvKy=Ebn}W$tdN28T%XLT(s$R#W-B>1aX}D<9Km1 zdTi_FNL&>+7EJYvdHU7l2vRlbGg#?Dh3vsQfQSlZ`rqH)yC0kn808|*S>eE!}12zg-~lgssa@k$|gKzS<<7 z$F@Sv$f-lbabeve4Eqqmfg=)E&JpfgMa0@x;6aKjva$({oXrltzMRQ^HBn|d$#Lfi zNeaAyOc|Uf+wlss9K}AfUvAzs^CU-+c$?Qc(CpljOiG|@_MHNQ? zB+hrn`(yZ)gU`kd(_9fUUO(vlR;ENHjg<4r2(d!H{}iT8ywvoIe>zpknIP3MRzgR2 z!!E$6and4Sny1o_DEv@qv=7cNI~XlWd@)Sf&bJ}6^znAh^cT(9AR_zUz3ZB7|DQx; z^D5QQLX=3H4e$7pyYWE^k>98%Z$jey6@n0s=-sO?!cga2{~bP$(HF#u-Yxbvz&NeL z+z7ZopJLFG^PpxFQgiGQEkhPSRQacTsn6YhY-br1_UP-kG`0~8-!4A5 zi>7V<$!hG&K%&uiyr$?(+Iy*xRqy#B^~UzJ6(22`m+?uFe>9f%XXs- ziy=&usLL&b$T()3!YMfp!r!Dpz4vDe%P;?9f?!JlqXP;~JL&!jH>hCnx$vVm>A!{= zF+7@2CG(98vba^0SV%YirZ%1ko3qmWix|AK-18G`(BXA?7$vsi4Ey}gS2e_`d3%l` z>b}}Ig-rMXD|04eY~Jun_ML)Y^)-3Ol6$vugAhT?-X!o(i^&ROh-e5=93%c~TVpv4 z>-}d+x^Pk@cJ@Pegu~yNlW%2w?j-%dizGgtIh8({yFXUh3_F%?%pL9z5Ksw> zEG_|DgH(!{UO(cz#d@%5E#qRSaw@Jgo0d2A0HXD z)up)|YrV^l;B0$5z+r3lXgd*fcbBKtcb^Zf7h&tG(_+8Hg)Qy8a?_y<#Q0!4Hf70Z z!oYjW)6|8V`-@|9xMLJ~6by0NixpIe68uzL!v4b8@jD-9jtk*ap4wNP2bH#@C(AN~ zv+suloUDJ^*5tdwNs^(ne)sFMhY{;R934$)o5zy9e{kb#^0dPQSM+%5pCMJ@8TsW) zBTuQLyr-KS3Yu*_RGmeCq-||sne`)PLHYvNRRHEPN=TC?7$d7Ucn>HReC)9&FaNgK zH&vLj>tqeb8!Y16LwMqn+PE2ael8Y{U}M(FX{E|>?EcZ$)s;?$79)IixQAKINDQ>0 z{_H?C47Cxmu%7V61P5Bq{jY47_|4Q0GDrURPrL7oe-9$$R=ff|qWr~1JMbt*nT$+# zb?w=w=M9P2K*zuL`wgW+5YH)J=>uzeIDh*jvH+`8dlPzeisD7Ts|R*Hk*F|Xt!oxE zNc8;Y8;_{!Xchu8@LpHVs2k%B>)+q4Smo+i*=~CJHoRNVJF;#enobqs*uvtw<_CG3 zS|;62W4Qd{QmM4b$#cz@E8=AP~i-Z))b{|XZC%YL)6Df zCdwVdS@V3*3w7bP=>M8Ds%?7n#s?9Ki)Oyd5qIrsEQzLT#@UE6&Eul?{a@|^=`0z| zTtoaeGHh0WY*h@|>|{j0*tbg*q9sh>Ur`F!QsZCmqF)?QeOo3bRnEO3sP#0cvmVTv zInMud%W_m^)&Ju^;H_r^w?6>0O@?|s3R85Nsj1rS z)+aX4Dh`CvC_JzU^SDzbFp}QM(H1UMV>ep3k)kCOeex^bbecU7SPK28N^;{{n<~4u z3^kZ0#?9p0mwY@-8?$xGqtGaMcIHfq4&u$T@_p{To)-Bmg!zA=blVq zj4Nk>roT-mn<87B>1%t@*Z^vs8(JCFem_HHh`gkQ1K; zy6DwilWOAwE-T{rk_Wk_4Hj+Ae;TCEjjRQ$S^Irgaj z6NLej=R1S`YI#=KHu=HlRFm`M?t~S&P=N*ZmqA;mjgeMXuS5vDpzaa?2h2TUEleTD z?!Z^xTaaV?Tuq0N?%HyFmc&2~MvRzgNG-53>sLp8+yriPi>*;a-;jJAt`Xt5GzZN~ z*bdreryv@lzlO*@kQ1I%+@pO)i1`zPj8CoEY^VqdbJaAya?03K{YU?Ffd+i8a#~w; zEZ2!`WWPz{VHpo#h>E`NB~MycW;6O=7y17<`}TOI`~LsVlnO~IiFDvXgb*?*QYmsi zTjel0#zJPZO662ka+uTP%!afaMz#(PIWA$tj8e92Y&p!>jNhm0{@vg2{r%n7@4D;z zc=+S<*k*gb-=Ej(`Fg&NpS0aP-hKaZk`0`F=kkRyTtmVOxn7j}8LGMBcr)W+-m_Pg z!JyzXBTTSNgU9O-EpAaTk4=CUo}O2g%7i5aZvfwm}l(}Wj?XFd3LU+W#geac<`kk({7 z&e+%gW#mibL+Eo-(CcLU1J>fv_yAe6!Z^b#NXc#d2T0l1>c&S*OsB7lU0YpBl#f|_ zfVYX?*~@5^G(K#q-!dGO4&kPRR`7X?SEt{P5touYEXt2B?*nP~HcMe2OGqwRo}4j_@kIatge%&qC>&NBf*AT&6mGrVh#-zjtGstnP6M z_N44&uep4nz(k?sn#rOFYKv;j@Li_Fftg2oqsQbDM;AFwJdaM%-dzW7try>&KX+#j zHfH(sm*=tjUs6x(y78v^E#$-F1GW3#>FWjR=F0-?)#tnTRplP>DH3u8cl~4DowwDV zN3TRq*HBtfZ$udLeOAUT#X5!lKr>nHTH81=^M|{yvU(%l++G|0sPxUPygMaR6M5+1D=~BH2**TE)zQLTqbhDw zfY8#_0#`*ut*Yhy+dJn{_2z7=@5{*(9=>+8Iqbhd4UQN6BGnu(VRWEdjgVm~RFD)Y z_W$m<_q|N2iD%c%=A9Dar@F$k&0QR?$d2wljYQACyD>t`)XxgRwz>Rq|n--~% zVB&R{lG$J3=dv^Y&InBOo5Ie!CTas#ii?9h2|hsO|21TUu`Uie0dn=Kb*uVOrWy9@SaDMx1rl#alFSb>>h_~EN^ z%&hl^hl}=ZkP%vr{4py3Zd0~+w#9C~Y_H3eyz3PJm?9>{`l|zk{2O7>Wt!qk* zvjTgb?yR@^pgkom3E|Vv!cAorYZ_QQp_un-Ogk{C<)EmR@Ov>kRtE7o0sVc-{sD)2?Vs34KiD}co_e0rQ&UN>jT85BGTs<4U8(P%V_r z8Hx$}N2P4`h;EabfnVRs89TZj1io_dWI5?y2@ zvRkaTfEwVqd@-!8Z9#m8q)Z#^%iEUxkTE6SF=7>oNj~vRv!^PW4Du$OeI9KxmuHC< zu_j&hKktfo#XIxtMYZ!^!OWq{iyL$;ms+r|p?S`$ll2e9eY{&bd@jcx)MBI0w<(uB z>ywKJxBjd|1n*q?e8D;}hV8#+=Vohae%jSPGCAo1IfgX>(vus(V@ISnM$NK1VaWG| z=yBUL-KLuun0=SGKvzpVr(Z?g$?fo1`u4?JwM(ZI)jple!-`%mb#f@ww;J9sTo)Xy zaN*wK6wueCQ<4*&DgAx=Wv9As_Z)KoQ}JzH>IXu6adgt*`zu~dzTB^EwxY%9}kTj{g z+mjQKgpk~dPShX_0y?e~a`kz!Qfqb7k9T5ppwjB%?k(#sq+dPl*}I)Q12DH%f#Sf7 zA?LNH>w!;EKq{wVP49H#_w=|2rM;>&-FXwQR$$GvEfTcapjrQTv&3D_Yx7*Is1mqw z7n8!XI)$?i)e1JTo``m}@3(A2-bBVMAr8c~z!Yrk`uh9h_ALQzS*}ltqqdneXH?#> zZ|h;a3~d>tZYA8b@{Y@x`{W&UZkW*!BAG%J0UuJdp>-?mN|g4qE8EE%I9?qjPpf1V z#$BR|tmcKsVf-8`ykcYOPfw>APw&j+?*i>+RrXOg7FUxsw-og&KX9swQJ9_e@4(+} zFVH=9T6$OlU;h1R_3QWarM~@!hp=CiVa4gehn#-F>U+SrgV99mHFc?yl~qd;9g=G=dJjju|Fv)F||zJuTP=h0G5YykjC3 zuU;tVI>}ZF{SR@!UTRDI78A8xJ!cS`uTW?sRQ|vwsC(T8# zI?Js$vzwNs9MkZ4ZSFQTj$SP#rFl_wDwVN%-%)qxTL>n%S;aU@^RBPSsa66hh|KB^ zaqF2KoL5g(jVw(sGPND=Atb!;jP;Xb!w*Yy+j!r$wbcSoCEF9doAU)~fZ88*1Y~$~ zYuxin(90scjcGk0m2U9P>4Z<0tQS(vRo2e^a#-AjMW%FArtKj_;iaSTlVV8UxqX{1otNY1}+qEK1JcW(iu(nrQ;Gi=b z?#BhzBSku(hrUC%n%0~XpRU{{`AoH)A+57dFefv;i|?_{_@VafC-q_z>*Ln_?jg-d z&+ifjSbD7+hkhJA-uP0GM4z0CsQKfK@WT_B8XqO@rf?%{+eKicDrAaQYWnRw_dVo- z=*bMJO-Fv9<_sj=8?SN3Rkxv^*H)8=2WCOv zt4xy3I{`-1CHSE)cd6uvPS}TgHfUOXn|kW^GPc2&IHBzX>NfPd%N(r5c#EkKn`pi= z(*7B~X(-u@qj6#(wrBgUOJ^=GogFhWd*h)4+K?-94z*48hKpfT&haYn$o`0D+pye1 zqguV>Tq?dfq&|A&$iMYl0*;%q>^iY>>D7-$RPEE*_4K7DK1(%q8L6xLeSh}3fBmDF z;(LY73{7aaA7&ick)izIooSQ_!Q0sp6VC2&Rc}UJk@9xadw2D^?Y;Dgr9qDsjlFkU zT$6o+$~#x<-tAw8SE3r~e-LrX7D?Hv&~+=TdmsijA5TQPKSNO3#>j}ei?!2rctJfi zf9ic3;<|A~AL1wtR&l0`>Prc%8?Bf_j0j&$Z-07?cVthao9yUTyMRqscjwE|JLp{~ zPcu({GPe4fp5D`ImGmwzH`5r?@<|}{G$b0sWl`!Rx1>C}|BM6_WYkTT$?65|OLofu z3RQGXH#Hjo@hb?!ys+KwfzCm$_J+)Jl5$1jt@FuvpYBZEOs|jdI2X|)ai12Mn5wh8 zVm3WWy)IYj8s~T5-u)N7#Gu}!uv*^(;PJ@QWfvK0;zEUsZ_|^-(yDNhHhV9qj3&)` zEAPL%&~B^(Mc`6agHVHlfgM1pZQ>CRlU#5gs$SuGspKKiUUXP9j=df@@`Nj?Vg-K3lEl% z+&mdA(`nTII{KBMwP{Qtzh&;gIf>FaMeZDswu-_bzGjBpDX(QTG;_7j?7mu2vDZQT zTTCgsff#FRw3x>xZ#UjlBe!airz0kY5ptrAqotH+<$?W{aLtvO6J0GkEn-|ReN$oI3^a3Rq4Fj9ZxNz zD(*-a(RjDy{4JhMdPq4PRFtvG#hqqX?0q^4D|%gJm%<}mdG7wqQ>9z~jX-n5LP`WYo1P9|!c^y&ofdr;Qi6PDPNgDg-2*Nw6J~b zC!Vf?wU?*HPn{`3F|gXO%$cVlpXxdV3p$9ZhEG-M1EBmJn}#&{iZ|JdkRJ)*SbbM5 z7yg6(o-+@&>68r%quJ3;V2V=8G!&SlqsJ3KIx0J1;HwA~`H;tDKm+u%l}Q6^M>2QolG1aKZxH(>UmUJu*J9s_T&*62(%f4MVC5&3+w1kHuzYy0y0f~DL*48Si z3U%c=D=2};$`>$hpN-I~Y_tD1DkXY&|0_=IWNq3H$GJKhVzIDMzTcdY;MV$1)-1f_ z;N}4Rbv0(!lO3IRZ-C#w0+drcG~f2H!Nc_Qy(Q~41q8D(lTK_D`I zy#8>vhw)nLH8h=Va>j39ZIzEYR4s*WhIe&uNk2O#4*QdRFYC7Ylbh@Qm+b64A)e*Ht=aYE86nk6G=xST^RSS9eao>Fj## z@}WxlihGg{Vmoo<<{w|2z59Ut(wmvq^9GDk zT`0Zl6s5Q*?pEpg2k}}5hSkI{Bi@w7<1FF|h>-K>5f_YrbiHc{FLm1@?H|ziXtExm z=HJ~B_QB@j!8;>6u9&ur%uam&d7E#ay1zxb>xUXrl)5hV?H@nS=iZw_ebw%+7XKX% ziN|AscH~|=(_1I^Zr&iV=-Z))yDgapJd?aDTZ8m)}%$+u5ZIn zIwH?jOn1#^ZtH&MR}<*$^2CcmAKHfPYqUbYDNTrb73X{R>NZ*Wv0zUC#?i zcPO8(|4|+7ZW~FWUC?pp@9EoB^@w@Fc*lnfK>YUKkm-I=-xvJg8o} zH}SHQi^;XYbq0DJK^LyXNydCK_FPHSX!vkaZ+_`R8LAi3ocO-GKICiH?MBYKpb>>5 zaK9g)7YRWR)8g)110Nn4!d;t8tkJk&dT(m*kFbt_I;%ll@(B+zoBAe-qqClkr&jgw zqf-xx>-cZlR^2PE2lQJ4wRpAt(12ycgP|WoGU3^Q;@=&ZGx^&;zVuj7M4rt_i3ZSM zi*y|U+H>%~nCAz@J3kA+&Zw(pfwjCthW7c1NqrxxseYSy_AerE|Ee1kk4`DYmu85$ z+T+WuHJ_*9GnBGC*#pM~Y7&|=Bco00&F;k=8N@J9^e^W7<99lT{E&+2k`oHr#D}C+ z6}xYy6koE4+m^23>Jvn)KyJS336~hU{Wv7g^ww4_(|cWM+!NDwP;}f5M>VUR)Q(0t`%UT7}oo4%0vFZAC4% z`5AUC=-|*Vn_jUzS7*)h<{bl+igvF>Qc*q2|~55lM3xuGqiJJS|V$L1PY zm`cqvm>;Ww>i+K`o^5>f%>oi=^|i@yvl?8__dOXNd!{dC>1dxbd!(;$FelbnIaJE2HJR}h(LwdjtL(N~{|UB8mLG(BE-E7o{qRxIleApv z2u^_CeABTT59JvZy28<%tJKGpOJrbn{Z97~=6Fr<*!Mj?1N=+$$K;xBAdIsmTLY}3 zYFBzA7VG`=wQi@st@WPTis|+X#7k|VtT5R?V5n1c6WhN`SQK@7^#x+OWZFa!lojN^ z8L5M$(qgR|1SW`^l^+h@3m$rr7qZ--ET~K-RtSPn0n}h9&wh8Dr#WH}G(3{dzn;VP zpCtRsU7($93~J;C<#4{TV*_nVm9P9KgY~b*>(sg>lh4`Di5Ua3@S_)_u@!0#AvZ8C z^jRTPbtOT?;UVmG36QJWGy;vd8>MpK%3bKwoV;orFoEdV(C5n*`P$L*lS-TOdk)3g z=3k#cBxn8{jK)n};P{p2L|*VUHLaVYr((J?9Y?iT=14Eh&p~Q_qaXFIkBLXS`s`Or zD0OO@)ulglm(BP(Oo7H;YM4&g*}M8B#RYOG{G!46G}%AwUcEbw$jiT3XF>%$&u7Po zmskOwz4CHatYu*yh$)M|cPi;WLDRp&)IYAB58iN#ZE%*wNQf99>Ne?v!`m$7fM?;J zIn#Hl1a})?eKs76kBeR(>fgW6>4r4KTv*bZDSVuC|NWvb%9FN4c@Ii zs@Ax$3kQHuckzzgSe}>TTE3lkN2GPz1(5Fl~}cwp=mP#TOg9knPwIV7}T#_6*x0KpPc+43+IV^ZZkOlY#FmBjKc8t( zmQ|$$0y7f~s`>6Cs&^1rUxQf$*CW&g>Ig!5)A*pZ zd~LEWujv1SfIENtG*={c^J(j}mt(J)IILjR>QwO)amB^Z0wzA^(3P8Un57Wh2B zCnf~Fv)AXP&bvB9>~>%-q_Fg$w&fBQ+Hm-jewE;6_UqQnZf!>WrFbfrm8oLB-%llC zXdnRRPM16(X%@2lP@2wdPwc*%D!YU6V__l4p>LnY^?byE0!CUy<4zTu((fM6Bt90m!9X} zF8a%%jsH!d{-@M^6JKj;|C;}3toxn4>>R{e-=qC)g&(Su7yRt2vyHfTucGPwbJtG- z)5xjMf!XH8X`&)eRP<4|k8!_iii@s;bZ1}p=@5G`lcnqL)0P|=utan!=*&Z5ttc7W zHkBnw{E@47)CmZbp}m2!1#cC*svwnGUlng1+mJSTSwjgeX}$+@=+k%yfX(HQtuGMW z9lD{{p2thkVoEMQIo)!P^_KR>@PpExntwxL?sHIpd?4FG_{x%3bCU%~Sx|v{9Sv63 z!wccPul>Vr=ZoY2O-BEQO#I)s?kp=F3*v`DDQ(a>e`|f0OEnjyyWT6+Y3X3>x_YHQxBkq3;QRm2O<20H=9-!5A+_T%=Oia{fi=I~lm&4J zzP#CNRIRG{v`c?QK&5eE+0b*Ji5-DhK%~L+vsT43mCbGQKs!}@c+F<` zi~$jEmFLe{iK)f2BzEtO-&Ca!2iBS%32-Ks{_9fSaO zC9^@|`48hZpu>S}LsF;-1v$qsrMr)sA1^wmiMHHAIlZoZbN#R?Z9D7vwDS8d?s>Wl z8O=5Od21JK-rTsvZR7K`1|HTW#DG>x~I*byW~Qhcc(oJ6J$_2ltAWo>d#F zerFDDU;emjKx5#+aq;jV`A_{mw?u8r>nav zhcjkwl^N8Qx(=Pn9;}JHv}LF5+iQlKAK$i8kUNm?*SoCQAzUFV+x3ebME&^Kr0{ep zRUmdxtl5x=SQs58v|a)SMQ7IyU(BfMxCnkp=(k|LaJTO(v)0K9+B^60 zr*`K(+hCVY_aohXU`NcW4Rv+=e%dViRq5$>H{o+j_Znqh2Kl2%Ec)=jqr%_4qTsoX z=F+cq>#YNprkvkm?*sTdJ}U{^=*iNo?hdZ(`i&1I4!v_3sJd2*u^vjxk+rW2TLv)W zvc!hGM_XXh&EvLeT5>c;1HvE0M+NlLyHwV}cRtC_%~K|LBR3@k=jY+Wrd{4CeLtbQ zG0aEqcbF<*Tg=x1X7N?NnY4OZo98!8K#rR?-@9IrS2hctu{4tnY8*?`5Hz$Zv+e|& zxE$CbEgk;&ij~#ro$}nHEE~#$9U8n7Bf8km!1vJ^72Eu;{C(8te^QqJ!l#|b?%aH3 zUEcoblTkoL->1ON^l4@P7^}BKx*K1Om)m^t%dnrC|mUD_)^ilvV5_#GwsqBjlQt=)~Hih?-o^60QVE~ zEL9Ki*gY$^KmGc982gW{o^qD({h0UGC=uv(J^=kv!N-B|_CD#dGsH@{_Qe0ax^CT32Ja z@m@pnj$(lc)g>K!le!!@#dn0xE_Di;rOW(3#fHW=hsv@lY zLR~kI26wy>X8_bYI3TS=U3eguv^-2GlaLgl^jE8hhfg zwFR}fzZ{SHcizLD*;5J^jlargRgpq?F|{-UBsPHKS?Q&LB;2IXlON5D7$BGP5L}8b z%^bC@Z|0?@L%-(BnuXH2`}~QN%bGWz==;9e{Ncd~D=V)fo_LvDs&P)uYR?@9(nn?@k0Eo`tw0 z1Kz(iXdqlj8x{vO zaa#Cnwo1VA2B^SKgWRbI=jOo zrB%jFOAg-aOFWbVsu%q98p+U4uJ(>wWu=w&v)DuaIGpIi)O%HnVscwXU&X3ZdE~9yuUW z(;%l?Nwr1L3}}`E#-$q1dS3)yGy6s?qbHn{kOLBdewsz z3dZW?{Ziy*6c$}u)JJkpUg!&1wxQM}rxDO>43TYq)b^3=@g%BJUt~<{fI$SjqSM(q z?Q~0k{DxEbd_AP`0DQ}^+(B8yNLW2}WzaXVVH5ZL?shVZKM8k94>F!c`&m-Np-Xe$ zmn-G#{uj&5my9bX&Im_@d4T{a17C7#;>02r8#IX91y|_{b9L|ed86D*bQ$0oj%9eN z3nR^-&Nbc7un)wpFC$Oz=>y>h#H20O?@;QJ>EHOML`gRlX%NknJx;7$^3JH@PY%Z{ zzuH#BsS0f8-{dAlq>eNL|AhV9dzbk zAyt`M1R8!IRIo)7x6X#K;Hxhp?=I&rHb9rC?2MnmxH;d++KqwcTrsBWi?I7g?3&MC za9pJ4?lWq)ZvBXVb+av`E~SPAciGgPSnD-ykk0qrqnpO}FIyQDXU4!NB7(~MTxH^O9{hm8Wz+sd5sbQumQDgTeCCl6i*mM z7IC3%=XHafvKAsb^K`B^hHjoSY2siImp5_GAYOueV~d!qI`ci+x>~FM3wHZY5zZl*PDpT3{rt7h6qR*&&>6)F>~P4^w*L* zttWtHc26eUq-f0eLu}aZTPzP?%&&35SHH65o5spCZTQDZ(6G71PcC939I*+JgC`&RP8OWVXQjV?9B90XNMcNru6RU=&B@>19o+6DK6g?uA&xkJaV& z=gmB=In2Tc?~-pD)X9Bag!&r}Ux_wk!sYwRidf0fWqjXyN&qlTGRulW`cGv6e*qv0 zXWvjZ<9~89Mtb?GNmK1cO|mW*+Npr-$AebFFQe^1(S{2MDB|7lGK@wcG;q?|huw?= zL@HFJ0=8FBR#pt24#YfKXsZqOwH4dz zNPRVrcr_|#&bqv5DR#+^m!ggX`HTA7f&7X>*5u9f7BxaUcbe_S;hQLPsjDyyTAxG!t=i-?OXK zm8HwzqrL2)#uXQNyM}1?ZYHbNKgYFUIvQDbNl+ig4tI)jY8s=^NM5pY&s0@4fWX3T z(Xm$-!=FA~`o4L)RPWW1yp?wT^P{CkzWd~iKgb6j3w&Qow5;n6=21VgUCOJqxC0^? zTXu!zzTo;c8iGHDJFO~!$-f(S0w${hFhi-Qc9^j2#tH;MWmG`=`~88`X&K1H58+f6 zt&EWW^H=k08-*iFBQP2{oJQHfZCAsh7tRmJM>7kG7LI<<0^d)#ot1Q@;uWEt-luz1 zC?#i?+>i&GH#6#T$B~y1BYdZ-&(ZC}H@8NBesbmr3yLvHo^LucAd zH2!^{Jas_gToJ9;^T(g2X<*Jb3(Txn?xoiX1cWN8IiiNhlKsZ0ZA1uHqFrAu7kN7O zmjnc+3}Arib+I+iL0uzw+?UwM5lvcT7##7&+v3Idp0~emp_GF+*hQo;>jBC#MspA* zxyl^Z9Uf2$a1~r{Oe>A3d%xT-Qk3b+AQu=pXN^^Uy$;x#+Qy=ul=AJHWWvaEn zoSUcxK?%NPU7lH`Hc}=|gzt0Dlj`HFcE~Z_%<8qa9+|UIIe*yS+f??DdKcE4w|s4W z12kf2S~AZ78ZpX7G{Q%T2GDd2%A<1#g74xEBF(!QSmyZ(28=+)Ip9yCNYRw28V$xF zA9V(O^|L*#s6{z`gQ$eUsoQJTuKT--l|LQ}bXU7pqVxoO!q~v%lEGnteKvlD?12ee z>5KBqSyovXb+!sj2j}FVoGl3GuxG3qtQ6}ZEoBaZNVgj6MNQ(R(1_8T2#qN4bpH74 zL36D*{Gx8h>YxLsJUG4TOJj{aasmcoHN&ioYN|?*o)bPGXyb6znP}2R{m8&g1{Ot3bDNHcCsfI1+cf^+uL^e6FU@&z7`2HButCHc@Bp?h?qUL%Ea?9no z6+WsIB4kDWoQzC_-|XKV_djomvB_s9B0G{(Or6($2}*<#coYM{{NZ%?LK!c^CE1=M zZ~-3U{?y9Kuif$W(@r?rFq6iW%h85Je_LsEx5E-YMwbQh(!=}f$}2*{7OV-(r8Il+ z1as0TmDPkR;rH3HK&}Fq!(4D`7_#R>01Sd9z)9Ev5Mv*AWYV>%fK);d80V=UJA3ZX zf0PkXiN&mq;XFuBG?d7|xhUy*_Ef;DD#!y_g#9U2Q#FK2Sgt*R;g`d>0BVx%L%S_t zwEI$S6_voEz&;U6?wm>@I-T3QXEGACNK;qY|5h5VPMxrE=U6oX2id{U2+75DaOm2N znJ7;8p7=7-(6ExD(VScv7aodP>EJ3sQ&~_cjSxA(rEcg>0#m40Ih)F| z;*#73B9`=B1q1MjxucCRF8o^x5Bbe7`&VT7)MpGJ%p?>7K?EM!Cv2UHnqr->Q(tX& zUodY6B33h! zX7yD=xPVgjoNT1vMiJ&r#lHuTe@gV~uKG~Dl42k57>A5dH!|`u5~!eElC{wYSZI$k zfzO;o=zFGSHDM5;(yVs<;Kn**NKg$&XwK4iZNj+CLLk%3FnXsksiAZb8K7R+w459) z?=)siG$fWWAVF-_hiHciM*$N9t?F{*oGb|Cexrt3UNeqLjmnA^;CKsgFq+%N`Hq7k zN+NoOrG7~=uCK$dLKhk#;4xlU&v~|*1Cl#WAaJ<3B$!V6aOzMOX>^#9g7X=3sA5C1r_OR>EuYCL=5P4tVZ7D2nlr*{zK< zpZz5fxPw-|!42x3$`YJ7g4~56^04H|GM81W*?5c#se;@%gaSZ~QKk*dco>Elv6}Q) z^YYW^A)EnF8WX{6;@MKF;MO4`Pml`2d{-Ezw$st7s(W+*4>5uk^LWEq- zZ?swlGa6E2hiVgt(Gv~;MD#%Q2m2~p%gw1PWRA?ZZT_F zL%v@}vo$j34vgfWh75UO(IjrzC=FUusWf)dznvH+)NdpWzowUW@u!!ewH_0SzZGh1E`>G77zzeQB@xVc!22Wtw)7L4}IHASQnwIcd$Yhbgv zG#DX@;?*u-QU5=!)*$hK|bZ)8( zi4?W~;0nir5L%Nf=x_|C`+-SaIn!gs%jbVh*)UtW3{N+5vJp@;{@+%J8U4oYu|pam zKmY@_#Dkfp8KUy4$@@xV(t}L4o+J_!7$pob~IN+<63X z=dD+j_-vwq5@W%IY|pYnT1_zUfC}i_F4?OKF&R9pU+6Ciuho@^2w%cgKm_lXPNjJpsw4*pDt9Szqx$_XAD*gkf$A!zlcFpGw7zoQM7RtJ{Q&wwd8o>aGc--KX z4q>Mtt+F8tLTw875&l@cL0u@fu!KBmakSbGIQ&q@uTegv(OzQB=+^_kz!VfteI8pU z%e>-u%p!&*quZeCb{)^41_nCYd5-( zAnw(Rjv{dS%Q<4*7njY0SZkYWv7P1PzErajk{5ix*TT7cwo)c%&6|I@T? zAg>d$FNe(|zz_pGE(4duhfVt$`9sIX>}v{OoQg0b)cI^Yp2Kjg$oSU13)Ao(fKlqv+d zsj4c%2m;mj)I;-e*9c0)nW>R^5&<&@?aBQmkc!wbNJHxjwjqM*Dz$B>fbC)s0%s z6e2;N)4$o!PQvI60w1C-XdX&gR;dg{Rk<+RxlVwyFji^2q}rsf9irn}bJCGDiLPF; zW;}F`x=G|~T$pfJf|*xM!}xWD#?_QxTlezuJE{>u9fx>?xSv=t<=k)ln3V!}e>g|e!SR-|cia1L^1JD-4l0#DYTQ;sNN zOc@E62_88#mX$M-w`$gMnkh3wCp`86He+u!LGKgTV%&_D9?WB}@qH?0^-IXy{z$;T zNG0JgN@zmD+?0o*D?>`S>`=DXMP23KL_vl&I?G2rcAK}gq}U^hbw2B z(!yG>{znAg95js@SL~a3xfK!I=pdMn8zPv~Zh)vE;W~=a2BThDx^bsMp+^v7iqX8p z1oIDE8C>IhxLqe|DKQ6v^@$2*VloIY^BigvEQpSAup)Rnau_8@dbHepv+?ZFxeu@P z#!j+0G{!P7*Ynrpc}(FLrw>p+M%@trFRJ`fEeJ52RgiQaj>XZ&jCOG|!uX6mO}Sy? zen)EdK!Yacrb01rpB>4tBtO(@+Kj4($|mkX^_K%fb0hYZt3_PSWD{^>5I(u~94oNj zkYiWCz$YpT<=iq~l7=wWu4&HB5k7Qe>ezB%q?F*-FiSqeu&RfoAN5OkF?Rk+1d=|b zH;<<^^qf1Y$smL9&GS4Ll6Ou9eiR*cjdQ8;+H8DTH)7UkA(voj6)HVvSCQLXN28)K z_|ZBS9xB=a%)@_k#P^R%88b&L#^zIHq%{zqImM?98ZyW%L{0=Y)ZPLF_(<(aY@hO6 zr7;w$xgUqFW~RCth0(DUp*Tnw85bJq7#-Zxltps8M#rHUO26o^ZC*DA>SpW7bGa_$ zczq2)a|gs-ll3h^@J-O=hj_+!xW~OsRR8Ve;%QzN-c0zFbf1)3#qZ=A6_fj8XZ=oK-t?YNG=2bD#xluKV z2~rAI!t^<8TO6X2=+0#mk5b~sw`ldk!N zk+a)DMnk+&`${Iakj#i8R7F{#I~!oENkP}X3FJ0mt_3(0lc6oexJV)mGhe$0<>FX^ zm&+Ki-Rt$XgAp246+STF5a3qRbNz-m65lTyGS8{fo*T^u3lTI%M9uuvwb3ULjOD2a zs1Y&KdBV>pofKIHK{5=r4*rsHUvvfB{Y)CifXMWVCSGhnD^j`$M+#nf539Q@}67##*CH>J6u-76rK=xP_s2^4>A}HbhqD`eh}4 zzI!fQ07~H72M~EWJ z9nL_oh~tKEfBN=7U1xUvLtcldc&F)^Y#E!!FLqj|#77YkH z3~;_NoS{etR-7g5N=#UrAwvpZQZ;VyfqH;>Ljaq8Y1uV3!kL|9Rl{&3gE=E|T}jnA z^E|1%HnTkvvy#g~K;03Blu=g%27#^$Ga7KTGUgqf1HiG&8=wc-DNW~o&Cu`slL}TK zDyy{hphHRyU~+u>^g=4p#=?p-HjxDLIV#vc*BuWC{{XX{aLq`Y;Jx|{XLWIPga-$c z2vbr~!QhhU!)!XRe#j_$i8LKQcLyit)yVJSEHuIq&VKRj-eaERC9|Ji=tzxnP-kSZwha z9;J;y6Y47#>|MJLrK9j1Xj2-TN3#?eO<`(0tWX_1aXG{2cP+bKy@qSnA&Qt15+)xrP3<#35nhSFKRf>_V z1-V@V7mc{n&Z`$*8P7J_SY>NN(S&^iyqX@oJt;c37vd;HQMre~)jT>Dh-V3@Z1gU` zge9Ojco+HZE{|X2JNAF_9o{^i(Bl>gz|yEKi?*VMwBs;}gQZh2obHRE+6!a-Q8KsRIDI zR9Wt=j&JVYp-N;R46k2gI_>L( z+b#9G5CJ|QLGvgD3N_+IGStUNIZZk#tMe{B7mfnqCipdGJOadW?gZ3BAJayNX2AqF zGzt!j5Ok1o-PIx41C9*tkcKO9)~vW4NhwYzCExEG`0>u0=E>%@zTnRd5 z#eNDOeU@BCiEQVFkq)CXT#O6+B7bVhlq%4+>pB5-xW*?f=&K6jq3TPjGe$Va9^%N{ z1sUlo_|3Ny<1S#*ko{47vwjMK8J}7emivF&``Yj(t~2c{4cj*9HZ5F~r3rBoKHSBL z{elX{*pjl{rYbSu60n8whq?wdjSW_?u!Z#*(k3Z^;0>-Z!j`662Miut3aG*n@<^nM z0o&3{!AL?z(hy@y)`vC0@<`VAdz}7$uWR1_>tFt(xz3#Poaecp`@SDZob9tm{3NkI z!i1Zr8C5~CH}i%uBc#r#lf;&DWwti$Ce-SKBE%U_@Y14}24Lk!n!+!Do!Um@n+wq2u5lxWXY~s4R z63vCI4DVq+za&t41e;QgKo(^fCv{3wEmK36}?{_Sj+kO3>f%UmDB z4I$A+$Tu{Ri!|cjsnf5!+(XWZrur`^0Y7eQ@7)Q)+)s=pYM(3ayQ16 z#v8a%8;zM_{ajLpw|4T)lYg1K_(JjTp4*#0Og(=Lxe6F-A&S&RLQD zVyFx&Wyy@^Gq*CIj;zBNKtuk7nveM`gQJgNT>)rt7-G2{oN@PNdIfL8BAWVm@os`H zSgRV?V_pW8p@1qTghIl6)Ye&zVbVH4bdclY_zYzVGmVrc`?g6OW~Gb6nEcmSq-L)x zefNX0rGxWpJI|+V=M6Re!oG^K{KxA6ZjtW6E~mP;3noj}#6RKa=Lf{zB+|=v`X2S! zA+f-ICALpLWQIY}>8?epvmZIzWo?T!h@8{mG_&nb_PGZu)8KakdiG-%m_R8ctmO*+ zvZS%SONL0T19Qq*{k*0g73i_U!(uV+>fI7SWYgi2qT;K#rU}g~3zAK{pZ>7ot61q_ zXRf`nGS{0j5Yr(3)u7`rFEb1EyG)8bxZ?&J(TP!eQ67YgXAyhyTG$s;kH+@fnNeXR z`~cbF@RtqLsRPz_-8J$kHyA;Q3$)llV(k}3c4S7-?OQ!7nLVr$*U5MTx-yFhA`b9! zte_gBH+Jz%|7ki99*55-y2)gJat9m)t-44zqIk3bmo3cco^ZDL${R8OVO8dLX$9NmMp&<}r+hspUaqn_YK(BIY`FS(d$BUUP=dQlB}Y z@H|nz+|0?%Zl4`B#jxf@C_F+fRI~!c@gn;uXxE`Bmu&~Rlh@>g@{e|qCBYu|jq9P$*m_3uxJk93yd zm1xW+rq0a2H0&PqiE_QG)5bG)zjiC}nT+(y03ROfN~EfK+4OR%>>o}1vBJU#CkeQ^ zUiCwBfuZM1#8!k}uhJ&Of&l1v)eOBhSI7zSKFu6ozR;Dw!OoMLhps=0rJQ1W>44`m z>2PK$Jp#e%DV_Fw1SC^DU<5NZHXZAftxJFnMwNYzJxo+ExJxkH%?*k-MXo0!zWi+O zlOxS~0p_H~IP6*y@mOsF!dhdEnGE4%LTw-o4>Y&trwaMRlX_Lmx<87ltLr>A$yr35 z0w4|@!96u{`TsasKDlwxSzzbg8v66~(b>#v6=-~HKqx`ALXT!JfZAiqfiK0JxfQ}+ z4J6wM7f=>bB|2|Kx?}OpuO^y)g=wqR7QQ*KQvAWO?7rOH&{ysYeDoB_1@7bi#naW?`ASRzH4gVB{mgm zo9q*H6mNS{+5j}rtFI)NUeEiDkRKM_-T+tEQT7|^%xaEdFw9Q-ce0>$JRhIgAX^`F z!l~2E{H(VxXZoGeP@2h&cZ2@2vbQ2`3Mb12O{f-d>=RYqS-e%QrOEqLJ^QWEgJ^8@ zwncSz!U<9{=-C*WdX9kwH&c#w*>DQ-`sCQ>YAF!|N~WJ|9ZMB=0*3LBiPWi4fbe@3 z?pp4(mLam+hqMUTh=Hc~Q{6dPU19@PJX3$c7R|D?4XBhNEE!&S!ojjv_WE?E9!ANTAhk!Erh@co?+A#wO;Kvz5r z!^xs{PYn<69fUul`YA(Tq}_B&sg>0;G~)KEVRx!8RyCE0e4nR$z5&v13sl*#CY|Y# z7Qjje^C*|d3pmz=f z3Zk2FfV{e%7DqJroJGPgrfmc-g5>%xZApqzho;}BRBrDVgH&H~p|q?H`}Gdi(GJ3P z#`CB_$kGor=t%}gCW{_s;w8cCd;+T8YiZlI=wBgh74fNMk<2Fm@l5s&IIJ^CTqyMkxr|2PS|29NWL8G?(UFAPXe<` zn{KcksfJq*rhg1&g2k-JvWFd_)l`2yWYCFE?8SlLQCSAM$Nst||IQG2tvy{=9nc#| zz@(Yfz{7FXA<_66+_1;tunDi@MLP0zSUlOtYW|E)!MaJj^3BX!*W4~!YEfAU-v%qH zqxhx4tmefirNelq6*c<#z2>)SpDiU(de#lu;n5 zX?5(zHP=UD)x7UEdh5-j<%+qJ+$IhRZt`${a5Z(1Xc$48`z7APV!#6@mEiGyAEj0k zs&UCRH9EpA>7!T;v?x$^<>Q&ZIaL!N3!ZAOKgr-FA1sqJMuEX;IX8V}T~s}_fnP)Q zLpwl?MC+Kkg5+SJO4d=zyc(OQ`qb6K<$?f5U(EE&w#vQhzQ_aQuc4|`QOCJp2rVD) zN}n!gk6kncRQeDUA~rTSdvnR{@|6+=U%W$x!P9%-jlQ+)*hsG0Mn*64=mGrIOEuM7 zs?r*rp%PBolpUqKI^feP86yKqEx0&&>m3K|{xQ>?ei1b9oL{fuR~S6zzL@Bs>b&#T zRGy~k3VXkC6RZ~9K|25DN&h9QxY;36QK0}L1*CiW9H@SkWAfWNWlc8UysZF5_BWxq zhEJ%y0}kD;l>l~wb;(a+nI2sWFo^TIN@$} zXhfX_|5ZNVOCCC*k#z)^1z7HjNod6mUp(gPF@pbg!z14 z6ji8IX`9+ZIMOv8IQ!BqAXE#tP#4@*Ex6Ar{g{u*2%DfNO)xXE#AsxW9~3E|4q`fB zDIYK+fz}Gpk&jma=3*)V)EVkLwHsffm)_YB#!5~2T8CMu-NXJwlx)Ki-%N0;ml)@O zyOdKeyQF>ocv#YCzXm@&%(ubHp8evAt4-8F;Po=_tmf=Kn?wU|cBH$@kEq)-HS*?P z@y|@&Yvl;*Y0(Cz_M43S&sVFiBG!~k^gsXLny>mWZ0m*XM^*}3w2*A@dO+*C*Q(s^ zqBNM(x>oUXVa3?0h~#YczZO<>q8d}AU%=%}OElWwZxaIZn+;B%MkY$k{7r*>6hrd> z#{xd9r&Ufe_v8C9<m|CK)aA#qO!$1=@lVWto+TNLMb zHm>0U_@^VN2jC23-~skXZpD$oTI;$_%EUK^@F zL9wc{_~f8WRpwq|Z;Y=()Gn3BvNj4lf@WX8TDMFDj1KebF{LhLOSnz*<~;fEx-W{! zlAzm$&jFv{1<$Pq*WjaEZ7O7y7cznn^b!?w_B5N;9aXoA%*DBJ&Xd#`4!)5?i;C}9 z+OpEFrmV&YlnI*@JQ%%(h58BsaI4tSczfO=jUvuG1_w~ux@8g1t*Pat7x%tH9*v#x zME*)C)GhbZzt>d%yf|3YN7j$zVg+y<5YQJuj_Njy=5_)F5(g%XOJL-wn1Lvc8RJeP zFx1F+!0Hg6HO4R&JvR5*=n_cO+!AZ8h_~8ZG3|MMPrBb$#00W*wWrH<+L#D4m4tOR z;3tnpFP#JZ`bncSKz^Dd%giNBbMJt9YaWCOVd>zY zbZUz4vLz*qaUn;z2z#+ofOI;wiQTiKDV2Jj^@eUott&k|}Cv|E=IqKu{v{W-2Sh{zGWE`lsaog`{_WlI9%nh3Ux*XbIz?d^ zGfU3MX+Z#m?xyq5b;K+aVHO-H^rKWPDh67W5|`qT>O6?9Z`B|MNG(@#RL%xe;T1-A zsf4d7U0GfPfbzQv^KQA86 z(|ZVDu8mE*)MJUuEyws?-fQw{;1#V#zi7EgUWT~AxCx7uS1%?^ZdxaAY0+x2F3P|b z6Cvg!wzwj_a%#rB_DT-*lI&3r(R}REPiY-Eclq&o`OfTWZaDCHFMdci{bB`^;aIe} zt-W+^YvkLJhzEIU+dCwxWcLjuwAgB^+BSCvxtje5VUz_WACA?EOkelM?up@G@Q3Ik z^m9~$>vLWR1Uc5m_^r`cbAoS*%{P-U14*k~C6X{Hz0`S|FGp3-`b-u)t% z!EHj+Lp_cbz>HQ?^R7OTU02ra!(`-G9C39Rob3^@OQlll#EA_a|Ev%glzM?dDe)Dj z)4in0u0w!0=yUbNdf7)ex9_hbM-rFMsb40ej?fxLTEz)+a7}jE6r1BieoV&*{>pnh zUx^*{2><;^p>dRFoen|@;0RCTMN^GvfJCo=k%z#FwtCb9@mU}VTP8{llxHgp+%GTx z>la9;OEbTS+n9tSe)|(71ze{h-xO20nEGWZPdRXu0wY6u<)IG5S!04F(<+)w*)u16 z&v&~ir;QsgZ={C5wSi;NiAFbczx{YcmrO|bbRKG6%7ZkM`7p5mcQC@;9iA6XDS~ee zFDbt9BhlV29pWhmGPHMjLkn1IUF#h6#eU#PZiZR3kS_BF+Iv3OM$YS(A@QNMnsSd;Z%foVPH!;{Jy94xRQ`7F* z%f9;AdY%cX<1gdtbuOD&!Qnyj4lukhB>Yu+<@AjCb%;WU&)aB0*s>pOy>TjXmt-5w z!U`TLq(0>ei^zUOIjl3PrCyA{3<9%I{!j^=24=^P7B+8Z|Ka;@UFk# zll`~bk}5|`%C4mRcE437ZvR%z0_HCd6`C_T<7Zefb?>m))SL>hT=9H1@Zpz$VV(%A zHfD6GN*UGW4_Gt;DlKY41mc$P%p*9R@1u3I7T#SV%KzJ}SQK9~X0zC;F;!Y<4s8ZZCr`^J?HO%w*DCWo4>U%XY;6_5$Ylz6w*>fuB= zqYJ+4Mv*x3dtuX@9eQgQfoOO>D(c5B04C7$nR-=@QVEqbXZsdiJ!{C?ea3Nx zT{37264O4?I8g|Gb9r<%lS6L1V5~~^$6V?BG`-yjEyeN;vjJl&yi=zL`&|9-Y*Gq{ zC7_qr9P#=xfg*o#R~fP9=^9)!H%U*+sLl8 zP_YG0II9z^HKzN6(%U5ULt2GC=hbg!KGf?Bx;-O-;*_MV#T^VR2r!MFp>xBIm4#vl-+g%z;xP~%E%cOkTR2-3S5!O-P> zzY*m>tno90O3FYgS~+^#ATi5RT^*yy3&Eb)%QkNjJ!a{9QqxUN?f&9z$;;Q@*+=oL zRK#m>#XS3SK))I$LGIQu?sK2+62KBCB{IAhy({u44HFW3VNgh9Uwz322x*@QwmA?J zC& zCXZbSeI`H|LVfIQ9_bI-c;QNvU%^CNs)#6JOa($p$+74?LtIW1)MwuK=I-?1w&{C@ z9;aJrOri!0;v3xTW_F1{8 z|6Cj_MzqgXFc6o`=`6%AB%Qou9#fPEM=KNxjl2wwpQS`Y`=V-rsaT@VzDEL)r_t`FDq zJVyuF!nPp?U#L?WfEH;^RaAUHA_MYjvvfm7KWJY{!HRZNf$$V)}5mcxf(|WSI(N>2l!We%d@g*x^Q>H5a92ygq zY*UEByRv|hGtag8m^xzwKI&y)4`ndDZV}G^=5%QzzV$$cIpnjrL-}l?CRvQO&HGd$ zqTO&ShWWY+PASHhUWHQUIQW+gQEy@P|D53ihdcWezV%6H^%aHJIJb*tCRRKr^-d2$ zL&2HTJrisN1-n(sVpQRIFZtSiI#Umm1f^PVHk7IY85|UoLe(yzfsFP z?pToKMWB|dW&a%x4e1hZhr$+jW+-ycV98|x#y)oFsQ~>$w4b16irOs9P3?-UkPf1{ zBfm?{L~_#kLV87Yi1)asz@kzqD%gn++bpb2dx&plT&WDCV&Lg(X+ruHc!yc0uVh8@^i+)eqjwO>y@vI)MN5FJd;tZKt-gG12u>^Vp^j;H3R zvM*nWT8M?2$~J5|=dQ#@2r->UCHN67@$yFt$!A|S{5E#i@^%;n%goNWIH`|p%7XUf zzjgjyoh~MX9tl5~gGqd%?1D!amheTy8d`kV`!^fDH{|;T_;{NjRK&_2S2yp%s)pO7cQ|S^@diC=P<|HF(?2Bd>LQ}~e$h~@8$@Yr zEh{%|p6}Nyy77KSx(c71;KUo+Z6XrY(L*4Pyj2j6Z z9)!$OiCo_L!9qUs)WnDSY#eUe zblhtIx>qP?5;6rtRS)Q`a6!EUZhe(hl45UVS`hBRX367Ded)W3Og-!VWDl0PEX-c+ z*4BRgB4&Q)yYw0v^2f(NJk^pz{Yy@BW2<7yNyd|@2bG-`yDP^(_Zj5S#%CgqI&w^Y zM<6E(w$PGhA4i@wJvn4(%Xr&LvTN|nkYaP0wEg+IJLhv|Blmnb;CaX{a**DYe*ev9 zS;=1z95dO2w>=s>m9MEu<|SY6#l`qNt^7m5)&y%ay;@bvd%PllR%S1h+9kDFfh_W2 z{>3A|{o#H1-Kdh>wlMPXMe>_ZKW4v4GpFr2LB6+&WSE~ah~`9RB=9f!N|Y4LASqJ- zCC9~w6S-;ooj>fL*Ehl0`1X}PQ(#bTlbF+HLFY|%jJxpMIqf(9f-i4gM(->EQMn@j zpG|)&lqMD5$-geM@V-WFm;xf1h4^3(y%0No=mZyicA<};MireO6W+;*SMl*r2wU7J zkBw(0U-~5-?)m+jhfa{a3k`|gIeucQEfI_! zp!0dwuWw%b>V*%QU#Ayw^lB!pK`L6r9S!E{f1mTehw}f*4hxzk*%$QuWUYPwshnrP Q-}bk5{ZjLb-+u6a0jIh@5C8xG literal 0 HcmV?d00001 diff --git a/enterprise-registry/github-app/index.md b/enterprise-registry/github-app/index.md new file mode 100644 index 000000000..5ba332b5e --- /dev/null +++ b/enterprise-registry/github-app/index.md @@ -0,0 +1,26 @@ +--- +layout: docs +title: Register GitHub Application +category: registry +sub_category: setup +forkurl: https://github.com/coreos/docs/blob/master/enterprise-registry/github-app/index.md +weight: 5 +--- + +# Creating an OAuth Application in GitHub + +- Log into GitHub (Enterprise) +- Visit the applications page under your organization's settings and click "Register New Application". + + + +- Enter your registry's URL as the application URL + +Note: If using public GitHub, the URL entered must be accessible by *your users*. It can still be an internal URL. + +- Enter `https://{REGISTRY URL HERE}/oauth2/github/callback` as the Authorization callback URL. +- Create the application + + + +- Note down the `Client ID` and `Client Secret`. diff --git a/enterprise-registry/github-auth/register-app.png b/enterprise-registry/github-app/register-app.png similarity index 100% rename from enterprise-registry/github-auth/register-app.png rename to enterprise-registry/github-app/register-app.png diff --git a/enterprise-registry/github-auth/view-app.png b/enterprise-registry/github-app/view-app.png similarity index 100% rename from enterprise-registry/github-auth/view-app.png rename to enterprise-registry/github-app/view-app.png diff --git a/enterprise-registry/github-auth/enable-auth.png b/enterprise-registry/github-auth/enable-auth.png new file mode 100644 index 0000000000000000000000000000000000000000..91b0cdccf0d2f72d47edff5dc3356e3af817cf94 GIT binary patch literal 111452 zcmeFZWl$d7wk`ZXg1dyE!QCF*CAe#_KyVEX55X-s!JS~iAwX~m?(VL^U4pxO&3oRx z&(1!l>brk#-9MWus+#V#dUdZ}bFMkZ7?Ths1xXY{d_)ikgd!~^rUC-NT7f_>Ucy5I zX9OP896=ytQ43K~C23Jn5+w&)Qwu8-5J(E8M8ix|Rr&VOHTGMGoM3Y= z8D+0}C)9F9bI{EY(&#-+94zxyb;WpKfN;LlPjua6>G*rYlJJlPRDgV@!(7fRU=R_V zNd{HPeBr&b?D7yNqTN<bQGM2redH2K_U;fdxQ$ZG1UtfC^@yOrRHJJ(lSy)mUYtHz zIXEIJH^1w`u4X7?B|{Z(rLiTb$d^z~3OI&xy{*IbcS0AW%O*SOVH|G{7W1dQ<5czn z_fsBYc#-1-iji8u`>-KZV!ePXi&qMX>VJb4^Gb{gd4*zgvJUFWC4t|Juv##R*dyT` zCQtAHEuq6I*F|w8>MZ5Wr;}2cq{>J{%3XRQD3GAo_sO>{Hb0=}I{UcL`7T~TT ztGEFBI8&rfXJeX<0^Denw*DbWsm%;97J}OHxM-uLFFPspi8%uXV}idwSy;2ITvRU> z+&Q|6_*?YNpbBR7je=>eap^c&hj!Xu$g77p;wOGaBiJ-pG;cP;>yjx6MN2etl3ns> zf^!{2c3siN(2+?=d_>+&7|ve2xhE`~O0pLs+sT56W{#?ALhZO?Y5zUUG#l60k28WJA}t~Vb~(`S6$M3q3a~V|Mlfa8Ll!>9!z78iOwfh8dc=7EL(hs}Bp;xV8bdRL>vrz(6 zs!|1~v{2|%0ge9k1)(c+tLI%jn|FX$;U=i(M=)Z%_`@fPi*Ha^)=B)Ma7JJ_0_<3} zIzP0R!ZcyNxKcjYNnsUC0XjKu_=BHsl%P$@2-Q2>W|0^4UmpbcDZxpuQl$ERv4gQ` z{ZPd@zsdvY(BA0+hxwMXFy%!i>n9`$Y=yZRdTG+&gm)RxYT_q^^p%TP;aoDR2gV!i zmzQXATw;BC$rqB=^S+#KRN3oslgufA2FPOP& zW=-w-O(Tv_h+e1diuJW)V-QHhZv`vQ|HZ2GODq;Ky6CqwAv|KV%5UFc+y%q3&&&jK zW_`I99+zgKB_SHU4I{yl#z>YNCQXdm@B3iPI47q|P8_qe@fttHRH`!Hb%M+S%RITt zq6+gpj5XXL_>le9dEUZy7s8uiBY!3QWQr*8MKHG6zd5=&OjP+!LPk^#*8M1#vBz#WxADfR`j1heDNPzb^CvqW*7?Tw`|+- zkn=tNMEAQm^n>YB2z;CzP8G( z>gT+|Jj?vgdD$vw%Z!<$QG*@LUH`pcC!9U237*`uBw4$mpKUrASK3FPjx22WB8Mxt z#7`?+Od6XSadc~cMEoeSi8+ES$t)SwTYG%A?TXykK2AJAJGDI(LS@6p;g(~yIw|w) z_<`!4&!xjGteBlOhVt{Gk_tDw!IMLWj{TXb?U zE04jc+&6l7><##7#IG<*d4YKtc>#Ia^4fClL&ZawLpVu?Tn)Cv>{sj~U_Fyx#=oo$ z3|XcP6U4*2Y!mhp(i2n$I1HB_@??%su3>sT2(uQvaorsr_!(BzWfP+M|T!X-Q^vH;(Hz;_dUM`=T8{n(De z+xWZ}hJ0V58P|k`&S^4K*-X;Y9^yD?zj)*_Bi&;WHUXUvo3AnaX_#zVW_zE>DiNIc zlj(wq`NQD{${#5@whi`6-SvzPmJW9ZN2@;|%iF(p4OXMK%G=fxs7KhQ9YeNxn7?X7 z&FGY7>k>CEH6b;kxjk*Juf!f!F60|kU6}Xn9A*>WeZ4{Sti7$dLAW2kueq+iNx4OO zD7q(xNrDT0@#!T$N)^f=;v&{HSucwe9)x@6Lz(mO!Adte83lh1dk*D0YIYWg=Z+t^ zvTU&IYuS-q?Q!yII7U@)LGUY#TC#95@#v}OB_sas!8a3xU7?|o?};yH=9%8(ErD@} z`AiS`%dfh%B4Q(pzW65fCdIQ{8I>5F8G7R>5)<<^JKV=|=htc3o2~ymQC)NHX_1GQ z(M+)88lx%)m(xnKSs1D~jW=vWZJch@AY@YwrrWV}k%%X#Wb{kP%Pd9DpULlV6}4Do z>~NMFuMJ60$L1;W3eD*|3~v~zvggC+6Ut=gQsy5j+);#Ks3W+KlTUEvIDh#pZYeg> z1+}KOrVvt^qjSpM!IjOQ4P0|HG0mUUdrx{812Zr^pld2_Y(4CjNEF+|*1$~7W9I$i zz0Lb0jGqzw+Q0axT=vcjOAy_~L$Vl0_-vhYYguJ}k`oVP#Odj^iUw`V25<%}zY=6P zrT@<0Cd6nlpSe3fu{ps!RF+ci(mk4i8J~cr~>y&fA(SYsDIBYoWXB?Z_!UG62JOVow&$E^f+}m)4_PeSe+=qG^2M?KR(J^e{rq$R771Gpu^`VaC+NC zux?ZJORmxNZn{(3y0)v9?`UJu^+tQlw#j*WDSL^&snn@u&3D!B`?9t7^77WNPX`9Q z9kP*Y#7mwGZuj?*_dtL1?LR7jvt8Wbqx43tFx#hLjr1dJq5xb7?hT47=meZ}&wZ^X`C9V#qWOfvS$ z)3Y=jgo^^oi1+ktBDlL1w3Rfw-~)xbJ~#{Xf2|j_!BE=KI1`^-Z|V02ElXRJH~HoH z0a*otos<@kR^U)R|3XQtP#l9mQ0W%$G$ESua=b>i)=UP*wuUB5F4lHHYY>Rvg%>!q zHh~zBxL8}+IP$s(kp0zy7dU=C%}hq}R}+Y(0GXz|5{am-g9!--6FU=_Oc0TTgoNM0 z*pydAOyckEz+VDn<`9S-FEg{Vvon)38%6Q{Np}iCXPl97IqK|TN{$+`x+S9Iza@;$esuK=g)sVr-_Tje~)D2`1fl8FUb6S zg_(s3%>2)L16}!_&+;l+xR_XJidk5j*f;`X2(oapv-AJe;eTBE?;-!CtJZ&a<>F%f z*Pj1!$q`I-MY_kxI;J70j*P#7dF_V%3%)IpQ$il=JR z(-Rv<6uY$FYJyT=J?krtJVXmt2@^U|neiO4LhT!b@JuLc})DZXE$3qOATeM{=XU4-%rjK*2*1fo~Yx{XWv8Q+>K|(f7(kTM zvLhe2y&tz5&xZNps~h&d7nPw?NFu+`dpu1<6R_N#E6=qAxt!}! zJ|uE0kw=FH1{m>$d*gCY-ec2nSaa^1+_S;#eKTN^_#se`dpp&UspbB(a(FNOHhHFZ zTI!F-O-g>*EiNX?&a?B)50z&l%8P}(^q{N*^|!}1-(5KO{IQgNe!AOUz-!&>K{G+e z>~K!EHYD9qTi2tOr$?u0EjWzuU^qfMP|=B(DlRvFfaFTuPSzJGg8{}`v2A?rLK}<` zzTb_9wae*6NKADkZlPrFxs+m8pYnwscCXhX^DUdUI7+oVFQ)P}H-A1{E-c?p*FLTj zKM9-io^)ct;o`@(83$V!n%?CydxpH+U8pmQsV0)>q|WeQRdXNE{#7xlB8!4CZ%pCz zyXh+3t{vh05(Y;T)L_a!)Ysd^{)ZRyO%~H%L%JOA7B`yg>Gap<-Nyp0W9Qjfew&(wEs|6-ildQRt>m zaVyCvqWSyCe2R4mY1RcnZD|-Utk;oa2Ek)orjbvG3-mF)-i=I78L(6m5b^harP$OL z%CFIQ9$comv0C?Y4ja7jx?U}*nMb7jBJy|~BqVmEWfablSJ67+{_E`1l9NUt8&!fN zp?xQ{;7Lfx#&Di~w`tg0-WS;p30kJfQlGIR@8a_LDKV1`;P`&ItcRbc7R&=y;dx#d zfb-sbt&WNoW()3?6U#Qoy90&mpk~2_{5L`DJFVFGKlYkHas6{L{G!FHrr(}3dfpFW z-#ei`IxpJ8HMGjKnUEpWgbm0XzzJPLg`x$r#nT8q-Hf0KUhCrw-W^nqAkr5r{d~XY zi7t%fep#9EA@JsI`AK2zn*X9u(X)c_kO`PLq5D;|$p@!W_a#}q+i^^!FTcvxXa)G{ zG4K#{GUr*0-A97nxCOVe!-bCvPM;(8F)b;LX3c8od0t?DG2i%dv(S8ZB+D|I$hGWo z7J{4oa9}1R8u_Jul+x>dotS)F{^OUyNrlgOA+3nKTeA@pRzFdM0@|g;mr`BWUmEZ# zWXhGz4w)d*l$c+!_0fTg@B>XAgTn$tHZ;4e=XFx`~C^p2&DSzYlqFgZv`($!)DvXE)x!^m|G@G4M&1 z8-_R+iVb^ayzB+fFThRg?>B&{waw))Q_&s-ULyBY6N4o`FE5F!d0XH&DRUrNLpt0r zw$?_RszTpR75-M%jUy`|TU~4_WL$de$S9rO`nuoowlcetb!vl>=-<3uOlvUX7`GcO*Q65FC+_A06Xx}@l4s*4REy0m=F?m- z$~yh7(S#@)Tk3geiLnCsp{?KtHH{C|Z@hK{Q&F2wx(Rx0`lSe`O#M(eSK>U22WJU8 zzp@qC?PLa#$yrtOQE7z%=8}?2l#*W18zgw1*`Ft+erFIGzna01%8==GQKYB5e6yY5 z-A9>dRd8LT_ple}#9Xu!ScKB|sUdDb%50XYQO0vO6u6+l^9{X&OmO!&kgG8hQ~#q^ zmZuVORZ<5k-vQBY7fBPJDuxcg5#oE&b{Ne|gaO1BI%7ld-I4Q4NuDgP1@4qPb0b7n7_M?&_dZyu!U&F@T+=$nu zq|hx!{zYQCsI$;<>kDnGa&bEI;=X4?sXSnI<}oPkq_u@NhKC{?uKwk=AK%rA`WgG0 zUSL8#P6sM)JGRr84xb}Hv#(OcQ*L~RKXz%ND zewb$)+z&W(2h%{Pe$`sO_2W*!!8)FPf()-HH~?;!oeK(!)se(|s4Z`c?u@$9+))?e zrzm(bLpWIU$J_e6jA^A2XK$A4iN1eg>OZIy+U6Mv$(Thy`B~M79ih><_UaX}SMzZI zGlPJZ19?`{-O_I+fuJM7y@Kr1MVd)My3d0eBPKsL6SBeXht;pC&^*(!#4o5vH1l+a zPfjw0^iy#+SB0y#KFgn^%b=)zO);v|$b8u1YQe(@H-5VEesWGWN!U#ks^HsxB~jRX z-Nj7SPyUg-_*-#F_4NA=M(ez3TT-^QYra6s8J@WdPlw@*Sox{*KYe<1i1|T{s6HJ5 z2r8h&V>T^5U0}%r^9LsEtE~^e-DWmQOruAx&Gn7@RStW}BM%C`iG#w3E@zD*Wf0sS zjSGd6L^^-aA6(4#zm!{?Jr~&58re%;DuXWTibsKL3~ccwA(tISPj`+-osOcoUHWIT zvy@1eW)FJ&@^y^H|H^9p0@z=N6FR|e?Os9av%A#5{>|*(GoP3&*!oMDwTm#al#sKP z!SSu?Fj{^MEyb&#nJq*sp--KvYcO+Id`3QK^$d9cY zKMZB=Yq$ssT=Uq;Sfm%^=;!t@WS)B`bT$nmMl7oG>AFX#`^uZzNpc&MMzJR%Cev$i zB^MS35H<4>RnVwSTwl>1J$y6o4W$)j@Y0z2^JQ6*tY0&4|gt+Box2r=d(-ST8} z@S??U9ybRv!S!)=nG**V?<)I+Z}#Rg&mSV0O8t?U=+hyD$%(DgQ~`TtZ84q53)$Q8 z{O|@Fdmltc;PHM`jmubPp`i!H4r`%`cRm|x=0_hfO}a{xSA|G;&>O@oR{Le z_Hq+-ziJ)tj>m~B5pp{e{DAngJN|Or_Pm|QFfG(d2-?xM`Dqe>nJRSkbHsj&S7oV3 z@R9}9nLgY9u73Z=Is+YqI3eOWSWsf$GdO;mxw2e2BA9|w5?{Q0-OY7Ww;qu*%3>&~ z$axeXWKXaWA7P&&kljy`6}1d({}vo{y^^FNW_@+3VvoyD56hcOW7qw3rt-kHZ~d|( zE`)8M10^*AbVK-3^5Vm%Ig?~oR88N9i&Ae-ahZXNF}zV@+65rcL~3S;_5`7rKRsMY zs;%DVEqz)D&jFezI?a5z`d;*7O*=PUC%73{5{^3h$xd}_ybbB)XP-fOO~ORMMdk+2 zQOtX_m)TXe-ggUyAH;_YddN})=n=VTeIkatlYK5cPTumZHxL7{lHx!SL^g}WRg#&G zd9|DA)w(KvFvi<+8(Iy+%@Mt)+nLp^*|(Dki|8_+YnMK0_b_{zX8h(HbyxvY@Fct; zpTO1fbHWUjRMf}csBB-p`*l^Z!A=SOx{FICp{D-LTGP)m4JhP_ui;s)w^p*M1Cn+~msZ+azVmZJJHXyaVtGcnq5 z#RhH1f_CeRiYpM=)CL*n7WHqAoLd%@g>zIkA}Ec-MJW);Tt%P_D-9`^>QPhT(|rsr{a(}6FZa8{+R|Q4F*DDI6_r}c4onLEIeLwjukmDh zi^UWZ`D@%y_h&rn!MRof`x6R$DCHr3hjhyI4-|=URSCLoyEbjGm-+pm{EC&VX(|8Y z4|#o$Z*k5H=CRTl8cUmR_uh@RpFQDkWZ2Px3SmCasB2rRjn%+QSCZM1j!*eY&cU}5 zr=UN_O6$Rm*NO4o1)u_e7>YL6s$raQgyP;lIr;DQj(HTzj{o9Kn*)ISSnr>v1Kikp0%1Y z!XcHcHw!`{)uka>sF9T8BpcLy$T=E}`637mtj1;5053jiF)_-V8>MPGM0^d5lGYd* zB~xtF_p9=@ZmJ*NuG2A7<3b>jGI7_^OVY_PUCp%*{$!MiYte|H#UaI#_?lG!(qWV=em?fr>~OGcGg|Y=(QZcUVtCQf8?wv z{^_X};Q>zttSK;xurqEL>LpTquvOUiYvg@u**u-$%$l-X^Od-LD&*q(IVN`D&$H=e z^I^fWg}Gz$*Qs8&yGb=_G4f|wfsD%WG(_H~7oy{lvc^MiO-()*mzVpA8t&lMu1T-Z zP#e=pE~$y2Ua}S4r(ZR~sTNE5H?{`6`D#J7v+>i)<W6ktx$+=W#Gv_H3jj}V9n!gZwTJ)fczC-^skV9uzwH`wd z3`Os0cg8r$AhD@(FIKW5isy>pNc}x<#8UU{>-nH9cOIHv=&VJ4+9`E;+46=_a9?WS z%ENDOp^^-P@#ybvUKgy)9DK9lDeB?$KkCSQ=lmN^`{^YaABn{T*1RbU?&~d!Z~GTa8py3(YVvtXZoLK53wqar5oeShcXavnLm)RbqRg; z1s<)v4LYXaGU$W4lspvX8bSL|rNYUa;VCLNJp)bV&8$S$nM7UBTy=y&USdb&bFl*( zmGxP(3{Nmdzna@m=R(Xh$G9?wHNE@t8es{8L@j>v=ZN|bG!LSxXH4zb)R zDVkA|I6JR<>C1#&v9(DD0yVoi5n`NZS;Xod5yX-z$o2yYgLSA(YU@F-_jq2=)H9< zQ5uoz{_dOxb;zVlCgL6Q?TZDApZ>HspMo(0^TbdX)CeG-%FJAG)l+PnUG>|L(e1&L z23s_@24~;0oyT&svB(BVExUKfnW_xLnS@1qjUZr7RrfEz02sYAch@m5rY zbrBhQajfa&>u)ffdWA}HKlM}F)eDtIkIgcJgK_R=u0w7+P8*Pg7`Wbp;4;c9!-^g8 zLgZC{>YEBI+t+sgnwK9Z5p!ylP-yrUj_Abcyt8&P zRmvff#H(=y5o;Jz#vKgPY8H=vUy(2Q55LG;1O6noq;AY+HdMCFoV#8ot^_mhJ~@rp z0NS#m;@z>>p?D|ll%kjf@;)m}zl23)Y%8GvO(%XkdIc->iu6+UyB+63aOxdsT^p1S!48Lq2Irt$xw2-M-9k_OHa)WnR93SJlD`=zyD;j@;_V zW7UQ#J7AIw4Lz2U-Eigqow87W3JDAi?hw3|7>z0hxNNER6y z_rEIZwBy3PVqIK%{9xAxGq+@aXIh)Qj*&{dbQQaG4B zfFBwWR(8Em}tr!c6(h@CS@NRXn9KE>YE)aZ%$|S*#0~-TOf=8d73&DR3cW zc;C|nzv$wa5^4Bdv_9N!;QW*kyVM9Au}kbUVX`<-cMD9xYMVe0Q9D3r!FMVL>HPXiT{H6yD8t{UY?cKH!g4v}6sGOw zz^}^XhhISwU6#}FD|CI9_mcNA;nO*@V`1IIFov`x06VXyfLu+rD2?xpV@(T^jVI;H zL>mm`x+L1`!5UNxCCw&Dc9k>Cgm%58K4`Rd5YO3fQ_eEe6UkP@&EMuR^piYcVpR$y z$rX%*Yp_@creuRxaZ||FHy$JEc|NI~unfuQ%m>?McJuR}Kxsb93Afu@IuZsVIXoxmT39|0kx8M*W&PrsyM;+ntPSMR$GkY-l0Vgk`(n+VgpwtA z8r^IrQWsXZ!!cF)@gsaejqFxVB$?~ds_l`U-!+foDd6LMFC~7#Duzh7pAf2Dn~ijaj0ZQkcY=kV|`To|%r9CR^zvBc^&olW#OP_u>-5Z@N$ zNO#>7xhU+7IGBUk@*@^)^TLR#TzEOXW1aUXb3cDXO`TO+Dlb?x{B<+z+?|hR{@Tsq zgIJ2&Jkgi$`F}8XUL4{A2xsm?`~o`_n#Z$NEpVRnDCTt0vdnGL7eW2@Q+x zQ}&FZc8Q8)%0I}j>wXu#84nCIv_57nbe;_gKyy* zOoZ+&;5ee75@_Wr=Z=@VMm1-O5`8T2;@x;yhWSemOh~Ler!+12V<<1ve0BD}lD3U;HG?OZjnkcZD8_HMe zz^tED^n2xp|JA?E$I@R|fhy>gQ;3m?X3&-8+wR-@h2_Ujxp-8HV)PuSgJe;I{l!|u z>NvGDeje^Wkh2@8p*X$csq>tXgfKeFZ7fg^B5_nN!#Q`)O#&vV+Aa<7k>|c*wFSnZ zvD&e|&XNceOIYJexwl^+&uf0Dy8W7d1=#@M+c2>O!8yq-=bsZ~>rf5y*!$19cC)rV^SFebnoKblRqVH_xMbrS%0GgIZvz$0of8oBw*f6naP* zMOn`q_cE=9Onpeamw2sPx%3l&!h0>XWTWwQaD+q{boa;hQ4drCEX&zp#MW*u z|2i|dLX)3F-*5j*j;hj@$J^7impuyx$GyK+!Pi+wv*M`wJM*z1;#_I#AE!&(fpt9h z1nn-;e>jq)qn8p?S@t?(nE-?jWHO>rU2pbr5*E!;?P0gc%Hg+nvbH`59h|Hlm<`I& zWnhzVL@Yh?J=BE;=z^N+T|FyhF)P`zvDCBjDzEYwv<5vKG~T7W+R_hQh*QhwA!isn z)%n!?I9K_CE1xsEXtR5~nf*&ME9K^l&`A&atZmDKQa0HwfLe6(=%l)`<9PX?lr7(3m8x!5ADtd{TH`Ks1J5U@o<(unKGsPhR~+gD%Ny$nH?Zg5 zT;hKPlfHPO`qRo&FF8H}dBB&&8{LIS?|UOu+HGpRp=VenYE}@ygNeQGPvY0gD|l~r zvgb(pJ|hxT)qj?7QL!YSd#7S^6I=2z*ZyS!H+G@P;tBG!yje1L#~0>i?xL^edz8%i6QtW2 zb1%RG=VX61zct^g{~mf5dxP(UK}9J1HJUYM&eBA`RZ&UJcN%kR6R5_5c8 z9HL^6t?^*=x`Pq?70MblY8fN>2!onysKb(L(WYZ{F$J zV(cu5{-aX2sUnA{1cUY_z*`3Sk)0IwxPd&bu}zmU7`K<&HK3gjDB{5nkEyoJH{7vI zhD4Cjw?wkDwqIZP|K{9ipcL<5Y&suzjknF8rcQ1Ait4{Is(7+%eyA-IidS?*qM1?} z7l%=}0w9O@g6FN+0R!MV@2iI8O@FT+Ul23enprSnfIZy_3$|Rz$qaMDwKavkzWC^E&ps*Rr1+u`GJIb6pun z0A|?3HT|4!Asj@hzyw1spHSyf_HyepH3c?D;NTdNMG`arPx z!N9;|Jr7kwCjAW+OR+^iY`?x0nL@Y`0EI>hw75Fep$dLfwy2iMaO_uUS@$?!J+jPW z`~7n}ov4~%Wuv<`P6`KLzQN47R+`&H0M)oeVjL&q0}!ON9!dsooL4AZi&3T~wjS#Q z1Y!w^&F8suD!5oCeFLVO3u*Bx&rs}=;TOierY45xjS==}X2`$q%~WuJ(!fu56JOxj zZW0Y{9aKx@VjuNLC)j8?AM^71aNaA#7E2l|AMNI6q=N=P7QG4S*dUf43q{zUO?Z9Q zihaUn$D?aP{d@XZM<4?`N&QCvAAjQrFkd^gr>6S<7N?$5f@LsJJ{Aj1YZ{>t78_m7 znGvgpSVbA%^izEW$ie(nc~$BKeI3z{#nXGrfk$U~TumYJ2FV9U4Znv2$v-i7-^gEA zu86_jo+h@0aVNFS^R<)ExAzzvu67I3zrH_IEebMj3KIBm>%Bov+}26uWe7SAVD`xL zEN8CYA$y55oImin{G+%C9S3(#&|p#9+d?o&DCl6%8XhlENp5tP#=mnwtDEN$f9_QU7Eesp3nk0Rskk@CW}DssXkE_o7ekV4rOPxwNCL2CBMjQHl&LnwA@vMAJ@0et zBtFibi@(mIu*wkA?DMQ3!m^!^=9RGe{d4Q9r71#ms>_h@Hgh()y&+Vn!8^&4O60l3 zhQ-z1zIa>%amaf{>ZZV#EU6n860j>}Y!qb+ShZL8A1D-TQ-KCyRv$80pR&B zlg*dar6!-9ByTVRZN1J?<{EHIs!Rnuy5JtJN^CtXU06G52r#V!GeKd^9@0KgP8N{l zwtvH%*&2@Y$L{34WYa>NE&u7ZpsL;UqdgwaS~dET_{RXXG7l90g`1d-;x4&D;T( zB`QZpV6bM`G_b?17trkku|w7urcgTjL6)8z)Gn@<{XYU=)_yb`g)$J#k;#n2`|Tm7&oRjHP%A;m4yYGw+}iKq4!*B`_h7a`3y$`9;R*D}ww7lW0B zBQ3WOQA8#d*=kScFb*|Gp%v>K$1XDTZexw%;M^RMn}B^u?Em5=3FpG}zKS&73C$Pf zJoL5#ksG4G!J-tu!_@L~ag|l}tVQT)MvqGG`C##~7>S->t>_31jBAxS3J{XjqaDeK z{x|Fa2R9P9d;26L&DC!1|LXQFN^g3CRtG zRtdApsQzu}!DP8H0UpcmuFOaOr}KQFa8MddFJVW}TnJAI>w~F2@?4UW=tW1Y>%od2 zT13%#Q92nuDaI){(df3HCo1^f1cy7RILdG#N4*=-`9+bN{=db4ETrJI!_>FFFt`Mt z*6u8Un751?8GSxAR2(vWm?UCnHS~_oT-hqY6;Oi-d?%JbBua^`um)oK1BEWrk{{+d ziajyeGY7THUhwSkadVytNC#Wk!Ab64rSi$F?JfjrzW1^P@Ce~ zG-cQ|CS{@~Yz82IdPP8HXn@$6rx0Pcr`h0^x7yLpaXCkdK3SbfBUfAJ^b{Hsqc>7~ zZPvN?7FJUx=5h7g&qC#g%2(`?OqB@I;F_L_6pkG=Okd3%c+K+oM7M+z==eXkzG908kE2nv9$~;lyZ-aKvLf>-|JB109(Lqt`|1e&ej6euUIcYj{m9x^9?

    ;9*cVw`%CYHqeQRFn>0E94QE3%@dC6pq&r}i~O9w6B-y+M4*0oD}UF6Y&O>*GH zp9Ze00k40cY3CS3$P{bGXML#f<5Mv|>OPl7W&?=5-w`$4Ns}yUHjO9UT2`UHONIiH z@8S6PzGqmEDO+zhqvKS>f1OrLKIrzRGy2%`$>@Df47@T}t)rW9dsfEhdXCZL2j|35 z(%1Aqf#Y6;K@}Dyd~08qkw{9}B)a1mA#0p|m2zA9VRECAt~Cz;9@?#=pwE``O;O3r zu{(DmJnwLb?t10DbpAC#oJ@;C9Os4|3rSpkvUvY}w>2JeYyo{~Bj#9WRu)5<-C;q? zxg3fK+!EG0^YE&nXRn?o(JwX(=x=FbdEBERnzq}a_412_2!5{E943{d-=ba@TGWcP z`)ALsLFk~dVwhNP6AJM8aBhMbZHD!E0b!qJR<_=#XxV)B&9y&esAz3FGKRwWr+SkD z>W#as*G<7t3v5X3XAe<3Bj;Gy^n(g~5f}>d?fxi}JFl%TmoEnEmq7>fqHnUMXx^~N zojs1atpU)lfQ@^G!+d6HLF+NH?2pTka{^3;K__GRFG4JR0xiqf@My%JqJv7zM;=8Z zSgOYfQ$z5UAvVdhT3}&ZKNjJg0*Y}~8(5>;++_*8o!T(B`c7=*Dh40aKPf#q_^`xa z9Hmi6)Hpgsgt;JgEr~IVdsg%vmr4QLw3!=*aKOe(XZ76zYOCUXjm9M1_`}*NCybJ1 z>^xbQ%d_ri-C4C0y#5fH$cfzkgg;{G=a1T*DjXT>C!ylj+?i-L2VoFCbDras7;~&g zZyoh}@N_@=N!@Kv$kKeXm7D^F9*>d4-1f1N$|dV$%0tY z19h0Vh)}43k)pxey{SuiqS6y$c^FVNPL4VPFk9D8lz;{mKYlUmPofJmsuh{)TQH{| zfpfijxZ`p=D4e{CTg#(fy~6=b%%>FR6k{;BKZuq$J&9APT_Wa>MC&;%l?(PEoA*D) zbB%$27HQcl31qBJ;9AF!M4DB2RILJWZMKyMKdB%oYx-u@yFXSnaIa%ya&UxMmcZP6 z>+LkcaatQQ5JB~t0a+jZ^0#6*7l+%hsagniAp#&X%zRc}FgyIHTMOlUpm@uv_3tx* z>(k2ZmFDR45my{q5f=JcFr(;o8k;Y0XmK{khDKca&d80Gz2521Y>|S*mxUCV0V)&& zmOt|Bf9|i{i9Tjo;kFB!tp7gZUkdgAgYIPW*EQjk|GNes7YoqP8;zsm{3#avhxlFJ z1A*p0ga1L!{tbit|9`drtJ4m4PjOgu-A=Rqj3@E0`SQOkakdzr1ar0ut&+GuAl!dc zJhXxl22TNTG8&t}#Q!v`zw{@qVdUQ^=ff;j=qdiW9RGEZf~|nX(?Rvo?O#UymqWG) zz&QWY`(I|{ufzY$+CRL@A9nSh)$$)3`-g7=_U8Xs$^R8AX+4<8l9&P1sX(&pbXYwz z49KdH7|L4nQfzL45+mfTGz~NWq3aVkz0k?3DAx|Ymj%p7*Lz_1Gv{@ z`l>dp%SN=M*W+2n*>4@kp=zLfB-(2r7&f*Q9pRjhaNf)s%}mgk)#H3jG7+fbc-^=H zb2xT^OuLXCj11;@c@V1F;Tr0g+<4cHt1539C9(Gv99Sf zrPiY))&Kxb&I{IDp|zU{+Lzd4Zvc+rSyI|^J5`!~8kc_$NQK{I1z$cFOd;uAw*v)7 zwJV>Io+CEJtzqjWZA{^a8-SX-1oB?YH-{HI0D#U=IjGW|+wjKod`$0dekRHam3swL zukKo%-B7wZ$`W9cK2a2;IuA_J8S&FKoYZpx%`n>tf4rN(`Kah~)r2F!fU=daIAmN_ z<*PwYdh0^Q#DVIM#N&L%K>93s<{Br~_4N+xeRAR(_{}-T5rL=umPbnuM9vQ~tdAe; zeWLk3tSIX8Q2%ZQyPDXs*hvt3VVOd-*@s&joQ1%BAI=~yid++8Z)?kd?5}}$v zeO;Q!4btbULZo~dxb^}FkQ zHHzS=55ODrUbAwgY;EwjVdg0lodasOz?5%_T_z~i8_D1DaqdY1FW#kKhGdG^U-HBDK zD0=&;FTT#1J=LBLClooi+${|-H5@#HRvOc6eBkk?=Q#q9n0MIhAHy;5623p{vEi}M zW#}gXpr5bro5txps0K)Hq}?J~{FvU7?urmSjm85?@$|NjEKR)H%^fbk&eFLSXDCq4 zxfOj-D*;-CT%GeJL56HW_;Wc3En6kZW!buF8H2PaLPPjs7#~9qg*;4b97A=wuBa2u z(BvV`9My>hm({|%e(-;V6TZpvE6e+<(KBpAy8V=r41F{NID|K-jvM0DAWVR*937rD z$Ej|uK$xg}E^!EZ`|eFb_4WG7N(nfu{Uc}zF5|g2O|!scX-w?#cBbW&t;a&wZJbxB zM-V9a0u*w|Z+${6fkL=7iXH&&CYEQU7!XAhfB+;xa3T~EV->npY5g7@vXv}>c4r>g z#1K!2$UtSkf>${ph}bLXLy@1F8NL&zjRD{)^3^pBV0b$|7L_E_*0j<662xhz^zBg% z-&6krK;!|kxTg>#u)~uLEcBG68NUU9Y_t7JhZ7^L0iz zSd!99JhBGZeM2?w?9Zh>9KllLXL(fx=%Md`imeY>!b;lS4;OQTy}J&%Jcr(bCy8zC z%J1*hnB>1?*t$)mxV=G{(-64SM-v_n_(+3bkq4a;ihIr#KUc)mm9^!%{h0>962n! z&z<5Sy1xZ*>GcRc_&%&BpfE<`sEO`{B%%q6F5rV6d%W)@@$&LhL{z|>Iwa)7KvCAS zV4xw5)BzBItLm*NrHQ}(5U0B8PW6isM1>3r>I10zgE(e#@Kle`xA-vx#Unyl;!Pc^ z@-DDC-3$K)GpF8L0IZaVUfpn-Py5g`nTDeSxCJ94Y+8~BeQY0@V9?u2L7<$W#O&P_ zY4x+ro1NtYyjWb>y084pI)JWK8VSR5hol`7+N-@zqNBtkU67GB@8MoS z_U1II5Ug9dZ9X4MuAQLKgOWED4(eTGg&KC%aVPga zP)}O&&YupQWglMU7oJiLyhMgopzw(oz(umWfb54VKhl~mY*kCXYaDvFSW!7v>kX(4 zmhC!FSY*N035F)eR^~%7j>*`yurd8aU*|m7QKpc~1~mY61fKO(Ok$&dgjkZzEP^zt zMX8N*fmBPQAEYtbgvCxc23j>eO!jrI5c|k1if6MN{}M%#BkfUQ(}9V8U(sp-WUEo; zdS`qN4IzY@5FRUy5U#oxgvWJ%Q;gmdbDLlOdMN|TRC_S$}Dx@ z;8QuL_c+DDv$yza6Un6W@lB11o=Mq;BgP0d_P2D64cs$K8~mcva{{P)jlVNgUj$5C zJ&f@D+}g%XMt)dv6g2lWG%m|`=@35klptgUd%^qTj)5X`Uc%WMD&SfAUSdTxr*(eYC@s-j zy7u^ZlQWE92-uvN?^!nS!%mRUJ*hwmvZ8bu_tMmGDb#qINSq(cP2Z@?Z}$7Mx zF&^aao@yS2=q(3(Nv_65jtD=w ziu=}fte3sHep{e)yF#>Rp|W1jaR7tpX*z85G3&yzf7P~Lp^6;ui_`T4*VLqBX>WGD z^6uCL(=(LndMKX#Fa_s9K@hW(Br_$8totZUDKcShot&CkAPbS?@Ixx$*jguWzT7*V zsddt@H#LKWPgL^WMjLn88gVd;gmdFDag%Q}$z?)A;=0GRXaBGYjnxiP@bVbEjbQO> zCwLk_&hTwKDi%N>D<|E%LDX@zZz05M%D@xp!;wfhZqQ^F?qs)`K+>&!qb*E-2u86> zS|hy&G(>+nsyz_Sb123Ub*t$i&6T(cl!|cPueQUUT?F-hc~n{QVBEC#r3`cn#GAJ8 zu^F~?4BPUk(}-n0i=t&`dXU8+D|{jaQB zKDZm(M=MViVIhpb4#%CcDmW^aAC+XIC~%NYEyujMzg&^<+5IuMRvL$EYV?OyG6ohe z3Q{-C3 zW08i1EGo#0w_TqsCaE4R)*UD&1FM;il&ZZ7fX`>p{5w7QP1Q|sGmWOHLa|-L4CiH` zsgnasu6y@PU}}$DmK>XsWXqhwza|0aH-V+MbHwP+SVMldt7uJp{wUH6VpZUuGtQv> zxvg?b-e?Zj7qJH51R4?|Wc(+!fT12ls;NsnBjytiq%EC9>%;c124UM9t?aro3dp4$Y{Q2uNE7l<5 zitHqYM}%zckNx1fo1XZynBfFi+&8Vtlpcq#f`KH510pI_4H2_$rqrjcyh9oOKDS=;x*ySzsz~QWa_Z-;?c6{ zQCsAXfA2&&c6!(iH#Ap-jFxLZ&I8fj?^nDR{wfO@y-4dARxp$xiW}e16>rw#;LN8+ zuaAM8S1o8z5{1_g&hY1xa58WoL$T)mRz!d3N8sgiqD*GM5Z;`t%uQ`_59QI$Thz=b z^ewfYV))C^EpS_B&e86XgE&@3x8EN{(=?;N96`faZZR1jNY2?`xL>|YBKjf%OG6jz6mCzvlaT+6lQ#SmrnEGzpj@YcPwj;UlHrhD1Vl+r@$4u__Z z2S?R-WF8uGNRW7wUOw5+{2CJ!OvcZ|@3FZPi-A5x2TZZImMwB8)bw;EVzwOF)CN(; z;Cl-RF8meawMZpFFz;FdX$zC=bGkf`Vv%U_Sdj_aN_8Qwlrv+ywDK-!Gvn05dJ|D@ zDNO6lG}0Hv0r6wVf-nyXLcRh|KB)HsQWiQ|L{qh5MkGj_#JmVJLBD5ml8T4rgmkop z_9>rx_>g%tWt!jHqc*2oIV9d%oq~$|M?E~}dPB5Ob&4&4O+kv(W+WH*>67aUU2i|9 zz=G8}x{S5LR4`A-c+jkef!-1P`sl)`kaJ`5=@kkQda@jXP<;R?{MRlkEPAzV3wWg` zkeuQcGkEA;W>hP%@ZvnzUKlD<3;SU%#@|?YG=7DNgWW~X5`FPBmCMtZfaiB0?pqXV zs1QOn@24PYm%%zi#}_ARn%&PE!;+hM;&r!dw_`=L=V|eEF+Y9*?q)fxo`-$#b;3sV zpIL3&$Ng=_`hA=O;X16zrFz_8|T|Z`4)Bg95crKsqHCR{{_`-QGlg_ z`Zs#$LLtKlU98Vujg+u(WEn64%b}PN{U4t2Lh8@fC{KuLuyY(L+;>%|#J+)GeKKqE z3EZ8J6JJ?P{C4m*@*rh6r4*j=wD)_%2Wi6u6Y0EBEvgEq`o*P&d!D>adsO+y61s-NV2xIm>a z_#$3M@P5WUt8<5`-#NII@9c6%eIeenqboR*U#5aBsqxEdxw?RSB9_rE)UE`k_Npbk z!Xsar5u|KQvhe;}S)F4(8UBAg8rV_Y50RGqMi+tifC$P+9sb&d5LXMm7(!VijcRe) z*?qVVrS?+`aFD*{jfrc2n9zL1iAVbJp_?U_lO~jH{NriEcnOwxs~_64n-f-~rX-LY z&F_f&X=(vDUP$f0?7v)3Rd;!sMfVqA*@ZMf?_<;3ieix|5U%6?$-Wv6$AIZ^r{n`L zF$T9kH6>V5^jx(GJ00t(_tq&9k295O4;9dJqTGdKr1i5>s>{eiMjlex@}*NSM^gLv zg~_~XGom@I4YKRp`DxxZp@q7~q07F{g-FvX_dz7YvzBKAM&poM>n5y9(}}wrq0Ll0hQcpm8|8M#8vMj&q)#M=8oN5oRvVCUA#fnO0 zW1kw&p+@}`GHvLPFp9fMv1m%_aXDhd(8xdTThT}+Dguk&qeaWs|xV&@TiZ)3H*gy^HYI| z2=siujP=8hYJS9ezQoRy&b2#lNsj;1*#zKM<&nn8z}yidn%ug8eV|#PsMbP*fk1#r zFC)yZB&hI8w|~mLZZDl#|C5BFW&b(E1GD-Vy0hGWh6T*xU^{dL5)^Y;MOTfLft!n6 zZ!Y{Tbt_w!1?{+{eKp2I{S`N{)yOG=fWqM0BilN5a?(kG@`ULACQn_}M6JDPdiIQ? z;T77HH$CU^78|+i!{zXBx^Xfzan9B3-Ud8Eh;GuN6;?#jhSriLcacbbDWA@G@Br;VF_%)?^fq| z(I_GUQjJW>swj37Mt5dUXwFK6I3927wr6nKB5;IZSe}# z-rS%2tbE(x5eF3{Cn+UpkWO>w0EDZ~lUJTNc@%N&fX(pevfP3bXlSYcX|nQHDU3TAs)XEu|eVbZK=JdUftgwimE0X>6B=DFm9tx`J(u1dcxpm zDo^h85vje_eU*}a{|5^))Pi_>%-`!RSPRY`~4lJw?6LhLkU$S+@C6~iELdx1lrYvyJ6`xno|MDCFZWqD^h z&ai~v89J1+Jt{gI5ojp0dEt4?#qcWQj{T}u#Ecy>+wFac2wKT+=_gIUAHhC!B!=Uw z+(z)jsdKhiNTW$k(8ej*-k(YIK~BRDmB-N>J67*KP?FW+L8D?q*iR#GRKd<^^ze(x z{EQ5RRm`i)WOrWt(;y>U=~~z(mvwAKm*12=Wo@gf!jMf^vaA9Lrkgh!F$h3-FU{#4 znPkb%@h>Pl^@fHN6VR9rku5)E#TD|waXJnmw|(qwv^B?K{FUnXpUdIV&V5U_Jz-hi z>ml}tX}^s(P>&5yKh=VbxyBwMR6h34Hn(z4es=Ca%FFu$4vHk3>7ZtoUwXm@QU2x~JRHED`CzKqml|g{v=`?=U zhtEgkMpq5WOIiM3n-4fz8Vo5eT`)gXpdB}Z_KkNy`q3Hyp*kHqY$l=ZyK&yVHV_;3 zZWLpKUH(DHog&s^Ue3SzyH64_jY(x;@|FMi@VOk!AI^ZZJ6Ks7&o9l^*wVajvr54B#BYCo^OWf6C)w>rrO`jU&}k`-d)? z^s*H4=(r+7i^Ncp#bHYdFW!>_-G3`_=&=81Au6|&#z5DE5`9_?PY6Q?x(I^=JN_w~ znH+)ba@$boHfLG1QJQ&UGMGuljH*=HCN;PVeGyKtWnQvz{}kuk*P-wuo=fy;)vlL4 zrh`SEmi&t_>prbMYSbY^t~z=nt|8?o{s=>p0YZ-_*QO}SkuHn-G;(`zb*eUF+eJG? zqwOgSkIa+D?rGhG(ckioJCXzK#fm?_eZh=i91@c_VncB==%8pqXa2@A8QpqavJ1>% zO5j@pT6H{tALA%ReVyn{3o?{?>O0Gg<39D|CK>sGOQ?*CK#JhM5juQGw>8ul2cm>oU21^W?KpPYVZ+8zhcmIgI>tggjfi8CtDuCg;4nyk#qF=g+W(ixvh ziYIidY)qw*ls1qxZ7YT{XjKT|z@7f04HM1@3GU?gk@(fQB5dM-abVzj;QFiLu{|6u8~n5NpkiGPQ4~Mp&I)rrhBLb@}Rnr zo(5g*Yn8dIdsm)puclBQ+JoAEE z(9d!imgCFe<^COi?`rAr$@=nFpG>$1+ZmMg6`|fR3g1Gr8e6)@D>2c*Na(ABDrHzku&yS2e9YeUNUU4#+V2o0^jBg<`H7A(ViWOtf-5+(?Q2?|r4B&1LnhOCATCvwPR5b;)cbHD8bMX=~4 z)gGfNdAO*qCr-Gk!fnKHkE+ubsklA_ON$Lh=#Cn#G6yut6Fo+hB@k#)KU}_|J;C$h zX6{h#NOE2Zeqg?W14BLFs76c4HFMn)L2_?@`2UOzf#(;I((c(31i8_vIgOk!vD5nZ zP-sf9F2}e{<%9>Cv!Z~xI6=}oj0R^lv^1(wiF76!e20h zy)=SS{M7=XCn*GD%heWr-&(7Ss(>>vEC0!btR{W+f*T%*ila55 zk!9yEW9q`q$(F#_ZjFVH8rz1N>MiyWYCHV7oNT9Nt~zClqQVXY?Wskr9pKBtCbZ>Aa~pcyA> zMmxN!`wSgghkaB<{+%5ywb^U%l|_sd*l zmgmB9a$zMVppR{GZD8V>i_+XI*~tBF*+L3@kIWZnx9pzs_Jy9V=;9JJ-k1tbBAb0o zj(LfP|!2gW^&^)c7^Ha zBe+ds9O{~CLK*st-@vQs+wGXc9RP9!ToR#+0Hk>rc1hz*=TC_QCE8u*=_~4W3~*{q z4)oQCo0E~i9l=I>O$#&ol|`Yl-8T=b!Gf@uG&?D}H;g7c9gQpbr}rZ{*ssUbKu31{ zVh%djx#df!w)kR4GuIqyElNJE+$k>&o(}Mo?C0A^DI7y=1DGg~HRW%UG=)Jg%%^XD=nlPXPJn-?jgQ3YWL$=738-JZ78qJHZt7zjQL03VavWvb`Y3d&%-fP^4*xy+h9F>U z;^I3Dj_u44Js<8*SJ50__uzpj$aE00vM1|CiVF8r!#0Erl&PdF-X78L)VSuh;%+rc zbDKj!`eE&ZuYgtOk`Ut>QxF}a)?GMCtx4M!fGZ%>Ui3KulI{qQw8QJ)a`WugJq7V= zJlBC(la4OHO=t2K)jo0vECK(~n~D#A*(oDXFF4ANM_3+N1&L(Y}g(|jT_S7JgTA04>av} zWNU|x;jn8;^cl&pN0zzdB}nLpocW-<-a_jr#PXeUS3$Yr0~kvt0f_k}_>X>@g`0da zHrhLnhV4w+6*JjNhAaPGk{V#l;Z;}h#O+|83_9_sLwYeuMUchM&ZaimnvFS&`i-7HE)9Pf+ReY?;k!{h@n@&U&JGftd;1=0g`~tXBJ?$y)L|$UTzdrE6#c?T z&h>(Zh6Bj3DBc1`!0~D#j`yEV2oRpL@S-tHRPZiP)DJEQo-GpIOm|Itk!! zsmK60O=ir&N8=V9-eMu7X?jl+v(9HUzrEj3T;-n5xw0Ux=SgtPm`xCyMj0K!NhwW* zFS_nqA=(;_Yf$z@EN`RYKfs;{EE2DGgQxpYLy}QxYLuCRLfUqe9Cr$9>CN8YB3BW9@=ny8D|27JOANARnIlmqK{96_Evxlx(i;iz+q5g_zU@=l6 z6sFw|cO%lLe&VRG1j$YQ{9wISD!vJ*U>-wd?}LVhQ|U^QBoe`2Seh z$h9d~>!&nP4_*s3Yofe{iJ7@(Z1dZY7sd<3crcyZRItX38N~t-PJ4@W%%)7 zZfKj;2gGhEW_{5T*l+y50d}Mk|7AZn3Ypl|KIWW{I*&IuM--&6E@{K~_Xg$AYVJ?5 zE#hXGP^)usBi#C_-H*bdDMOw)(csAd_~)tQJDaXON7S@0c9hsKzVoHb$y z7%z+KucCPc;gNB{`bgI(R`Gie=P}M=2lssVLZ;ezd8s*_AZK-w$orVRmpX$hm7g{( zE$>;ij!J%g3Ji}(ZV6{zvQ*v&^kQW0+ljx+#-%@r0h%Yj;$S0>8ReoFJxAJQ4Ohuj ztzLux2j_BbO+Li|gzRW)Km|2DLY13kZDQKf<*Y~<$t@b6i*QH^3yUj&mR*jn+7hgX zF%geOEQlb`o`cet`xdIFWa$yF`68E|Uc$O}m?iKP7-b(xs+N5kl}2LOy8nH^*5d#Y zjjGXD!!o*rMfA-BGv@+g=S}NQ$NdAj-S>$%LBeYn@@rAW~NbEK00G3qH2g-}Cn>E7s9MeNY0-u*kpZK;lY%U&_%>N-yC zs7k&j+@^iEP-qcNJ~uRfh1r_-4_2C7dLoNA*@-+6^xUWHpP3y9wUk82WRHMbQ4$#U5(Q5|dXt6OQc9Ft*8Cun!9*EQt?tBGAHP?~&}hL@8!q zjm=@^zBUYjpDMOBf@S66pD-tYO>pyPl^N<4mO$j-i?=_Pmko{v|Y{R=MaG>Xsx$-;gr>2VU;gB8T$$(jhCdE;Ru zHrlQ()`?{I%S4iaNY4{-H6~(5W@s}6fr%--S=kClFgb4c@MY$8MJY5H{e|W~>UQCf z?s4=P+TLZ!Z#e`)sHtp(q?(p)U5OJJly;XcI>M<0~`g51`C^!7+HGl7ZC5uVY|D zXGhH2k}sf=8K^AzH-kn!Oa)oc@$Sjfp+Ei3lax}PCd8GN@A6%c-fw(uiJG9ykuVT; zrKUS0=Koxgm)?Ckk=nrv{;8%i!i4X~CxiNJY#O3^bK%S{kpJ#-$_S8I?1P(Y$lpN6 z!!7_4bF+=YD0@_2v2#8G=Zm*>1lp_Txdx#pOl`uBG&iCW_fb(|0X9AfuE7I=r#>b1 zzvapHC;gH=B7eQ*K;%ks@zMk+mF~Ta=jBa|{>O*wOwvuF;Rt!M&M0yN)B!o@5bo>4 zL1?774SRjKmv#t~1Ut`N+J2q9zhCla;dykSb-0(sGOVs3@dRnl=Jdd3NdC`1O8cNMS>ci3(-kn+b-=FLMzPkH{WOI?HR7po$_20_> zI}!fRp9P?xD2oGCc>TY2{{PEkf|@1>fj(36zgPdKdGv2_{&&^>KMV4ohva|nmjB3= z|Nni)(#}3q#^H6GI>6r24Y(NH0Cpab$Z>l;CG-x2Z3t$F^2eV5l1;a_#{(c9%(Mj8 zie({SFfau0{U==K4`D>PEZis>iCn%^s4M&6T^Q$CDe8tW3b_Hzs=-5 zsCF>@WU-6DiU8}-cZNiG^<602uW!BS&vWd6KJy}Z@=_&i1FcYaCSEX{6iCf zT($u?8yo=*<~;@r*qnp2`qOVf)yfi&$Sk}dPzcWtDh0QF392nUs%U2FQ|N#}-8at~-=Y{Fg2$ZtR7qaSSonayc2B!V-1(R09G zgihfBI4<~ayv&Lh=C%(W*eB99Gcr(ED3k59qr!-MUPg7!-+#NfWxKuVas6SL%h}Zt zO`A8Q*vfq4bPfLNaTt%r^mZcC)p7QW^?F;|g9VxxS@U^2>9uI%kF11Z>+ZtpUoYOX&$?*MWYw$&=xA z9k8-foU685ePr{C0Ac5&3}4WGFMIl2WnPgI1H=W~1Mx}UyR|?R`lU;O+{PLrAnxV| zUb}!kKr#j3lkXKKIOf0X300K@A5BLut^qOje=IXnIyw0VIh+OznS_~ng|UK9H*-o% za#zQiT~7cbcoSfICg*@Vc#W#%pw1isc|7tK)QC^N=W_1Y)zd0Y4M%46RHm^VKSYy7 z{KgKCgi3^a5Ne2f)ChI29ShbC;O=visq)0@wf+K=9HkVE3T|4Si;7GaF;! zURw)G{^Iizh!UMcB8CY(YQ)jpx8O!~Ugk=kWK6;U?}x7YM+P4sMxysv>qU6Ohi-`p z`~^r7nYjj7;-2DvXn_O;&vvFBs1!}h4=dM4LJ;z)4&br@A`qT|44gJXGiz_^C6X|F zQT_IzRsgi*;hK@*J;a%MX_dhu!rmQ@otU5`$->;Tbbo`#^g7pJwyl(FvT$F;|K3`i zQ++cJeEpNJUJliB_RYsB&tr#9@e#$g7i8*eXn~+ zKYOS5vv0d6!g|}vU4V~!8Q^g1bltK*psT(+%JM#{OnXLoE5Q5PvegJ(N;qbU1#))P zcCc}k+V=h^oauMX?{hby;eEN9`ql))zo5^xaq9*)O;8BM`=7>JlGl%Vp1hZ;}R< zBFETb8g7;uSOjEe`QCj?m;t7%oui$aybeu5DbwJocDT2>_7lJmg$~8Ts0Q%#?RtvaYpx>&Gb0v5IvC!g>=IkNa8WmFtVNPG%KTQvqVA&}#c$x)kILu2Cq zw)#Py1IMpyHwgriFc?6a#s3zZOmZxCxe60wHff&lmhg)xktcXhskfjhFz?Aa?{|E- z!rgfy+H z{3<1*azQOJhu~5MptHAkUEB!-^x6AbrMjMYpwhXWPNQb;&ap2@5zM*O`)M8J);yQr zSRMYf{*^#}+r9j}XH-@CHiiiE**S+t$}o}L1JW?X5cly|>1&0Xx$Q)!?_e|$-`#PR z%)aMn7kp0M>zc*OD(UXD(;Gw+*QrZSv>U&cRk&0RHrUOd6Z^Av5_&LXI;XNCW=bKc z>Em_loazKp5ITs3Z;##RoR;g`jrU3;WCgp#wz<9HqIEsA`ezBB=!jecYxImsVH73T zfP}73c89=Z}viiuiepVZ#qT_qk?b%e0o7u*9N0_rRN_h=RQV0LNqc-L*^y zPI)c}Z3H;)3}(L9$Qzll=5U;8{QS^?KkgqX`SFq(3c%+8K2+I(ci=|Yzxg$)RTXUY zz!UwX)UeC4TX`7|Tf(yutX@&0!I;gCA%dAdrMtX$UYzy)&>dz>#7Yyco!%w83Mv9Pbz z&SjkCPtW{)k&?*NsaDPnz6WR>dE!~x=zfm7-eKG&V(j(225@e9>O(>zj~~O^c#y2R zV)8r$SU!?|`;5$&VDMRBsDxAG?ac+)z|F~>or97N4tN&2P;IHdqIjAw;^*Zv@654J ze7>;G?k*BUCVVXyBDx#%%YOH-y2uF0ZMY(x^4%ng&GFqMAbEN@-+#7mdH#DX)K&>; z)A53K`8c-j7aO)YbL5Uj^Cq-Int0~7-}MKL%E&Y%SKpCu-wMJVxZ2KRsd!`kPKafx z%v5rHs`+YzZ|u$CIfxpaDeb`ES%o%W^}YQ%!0+5aJky4#xH@kB{Abt8>i+qu&D&k) zXDs2~W4ic!Xy3c6dcSi!Ccf)YzJ2dw+trG??&-NHh`;a8g-8NdN>24sHgwHM6`h-N z`)L>_y^Bn5YX_6JUoWY56dO$vVEyeIj+z)>PXyjsg$t>w@2(CUDwgz+_$ZA0OsnP!0fR zm(Ti%KGzy)E$M^{CC!0v*4F+k1BX1@s2uiMt(>vpK)$?n^ZC2?_E&#)Dwi2Y<3(z1}WLB^ahUQd`DLOWD&vxQ$uzzsA2Pa&JM54i*#_ zijY>H1Te4lDt&)T{CvK&=Har9m=beZV75LMGs)F)q%eUt00_s?+3=jclqG${>wWcF zU9HL3#U{`&Ydfujlf+Ce!bUm0poNp4%54tk?D$e&@g}|opYjodh$fS7w$}Y|3R~z? za-FI;(7MF&0HxhaZ_ia*SVODs1!DVpQ{>HIaw^<0k~p2?S?gwKO0xp-{6x1mCppR@ zKO1m}rtei(Q-ed8%YWV<1VzQsNDA$Z`aB0;-l>$}O!+q;j^hmF;7#am5`40%;AsaY zI4%cSRoW7UAr6@r8&o1bFAtqYwfHBygbIo{DCibaBtp?ARdHTeS*A#^NYYuDIALl~ zQe@0uA?q5^OAHCyam6J`cD3mud(KE zD6WogKHE1$23$B#JAKB})Enn;Tzfv^W4MJyb6@=?QIYCFdc~eO)C_HnOvqN1zWPGZ z+Dv-E#dO`3<(?(@hI%^=(vJ>bBc9x*4jHUFtvTG6O&M`PIon{D515Zw?%b{DI8iBi zxi#eTpv6AT8n{t6IyCk%PDT#sB$M~%iI{x$SSI{~Alp5{C2$76!idL+#v^#)A-!=*Qg%|1rO$5@}qh*ce_>*YTu=;*AA8vW9zYj~#mZP=(3^*~&>D`vpWFW z(ScBboI8zAF`GA8tdq1Z&E0_>*NdMe7l+@yrmMFCy!Sg(Zk&CE>c_;UbKCsDVM^d0 z|B_VLxpTccnH*8$ClCb4k%JwDOi&6|?*(Q9hL|Nwo+xFzP=jD(zu4vHXWojR7%ajq zw-?R1LOmIzO>QD2s?U6DU{#z9h_si*V+8_{sEx=2p-exvKU8x`RZK`@e7Py|RU$p4 zH`gsPk?xeTyIDD|`pI@tnC5imRi1RPgfD_-&kNvw5@5(R5PAI?K`fZYP5#uo@aS*G z34KSlf;|+Btj_>QQA<|qVyMpbGxzY{U>LNeN=fIe;y@R@gdFNqd(>`3ZZCOk_G@t@ zIh0f`sX#o)Ff&Xd!ZU`JZUjngLj`|YS=Ht5VeqAuW+!-Hrdha|?2*O|OXzXT)`Gw| zE~FDk;^0n@!F)mK2h62{ghR1JxeeOgxfLxA98wjn!-ka1`%KuHv&ugE&ug&Pi}6d z^H#3~gN!t#nFi%2n$gjX!~qA|=)%{cN^794~_u z6=hWeCc)MLEfW}AOvK2x^jQw%%`8Jwjg`(X5-;!jfH4F1b6mBv@RXojh*5iu3ON4Z zX!|j#8pEX_p%+rDKvVO?oHapoj5MeR5G!Zged}NQo*!ryCYow1>*7?Wl5j??Th|?c zgO$z0IX{mtsT4j*Jq}6P9gc)qAt-L%b4i@HYa-kDT<4lfa3oJ6n;_WFJoV(|tbv9K z3irFmxSYw-z00Himqo*+afbA{Eu-lY~eHDED$t|^d zU_ASG$&>DGOrZNyLv@D$R-@VRN&S917tsWEk+_UEbGX;-g!yX9;zqihuDEsWkh&wj zpci50a7on|(rN7@E_mwk=g~pv}98eiS#DJv%M!@*NLn|qFOASX|o>L zAg`V%L&MuCDvNfW6M=-L5n4GTWi+(}m-ovqCKR|gWDSe+N5LTT1o5z$g|FxCIZ_qh zx;g9M-QQj#j?j@W30nsuE#B;4Ry>VWPtVuX~;$(v;I~h^fIPUJni2oe}!sWE{ z;E%i8WV@i8>+=IG_#ph>MCvIY2w`DYiioJs(h!Hup*K3HI<#qf;w9$U`NE}n`83$g zA`B`z#!=WhMnBD46qC@7iIg;|B#T88s-rcIyB5Crpy3cI1Ys=SG#z|XUHZjkky!IP z?Dmg&Hi^vo4@`a;VH;=F`}4FVZ-4pTJnhrWXx!m0atfK^VlYGhyZws&L`nTL7Cgp; z){G)H71ir_)Y1g6=jf~2Ckel`K_(|va)SArCOQV2v%P0K)$&>@*`ETgmZ;G)8Dpi^ zzHlKFTbweAJ+bNi!{4RG8JTZc{Tes3zm3wUgyv^ga_xhgY?I?!fD^bb8L6Oh=@fAL zm;>PF`xZ!uEQ8Q);xHd6Q9E*6Zzd{A{>CK}c?p=ISIUIT_&X$^3uV`2qym=N$H;&= zP6-tMSWCufM$h47G5%NILAQvMc#n#P>+)f>6oI)bHRig5yr!NDMj!u)opG&{L3{1u z&WXXhXVTCFV?6*}NTNZ3A!fS6H1x@&rDO)+9N~{_LI6!*;rh$tWS0_?4XsO1G!y; zEWb}OI zoAK6&_@6O;vx=AbZ+?J3TW(ffa|DAzQU`>f5UJS2Ih3vx(ZK+;oW}dm;?SkzK9k## zbUa+>#TCIF4v5H;p`J9vBl(C2?!5*s8UEg1A}0dIBm0<59;!yn7W+@c zgbb<|yTJ-;W}%{R2@0In^}E$DSntJFVsXnN5Z<7&((FQYiG65x(_45L#g1`G|5yM` z@p*GSj;{mjSS>qpBra(`d*=rh-yNub1a62R4Qu&uW=Bc=QvO1kQJ>sn1Lko*IaIDa z@+FeLkL5`Ki(6T`x^09qQ@NS5eMRR9)|b+d1vBXgpp)9|XpZojsG#3Kp?f+S!$v|e zMjhGM)`&}K&mlZfDS7LHFBdi4msJ!;$Dn(p5qs@2^-z23d(kJ6C14l4==kdFABBVNb2)r+PxS0nJ5ZUqX z#7b`mmnnmU(_xJ4r-a+Mfm8yX3uhyKp7-3#NiR2{+t!X61$`dTp6?iMod-g_#%=cr z-``CSR5sdg95;}-y@g}XG8GXl^q$t~a{Z+)9I{v^8yn{CvClBI+Kmejr@s0uaC)@t zPQ-S??zmpXl-IfsCYto_5O`>=J)^!~9CSYj`I!h)-MX(1dufmXVy3v)u-7^ z@@jRz-=tW)-Ois#x~74+8sU#PPyVqPv`f~CjAur@IT4V`^*XplQnY$IRziN^!d-qZ zBG4?C)TtRdn?mX|9&Ivkv)siIkYQHy^V~H1fjM0F{XEC>hLi4@Zq`+2jv+vqStkZ4 zhc!!jG3o|568OR$H*wvRDTnh8Vr1r&Ixns8pY2=e?`)C)-GpP$mQ6}s83aSNic$JO5God7(xP}jm{eMWPapOUZ79}7&akuTI~ zso;#BNxFT0(b|nu$qFGSuzoJ9^6CbRH)Zwn77sV`o%J+ByHPnE1i zi`BqVHuM@uglQTkDUV(%`z2fkl~Xyc_#}lHzwKJfyC}zQHL?~GFP5HlhRSVks!AgwUeES~d5e(DENBp1b)w|jJPcZBc%N1B zr2e@U((H}*Aa*+cV}m*>fEETF3*#{LE4)rsU?kjmJdfN-pU$1m~(2<4A zJ&oa0#9O(2C8{h3Ff}68;ndH&A_CCVqi5Jg6b71hu_p za?%(T?8D<4kX4FPYn!W&;|hci_%3K$@BnVET?GufT0pctwjVyuz~6<=4!J9v=6Y>e z5#Y7W48>4pt^&ekL^3nZMzW7Ovdhv_nNf);_nn;BrX^TJ3}ib(Z3I<@u%qgUE)##~ zs!r21F#|?Bv0~N3lp&RVUN4hJOMTNYAX}jl#xybBa&xAfQSQ?8Xj10^F88EK>D93{ zca9ZSOrII9$b*tmJ*Fftmt7((D-?B^u^x59=DJ{`8p zgBmKyNLw~>hE4KZOnGoyO8HtYRW(IpY&iZ*LN8}iH03%gaf;^ec!rO)v6mrmA*fIY zuTdx(r1~zG?AZ0|W%q=&rUYRXrN4PCrl+G&i2TNoLRv;7?HWV#8pmS;R-c^qc^vIQ zCS5%cJ%$vQ)jjwkH!psg-$N=dDU!eI?XWKA!=V_B1v= zQ0q*YZBB#d4wAfTx5!%@fEpc}QQJeLb3^-~QNr+(&64pPIMxr&NJoZhj1T9qYZU~M zgm}c((=Q6=rZ8I$&&e&h{D1<}t75av>#;Dr9uj}L=tHVb`NC|Wu}_u_S=(hwgi2c$ zaQ9Q*v*71piM*1)?L2Us5RV`VQt*i#K!YxX!327Jl_`(tsGZ0_zA!>>dM_yQ+P0Z6f*v%MjIX(Q-L)>umQHf!ausW?Eqr_$h~??%1#<~P!7zrT zW3WWAnD%t}s?T7&d7TVLWMoo!6wt!An=ph5HKFflwpG@|Z*$(Fu%NmhL9j zF+A;$@zT5U_gX|HToXUmOpvKlU%T}wwj(R;=#tyhohS-|ORwQd2BQ_aZpv)DC;pKe zRZP_TrLpH+0W2+NfEOp(@P0SeL2?rWXIH|uI{YbYkw3yJR&Jk{IDwux#S?vWG>8rY znU6PG`sues_6)uZ8?XcoS4hmD9Sdn&HGj_j-G=Q98Q@&)-f)T-&(D zqwDnp8{R1flmZ(hcmnU%yM0^^EHfYCSfc0k=KAVowGKCgv-kt zEru0ifvuatFht5#&P67V2eWv+aW8keaGhd2m39%#8CfINMVZ3E=Nv$$tsNOn! zBXbhRlytl`JIP@%Ck{lRZ9_wNv^4vI6s5d8abZE+4PbO!G4$~KIORu3Bn?UxG>mJY zduf^zKmZC)3`g#ZNd{*tY6Nd~E%A(}*&Am@34<^+Li7Ky_g2wyHBFkX#j=q!V)uD3>I5VC1$jknVCw=%wRFIH1%~)pZRCH`>b_t&ehyj?UfZfBO@zUWW@81 z2hidI0m=c&I#_6=luw2y{cF638GSnefxry-w%6-1+k=1()D?F?U%Agdg~9#&VqW!< zt=S+TS(4h>z^wbxWFO_t$awrK8NvwjX1#3_B#v!ot088|BqXbDU*~R?*STnt!g+#~ z8N#kXA5r;IBmP^&`e!@uR_KI46ux0G(FsW66lF^VHY*AycMh^VhZ@{!O)V79P`qI0 z^_q71?z$0%)a9(RIrj4I41k(ybl2I136o5(Q@#l^Ds~Jq8AH_R5c*uWSXHZq|9L@m z4h$U(1*>deCdQK89gSJgm#x3*MT>^#$N|s0h>SskZ_7nPs|C$hbavD@{F=J~0(Sm| zzcGl_d!Gz|M2@8jSPOS5MDq(@OV|=1unz22Yuw3U#_wY*)))vt30(p@eL<;tgat!= z@Q8lpJSN}tI*an8_n8B@?fwq&y4Z22~xV7u}@9c+r>LSk7ITEO3XJK3qn9iwE+PN3@z&7dOZyj1C#Kj&?(886auNT_PHAp zfhXFAHcgA6lKLZ5J1wG*na9v>PX*(vIRs|HZg586PIk8pMR@H`7QL| z+0~}YRA*0jRY!8GI{~=GQM`f3OjrgP?kv?hp_B66;~izkbhADx31{#sD{_=$DY05~ zIT`57aEKwOFEZUtK#NSQ*)2|TPheGHr0QizP~r8ip|2QCw@b8QAaeu21Dy0wQ~9X< z1=D&r?oRE$2mDi53dsDkOqi%7FA>;LBE+93_YaZsAQQ=$4E4uRhaFN_dMaKf22=pM za?OW1mua@WiX3yl1&pVbVSq3xyD^7S0Cc>ou$ zv#%)no$NvL4OQ#@flqY<1LK=rEYtae+pyhnx!?B*7#1_o*r0}Dr#M)+KQT?+uOs=7 zya}^*O`jnlzU*fB{)W_U%D(G|#Jdkoh+$f?Kdo7<=$&9&_}KjDqjbmdU3%1W+~Qj# zZWZzaIY8wX-&}b1VENh`FWhqHyx@8ja+<; z?E5vW64*WTt7xPUWIh+F;H_v`RkeKVzhsrgGB9}76twNH60UhK!5U~=z(X~eddl0r zjzQd5GaD>Zg$gdJWE&iZ*jIimUf6~06L>xvSv`oba9dwnzXx`c?1udK0NpXK*`IE8 zg6j0R1PF-Hs6c0l3X|s%CgsW4EZGX0#1<+_nLS*c4@v8M+ve zh%kkp53x5m_+@YY80fsE*lMyC1!DA%ewN{lux+Cj7fW#d8ro4~e#)8#xpHRGcZ&TY zLhAYc_Q#M5!Q0NdRSauiqo^?^26}U@eu$kLJ`3yi>7`Ou)ZxBsQOdn=E#r$nXs%*& zV=GO3;ZDI#OSE>jG0pep0fA^B`t3&5H*3-D1S!{BcCcx%N(QH7Bt(9MkKL{iLilCo zufhAH!z`*Gh|ZmCd=nCpx)J&P-2jvw%@g^tQ&lMmNsCn%1`ScZXFL!V9;zdm#TThk z@FdK2S7F5|49noqq*k2!ZNI#wjaSMlY56PTd4ii()crYO4eFAO2im7rQrktF{avF! z0S-kDRac}~6|)aa+Sz@jM6$i#Zc*W?#4qX>2SG5SS=#P{&vTw7DAIXxY$00Zp9R9r z9An#f00U#*b5!_awk|`EV}g#|3M{T$F68`2Lk6sKqB1?US9SZ+b7uCbGOYS+`L)VO zGx7=!?1d4HSC4Axui7G!^HH1II#lV-c$*Tv7^|2GlW$|5$7$A;+tyqsOhR$2>I1K! z$})4o5gO42P3S%5F(|^9)Mj>*?pYM)o}TZc4_9%pv@8OtBJAuAWvt%u*>T|o8D#xq zx*MqOqP4mHy$qnnUB z8^}~F+^KHCsKVkzMpcLM#326E(dO5g@gLya*aLN+FK&vyqyLIFg4~`b+Y1 zyn;pv)O6=3BeN0jq^K@E+fanPKqEHegkd~1CF&EKuMkWKxQ5{b5Pu`F z4Y2Iu2n8=I#(mDPFwhKftVdIES3Gk>$Rl3Y<`G2=RkUMj9zws`c2zX4Ak1dz*<#^f zN*rMzWO6(XTD2iWk)5gf3D_1uizR4?pTRhn2BGW1#|AS9XW4pIe&s7KM@;)%7#=__ z8ryP|7qKK{+4JYGx7d*F3+)dYhg2kfX-qbtN&&2QLywJj}y zsBignRy zSm-is&ljC8o4sI7OC&`gjI%*NZyv^?vM5hAjctzf_a7`>*rw3#eEG#xuM!gDECsw; z6iU^Kj7!St(K)r-0kG|VER+{sy5PVJ={cA&r3L)*Af^l^#uKx$#EM+Rp`-cx-2^{5 z!7{5uVYJ?xFOFdr4BurX;ZG1xC+_iNKdTu@aV2||j9f>ut2@mNi#VMkouQjfW>c>o zVd?vADIQ-(ET8q{@5=9zdkO%Y%1ms!H0Y~eZjaF`eA+jRb~>Cm3aicT9xE6!8Q~j+ zeyGehGnYx@w&yd1pcVKduVcfebXrf*EG7r5-8do;ny`c$P3bX!DaNBL4jXj*`^*BS z7V2(L#=JCz5RmRqH6Bv zF`gqNw{>u_>=ngIn6aAe4qC#;%TRSAf$@O~gpHBXg7&=(PO^>oQY4mO@WEgNhw@NO(Au?JUqlKl{-4oPp7LC=+qq~K3b}57p-+2W*{T9_a(*?ra z>wh7blEhzg&>ggr#MiiP5*EsA5_$VW9TK-Y1GH+LM8Dy1bD{n=DiCkDB;H5l!S%Kc zJL3whN))>egbbwLOJUR(Rrq2Fsl>frp923vfuoB?BoJ?!A0^YiA3fXYluCA6Cw^1R zA5(j?W$2)|>Qi4BYU9LPPR|Y3kMnwZe}W>)sLkX1qAqBw`S$SkCM#QF6@#Yrz_8XJ z&Bg0AffBQ7c1F(a?F?mAOQBjc;lMn^M}JGa4DgnY)Ds+WMIdXp+Ac&mb?0oX@6|cy zT_J!Bh7`B;{?eGO9Vm?fdxLlwCgA!wWT4kD86Sa3$9S~QeV{gGU*kv2*W%}_GrOPz zgpVCi5jJx)i~QVS`mwXxub^O}S;Z;!SHPPH{!=ElG}hqUm45^^k>~O5)n-6f_7<@Y zR^? zramX@Y#)I`WqbKvymjqYcZUtO0JDS9#IUOkYD|)#Ck`7dVX2=f=nL%czYC*nI}Hm1 zf?HnFT~RR=fZ~x32a|l153>oO#$UtJr>B+bjB^@XVYp!C2PIMMP@1t3jbp~YY2)lr zfM&P2Av`Vim638mgvBS=E2LiiSOy(EX(Kn5V?dj%8(OZq=a%=H1rr~w&% z{oklNYiDQUeMsT`lYIWV7$FR6DJqhLAF7gd0~U*Vz0WAEgzC~Ak#EFwzqDc?tWYPP zC%F0-Z;ub+)LpUS#{$*|zzFV9Ok|is`T3{>R}H<+V(RpEoTn+Yl08;{a381im;DpLe8*KX-_IFlp$XLd1l))&eHs&;lz?!9{B?O_*DbQM zH_Fp0MX8^fD-LqiSTW}Dm1$JU>JJ67iIebcf^OAmILDW0~9e{Ywp7|dr0 z#pPR9aqFsJw}4;$!d{f%J#C;pVAw7ljCrvAQhOEzvyDOKiOy%`_^=s=Q=Kvf<}X3Zl6h9&Ga8@#03i@gPf# z!R>48{!&aw{0^8DSu0HWcIw5`&b9NTK~ri0HO6!pR!wqWvyLY9roxhgwP z$x3}HnJJ(6$AQ%*3;aMqTGv!LS5raAs>>qs*C#{L7Y8NX9T`4dc%F31x~sJzHbh8& zF5YdE_Uxm0i*&Y*TJ_k?5~B`~%KOEFHF9(^;|wg>G`u45^M(dR6bGwqc>uTd3jOF{ zy`?=@wui)$d+4Wlq8>XUgi;<>MlfV6j|S0f_q2M=k)8{4$u<8#(6n=m0hWWi$YB@P zE{}s0XRr*#cF<^NjQ6v@P=vH9qwf^aMH7=>rlW)^+r3k#KwWR5 zsHCXOw!b!59v&_T@xVTHit&E9uwEWdtl{V90g+O;H1QxkB zZM=Q^&BpGB96syo%fsKsyCqQ-?0KjY8SfILwI(!!?T`&8RZg#lL$R?c^P&#j*gxQ6 z0sV(9dMQH{sWv7swNbDXbLHpmn>rdHgM3xfj{%98^yf+gSicpms@u0@F2DY zGU{H>dAZY@B&_DNxrgnZ)qhp7s8b&`_-tjvV4+o0+JU8Gs~?)1whur-uD}o{G&BwnqPnv>^#N*j$G{1QuN0%3;)ETr?DC=n&Q98+pWHOaM^N}#3>{Shh2<+&V%gb^078Vn-LD?TPq&#()` zm}HhT9OM}{NulIrSjri|Hc?aGG83}G`92Q(G{vc0C9qE-AlvxTGzhUZz**YvlylkA z9C|&fY+EX=YlsoqP7HYlkq>pBP?(rp-toN2DoE2ypPh#n!{9{Bj!oSeG&KJWe$R8-c zo?T$xXA^4wS^vXC&vxHVVSuawkm_T!gg7L~DSM^;y^adSR>5AL>lm1DI=5(rLG^wV z9GxUB%VPQSlAvkLNe-Y^cYI50#aAvjZYoP_*NI@*HVupm;uj=rw`DMk z^1aC?GTp^(t8Wmu!(%m00P~u6Mwu5t1112j&~=z1*Mjy6nP`rQ%`6q7$wD?$OrR+j z)?j8r5%-U5+|4;R=iK7YpzJRH*@sOlwqJe4t2+^ns<{>2)^-=h&NyC3_I|Go;mjSx zBgtzDezIvey5;oR>|dBYl6(O33h`ek5|Vm`&Y|lyxdjA3!^A1*pF(#j)LB%yg}$>M zy`St>oz)%J#yO0rYc-k6htsjr7pEa)QY~BTeIlb;%;1Hgf-sRY^?z|LW7Q1C<9+l0 zjA`D2bY@z7V5%D50QJjJ9BJ@t+I7pjap>Zzt=yV*c}+eMB5GG}^$91c&jZ!+?P zEaxY|a~7jObJ6bWs@hW;YA3me^9gn7wWMXbT7J;GnhO8HUl& zGw#$|D-2{EG(};BLal3JpxA{xFnrs(ak>d#OGV88ZJ7-cOF?Jjz0sT}%4ji(a9$W` zxpD8DTA-XRr5nmd;@j3z7#D7Fj^%PT)r}FwUT&18O=sv;!LCOSo(&?lKOowq?WTqDcwnqh1>A9UjwC$5{SQ- zDC4sp5eU-IT4$##IB)3F$Vn;Xa-s2d)L>8G>Z>+X7Y8YICY#;Whb!sMXQzeB!e^#k zYX_u(`je*^$ZfFW)G=OaPFKrOsU#yNG!`W=8hpVKx$VWvs}f;=5tIbwV}Fi65)R-O zj`tmBTB49ev{jgEY-QJ7PxG{DOtT_rpBk$+^j0&h0qjcVRRj1El&|6-=odAnD*_YL z9ZyVdm#n#vlWpPx5tN-z>(-yQU~hV^hhQt{uo?rVuC)vbxAL3%%MJ$hyci!2a!f zYFy1lGl%Y14>?uE$*n_NnuXe;uT7iLHRZy2T|eG=&MGvb!jJSUJXBeU`5q>4jTu_( z7V?CjZ&VvEm^E{X4t49&pPFe5JcgKZ#$m50My~Z;d9R*FP7x`3qF%r^mdt99NW+mo z56nEi#3Unf$8AqH1z(G-$Zsj3w)YC-a=}Sisp@+z+C0Q-+Fqwnp^ugXWBWYMn~lMC z{a}S{KTKWB9siw5mcT7yyky+8Jl)8#ymczwzB~W}Q==>qRl+{O;QUKy5M0i7a{;PC z@nun&&lxIwVd$x}MM=uX^p|$Vh*I6-nTSMg`Sj96qwk!dn~lVy-56_rCoi8DWQmZ+r^r*K38Oldy;s#zGd*WxlMy>x zcA+fGO^Z1*F1g3?V-R{|(qV&8iLsZZa6hLV8|``J8xU!-CZL70}f|hV-_t6=Jaq3fR1A~cP{KTMkHJ)-4>Ai4N zb9t2zR)U9xb{A02`?1ePMa%^w0R^k=sJN>~qgocj6s~~@&BCGD42i)Q;iu5xidgUQ zHlpy^N3qf`LO_lSvuK4#dbmJ9MKQ^wC)ItyyIkXkiAbvim|?jygy)<_K6E6JT24q2 z7cG?+XX6&kzaOd%?S||hB8j1?Wmc!WwR?a8!*=%cJHX$ya{#{h(}4ev&zX2bsPnej zVO*`Aq(s*DH&J8uBSk7~5c@+y*2IzUF4j~@6u`INszNpafTzlGa3WaZtm;wBa+kv8 z6J=U<$oWh2kJ_|+`G)~5S+hS)8GQo~kb@*nk<|I@lmx|EQ^ax7O`BJl(DPqx3x&_Z z1_u-fh_J>`ZKrlJCS-dN6o>3p3Xn_L8NWgG);|DY|IkfJTSQ;ylvbld@O}0WqH&gE z9#1<1mH){Ngs-n>2Wa>!P-&Y*k7}Be7-d)rd5Z$@U~s7WPNmI~>uuk=kwA34IHt>} zw+=72I50nr6kEQ^+PcT~i*ko+13iqz|GA}L(?hmoW9}64>bfCi?F>A>GoeR*96u^t zE^+_MILYIj7{urvWYXPC=SBZzx`K_;Fa0Yt$QM@t!PV4C6Mx2fj5UxaF#LzBaLaM( zujaqLcXpi|b0D>Vu}WZW1XL!I!^nRpSiCT;wj*Pdmn;DFx-z8s4iYb~ewy zN0?WqQ#qxqeOCUScY87l42~(xIAP8Txfc0bf)v!@uIj~#QG_2~(`({iGEu8-Y-RGO z_}f;IgVz*2whK}|NRglVauSdf)AyPunlXx=s~y+P^Ka1?YpH*uB@QASgFKiSr!BN`r;>Af}voa#(U z6}YYy_jCi4K$m=@9IgeDrtXn~uQe-jLD(bTiX~VJBhTwV~JlGZV3+ghCN{80JVg=Xk2O!7_zLXo!vy<9VyAq#zwC)04LB=)O{b-+o};)>dsv` z!4vUto{<6VzED1bRdCto2@|5FNATt|-@&|p{`(HJNUHHAyeWxacA4v(!`evUPv!tu zb$bc1YzGFC&Po-$hQ3F&GkS`*O8oq79z%B!ndN*l_zz;5*wQUhxHYIBG z2YBBl43q|c@gO=H(;aljxwnY%3}LiVm^lPQBSiZe|7(xzCNB-c=VFd2eNv883!uRH!*9J|YwZg{?axwLPy zcJ12M^ZXd4s`4D_ZD`*7FeMFRs{;j5N@a>pE3^63<;dBdAjEPLLzb;+?{8Y|`?+;1 zf!3o-v7zUpoU%P62Er{oWm?EZ5&r$dnDG3_D@4H<9|y56+}4wT;p*+cq-ww5>n3C; zK)RG1#aH2b?d|vncllDu%f+pR)pK+e~(2p6S@REK>6Yhl=*9rjc0pRA3?nt-B5}1x(n9Yhg}mPdqktp=kS8b z!jU3ZYo_j;gPWUsZs*E;b^u{$1?Qu$$q%X_AbzCs@4X1Vafa#Eh_qEUqELX?ks#E; zw#c3_k5;imC?|^4lhsf$((&s0q#@tSg({0w1i|>*454$D*BO*Fs=4WS@nk$U6e4Y| z+=pO88q#~e5j4(8C}w9fxHP4Gw86kxJ&v)r?x(5?&%4l7!%t!NLw~qG2kyq?+Km^~ zW4wVO4vvtemh_jQ-`9NCbEzG6`({r?3MJl0y*{|#&PII@;l+P%f9h+aR<|Mc53`2o zs=hZ=%&GG;(6c|{9;&i{%cxVCh&q<1Q5&FF_=&zm;g`+K(ALA_ z$#(q9E#73J!mMAuRt{%18S3%a#eB#wB+oR9PNYguQ_1$S$$GhKWz)v5N!*@-8 zWyUtfPITnT8^#Q*ZkReC$BU>~ok9t`iMKs5bsP?Nb^zLy#2DSM9IzPm~ zZSq5?9Dvm?cP3LwpWBLq^|R4(?dFznL6L4I_su$m6uTfu)AEiHX!p@%^A>nZzF|SN zJz`jh+vRVhfP5UHj&-o__&jEq?X`u==i#~=#a&w#_rzLp{jDZJfoS3pcab0Ne6>Mmzz7L^153C!Fq-p2_(g3?>gCw(Q{2%u3!{%=Acu<(#~@b-vkLCfFOa6OXZn9u9`c4j3ruue1lMH^oh=#SkVu(IHK?8T zTZKr(s{yoZuo!$xDm#nKy58>V)N8DZAiGm^lZU6(+^*=+Qw4F~P<2)GmWVSxZ0$US zo!u3}1c=MgMiWfqM>OdbV)BGSF>|IT5<}1~G$yRFSd7GOgKF67m<5&@Qp?T1H4?xT zxF^Zw_MxMpOZtavpPtadaJ}fxx>3oF?HmL#_=t-jCUN?PFS|5tHcMCLbKM$}+8VDB z=_n8Bsry8yDdbC9jm7xLtT=8R32z5sehHV|<@xoabmYYnS@f%VH+*|d2usHVa zk(Ad%XQfaeKgXru%&bWb)+?C+{%sbf{}L@JSuLy19hJD_18% zY)!$&7W(jUD;mpx{pHtr6m$LwpYqA5MZ-USEZOBzU(wB4%5Lsg6>E7DKI$)j11ZZY z9+|Nv?wF&YMPbtrO(;*-RR=&FZ*W(~N6W)a7){d6fpqb*?o{LRc>aF86>zGma)_vn zp?xgr>vKAPR*e0h1l)DOd2byx^Y)p}tMiw6A**P+%BuYo@0+Kmipjy7YntHlq;_IX zD?4s(XwrtoJpPMHT%IlA@Mn-VHv4>H@`|{!#Cl2@Vz% zz@laZ3xslEwlT;hDZmPyQgSZD$if~%B%mj<;BGtf9m0u*>m0KXKLlf@v$CoHK=Rto zX@nXiEopUGc&A#XA~fR^$^CUaJqRH(Pbl^-B)Q(-66Xzt6gk=AsCep}g}QY4%3wzB zLYa$jt`KnI#VGj;f*4lKw%5qqzmul0U321j2q}wWF9Y@UMe%XVQ~&4;S6|EW@Wh0j zSd-_33qIBGmH+g_uO zMlA)QWyD|kk&T?_{#gEO;u`T^C;^_)`*aT$sy8Y!sIg}!wac>JM`1jQ$?wi!T1K7k z=UWR2`H;8*5fgN;B`tNl$duPlJU+~%EpOCl@Os=`*ZyZ)VLzn7?F;P^*XV)YiVfbp zDyY)Y*BFt@Obb?mSdQ^+f=oleiMCS1m6T8~#L>S7wiZ>BQMMbIeMOD7iftF>O+qh| z#rlW60ew|z?!#2rI>`5jr~E~LK58L`>nJF(cim(`--FE}!vR>*i;+4p72b>`(c$o*&R%AB$?=VKkk( zdog>O-<&6%Njo2wxydZh9=iy$H{Newx_+uh`*i%d9=NG`zh-#RGH<^jp?R?PTJh07 zXHL%oK6iWgTsTuOVvVd`MZzhzZXchJrn!OMn4vD{xCKqZdzw!}4YZc~EB%hJZ}#*j z^mZu@RnOBn0`~=_M8J1wQpe?83N7Ww(Y?D>J_!3QfA;%-h7s!52%bHjWc~VT96=SF zMXxuL0R7UDu{*?&i42p#>DJPD;HNqZlg}isz;l`RdFaOr*4~O=md7sma@_FF#Qx{9 zgBA|NZ=1t9lGi>zgS>L)$Ds%~0|5x+*J`>|&r?H0nLE6ds$Q9Egv_{9Hi(Z1!6MT2 zfh14COUjYIhmya2*_v930Pe=!% z$3NKPx8Ve}tGuWxM6o=$?>7VDIA&46eeDPc{^;}-YuI?o@G?n@7%XIDAW%~2I$|}e zq2PINZ!J+Z;Y@~e>Hr1qTY!{8-y}BEF|XV5C`Jk?=W9P9wRp?-+Lw$6hrMBWviCxj zDf}<8pJxKkTn+-)kbiv|0C)NUW8z(#>8aa@_cWt442O+st)(!5bIlUwFk$Em;WSw( z>4;KoU~ETF*E{gS#KEc@ur@?g&h>O&uD& zpVq`8P}kqU$ff1I=eu_E`uulVRnp<~ueNm@3(n;7K2G!UgY3eH_rNbx6Z~-XOlt?Y zp$zsGBUlj^S#5vV(YXGFm~1%KAux|8b=e(Nwg(kLxfOgGMKe61w@@Z>|6*cX z`P-FZQJ7VDc<`K!ryK1{Bn@#FYu)%(@$)FuWfqD~0LSUik330dlG>HC?A5c#eSl6rWnQ1mV_5|vEPM}c0xXV4 z@=xsW;>i`M?X_``ohk8R!eu)pv8@nZClqRxA+!dk6R^z79JN*|rdir*;Irpm#0Dy& zf|`nLZ9eRBj7r^nTte0*1nsk|9}FCXb!73&)-ZK>T5;%CUaSRqHw<(^f9bgNuYM7I zo$T6g+i{dnWF!N%=QyqgM}ULf5E;i}LQntoZa}gFHqf{LQwpjINsb=q)T)UpX*^67gOp_-Yw_wtWxQ+0(Z* zXRT6b8n~AjFf)in&9dwpUKQRl3+3{?{{yUmDjgHVKcU6I=P6+I1H<*)BtA`$% z62~>9DD~UUJht2FDuMfVsf}o@n4ESp*7mO{XoFeg(bYwc}Iz_M5M)Y!MmdR@4!taG42s*O>7)X-Ncnq&PPg;z!t-L=!T7!-1 zXk~Ug-!OT3C}*f7A2|1{_0aEkg;N<{C#hFgk7cfh$?Xtmu(j^}-TRhu<73saVYnHbpjMNB z-D`os40G^$H--uMbPe8-r?#f^4&aL0TRh#M;cGNzZ z1t|P-^flw{<$!voPR+=TN~&A!@Y;BywjW3LhJ#)8{!$n2s%OAT7m&af$cE9)?TtE- zHM^$t$JZP6=E5rQhzOXv!k+oGJ`_LE!3S1Jh!AJ$KUs!;1Kjgq72k=j?1Zfy zSDtSvS1j9PIIBv~E& zX=K^iphG+R|Bfn|mI9rM8c$z2^GP)A>b@UZ*V3^z2x->&r_4N73f|=IsEpJI?64wu z8JCN%!N|hDNm-bo8L91&p#AM2dI28Q%LKPpWz;)coW}Jq^^AbtL z2yhj!gF`kGz`tCi8*1BsIGU(g06(%NaZX4f(p zBCftSupIvuZKCY}4Ya=C+9@-BT|GL!ACQdloQAP0+ z4I)e6r}DxAbo@jy;K9_hT8JIaUF!9Ce;hWu2@BeFa2MnXuoi1f^XM)B&eWy=FUcAC zWlg?_mfeyB=H&`Ln+dAIUqt3N%Y!%3DUCXAks>nI`QL+P(%L3gk3N6>%4g;|(5k|h zy(6W+k(vPTGVqA}pbhuGj76GX=f4;`WpyhS8kdfkQ;rVoj};FEN=VBECSM>i;;bab zWN8)h^0b>m+OzGA9cHuIhPN4tSqMV8at090^78R9AY-bx#Dx0U?R{RYvT_5ceEMeG z6odS-{%(?)ewmr#OW>J!i1udP*~zr1M_oYH(?r03bYz=8gotwgD?W^^nYEtRZ<8~M z&T#ou_%S$NsO$Ufb`t5V+hwsPk7s()Zlye8^J_N=%~`V!Q((xaAoO-wr&IKFv??A4 z;?*w%F|`C!Wi8pP@ne`FeN!^G5)eO~`Ihj#qV+v4Uq~5GvGId-TAyR@fZFb(GvnGf zIV$dBz#6M2t=bWET^c|RHg)GK7m7QF9ixmgpEEP$zwS2t)sj4_d2tvkLhJk3EOt77YF;6{fPpV@uSx~3k3&} zBeL#V+RVCU=88)wf_9oQeJ{~pO|kbd^VjOHJfcvoPX|oC4xX}GYrwK)unp=0$k6d5 z>JU_Vp(ARXgRwOXU&o?K)&;bM6w-5Q0Aj>VqeSgvTp{PGNO`YT=kNW5CQ5%mEMAecp_nm7z;#T{5DG6(&=M9jzW2iu0im=_w(wg}BMj|=}RVN%ejlqmc9A;eZLwOUWSOI056}A%sv3B(`obpNab?8@=9N z*bt8}VfLOho+&#T;%p^quZ#x4v>KimpMs=wk|(&NFuFTw5Tg0CD|By=z6awCEBERo z8=T(!pmubBD}a_20b$7hYC4$Cr|w~HMfCX(7QnJ-sU2v*#6WG#U7^jv=4sS)(`3m$ z{q&aR&z$q$PrFzy05_}%s}ncX1=EmT%H{byaY9fOTcL_tf~EM!&UqO!g_XE^y-=&( zpyO}O)qPKi1=zS;WS~8n>s)GD2ZU@X1?#O&&<-=P323DHu(b#(lQQLC@aF;!GCh|M zBq^UDB=EQh%$HGsZkM(?oR}J7w$eNgn#z%i)F%$$V?*@mgZO(&w+l^cr+JHQFQ+a# zB%kuUP-Z`2bR|$?|1&J<^n0jDJc+k2HO`mvs9ed6i{U85#;}9~*`=9|sLx2LU=m8WfLdj> zhZD+HeG`v`J46beDt@r8j``I6Yos>T(6DGn22B(~-TC5179z!G6e>j4vRsNsWjutyl1VaZ8xO6KC96ayGd7^Yc+ET=nLP!JOn zES5Q);pEvB;zLF#2~D~ot=gc9+IJ~OWI1e(em^iLn9)oxIhwSM@heIt#!Hc1PX9$C z2=I47fFLJ>4)RB{K!#Mza|AAvqUz(8mT9FYSY!li+NPV=z;<9m5<>)_;tjY4LDL~e ziF`7_QSAFugkJ~Wh6GPYRWV{%B5~;B$ zt<}H(1{$Q82t541{~!e!1}Il6k(i;E7dL~*>1U6&c_xgtS&OM0`Yry0jO zx3>*kstl51ITT-%TSO$fBuO9?a}474mkYDg;SKPHyo`f(XzxNyYl#m19UQ+fpuq@yS`|< z<2`A;7+Q&FM~}q4c|ncWU;dd*G{^`f$c%L}cE*W}uL*w+Eb$k;2husmf)XRqj%47& zBu-=sr-$n!@!3Om19D>3(DCg5 zgZT_R467S&xvLGNsokZC5no{4@9SQ$V`orgDPDKBqVygGQ)hPGtOs&$@AD)4UEwoG zC$S4j*Y#-k|6}5X7@&Eeqv)9rC(^sl5#Fpw!lb^m;2RDUdNC|CoD@sVJ6jHhCMgWi zLt{X@)QCV1=Y0%g#JwbqGX)MnY0g<99_AVR9nJlhss6XO{rBOg_@E{78c>9TasI{8 z|NEmy(C|mb0gB4Qqj~@P7yrw5K_Vw;XyFTduUI<&u~`1oqdAylWEd5gShcmZ|32OS z@qYiGtpU3NI=GzSKf>T&%=pKP;9=`gAmS`4`jm2m|K|t)a{>R0O?(iLU#9s)$>}5h z3p4&Ly3imi#6>7|PA*j~{&Oh&&yfNY{rzR?|L@fNXBWW#->Lb(tL9(g?caj@|IdJ$ zst~++yzu*Y*@OK z4;$@o_p1;6m`XNi`rqmQ`z`o0x&=?T8<@s!*R<{y!Px2EG|RgUacsl9t6-0H7?zmhoVtGc3_h7J!>%@*)<$wQgKoB6(CtH7* z?Y9v*nO3>Q_4)k0+~7Raxw4XZmWE)k$q!8T`{VkgG`*U3@LV??plSRQP_^Wx$4ujtL;yuNs4 zN@{+rLN{zkpMXKcX@CA(h8A;kIC*%{9RS74TS;~g9K|iMdMg93eCO3QZCxT^o*6WqC$sEwDU;giAI4C}ACy#L6$`o2Az4*b2htbcFC)LNU6>>h+CivJgj zkB=G>xk;ig2m!M`Si>SkRoxD&t!&)9(77?(=Zb)GxvC&8ePKQWMam zUO{OFO1rDD_bFS^eccXeTsBK@re;R71JP?0lL&h9U=R4@53J~XH7I9%U^G+aUU!*I z($s(IMPzR7{zhL>f6)nsRPO^76F^yl{6()|5sw~P%Wi)N9BA%F*Mks>hy&Nko(*H0 z{hIpleB?Wty8>iun3j97p`G%d7aOb>TG>zeS1Iq0xjbeQ8J`WL<`PW+0-HV$>(V41 z{Ru(HWbzAqC*`|Bw&ytuDzrs7Q~neA?vLA{>ruO4sO$!qE*?LM2DA5H9ut+310FQf z=P7lLC%O6&qBO`GbQ)qXVb4G}W^Tv2+Vy?;9UkxFzAq03!}&fUbpu)kwc2NWIM|`< zV6GwG>X%nAE%0MH#y2r||F}3?2+WsL;@wY-U~07h=P*P*0Wv1G951(ee4cM>{2wo> z`%qw+7i7UA3*tSBN@c9ec&nquoX>wKPthXjp1=(9CUB-#>YTch@uCyl3*!q`@< zAMCwlSk>#+K1xYl2X#4fOL1aARt}R5`uI$2olmM5>g_~dFI-Ct-V~Y z`+q*2>pJIL?>BVL`HLsUGsb=2V~qVx&;dbH)J{lA7KJS``!;cz!9?Tu_@%TS8<_hT zC35LyK&63Yebb%Ce>%biTA$FwIizUoIP=A7f5OI$) z_h}h}c7h`>QKJeV$JIIV`6hzcMSzx)Ly)DTft0!DG)3eFXl$am?gNx(**@pjOd)x|C`=r!Oy;*!!Rxi{Xl!i4YfXi9F=F7ejE$o;ikDDC z7-W|zVC=b-!u#omhWc3=Xn5axI#!-Bm82#*f7w6Ids{2f#Mt>R$pfV~HN~0Y%fqj6 z_J<_~Vg|MXRVtxS2eTU=mM1JCRHJG{`OO%jb>=j~0#b0`n%+i6vjm=)?2b_x!*$*~ zKX?zyc0hkSqO^2*4+MLC_7;_wg=t0~z$QdQDGh#Tb?R8ti=P9MftBAy$sn{swd~C8 z@mUPv#v6j_pKGP?XvDY{kxQ6pSqkF;>P4oYLC=c!>FBJXtID{(gVQ0?#h{umwlNxo zXcmZP8xZ+AZ!>|c<{Y#%v3j;1@r3rpx9QS?4A+)wjX<>kq3)gIeu}uVIX?u4{bN!t zOVk$84W`_VhOfN@#c>A{#4)mZ_WlQ`61)~I-awm~XTqkC2D zZEwkLS+;cAa#ePly86kzqE+&<*ep$#R!FmMWYBIvmDNZ+QoK0*deE07jzWxFJAyV2 z(hC#P2LQ-nA`M+X?L8E`R5&4_iwOB<`XluN^w?&CNNe-zDRTTn<@8l74NXYhet8U0 z9ZVfTX^GzMg0a&>2}~$Ibmne}l%hm+swYOC76cupG72`>G&WLpi%rf3_U}_D@Z@R* z+#IjYcAXK9MSd;@*%Zu**cM-?o4YcRC?ZN;m5xhGEG<7vQYqn8_*AX0Qg(zOGQI5F zPd05DjTzM$Cy;3H8^bO-^@mHLQ63jsXYycpJt@WN=K8SVd+TLB-_>1--?*)pjGz0s z-iz}+(B5SsH^4)qM8LHv_cWrP!q%p7p}(r?oK_nKMYH$-kvwM|FCyfP&8x~g!JbS|Cpgh?FYKYNY*#Aw~jw) zJ4vyAU|IFq!0{vKjQ7sui-`*^u`+^=jYc+1$g2O#TisWlW6PCF1*NzUIq8D?utT1tF!d<;B? zLd;Pspww&u9rJ+aaSjY&KE++iDyACRa8XvthD8O3;37W0?@md6tjj5Dpt=E+7&4BK zUigC^i_+ke(=J0ovqRuw9FNFOQ2J3#va`6Ex)NR}v|$smg{SwYyKlaoSv6v7J?f%m zj+^+rn2nUUxd-~{B7CVpb$q0yD`3?7%!=;aVeiYx=vjm$gp9=&>D;M-s_&99&Gd1P zp<*k8(Bcv-JL4R;escr`$Up^z=0r3Q%H{Fs<q7@MY(;-rk*tjibl- zZc^oPFPp>w2bJ2c2ah%mLWU`}DrGl8Et^h}JZXWunUi6G|C6PO)0 z$bHCKY&fyG65SR=+&!c>>1=UK&OO3?XIk9?Z<*61q+oSobmOU{3%-sJ+9*O8w1<*7<+-KI@P1IOAc zGln4ouNqp9&itVJ1=}jTaBU_blt4Q3_t>JxoV`JvPRsHQ&?!s%XV}0sD0mGU(H)mRzqmpg zN+`&oas_gS2v>lhA>U7FiPry(52>vTzM1aJE;Cd-pS(<|p_>Hr)m*R7`nD`TsqCBa z{aDpUJKyRP7&<{ez=~;jx$J2rp8vUX-7@15@aR$4y~qb;p2=_sX9>8{V@Y5?b(@qS z-v9@X7ieQAdD_beXRbSXQA2!Dzil2X5E^U`%1&2i`Lrc(0B0Dfu~)$TFb9++hFktR z$ZG!lhYH`)S@XEh;n)1Q^Gu==I~v(&%31XeQeHWw=8N?x8vd+9IXY7Wx?_5wkYe7f@OL$2Bu;mJj&=Ll*~YI=RoSzXcALhcVSUz6{9*G=S~Qg6TDJ|WS~ z>#ffaB0iyYyoKVaNXoVJ=A*s|S8~CFYB>l+Cqu>wAj3rX=<40p-n-_7m;cbgIuO#b zkDuS04D=du9pixZfK!zUQCFm6r+rtUVF=iphSq{w_ zdRnk3R?9;8tOjq|I3p;gyqVz9QEK#QkVv!y|I0Fer{j(BIj4RJlbQGknw?;q=sJf?9^`5@MR3QOM`Q|)ZE3d&>BZJAk+P9s#@u*-I% z54#RMMP{hN_x_~97ZS-s(ff#{*KZ2n^sQX`}&)% z9;_vQXjsE3(%#h|51L8>~uVxan6Ik z3$X#P56o7R2#yX4`RIHlUCuX-uN`lzvTt2d<-9i1cTp@^zAn&&!H_t0bu9Cpy&KHM zQo^yCjfV+zD=C`2q)9y^E!i~7QrdDLWw)Ly>Rff=F+JnsV|wXP!%Vcc!$Ad)1Zv&K z^`$@4&QRm#=*|kmsbv-+4c#(erW(c^mPLLG8?t8Bo4FBQStOn~klwI~S1|r{GJiBF zSmybogo^7)wAfYKYDpJtw2&Ff5c}wBPXSbP*3eaTb_aj>VfaZs6{#pq0~5?Ja@LR| z`|9kp=U1li?sKLHiO*q-VoL2uukm)-;l4qMm2S=?V%?VNFPdQbVDr7mj>&mq==^}M zp1#UsQ&Uy7imQ@~YLfa(CYrVAGvT)N3Gu3rPAy}R)UcuvzQP7@zR~gyzkw|;;>~lNT^})DEcxghFVkh)|zXO`iJ!RVxC$s7~!p_bR-#`*)AW~Ur)<`N= zd1-O9IIn`rJN}0Z1$bT_IPfuCOJy1(0*uc+=?5${3t{nlJQ&#`s24XmGV$fq>nsLx0uxK*R0K_y&{rc(7^<#8PZ;@WS&NEAmYx+`x^2!9k-8jrz+&`J zUi8ShnzwB3ELyC{=74UUOFz#)__3<&I=Yh8Ot?OX6xr~69&bU~F^*-P%_9}j&&%L15&=9X}<-6s31U4`To{3riZE4o_=1chdi5m-LA7GaC`TA0X`1jj9Kio z{p?m0*&p$sWIjF)vQ+ftf!#*#5rWh0CJ74N)f2X4;-kzqlrX7cx7t{BB`CM#?UmT4 z$H5o~OYg{mZM{J-7FR^JPPT8D@7w6=T*}XCKg5N-zLQtOW%xd}B(E#VpO}CajOMwS zAb0f4bzKcq-hTZmK8MpHG6IX;s2z$0aXxtlY6C|=T?m)rlccXPh`8jU3D+c=RIp7v zqaST1%2oPzoQ4n>tf$0YiRIc4 zudA=rR0}l5)1z zT$W+C74X|0ygF0-jgKUV2XkN=@!5^TDnx4I)!6JJINprg3>w-#hjp303c4QUBo0kfiCPij@B5oL!=5#R62xn^Cf+w^h0mdn z#g2P$B5?BwC1n^9q_Wq#!)T!Lu`biN#)WZQo&f@2*&^*}Q%?ssO*QEMy2|By2qYjFyf2w&8shx`+F^WtfY^(X&+8E*^u6`dt-&`+j&uS@mjoPo<<%_y z!$Z5$&>qA?08Ry^1*1jqKlx;%ZU+E6(nHXyHcbXn7oN!$20kc=>TQ$+yhN4^2evC{ zpO+5x01gP!_vf0l5+6I)-*0C+qW5mUs*SbAMzk25v|E&xc<#PnQ(WOxGY*(y@fmme zY_}OP`!*&k3r&O4Wd!N7Vn&L zct4}l%4x3Lpj6d%^^F73p>p!#tXRxvErdY!v|gHClpM5+JZinMW&>frulJV2P%M)Q zq=RlI1|pyWmRBzN`1mi_KEFKFEh*~M9{e2;^9CUxG|8H|fy(W|pjq3W?2V`2^}SDN zWk2irH)l41xX-}F4f5lxxIFh~d|PHi!)e4*iMXdl-q>1WeZR%#H=lRATKa}^za2()+=*2oQ-PFbLTBI7^4Wl2l0&?eRkkIo( z-;il1Q&K_-qT_myl%u00o~*W*FB=m$5uL2ZA(jHSgY~Jn2gefAlI3_afu(W6^$^1> zK?1Z|;Q4&i$lv6ThmAG{N`A7s_$BIRNh)Hdjw-0Z)cU2i_TzeGQ)`A?*dT(kfQCaf~uqFB)(+%(1dP|y6cdab^uPG&~?S+`WQB+ zQ9XEmQR7Xv-`yo>9<^v!H`>Hac_qy!O(@2EQSBFf*X%G}l#ya#VS@S&Ym1l8!-{{% z4&QM6?)v+EFPrZqMLBfJg;$wyF6nR3+3EpG;J3tl%&LZ+%bU505?NTKK-=^2X@4vB zv?1C%VFbZFG?ndL4>COoJ29LLUo)2}scw^pI3cvxgYn+fdTkxOUgI?rF`AdAbKlc< zKw({*R14t`F8HT_ZgHS>kMECFE70e0wX z(1hC9wVaaIZ6Cv8kD^r}FF`p&|Loz_t34)j!rF<9k`LW8jj>0s3{Gevblba~LG|kwT$bCc! z709}l5E%(y&2E$|8Qr^WVxBPYm1;Mc@tAWH2EgoPZH=@aen! zi7A`#{t=?~5wc)}N?ZD{Y2Mtc5p!vi0Sw~gq4_*T8M=a1_7|H@^^5)`g^3+hF!~wx zDcopIG{r{u1(=32o#LEeQ*GpMXKUDkRW|zP9izt7X@a=a{&z}>rfcOWp zb~2E#zqTn|j~w?|)vqO*R`d36vK`8QKt3+s<(i^#?5I`7YMWIEg&Yvk+Dur@W1Jq{cy|BXZcF9uz_8_W73 zc8oV++~=>T5fZlCT~loT4= zxJ)iQP<}m!D)>LBDkQ~eUw?xviTm+o&;CK3s$PFdFt1$|K&wsL=YMBen35|{pI!l`XP9iEZG0@JYOZmvECt2Cei)p+kYRz-0*GE ze~jv%UlhlHiL@4h%3%I4BO$}R^Iu*B?iHrG^d9uUv%hBQ&ujkc2Ml=v2!DTwzkT}u z#wktLgTs#Rz@<6@ooR(HH%CafSuzd64GlB3u zz?}8MGnC2d*?yUo4kv7NX_7JL8f|Ps+5iZHSqgYR5QzfGKpTjYPJt@L6Nm_;X2wK|fiR$q=i;+lTxR)*byb^sdo$w(Uj zt&H|W(KqJw`rFt?K0rqEHW$=ywIfaBwP|_Y|I3OA*j4H1PA~q6sM`)k35pFH^fnZl z>n#oB9V=k*y}~pxy{OukHM9TzwqB4ORL1i*hgt{NhyW%og32e*2a zr$TY{nelIXCE$@%2iIiLi29ewQpHs;(~^dS+3wCpez!kBw{1rtpSoiKVv0~AOTz2w zqlI8VSlWXXv;a6!5p3Ii;fH2O%8v8`T0Ydg%e=puIGhkL5z<7DzB~%hz+OGbYBexP z&bU8VsRYsLMx5APAPTGa+jPjhr<=zDCjN?!%@c|3Y7>WX4oDlKpfh)k&TG?Hz-l^p z@$}VhAqd^SlpFmhgDkDB@};JnX+WU<_)+C2^25k=lqVl^(qjw8(Id-q`^xm)1eN6_KV&)-?My+kzn*3ufygu+{=@Sx-sH# zZvj{U3(Pmh*AIZgUEM}VoPILgy*f9 z1Y5>n69A17?HYv3F0cIXTr4Ftkay(Gw_<{YU(c0pHE}Hai~a$8MH47EO*47A!a{XB z(Th%u(7^N0jcq?Bq%bTnOy;TpD(dKan&~`wHEev>CGmLeG6em_aW4T*wpF(06v2Kj zVBdj;2nd9_fqmoB=0#QrLanba$SGhB6A!%}B;-v9S;~d*6PXYDW9mB`J|4DTB@nhn@yZ>*HQh{viB79&L|Wgf zPs#pbatLXFo#KGuZh@nRhwiCR2SwQGdTVmfxo*nTi(b8AdHcg@3SX|^7Kj#PO*<9r z0WK4+&-&qO9>C~QkKjq{FuzYkPvPrZQ`KkAwr=wvzMRj_xjQQsI;ht&q_&aC@Ssgm z9Afjk9Bu^WNM6zpY>;*7hOb!HvXf)WKp(Y+llH*HbAT$WzTKYEOOCQzPZBN`z|xFc z2RZVQOACw3wnGvn3#MUYm0QI`o%DH+>uGXic-ZaTG#tc%!Me=Ffa-J4uz;&OC zT51usy!fp5@SB+-e>rQS3#B~F(rnxLdmyuA%aqQAi6xELSo6Ev@hd`O0iqZjDVfoM z8U(O#S0;qGKM}Igim}e4WPSXq`{0Bq#{qVhBP!vS!_^;7R&Lc8!6lBhu9=oH07;rs znwyw3z`<{l#$$!fGThj*+LF77J z1?}Kb>xV#7T9&qp^~Yo>>-+e~#FfvDucp#g)ncr5=V>S2o`nRSXa8*7smr-#_S}^z z39#Wk?*PJt3*-AA#{5l_j|GRrpwgrhr{CS|BSMS)V?6pY{j;q%ROU|T*m2=BLvwk8 z4Hkk8h*Y%+D*(LumgzmAoF=X+Kg&oao7cqn{Tz3LuJuRI9u~i)TH(s0k=< z5mw3p;XPBr#kcIS0T92}GARKAi814OobW+v-s?CJ9p0lOiu;RxNYCd2Chz`mQ(LQN zj(0Kp;CvhIM4*WFGc>F{z!Gcnrjyi@Y2~2G>-Y!&nT7T3{ad!lysF*GEr629Yy(pBFk`9P}^)C z=6G|$FswmH;EW+Uk|#vcFrfMqF03@vlTH=h`QQXWa11)7(O6Paz-ir3OpcXJ9mz3$ z(JI`g<0az#oAU|z(3rUMHdq6F!hG=+>MFd-_)$` zKXer1-FWINW^?$J1tOso`XK#TPNV?9yrNQJ#n<`-z|+6JL-U) ze@)C`^J&>KTIl>Ll*Ga0o~AVCX7gcpT{L^#BWdnw2BX!ZleG4%^oo!)fz=xs4Wgug zY#(JMbX+M3rl?U`a6AA0Z2&dlRCPt4TYZCcw? zkD9pBH_V_QEAaoiF~mqM#lT?%?=>;*k+!ldq(v7Gr%t`T@8^IoO0r%LW&7Q-Oc}Jj3diH1#t;}GPnezz&xs#q` zs={!cax{%lfH%D~6@Q>TP!|@`^`CF}hx-2jj92ophWXtnOgq@Vt8ihPa@eCDgGxq; z%~y6@L_+6+4gHCcu*4sWoVt$JLrRz!BV$+5e%8eKFx$z;sNMTS7p%5-^_KaxebJTe>K~(eBRK=fqZYU<2tTQdesCRC=>xfmX|@b-+ur%h$``IvG&%0 zWuFcHsu+xDeSnTio#H$BU(9-XEnMhRY4e1>QW3DHs@BO|IaDjQoI+MT9K8jpLkXsw zt=(g(_r}}repGqZ3xsT%CAvnL&1w>ET>ERrQ!jKpCGTsw*{_90LX8(+q*){&+v4TM zjqT6-prtBMcsubkmEKuef43(XU2{2|g{Xz@EvEKQwl3tKUVPV#G~~G(9uc?yd)}MXnPX=W2&C(JmeYGPa%GAne9;Pnvl> z8rN>!%sZcpea%AEq4Y#ZHE!yEtP>CmmB`dX92ejZDTXjL=O;K5^U0ApGyepOS6KX6y+MUfrAc07;^1EMIj=B%9KpQPAG6*2ypVnD!;8nq znq4C-gEis7!`MsizUb@+bj_Zb55tlRYa?72*TN{sMPKRhR9sE&PPK{n8h-nj+0npi=(ekg6@* z!k+*Wk#+9wGqVREbh?F5Hjtgv2SE3SJEi=EB@*A$djnne+(HTCs1S#i*hUF?|( znD*kiY)?RNS$+e=(%r6_pCDVgxb~B)92aq2i}}{gL3IZo77Fb^Yj8ThbQ8D-T24n>cX!H2HT#~oS@ z&O`ZHslcA6U&g5j*7GoL0D3EDbYeNI8klj|Np?$~a6dGIMtmcWwG+ex1}l(Uu%Qjr zD)$`>MASzm(xk@@_nRI(&pybTag1E=o7pQDCTD$lBZ#kx#~s(baP*@I2zZaP&CO>a zI@8ra6iYV52_KzmZW5~xX>DhPtdvUpp~YwcGWdGILa|S*G|3!2dL$xfb^!UfTq2^@ z&Tvq z&$wl|BhiCH!(@*XT@yE&Xc}eq9*})~T8Q&leB2`*rILj0TP%)iHp(Br04@orST`VT z0R6bhgCH3dAUv%FugW(}`V@7}llioD3zwIC8&@)^iMEzBVG_@Q^&g%+EERh+HE~o) z-IyR#OIYB`X$?7+k7rX@L23w0Ok>@ac>1gk0{dC-#7(;|ts&VfdfOjClE2FtbTXn`;lAh{ieY z>GC(LQ**LGdwbvQU1BUnc%(-02a!7WU^!pLy0>n8{O;p8Kg!u+iWE%&y*v}{izPQk zb9FQi#xa74?t#x@?(~5bf$GWpB2M#J{W?nR~55BCtEPNi(2za#klmMh{@f z2>Nis%Cr~Bo|+XEhxUC-dY?Y=2#_=jaZyCQQ=MhXhle12j(?_`@%@HHqme7y#z+YI zfUV|5ZabuXFn7A7hnQ3jHF2N$uKA2f==X2sRgge80s*(oq8`DDd-IyT=)2g}WE>_( zb9DbBFR^Ylv=@op(^sYjGhYr8DX7%HLNsjTk#m^2N87F6QkOjbF#{VaCWMWyM!uI@ z7L5X>5Ao`w`n=&ff$ zvCvE!u}%md}d#0IuYl(SyQ04lZU5JFlcY}2cO z&iiLJyXHz-<+NoR1$7rh{xJC>trvvu%^tzBg-z@0N&{*H&KW`?ld{)o(wRQHgh9_j zzpQSL`yrO(z9@KB@QW>B|A>hC<{|MIR$+LktMn_Im}HIXc`33dWem)PhlAl`7{hc8iQJh3KA$9FdapA;UptBRs+A4JD)-%4M|&D? zg7hR$kZf>D__k7XsYS4%__>i>W~@EEdB2fd0O`s5(=nm2?C^r#gv-L!vCCWS*;*n2 zC;q_qKWogj^0O?lh1M^t#rV!!PtoxWed?xAkMbW>4G3SX2ANZ?3Xcn)KKo_@D+~)! zzzxyHe>~KA01x^hiSu!7`~ww64epo#)j6wlyLZaxJsdkg6!_7_7H=7clq)Ef>b$GrF&`IcR5c)0gYP^%tfM9)X}rc#U0VK(s1kjK4c_H8aV=! z*@xOr+r(8kqu6ttq4E+zdT&xC$$8KVrYZ(HaB2PhdHVEvb{~7ohQ(gg-xS;TiL$nEHoDg=iiP(ZZ;vBv(1E#J) zJV=84Q>>e?NzuU>%gQcASMtM?M!$Ha@#6Pzp{mm60*{fcvYN)3V9dGn$621In zR6e$WFLtjBsL$N`x~?=&Ets-Zec%Rx8-_*QpI8{dVp~)BPei}+>PF+M4rxv%*RM_I zwuAHdxC@3x$nM?i*n^0Sk(CPwN-E-~l@W{9@ci#HByWO^NhpYgRdxikyaUrsP=q@31;l{Hn{ap5Hie3=;_P@7+OaXNiFq zu&B|3Y(z|j(X+(W2ubvBuOLpfh>|Rs0eDJ|7NGKhgcn63w(TBEIp_X3Vc^)Z?s_cqCOkyI$5OonAb#~EFRKngJ6LTb~X z?+50CnB7s@s`CN06@2}cUrp&HB5Hnk=qDn_!bQLPTO7Vj!4+WqYYY$`z6Q|lHK_VI zP>=vGdO4`JzS(O9cy8HuBsMRXQzBMV(8PtL5?6z!X4N#nO^yJFB0Y2Qd9rk*3k40| z*xQ+P@C30Fu<8- z@nIABL+!xYV!U1Gx&z?MD^QDAr74q3Rn8~i#R4Fdn!#!P{)v9kOC~XUQJ^`hYCRcp zo);!GSc!zQFqwu+mr;Hyjo^UbhOo^`agKgU^diGDx#Ntw!#noTXoW2CHV((9a*@wW zzgkr+7%9d)i5!{9YXB7jVc=_)q=#8fl04*D(%|R=1;-|3cYQhp8SR~v2iOC^HpL!X zg*db{$0{3-$rg!*q8}6U!tp;AN#s<_a-)`<{x(F8>Yu0olp0Q0k6PGHZ(U|>j%v2`0}G7BAdEL z!9gXD;H*gN%lN6E7lagu6zkD+Yv5)^-~-<0?uj#0JAjA3J~-G-O>oCu1gP_X)y29+ z%&(ExUqeI?*`#Np8@6=@ICq{q)ER7Lw{YJ_J|Z3 zkg);3Y|8(HP5=KQWB-?52f)PtPU*jQ%Ku6x;AsD!lT2_$0jDWl5DubtzW&~R4>V|F|sdQl0{Xo$nUXaqXzy8r}os2+&) z0aC96R9^r`XO!XJOrky_M4bULs^N@oKxRL?C6GvrBQsS@m^mi?VH=el0K=Q)<$dr5 zE}I5Z)S7FAy&D{vf`G!t4v%yDAVJ;aAhUxX9Jv3H59 z`k2(w?tG)SzitSGoaz&nuWjhhX*wQ|sR;hfyJvyBdm`nPYCd^!=(cxC(Ul$d8D^9g zGIUAlfWoIGH*BE~*g;$bzT1tA=mrV}vVOQVqqQpfU!yyL0qw?Z)ZgR&uubvU)b^oq zCGO;vL~#swp@2a-zyP1bl!_#F+*5Tt5vlYn#66h@FFj)1_Tc1FOxEachlm@se|RW? zpSSzEGIyI^Z(6x(L*E}xaR==~z{d_E%pEGM0)Pd!3-~POSvU*#hg-N&|2b2{#o)5< zkB^&;DKtJ^NXk&Q8U9FmLh{FRrayzr79t*u0~~q;QZ;nI^0DC94b}^6_s^Aox!nQB zl>W(mPf9(SJ-wTWaRrGQbAR2MeEdY83 zwM@k3)(CC9>eGH1<9`pP1cY^hByLdn-8d7+R0JvO*f3dZgTU7$oNX=(l=mop^Kt>0 zof+5kgvggmFP=>2Ro`@C_*R43KR-ui+B*UHQDDnq6G69Qr3`cwSKZsMmr8g>i*tMh!&0!U z7Kanj;zFPr2LaO$zedoy`T$H4FKd?hBm21%P7Jp88y7<@V<7OE>@4#HWbvx@lczi& zjNIBNd%GzuXit1UcDby zkdhDR{buBKkfJHyfT^+r#_I~W>gOO4#S^&WwAmJOQATHZ*M}`^c9{Nw)z$u|(G#j6E1<{%QsR;(YXyj-`hsTUv+0igFo zW82RP+1}`WqxyhHaTRhiJI-|kBA`p4dkMS+At0v{)&WR1;G!lD(QFC=Of&)1p>CHPU$VXhh)RETn7Y+g7WUe!q z>WQ@C26bX4Y8r_Ka~JQ09wGSbCl~1?*)@|O>*TzSP^sQKbT`cR041S zrmJY!#SXAXKu=Nuc&{d0XL>9)ryEe6p&rDGDF^|_i7JLH@k;8W?B;1inPYc%Kigev z)mjrMkz3EEl#U(Dcbfp)n%|Q09&@{dhL^~>RYXp-CX0SM#?jln`A5XYjPLcA662lSE+&CQ8wC>2aN}aay+__u`tj2^T}jW(Lb-``@%p;`GiA$l&M7#3>a_>kQT- z-$Bke0lGIG#cmUTK*4S|?_@_AtiWOj`@5ojZvj#Umdrft+x7RT>Bos$Mj9W$I9Ud0 zcTezj6NQ~~QA6VKN5xrP+oD&ohvM!!MxI-YN`_O_fD%Z5=Y&~=3?II&JtoS4yI&Ah zCV_m(|C$A!Pq3F)aIDMx3EB5ph=h^QaIEsxr_5zsgw07~Mu;{vFF}K+k}sM#gsW|u z_=pr~**iT|IDQ2d7>lC>V-!pW_X z?C#9gF7la!*ny`_3q9J zumf+}kI|Ya!Z2|SF?a!cji06>lTCXrnNbrz#5ZjXl@#E0q|HVaOSASq;TAXqcD*uhT0+=_bVn$UB+mJ;}RM6)lM806AfS|y?tV_m zIGj$%Kbn#$D}pN{;k|jh+$u z*?dzEl$8QEnH_%*yKE#OE72#+SdFG55n7Z|yOM%ROO!$E%5Y`i5oA~a*;J($TU~dD_DmXP6DJ!_ww=$&M#Y1OxNwDr+BqoHL8kc=4K!LQwN#0@M?|SJGOU zoDR6EREs|j;&2x=KveK56v{j@@1-IQCvp6Ea0vNTa&tP=2+ob#aGteTDMxAg z(+f6Nq)G@QAO6D5>MYj911fchM*i3x9-S^e;oH#T{b3?WDt6k?QUjHs+K|w{ql&)RV-a~ zTnZgU)Qo)L`%Jr9Bob^PV)v*X6x4gR)P#vU0JNno81r2x^!Xjw8kehfN!VD$h+f*bl=jSh5O2QP%oM9JA(; zs_O`?`Zz<$dYUL|LjyB^SADk^mia5I>}Dc&;Ke|NyMDP`P3Qzgip`}-U`qOQatX2ZqL*!3mR{X=wfkJt z?1<7jauZ+O@oK2O&kuAOD!g6dtkTKc zCM5bvT~V*41Z2uHuv8*{oU?&CR=~VfDO=coW*toFJ22&CudO*oF$Qhn`xM#GIhklc zft%~4@3pt=qHb_jm8lJDT0ypiiaNWbJ+JX|5Qq9vDi)fNC{hn08L48DT01&@PfGepiL@Bfg-bI1(JFm-08G|Zy9SgKg$ja)uiVbS9-vbsQx@XZ_&6gP!>C_nTY6sIa=c@qs~`0M5hAIFIo*K z8z*e9vECp*h_Q)I)638gt!tMkDyytlcEeKmqWFM?n&=8wWVm(I;E@unoehzxbiJjL zN11ESGvc3IwS+V_g@JvWBd^yq;0xTb+ITzhSafVtMr&a;O^IP5 zrL{$@(HyigqOSDqdt1;k?blhpKtg@;Zi%F@K`LVrqULCfjA>AI*E(0K zaz@mfw`5NSOphQNc4HjTyl*IG#s)uyE}G6iFDwU!ZdJb)B*eN1>m~PbCce`x@y%z* zdZ)eQvNjs9qt9&nbHSD^)>vs+cLF#NDa`a-C$JP3Q2klX3K@2sw;&DujRF}ggY{e9 z69>2tvT;+7%Y&5KM)i@{JPm`CE(GFWVk+o(ghY~CHH z^Lqf&Hy3rS;>gDgmkKdechZCvqK0wc2QdX&2xTk{VZvTYmA6Hf^ygz?PHBWJ%||#k zNSE}FO{O`r%F?lulQ0m7an^Ac5Q=wuKR1^hj|6-h^p{Z94^Etx<|G(;VwY+N@=`c! zk(~%23XGD*;~^ByjW|MQ9%jFJtL#z4F}i_G|CM=*x$sybJ-QS@n`f#l z8S9f*l*`2X!Qqeo-H%Fy7;O)vw6uHZ$og|orlX&Pr^w55B&%#-^|JeUtSRu+LJGW) zkY7{iky{+=YnK((J8?bZ<$M^?c^x+;F3~i7f_Qq4UCl+REMJ6K7q~kF$2!w-giq@z z%Ah`EHpQv!k*U~f9cVLHVj8+VT$dpJ!<3#~>LM;8z#Lwu)Cht-{0TCM!*r{e5VrTH zMP+605IMuC32i+u9r;$$D{9=MP|0s59IeDsMdvkMFa=$<@KO8xgOxyGCkP?*j8fMi zRU(^lnMLZR=y{`h>6nyt{x9~p66NSwjQRmrKLgicTQpwbjG8+r!mR3utl{<6ybPhqhO$X|v#YIU)35DlbBy*D1$13Qip57NAj!TMB(0W*5@+MZ(v@fxF zbR5cxp(aR%)xyy}QTY&NHMg{akXE5z5Y$>dVrWK>Qu{+)zf|R{o(73~<;je?DvYRh zWC$zLN#7ibxTnxOyEirzrWg=?z~hx+#>115vM*%}rLnTX;ctR-^P3(<KYdHaU6S4Fg4x1P3%2I&`OwlvH}q$rn#4r;iAD6HtIF7Drks#-HS*aZdWS+59V(yuX@pdqmkhw8 zc{2ls=fx*s=SE3Qa;z5H9W@;pufXVOCpL2A3Jby6zO)F{i(q~khw$+tO>>BSPW7Lm z6HHgz4s*0r?TCAPL~03H;=>1?zT9p!tO3(^$?E~ZcRX~LZ~5zugZ7MOIgOMmy_w%q zT&Qu19~f>t6c6@;PL3g5kYR9~p`pHcLQzHe>G9L0YX0rW6e%`bc}y4`wO)1-W7cE5 zX#zVlZTS^NHM4V;h-UnE4pH9@KFLYF_pNkP`0+yjxbSgtl72m!Et=Y9mfXFu2iB9Z zHZ+e9cB}d-J|}lHQa+7nele}yn4S1qr)3kzkvNZ2^RUV<4h8jTGmfK8 zLpD*=T?;hFCy9!9tS@}Sqh_BNsuHm_9Ec9QTbauA7oK6_4ifA3Pnzx6!B6*(X~5PN zQuf_5Hn96gj3CHx|AV|x9))ek3vETo4O^K|Y9uJ4^3=(>`FWLiOh_@Aoi(}%vZ}(u zO;w?u$3~q5bdMf$E-HWCH=WPxRN++Z#YByaH-%m>l&1;!n5SmT7VqfbLf%KaL$hI? zq7>?n!;SJ#^&fg3q%)m!#O1m+hCHZ+&dV~^#j;MOhAE^z=NK4b()Tt;2L!MO-xlWZ z-F%LK_abcxX^ZA6a#-MN)12mgGGe8 z$cnzvR`MFp(|rzCr;ZESoLZmcqtDaaq_E<8>$n+OPa=lwn0pDd8t=a>4B6JH^Le9$ z5@lcs*0bR<#xnMg7v=(*UwV>H!hZ$1p;Gu(`A$Xp9Q_N-cQO@ zY3(vgXUEmhD6X-6vE_}l!{{t>rG<;GCf8(i|2ZewSF-#hHf0$yvk2-fI{_lXLh^RU zy-J9Jda>v!Nb3#~@PL}Njpy-{zT=UyU$ws|q>@-uRv1b{kSE6tA;%8XEi-jH@cNUI z6pbRsfG?h~d(fPrJXahlKHHtmiJ%i+B>w2fFt3~Yp|0r%RMvIroK|1 zYDfz*>EARFQSg!#>H9q{<5}!gj}>jq(R1KVL|`d~7d*~}+YydDV)YX{_VeT3tW+4N z?E;`{1CP-9ArNQw6&^zpeo*{|NA**XjTa%$n-_DKfCa>wy#=Xmn!J|mAfVaCri!Epi`>O~%T=fm_)&Cyc-oME zuZ@SH{m$bF@;t7z_kfrB<=!WSd(+1v@g71R{F*+3spg|5ql6e?5&Y!JGEBw?=tgiwNLe){o<#H4@sa4lT1UyDYE_1$LHUbH&>n zD+gS=kk=A9E7S{tT)cSpF(=RJ$OH$x8p&4^yzn54tFkscaTY+;5AgGaqff4zQf8#NNl*DdUQY>gyAxyVEg`yh@Gpjt5zd^c6tnDFoYMACB7k{K9+9OQ^Y_NqQH*LhqNn`dgjGU zM*yGELL4ro-Ln=zA!d5g?q@;R$4kzDcaQ5xpf+OPCuNrfv#c_+)9SC;6ZP>dFm!gM ztGgDmc|>N!UAU#LUEn3>&v+7onPN(`QA3SW2}I&f4Q6Nl6q8<5D*CN0cljDxj=Yo6wClW8RbL{m01dKM<8x#+jM~iDIxbn zVEjlEBvy$XxuPBD<6t$cPNIuu6vlqUEwiF*#Z)5biXm`qaOO$oN%5+1mvg3(ObM%o zgcVjnB)&4^V}^j>Aode`hBr^uXWGnjm}%5S=QM@d#bE`j5lelhg(<>>>$+jGU+YKk zz(??&56R(}Pp*U5$nJmjvcdmSOl*$k4!C)qmx*^4pA4s3di?-GMk~`1?C6nl%*aW{ zG$>)G%A`=CqrFeutj?u&I@(k_nSo+ovPO*c!_)sYdf+b^-6%}lCCkDo%pU``lOygE zzE*_t3z64$Y%VZBc^rU_Dgf7#e20ZCz{-a3YbOk8Ps>~d?WzgiyAY!Oh^oeD1WZ_E0P$0f(@%H4T#p*=vU9N^au&oopwD2Tyi?i6 z^!FBim`$RrR|nv~jhe`3xK;tmGU`%cjukH%b57Pkxwh0joT`O=oRD}U_a7!(+edVc4f+{EsLsGSad=WJ! z!UK;`bOPzAr%F^@%sp#1AKfbsjvBa2!8{696*UnCX}+Q%k!~<61aDd%uuoys(C7*1 zoc5aTzKe%F8Gqb@&pXYG^r-}&^(MN0*CU6_!^!@`_ z7e6hVbU~|s>QE(rTdz9FVb|7`rV*_b#tKkMZv9Ys+2Kr+#s7t@fGO5GmID{>Yy0Sn z=`rX+N37IhQb;Vv$3eRAL1qhPozg5iHy&A;G*~5{R#V(N4zT{oc02WJ)^~=WlJ&`T zjT}~k;GRp_7F#r7;wa>wuZpCBNWEX84eDhtEyIU-qt|bbxgFWZ!dPA-!Ms3a?E&o(8C?~#YV?ka_Hnb}G zr-ClgYtOopR~QB*pA5v~UUw9~EAdsMkkB(Th=D3H&N#^R3Vya#D~n}KK*XjQj-ghb znqmJnR}=U!>k&HLxitadiDIT)OTagjbai#?y94kwBjEy{>=TKQy$5FO@*xl$xvTxV zS??U|?`xBooL36CM@xj`$XICUXH{@g_GHAS5oLV4sJaY$?kDG&a1_SoRFZSRA?Uzd zdf#Xu6>*30x@1d2{a2cuQ*+^P;b^RpC!@aEM%1v%rEKa>Mv%rji#3GOWg|rDL0=h1 zX7?urXsl2FiK_B`1$n>c+a-{=$o68Wbj49$L|vQ8#C{`^X6u8uZMIBgp7cwqOd|4AFu)wXJE~JVW~5b2X+&xIJSi%`i1tSIR1}qxFYP-~JhAj(hlC zIt=(gL`@DD9B3J`n>H>7eyP}^%@jZ?OKwP!3wo{b(^3W*x}-|xg$EvwJ@_NjC94#C z8-ArJFrG`=k2w-it0G?*3)#Ro| zME|!<^jjtQR7r+K2VimGVc7PQ>+^XDN#5MZGI8s)7%!v2fk(D;yHW}QFuBOxl=N+? za@$#-M|M~LjCD^KkAlvp)CRo`&*bR3N5rz1Cbq=l04uzJ#+~V5Qmjt};T7B7LTiY> zTZG-g)nSlK)653t98j09v3}~?V|?nv#V8zq{nE5GyUChP;h&itfG*{ue3$z|m})zL z-~DknQ5NUDEQ@>JzD!XPh_cjo%|Y5&zmA!B{J?fE@BnR=xRDQe1Tjcf+3x-hf;UIoMdk`Wd7Vh z8gqN@uD$!K98Zkah1pDU!F1MOICOE@)HUJl$owCfO;4cOlTEp8&&9}%j=mw&Pj}2} zw7r8F!SVsXRx{X?O{e=%kwl;Cai5>k9n`69KKW8W8zWCY@nZe6Vz>~HI=ac_2Kl|71U`7X+lQM6jx9mUL^cNswc@4n0 zI2sexe^TOqpJ)an(5hknqv1~&xVK{`R`)c;&-4V5f3NoWL5F8iz6H~lJpWTw1OQcV z2n==ht5N|oH%RQ_pIvSzd_Xt<4Tp&hlL{z|;d;a{{Hpp-o{j)CBgKaHFao6wKLf0+ zE5R*a+Q>+`{?!!5N!*Z2nR^y*e$;*Vlf_~tgE#IEa_eCT;Q15O@8XIb{h?|A5W@N4 z-+vKM=;^G0dkc@L(GO_-3~_Dy^LI7izw2dsn1+(v4R!(o3NO9j7|PKu*EaTVYck)J zgSoT=(t0xf*qtxk_K%yuJ&ZP5U^l`@q21095|8o*tRV)9GDWXzz=8gE*JEO*qg0%6 zzp2BZA$2Hk0HmoC;4Rh+AHnv99*p~Ff6^mm9H2dHqTjs(M)2V)_;9l=z&+WHoUP#e z>*9sf;aifhNZ120lA(ndp5{NB;S8EV=zs0piJ~AEoUe05bp{AaKj4d}H=_`yVf}Z% zEu%$j&PF-feMa(;C6XIQ|z)%3sF3^nX6aco) z0P$Gof9%>)NDsl)%!>N(`)K)X43&ePuP@c{+r9a1W1^HgxFY|*$$tj|aB2Rp-euc2 z3>_c@l?jBf0OSp>+yvJT0$5ZB&^*ca7>MRedH;vOO`qM4u8eeY{;9g&s#yx7;K$D3*`H(?}%%APg{!1zfI#nHC zBMQ12I}(t`x`ZoNJu@&+1ccr|BheI`Zw3jm3oy~Lf%Nn^14pNtp~vnZBPI!|PdF^! z0tx{@%$>aU=4${^;Bbh_2X-5%_lwjOwZ>dEK4rkgk%Df%SnT(J5^}gFkmjd%Pn@nV z$9m%*#&2ot8^$N;h9Tfy!_h+kq-};wxUsB6i;Ipo`~WOczcYX$$ikxp;=V=Yt?sXH zz!|l;yR(k3s|9A%_|nMU`|PGYIp; z3N@%8D7a`baw;Ops%(JOUYm-U>-Qaw57vJH38Gy!7KGC}>yB&I+|Q1K%SkU(vw~EMq?gle&qkaZ+Y6 z+!>4Xsw*1y{+DISZZk?f&&-MBSLivG0NbyGjX^$YeEs2n+-$TE=?YEeV{Y!;|&l^Ah6aJcRX0JXObZ{ov=>y5M0Bo((w z+yU&A)R%C3!|G%-^c{Qh8TlkHzoz8P_fN({^LZ&6BGHBUc$IQ*ij3~s`aGc$e1!MO z`&DezL;>Ie+~2l7C7McPOiV7e;=JgIGF}_I1lCcvfLv1eT$b(H1_T4V`M&Vw&F2OF z*ax{(+D14NugCLabnVq*qi;)E9M`w^(qkbKqRWrxdA(=qlZ3u#QyrQDFd?h@W>E6i z`zoo2UlqfhZS$c#hm*$knlJ?gvuj0k?;f=D-JRIkbNtNn>L!Ih9v>MPaN)Wh*5yGq z_26&00o7bxegkAyQbsfbt)+-6R4>?e;H$yx9zO zyy$y*dV`KCwWytBY&oF{h?A(Jd#1=WqQDzyrJ?{pHUd2&6p0Wl(cHJIRbtEasp2w2 z;1cux1@@nTETE3YZ2Y;xxop95?zHAwBiR8*Ow(5&%9gdO7`$CtnQ`2%*5sNv#hm|sJcPrWCYBvqcD<5$FX{`Ks`0?**30wv>kAP*MuB#X8i!Y(&h@a;LD0 z?jM-Wb8c|qZ+{i#4gA|?X6#8(v`8zG%<)3ijNkZ5$vG9fUr$l{Y#@$&B*^cZu5#vn zLkQz+rd(rPEI~tw8}flm4b&X~JHvbew7yUN2Q5~~+*ys4?3K=vt`TbYJU3sE47xq* zi$`27q4x{fQ{@x+dbfmrAhngq_VSVU6T|W)!gL5MbHRq=-f}G)U2Q9=TQ2m9(1^PQ zMB&U$(;jGh*|xM>thG-7ij^O}1j!TV@Gy&t)2}elZ=3qyNuIPQ)X^iJ{fyV!Ro(SD{t$&Se#QHq5AG$!GQX2) z{mdNwi}!)m#H72wCmAcqQF7m_3&t(X_t^1xzs_CIoq=kK#EnB#9P@cf`rE=FxfdxP z>T7x_Z|5QE1db6KT+sx4)YMlr&j|0y$BEOphJ?4bv?U=k@YVY1tA_JrNt<02kWNwB z2eHbN82_3ca@E{BuXA#<@n#<=z1ECzk$sEA59!9RU(|&@X zE=-Ld%ZodANmD(t@N1ze7N%PE7#6g`Ihk>I_)JCErS{-z=as(AzBf&p%U9Aej6GE4 z>-p(`n70W^gGhhB0>|cddkx;icM_?BHwtD9MAs|8%_nh<1kgM`du_2wM-PUuK>}mCBbCq*#V@ys^UYfcy0kIPF`2`qINIKNkG50ag&Iz5#d1+mc6p>9VHl+ z%`*2Iur>YE1K9e6tVC2YrBGmI8{DuKr8sL{N-m?BRp+|-q{LJ){F@1>7vK=2H^5uA z_4Dlh=f%$46WEpt}nK7GV^rx8Ua#fM8ySee^8sr5Z7g^f1k zr;*lfVm~9?;rB5Gk#*_@Z5ED30(D`)xMN$EPk~~4mxz>`9Lpa(rP%(geFZD=#CZ7EV!->*a)QPmnBD#PAh7x?E&>W0mXY3`|O& zqn0zR8D#R{7qHqQ$@k0FtL*Zcz;1d_;?IH{4A!dqbhRZCKbW|Q=RN8R6E7egzxO;_dWOjRYy1nZs>`3_Mqc>dzJ?Bi}t};B_h&9yslSPw$CaF@pc30)ye)j`X{14{t zN5tNyMSXnuUcEGy1pzm1k3Sxj+X`^F5TIZYxwBs9LPgW{X({K|@NGn9=}nz71E~04 zI}yL#b|o{iKjL?7)g_JZ`1!;4#CqM6roR`P?7`bpuW$S}cD_4#098!w4Z^M4_H*8#oRN`|0HezRl504%58tF!xWoPhahk0Qy-;`9dVv3L|qKL8Z`x?Y{ zpmJRxm_w_yOI#{rwYTvuW)X6F zIjQjX%&ZVw9ryd~5f8dq>b0~rp65ZZ6 zt+uP*!A6cq7+!S7#ns<46kaK((|^5{JitFl^puM{ddPgO+V_>N=XDNV_+-01@{dPb zF(s@Wi#^V25KTdF-msIxR5DRiKZ(rtrZA6vsGR)N5Ty{ct8l?0)<9Bz&`Cs3Bt9SN z3sME)Fz(S@nY z^V^o?!l$ZZqD)8`XQw-ET?zIA&vzsrW*{d57l84eaBPYnb5q!@5V_>&zb3}r-RLd3 zUK>iBT1Y7&Qi0D0(?XG7O{x2sJsJ`W@K+#*xizwK9Czk_o2PV)NFnz$VNgqj zYx#goKhOoD)9fygP&~6h(%XDw*j<}!(@eBJbfquZ^*ueDcH!7W@C2n&w<_0gVq<02 zG!@#)n{y^$U7nSE1@lXOsKy}=^gJau5vLm54UigzFKRbd$g zPf;1HcK6*2hj5x>@e^F3Ul60B;S#;=#S8T$szU2!54=*$#CRGyAo%P+q4x;ZP2JQe zTp(n@ji-kGSzh!dw!O2fFsUGI-enr2ji_>v0VvW-?Ttj6O&XF z&1}h=j-uN`9VQM3K5=8WIAy4=1dCy7$(BdOu2502kXE$ROk=uhBSD`_tk{zxkAxNK zt}yf1v2xmse4?UvHpmjucxcs=+{KWK%!ymd(ZDq6Y1b4>#W44)<+WppE*8zi@clO} z^m}Tf76 z4uy~oW@`5iUAJRMI<8#M!dg#r5Y*eWY@LjUZmZVM=8+yHsa%E`UCXPwqF#nj4vxb6 ztQ@aodwYa#VtY`j!nkJo?1<-)$=)DU@m-bBpqL|EcIXKJDzz&0@lCG|q60b&O0r?| zky+PC^(R9aRhu`Bbyg3D2t?j$)kP@MI=Nz2#%!_Nut%uAJ$cxQpFcuk^_HWql^I2d z*r&?cNT*&4>n&;RIcs_V$LaLF@)auCj63Kf_%De|uq$cZu7=g4>dq=mKTo!=v??Pn z)I0-dqhg9s>Z^bm3nC@-17mhfw}@@S`&(ocq~t%+ba@Vpymc_Gh&_Qu+rw>DQYviM zgWIB4i67ni6rtDIONxs=I~rI$AvkDrk6ZGuLRAR#YgHm;8!4&caK{xZ%s`!h*4GuA zw|rHX1^t~7q55d_YRR9tI19T9HF_d{gwp=a_8GeiJpjjoh_E;GF`?5 z%&)wk9g*njpUaJuk^hyZ#)1Yf3*Uv!Ofz!(qR}Fj2oZE{`3KF3>m^U>8sbH~fTFfu zs^!P4(FY&lJ83wwJ>;ED0mTS$xmwQ7!m#@w<>sqpDdkiwwI}7Z?$odoACM>yVD}jH53p;hB91t1)_iRU z!REPubzO?oERv!&JzlZw39}sA1yj|i`3QosZy5TWo9%;fISDKL1#5Ur%9V|?jdY0#7VJG; z?P@(_gy?LKw}OXwnHzUn7)aR@q$I^ z?fU$kh2uaJpF;iX{`bW+AK*G_`zi}{Sv5Sd(^N4%sV1RAzG8?Kee)Tgwm9mg%Mm3X^SbmiBB-=7>q?RUv{1vD5ha5?p*vGBvA`h-c1oSp3 z(_N1&L^B(}(4mBbirL*sWlq!ym8oIT-0OTQ7VVb?vgOAlwF0`iCKJMrbaV+Vb)ohbJ1#(3uPbq8|sHtUpwq;<-1kKP%i z6`>mN9Hx&pb6b)DaiHafSk|;ACZ+^=#i-AQShDpmlx@7O;-0_B;hUV^s~jbUy=SJo z<%v?0k;}nbOq%l{3iF>e{2bFfzh^Ey^0Ai?m8P?7Z$VSu`SoZh6`8s*EV9h=v0i>N zd!q1q%=Yk)3RhZzDA97hCpneAKJ+4yS);P|#FO+yURZF`8%w-4pYG+^R%&7 zpt|rJa6`q@ucgt~;aKIMC(ZE@F0Qn9hCpUxf)Xap z-*P_x&Pr9N(sq&>E}VLK5TalvlqKkA?2@?7XYL~M`yOdg6V7mWC-;{`_B0-l7$dy= zT&eK*sPHxYD;QG`{TKaI3F7k2UFl^lW%n7&Z@B6st&w;$-?85#{EYY0U8ItW%!wqU zArpmW3UDIM`;ReMynNnVQg0R3FnZwA94kwaP!-xm>XRgA{fe_#tbD%c4Lz<0yQxo` zHV2MThcd!?^UBwyAhSu^AhLwA6M4$0)*P3?@AvZ`QNc zQ8i#O66DLt@y8U=d!t2|$7bVJVoz8tC9q2`_n@jH_-zVg%ZcmzvpQGev8qg>%Or5{&JylDAR~7@N6dN zq<+V;G?ItKu0cO0gMIr6;1sYqx?T^&e&@}_QONQzJ@kqjgfhkdB74>5NeE#>jw^al zhQdO4{2m=`k%fON}8OfhAUT#hF9l9!@Z=%=Db$YIf3TkKV;BoS6R63Z)ZHh8p(jo*yzKpOOEyN)}6qXu-j)VaaKLr29hZf%<7~!p$?$ za6V$()wjgw7RH7GX)Q@mymOzLR5EQ=nR+$`zLly}NRV?$4{9zC=d0%hjwWxm61lwI z^9>m2o1_@7^_h^cy`A<`FvEX61F{0ta}QOb?zmLhR=Ad!@D7t2X83&aD0bCvj#W!r zdGKMZET)Dud1POy4sVy3Ar19oCp4S50WWyao__Ir>mv8*Ibpf2wxm(p;zle~xhk$f zmuwL$_LFVwLAfpPhL9b_b6wk`(;YK5e#{y<)<5L+9xK%lxcj}#nG&yGGkYzD$BX%|DMC6| z-WCeU77ME`E0%B!{#EmCDTem_=Z%Bd=eKG=Nxq11gSF@qW4sct}W#scZ#iF(2rrXUwT3{D%~^f<-(gUk3Oj)pAB z1-k^H>HDrc-XFuom+!%*%UQ=~S<>#5bzwtF?Y!B9*2!%=#MNkk?H%OchXdpIv)zIe zri(dx-n~rZYcB846|Z>fVB12zJzApQ0bDz9qmv+EmX-;o(!Vy1jqUO7a192_c;fHG z2b+DNRRNi{abuXS;aa+cw zldPDXak_>S#H^#^MKlTWb1>(s0ZXoEB10%zk9`&BL_w985)1C`jGjGV!8v?k%pb9t z)*xc>q#hfRK_U%TUT;J+3pMjO-c!M{M|Q!4)pv2I^X&D~78Ueg+kD>Q)+ZJnaEEa` z#t8Q(5kxz!ybUQ!660}SleTcpUk34XV7(VH;xomm@0A{|if_W} zE02I$ek;bxu2tg6byS!uH0tT(MMFn25Q;{{xQANm@l2QG*q)wpM1gpZ{X%997K<}5 zDm#!WEEc1GqeSB>CbQjA{z-2Qi9hYGb=#0M!}FQSuj%QWUIqLV-`syLoXse?D(A6` zVoR(%6l>agQ@HDELoGv*5Kk%^A(|Iv%3GCjoNuNJg@}Z|vKf5lXJGhAULvs7!v}?@ z-A8URBf$9tB|{+3o^x`^!S0ox#MRH%gzlH_WY3tMk#&*v-Da%#>GgHar1~u@hJAGD z-a!QBKaX}dY=7&4U^({yi&GkjFion8xN<%{Mqe>>B+pDk$np3r-G`V3Xjf@CbWbNe zbQGjRZ*>7;ms>2KK-KZMbU$kY;U4DmH=1ot*mco&*sJ?#iRgLjl`K1FHA(6f7#R&z z>R4qS^%QcX7)t2BBZXLV%ii5gIY(iwo^U&w#0&;uhl6t|9MxIGI}t*v`rPMnchL*Y z)bo)??+6MbtzwukP}6R4R7E8kJ4}ZA1SQoa*hs{6?kxSI<6Pn0Ph<3S9}p6WlYd|RqMh;WM6 z$x()A{iyCRgNY&2OmBq68jah$@B?1_ucE_&zU}cXUGidsnVKl{Y&1I(5d|od-X_#2 zwVGZPY61D?9X&nBXcM?+UFdAM_xaX#bTw<#j(8`a9uG+=uHt!EunZ%#MT8)jofkrm z*9+FU8G?88BvA4+uLT>Y&}iQl)%0tkwLH%SuDyMHC{gzIOjSE{y=q_AjcOQ%p^+y1 z#Xn$ccH~ecSZG@dm5!WjyYj{B%CLGe&~ZjU^&V5|F{Fhidm0|R+!!Z1eZE76?Pm@N zxK*4+Ba>}x6>G3&`MDTOkVXT_RLXO%Np!{OFRAEp&Yai^O?2XgP;Y8oBIn}-aL?-z z4>f;Dd}H|fo`cVLd>yYxD-ousp3#(`B%xog_V4VDyXeR6Bx6u;l8d0qku~&e>;&c{ zkacF$ce?wKgRkNT64f!O*Qmh#xseRLcZgo)-apfg}nEg5hClqN|Jb zX3Pt%r!0-ND{My9DGufVqBWi#(_-o)4+slT=!>ySJp@qGGgGg48B9F=+MYa2zndwJ zoQ&}#Y-UqJT2^lt?#_{hUP^pZa)et=ldu~K-#XDVzEwE4!!^M?Z2iD8kUeEI;b8`j& zRo&P~rM^cl_v1vzY0USPhD*t;4E8VI$=f_^r%%4)LJ3JDYqdeSZ$WpmMIY&rB_AA8 zY(D>yEI%bhVJ~-%hqwL-WjefB0v3{ucWmy}d5u>j=J ztPt-3h9BNN5-BpO#V0Eh9{u6+R69{3G2FpeJ+xa`Ffv3dEdgyg8+mMdZ>odq*-2O-`Z({_ zY7oQjx87_0%_xk?)$3BdZ`qeMP#C(k z0K>=F3qfV7D&um&&k{Q8mEm`8Qs%4={P^qF9uymWG*1f+QK4SSVa>Jufa`eUl{Lvp zlf3eHG^47|ifkr6LAulJ868a_kDapJlau4}AY(5pNLBdPrO!zczxFk9#T&m+<$rhk z6@4v?;e17yeCO}a^0@4UNTk8WZW_zXe+;!9+tE})tn4S8Sk<>ndqQqdDfMdZTmpyUBE|+ zOLX$KTkMtR!#;}BNoqqXd?%b83O?Jprtz<~uXcTZq35=z57Tx|ScrWqW1t(0+M!8Y zy)E(ym|x5hzIvrPS+vT4y>IVQ4k{B4cxO0ok6@M%R0C$T9R*B1O~s~Fu9;t>ABGrT zmY-kBL71(_)sRm#Cu9A2$F7&F+TZdd>{Oakggs%ATg9KtcyuO_q2GDM3f1&{(RFOu zfLiNZo;vz~aQ)H9@|Wv7n|0a=V&- z%C1Dv=xeJgj!sF`tKzJEYqDIq@~JP!AM_;rGX+y6XIuS~D~=^79LxtE2&zBUHzXIJpEQJQ97+RkSxyZa(4{SJy(P&?g9sod=bC&nR*P-{5HmhO#Y?guPN`UZiCWCNIun6 zu~hqpXnaz5o&L;;Yi0eq^Omx7ypb+wgn(fWSNm&T(?Vu&PFL@#Xz152bH7+62VdTn z6`r8dkDAX8Um_tQp`hV?Dh|f0PROXF2lri9rr=7mV)WyQTUt298F>*zeiP-@5|mXjpuv>N#~1F~0>N`~VwlbhL8*Dp(B~1fa8m{ZY`=ObZ5V zR$;ICSYC_CFn$RD@?Bd`MH-r=yiucE#)pwb+9nQo=vP@pW&ZeoRK|_{9OM`JoM2xC zqk?Nu7V)ZZ?XQQHKMeLqoYUX0$W^1DU3VRXzQx1v9dUd+KN9E&sd;0Iy;$c2*ENRv zg2fWo)61dsFYCrllj{%crY*erRUZiN86=AD4?pgMldE~P^xs<)w4|a0UW8Vv{_76?>%+}GyrQ!Yx-S3v;$I&a zSZU=b-b>Fh!5jPgIUt1m!a$q)@ufoGzqjBM;T6Sg6nrN5<8uAJmsHT5F#G>qo6x2d z+_j!Y|D!qZA1&xYl4<Rgf@ly>LHC=g*4F9!-R2q?P2@R+60simJ`D6F*kEEjJEi{|{drNFVFy8;a zO&~V>zjm84mexPdDg;Yq-vIzt2;fZY);fII!~oIi;#&Fk?~cN3W(h>k41xX%)FSW- zkZwHT%5Dj$@J`&lgQ1ow8T4!CZTBiVo}n00gWbeCz?%?HbgqQ|)oHm^kd$ZULER4E zN?cM!O1a=8w6*|r?mPFqBti;_GK9VMR$9Ggz60?!?{MJM00)7A$Wq}!v;yH@-IzGN zn;}8$1OSJ2#J50bG~Hh#U*h>dEZNI1dtbqO0wPj1Azo3Fs}g^d)cTzf%0@QbvMOM8 z3rI3kjNMn?1a;{C8swI#DD{r7t{LUp0g0~zFEAQYq$s7ECjs$+BQaQfiZ}{3j1r+q zyPThT7l7?kuX<8<78NLQ8V^BmD{b%uwftonJKNgtjF8bsmUF z#VkjCTr@Pdht|`L0fj1sK!3M0?=wF95MmYG+a?TGbW)aKcj^)7Izdk53zxQHOGDe= zA&WFjs;Ds_jU88z%i;~H2gy_TgHZ|wLLMg#?HI$PV8{>u*>`j0^x$ZJbQ)dRf`EjP zpnUSxIaT;~q$VKZzkOMZqM+9O>>WOZ)+*hfmzcOKm`m^F`U(}eUX$z~P`-|kwf>Lz z4$g521b?UPa(lwRZt=gvrPOPbF#Bq9oVdRZ_}jj~#}}_UuDD43&y)H+!d4T2uH-1h zAMyK_fBaiP9O$+J@i78_kBxsHuu%ov^2*Ig(!W~y?|nlAz!PXmh<)jQi2nbFjVgOv z`LK5_18CfC04_dTN^;P2ANI6?)K zT_B}2lMGPW@{aEo|M|n<737}11G#=XkJsKPTrga8{Ys5bqDFIxQz7_enIP1l-m-2C4n4Rz!q4 zUv=GVf`W6Po=^w4y}fI!UEph^XFFYbWAW=Gy#{EN?p@j%Ta4%MSPuYv`v>mr5$;%X zmbm`kk>X#^dn}oPPC8(I1H3Pe#k4tc-7`PzXoBxEn z;C-oXcBM9oIsq2ym%y;O$@H?yPW%h7*Zvk&M_e@iRW+F&?lA~Tg6uC$qUTOdfsd#d z;bdEA34!r$7u9{`6!E8z<}MiEYOcT_SvVE4E z-cgcDh{SwJ@oh;j5J<3gfD9(ZH*gNmGv-G@ZVd%ZOm}|HzLI!o`@-P0 z3hP@SQ8$q*+Du&$4lmRIDq8Z-jW9^eeXM#a;zM7aoMZy~)gn`gwI&Cf>0TbfMn7c@ zI0yL|_EmjHMR^14xxR>N44J@}V3@bggjjUD z2^!CYtnl1c!NUhaZd}pP_0puBA^=okNqiKZSOk`WZR?(4|8+hVAp#NhM)xw56~+SL zv^iX-BL6tn&c>+$JboTz=gvKA2>s>1{&Nj3u5hMg%aRKmYtA5?aBHp)fJQRo&e(?6 zjR48!6W$>9_Gp*d_o%J%@phR&Oy$?9NDceuDyI3-3jmC8PQ32`NV8LT5U?o!}Q%XZD zxSno9v>|y)B zmpX=-vr8x!KpdzV>Ns?9dz~>nZabEBZ_O5#V!YQAYa8zJPW1Q$?!_Yw9OHiK1|iMZ zYNTt*6F;4|)eQhJil7?;_RV(wTYJ-(CdWUc{TV5m2PTV81M==$7D72e{JlJ+C-psTBoz^ZK|Y zkdOqOk%;&94H*HGq{_DH`sq5{1Tea;Og(%4ICeZ<<>Ulp`m4>p*qcw+jc&qy)3YBz zewdiso*0{KHpTHGQ`MD9-p(d`GifT4|Eht&LCpO{e#4wx20QR-3@n`c?^Kf0L9LeK$p_KpX zg0clq|5tn88P!z&wX4Xeh;2l%f+D>MQbn2|Qlu$8bP+-a4G4rfh^SaV0|ZGBP$@zv zLIQ{s9UCPHAWcDv3Iyqr2n4$L$9vy(*ZpwUyWTZ^fkjMm&iS>ypJ(sq3Aroy zVW>72CPyI}olwgF$z5aFqWaT&M)HdMr@-9XoBmh^FzaW~3HZmniKiDYd@;V5*jF+m^vLR?7@cjU;7S zOMB=q79Hy4aUP$fH(pOZP81ejivIpSWx0*g&+%D5njBPLEDu1>eI9~7l2fqDC_U^z z6WgK?Eo;vPoXWt5t5OBN1C+c`s#z9B;C(034>mW>wvCWKT>XHbQtwp^g6Adkls&W1 zopN)K_u8xlTeZL+Q~4?z_JxGEC54GDK-uIM&?N83%k7(78}o)+BxDXTY3_U!nC{tg zmw$~{b;;%dngNaWF!((*i z>`<)6h&$)W%XNrgb312zdSbF0JqoKB(%k0v9jp6!vRxHvdbxQF)fj9sW`5hrA}&Ew zLD`cxhq}$Ta`NS)H0$$sRL<=4brCNL#uTR#9=1hsi3(tjKeGVKfMCotx$!2=f5go| ziBB19)TmC)gD^>9FBlv)S6w&cB`a_9Fkt$=ddQQu?&lcmR3oHUAnOJ=;nd!Sfi@kxM-S|xUsr!)-0l> z-bnA{*8DIS-ZG= z&Ud`4yhDkkB%g5U{hPkV6Jekw1~rd0BSg;TfUuvK<){=l#` z9K)65RCR_&%iNKRHx#mSr;dn_Bs@!2i8+f<<(_;5iaZ=tXLJ~I`C!AvCAaqk$xQ#B zi1ynPzjo`$?xPf;vrK~XK_1g9xISB8g{CM5%3>8hs-P(V3iJW0sfjVj4jqQ#?AV?s z#b=#=hK2~8sWT>d*Tm1uMUfFn7uB&oxq@;3yyV+$7eSlcuEdt}oV9IddFb@B4EA`AmpH__&f14vc8+y6bV+`I z&mT}m-){>hL?a7Oev1ch+Got&Ck!L|!L*34u(!6qvfO;J=_$8?C!sJ z?5RS$BG1G?&wy)5n}ug;mcg>I+HAEovOU^uhz1q|Oo@6@Z(jcq{V znPH$=j+nd>!ys_!y}ck#Qe#=Drv63*yLUUi%f;H5_B>Pv<8dYN4+)Y6*WGghF596& z1wu`NjlfF+6fW0>bi zkJvzX(%6uqMCNU5***M>z4_}AJCNcS=)Mop!*Z-vGGsZa6_zjWodW7Tc%uNzYg6z9MPPBbJNaKmk>}VnAGYxp5oV_ zXPdZTh|9?3sil%+ota0iG3$4H$wia<@u^IiY{8bgt|AHPE(pk|)m}V{)@ZGod-8%&lrF3Y$L+Ble;-wir16*HKns5uK!dlwv8x!7(PPqms7g(Xg4S#(9;)U^5;=wLQ`6H0JpU5H7lF=*=f>!sp2rNyWO z2OL`te%s&2@X{||AYHqRw;csorct1fx600^d;rq6YcelHNfJbI8Pn}NG!R!|y_xqU z?DBNBXbS33?G9^Z20smo7C6fzKS*m0fD|V-P%l>aw~$+f zZ=F*uH=3BXn#V-=#gcV_5o5=S)_z27btTyPf~ZbpyIi zc?=7bUhm;7w*d-5H>TKrC2lA+(cM)78Wsw1u92=zS)+O zYcx8`bY>TIve<`WkK^z!Q9<)5S&w4?fdM)CIUZpF87hGuwehfs^7DcG{y%i~oYnFx z>W8yN`G9+=n6HcQSLl%{%(5#99Qq5o!IKA4^n~>{&^hBZ@lm3PIYws6qQc(T$&7Dltl9F7bYyN!##PYDlz!zEY*%n2fU3++^2(Fr@sW9t=(s| z`Od@!w^PwbB59p?sfWRJz{>0W3ilsqz4TVLSw@;LD$y`V5z@3fZe;CmxKqS$7x}eD zeAC*r--!w$OwER}h9BqFD!_F%e5ZbP?2nv2Ft}&GmZ9LU7`iuL=x%X^JOWI{Qe0%Z@oXHP7M@Z;Y?9XA|w+l+&1UQ)5zTES_yy8d!-0z-hb+FD)bL;y@H?08#Z|`Pv zjbC1o?u3tf#p_V@E1~f*3ShcTmvi?up(6$HK?`xSfOK^-v^|#Srt~jt1Dxiwn6|I& z9^WwD&vr0IfhOCwxFtOSw6i%K(2@Ig^yXbZp30L490^ip1Jt$$C3YbQy7BkT01l2I z+;U((pych7@ize8DRrXyM52`Cm~TG!w>j1e_ZTK@&KDWLkq5O-D1Yg|@h;eg1HUfJ zj(McCFOB>~jeQPxndV{+_n9SP4h0wQ)OG42H~(cj3~sO4b#`mP2Q(RK9v~9#&ESBF zlZwdqAin(j?V8`;Zb*Nf3yAC$1y2FwNq)9-ypk*$rU>89y^fZmB>Py|@ENnB1@Ull z_zDnl=hFa>B~B|{l?{t~0tPi_Kq(_BI;ADsIPKtR?GQq?ATp8BU6U~`+6uh`pJp4{gyeis>797 z7H{Y$4foCy>yy7NM0j_+$c<5n#t*c3cA2DJu?D?8Ys&x;JE9L0PIBj3`cI+4j~U@s z_{SPfN}w0z+As4eT@bzzzy1Px>EZmdnkWdd)wCVOxnhL?T~ABHtf%Oe%&$uT4~xTE zW;5Z}>DOcr6EmbnoBGdZE`5vjet?$ij<~JMzeaC0|4I7KyXlET>I0T&B#?r@U9HGE6M8`$S3X2*6}qj?}IJ41K`pn%lmPt zxEt*PIz);>`N1Fe<+y|WYw8_(W2xKhxZFrgTEbYI!uoq)rwP?6k6~diW_buSiA4fw znV}lf$c&cau;zFr04x*#63b*Qeq)bh-0Awj?9jw|V|)OEnz%W?q%ZRne8i6X5GSNp ziU~{4BD9`%|9{YWLXTanm*Nq(sw0{d+6SrL+r`4x)hIZB@_iqEdnQK~Ve9##XwDyL z!GYk!?v4MjdifrA{ysmf#h0^s9^O&%-}ctk!k_+X*A0j3ITa~!M0bLDs9{dO_4o0- zf~BBmHQx;pNr%k(XLM>3Nu%r7ZREIU!oW^RU8Bod``Ix4D{qOfeD38RTlJ^b%_6<` zn7!HBfm1l-Z!eLMW9)-Sr8Z5H@_dyRY{^^UXcgJPf#49)*n*6hDI6&RV5 z??Hc{$N&@Dhmc^vK@Qk)Tmh&qAxOcR?t7Q^h9lX4Xkch(OR53{=9n6}caSE-G}dQg z5M&Ur;%tLtnU62;r!7B0rE}Sia^3BQD1|lHXuO32t6o6XV=yRmBBU3w`_g|4&Cg%@ z;?%<-{kHv_B}5DXYdMofkgIz8Y6jNZ0MA5_PWg*weW|b>?4V#Jl?s+o^N3@6jTFf1 zQJn8xR}ho3neRo6ErD=4K}eE2bFe=y|6G&wveOv04oSm%xvjKh*+xhgCqf66lQHI- zs)06&pxX2lzu>l!D0=>odJ?gQEDRg-1eNB{axtaWB#@m3yRA%%;-=^=g9A)~V8NnX zbHSIn1IMI*<>NuzM8RJV*Wq1K$`jZ%X$P9mk46e?V*M}pM*zx#QE~4BfX!Y??>%J4 zwkmv`NZbP3B4*^Bf%BY=bqL5h-3D_`;7RPfS%?-BV!;R!8v2qYW~y(#YSLG>w2nU~ ze;IqNx$LGKRU)S^y45*tRA2by8``(K+icaTz2JQ1h?vco&rF$8SQ zFY9@Pb>^#A1mNAKcdi}to}4$@c`2GIHm5XS|YhpFSR&U)3b*Txg#h0*ps$Hnto=MSK+J_1VU+%>ZUb&dnV z@k7;fZG~tfhl%6XOdoA;gxhr`QwBkPG!zUzn{lP?%Ojizm)ZIn`mLV_Z=YmlI3mtL zFAbVJ=p3lh-thTyzrl9?l23>S%@y&2`%?Pv5deku>g<`5_G-Xg*d|bGDip381Rnx! zP^yl@66&_YI_zpMl+a#_*T{PM0^%^CmOY^}yoUnP*G5OFvwEv4xG0?u4Ad78yecPR zN|(xsx@>K8$ky+p2YGq+9(nLL>%&}Q6(FkyepFGh+`<%Oq=;+C4F|8vsV~kp2KIvn zlb@mAtZTV|=><%<-MfxF*AD~e5Ano+uD}mdpAX4$J*-4Mkcs4zw4kB<>x3RpV3IA@{PAZ_E| z(Eb#R6N0`>y;ih*8X16o76+7vnifN zR8;e~A&!T09gX1@=(5btSel59lb{pTzZ}4}834hKQyu<#y1g1yJtlZKT#SnlVrz<9 zR0W>WBK-Y^VN>%{gsewg{&vNmi>*q!nMLkclb;el?yo4dy8ti)_2YrZAMAJ!DL`)d zoXnTw0twR@8{An!L@yl1Q3}Aj{jAcms(dFQWum;NMG#Ta*dv)!mawgK)~6nrAZAk% zbi|bK(h=XQv4~EzIm*@l|+a?ieksl)!k zY^?hvehIQywzMyU-e+E*)1|%Y0+`c&=^A zG$|PDB^k5`iA~xfN&Wm=->Uq6H#8jc;0A*-N-qN&hq#V+u?@j`%MwwFmgDidKdhSx z&DZiOXx0s#8P3|mDQ7gp#9Vfz+!_MZI9Iq5Bz79?&E#>l!;d9c2H`ikEF8k7U?>VM z`YbY~7ICs8->le%?@9VS@Nqf^npeWrqVoMgnvd)PyQhxsojW0u5bRApF|$~|YV$O} zz;hPdX6-!1^?#-$d$(>GX!Se1jz>PPtS8t#bS%UO{D>D-ygMoVhX$T9c)fELV82J5 zeX)&YLG~=c4&YWGyBAm~`(ry6e1!_zj-?wS>|#ixa5zCYdjY9i_%aa@(ch9YXVo0* z$1H|kq{Oh^jY|DDFw(b=Yg*1HMj?7HX{?k%x$U})cL-4`@yV+pP&`SPUFE}N{=)(1 zspR7b{EO!zEYgL=M7`Onvzo^%CaQtGM}ADvI!BQqT%0Rhw2phNITlV%o%50GXT^v0 z9#$)Z17;p;Sc zCHO@jW{ZCG^*{~rtbwRhQ@koQp&*uBl3u&N<+(P!y}dN^Mjyv!q7H6IZa%fF`5L;p zRizv?{?U4a=TjoZlg2KY;S;r;!x@hK#g6geqVtWz-*I#d$p(TA`TzF#J|6V}R{Uocz^x?Tfu{yuc~ZaZd3a9B0j;Z+A1>x1 zhd(VnM@pY>4e{|pU2%0@r?{`6YB^NbjLa&Hl{bcsLnvSwD`4ySQf`V8vlWO>wa5J0 zdQI`}hTYi%x)$5KW>vSD6+%U;)+6J+6#OEQ z{}~R-K`p9<%eI5c=M%?B!#B6$9y>=A1q*N(8H!-MSuyM#*Tu=n{{>@Om-|HGH0|?U z->?xI)NZS|Bu$0J03 zP^K0Ze`H0=yBb_kv~NH*T%kWa3n+$ylLi+OHatE5jV?uJAl@7Xq0APZD11w?KZQTO zesc6UzWh>Q&pmEm4*81opfZ4-ZW5D=BA+S zZPa!Mr-fp0f12TDqjK)F<8O{lylW@?GI=!C!qX&GlxIIXcLk+0NbW$fbnOamsXoQo zCzfql?=mt|IR$N7#i=QI*+M>3@3hu&9B+P5+-IevzG;s3ot(ug5<>-#*8M}y3SqAL zm+s7yuvHG}64`yl`&v#z6H79v+Gb8KH_j+9_gZOcQrM~FLR;(ggl6r%useYlRwZ&ju zhD&m7X7*J7RyLf?nmaTtsyWs~LzQpS<&PWfM=I7Wn}9$zW|ih^xErTlx3ZD%`Ragj zwQSVmd!>i%SfYSsqJx=Gx+;4o2Poj`lJw|FwrUgOEQdtbFouiYr4lHyDz0JRy-)iH zw)ZiG!$_ywPL<+Go`^7QL-6b^lHo|yp`)ECx$Ub?Rp$2&UpLV`k9QRn@Lp(KTxeuW zniyS6d?Ws+#R_7HO9?u)6XkRJ_6v-)lDh0`jJ1v;m)-U9RLXn+md(pz-RnM{DQC3p z?OW~r_4h1K-xJQBYZi}?w3i{!ChHZIkiudRN zuva$Fn{P?`+FE(i&)rouHEaZ@8Q@P=!ahiafHC`i`KY2Wji^|7dUH+x@zl3pejh7% zyhkq-pElWZF6Eb7dGcnYQ>d&Qg|*y$!(EwPHBFt&*geIEQ^Fndb9ri=D&2JOXnuQ( zL_hZG-*hyv#-$2FeXPzuXyHJ9^Z(5^{ZkxGt~zg}C+`DTvJsJ>9O*W72ZaIJNfA428nrHd3*nm68%^ zD_Qajgms;j3Z6TBAAgzlFULMeINEA9tab`&Al-QvkaY~TSk80ys<&1P*n6$UPUWxM zhLFp4;1`M_qT&k;)?9r8-E?N#-5KpW30fp1R(5}h1gjE@UTFKw0VPQ`SZC~Iv7%_M zQT|jk^;*A)L`}r13@8HPjbP6@S zOm^eh=YYBaiJ*^o87PDu~+)5qaJVmDJIB+EM>Q8eu-$Y7dy2&hz zIYMveW3f8rr#(x(wDGeJ9Vw&*0cCy7BxX>~2_5e$hnJ=0kKf)B7EYUcw?;h(m|^hr zo}jfp^?;J_*X;*ha}rxxkQiS@_1(mVh=quj860+CA=Za+^EL#Tg~wHg9D`N=#9lt@ zW|3%oOzi@lh}L#CDV>z5$&<{#Zp^ng5vcKDZ{H9blULUqt=mE^mzOKLl|OkC?vhO*BA4eTS z+Im0a3he9PATi|i^h}P1A1)opP0TnUY>=7Kq6YCAdfaM%e!qWMT`E($=JWmXJ}V4` z{lE|v>O3qVjhU&Eif?5u)S%y*80|~MdqJ5FPYso-a@7wiVbw?S$n{iCsY+?T3bpB? zIEef`hBTWW2{_ywqGs9U41?qB5w?2*PFTFl4F92c*MSQ%_oV$+`56h_94Jpi!l67A znK0HUyI~7XDCqDQrKNt-EH!(7ziwW!H|imiqmFfeDy!W>&pPF<7hp~u6tipKiGL_a z^XPG+VOGoS?1h?P(;j*>lK;;joP=VxoaD8L^N%Ieczg*qysHR$uCpDXEIP}o(b)rP zb-k)y9jw_CU*skfH6{7mvg{ln2k(>^?kwcoxGGud7A&|0}A=^h!TZrxHZprik=rI1d= zT&m|q8kWX=Zt>@o*7*`>2{TuNv>4i7Nn%rUBG{~BVa^Kr8@ijN%}J zyZ1*%1syZDEt7F`vc66PS*8KT_eg`Ts~xVd^}_@PCCRen-gFg}%TR1ndE0`Q7qLY` zge|9a)p~!-(Tz$1EmsM$wO7#S8!nI9k8QV0&{V>$5VR?^9LezIF{LouSMT;ZVXXTe zX8~>E8(fI>F~#NFIRkD-O4y9=S0`XyP^~tjmtZ7D{0TzWh6sLyv)7R{UF9;OZ{pkE7vy#S-99RO#A^5kkp01fhyApk0 zDD1sx5G28>C1ksxZGDP*f=Aj|eih@+(p=;9Xg{o+hN>*5ooxM7=JGP2CQPJgSnsZg z%{)e{&jRiwlqY&h3zN31>+?WBj*6a+3_(jF`GvyGdh#wg^}36=d}rgLajbTjyOmho z_!Lr1-~gOKG3g5cc3pOUs}Fh#`=N0qDzim9RnDc^#tC2zK5*0W&ePP~a^FfBqlx=2-Mq?%o#F2Nb#2y%2AJb!+w@9 zBQ~%vJN2{3mwMaE=b`Q%Gww>bMB-4m8mUBTn*zNWs>HUWwZVzEYcAvyKwi4h*pJ?w zE$dg#hiw15qfXmqU+)4-zEDL z>_@_O6go|JUpdvRyKK{iyuJ>4EDf`&Lw+gcUHd=brhs76mzex(FAG6n4t7x`m!25E z#P^Z`{w_m1gdmQbgpu#7J7naj#SWF?_*BI9kiU6v_tJP7;Ev2{LhF{H30D^$8Ku7m z*74w4gq|y>rYQMwKdb6ms=1JU`n~W${%LosJo4ao7{gRZz19a-F^-vu7WH?d0H#H3 zTmkUkd((bs3E_1-xUOH{3_8v@&8sb-4#KIDY=f{qN3Oy(O72>3$S1uv(glw~gYvoo zy{rqPU%jy51NZRKJi1nTq*`l$WHtw$IkOn~&fDKhQFa(3WeI(+;2sm$(G4ldy|=S; zX1j-SNd*L{2-9pMp3IHIoJ%u*;(uF~&^vMW8?3&A8z$(3YY72ctjr>zDxr}eKT=e~ zYtwqg*7(O{4Z6bNyv>!7jszygMd2d{kWXIN3-4Qe|LHu`t}LrdaEmKhD(Ja-;6LgT zj?I{@f;V4;x)Fs@{`+5ko!_gre{uwY)QXiquKuU>@&IaNE{3s}{KB^!aeN2s@835; uTkXFO;`_e%?}PZUe*S$B|2Gd}A>!q&N_I)t+N&$zpWZPetpZKQ^ZyI;P8ALS literal 0 HcmV?d00001 diff --git a/enterprise-registry/github-auth/index.md b/enterprise-registry/github-auth/index.md index c36437df2..87ca4413c 100644 --- a/enterprise-registry/github-auth/index.md +++ b/enterprise-registry/github-auth/index.md @@ -13,59 +13,22 @@ CoreOS Enterprise Registry supports using GitHub or GitHub Enterprise as an auth ## Create an OAuth Application in GitHub -The first step in supporting GitHub Authentication is to create an OAuth Application representing the -Enterprise Registry in GitHub or GitHub Enterprise. +Following the instructions at Create a GitHub Application. -- Log into GitHub (Enterprise) -- Visit the applications page under your organization's settings and click "Register New Application". +**NOTE:** This application must be **different** from that used for GitHub Build Triggers. - +## Visit the Management Panel -- Enter your registry's URL as the application URL +Sign in to a super user account and visit `http://yourregister/superuser` to view the management panel panel: -Note: If using public GitHub, the URL entered must be accessible by *your users*. It can still be an internal URL. +Enterprise Registry Management Panel -- Enter `https://{REGISTRY URL HERE}/oauth2/github/callback` as the Authorization callback URL. -- Create the application and note down the `Client ID` and `Client Secret`. +## Enable GitHub Authentication - +Enable GitHub Authentication -## Add new configuration - -In the Enteprise Registry `config.yaml`, add the following section: - -```yaml - -# For GitHub Enterprise authentication -GITHUB_LOGIN_CONFIG: { - 'GITHUB_ENDPOINT': '(GITHUB ENTERPRISE ENDPOINT HERE)', - 'CLIENT_ID': '(CLIENT ID)', - 'CLIENT_SECRET': '(CLIENT SECRET)', -} - -# For GitHub.com authentication -GITHUB_LOGIN_CONFIG: { - 'GITHUB_ENDPOINT': 'https://github.com/', - 'API_ENDPOINT': 'https://api.github.com/', - 'CLIENT_ID': '(CLIENT ID)', - 'CLIENT_SECRET': '(CLIENT SECRET)', -} -``` - -## Change the feature flag - -Next, in the Enteprise Registry `config.yaml`, change the following to enable GitHub Login: - -```yaml -FEATURE_GITHUB_LOGIN: false -``` - -to - -```yaml -FEATURE_GITHUB_LOGIN: true -``` - -## Restart Enterprise Registry - -Finally, restart the CoreOS Enterprise Registry image and the `Login with GitHub` button should be present. +- Click the gear icon () and scroll down to the section entitled Github (Enterprise) Authentication. +- Check the "Enable GitHub Authentication" box +- Fill in the credentials from the application created above +- Click "Save Configuration Changes" +- Restart the container (you will be prompted) diff --git a/enterprise-registry/github-build/enable-trigger.png b/enterprise-registry/github-build/enable-trigger.png new file mode 100644 index 0000000000000000000000000000000000000000..391ed5e2ec10ddf7d5e04e23062a140b0ee03b95 GIT binary patch literal 126278 zcmeFZb##>3mIoRm9^$UVJr#F>xDXFA5}AZ>G8Z z{(kGS7K@_lvvX>nefIuIg~-c_Bf;argMon|NlJ()f`P#XgMmR(!$JV>yg6QC1p`AA zHWwC_mlPHzk+-)oF}E}Z1Cu~1Q8iUllEfCMBlnB`9E$=@lgX*zp0M=l)%Ok!SV@x1 zE|k#FMJKygv!6m=(KXTad*xK30uNi@{xwB~;ohgo{l?o*W%ZtM~94$JP&KVTBxHlMcerFniS}v5qr_ zopzRhTK9SKV41hNJJu5w3@fa0vimkm>$49u2{&m#C7AC_xa+z3D|mPpk|8BhKUkkE z+dTNm826RjYeR&D_wTeoV2kKN5fm7-tl(U4g0V3|SYn7HarDI-)F{PWF+03TzoXcF z-G`0p8~zqrPWeeM?uk<{#i#R~{#~?OCddKyy7wK@s~QybR#I^;;mfmUOM3@+g;wQm zj2imyETpgb-KcHwEAzz^k^@e_-R|mfK0BcZ&}Ne!^)gI!1dDv8x#v*u1`SZ0pn8*G z1&X|}g!N@bs6vN?DNm3Oi5?(Aj>QzAL|h@?oT>+Zc1`3nC8!aICiYBJM&k}1q`1vI z4Hm~cDMnORBkwRPJ<;x-_-yn!Mz*_eb^|N;hd0+m$vVqSwdVrycIq5Hyp*FMyDp)jHpkcAP_E5%}H_1qYlosf4A#~ zJdT3+hQ#-s@}xekkza9cQ7J;p<@IMjl=x^kG+P`!XmRo)_l<&xAcGt9jXp{rGp*=C zRS41GXTGkhC?{V;6`PokA{=~gb^9ogBm^gd!o{q>3P*CNcG{Ii*KOt^t$0v;GE3A&tx2t-n^81I~K8*$JpLXBAx5RyI^srUvkRpQ?n2_~-C zllVdQ^) z_pO9L`2tDc2GQVo?kaBfTX3!XT@W6jSMBh6Q?gY}fJ8Amsmse5)!<%Xyk zOE5&Y%Vx#u#-TX~?4AD#dfsQqRY@pxW)a$$x6~orA~Xtbl~M15q1k3q+7qg7J4>;=MNKzYyI3B)0(~{VUsJEcMZZp^a|wfOhWBMVS&e? z2zLtS4@VC#3U}`DU`Jv{XE&_@)hM$!EI`!2*DQYQoh~ipSJ_vYRjgCK{t%^rT{J4M zo7bw{^7gUPy~&+PDb;-V!k7|Nm3*FJk#e7$pK_gC#?Hnz#MaE#W6{U9WnMhZm0>5l zp4kJF_#`Jg8c0cb0J7MivPIBj-CrjH7H~i2-z1BQ(J~FrFjT))i5AW<}; z+a_@@F)dMXkUi0qVOd>WlR}fBvao8ee5NY0nz6RDqSdss_O!0Q>U(8_wRGKO^>FQ? znMe2QI)|#b1(gNu+TO#(L*py_Lrw89G1rLbr~*8@LBCCu9r+FU^%GliAES%DS7iHQ ztvJTav`$l@3Z~*-c8(51cE65XXC-^h!zUr~q4QNooJUBvrMCAOEt5b=4UCtJOxlOq z6s4(JHcfVmJ&g?Z7WVfCN2{fd%iBx4`l~Tp6+hM!sYY369749anZBq-&uW!r>kv0D zwjeYkyFYKPuf!cz{meJ4zBKFKIm{-$|8fiORd-i=3->VbPrDj6mi z(iw^msTyer{ulZUX& zf<}_n+(6N3qG=;~<7}fAE}L>F&6c^FL^M$`eL&*9)MCuS`THHtqBisN9gYg4wPDGb zxI8%?!FfIVkqtv7wtU!p0;%j=iu^;_d-8D94{#n6WRsjZE@7WUEks7U!PivQWJAhw zw9eQ%IkWk)fzKR_P4cI7HQpS?z8ahv)G-k?vKnzuB8+QcZDOM0HuWjhu+}(2ZHVO4 zT;iK{-Mjc+0`DOjlEpB}YvZI-$0F50Mm(4vudCZG9JDPRz!9*FDL{WlS4i(J$Y8#Z zxw|mAImt9!o?7ABGr3m2Mr<0(D$1H_k}~o|aDVlneO_~0&tYPlZJ0g1$=3S5`NXYh zi*?&{^x4U8{nObio7VSFwfdRk9c~E3KG;v%@8R-A)a@-|Mze;O;}~cUN8)+EmRJ9&F5`iY@Tg$s@{~%sg!E#Xg#@Z&Lz|o zK@~}tod3-eO==()0>@0Q)x&%A+|a*LSM)Ln6$_EtI1)11(?*=ZbS>$ zRhy&uuN{z+W(;arKQ`^>I9XlNT$YIU5SV{FG3R<1?9+87V&~UzlewO&TpwCTh`Rnp zEigV=V0OTh;&x^?8K2jbPx-ZRiLbR`({XCo!L(!KD-XWwRTuZNgZQXNx}g1!^LLA) z*I_kDzZeOhrVnR38IBlglK2^Cbx#{7#&{YpZ&aR(sLBGgcpdo9?z-{Ut*e)0n%(Ya zx-_loy6bq4Hh#I?YL45qxNI+GFVeM?Ikm0%t@;-(Tlp+6Z!I|===XI>N39VrdeOT- zJVZSR3e+%pc6ckEPHmVw1v&JNkCczljkdbYJZYUa*A;EZ9SU+bm%E*w>w^1e@1>0` zJ}KT-9#6;4-j%tu+IdY*q5nKzu{!#>Tsc}Dl<WLEAUwYB>I9-b>A9(V2KRTcq;g9MhI z;N{hVe}5-nBW`-h3l`z_=)ynnrBT=#ReneHTy$!^ZNLX?S<<|s#Xrv<=qliBCDa|j zz_2J@{(?&?lAnNqfv1@(t2wH@m*FwAv0~IWvN14bbhWYtjs^qcbL9bES{Xa)lek)0 zT08K#@{|5?1P}1~vo|u~Q4|sT z*Xh9j_({zi9c_7-m|R?37+qKyZR|~%n7O&RnLsQ|EG!Jb5eyD)){gqF4Au^0|8u7FcP4aSGeFGaOM}AV$mmB@}pZ|JJV^{P4xs$cSzlH@2km=x5pyeJYX{&S0xZm2Ys_UwB{^lTuk(y^N)5FW+Q;p85e!E>_{^V zOuhPKkMO?^S{D)O9^&$=#ruc($S~;P{&O(Do3x$~-_R602rKq~ zGp~PKqdVN;-%dVoP&hg`ChI!X!pDD@Sl>|G?cY7mpQqwbLC~7?z*SHG!^8r29QoT| z_{+dSvcT6Jj&4>I^AC5WHTeqp5A&e+6}BK5mul?8KSd)DU@(6U<~LvHe*)~U5%r${ z`y*WbKL?l&mpLlm{XtdRO*a#f&%-HIn(HSY-IGt)L#(5GWp2Y3H!hh0SYO<>QmCv3 zt&;yC@9aqEvCx`Ww>@4tjPhR((3L&(3Oi9ffiW53b zd0j8gR!T}UHf)qO9SyWGOv*|3grWkaFyG>;Xw1 zQK2`{Dueh0%q7}HS+>tBEqf{+$1R+LxJur`K6)b zzuxgvd-aGVuwPtdpP+iLHLPu|8%guK`FTW1cI`$y@~U0-zK0?9w8h!ck~qJZlv@Y? zjdq{j%HSE5Fbm&Qzz0e^hvSy($SQ+Ccjig%vpzC&Xr4ia+PN&IY+UD9WS^VP zVe;*-4zd$^;~nfA!!-9^8jbo!hu5iIpLgeloPi}J|LaP{vW>$wE`QL=X|n4#t2$W- zVtp^Cz)52KCE>+A^?Vg8iy!}%ao0cDsVwg%f zn^%$MHSmZVr^9ha!S*`SKCl!1oGe57wXtj8dxS&t_oaiMq=eol29x>$h^oMiPcCII z52dAZ23$EVjFF|4NJwW$;f}NIc34%{>k?I*02OY8Yd!oWO}&KE{;oLD`M&P+oiOp8 zyc-E&$Vni+^-UgU3!FuA5Rv;%2LjU&<5$nKe%L0?CD(P!o-Y=qw+B_DYX`xR2bF`2 znEKTA&mi1>Ab`NaBJi#2{hnH{YRa@dPrLDXS}!J~Ri`+N4T?4K(h_Mj11AIUy!SLr zQt;xKF_8ryY#BW}&pGV@tUMDS|b0 zS^XOPK=?s1i>1^E|Mjm{J{NY?$Gh1!qHT|27x-2oFD_sAiGvssP5 z4^H5t^XhdB>}Q>U)cz1k%FxPkXZ%o&tz%iyeL~Jr@wkSTZJeZi)wo}3nDBUDDrjhm zlfi$3CZeEW^3Z|Z>f2$S?scVa^Cm4o43E^1l}70`Rvy6>xPZSgu|8vUY&vib-7AA1 z!W+omCy;C6HJ>QulIXr&7X44E<1u_Kpa)gC`Oc) z+4CE)VGT-j)l-|e>#!)8;F5UW?dEUu6ZCO55jOh#{JA7%*m^fzMv8d2{{gLWxrb~L zj3IqPJsBBCL6odPFR!6y{XouAx$=HX_LdD+=pNW;1w(OLbsWbJNrD8gg7(4gmc2utBB!be3ewEes8+?kFSS6jXTKa??rt zB(GD%YP3q$KXPaMrmG$-5e}?CF`vbjA=jtvs*1VDLXd$~8hYhnBTkMbSN-+Qiu!A$ z?DPg$#IG^UUhf+!6+4ED{GED_P~%dp5(iVD9qLuTPnG>;75(MqB%~jl(vWQp;#w^l z^8^o+zOhUysDZX0#q6b;qARU8pzv1KZHOS)HHxo2to@nwfRkZ#p;&Jr{19q}f1g?} zl-k#Fy@a1lEPHB-`O~J&D|8{o(B4Z_+noqv2H&Rn)FJ&|YYyBfuJ0)($}{I3+=#2g z9kAC%-EAwS-(e(e8r>oC0j0yQL%$OY?ZFVLwBUF?;skJ!ZO@jg1q-{a58vG{r&X7o zX0>TDWtItg%vH!qY@{=-9QMjm6%fLco1qNIit@oOYlgGyRa)Df^uD{a;MzVU9;L7ZCR$AR+`TiuUG zc~@_zd2A81U+nEE|tgVS&Oua`WI{a}dH)Lpu&^w++jVOr*< zdMEsSb1M|k9-eT#epN%7m8-LnnoNK3)0ZMi>kKFubtzO^PNY8hwUK7LtSD0638S2! zkl2^AZBLjAlpWU~-e7waVX|wv5Wbil+32TUn4ghAc~h=KmS2m^e=+vWWvL+x@6D!N zFJTZ$o3)RBx3I_>RpAp`QHD-Ouo-I}TK(--s^H_UoX;A1dV#9f?PgMTd+;D1Z3B;Y zZlZD=ea)02;UpruWD>Zn=?~Gem@E?~b^6w-8KBH8R}PlAKS#KikF7D-YQCGn-JZ>_RS2cf-T85Z2d zWK_sR93oN?1|m0}*hL@cSOz5s`pv-HD+k65b^Hy!mnOWy-Z4Xl*e|BoZ`ms>no&3X zc31crvRL564>`lVzY8~G@VidS{ZSLE_YK&$yH#W#oXw2P?{jNL*OE#KM5faXu7moa z`ONX3JFn=fs^LKM@`2MeEF1hl**3p3aQabcCE8p=c5sU^+t}!0UjugmYo8i&D9FAQ z>1zxGOtL+52NyKEi{R3<^sLor*Qw?W^SFs4yiD zn&CdsqVzbZ=p85{Llit8Vl@-b5+c8;FT<@r3B^R%%((na zC-N@O-btQfQ%|>QP}8bLB~eH_n&y4H8Q;>$n3c$vG%~c-a8hQ2%`(qTx|iZIF)9}| zk6b?wJ!Y(3S~HP2W}buI1gC6>$gdkqvluOo^Atr6d+9XNWrY>V>OEy=FgUv@Coh%E zK&0T)jSPWbH?}Tcs)8GaZUx3XuvMR-ZoS@7E_ej?m<~PCHDd3ZRT&h&qOw-^DE_NH z3HvvB`B_S`+!WP#malk^>dACzXyZgl*lS#!iumxh=oBxf&@&DTes&qHV*bnvFXLn< zrs%YGV>PB|7kO6|U{Mn;e%S=HS=nJF2ZWnUCCMe8X98pqqFI5Zc?83j@|gk7S5_93p&nk zHd7&S2=wgaw@|tR#OAn-pZy3g9JUCLISDvMiSmxf4aG2ppp#5D%pJ5*xMf7ObUraa z7#JKt+MZ&F0*OUGnI*@a#1fBZrgG&IfH?r=f*p)*`v>*eG7v={w z@Cufo&9>7B8$EwC(eagG&SlTM6q7Z&y*l<8HGj(0OFF)iRi*to!zfXh&LF68)zDqk zU7$*fz#f1$8dji$);D8+=VA{u%$Z*cnsUgDKN`!MkaXn5>_FJA2M+Uf5tFBQI3)Q_pL<=$A5w&$z?T{qm}=twnJi0)ZZd+3bFfjpr&i zHupi}7cwbiZjS ztf45ym^)F;yNZod6}`2^YLTiGLk>g4hrDRjuk9eb2s)n@7GDp0FdgwlsE<|wVI)=z!nxa}qZKiy+l8=+*> zPAsul)Z-4jE^`Pki-xy3KWmYhbN(n&OL>S#L0e zI}f&$qwr0H4Md$k9DrAr`V}KAnu3i)F*jcG*^}7RIGK=yW&|oh$cCMuC&0KEMC79~+`u3-iqbV~bC*wVWw;OSp*;#5|Ld8m&m4f;^FBOuV?YPIx z_797yIVLOVQK%x!-v*>;d^DEm95BAqpA&~jgiONEgdc8(G$rsJFvj02^6yaK7lV+2 ztVrnZf|8dttPh!}SXS4-GWh$ZMvvzWX#Mj=)zLw2v#GH!<#d&yDM*N$zlub7h|P`a zZ4Zi&b5wQ3)7zaWtumQ;6zg;r__yENMVT=DNNU;L?q93=J2o+7XX08BWooY|sYU}0 zs*Qvs-KR?q&S9f_X=7nwd=Ob*lgMKR42kJ5ad35^fhJnu>)YwK`pzF3H99`! z52*w$U)9!GRga4q%Z%F2>oKZ-&w7zx*!F)`5=nz&B-QX@Ji9cZ4udlXRN zP*N@mtH4WIged0dNV0CsLQ99KsA{t#QKB@}Vbi%xdRE)e)@8DhL#v9nxdB_H+*YBq z_PIhGm`g%$wz^4*al>Zfelq7RhBG;m~rG;4B?dFNpMHHV2f4Jb4ENa7W4Z8!-&|#<@BdI;(rp zaPkTZqEd(@q_)5poWdfT1=M-9)NY1}-Y$Pya7|#S8S=Db~A+;)&v@|&D44u{kx9soS7v3B2I^QK* z>eLlV`W`do488eMhA3}xj3cDBtOPID?+Pt^@UsGZxca;!P3q8%pcQR-i!Su*SN!^o ztO9#?ak$|8&ME@kl#@Bo^t6VS+eA;p2mhnc*6dWcbjwQ)5ou7L1cP+yk| zD39tQvIuk=t`!K_nimie<1Z}#6Emq&pbcPEsjP)y@q}Cdt%479b%Cs1w-Gno~>XNm`d@NOzYk`=xk6$b% zPpfSs4cq2&!x6rio}6voV$Y4Q)zm>Gq#U(#Vv{qc!9@FMJv?&rl^j>t7vE~24DvHg ztvZuv3O~AIF*YliBM#7}*%c;bz_4+t|mVl9`GjmP%cO zG!~m)5PW7mDRnxFe)*Z(vBz?l8#+-ZDN(vfJukit-B$`^bm~i$f>s{caQy*dfn&YN z*Z=}7RyJR4yhGJ__Ub?!RI#5D>H>K5>jimQoqH?8_7A7MJ{Q@ul+~R@GAjK zGNmRu3h_5IT?W2iNP}VE%v2PP1E*`6)$zeFGItK+RZLSh;ngjInk$yu)Tck;egQuD)33w0t(Lo3FiZ zVqCtmHIn>P&VZthgVSmNHj6{08#T){PqsRIj{<{9?Cc?+8(yu3@VSy34|*2LGb`uYAm~ z0S=TP;n!R%zFQvFX516o%pZL|iuYuBD#NNFuKd^qa+Kgv{dxzLnzAEMM)5sfOagQW zx~>9m0#xh6CX-?8#26?~sx9>E8;{vTqKr3Tge1Jh6SKN|w9wS1XeK`*H$v%3+wF+0 z3~hS5J_cZZ5Q+=pY?u=bSvHD$zsGw8hTCg3&;npj0zmU$@oJ+L_lP=+_iY+j+%te- z3m$E7{w;wbLj-}Im#prx=oB+-_kj>g>&Gw>RIpu)gWWz@WyuSTA<>8r($@qq zmRZk33tbN&#_0M_UR{*Bv=pIn7nZ?JR$PXhUta%m7=2-*8YS$Mo!%dA+Aa%Ar6`$? zkA449&4u(Ta+{3a1WVm0rk>RhD87%l{d!BSa+PW-lKw1-dGwoT?+u+1>bN2;#r}bAR%wPB<@>-04vMF;N`G`SarOmS zQS+fVZI?yNOE*u^l-~T}U|w%$petc9`6Gc`COU@wa1TdFtoMRR@*<$=YdNY)f222k zz3>ZTy2NPx@5zHaHwg5t0Ys!;V7Dgnc6k2k%7kqaivUe}L6Evt^USL>@iK z7ko5#{(8U4`ir6ck=RZc60gj}=G~%H@|>$RTL?5s0aC>J=j!bkaUw}vW=^8qE}w9` z^B&GtR6!HiysC#(n^x`)w`J&BRIS>0xCNNP=NCe4V$7H05WQOv0DKcU{T^!z%Wh zv(~D4>z#-A%Qs@=!Y4dGEvt+Zt^I)RA9E2=?i4mY?OP*7TKi38A^k>`+1o4?36q9B zPZ`Z%ojAOG6_D-AL-ja}djRl3wbqV9Koq+?LyJLY-jbu&1}VuR`!p{=cQY6pOb zU56(f)5q%H?!mVaNxx34YtA){_@iufvXmQ@(2@B{B~c?kdO`X3t!45EoJ@{EV3U!+ zSxi(H7)g#WuK)T|yfxXAY}^<7=otXhJhPw}I>helqm9Xalq=_+~18t#`bmFNY|CqW0R4k7DxxFt7?(2&aYYg2efx8{%7P%*YnJoy{ zmXhB0V0_#GRT1u7Zsg;h4EEu4RW7a+#ACW~!|xYkdUN^$7}bq_2FlLQ-$C}kX+)2044 zqe+m!hL^m~rrJaT(2|bUiLj{Ob<%PT+3Zy zl;sSkd4|62;Y|JD31CS9`edbnZgiHcLAd55q0IADfD)wzF>Ggy1Tl7@IL^FoXxq=E z4{{+SI8Eu{&s|gkr(NiBU8>D`cC{^DRW`t$H?6As?cTdme=aN|k@}Jcpb?E{rcp9f zY`o7?$-s#Y@f3T=l%;mO&D?sCIe+DRZZTEhM<1&NCXqKbGx+Yvr7cx`Vjr(6N$DJQ z6e?p@;#nG(vC{R3>wj7|IaQhBWhf3j z@2R%Ak8p2iSTx-2712E!{OEb)i4ULFh)1qItXme?H=wK{O#|A-@Haw?M;mhhMmPvT z2F?z|*EiIyr!*GTL6AeN!L!5rVcn;9$v!ExI0GO&pTZSN+X4Gi7FcK`6E1w;

    1!#7NKtOC+ZEo|t4i6W~Cl!>OpwZ@MhB1*t! z)1$+t8v$%$y~Z5ijMU6B1EOowoo3X(C!_#y{^0k3+$mtciYR0%>>S1;ro_ih8CBJ? z6E)c|!HY*XE=rEDQ{Z#bhf@&vh`Xd8MChKkF;EbyjT%Z}Vu?dOuAazERCiLPnli^P zT}qWv9saqWwy5~i7b;5b*4-;0kBoY5vBrQcA{G%5;-tc{hGKrf&Cdc0GXO|J#Moj& zfuZSvEU|AP&lNx|>IRf^BZT%V;qAC41MF4CPeBO07e6co5a`PR)P0&cNKW8(L(5Ah zA9(Qm2I}7|aG7l=N;PIkFOgdUY4Q9sfa5`dV}dCf*C$!pY<>Xtngx5;8EqGBqc1eG z7AY3VMty*2Hj}bHRXK~z$k~&Y!cfkCA&)eMKDRpIB4@*lgQqZ<%6LJ|)>{yh6^TNm zXTk_7&6t5}u|vl1%9K2`0+CEm^t*3%gS##*1=+h{lXwadmPX$d-mpX5_5@tvC`Nc@ z{_C(Dq_?Btgy_n$J4tLjd83hzo}m-eHOAyZrqLfEhr&BTa9N`f;!xHM-=YPOl=1^b zAl)lP)cj-VZkf^A1Pb2(JXYxJTtso-RbhSf#;k#CzqTx?RV3KHY4JPv3|W8B81!T~4}%&& z_y(T0NqqyAq|m0dwF&V@TkSgFsM^7|?KA!GxeOikS7=nJ6b$cUqs63Y9EXW_eZ_KsjcwTPj(B9-#1G3L&H3#~8s zji^!n*UG+YBZ*&Z(E=N?HKHqz0-nu^Nt>nph=U2iw9g()SxzgJa)zM&^) zdarpvgxHFup%=-f7g@j1iyE>9 ziYye+ooHU$-tmB(EeW)gF3Y`%A<`dQmGVZS0=E?qrXdk)E#k4hb7%gUk~k$>F%@>4 z$8lyh0ni-l%;_mqW+b4f{d%!6HN9)FkIL$5b5l;3WCyZ!Sv!=ojeM6=O4LL+0&|f@ zmle|Gwg8zts4OpNopQep&%DtUVRC!iJY3>=lOM0QN=w~}K0dwp{Ih1kk7 zGfncz2wC37)$0qW0@FQ8gmJzcJuQPDtHzNnb#2W?#Z6*G(OGA>R-zb#`fdW*47Kz~ zBfIz|;m4fe@hNg`4ST!HY;Vyb#?V6;uG7&=^Hb(<;-MHWp|TAo#&jK_!{{p|gg;fd zvYlAw*D!3K1N0)U_fUN>MFd|@788>3#QS(CBsge~&+Z9w!a9zi1Isv52Me>0on#mw z%k|8JA2U?NG5~y+D1|k{OZuljJK?uMr>?%!DNwUu6x3czyB*sBo_}Q^j91FDay=`EI z{8%}ZSIK^t3~2!oHRZJJT=Fx@3S|^1ew8$+YE(dzdJ@wQP;cr2k_{tAw;)32_VhW& z=|}UtDlOmmJW%@6MLx0D#kl*d{G1+M!c`1iSu@MhGxUfW(=yKQZY2u=&rh{oFLPY7 z;JO|$%ClcA_;eZtAjHrk#f{orY%PXgu1zX8h8N8#pp)xqp_dbUWQziY7)HQErU1=HSJs|izF{}lc-N0h!h21$6er`Y$a{bdr5MIdKZh$6VrpO2w zv7ol?k5_cXD4^%zDxo#er~r*Czgqz`4*YjJ*~ftD zAo5V#JU5|s$$g(9Q7!AqaV7jREBrTl_4b?>Gl3#fP{hjtASAT*yTg7U?On~A+F5V_ z>dH*5E&&suI42+b^%DpX?0u!*eQPAZv!cT;7ydms@n>6}+zLCy<>fTH^qYR@&o0R? zgbaAFwK>hI-^|UwE;xw`+;(!__ow!6p6g#|B4s3CP6#oy8UAa1{(swD8B;*tFJlU6 z?eY)9;CfjOkuB`MRr>yMAJDfK-^Vwk`o-T!D*lE1>8$})fE2E)8T!Ac{QmWByQ3Ij z*Kp)maaR3}Ozyu%_n*o8i{$vvm%!w$1X$hO19HyN_bijYL7D$M{>+ox>2z-g-gxA9 z4@H9wGydBz#usV+nH5EQWF|1*7mM#-N^>_5}@w>!muqVI2)liz<9 z@1G0j&y@d1_WV!o`*XkipZyA$sQ=$=9e&uaV_Y68U%1Eobnm;z>t(@S0*4_0!b!EN zod@h)+}_i5MK8+9$5X&G_6fUrr3OH2*TR^VSSJBnl|&*g(1;|cd~ka)e6e~BLIK__ zLBOGf_vAG{sPh8BDtZrwQ^vJ#kdGY?d|XDrM$n|Y-}}RS)_Pe2P?M@2j{HgkwN#{l zr=gGpP@jR;{d`;SIR!`AA5g{qL}VR`mV*PGj{;s4KwARA-VWg0o%9Up z&WP7Fl{|@K4EB2(^wn1{wx{K%E6(Uvz+#bXoTyIwi069}1x-V2TVA=cZ!d8~~(%U3Jd0UZy+V8BW ztv*NfSi=zMlZh)%O;yhHIJ!In7Pf}{(xw*|(~Bsx&14;E={PlO`GO2r0O5c2IG}0N zWcpBC5j4QrI12QL)qvlH*li<*X6*K5E`Syc`ok3Bi(3%j=`I5~oAuE?^?abzNQkhp z-T<7B1aP#m`&(N4=@W=}z6O+o$0^-VXgF!@FK)$2z#|9*3r*NNzeWHtdNGWdH(UZ7 z>26M(EGg11pn)FY0E#!&5A(iTCsUPb-d9!WnZu1hcnlnst9S#-DoukB3Kn~?TIxWu zdl}Z@_|0%~5T7R7OhIGQ?h1EzTjy(DJ$~-k8QFz*uB=%d;`rhSQNWmASndV_O8r!z ztyZXJVM8n$e&KNej(LjQawErT0&L&K^Db7YbkipFhsLy3i{YnmeqyGW7vqtC!Y`It zM`(o2f6jh0RuN}vr za!}?zT_jf2U8YCVww4&zeG}=@4Eah8cbS0kz2J-gf|DxEJw0;#(_Ss7Y)i)7N4L7m z5wUB)HTMYEtx!x|%KHwAhP=^{n`e5=q%M9w#pLu(u@Ag$V96`2kExz{_rGUp8tSP` z&#|K^#&l15Ug@Dk_9qunS}zAx^LGv*2y|(%7)OGv?dapK+RqE)y(>mEU;LA3mu+xB2%S-VW)JRxppar}2OY3yJ*|FqXbUW*(y8R+8K>WTAoQ?4XQYmZP zD z*1J73wHHllEuqfjaERCcX-_&)l0`yOA{QknkPPZ0;lhhi`qs}AT-#)&p`IXFbN?+JdcPWI9NK2|w%l@ltOjm&C|9L)B+6w=*krF?T3dkhZx`YG*r|ozd zbr099o{*FdaE5gmJf+M1;Rf^zfp&<6kMy|G1H_Lz;yd>tKOCXAH4II|*-td^n`mMP zdKiRs2UyY9Ka^qqFTqOkYdD#Y-H4{!+(9_m9VH#E!fQFKbvm5SNa6dKvIl2OLD#zH zUuNk6kryT|`gNZD##b^wSIhPlFx8u{y*Wk%-75opkMt@gkh9i;H!J=x$Q6z5-9%FB zp_R=(C1EhyfC+thJ4Bhs;y&#w4xii@HpFL~g1i?$W83a~n>8-0UV0!?*z7Xd?u@)c zVCZt%Cyc8J+3;j**Z-t?svIIJ)+pyGL>ETNU*oXsQSAV*T}Q56m8LEQcQ2l%EVoiN z(_g1%;>)-{0JS_vbC^5?kFPFpd9$==5!PY=`}3HOwbqyF)aMZ%!hk?!IB>Oi1xEzr zSHNY9oCD)3j!@!@VvEMR+pwKoYQ8f^#B&*@`|#<<9tSs>Dz_W01CBg3jf3`>UPtwt zv6z;!x8#Nxn1hAINs`j}w38VVGygIf;a{y@$5{$NlSulT%XO85QnH4EwB(t48xN3B z0h6tclnL>cJ&miPGI?LeI$d2!IZydQh*#|N59%@6v>9oWeUlsm57SwLOVKyCHr$*A z--=3ZlKg};2@sko#NaL4GH$-LBOv%AYshNl>~7KAmV`Q+Q5#nLWs!Uf@4x#<9CBF7Q( z3^vUN8~ghBR`JLw(aKz9kZ&m@{S-7Hj_YUo&e|c7H_BkKC^?r!#H4l_dYyk!-^{mz z6zsitb2pN!p?D%qlnI|}=e5nr9sC}Q@&Y`-j8{)7sShr zquW}%I{Olwqb5sC_GST42mt0?7l(GiA`UHN;5Ae!NFl zWloAg6*CG4@qFdlRDya8BCv<`@iUbXUID<`MWEcGgDaPIoo!lD5j)Gjf8o84y|0^$ z$yKAqnpgl8uId}WlTKU-DqUsh=9l2(&I=`n)dFO5N*H~_bB=M4_X%f!Xl)j#AGx4( zP76$3s6(HgR$v6%dmwPxNS_WMIwK#}0OsAOnHH0oUjRV6lMai?SLm|7@?XtC&MV!* z&dUAzLi7o;aEpyGfz*L!5`Qd}<{e&ClMUW5ti zEa0Cz=sA^*jg4@{`ntaX(K_&gCZ8$P*+x3avO?*+xcynZN-t!hqi|T1Q8PwxAYcz( z^X!mpNTI@QzepNHwMYIR_TDNgkFMR)#)7-My9FNH-QC^YHMqOGhv2S3f(LiE;I1J^ za0vvu*uD2bzx|K#z2iUbBRD9Es#UeBYTfso*Zko%2%FMq$f%U8_gY?Y0JvSUX&sG0yu;c)e2MGuhRkUd&re78`bjQ%Y@`0{xloWTFnM|XKIOtwX z_Yp9<=HCvctw?>#7ngYYCb7k5hsE-LH!K{t_hzus^>CCPQQULv?=V})3r1- zWl6Od4x2hJdfr|S7eM+MlVEeY)P~tXTsweaJ*leR)$v`e)1^<&TK#!5D{$R@LMLG2 z!;hRw$@b_j4O!T~fOfg$ zM>^2G7;Wd%?Bcm7oLa}xEvwk3W@m46(Kk8a0|JMqOc1e!Ea{Q<4PI)U{9~nGC91W& zbBy#Z>iqxGkDk+NS!gb^UINOHFcS5{>eTJ^bQ1OChHUeZ{{OEz>N4+Km7 zzig$2VQE@{Ri=aZ8>1N^1)F#ouSmgga%z-31sDcWTPmqU`;<9Di%_u_B@FJwZtv(j zhDt^$Ad}JQ+;V%FW_F9ZWLTM-o4(wBp%~MVn7DAR$zmK8TLx@^X+dBZ#YpCrfSKUt zNQJu*S{+SCMIdM^icV!5fgDNj6zDWD_K$WYqH1}p?)myZ8&UInMiGeK{*HW4QHo@uhu!gUWJzkURh8*v z#A4q;cqY_{G1*a!>EP++clB5;o5Re�etk(4WRzbkB`8*bZpY@&B5NVQ%@~a9$u@3Xg(HtVFHFLITd!dD0HbLQBToxgRN9f}CC9DEJ z(kLg*J=z7$Y6+roZOSevNot4S-gaKfZX#RQ?n(@+p1va#k+&A9@kKwy{-iQpganU1 zQeG3fVB95mar}Vg3i<^gsOWav7R!tf``X)D&_;Sa)CCbsT3W6JRt?uHTW7aa2-cB{ou=zi#N$5$vw_?WE^p>bO&ctjM;e-TIb@A*? z>lTo?4B`dDqb`#q$pS_In})Jl6um{d`oy** z+vgb98VZDqQQSRsgdy2-DRF8%)v|&}i79Icp>+0ly^O0tvy)_*{5hj-m-hbTK^CMs z{EFj%EF7cQOBGtwhY7|0T$xqgQ`S#fIz+*3Iszp(i{ZDme)ziu;tl==MTREp%l0Rp zn#=3@nI|X%oD))$kqk80Xv`Q-&I}xHM+>lNsXZoIzj;=jA2A|6U`~Ls=Fqw{ILAB% zU0E2YEW5EMmpAczZT;#}%AOIPSkgEjtGxS_ui++@iiv=JOtLLsUDi^<45k-36(5b0 zp+#ZI%$CD7;m3omY-}*C6$IkGGXqu3ZDj&Hu_v$ZM_k zdix$BU^KcVM;{ZCViY>e`!ykjOtl;K|v4fC}#b0KqG{g5(TVr z+g%rvMRvRbc`#MvIp`4!pj??Mv6A6|08%bTDI~Q0;<@MeUN=$UP?GZXqi1riO(K z#Z#yygU>c@m0OtlSD*{odf#v-Z77*U;zlXV85Z@Fln`AHW*JCh;o5PDL?D9;Xq;9Z zcp~T2T|m59%AoUnU@c@lpAO zHW;6%^T(tsCjRn-O-}hSRaDm0E2TWbu<exWR8Dexeb{ibc~v>7Qle`|%rHjhM)eF0P2T>$loOL+ z8aGGrRjctTx=mCd0d1FTYKXh<9Vw*U!y+)!z*xIypv^pR95cy2Z!)$k1VKD;^cyN<1G?I{5hu*ccL<|YsTiTr z6{O8q;T>U5vyNQ9NP7u%q~X~pZD&mJPLD`froKqf^f|G37zpBa7E}*VQ#2X}VzV{* z8+hx;oe`@br-p%(PlC(?RH>!;THuRYqohi4I>CjSm4i0j7Zh9?^l#EC(sUd#&m>%! z!wjg-%s{O4lKtu^n5HBWQb8aBtVe4E|e|DgrW=vj23n zm61TCYO!LNCH03NVO+f=6V9^_8cN5GUm@T;MLDvD)9qiabOZI9G}d=9*?2wP(V)*L z1UWT3Yhi|Pzv}V>sj&D~&MMp`jlXm(H>{3QJ{<`_AwcDHk&=Vw+oS8RE<{c)l`Qp{1BKZnOLtd54% zGKfdME#$Q;qa8kve%;hLB6(2Fw(0Tbfyc(39+e;nGSkdW6^^KNFdjI!-&Hz zW-1ou@K+O~8J#|@V-bVdShB(T<|$=NDuS*rvxTOR!OCql%_i(R_`5vx3v4!M%p+Pg ze?Wo|_S7!NYE<3VpU&=6WhKr6(x)@v=zTvu(GCIelxgH+=pJ`{Xd7Zj0$J)muH0=~CFL$kWrw9a+&t@4{IRTNw^fcr$cQpS<0c{VI{UWG^3T6MHg+{*g+oyEw3>bzKVPms>vt+>{F;>%0#wBE@Ca{r2azmuL<>7cD z=~@I;+f~vW2tXT_nyodaEG-thv|!4k8objv^b6u`+XmkaMH$7K(KbjV<0~_SNr|hh zCmCHgD0~O3%a{vmXul!f@$|MRvnJ8AS$cuaXzsrAe%6BiNiiJt(^5FNjPeUcKg%>N zrHSidOttmquTGd$dRvjRgijLK{jzZTkeUh>{l;VX9rN~v1aaAI3Z&b7Q9E)-vIj$L zG=}C~8*=`VpHnClJlMKH8uWS?&yb3OE_I`My-VQUs%0c>FI_{-0?vG_TKz%jwJ1YN z=}|h2!NAjW?)Cl+w0ik9GJ!2q{<&ioHR;P!?>Lj)BoFpl_q7V%5l8%eEZ*p~6_n6p zABt$!0PkuF$i=O#TZJWr(Ywa?DL68RGl8gJ0_8gn4J7@(-p9bl&2NU56Szskpg~lm zc;gv;3d+?cW{iJGkFs=OjH>ei-PvK8;CmWtYt12zO~_M4^gNis6YI2e2-itfmNE31PRj{+>CXW117} zpt%|2NP|#tP%cGUgT>k%_kwCV;w?Y?AcDA!Nqw+ZeU_Qu_;6s+=GV6jbFnNlroR_D z8UBpbAN^wN*4941o6o7FOR45%CMF$eT-^*wkvG;`CBh!fA1jEwodQQ!sAD{mbSQvL z^qXc>f>(H-XFXvE-9G!0)<%_842;B1TGu3&gy-cNN%_%ybbhjBUKEiU-?5h&1Et+q zglOK+1M=3^VhqpG5Hq`mjKvR5Z8-p)p4}33vE$4kxgR`07s<^QJSQxhzc8P+iLMs3 z@_kM@01%tf$nk2+wWMV$)`1%J3hJ6qqZ{;8HurA6W4tcWk6l}^2g&!Sst+s!tT*Po zy{Wjr*&XwVcr9I5);k`CW>So`xz1z717o}Zz8roama^*=Rw-g#|Dnc z)&2&wmRUUPSh0G3ec^XlK17aDg|tV85_X0*SXGQ`y?TfWOo_8{S7Zpk+s4UKWQQ}1 zt^{!$wVoVMWAFk9l5i~0;S)2$)l=@ib!uKCU#9c9?s?j{Z8cD@>UaJVjw!DQu@GVk z-FPw^DwN)!P$}1a$(<&e-z^zp7sds=sz)1pArN+`KL~*T0lS5|dT^VV7sdYpVl~w{ zQ%OSCoTrGaYU7rRcAz@s_LJBPb;6F*a_$Tc%4$)e10ifAxIN3!RXJ{dah$T$uJ8V1 zJDHAp9u9pdloNkiHxN;F>+plgSBzg_s(MZ3zQCbh2vOaI+(@WwQ(19FDosYh%XIe| zQm{nIr=JS^CuTA#tH7`$@`JrzE0h3@LmvEbvlI7Nbdj?zdVn0N8%D+R^)JnR*!?C4 z3dSZ?b)RMegwN?o{EaovYif06ZP}q21+Te2SZr7+Q${!Ler}C(f}56~9q6fX(v;-1 z%gyMuomOKjt%dq{!;lC$5VhRiy(cS3r2CeqW#v&rH+SP&7uS6>=supD-nlx3K2kfe zDb$9{8{Mg~yhK!=npnx@B-qweY?k9#IV722EI^b4Vp`f(rfUeo%_6%aal%TOpZ&j) z^k+4?cq)FGPjd1z#M|wUH4^D6@J72K2;~CtcKIOqE)D4+3dOhe9fVJqn_;VPR|(pi z)5V9PVewV@U{MNJh8n3Mda(LZfzzn4ph@asT%7#USsP(7#N7i*qe4587!QpF^ZPjr zjb`U*sa^gy7%3_FOH8eUtW-Q?{;jJ2kmQJ=XJKQqy(mOwrhxV3kJGggq9d)UTpmzu z=}W~S#6CV_*r4qN-5;h3UKEka4b1i5PBa6xlO2T8!WVutoy=(V1KYQXI*eZ#IC${m z(2ALE0VKJ0-KV=J6*Li&$gF@@Q zChcl);Z2t-feSzB=5b zTn&uP8h~Y>|LaXYjR4NN^QwIJ>2p==0Q*W?fx@moW)lN`kQ0}?)>M3Sx$@9U6iRr( zVl+bnOUZCT`RY!Y)o$9P3o0g?{A1@u2Lg?a%Pmxu0E(nLLzju?)Kt0N*8SCLR|k`> z7@3(=W1%X^KbwZlP_O&y=J<~#9EjH;XdaP5rY*3m+A>zIZ-6>`|qT_YlL zl*=bGC5Gzb_=>zIB^i-}1Ni|uiq z_H`D_VV?|hq{(y}od$$8nADOD_C$c%hS#KIc$4rV9jPL+K_d1?*d+7Cb!GVpSJ}G# zNh_h>a+=Q1=h4-S!$gBN&?@d}794k_7zCf+cg(E430fr0_u3A*{+tY={wC~0YVi7O z5?acJm?XsQL&bb6fSLgyg~)6o^1Sr-30-$>N_lD4RCD9T`7ui*(fo#a&M7+6TP&Jp z>u~-`V&~^1p9WWQzuTkJsonJX(rhtie{qo-z&BFM|Dq&C(2HPdPxSK3xH2N5P2CP@ zLD5hz*WX0H2wt&n&_Uas%&7A`u=n=t5pY=TRZJBp3hKVDomAHWzvRe7L0bSm`%S={ zm=&D6vnvgg!JbZ3VC72-<>{BTkeouoQz%a7rcoyTRH2vkgu3u}`2xHNvAKCxip-0Q2#BoBoj590ax`f;uSY!wDo<|L zXuZKFJE5?Ci>DWrFU)K6iTvm$inSSIvk8j=Qe@Oe_Mi~5E_3#RQMN~J=LwLCJ!yDl zRJKA9l6uTB0`L$gip5XlFOmjZWO6 z8LONDa7Q#j07=n?ULdZ(zfh)+kbZW!EWc!bpbjh)$_`a9wP-V8B3&Xdwo-YIik`ES z(i6F{h~2>Gthm5^knuV&2shJKb?lM_7Sfc~!(5D701uUftp3L0C${q$!Q-@wnG8;* zF?JqFcg}%0ZsMmlC;n6o2%zYIa8icDxNwU#J*-7d@R?1IU4qp~g)EIBMA~O9&$~I& z)k`PM!Hf$*OTyiDhmT&eJ3oyn&KW=W5P%5S;Dt(mNgK^!72Qig@slac+9iMZ^R*Fr z?ptcsXS1YHwsY2~K6la=a?4Mne(g8{-FpfQSdiHTr4F(LaXOZG($wi6h8%dWppU<+ zd55xHoS|d(Gl1eLCO}fS!?To&EcQNK4|Lf?HSQt2&U~$Fw$)k9XNrJygNBN2fR!-X zh`QKkKas{uSsMA~@+cI<%=ZF%khit+E=^~=({g#oQVbbEVW!G*tSd4Bt z=>8eqLS?hxo{w;GhpwZjtr|rvckz$s1lARk=d!(_Q4johRa4l@kHLBfY&x5u8$cUZ zD-P8Rl#a?K72A+x?zIE@RPkxYAs8f{H2zQ7dM~?}F}}*A^Ad;R8i*w~YA_v}oH)!n zcVE&lj#bK_X4MsTKT*sNzA#dF?Rrs7iOl5q;|q8AS_A6A$E@W7xg8XhSNkoGb%%ZR zk12E;r&8GBaxPyuT#+b8$-pVmqctdZW^@(tiVF*Iq){rr^!(t7!dDvj$YYWdNtulQ zE`r%_g$lH*go;VK`qqDpCK=x!2u~ScdWcw__=sSX``{{?qXBvlW!2tk&oB>;gq!z+}MC`Q# zp5`I1OYPT&InkNJW=7Sk+$bC+4nOQ8QXaxyOa4$}e)5QAgT|@BFWNXsXzX$Y&f$8W za6*xC__FoTomtrrWr>_5D6sXFQjAY;#t^Sj8+68FuGE0p)T(#y6P%9Q8=)ALETKNd zK72|vFvV`k0E-2oqiU`>mS;p@DOYBLu@mQJZKx7pb_K?u+rN9o4t}CNYHUAIq@BV@ zXiFzFiDCOO^&1M8Jg0bTA++%ymp3SluS_f`F1_I+WV{5`H5LYx)Cg|TeHnG*8#`mX2kK{>Kb0=IzJT>LAeMhR+#pe+*jZ2_(bJf6A#uuVV+P>J7i;~&Z zG)S)0nvS9?;!K!+4(x3{ktj2vkLZYPKxP}1#qn9fnmUSt{@CWK+Mw0c(NyFURIcwc z=o@e3euWS$Gdd}brC`c=zqso88T}5#H=K4aPq`z7!@^fqBi^!M0Q0P&yp&FLX{lsw z9L+unPVF)25s-JaRnOR)LFwJO+nO31iwux*fmdmheUQmNz8x1RgJs-DvHyV2eZ)iNdZKS-sim_`@=_6pJmy&oS&2&A=?Hw!%o^FVv ziQyh6@|7?@zqwksrg2&DgLloiWbsDSCgdlo$n`{Xz1CRJjn3Z7hWK`E^k0@oPga(8K+*K6D(oeSj zg7}3#*aeC_PSP<6OZ5!p3+TmI(sZTlAhy?cdJmo&T&9>NbGCHEbtAu?fs;dN^SIVM z38T|2Vz|ae;6vz}l^Cf&4!Wj}<=JS9NeeqWUF>-Os&~?5ggqt|cD~o(&;8V20GDSv z4JyLwvx6DoDMBRuJ5`Up=I_NXbNeiNmXT4gzvK)M{$N|pXHy3N{D(Tt?J^A}GoScm!8t%zpd`zr-RCk#jwjfA(1Zm&`MHB3 zy9%>Z+A4uzds}FHY|L1+--cI`bq|@}bBHJ=Dq&pb((U;qQ(EVTV`@7@mc~p!)apM zM^hZV^&vG35LqS?U_)^5Of{>I;~#00irUEIT$yj(l54J=RrZr@5{$Z^Owu$Ja zY|MhIzk)^M?MHe}Nk}A5>Dg+h!LG;mj$qxRL;Z}EMy>)fr093Ts$&^d#m*`hneYnh zO4ln$ZYC#!713MOZKNHy<0xF9ab4(F92CNlE2k2 zEH?q0`UfzJ&{0YDxr8Qh8hcU6R179WCgY?z(QwMt8l!%5+px*u6|6?te5I^Lftdi0 z1z#jPv_K~s$q~iHIdd9MQGvPU(8LbT9muAJO`AxP;$E*Dy~<|t!iJ})0=Zm3OJ~ym zp*(_%^sw<;0>o`%!;hN7A?ecbyC+m^obrY8YH%!-%3%csRrYq2181R}6!nOC$qf|i z5v%jFB?(QuU0~_)<|Jm{jrB#%+kyF_=fa|`iEjccPI_wFUJblY;Kh@B(~l~DPx@r% zp7GGJISAwEpk{$qvtmkJ6Qmf~v7PFCOz|zbl^C$%hXT-%nBM>>t%_=+++b(%K4EMZ z5lo0DHu-boB}l&E=SP)cRGH=Z>jL>ylO;^s#3Xk%;J)JV&#tLo;@YQ?I6VG^n<0mR0|QsSc(C|u_~qnf*V8=&JRzNly6Q} z(=*poif}7F!^mTUutRXkOxurh(+O{l{0vt$r(OaLW!j&gnk@{{x52UnAS%QjlQBFZ z)4vT9z(6V=Sy}j68MvJlzgVoWP|;gx+9uY!c???uDHnBKyo zk>Sx5rhstC5sXXlJCw&bdbM=>v&bP$T{+|Es1{1{+_G4Q+~M44sZkbcKw@i%q-NT17Xf5~l~^bVL&*TlFgT+Hb@HV1=<0n}p^jAZx6{%H>n{C*YZ5?Qe-8 zU-2;VKm_WILl74ot#YbyPlzCa0DLSy5aW&9O*OaYwie{W^Q|`+I&7yT+vb}K%Mw_q`aN{Yq%!_@cRu~WeTaLyS*jbYUlvL4L* zVhm!G_pDibif(&k@k($*otAQu0)slmYJcu*_-kEKx<2H?2e6=OL<>P11>I&b@0`VUg@Res zuq6y^gI`=aui59A_{f5zDSI)_qoe+}N~jgBh@v2o@P zV1h`0ZU9(HY+dU@)|#;*Dwa)DVb*~uYyfM8`kD+78raPH78I8GJa6v-$irR~#d~zb zHEW9XB8z^l3O>VE3YYZ}z+0qVMmhPH{XKvQKmZQQb{SCtHWJo9PffAqR z^=(12Dj>b9f->+b)=2poDA%+CdsCdrRMChS{%1-@83tg6E=vt=`TW11*THZUL4GfQ zBaPzPTKBRs6PUd9UJ_iv+!qt?rkA#iBZ-ebXk107-S+(v4!V`N4;J$Db)X_Kd785A zN4+t52FCNqe;Q=tA^?N=oO3hgKS$~x*2vk^-Z%j@Af4$S?~ea#PEi5_90ye#F1_<+ z^_zdEmOeqqQCvi1C_!5Uyl+dn_|+^1pM!OH#kYtWUm>n6%TS&*Iy!nzyC`~-^4{?* znxlbX5UTME>K>^0mE693|8{%aEj5mG`n zg<#gK|8(sCvqNQqVCTujVOrXMcgm!w*6+ZU zsIVjQYQ~7v|LQ6L|71}TIO}h$@G<{(TysK%xh-=b%vj+5C#CCbub!??1f!0VS*(EHdl;bpOANsv z;Wt0-#cG*=?3QX|QmMcHyC7O zcE}I#rtusux}O~}^8iUg-L7t{&@Pa934o&ho&e!~%gr_m(8z=grW5 zDGr8zB@RZoAb9v~MZGCx`-|5<^Jjx~E_!z8R9Ca?44p(+2Ra16#b1J>$#n)oLf*8K^i#sAP-Q5oy;JgOwbwNq@zv`JeIz3@p9e9QZHC>n-kw_uY+ zbn{EfCQQu=8v+M&62gTqUWk9oPv4cdPtizAL2jG-7}Pyi$fcVW16U`8NJU+w)Ti{? z1;WKEc>QNn@3YaV+V1ER<}Bdhw%rZa>#`lwlha`B-Rc0cJ>#hxl}&yMUrrLlzJn z8Dl+P{>3BbM}z4uU+@_~QXXUwlLWZRfh(UnuZ9UcMa#ZqhksG1T)91yG>3Bs*tk!k zj*Vl~?{jC_D9}IF9*pZuL^fe;?2(-+NPkylK;I(WA&zM;Mk|8274VV7Kzc;Jht+{I zn~vrkrYiDQBEWm71QWzM0e9v2&tkye>vLKgd1l}`Mg_Xnl9^s|%0V>B;hLVu&h=gc zDAIEF8gUKVK>RKckL<$v1VjWH2>_P4YV&25_-KnE!4+poq8yg>z;95c6G^`TxSR}y zM}X8%>#-VS8;{$HJdfa#L8FAK;;LO%hYN27zhig3vAn{_$66qn?Vg+D!{slRqj#_2 z&@ZbYLtsh8`f?7y@Rw?X)Y-mROUC1ehm4Ss31rav4vVA_GBxVwpj(r_i3?cTZv(R? zD}3EZ(bj?O!+eyyPu}ZBw4d3l!*OKxXI$g4Oq~JWIp+XG62XmeF&tsJRqNt-#pjG|8B%|ryfy+U!t7CEx$E%{#sOvX3R0v0^;A-9SVX!k~j}b%WIRFl5 zqV@}R;;g>cZuq0wE8qYZxd)1z{0|F&tm{u>tp6QGwbPc+rrN2Udq2|0jn`XB`6q!+&(4FWc-Y6*DI`y$ zlJhj-2gh?>=F3+Y1S04A{Zz}Yo2_RO#PjXvSF0L;NIFqt=X0LTLA z+ax_0MV=juhyug;tBuH|Kl&sc5R=on+d%{8BKi*NpuWDI_&6e&-8JPu2m)Ll0r$WY zI(~IcJmM~1ApIRpfM@20fj(9%s1E@NQ=V+@^W=NuA zkN$2CfNQ{3HOqzZ*%f%ID?o`WgM8Evz6K@FnG=d6UGy38#m?5)8UhdQ|2lFrw;5B; z>gGegx}MiR09xV|2p$f77*7gAkbZYih2~9xvbv_0KlH&f)EEr^lvf3FZ8@^iI$hQl(_YDBV9C$cjFw1gjrBD0YU!~g zJ2-GF=ZA3L?&KdSN>~UdA^zrx5CH+}4CR4lVn=rhaeLakrTS5J?AM2C3j40ne}D2&zEubAva z-KIL9bX2y&cQqg&O=7|o5WI?3Vz*lxpHd0%Z?U3w;u8U-61tI0NF{DiBKVbXVdm)6 z(tWdZH5upBboaZUIMk;=UXGA5+h58Cr|(x`JLhH|#~HcN>b}NuBrmni%{4B60w#c1 zR3!(v8vb!@qn7$3^qxyLO(ky893=*cu&CPM978XWtxBzG)-U$4V1tNN;7xd8XY`y? z*7F`N{aT~+spSWq9Pf1!nb;-4*u+pJQNo0})jIKb%$lgxwDNhSqT0Mia^+W91JslE z+9<_@yF=I9-#>S9stS4h*$9YHgFlvAos1#`Gi}W|tKVD%sY)0A%kcVgqs=GHr)z0W4!j7;5x|2w% zT^-%l*Y9DpcU(dVtEMbDMr$%5}3Y=3Q&DTO5XZph$>9CG)z$))j=^0sr4zfa=O_q@9 zz=KmGm5H7b9}ycS9QAN}JA{q>XROP;c+cSc|)nyi{iS-1H=g0ad=&n1FX+q-Q1g&^}}HbKrb%hAmsm#Jt-r zSIj`Rl#xz;*(S%E3jM~WySefNOQF91V?BwDVfKJv%dhUw4;t9(^-UYgg5QQ!a0H^U zp1C^fH*fu_*$$$>2V+;t{`{irgg(^qjOVDIy!d>-D@v1&5SF;vy}gUW&-3eBh8Wfc zMeE;=36x){0beg8OfdWfE*G3%3mWWl;t~yRELf+Ib{smMpV}Q4+fJgR4fG4SkS+_E?3nXfm zUh4a@!)E7W4%JeP6v=^7q9}_|WZq8I2f&R$p^9LPp~7#JW+F45loY z#{U4&CmC#edz#L7I1T^~;_u9}+v@0D#rIGtWWMb4UJCQ`2w87n>A99L>P!P`!8Kex zRy5$&n$|dzAVGv7Q8sNtAuQO;<9#Q9wbJ>-fNdi0Hs3N!ypq{^I>>@ zz;MQ3)ygj1Q`Y5FUFGrgl>jGI1~*QjZ5ua$Ga3Cb{&M&e%&3#~OLSKSBhGj=C2q36 zo?bAV@-~1mPKh5dAMwY@g^(TJk7km;YyT^g7_B9leA(w>eG5<7Hs_p6x;q%RrHasR zobo{vDvDOZf{%rL!#*jU3$}tA{j+Y|M_wZ>N|RNu$lNN+%; zFbGSYL!UYAJ4c1}+3!h3gco7{w7%$q@CjUiBa%fNRsr(_1eUkBm?^Y=mvY4UGwS0n zYDuwPF4=rR|0EN8hP)t_0px`29LNs?X~Wnl&M^$hgwB?bAGaWq%Deq)CIShfDeZ^V z^~^2?X?qWC9uL~2neY~bA#Zz8BjA)%$E$)_!DzRB^;3EzXr^j>Da$An*$Dk1RDF zgv3e1*MNOY1`pW)Cj4_H-NhDoIX}(ej7y4 zA0d&|Vs>lUI6Tw|fa4z9YrbVMX;kwdgr+!tD}o0)B2=F}o><_DX>%*_@Bh?D_vR+d z45hqOV5Z4V{3sh+1e5)VIJmlmVQhFX(#!%eS~|VPpf@FqSQGh@NiUK zXUtOlHb&JoA5bOOWrP@K3%OI7Ah;KlsMrJzsbCm{Assr=64WOV zMiCpUnlq9i*a`Psfcgc++bB9xynO)yWh0sC+Lw=*MTIJMyxgC4E9%QBal&$2XDN1f z(Pls57vs8jQft8Z;Yv4$$IdMDH5)FBxnR7MrajOl=E( z(DI|pJE!n$ARYFQT?sALdMRB_tATN2WsfKu#p9Z@ z+K(4bNkXMfkBMAiVRAZeq9gJdZ?dHx@nkcSOOi*R0^wvh4dL+W zk{N8rDNJH$w5ZfuUR-r<28D|q35(WEI*Q;kl8gslQY=mrc=VsN`lvZF&K#%38%+e zGuQT)y9=1hK}WlLeb}<^cg&FzTaKF|Gp(|QIU7ZlrnssXd02jJA5Vee(SBW(!jg83 zQs;9k)h-To_fv1hvP-V>sb)R#rpI~-id6)V5}Ei1w4N>c88-QsrDX`+Fm z&-xpF-jkor{zyeM{wQsA?IfE=atL zM-DCPCvN`u$IGlrr)eLjXyRBu_ul!_x-RjQ@Lv@X!kmuYdmQkIN1aPC0-pL#-XD2n zMBiw^u`x*MSu6^A7jXt3d*_!RGsphG(Mm>7Dzmr?cVamM2WexG)9VT)bHUZ5OJh-> zL^c*h_yH`~0h&4WoNv$A!RL3>vJA(5t!I1LnHxc^_RRoK`v+?jB}H+vj;hf$hPyw1 z4c#;oVoH<@d~c~`6ui|#bv=)yr(#pL>{SY~J+{5`4Q0eI!GFkVoG7Wp((Gkk>UQ~Z z$+|wPrREWGg+iA$1-f3k0{SBz(E#p1gEiKHgDKULBSpgICm^4RrUudcP%;JOtcOgn}!AbI(0j23FKZ zF0W^y>l3na<1!O(?Sd7s{OVV~@?<`Y-{P{%E@PpE4VPT>Xe)n~wb^ZeZ1Ot#=%dk= zC;)X4H-NP(+Ssap)KNz%9yJ=niY|Gue9;|&4zsvo&~=nMd0}XyzKUm|h$Vs*AdgrO zzVVH3P-|mCfDdMJy@}L5#ZzDG%h;Md89b?okI4-qc;e40$m~|Rlon|vH{7uD{PLH- zGy?mCyAjwcB!TaFa{k6*2mma$A(J;2>iXU zMoAN^ec4T!Yl)_Z(xKEB*pSXh;(H3$ospcLj?or*!!d*P2YE|aNuCi2E)nu|!NA8b zOCie}eXMq13HB36#sfyh{q>iFZ2Pr4x^FvBwTK_fE`$jo-z zZAY_OcF<55K0Q_bN%^ADgXZR*AG)FCML?4^$Z!JB+M>!V3|xEz3~REu@qs14_naA2 z`Ia&hw@Ev|;<-%Dhmi!q_}%Y*2Y{G##R29>j%HPw9^pYAtmLfB8JsI}W9r9?;|oUk zj5E$q4Di|*%W9vA%%cqrwZJpS5b6cnxKU1eP%`_|RryhDx+;HBROp^0LHGFTSHFrH zW63dgXo4f_!w)~)v#n=*^4*G&4TNzgGpz%frDED; z(qU}D!eWt00M5Sdz`|fdKz@VBBE>!q#tW3E%T$q0?AtGd&q#_Y%z)#Nfs9pZ~&wny&TiVaCicJjt9sR^~U8YDnzD9BwR?%~)Z&p{w`HJU^c(t-rj=I!fo5;LKSmeB2Vt6DK zW=f?aFtgw&Vi@$}Bm)!^B4p?QQUgFt+NlRed`Qb^W4asU zF*Dm87zWW0%2z8TO_Mto(Np+v8rqBDV;ty87`o9&v5=T^3oj0GNIxQ9<`MN5l>rTeg#duV z+%I8xYXgfY8Nv7wPWl(yS+EX)o5=K+kqT+CU8??-h5!D)ak|Wk`?dDjd?kx73a}}j z3yXOB^-rzw^eZ!Nduoy>?|5c1R!c177@&{4>{(2ip2P2M8ug=H25dWMj^7T8=h=6@ zbk(Ed@yB?|^X?t{n?2T+TZK<~?|tTDy6Fp=nX}&i^7&7Q_)FWYa=?}=D~xUT+m}9r zN!R%N^MO~mrRvoE*D1H6-u%RCf4zI`n2- zKy3F-SNhRa&s&ioxahy*e!IuoxPoSrr~ltH{53Ek7BAPaJM>FmbF$=@~pdiDL%$*w3$P`Btk(hDX3X`tMHz4&U>* z=Ifi#K)=6vl(iZJmpu3?{|FcXVg0BwAHR8E)YRD#3*Gd@Yvg;v?t`+v3Zqega;jbN z$wAy|e_!aXXQw2GW=^|(%$?6of#8_!`(6CMad^Ls&p#e`1()8R_g}}{ExbMaf+rAH z+!gDtvc#pW#Wwms-8ve0Ih7C` zDKpgi%jZ4u+Kd*b6h9t+a`p2HD@S6!bk1;G1=RYigV*y;6j1v970+5)Qc(cJ<{R7f z`|O5u>SY}8BmQaMA>X@vt|Z)vckouL9JEzi?@-qMuO;^du*k-E{%>T9Ym;0k?T>d^ z%V$>-W>`R?Adt|S3@Zs^$bM%%PS}^Tgj>-o`tQMi8&03iwz!F3(hy<=_}4r-9)Fc_ z{_9<1ciC{oW42$zVm?%Xmdy)Y>X%HGzxc&3P`M}}ifL{+Sq1Us4{sOnWH=!(r74E_ z)xS!@HmPIc%z9-+jAn`UqcC$nU%@dZSjX5bW{tjkxOrp+E<7- z0;{XpP2i(_@x)*iH7y)_u@bW77CVb)j?=}wGT35d6SrJ^Kzl~~c5<{9^dZr(U@(g< z)*sjsPeXVP7PcL-lms==yfWB>)FQMj%9dYqDtC-Q=9PgP^kRkjj*&}>5ek;omxlJL zKdK~;$!Z@y^2#J)W~Ehtv^ZuIPMkdnW%8KdhKnm9&?9dc{EwI zSJDW5d+8O`L^4^wCAMH5F>iSzi?Ol*D{aEqQ?jKMO|}@8)&eHFn0FIn4K&!qO~LIP z`H``JtoeFSVjm$AtPVc-VBcz1{@kvYG&dY-b`xm$VaPCR1-;2^+}NfQ;~*Q8wLWL# zn9^qdBCdE=6whFoB~T1qUOkQ#i|VC#!Z+S{BViUW2#g)3v3vZCp;>1vpjV(O+nibG zYPKc`Nrh!Fcl7pxVYyp?8G*~$FlHrE4FNL7I@8xqRfdw5%}x{C5r;V*0L9!Y!jdfU z%0K`U)_di>1~N$nfuw^lcQ62E%Z#ZS^EdPqgY`Le&t?Ho*bp@d!rzN13GGL3RX8h| z#B*?gnIhW_VGB4K7>$)UV3@}HXq{AVDGYOgRnwCAKyxim5mY zL+nTL#496K^ffttc%%S~v{|o=D5+6WJX>kgYT)ln&LIHWt0FfWc9c=_*Ln@0VG&Ev z7BTZXYDp31R?dX89!;uw#EIp-GQ`N^!oWq=rd@bG)SV=LCQ_dgP1dVQJOa!`YO-s1 zR!9yeX6tVL6=C9UzWHV!NnbW_6wk=xy)ugQ)fc@lp=YRY(lOOK$-pa0rU}ZdaKh8Z zz@%{#=A*&i*m$xszBuRM0Y{yty zeOU0t&T^CNCD@ugAl}GxR_hQSv}guZN@8rS)*#O-Klq3y0iVb!+5%)IkiKj*ftjIk z0}D^GMkgr}QJZI>F|Q2#*<2!^D(X2PldG$9dJnIRDr?OMH*y{> zF|5o!fGd>qi^Kps%RT=J&xhs(G#~Tc8U7xeD(gWUcw)|^??+?P0dUZI9YeD@NlZEP zWg~1Q@x!%{r!M$@{L)NmlhsX4&AFyZsqBi{RGC(k8K9;itUFj`sSExj4yM#Bi~-`C zhTe@k+?K$`mXhOoF-wKw#Q`y>xpaaaH@~ePSt;9s0viQRKFcTx)TI#CRh}dxJu)UR znO0Hwkx9_7C6ecc7LAgoaT11%RJ>(!VVj+iaTG}hor&ROlEqU6&GM{tIJ9c<3P^sE zNIhyaBTNTjHpyyej8trv$_~-SjRl5IV-T~~(7xG?`9^60>zHT!`$ccxU#IU9^2!`= z_Av9xaHIyKDnE?rzqob;oBG9vd=ET(82*67DCv>rd2O+M%UMY^f2=EVH%?y=r0qZh>BL7798 z7XqUHj%?AXaQ5_He({eFURG4xW|ok1=7SjE{o}2py;nwLBPPr|@}egNJ~12z(KS~H z*rjuOWyItUw~VHZl(y)vNmP$kz>Vz6N5K{Un+ax zEL#A@SXYwJ&T=l0B#Fe{BF$H4G35bCcGBV`k@ykt4Ix&v(B%)knr%w_UT59;Qh9a@ z>f3Z=ndkLP<~$~HwnCuXaAQVp+1QU(G98ixjZkwlN>wfgMM~L)m7Sqcyx+A%3~HZB z$QVl(=@d zD+cw5cEQYtdkNzL4a9Cuv_o_Du$7V(J0>u5uCV-;-p@8zxbes}HQKjDy}S`exl2z% z@xpM4ip;u^cywZx>naJlEY2tD%j#N3iP@rSwgdE0yQ-eem25X-=P9hD$t7YYhW@WG z2dm_=3r~{`C%Ca70TXs8ixSHk(18g;D@xCSywI(Ih{mCF@8hJAa9z^aKw zn6(yGIS>$5U`{cLm=mwNtyqa^iJr}o+iVa#?kqwN){l*82}2WIlH)?7u`uva2ANYS z12Vv?PLm&B3z~rK_E?d?+&TjCJgQ@A&CiI(VG+1t6Y(Wc;j8?u(wgwG z>XZmZZgwpGwf_+_rA8G5n}wVN6@QYg%97-O!#INz%SIjukVei5B$Rrj=O(>|GMDt4 zTqcU-9v*Y#vpB~^M41^O8ICxir9l$hv;mo=HMt;}qEVaD*BI{LhV_kFUwY}K>O{;4 z41kCb+|+Q;WF?cCf~ie2g+^eQgB9ycl`wIJiGyCT=0r;AxmE?{EH1Rv+w9+>(F2^# z#6v2w&}b|U%mwoISD%HmS?9)J1CmdRS>A61&JxqU-VUB6uo&ir>fB7!Ex8ZKT0{e3 z-}Ld|XOSj8OTgA$U#FCZlY8NsI>{GHO&sTgWm5VSM4lGc^!EduNJdvBUVo-Z-68&!(~%IdqxD zm?kI^E?!<$*K^8sb<3qv}Qme90Qi>bIC zWX#vTK=cp}A1gVtfbGSh>v<&#$%F=BsCiu2N|FRfTfVv}*PN@UlxpbQHcbkXee~i1 zh8zRc(h22?BW}#RXvlIs(j8FPYOZ#(O+%)vuXTMWXfQ6p7LCq4nk)glqup~T*N`bN z;~4y5i&+5W5N(i=gucvaY=7scuQ;jdQV6S;$LHe1HcgaQha?OLwjg4e5BOk(LrWfa zHmR`EhYYFEmtW!R2YKusrU0OCSU+Nws{L*Fx)L1#ZX8xa2+eWMRT)~E5vc)?T?J-* zV65Yeru1_uvE+#UW_9!xS6G&Aw6QJL?45mE62ox{-g0fxX$P#s?OWey-9`S3>qc@V z7x6eqPTFhm_21a^)^88xE+%52KIOKy6%E<(sTCse+^|{x@*_98{o6zTxX)nOTVedq z`&-ob6_)J&`@IJLb(zI@i%I>QyXQLMPo(|6uxTHP!9T9RI_FF4QvedKv0U38GS1wz+0I)NKxV(y zmR;<${nxqe+e7!=qOT&kY3=cs+I&t%mJM(bSvFEJd_D&x36tq_i5}fr;#+Ss%hD@`+&PAI%QrW>>Zpyk zo_%2&4u*T@{#K18rwZqMX+0Y5_+1BB$xps@ba~k&R7un zgU_rb{#9fK#7_9aAP`=r=b~bG__nJdu^{}jT?Z;A`xO-=`Nvm1FG*J4p#bL}y1oiP zstfNM=Y1`n1N7hDc})Zo9Mn@l0H=cT%Kht;8-b6km#1}*q5bL`Ml5#%Tduh@g9hi- z6uETIMYu;1-1w^=ZN%L3_QcE6>2$d0{68WaXnkXw4ba(tv&SH?rFX2nbc;EQ-(?TI zD)H9ihv#pXbIbrevoAZ#tPQj?I@jQc6%{SSDACNA&RJ1#Qp6$&pb;`(a{n@>Mn0Ti zuh3&~ab|exowOf-a zb6}Ymet2cLbA}>83@ao=$m?zHU)Cy8k&%I9j};m`77hQ)<)BE=;HqCiM+|FbE;*qh z(l32NBGLa?bO9HQ3$SDj0WzcJ^Tc(9;e)b{9;wTDK>!6;%vqITlrQIo(&;sFPmE^{ z2NE~5AkzBrkp_++cp3}SSS(A>$Z2%SU^lCsb4CYjyVT87T zvx>p1>a%c?9gkQdn6lv@uayXxGO&OsjOB~*2k2NuL&<`lO$L5IhLYN4IV*;)!3@Iq zEPF>qZeWg%VS}DnF@@m-0&}k8AOY&)eQfPmPLi0BG!_OW zrWmaARKasVQ7Q3%%Oom#M2@jemUqQaHrspQdDaZ0BI2S>WQGoi%pi~$r-Z!cgQ|dF za0Y@}NPo~<23zTtxMY~oEC~ZUdwm#MwI4|FjCI+$Rj-P`mv~b!FOAq7=}OfJ0Qn?OXu3cwi*YhEQS4&27c?jNQJ#yag7tElHNpjjI=psVLrr+VbP zT4EHHkmG<_xS^c0$`Bb4Nkw64z~ohwmUx@x%h!VpBb;i2o|(}+si@*M3ostqCIE8R z5|!(w{j6G2jO107)lE&!xw=Z3ZPTPY<&R*f`by`=7e!wHF-8om{OS(X3uAfFujNi) zXl0D0pTd@b6t+yAB4dci4v#gLPNdbOz*NqU+;Qks?sQjge0Zn5k6?e zEZFsm8G%+tbj{9#?M221HYzbv$<_hpl$O7w;&_u?U6Am9eP+w2Q;4KBxWXuTTk{bk z?CA%rgV~+yt=J}yb(;@wkO~jVd53PW(dsQO1ezIp@medin1J}M1~)i~?dLb?^NsD+ zxaw=0a3h&a*ckD@|CzP)R%dQVyWwg}5-(Z7IYF39r8ZivE#}(CCh$EEl92nE2d>L) zY=rrH=0WRfi~SwXOtM}1;%t98$-$jV7k+tz@9fxrjpbS#IV8k@j`M@?%TwOYJ(9xF z7F-mZT!HAY|67&vh~WzpXBuZ8z)bwiD{Y6H6XUWcBh1%p6r%ztj88&`if}^6H^8wQ zy~>_GQGCt6d~tofRhGd0Aj+Zrdk^W`3ske$zLDb@2d&GOhwz_ap~l~!h5++-iw`%z z_6GM&9Uk!(Y}#tC$MN7#S^1*kSHr3H`HfeEn1<%|FvAu*xThpcF}V8dcYCfaM;e~L zQ}$a&WqWn%+fTmS26&RH3oBj687H8SXms5>=EL#DkmGbVLbh z;;TGJEC>T*Q5mk8Ey>931&6iu9R%i2`wh`uX9&`tZX2CV4$Wm>-FUloTJDPj2V_z- z6K9ld0?YF8G4=AKY<3vVymw-VsBn`Q2io*6dmhN=yX0cs7&Q8~juph?$Q;zCC%Ex- zB~M0}#`^Z9&wlfgXSk-%|NGfBBZ~Ta!lBCJr`KDa&dw+YwzR^zhpaFEBDr7lXblr( z75?)bO`-VC!RgFA;A7o!^nHA_xB%U70;%(Cn^)C_91 zLyzg-`eWip5B9qkSwHK#c@}=&IHHv>);&yYwm@Y~TfUhHy@5>8$?WSOsJRr0NS2pb zZOlsO1K5LjE@mtEDN5I6sR_0%RmL2pV+C z5=te60PV^%!T2kkhMP~&cl|4UjRt#7a&ic)*xl?61T>Irc3c>ZI_sIBKS^U|a}8Ou z&s2v1Fcq1-PxLgjG%BAw34^C_9x`Nz&LW5aBso=p4blIq8?Q@R8PPTUkGxobk#$n4 z#vbVirmTwtRpWXh!YHYUsWh8~l-+E6QB3aUR`6uQH8N?bC{oE9uY=^rawmWfNd^du z#E7gVG3tBPN0@XyOXUMqx(R^G(uXzHtU_Xfb4ZvZw^;Zra>I0dbraSVx#MJRDn-&+ zFv1c>hYyl&qJ-E_bIZoSMd$Ukz`zQBrbVBlg)wmOwGt`<2y`Xv)b@&2z%EZh z8Vd})uLW04R{WUFaoAu7;q2%pcU|JcnZECNo1Pnun+33SO;!`C{SG_9H zZ+%*vJsSGBB#mL#zhddCr3ZaKxlOdn(uo3SV-|x98hfsW;Ikv_t67&qSfxBkUjC8f zH5GmvI>1DWdgB0Y44XVM@oAXCQlxFBh^x+ip*G0af=Ps-9?Z?%XuBQVwc}j@hW#_PEcJK@p#uB<%>s?Zq!k1cX&O$g#nT^5X{NvBH`BC)t z%7@3xy1nOSE1BJ2ul8@<1<%`Ivrm>VH}jQpJLmuzj*u0&4z1NMGIsJ?*-M0y7|g*q zW=IID<96z=gvt&JI2V5rW@r7x=`AOCa(_5E{IyHszg(+#XV$y#zw&yU56RNvyZY`< zYuY0L4C4MVH>`sQRIC3AbD5ZOiIYfuQHIDJ)@|$ZTMbx7o*VA$%5@zj9BMxDiS;5H zTrvY!oMRKmeYIo-A;B_!{|haflc@4Gv%e~|-H$5IzNyQ8e=cRQ}%_NAZUFV{XH z*TDsx2kh&cAv&#qOsH(2vx6^e#7hkEDv6&RneuHP1gk6zuYSqOg5OrNz7|qF6_Xep z*au--cm2Tv-Pc6c81LAQfg**jjDFzRCSi01Y0T6MRZkWN3?f)hu!^Eip*r;I*Dpzx zJW@eZrtOs(GVp3pFslx_f|m4XFw!v0&ZzB;#-YlNODenb&N~YY&b!bYv<}CC%U8vg z1pzxRPwv>AP3fVWrpmA=^-0(iDQ(q9iVxLf(E<~zFHIobRHiF~g|jl=T;*Angi*qD zl7qDh02&A6%1Um@lVV$ZdjbGnE>YE)1BL0Dmdb>oXrV=4KtG1wZ{oJ(3Sb6h)om@S z$fE75)>0zFBvF)gl8YWKmv+jJG0(Om<-r*yCEgD#B+2c1#>xU!x`|mE39z&<;URZ6 zfU7fB>5`VI4Y?xfJWSRW?yqXnmk6=(*s*I7HqYwV( zjimWh)NG663S~5=nheWHbsFn62@`v?M#nN(5ls3W`~LXkhWFBC%V}BE3}{G1lKqwi zrJ}hp{Bdjo;|MNEKT(>&&iH#rwM8a@qS3>4BZ?lgDS%KUEFjD;j0wcoH47*C>KKqB znLen9btN&^E7~205C`Mz`V`Lx<46L6-eL&W?W3NUaCL6UIBZfOhQ1?kjt7^Cc2uy_ zmN`f?jDC<+>EKyuw_<}iU%9i#B!JDrrd`b6oYK%CRLF93$L4NZ3bfH!3~5#nQ`no- zlkEH>U4v9sS>I%y%)&JZj8XxQaPkU^o1YUYiHv9oS$iI>^P)vym)D&(VwgK#@d{-| z7mA7uUm)`!$+3f*V585rHDWC8umwuDgx7=>D`RCi99p_ zzPd(H?z!=ZmW+D2Z;5PHN6zJ+3~LN`M#ed54$9agjc#EJ)CIn!svf`*i$$LPOT*z} zVLIS1`_ifmHRJ+u(iv@VBT%mAv{P5FUdJruJX~UA3u7@R53G#zO&7jkp|>@6MHrYh z*Mpd|>BWq4ShVG#BtR}KqIDb%VSpP`fSohYK1C~M!vO}XWOYMKI~SN%nA|qCw^ahB zDfwIDsw6C@vDrUyHjs*Ol1Z7%x|#d%QzpymWZI&mCB2du?!D02J3Itj5W**^=)&cr zv{kb%g^<$LEKfNOHIv)W!Nw_@af~PXKV*ntRMAd_ZMWT)$rMRu?Z%EA76Rz8jQ02u zvAPhCo=H6Uva@6r-rCKhz0WCsNknrm#1gJ^UHg)54(m)V%V&<*ZFOJ~AU~jv( z2q&zvk93E-4^=9M?RA1EQt+S9SZ%l?av7{j;RFx>CNl}ay8ev7(4Gg)KwS476EGURcGcY$ul~g<{A5(pZVLzbJqwX+O zo4LW_lK|!z(`)t0){~wRR?P95dYS% zk54rpg%dMDw&W}ogkgyai{vLezp{Lq64NaCsacq0%}|p*OHi|$n1_kgg%%iDCVm{t zzRkwaQuOGoxF(daW!0xh%fhxfvti%w*%ukB8phtDFTN)HJM)q9vww~I!RVpw$yW=% zie|o=y{4!n*68I+WhKWP!xCNdMZ&ORIg?cWkqIlYpy{n`1x+lxjpbN0dSG$j)(+cU zsH|y0?rrB14{qMTlwa2@Y?fcKvL!u_OwgL6^$G_by&HP?<7+HAYyo`&f;e!5C2J;V zn45UoUqmZ8Fq-QT=R6|wQEm$wtD1qtFhp1KStEEhIDi9I40FsdnKB@Fza4pbl?mIf zo$#PWHk=y6^0G0#`l?|NB%#{Ed_UzJ8h-0b+c1;r34Jw@e^koES0PqtzkYnPkJb5% zXdQ&GWSaKG?FpB=ZD=X4jgt`$m~3|7i~uL`9Rz;1NT$do1>mt+9XZQcF^RjyH!CN1 zWg-`4?unUl@QX679?!tYx`0zeY;hnJLdB2qlVeXf*!)0Rk*7_0HT9f!>gpBClS?)a zml(O_Q6x)OCQ8Nx4l;7>0pPRsgjWbj$xeUI5b3J99%RHoufzMok1okDtNx27sr?NM z^~^!gXvZ5G0teK5F3kksLl$$tym@h!~Vl4fQI7mSe{SZ0N|nS>04HfdE7CwBp$-1vnjo&3F8?Sy&g{?_n2|D-41_vD9MPr z-1Xd)T{kM*GHyv)&pa&MFqb^RergvU}De!xTVSsNIQfB2S>anZT>U#-TBuslUrpU35MF#R-)Et z@%J2>8*aM%gkSISl%YJ!b>4w~! z>}j%LcA0fG#|*{hMnrQXvHoNm9iU-f-hco7vsEaG@uvI|vQB%&L|`9-WdX^05?c&| z7~Pl}ZV7YBR;A)>)oj1vDUo?<;p>iXjOJ7EfY&<+nN{so zQvRkqf&jJ{lXE^o&dy)iLAVT!n@K1DmL`7^x+(e2TP7$f$rfpq2k<#CSF>z%9FBis zfvQQ_p#%s98fMKbsB9IontZAdWQ$ZZzc;ZX7ZohY+UvTwHhl+dr-`{Aoor@|`Z+u0~ zxtwizo0g~5TVaUsS0S!WV|xo2v8$)5NXb~oaX>DyKr3ch$|8b_}Bz?etm5oQ+xf zv6rUniyi)LU175+`$85jJ93F4ZdaqCK9(q3Eh8J#sdXmC8hjv_Vh0WLO%@;ln zIroW*7IySOjyQ+|rzOmIJtx0~7JBEs_l?HK6UKFP;=e{IlFOhzIb^x5)>@hmuIzu- zJ6Img zj;xEAL@9Wm=n?<`KmbWZK~#0qQWXWzJ4tRE{n%H_u?*Y3K`IOf7&W{B1&x-B(4E;rQg#i@hG)Tf%K-?Cfa3AghgdaK?l|HH)gIcn-qjm>~>SX8z;xJKy;Z zw_%j0)myB4ED!i$3*hXFE86dXB`7dfQQS^s@%O*~{e%-vASTH!Yo|*HI_{C(o$X}qw>cNF!dg-Es*~fJB|qiG zX3jSINMo9}@h|BnW*^7YXx})ogt>v5g#jPdAre=H8pfimxWXChv-r~)WhdeQja)T! zC|nwTEy_U0=Q>#JaMvRD7A6*ftUoEY?4!VsZ~R220p zy(Tv!YxHE_bVAHgJl#jZNPfl{XE67Pp#5kg59Yc<$dlGYz-&mVDQroZiyliL<;xa) zc%1o;H8Vfsz;RN}wctUicNR7d-lmCc+f)vLhHG}Cd$T_CI}U#42rez*IyK`{G0;wK zzLOG0nNepXcg|~~DtHW$ZMr06rVCXpWKA*{+7*rvql(Zkbb< zN&*b*S;tHR4!nBD&!kBH_$(vXWtUxsv{==I5|5^$C&}x2tXMl=B*dx6gVn^2TvQ92 zq(p$`Y}*}@&+>6bt%ymLcmuo&ah8TP2=hK$;;`p(AQb}i3T&O+8k8k2iLoiKrk>NV zu5NQyNiphu)oDwN@`ABaW9UO4V-Eq&cVDaSukz8C)SzIz zY6VEhB}?)y9JBozY9r?-CzpzOkvFAJCwep$ky>36_rmx@cHMsh% zVz9t}aQYoDiq|IwFZ;vKuBD3OOv-ie%#~}M4hQ4paluyn6e2dD(`Hwma*i3TVd(;t*T-vtx z=6!LDi97I8+H>xC8RSP!n3;QKjVQRlzLsd?K|Eq+#ne9{~5B%hcfzT9Qf zIR&nH3t!D*On<9wV?@Ut%Bfj~c}UQ9ZfhQvpd@P)K@N66z+5PM1oNM#M-lOl(q)O^ zFfaCWdqvvZH7B~4w|PP1Emjx^&|TQtWpj#j`%+6$DvHORQ{JLs_a{6}hlb5q%<$z6 zUb%z3l_dKXlM^L}0DDAYbZEHOSav>OjgB9pWT?bKrwNV;g(ff#^izKJm;|cWC>eRQ zi2?rB=*EXttELZj?l;A33g@EH1Iz&dGZ5~1Y<5fsl3OcGy|b_-B!J;ngBASoZ24FI zaIM9&$&^8!E|z>G+z9Fl)XOa~$l9SmGR1pDqnP4B0OJBhZC2~}dYNn}k{-boItn8y z<|`s5+bKMsri2q;H5)#D_`@HXfriG#dD&P-iL%!K6YnRZAISiO0?D!Cn%tnr<0Uc@ z+G#&xif)lbm^C^n73MZnO%4q4V;2tHNAdhcg_E(*mvGpyVSIFux9oi95?Uip0)BE& zM)icU=A+HgP*Pu}EyUGim;sg_j}2=`WY0u(>i zJ{pB;UW!msss>(VHRlGHWRp~p8DYo>X4i6N`7{t?V-bhclVOKR1-m_4ogc%S}=gi3dpEQRh6(cXwK|B-0`e)#E=ocv(4PDCfzyj?N~;;(yki zFDV``j*Qy(j+mk^-Vf~4Yww{efs*~(Wy2MAShvl_$me+yhR;u!>0@9%{jD;0SN7XB zK6$-iJLQABh;mw)ciW`TKAZPlbNR(#2oASC*>+gU`1e>ewfbK2z^hR5Tc+2d$!BJ~ zn@Sw;W8o4|c-2j*}V0PtF*sdrhVf();jZQKasREWFyX zEl#^G_`?yq)M9O&@z*!Z**4dnqBi}23wP_OPg$wB#nHk^09ReoHE5kH9&WLj^IL71 z7D@iF{n9Sl)#}e)P8c$&yWND4z zlBriWrwIf&?6AWQxF4`hu!O^t;Xm2RD$#$j6U$C=H;W;O|3+bH4;HTg1~^%!_z-aw zL#(1n$RTC~R15-u7gj?ecX>0Y5>H05 z4>JDbehi$CXDT_Pp8_Tc-uHun3FgTPO7umoskaUPHK&?Zp5jAC;NFH3o=-mcq<@Qr zPRCP-Ykye@nQSiG`05J;KShzQS!n05*hQ{%ELvY2gXorqZEMK!x)5durV4Zl2g|#oD>5= zWk$o$Nk!~@7&OSq7F%qQ5c7zu5^T`{*xjFfTW?Ig+)m~GJ@Us{$v z#fXH-jP2@7c1+p+bWy!!E2rOe*IhjUCqy|}%QhG7#HZ2lO?@XP*TZT3W}q zczU!~w=n9Vtx^6jxBid~&xBEh6Bvk)za@-r#n(Y7Au6KX4rlx=;2RXp`OGuV#BNBy z2&xBY9j{CxMI5|9dJ%61J+=;TGFwAdb)KFQzm7dJdr~z#QV6P_$BjUNq(}h8_`nyf z_@T_x9DX9RwC(B0#v}>!>C?vxHYH&|250 z)0qlkl`0qw-!9b>3GqvoNC=4*?^MnEDYaH*%0pA)FPqF{@L|eOKVoYFlLc8I@O~b# zOf6udV%tIViaDBTS7E*Z=_ei9&Xy7-Ckr{|!becV;nds4+}gVBU61_57WvETNB-pM z=YM*2%gLVd-=3STBvU3|0>Aiwsc(k+!QiGJCT0cf_A@KS#b}TH~Qc8?Bwy&-u6t|A0{u55ublQGdcMj z4mCRB!Y6gwgCc!#>s3X0~Od4BxNo1SPx z;0v4fQDu#Q?;(wz`;$DsyncivXX&1ca37s04U??b$5;{IOY-=`6m!b$qvZuLf`2~n z3I=^1>yjBn)=mrIG%{{QfzQuAGDe`09(3TOiEYlwJ-!n)gTyJ3x@?)W({ETU4Ql$Z?;#X=q+Oas&fa~_|< z(~q#%GqM?R*)etjZXtswiYdgLB|_1W&%?HS(paV;aSa0I04k-cW7wr)Rvx}#%kgTA z#rQVZq=_v6Z6@pa$QFYb&be#xk7|qEfr`L{^&~rG_#Ok63$+fqm#Nnn2(U3>ho!Bt zg0UMtmvc6fg9Q=>cw&>{o7GquP|eAdZGdtSk;;s-Sq_RZ_Z8Y3$x-;&zoT*%CCQD) z2Pst>OAw7nbtnl{)>Ypbw3r<|cj}BV*ly zQp$5iqTgIROu$v(Y(K>pME+* zMIS+ikqQ=9EWZ&gpBL9>34hxl=HL1-lAx|3lN{X&ix1uijK7Qnv_8btj_#mFr|-)o zg!L+SCq4ood1D8?*25AB`0$lc?057jHkM-Q5_4Y|!X>SlP}ciseh7wc#!S$oBka5H zzKkj*tSB>636^f4rX%Bw(KLalieHkjVy`hkm_8^*!o(hd!am$hPo&WqMe!L^Y&Iri zah7Ai24Q*@;~@;`u-FiBW*93AF!#w0ixZA>ffSgnd?hmoMYWj%31_0D02IR{pSCu$ zj^)yDK*;#fgE2wZYrqqM0R-k{TF|nveU8;?+s7?><}b|a z{&KT~Vfkad+_+fDYZrinI&t>dXX{8DA9uk@>vKdcp;I$&%7Kbe&t`K^*8VUBBO}j; z{SyozJ_g}w=Os&?TTz&vLW_9&z9_NCWIxnbbLK5q_KM0-6fa|?e~Su4Bl?)~FpfiP zpq>V?MB06f!su7tvk3T!^G42fOQ_F-Gm={j0m>$8l#ldb1UR|F7ES3_zxox1LK}-b zeR-G>NoHIlLn}ji(VgtQWmJ`4*FGu;NOvP3-Q8URQUcQ5C8;1CqI3%an~;=lX{9?h zE!{2B-EbDqbDr^zaUT7h{}|_de7`Up;NJV*>t6Rj>AH2p)x0%nbdFNy9hJJ|71 zE-0GTB)<3C4K*1GyF_HvPLsFD3v5D9ALfgYLuq~Ss>nUQJNZgoKNgbQQ!gwLiVM!}&8Q+pgJm(Vhru5&-yuZ@_0L(hoj z;^!i;*CGyM*(Xz(b^MJoS5|?AZDwR$ItK^0?Fiw>@pf1uQk#bhKeK9e#GDa}hQw(X z4x6K@Y_hm6X~OvDG~23?Gf^OqR5rIfkAkF(x+2<Mr0_n-F|A*C7l+nF6tD7D zu%F=w%nc-So37N?;XNI218rGX9QW>?`&{JL-8*sIl?(QjYV+4OxTuS%((a%&SZa{e zx3hf}Cry}j%o)o^CU7>!*LNQA<=Ktxh3!+SrE%A7=I(eMxbm#n&aHdj!|{U3gYG$g z@0B|%v8JJNg$S0cB4B#S?8>eG$*M(cfrJ$|%Z+t+_1UCn5E zk}85qwSO9|{Ix|W{pJ7#XA##;81teR(X7w!DjwgKf_6!HAn0de#^O=9b5sB!tN1D} z7p&CP*=PkuDZdby!5Gvmy!u;~ZpU{fo7-R6dbyS9^wkAu{aU=7`wWKU8iH|*8zUUw zzQaa0O}R!-zg1v25Exe%#BljWzA-f8#n+o%tjvX)BjOSzF`Q-;&g?XStlsPp_HKEhAchc0}) zQ*xEldyfFkH0OX0#nQLz-dOT1smD|)qAuP%dqmS@f&w$y2vefe!c$XY#c%jiN<6SE;N^eDF$XJx-r!WgAG(IwC%q>&2foaM8>{nLoEq) z?H|I)(3v3}6J2OaEy#1VPIW=UH43kNq_nhKh_CFy|0Cn^E6wn)xlQf~G2*iQ(MMSU zxMcl^u9)dUCZ+oa>3z(MVxOlO)puwSQNuZEFxsh^)K6eFKW;EA<6|YihfVQfV<;E- zcF_J?c5-;ClfP?d0sB4D4^w-XkK>AtTafyco++2Em={P4k67VkFg)=U+;kd=-rE19 zNvl?KHF8z8ElgoL5Bspp^dafdCS{JPu!-uLQG76wCC?}^k=kQ)61`3avXLBC4bMo@ zj*g8s;*{)nPA^_lr=h~~DqF~^YQB#^y}dr)d_?058!(oTq4|?qJWkcEenR{sIh=cn zlRM}@(^BMy;$A$nVYnc7hH|7)eDgp2X_>E&p4Mc^FXY*xw(u#d3ZgT9S~%2(R8$Nn z*>ciX&LFR^GxaQ%>oXD#SqVIY^I1vf&;CeH3JUI+H!APbUN}<)Oj)ptFYUfWJb6*H z{GwE0DN>m;Q?CIYvH?*J|7JuM?Gp`5-8w#m$w7tDZbs=9&sk5w_T0->IdrsD(-iH*kTw0l&&XKie6ScyID%Z& zxP!4r+CSK7*(c3y;hqdij1q;vS6YdrpyE1CCOWCK5Wh7ee--)+&mV(H{nl>x7p`@) zj&hpCz|#)xyyX!}mKNilXrlU3lgtLHc3~}Fdg_T+v%_W<l%|oqtZSICLj<8<$V69ATW<$U-EabGVK@Z{FjpS(X%I8kv0eCszqn1B^jWjoY$# z#*_~EQY}0ltB`Q@z9Zfe1Lz1=oaPB@z+F!#ARhA?S7dZJ|i2{%%wyKNhYqsW#iN^`K$LS6GF;as>gEZ>pZDnzF zu7mYnJC0}8^sn zAFotHq$jL*f=4(-Oh=1Dim`N$po#YHTBtkN=UgIlTpB`Ae%0}z_DL|Ej+&q}oqSA@ zmwO)~MLivTZr8kbq>3afd}8pyjEH69_`~8(yTWCeBO$K@n<%ff&ZPjh zplJG-RRNhgInHHskn$R_h%)0A=Yw3LN9!b|-jjoNN#TI98O~FeeL_V8|(5ZV=)Q?&q zTG@*10t5T=ynnOS1+K7i?23uG=2sg+whxy~toM=;c^<|Gu~I}o@@I~hsIm8FiV2Tz zE;T-n&#l#e8uxhBGls5B(CYPe4)xWWm~b^C*Mp)QrxG!9GuQHUal^CVu{SvjERt!$wPC=$ZND^IlK$ zGeLjh9Nrh!#=x$sZ>EoWgRT~HbTw_yc0a3iT%jQD%qY~n@PZAr zNTh>)VjC;;sPau#$|9T@dEWTKrNq70vl?eDSduc%`fSJeRKr*`fSi@XA1^*VKr;~G zJ5unwDfE4zDEYQ6oRtA4DXX6eR)QH%4Vqe}*|||ws_MFMl;6+dY1W+L4c4(!yvN>1 z8*SsxvVS$favVVcNw^_}#dKaJN0AiOQmFH^#fP!Yr!6j4hx^6jj)iUZ^az^fIqx5n zlHm0&c3?}`G~4Rw0Tjt>vHNTI*ho8M*49a_;+gu}AlS$S=`YD1VWx2%R!{W4(`}-( zCXgd^e2r0j>f&TCeNOt6wx_&#B!uwgkP1TkFtwUMY^p(U%}kZ4_2OfLA=5B^apU>L ztGb*c|D9hF*-jfDm-&QLzj?$>cL$(};#rxbQ<=z&d{s7y>x4CpN!Nvy}OWqi)f;A?d$jLTu{T#_|o=4KE!%!;eWQauBl5TnX4 zRfLr)*C(uxCZXS~lCFqb6TP^msGiX4tJH19BG!(;|ZoA2vTWgAYZ6Z`a4YwbftYPr8-t@P#k^zYZtX) z+T@89YOqAod1isF_OtV&s2!BY&P*)3Jq zBm)i}eR1?;B7+G~(Ri`eZ4Jh591M+*tNz^D(Q)&7{JK0HS;3MozJV%%@I_g*CH`Nl*Uf#iyPA|jRuq*5)-S(1o84v`^433R>E(WkUeUdvpYKZixL!@am8`WCCt zPm@hpek#aIDytQHkg%=+YuOecJA)WFw|9aAL!1mtOa$SN4X~?&>HVsMLo8wnX<8;p zd9wgN`{u~(@%8kRvfx?q!$wbLN^E;cd4cnFb-AFEV-EZgx;e?N@O4pTcL<#g)gC9es2wAsey z7=yx4T0rh?Iq-GLOn3i@p66NZhi^*7(N|yTt1N?P^kx0%@uIS7UJc%om(`HfMXVG@ zdCoQX?H3E*tY@4~7}W2kiL3^^OY4%>6yXdIYd#EXUbMBRqADMFpL5MTp1ZZ|fGaNz zdozuu)zX{z8HToJx6^1^<#600D4?b3I@g)o70*s`TiW9T7SXZRW%Y|A)s&@cteo4< zb(!WD4psf@;@ENHM;KLWv_p}_gE;aXNc)oo zYZqWUAnWViMlO+JWc<3HRm`{8>LT1?05@?C`P*j;vuCv?>>AEadV0pfG(F{l>nz-a zxvD0Ws3vWxk>6WHsC{8JE?sm9ysMB}ym$IXz}rxbaGv)p zk7KDDa@ebA6{t`Rb>dkw**wjCdT21P3CD{PEA@ zncDbB4rQVtTv$%;w!-`*1Ii6&O`z12fYOoxZENVv>N}GeSqU77^vstR%{r1YlwvlV7WL)V@Zj^Uq#3UgRm;wu_@ouXk z+{RdT*2Y{YK?t8Nayzp;LrDUuU7V?wADonL{txwOlcBSGLG9Rx6Z^RaOfm5WwE&B@=8AD&|ydARI{4o zN8p*S&n+p)ze@d1DCUFDhkn?5)#~GQ>2oD5_jYyp)!E+HjXXJ)?^kW?;x_bH2+_FXUZ zq;?@YhMOCF9yH_Rb0 z76c+Z(apR+64ClSA0XPcOxWaCX=}+4sW9?T1m%qkg z*C9#KPWx+FrY7ds7>R4;q$y@I({lnm5gy^E(FT(7IiU~?5?Dz4RCXk3*lzDQpRJq4 zXDA1-!zlE#w>BIPVU_DP*J#Pi!FJnfU|jJ2R3>1_zpdu$Mn2Bbjmj6jW!ZU|6=hHv z^M&1$8qD+0Qga*V3VQ_)>)+xX+43QeW$GYp8;`bl44ufcNb94U2hw zeTo?Z(WL{6BmehjSiWC=*{tMKPiV88pqKoj+Kxf+3>gtka)p55JxY+%~ICcUuO{7SiD(W}?<# z=}o~$LN^fuYS`2HjB&;Ox_vHufF8Vio)toKs79Z z_eH{tQj0E4CYeTB{1WN+IK#n>4ita)Q>f25cI~3 z$9O(QBXqniYVb4;A*}lyy?kfmB~P65Iu&1~RM+|`Pw2-CT3B$SoTh8>vbWt{Grj(| zMV~c3EJ|UGar=*f)d5N7i+}$T+%0khxS51j6c+AqwyvL7hXsTq$Gr)@%l95i`*J z($_|Q*)!xyTK=1pM^nyQ?yjys%?HR?`3!vu%KTnOK4J&oMi2+MV7k!G7*Mi7qsDTT z;y6$gH1`)8SFgUYjUjd^_ru}Tq_1=$tFeU$smyPougWdlf0R7)$(yJO<9xSywHXI^Q5Vdi# zg!W;kP(1tj&7$#!=3A9hD{LDV3O=*;YOt91MP_iH#02kOgX6;=i2Pr{S-uq9`f6L+ zSo5wZ>^=l~VAPL~cVGQ1>lL{l0rqDK?qkx{B=|+2>v@SMr0&4t&hlzY@1MT4@h22+ zcjFCUu{mdx_eHnbVLta=O5d>Jc3*}f;y@L3hGZeDA5xdfW53INp*GG%7VEK^0sGp8 z?{`<*Y;W~R{ua#t^+mqI;>|X4|Jt6Ib)ceeM__N5sj_K*ZCRqn^(J=(?<}QYby0=H z&!gIYGD^W44Auwcl6oIq`}*+ybcXzAS#=Ss3OWUN1TBDNtNjcncL8E=0GcHuKD(K7 zlIN{ng}u@?KC`8aanL1SS+nSOnaHa0Kc6@MUTYOte*_GuH*g*_iB(i+<1En@D3NB$ z;zT=6EZ|?PwwA#Cl^rd{;QuA@A1(?8{x$XRl7Etb^G1!W9*05DB_}ktAf%6bX)(cG z7w6Q5$8m3tm_b|nzmLZMc~^RW@sCd|b#cN9wA+gDwi7Edm88{kDehUVRo}4OG5H&` z8<;M)1;)`S(?Y6^TVe0cevN$m;*P9en!Apou5m6!?sGDt#5d1vGy3)J_8NnT(;S%h zvgHnX9B(M4i;CD`RRQO@ciR&skjgN&vEfsK#aQict}2HvIDb8qBURs5cZS4sFWGj+ zBUIVSzta66 zM_T&e_gh-gMGUX|YU~KUu<&dc7~_6q>zt{vpRF+KR`iH+sGWDMST8E6A&#_qQ?FPt zSG(F3c@3uMlO4@g+n%>P#&Fr4;i=UwaVGwLm&{u{p~BM`v;NmT(kGwMY6WE<|5(7e zIFw*A^W;s2?%kK>zJ{{0wCSwvwz9IMX$$Mgn*FMNJ-zjHyV-w4nou1%1)7XGHc z>>zOkW8)gnW{Sjo!tAN6};;Yw|%mg6a!B)VrchbUp@}w3CLdb>2{Dfy)0C? zg=1rDIA{Z_!0A;m!+W|txevO9dh}V(i`!J{*9TPpkV*Y(yI2#$(jY?1gLDY}%f^T; zpIcZOieyVC_Fak?5DYe0%1ma?H$@NJC=W1S#YbIC{t|si&YwR+PX7jCmzL0uVO@}n zo6B0yCm?O|bf{be{eWsO1=drY2kV!END>TOb&#J)c{3&G1NU1Yx4oweu@Cml2!U(s~@cftwQ9$MTS$Zeqh94)*`eWx? zgKE+gf#n%02`@ABjR_el=v1c2Vx#-wg55tASo@|_(OqwB_(j7Ur5rAoR;~;h(<6;+ zPv+vkV7kglrNoy6vLJaLyl%J|MBdA8@AhmtHTZAFN7~R14aveBk@>xvi+LmZXgh%| zD+J)Oy_tgyi(?GMNhw9ZZ~Z`&fu%iXs(t%9gZex~=oI*bswyY48t~3JwGZ$uHb@1d zSKM(++@2)w4coq4+wY}Ihi+w}k~S=TK%s9hX-#_h=5((6Bg#B5x&cGZX{{>0&eEpX z#iGO;o`6UH!7X;`YjE|5_44=aQWRQyL~dP2H_-p!fyr zk!UDV75Q{;^=i9JxtR=@)`L1YZ14UcSZof&#b3;_-O=RAw1GC%8ktHOjb7(3i#SXE zwl89k!2ulqsTekUWc58m*C zdV#Ti_t%S)I#ypm?_NHLlp0?yfV(i0NH`)~rIo2i7DES}HHk@@_T$=*gfeqcfj#(E z9J@hK?VyeZkK>oZhaEA_TRDlAuw0c^L!x_it7%?)^(VNL;si$ChX^Egn4C6x#c|>& zLK6WksA|c;hJCRU$C-)lb(;azH@yBB#JokY+$MRcCn_)UW|xO$DQPNDx5z|115{L? zisaF!6MFj(8bM`AVR>eA;BY?}hz!qv{!>kPowfUj+S=qQ!SxP!-Y;eGFe;*Ts73+D z#G|=0( zp>g@Yt)U=_pSuAobnYf>3@p*i*m6EaXathXX3`_v#aRB;2rkn^DN&9*Zblr=L~YYh zcTIY7Nm>rBIOCTx$vBixlkyemoxsB${DRPt>s{9`En4x|f>fNM-)t3>v>yT(RBXHo zm2ilAS>i;=*cwk>5yxk;9~WJuph(lIy+V|?$l|O&4JI^GvUyQu%{S|85t{dl=WMyK z<#0Mm+vXo6`7OXM19RhE_>bwBKN!k0t2{f$95AyM@vcD)sR-*c$^%izrhlp8(cp_ZE*)%y{apo(;$O!58kfLHiSu)q@ z0lWFz6}<@)g^#bGB?2oURD$5(L4vhv_k=qMeOSJ)R=U-QdjOHc{RkA0rMc z_iEKvhlAk!Y`t_5K3JdKBgQPwW}}9&o-odenmO)C)7Y1dRp~Y`HX=JvtchrOE;CP1 zo&-OAi#SF#D0;mEku%=N_=s-0mi!c!OHtnV3HrngXQ%m+#mr=Qj0|PmA7KZ`VYVZPL59La)^!fitE9t?34@EuoNBxG$Jk)V^J? zZ+84}!gE5?HJU^(*Kp2o`rwAN-R(hDk}l-NS_|PhdntB%a*+QuFGcfjc^M)s8X2Sj z@&t#HW>HpcCen8DXgdK#hz&aTktpvaRmP~R{%k>_QlF4k?(DvoI!QdmOEs)`3Un}J zpz!Sd@~byESiGu!E1`5NU!S->k47{3(AM*b%IoyEba~h%yntTu3tgupyTz?}-BcA#sQ z5ycR@anj)2(g;(=NieQ2S(2IB*#fEK@c>`@)*L};{2slUcXglw_9H6v=Si5_eYS%m zF1py;g&Kp8ZCml5KY9tgp<(A-2GNvX9tLhglj2??n9d7lasKRLF%E3x*C;9^;tDvC zY@y}$y*k-a@7Y?GPK|~;rD)O2!K#) z_5%UQED4H0{oDc~C8fS}xtShqVfta3H>nbMt$EGilHNm7bWbnL6gC27&JX--KXnHzQd zgr695KXkO91|!E=ChM;0(JBPyD^{;RWNF&8gW@Z#D5^y0FxUisOik=V8pR16(gX&$ zbi-ejdEPY5g^U2Jy&r%r$j!^11j&QDnl^Rh1rZumUnkcDrb)@k@7%u>NB%M_59<}? zzZZ7NbYtJz5pm#FaXxc?qp{zc=#xg0Lcv&B-q{A#HJ`t)gHuha3WD9*FVmj9ZWAT) z+HZ6d%o=#_{@qv0)1N;xz~r`i(lAAiY-=RO@+DFwj%hwst#|~!IeL!SdJ-aXxK2ft zdak#-LOZ2MX3ItY z=_v>wr#|IROWH%*(RT8o$|GruXDbsj$o+nzQz{8gKI!m8(f`1;mnJdd@vRNapanrH zq}`Q2z{y?V@f1)Jxk66bH@GXr$6m0@(O0hNHl8qb?G~2UgGbu@Opf_%r*h~U(NF*q zj_Dvst+okMnVOt9lwlLKeNM;C)(^vuH;1CPAWPYA7JbewEJp*ftHc};+0*`dtXdDk z(m*)cgV^v)ujJ zDg|!gn;>6Ou*y=27-L8f!XKjH@B3y$B@=;|NcGiaTtf>hwjd&`+Bh1Ab{Kcch0flb zVJxXdV?kkTaTq0PG#peGJS+)=%JRnw2>{@WKQ;`vtenO4g3pl+XNHi%(ZLPub0a z!jI$=Ij=EvQf4v&=VzqQB4UH{QPs>1LEZB@z4LIjy9_`exMnkG3NJd3G?ex)0H`E+ z=~5d#k}VrI^f|;`u>AzL2jol^58wkKgktk-*75##QCXD01_Y$D2lzxYIJQNqADqYL zS8ZJ!=u>4Nh{TPDT_h8YiBHVe4>)=QbXi3)B#NzXT#V^D+ zaQoYfd4OA@bE+k3x7x*PXv%3BWGfy9hSrty8tkCg#>Zc+knyfnh7gfFTlYm>Wk`Z6 zTC30)EjMZRJlmy5M`gt5SU7$vJ+d`IofK`UtiY;18@v=~ zxrgH5;@PSY>zkQZYQFb0pCDBmQRl8(z6#NOmHE5mvGER5ZLrmFB|=%rPf2Q7htW8*15(-&7R>*0(hpX*l< z^wPxQ-%myrh=>*)e(ZwOolRy)N(7gG>HXs#B4Ky-*~oGfbePcP_TWmj7Y!=3t%5ei z8t*^~-{C#D(z!-rssMU(&7oyBAG+A1hRnk`%(}|=(LY}Elu&T#Y=Rp`JMmCf<_v0# z6VcZ!c-r#z*I#a=jG2NQ!6?!)^6Tb=Lh>WIhR$Nn+ExS-Ocf-)M0T>}M((Cp-X?<5 zn1M*FnV{T)nSEMV8-QvQ*s!tkv*@tXu%wo~%l7jtNtkw0H$hFlZ=?CbB$eO`n z`768%;yBSpA0~BvDu+~EKs}qsovWAkVM1PYvUk@e2k)4Tc_Piwt`sJn<7MIROJ(16 zJd(YMxAD5_X?v?}{6ZvOC-Y+`8I6+Ev||{Vdpj3hWYDj_gDQR;j&TY%7_Vqlhpkq# z$y8*=NHR6Iuntj#W~r5z?hR70(+X2r1Ga5Q=xZ%ss&ZVExM%s8D{ywWMjDStkCM2@ zWD#R?OdwCl+@GoC9_YCa^x{67d0s~uSC6IWsUATa02uoC6RB6w2pgCX5Ha=&N!x&uEhdh2WxNO3zTw12bb)=bsZHA{?VIg0uN4ll&N0&^O40g{x)*4kHaB;k#l z`o1_|#}w%^|LgOn@(l3-A$SKx#9+6|ooR-q=p3DhevxtAJ>AR+XE4f#-j{}H-VD6l z{IVv(^hG%)cguiY+4OQfF?y4=k=v($|M|`uKsEGia^hEjo8EdSq7avuBrVmE2?DC4 z**btu8jt#z#@@rMCplFDATU>B7l5A+nGlqMu?0b(!Giw|NG$m8Z;r1|w+W(y;M6qk z?#`RJBGP(?8Z1gNY_ko3e-v|3yg-NE#=1%`I6}z1Mlz*>wV4g@QJ+vEGw0!hR|)+x zHzlmt$IZ|^6AjJlkY3A=l&+eZp(dl0a0-e11rVnlND?otWg4i3->8>jGR!hjU6O{M*m3hX7*)?lP;R-|80aU+5kG4d#{^Q@r+bv~yjr zd5N9yks1S`EFAp;IKR!o6h6PbR4v0hxAu31tUQ$g1UTrB!8W*Lm*$wZcW+as9KQHF z)|~$u+Y}oMeXDFTz`Y4z=m|WgU|T(pV8w;P&n#+++PafDRasJL zel+{vNuoYi0KX!`$6RGmhMh&PIMO~095cp_#?fmVezOM~XEs$%ClmDg=SIErCMO?? z9APNk8$Pt&pNPY4f5tS1QQ?Wbqd^im(^t;|^5itNu;zFz=2PKC33~cp2 z=JIf5b2l;V!`_5nF#L)bHJ_y$Lpl4I)iT66g7d%n-QRV7X3j-T^RI%m*$^eSG7adg z*|bqd3m?6(Mi|q9KtFdih77YiGCa*$4|o;Emb%3dt+qSN`5em5v{3;~UH==al_Bsz zXyy6@pRwR;c3H~f#4lR{7SBKY>QzPsQu$XBt}MwSxpe120ioS09Is>c_AOA$M5z)X zqY`t6^e7z$w$E5Z4z!;!{w4M*sbsW*v%b^!NyB+-aCo&|G50p)P5kBY#@T-JO$bS; z?T6ZaRvsG|O+q1He;wM2yGKKUJ`W}+FvDnhFPol~FnFs*|Lxt8e}+FQ3g_9e9pITX zM@J!C3j7-X=!$`Ty9IS)zJT$2pg&R9-|9DnEJ*Xf>)KhHM0vIn_u8`U#r)B zl9A#jwxjDlZfJzZ$JpBNawoy;@0xR38WnX6HR!g|sF`|%Ur z`5%@;$=@CwTY?nEVq+kJgwFwxcP`ZmiL9XbVCEP+oiq}wzOpd^$S}xqGd@~P{&X8W3KDduc3<=fsf+mf&s3SWICi=Jz|?VL_#+tg zp~|#TZNw87tJ6QOb31$Wmz3mzH6czC|2PC`{V2zE)3~*v z=lK1yrv7;26Rn_>rO2H@xv@m>+3xv*ZM2VHlU9CubJJfQ{(pUf|2J%UY2zUD;3=rk zeuURm(&oZbuCv>7F$fo6pF1oCU49MwU9L}Pn=R3j*w^(jGC8xXh*(J5nf>FtK2ynR zK_x(`ND6Z0V;mc9n<)Fsx;~tT)%f(CWL%kVXb_V=FJV^)ojw1{eg9YSoZ-S{S@l=o z;$eM~>&3S$q1?{aKmO@ckqIG(ME}EC{^4Kp)W*iS&xZ~FrUm-fOW4_0x&HEe{X6P> ze$mpR7@E--@eezK-q^Uy>Tl4%zdnZk(|i9UYzZ%-e_EQBmWZK$SZ8E<6-ppXqWN(4 zcUtS=n*E8=|6%vxs$@KeMX;2I+qL+oEdV}9^zonL?!T8yJQNNU`WbPi|F0?0!ygbV zy%GNDWBjp^2q6quRf&J47$24o6?%dCj~_#W&CaeyY0Z}XPs{he8|E)-`2Wj>@#n>+ z&k*Or(k?e{y}3Nz)NI-qNC7C;;-@jiD+j)mSn(pw65U#d`BH-)os33+)}zT|csJbi zr)%Q22is5S`ff%Do)He8RsRAc4ui=&wjl5WD0clbgIW_%ePE_6$H*XaQ~D>c=mq5~ zZVrBVU=wl@bYBCt!T!$zwG>`^{+}U&rfPpep^{6)6@o2Nb{lI~2V~!ea&iF(mffT+ znA~?NMu?7LkuCHAU`sbBN)4@DV_oH|G!rc;fmNkYZm?=sB_gQaQjX zWS}lrhpIW9*XX|=U?8MrwU}UbsQh9#2&%@xh~sSrl_leLyxhNbM-WM= z=YlNRPH>F+hfUs}9=zn(_awA@IX`TSaC@lOfj|J%cOUSe5q)bT97TsH2gb+l$1%tG ze0K{|kN@FdceH5{SG%MA0H5M{@{7a$UP{9T z4%sA7r%dF-q;_T-W~=>KLC`{p)e|Mn8Y|8V^GB!lQ zcP9X%`&g3a=@%Z`2|%MB++FYEq-{-CS}h!LaG}Is3uKeB17ORsG=VO9;g_9> zwO{}H{(*xaT&1N2O4)Hfiu_q}NsJ?@&t!Y$Ng16Yq#Ud#wryr;hcRo@#R|`a_D2;o z0Y#7co1=aqmtUB#bH!03JDzfON0M~oqFGMamA4|)-zw_G1Lq5Y3bn2A@Ul!GvCBLF zn9@R-QM3EX&UB@gjzzq-2b3+9er~&MllNp~Dse`F$K_b^)~qX{9$-~+_rGMti20q2 zIS9~Hliu#Bb2OI!>3|nM#$sn5^WLi#v7dl_GbI=`NU)Rvb@V+>!Hk~VI&n(809=tZT?>*o^@q?8 z$C{#ddcNpz;h+oRT*lRu`~gfM-@2_7*aT{ve!n>5*6%fNon8mh7PC^+PZ7yyMa#PJ z6N>CR0EwmDkfja9yjMV3%au|OYOW84{_zOS5C*5`=S`mq4dkEA;)uPtI1mr;#7t=g z;bUsn?|kc@@}qIa|3pYTtnzFlm{b%5ZGwrOtD}ClBtt0}*hg@WUzA_>V=FLAP&V*$ zG(6yl4-w;ZKoejzprrHmYgqB4Q%Zgw2U@Ey`;SYYd!Vhdq5k;KU1+A0&382V=sjQYXjsYzd%!8 z$Zp<0Xv}~(BY?=zYqz?*UFjE=Z7x={0GNLW`GLcts6Y7O;=!QGe3ksOA%Npa6{a#^7e@qpbb^Y({k{hi_mdEi_ zGT>k-*xLgovkIFd-uMCC4K7v2Hvo=mX)q61nF}kvMsl_d`4nKR_zRcn;v)i@E|3eg z=Sb0#G_Zlg(MCPUdqR12v|>ZW>iTTg3_Y}tMlrd!J|NKA9?>!eQL7#RuFCw&aGsy> z2fs?mV^aunNBZnGb8vI%m64_g-8*C?DZX)EBpfr0oan#%=+p44aOG0<6w5 zNK0NlBP*@vs z{r~~iwen&eevxxWexH?&&<7a%*u70J;l{KHeT+x)@&sF>x?a2t$uZUQcY%5*x(M{b zt5w!TQbd5IGPq2%ggE9|EZ&kO9ZFg_-D!*o!ZV=F)`v?gEHDU?9KpTU6M! zsO>~C#Bu^l0Gjy#-6Ix$dJwq~Mjs_e&(?)fJ2YKdI$$E@a@$vQ;?ETb?bUs>5n21$ zAO7s=aaBmS`D?QU#hEnd$VCDthy5RkGk;D3Ye9b^-YR4LXm~%uzBwR1d4fu)f-2JP zv7?2BZ@c0cO(xRz%#vdhUoAItn=KbDLG>A82h3hu_LMhV+l9N}2cs!=O+q$_OTq{W z=1;!GrY4e{bZPFC!96BMaZX6Aq{tnn)TYUt6b4D>={N2tg+-+^fP|DH%B{gXz5oM< z`(_^|vrUkf#@*tOD z44>FG?MZCZacpl0MRxuJ-%v*$EpkTqF~|fhz0ED87Y2wxx*vqIVFn;3o&In`BlKq|Pluq5M{yh&H-&vDM4{dm5D&zEj4buw z9OP6D%IE>CTl_{aQ&)3E8_>fg_6lOY39&2&`oP0t%2{ZrhZku=&?-HS#V?-tINAiL zkzqxDCKYr>01OV3N>X{>+C_9(Gg7*H~G zD2G`El)2Ep7@#_1^+jS7({GwXb~r&^LGvDWBi{T=wHtQt2z zTfF{>CEyOuAhqJYTa2MiLN}S(@!?zvmbLsz){lv6nP&-pBep zYYP*}WN#j^JP|;!{C%4@jb`At^9>39x9T%*nG5{@Cxu+guJvh$0O<98bMryhP7=;o zt(`#J%Nk=lkz3SZFgkrgBhwG*a0VPhaQ*YcQEfb&>(F%+I*8bFg%vk< zX2pE7(hX7O4Y$y?4(5FkRW zEsRa_)?}w@cy75RcA8{(zw|^5(cWwj?Yi20MklfMbW~PXIzMIC`6Va}K)^|~5dlmi zzH_E&NYtjkrIo{TgXAw>teJ^a0IUX*X$no;XlzZov3x~1jz5Wehq>W&m{Ny4f> zEQ9AY!&1M0@2q(7x?KZ|Cf=*C3C26N-dD1o8738V?9nJZDplBf^pu~5ny&vbR` z7RJ2I9IHlTz)7bUz1FG6xti$FX!H~LPjx)5HZ|-zzgduxT;-B>U+bux-_=+;@09Ul z-&PTj?E{^8v;k%iD$zHX^@ca zlm34g(~6WJDJ7B$3V7fBJI7y~!8zl8x*zWNe{rB}_gd>+Z#>U@ z=9~}Hrc{2OK!(ztJLk)I)JdxDs;LS&pqHHg3Sgbe@ic-vgeE+9UPco1D`=jS^DdBK z{9x~BJE&~G^j+A0wa>n#B?a@BMk4F&7hhZfv67m$4rCKw3KG?ohYK9Ms+JzUF0XjA zT?$DW`+N{Ddn@;v790pKikXj!&MfI^5a9`U=3E`ccu^Dq7)RgIl_MBdmCPgc2==x= zz7>A3oaaAt#;`)kXj&(o7aM>mCpTK5L-zFUZp6>!DjL>ws(-JC6Z-TZ+HBt$@fe6C z<|$p8ECBdzyNGKR45Eucz>5ZAilYTF$JFcMX2bqVHLq`)ZRp4(daKy_Dn5MBY{&jD z)bOA9oTeV?I$4^9`QC&gZH%g%4G0G|Ksv~?wmg@PWq&xKPKyoers}6 zC`^annyRsT&`8vd?+x`BbEk1gyI$L-`hXqg3)=EHzzl7X+{_6MJb7(a_)%3uxLmp$ z>l~a8)~XUtI2v?8AAnzVC*39WlLZ3a^w_lUS?&Y;$PuA=Si3)4MC!hQl|vbjezl*P zD0%NKDS z&11T{#Ti$E>e5yOZ2g4@WO|nrmxX7k!?JNydyIHyz7U_ukIR23tWB3qNr)&NT-#4c z)1*koLZ3NFfB7Z+Q4ugzqBwI1brAc`0jCO7{srhF;Rtr^BFH039Q<5R_45Tx(x4Yu z_@ow4FVsY^83r`5x%ZGIFEjQ*0@A(_#BR7qcloE1-B>4*qhjEO&xSI8<17cnsc)iy z>b;r^C>2r%Jw&-TGqY0)aPJb!&=@D-t3(XNvzWeJiQ?>|IAq~JDX>|&A(6yhG=lD{ zM)f_4vjX#^_Dn6}xn{Q8g8^Ln8SjZYW_mSR5Q4g>vyb?}Ykt-V3mN#(ptLxr@KvMZQ0T1&jT%N!RE0;s6IK<84HBt+J+}1|3B{K;8 z`+mq8C*H$D833WB;P{+XtY}!X_&ez{h*Ins6?_V-wMvLC6hK#}1B`M0AWimby3dt+ME4&+PCZ>$|5@e$B(&PbdZ~7 z5Zwd7Ac8T=;sZbqgMRbD2G9)sA#;Am;h)E=UPg= zWk)K~E4$88HN^2+HA}31!LS~4o+#V;GK@4%7|*BP{fGRFIq#KpJZWOKw;j0LD#GUG zq;TX+?Y=3@^pc%rOyUT)J+ci1`!kVZ-*OXJ$TU=qM%$LQjHa;PrCysK<^_QS5v#g2 za|h7lL~fd6;)k`LJifi7m6L?J{1Yl?<6Q-}9C*MM=gU6-ss8G$B1?J}-ImPW2+-FR zVPph9yW6-xgsVd4j&mo%6lmgBC(>E?m*dm3v)Nxx>ml^sJI|ey`XkAY&h9n0;4tXn zj(6a-Hn2?=*{E`A;-FZ}jG`0XI_PD?qVE^E40{%RW{k9gsSc zXfa9oAbHM?HZx?YW~l_=F?1Z=ptO)}K`Q>Xk0{UxJ)?1_*>!a?@FWFp-!gf8P)U;Stx~9|Mb)w}f($H|c1)A;P?QioH6I zfi^3aLNH1NdLu%;R~zFd#k)pVvqeJTC@u2E%P+1^=iU3Mk$NKi$q-b*+jKv=bZP;m zGTwau$CSpM0Fa~joO{EdL4E1dPCn=)k=Ibj+QNbC5y1t2|G=yj88a#!##7oGGc|Tc zU&Y&ar;|f<9eQj5B&?R=aKOGSy6|Z~Ox}pkhT5sKupXt*YJUd}wK3GmV7ATzLl7pD z=nh=J$C{KkBOmwxM9%6>T90FLr7BW4Q>Xh{&$=eZfZ}wJ_^2GUp6Juo_IU2~?peeO z3+4`kTHBE<@h4zWmO1IY#g zWM&CaL1Tdotcz4FPEYqKmnYCEAfw-9=e>>hmlzT<@RIs#8U%4X*Ju3!Cu?JNqxX$Z z%R`f5R*tF?H1F(g#u06`ri2Fr20C93-duTe@9yQOf`JSQYUsWt?v&x&V9{I!GBDvO zPA@N@W*)H3a3*=mJTha<)s0tTmEQBIGnhO~3IJh~svF}~Dkyi}s%xy}<>F!qaYwAD zn)+^eN6bnTKWJOg3M>nlwMnh!9aR_qLd-wa+i!URswW@KgKr|?y`~6qR;2I@WY9`w zrJ#g`$Zp=ui2pS>X00h@OCPUHmO5Eo zt^%aQaYYdW<)w%_Lu-ztZk7ljy#fg(!3&E~&6Yf@t6_mZ*bYdbi4ih2lkD7nL_G7xiR`1l$LKm$CEOzn?sZ1hw3-etV|c z3P{-BJo&1gMMjN~k@yB~B&b03@*zb}Y_9t8^b+OQWk#P$oQ78R<)DcpYF_dYgz z+7T|lZ}PL*`JI{uVUUh|*7xK1W@D=ieis>4Ea=uC9j%Z^>WJEImaG*c}32U$_2q z?)>dt0UVznd`LS?xR>Qh2=iY7#{YfO|LbwGpR#@<=(&N+K;0Lb+yTSxcga@u1EBhe z_#CbQo*=h=)w6a!1BW5dTvVt}mN){xh;eFGL6{y@tOLeVpTG$N-Jzy}R=?oVkq zO@p$}_q9X~j}@dv%Y*{u`>$V09Q?Sh1U&zk1=1JT0_h!y1)w-Uz-2#U-NyGFgnc0T zB?9WVUC*R!XaJG~>?NuI*ZjRDK_Ey?KqvN)7od{xg~G8+>x)4zsr}}UXjdgQ6_EFB zgBlE$-Q&H5Gtd;0?XHt8@U=lg*4^?*-k)zfwV-@e%RjcxKciFR26w`#xfevf!UyDn z??6I*0?O?D*^Q1LTtE+3P*dcDipp#NZqt(YYK*@5Vv7&3L|FtTCbvB-HNzW`IaeK# zN`uSCbZ=Q)1jLGwrZiRV;|?p;<9AwMr@@U`vIwUJY>P@%n}_b0Yu+T;n8J_D!#3vt zh(^MzyaMv|SC2E1eZQg`lf_2^G#rIYNKvF%egXLmfvHn5dgjH=rXKK%fQ+fq-j{-)_o}o{pFY+xKDN(1?j;B(ol1%l-I5+J#mgS$T9W za7?Ol(XcT0k0thd-!6IE@l=-hapmhpNAqjPpk^M|y;B{yf`&|)K|5_ETIwZK>CWeO*?5?jr9X5Z1=nhZ|kG+oV)ZN^)CsnqfB0xj(~>}znfDU zJ1uz!D*tNl_QrGvGrw#d^4xH#X7Jnt11WO00jhdycR3E_qIEf?tK!F4UUD&*0*#SN z{W|4?ptw7iX%TeJ8wbNT5iMXC0ryLY`qwhv)0rlQ`#mz=6TC9Yz5X}U;r#1>U6Six zY1+Ci2{{6TMv#{4@o?0Cd+@mMubt5N zTh;wEZ^3aIo)36@xb26r%u^HZ!DiWa-uI$JXr=4ERZJmo=zKE}c!l4i?ESXjsS&7V z*5n_Q@4z&eu!O2vFVb_J-1}^yaJ0Up6j#FsuyGx3?=X7-HPV!XrB;aZfHCl-rFftd zmO_Ms^^siMi_0t{$#Sgox5icLl&XW!svoL!Vtt-8#`9yF$Cix8|Ox z9Tt5sd1WmKIG4YW{a^Dak7j_v^DW{rc9Z`tdp&c2;fZd$ z454a%cVC5IIP#3XbDDsws+;84DYp}!8;(?`zuCo`f8TNpz2sf`?FBHYvW(v@Ml0g> z36z_a_;{2@=wCMaaI(JKsOBMm?R4Oh z!gTvklKFG^@pWqITqc&awdZSJp2O>j=$N`ct{LyCyWEuU(4`*YUKkgZaPTK-8hVCu z-J`Pix-2QC)A5&i;qUhF&ra7x*(?!Y_bfdsRf<}YAX)VuF8a6UU0sDRJOy$_1a7l6wn!xek(k#rBY>X8sP zISVqqMpN_-yE7=>W;H;D3^r;LN#Gh%n-PQH`VZ}WD70?HG6H;9jF?=uj zAM~dfxxlxymW>kGcmIo~t%MXg>><>pR^Qb{mP5#rBjLE6{g3X25S+)~@~hAh{LGl7 z#7I=l0l13PM8Gyhl=5XrBpqCA^_1&OhinzahcoWBEg{!{5U|NCWl6Wj28?R<#6%xT z;ScmJk9r6ctz!>U28bqzQ(~~gXI8|Ck_RQ3N0dl2hU9EysvRqu!_sCe-tJK>60%z~ zrU{57O?v^%b@G}FJ3X|UGJJO`!w)QgV!;rBtP9{aqDsf%$;i*#9o)H={isvGOXMj~ z@un%nv+vHYphK+ph^H*yJld-1qi`(v9?h->k{~=?t!HER(q420D?isX^HxD&c}&2X zgPS1}DlUJ^wYiv{OzB;S=>5ztEfS(t!)ETaB#2E^crh{y0X8~`c^=Wa$+Gb;WK|;u zC8DhPZ*uP1*LPua_DpS2pXGKw3c<2a-CCUt_;I{ES*?GZ%cy#$+)b~#m9HouC@et6 zQA{Xx654)0O-MNK+}i~u^i|YrZAy493gAW=M`Nm;u5h?HS`J%1$K!AP^i7L9_tkqn zBW@aOEU{759`CO!TI#qv?Y*`=vP?26U0LhSO|{E=#l81Pee9ZX0II*5fP;5!4C`oZ zvef>LVz+GXRIh}}V%JG9?Kxe2r1IG@RxTm#;PS+X z1cn2S+EwVHfDf{s2T_1y*pg{;1_~){xb(UYss?&fT5)V?VI)m$@gIx>69irBPfXeO z^U63i3+x_;cq3_H?Ik3fJMn-AzzZn+52|m>N-!yai4~JndSh1U#KYf1rE&NuSyZ&ffTbF;I#JB51U=SB z3YDYKjvbm*tOKk}wCa7?g!QHZm8BL&r|M0V!I zK9&Q^8o@AqHPAF4-DOE=+qZBK^hn#fZ~lO?D{8l-$4*pISWR|hB}gEy>U73!I~U8I}aR#rw{bFtTynlUO!g9bTTcXC ziG<~G*~Erh#3#+u?N4tVfs0<`x{}+^ zw0K3v=AT@-sdK%}+=iXmk&eHBd2tc0Jy?&n_gtl5-s043QnhEIR(7#K8S;@?iM(-q6!;J*`Pw|VC~#|AOUvxF*a_f(NO>LDU}^Pex>WN{YsT;w)-yqn1cZel5P$ORm9vCSr-yBBvSkHsK+7U{;`CwX(AUECFCFYyIY`WlTbJi_~4}d>q~1m0&|XtSLih za%*9EPz}uQ0++uGTcWP21O#m`YI?0s;5voUmWTVrU*=@{r|b+aP(G(>j@}O8hfP3p z$itRb49cQXp1czzK7C&q*z3h#z}{z1$CzDRsxNB-N^7T*f`a=*rxx8|)gM(#Vse#I z=owz#+|#|5N=;K4R0fAc(qNS>?o8)5D`4b zHP-8dmrb5W4QOl>y_kha4yDAH|Fm}=rdU`)fD3k_gSnk~`W7k(Z@H84-Iy^u4etDy zi0c~V@%jG5f-Ymw^PN)D^LXh9E<$&U!y9pECq2A3D2PyLV8ylKTKYm9Q{LG@2;uAK zU9!WU{HW~W>0^4Ou$CGn8Kq z`pj44)6yGK{qvZ;@ZfG5krj;IQ{M2lthRd!)(Jl6y0H|FDlAycwXSHte9$zwSCTnu7J-l6h!IV(3ZVJ&i=Z#TP_AT*p@u}BViD)As^TBbfR@3e#TrN}- zI3A}ex|#CU3=(+~9Jm*r5f5C9LyDu>UFbcOoQ?T#YmP)?YAw3Hsk|fktfjRKAcVAA z3E^HI4ixdtTd>-2ZtKGeD}}n?P4*asUlR6gZV38NNs65Zu%wGfK1#5&r0tZUP{A?*o(sdKdgg zmNIUII`%$qwy{RV)7ZkV5?X6jYbH$r?>ZhnmZ;7(jOY@Uz`Ku06?VR#dcz7hLKR}r zbS+3uPQJL3oSxqD2i0L)IhgNUM>Mt+>OVdHoiWVWUO{#jgH}OHmUm^`*_*P#qNE|% zLYJpODT4P~b>(*dhlGmKhuzZFB127{MM}C^w~rV}MKd$9M?Iu<$exaBpez=Bv||#O z?!ITgw{qveo<++alhxC5gFAQ_R??U71EIAZH?hyXq%dp(L17?xzox z@9-b6-9lnp{whZ+sWSlmNDh>+QspCIfe=ZFsJ{CYjDL8x7KSAT+Xx@DsP<1cH@q)B z>@VDR4Z`JchPqX{FB-}wgXtPFwWSW@?9j~_eTet|Ll(2D3@mE6Gb1vSAOq_%WSSqa zQLFIjU}pzgH!}`G{Apkv_l_fGaN!~2T@T1>-Bx05g?9gPbW1WKdVLe?o2+s>{eN3f zAc=QjhaRuS?I|5aJL%%c)})gMAF3V>2r!Ns46cO_u(_uqG{t){4MW(8jTst; zi3dikZ&p;r8nApy@ELBd%Ov;(GQJ2GLOe|Rcrx5iL`gFQg=&5-plkr9#VMX88R2q|z+eH1Kx=v;oJ{Y@Y1wZsI*n~u}6cI!AU zLFKhD@`sOnO|YS8FGT}@bEbPDo)io*yVAQruu-;_weccbU9k(1A&^9dv%e75%yk_D zHv;a!@FB?Nf>04xX&`u~LTyIX1^fq=z>%}Ilz4=q5VU{Qm)!~_&y zmTa1-l|wBLxbE6=?>WJq@89mJkny2}8#%l1>2(JatGWp1inJx2(%^hg_*&9rO>U9l z#?#2Y_-bKpG81*8zAo**M2VVSD)40_d#Z>NQH6FhBLpyG$jmqcd!XNW0E)&eTzi_S zdK?;{ERxDXpoC4SLtMdene7Yg?vSK$E<}l05PGy_wHr52|BT~CatgZ?b%R&LIuH?V zkKYY62?Xe9-+3wFxuHaoo%s*oQ>YRhin4bs<$;v%V6T&-wQm(=So&b39`&hP1{pGS zg?2?Y4`cKBz6DwwTHj580o;-V+{DhZUS^5H1vLFvuo%+)|?nl%?$Ey>@pHyI6jSJ!}M?PxxQvs50YzM@mhx;b7KoUdNN@XgC5| zQCUnzK4G@Pfy{Yn*D3wSlBRhB;=}K|e}r&prL~#EhTqf3;2*O(mI6zyWG8AWsY*RsB8tlgL{J)_hf0oJAq;qy{5#~c{X~1LbrCS%)MC!Wz z%#V!THvQ~PfGXm2#~#?n5CS<8_WX+@OGaM?X+g2nF4a?W9Uh@)-nfiUT0Ddy14c)H zIXoTJ}od8 zTRPXP^l0g*19)a0j@5(D5&YGOuZzy%4e=s?bbIpjZ&nv-elgrL=*8?&B80>7aXVcB z7k$CrWoL6D|5X%f&obr=afwifDP~9yxm7i!IDCuCUuG(tgQO%CO?(6?FEEZKCzI2b zNs4f7d1z+{DGVc$Jp<6Lh)|f43~-C}^f#)JYvHYLvnHGs6s40?PG7et+k^!XS#p%cC`ie=)?*^}gY6%xWZZ=?diHj?Mq2L=C0T4M)H7DW zwfS8gzso*O*`r@UdeipJkww6)68LIM<@75f%{J|@soZ-AmT#=~%mA^7^yR5n^Kfav+r6KX5?R6ha0=E;!PmH#0C_LE2{?**EO z!7;CT60e|x2ru5CJp~`u;=}Gqqma~+ZMW+fj63PRy`X#)VK+$jb?((?YZcG2>0oQB z$!a@KY#fvZFsCYwEvr|3D1|(B0m`fz5&e`sVx+2!9L}koYH6a@aCBL_EGC>eXL8ko z3T7PdD@2Ujb?kY*{J9{$co4ghZO(OAUm4)+Ni#iQSzhX!4JK(4idsYeS6_@U(j7{2 zH~%reMeU`I^JFF%0f=0qm#Z8wB3YsOumJ$s2e zfMCF-G+e9smZ$4kU;bgs8vEzxRne~?Tp0JB$BsT|f~HmwYBRwM6)*=ho~3MQqd`Hu z8Y_W*^w}~+q5r`EWLg6~;s(U@W%#k=T?slDS&r`4?rbkbt&>IF&>kUGADTYTX|+&X zw(mhRK0mvD%lxs_N^IGW_kMMB2RkOvGNFytP<1XwKA<4hQcrtLI7>VjD&H^`Yi389lvQPQG-X)*+IOre6@Njy*utl#0s{Oa~-cJnf!Fj}m^-_i{hZ~?q&xiAO zF>Cnb#GhXJW9Tkj>^=Fc#Z{gn+tEBBM~i-VLer9Q0gx}-+u~uhjCmc-$pJk^_c2x6 ztQOt6Zzk88dCl4&Wyp~U`+@8vJyr)51JcqAx7q>0*E@(vB_#{Ub>&dK9q`xtod`WV zrh1usG{uX}S5dAfcrtn?}*iI(R#x-FV}G!PTAnL(o?c~yABd5GL{cX*LQ=dJP#!Y#nmaz@F5-+b$7lhzRMtKk(VI}iIHKm z;*YS0?|Epsi>)=Edr!a57fjYZ)%slx{EIN5Y2JZu_$JBV8}`=~+ihHJ9KIZEshm6dSHe(lud)hajD-fK!9!Hao1ZO76T>gRx&9*2r6NNw5@iyj=}Mvl z;PC6?b4b{*YuLLT_|{%*^6qqVOGg-7gL-U0Axs;Xff$$eZ=DVZ%0A*yAA<1Y&mYrK zcmA-Q2>3YU?k7(tOW|Zk*H+Vbncx?5MmvFnW_wDHM~VO-rOI;(d*fsRKcgpY0n zJirQphzAYa^g9Z7O#Ue*wZTOACZqEJL4;-Ln!xs1(t2d|OA6a>Rux_9y zdKVH1%U(z63P=sdm$VUWIwy;)p%2(HSnQYe79?p}l_{08#Du$r$`!C`WJM}}v>yhV zsRVlF?U&Wvh)51C+DlzaoCmJPjm@d#CLyzI#i^W3ar{@Q6d@w0U$XeLzo7(g!3_D2 z`@Sc^v9#iblHhL(*+Xu-lI;~xwXwEkS{=Zq4-7Gtt;Rj|mG=anfue!!(FZ6R(VTLPlLT8mwdO*aVvD@@ z8B6CIyPCGWtzbb`R%-SuMQ*#_lyeX@rD5{NT3laCeP)ME zQ$8qUzF8Esp>6=(G0WTvwcs)ESOjX>jU&wDyA&}LhuDLYs(%KIe>?MVlcY~LXRg2Z zrW7|uX|o!obU)nLN3dH4G%S-?Uh3kw~<41pL@6A2D!AMxWA z2|{9E&(J!*TI-h&O_^>JRu#>zJYpM zZp(5rbMPh?tdC8C*C@(c)&MZVv-*@?eQ`8BO85B5R>%u-P>@n5bipTjqg6TVf+Flm zJY7oscaaVl1~V}NMwmh4UKH|1=4<5=0^GJvkk-TtOmB>FGgW!RY!vMgqKv_#Z#ALBt8Xl&Rv+&VI+uO!wO`mr zaZY8;Lr-uF^<`fd{Bk(U&4@ ze*%AmdqRh`1(ZQSnRq=49)#RYpbnwbPr18;o??`}10OZfwx#4BVM>clc9p8)mCPun zYv|Vqr1~Pa9!2qG%AoBEj!6d-{^=dZ0oCW~>sdY-n?MfATL^o&BN{R7cxfQ*O&Tq!s zKe!x0d?apt2(n;}-Km3*=g9erV2ZHqnWtd!N-Vp$hO+=vw+GnpSl+bAEtVDwW-|?b z3LU$w$J4;LVwA(0;Bbv()r4I#o6SW!kN?ik*)d?9^X258BowoMPuD(P-Sg34DCiEme9Rk4hY=##-L3g=HKjluQCg zC8+Po*XnFr?W>>uJ}?V>WnqYdZphT3gJ-&?{>VCMqYScY4R-w9Y4g!hjmFl1+0pYf z!4JkqAQQ_M7_A5Cc4hsvVQVU)+SPX|WAx6ib5M)ojU6h%rH2DcO&6d+*=!Z?yh`!G zmeVnVS*H0^v~wnNruL7&83XU+OnU$enm-&+<}4QwVm;xqV(-Yz0A^Kvb2g9o+__Mp zRt6|z|Dtqs&|&W5@$iPc1+)Ttt|Pr0xq}V=ID-|GI>@27vlI+ zz<<0DuK(Yjllg$y7|ZovrtH6O@CVY_>{n6Bl`-h=>pem;1`~Q?uAX}TCIkKg_kFzd zj_~hf#{ZlyL9t+#iq$k}1r0J*twfD2ZUB;5mV{aj^Y5?j@W$++)j8;Y@142yk9Xg} z1h}nGC9z3cwsAFc;EA{E3luPKY~0@dIZ)EPs0TN6&)wgv1RniuX@L9tb4(Kz&HG^F z0=Avc(G!c68svVzCNjLB(_oIvCW^QtKlQ)A#55*w$1F;UbGYblu*!g7hpVaDZMh4u ze~tl6u$40M<@cRGL;Z+$${2O0@H9B;&g;|FQX`?pe^!oL0kd;Ueoz8i)jVixsu-#D z7x)B9PS(;EsEs|Pe|~tCse@MQoV|DOtTyUSMc*ru?0Y=0a{C zU4wsrKe%NwK`^oN6&ySNesBLE41!;D{JO1w@GI~*@y|E^d!qj1j_iTE9XYqb@PBPz zf{e8}z+-dJ1zx?a|9cD-RDg?{{h(pR|GJ(gl6sAD@IRL=#1LFfL1o(GZ%_QUfd5~s zB`69kTkHth|M{5-VEqX-tVy}5SoG&`=>V@%9qFsn%ikjgO95A#cv1h~T#Ns>ryQgy z80w1R-xtPz-nV%jxEd^_Z2f<3Znwefy^Vk8e|{#P+1%W=&YJtd?zxc=2@tIwnE%G{vnDu`Fu@&&qxo)iMa%;d z7k^3+yf>N@nB{Z>9-lzI3GO$bS2ny&z<&<9f|%A=V+C6xo8TR9O>vTM(|&FKOcORZ z(>C|;^@%V98moC?tG>zo0n{Bq-ARE6sPUtLGSy0^vCwE;@vGRbcOSt5JN2;p>NCv! zj&{&X@DdnU?02xzjAe;fcl+oq0b-(c2Jmpl1c$%BBJOPFB6Q)=l$s7r2{q{SQJAd9 zffsTRM(OhDWte<4NsPO>t;a9FM*tk?YbWsU%%e$j*i5K-qWb67{KqVDCIZJ{15LFQ z_OSty*=TWEcGJvpGElNWx*LV_Q|`+c(TZ8;^#eHD7E78K0s0gFPBI=ZUzGpSAV-3;4Td_{Wa0=4@nCKkkFBOm zkkG|T=Y-Zmn&Y4H`eGrh5mJ?3EOhzfhCIR^pL*MDc-WNU+nE7+UM-dZIoVlbWZcCC zp>)bp{J;=w{m#P8ldZ26r^3&9t@k5Jk`}Ib`-aRAtp0Yxbw?XwvM0!+=Kc)~-mtPk z@Q8}$wgXNVBOM~20PF7rK${<;ZMJcjLRtZXk^FT`r?`wDy!?EQYsst)*x1eXrY8AC zPFvHjX5@U)$;oxR1T!SIER4(16L>a_pAcCVh%4HX8zGJdDE74I$G@nPr)acS&U*>fmF0H-JVty;!901JEP6XF9u;N-(b2hO z*CYPG9^t!Fo;oE+_S4+poX>@xl{qk;$cAib0jObtrK(!nBZS);;M^+&=u2f+di1k# ziC2rYi`7RC89R5xIE)m&S}8pH@i>YspZ5J* zCnp-0vg0NYhC?T!&K`2vq)1(~V${qKFj4$);o>CEC8g0u7I|B5S2xUq0Ulk5{jsR$ z?4aN{PV-Z*ip;^k9mzs1f7#lsxPA69@Anz=$EjSW2=-aOA6@Be5DwIN$?w`E0Z0ur z4n3h;2g(g=^CASq)*;1UxC8-6t!<#C$Hpu8Dd7$saGlj#e=;vVx&`0NKPx*F0QN>s zKMz@1NHBAoNLx4MhnF6zu%U}BvfG5wPhGS|MRf5Sg`N-&AJw=6q4s);mRj88s!LMT z&8W+7GS_)KB?39f`*wGekEZVk(Zv}sM|Sj54xideOZMC=VQf?F_<*y0;yRyVTZi$b z+7**GZMh%>7Z6S_hGsMT3SP|q^Pm8UBrc+^T(K+;HJ>xyY>%b0#J>5tT0c?Z7eFkv zn8St}NWxMjp8Vv2s1R1;O9YW9_^0{HN*DTUhBH6&P;DSgj!cKJ7G;tUQJ%5z2Ak=K zPp5y5uJd=0G?kFW2HrW+0$&{{)04RJ}D}c&?gkck%PTRL|j(VznxjbI2#3*ohIR zVk`3LvY94)Ovu6&NF+cTDoj)BZaip+^Kpd+D*fqq(%J8C&$KoGWja1yZ6DU$T{7Qc6GUI_co< zi;-S>|FwQ7i!ijO4|Iol93wcL^W~WRV)9^m?|`H9L%GE;XsY*F*&G9L%H!XkFJ^js zjjOWtP@2cVRJYepYUZ9Re=)tH$E>{HR_cJp2RFY%KDHs5ApurPO_AsQ$Bc0}fr=Q| zu;FKM*ZOb_Mda5f?(XP!b5~f@Oc>loxy6bX-p?4#Z_u95k4Zf=756rhsFyt4zX=`Z ziTk?3Erkkcmqs>@zz1ac6uUz=daEjeHp1`wEXF!;%zhbMSa>p$j8KqoPx^IlLRGBJ zpUJCCzd1pukEm_6br2fE!*U0&;k@W89m;xz_l8}NB`N6M?uTRaSn92HlmvPMW4NPC6 ztl;pr#9xyxJOrv6N6DHOKHi+TtHb`*Wa;Ve6jPvfEHy6Hf$N-RN<_d1cnKntMb4i< z9{6*9>2Qy#fr!oW82bDMJf<45D3oC3$*0K5e?;;F5!S(8oY|G;Kr&oWh6|3_CVE)} z{0DHjhGMCVH~Y{X!7XiQQYcn;Ve7pW(kl3+0>IPzkb$1^dMdIT6p8Ni%e!xOYnm{5 z0Y^-PARuWMcf|})(vvN76;6QdY+wo^jryd((E|tT`9pz}ef?$tZlEFCG?ryPM_G`) zCCXIUCugpXw^OclR+Bk&Li838u*LHDZG=jxIftvO{clbpdjgtuuzJY$%b#=MF=4oY z&SAQJ3=X^j4+aP6lR7@8_iyyh9z@wZ%ceX6u^ZRC>EfKEsl3k{mq@PgE>Y5Uvu`!2 z$ri!H5ridVrwOB0!>^y4Bqe?@l|W zsp^)3!_$;=*ksNt@6N2LBf$iH%2Ly?z-!#WSCr|el=Os?R#ZzW{yVVq$bR4yc`iK> zw_csV^HbovM?13R(JEv9xgwRjoYWMizA2EKIN9OE&BBCxRLYVXUma9h z&`h4s6uf{Z$}JwsUUq*RueIM7aB0%sjBWYp>vNdczAP0LPMMpfKlH+{SZXXzaS!MX zG(^v*q{C_k3$EUm^_+}C!M2QDclVh)vw|Jjk)?D&86GY9n-#}_=7bVlt0eMdcExBB z2^n6vC{a?Pl{Izy*O#K=EFvl}|6bvw9Uro{Ww}Yr_lS(vKX9f0=EW1iiJ3(X~jmVwcIusd`ac4f~>S z${ID4NSHZLg8SBzMCKiQ>b(`^8vQt7cTaL&T3&({xfdUox~NZH8CEdNMu+7FXD-YA zw7a*WEUoY4^A8RPDp8(M+kHLFh=wX$w{oQ!e(-J#EF%e~9RYt=&SCfB{TcPhe2JdnP5gfq-HG!k;&%z#k3+% zLY^0kAyp?>+l|sTP@imIgOPD{_M};u=)`1MPbj9^HgE-BJtG&6jBYl+Q9YMZGp zZ$-3p_{C$xjlAsjf&D?@9aS@-&^+TaKzcioMjW8 zhIf{|ISVwv_FgqSdp8uFyJ}S{AvASNo$PuU{+7Iaez8TH;ckOz_W8(ng7-x+=lNlx z&m=^5o{(re56He1Q%`l;Oc3}FH_1A^jzWatyr7==m%G9P8|DfjhSdhY=G z{pXB1S(4FB!pEasO3?iekmcaYlA{xgL&yut{21Kr2`UAT&Na>>+~h-NM-HWX!IjHX zcm1`q3(aR_1Q^QhS>0aJWSJvi+|X%jGc?hGeT_?eiD}#_d-g(vx|6xnC$hh1MTKj( z7FfXOC_wVrd~bMiER@H<#%UZ%}k@G2^9|~^eC@Ad}J&^F16Mb`~F*#V3S%?^GZstv@ZuMu}7ghN#M%f zr<%`R`A?c~n;e@`noxWwAYG%8BJpqYSJC@Si)JUVo7jRfC8ZWh$f$?VW%HZVR?>6p zFazXwFn8CLphB9><_xUu;eIy-B$8?nVRGGB@5i4U>m03CcqmZFe?Q1P@20)P|DbAo zTSAgUbcePXNOdo#OE2xq!hg?S%mOGq$y%T4w2ZN-y8$MlqhIc_ z$E4Ei)ddT;=zls_4I_zEzgJ#RKAOX%iNKBZPOq=K^J?^j`MK`{4 zkNiO95j_K*)ei1>l_Z`8jD0E@%_{YL?R))M1OL)U=oa+T+{Qf%C*te zkiIyMC6urFGTnVtt;~3gFx=t3!@DpXqDQZIBemJ1Drp`x>?hciZM!&)*<(AT>{wX9 zF}ET112b&hNw`vB+~j0q9N`4yVhDDe^&vpCG9hFJ%>`ZMt zEc&fC z;-^V@KOooqkoGtOR98NMt?T14t;%@QuA{#Wq6L~)6 zjYJ3eg?v`nD`#R0qFLKuep-<&$1A5OXPe&L9fK1YC(#+vufx!Z7822x6irS@_-T-Q z>44S6q`4zcpXad2!ZV=Ul*WZhCCleWuT2MgUg^TSYG!Ojnvng$XKIq86!7rJH~*jZ zzB;PPt$SAyQ9?mLLZrK4BPAWuA=2Gl64HVw4brs*>6T6r5Tx03N(q8&8fgRsxodyl z(F6X@Id|Oq*By79GsYPM@ZI}e?|Ro7||TfP+YQ#Q0{ zl7+nFPk0=psn)u6sQyf0AthrLH6V(XWw6}O%U_P44yKzm(QS`5*ZgK37Qr9xsE7X% z^9-eprMb)k#}H1bh-$>Yudo6ygVJiH)YWP7DT-uxxw&}ld~+m?3f%JYdYLKc9@=r$ zm2j!xMQK^BB&^`o#pcyX`p=KdHrDa2vzrdl*$R`dd{rW9k7gJ(S`cVoCNv4llQZkQ z+1CKCc$9Txs=Ae@a^VD7jVW!n+p>59Hoh>^{QKnBWN~sX>4?OB&Nijka z40Xgj3oa;M%FCjlIN1^yyf-wZ1jLF5RKFUL3BE5SB_bR)k?f_T|h>OG^|tSPS8LXov$YD;d2jdnZvY4XlmMs@A%5El_03hE>^rXEj8WV2fGy zO%~y5(L#jg9TQ`n=zsw|n!Q#flkhw_FTdEg23eM@qe0Fs_I;`={>MeSBzm4g#)SCCszM?c{u@zgwi|C`lSH z*_|hco21+dsn(5`V2$n1bHra+ydOi(7q!M#fLkW*(x&`8QVhdMSq0hVEj9#6g;y7D z+`%Q0GA9_zK#l2cuDZj`b5A9j%vHiPLzqNod;0V9U@|&VfNqqU=N9Jk!8|gOZ zP0_)VMR`lpH`2QUE%A%4VMbhgQrUNZ%NK9pK5m!e``)HS&-Md}Jw$8l#dYzcDCh7= zw!1wZOxsaWxF{Wjk0N@AB|`}BM)Y8WZ1?WnwFr+YhiTrAf7rz_9Z?y6xlphDaUc`) z002ZJ7AOM*`Kt4xq3KXA^0C0Z|e2pwJ|L3AcW&V~ZkR_YzTE}4Rn%trO<&6Ppq;)cYw2lt5* ztEfM?cpIUMJTL#j(;CG8Fm`spb$>1JN~VTgOn6I>DKW#!dct%#d2X7p_ioF9%_hi# zq)bqV*j!O%5GIj0A$ngydX(8z9tqz5*A3ZMp2_Lv6neLq4c^IBhA%&uxJt=`-+MXv zK?YC!EteU~e&=f;y_e=5cO%DOQ;2re?6}9WV@6osAT}@M#8(&&(o;rauUHqkneTd; zsCGR`)_O*^v4i6!qwh7Q&+L4(6dh$ZNsK3Y?B?Q8ok$>ehjiAjAKY9^SD`0`dJ90i zqrc2B)igC%P%L)Dej0S>qkf8Ss2;f%ag~H;J8w=&GbJOsZz>r*SXuo5Tm8%IL$0wG zE&_sFVEoKwrm%< z*nmDFSLC8p7-i;SVxQ{>=rjH>Kvi_QxMFf&lQ-d~d(I>$y zJx!;8I3heX1}7Ht`!859a5`iM*RI}tv$)?fQGP<5_F)P?@f1r8>i1TIBjlrKsqip3 z`}% z6OerR>48+R!U6>q8*^i0vHjGN4=`Z;#2bauh|L1`_!11uSlF&^5ibgNt1C<#PX{IE0rY#u=zwa$qBw8 zqFLU{mWj#164kjCxcoL;vo-xzpR_D7QA)&YIA&ln&3HHSblJ%`kDe>Hc}c2=`&UYm zAM7!~qob=dy#hm@zpz{=;G_wFNMLdpe@xsrm^N~@+N?AYROE@84Ah>oNSSnt+-+y+ zzIwX*;AZW*cf+`JHFcx3K>UW07Zga35>7Phq{7-Aj-*OM*dJy{VtBOI4CWJ2ZhE~= zeqx{ZNY4}F>&Hf^ntM7wxd2)eP-`r4~e923|@*DDVdei&E4 z(*LwIOS)JUZJhwadO1pl__v}OI2<&|S=Y6P&=0s=Zr35eiMU$lc1;>Z#Ur1)0}|G@ zOb&IgA{1H310i~0f|y5Fj4x;!a8#+`x0FI5 zpyyyal9$RXFU2G>M&^LHGCEDy;E)7SHyf4F+!^f_%lwuUl>&%upIXw`XTRcewc{7I zYuHyq;t~s3zCX`~){m)vXFCNPEo1l}?nWQ9U<%b6|CpBIp=D8@Oth~yx0euynET*N z3riac-8n?Rfxsg7If*SYOavx)aB?%AZ@#T%nsz_}UL zte%4MBvs>iFvQ&!BXda8ts&FtV`T8L=4v1tC+&PV|8t7yR%TMxH?(FrN44G=KXe#$ z*!D&5+pWOYi81eXzq}DwxCzU5TetFlG?;XYc%A3T3&*#r^jSw&Id~RE`>1tMTVf-6 zJ?rDH&QMq3>qD$p2fZnfCE4rl$7BnEd6d z?Xu6*`C3bFQp)#O=Bd0WIq3N8XzJ;;Ks3!8B&U;0lC&b=7&&|u6ex)Mr%Kto(-(R5 z18I_<9!$igkC$V)sJ_3B5UP`CA-ui86R%F9@T#O(y_#vM!$ztt64tta4cS5pgJ}+Q zUtz4fBiR1!6~`4uPB@wZr8ksU_KGf0m7BP#u|*JuQl4V@O$79sFcS0<2;S86Th=Nv;vwcAj@V!s?6utz%>3 z)?@mLgFSyvC4+fXHtgOE4fdd(M9N`tKsscOQY%&Z3QOPG)FLH2?;WQN;65=Fr;!LE zKrww5;4lT{Fo%e@jXS@eBoB;y7Z>v;LkZ~vNjn7;^~0)F3vt$>DMnZ*dwB~M2_;|s ztLJmPlcQL1=`!rttr|iVmw6&?#7|?v9`N^oKq_T7hfgFU)Y{JX-n>UB!M&QRa*$C;!Vr&jf2fi+-rdlIxo=`bTEq427I~f<7JD_xN0e*_S0|Qg zj=nxwJ03slI8X9-5k@P-5GUfHT%8t50(z3KEiWZ4>b)uN#MN9z!#_9qIj}AuS8bYegkN7od@Ddwa*y~Ev7)HpP?52qATi9BHu$Q zg1k{OaZembc~8gz{D zlKb8qi!!D<{TMqtG5(QcUU6Sm*y;Ku93j-9$OV4yAy>2ygVjqT$-=Ds%@i&>B=}<}ic)9ut-a@H8mg2xi5KLMW zyb%>vZZ4{~JGCkRl`O;_Cy89P;U@h^4E2+XX+%sq{*+mz-6a2bH`+a+BhUJXx7R9q z@^~95--@b~dyR-!FOqcS%EVh<r)Jj`1SQjwr^ThHqg|3gu-h2_i$vv*>rk7a16T4wI*ZK`pjh!MsW z-=m#ptd-F)U5{IB3sQvB&7dg8m3M&*%}b>~h?81C$$|MY9i|EIEArfwk-+4gEh&?L z*naWFLVH8}eJTs3iMSRMAT5SJ`?cf++r#cOcX3m?EMJy>h3A`})ZZmW64)Qo^{1@J z#Zs#%_$|HBKeY-Fk=+0>POhw~$7)=O7xhv1kdzZy)g)kJW0>lW&?y57?pT!RaEYOj zt*fkVmuF2PHsapJLHYEAz@9`#oiHKAvD1C`^|(guJ0r>$S=&~T{E-oR2Br#EIv{a@ zJy2$B=etX$J=`@*ZPL`ceXDQTZ?259-cVN>i*M$*6Kmctj;F0hj@y0vk;K&<&Df(% zKN5Qh(MFxy?w=MX@`-ezJ2ruN<&|V&P1|XmnNrWX1RjmC9Xt|PoQQqh%;q82(ba-l zdMhlwV@;7NC6J#XSSqTvzIs=*U^aTe#_cU!x*It$nXdZrK17!0+s;GSF7_jsv&pi? zjU8vtXcKc&3PqLK=sF1dG~b)_%{vUx+)Qq#a48$)5CU!9^cbrp|5xAWeebehD-5#l zVUyz>S2_|dxUZqIq=#4Vt`M_C)NAvy5ppQ8GS}>Ff6eJZ+2H>YsrWD<1ws@p|mPwBIrCl8~I=0}e8aw{n#vCE7FZ`t> zIvm;q7Ap$*Uu0oeL+-b{B@hd|0bQ%(p?9Jo7%&`3{IGWX*6K9UPTS%-j$|GRB_AQ) zYCLcC@ZU!>@V{v$ly|`8H7r}ae`ZjSYD7{?TmcDeAWV>E~C57^(dZeDL8U{>Kn1tj(mkM~F@iHA~_N4d2K&;TEJZQw*MgCy8e> zN{6K+nqu+%g&0pN`Rj`X%4vOepNd0AeCxsnaJg@pn-h!D$n0Ry-qiJ}zqcnflKl3j z`9f6Rr`NW>*K&X?uN*pG8v}yev9*BYOYjK%%p5ju=b4U2d8@fPlXq${HtH)sIYKbV}*IF9!A7$=46+8^Hv}A7W zGP$?o7fJF>4lbfW2OKXaK&;)bX$t&0hx?Y{k?o191XQT0HHCV#u3070Xz0s36f)iq z?(2w7+HS83FDqUofr?{rJva}CL=gp$RAJ|emwzITmUYR*SogE9Liu(80oy}d>*+ET z-A&V16`Idf*~_T=0UkxOe`0`gzsK$(hFyz=EgQaH;qf1A8#8WD83#jrFrHdDTvg`X zp_+HMwe>!3;#;J8bu;9+S(hnWcU9EQ++f$#Sn4g5SOBB*RmZYLNLU?6r}pKl(Hu{i z(9muN5E$ta>-UZhP@WbAWM3qaH3sbVW*CtI{s2$QHh~Nz$Ulq|mQWy20JPdu?F9nE zsoxF#YQBg{8>^!CXEtTsP6WE&+=RVEnujK*OWyBRdc42pPR(?^ds>-#a*|XI5KFGZ z)?cISBx^5=fk^k4W5jn!b#YwHJDB1?w^KGD%)0y!g zREkNv+NPAH=w>Nx(hL{$zCoP&U^ZD{%kWLEzT}WQ0yZ(U*Pd5cHNAclUtQM1Kl%_|IYg#}Z4E z!J>=D8ECnkcnOJJ-3&n9#{u9L=(#_^-sZSmV0Zh^;o$&o{6lg!r?b;47!5e8=FNtBRX)BE|tUt-|pc81Sc5~z^;sK?GOnam#Yz*F8<{jo;97d zo2JZha-3{9Z#oHOJ)H$d)AQqFiU4gG@WEY;t2ED=o?k`Jqb4UrxfKKxH)zl6L0;y4 z^RqvT8HU!)0EP-dkfVOsE(DP}9r{pP&0W91Sps$Y1&26oZy14AMwjpvdND zf)FaUm%uw*fouHP9(9F9*dSn{eY*x{GjWa;v@KaRY1&-qrMxh-XlmI!IMBCEdCj!j zxRxmY%tQOZ&tN9)DpLQ`bohjQC06ueQ+NdV565F zq7)_Fe`4i5;e^dSmh;O$XOauM1qfxU>A9PtMF#%tAjtRBkc4WU50-G3=|G19Whl|@L>r`VO1Wy1DuF*-INKu94-wAAg_MVX ze!#bj9^An3;7!p#5#-~c0h)fpTn*}OfEPAlxrC_x z)7}0*ACfYSc}07^YA8OdH_+b(3$@&NWr!09q>ZYo6K{m@?~f=W>dVOvajI%iUMI8U zC^TT@OF(pE@eAlqtpEy_#ih+?nYx7Cza%OCToyln@-_2C#YuDryep~hi-Z~Ifccj8 z=HPU}_M|81Ft`io>KzV1^6#tX?DrYaLt1$fM?SL)4qwWBKxtOZ@;l%-Kg!{5pjSZb zL!hT1^cfZ@*n0N9g!8df>w|3d2ttlNEaJySEW^*+|7V5yZev?m`cd*O_9nRk(%w|S zv?zC@>m|^6J6qHH_6}tCJlk&9v9!5>REzi7_t{i-V~M*DY`$3Qf1d<>K(GD7cy5tX z+@zJkRf=Q^8Ia0J5OM(f)Y+%ohg}V17t3|yR~P^5k#)>GM|@9d`=msf(;Nw zANT9QAf0MvgTxVv$E;OtqnUgsdC~GdLS|DC5Ji`Or&`EmY~0IcZ3`n^J=-twdHQv_ z*7OW=8k7v0S7rbqz24Sy{Mb5J{BMYj^G})9i?ng0hwZ%&=+H!fzKeHH4{AwKmK%>p zOVmUuqoBqJx_@oE+HC#<1OYVQBYk8?C~^!Eubx1Iob;OAyOkWFv!i~-^r&00nnHe^ ztq7L zF#wqQCm!RCX&bj=3PlC}0Q1*CA#V_D@TkU^{)AEg2ulT8-aD*+chU=BC{((Uht43Nk%`L~2?qd4Dd zq^$$i9vx~FK%v4NE1TLzE(dr3SnSl|hdtjV`?p9lE^Ra<2PDhgI~t7e9*OkTMGyny z1l-wSQ}zEWFBUL3zCR#_+2#zTt8YZF8)ZCsz3F8RD2sW(Bd^s>U+nHUKPX|otCK+A z_yH4*SgaoCL7BpTzvYjRomOx2`c^j!hqKov)J!8poo8(-dL7X#==ub|ub(6aQ_IF9 znzL#(@TL&*%7FBiVbOidC4Qr3HbuGgHFdQ&;^QZnNTS++z!WU!Q_$rw4U{1?KO@N8 zfx=u{){T&&R&u~U$l1m5M!$In`C1Uj+NE*D~erdn{_CPDXi%-j~LB^Y^4A4kF z1>o|9Y{Q%MBth1CqA%OaaWxjwdG}Yhk&;4L-UTg+m!i#Gxyh5J;~wS$ zbSj>V1m1rL+Qep{_eud_jC*JO+zopvxp{VAzpVA9y}^DCWDU?#_{_{Og7EV-p!khY z78H34IcQP+@Z5~hCQ}Sb-$n>1(!0HGC~ne1a?iQ%-;S4=%meLB7*~#a8am@~0uKQN zE3YZ6LiM%a)8lJGhawa=5E9!QEsEYdF^KUeLx{%%cQu%ix6LK$L?(E zUedh9*geN|E78#Fj3f03<5uYSgU^9Ay=PO6r`qr$T0e^UEw@w|YBmHVj`zATX(qF# zphz0&$>(eJ@n(QTyzgZk@~$7O=?Xh41F7xOH$c}ZWnlt(u|Zwi=4cy$Ctx|M1(L1) zwKTIo4r;nju)6#RnI1_6Oj%YZlYz4qQt@5>g6 zW)D%0JcUAe|K5ZNuK12M7zdP!Q2*EtR`kjU6T?Dro0^(YlMq?#d!1CFO;!gsN{*az zz=uujwe?}8bK!Q5@bqchfjP~HI06acl4F)tQpB8|#Z<6bL&|d4FjDJw} z`nqH-97v=vPxY}Bh&UJY472N6YDpA*rhfh?7-oVhZd44S+(Qittn2yWrWBa))=4{4 zR})L9)c7={5ScuqM{x>D9YZS3_99Rs>T`Kl9tLSJ3VTOhk0sz!IKQc$i!Xc~@GW!= zP@)i|NGlMadjPU90sl4?V33a#2=L&rs%77?7M4J|UU zRRyFPfIw%>6cilu&5gTntLtn7-4WO62LnNQkG@WV<})6}!0)N(pJ zD@GygYC<*sFWiksHv&J-E-S}t1~bRiNkp2V+~#oGX#yJ80!X?#D78_oA&k}AlPuO2 zfBOUmm#$9oxb?~yP2kiUW(zj=onX##oGT8#2K>efdnQUa>2*OE%w zV}#uiH-bSuIv0D>vU9qdB{s1nh8NX788AkHX-f|vtfPR8FuObfy&Jbijz)3? zVubrdt`Q^m)d8le=?7D1yFzC;q~5FPRXtqKk!e5+t}Tg_3XNG$EYUY$R%!^8FO2a^%({A7F(Dx_M4r-E z?P*3pW)#*_@07ya)0wYA1KFY>K;mM`IyhMpIzzmT-Mj$gm&}yxlyA(%j_Q?ZXZu8} zK@4J-`I3u5FSj-Ul0dy zRj>W!V+5FZceSSa&I>?i6 zV<$j6R3e_-WAgXWq?8|qR6&d3Q#%uZG7uuH%`$RWLKLAq0F?mgd1y!a?cQAWPA?ro z9Uj!6hdQ)IXUB%i9*-ffy=|Z-swGL>jg6ZCe(*a%9n9#r8vl7`!gdF#D2cs=%oDD= zeKzYP1kWPW6FCFB7xlFgso=;KKo^}t1O)G!$-R|}?eU=9+o!MsePY?Q>K?6*o(3B# zw%vLB#=}6N6GIa->0$)o8R=ouHJGvH{dKTUXLiBcrNmSiMmY+>tAn?n9Y&mugRlr{ z7E6?WiTn+OC$>&2I?Y2LbZK|P2K+F1%Dw^9K&ZE*eyd+XqytR3hR+Z9ViK)VB<+bW z;lqPjA0NCdKvo)vvRH4148&n|70G&EFle@G5uCzzPLUMV9C^VnebP}x}#ZYAcCh#1N)YP^@-f6 z*7ax@A&WiV7TIjnKjG(5_`i4IS|}o@G3?G z$EbaH*A}+Y4XxLkZC#lX@lDlU`hA^f^br}tV=mv<&4u{vXX>W~futA0=ma16q#?-J z4iAg$pIQUjoStNw^K0h9rh;qnLYU|ZM=R#c_nB|rpn*?{Z04>LkOTp({_#MW*qs>$ zWUtyEnJrM!C>1~62OVGEBgJlZVFwN9fNn3sb&w#rNsgs=N3rQeFn!cZi)++dPCzDU z$u~}1q0fMCA_#}A!@sRca4#LR&C`zIDDb-j$iQSgfD`Ei^@3@^sjoMr;S2Gm z0i+i+y{plm`Qa#}(IChT0YYfnBJ(98NCpBJoPsH?Gwy!uh>(`8){h43E5)I&oR~$f zaTzi9BV0r5obQMb4gqaRSQ=%$m%J={pzD60A+_ohv`0iL5$>>&E`t-9-Y#xNIo&_3 zjxb+gqFHva3J}(-Bi^y;cfw_J)N&b>08|{(v%?Nbjpo)@J^hcp;1B4<oXjxxi8OAu23m-TY~!QyZ|n(%wc;V_>izFGQR^&vST z*tc)ajJZ1fMf}Nxyd|EW)?mz0W|?3w!POEBDkm_;J7Kd`)Djg7eF0%0Y5?9tyml48)xGk zg1~UZ>ofdzgekPkqFMnCo5a%FzJ9wMUaaUfk7MsSHRWhewfriaJw=Apl=p5GAgfSC zo1;{so*~-XJo~XJr;_o*)cXJ%#z5&#`eQ4w`}m`*Q|RBv_r|QHqOfN?8 zBLrc>{K3FPv1RixV602h^vV9sK{!}32G#Pc{uS7Fgj$J$%(uevkhr=v1MLD?wJL*f z1h!jo05BF}s}Gp#S9w>&$8J#44!%M}t(1)W$#A?3O>u`NlXSM35z(%Od-Y7|+OMbw z^DsB})BA8`tLotE-wz(A;dqKKdtTMj_zV`8d=VhXxK{l5g(~wp*)I+_9MNZuCqNYS z4lCz0V0fSve_fPy{>dtp4UCY@CN0g2a1*f*$uDtkP3b?vSc_Va=!$oZ96iS(W`KlR z=}KRL>Sv+)_YpjhqtpX!_Inv7B!3qXBSPggOmM^FXBM~q-h%+GR#tG4hY|!dhMqsO z{>s$;XTc6!1H>^;g)6WB%gz{q~_XZ^!f!la0m za(R#f*P;ScD+E20Sasi3_QqA({d@r7?^owB3jjaYX;oFg&p#q&en1Pn(4vhyj5)$S z$Usb1LPU{&Tihq40{7=KFnIXik6JyvVN-K{0sVS8zFg=%fZA#mD0!y+pWhTg|A9BH z@%Hf?*aePzIQsW;AIkoEmnhQDgfb45Lxl1U5xih1`770`=hxmZDmURb$T^Cs??Ht{ zDH{RgzU;3y+6((NX~2g6^F0MS=C^%xO|FqEmro4&}^kVO;o*K8|E@w6Y)#1Z% z+N(Rn{Q#XBc-fy`IcKlTEA&^gnkKbrC|eevRqq6mEut{vFz-u7X!%*^F#oy+ylcRa z2pFr{Kc^`8I^ZCxLcl}U*-Vr>yz!;|l`f^pxx|oiX6r+eLpb zz%wbV@c#6bzNn0VHIq>xRq!cbu>@Hn3U+h)meG48bj^Hk2ai>u@`f+kU3mA3eVrRKTi% zVx%09Tn5Qul8<-X9e;Yov<)Og6%3s9+HAgbka&i@1N3E12kR5IC6)UZzIhDrpISb} z*AxMizGREALQt|JvMK$5NcB>9$JZI4|B4)FDlWZ2Z^iV5f~->N9^ki|uZMO`!>d74 z%CE^_zqLioVcfhfjY}YOS&tTnG0_&Bpv6tqv@EH|=F{%CnzffaO8Hd@26g{4q6GJV zk3Cy8!wvnXkq1vXaME@Q&u`7lz)20y_mx?p?THxxj!;}NsQ?k=49KlSc7|b0t?oa@ z=i9|9Y-0vQx=%J*Qy-lGJp~^f!bIo^u|4{^cR?Tzw&Tov>j|_<;b(JKtk|u`m_#AU zIdXH{l;|gwX;x|?KcB{;?vgK|8BxcqLcMW7W8r+no9d5K$GK7oCC)G--9@7Y~K3Ctq zd{sjJ^MtzmA&56)G@i9_TYMVHSKjSTiFsSb^=pC&Zd`8WIH9isGL6b^Ck~u<%**6{ z-UE@1Aix4ocV%dhOWC)vYtz%}PoKla?0DUb7@Apx) z^Aq~ZNB{R*h0zi7TdG_b{SSBh|9nV^5Z)wCg(59*3I!zqE>l=6pz|v(Yrg|3ajO>U z3qT9TVE>5VWZF^5YC>srdqut`QZ8gF7g~e*>nR4KKmiPRUL6e&vV|RhO9p z$Mrt$h81~-5TLi70)kRxze6{mtV!xR?ND~wjLw=x!}s;Av6s!pCZbjV@+D~=;)(5K zIip(F7(pNLU#}7X>ejk5C$$X_N3TKc5s|=C7IXaayN?ZaKv+r7p{-c9?6v3D z+F2kEZ{Cx5OY+v#;pE5n)j+}8oSafYJSeCo82bS(RVc;1=oPpkf`<=L@%9GAbqG4G zEZ^~R=Il;BXN^XMX{gH!{ z-TpH~QlZvq$?UZ&C~>Mctf~T<>v6y+l}t31+BuG`S|m9*sqbU`w{aNTS%iLq4J$5BXvOw*LK$RPTbqoKik*u5wK#(qV`;=LXI0mT^Tkx-XiHRJrb-T&Mwf4K-y zT6xmmbvPE$3Ck7SN7UI139fttRA(c=VL8dtAk^3a3FLhtiFvSMjF;>GFG}rVTfHdT0kZwAAzl?U+t#VfEh@e|(j0TdagZK~-@B=+`{Sh9iq2 zDjSZJ)?Q`86H9{MYGp7!gCYQ3f?%jvB24&)&U7JD?l)(`2cNUzb`SIv#1v>=od6jv ztInokF-(D2RIwZGi3OrtIpi%C>xlHX(K|VS&u_MKW)~RMiNOS_pTx8eI7vBKJVA!W zLXKc9UyY$yk{?-4SN?tJ+YjAF$FLfpW^DT~Juxe`)V!?3C#1TImIl zApOdb;~?^Q4=Q{+j|i>Yx~LPpPQH-lLJGG>>;3M$gf~E<0vAW#bfDX?yj!Mth4X>I z4-=Ge9O3Mf4-$QkA6{Dp@18FP=y{n9NSlI|hkTXb*x7^d?a40>+na9EouN`a++d zs6<#Ha)Ty0%w=dgbPt^9t}VFb4xSwCb_vS`jjqnGR}y={$Pe!UI=lD)zU8zRI|Z4^ zV1Ihyu62*gx|`Z>1E3d)KVnY3h_$I-v&enzvZ^u1KmE7)qNXfd4f1)kA}b>6@Un1C zwP2oBOz*81^vXZ-W|?i`Xmwp35kzeb`f_M&ESmjJjQa#7>GCvh{mS)CVzZ? zP_@u=1!Tm9c5>oR5?QahgH$OhsyOO8_13O0rq}0&&8MticA&L#3*S`~fMgI*0p6_* zZEM|mNm&+^Tpu5>CA^qV#XyayeW(adDJ&xD(8D?Mlw4TX;y3Hlw*cWT0v@VsI$ZAI zaQ)frQJ?F3%;b&DOP5IANQ;Z80O&_Y#|}3F8BmFB7$eVhH0~s1YBscqKwg21DHJoq zfhsa=<|MJSmKwWWatVNSWU?%Al~Qf+iR{7t$y`02p>sFvB?7plFP0?`qWHU2)G5^UqGsqnQI z`6K4$V7^YxrdtQ!4A|e79wb2}DQ|Tj->RDzwF+N)**?Mii&H)EE|Qmgi2e08^-vd} z@!2&x)IGJF!F%cFrX6TVM z2oPU1*^%MRO@~OmwpJ`_xH}(lui|cbGC2)6%|%p z5o#4X7z%NM7T;sOa%l@&WQ8DZ?(xi_BS@P_@=_xKZRqY;xa2EGBiovCzSRlr>gfma zuqShg&Z1#U2n+x}ayEk!6x8cafpdByz|caj!_lg6IO}*RlFQhMj}5# zacW@oKKC%XP%3yRlr=7`@TlCP5N$qWL*`L`V}Ln9@%QB2WRh>|PZy^fcRwt?FRopB zb<~S`^P`V>jw+A^_8!TB5GrZ1I02ul0EI2A5qhIupK_78HhC65n@VMcP!eoNVKuv~ zcA6*r?9yc<Dua4WeV(0px5%dBek#m_ti$VB>D7>QH#?LZ;t$~X?nA3F{_tXs7YUy*rd59Q=n1; zP5-wR?Gwoyr`;8D6DSH* zYvs^rH<$)i_82(6I#7d27rj5~wXeoEon1@ii;j*Wzn+mS@r4-I-K90_rEjHWP;YyVL&69~%sNoF2U8Nqj(ypqP zQ>s;O!5~3^gqQcb(db%sWQ){}BSMWH7NE-;oi!tG|FHyAEBYR4)H=e+HlgV|Hg*s4 z?TF)#C(_n|oO%CO^A*G1;%E%{1l^~L9I4WI!(Sl@67x_EifhHlOIa}r1)n;{OWw|h z94?sO(_$Pgx1A(g>fBG>iROHSC@EKPYPw{Nk2mfx}6vm>NOk#7#RQFfY?->E$=5m5FeI%&^(noLR7aJv?XFU28R?* zIXi8Nb?dmI2^S4GY6=^>SlbbZv`YGyCa;yX@`_B&YStIV;&1(K*G7wHP0Nf&ewlDu0|nOnxERtA++4k6d2-g-;WEePviXfB zUC}ySA;}`ZcPfgSI$Cd4du>=dz?(*6O*#;}WU73L5>g{Redr;M%@|%o7xvA!|~V)W6$-(De)iQ8<`AAkXTp z>_0{=*v&i>0^xs^7M@%z_offPb3u87Z ziB_6-IKN9`q%2eZ)!vVMUG7y=y*7KyRl*k)^I)QdHtII-ilqAEJ}Gb%mvP5G15me* zp&Yp7XtYQ2b&Z<&(X*sK= zymGk>H4=iadJV6^*U^R!qy7+-` z>%!*KO;3FQx+q63nEV0QnTy4W^=%Rc`2lFQU+C=Q%;iM?EU7HvF7^JkmJ<-z0R@PN zI2TA$m`D6t_WS@>+-%4Rb~R=%tcZ$x7_Kp)UgRR^e^Q|1eFR4UePSw2QHI|f6hr=I zxdb(hoQ?a`zv!RZTA=3*Zg8Qb?N~rQM6@mOCEe&d>a<*)fH85#NLMa}Cp!;GBi^1h zx+eY(Fy66IOaKN}r--aq?eC)CywaKUtuiw813PV16z*zsc&zfqdPRTVorG4ZF7Ilo zlx+~5^H5qTK9=T+NjN0z1{%Sdd@cYbZ^qsWu)H6t?dfS3q!a}Y$|7zQCq#6|Gk>36 z5_ARFkc0@tX}uf;UOB8V1yJ}9KPq8qWr~UiH$|kC5s(*bQ7Y3TfPI>#v4yX6Nj*w0 z^n%^V8R;@gh+|a$0eGF=0Ta*U4^qIkk2-^GHVyD1aF07ebAC9E)M~saG&)B&G%L*H z`wFD}F)BEj1iI)sj~ZZ+yRBI~s8W-Xa+-a9G~D+A%)0xN*ET5i={9)m1H<3mWBY*` zQ@%av-0jfEyOhin-qjD1CXFDbqRy=a<3v_UfiRb zdVUHH0G6KP@xyM>0S7X8r^)V%&|r6PhRlf8(D6ClxAi~EOGeHpN^Os^%K9LuerRY7PKE8rFZt(P`h=rA$l9C&0wJ0!u4h; zJ?{YGe8%*aP$hB4I6Cown@XS_kljS1BG`W5v6-7*OMJB&?~{@Xi;{U^p8$wsCrXk; z+Mj7y8jT08tV8veZq>KzR$}f4x$^k>%l$^Ngk}`l>YqReXG$;O^1(_Sy1*Ze@Om4r zyXAuDtgCVL_Y}EeaxtEVXc@i}9eOR&oev!wE72GFr0&@8zAiOgp`i+pi6L-UFAVZ$ znEh4Xs8PpA9bF+k6vo4@az%uwgd_=lHEUdxtnrTVH{$jvNOP@ozw&Y&dc+qjR3?6C z^Xkcf4u)!$jj)8=DT-tiIRr@q-J5+~7-sAP25)K(w4wgxgt{y=WJlW(KGQR{-Gu6~ zlZ?Z0F`fWmt(w{W)atbGUO|~MLj;Ow{t;MU@ZgPN3-}tLlC7lgUq<=JG~xy+C>(?R z)?X1joF>X(u`_)|bR3JOnj>h5$$eP7knI(&TH+KhZeAKoRfA9%)*|-@C`zs~`Q~i^ zw0qN#VtON(#SvS&VZ2zsYi(Z~U$b3lGrk$rGU7yov0!mPyXND4)Beh1cJ!xK?l94E zC_nWYGt4NeTEQrBUEO8QAAiv;QAe@b8CX|!*N1=`M3cw#H4U&1cz1&Nk(B(y)n&*Q z0&)blkYIJo^iw1GTaOM00tHnV78*fwgtq4zfS~q2kM^j+g>WjH@oRclx@=7HSL#|k zdLIoH0MTqQP#v3u>hvcs&I8;$zm^b(<3`m-5~m*a{Xxz5F>&`Mh70xR{Soe@mjom( zUaV~xOlg<(vWnrE#qG1$Ruz8kq69h05-p(!BKf3pw!FJDyWr$kHP%C84}~8q{q6LA z*3~{aJg$A#?YZ%ih@0jT9qZc|>Jc`BP=1z|OB?Pp-)T`gt&%40rMw>4iK!>wTyv7> zUiJuL9xA&RjkCC$)|wz|-i*wgIXVnY-xoe~|ysGmF` zGz#fS%sS0ts%W)LRfUNt@DVDt$8m}UhYyVoTGdADc0*21ipR=S#+|=|-Wq8tWsWv_ z?eTJaMDUgSA;Nnvb48Je$#x>w;^iO9tF-j$PJ+*mo^HaIgk}m@I^!=m@1HweE~=zO z7?>%b-cv9zM89r^cW`ot_`fct^a(ODhjzz=@}J&V?s?P6CzuWP-pi=JUcA?_66r2~ z=nEA*8 zKQ$9gYFOiDNj|5uC!o1$2CaYR`X39e2?>wR=V6>sG2Ry2jh_n>xB%Z;JglCcs?r10 zFinHOj0Y8Ms1|OX#g1Dc4{tblj2FXazp$@B_T)stQrQk5i z4+ogQssGa(g0{w<03uKz1itd4Wt|} zJ#RKq&kW2+cFay2uMxrUZH5V4#yHYWCVkR7TG`q7-eeh zkn-P-(&_RCxh0&u?-xGy>nVkw2@8R>=)EYT_;X@^ztFeuDl*4w#k8+~o!|mPKfQk4 z>=?=@Kz;6OFFet|6YCreate a GitHub Application. -*Note:* A *separate* application must be setup for GitHub build, independent of the one used for [GitHub Authentication]({{site.url}}/docs/enterprise-registry/github-auth/). +**NOTE:** This application must be **different** from that used for GitHub Authentication. -- Log into GitHub (Enterprise) -- Visit the applications page under your organization's settings and click "Register New Application". +## Visit the Management Panel +Sign in to a super user account and visit `http://yourregister/superuser` to view the management panel panel: -Register Application +Enterprise Registry Management Panel -- Enter your registry's URL as the application URL +## Enable GitHub Triggers -Note: If using public GitHub, the URL entered must be accessible by *your users*. It can still be an internal URL. +Enable GitHub Trigger -- Enter `https://{REGISTRY URL HERE}/oauth2/github/callback` as the Authorization callback URL. -- Create the application and note down the `Client ID` and `Client Secret`. - -View Application - -## Change the Feature Flag - -Next, in the Enteprise Registry `config.yaml`, change the following to enable GitHub Build: - -```yaml -FEATURE_GITHUB_BUILD: false -``` - -to - -```yaml -FEATURE_GITHUB_BUILD: true -``` - -## Configure the Feature - -In the Enteprise Registry `config.yaml`, add the following section: - -```yaml - -# For GitHub Enterprise building -GITHUB_TRIGGER_CONFIG: { - 'GITHUB_ENDPOINT': '(GITHUB ENTERPRISE ENDPOINT HERE)', - 'CLIENT_ID': '(CLIENT ID)', - 'CLIENT_SECRET': '(CLIENT SECRET)', -} - -# For GitHub.com building -GITHUB_TRIGGER_CONFIG: { - 'GITHUB_ENDPOINT': 'https://github.com/', - 'API_ENDPOINT': 'https://api.github.com/', - 'CLIENT_ID': '(CLIENT ID)', - 'CLIENT_SECRET': '(CLIENT SECRET)', -} -``` +- Click the gear icon () and scroll down to the section entitled Github (Enterprise) Build Triggers. +- Check the "Enable GitHub Triggers" box +- Fill in the credentials from the application created above +- Click "Save Configuration Changes" +- Restart the container (you will be prompted) ## Tag an Automated Build From b26b920cf0a737c78c2910b399914610d81e25e8 Mon Sep 17 00:00:00 2001 From: Joseph Schorr Date: Fri, 20 Feb 2015 13:47:23 -0500 Subject: [PATCH 0400/1291] Clarify that the settings gear is a tab --- enterprise-registry/build-support/index.md | 2 +- enterprise-registry/github-auth/index.md | 2 +- enterprise-registry/github-build/index.md | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/enterprise-registry/build-support/index.md b/enterprise-registry/build-support/index.md index 6465f07e5..801876ec1 100644 --- a/enterprise-registry/build-support/index.md +++ b/enterprise-registry/build-support/index.md @@ -24,7 +24,7 @@ Sign in to a super user account and visit `http://yourregister/superuser` to vie Enable Dockerfile Build -- Click the gear icon () and scroll down to the section entitled Dockerfile Build Support. +- Click the configuration tab () and scroll down to the section entitled Dockerfile Build Support. - Check the "Enable Dockerfile Build" box - Click "Save Configuration Changes" - Restart the container (you will be prompted) diff --git a/enterprise-registry/github-auth/index.md b/enterprise-registry/github-auth/index.md index 87ca4413c..31ee012a1 100644 --- a/enterprise-registry/github-auth/index.md +++ b/enterprise-registry/github-auth/index.md @@ -27,7 +27,7 @@ Sign in to a super user account and visit `http://yourregister/superuser` to vie Enable GitHub Authentication -- Click the gear icon () and scroll down to the section entitled Github (Enterprise) Authentication. +- Click the configuration tab () and scroll down to the section entitled Github (Enterprise) Authentication. - Check the "Enable GitHub Authentication" box - Fill in the credentials from the application created above - Click "Save Configuration Changes" diff --git a/enterprise-registry/github-build/index.md b/enterprise-registry/github-build/index.md index f0087de7f..a42c90f88 100644 --- a/enterprise-registry/github-build/index.md +++ b/enterprise-registry/github-build/index.md @@ -32,7 +32,7 @@ Sign in to a super user account and visit `http://yourregister/superuser` to vie Enable GitHub Trigger -- Click the gear icon () and scroll down to the section entitled Github (Enterprise) Build Triggers. +- Click the configuration tab () and scroll down to the section entitled Github (Enterprise) Build Triggers. - Check the "Enable GitHub Triggers" box - Fill in the credentials from the application created above - Click "Save Configuration Changes" From c81d20753ac85e44e775a645d5429850ba74c314 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Fri, 20 Feb 2015 12:36:28 -0800 Subject: [PATCH 0401/1291] enterprise-registry: remove sub category --- enterprise-registry/github-app/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/enterprise-registry/github-app/index.md b/enterprise-registry/github-app/index.md index 5ba332b5e..80d9d8552 100644 --- a/enterprise-registry/github-app/index.md +++ b/enterprise-registry/github-app/index.md @@ -2,7 +2,7 @@ layout: docs title: Register GitHub Application category: registry -sub_category: setup +sub_category: none forkurl: https://github.com/coreos/docs/blob/master/enterprise-registry/github-app/index.md weight: 5 --- From f590dcd4628b07af39b4231613ee869cd9b01bf5 Mon Sep 17 00:00:00 2001 From: Joseph Schorr Date: Fri, 20 Feb 2015 22:43:12 -0500 Subject: [PATCH 0402/1291] Remove the extra "panel" --- enterprise-registry/build-support/index.md | 2 +- enterprise-registry/github-auth/index.md | 2 +- enterprise-registry/github-build/index.md | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/enterprise-registry/build-support/index.md b/enterprise-registry/build-support/index.md index 801876ec1..81cf55dd0 100644 --- a/enterprise-registry/build-support/index.md +++ b/enterprise-registry/build-support/index.md @@ -16,7 +16,7 @@ any issues encountered to support so we can fix it ASAP. ## Visit the Management Panel -Sign in to a super user account and visit `http://yourregister/superuser` to view the management panel panel: +Sign in to a super user account and visit `http://yourregister/superuser` to view the management panel: Enterprise Registry Management Panel diff --git a/enterprise-registry/github-auth/index.md b/enterprise-registry/github-auth/index.md index 31ee012a1..6b88a161c 100644 --- a/enterprise-registry/github-auth/index.md +++ b/enterprise-registry/github-auth/index.md @@ -19,7 +19,7 @@ Following the instructions at diff --git a/enterprise-registry/github-build/index.md b/enterprise-registry/github-build/index.md index a42c90f88..2a8f832ac 100644 --- a/enterprise-registry/github-build/index.md +++ b/enterprise-registry/github-build/index.md @@ -24,7 +24,7 @@ Following the instructions at From b66eb37aab288020f843f2f320e22b48a0de1abc Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Mon, 23 Feb 2015 10:24:34 -0800 Subject: [PATCH 0403/1291] running-coreos: use standard channel tabs --- running-coreos/platforms/openstack/index.md | 41 ++++++++++++++++++--- 1 file changed, 35 insertions(+), 6 deletions(-) diff --git a/running-coreos/platforms/openstack/index.md b/running-coreos/platforms/openstack/index.md index 5fcf8fcea..a6f46b4c1 100644 --- a/running-coreos/platforms/openstack/index.md +++ b/running-coreos/platforms/openstack/index.md @@ -18,15 +18,44 @@ it with the `glance` tool and running your first cluster with the `nova` tool. These steps will download the CoreOS image, uncompress it and then import it into the glance image store. -### Choosing a Channel - -CoreOS is released into alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. +## Choosing a Channel + +CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updates) with different schedules per channel. You can [disable this feature]({{site.url}}/docs/cluster-management/debugging/prevent-reboot-after-update), although we don't recommend it. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes. + +

    + +
    +
    +

    The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

    +
    +$ wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_openstack_image.img.bz2
+$ bunzip2 coreos_production_openstack_image.img.bz2
+
    +
    +
    +

    The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.beta-channel}}.

    +
    +$ wget http://beta.release.core-os.net/amd64-usr/current/coreos_production_openstack_image.img.bz2
+$ bunzip2 coreos_production_openstack_image.img.bz2
+
    +
    +
    +

    The Stable channel should be used by production clusters. Versions of CoreOS are battle-tested within the Beta and Alpha channels before being promoted. Current version is CoreOS {{site.stable-channel}}.

    +
    +$ wget http://stable.release.core-os.net/amd64-usr/current/coreos_production_openstack_image.img.bz2
+$ bunzip2 coreos_production_openstack_image.img.bz2
+
    +
    +
    +
    -The channel is selected based on the URL below. Simply replace `alpha` with `beta`. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes in each channel. +Once the download completes, add the CoreOS image into Glance: ```sh -$ wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_openstack_image.img.bz2 -$ bunzip2 coreos_production_openstack_image.img.bz2 $ glance image-create --name CoreOS \ --container-format bare \ --disk-format qcow2 \ From ee5e06c5bdc58739421df550f6a3fe10bcff4a0f Mon Sep 17 00:00:00 2001 From: ryneeverett Date: Mon, 23 Feb 2015 20:30:51 -0500 Subject: [PATCH 0404/1291] Update Vultr documentation. --- running-coreos/cloud-providers/vultr/index.md | 63 +++++++++---------- 1 file changed, 30 insertions(+), 33 deletions(-) diff --git a/running-coreos/cloud-providers/vultr/index.md b/running-coreos/cloud-providers/vultr/index.md index e36fd4c24..299234467 100755 --- a/running-coreos/cloud-providers/vultr/index.md +++ b/running-coreos/cloud-providers/vultr/index.md @@ -11,10 +11,27 @@ weight: 10 These instructions will walk you through running a single CoreOS node. This guide assumes: * You have an account at [Vultr.com](https://www.vultr.com). -* The location of your iPXE script (referenced later in the guide) is located at ```http://example.com/script.txt``` * You have a public + private key combination generated. Here's a helpful guide if you need to generate these keys: [How to set up SSH keys](https://help.github.com/articles/generating-ssh-keys). -The simplest option to boot up CoreOS is to load a script that contains the series of commands you'd otherwise need to manually type at the command line. This script needs to be publicly accessible (host this file on your own server). Save this script as a text file (.txt extension). +The simplest option to boot up CoreOS is to select the "CoreOS Stable" operating system from Vultr's default offerings. However, most deployments require a custom `cloud-config`, which can only be achieved in Vultr with an iPXE script. The remainder of this article describes this process. + +First, you'll need to make two files available at public URL's -- your `cloud-config` file and the following shell script *(be sure to replace the cloud-config URL)*: + +```sh +#!/bin/bash + +curl -o cloud-config.yaml URL_TO_YOUR_CLOUD_CONFIG +sudo coreos-install -d /dev/vda -c cloud-config.yaml +sudo reboot +``` + +## Cloud-Config + +Please be sure to check out [Using Cloud-Config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config). + +You must add to your ssh public key to your `cloud-config`'s [ssh authorized keys]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/#ssh_authorized_keys) so you'll be able to log in. + +Note that the `$private_ipv4` and `$public_ipv4` variables are only supported on Vultr if you have the 'cloud-config-url' option set on your kernel command line. Without this option, you will need to hard code these values into your `cloud-config` file. ## Choosing a Channel @@ -36,7 +53,7 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat 
    #!ipxe
 
 set base-url http://alpha.release.core-os.net/amd64-usr/current
-kernel ${base-url}/coreos_production_pxe.vmlinuz cloud-config-url=http://169.254.169.254/2014-09-12/coreos-init sshkey="YOUR_PUBLIC_KEY_HERE"
+kernel ${base-url}/coreos_production_pxe.vmlinuz cloud-config-url=URL_TO_YOUR_SHELL_SCRIPT
 initrd ${base-url}/coreos_production_pxe_image.cpio.gz
 boot
    @@ -49,7 +66,7 @@ boot 
    #!ipxe
 
 set base-url http://beta.release.core-os.net/amd64-usr/current
-kernel ${base-url}/coreos_production_pxe.vmlinuz cloud-config-url=http://169.254.169.254/2014-09-12/coreos-init sshkey="YOUR_PUBLIC_KEY_HERE"
+kernel ${base-url}/coreos_production_pxe.vmlinuz cloud-config-url=URL_TO_YOUR_SHELL_SCRIPT
 initrd ${base-url}/coreos_production_pxe_image.cpio.gz
 boot
    @@ -62,37 +79,26 @@ boot 
    #!ipxe
 
 set base-url http://stable.release.core-os.net/amd64-usr/current
-kernel ${base-url}/coreos_production_pxe.vmlinuz cloud-config-url=http://169.254.169.254/2014-09-12/coreos-init sshkey="YOUR_PUBLIC_KEY_HERE"
+kernel ${base-url}/coreos_production_pxe.vmlinuz cloud-config-url=URL_TO_YOUR_SHELL_SCRIPT
 initrd ${base-url}/coreos_production_pxe_image.cpio.gz
 boot
    -Make sure to replace `YOUR_PUBLIC_KEY_HERE` with your actual public key, it will begin with `ssh-rsa...`. +Go to My Servers > Startup Scripts > Add Startup Script, select type "PXE", and input your script. Be sure to replace the cloud-config-url with that of the shell script you created above. Additional reading can be found at [Booting CoreOS with iPXE](http://coreos.com/docs/running-coreos/bare-metal/booting-with-ipxe/) and [Embedded scripts for iPXE](http://ipxe.org/embed). -## Using Cloud-Config - -Please be sure to check out [Using Cloud-Config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config). - -In particular, note that the `$private_ipv4` and `$public_ipv4` variables are only supported on Vultr if you have the 'cloud-config-url' option set on your kernel command line. - -Without this option, you will need to hard code these values into your `cloud-config` file. - ## Create the VPS Create a new VPS (any server type and location of your choice), and then: 1. For the "Operating System" select "Custom" -2. Select iPXE boot -3. Set the chain URL to the URL of your script (http://example.com/script.txt) *Note*: URL must be plain old HTTP, not HTTPS -4. Click "Place Order" +2. Select "iPXE Custom Script" and the script you created above. +3. Click "Place Order" -![Any location, any size, custom OS, iPXE boot, set chain URL, place order](http://s18.postimg.org/5ra9lioeh/vultr.png) - -Once you receive the welcome email the VPS will be ready to use (typically less than 2-3 minutes). +Once you receive the "Subscription Activated" email the VPS will be ready to use. ## Accessing the VPS @@ -100,26 +106,17 @@ You can now log in to CoreOS using the associated private key on your local comp SSH to the IP of your VPS, and specify the "core" user: ```ssh core@IP``` - ```sh $ ssh core@IP The authenticity of host 'IP (2a02:1348:17c:423d:24:19ff:fef1:8f6)' can't be established. RSA key fingerprint is 99:a5:13:60:07:5d:ac:eb:4b:f2:cb:c9:b2:ab:d7:21. Are you sure you want to continue connecting (yes/no)? yes - -Last login: Thu Oct 17 11:42:04 UTC 2013 from 127.0.0.1 on pts/0 - ______ ____ _____ - / ____/___ ________ / __ \/ ___/ - / / / __ \/ ___/ _ \/ / / /\__ \ -/ /___/ /_/ / / / __/ /_/ /___/ / -\____/\____/_/ \___/\____//____/ -core@srv-n8uak ~ $ +Warning: Permanently added '[IP]' (ED25519) to the list of known hosts. +Enter passphrase for key '/home/user/.ssh/id_rsa': +CoreOS stable (557.2.0) +core@localhost ~ $ ``` ## Using CoreOS -Now that you have a cluster bootstrapped it is time to play around. - -CoreOS is currently running from RAM, based on the loaded image. You may want to [install it on the disk]({{site.url}}/docs/running-coreos/bare-metal/installing-to-disk). Note that when following these instructions on Vultr, the device name should be `/dev/vda` rather than `/dev/sda`. - Check out the [CoreOS Quickstart]({{site.url}}/docs/quickstart) guide or dig into [more specific topics]({{site.url}}/docs). From 4dc823d28cc7a298427aecc38cdb10e4b8e901f7 Mon Sep 17 00:00:00 2001 From: ryneeverett Date: Mon, 23 Feb 2015 23:03:31 -0500 Subject: [PATCH 0405/1291] Use variables; move 'Cloud Config' header up. --- running-coreos/cloud-providers/vultr/index.md | 26 ++++++++++++++----- 1 file changed, 19 insertions(+), 7 deletions(-) diff --git a/running-coreos/cloud-providers/vultr/index.md b/running-coreos/cloud-providers/vultr/index.md index 299234467..51873d20d 100755 --- a/running-coreos/cloud-providers/vultr/index.md +++ b/running-coreos/cloud-providers/vultr/index.md @@ -15,18 +15,21 @@ These instructions will walk you through running a single CoreOS node. This guid The simplest option to boot up CoreOS is to select the "CoreOS Stable" operating system from Vultr's default offerings. However, most deployments require a custom `cloud-config`, which can only be achieved in Vultr with an iPXE script. The remainder of this article describes this process. -First, you'll need to make two files available at public URL's -- your `cloud-config` file and the following shell script *(be sure to replace the cloud-config URL)*: +## Cloud-Config + +First, you'll need to make two files available at public URL's -- your `cloud-config` file and the following shell script: ```sh #!/bin/bash -curl -o cloud-config.yaml URL_TO_YOUR_CLOUD_CONFIG +# Location of your valid cloud-config file. +URL = "http://example.com/cloud-config.yaml" + +curl -o cloud-config.yaml $URL sudo coreos-install -d /dev/vda -c cloud-config.yaml sudo reboot ``` -## Cloud-Config - Please be sure to check out [Using Cloud-Config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config). You must add to your ssh public key to your `cloud-config`'s [ssh authorized keys]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/#ssh_authorized_keys) so you'll be able to log in. @@ -52,8 +55,11 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat 
    #!ipxe
 
+# Location of your shell script.
+set cloud-config-url http://example.com/cloud-config-bootstrap.sh
+
 set base-url http://alpha.release.core-os.net/amd64-usr/current
-kernel ${base-url}/coreos_production_pxe.vmlinuz cloud-config-url=URL_TO_YOUR_SHELL_SCRIPT
+kernel ${base-url}/coreos_production_pxe.vmlinuz cloud-config-url=${cloud-config-url}
 initrd ${base-url}/coreos_production_pxe_image.cpio.gz
 boot
    @@ -65,8 +71,11 @@ boot 
    #!ipxe
 
+# Location of your shell script.
+set cloud-config-url http://example.com/cloud-config-bootstrap.sh
+
 set base-url http://beta.release.core-os.net/amd64-usr/current
-kernel ${base-url}/coreos_production_pxe.vmlinuz cloud-config-url=URL_TO_YOUR_SHELL_SCRIPT
+kernel ${base-url}/coreos_production_pxe.vmlinuz cloud-config-url=${cloud-config-url}
 initrd ${base-url}/coreos_production_pxe_image.cpio.gz
 boot
    @@ -78,8 +87,11 @@ boot 
    #!ipxe
 
+# Location of your shell script.
+set cloud-config-url http://example.com/cloud-config-bootstrap.sh
+
 set base-url http://stable.release.core-os.net/amd64-usr/current
-kernel ${base-url}/coreos_production_pxe.vmlinuz cloud-config-url=URL_TO_YOUR_SHELL_SCRIPT
+kernel ${base-url}/coreos_production_pxe.vmlinuz cloud-config-url=${cloud-config-url}
 initrd ${base-url}/coreos_production_pxe_image.cpio.gz
 boot
    From 580dffaa6ff3d43deb87ae6ea70d1a81009bf93b Mon Sep 17 00:00:00 2001 From: ryneeverett Date: Tue, 24 Feb 2015 14:45:32 -0500 Subject: [PATCH 0406/1291] Create cloud-config-bootstrap.sh with HEREDOC. --- running-coreos/cloud-providers/vultr/index.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/running-coreos/cloud-providers/vultr/index.md b/running-coreos/cloud-providers/vultr/index.md index 51873d20d..e4b434e8f 100755 --- a/running-coreos/cloud-providers/vultr/index.md +++ b/running-coreos/cloud-providers/vultr/index.md @@ -17,17 +17,17 @@ The simplest option to boot up CoreOS is to select the "CoreOS Stable" operating ## Cloud-Config -First, you'll need to make two files available at public URL's -- your `cloud-config` file and the following shell script: +First, you'll need to make two files available at public URL's -- your `cloud-config` file and a shell script which you need to create: ```sh -#!/bin/bash - -# Location of your valid cloud-config file. -URL = "http://example.com/cloud-config.yaml" +URL="http://example.com/cloud-config.yaml" +cat << EOF > ./cloud-config-bootstrap.sh\n +#!/bin/bash curl -o cloud-config.yaml $URL sudo coreos-install -d /dev/vda -c cloud-config.yaml sudo reboot +EOF ``` Please be sure to check out [Using Cloud-Config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config). From 7b6cf3048404de4bedf806b8afbc84fe51d15bb9 Mon Sep 17 00:00:00 2001 From: ryneeverett Date: Tue, 24 Feb 2015 14:52:31 -0500 Subject: [PATCH 0407/1291] Remove note about ipv4 variable support. --- running-coreos/cloud-providers/vultr/index.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/running-coreos/cloud-providers/vultr/index.md b/running-coreos/cloud-providers/vultr/index.md index e4b434e8f..56ec390d1 100755 --- a/running-coreos/cloud-providers/vultr/index.md +++ b/running-coreos/cloud-providers/vultr/index.md @@ -34,8 +34,6 @@ Please be sure to check out [Using Cloud-Config]({{site.url}}/docs/cluster-manag You must add to your ssh public key to your `cloud-config`'s [ssh authorized keys]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/#ssh_authorized_keys) so you'll be able to log in. -Note that the `$private_ipv4` and `$public_ipv4` variables are only supported on Vultr if you have the 'cloud-config-url' option set on your kernel command line. Without this option, you will need to hard code these values into your `cloud-config` file. - ## Choosing a Channel CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updates) with different schedules per channel. You can [disable this feature]({{site.url}}/docs/cluster-management/debugging/prevent-reboot-after-update), although we don't recommend it. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes. From 0053bade96d0fb627ff391b156ce5f5423498828 Mon Sep 17 00:00:00 2001 From: Joseph Schorr Date: Wed, 25 Feb 2015 17:02:20 -0500 Subject: [PATCH 0408/1291] Change logs debugging instructions --- enterprise-registry/log-debugging/index.md | 31 +++++++++------------- 1 file changed, 13 insertions(+), 18 deletions(-) diff --git a/enterprise-registry/log-debugging/index.md b/enterprise-registry/log-debugging/index.md index ed656a392..24a9ec93d 100644 --- a/enterprise-registry/log-debugging/index.md +++ b/enterprise-registry/log-debugging/index.md @@ -11,29 +11,24 @@ weight: 5 ## Personal debugging When attempting to debug an issue, one should first consult the logs of the web workers running the Enterprise Registry. -Please note that both of these methods assume that they are being executed on the host machine. -{% raw %} -```sh -CONTAINER_ID=$(docker ps | grep "coreos/registry" | awk '{print $1}') -LOG_LOCATION=$(docker inspect -f '{{ index .Volumes "/var/log" }}' ${CONTAINER_ID}) -tail -f ${LOG_LOCATION}/gunicorn_*/current -``` -{% endraw %} +## Visit the Management Panel -The aforementioned shell commands are also available in script form at https://github.com/coreos/docs/blob/master/enterprise-registry/log-debugging/tail-gunicorn-logs.sh +Sign in to a super user account and visit `http://yourregister/superuser` to view the management panel: + +Enterprise Registry Management Panel + +## View the logs for each service + +- Click the logs tab () +- To view logs for each service, click the service name at the top. The logs will update automatically. ## Contacting support When contacting support, one should always include a copy of the Enterprise Registry's log directory. -Please note that both of these methods assume that they are being executed on the host machine. -{% raw %} -```sh -CONTAINER_ID=$(docker ps | grep "coreos/registry" | awk '{print $1}') -LOG_LOCATION=$(docker inspect -f '{{ index .Volumes "/var/log" }}' ${CONTAINER_ID}) -tar -zcvf registry-logs-$(date +%s).tar.gz ${LOG_LOCATION} -``` -{% endraw %} +To download logs, click the " Download All Local Logs (.tar.gz)" link + +## Shell script to download logs -The aforementioned shell commands are also available in script form at https://github.com/coreos/docs/blob/master/enterprise-registry/log-debugging/gzip-registry-logs.sh +The aforementioned operations are also available in script form at https://github.com/coreos/docs/blob/master/enterprise-registry/log-debugging/gzip-registry-logs.sh \ No newline at end of file From aeec1bb4a1302057b9eb5491d6ed72d168a27acd Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Wed, 25 Feb 2015 15:16:14 -0800 Subject: [PATCH 0409/1291] cluster-management: add manual instructions --- cluster-management/setup/update-strategies/index.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/cluster-management/setup/update-strategies/index.md b/cluster-management/setup/update-strategies/index.md index fae29417e..e91cad621 100644 --- a/cluster-management/setup/update-strategies/index.md +++ b/cluster-management/setup/update-strategies/index.md @@ -102,6 +102,15 @@ coreos: command: restart ``` +## Manually Triggering an Update + +Each machine should check in about 10 minutes after boot and roughly every hour after that. If you'd like to see it sooner, you can force an update check, which will skip any rate-limiting settings that are configured in CoreUpdate. + +``` +$ update_engine_client -check_for_update +[0123/220706:INFO:update_engine_client.cc(245)] Initiating update check and install. +``` + ## Auto-Updates with a Maintenance Window A timeframe in which to update can be specified by using two systemd units, a very simple service and a timer to run it on your schedule: From c24544cbe7ed6f124c7654f7ae792abaf8274b9e Mon Sep 17 00:00:00 2001 From: Kishan Kavala Date: Thu, 26 Feb 2015 15:47:28 +0530 Subject: [PATCH 0410/1291] CloudStack docs for CoreOS --- running-coreos/platforms/cloudstack/index.md | 98 ++++++++++++++++++++ 1 file changed, 98 insertions(+) create mode 100644 running-coreos/platforms/cloudstack/index.md diff --git a/running-coreos/platforms/cloudstack/index.md b/running-coreos/platforms/cloudstack/index.md new file mode 100644 index 000000000..646a9b4c9 --- /dev/null +++ b/running-coreos/platforms/cloudstack/index.md @@ -0,0 +1,98 @@ +--- +layout: docs +title: CloudStack +category: running_coreos +sub_category: platforms +weight: 5 +--- + +# Running CoreOS on CloudStack + +This guide explains how to deploy CoreOS with CloudStack. These instructions will walk you through downloading CoreOS image and running an instance from it. +This document assumes that CloudStack is already installed. Please refer Install Guide for CloudStack installation steps. + + +## Register the CoreOS image (Template) + +After logging in to CloudStack UI, to upload a template: + +
      +

    1. In the left navigation bar, click Templates.

      +
      2. +

    2. Click Register Template.

      +
      3. +

    3. Provide the following:

      +
        +

      • Name and Description. These will be shown in the UI, so choose +something descriptive.

        +
        • +

      • URL. The Management Server will download the file from the +specified URL, such as http://dl.openvm.eu/cloudstack/coreos/x86_64/coreos_production_cloudstack_image-kvm.qcow2.bz2.

        +
        • +

      • Zone. Choose the zone where you want the template to be +available, or All Zones to make it available throughout +CloudStack.

        +
        • +

      • OS Type: This helps CloudStack and the hypervisor perform +certain operations and make assumptions that improve the +performance of the guest.

        +
        • +

      • Hypervisor: The supported hypervisors are listed. Select the +desired one.

        +
        • +

      • Format. The format of the template upload file, such as VHD or +OVA.

        +
        • +

      • Extractable. Choose Yes if the template is available for +extraction. If this option is selected, end users can download a +full image of a template.

        +
        • +

      • Public. Choose Yes to make this template accessible to all +users of this CloudStack installation. The template will appear in +the Community Templates list. See “Private and +Public Templates”.

        +
        • +

      • Featured. Choose Yes if you would like this template to be +more prominent for users to select. The template will appear in +the Featured Templates list. Only an administrator can make a +template Featured.

        +
        • +
      +
      4. +
    + +Alternatively registerTemplate API can also be used. + +### CoreOS Templates + +Apache CloudStack community created CoreOS templates are located at http://dl.openvm.eu/cloudstack/coreos/x86_64/ +CoreOS templates are currently available for XenServer, KVM, VmWare and HyperV hypervisors. + +### Deploy CoreOS Instance + +

    To create a VM from a template:

    +
      +

    1. Log in to the CloudStack UI as an administrator or user.

      +
      2. +

    2. In the left navigation bar, click Instances.

      +
      3. +

    3. Click Add Instance.

      +
      4. +

    4. Select a zone.

      +
      5. +

    5. Select the CoreOS template registered in the previous step. +

      6. +

    6. Click Submit and your VM will be created and started.

      +
      7. +
    + +Alternatively deployVirtualMachine API can also be used to deploy CoreOS instance. + +### Virtual machine configuration + +cloud-config can be provided using userdata while deploying virtual machine. userdata is an optional request parameter for deployVirtualMachine API + +## Using CoreOS + +Now that you have a machine booted it is time to play around. +Check out the [CoreOS Quickstart]({{site.url}}/docs/quickstart) guide or dig into [more specific topics]({{site.url}}/docs). From ff6e42d418550ad2d6bce10493349e3e737c962d Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Fri, 27 Feb 2015 15:43:25 -0800 Subject: [PATCH 0411/1291] running-coreos: add channel tabs --- running-coreos/platforms/virtualbox/index.md | 58 +++++++++++++++----- 1 file changed, 44 insertions(+), 14 deletions(-) diff --git a/running-coreos/platforms/virtualbox/index.md b/running-coreos/platforms/virtualbox/index.md index 2047d4679..f6a71bdd8 100644 --- a/running-coreos/platforms/virtualbox/index.md +++ b/running-coreos/platforms/virtualbox/index.md @@ -11,7 +11,7 @@ weight: 7 These instructions will walk you through running CoreOS on Oracle VM VirtualBox. -## Building the virtual disk +## Building the Virtual Disk There is a script that simplify the VDI building. It downloads a bare-metal image, verifies it with GPG and convert the image to VirtualBox format. @@ -34,20 +34,50 @@ To run the script you can specify a destination location and the CoreOS version. ./create-coreos-vdi -d /data/VirtualBox/Templates ``` -If you want a specific version of CoreOS, you can find which versions is -available to download on -[CoreOS storage](http://storage.core-os.net/coreos/amd64-usr/index.html). Then -just specify the desired version to the script. - -```sh -./create-coreos-vdi -V 298.0.0 -``` +## Choose a Channel + +Choose a channel to base your disk image on. Specific versions of CoreOS can also be referenced by version number. + +
    + +
    +
    +

    The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

    +

    Create a disk image from this channel by running:

    +
    +./create-coreos-vdi -V alpha
+
    +
    +
    +

    The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.beta-channel}}.

    +

    Create a disk image from this channel by running:

    +
    +./create-coreos-vdi -V beta
+
    +
    +
    +

    The Stable channel should be used by production clusters. Versions of CoreOS are battle-tested within the Beta and Alpha channels before being promoted. Current version is CoreOS {{site.stable-channel}}.

    +

    Create a disk image from this channel by running:

    +
    +./create-coreos-vdi -V stable
+
    +
    +
    +
    After the script is finished successfully, will be available at the specified destination location the CoreOS image or at current location. The file name will -be something like "*coreos_production_298.0.0.vdi*". +be something like: + +``` +coreos_production_stable.vdi +``` -## Creating a config-drive +## Creating a Config-Drive Cloud-config can be specified by attaching a [config-drive]({{site.url}}/docs/cluster-management/setup/cloudinit-config-drive/) @@ -75,13 +105,13 @@ chmod +x create-basic-configdrive Will be created an ISO file named `my_vm01.iso` that will configure a virtual machine to accept your SSH key and set its name to my_vm01. -## Deploying a new virtual machine on VirtualBox +## Deploying a New Virtual Machine on VirtualBox I recommend to use the built image as base image. Therefore you should clone the image for each new virtual machine and set it to desired size. ```sh -VBoxManage clonehd coreos_production_298.0.0.vdi my_vm01.vdi +VBoxManage clonehd coreos_production_stable.vdi my_vm01.vdi # Resize virtual disk to 10 GB VBoxManage modifyhd my_vm01.vdi --resize 10240 ``` @@ -104,7 +134,7 @@ and load the created config-drive into CD/DVD drive. Click on 'OK' button and the virtual machine will be ready to be started. -## Logging in +## Logging In Networking can take a bit of time to come up under VirtualBox and you will need to know the IP in order to connect to it. Press enter a few times at the login From b57280632728cd8e98d0c9e8f9bf27dbe8a27acb Mon Sep 17 00:00:00 2001 From: Xueshan Feng Date: Mon, 9 Feb 2015 23:25:42 -0800 Subject: [PATCH 0412/1291] updated with an update-window script that handles reboot in an environment that runs isolated etcd servers and workers. --- .../setup/update-strategies/index.md | 73 ++++++++++++++++--- 1 file changed, 62 insertions(+), 11 deletions(-) diff --git a/cluster-management/setup/update-strategies/index.md b/cluster-management/setup/update-strategies/index.md index fae29417e..32c365cc1 100644 --- a/cluster-management/setup/update-strategies/index.md +++ b/cluster-management/setup/update-strategies/index.md @@ -104,6 +104,8 @@ coreos: ## Auto-Updates with a Maintenance Window +In this example, auto-reboot strategy is turned off so we can schedule it in a maintencence window in which a script checks if an update has been downloaded. If a reboot is needed and etcd service is running on the system, then call locksmithctl reboot to get a lock and reboot; otherwise, run a simple reboot after a random delay to prevent workers from rebooting at the same time. + A timeframe in which to update can be specified by using two systemd units, a very simple service and a timer to run it on your schedule: #### update-window.service @@ -113,21 +115,47 @@ A timeframe in which to update can be specified by using two systemd units, a ve Description=Reboot if an update has been downloaded [Service] -ExecStart=/usr/bin/bash -c 'if update_engine_client -status | grep NEED_REBOOT; then reboot; fi' +ExecStart=/opt/bin/update-window.sh ``` #### update-window.timer ```yaml [Unit] -Description=Reboot if needed at 05:00 daily +Description=Reboot timer [Timer] -OnCalendar=*-*-* 05:00:00 +OnCalendar=*-*-* 05,06:00/30:00 ``` - More [information on systemd timers](http://www.freedesktop.org/software/systemd/man/systemd.timer.html) and the available ways you can configure your maintenance window. +#### update-window.sh + +This script should be installed in a location to match the script path used in the update-window.service unit, e.g. /opt/bin/update-window.sh. + +```yaml +#!/bin/bash + +# If etcd is active, this uses locksmith. Otherwise, it randomly delays. +delay=$(/usr/bin/expr $RANDOM % 3600 ) +rebootflag='NEED_REBOOT' + +if update_engine_client -status | grep $rebootflag; +then + echo -n "etcd is " + if systemctl is-active etcd; + then + echo "Update reboot with locksmithctl." + locksmithctl reboot + else + echo "Update reboot in $delay seconds." + sleep $delay + reboot + fi +fi +exit 0 +``` + ### Cloud-Config ```yaml @@ -137,23 +165,46 @@ coreos: update: reboot-strategy: off units: - - - name: update-window.service + - name: update-window.service runtime: true content: | [Unit] Description=Reboot if an update has been downloaded [Service] - ExecStart=/usr/bin/bash -c 'if update_engine_client -status | grep NEED_REBOOT; then locksmithctl reboot; fi' - - - name: update-window.timer + ExecStart=/opt/bin/update-window.sh + - name: update-window.timer runtime: true command: start content: | [Unit] - Description=Reboot if needed at 05:00 daily + Description=Reboot timer [Timer] - OnCalendar=*-*-* 05:00:00 + OnCalendar=*-*-* 05,06:00/30:00 + +write_files: + - path: /opt/bin/update-window.sh + permissions: 0755 + owner: root + content: | + #!/bin/bash + # If etcd is active, this uses locksmith. Otherwise, it randomly delays. + delay=$(/usr/bin/expr $RANDOM % 3600 ) + rebootflag='NEED_REBOOT' + + if update_engine_client -status | grep $rebootflag; + then + echo -n "etcd is " + if systemctl is-active etcd; + then + echo "Update reboot with locksmithctl." + locksmithctl reboot + else + echo "Update reboot in $delay seconds." + sleep $delay + reboot + fi + fi + exit 0 ``` From 753f622a96f8a9a2549aae3a3c9a5925b13e129b Mon Sep 17 00:00:00 2001 From: ryneeverett Date: Sat, 28 Feb 2015 16:11:08 -0500 Subject: [PATCH 0413/1291] Bootstrap shell script contains cloud-config in HEREDOC. --- running-coreos/cloud-providers/vultr/index.md | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/running-coreos/cloud-providers/vultr/index.md b/running-coreos/cloud-providers/vultr/index.md index 56ec390d1..06d1a0cfb 100755 --- a/running-coreos/cloud-providers/vultr/index.md +++ b/running-coreos/cloud-providers/vultr/index.md @@ -17,17 +17,20 @@ The simplest option to boot up CoreOS is to select the "CoreOS Stable" operating ## Cloud-Config -First, you'll need to make two files available at public URL's -- your `cloud-config` file and a shell script which you need to create: +First, you'll need to make a shell script containing your `cloud-config` available at a public URL: ```sh -URL="http://example.com/cloud-config.yaml" - -cat << EOF > ./cloud-config-bootstrap.sh\n #!/bin/bash -curl -o cloud-config.yaml $URL + +cat "cloud-config.yaml" < Date: Sat, 28 Feb 2015 16:19:17 -0500 Subject: [PATCH 0414/1291] Make cloud-config-bootstrap.sh name clear. --- running-coreos/cloud-providers/vultr/index.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/running-coreos/cloud-providers/vultr/index.md b/running-coreos/cloud-providers/vultr/index.md index 06d1a0cfb..17e3e587e 100755 --- a/running-coreos/cloud-providers/vultr/index.md +++ b/running-coreos/cloud-providers/vultr/index.md @@ -19,6 +19,8 @@ The simplest option to boot up CoreOS is to select the "CoreOS Stable" operating First, you'll need to make a shell script containing your `cloud-config` available at a public URL: +**cloud-config-bootstrap.sh** + ```sh #!/bin/bash From 6f7692f57dee844b26e573a6a2075f39ed0cffa8 Mon Sep 17 00:00:00 2001 From: ThomasWo Date: Sun, 1 Mar 2015 00:49:29 -0800 Subject: [PATCH 0415/1291] Update runing-coreos/platforms/vmware/index.md The old link (https://developercenter.vmware.com/tool/ovf/3.5.0) pointed to a 404, changing to the tool's generic homepage (https://developercenter.vmware.com/tool/ovf/) which looks exactly the same as the previous link, but doesn't need to be updated every time VMWare pushs an update. --- running-coreos/platforms/vmware/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/running-coreos/platforms/vmware/index.md b/running-coreos/platforms/vmware/index.md index e34c2f903..32cd2111c 100644 --- a/running-coreos/platforms/vmware/index.md +++ b/running-coreos/platforms/vmware/index.md @@ -35,7 +35,7 @@ open coreos_production_vmware_insecure.vmx ### To deploy on an ESXi/vSphere host, convert the VM to OVF * follow the steps above to download and extract the coreos_production_vmware_insecure.zip -* download and run the [OVF Tool 3.5.0 installer](https://developercenter.vmware.com/tool/ovf/3.5.0) Requires VMware account login but the download is free. Available for Linux, OSX & Windows for both 32 & 64 bit architectures. +* download and run the [OVF Tool installer](https://developercenter.vmware.com/tool/ovf/) Requires VMware account login but the download is free. Available for Linux, OSX & Windows for both 32 & 64 bit architectures. * convert VM to OVF from the extract dir ```sh From ec460f964781299c09c23c26202bd83cc58b450c Mon Sep 17 00:00:00 2001 From: Tyler Jones Date: Sun, 1 Mar 2015 12:05:37 -0800 Subject: [PATCH 0416/1291] Update debug useradd command for comments in #434. --- cluster-management/debugging/install-debugging-tools/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster-management/debugging/install-debugging-tools/index.md b/cluster-management/debugging/install-debugging-tools/index.md index d1bffb3ec..cbf7226dc 100644 --- a/cluster-management/debugging/install-debugging-tools/index.md +++ b/cluster-management/debugging/install-debugging-tools/index.md @@ -46,7 +46,7 @@ Pulling repository index.example.com/debug Advanced users can SSH directly into a toolbox by setting up an `/etc/passwd` entry: ```sh -useradd bob -m -p '*' -s /usr/bin/toolbox -g sudo -G docker +useradd bob -m -p '*' -s /usr/bin/toolbox -U -G sudo,docker ``` To test, SSH as bob: From 11f5986173b5a442878ecdf87b1bf795a9c12312 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Tue, 3 Mar 2015 17:30:04 -0800 Subject: [PATCH 0417/1291] *: add ?size= param to discovery urls --- .../setup/cluster-architectures/index.md | 5 +++-- .../setup/cluster-discovery/index.md | 7 ++++--- .../setup/network-config-with-networkd/index.md | 3 ++- quickstart/index.md | 2 ++ running-coreos/cloud-providers/auro/index.md | 3 ++- running-coreos/cloud-providers/azure/index.md | 3 ++- running-coreos/cloud-providers/brightbox/index.md | 3 ++- .../cloud-providers/digitalocean/index.md | 3 ++- running-coreos/cloud-providers/ec2/index.md | 14 +++++++++----- .../cloud-providers/google-compute-engine/index.md | 3 ++- .../cloud-providers/niftycloud/JA_JP/index.md | 3 ++- running-coreos/cloud-providers/niftycloud/index.md | 3 ++- running-coreos/cloud-providers/rackspace/index.md | 3 ++- running-coreos/cloud-providers/vexxhost/index.md | 3 ++- running-coreos/platforms/openstack/index.md | 3 ++- running-coreos/platforms/vagrant/index.md | 3 ++- 16 files changed, 42 insertions(+), 22 deletions(-) diff --git a/cluster-management/setup/cluster-architectures/index.md b/cluster-management/setup/cluster-architectures/index.md index e1ea39030..b2106b114 100644 --- a/cluster-management/setup/cluster-architectures/index.md +++ b/cluster-management/setup/cluster-architectures/index.md @@ -181,14 +181,15 @@ fleet will be started with metadata indicating the role of these machines, which [Managed Linux]({{site.url}}/products/managed-linux) customers can also specify a [CoreUpdate]({{site.url}}/products/coreupdate) group ID which will allow you to attach these machines to a different channel and control updates separately from the worker machines. -Here's an example cloud-config for one of the central service machines: +Here's an example cloud-config for one of the central service machines. Be sure to generate a new discovery token with the initial size of your cluster: ```yaml #cloud-config coreos: etcd: - # generate a new token for each unique cluster from https://discovery.etcd.io/new + # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 + # specify the intial size of your cluster with ?size=X discovery: https://discovery.etcd.io/ # multi-region and multi-cloud deployments need to use $public_ipv4 addr: 10.0.0.101:4001 diff --git a/cluster-management/setup/cluster-discovery/index.md b/cluster-management/setup/cluster-discovery/index.md index fba329964..b83af5b55 100644 --- a/cluster-management/setup/cluster-discovery/index.md +++ b/cluster-management/setup/cluster-discovery/index.md @@ -13,10 +13,10 @@ weight: 4 CoreOS uses etcd, a service running on each machine, to handle coordination between software running on the cluster. For a group of CoreOS machines to form a cluster, their etcd instances need to be connected. -A discovery service, [https://discovery.etcd.io](https://discovery.etcd.io), is provided as a free service to help connect etcd instances together by storing a list of peer addresses and metadata under a unique address, known as the discovery URL. You can generate them very easily: +A discovery service, [https://discovery.etcd.io](https://discovery.etcd.io), is provided as a free service to help connect etcd instances together by storing a list of peer addresses, metadata and the initial size of the cluster under a unique address, known as the discovery URL. You can generate them very easily: ``` -$ curl -w "\n" https://discovery.etcd.io/new +$ curl -w "\n" https://discovery.etcd.io/new?size=3 https://discovery.etcd.io/6a28e078895c5ec737174db2419bb2f3 ``` @@ -29,7 +29,8 @@ Boot each one of the machines with identical cloud-config and they should be aut coreos: etcd: - # generate a new token for each unique cluster from https://discovery.etcd.io/new + # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 + # specify the intial size of your cluster with ?size=X discovery: https://discovery.etcd.io/ # multi-region and multi-cloud deployments need to use $public_ipv4 addr: $private_ipv4:4001 diff --git a/cluster-management/setup/network-config-with-networkd/index.md b/cluster-management/setup/network-config-with-networkd/index.md index e38740aa1..0af517f35 100644 --- a/cluster-management/setup/network-config-with-networkd/index.md +++ b/cluster-management/setup/network-config-with-networkd/index.md @@ -42,7 +42,8 @@ Setting up static networking in your cloud-config can be done by writing out the coreos: etcd: - # generate a new token for each unique cluster from https://discovery.etcd.io/new + # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 + # specify the intial size of your cluster with ?size=X discovery: https://discovery.etcd.io/ # multi-region and multi-cloud deployments need to use $public_ipv4 addr: 10.0.0.101:4001 diff --git a/quickstart/index.md b/quickstart/index.md index 24149608a..1df5c7ee9 100644 --- a/quickstart/index.md +++ b/quickstart/index.md @@ -62,6 +62,8 @@ coreos: command: start etcd: name: coreos0 + # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 + # specify the intial size of your cluster with ?size=X discovery: https://discovery.etcd.io/ ``` diff --git a/running-coreos/cloud-providers/auro/index.md b/running-coreos/cloud-providers/auro/index.md index d71e51202..938002d4f 100644 --- a/running-coreos/cloud-providers/auro/index.md +++ b/running-coreos/cloud-providers/auro/index.md @@ -49,7 +49,8 @@ A sample common `cloud-config` file will look something like the following: coreos: etcd: - # generate a new token for each unique cluster from https://discovery.etcd.io/new + # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 + # specify the intial size of your cluster with ?size=X discovery: https://discovery.etcd.io/ # multi-region and multi-cloud deployments need to use $public_ipv4 addr: $private_ipv4:4001 diff --git a/running-coreos/cloud-providers/azure/index.md b/running-coreos/cloud-providers/azure/index.md index f04d3d3c7..bc16b4f0c 100644 --- a/running-coreos/cloud-providers/azure/index.md +++ b/running-coreos/cloud-providers/azure/index.md @@ -70,7 +70,8 @@ The most common cloud-config for Azure looks like: coreos: etcd: - # generate a new token for each unique cluster from https://discovery.etcd.io/new + # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 + # specify the intial size of your cluster with ?size=X discovery: https://discovery.etcd.io/ # deployments across multiple cloud services will need to use $public_ipv4 addr: $private_ipv4:4001 diff --git a/running-coreos/cloud-providers/brightbox/index.md b/running-coreos/cloud-providers/brightbox/index.md index c28e442fd..2487fa77e 100644 --- a/running-coreos/cloud-providers/brightbox/index.md +++ b/running-coreos/cloud-providers/brightbox/index.md @@ -100,7 +100,8 @@ A sample common `cloud-config` file will look something like the following: coreos: etcd: - # generate a new token for each unique cluster from https://discovery.etcd.io/new + # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 + # specify the intial size of your cluster with ?size=X discovery: https://discovery.etcd.io/ addr: $private_ipv4:4001 peer-addr: $private_ipv4:7001 diff --git a/running-coreos/cloud-providers/digitalocean/index.md b/running-coreos/cloud-providers/digitalocean/index.md index 045e6944f..471ca777a 100644 --- a/running-coreos/cloud-providers/digitalocean/index.md +++ b/running-coreos/cloud-providers/digitalocean/index.md @@ -102,7 +102,8 @@ The most common cloud-config for DigitalOcean looks like: coreos: etcd: - # generate a new token for each unique cluster from https://discovery.etcd.io/new + # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 + # specify the intial size of your cluster with ?size=X discovery: https://discovery.etcd.io/ # multi-region deployments, multi-cloud deployments, and droplets without # private networking need to use $public_ipv4 diff --git a/running-coreos/cloud-providers/ec2/index.md b/running-coreos/cloud-providers/ec2/index.md index 430699626..61848f6fa 100644 --- a/running-coreos/cloud-providers/ec2/index.md +++ b/running-coreos/cloud-providers/ec2/index.md @@ -137,7 +137,8 @@ The most common cloud-config for EC2 looks like: coreos: etcd: - # generate a new token for each unique cluster from https://discovery.etcd.io/new + # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 + # specify the intial size of your cluster with ?size=X discovery: https://discovery.etcd.io/ # multi-region and multi-cloud deployments need to use $public_ipv4 addr: $private_ipv4:4001 @@ -273,7 +274,8 @@ First we need to create a security group to allow CoreOS instances to communicat coreos: etcd: - # generate a new token from https://discovery.etcd.io/new + # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 + # specify the intial size of your cluster with ?size=X discovery: https://discovery.etcd.io/<token> # multi-region and multi-cloud deployments need to use $public_ipv4 addr: $private_ipv4:4001 @@ -347,7 +349,8 @@ coreos: coreos: etcd: - # generate a new token from https://discovery.etcd.io/new + # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 + # specify the intial size of your cluster with ?size=X discovery: https://discovery.etcd.io/<token> # multi-region and multi-cloud deployments need to use $public_ipv4 addr: $private_ipv4:4001 @@ -414,14 +417,15 @@ coreos:
  • - Next, we need to specify a discovery URL, which contains a unique token that allows us to find other hosts in our cluster. If you're launching your first machine, generate one at https://discovery.etcd.io/new and add it to the metadata. You should re-use this key for each machine in the cluster. + Next, we need to specify a discovery URL, which contains a unique token that allows us to find other hosts in our cluster. If you're launching your first machine, generate one at https://discovery.etcd.io/new?size=3, configure the `?size=` to your initial cluster size and add it to the metadata. You should re-use this key for each machine in the cluster. 
    •  #cloud-config
 
 coreos:
   etcd:
-    # generate a new token from https://discovery.etcd.io/new
+    # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3
+    # specify the intial size of your cluster with ?size=X
     discovery: https://discovery.etcd.io/<token>
     # multi-region and multi-cloud deployments need to use $public_ipv4
     addr: $private_ipv4:4001
diff --git a/running-coreos/cloud-providers/google-compute-engine/index.md b/running-coreos/cloud-providers/google-compute-engine/index.md
index b32dc1d0c..30e57a41e 100644
--- a/running-coreos/cloud-providers/google-compute-engine/index.md
+++ b/running-coreos/cloud-providers/google-compute-engine/index.md
@@ -29,7 +29,8 @@ The most common cloud-config for GCE looks like:
 
 coreos:
   etcd:
-    # generate a new token for each unique cluster from https://discovery.etcd.io/new
+    # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3
+    # specify the intial size of your cluster with ?size=X
     discovery: https://discovery.etcd.io/
     # multi-region and multi-cloud deployments need to use $public_ipv4
     addr: $private_ipv4:4001
diff --git a/running-coreos/cloud-providers/niftycloud/JA_JP/index.md b/running-coreos/cloud-providers/niftycloud/JA_JP/index.md
index 4aeaf7979..007877cf5 100644
--- a/running-coreos/cloud-providers/niftycloud/JA_JP/index.md
+++ b/running-coreos/cloud-providers/niftycloud/JA_JP/index.md
@@ -25,7 +25,8 @@ CoreOSはcloud-configにより、マシンのパラメータを設定したり
 
 coreos:
   etcd:
-    # generate a new token for each unique cluster from https://discovery.etcd.io/new
+    # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3
+    # specify the intial size of your cluster with ?size=X
     discovery: https://discovery.etcd.io/
     # multi-region and multi-cloud deployments need to use $public_ipv4
     addr: $private_ipv4:4001
diff --git a/running-coreos/cloud-providers/niftycloud/index.md b/running-coreos/cloud-providers/niftycloud/index.md
index 61a390ad3..130fdd2c4 100644
--- a/running-coreos/cloud-providers/niftycloud/index.md
+++ b/running-coreos/cloud-providers/niftycloud/index.md
@@ -25,7 +25,8 @@ The most common cloud-config for NIFTY Cloud looks like:
 
 coreos:
   etcd:
-    # generate a new token for each unique cluster from https://discovery.etcd.io/new
+    # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3
+    # specify the intial size of your cluster with ?size=X
     discovery: https://discovery.etcd.io/
     # multi-region and multi-cloud deployments need to use $public_ipv4
     addr: $private_ipv4:4001
diff --git a/running-coreos/cloud-providers/rackspace/index.md b/running-coreos/cloud-providers/rackspace/index.md
index ba4e25b9e..3deb59666 100644
--- a/running-coreos/cloud-providers/rackspace/index.md
+++ b/running-coreos/cloud-providers/rackspace/index.md
@@ -135,7 +135,8 @@ The most common Rackspace cloud-config looks like:
 
 coreos:
   etcd:
-    # generate a new token for each unique cluster from https://discovery.etcd.io/new
+    # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3
+    # specify the intial size of your cluster with ?size=X
     discovery: https://discovery.etcd.io/
     # multi-region and multi-cloud deployments need to use $public_ipv4
     addr: $private_ipv4:4001
diff --git a/running-coreos/cloud-providers/vexxhost/index.md b/running-coreos/cloud-providers/vexxhost/index.md
index fba18a6ab..084fa55ec 100644
--- a/running-coreos/cloud-providers/vexxhost/index.md
+++ b/running-coreos/cloud-providers/vexxhost/index.md
@@ -49,7 +49,8 @@ A sample common `cloud-config` file will look something like the following:
 
 coreos:
   etcd:
-    # generate a new token for each unique cluster from https://discovery.etcd.io/new
+    # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3
+    # specify the intial size of your cluster with ?size=X
     discovery: https://discovery.etcd.io/
     # multi-region and multi-cloud deployments need to use $public_ipv4
     addr: $private_ipv4:4001
diff --git a/running-coreos/platforms/openstack/index.md b/running-coreos/platforms/openstack/index.md
index a6f46b4c1..1ec3753e7 100644
--- a/running-coreos/platforms/openstack/index.md
+++ b/running-coreos/platforms/openstack/index.md
@@ -99,7 +99,8 @@ The most common cloud-config for OpenStack looks like:
 
 coreos:
   etcd:
-    # generate a new token for each unique cluster from https://discovery.etcd.io/new
+    # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3
+    # specify the intial size of your cluster with ?size=X
     discovery: https://discovery.etcd.io/
     # multi-region and multi-cloud deployments need to use $public_ipv4
     addr: $private_ipv4:4001
diff --git a/running-coreos/platforms/vagrant/index.md b/running-coreos/platforms/vagrant/index.md
index 3fed25cb0..b249a3c97 100644
--- a/running-coreos/platforms/vagrant/index.md
+++ b/running-coreos/platforms/vagrant/index.md
@@ -48,7 +48,8 @@ Our cluster will use an etcd [discovery URL]({{site.url}}/docs/cluster-managemen
 
 coreos:
   etcd:
-      # generate a new token for each unique cluster from https://discovery.etcd.io/new
+      # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3
+      # specify the intial size of your cluster with ?size=X
       # WARNING: replace each time you 'vagrant destroy'
       discovery: https://discovery.etcd.io/
       addr: $public_ipv4:4001

From 11039e1384c01b2775686972eae4bcd42a22f195 Mon Sep 17 00:00:00 2001
From: Christoph Dwertmann 
Date: Thu, 5 Mar 2015 14:07:15 +1100
Subject: [PATCH 0418/1291] Moved quote in Environment specification

Got stung by this when trying to add more than one parameter here. See
https://github.com/coreos/coreos-overlay/issues/1052
---
 .../building/registry-authentication/index.md                 | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/launching-containers/building/registry-authentication/index.md b/launching-containers/building/registry-authentication/index.md
index 41f12fe88..63c07a4c2 100644
--- a/launching-containers/building/registry-authentication/index.md
+++ b/launching-containers/building/registry-authentication/index.md
@@ -81,5 +81,5 @@ write_files:
   - path: /etc/systemd/system/docker.service.d/50-insecure-registry.conf
     content: |
         [Service]
-        Environment=DOCKER_OPTS='--insecure-registry="10.0.1.0/24"'
-```
\ No newline at end of file
+        Environment='DOCKER_OPTS=--insecure-registry="10.0.1.0/24"'
+```

From 5e2e3722bc11176b0d1b50cd8d987ab6e7d5a0e8 Mon Sep 17 00:00:00 2001
From: gosharplite 
Date: Thu, 5 Mar 2015 18:17:29 +0800
Subject: [PATCH 0419/1291] Update index.md

Remove a couple of words for readability.
---
 .../launching/getting-started-with-systemd/index.md             | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/launching-containers/launching/getting-started-with-systemd/index.md b/launching-containers/launching/getting-started-with-systemd/index.md
index ec2aaf8bf..a7761e8c3 100644
--- a/launching-containers/launching/getting-started-with-systemd/index.md
+++ b/launching-containers/launching/getting-started-with-systemd/index.md
@@ -153,7 +153,7 @@ We can enhance this by using `%H` and `%i` to dynamically announce the hostname
 ExecStartPost=/usr/bin/etcdctl set /domains/example.com/%H:%i running
 ```
 
-This gives us the flexiblity to use a single unit file to announce multiple copies of the same container on a both a single machine (no port overlap) and on multiple machines (no hostname overlap).
+This gives us the flexiblity to use a single unit file to announce multiple copies of the same container on a single machine (no port overlap) and on multiple machines (no hostname overlap).
 
 #### More Information
 systemd.service Docs

From e8f9b6b530d7fbe1d05278b9b73d1d49abf5a9ae Mon Sep 17 00:00:00 2001
From: Sal Poliandro 
Date: Thu, 5 Mar 2015 17:28:58 -0500
Subject: [PATCH 0420/1291] added locksmith directive to example cloud-config

---
 cluster-management/setup/cluster-architectures/index.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/cluster-management/setup/cluster-architectures/index.md b/cluster-management/setup/cluster-architectures/index.md
index b2106b114..86f1029b6 100644
--- a/cluster-management/setup/cluster-architectures/index.md
+++ b/cluster-management/setup/cluster-architectures/index.md
@@ -234,9 +234,13 @@ coreos:
   fleet:
     metadata: "role=worker,cabinet=two,disk=spinning"
     etcd_servers: "http://10.0.0.101:4001,http://10.0.0.102:4001,http://10.0.0.103:4001,http://10.0.0.104:4001,http://10.0.0.105:4001"
+  locksmith:
+    endpoint: "http://10.0.0.101:4001,http://10.0.0.102:4001,http://10.0.0.103:4001,http://10.0.0.104:4001,http://10.0.0.105:4001"
   units:
     - name: fleet.service
       command: start
+    - name: etcd.service
+      command: stop
   update:
     # CoreUpdate group ID for "Production Workers"
     group: f118a298-2a8a-460b-9edd-3a9b49df504e

From fccc0d5cb6432775930bf4ff503526d72a30490e Mon Sep 17 00:00:00 2001
From: gosharplite 
Date: Fri, 6 Mar 2015 15:34:44 +0800
Subject: [PATCH 0421/1291] Fix typo

Change 'can we done' to 'can be done'.
---
 cluster-management/debugging/btrfs-troubleshooting/index.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cluster-management/debugging/btrfs-troubleshooting/index.md b/cluster-management/debugging/btrfs-troubleshooting/index.md
index d198a1c1f..a8b6984f0 100644
--- a/cluster-management/debugging/btrfs-troubleshooting/index.md
+++ b/cluster-management/debugging/btrfs-troubleshooting/index.md
@@ -129,7 +129,7 @@ $ sudo lsattr /var/lib/
 
 ### Disable in a Unit File
 
-Setting the file attributes can we done within a systemd unit using two `ExecStartPre` commands:
+Setting the file attributes can be done within a systemd unit using two `ExecStartPre` commands:
 
 ```ini
 ExecStartPre=/usr/bin/mkdir -p /var/lib/mysql

From 201f98ed8405ee366542bd1a815476facc797e1a Mon Sep 17 00:00:00 2001
From: Ben Harris 
Date: Sun, 8 Mar 2015 13:15:04 +0800
Subject: [PATCH 0422/1291] Correct error in Vultr guide

---
 running-coreos/cloud-providers/vultr/index.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/running-coreos/cloud-providers/vultr/index.md b/running-coreos/cloud-providers/vultr/index.md
index 17e3e587e..2b8c18f12 100755
--- a/running-coreos/cloud-providers/vultr/index.md
+++ b/running-coreos/cloud-providers/vultr/index.md
@@ -24,7 +24,7 @@ First, you'll need to make a shell script containing your `cloud-config` availab
 ```sh
 #!/bin/bash
 
-cat "cloud-config.yaml" < "cloud-config.yaml" <
Date: Mon, 9 Mar 2015 13:20:10 -0400
Subject: [PATCH 0423/1291] moved etcd to top of units so masking happens
 before fleet attempts to start it

---
 cluster-management/setup/cluster-architectures/index.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/cluster-management/setup/cluster-architectures/index.md b/cluster-management/setup/cluster-architectures/index.md
index 86f1029b6..d1938db2c 100644
--- a/cluster-management/setup/cluster-architectures/index.md
+++ b/cluster-management/setup/cluster-architectures/index.md
@@ -237,10 +237,10 @@ coreos:
   locksmith:
     endpoint: "http://10.0.0.101:4001,http://10.0.0.102:4001,http://10.0.0.103:4001,http://10.0.0.104:4001,http://10.0.0.105:4001"
   units:
+    - name: etcd.service
+      mask: true
     - name: fleet.service
       command: start
-    - name: etcd.service
-      command: stop
   update:
     # CoreUpdate group ID for "Production Workers"
     group: f118a298-2a8a-460b-9edd-3a9b49df504e

From b5ac49dd0e76ef67981ce01040f3086ff2d22a62 Mon Sep 17 00:00:00 2001
From: Jordan Evans 
Date: Mon, 9 Mar 2015 12:24:02 -0700
Subject: [PATCH 0424/1291] fix typo in curl command

The unquoted question mark breaks this command, either use
single quotes or escape. I chose single quotes.
---
 cluster-management/setup/cluster-discovery/index.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cluster-management/setup/cluster-discovery/index.md b/cluster-management/setup/cluster-discovery/index.md
index b83af5b55..8c2e00b18 100644
--- a/cluster-management/setup/cluster-discovery/index.md
+++ b/cluster-management/setup/cluster-discovery/index.md
@@ -16,7 +16,7 @@ CoreOS uses etcd, a service running on each machine, to handle coordination betw
 A discovery service, [https://discovery.etcd.io](https://discovery.etcd.io), is provided as a free service to help connect etcd instances together by storing a list of peer addresses, metadata and the initial size of the cluster under a unique address, known as the discovery URL. You can generate them very easily:
 
 ```
-$ curl -w "\n" https://discovery.etcd.io/new?size=3
+$ curl -w "\n" 'https://discovery.etcd.io/new?size=3'
 https://discovery.etcd.io/6a28e078895c5ec737174db2419bb2f3
 ```
 

From 1c9828193dee594dc17bcb6ac38216fb85e9fbd0 Mon Sep 17 00:00:00 2001
From: Rob Szumski 
Date: Mon, 9 Mar 2015 16:57:31 -0700
Subject: [PATCH 0425/1291] distributed-config: use /etc instead of /run

---
 distributed-configuration/customize-etcd-unit/index.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/distributed-configuration/customize-etcd-unit/index.md b/distributed-configuration/customize-etcd-unit/index.md
index 16ce7bd11..fbaa45c10 100644
--- a/distributed-configuration/customize-etcd-unit/index.md
+++ b/distributed-configuration/customize-etcd-unit/index.md
@@ -17,7 +17,7 @@ etcd supports client certificates as a way to provide secure communication betwe
 
 This site has a [good reference for how to generate self-signed key pairs](http://www.g-loaded.eu/2005/11/10/be-your-own-ca/) or you could use [etcd-ca](https://github.com/coreos/etcd-ca) to generate certs and keys. 
 
-We need to create our drop-in unit in `/run/systemd/system/etcd.service.d/`. If you run `systemctl status etcd` you can see that CoreOS is already generating a few drop-in units for etcd as part of the OEM and cloudinit processes. To ensure that our drop-in runs after these, we name it `30-certificates.conf`
+We need to create our drop-in unit in `/etcd/systemd/system/etcd.service.d/`. If you run `systemctl status etcd` you can see that CoreOS is already generating a few drop-in units for etcd as part of the OEM and cloudinit processes. To ensure that our drop-in runs after these, we name it `30-certificates.conf` and place them in `/etc/`.
 
 #### 30-certificates.conf
 
@@ -43,7 +43,7 @@ Cloud-config has a parameter that will place the contents of a file on disk. We'
 #cloud-config
 
 write_files:
-  - path: /run/systemd/system/etcd.service.d/30-certificates.conf
+  - path: /etc/systemd/system/etcd.service.d/30-certificates.conf
     permissions: 0644
     content: |
       [Service]

From dc133e07cb8559741b03fc7f0dac07f716b039a6 Mon Sep 17 00:00:00 2001
From: Fabian Ruff 
Date: Tue, 10 Mar 2015 14:39:12 +0100
Subject: [PATCH 0426/1291] Mask etcd service in example worker config

---
 cluster-management/setup/cluster-architectures/index.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/cluster-management/setup/cluster-architectures/index.md b/cluster-management/setup/cluster-architectures/index.md
index d1938db2c..598b36f92 100644
--- a/cluster-management/setup/cluster-architectures/index.md
+++ b/cluster-management/setup/cluster-architectures/index.md
@@ -142,6 +142,8 @@ coreos:
     # replace this IP
     etcd_servers: "http://10.0.0.101:4001"
   units:
+    - name: etcd.service
+      mask: true
     - name: fleet.service
       command: start
 write_files:

From c85ba1f4c08f31cddb9bc0d9d5d40049ab8484c0 Mon Sep 17 00:00:00 2001
From: Rob Szumski 
Date: Mon, 9 Mar 2015 16:57:52 -0700
Subject: [PATCH 0427/1291] distributed-config: remove incorrect fork url

---
 distributed-configuration/customize-etcd-unit/index.md | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/distributed-configuration/customize-etcd-unit/index.md b/distributed-configuration/customize-etcd-unit/index.md
index fbaa45c10..e7a9da1e4 100644
--- a/distributed-configuration/customize-etcd-unit/index.md
+++ b/distributed-configuration/customize-etcd-unit/index.md
@@ -3,7 +3,6 @@ layout: docs
 title: Customizing the etcd Unit
 category: distributed_configuration
 sub_category: configuration
-forkurl: https://github.com/coreos/etcd/blob/master/Documentation/configuration.md
 weight: 5
 ---
 
@@ -17,7 +16,7 @@ etcd supports client certificates as a way to provide secure communication betwe
 
 This site has a [good reference for how to generate self-signed key pairs](http://www.g-loaded.eu/2005/11/10/be-your-own-ca/) or you could use [etcd-ca](https://github.com/coreos/etcd-ca) to generate certs and keys. 
 
-We need to create our drop-in unit in `/etcd/systemd/system/etcd.service.d/`. If you run `systemctl status etcd` you can see that CoreOS is already generating a few drop-in units for etcd as part of the OEM and cloudinit processes. To ensure that our drop-in runs after these, we name it `30-certificates.conf` and place them in `/etc/`.
+We need to create our drop-in unit in `/etc/systemd/system/etcd.service.d/`. If you run `systemctl status etcd` you can see that CoreOS is already generating a few drop-in units for etcd as part of the OEM and cloudinit processes. To ensure that our drop-in runs after these, we name it `30-certificates.conf` and place them in `/etc/systemd/system/etcd.service.d/`.
 
 #### 30-certificates.conf
 
@@ -105,4 +104,4 @@ write_files:
       ...snip...
       DvHKTdD9MDAunZlQIgO2zotmgVh2LBerGMbsdsTQ268sARY02MLV/Q5erASYdCxk
       -----END RSA PRIVATE KEY-----
-```
\ No newline at end of file
+```

From 5086799ddf40f19a78ef7b262ab3fa09cda9bbdf Mon Sep 17 00:00:00 2001
From: Kel Cecil 
Date: Tue, 10 Mar 2015 18:50:23 -0400
Subject: [PATCH 0428/1291] Fix typo in initial size comment

---
 quickstart/index.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/quickstart/index.md b/quickstart/index.md
index 1df5c7ee9..0df573a79 100644
--- a/quickstart/index.md
+++ b/quickstart/index.md
@@ -63,7 +63,7 @@ coreos:
   etcd:
     name: coreos0
     # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3
-    # specify the intial size of your cluster with ?size=X
+    # specify the initial size of your cluster with ?size=X
     discovery: https://discovery.etcd.io/
 ```
 

From 025c242122dc8ca1bcca3fc5c91679c0458c4ac3 Mon Sep 17 00:00:00 2001
From: Collin Glass 
Date: Mon, 16 Mar 2015 22:06:36 -0400
Subject: [PATCH 0429/1291] update Using Authentication for a Registry

---
 .../building/registry-authentication/index.md                | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/launching-containers/building/registry-authentication/index.md b/launching-containers/building/registry-authentication/index.md
index 63c07a4c2..e10340ce9 100644
--- a/launching-containers/building/registry-authentication/index.md
+++ b/launching-containers/building/registry-authentication/index.md
@@ -8,7 +8,7 @@ weight: 7
 
 # Using Authentication for a Registry
 
-A json file `.dockercfg` can be created in your home directory that holds authentication information for a public or private docker registry. The auth token is a base64 encoded string: `base64(:)`.
+A json file `.dockercfg` is generated in your home directory on `docker login`. It holds authentication information for a public or private docker registry. This `.dockercfg` can be reused in other home directories to authenticate. One way to do this is using Cloud-Config which is discussed more below.
 
 ## The .dockercfg File
 
@@ -30,6 +30,9 @@ Here's what an example looks like with credentials for docker's public index and
 }
 ```
 
+Note: The auth token is a base64 encoded string: `base64(:)`.
+
+
 The last step is to tell your systemd units to run as the `core` user in order for docker to use the credentials we just set up. This is done in the service section of the unit:
 
 ```ini

From 3685597a90010165d62f1e6812a1d05a0ee9d99a Mon Sep 17 00:00:00 2001
From: Alban Crequy 
Date: Tue, 17 Mar 2015 14:15:14 +0100
Subject: [PATCH 0430/1291] flannel: instructions for Vagrant

---
 cluster-management/setup/flannel-config/index.md | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/cluster-management/setup/flannel-config/index.md b/cluster-management/setup/flannel-config/index.md
index 6428f57cb..3cdbd5d97 100644
--- a/cluster-management/setup/flannel-config/index.md
+++ b/cluster-management/setup/flannel-config/index.md
@@ -93,6 +93,15 @@ coreos:
 *Important*: If you are starting other units via cloud-config, `flanneld.service` needs to be listed _before_ any services that run Docker containers.
 This includes fleet.service as fleet daemon will start units that may run Docker containers.
 
+*Important*: If you are starting flannel on Vagrant, it should be instructed to use the correct network interface:
+```yaml
+#cloud-config
+
+coreos:
+  flannel:
+    interface: $public_ipv4
+```
+
 ## Under the Hood
 To reduce the CoreOS image size, flannel daemon is stored in CoreOS Enterprise Registry as a Docker container and not shipped in the CoreOS image.
 For those users wishing not to use flannel, it helps to keep their installation minimal. When `flanneld.service` it started, it pulls the Docker image

From 5e31f952999f45daa399dc57e559e161ef192145 Mon Sep 17 00:00:00 2001
From: geoff golder 
Date: Sat, 21 Mar 2015 09:00:21 -0400
Subject: [PATCH 0431/1291] Fix markdown

Missing line break between embedded snipped and previous paragraph.  This is what this renders like outside of github:

http://i.imgur.com/NNhKTvz.png
---
 cluster-management/setup/flannel-config/index.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/cluster-management/setup/flannel-config/index.md b/cluster-management/setup/flannel-config/index.md
index 3cdbd5d97..44c91a76f 100644
--- a/cluster-management/setup/flannel-config/index.md
+++ b/cluster-management/setup/flannel-config/index.md
@@ -94,6 +94,7 @@ coreos:
 This includes fleet.service as fleet daemon will start units that may run Docker containers.
 
 *Important*: If you are starting flannel on Vagrant, it should be instructed to use the correct network interface:
+
 ```yaml
 #cloud-config
 

From 4a5391dc3b49d27f2dc157b473d65b21a34c77b3 Mon Sep 17 00:00:00 2001
From: Eugene Yakubovich 
Date: Thu, 26 Mar 2015 15:38:12 -0700
Subject: [PATCH 0432/1291] flannel: mention flannel_docker_opts.env; more info
 on deps requirements

---
 .../setup/flannel-config/index.md               | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/cluster-management/setup/flannel-config/index.md b/cluster-management/setup/flannel-config/index.md
index 44c91a76f..4bc20615a 100644
--- a/cluster-management/setup/flannel-config/index.md
+++ b/cluster-management/setup/flannel-config/index.md
@@ -88,10 +88,23 @@ coreos:
             [Service]
             ExecStartPre=/usr/bin/etcdctl set /coreos.com/network/config '{ "Network": "10.1.0.0/16" }'
       command: start
+
+    # Example service running in a Docker container
+    - name: redis.service
+      content: |
+        [Unit]
+        Requires=flanneld.service
+        After=flanneld.service
+
+        [Service]
+        ExecStart=/usr/bin/docker run redis
+        Restart=always
+      command: start
 ```
 
 *Important*: If you are starting other units via cloud-config, `flanneld.service` needs to be listed _before_ any services that run Docker containers.
-This includes fleet.service as fleet daemon will start units that may run Docker containers.
+In addition, other units that will run in containers, including those scheduled via fleet, should include `Requires=flanneld.service`, `After=flanneld.service`, and `Restart=always|on-failure` directives.
+These directive are necessary because flanneld.service may fail due to etcd not being available yet. It will keep restarting and it is important for Docker based services to also keep trying until flannel is up.
 
 *Important*: If you are starting flannel on Vagrant, it should be instructed to use the correct network interface:
 
@@ -120,7 +133,7 @@ Here is the sequence of events that happens when `flanneld.service` is started f
 5. `ExecStartPost` in `flanneld.service` converts information in `/run/flannel/subnet.env` into Docker daemon command line args (such as `--bip` and `--mtu`),
 storing them in `/run/docker_opts.env`
 6. `redis.service` gets started which invokes `docker run ...`, triggering socket activation of `docker.service`.
-7. `docker.service` sources in `/run/docker_opts.env` (which contains `DOCKER_OPTS`) and starts the Docker daemon with `$DOCKER_OPTS`
+7. `docker.service` sources in `/run/flannel_docker_opts.env` which contains env variables with command line options and starts the Docker with them.
 8. `redis.service` runs Docker redis container.
 
 If you would like to learn more about these service files, you can check them out like so: `systemctl cat early-docker.service`.

From d77dbb61935632717829f8e1f0885106ba95e0a7 Mon Sep 17 00:00:00 2001
From: Yuya Kusakabe 
Date: Fri, 27 Mar 2015 22:50:45 +0900
Subject: [PATCH 0433/1291] running-coreos: fixes commands in niftycloud docs

---
 running-coreos/cloud-providers/niftycloud/JA_JP/index.md | 6 +++---
 running-coreos/cloud-providers/niftycloud/index.md       | 6 +++---
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/running-coreos/cloud-providers/niftycloud/JA_JP/index.md b/running-coreos/cloud-providers/niftycloud/JA_JP/index.md
index 007877cf5..24144a565 100644
--- a/running-coreos/cloud-providers/niftycloud/JA_JP/index.md
+++ b/running-coreos/cloud-providers/niftycloud/JA_JP/index.md
@@ -54,17 +54,17 @@ CoreOSはチャンネル毎に別のスケジュールで[自動アップデー
     
    
       
    AlphaチャンネルはMasterをぴったりと追っていて、頻繁にリリースされます。テストのために最新のdockeretcdfleetの利用が可能です。現在のバージョンはCoreOS {{site.alpha-channel}}です。
    
       
    $ZONE, $TYPE, $FW_ID and $SSH_KEY_IDを指定し、ニフティクラウドCLIで立ち上げます。
    
-      
    nifty-run-instances $(nifty-describe-images --delimiter ',' --image-name "CoreOS Alpha {{site.alpha-channel}}" | awk -F',' '{print $2}') --key $SSH_KEY_ID --availability-zone $ZONE --instance-type $TYPE -g $FW_ID -f cloud-config.yml
    
+      
    nifty-run-instances $(nifty-describe-images --delimiter ',' --image-name "CoreOS Alpha {{site.alpha-channel}}" | awk -F',' '{print $2}') --key $SSH_KEY_ID --availability-zone $ZONE --instance-type $TYPE -g $FW_ID -f cloud-config.yml -q POST
    
     
    
     
    
       
    BetaチャンネルはAlphaリリースが昇格されたものです。現在のバージョンはCoreOS {{site.beta-channel}}です。
    
       
    $ZONE, $TYPE, $FW_ID and $SSH_KEY_IDを指定し、ニフティクラウドCLIで立ち上げます。
    
-      
    nifty-run-instances $(nifty-describe-images --delimiter ',' --image-name "CoreOS Alpha {{site.beta-channel}}" | awk -F',' '{print $2}') --key $SSH_KEY_ID --availability-zone $ZONE --instance-type $TYPE -g $FW_ID -f cloud-config.yml
    
+      
    nifty-run-instances $(nifty-describe-images --delimiter ',' --image-name "CoreOS Beta {{site.beta-channel}}" | awk -F',' '{print $2}') --key $SSH_KEY_ID --availability-zone $ZONE --instance-type $TYPE -g $FW_ID -f cloud-config.yml -q POST
    
     
    
     
    
       
    プロダクションクラスターではStableチャンネルを使用すべきです。CoreOSの各バージョンは昇格されるまでにBetaとAlphaチャンネルで検証済みです。現在のバージョンはCoreOS {{site.stable-channel}}です。
    
       
    $ZONE, $TYPE, $FW_ID and $SSH_KEY_IDを指定し、ニフティクラウドCLIで立ち上げます。
    
-      
    nifty-run-instances $(nifty-describe-images --delimiter ',' --image-name "CoreOS Alpha {{site.stable-channel}}" | awk -F',' '{print $2}') --key $SSH_KEY_ID --availability-zone $ZONE --instance-type $TYPE -g $FW_ID -f cloud-config.yml
    
+      
    nifty-run-instances $(nifty-describe-images --delimiter ',' --image-name "CoreOS Stable {{site.stable-channel}}" | awk -F',' '{print $2}') --key $SSH_KEY_ID --availability-zone $ZONE --instance-type $TYPE -g $FW_ID -f cloud-config.yml -q POST
    
     
    
   
 
diff --git a/running-coreos/cloud-providers/niftycloud/index.md b/running-coreos/cloud-providers/niftycloud/index.md
index 130fdd2c4..54fa2a1ef 100644
--- a/running-coreos/cloud-providers/niftycloud/index.md
+++ b/running-coreos/cloud-providers/niftycloud/index.md
@@ -54,17 +54,17 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat
     
    
       
    The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.
    
       
    Launch via NIFTY Cloud CLI by specifying $ZONE, $TYPE, $FW_ID and $SSH_KEY_ID:
    
-      
    nifty-run-instances $(nifty-describe-images --delimiter ',' --image-name "CoreOS Alpha {{site.alpha-channel}}" | awk -F',' '{print $2}') --key $SSH_KEY_ID --availability-zone $ZONE --instance-type $TYPE -g $FW_ID -f cloud-config.yml
    
+      
    nifty-run-instances $(nifty-describe-images --delimiter ',' --image-name "CoreOS Alpha {{site.alpha-channel}}" | awk -F',' '{print $2}') --key $SSH_KEY_ID --availability-zone $ZONE --instance-type $TYPE -g $FW_ID -f cloud-config.yml -q POST
    
     
    
     
    
       
    The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.beta-channel}}.
    
       
    Launch via NIFTY Cloud CLI by specifying $ZONE, $TYPE, $FW_ID and $SSH_KEY_ID:
    
-      
    nifty-run-instances $(nifty-describe-images --delimiter ',' --image-name "CoreOS Alpha {{site.beta-channel}}" | awk -F',' '{print $2}') --key $SSH_KEY_ID --availability-zone $ZONE --instance-type $TYPE -g $FW_ID -f cloud-config.yml
    
+      
    nifty-run-instances $(nifty-describe-images --delimiter ',' --image-name "CoreOS Beta {{site.beta-channel}}" | awk -F',' '{print $2}') --key $SSH_KEY_ID --availability-zone $ZONE --instance-type $TYPE -g $FW_ID -f cloud-config.yml -q POST
    
     
    
     
    
       
    The Stable channel should be used by production clusters. Versions of CoreOS are battle-tested within the Beta and Alpha channels before being promoted. Current version is CoreOS {{site.stable-channel}}.
    
       
    Launch via NIFTY Cloud CLI by specifying $ZONE, $TYPE, $FW_ID and $SSH_KEY_ID:
    
-      
    nifty-run-instances $(nifty-describe-images --delimiter ',' --image-name "CoreOS Alpha {{site.stable-channel}}" | awk -F',' '{print $2}') --key $SSH_KEY_ID --availability-zone $ZONE --instance-type $TYPE -g $FW_ID -f cloud-config.yml
    
+      
    nifty-run-instances $(nifty-describe-images --delimiter ',' --image-name "CoreOS Stable {{site.stable-channel}}" | awk -F',' '{print $2}') --key $SSH_KEY_ID --availability-zone $ZONE --instance-type $TYPE -g $FW_ID -f cloud-config.yml -q POST
    
     
    
   
 

From 5793f3bf861dc33bef2927b5e7288a89b7581a9c Mon Sep 17 00:00:00 2001
From: Collin Glass 
Date: Sat, 28 Mar 2015 11:15:56 -0400
Subject: [PATCH 0434/1291] change 'note:...' sentence to suggested text

---
 .../building/registry-authentication/index.md                 | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/launching-containers/building/registry-authentication/index.md b/launching-containers/building/registry-authentication/index.md
index e10340ce9..bfe452d3d 100644
--- a/launching-containers/building/registry-authentication/index.md
+++ b/launching-containers/building/registry-authentication/index.md
@@ -8,7 +8,7 @@ weight: 7
 
 # Using Authentication for a Registry
 
-A json file `.dockercfg` is generated in your home directory on `docker login`. It holds authentication information for a public or private docker registry. This `.dockercfg` can be reused in other home directories to authenticate. One way to do this is using Cloud-Config which is discussed more below.
+A json file `.dockercfg` is generated in your home directory on `docker login`. It holds authentication information for a public or private docker registry. This `.dockercfg` can be reused in other home directories to authenticate. One way to do this is using Cloud-Config which is discussed more below. If you want to populate these values without running docker login, the auth token is a base64 encoded string: base64(:).
 
 ## The .dockercfg File
 
@@ -30,8 +30,6 @@ Here's what an example looks like with credentials for docker's public index and
 }
 ```
 
-Note: The auth token is a base64 encoded string: `base64(:)`.
-
 
 The last step is to tell your systemd units to run as the `core` user in order for docker to use the credentials we just set up. This is done in the service section of the unit:
 

From 776d06a048166f9e9810e514beda1ed4d22c47bc Mon Sep 17 00:00:00 2001
From: Michael Marineau 
Date: Mon, 30 Mar 2015 15:21:46 -0700
Subject: [PATCH 0435/1291] sdk: simplify initial repo setup procedure

depot_tools have never been required, the stand-alone repo script is all
you need. Also stick with the default repo upstream instead of
ChromiumOS's repo mirror.
---
 .../sdk/modifying-coreos/index.md             | 28 ++++++++-----------
 1 file changed, 12 insertions(+), 16 deletions(-)

diff --git a/sdk-distributors/sdk/modifying-coreos/index.md b/sdk-distributors/sdk/modifying-coreos/index.md
index 7fdd46ab2..c0de1c9a2 100644
--- a/sdk-distributors/sdk/modifying-coreos/index.md
+++ b/sdk-distributors/sdk/modifying-coreos/index.md
@@ -35,6 +35,7 @@ System requirements to get started:
 
 - curl
 - git
+- python2
 
 You also need a proper git setup:
 
@@ -45,15 +46,16 @@ git config --global user.name "Your Name"
 
 **NOTE**: Do the git configuration as a normal user and not with sudo.
 
-### Install depot_tools
+### Install repo
 
-`repo`, one of the `depot_tools`, helps to manage the collection of git
-repositories that makes up CoreOS. Pull down the code and add it to your
-path:
+`repo` helps to manage the collection of git repositories that makes up CoreOS.
+Pull down the code and add it to your path:
 
 ```sh
-git clone https://chromium.googlesource.com/chromium/tools/depot_tools.git
-export PATH="$PATH":`pwd`/depot_tools
+mkdir ~/bin
+export PATH="$PATH:$HOME/bin"
+curl https://storage.googleapis.com/git-repo-downloads/repo > ~/bin/repo
+chmod a+x ~/bin/repo
 ```
 
 You may want to add this to your .bashrc or /etc/profile.d/ so that you don’t
@@ -72,7 +74,7 @@ Initialize the .repo directory with the manifest that describes all of the git
 repos required to get started.
 
 ```sh
-repo init -u https://github.com/coreos/manifest.git -g minilayout --repo-url https://chromium.googlesource.com/external/repo.git
+repo init -u https://github.com/coreos/manifest.git
 ```
 
 Synchronize all of the required git repos from the manifest.
@@ -100,16 +102,10 @@ Set up the "core" user's password.
 ./set_shared_user_password.sh
 ```
 
-Target amd64-usr for this image:
+Setup a board root filesystem for the amd64-usr target in /build/amd64-usr:
 
 ```sh
-echo amd64-usr > .default_board
-```
-
-Setup a board root filesystem in /build/${BOARD}:
-
-```sh
-./setup_board
+./setup_board --default --board=amd64-usr
 ```
 
 Build all of the target binary packages:
@@ -122,7 +118,7 @@ Build an image based on the built binary packages along with the developer
 overlay:
 
 ```sh
-./build_image --noenable_rootfs_verification dev
+./build_image dev
 ```
 
 After this finishes up commands for converting the raw bin into

From ad468c8adad8177540edd0ae585c07cf85ca2a67 Mon Sep 17 00:00:00 2001
From: Rob Szumski 
Date: Tue, 31 Mar 2015 10:13:20 -0700
Subject: [PATCH 0436/1291] running-coreos: remote outdated limitation

---
 running-coreos/platforms/iso/index.md | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/running-coreos/platforms/iso/index.md b/running-coreos/platforms/iso/index.md
index ade990941..685c74eea 100644
--- a/running-coreos/platforms/iso/index.md
+++ b/running-coreos/platforms/iso/index.md
@@ -50,8 +50,7 @@ The latest CoreOS ISOs can be downloaded from the image storage site:
 
 ## Known Limitations
 
-1. Docker will not work out of the box
-2. The best strategy for providing [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config) is via [config-drive](https://github.com/coreos/coreos-cloudinit/blob/master/Documentation/config-drive.md).
+1. The best strategy for providing [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config) is via [config-drive](https://github.com/coreos/coreos-cloudinit/blob/master/Documentation/config-drive.md).
 
 ## Install to Disk
 
@@ -67,4 +66,4 @@ For any console that doesn't normally get a login prompt by default be sure to c
 console=tty0 console=ttyS0 coreos.autologin=tty1 coreos.autologin=ttyS0
 ```
 
-Without any argument it enables access on all consoles. Note that for the VGA console the login prompts are on virtual terminals (`tty1`, `tty2`, etc), not the VGA console itself (`tty0`).
\ No newline at end of file
+Without any argument it enables access on all consoles. Note that for the VGA console the login prompts are on virtual terminals (`tty1`, `tty2`, etc), not the VGA console itself (`tty0`).

From 0a00572c6dbcb340936b8dfd9f723146baec4278 Mon Sep 17 00:00:00 2001
From: Rob Szumski 
Date: Sun, 5 Apr 2015 13:59:40 -0700
Subject: [PATCH 0437/1291] running-coreos: update screenshot CSS class

---
 .../cloud-providers/digitalocean/index.md     | 24 ++++++++++++-------
 running-coreos/cloud-providers/ec2/index.md   | 16 ++++++++-----
 2 files changed, 25 insertions(+), 15 deletions(-)

diff --git a/running-coreos/cloud-providers/digitalocean/index.md b/running-coreos/cloud-providers/digitalocean/index.md
index 471ca777a..9a92ac5bb 100644
--- a/running-coreos/cloud-providers/digitalocean/index.md
+++ b/running-coreos/cloud-providers/digitalocean/index.md
@@ -198,23 +198,29 @@ For more details, check out [DigitalOcean's API documentation][do-api-docs].
    page in the web console.
 2. Give the machine a hostname, select the size, and choose a region.

    
 
    
-  
    
-    
-    
    Choosing a CoreOS channel
    
+  
    
+    
+      
+    
    
+    
    Choosing a CoreOS channel
    
   
    
 
    
 3. Enable User Data and add your cloud-config in the text box.

    
 
    
-  
    
-    
-    
    Droplet settings for networking and cloud-config
    
+  
    
+    
+      
+    
+    
    Droplet settings for networking and cloud-config
    
   
    
 
    
 4. Choose your preferred channel of CoreOS.

    
 
    
-  
    
-    
-    
    Choosing a CoreOS channel
    
+  
    
+    
+      
+    
+    
    Choosing a CoreOS channel
    
   
    
 
    
 5. Select your SSH keys.
diff --git a/running-coreos/cloud-providers/ec2/index.md b/running-coreos/cloud-providers/ec2/index.md
index 61848f6fa..98e709d3a 100644
--- a/running-coreos/cloud-providers/ec2/index.md
+++ b/running-coreos/cloud-providers/ec2/index.md
@@ -154,13 +154,17 @@ The `$private_ipv4` and `$public_ipv4` substitution variables are fully supporte
 
 
    
 
    
-  
    
-    
-    
    Providing options during CloudFormation.
    
+  
    
+    
+      
+    
+    
    Providing options during CloudFormation.
    
   
    
-  
    
-    
-    
    Providing cloud-config during EC2 boot wizard.
    
+  
    
+    
+      
+    
+    
    Providing cloud-config during EC2 boot wizard.
    
   
    
 
    
 

From 47a1e44ceab455faa5f31c304a2d3a5984a142f2 Mon Sep 17 00:00:00 2001
From: Kel Cecil 
Date: Mon, 6 Apr 2015 20:37:08 -0400
Subject: [PATCH 0438/1291] Correct env file name

---
 cluster-management/setup/flannel-config/index.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cluster-management/setup/flannel-config/index.md b/cluster-management/setup/flannel-config/index.md
index 4bc20615a..ce0fcd316 100644
--- a/cluster-management/setup/flannel-config/index.md
+++ b/cluster-management/setup/flannel-config/index.md
@@ -131,7 +131,7 @@ Here is the sequence of events that happens when `flanneld.service` is started f
 3. `flanneld.service` executes `DOCKER_HOST=unix:///var/run/early-docker.sock docker run --net=host quay.io/coreos/flannel:$FLANNEL_VER` (actual invocation is slightly more complex).
 4. flanneld starts and writes out `/run/flannel/subnet.env` with the acquired IP subnet information.
 5. `ExecStartPost` in `flanneld.service` converts information in `/run/flannel/subnet.env` into Docker daemon command line args (such as `--bip` and `--mtu`),
-storing them in `/run/docker_opts.env`
+storing them in `/run/flannel_docker_opts.env`
 6. `redis.service` gets started which invokes `docker run ...`, triggering socket activation of `docker.service`.
 7. `docker.service` sources in `/run/flannel_docker_opts.env` which contains env variables with command line options and starts the Docker with them.
 8. `redis.service` runs Docker redis container.

From 2ff1bc454786fb29ffe3fbc27ed7f34403b99322 Mon Sep 17 00:00:00 2001
From: Chance Zibolski 
Date: Mon, 6 Apr 2015 23:35:49 -0700
Subject: [PATCH 0439/1291] quickstart: fix etcd api version

Replace v1 with v2
---
 quickstart/index.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/quickstart/index.md b/quickstart/index.md
index 0df573a79..57c234e15 100644
--- a/quickstart/index.md
+++ b/quickstart/index.md
@@ -74,13 +74,13 @@ The API is easy to use. From a CoreOS machine, you can simply use curl to set an
 Set a key `message` with value `Hello world`:
 
 ```sh
-curl -L http://127.0.0.1:4001/v1/keys/message -d value="Hello world"
+curl -L http://127.0.0.1:4001/v2/keys/message -d value="Hello world"
 ```
 
 Read the value of `message` back:
 
 ```sh
-curl -L http://127.0.0.1:4001/v1/keys/message
+curl -L http://127.0.0.1:4001/v2/keys/message
 ```
 
 If you followed a guide to set up more than one CoreOS machine, you can SSH into another machine and can retrieve this same value.

From 5fd3a669d675b49775ba51c7f626ee76ad591061 Mon Sep 17 00:00:00 2001
From: Chance Zibolski 
Date: Tue, 7 Apr 2015 12:35:13 -0700
Subject: [PATCH 0440/1291] quickstart: Use -XPUT in setting key example

---
 quickstart/index.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/quickstart/index.md b/quickstart/index.md
index 57c234e15..c068d30a2 100644
--- a/quickstart/index.md
+++ b/quickstart/index.md
@@ -74,7 +74,7 @@ The API is easy to use. From a CoreOS machine, you can simply use curl to set an
 Set a key `message` with value `Hello world`:
 
 ```sh
-curl -L http://127.0.0.1:4001/v2/keys/message -d value="Hello world"
+curl -L http://127.0.0.1:4001/v2/keys/message -XPUT -d value="Hello world"
 ```
 
 Read the value of `message` back:

From c8c82f3da449f1641e7caac914c0c5e0d613ccbe Mon Sep 17 00:00:00 2001
From: Nikolay Stoynov 
Date: Wed, 8 Apr 2015 12:51:11 +0000
Subject: [PATCH 0441/1291] added Interoute/index.md file. In contain test
 text.

---
 .../cloud-providers/interoute/index.md        | 143 ++++++++++++++++++
 1 file changed, 143 insertions(+)
 create mode 100644 running-coreos/cloud-providers/interoute/index.md

diff --git a/running-coreos/cloud-providers/interoute/index.md b/running-coreos/cloud-providers/interoute/index.md
new file mode 100644
index 000000000..ac38959db
--- /dev/null
+++ b/running-coreos/cloud-providers/interoute/index.md
@@ -0,0 +1,143 @@
+---
+layout: docs
+title: Interoute VDC
+category: running_coreos
+sub_category: cloud_provider
+weight: 11
+---
+
+# Running CoreOS on Interoute VDC
+
+Interoute Communications Limited is the owner operator of Europe's largest cloud services platform, which encompasses over 67,000 km of lit fiber, 12 data centres, 13 Virtual Data Centres and 31 colocation centres, with connections to 195 additional third-party data centres across Europe. 
+
+To run a single CoreOS node on Interoute VDC the following is assumed:
+
+* You have an Interoute VDC account. You can easily [sign up for a free trial](http://cloudstore.interoute.com/main/TryInterouteVDCFREE) (no credit card required).
+* You have the  Cloudmonkey command line tool installed and configured on the computer that you are working on. Instructions on how to install and configure Cloudmonkey so that it can communicate with the VDC API can be found in the [Introduction to the VDC API](http://cloudstore.interoute.com/main/knowledge-centre/library/vdc-api-introduction-api).
+* You have installed OpenSSH client software. This is usually already installed in Linux and Mac OS. For Windows it can be downloaded at the [OpenSSH website](http://www.openssh.com/).
+
+Note: In the following steps, commands beginning with '$' are to be typed into the command line, and commands beginning '>' are to be typed into Cloudmonkey. 
+
+## Cloudmonkey Setup
+
+First you should open a new terminal or command prompt window and start Cloudmonkey by typing:
+
+```cloudmonkey
+$ cloudmonkey set display table && cloudmonkey sync && cloudmonkey
+252 APIs discovered and cached
+Apache CloudStack cloudmonkey 5.3.0. Type help or ? to list commands.
+
+Using management server profile: local 
+
+(local) >
+
+```
+After running this, you should see that Cloudmonkey has started successfully and that it's ready to accept API calls.All of the VDC API commands that can be accepted by Cloudmonkey can be found in the [API Command Reference](http://cloudstore.interoute.com/main/knowledge-centre/library/api-command-reference).
+
+## Deploy a CoreOS node
+
+The following API call from Cloudmonkey is used to deploy a new virtual machine in VDC running CoreOS:
+
+```cloudmonkey
+> deployVirtualMachine serviceofferingid=value1 zoneid=value2 templateid=value3 networkids=value4 keypair=value5 name=value6
+```
+As you can see above 6 parameter values were provided above. 
+
+### Service Offering
+
+
+
+CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updates) with different schedules per channel. You can [disable this feature]({{site.url}}/docs/cluster-management/debugging/prevent-reboot-after-update), although we don't recommend it. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes.
+
+
    
+  
+  
    
+    
    
+      
    
+        
    The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.data.alpha-channel.rackspace-version}}.
    
+      
    
+      
    A sample script will look like this:
    
+
+
    #!ipxe
+
+# Location of your shell script.
+set cloud-config-url http://example.com/cloud-config-bootstrap.sh
+
+set base-url http://alpha.release.core-os.net/amd64-usr/current
+kernel ${base-url}/coreos_production_pxe.vmlinuz cloud-config-url=${cloud-config-url}
+initrd ${base-url}/coreos_production_pxe_image.cpio.gz
+boot
    
+    
    
+    
    
+      
    
+        
    The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.data.beta-channel.rackspace-version}}.
    
+      
    
+      
    A sample script will look like this:
    
+
+
    #!ipxe
+
+# Location of your shell script.
+set cloud-config-url http://example.com/cloud-config-bootstrap.sh
+
+set base-url http://beta.release.core-os.net/amd64-usr/current
+kernel ${base-url}/coreos_production_pxe.vmlinuz cloud-config-url=${cloud-config-url}
+initrd ${base-url}/coreos_production_pxe_image.cpio.gz
+boot
    
+    
    
+    
    
+      
    
+        
    The Stable channel should be used by production clusters. Versions of CoreOS are battle-tested within the Beta and Alpha channels before being promoted. Current version is CoreOS {{site.data.stable-channel.rackspace-version}}.
    
+      
    
+      
    A sample script will look like this:
    
+
+
    #!ipxe
+
+# Location of your shell script.
+set cloud-config-url http://example.com/cloud-config-bootstrap.sh
+
+set base-url http://stable.release.core-os.net/amd64-usr/current
+kernel ${base-url}/coreos_production_pxe.vmlinuz cloud-config-url=${cloud-config-url}
+initrd ${base-url}/coreos_production_pxe_image.cpio.gz
+boot
    
+    
    
+  
    
+
    
+
+Go to My Servers > Startup Scripts > Add Startup Script, select type "PXE", and input your script. Be sure to replace the cloud-config-url with that of the shell script you created above.
+
+Additional reading can be found at [Booting CoreOS with iPXE](http://coreos.com/docs/running-coreos/bare-metal/booting-with-ipxe/) and [Embedded scripts for iPXE](http://ipxe.org/embed).
+
+## Create the VPS
+
+Create a new VPS (any server type and location of your choice), and then:
+
+1. For the "Operating System" select "Custom"
+2. Select "iPXE Custom Script" and the script you created above.
+3. Click "Place Order"
+
+Once you receive the "Subscription Activated" email the VPS will be ready to use.
+
+## Accessing the VPS
+
+You can now log in to CoreOS using the associated private key on your local computer. You may need to specify its location using ```-i LOCATION```. If you need additional details on how to specify the location of your private key file see [here](http://www.cyberciti.biz/faq/force-ssh-client-to-use-given-private-key-identity-file/).
+
+SSH to the IP of your VPS, and specify the "core" user: ```ssh core@IP```
+
+```sh
+$ ssh core@IP
+The authenticity of host 'IP (2a02:1348:17c:423d:24:19ff:fef1:8f6)' can't be established.
+RSA key fingerprint is 99:a5:13:60:07:5d:ac:eb:4b:f2:cb:c9:b2:ab:d7:21.
+Are you sure you want to continue connecting (yes/no)? yes
+Warning: Permanently added '[IP]' (ED25519) to the list of known hosts.
+Enter passphrase for key '/home/user/.ssh/id_rsa':
+CoreOS stable (557.2.0)
+core@localhost ~ $
+```
+
+## Using CoreOS
+
+Check out the [CoreOS Quickstart]({{site.url}}/docs/quickstart) guide or dig into [more specific topics]({{site.url}}/docs).

From 60dc2a38a3ae5a8d704a7ca5da69ea2389163b55 Mon Sep 17 00:00:00 2001
From: Nikolay Stoynov 
Date: Wed, 8 Apr 2015 14:31:04 +0000
Subject: [PATCH 0442/1291] Complete index.md file

---
 .../cloud-providers/interoute/index.md        | 187 +++++++++++-------
 1 file changed, 115 insertions(+), 72 deletions(-)

diff --git a/running-coreos/cloud-providers/interoute/index.md b/running-coreos/cloud-providers/interoute/index.md
index ac38959db..7fd821743 100644
--- a/running-coreos/cloud-providers/interoute/index.md
+++ b/running-coreos/cloud-providers/interoute/index.md
@@ -30,7 +30,6 @@ Apache CloudStack cloudmonkey 5.3.0. Type help or ? to list commands.
 Using management server profile: local 
 
 (local) >
-
 ```
 After running this, you should see that Cloudmonkey has started successfully and that it's ready to accept API calls.All of the VDC API commands that can be accepted by Cloudmonkey can be found in the [API Command Reference](http://cloudstore.interoute.com/main/knowledge-centre/library/api-command-reference).
 
@@ -39,105 +38,149 @@ After running this, you should see that Cloudmonkey has started successfully and
 The following API call from Cloudmonkey is used to deploy a new virtual machine in VDC running CoreOS:
 
 ```cloudmonkey
-> deployVirtualMachine serviceofferingid=value1 zoneid=value2 templateid=value3 networkids=value4 keypair=value5 name=value6
+deployVirtualMachine serviceofferingid=85228261-fc66-4092-8e54-917d1702979d zoneid=f6b0d029-8e53-413b-99f3-e0a2a543ee1d templateid=73bc5066-b536-4325-8e27-ec873cea6ce7 networkids=e9e1220b-76c8-47cd-a6c2-885ffee49972 keypair=CoreOS-Key01 name=DockerTutorialVM01
 ```
 As you can see above 6 parameter values were provided above. 
 
 ### Service Offering
 
+The first parameter is the 'service offering id' which represents the amount of memory and number of CPUs that you want to allocate to the VM.I have decided to use the service offering with 4 Gigabytes of RAM and 2 CPU cores.
+
+```cloudmonkey
+> listServiceOfferings name=4096-2 filter=id
+```
+The name parameter above denotes how much RAM (in Mbytes) and CPU cores you want to have. You should see an output like the following:
+
+```cloudmonkey
++--------------------------------------+
+|                  id                  |
++--------------------------------------+
+| 85228261-fc66-4092-8e54-917d1702979d |
++--------------------------------------+
+```
+
+### Zone
 
+The "zoneid" parameter specifies the zone (data centre of VDC) of the VM to be deployed. I can view the list of the available zones by typing:
+
+```cloudmonkey
+> listZones filter=id,name
+```
+You should get the following result, if you are working in the Europe region of VDC.Note that the UUID values required for most of the input parameters will be different from the ones shown here.): 
 
-CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updates) with different schedules per channel. You can [disable this feature]({{site.url}}/docs/cluster-management/debugging/prevent-reboot-after-update), although we don't recommend it. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes.
+```cloudmonkey
++--------------------------------------+-------------------+
+|                  id                  |        name       |
++--------------------------------------+-------------------+
+| 374b937d-2051-4440-b02c-a314dd9cb27e |    Paris (ESX)    |
+| 58848a37-db49-4518-946a-88911db0ee2b |    Milan (ESX)    |
+| fc129b38-d490-4cd9-acf8-838cf7eb168d |    Berlin (ESX)   |
+| 3c43b32b-fadf-4629-b8e9-61fb7a5b9bb8 | Amsterdam 2 (ESX) |
+| f6b0d029-8e53-413b-99f3-e0a2a543ee1d |   London 2 (ESX)  |
+| 5343ddc2-919f-4d1b-a8e6-59f91d901f8e |    Slough (ESX)   |
+| 1ef96ec0-9e51-4502-9a81-045bc37ecc0a |   Geneva 2 (ESX)  |
+| ddf450f2-51b2-433d-8dea-c871be6de38d |    Madrid (ESX)   |
+| 7144b207-e97e-4e4a-b15d-64a30711e0e7 |  Frankfurt (ESX)  |
++--------------------------------------+-------------------+
+```
 
-
    
-  
-  
    
-    
    
-      
    
-        
    The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.data.alpha-channel.rackspace-version}}.
    
-      
    
-      
    A sample script will look like this:
    
+### Template
 
-
    #!ipxe
+The "templateid" parameter specifies the operating system that I want the VM to run. I am going to choose the templateid of CoreOS, which is named 'IRT-COREOS' in VDC. Here is how to find out the required UUID:
 
-# Location of your shell script.
-set cloud-config-url http://example.com/cloud-config-bootstrap.sh
+```cloudmonkey
+> listTemplates templatefilter=featured zoneid=f6b0d029-8e53-413b-99f3-e0a2a543ee1d name=IRT-COREOS filter=id,name
+```  
 
-set base-url http://alpha.release.core-os.net/amd64-usr/current
-kernel ${base-url}/coreos_production_pxe.vmlinuz cloud-config-url=${cloud-config-url}
-initrd ${base-url}/coreos_production_pxe_image.cpio.gz
-boot
    
-    
    
-    
    
-      
    
-        
    The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.data.beta-channel.rackspace-version}}.
    
-      
    
-      
    A sample script will look like this:
    
+Note this is the 'CoreOS stable' version, there is another template for 'CoreOS alpha'.
 
-
    #!ipxe
+### Network
 
-# Location of your shell script.
-set cloud-config-url http://example.com/cloud-config-bootstrap.sh
+The "networkids" parameter specifies the network or networks that the deployed VM will be using.As I chose the VM to be located in London then the chosen network(s) should also be located in London. Type the following to show your networks in the London zone:
 
-set base-url http://beta.release.core-os.net/amd64-usr/current
-kernel ${base-url}/coreos_production_pxe.vmlinuz cloud-config-url=${cloud-config-url}
-initrd ${base-url}/coreos_production_pxe_image.cpio.gz
-boot
    
-    
    
-    
    
-      
    
-        
    The Stable channel should be used by production clusters. Versions of CoreOS are battle-tested within the Beta and Alpha channels before being promoted. Current version is CoreOS {{site.data.stable-channel.rackspace-version}}.
    
-      
    
-      
    A sample script will look like this:
    
+```cloudmonkey
+> listNetworks zoneid=f6b0d029-8e53-413b-99f3-e0a2a543ee1d filter=id,name
+``` 
 
-
    #!ipxe
+This is the output for my VDC account:
 
-# Location of your shell script.
-set cloud-config-url http://example.com/cloud-config-bootstrap.sh
+```cloudmonkey
++--------------------------------------+--------------------+
+|                  id                  |        name        |
++--------------------------------------+--------------------+
+| e9e1220b-76c8-47cd-a6c2-885ffee49972 |   PrvWithGW Lon2   |
+| 182e8be5-6f73-4a31-a9f9-b6f445a46b53 |    IPVPN_LON02     |
++--------------------------------------+--------------------+
+```
 
-set base-url http://stable.release.core-os.net/amd64-usr/current
-kernel ${base-url}/coreos_production_pxe.vmlinuz cloud-config-url=${cloud-config-url}
-initrd ${base-url}/coreos_production_pxe_image.cpio.gz
-boot
    
-    
    
-  
    
-
    
+As you can see above, I have two networks in the London zone. I want my deployed VM to be connected to only one network, so I choose networkids to be 'e9e1220b-76c8-47cd-a6c2-885ffee49972'. (If I wanted two or more networks, I would make a list using commas to separate, such as: 'networkids=e9e1220b-76c8-47cd-a6c2-885ffee49972,182e8be5-6f73-4a31-a9f9-b6f445a46b53'.)
 
-Go to My Servers > Startup Scripts > Add Startup Script, select type "PXE", and input your script. Be sure to replace the cloud-config-url with that of the shell script you created above.
+### SSH Keys
 
-Additional reading can be found at [Booting CoreOS with iPXE](http://coreos.com/docs/running-coreos/bare-metal/booting-with-ipxe/) and [Embedded scripts for iPXE](http://ipxe.org/embed).
+The "keypair" parameter specifies the SSH keypair used to login to the CoreOS as the CoreOS template does not allow for any logins (root user or otherwise) using passwords.
 
-## Create the VPS
+First of all, I am going to create a new keypair on my own machine using the OpenSSH command line tool, ssh-keygen:
 
-Create a new VPS (any server type and location of your choice), and then:
+```cmd
+$ cd ~/.ssh && ssh-keygen -t rsa -f id_rsa_coreos          #(for Linux)
+cd C:/ && ssh-keygen -t rsa -f id_rsa_coreos 		   #(for Windows)
+``` 
+The next step is to 'register' your keypair, which means storing your public key in VDC, so that VMs can boot with that information:
 
-1. For the "Operating System" select "Custom"
-2. Select "iPXE Custom Script" and the script you created above.
-3. Click "Place Order"
 
-Once you receive the "Subscription Activated" email the VPS will be ready to use.
+```cloudmonkey
+> registerSSHKeyPair name=CoreOS-Key01 publickey="ssh-rsa AAAAB3NzaC1y...........fyskMb4oBw== PapanCostas@interoute.com"
+keypair:
+name = CoreOS-Key01
+fingerprint = 55:33:b4:d3:b6:52:fb:79:97:fc:e8:16:58:6e:42:ce
+```
 
-## Accessing the VPS
+The "name" parameter is arbitrary and is used for your reference only.
 
-You can now log in to CoreOS using the associated private key on your local computer. You may need to specify its location using ```-i LOCATION```. If you need additional details on how to specify the location of your private key file see [here](http://www.cyberciti.biz/faq/force-ssh-client-to-use-given-private-key-identity-file/).
+### Name
 
-SSH to the IP of your VPS, and specify the "core" user: ```ssh core@IP```
+The final "name" parameter is the name of the VM. You can choose any name that is unique and is not used by any existing VM on your VDC account. I will choose the name 'DockerTutorialVM01'.
 
-```sh
-$ ssh core@IP
-The authenticity of host 'IP (2a02:1348:17c:423d:24:19ff:fef1:8f6)' can't be established.
-RSA key fingerprint is 99:a5:13:60:07:5d:ac:eb:4b:f2:cb:c9:b2:ab:d7:21.
-Are you sure you want to continue connecting (yes/no)? yes
-Warning: Permanently added '[IP]' (ED25519) to the list of known hosts.
-Enter passphrase for key '/home/user/.ssh/id_rsa':
-CoreOS stable (557.2.0)
-core@localhost ~ $
+I am going to make sure that Cloudmonkey is set to the mode of waiting for deployment to complete (known as 'asynchronous blocking'), otherwise the VM information will not be output to the terminal:
+
+```cloudmonkey
+> set asyncblock true
+```
+
+## Connecting to CoreOS
+
+To be able to SSH to the VM a port forwarding rule is required to allow connection on port 22:
+
+```cloudmonkey
+> createPortForwardingRule protocol=TCP publicport=22 ipaddressid=value1 virtualmachineid=value2 privateport=22 openfirewall=true
+```
+The last configuration step is to set an egress firewall rule for the network so that the CoreOS VM will be able to get outward access to the internet. This is needed for Docker to access repositories for container images, and to allow CoreOS to access internet update servers to do automatic updating:
+
+
+```cloudmonkey
+> createEgressFirewallRule networkid=e9e1220b-76c8-47cd-a6c2-885ffee49972 protocol=all cidr=0.0.0.0/0
+```
+
+Note that allowing traffic from any iP is not a good practice.
+
+So finally my VM is set up for me to connect to it, using the 'ipaddress' found from the listPublicIpAddresses command and specifying the private SSH key file to match the public key which I registered in VDC. Type this ssh command into a terminal:
+
+
+```cmd
+$ ssh -i ~/.ssh/id_rsa_coreos core@IPADDRESS
 ```
 
+Upon the first connection to the VM I am asked to check authenticity of the VM:
+
+```cmd  
+The authenticity of host '[IPADDRESS]:22 ([IPADDRESS]:22)' can't be established.
+ED25519 key fingerprint is 4a:f4:85:c0:1d:e0:fa:26:94:89:7c:39:1b:57:42:d2.
+Are you sure you want to continue connecting (yes/no)? yes
+Warning: Permanently added '[IPADDRESS]:22' (ED25519) to the list of known hosts.
+CoreOS (stable)
+core@DockerTutorialVM01 ~ $
+```
 ## Using CoreOS
 
-Check out the [CoreOS Quickstart]({{site.url}}/docs/quickstart) guide or dig into [more specific topics]({{site.url}}/docs).
+Check out the [CoreOS and Docker in Interoute VDC](http://cloudstore.interoute.com/main/knowledge-centre/blog/coreos-docker-vdc-part2) turorial for using Docker.
+

From 204d58c74c20fb76e9e73650a13e43b4b6be8a50 Mon Sep 17 00:00:00 2001
From: Nikolay Stoynov 
Date: Wed, 8 Apr 2015 15:17:07 +0000
Subject: [PATCH 0443/1291] Fixed typos

---
 .../cloud-providers/interoute/index.md        | 26 +++++++++----------
 1 file changed, 13 insertions(+), 13 deletions(-)

diff --git a/running-coreos/cloud-providers/interoute/index.md b/running-coreos/cloud-providers/interoute/index.md
index 7fd821743..355275398 100644
--- a/running-coreos/cloud-providers/interoute/index.md
+++ b/running-coreos/cloud-providers/interoute/index.md
@@ -35,12 +35,12 @@ After running this, you should see that Cloudmonkey has started successfully and
 
 ## Deploy a CoreOS node
 
-The following API call from Cloudmonkey is used to deploy a new virtual machine in VDC running CoreOS:
+The following API call from Cloudmonkey is used to deploy a new virtual machine running CoreOS in VDC:
 
 ```cloudmonkey
-deployVirtualMachine serviceofferingid=85228261-fc66-4092-8e54-917d1702979d zoneid=f6b0d029-8e53-413b-99f3-e0a2a543ee1d templateid=73bc5066-b536-4325-8e27-ec873cea6ce7 networkids=e9e1220b-76c8-47cd-a6c2-885ffee49972 keypair=CoreOS-Key01 name=DockerTutorialVM01
+> deployVirtualMachine serviceofferingid=85228261-fc66-4092-8e54-917d1702979d zoneid=f6b0d029-8e53-413b-99f3-e0a2a543ee1d templateid=73bc5066-b536-4325-8e27-ec873cea6ce7 networkids=e9e1220b-76c8-47cd-a6c2-885ffee49972 keypair=CoreOS-Key01 name=DockerTutorialVM01
 ```
-As you can see above 6 parameter values were provided above. 
+As you can see that 6 parameter values were provided above. 
 
 ### Service Offering
 
@@ -61,12 +61,12 @@ The name parameter above denotes how much RAM (in Mbytes) and CPU cores you want
 
 ### Zone
 
-The "zoneid" parameter specifies the zone (data centre of VDC) of the VM to be deployed. I can view the list of the available zones by typing:
+The 'zoneid' parameter specifies the zone (data centre of VDC) of the VM to be deployed. You can view the list of the available zones by typing:
 
 ```cloudmonkey
 > listZones filter=id,name
 ```
-You should get the following result, if you are working in the Europe region of VDC.Note that the UUID values required for most of the input parameters will be different from the ones shown here.): 
+You should get the following result, if you are working in the Europe region of VDC.Note that the UUID values required for most of the input parameters will be different from the ones shown here: 
 
 ```cloudmonkey
 +--------------------------------------+-------------------+
@@ -86,7 +86,7 @@ You should get the following result, if you are working in the Europe region of
 
 ### Template
 
-The "templateid" parameter specifies the operating system that I want the VM to run. I am going to choose the templateid of CoreOS, which is named 'IRT-COREOS' in VDC. Here is how to find out the required UUID:
+The 'templateid' parameter specifies the operating system of the VM. I am going to choose the templateid of CoreOS, which is named 'IRT-COREOS' in VDC. Here is how to find out the required UUID:
 
 ```cloudmonkey
 > listTemplates templatefilter=featured zoneid=f6b0d029-8e53-413b-99f3-e0a2a543ee1d name=IRT-COREOS filter=id,name
@@ -96,7 +96,7 @@ Note this is the 'CoreOS stable' version, there is another template for 'CoreOS
 
 ### Network
 
-The "networkids" parameter specifies the network or networks that the deployed VM will be using.As I chose the VM to be located in London then the chosen network(s) should also be located in London. Type the following to show your networks in the London zone:
+The 'networkids' parameter specifies the network or networks that the deployed VM will be using.As I chose the VM to be located in London then the chosen network(s) should also be located in London. Type the following to show your networks in the London zone:
 
 ```cloudmonkey
 > listNetworks zoneid=f6b0d029-8e53-413b-99f3-e0a2a543ee1d filter=id,name
@@ -117,7 +117,7 @@ As you can see above, I have two networks in the London zone. I want my deployed
 
 ### SSH Keys
 
-The "keypair" parameter specifies the SSH keypair used to login to the CoreOS as the CoreOS template does not allow for any logins (root user or otherwise) using passwords.
+The 'keypair' parameter specifies the SSH keypair used to login to the CoreOS as the CoreOS template does not allow any logins (root user or otherwise) using passwords.
 
 First of all, I am going to create a new keypair on my own machine using the OpenSSH command line tool, ssh-keygen:
 
@@ -125,7 +125,7 @@ First of all, I am going to create a new keypair on my own machine using the Ope
 $ cd ~/.ssh && ssh-keygen -t rsa -f id_rsa_coreos          #(for Linux)
 cd C:/ && ssh-keygen -t rsa -f id_rsa_coreos 		   #(for Windows)
 ``` 
-The next step is to 'register' your keypair, which means storing your public key in VDC, so that VMs can boot with that information:
+The next step is to 'register' your keypair, which means storing your public key in VDC, so that VMs can boot up with that information:
 
 
 ```cloudmonkey
@@ -135,11 +135,11 @@ name = CoreOS-Key01
 fingerprint = 55:33:b4:d3:b6:52:fb:79:97:fc:e8:16:58:6e:42:ce
 ```
 
-The "name" parameter is arbitrary and is used for your reference only.
+The keypair 'name' parameter is arbitrary and is used for your reference only.
 
 ### Name
 
-The final "name" parameter is the name of the VM. You can choose any name that is unique and is not used by any existing VM on your VDC account. I will choose the name 'DockerTutorialVM01'.
+The final 'name' parameter is the name of the VM. You can choose any name that is unique and is not used by any existing VM on your VDC account. I will choose the name 'DockerTutorialVM01'.
 
 I am going to make sure that Cloudmonkey is set to the mode of waiting for deployment to complete (known as 'asynchronous blocking'), otherwise the VM information will not be output to the terminal:
 
@@ -161,7 +161,7 @@ The last configuration step is to set an egress firewall rule for the network so
 > createEgressFirewallRule networkid=e9e1220b-76c8-47cd-a6c2-885ffee49972 protocol=all cidr=0.0.0.0/0
 ```
 
-Note that allowing traffic from any iP is not a good practice.
+Note that allowing traffic from any IP is not a good practice.
 
 So finally my VM is set up for me to connect to it, using the 'ipaddress' found from the listPublicIpAddresses command and specifying the private SSH key file to match the public key which I registered in VDC. Type this ssh command into a terminal:
 
@@ -182,5 +182,5 @@ core@DockerTutorialVM01 ~ $
 ```
 ## Using CoreOS
 
-Check out the [CoreOS and Docker in Interoute VDC](http://cloudstore.interoute.com/main/knowledge-centre/blog/coreos-docker-vdc-part2) turorial for using Docker.
+Check out the [CoreOS and Docker in Interoute VDC](http://cloudstore.interoute.com/main/knowledge-centre/blog/coreos-docker-vdc-part2) turorial.
 

From 849b6649432feb9ae94d7672d23726ab10b04531 Mon Sep 17 00:00:00 2001
From: Nikolay Stoynov 
Date: Thu, 9 Apr 2015 08:41:00 +0000
Subject: [PATCH 0444/1291] index file contents change

---
 .../cloud-providers/interoute/index.md         | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/running-coreos/cloud-providers/interoute/index.md b/running-coreos/cloud-providers/interoute/index.md
index 355275398..05920d932 100644
--- a/running-coreos/cloud-providers/interoute/index.md
+++ b/running-coreos/cloud-providers/interoute/index.md
@@ -40,11 +40,11 @@ The following API call from Cloudmonkey is used to deploy a new virtual machine
 ```cloudmonkey
 > deployVirtualMachine serviceofferingid=85228261-fc66-4092-8e54-917d1702979d zoneid=f6b0d029-8e53-413b-99f3-e0a2a543ee1d templateid=73bc5066-b536-4325-8e27-ec873cea6ce7 networkids=e9e1220b-76c8-47cd-a6c2-885ffee49972 keypair=CoreOS-Key01 name=DockerTutorialVM01
 ```
-As you can see that 6 parameter values were provided above. 
+As you can see there were 6 parameter values provided above. 
 
 ### Service Offering
 
-The first parameter is the 'service offering id' which represents the amount of memory and number of CPUs that you want to allocate to the VM.I have decided to use the service offering with 4 Gigabytes of RAM and 2 CPU cores.
+The first parameter is the 'serviceofferingid' which represents the amount of RAM memory and number of CPUs that you want to allocate to the VM.In this tutorial 4 Gigabytes of RAM and 2 CPU cores as chosen.
 
 ```cloudmonkey
 > listServiceOfferings name=4096-2 filter=id
@@ -86,7 +86,7 @@ You should get the following result, if you are working in the Europe region of
 
 ### Template
 
-The 'templateid' parameter specifies the operating system of the VM. I am going to choose the templateid of CoreOS, which is named 'IRT-COREOS' in VDC. Here is how to find out the required UUID:
+The 'templateid' parameter specifies the operating system of the VM. CoreOS template is selected, which is named 'IRT-COREOS' in VDC. Here is how to find out the required UUID:
 
 ```cloudmonkey
 > listTemplates templatefilter=featured zoneid=f6b0d029-8e53-413b-99f3-e0a2a543ee1d name=IRT-COREOS filter=id,name
@@ -96,7 +96,7 @@ Note this is the 'CoreOS stable' version, there is another template for 'CoreOS
 
 ### Network
 
-The 'networkids' parameter specifies the network or networks that the deployed VM will be using.As I chose the VM to be located in London then the chosen network(s) should also be located in London. Type the following to show your networks in the London zone:
+The 'networkids' parameter specifies the network or networks that the deployed VM will be using.As the VM is to be located in London then the chosen network(s) should also be located in London. Type the following to show your networks in the London zone:
 
 ```cloudmonkey
 > listNetworks zoneid=f6b0d029-8e53-413b-99f3-e0a2a543ee1d filter=id,name
@@ -113,13 +113,13 @@ This is the output for my VDC account:
 +--------------------------------------+--------------------+
 ```
 
-As you can see above, I have two networks in the London zone. I want my deployed VM to be connected to only one network, so I choose networkids to be 'e9e1220b-76c8-47cd-a6c2-885ffee49972'. (If I wanted two or more networks, I would make a list using commas to separate, such as: 'networkids=e9e1220b-76c8-47cd-a6c2-885ffee49972,182e8be5-6f73-4a31-a9f9-b6f445a46b53'.)
+As you can see above, there are two networks in the London zone. Only one network is required to connect to the VM, so I choose networkids to be 'e9e1220b-76c8-47cd-a6c2-885ffee49972'. (If two or more networks are required, list could be used using commas to separate, such as: 'networkids=e9e1220b-76c8-47cd-a6c2-885ffee49972,182e8be5-6f73-4a31-a9f9-b6f445a46b53'.)
 
 ### SSH Keys
 
 The 'keypair' parameter specifies the SSH keypair used to login to the CoreOS as the CoreOS template does not allow any logins (root user or otherwise) using passwords.
 
-First of all, I am going to create a new keypair on my own machine using the OpenSSH command line tool, ssh-keygen:
+At first a new keypair is generated on using the OpenSSH command line tool, ssh-keygen:
 
 ```cmd
 $ cd ~/.ssh && ssh-keygen -t rsa -f id_rsa_coreos          #(for Linux)
@@ -139,9 +139,9 @@ The keypair 'name' parameter is arbitrary and is used for your reference only.
 
 ### Name
 
-The final 'name' parameter is the name of the VM. You can choose any name that is unique and is not used by any existing VM on your VDC account. I will choose the name 'DockerTutorialVM01'.
+The final 'name' parameter is the name of the VM. You can choose any name that is unique and is not used by any existing VM on your VDC account. 
 
-I am going to make sure that Cloudmonkey is set to the mode of waiting for deployment to complete (known as 'asynchronous blocking'), otherwise the VM information will not be output to the terminal:
+Cloudmonkey is to be set to the mode of waiting for deployment to complete (known as 'asynchronous blocking'), otherwise the VM information will not be output to the terminal:
 
 ```cloudmonkey
 > set asyncblock true
@@ -163,7 +163,7 @@ The last configuration step is to set an egress firewall rule for the network so
 
 Note that allowing traffic from any IP is not a good practice.
 
-So finally my VM is set up for me to connect to it, using the 'ipaddress' found from the listPublicIpAddresses command and specifying the private SSH key file to match the public key which I registered in VDC. Type this ssh command into a terminal:
+So finally the VM is set up for connection, using the 'ipaddress' found from the listPublicIpAddresses command and specifying the private SSH key file to match the public key which I registered in VDC. Type this ssh command into a terminal:
 
 
 ```cmd

From 0654d1ac9cb242a9cbe7376d91a05f663965889f Mon Sep 17 00:00:00 2001
From: Jimmy Zelinskie 
Date: Thu, 9 Apr 2015 14:06:41 -0400
Subject: [PATCH 0445/1291] /home/root is not $HOME for root

---
 enterprise-registry/configure-machines/index.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/enterprise-registry/configure-machines/index.md b/enterprise-registry/configure-machines/index.md
index 1863c7a90..ce8eb2d2d 100644
--- a/enterprise-registry/configure-machines/index.md
+++ b/enterprise-registry/configure-machines/index.md
@@ -27,7 +27,7 @@ A snippet to configure the credentials via write_files looks like:
 #cloud-config
 
 write_files:
-  - path: /home/root/.dockercfg
+  - path: /root/.dockercfg
     permissions: 0644
     content: |
       {

From 54a6547fe58ac563e429181b0219fb628230e6c6 Mon Sep 17 00:00:00 2001
From: Jimmy Zelinskie 
Date: Thu, 9 Apr 2015 16:21:35 -0400
Subject: [PATCH 0446/1291] add systemd example

---
 .../configure-machines/index.md               | 20 +++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/enterprise-registry/configure-machines/index.md b/enterprise-registry/configure-machines/index.md
index ce8eb2d2d..20c913b8b 100644
--- a/enterprise-registry/configure-machines/index.md
+++ b/enterprise-registry/configure-machines/index.md
@@ -40,6 +40,7 @@ write_files:
 
 Each machine booted with this cloud-config should automatically be authenticated with your Enterprise Registry.
 
+
 ### Manual Login
 
 To temporarily login to an Enterprise Registry account on a machine, run `docker login`:
@@ -66,3 +67,22 @@ If you already have images in your registry, test out a pull:
 ```sh
 docker pull registry.domain.com/myapp
 ```
+
+## Pulling via systemd
+
+Assuming a .dockercfg is present in /root, the following is an example systemd unit file that pulls a docker image:
+
+```
+[Unit]
+Description=Hello World
+
+[Service]
+WorkingDirectory=/root
+ExecStartPre=-/usr/bin/docker kill hello-world
+ExecStartPre=-/usr/bin/docker rm -f hello-world
+ExecStartPre=/usr/bin/docker pull quay.io/example/hello-world:latest
+ExecStart=/usr/bin/docker run --rm --name hello-world quay.io/example/hello-world:latest
+ExecStop=-/usr/bin/docker stop hello-world
+```
+
+Without setting the working directory, docker will not be able to discover the .dockercfg file and will not have the credentials to pull private images.

From 23c32beb82456257e637b69f89c7a0be3731d8c6 Mon Sep 17 00:00:00 2001
From: Jimmy Zelinskie 
Date: Fri, 10 Apr 2015 12:47:26 -0400
Subject: [PATCH 0447/1291] clarify the req of workdir in systemd unit files

---
 enterprise-registry/configure-machines/index.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/enterprise-registry/configure-machines/index.md b/enterprise-registry/configure-machines/index.md
index 20c913b8b..521ddacf4 100644
--- a/enterprise-registry/configure-machines/index.md
+++ b/enterprise-registry/configure-machines/index.md
@@ -85,4 +85,4 @@ ExecStart=/usr/bin/docker run --rm --name hello-world quay.io/example/hello-worl
 ExecStop=-/usr/bin/docker stop hello-world
 ```
 
-Without setting the working directory, docker will not be able to discover the .dockercfg file and will not have the credentials to pull private images.
+If the working directory is not set, docker will not be able to discover the .dockercfg file and will not have the credentials to pull private images.

From d67b515b49adaefb073658da34e9b3e9f6cec84e Mon Sep 17 00:00:00 2001
From: Rob Szumski 
Date: Fri, 10 Apr 2015 12:02:21 -0700
Subject: [PATCH 0448/1291] cluster-management: add toolbox cloud-config
 example

---
 .../debugging/install-debugging-tools/index.md      | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/cluster-management/debugging/install-debugging-tools/index.md b/cluster-management/debugging/install-debugging-tools/index.md
index db8a493c3..939b764bd 100644
--- a/cluster-management/debugging/install-debugging-tools/index.md
+++ b/cluster-management/debugging/install-debugging-tools/index.md
@@ -41,6 +41,19 @@ Pulling repository index.example.com/debug
 ...
 ```
 
+You can also specify this in cloud-config:
+
+```
+#cloud-config
+write_files:
+  - path: /home/core/.toolboxrc
+    owner: core
+    content: |
+      TOOLBOX_DOCKER_IMAGE=index.example.com/debug
+      TOOLBOX_DOCKER_TAG=v1
+      TOOLBOX_USER=root
+```
+
 ## SSH Directly Into A Toolbox
 
 Advanced users can SSH directly into a toolbox by setting up an `/etc/passwd` entry:

From 382ba0f7a2d4805e1ce6e0f5867edcb6e37663bb Mon Sep 17 00:00:00 2001
From: Bob Uhl 
Date: Sat, 11 Apr 2015 10:03:56 -0600
Subject: [PATCH 0449/1291] Correct 'Ubuntu' to 'minimal busybox'

The busybox container in the examples is not an actual Ubuntu installation; this change updates the text to reflect this.
---
 quickstart/index.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/quickstart/index.md b/quickstart/index.md
index c068d30a2..2563b70c7 100644
--- a/quickstart/index.md
+++ b/quickstart/index.md
@@ -91,7 +91,7 @@ If you followed a guide to set up more than one CoreOS machine, you can SSH into
 
 ## Container Management with docker
 
-The second building block, **docker** ([docs][docker-docs]), is where your applications and code run. It is installed on each CoreOS machine. You should make each of your services (web server, caching, database) into a container and connect them together by reading and writing to etcd. You can quickly try out a Ubuntu container in two different ways:
+The second building block, **docker** ([docs][docker-docs]), is where your applications and code run. It is installed on each CoreOS machine. You should make each of your services (web server, caching, database) into a container and connect them together by reading and writing to etcd. You can quickly try out a minimal busybox container in two different ways:
 
 Run a command in the container and then stop it: 
 

From 9d71520199d6b1c4df0442959f6333106e04d4be Mon Sep 17 00:00:00 2001
From: Rob Szumski 
Date: Mon, 13 Apr 2015 11:30:57 -0700
Subject: [PATCH 0450/1291] running-coreos: fix formatting

---
 running-coreos/cloud-providers/digitalocean/index.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/running-coreos/cloud-providers/digitalocean/index.md b/running-coreos/cloud-providers/digitalocean/index.md
index 9a92ac5bb..24c7f9d30 100644
--- a/running-coreos/cloud-providers/digitalocean/index.md
+++ b/running-coreos/cloud-providers/digitalocean/index.md
@@ -201,7 +201,7 @@ For more details, check out [DigitalOcean's API documentation][do-api-docs].
   
    
     
       
-    
    
+    
     
    Choosing a CoreOS channel
    
   
    
 
    

From b6a7c84b3110ab8f1c181eddf955f38c01a2e63e Mon Sep 17 00:00:00 2001
From: Michael Marineau 
Date: Mon, 13 Apr 2015 21:11:18 -0700
Subject: [PATCH 0451/1291] sdk: update documentation on running devserver

The description of running devserver for updates was nearly a year out
of date. Fix and clarify things a bit.
---
 .../sdk/building-development-images/index.md  | 28 ++++++++++++++-----
 1 file changed, 21 insertions(+), 7 deletions(-)

diff --git a/sdk-distributors/sdk/building-development-images/index.md b/sdk-distributors/sdk/building-development-images/index.md
index 89118a2c5..e59f2c8f2 100644
--- a/sdk-distributors/sdk/building-development-images/index.md
+++ b/sdk-distributors/sdk/building-development-images/index.md
@@ -14,7 +14,7 @@ Building a new VM image is a time consuming process. On development images you
 can use `gmerge` to build packages on your workstation and ship them to your
 target VM.
 
-1. On your workstation start the dev server inside the SDK chroot:
+On your workstation start the dev server inside the SDK chroot:
 
 ```sh
 start_devserver --port 8080
@@ -22,8 +22,8 @@ start_devserver --port 8080
 
 NOTE: This port will need to be Internet accessible if your VM is remote.
 
-2. Run `gmerge` from your VM and ensure that the `DEVSERVER` setting in
-   `/etc/coreos/update.conf` point to your workstation IP/hostname and port.
+Run `gmerge` from your VM and ensure that the `DEVSERVER` setting in
+`/etc/coreos/update.conf` points to your workstation IP/hostname and port.
 
 ```sh
 gmerge coreos-base/update_engine
@@ -32,16 +32,30 @@ gmerge coreos-base/update_engine
 ### Updating an Image with Update Engine
 
 If you want to test that an image you built can successfully upgrade a running
-VM you can use the `--image` argument to the devserver. Here is an example:
+VM you can use devserver. To specify the version to upgrade to you can use the
+`--image` argument. This should be a newer build than the VM is currently
+running, otherwise devserver will answer "no update" to any requests. Here is
+an example using the default value:
 
 ```sh
-start_devserver --image ../build/images/amd64-usr/latest/chromiumos_image.bin
+start_devserver --image ../build/images/amd64-usr/latest/coreos_developer_image.bin
 ```
 
-From the target virtual machine you run:
+On the target VM ensure that the `SERVER` setting in `/etc/coreos/update.conf`
+points to your workstation, for example:
 
 ```sh
-update_engine_client -update -omaha_url http://$WORKSTATION_HOSTNAME:8080/update
+GROUP=developer
+SERVER=http://you.example.com:8080/update
+DEVSERVER=http://you.example.com:8080
+```
+
+If you modify this file restart update engine: `systemctl restart update-engine`
+
+On the VM force an immediate update check:
+
+```sh
+update_engine_client -update
 ```
 
 If the update fails you can check the logs of the update engine by running:

From 7e4cb07a84ffad29a57fcf7eb755e82e0b7fae76 Mon Sep 17 00:00:00 2001
From: Austin Grice 
Date: Wed, 15 Apr 2015 11:01:35 -0500
Subject: [PATCH 0452/1291] Made comment about Description more clear.

---
 .../launching/getting-started-with-systemd/index.md             | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/launching-containers/launching/getting-started-with-systemd/index.md b/launching-containers/launching/getting-started-with-systemd/index.md
index a7761e8c3..b8fce2f10 100644
--- a/launching-containers/launching/getting-started-with-systemd/index.md
+++ b/launching-containers/launching/getting-started-with-systemd/index.md
@@ -40,7 +40,7 @@ ExecStart=/usr/bin/docker run --name busybox1 busybox /bin/sh -c "while true; do
 WantedBy=multi-user.target
 ```
 
-The description shows up in the systemd log and a few other places. Write something that will help you understand exactly what this does later on.
+The `Description` shows up in the systemd log and a few other places. Write something that will help you understand exactly what this does later on.
 
 `After=docker.service` and `Requires=docker.service` means this unit will only start after `docker.service` is active. You can define as many of these as you want.
 

From 68e73b3a66c7199e970d0ebeca73de9335b21848 Mon Sep 17 00:00:00 2001
From: Rob Szumski 
Date: Thu, 16 Apr 2015 10:36:43 -0700
Subject: [PATCH 0453/1291] docs: add doc to listing

---
 enterprise-registry/initial-setup/index.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/enterprise-registry/initial-setup/index.md b/enterprise-registry/initial-setup/index.md
index a2984d973..0e0182863 100644
--- a/enterprise-registry/initial-setup/index.md
+++ b/enterprise-registry/initial-setup/index.md
@@ -2,6 +2,7 @@
 layout: docs
 title: On-Premise Installation
 category: registry
+sub_category: setup
 forkurl: https://github.com/coreos/docs/blob/master/enterprise-registry/initial-setup/index.md
 weight: 5
 ---

From c0e539a0677768cbe2ef8c3b7398aea4c869833a Mon Sep 17 00:00:00 2001
From: Michael Marineau 
Date: Thu, 16 Apr 2015 13:17:21 -0700
Subject: [PATCH 0454/1291] ntp: report 'ntpd' as disabled and use coreos
 ntp.org pool

The ntpd service is enabled in /usr instead of /etc and therefore
systemd always reports it as "disabled". Also we should not be telling
users to use the generic pool, ntp.org expects us to use our own coreos
pool.
---
 .../configuring-date-and-timezone/index.md    | 21 ++++++++++---------
 1 file changed, 11 insertions(+), 10 deletions(-)

diff --git a/cluster-management/setup/configuring-date-and-timezone/index.md b/cluster-management/setup/configuring-date-and-timezone/index.md
index 525cd2213..c4a70cef7 100644
--- a/cluster-management/setup/configuring-date-and-timezone/index.md
+++ b/cluster-management/setup/configuring-date-and-timezone/index.md
@@ -13,7 +13,7 @@ NTP is used to to keep clocks in sync across machines in a CoreOS cluster. The n
 ```
 systemctl status ntpd
 ntpd.service - Network Time Service
-   Loaded: loaded (/usr/lib64/systemd/system/ntpd.service; enabled)
+   Loaded: loaded (/usr/lib64/systemd/system/ntpd.service; disabled; vendor preset: disabled)
    Active: active (running) since Tue 2014-08-26 15:10:23 UTC; 4h 23min ago
  Main PID: 483 (ntpd)
    CGroup: /system.slice/ntpd.service
@@ -25,7 +25,6 @@ ntpd.service - Network Time Service
 The ntpd service can be configured via the /etc/ntp.conf configuration file. By default systems will sync time with NTP servers from ntp.org. If you would like to use a different set of NTP servers edit /etc/ntp.conf:
 
 ```
-# Common pool
 server 0.pool.example.com
 server 1.pool.example.com
 ...
@@ -73,7 +72,7 @@ timedatectl
   Universal time: Tue 2014-08-26 19:44:07 UTC
         RTC time: Tue 2014-08-26 19:44:07
        Time zone: America/New_York (EDT, -0400)
-     NTP enabled: yes
+     NTP enabled: no
 NTP synchronized: yes
  RTC in local TZ: no
       DST active: yes
@@ -100,15 +99,15 @@ sudo timedatectl set-timezone UTC
 Unless you have a highly reliable and precise time server pool you should stick to the default NTP servers from the ntp.org server pool.
 
 ```
-server 0.pool.ntp.org
-server 1.pool.ntp.org
-server 2.pool.ntp.org
-server 3.pool.ntp.org
+server 0.coreos.pool.ntp.org
+server 1.coreos.pool.ntp.org
+server 2.coreos.pool.ntp.org
+server 3.coreos.pool.ntp.org
 ```
 
 ## Automating with cloud-config
 
-The following cloud-config snippet can be used setup and configure NTP and timezone settings: 
+The following cloud-config snippet can be used setup and configure NTP and timezone settings:
 
 ```
 #cloud-config
@@ -129,8 +128,10 @@ write_files:
   - path: /etc/ntp.conf
     content: |
       # Common pool
-      server 0.pool.ntp.org
-      server 1.pool.ntp.org
+      server 0.coreos.pool.ntp.org
+      server 1.coreos.pool.ntp.org
+      server 2.coreos.pool.ntp.org
+      server 3.coreos.pool.ntp.org
 
       # - Allow only time queries, at a limited rate.
       # - Allow all local queries (IPv4, IPv6)

From cc6da6a41fefd0cbaf70f37d31b9ede43150d696 Mon Sep 17 00:00:00 2001
From: Jed Smith 
Date: Sat, 18 Apr 2015 18:08:00 -0700
Subject: [PATCH 0455/1291] ec2: Clarify that two exemptions are needed

Be specific here that two rules need to be created for users unfamiliar
with how "port range" works in security groups.

Fixes #453
---
 running-coreos/cloud-providers/ec2/index.md | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/running-coreos/cloud-providers/ec2/index.md b/running-coreos/cloud-providers/ec2/index.md
index 98e709d3a..2aee2c96f 100644
--- a/running-coreos/cloud-providers/ec2/index.md
+++ b/running-coreos/cloud-providers/ec2/index.md
@@ -231,15 +231,16 @@ First we need to create a security group to allow CoreOS instances to communicat
     * VPC: No VPC
     * Click: "Yes, Create"
 3. In the details of the security group, click the `Inbound` tab
-4. First, create an open rule for SSH
+4. First, create a security group rule for SSH
     * Create a new rule: `SSH`
     * Source: 0.0.0.0/0
     * Click: "Add Rule"
-5. Add rule for etcd internal communication
+5. Add two security group rules for etcd communication
     * Create a new rule: `Custom TCP rule`
-    * Port range: 7001, 4001
+    * Port range: 4001
     * Source: type "coreos-testing" until your security group auto-completes. Should be something like "sg-8d4feabc"
     * Click: "Add Rule"
+    * Repeat this process for port range 7001 as well
 6. Click "Apply Rule Changes"
 
 [sg]: https://console.aws.amazon.com/ec2/home?region=us-east-1#s=SecurityGroups

From f4df8af35041b0c67a118ed92d4919d3a1bb2030 Mon Sep 17 00:00:00 2001
From: Patrick Baxter 
Date: Wed, 22 Apr 2015 17:16:24 -0400
Subject: [PATCH 0456/1291] mantle: add documentation for mantle

---
 sdk-distributors/sdk/mantle/index.md          | 65 +++++++++++++++++++
 .../sdk/modifying-coreos/index.md             |  5 ++
 2 files changed, 70 insertions(+)
 create mode 100644 sdk-distributors/sdk/mantle/index.md

diff --git a/sdk-distributors/sdk/mantle/index.md b/sdk-distributors/sdk/mantle/index.md
new file mode 100644
index 000000000..bde4051ca
--- /dev/null
+++ b/sdk-distributors/sdk/mantle/index.md
@@ -0,0 +1,65 @@
+---
+layout: docs
+title: Mantle: Gluing CoreOS together
+category: sdk_distributors
+sub_category: sdk
+weight: 10 
+---
+
+# Mantle: Gluing CoreOS together
+
+Mantle is a collection of utilities for the CoreOS SDK.
+
+## plume index
+
+Generate and upload index.html objects to turn a Google Cloud Storage
+bucket into a publicly browsable file tree. Useful if you want something
+like Apache's directory index for your software download repository.
+
+## plume gce cluster launching
+
+Related commands to launch instances on Google Compute Engine(gce) with
+the latest SDK image. SSH keys should be added to the gce project
+metadata before launching a cluster. All commands have flags that can
+overwrite the default project, bucket, and other settings.  `plume help
+` can be used to discover all the switches.
+
+### plume upload
+
+Upload latest SDK image to Google Storage and then create a gce image.
+Assumes an image packaged with the flag `--format=gce` is present.
+Common usage for CoreOS devs using the default bucket and project is:
+
+`plume upload`
+
+### plume list-images
+
+Print out gce images from a project. Common usage:
+
+`plume list-images`
+
+### plume create-instances
+
+Launch instances on gce. SSH keys should be added to the metadata
+section of the gce developers console. Common usage:
+
+`plume create-instances -n=3 -image= -config=`
+
+### plume list-instances
+
+List running gce instances. Common usage:
+
+`plume list-instances`
+
+### plume destroy-instances
+
+Destroy instances on gce based by prefix or name. Images created with
+`create-instances` use a common basename as a prefix that can also be
+used to tear down the cluster. Common usage:
+
+`plume destroy-instances -prefix=$USER`
+
+## kola
+
+Test framework for CoreOS integration testing. Launch groups of related
+tests using the latest SDK image on specified platforms (qemu, gce ...)
diff --git a/sdk-distributors/sdk/modifying-coreos/index.md b/sdk-distributors/sdk/modifying-coreos/index.md
index c0de1c9a2..bcc4d548c 100644
--- a/sdk-distributors/sdk/modifying-coreos/index.md
+++ b/sdk-distributors/sdk/modifying-coreos/index.md
@@ -167,3 +167,8 @@ There are separate workflows for [building production](/docs/sdk-distributors/sd
 ## Tips and Tricks
 
 We've compiled a [list of tips and tricks](/docs/sdk-distributors/sdk/tips-and-tricks) that can make working with the SDK a bit easier.
+
+## Testing Images
+
+[Mantle](/docs/sdk-distributors/sdk/mantle) is a collection of utilities
+used in testing and launching SDK images.

From b5b6d010148dc1e0a4c5c4b7d1a7a4d355ab608c Mon Sep 17 00:00:00 2001
From: Rob Szumski 
Date: Wed, 22 Apr 2015 16:28:08 -0700
Subject: [PATCH 0457/1291] docs: wrap title in quotes

---
 sdk-distributors/sdk/mantle/index.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sdk-distributors/sdk/mantle/index.md b/sdk-distributors/sdk/mantle/index.md
index bde4051ca..b887e2605 100644
--- a/sdk-distributors/sdk/mantle/index.md
+++ b/sdk-distributors/sdk/mantle/index.md
@@ -1,6 +1,6 @@
 ---
 layout: docs
-title: Mantle: Gluing CoreOS together
+title: "Mantle: Gluing CoreOS together"
 category: sdk_distributors
 sub_category: sdk
 weight: 10 

From 4390849ffc81cfec6f895bde60f67f4596968418 Mon Sep 17 00:00:00 2001
From: Alex Crawford 
Date: Thu, 23 Apr 2015 10:31:37 -0700
Subject: [PATCH 0458/1291] digitalocean: correct stable version number

---
 running-coreos/cloud-providers/digitalocean/index.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/running-coreos/cloud-providers/digitalocean/index.md b/running-coreos/cloud-providers/digitalocean/index.md
index 24c7f9d30..393a58a6c 100644
--- a/running-coreos/cloud-providers/digitalocean/index.md
+++ b/running-coreos/cloud-providers/digitalocean/index.md
@@ -61,7 +61,7 @@ The following command will create a single droplet. For more details, check out
     
    
       
    
         
    
-        
    The Stable channel should be used by production clusters. Versions of CoreOS are battle-tested within the Beta and Alpha channels before being promoted. Current version is CoreOS {{site.data.beta-channel.do-version}}.
    
+        
    The Stable channel should be used by production clusters. Versions of CoreOS are battle-tested within the Beta and Alpha channels before being promoted. Current version is CoreOS {{site.data.stable-channel.do-version}}.
    
         Launch CoreOS Droplet

    
         
    Launch via DigitalOcean API by specifying $REGION, $SIZE and $SSH_KEY_ID:
    
         
    curl --request POST "https://api.digitalocean.com/v2/droplets" \

From 848abfa45178e12c7a97e1d25d68f64479680a16 Mon Sep 17 00:00:00 2001
From: "U-Odessa\\dave" 
Date: Sun, 26 Apr 2015 12:09:56 -0700
Subject: [PATCH 0459/1291] Clarify VMware install note

---
 .../bare-metal/installing-to-disk/index.md         | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/running-coreos/bare-metal/installing-to-disk/index.md b/running-coreos/bare-metal/installing-to-disk/index.md
index 01c279c66..f35a379b2 100644
--- a/running-coreos/bare-metal/installing-to-disk/index.md
+++ b/running-coreos/bare-metal/installing-to-disk/index.md
@@ -15,14 +15,24 @@ weight: 7
 There is a simple installer that will destroy everything on the given target disk and install CoreOS.
 Essentially it downloads an image, verifies it with gpg and then copies it bit for bit to disk.
 
-The script is self-contained and located [on GitHub here](https://raw.github.com/coreos/init/master/bin/coreos-install "coreos-install") and can be run from any Linux distribution. You cannot install CoreOS to the same device that is currently booted. However, the [CoreOS ISO]({{site.url}}/docs/running-coreos/platforms/iso/) or any Linux liveCD will allow CoreOS to install to a non-active device. 
+The script is self-contained and located [on GitHub here](https://raw.github.com/coreos/init/master/bin/coreos-install "coreos-install") and can be run from any Linux distribution. You cannot normally install CoreOS to the same device that is currently booted. However, the [CoreOS ISO]({{site.url}}/docs/running-coreos/platforms/iso/) or any Linux liveCD will allow CoreOS to install to a non-active device. 
 
-If you already boot CoreOS via PXE, the install script is already installed. By default the install script will attempt to install the same version and channel that was PXE-booted:
+If you boot CoreOS via PXE, the install script is already installed. By default the install script will attempt to install the same version and channel that was PXE-booted:
 
 ```sh
 coreos-install -d /dev/sda
 ```
 
+If you are using the ISO with VMware, first sudo to root: 
+
+```sh
+sudo su - root
+```
+
+Then install as you would with the PXE booted system. 
+
+
+
 ## Choose a Channel
 
 CoreOS is released into alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel.

From 67282dcb7d753ca0489b7bd014a185ca28ea272e Mon Sep 17 00:00:00 2001
From: Alex Polvi 
Date: Sun, 26 Apr 2015 17:26:33 -0700
Subject: [PATCH 0460/1291] ec2 docs: update to use correct url for gov cloud

---
 running-coreos/cloud-providers/ec2/index.md | 27 ++++++++++++---------
 1 file changed, 15 insertions(+), 12 deletions(-)

diff --git a/running-coreos/cloud-providers/ec2/index.md b/running-coreos/cloud-providers/ec2/index.md
index 2aee2c96f..fd41a5174 100644
--- a/running-coreos/cloud-providers/ec2/index.md
+++ b/running-coreos/cloud-providers/ec2/index.md
@@ -44,16 +44,17 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat
    {{ region.name }} PV{{ region.pv }}Launch Stack{{ region.pv }}Launch Stack
    HVM{{ region.hvm }}Launch Stack{{ region.hvm }}Launch Stack
    {{ region.name }} PV{{ region.pv }}Launch Stack{{ region.pv }}Launch Stack
    HVM{{ region.hvm }}Launch Stack{{ region.hvm }}Launch Stack
    {{ region.name }} PV{{ region.pv }}Launch Stack{{ region.pv }}Launch Stack
    HVM{{ region.hvm }}Launch Stack{{ region.hvm }}Launch Stack
    @@ -158,21 +158,21 @@ The `$private_ipv4` and `$public_ipv4` substitution variables are fully supporte
    - - + +
    Providing options during CloudFormation.
    - - + +
    Providing cloud-config during EC2 boot wizard.
    [ec2-cloud-config]: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html -[cloud-config-docs]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config +[cloud-config-docs]: {{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config ### Instance Storage @@ -191,7 +191,7 @@ coreos: Type=ext3 ``` -For more information about mounting storage, Amazon's [own documentation](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html) is the best source. You can also read about [mounting storage on CoreOS]({{site.url}}/docs/cluster-management/setup/mounting-storage). +For more information about mounting storage, Amazon's [own documentation](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html) is the best source. You can also read about [mounting storage on CoreOS]({{site.baseurl}}/docs/cluster-management/setup/mounting-storage). ### Adding More Machines To add more instances to the cluster, just launch more with the same cloud-config, the appropriate security group and the AMI for that region. New instances will join the cluster regardless of region if the security groups are configured correctly. @@ -206,7 +206,7 @@ To connect to an instance after it's created, run: ssh core@ ``` -Optionally, you may want to [configure your ssh-agent]({{site.url}}/docs/launching-containers/launching/fleet-using-the-client/#remote-fleet-access) to more easily run [fleet commands]({{site.url}}/docs/launching-containers/launching/launching-containers-fleet/). +Optionally, you may want to [configure your ssh-agent]({{site.baseurl}}/docs/launching-containers/launching/fleet-using-the-client/#remote-fleet-access) to more easily run [fleet commands]({{site.baseurl}}/docs/launching-containers/launching/launching-containers-fleet/). ## Multiple Clusters If you would like to create multiple clusters you will need to change the "Stack Name". You can find the direct [template file on S3]({{ cf_beta_pv_template }}). @@ -492,4 +492,4 @@ Amazon EC2 uses Xen paravirtualization which is incompatible with kexec. CoreOS ## Using CoreOS Now that you have a machine booted it is time to play around. -Check out the [CoreOS Quickstart]({{site.url}}/docs/quickstart) guide or dig into [more specific topics]({{site.url}}/docs). +Check out the [CoreOS Quickstart]({{site.baseurl}}/docs/quickstart) guide or dig into [more specific topics]({{site.baseurl}}/docs). diff --git a/running-coreos/cloud-providers/ecs/index.md b/running-coreos/cloud-providers/ecs/index.md index 14dabcf44..a295494c9 100644 --- a/running-coreos/cloud-providers/ecs/index.md +++ b/running-coreos/cloud-providers/ecs/index.md @@ -15,7 +15,7 @@ Your CoreOS machines communicate with ECS via an agent. The agent interacts with ## Set Up A New Cluster -When booting your [CoreOS Machines on EC2]({{site.url}}/docs/running-coreos/cloud-providers/ec2), specify that the ECS agent is started via [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config). +When booting your [CoreOS Machines on EC2]({{site.baseurl}}/docs/running-coreos/cloud-providers/ec2), specify that the ECS agent is started via [cloud-config]({{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config). Be sure to change `ECS_CLUSTER` to the cluster name you've configured via the ECS CLI or leave it empty for the default. Here's a full cloud-config example: @@ -46,11 +46,11 @@ coreos: The example above pulls the latest official Amazon ECS agent container from the Docker Hub when the machine starts. If you ever need to update the agent, it’s as simple as restarting the amazon-ecs-agent service or the CoreOS machine. -If you want to configure SSH keys in order to log in, mount disks or configure other options, see the [full cloud-config documentation]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config). +If you want to configure SSH keys in order to log in, mount disks or configure other options, see the [full cloud-config documentation]({{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config). ## Connect ECS to an Existing Cluster -Connecting an existing cluster to ECS is simple with [fleet]({{site.url}}/docs/launching-containers/launching/launching-containers-fleet) — the agent can be run as a global unit. The unit looks similar to the example above: +Connecting an existing cluster to ECS is simple with [fleet]({{site.baseurl}}/docs/launching-containers/launching/launching-containers-fleet) — the agent can be run as a global unit. The unit looks similar to the example above: #### amazon-ecs-agent.service diff --git a/running-coreos/cloud-providers/exoscale/index.md b/running-coreos/cloud-providers/exoscale/index.md index 4f274ba0f..2770b9db8 100644 --- a/running-coreos/cloud-providers/exoscale/index.md +++ b/running-coreos/cloud-providers/exoscale/index.md @@ -20,11 +20,11 @@ is a unique fresh instance. By default, only stable channel are deployed on Exoscale, you can easily [switch to Beta or Alpha channel][switching-channels]. -[update-docs]: {{site.url}}/using-coreos/updates -[reboot-docs]: {{site.url}}/docs/cluster-management/debugging/prevent-reboot-after-update -[switching-channels]: {{site.url}}/docs/cluster-management/setup/switching-channels -[release-notes]: {{site.url}}/releases -[cloud-config-docs]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config +[update-docs]: {{site.baseurl}}/using-coreos/updates +[reboot-docs]: {{site.baseurl}}/docs/cluster-management/debugging/prevent-reboot-after-update +[switching-channels]: {{site.baseurl}}/docs/cluster-management/setup/switching-channels +[release-notes]: {{site.baseurl}}/releases +[cloud-config-docs]: {{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config ## Security Groups @@ -120,7 +120,7 @@ To log in to a CoreOS instance after it's created click on its IP address or run ssh core@ ``` -Optionally, you may want to [configure your ssh-agent]({{site.url}}/docs/launching-containers/launching/fleet-using-the-client/#remote-fleet-access) to more easily run [fleet commands]({{site.url}}/docs/launching-containers/launching/launching-containers-fleet/). +Optionally, you may want to [configure your ssh-agent]({{site.baseurl}}/docs/launching-containers/launching/fleet-using-the-client/#remote-fleet-access) to more easily run [fleet commands]({{site.baseurl}}/docs/launching-containers/launching/launching-containers-fleet/). ## Launching instances @@ -194,5 +194,5 @@ Now that you have a machine booted it is time to play around. Check out the [CoreOS Quickstart][quick-start] guide or dig into [more specific topics][docs]. -[quick-start]: {{site.url}}/docs/quickstart -[docs]: {{site.url}}/docs +[quick-start]: {{site.baseurl}}/docs/quickstart +[docs]: {{site.baseurl}}/docs diff --git a/running-coreos/cloud-providers/google-compute-engine/index.md b/running-coreos/cloud-providers/google-compute-engine/index.md index a1aa5e166..abe39cde5 100644 --- a/running-coreos/cloud-providers/google-compute-engine/index.md +++ b/running-coreos/cloud-providers/google-compute-engine/index.md @@ -18,7 +18,7 @@ After installation, log into your account with `gcloud auth login` and enter you ## Cloud-Config -CoreOS allows you to configure machine parameters, launch systemd units on startup and more via cloud-config. Jump over to the [docs to learn about the supported features]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config). Cloud-config is intended to bring up a cluster of machines into a minimal useful state and ideally shouldn't be used to configure anything that isn't standard across many hosts. On GCE, the cloud-config can be modified while the instance is running and will be processed next time the machine boots. +CoreOS allows you to configure machine parameters, launch systemd units on startup and more via cloud-config. Jump over to the [docs to learn about the supported features]({{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config). Cloud-config is intended to bring up a cluster of machines into a minimal useful state and ideally shouldn't be used to configure anything that isn't standard across many hosts. On GCE, the cloud-config can be modified while the instance is running and will be processed next time the machine boots. You can provide cloud-config to CoreOS via the Google Cloud console's metadata field `user-data` or via a flag using `gcloud`. @@ -46,7 +46,7 @@ The `$private_ipv4` and `$public_ipv4` substitution variables are fully supporte ## Choosing a Channel -CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updates) with different schedules per channel. You can [disable this feature]({{site.url}}/docs/cluster-management/debugging/prevent-reboot-after-update), although we don't recommend it. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes. +CoreOS is designed to be [updated automatically]({{site.baseurl}}/using-coreos/updates) with different schedules per channel. You can [disable this feature]({{site.baseurl}}/docs/cluster-management/debugging/prevent-reboot-after-update), although we don't recommend it. Read the [release notes]({{site.baseurl}}/releases) for specific features and bug fixes. Create 3 instances from the image above using our cloud-config from `cloud-config.yaml`: @@ -58,7 +58,7 @@ Create 3 instances from the image above using our cloud-config from `cloud-confi
    -

    The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

    +

    The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

    gcloud compute instances create core1 core2 core3 --image https://www.googleapis.com/compute/v1/{{site.data.alpha-channel.gce-image-path}} --zone us-central1-a --machine-type n1-standard-1 --metadata-from-file user-data=cloud-config.yaml
    @@ -89,7 +89,7 @@ coreos: Type=ext3 ``` -For more information about mounting storage, Google's [own documentation](https://developers.google.com/compute/docs/disks#attach_disk) is the best source. You can also read about [mounting storage on CoreOS]({{site.url}}/docs/cluster-management/setup/mounting-storage). +For more information about mounting storage, Google's [own documentation](https://developers.google.com/compute/docs/disks#attach_disk) is the best source. You can also read about [mounting storage on CoreOS]({{site.baseurl}}/docs/cluster-management/setup/mounting-storage). ### Adding More Machines To add more instances to the cluster, just launch more with the same cloud-config inside of the project. @@ -169,4 +169,4 @@ zone: us-central1-a ## Using CoreOS Now that you have a machine booted it is time to play around. -Check out the [CoreOS Quickstart]({{site.url}}/docs/quickstart) guide or dig into [more specific topics]({{site.url}}/docs). \ No newline at end of file +Check out the [CoreOS Quickstart]({{site.baseurl}}/docs/quickstart) guide or dig into [more specific topics]({{site.baseurl}}/docs). \ No newline at end of file diff --git a/running-coreos/cloud-providers/niftycloud/JA_JP/index.md b/running-coreos/cloud-providers/niftycloud/JA_JP/index.md index 650d2fdd9..100a43769 100644 --- a/running-coreos/cloud-providers/niftycloud/JA_JP/index.md +++ b/running-coreos/cloud-providers/niftycloud/JA_JP/index.md @@ -14,7 +14,7 @@ title: NIFTY Cloud ## Cloud-Config -CoreOSはcloud-configにより、マシンのパラメータを設定したり、起動時にsystemdのunitを立ち上げたりすることが可能です。サポートしている機能は[こちら]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config)で確認してください。cloud-configは最小限で有用な状態にクラスターを立ち上げることを目的としており、複数のホストで共通ではない設定をするためには使うべきではありません。ニフティクラウド上では、cloud-configはサーバーの起動中に編集でき、次回起動時に反映されます。 +CoreOSはcloud-configにより、マシンのパラメータを設定したり、起動時にsystemdのunitを立ち上げたりすることが可能です。サポートしている機能は[こちら]({{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config)で確認してください。cloud-configは最小限で有用な状態にクラスターを立ち上げることを目的としており、複数のホストで共通ではない設定をするためには使うべきではありません。ニフティクラウド上では、cloud-configはサーバーの起動中に編集でき、次回起動時に反映されます。 [ニフティクラウドCLI][cli-documentation]を使ってcloud-configを設定することができます。 @@ -42,7 +42,7 @@ coreos: ## チャンネルの選択 -CoreOSはチャンネル毎に別のスケジュールで[自動アップデート]({{site.url}}/using-coreos/updates)されるように設計されています。推奨はしませんが、この機能は[無効にする]({{site.url}}/docs/cluster-management/debugging/prevent-reboot-after-update)こともできます。各機能やバグフィックスについては[リリースノート]({{site.url}}/releases)を読んでください。 +CoreOSはチャンネル毎に別のスケジュールで[自動アップデート]({{site.baseurl}}/using-coreos/updates)されるように設計されています。推奨はしませんが、この機能は[無効にする]({{site.baseurl}}/docs/cluster-management/debugging/prevent-reboot-after-update)こともできます。各機能やバグフィックスについては[リリースノート]({{site.baseurl}}/releases)を読んでください。
      @@ -52,7 +52,7 @@ CoreOSはチャンネル毎に別のスケジュールで[自動アップデー
    -

    AlphaチャンネルはMasterをぴったりと追っていて、頻繁にリリースされます。テストのために最新のdockeretcdfleetの利用が可能です。現在のバージョンはCoreOS {{site.alpha-channel}}です。

    +

    AlphaチャンネルはMasterをぴったりと追っていて、頻繁にリリースされます。テストのために最新のdockeretcdfleetの利用が可能です。現在のバージョンはCoreOS {{site.alpha-channel}}です。

    $ZONE, $TYPE, $FW_ID and $SSH_KEY_IDを指定し、ニフティクラウドCLIで立ち上げます。

    nifty-run-instances $(nifty-describe-images --delimiter ',' --image-name "CoreOS Alpha {{site.alpha-channel}}" | awk -F',' '{print $2}') --key $SSH_KEY_ID --availability-zone $ZONE --instance-type $TYPE -g $FW_ID -f cloud-config.yml -q POST
    @@ -84,4 +84,4 @@ ssh core@ -i ## CoreOSの利用 起動済みのマシンを手に入れたら、遊ぶ時間です。 -[CoreOSクイックスタート]({{site.url}}/docs/quickstart)を見るか、[各トピックス]({{site.url}}/docs)を掘り下げましょう。 +[CoreOSクイックスタート]({{site.baseurl}}/docs/quickstart)を見るか、[各トピックス]({{site.baseurl}}/docs)を掘り下げましょう。 diff --git a/running-coreos/cloud-providers/niftycloud/index.md b/running-coreos/cloud-providers/niftycloud/index.md index e655f9f1c..705b38898 100644 --- a/running-coreos/cloud-providers/niftycloud/index.md +++ b/running-coreos/cloud-providers/niftycloud/index.md @@ -14,7 +14,7 @@ NIFTY Cloud is a Japanese cloud computing provider. These instructions are also ## Cloud-Config -CoreOS allows you to configure machine parameters, launch systemd units on startup and more via cloud-config. Jump over to the [docs to learn about the supported features]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config). Cloud-config is intended to bring up a cluster of machines into a minimal useful state and ideally shouldn't be used to configure anything that isn't standard across many hosts. On NIFTY Cloud, the cloud-config can be modified while the instance is running and will be processed next time the machine boots. +CoreOS allows you to configure machine parameters, launch systemd units on startup and more via cloud-config. Jump over to the [docs to learn about the supported features]({{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config). Cloud-config is intended to bring up a cluster of machines into a minimal useful state and ideally shouldn't be used to configure anything that isn't standard across many hosts. On NIFTY Cloud, the cloud-config can be modified while the instance is running and will be processed next time the machine boots. You can provide cloud-config to CoreOS via [NIFTY Cloud CLI][cli-documentation]. @@ -42,7 +42,7 @@ The `$private_ipv4` and `$public_ipv4` substitution variables are fully supporte ## Choosing a Channel -CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updates) with different schedules per channel. You can [disable this feature]({{site.url}}/docs/cluster-management/debugging/prevent-reboot-after-update), although we don't recommend it. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes. +CoreOS is designed to be [updated automatically]({{site.baseurl}}/using-coreos/updates) with different schedules per channel. You can [disable this feature]({{site.baseurl}}/docs/cluster-management/debugging/prevent-reboot-after-update), although we don't recommend it. Read the [release notes]({{site.baseurl}}/releases) for specific features and bug fixes.
      @@ -52,7 +52,7 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat
    -

    The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

    +

    The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

    Launch via NIFTY Cloud CLI by specifying $ZONE, $TYPE, $FW_ID and $SSH_KEY_ID:

    nifty-run-instances $(nifty-describe-images --delimiter ',' --image-name "CoreOS Alpha {{site.alpha-channel}}" | awk -F',' '{print $2}') --key $SSH_KEY_ID --availability-zone $ZONE --instance-type $TYPE -g $FW_ID -f cloud-config.yml -q POST
    @@ -84,4 +84,4 @@ ssh core@ -i ## Using CoreOS Now that you have a machine booted it is time to play around. -Check out the [CoreOS Quickstart]({{site.url}}/docs/quickstart) guide or dig into [more specific topics]({{site.url}}/docs). +Check out the [CoreOS Quickstart]({{site.baseurl}}/docs/quickstart) guide or dig into [more specific topics]({{site.baseurl}}/docs). diff --git a/running-coreos/cloud-providers/rackspace/index.md b/running-coreos/cloud-providers/rackspace/index.md index cddea38e3..efcfede2f 100644 --- a/running-coreos/cloud-providers/rackspace/index.md +++ b/running-coreos/cloud-providers/rackspace/index.md @@ -14,7 +14,7 @@ CoreOS is currently in heavy development and actively being tested. These instr ## Choosing a Channel -CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updates) with different schedules per channel. You can [disable this feature]({{site.url}}/docs/cluster-management/debugging/prevent-reboot-after-update), although we don't recommend it. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes. +CoreOS is designed to be [updated automatically]({{site.baseurl}}/using-coreos/updates) with different schedules per channel. You can [disable this feature]({{site.baseurl}}/docs/cluster-management/debugging/prevent-reboot-after-update), although we don't recommend it. Read the [release notes]({{site.baseurl}}/releases) for specific features and bug fixes.
      @@ -25,7 +25,7 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat
      -

      The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. +

      The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. {% if site.data.alpha-channel.rackspace-version != site.data.alpha-channel.rackspace-onmetal-version %} Current version for Cloud Servers is CoreOS {{site.data.alpha-channel.rackspace-version}} and the current version for OnMetal servers is {{site.data.alpha-channel.rackspace-onmetal-version}}. {% elsif site.data.alpha-channel.rackspace-version == site.data.alpha-channel.rackspace-onmetal-version %} @@ -45,12 +45,12 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat

    - + - +
    Cloud Servers {{site.data.alpha-channel.rackspace-image-id}}heat-alpha.yamlheat-alpha.yaml
    OnMetal {{site.data.alpha-channel.rackspace-onmetal-id}}heat-onmetal-alpha.yamlheat-onmetal-alpha.yaml
    @@ -77,12 +77,12 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat Cloud Server {{site.data.beta-channel.rackspace-image-id}} - heat-beta.yaml + heat-beta.yaml OnMetal {{site.data.beta-channel.rackspace-onmetal-id}} - heat-onmetal-beta.yaml + heat-onmetal-beta.yaml @@ -109,12 +109,12 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat Cloud Server {{site.data.stable-channel.rackspace-image-id}} - heat-stable.yaml + heat-stable.yaml OnMetal {{site.data.stable-channel.rackspace-onmetal-id}} - heat-onmetal-stable.yaml + heat-onmetal-stable.yaml @@ -150,7 +150,7 @@ coreos: The `$private_ipv4` and `$public_ipv4` substitution variables are fully supported in cloud-config on Rackspace. -[cloud-config-docs]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config +[cloud-config-docs]: {{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config ### Mount Data Disk @@ -171,7 +171,7 @@ coreos: Mounting Cloud Block Storage can be done with a mount unit, but should not be included in cloud-config unless the disk is present on the first boot. -For more general information, check out [mounting storage on CoreOS]({{site.url}}/docs/cluster-management/setup/mounting-storage). +For more general information, check out [mounting storage on CoreOS]({{site.baseurl}}/docs/cluster-management/setup/mounting-storage). ## Launch with Nova @@ -317,20 +317,20 @@ source ~/.bash_profile

    Launch the stack by providing the specified parameters. This command will reference the local file data.yml in the current working directory that contains the cloud-config parameters. $(< data.yaml) prints the contents of this file into our heat command:

    heat stack-create Test --template-file https://coreos.com/dist/rackspace/heat-beta.yaml -P key-name=coreos-key -P flavor='2 GB Performance' -P count=5 -P user-data="$(< data.yaml)" -P name="CoreOS-beta"
    -

    You can view the template here.

    +

    You can view the template here.

    Launch the stack by providing the specified parameters. This command will reference the local file data.yml in the current working directory that contains the cloud-config parameters. $(< data.yaml) prints the contents of this file into our heat command:

    heat stack-create Test --template-file https://coreos.com/dist/rackspace/heat-stable.yaml -P key-name=coreos-key -P flavor='2 GB Performance' -P count=5 -P user-data="$(< data.yaml)" -P name="CoreOS-stable"
    -

    You can view the template here.

    +

    You can view the template here.
    @@ -352,4 +352,4 @@ You can also launch servers with either the `alpha` and `beta` channel versions ## Using CoreOS Now that you have a machine booted it is time to play around. -Check out the [CoreOS Quickstart]({{site.url}}/docs/quickstart) guide or dig into [more specific topics]({{site.url}}/docs). +Check out the [CoreOS Quickstart]({{site.baseurl}}/docs/quickstart) guide or dig into [more specific topics]({{site.baseurl}}/docs). diff --git a/running-coreos/cloud-providers/vexxhost/index.md b/running-coreos/cloud-providers/vexxhost/index.md index 3151ef03d..edbf3be64 100644 --- a/running-coreos/cloud-providers/vexxhost/index.md +++ b/running-coreos/cloud-providers/vexxhost/index.md @@ -36,7 +36,7 @@ CoreOS allows you to configure machine parameters, launch systemd units on startup and more via [cloud-config][cloud-config]. We're going to provide the `cloud-config` data via the `user-data` flag. -[cloud-config]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config +[cloud-config]: {{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config At the moment, you cannot supply the `user-data` using the CloudConsole control panel therefore you must use the CLI to deploy your cluster on the VEXXHOST @@ -116,7 +116,7 @@ cluster using the `nova` CLI command.
    -

    The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

    +

    The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

    nova boot --user-data cloud-config.yaml --image "CoreOS Alpha {{site.alpha-channel}}" --key-name coreos-key --flavor nb.2G --num-instances 3 coreos
    @@ -157,4 +157,4 @@ new discovery token. Change the token value on the etcd discovery parameter in t ## Using CoreOS Now that you have instances booted it is time to play around. -Check out the [CoreOS Quickstart]({{site.url}}/docs/quickstart) guide or dig into [more specific topics]({{site.url}}/docs). +Check out the [CoreOS Quickstart]({{site.baseurl}}/docs/quickstart) guide or dig into [more specific topics]({{site.baseurl}}/docs). diff --git a/running-coreos/cloud-providers/vultr/index.md b/running-coreos/cloud-providers/vultr/index.md index 2b8c18f12..0fcea54f0 100755 --- a/running-coreos/cloud-providers/vultr/index.md +++ b/running-coreos/cloud-providers/vultr/index.md @@ -35,13 +35,13 @@ sudo coreos-install -d /dev/vda -c cloud-config.yaml sudo reboot ``` -Please be sure to check out [Using Cloud-Config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config). +Please be sure to check out [Using Cloud-Config]({{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config). -You must add to your ssh public key to your `cloud-config`'s [ssh authorized keys]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/#ssh_authorized_keys) so you'll be able to log in. +You must add to your ssh public key to your `cloud-config`'s [ssh authorized keys]({{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config/#ssh_authorized_keys) so you'll be able to log in. ## Choosing a Channel -CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updates) with different schedules per channel. You can [disable this feature]({{site.url}}/docs/cluster-management/debugging/prevent-reboot-after-update), although we don't recommend it. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes. +CoreOS is designed to be [updated automatically]({{site.baseurl}}/using-coreos/updates) with different schedules per channel. You can [disable this feature]({{site.baseurl}}/docs/cluster-management/debugging/prevent-reboot-after-update), although we don't recommend it. Read the [release notes]({{site.baseurl}}/releases) for specific features and bug fixes.
      @@ -52,7 +52,7 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat
      -

      The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.data.alpha-channel.rackspace-version}}.

      +

      The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.data.alpha-channel.rackspace-version}}.

      A sample script will look like this:

      @@ -134,4 +134,4 @@ core@localhost ~ $ ## Using CoreOS -Check out the [CoreOS Quickstart]({{site.url}}/docs/quickstart) guide or dig into [more specific topics]({{site.url}}/docs). +Check out the [CoreOS Quickstart]({{site.baseurl}}/docs/quickstart) guide or dig into [more specific topics]({{site.baseurl}}/docs). diff --git a/running-coreos/platforms/cloudstack/index.md b/running-coreos/platforms/cloudstack/index.md index 7727492c4..8b15bafe5 100644 --- a/running-coreos/platforms/cloudstack/index.md +++ b/running-coreos/platforms/cloudstack/index.md @@ -95,4 +95,4 @@ cloud-config can be provided using userdata while deploying virtual machine. use ## Using CoreOS Now that you have a machine booted it is time to play around. -Check out the [CoreOS Quickstart]({{site.url}}/docs/quickstart) guide or dig into [more specific topics]({{site.url}}/docs). +Check out the [CoreOS Quickstart]({{site.baseurl}}/docs/quickstart) guide or dig into [more specific topics]({{site.baseurl}}/docs). diff --git a/running-coreos/platforms/eucalyptus/index.md b/running-coreos/platforms/eucalyptus/index.md index 646bf6cf5..f313174be 100644 --- a/running-coreos/platforms/eucalyptus/index.md +++ b/running-coreos/platforms/eucalyptus/index.md @@ -20,7 +20,7 @@ In order to convert the image you will need to install ```qemu-img``` with your CoreOS is released into alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. -The channel is selected based on the URL below. Simply replace `alpha` with `beta`. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes in each channel. +The channel is selected based on the URL below. Simply replace `alpha` with `beta`. Read the [release notes]({{site.baseurl}}/releases) for specific features and bug fixes in each channel. ```sh $ wget -q http://alpha.release.core-os.net/amd64-usr/current/coreos_production_openstack_image.img.bz2 @@ -74,4 +74,4 @@ core@10-0-0-3 ~ $ ## Using CoreOS Now that you have a machine booted it is time to play around. -Check out the [CoreOS Quickstart]({{site.url}}/docs/quickstart) guide or dig into [more specific topics]({{site.url}}/docs). +Check out the [CoreOS Quickstart]({{site.baseurl}}/docs/quickstart) guide or dig into [more specific topics]({{site.baseurl}}/docs). diff --git a/running-coreos/platforms/iso/index.md b/running-coreos/platforms/iso/index.md index 685c74eea..aa8c1a84d 100644 --- a/running-coreos/platforms/iso/index.md +++ b/running-coreos/platforms/iso/index.md @@ -20,7 +20,7 @@ The latest CoreOS ISOs can be downloaded from the image storage site:
      -

      The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

      +

      The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

      Download Alpha ISO Browse Storage Site @@ -50,11 +50,11 @@ The latest CoreOS ISOs can be downloaded from the image storage site: ## Known Limitations -1. The best strategy for providing [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config) is via [config-drive](https://github.com/coreos/coreos-cloudinit/blob/master/Documentation/config-drive.md). +1. The best strategy for providing [cloud-config]({{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config) is via [config-drive](https://github.com/coreos/coreos-cloudinit/blob/master/Documentation/config-drive.md). ## Install to Disk -The most common use-case for this ISO is to install CoreOS to disk. You can [find those instructions here]({{site.url}}/docs/running-coreos/bare-metal/installing-to-disk). +The most common use-case for this ISO is to install CoreOS to disk. You can [find those instructions here]({{site.baseurl}}/docs/running-coreos/bare-metal/installing-to-disk). ## Bypass Authentication diff --git a/running-coreos/platforms/libvirt/index.md b/running-coreos/platforms/libvirt/index.md index caa2fa9cc..b7d76ba3c 100644 --- a/running-coreos/platforms/libvirt/index.md +++ b/running-coreos/platforms/libvirt/index.md @@ -26,7 +26,7 @@ to substitute that path if you use another one. CoreOS is released into alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. -Read the [release notes]({{site.url}}/releases) for specific features and bug fixes in each channel. +Read the [release notes]({{site.baseurl}}/releases) for specific features and bug fixes in each channel.
        @@ -145,7 +145,7 @@ ssh_authorized_keys: Note: The `$private_ipv4` and `$public_ipv4` substitution variables referenced in other documents are *not* supported on libvirt. -[cloud-config]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config +[cloud-config]: {{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config ### Network configuration @@ -213,4 +213,4 @@ ssh coreos0 ## Using CoreOS Now that you have a machine booted it is time to play around. -Check out the [CoreOS Quickstart]({{site.url}}/docs/quickstart) guide or dig into [more specific topics]({{site.url}}/docs). +Check out the [CoreOS Quickstart]({{site.baseurl}}/docs/quickstart) guide or dig into [more specific topics]({{site.baseurl}}/docs). diff --git a/running-coreos/platforms/openstack/index.md b/running-coreos/platforms/openstack/index.md index f238848df..543f0f1df 100644 --- a/running-coreos/platforms/openstack/index.md +++ b/running-coreos/platforms/openstack/index.md @@ -20,7 +20,7 @@ into the glance image store. ## Choosing a Channel -CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updates) with different schedules per channel. You can [disable this feature]({{site.url}}/docs/cluster-management/debugging/prevent-reboot-after-update), although we don't recommend it. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes. +CoreOS is designed to be [updated automatically]({{site.baseurl}}/using-coreos/updates) with different schedules per channel. You can [disable this feature]({{site.baseurl}}/docs/cluster-management/debugging/prevent-reboot-after-update), although we don't recommend it. Read the [release notes]({{site.baseurl}}/releases) for specific features and bug fixes.
          @@ -30,7 +30,7 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat
        -

        The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

        +

        The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

         $ wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_openstack_image.img.bz2
 $ bunzip2 coreos_production_openstack_image.img.bz2
@@ -89,7 +89,7 @@ CoreOS allows you to configure machine parameters, launch systemd units on start
 We're going to provide our cloud-config to OpenStack via the user-data flag. Our cloud-config will also contain SSH keys that will be used to connect to the instance.
 In order for this to work your OpenStack cloud provider must support [config drive][config-drive] or the OpenStack metadata service.
 
-[cloud-config]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config
+[cloud-config]: {{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config
 [config-drive]: http://docs.openstack.org/user-guide/cli_config_drive.html
 
 The most common cloud-config for OpenStack looks like:
@@ -204,4 +204,4 @@ new discovery token. Change the token value on the etcd discovery parameter in t
 ## Using CoreOS
 
 Now that you have instances booted it is time to play around.
-Check out the [CoreOS Quickstart]({{site.url}}/docs/quickstart) guide or dig into [more specific topics]({{site.url}}/docs).
+Check out the [CoreOS Quickstart]({{site.baseurl}}/docs/quickstart) guide or dig into [more specific topics]({{site.baseurl}}/docs).
diff --git a/running-coreos/platforms/qemu/index.md b/running-coreos/platforms/qemu/index.md
index 6cd55c43c..8c6710be9 100644
--- a/running-coreos/platforms/qemu/index.md
+++ b/running-coreos/platforms/qemu/index.md
@@ -81,7 +81,7 @@ image.
 
 ### Choosing a Channel
 
-CoreOS is released into stable, alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes in each channel.
+CoreOS is released into stable, alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. Read the [release notes]({{site.baseurl}}/releases) for specific features and bug fixes in each channel.
 
 
        
   
          
@@ -179,4 +179,4 @@ ssh coreos
 ## Using CoreOS
 
 Now that you have a machine booted it is time to play around.
-Check out the [CoreOS Quickstart]({{site.url}}/docs/quickstart) guide or dig into [more specific topics]({{site.url}}/docs).
+Check out the [CoreOS Quickstart]({{site.baseurl}}/docs/quickstart) guide or dig into [more specific topics]({{site.baseurl}}/docs).
diff --git a/running-coreos/platforms/vagrant/index.md b/running-coreos/platforms/vagrant/index.md
index 430854de7..d86a15425 100644
--- a/running-coreos/platforms/vagrant/index.md
+++ b/running-coreos/platforms/vagrant/index.md
@@ -41,7 +41,7 @@ To start our cluster, we need to provide some config parameters in cloud-config
 
 CoreOS allows you to configure machine parameters, launch systemd units on start-up and more via cloud-config. Jump over to the [docs to learn about the supported features][cloud-config-docs]. You can provide cloud-config data to your CoreOS Vagrant VM by editing the `user-data` file inside of the cloned directory. A sample file `user-data.sample` exists as a base and must be renamed to `user-data` for it to be processed.
 
-Our cluster will use an etcd [discovery URL]({{site.url}}/docs/cluster-management/setup/etcd-cluster-discovery/) to bootstrap the cluster of machines and elect an initial etcd leader. Be sure to replace `` with your own URL from [https://discovery.etcd.io/new](https://discovery.etcd.io/new):
+Our cluster will use an etcd [discovery URL]({{site.baseurl}}/docs/cluster-management/setup/etcd-cluster-discovery/) to bootstrap the cluster of machines and elect an initial etcd leader. Be sure to replace `` with your own URL from [https://discovery.etcd.io/new](https://discovery.etcd.io/new):
 
 ```yaml
 #cloud-config
@@ -70,13 +70,13 @@ Your Vagrantfile should copy your cloud-config file to `/var/lib/coreos-vagrant/
 If you need to update your cloud-config later on, run `vagrant reload --provision` to reboot your VM and apply the new file.
 
 
-[cloud-config-docs]: {{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config
+[cloud-config-docs]: {{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config
 
 ### Start up CoreOS
 
 The `config.rb.sample` file contains a few useful settings about your Vagrant environment and most importantly, how many machines you'd like in your cluster.
 
-CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updates) with different schedules per channel. Select the channel you'd like to use for this cluster below. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes.
+CoreOS is designed to be [updated automatically]({{site.baseurl}}/using-coreos/updates) with different schedules per channel. Select the channel you'd like to use for this cluster below. Read the [release notes]({{site.baseurl}}/releases) for specific features and bug fixes.
 
 
          
   
            
@@ -86,7 +86,7 @@ CoreOS is designed to be [updated automatically]({{site.url}}/using-coreos/updat
   
          
   
          
     
          
-      
          The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.
          
+      
          The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.
          
       
          Rename the file to config.rb and modify a few lines:
          
       
          config.rb
          
       
          # Size of the CoreOS cluster created by Vagrant
@@ -188,7 +188,7 @@ The `config.rb.sample` file contains a few useful settings about your Vagrant en
   
        
   
        
     
        
-      
        The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.
        
+      
        The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.
        
       
        Rename the file to config.rb then uncomment and modify:
        
       
        config.rb
        
       
        # Official CoreOS channel from which updates should be downloaded
@@ -257,4 +257,4 @@ vagrant box add coreos-alpha 
 ## Using CoreOS
 
 Now that you have a machine booted it is time to play around.
-Check out the [CoreOS Quickstart]({{site.url}}/docs/quickstart) guide, learn about [CoreOS clustering with Vagrant]({{site.url}}/blog/coreos-clustering-with-vagrant/), or dig into [more specific topics]({{site.url}}/docs).
+Check out the [CoreOS Quickstart]({{site.baseurl}}/docs/quickstart) guide, learn about [CoreOS clustering with Vagrant]({{site.baseurl}}/blog/coreos-clustering-with-vagrant/), or dig into [more specific topics]({{site.baseurl}}/docs).
diff --git a/running-coreos/platforms/virtualbox/index.md b/running-coreos/platforms/virtualbox/index.md
index c62aff237..96fc01fb2 100644
--- a/running-coreos/platforms/virtualbox/index.md
+++ b/running-coreos/platforms/virtualbox/index.md
@@ -46,7 +46,7 @@ Choose a channel to base your disk image on. Specific versions of CoreOS can als
      -

      The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

      +

      The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

      Create a disk image from this channel by running:

       ./create-coreos-vdi -V alpha
@@ -80,7 +80,7 @@ coreos_production_stable.vdi
 ## Creating a Config-Drive
 
 Cloud-config can be specified by attaching a
-[config-drive]({{site.url}}/docs/cluster-management/setup/cloudinit-config-drive/)
+[config-drive]({{site.baseurl}}/docs/cluster-management/setup/cloudinit-config-drive/)
 with the label `config-2`. This is commonly done through whatever interface
 allows for attaching CD-ROMs or new drives.
 
@@ -90,7 +90,7 @@ retained, although CoreOS supports config-drive on all platforms.
 
 For more information on customization that can be done with cloud-config, head
 on over to the
-[cloud-config guide]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/).
+[cloud-config guide]({{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config/).
 
 You need a config-drive to configure at least one SSH key to access the virtual
 machine. If you are in hurry you can create a basic config-drive with following
@@ -149,5 +149,5 @@ ssh core@192.168.56.101
 ## Using CoreOS
 
 Now that you have a machine booted it is time to play around.
-Check out the [CoreOS Quickstart]({{site.url}}/docs/quickstart) guide or dig
-into [more specific topics]({{site.url}}/docs).
+Check out the [CoreOS Quickstart]({{site.baseurl}}/docs/quickstart) guide or dig
+into [more specific topics]({{site.baseurl}}/docs).
diff --git a/running-coreos/platforms/vmware/index.md b/running-coreos/platforms/vmware/index.md
index 9fb837376..30bea267d 100644
--- a/running-coreos/platforms/vmware/index.md
+++ b/running-coreos/platforms/vmware/index.md
@@ -22,7 +22,7 @@ you will need to launch the `coreos_developer_vmware_insecure.vmx` file to creat
 
 CoreOS is released into alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel.
 
-The channel is selected based on the URL below. Simply replace `alpha` with `beta`. Read the [release notes]({{site.url}}/releases) for specific features and bug fixes in each channel.
+The channel is selected based on the URL below. Simply replace `alpha` with `beta`. Read the [release notes]({{site.baseurl}}/releases) for specific features and bug fixes in each channel.
 
 This is a rough sketch that should work on OS X and Linux:
 
@@ -68,11 +68,11 @@ The last step uploads the files to your ESXi datastore and registers your VM. Yo
 
 ## Cloud-Config
 
-Cloud-config can be specified by attaching a [config-drive]({{site.url}}/docs/cluster-management/setup/cloudinit-config-drive/) with the label `config-2`. This is commonly done through whatever interface allows for attaching CD-ROMs or new drives.
+Cloud-config can be specified by attaching a [config-drive]({{site.baseurl}}/docs/cluster-management/setup/cloudinit-config-drive/) with the label `config-2`. This is commonly done through whatever interface allows for attaching CD-ROMs or new drives.
 
 Note that the config-drive standard was originally an OpenStack feature, which is why you'll see strings containing `openstack`. This filepath needs to be retained, although CoreOS supports config-drive on all platforms.
 
-For more information on customization that can be done with cloud-config, head on over to the [cloud-config guide]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/).
+For more information on customization that can be done with cloud-config, head on over to the [cloud-config guide]({{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config/).
 
 Note: The `$private_ipv4` and `$public_ipv4` substitution variables referenced in other documents are *not* supported on VMware.
 
@@ -107,4 +107,4 @@ ssh core@10.0.1.81 update-ssh-keys -D oem
 ## Using CoreOS
 
 Now that you have a machine booted it is time to play around.
-Check out the [CoreOS Quickstart]({{site.url}}/docs/quickstart) guide or dig into [more specific topics]({{site.url}}/docs).
+Check out the [CoreOS Quickstart]({{site.baseurl}}/docs/quickstart) guide or dig into [more specific topics]({{site.baseurl}}/docs).
diff --git a/sdk-distributors/distributors/notes-for-distributors/index.md b/sdk-distributors/distributors/notes-for-distributors/index.md
index a077ac1c1..834307087 100644
--- a/sdk-distributors/distributors/notes-for-distributors/index.md
+++ b/sdk-distributors/distributors/notes-for-distributors/index.md
@@ -22,11 +22,11 @@ wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_openst
 gpg --verify coreos_production_openstack_image.img.bz2.sig
 ```
 
-[signing-key]: {{site.url}}/security/image-signing-key
+[signing-key]: {{site.baseurl}}/security/image-signing-key
 
 ## Image Customization
 
-Customizing a CoreOS image for a specific operating environment is easily done through [cloud-config]({{site.url}}/docs/cluster-management/setup/cloudinit-cloud-config/), a YAML-based configuration standard that is widely supported. As a provider, you must ensure that your platform makes this data available to CoreOS, where it will be parsed during the boot process.
+Customizing a CoreOS image for a specific operating environment is easily done through [cloud-config]({{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config/), a YAML-based configuration standard that is widely supported. As a provider, you must ensure that your platform makes this data available to CoreOS, where it will be parsed during the boot process.
 
 Use cloud-config to handle platform specific configuration such as custom networking, running an agent on the machine or injecting files onto disk. CoreOS will automatically parse and execute `/usr/share/oem/cloud-config.yml` if it exists. Your cloud-config should create additional units that process user-provided metadata, as described below.
 
@@ -44,7 +44,7 @@ You can find the [code for this process on GitHub][amazon-github]. End-user inst
 
 [amazon-github]: https://github.com/coreos/coreos-overlay/tree/master/coreos-base/oem-ec2-compat
 [amazon-user-data-doc]: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AESDG-chapter-instancedata.html#instancedata-user-data-retrieval
-[amazon-cloud-config]: {{site.url}}/docs/running-coreos/cloud-providers/ec2#cloud-config
+[amazon-cloud-config]: {{site.baseurl}}/docs/running-coreos/cloud-providers/ec2#cloud-config
 
 ### Rackspace Cloud Example
 
@@ -53,4 +53,4 @@ Rackspace passes configuration data to a VM by mounting [config-drive][config-dr
 You can find the [code for this process on GitHub][rackspace-github]. End-user instructions for this process can be found on our [Rackspace docs][rackspace-cloud-config].
 
 [rackspace-github]: https://github.com/coreos/coreos-overlay/tree/master/coreos-base/oem-rackspace
-[rackspace-cloud-config]: {{site.url}}/docs/running-coreos/cloud-providers/rackspace#cloud-config
+[rackspace-cloud-config]: {{site.baseurl}}/docs/running-coreos/cloud-providers/rackspace#cloud-config
diff --git a/sdk-distributors/sdk/disk-partitions/index.md b/sdk-distributors/sdk/disk-partitions/index.md
index a9b0fdf3e..2f2675d87 100644
--- a/sdk-distributors/sdk/disk-partitions/index.md
+++ b/sdk-distributors/sdk/disk-partitions/index.md
@@ -8,7 +8,7 @@ weight: 9
 
 # CoreOS Disk Layout
 
-CoreOS is designed to be reliably updated via a [continuous stream of updates]({{site.url}}/using-coreos/updates). The operating system has 9 different disk partitions, utilizing a subset of those to make each update safe and enable a roll-back to a previous version if anything goes wrong.
+CoreOS is designed to be reliably updated via a [continuous stream of updates]({{site.baseurl}}/using-coreos/updates). The operating system has 9 different disk partitions, utilizing a subset of those to make each update safe and enable a roll-back to a previous version if anything goes wrong.
 
 ## Partition Table
 
@@ -26,7 +26,7 @@ CoreOS is designed to be reliably updated via a [continuous stream of updates]({
 
 For more information, [read more about the disk layout][chromium disk format] used by Chromium and ChromeOS, which inspired the layout used by CoreOS.
 
-[OEM docs]: {{site.url}}/docs/sdk-distributors/distributors/notes-for-distributors
+[OEM docs]: {{site.baseurl}}/docs/sdk-distributors/distributors/notes-for-distributors
 [chromium disk format]: http://www.chromium.org/chromium-os/chromiumos-design-docs/disk-format
 
 ## Mounted Filesystems

From 1b7bb0c2f267f0426604d9833070870eb60b18fa Mon Sep 17 00:00:00 2001
From: Xiang Li 
Date: Thu, 18 Jun 2015 14:01:20 -0700
Subject: [PATCH 0489/1291] cluster-arch: use proxy in prod/test env

---
 .../setup/cluster-architectures/index.md      | 48 ++++++++++++-------
 1 file changed, 32 insertions(+), 16 deletions(-)

diff --git a/cluster-management/setup/cluster-architectures/index.md b/cluster-management/setup/cluster-architectures/index.md
index e635cd2fd..8e877df9d 100644
--- a/cluster-management/setup/cluster-architectures/index.md
+++ b/cluster-management/setup/cluster-architectures/index.md
@@ -112,10 +112,14 @@ Here's the cloud-config for the etcd machine:
 
 coreos:
   etcd2:
+    name: etcdserver
+    initial-cluster: etcdserver=http://10.0.0.101:2380
+    initial-advertise-peer-urls: http://10.0.0.101:2380
     advertise-client-urls: http://10.0.0.101:2379
     # listen on both the official ports and the legacy ports
     # legacy ports can be omitted if your application doesn't depend on them
     listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
+    listen-peer-urls: http://0.0.0.0:2380
   units:
     - name: etcd2.service
       command: start
@@ -133,7 +137,7 @@ coreos:
 
 ### Configuration for Worker Role
 
-This architecture allows you to boot any number of workers, as few as 1 or up to a large cluster for load testing. The notable configuration difference for this role is specifying that fleet should use our etcd machine instead of starting etcd locally.
+This architecture allows you to boot any number of workers, as few as 1 or up to a large cluster for load testing. The notable configuration difference for this role is specifying that fleet should use our etcd proxy instead of starting etcd server locally.
 
 Look how simple the cloud-config becomes:
 
@@ -141,12 +145,15 @@ Look how simple the cloud-config becomes:
 #cloud-config
 
 coreos:
+  etcd2:
+    proxy: on 
+    listen-client-urls: http://localhost:2379
+    initial-cluster: etcdserver=http://10.0.0.101:2380
   fleet:
-    # replace this IP
-    etcd_servers: "http://10.0.0.101:2379"
+    etcd_servers: "http://localhost:2379"
   units:
-    - name: etcd.service
-      mask: true
+    - name: etcd2.service
+      command: start
     - name: fleet.service
       command: start
 write_files:
@@ -154,8 +161,8 @@ write_files:
     permissions: 0644
     owner: core
     content: |
-      # configure etcdctl to work with our etcd servers set above
-      export ETCDCTL_PEERS="http://10.0.0.101:2379"
+      # configure etcdctl to work with our etcd proxy set above
+      export ETCDCTL_PEERS="http://localhost:2379"
   - path: /etc/profile.d/fleetctl.sh
     permissions: 0644
     owner: core
@@ -174,7 +181,7 @@ write_files:
 |------|-----------|-------------|------------|
 | High | Large bare-metal installations | Hours | Yes |
 
-For large clusters, it's recommended to set aside 3-5 machines to run central services. Once those are set up, you can boot as many workers as your heart desires. Each of the workers will use the distributed etcd cluster on the central machines.
+For large clusters, it's recommended to set aside 3-5 machines to run central services. Once those are set up, you can boot as many workers as your heart desires. Each of the workers will use the distributed etcd cluster on the central machines via local etcd proxies.
 
 fleet will be used to bootstrap both the central services and jobs on the worker machines by taking advantage of machine metadata and global units.
 
@@ -202,7 +209,7 @@ coreos:
     # listen on both the official ports and the legacy ports
     # legacy ports can be omitted if your application doesn't depend on them
     listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
-    listen-peer-urls: http://10.0.0.101:2380,http://10.0.0.101:7001
+    listen-peer-urls: http://10.0.0.101:2380
   fleet:
     metadata: "role=services,cabinet=one"
   update:
@@ -230,7 +237,7 @@ coreos:
 
 The worker roles will use DHCP and should be easy to add capacity or autoscaling.
 
-Similar to the central services machines, fleet will be configured with metadata specifying the role and any additional metadata you wish to set. If not all machines have SSDs or you have a subset of machines with a ton of RAM, it's useful to set metadata for those attributes.
+Similar to the central services machines, fleet will be configured with metadata specifying the role and any additional metadata you wish to set. etcd will automatically fallback to a local proxy via discovery service.If not all machines have SSDs or you have a subset of machines with a ton of RAM, it's useful to set metadata for those attributes.
 
 [Managed Linux]({{site.url}}/products/managed-linux) customers can also specify a [CoreUpdate]({{site.url}}/products/coreupdate) group ID to use a different channel and control updates separately from the central machines.
 
@@ -240,14 +247,23 @@ Here's an example cloud-config for a worker:
 #cloud-config
 
 coreos:
+  etcd2:
+    # use the same discovery token for the central service machines
+    # make sure you have used the discovery token to bootstrap the 
+    # central service successfully
+    # this etcd will fallback to proxy automatically
+    discovery: https://discovery.etcd.io/
+    # listen on both the official ports and the legacy ports
+    # legacy ports can be omitted if your application doesn't depend on them
+    listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
   fleet:
     metadata: "role=worker,cabinet=two,disk=spinning"
-    etcd_servers: "http://10.0.0.101:2379,http://10.0.0.102:2379,http://10.0.0.103:2379,http://10.0.0.104:2379,http://10.0.0.105:2379"
+    etcd_servers: "http://localhost:2379"
   locksmith:
-    endpoint: "http://10.0.0.101:2379,http://10.0.0.102:2379,http://10.0.0.103:2379,http://10.0.0.104:2379,http://10.0.0.105:2379"
+    endpoint: "http://localhost:2379"
   units:
     - name: etcd2.service
-      mask: true
+      command: start
     - name: fleet.service
       command: start
   update:
@@ -259,13 +275,13 @@ write_files:
     permissions: 0644
     owner: core
     content: |
-      # configure etcdctl to work with our etcd servers set above
-      export ETCDCTL_PEERS="http://10.0.0.101:2379,http://10.0.0.102:2379,http://10.0.0.103:2379,http://10.0.0.104:2379,http://10.0.0.105:2379"
+      # configure etcdctl to work with our etcd proxy set above
+      export ETCDCTL_PEERS="http://localhost:2379"
   - path: /etc/profile.d/fleetctl.sh
     permissions: 0644
     owner: core
     content: |
-      # configure fleetctl to work with our etcd servers set above
+      # configure fleetctl to work with our etcd proxy set above
       export FLEETCTL_ENDPOINT=unix:///var/run/fleet.sock
       export FLEETCTL_EXPERIMENTAL_API=true
 ```

From 0324448da820ec81a1f7d891acb43629c3153793 Mon Sep 17 00:00:00 2001
From: Rob Szumski 
Date: Fri, 19 Jun 2015 10:20:09 -0700
Subject: [PATCH 0490/1291] docs: don't submit template units

---
 .../launching/launching-containers-fleet/index.md             | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/launching-containers/launching/launching-containers-fleet/index.md b/launching-containers/launching/launching-containers-fleet/index.md
index b3b4724fe..b4d665ffb 100644
--- a/launching-containers/launching/launching-containers-fleet/index.md
+++ b/launching-containers/launching/launching-containers-fleet/index.md
@@ -98,7 +98,7 @@ c9de9451-6a6f-1d80-b7e6-46e996bfc4d1    10.10.1.3   -
 
 The main benefit of using CoreOS is to have your services run in a highly available manner. Let's walk through deploying a service that consists of two identical containers running the Apache web server.
 
-First, let's write a unit file that we'll run two copies of. To do that, we'll use a template unit, named `apache@.service`. We'll use that template to launch two instances, name `apache@1.service` and `apache@2.service`:
+First, let's write a unit file that we'll run two copies of. To do that, we'll use a template unit, named `apache@.service`. The template stays on disk and is used as a base to generate two instances, named `apache@1.service` and `apache@2.service`:
 
 ```ini
 [Unit]
@@ -123,7 +123,6 @@ The `Conflicts` attribute tells `fleet` that these two services can't be run on
 Let's start both units and verify that they're on two different machines:
 
 ```sh
-$ fleetctl submit apache@.service
 $ fleetctl start apache@1
 $ fleetctl start apache@2
 $ fleetctl list-units
@@ -166,7 +165,6 @@ The fourth is a [fleet-specific property]({{site.baseurl}}/docs/launching-contai
 Let's verify that each unit was placed on to the same machine as the Apache service is bound to:
 
 ```sh
-$ fleetctl submit apache-discovery@.service
 $ fleetctl start apache-discovery@1
 $ fleetctl start apache-discovery@2
 $ fleetctl list-units

From 5c62526f9a876c78738460bd4b149d1a322750bb Mon Sep 17 00:00:00 2001
From: Rob Szumski 
Date: Fri, 19 Jun 2015 15:31:42 -0700
Subject: [PATCH 0491/1291] docs: remove unneeded env var hacks

---
 .../setup/cluster-architectures/index.md      | 28 -------------------
 1 file changed, 28 deletions(-)

diff --git a/cluster-management/setup/cluster-architectures/index.md b/cluster-management/setup/cluster-architectures/index.md
index 328d50e04..10ce7cedc 100644
--- a/cluster-management/setup/cluster-architectures/index.md
+++ b/cluster-management/setup/cluster-architectures/index.md
@@ -156,20 +156,6 @@ coreos:
       command: start
     - name: fleet.service
       command: start
-write_files:
-  - path: /etc/profile.d/etcdctl.sh
-    permissions: 0644
-    owner: core
-    content: |
-      # configure etcdctl to work with our etcd proxy set above
-      export ETCDCTL_PEERS="http://localhost:2379"
-  - path: /etc/profile.d/fleetctl.sh
-    permissions: 0644
-    owner: core
-    content: |
-      # configure fleetctl to work with our etcd servers set above
-      export FLEETCTL_ENDPOINT=unix:///var/run/fleet.sock
-      export FLEETCTL_EXPERIMENTAL_API=true
 ```
 
 ## Production Cluster with Central Services
@@ -270,18 +256,4 @@ coreos:
     # CoreUpdate group ID for "Production Workers"
     group: f118a298-2a8a-460b-9edd-3a9b49df504e
     server: https://customer.update.core-os.net/v1/update/
-write_files:
-  - path: /etc/profile.d/etcdctl.sh
-    permissions: 0644
-    owner: core
-    content: |
-      # configure etcdctl to work with our etcd proxy set above
-      export ETCDCTL_PEERS="http://localhost:2379"
-  - path: /etc/profile.d/fleetctl.sh
-    permissions: 0644
-    owner: core
-    content: |
-      # configure fleetctl to work with our etcd proxy set above
-      export FLEETCTL_ENDPOINT=unix:///var/run/fleet.sock
-      export FLEETCTL_EXPERIMENTAL_API=true
 ```

From a66eb9bd69d1d521fa97f33185fbd3517f766873 Mon Sep 17 00:00:00 2001
From: Rob Szumski 
Date: Fri, 19 Jun 2015 15:35:48 -0700
Subject: [PATCH 0492/1291] docs: update architecture diagram

---
 .../setup/cluster-architectures/dev.png       | Bin 11888 -> 11118 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)

diff --git a/cluster-management/setup/cluster-architectures/dev.png b/cluster-management/setup/cluster-architectures/dev.png
index d166d7153de73a349e5ca37faf022c24d1e13707..f943f7bc37b0b17ab37cd5c4837e6e6900cbf8d4 100644
GIT binary patch
literal 11118
zcmc(FcQ~9~yYHll9zr4!ohTuCn-HQCEqX+Y9)!W@WkmEgI?-PeMDLvuy_aB!I!eq$
z9lbOA@qXVf=bU}6{m0(dInTwKd1ltEXRW)f`?r2~*c&wk5<+T15C}w~q$sNi0^NKI
zykEe-3A7H*Yu3QaEvU4THau|GaFKiKBI9gn
z>S6U)w*-NC_yu|R1g)8MkAMy|*B!JVRxa+Q&Xyo43y7H|gS?Hir8~sg4$2^-
zCH$wkG7n6$VYD#x)B@c4(au!gGbL_MNOqRk)^|LJrP
zc}zy@;u>r!)P$I?5?k=LbQvM7s;d8;-cn_4ZT+4t@;F`J9m~)L?Ls;Y#^5hAP~T4=
zD8`?+A$#$PfoEQ+Ra*}U#eJ`^IeV$p`b`TpV)9Ls2gR*vIHx>-A?FUG4Pr^fvc)Eb%}B;VeqB6DU*}?z>4Vcd|0B
zB0t}{EBt|HIG%j6E@Ofv*a4};vOP2djK>54tqq8E9vvMW9MepWkFPk2nk9<}3#+Xo
z?t`533JceFmO9Q_kGE#0#>U2`rwec%X9sJEoO;1iE)9lTTU)UZu_gEH($dmjbzhH;
z+@gCZ8tm&kyB*jEoF|6c7RR0iUS3|#*4n3CwXrCzZ)_0ZPU5pJWLuR6|MERQYPr}O
zNSS8?S#-WUp4;DU!j2_B7a1BFij~yW)7vO&Ia!W~mN;W4x1X&oDJW1f`Qz49_i?%s
zkW*%6W@Tk%?>qwN^77?NwtK32mc`VleEiJ8)kx@rShm(8Lho3oHvvnbUKKnx=
z$vh@>4WD~fY#@+(^e;3wm)I9F=KXKoZFm0+^snS%Ydnwei2}vkA|W9O2ndjMS^VMO
z-QAt$(5M7?v5v(~4Ll+Tp5p4}Mknr3UQ=^;IAy}a$w^eV>miDI3b8I&6e;X6M+Us6&6v`y|<_`Ksl(sSSzxOiGG_BP5|GY69I3Fx{o9(afY
z4<-%iSaOt=n1&lE@H|&lRXuxg<~te7tl;J4mFaslU4OR;lj#ko0pDNf+glxARz?G=
zr}Np7Vp`wajQl7Y0UX5s)W+-|BgkwqzvCAtTCva_U9q`S7UIoD8?oBOo6PnoBM5|I=3Cp&~Ld@dUh
zot>TcN|Z?ZEVl__?(k{TJRRaWDdc2KnWv`i`dVoZ;pJP$cw<|RgQ$#0aUc2z2K@Ho
zvp&vLD?vs-*xQqoeMM=KYj`YGjYvE({xvs8V@#Kun=99fR|{AM?DDMl;ndE&zMb91
zIgwtY
zWTWSIi;bF&dSjVMLzsOEN(~z{{T#n{bt)7TRFA
zloV55Vo)b6EPP)B3We(EAT5s5^IVLXK^A@eiJWy1RH@0DtP3W?eS5ZUWMwzdyWaE0#^O$+aVODXM|mifx|*7`3_GT}r#Zc)o~BErxn~CcU1og~$^q@JI^*B3
z>aJCI^))gV*T3p4SE{A2uOwT^l|N48(h*DoIQ*Xx*ilt)5M8wO@%H>uDYEaL2<=+4
zJg7GgjYb2p%F!<73Qm5Sq8|5cdwUz}i}eO17smovlY(1RnBCS)jX~{4z+tD(d&O}V
z`)9RJgg=JP*Jfv%0?~mkS^?$REmkVS7!H&FH8xi1w9<{bI;!*1f>~PTvMANm)OeZj
z7y%OS$N+p2;=5rG$D*U7^KySsK+J73#?lk;MJ3V((~e+Szd0amJJh+mxX8jt__mkw
z_ET37-D{gx$iu)V6;Ex>uDwY0QkWIB3#6@SaL)rX|P>&wVNpvbTepFm*ev3TV2
z1Oy@`0k)X`iT1gdg!HFPrv}5+yj8I~AP_nE$o?7e7JFcfSZW?}V&eDTAI6TaP2l|V
zG(aF;K}zZW7j0~)A$M|~&8Zqc^NzTQkx>Sg5(J77VDa=Hh2{|l;(l#|PHmxxT
z^yz6Pir{SXw$k{W_wJmzZuoiK>hkmrer5rF%u@kEQy`iWcPvs*hC2H0FD
z{it`tq5BbIT9;Vy#fuNpl?8K&5@s~!H^*62$%TgODrqwGF4d4*zWa6_c|%myJ&>#^
zZMzZU_ZIS27Q^P~9kIA_AfU#^#sb?r7i~fLqPB(3ky=?{#a0Nn8x3ue&cpLrr#`Q&
zqGK_(h5ghB!R__TF`9fQpHQlR&tYth!_e%X^ClY&j(HYWHp*-H*4^Byfex*Cp%~HY
zM`T*2bYKEcwVRQ3w}wzpUY{dT&ShA4=P5DCk-&Jt*haHI4uFnNhm+)B_?c@SAk`+g
zddo?cuCEro`Sb2wiM>>=vIF9%v#(9T`2;EPudFQ8SOQWgq!}7KHXnF
z{2Gwk7RE`76lKyem!K!Q{VOoqvqzs-kxLDNWtWIQ{7Hc|k$fRqOi)JG5O}SFpf6x@
z;zp7nOoYbirC_RpAlyWF9nG;!t)+cmZX=k)$MQ~-cn-`-4eTcEN*q(@By1OF6eNmZ
zp**P?ImY>Rbev~o-reXgeVz!cC$`}eKbyZaeh?;Vg_#4w@HqAx2XcXk(0!Hs<^J7b
zb#Yc9Usaq2q*w!UJO93yj(jbBA$%YHq1~ckrM>Tr5fghV1fik#ba1_M?I=`l
z&@6kCg6jm|=`-n2ySrWV7e^7;ZRhHX^S&fM$5H8B?qKBG+{Xt_hVqYgIHyqf#cFT&N&_9)9lvApfk?-U?iV|pv
z`~$=Xh~s^~tbf{7-)bWn9B<-M4J+yAcm;Vea&^%`l)=`cW=t5#eo^1Y?@(!IG4_-1
zC`%2cevjl*6*KL3wRi!`cc*+n&UBEme++IVK%FT8}6+`J_KdlQ7f;d{m&vu^?7q2
z-@1-@*3#(TdyNMv@vsk~wu_gEenOm@*
z7w`exg@JXWx!av?r-No}CC?IbpkidbrsroOcfE0K2Q>l{<5XvvfyTR`7>YwolIQL_
zY;NU`lNgipj#G?IP?=%!m~x!@oUv;NAetYgM&xue
zThrw4d{!6qX5mz*UcU$%qQ{*dB634AYm%AppJ6AVQU{;SVoSk$
zqzgti5#(XI)Y;3-hB}UTDBmal1}W;$Zm}DI*1@P((_YlM=1Uw9jbZUvVb#ZTf$0l=
zc!Ny&+;_)M)}ND;_k58fsMzTs&{+wO7!wb#zmSiUaq{a5jTf{u{!v8cx9csY&9vZ$NjcjwCL%OebCbgj$Piy$aKX$LA(C+2MXCW@Z~uJxF{fuw#G!%hJOnMfd;#rXAiHO0<{9
zX^*Apx!4u4XnXImW3oDKo_a2BT@%ADf4ETlol%M8@cH-4wdcptX@kQyfyz-
z*ZlhUY(ktpvL^x06~2Aodc=^)ro*ht+}Eje--&~cVZF-P=SAI_OW%cFv|;}usF>IM
zd4`=E>D{rl>TXePhSYi+g&08%Up#jG<7beK%@rT8-`Bc*TuJn7$h!|RR)86#WPx)dAGGTWbKV_P5#gyGt_gEc
zUzZrCsUU~)+1P5Z{~&kj3?-)kGfDW6+$Zl5G^5sfkQdiZbVG_-hzdx{(m6B5-j_KJ
z>U-3BWGYk=rdnyNE{`S#XEX@!qJ#PzCa$*~&tMBR4uK%vCsod&t|GlympjH=4Bc$h
zCF0_o3aE=z8S8G5If=5)NVcFV{R$RCJqI-mQ#D81!krqP%Qg2+sjQd3c}VXRhjSH#
zf9GITeVRkY!`{qJlw*?6t@<#!?}ZgNH6K;9Qms?G+(TI=ew#uit=GRrTmCBJ6v+qo
zGX9;>i9lbca0E`LB?hGFZJ+0xIHo84ftq^g!mH$<=fkH6V=ewwy&HG35tVN*|bnDc=Y;KOLq&~CZkk=|MQ*nNc@|2T3R{la9vVoX0=FRMtAlgN0&lgU>U
zm*UTs^Fm~I6*>JInc5SXsX9WxR-@}a#fr9P)bd=D6m4;pMRO&?UU_={|~
zUmyHF*xRQ|yoh6C{B=)d>Pe5@VA@P=Z@L69&R0t{mRmgLe~)8WpmVaHxDWN4W78eZ
z+ItWC_bvh%mU)O>m5jt&R)}tDZ*zwy*3@>JCRq#QvEU(QCMfA60jQzp$$K%OAklby
zi&?FrhjXHm0y4_qTvmKGfIAgG$=-Atesw>|HC|`*+sEvIRnEGk?D#iFF5jzKs(M=C
zEvV+?&0PctCEm>PhdcMC-@cBbj|XWuZ&{j~DmAvavkGyBpe5+fzE9!&uCOP#Gcg<|
zPAXj5%%!PZj%3=>1oe65Imx}KG%lv`v3s|wWMVsUJKJ3*`Y~PJV`W_BSHR8V<{oKu
zeN0LW*gw)5-hK^*tW{Nq65Ov793b@=TN7PREWX|k2MPj=`(Dd_vq?uX8P>6^7SmWX
z?y>Wo7Sjw(jd5W!@hN%2;W{Y|X;T8Bw^gy}Y-2p%vX(b5I->GhI@qin;
z{GSFunFBx@`-qR%i0A;KJT);x-{9)d@H}2XuO|pd&++*&tOAzbY!X7R)&lm|h~-P2
z(sg2sTB!0RIq%Y!aU7`^DPNu05#{eoj|!&hfW=x$V;5($qJRW$`=09dhM+D*D`0yf
z5UvvLfwK-A`#<9Ro!IMHr%2bM)-IC+Fys1KEA@Z9Pi-%z5jWSv<4|2}KoaGH&uaLy~09l;+JVJer0=~3Zu1-++ZgY#GCsu!Pz~0Qh;k33t$AHs5H_1oMCTy_5f3ShC
zL%_P8%qw8sWWAL<2bq%d#FJb&Vm@@
zMkb^|3d^6DmCx*-!N`eHptn+>=2lk2j*KiheqayNR)PJ?pt0ja>T_rjXI=vZWqWb^
z+MQ1+%)nAA$}9&f^}!&}4~BmRW#GhtEM+t0>?GWi-j8ohLV7&8O&?4LJ6Vd{yn7!E
z97-XWK_J7Y@ywHhdH?*SxXWyDN+NJRPRz7#GUI29{Jg&~YAtgWi3RI+Td)4Av7>4f
zvWor(e*g3#g?`Z6ZLt3a2!t1#sQ=umt(fNesngF`-SWoN#CNt!267UQk
z1R787@^2yX(k1<(dY=Sa{av;&!{EJ)CL`2}5$Z6wGx+$4+4C^dEKT+*XUad1-nX>0
z)S+PB2(53z6nOJVo*G%*vRUhzEG41l`z04Dbl)Cb??Y9L`{q%3+HZm1B-Jf=ZCssW
zN8H0F_QXiyyPaS^n_WJZJDdGlMVrU#9uEnFYk{1J*Be2Q=UKpE&ohH%IhrX
z>}QwkNOnuyVcM+_-1$%3!E0f8f>w`y0V|!)kt-6VZ;$8)wqNKpeixGp$4ZPdYLum@~^8Nk1A>`y5{+Zz;k~p8~O3PEV*mp_S0NQ@d?KnLn^n8|#
zXK>#;6K8Qx-SD^X2d-`>Mu5So=!RzR&haHuoMCh`=m=nL3+_ENU2!pe8)Vm7*iTDg
zT8MpvU#9t2etU0_qx2+@VQylQZ-(jaq;PGh!^-!TIkG;e?eh~7=JZzUP^oF3$$LFZ
z$|NdZalo!W^Uf=k`A3ptWpqMIfKm#%nPcEk!B2(u0gF$V^sKF2mF{Q%fuNj&eytz`S44gp>A87B
zc*%Uh=^?S^<`+^vAJ&bpYzwV07st00#xI=-uEkEo2W4t_^Z~?Bg?N;RQvd2HyK-Xr
z)ghCqluz!dMzzDQA9}jw1I+7Gm;`e+?H*78wY9Ra-P_O=WoduOa~~W^M7$Zb=2>34
zIivZH0okGVfwg!nh)Trm;l+_FrD|@q{N<=e_fx>{$62Sj=J?bB{b4ut>Pgt*6D+&J
z)erp=mQD!sQYZi_#kkXp>7D6PO!m8XV==mV*Ek7!!%{70Csn=$Ec}_lIn`JvuLG8Xs>F_rVZ{B%ZPo$d7lgRO0CAzMB{l@-{J6O?T2%+G5M5#Nc
zVs@cRw)VuX#P5_w}?Z;2XB0Na9jM
zB)W`H?;aVX@GMaUKFDlc-Lr`;xYg12i}C2%Up?`x)Hs@gMpvDMfJ^ZDs;;ZsAOhG(
zVTU$;XF>YhwB>UakrX3c9yCh~59Y
z_;z5`*2YG^6?VBj-!u!5ISt%FALV%Is*<#FrMr3x-s|+i{kpw!Hj;lBdh;K#2As?Fus!ODh_HxA
zU2QEuSe6+z)z;ML@B|`}NPwx6otT*^#3h9yj$5$PTSov>adzhA>)SN1COaZ={t@6;
z;Iv|eMMWDM8%<43RaB3x5L(FrHa>?*p`qr3Ie~9amI4c%y5wx=~p^~oP5bLzRu
z!rF`vW=gxSB1z28_8G{X6s>@RlKEImH|#=5oe!&?v9X#gFvMChag6=CzIz;mKQ<4Z
zHr7%x^cYB$Erz3LtcNEBq+7mi%{2&QBp!~0&elPqo8rHZB>dqrw~!kXyfQ;hye!e@
zWyjTu?bzP64)aTywnX(+cF}V;|IF#N36}b|<4oXiM3Q{H#T;PC=)KOG^?;fI!shE*
zfIp1BN+&l=EiIpt1I+Ati&Z-(KtygRTj;YgDaE~e_YRnDi&+<;FPpl=>9+*=eC97D
zf5T^gmr0AxJD%f-k1N3N(-lbX=eC{2*8cn+!DG*1TSkq@^%i>#nKH}8%bGXD6bFKJjvEacXj%R6%#Dl*l%jr0T@*!)mB&L8Jj3tyIITC`*=C+vC~5x
zR=B~7DPYTr92Ag*zMl4#ueSmC(lp^UTI-xl9Kc6+tnA84P^nb!0p@C<@76S*n3#Ch
z)3$?A_-LzRw%??jRF4$)gu
z)b5r_aih_Ap?}aplMTW@x0L3sQ<;U$xLH-76W#%6lt+AKObVSLWl~JbU*uKH3){6d
zJs24jzoK)Llj5LV(7T%t;9#PWha>xnx>Dm@g@!bZW90%@>!CZCmbqGf^P{jgt}ry!Y)qSpaQAb2L?y$SoXwoY
z?w4Y7bPhRm_lw075q%3O7N+>TRKZ+XxIpAMFp`;4s1f{c`96of2DY{L>zolV>|UN>
zl=UFb>#V^hwG|KfZ}%W=eBI^t1I~p@r3A7`s($S*z9kdu%b+(DpvRLh48KZ$gNfF>n3-s&ZQ;
zCzwF-J558gOxZMIesvOlOfWe=TgdehcUvPr_u;$gcJh~R^@OKOVmvFap>aHzfKr-W
zd@AX+J5u&oWH_bCc5^C8%}e|4zX4;QMul)}g%ho>>UpwJ^MByo+rZbF{}Jl))Tr(D
z-R94~mjdnh@b{U&H1e%EWYB&^#TC!#B*W;MW|)um1|&0)qT;JM+9P
zwLf)lkhnQbR<+^uuHCac61QkqW55L0r+55czz+!-DQlU+a7*(Mt(6QB$KOo!-(LbZ
z0z&(b8KF0OReIB3bqgqv3quyf`S~?z49W%$?lM$y&tB)nkL)O|qW>L)dXtU_y4U1Q
zUiFqh2kiA*UtRMoQs_AgR)8=>yS%WowRLtZPbqt)-emx3am8I8W5nca|5x0Z%jf&y
zc2Stgzp{XqmrH(>{|K?4dud<_(u~couhaVWdih)H`3@+yZGs+0$6xukb)vcie>u{m
z+(FE-P9~*6intnU#&m7_cHCXr?)(D}23yNBMgmX2Lul&!pHZV_)yhJv=(J}a2RMt5
znh_?Q(&)KY=(#T`DP_+Bfs&+g*5ftT+GS5fW8(`H2kSK({l2mttH?zDVA((t1bQXE
zNOTCGxDV{tob~_b)(mm$lmCu5*5$>12EY-AhGK9h8e~Ca&iU7~2e|c|Y#V@G{vYGi
zNrD`O-&TLnxJJg5&)|GXSYn`7%rij!|0;{%(b-u8M{hh(F9~J4xR#F4-C1-cSz+N>
zKWCW=#`Om1_kBXsOrWF*;^HEBJZlxrfNwWhOn#dYB?SVFeU|v(giNd~_5n
ziTXq2?d=`V_7}p!#RbTu^i0%b+urkDVB6Y&7g15sNBX63dPzD@{Nw@T?Cg^(!v{5W
zzZ3zWe6}z)t!pB=9a6PZM1%>uaQ}_gFkNPy7|}fG0T|uyUuAtABYl99x6>f$FQW@B
z-hPKgCa0IMRum4HX&}}1Oie_ntOiTY!otE!?;|n|KfhMQ+(+S7pwOZ1{Tm%5>H;ld
zRW*%0ZpB@lpP|+Ap^lEcKgrFH9~Kl96}7fzg&u8AQy6eC*CB}p@6!7?F8;W|yb>Q
zEw&^2CBGhD;5nWw=q56%V7t-=*10)r;j}})NH{zxDJgiWprpjLX+GlN^LN!BVo_L0
z@1xC`8oNUiAlsysgf*9zI(+!R{|6zVGpTzN8va+4T6h
zmYyC}4Mjv3zqok11*8#hv5*dO7+1buO!%Cx2Boioj?Upt8e+V|!~9V;ISoptF>l!V
z$o?{&Wo47<0kEDu{4D(VwXH2zQJT*TbHK<>t@p}-8Zp42Hs_o4$O6x|o7Bky0c%eN
z5}Bl=^^#Dp2zK&$PfUjQ@phCwRm(XosN5e#@QYbucOqz7Zile
z9aZ$uMa;SV%#ph%d9ef3;*}QK0`^o77E!gT^4wkS0?H!KDh`YVWGTH9l(vL_5~Z}O
zfk6Cs#(AGk0G2&7lUmRM&KUOhzadC)6ErCJfqEzi@GZc|%PK1Pu6>e$n$T2w9Lren
ogoZ}kaq-nhEjAEn@HUP<)Xglk)wN0v2nZl0IW^f*>Gz-i1*G5KegFUf

literal 11888
zcmcI~bzD^6xAqt)B1jFLLr5wqNFxj-Fmy@h(A}vZ-6-HlNp}k)F`#rK-O}CN@E-jB
ze)oOf`?>eOd-n&6;g>7$Ehr4#1u=?JtbXg2~R*=pfz3GH#&62|)k4N0$oMN0j
z>07+r71z|6m1O*{Tb0>U^xEN1-D*Ycq)NMM5d;uHa9n$OKoRrkB`Un6?|+00s?$|
zd@Q2Szkbda`x5x6s#qIYjYPJ?u&K;I?Ahr4qEI0rp^dbS{Y_{75fK3afkalVxJ>hJ
z7Wsr?O5jEH6zD=~QL%0v&%wi(24Qh)8yk6_Uc;1>6xTW-*Nd)rmUb7tCm<~qU0t7r
zmM6!v!Otixfo5f;a=W#;X=QGX-oNh5udS_3+vwUfE4ID8U9K-xTwH966mXod4~^7S
z1h?kJ2P9;_L-+FZthSlrIp2Qb|9fVJ;^uHwk%6sqU
zhX+T;DM@W@Z5<*n2*dfOHcK0CmOd%q4FDaem+BS6oNIKntF5)_Ty5ZRxQvXJSxta760#%r-H68ha?u?HMRKW*s!NwX|w{E>HH-b{lVRG9{ek;47@zZBhI>bYV$hC{k2OkkAQ=k6=O#es;Y4ieb`-})M|q|Z
zA(Ma&CnuvQg(jz`>)m$$#Kpz!2~h$T_r1Q5PvRLF9Ss_*@jBgEY>(a@FBjK6`JFCK
zK|#^m+Y21MPPRgI?Yk3R0AGP-*Koe_2jx|Heqv}Drh-0W>*nKwnz2PrZO1B98?P$K
zc5jRnj(7|o7JXt+aCLQUxH{-|K%UM8V5bUtaMs63gcC|6^i)}m37?D`Lx)F42|e&%
z?W}~DkCo^u2<|_`MV(AqZRAto+Duiy@UAqSs?MVdaeT*
z5`CqJ-jzKI2lrpRf7~;x?i#^k;k>hP8Em1W-&Uol9AERdva)_RhiP_`-(^tg1Jl#w
zsZv7OG#Ps>iTb{Lg5~Aq9D+h`Ra8ECVp;>@U0)o>y6H5-;ed7kHL1X5zw^;lOjvJN
zeCsvy+O8Vov6%$Bg>P8Wu7+Mxs{FA4u{-!vzfS1`)NS{t9ucBmqT@05^Fv=>Ut61`
zOVF=hzdC{gv$L~hMyoxKH-M(0@1u6jtf)}b9Owj$rlzL$GLgkGc5-quQ!3i_Prb)P
zg(>jnuTLNsVZXOs!!yh)Cx#F60W$-A{y2n=)Z~TA2-mSSoGp~-)`jF17t0qr#SSMG
zZghT~Bz(TJqB@`1YF0@GTJ7NGUxwyJsT>Dn}{QUaL3YIEpft+d%wiFi+xR_G}
z9EPyLinK60+jRF2ia{Y&we)H@o?9wp3gZpVN8VX)6_gw4@pm+C##)?$RTTzUvboh=
zBO@jC+;1gX?EBQ!@}tM>5WxjchQZHZ(&MAW+JN`UKqDg~M@B{#b)CYLJpiwUU}0fR
zA?-AxooU`Rc%P?>2T$9&{mAaY_B(5CXb?U=M@`-w!bL8%GOF?!hF-jQVY&FV!!(q!
z!a`5;$D8~MH3N3y!Q)YC1&LWwHIZLseWf0eii;Ig$GTz!5TbE@EyC2Uy
z82Y%Ha&mHjYd0szMm4)-4K=kV{sw@>s`Uzh)n`u-SSNgs2Bgs5w5zyUnOftNSbjp9}aW)=vFp$Turb7}B8S{umo=rMD$
z_Ug++%e>iITSI3n6lRm-hTGWKxSN5(rYxO@a^yG1O7&|TO?`Z>fzGddMR1F?Dsw6-
zDjFJY&R5eIG5||fmX|vK-UX~K^XlI=9wULD(t{~I7bAJ&tkrNnj0pHjiP
z%8v#D;o^2z5Qd`#;#9m%FfAPUx(Nn>pwMT*0rpnF8TT__Lj!SR{VyLQHEtK3`AxO@
zY(6vjn`(u(#@&e#L*K~uv4T~*cywA4K|}sbs)QB<5nxr+u)cl{S8fbTVl09y2s028gr7Bs3De_8?$x;wYQH_w>Im)Wi0I+#i4Y^Ea+Q!Y
zH9URhDc*Q~)h6ZYHtZZ~D9(C1JkcDjbJhdKV8qOXfwgXO{v4^zZw*zl&QuonWpD<8
z#iey@xI`TKdz4jpD5L#g_KD-`N-B>dG|t1|
z$ZQfxvvKO~$FC`5x%+)wvJ2Z+8a&I*UDMLf4#Rm%qaSUqfXgrg?zAw(T6q!qQH&T1
zunp&TFDVHR+2F#%LGx*i09M}aRo~-b;RNDPnUhbDKtq3WDkG1=%Z;vXI9<>tLTiQ>
ze3mimHM<>nKe2BS2LTA}l!Q=3$NyE*ktetHM@i|X^Ovl?-YLV^Uxi#nB5qlRbM=X1
zx$eYhuTwRavNihEJ%ahWSM^U=P%rx{ES+kj#7!j4O!{oh2rvx2#|cQ{Pi9y;yA%X;
zR`IAlK!RAXA_Qlr+L*)Qj#Rnv#Ob)K-w)03Ia|!{EiV#0Eqz#X_<(lyD?Ih;n&h8;
zR@jfpo(Oe|`cC1raVnBCiSidi_t+|H_UXW#feK*cO3!ZHa<;&(GJRFpXS}wXSaL-G=g54T
z+H7pY!Dj+{2v{xl$Sf*Q4E@}4oZ(t!wQA|`p;pPXfZ**)JSaD5FNl~1Y4FZv{m7U|
z_;?M|&P9*xM1mJf0hg2ELr+JtG$~j6-NPFxpT=mtib7;f&IN)>!H*^FUa1;~&}r>^
z5;W?Q95bil(&JFm!>o20^-}gbE2(BVyiFBX{_uHF+*#p}!%1h&ne1Rtqj{m7X__*Y
z#PwHMcy@>}D;;h>8LzcLVOKnv_@G9jIK1!e$y2({h|Vu2YHxyGU|ifTbvOH|H13o&
zUu(*DZnxg&q~+pVRa${6qC?nFV*=bOPqM`5Iw0YzmLWCAA$t4gk^MsSMGgAbDkv@d
z4IwgjJHNH1UE<8xA7@Az;tZvf`G&$(%ThjAUv`(lR_Pre8+MP^tO|_cz*g?2$C!P3JEmnRo_Mx@)y|cBr-|?
z3liHF5@I^25j1^WR&qLc_4KLUtHZ^X9>IVQrQ@)cF)#^Q!#Z8fdU$_2t}Z0nj~04%Lb|Abl~2=2
zN3T;8JvQspYq5{%Zc=?&LG;%!^iFtMFFy9A|16Et^)XF5q>4K6TR8eLogqRe+Y+&X
zIYK)|iQ1c3T#fc^_gJ`Lx#jcgXuYg|#k5u^SmHQ<?<$LBq*UXp!+
zU4r47_AF&X=4e{DrNV7?&8xrqsOcLw&D+4H@kU%=;!3Veo55a^X?z5hKWvd7#M)>C
zM)#9T&U-%W`gmv>5+e-`)*>iV2D&%tgHmw!M)fL1+*W3_Zx*+CVOx5R+y2pGyKWbH
z*K2ug4=Bu+!|Mfa?=n~ZfyE4HNh!;-l+O5VKjf#
z?Cai~@sEYPoAh%%gg2gd9~(iJ2;VZ~r3u8m=96b2xd}?w!21OC;&%xOb5EW%3sD
zi)7y{de+{MHVxp+nCai}d|yL45o0mE?CwQH;<K-#>F=ZEjiNpekC>f!MWQ@P{NfTEiVDZR0>%hrd+)#IMk1Xl%M8Q9RD_*rXBe#
zlX797&r@jxkH<^fTQdleOBdZRjN!utJO?_MjE#T(=yOP6R_KI|L-{g_6h83QS->en)S)Hm9g2@;zt?<5FFo!+7jQnV9D5V_o
zq^wr^^bd*TeyhIXlZQd`%{5cHcqZW&OZwGp;4Rr`@E>G{c|~4{edkvn4W^h
z<0AI>-n4u-%nKEZ?>X!dX=5Dv{awUIan0*C=V%By%y!&Z8kwbIW?H?8ZFO5uaA`C+
zaA4DKwoG0rBm^SCAnVD*$dT+Ld497|8#T3~9Ks<@!_jkv@Vt{J^#bup77j^<-D#`p
zN0W2Myi9hQxUxAE{=2#(J;7aK!4v^$
zZGTeYKggAh^iyy6mg`&+O(d5NDrCgq@Ql*cF%-L-@cC(cHO_=h>)gzb<+R+?h~Zz|
z6TP;0hA^4LFT~=q{lBF_jHDrf;8ciFb2~LIN0?k#ku*di1E>3(&rnm}en!!`#(o9O
zsm4dLHM>d6_E$$|#T&e*0Z7}e9`1cNH97$$@w;)D;`nO56Ew+1bp0A*1)m}>XD8$_
zlJbxTdwJwQOa|->)_F;4S?!;i){7M9R^m5Q_|WCkMKuuHks>z@d~>fJ`vkseTJLXA83}JZcC!@KJ9o~rG|Dpe-yz-
zR>&x<_xhDpYEKzP>?8^;lMxfw$4CFUC4XT@GOJTq(I@&hl$pG(lLe}m9in${nGA=~
z_ypP~XF8tMlv1r^^Dqb7wF}588BUX!1aX8nOx~+A_LV?dfdlO)3sZ~-53QLQ^olZw
z#Vyv{X%bT5R;v+<^A9-{Fgc~fR-_kulcAozQmr=!BXkJQ^j6iOD?}>+A04UH!QF!D-g5>
zobA61>{$%#nMhCR3C+sIfi)`e8HClLG&K!hty*rf6s3S71ZDDmRVgbLmK?c-Kv?;rXZeh%Ej=PJm$27#OLl$0578yr+dIH7?UpR8Q05RcX&oFCt$35cwP_VFGgq??^_Q>>+1)
ztWkxZ5KS8@nu99)zSTEjvG$IJz^#v`q3pZ$!RDKlr5KNcO_{(1E~$UXCE75jxgu3q
zP?Qa5keAOY{|5N-nghNeQKbVz;(e%)wh5*uIm?m$SFZW#qa!`!F@=
z9u?T*0O5i--M8o`4^;vOhLArC9d*|xS^V@aDj2TNx$bY|v>-LZHO`a4x9&RV6
zF}MBUN)#XS<8@o1w{pVFQi~K^sf~6EV||~d31W0sTubR#ZqL?#N}U{G57c*=-Bj8o
zm@Wu{5ws8|I+Li+H9Z@=%AU2FNq{9p|IBNyWQ#E0N+R}Cb~aN*Jw1t-!9RA#df(Y}
zt7?PpB3~fPF9%3_^4={(fSEaB^*pt}p}or-`o
z4>9Cq^*Q8bN7|1$CAJ&W7&DZx|L2m_vccj^*tN0jfc~^T2ZGmMJCh{7YG#uh!~3jt
zZ$F&2VeZTqW;|RDc%JWRpOLIg8`X`}o0Tomm938OJDDdj<_&{afgmZDGq;ER9*p;c
z5}&3-&4`S}{ZiJ#FH39qj2}tjmuCdF5{2D76lx^513tX5W2EjZ&sD$__l$b+YQI|f
z8l{GIs)`81sv#f5LsULMR2qlDVNQ^vhgl+*jeVaf@y#Mq;kWyZn$IVw_%IA5mn~0g
zuLlu@4XK5C?FK)W2}ksZFdkNSv1-a5hj+_|cSWuw`|7ud{T1}fSHzGGdgvNel%CL*
zw4Yb{uur$8uc_8Korb^I7o~9&h}|V`R(kzPzRj659;j?{)1(C2^8JYIjX8FKe
zIG)g0w58?tupo~&o~d=Q(88v3Txbc^kph8!(D%-a$R#Q90qHsI;H=%$5%E8r&^C_y
z8CqyHGMu%((toZ_Nxz-xSbw=wXFmFc?^!VI7%m8OBP!{6koqXo5d?ZKX=1t7;7#?<
zvjJ*Zq6WMo>~J+RPb_^?E<0a?X9d(Ckesra*Kyx0FrmN745L&`V-1oJa9w4HlPAQ<
zRc^Uweaq-YD4<_`$>okA;h(j&wLlfnF~!JQC4I;yc6r25ZaDp=N8D3l)9Toit`snk
zI?y^j&uT0k;8-5WBS-vsJL$9c>oK;-m3@gy#0z9Idne}N;_;!KUOvgy+ZZuDy*>1t
z&7cgcHWKlmCYK6!HzNV(!vmCr3qeH4hGEDc9$kQNP(A`T*@u2j*}c5$tMg=ynBH4uk$`
zo~e+rO;ObFOMe&9RkuIEYB?ZaVRzYhO>dDetwR#8-Sdp}^z=Bq
z2t(*+WZgnHTcb{y!J9jsiPyQQenvX~;Ae|$^Lf?bSn0i^p|EWn8Y+k#nawU2vnbAL
z=c2FcaURiPFT_=N8FXL&$ZNL_r8qa}K~8gL4_mIGu~})xj{^tJ8s;_s3QsQ%YDESx
z^->J4YiO|^tfK0LTbmhw?$^_>p**X*1ctSQZ!7fIT|5%hl7?LV-B01L9o-c*#X%As
zi=S7=GBGCIS4fM!>7OJP9k{Z{eW0L&QJ$>LUR>*ZQObWiLX78S$E=O5o3QjHLHDoX
z>=2pXaK!#e&OeyU)LnX{8_wy}oSKECNH?<}4Qfv(1IOx4)|P(nmOMsMQGGEV)Q;gJ
zHsnDr$bHC|j0oImzEDq?#HKP5c_r?IppN)E+tt11#4;{%5
z??P&e9&#cK$WkE?xKUMx)5I?C5;rK56Qf2HBO!4nt($6BzNW*4?vkHH-y2;zhs=+V
zqzPW`Q#5NlGTi}k`M>c46<2$Fq~0UY;7+08{vy~mx&yP$V7yhig@Z6IWHpkEr%Y|R
zD-yC^*qzP=r@ustGim#5JzPfJOo(>vcd$I)n6K|PKJQzUvvgu~?{7NE=tRT#F(&cP
zCI#u?LuClwQcSDUtCnd`XzAHi+iEJF`fTY<{-2^J$EjHLND=1)w}=60ovSH2%z?Z<
z``Hnvsxfi~xc2NOg{P?&-@h~cgM-mEpzw{fodGJAFd=BX*UbR+Usx`e#yx63m%0VFMX-d?1j09356^UE
zQ-7bcWsGjqPim~J<*ervY}b@2YxX7MTchjGmyWey-K?2Rns*t}Nh4T3~`UU_?02Em`G-G>u*e_DrR}a+WcXn)D
zJl))owQ;813EM!`dBjeV|FKnwWZ~|M&IjHA+L8p)7Bn&2jDIVFLmES
zWfNcCt-m%rWVkgmJ0pb}Q`;w_qoV+>aCMX`k|N?KjO*g&#>>k)WnF!D@gT8ry1~aw
zUteF+xLI{{XqNzAMC9xNCPCQE9!H)uotO
zOsvulELRxEaw1p1U^thhS8xA?c<|M8nGXzwgDmL2{|^-
z1ZnL)!uP2B>oc18*SX%{#^zjX5(UOjx{0DD50)mVwDnR+QM(r%X0jb3T&vpH*~
zDOwYq@b|&-7sc_SqE|M-w<$9bkQ+lYLe%P8TLE>4TnJqb@gsyWq!I&RY#NlrA
zv?aj^|JDMVJBG1`B4D4i1F=u@;}>j5?@UOQ4^rTgoFfpmM_3S03?hXON}m@
zz^cTeFDn~9nd5A4&whZ&;P(MQBLJhXj|1)s3JQAg_?ZbepPbeqe1jt3MwPUf33GAP
zrDv>?^AT#v-c#H6&2#)_2WXZwo(HNcM8mZ%K8dn*lUBm;=wg=FS_MpFBt6g>r-$(t
z6P~8j&{$itSX~D;!i%&|m?7TxnM^uv%KYdAV>h#~-<}CJ)4{Iacnb~(
zYdL1KLyM!_htNA1B%WR`)?Ld?df&mn@Y|8x`gU48+Zt2K<|3L3<4@)=v4~V-B8@M1
zVUfoM9QIPSnVsJ9zA;adv35*biWbhp@0s^#Y73iQ54F@y8zT{B(js6=K3>Cgt`9I4kHIQ<;{{i&0uF7>={9*L#@MCjRH3C
zkMZ@tBa8qe0EO_}>Vi3u#3Ys2BN
zY+DjvXg&ECBJL9D{ue3QU#2jDgoJRt-9h0Ig5eR6$38`T5`}!MKhl(c!gZp9Xu=Uv
zSK<7V9ph0COvLY>_;A5u9kNKGrz}MS+mV%Kfg|2t`#-!~L|68K9N{
zlo)_rrqnKsG8t`2kXRW8!fNvuPCCFIUK$oTU5Qm$**LRGYDPrHaAtDv8aKyV*}?^j;T=p0>VfWXxt)eTRX8wo`N2
z)!=q2m(bav5FD!&*i#;(6~7Log?JaFfflC!k(8cw?4&Lgs894LOmkHZf8IB~TTF3H
z`e6Tt9@Pt94Uu&}^{8bLKAQ^&rt*D#C+Gi{h#Fut2TQVVjAuJNZS;bdXVWcW-)2%f
zxdMMn5@rC16v+PWF1~O25%izY%g`FbX7;Srab+6`%s%HBo|z#BMZ2$UN?4SA(Yl-?u`KBXYh*J5yaE_k
zuD8ce5j_Q#%No7A;Zkd)HELA8#NYZO9p^qMBJm>f=rTCw{A>gp1Y-9%dn5E;Bewq?
zlKa1R9l(gcyGnU)`G~1(0!haR@;5`X4zaKWAoP
zaiX{fqGsa=%UI$EGHlVlxv>8ZT4zrLvQ|gncF|2m^dW_~Ebwa2tk{a1-ze@Io{+G|nvT+}(c^7Ix3uLwiM5B;x60
zbai!6D3k+l){P7lIR79z2k^yWB$*uL8whYXJl)fQJVCZa3S|
zVVMhL(340zD%?9xl-g29ENz2#l
z!}|W!%d^Gk5j2Wt?eQ!cZ8~(W`1y9EAcM&{CkpCDENtxA9}ahw1gP^a>h$JftkL&m
z0#!rYwLDK<|&t6@D4;8DbkDWWs9+9JIKDUV6RjlRZUVq;6ihmA9Z
zt{q>rh7&a&k7_?9dRc#abBS*w{lcOkEG&#gqeN9*{p9piLtWj~#f4s<&Jurdh8y(r
z=)Kr$CdteJqw*rH%I5=x!f9;hpXu&sMjIQRUS6}lm)pSBPDiHvLa+V@5;?YdIALAQ
zQQ2y{fPkkW_Hyol4v125VQ=N-BWG-}c_oxe6EGh&&&^Tet{-10GG+;@exhT-K?fug
zrT*5JRzG6u&Xd$ji2iWFmN9I^(uF^T=%r3xe!k4-7oE@Bs@C@akLYmwL6cnMvN^gv
zg=E7)w;sw`*v>KI9ZO<1XIfz0hp&Ln2-qHBe4j_=qgCIkI|0&;0V7NoU
z=h(9BC;`haEsgg2^%w-Q2xbuj$SU022|&r{Kg}7r#wVw3h^+Q1R#r+D9Q5zi)dhtT
zM42FV-SiRjuQG7}Ux!LfL&J$Yag+6v3&7@*qV&iDgycstf!;F$zTM_9UD+?3vRA;$2lx@Rp({udr})yxcgJRuE?ZV2~xS>DyMl8xfYqM}2o%?Hi{dt#(?4
zRrObjQX3$rjNu_OZ>QrQ-@n&5J3BosC@2VU4)qF0-f3vSkyB)3WVD;fp3$l(e(&4s
zQ-Bhth<1;9Hod$j>*M1S+Kftg|4W@8><4Pc>tCDai76?gHUuPfq1(dG3os;6-|gp{
zfIHe|YWeLAhTqc3kW$_?^}6$@$+vOwg}N?8L_`cE=ADcCU;={t+f*(%Y&hvYs6*<`
z!2+KWO>Vm;^|l>)54&i4c?sZ-3=j7t@$R-olEt!}dkY`$YZv7u#zjnn-RObj5>OF!
z2EgAM930FeQP%g+X>Dy4PAf$sky%+w!}%&?Jl4`aTA=s&PXg^LNJ&Wn0`2nQdB#q-
zh;)>>5$-`$jI~p2rqOXR{l!iER4MX{v-|
z9US&AcN<0EedI0~1sNGMu0{vNExH~Xf|SwS%bcWPRB1kt5gUt}Ip7Z1G4b=~JS*)V_UW+P!^>+H^`b9)PG-Z;
z@oeZ_m*;z8Z+S=~O-)T%yCq?QemCA)S|qsV*EiRfrvUjaFpcy+Xo)sL_}=1gfNOks
zJ{+z=!|%8xZDEl=+4TrSt&l##7$FX@9yK%)C!bXV+rhG9I>vp`hGqgtL^PdDE-Zy6
y1IPgOh4q2W#a|H}*mQ>ep?>{ukiNEWAMmydgmdY(g#q+wkc
Date: Fri, 19 Jun 2015 16:05:57 -0700
Subject: [PATCH 0493/1291] running-coreos: start agent after networking is up

---
 running-coreos/cloud-providers/ecs/index.md | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/running-coreos/cloud-providers/ecs/index.md b/running-coreos/cloud-providers/ecs/index.md
index a295494c9..30a32fe8a 100644
--- a/running-coreos/cloud-providers/ecs/index.md
+++ b/running-coreos/cloud-providers/ecs/index.md
@@ -33,6 +33,8 @@ coreos:
        Description=Amazon ECS Agent
        After=docker.service
        Requires=docker.service
+       Requires=network-online.target
+       After=network-online.target
        
        [Service]
        Environment=ECS_CLUSTER=your_cluster_name
@@ -59,6 +61,8 @@ Connecting an existing cluster to ECS is simple with [fleet]({{site.baseurl}}/do
 Description=Amazon ECS Agent
 After=docker.service
 Requires=docker.service
+Requires=network-online.target
+After=network-online.target
 
 [Service]
 Environment=ECS_CLUSTER=your_cluster_name
@@ -84,4 +88,4 @@ Triggered global unit amazon-ecs-agent.service start
 
 You should see all of your machines show up in the ECS CLI output.
 
-For more information on using ECS, check out the [official Amazon documentation](http://aws.amazon.com/documentation/ecs/).
\ No newline at end of file
+For more information on using ECS, check out the [official Amazon documentation](http://aws.amazon.com/documentation/ecs/).

From abcaa2c34b71459d0255d21c588f60113dea7caa Mon Sep 17 00:00:00 2001
From: Rob Szumski 
Date: Fri, 19 Jun 2015 16:06:15 -0700
Subject: [PATCH 0494/1291] running-coreos: update cloud-config for etcd2

---
 .../bare-metal/booting-with-pxe/index.md      |  2 +-
 running-coreos/cloud-providers/auro/index.md  | 12 +++++++----
 running-coreos/cloud-providers/azure/index.md | 14 ++++++++-----
 .../cloud-providers/brightbox/index.md        | 13 ++++++++----
 .../cloud-providers/digitalocean/index.md     | 15 ++++++++------
 running-coreos/cloud-providers/ec2/index.md   | 12 +++++++----
 .../cloud-providers/exoscale/index.md         |  6 +++---
 .../google-compute-engine/index.md            | 12 +++++++----
 .../cloud-providers/niftycloud/JA_JP/index.md | 10 +++++++---
 .../cloud-providers/niftycloud/index.md       | 10 +++++++---
 .../cloud-providers/rackspace/index.md        | 10 +++++++---
 .../cloud-providers/vexxhost/index.md         | 10 +++++++---
 running-coreos/platforms/openstack/index.md   | 12 +++++++----
 running-coreos/platforms/vagrant/index.md     | 20 +++++++++++--------
 14 files changed, 103 insertions(+), 55 deletions(-)

diff --git a/running-coreos/bare-metal/booting-with-pxe/index.md b/running-coreos/bare-metal/booting-with-pxe/index.md
index ee1773b1e..604f39c89 100644
--- a/running-coreos/bare-metal/booting-with-pxe/index.md
+++ b/running-coreos/bare-metal/booting-with-pxe/index.md
@@ -60,7 +60,7 @@ Here's a common cloud-config example which should be located at the URL from abo
 #cloud-config
 coreos:
   units:
-    - name: etcd.service
+    - name: etcd2.service
       command: start
     - name: fleet.service
       command: start
diff --git a/running-coreos/cloud-providers/auro/index.md b/running-coreos/cloud-providers/auro/index.md
index 32318e5c6..88e12b495 100644
--- a/running-coreos/cloud-providers/auro/index.md
+++ b/running-coreos/cloud-providers/auro/index.md
@@ -48,15 +48,19 @@ A sample common `cloud-config` file will look something like the following:
 #cloud-config
 
 coreos:
-  etcd:
+  etcd2:
     # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3
     # specify the initial size of your cluster with ?size=X
     discovery: https://discovery.etcd.io/
     # multi-region and multi-cloud deployments need to use $public_ipv4
-    addr: $private_ipv4:4001
-    peer-addr: $private_ipv4:7001
+    advertise-client-urls: http://$private_ipv4:2379,http://$private_ipv4:4001
+    initial-advertise-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
+    # listen on both the official ports and the legacy ports
+    # legacy ports can be omitted if your application doesn't depend on them
+    listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
+    listen-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
   units:
-    - name: etcd.service
+    - name: etcd2.service
       command: start
     - name: fleet.service
       command: start
diff --git a/running-coreos/cloud-providers/azure/index.md b/running-coreos/cloud-providers/azure/index.md
index 93a871b68..d0535909f 100644
--- a/running-coreos/cloud-providers/azure/index.md
+++ b/running-coreos/cloud-providers/azure/index.md
@@ -69,15 +69,19 @@ The most common cloud-config for Azure looks like:
 #cloud-config
 
 coreos:
-  etcd:
+  etcd2:
     # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3
     # specify the initial size of your cluster with ?size=X
     discovery: https://discovery.etcd.io/
-    # deployments across multiple cloud services will need to use $public_ipv4
-    addr: $private_ipv4:4001
-    peer-addr: $private_ipv4:7001
+    # multi-region and multi-cloud deployments need to use $public_ipv4
+    advertise-client-urls: http://$private_ipv4:2379,http://$private_ipv4:4001
+    initial-advertise-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
+    # listen on both the official ports and the legacy ports
+    # legacy ports can be omitted if your application doesn't depend on them
+    listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
+    listen-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
   units:
-    - name: etcd.service
+    - name: etcd2.service
       command: start
     - name: fleet.service
       command: start
diff --git a/running-coreos/cloud-providers/brightbox/index.md b/running-coreos/cloud-providers/brightbox/index.md
index d0a3d179e..979cae75c 100644
--- a/running-coreos/cloud-providers/brightbox/index.md
+++ b/running-coreos/cloud-providers/brightbox/index.md
@@ -99,14 +99,19 @@ A sample common `cloud-config` file will look something like the following:
 #cloud-config
 
 coreos:
-  etcd:
+  etcd2:
     # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3
     # specify the initial size of your cluster with ?size=X
     discovery: https://discovery.etcd.io/
-    addr: $private_ipv4:4001
-    peer-addr: $private_ipv4:7001
+    # multi-region and multi-cloud deployments need to use $public_ipv4
+    advertise-client-urls: http://$private_ipv4:2379,http://$private_ipv4:4001
+    initial-advertise-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
+    # listen on both the official ports and the legacy ports
+    # legacy ports can be omitted if your application doesn't depend on them
+    listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
+    listen-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
   units:
-    - name: etcd.service
+    - name: etcd2.service
       command: start
     - name: fleet.service
       command: start
diff --git a/running-coreos/cloud-providers/digitalocean/index.md b/running-coreos/cloud-providers/digitalocean/index.md
index e7da3fe50..72aa1ea6c 100644
--- a/running-coreos/cloud-providers/digitalocean/index.md
+++ b/running-coreos/cloud-providers/digitalocean/index.md
@@ -101,16 +101,19 @@ The most common cloud-config for DigitalOcean looks like:
 #cloud-config
 
 coreos:
-  etcd:
+  etcd2:
     # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3
     # specify the initial size of your cluster with ?size=X
     discovery: https://discovery.etcd.io/
-    # multi-region deployments, multi-cloud deployments, and droplets without
-    # private networking need to use $public_ipv4
-    addr: $private_ipv4:4001
-    peer-addr: $private_ipv4:7001
+    # multi-region and multi-cloud deployments need to use $public_ipv4
+    advertise-client-urls: http://$private_ipv4:2379,http://$private_ipv4:4001
+    initial-advertise-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
+    # listen on both the official ports and the legacy ports
+    # legacy ports can be omitted if your application doesn't depend on them
+    listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
+    listen-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
   units:
-    - name: etcd.service
+    - name: etcd2.service
       command: start
     - name: fleet.service
       command: start
diff --git a/running-coreos/cloud-providers/ec2/index.md b/running-coreos/cloud-providers/ec2/index.md
index 3f8279a82..b14f63757 100644
--- a/running-coreos/cloud-providers/ec2/index.md
+++ b/running-coreos/cloud-providers/ec2/index.md
@@ -139,15 +139,19 @@ The most common cloud-config for EC2 looks like:
 #cloud-config
 
 coreos:
-  etcd:
+  etcd2:
     # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3
     # specify the initial size of your cluster with ?size=X
     discovery: https://discovery.etcd.io/
     # multi-region and multi-cloud deployments need to use $public_ipv4
-    addr: $private_ipv4:4001
-    peer-addr: $private_ipv4:7001
+    advertise-client-urls: http://$private_ipv4:2379,http://$private_ipv4:4001
+    initial-advertise-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
+    # listen on both the official ports and the legacy ports
+    # legacy ports can be omitted if your application doesn't depend on them
+    listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
+    listen-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
   units:
-    - name: etcd.service
+    - name: etcd2.service
       command: start
     - name: fleet.service
       command: start
diff --git a/running-coreos/cloud-providers/exoscale/index.md b/running-coreos/cloud-providers/exoscale/index.md
index 2770b9db8..42e78ee3e 100644
--- a/running-coreos/cloud-providers/exoscale/index.md
+++ b/running-coreos/cloud-providers/exoscale/index.md
@@ -71,15 +71,15 @@ coreos:
     # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3
     # specify the initial size of your cluster with ?size=X
     discovery: https://discovery.etcd.io/
-    advertise-client-urls: http://$public_ipv4:2379
-    initial-advertise-peer-urls: http://$public_ipv4:2380
+    advertise-client-urls: http://$public_ipv4:2379,http://$private_ipv4:4001
+    initial-advertise-peer-urls: http://$public_ipv4:2380,http://$private_ipv4:7001
     # listen on both the official ports and the legacy ports
     # legacy ports can be omitted if your application doesn't depend on them
     listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
     listen-peer-urls: http://$public_ipv4:2380,http://$public_ipv4:7001
 
   units:
-    - name: etcd.service
+    - name: etcd2.service
       command: start
     - name: fleet.service
       command: start
diff --git a/running-coreos/cloud-providers/google-compute-engine/index.md b/running-coreos/cloud-providers/google-compute-engine/index.md
index abe39cde5..760157ddc 100644
--- a/running-coreos/cloud-providers/google-compute-engine/index.md
+++ b/running-coreos/cloud-providers/google-compute-engine/index.md
@@ -28,15 +28,19 @@ The most common cloud-config for GCE looks like:
 #cloud-config
 
 coreos:
-  etcd:
+  etcd2:
     # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3
     # specify the initial size of your cluster with ?size=X
     discovery: https://discovery.etcd.io/
     # multi-region and multi-cloud deployments need to use $public_ipv4
-    addr: $private_ipv4:4001
-    peer-addr: $private_ipv4:7001
+    advertise-client-urls: http://$private_ipv4:2379,http://$private_ipv4:4001
+    initial-advertise-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
+    # listen on both the official ports and the legacy ports
+    # legacy ports can be omitted if your application doesn't depend on them
+    listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
+    listen-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
   units:
-    - name: etcd.service
+    - name: etcd2.service
       command: start
     - name: fleet.service
       command: start
diff --git a/running-coreos/cloud-providers/niftycloud/JA_JP/index.md b/running-coreos/cloud-providers/niftycloud/JA_JP/index.md
index 100a43769..f9d185f23 100644
--- a/running-coreos/cloud-providers/niftycloud/JA_JP/index.md
+++ b/running-coreos/cloud-providers/niftycloud/JA_JP/index.md
@@ -24,13 +24,17 @@ CoreOSはcloud-configにより、マシンのパラメータを設定したり
 #cloud-config
 
 coreos:
-  etcd:
+  etcd2:
     # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3
     # specify the initial size of your cluster with ?size=X
     discovery: https://discovery.etcd.io/
     # multi-region and multi-cloud deployments need to use $public_ipv4
-    addr: $private_ipv4:4001
-    peer-addr: $private_ipv4:7001
+    advertise-client-urls: http://$private_ipv4:2379,http://$private_ipv4:4001
+    initial-advertise-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
+    # listen on both the official ports and the legacy ports
+    # legacy ports can be omitted if your application doesn't depend on them
+    listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
+    listen-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
   units:
     - name: etcd.service
       command: start
diff --git a/running-coreos/cloud-providers/niftycloud/index.md b/running-coreos/cloud-providers/niftycloud/index.md
index 705b38898..83acef4af 100644
--- a/running-coreos/cloud-providers/niftycloud/index.md
+++ b/running-coreos/cloud-providers/niftycloud/index.md
@@ -24,13 +24,17 @@ The most common cloud-config for NIFTY Cloud looks like:
 #cloud-config
 
 coreos:
-  etcd:
+  etcd2:
     # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3
     # specify the initial size of your cluster with ?size=X
     discovery: https://discovery.etcd.io/
     # multi-region and multi-cloud deployments need to use $public_ipv4
-    addr: $private_ipv4:4001
-    peer-addr: $private_ipv4:7001
+    advertise-client-urls: http://$private_ipv4:2379,http://$private_ipv4:4001
+    initial-advertise-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
+    # listen on both the official ports and the legacy ports
+    # legacy ports can be omitted if your application doesn't depend on them
+    listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
+    listen-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
   units:
     - name: etcd.service
       command: start
diff --git a/running-coreos/cloud-providers/rackspace/index.md b/running-coreos/cloud-providers/rackspace/index.md
index efcfede2f..bebecd203 100644
--- a/running-coreos/cloud-providers/rackspace/index.md
+++ b/running-coreos/cloud-providers/rackspace/index.md
@@ -134,13 +134,17 @@ The most common Rackspace cloud-config looks like:
 #cloud-config
 
 coreos:
-  etcd:
+  etcd2:
     # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3
     # specify the initial size of your cluster with ?size=X
     discovery: https://discovery.etcd.io/
     # multi-region and multi-cloud deployments need to use $public_ipv4
-    addr: $private_ipv4:4001
-    peer-addr: $private_ipv4:7001
+    advertise-client-urls: http://$private_ipv4:2379,http://$private_ipv4:4001
+    initial-advertise-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
+    # listen on both the official ports and the legacy ports
+    # legacy ports can be omitted if your application doesn't depend on them
+    listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
+    listen-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
   units:
     - name: etcd.service
       command: start
diff --git a/running-coreos/cloud-providers/vexxhost/index.md b/running-coreos/cloud-providers/vexxhost/index.md
index edbf3be64..587226825 100644
--- a/running-coreos/cloud-providers/vexxhost/index.md
+++ b/running-coreos/cloud-providers/vexxhost/index.md
@@ -48,13 +48,17 @@ A sample common `cloud-config` file will look something like the following:
 #cloud-config
 
 coreos:
-  etcd:
+  etcd2:
     # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3
     # specify the initial size of your cluster with ?size=X
     discovery: https://discovery.etcd.io/
     # multi-region and multi-cloud deployments need to use $public_ipv4
-    addr: $private_ipv4:4001
-    peer-addr: $private_ipv4:7001
+    advertise-client-urls: http://$private_ipv4:2379,http://$private_ipv4:4001
+    initial-advertise-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
+    # listen on both the official ports and the legacy ports
+    # legacy ports can be omitted if your application doesn't depend on them
+    listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
+    listen-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
   units:
     - name: etcd.service
       command: start
diff --git a/running-coreos/platforms/openstack/index.md b/running-coreos/platforms/openstack/index.md
index 543f0f1df..196fad625 100644
--- a/running-coreos/platforms/openstack/index.md
+++ b/running-coreos/platforms/openstack/index.md
@@ -98,15 +98,19 @@ The most common cloud-config for OpenStack looks like:
 #cloud-config
 
 coreos:
-  etcd:
+  etcd2:
     # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3
     # specify the initial size of your cluster with ?size=X
     discovery: https://discovery.etcd.io/
     # multi-region and multi-cloud deployments need to use $public_ipv4
-    addr: $private_ipv4:4001
-    peer-addr: $private_ipv4:7001
+    advertise-client-urls: http://$private_ipv4:2379,http://$private_ipv4:4001
+    initial-advertise-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
+    # listen on both the official ports and the legacy ports
+    # legacy ports can be omitted if your application doesn't depend on them
+    listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
+    listen-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
   units:
-    - name: etcd.service
+    - name: etcd2.service
       command: start
     - name: fleet.service
       command: start
diff --git a/running-coreos/platforms/vagrant/index.md b/running-coreos/platforms/vagrant/index.md
index d86a15425..a2094f437 100644
--- a/running-coreos/platforms/vagrant/index.md
+++ b/running-coreos/platforms/vagrant/index.md
@@ -47,17 +47,21 @@ Our cluster will use an etcd [discovery URL]({{site.baseurl}}/docs/cluster-manag
 #cloud-config
 
 coreos:
-  etcd:
-      # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3
-      # specify the initial size of your cluster with ?size=X
-      # WARNING: replace each time you 'vagrant destroy'
-      discovery: https://discovery.etcd.io/
-      addr: $public_ipv4:4001
-      peer-addr: $public_ipv4:7001
+  etcd2:
+    # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3
+    # specify the initial size of your cluster with ?size=X
+    # WARNING: replace each time you 'vagrant destroy'
+    discovery: https://discovery.etcd.io/
+    advertise-client-urls: http://$public_ipv4:2379,http://$public_ipv4:4001
+    initial-advertise-peer-urls: http://$public_ipv4:2380,http://$public_ipv4:7001
+    # listen on both the official ports and the legacy ports
+    # legacy ports can be omitted if your application doesn't depend on them
+    listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
+    listen-peer-urls: http://$public_ipv4:2380,http://$public_ipv4:7001
   fleet:
       public-ip: $public_ipv4
   units:
-    - name: etcd.service
+    - name: etcd2.service
       command: start
     - name: fleet.service
       command: start

From f8739e7d4b89907298a530a36c426fac3447a3c7 Mon Sep 17 00:00:00 2001
From: Rob Szumski 
Date: Fri, 19 Jun 2015 15:47:11 -0700
Subject: [PATCH 0495/1291] cluster-mgmt: update discovery doc for etcd2

---
 .../setup/cluster-discovery/index.md          | 22 +++++++++++--------
 1 file changed, 13 insertions(+), 9 deletions(-)

diff --git a/cluster-management/setup/cluster-discovery/index.md b/cluster-management/setup/cluster-discovery/index.md
index f15945a98..a2a43ef44 100644
--- a/cluster-management/setup/cluster-discovery/index.md
+++ b/cluster-management/setup/cluster-discovery/index.md
@@ -28,7 +28,7 @@ Boot each one of the machines with identical cloud-config and they should be aut
 #cloud-config
 
 coreos:
-  etcd:
+  etcd2:
     # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3
     # specify the initial size of your cluster with ?size=X
     discovery: https://discovery.etcd.io/
@@ -49,19 +49,21 @@ Specific documentation are provided for each platform's guide. Not all providers
 Starting a CoreOS cluster requires one of the new machines to become the first leader of the cluster. The initial leader is stored as metadata with the discovery URL in order to inform the other members of the new cluster. Let's walk through a timeline a new 3 machine CoreOS cluster discovering each other:
 
 1. All three machines are booted via a cloud-provider with the same cloud-config in the user-data.
-2. Machine 1 starts up first. It requests information about the cluster from the discovery token and submits its `peer-addr` address `10.10.10.1`.
+2. Machine 1 starts up first. It requests information about the cluster from the discovery token and submits its `-initial-advertise-peer-urls` address `10.10.10.1`.
 3. No state is recorded into the discovery URL metadata, so machine 1 becomes the leader and records the state as `started`.
-4. Machine 2 boots and submits its `peer-addr` address `10.10.10.2`. It also reads back the list of existing peers (only `10.10.10.1`) and attempts to connect to the address listed.
+4. Machine 2 boots and submits its `-initial-advertise-peer-urls` address `10.10.10.2`. It also reads back the list of existing peers (only `10.10.10.1`) and attempts to connect to the address listed.
 5. Machine 2 connects to Machine 1 and is now part of the cluster as a follower.
-6. Machine 3 boots and submits its `peer-addr` address `10.10.10.3`. It reads back the list of peers ( `10.10.10.1` and `10.10.10.2`) and selects one of the addresses to try first. When it connects to a machine in the cluster, the machine is given a full list of the existing other members of the cluster.
+6. Machine 3 boots and submits its `-initial-advertise-peer-urls` address `10.10.10.3`. It reads back the list of peers (`10.10.10.1` and `10.10.10.2`) and selects one of the addresses to try first. When it connects to a machine in the cluster, the machine is given a full list of the existing other members of the cluster.
 7. The cluster is now bootstrapped with an initial leader and two followers.
 
-There are two interesting things happening during this process.
+There are a few interesting things happening during this process.
 
 First, each machine is configured with the same discovery URL and etcd figured out what to do. This allows you to load the same cloud-config into an auto-scaling group and it will work whether it is the first or 30th machine in the group.
 
 Second, machine 3 only needed to use one of the addresses stored in the discovery URL to connect to the cluster. Since etcd uses the Raft consensus algorithm, existing machines in the cluster already maintain a list of healthy members in order for the algorithm to function properly. This list is given to the new machine and it starts normal operations with each of the other cluster members.
 
+Third, if you specified `?size=3` upon discovery URL creation, any other machines that join the cluster in the future will automatically start as etcd proxies.
+
 ## Existing Clusters
 
 If you're already operating a bootstrapped cluster with a discovery URL, adding new machines to the cluster is very easy. All you need to do is to boot the new machines with a cloud-config containing the same discovery URL. After boot, the new machines will see that a cluster already exists and attempt to join through one of the addresses stored with the discovery URL.
@@ -137,16 +139,18 @@ To rule out firewall settings as a source of your issue, ensure that you can cur
 If all of the IPs can be reached, the etcd log can provide more clues:
 
 ```
-journalctl -u etcd
+journalctl -u etcd2
 ```
 
 ### Communicating with discovery.etcd.io
 
 If your CoreOS cluster can't communicate out to the public internet, [https://discovery.etcd.io](https://discovery.etcd.io) won't work and you'll have to run your own discovery endpoint, which is described below.
 
-### Setting Peer Addresses Correctly
+### Setting Advertised Client Addresses Correctly
+
+Each etcd instance submits the list of `-initial-advertise-peer-urls` of each etcd instance to the configured discovery service. It's important to select an address that *all* peers in the cluster can communicate with. If you are configuring a list of addresses, make sure each member can communicate with at least one of the addresses.
 
-Each etcd instance submits the `-peer-addr` of each etcd instance to the configured discovery service. It's important to select an address that *all* peers in the cluster can communicate with. For example, if you're located in two regions of a cloud provider, configuring a private `10.x` address will not work between the two regions, and communication will not be possible between all peers. The `--bindaddr` flag allows you to bind to a specific interface (or all interfaces) to ensure your etcd traffic is routed properly.
+For example, if you're located in two regions of a cloud provider, configuring a private `10.x` address will not work between the two regions, and communication will not be possible between all peers. The `-listen-client-urls` flag allows you to bind to a specific list of interfaces and ports (or all interfaces) to ensure your etcd traffic is routed properly.
 
 ## Running Your Own Discovery Service
 
@@ -154,4 +158,4 @@ The public discovery service is just an etcd cluster made available to the publi
 
 Since etcd is designed to this type of leader election, it was an obvious choice to use it for everyone's initial leader election. This means that it's easy to run your own etcd cluster for this purpose.
 
-If you're interested in how discovery API works behind the scenes in etcd, read about [etcd clustering](https://github.com/coreos/etcd/blob/master/Documentation/clustering.md).
+If you're interested in how discovery API works behind the scenes in etcd, read about [etcd clustering]({{site.baseurl}}/etcd/docs/latest/clustering.html).

From 91955211bf2518aed63193eb359b7ff63c62b829 Mon Sep 17 00:00:00 2001
From: Rob Szumski 
Date: Fri, 19 Jun 2015 19:32:54 -0700
Subject: [PATCH 0496/1291] cluster-discovery: update to etcd2 flags

---
 cluster-management/setup/cluster-discovery/index.md | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/cluster-management/setup/cluster-discovery/index.md b/cluster-management/setup/cluster-discovery/index.md
index a2a43ef44..583be683e 100644
--- a/cluster-management/setup/cluster-discovery/index.md
+++ b/cluster-management/setup/cluster-discovery/index.md
@@ -33,10 +33,14 @@ coreos:
     # specify the initial size of your cluster with ?size=X
     discovery: https://discovery.etcd.io/
     # multi-region and multi-cloud deployments need to use $public_ipv4
-    addr: $private_ipv4:4001
-    peer-addr: $private_ipv4:7001
+    advertise-client-urls: http://$private_ipv4:2379,http://$private_ipv4:4001
+    initial-advertise-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
+    # listen on both the official ports and the legacy ports
+    # legacy ports can be omitted if your application doesn't depend on them
+    listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
+    listen-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
   units:
-    - name: etcd.service
+    - name: etcd2.service
       command: start
     - name: fleet.service
       command: start

From 2f5a44d8b4c3bff45fc094b712888288b46b3710 Mon Sep 17 00:00:00 2001
From: Tomdarkness 
Date: Mon, 22 Jun 2015 14:50:04 +0100
Subject: [PATCH 0497/1291] Store ECS Agent state on the host

Prevents the ECS Agent registering as a brand new container instance every time the agent or host is rebooted.
---
 running-coreos/cloud-providers/ecs/index.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/running-coreos/cloud-providers/ecs/index.md b/running-coreos/cloud-providers/ecs/index.md
index 30a32fe8a..b6ea7d958 100644
--- a/running-coreos/cloud-providers/ecs/index.md
+++ b/running-coreos/cloud-providers/ecs/index.md
@@ -39,10 +39,11 @@ coreos:
        [Service]
        Environment=ECS_CLUSTER=your_cluster_name
        Environment=ECS_LOGLEVEL=warn
+       Environment=ECS_CHECKPOINT=true
        ExecStartPre=-/usr/bin/docker kill ecs-agent
        ExecStartPre=-/usr/bin/docker rm ecs-agent
        ExecStartPre=/usr/bin/docker pull amazon/amazon-ecs-agent
-       ExecStart=/usr/bin/docker run --name ecs-agent --env=ECS_CLUSTER=${ECS_CLUSTER} --env=ECS_LOGLEVEL=${ECS_LOGLEVEL} --publish=127.0.0.1:51678:51678 --volume=/var/run/docker.sock:/var/run/docker.sock amazon/amazon-ecs-agent
+       ExecStart=/usr/bin/docker run --name ecs-agent --env=ECS_CLUSTER=${ECS_CLUSTER} --env=ECS_LOGLEVEL=${ECS_LOGLEVEL} --env=ECS_CHECKPOINT=${ECS_CHECKPOINT} --publish=127.0.0.1:51678:51678 --volume=/var/run/docker.sock:/var/run/docker.sock -v /home/core/ecs-data:/data amazon/amazon-ecs-agent
        ExecStop=/usr/bin/docker stop ecs-agent
 ```
 

From e886f3e3865e937cba1902c6ab0979bd914d609d Mon Sep 17 00:00:00 2001
From: Tomdarkness 
Date: Mon, 22 Jun 2015 18:28:09 +0100
Subject: [PATCH 0498/1291] Change data directory for ECS state on the host

---
 running-coreos/cloud-providers/ecs/index.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/running-coreos/cloud-providers/ecs/index.md b/running-coreos/cloud-providers/ecs/index.md
index b6ea7d958..6a657fbf9 100644
--- a/running-coreos/cloud-providers/ecs/index.md
+++ b/running-coreos/cloud-providers/ecs/index.md
@@ -43,7 +43,7 @@ coreos:
        ExecStartPre=-/usr/bin/docker kill ecs-agent
        ExecStartPre=-/usr/bin/docker rm ecs-agent
        ExecStartPre=/usr/bin/docker pull amazon/amazon-ecs-agent
-       ExecStart=/usr/bin/docker run --name ecs-agent --env=ECS_CLUSTER=${ECS_CLUSTER} --env=ECS_LOGLEVEL=${ECS_LOGLEVEL} --env=ECS_CHECKPOINT=${ECS_CHECKPOINT} --publish=127.0.0.1:51678:51678 --volume=/var/run/docker.sock:/var/run/docker.sock -v /home/core/ecs-data:/data amazon/amazon-ecs-agent
+       ExecStart=/usr/bin/docker run --name ecs-agent --env=ECS_CLUSTER=${ECS_CLUSTER} --env=ECS_LOGLEVEL=${ECS_LOGLEVEL} --env=ECS_CHECKPOINT=${ECS_CHECKPOINT} --publish=127.0.0.1:51678:51678 --volume=/var/run/docker.sock:/var/run/docker.sock --volume=/var/lib/aws/ecs:/data amazon/amazon-ecs-agent
        ExecStop=/usr/bin/docker stop ecs-agent
 ```
 

From 5a745e1d6b6c8180a182f622ea223aeeb0a2c342 Mon Sep 17 00:00:00 2001
From: Alex Crawford 
Date: Tue, 23 Jun 2015 16:40:44 -0700
Subject: [PATCH 0499/1291] docs: only expose the new etcd server port

It really only makes sense to expose the legacy client port since new
clusters will all use the new server port to communicate.
---
 cluster-management/setup/cluster-discovery/index.md           | 4 ++--
 running-coreos/cloud-providers/auro/index.md                  | 4 ++--
 running-coreos/cloud-providers/azure/index.md                 | 4 ++--
 running-coreos/cloud-providers/brightbox/index.md             | 4 ++--
 running-coreos/cloud-providers/digitalocean/index.md          | 4 ++--
 running-coreos/cloud-providers/ec2/index.md                   | 4 ++--
 running-coreos/cloud-providers/exoscale/index.md              | 4 ++--
 running-coreos/cloud-providers/google-compute-engine/index.md | 4 ++--
 running-coreos/cloud-providers/niftycloud/JA_JP/index.md      | 4 ++--
 running-coreos/cloud-providers/niftycloud/index.md            | 4 ++--
 running-coreos/cloud-providers/rackspace/index.md             | 4 ++--
 running-coreos/cloud-providers/vexxhost/index.md              | 4 ++--
 running-coreos/platforms/openstack/index.md                   | 4 ++--
 running-coreos/platforms/vagrant/index.md                     | 4 ++--
 14 files changed, 28 insertions(+), 28 deletions(-)

diff --git a/cluster-management/setup/cluster-discovery/index.md b/cluster-management/setup/cluster-discovery/index.md
index 583be683e..6761b153c 100644
--- a/cluster-management/setup/cluster-discovery/index.md
+++ b/cluster-management/setup/cluster-discovery/index.md
@@ -34,11 +34,11 @@ coreos:
     discovery: https://discovery.etcd.io/
     # multi-region and multi-cloud deployments need to use $public_ipv4
     advertise-client-urls: http://$private_ipv4:2379,http://$private_ipv4:4001
-    initial-advertise-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
+    initial-advertise-peer-urls: http://$private_ipv4:2380
     # listen on both the official ports and the legacy ports
     # legacy ports can be omitted if your application doesn't depend on them
     listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
-    listen-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
+    listen-peer-urls: http://$private_ipv4:2380
   units:
     - name: etcd2.service
       command: start
diff --git a/running-coreos/cloud-providers/auro/index.md b/running-coreos/cloud-providers/auro/index.md
index 88e12b495..ab604b58c 100644
--- a/running-coreos/cloud-providers/auro/index.md
+++ b/running-coreos/cloud-providers/auro/index.md
@@ -54,11 +54,11 @@ coreos:
     discovery: https://discovery.etcd.io/
     # multi-region and multi-cloud deployments need to use $public_ipv4
     advertise-client-urls: http://$private_ipv4:2379,http://$private_ipv4:4001
-    initial-advertise-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
+    initial-advertise-peer-urls: http://$private_ipv4:2380
     # listen on both the official ports and the legacy ports
     # legacy ports can be omitted if your application doesn't depend on them
     listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
-    listen-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
+    listen-peer-urls: http://$private_ipv4:2380
   units:
     - name: etcd2.service
       command: start
diff --git a/running-coreos/cloud-providers/azure/index.md b/running-coreos/cloud-providers/azure/index.md
index d0535909f..1c7fed32d 100644
--- a/running-coreos/cloud-providers/azure/index.md
+++ b/running-coreos/cloud-providers/azure/index.md
@@ -75,11 +75,11 @@ coreos:
     discovery: https://discovery.etcd.io/
     # multi-region and multi-cloud deployments need to use $public_ipv4
     advertise-client-urls: http://$private_ipv4:2379,http://$private_ipv4:4001
-    initial-advertise-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
+    initial-advertise-peer-urls: http://$private_ipv4:2380
     # listen on both the official ports and the legacy ports
     # legacy ports can be omitted if your application doesn't depend on them
     listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
-    listen-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
+    listen-peer-urls: http://$private_ipv4:2380
   units:
     - name: etcd2.service
       command: start
diff --git a/running-coreos/cloud-providers/brightbox/index.md b/running-coreos/cloud-providers/brightbox/index.md
index 979cae75c..a2425a3bc 100644
--- a/running-coreos/cloud-providers/brightbox/index.md
+++ b/running-coreos/cloud-providers/brightbox/index.md
@@ -105,11 +105,11 @@ coreos:
     discovery: https://discovery.etcd.io/
     # multi-region and multi-cloud deployments need to use $public_ipv4
     advertise-client-urls: http://$private_ipv4:2379,http://$private_ipv4:4001
-    initial-advertise-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
+    initial-advertise-peer-urls: http://$private_ipv4:2380
     # listen on both the official ports and the legacy ports
     # legacy ports can be omitted if your application doesn't depend on them
     listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
-    listen-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
+    listen-peer-urls: http://$private_ipv4:2380
   units:
     - name: etcd2.service
       command: start
diff --git a/running-coreos/cloud-providers/digitalocean/index.md b/running-coreos/cloud-providers/digitalocean/index.md
index 72aa1ea6c..5de359d57 100644
--- a/running-coreos/cloud-providers/digitalocean/index.md
+++ b/running-coreos/cloud-providers/digitalocean/index.md
@@ -107,11 +107,11 @@ coreos:
     discovery: https://discovery.etcd.io/
     # multi-region and multi-cloud deployments need to use $public_ipv4
     advertise-client-urls: http://$private_ipv4:2379,http://$private_ipv4:4001
-    initial-advertise-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
+    initial-advertise-peer-urls: http://$private_ipv4:2380
     # listen on both the official ports and the legacy ports
     # legacy ports can be omitted if your application doesn't depend on them
     listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
-    listen-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
+    listen-peer-urls: http://$private_ipv4:2380
   units:
     - name: etcd2.service
       command: start
diff --git a/running-coreos/cloud-providers/ec2/index.md b/running-coreos/cloud-providers/ec2/index.md
index b14f63757..3af645975 100644
--- a/running-coreos/cloud-providers/ec2/index.md
+++ b/running-coreos/cloud-providers/ec2/index.md
@@ -145,11 +145,11 @@ coreos:
     discovery: https://discovery.etcd.io/
     # multi-region and multi-cloud deployments need to use $public_ipv4
     advertise-client-urls: http://$private_ipv4:2379,http://$private_ipv4:4001
-    initial-advertise-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
+    initial-advertise-peer-urls: http://$private_ipv4:2380
     # listen on both the official ports and the legacy ports
     # legacy ports can be omitted if your application doesn't depend on them
     listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
-    listen-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
+    listen-peer-urls: http://$private_ipv4:2380
   units:
     - name: etcd2.service
       command: start
diff --git a/running-coreos/cloud-providers/exoscale/index.md b/running-coreos/cloud-providers/exoscale/index.md
index 42e78ee3e..459d77c9f 100644
--- a/running-coreos/cloud-providers/exoscale/index.md
+++ b/running-coreos/cloud-providers/exoscale/index.md
@@ -72,11 +72,11 @@ coreos:
     # specify the initial size of your cluster with ?size=X
     discovery: https://discovery.etcd.io/
     advertise-client-urls: http://$public_ipv4:2379,http://$private_ipv4:4001
-    initial-advertise-peer-urls: http://$public_ipv4:2380,http://$private_ipv4:7001
+    initial-advertise-peer-urls: http://$public_ipv4:2380
     # listen on both the official ports and the legacy ports
     # legacy ports can be omitted if your application doesn't depend on them
     listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
-    listen-peer-urls: http://$public_ipv4:2380,http://$public_ipv4:7001
+    listen-peer-urls: http://$public_ipv4:2380
 
   units:
     - name: etcd2.service
diff --git a/running-coreos/cloud-providers/google-compute-engine/index.md b/running-coreos/cloud-providers/google-compute-engine/index.md
index 760157ddc..d38162b05 100644
--- a/running-coreos/cloud-providers/google-compute-engine/index.md
+++ b/running-coreos/cloud-providers/google-compute-engine/index.md
@@ -34,11 +34,11 @@ coreos:
     discovery: https://discovery.etcd.io/
     # multi-region and multi-cloud deployments need to use $public_ipv4
     advertise-client-urls: http://$private_ipv4:2379,http://$private_ipv4:4001
-    initial-advertise-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
+    initial-advertise-peer-urls: http://$private_ipv4:2380
     # listen on both the official ports and the legacy ports
     # legacy ports can be omitted if your application doesn't depend on them
     listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
-    listen-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
+    listen-peer-urls: http://$private_ipv4:2380
   units:
     - name: etcd2.service
       command: start
diff --git a/running-coreos/cloud-providers/niftycloud/JA_JP/index.md b/running-coreos/cloud-providers/niftycloud/JA_JP/index.md
index f9d185f23..640172954 100644
--- a/running-coreos/cloud-providers/niftycloud/JA_JP/index.md
+++ b/running-coreos/cloud-providers/niftycloud/JA_JP/index.md
@@ -30,11 +30,11 @@ coreos:
     discovery: https://discovery.etcd.io/
     # multi-region and multi-cloud deployments need to use $public_ipv4
     advertise-client-urls: http://$private_ipv4:2379,http://$private_ipv4:4001
-    initial-advertise-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
+    initial-advertise-peer-urls: http://$private_ipv4:2380
     # listen on both the official ports and the legacy ports
     # legacy ports can be omitted if your application doesn't depend on them
     listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
-    listen-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
+    listen-peer-urls: http://$private_ipv4:2380
   units:
     - name: etcd.service
       command: start
diff --git a/running-coreos/cloud-providers/niftycloud/index.md b/running-coreos/cloud-providers/niftycloud/index.md
index 83acef4af..ed2ec17ee 100644
--- a/running-coreos/cloud-providers/niftycloud/index.md
+++ b/running-coreos/cloud-providers/niftycloud/index.md
@@ -30,11 +30,11 @@ coreos:
     discovery: https://discovery.etcd.io/
     # multi-region and multi-cloud deployments need to use $public_ipv4
     advertise-client-urls: http://$private_ipv4:2379,http://$private_ipv4:4001
-    initial-advertise-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
+    initial-advertise-peer-urls: http://$private_ipv4:2380
     # listen on both the official ports and the legacy ports
     # legacy ports can be omitted if your application doesn't depend on them
     listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
-    listen-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
+    listen-peer-urls: http://$private_ipv4:2380
   units:
     - name: etcd.service
       command: start
diff --git a/running-coreos/cloud-providers/rackspace/index.md b/running-coreos/cloud-providers/rackspace/index.md
index bebecd203..e726e0d01 100644
--- a/running-coreos/cloud-providers/rackspace/index.md
+++ b/running-coreos/cloud-providers/rackspace/index.md
@@ -140,11 +140,11 @@ coreos:
     discovery: https://discovery.etcd.io/
     # multi-region and multi-cloud deployments need to use $public_ipv4
     advertise-client-urls: http://$private_ipv4:2379,http://$private_ipv4:4001
-    initial-advertise-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
+    initial-advertise-peer-urls: http://$private_ipv4:2380
     # listen on both the official ports and the legacy ports
     # legacy ports can be omitted if your application doesn't depend on them
     listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
-    listen-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
+    listen-peer-urls: http://$private_ipv4:2380
   units:
     - name: etcd.service
       command: start
diff --git a/running-coreos/cloud-providers/vexxhost/index.md b/running-coreos/cloud-providers/vexxhost/index.md
index 587226825..d4ac47937 100644
--- a/running-coreos/cloud-providers/vexxhost/index.md
+++ b/running-coreos/cloud-providers/vexxhost/index.md
@@ -54,11 +54,11 @@ coreos:
     discovery: https://discovery.etcd.io/
     # multi-region and multi-cloud deployments need to use $public_ipv4
     advertise-client-urls: http://$private_ipv4:2379,http://$private_ipv4:4001
-    initial-advertise-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
+    initial-advertise-peer-urls: http://$private_ipv4:2380
     # listen on both the official ports and the legacy ports
     # legacy ports can be omitted if your application doesn't depend on them
     listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
-    listen-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
+    listen-peer-urls: http://$private_ipv4:2380
   units:
     - name: etcd.service
       command: start
diff --git a/running-coreos/platforms/openstack/index.md b/running-coreos/platforms/openstack/index.md
index 196fad625..b1a03fb12 100644
--- a/running-coreos/platforms/openstack/index.md
+++ b/running-coreos/platforms/openstack/index.md
@@ -104,11 +104,11 @@ coreos:
     discovery: https://discovery.etcd.io/
     # multi-region and multi-cloud deployments need to use $public_ipv4
     advertise-client-urls: http://$private_ipv4:2379,http://$private_ipv4:4001
-    initial-advertise-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
+    initial-advertise-peer-urls: http://$private_ipv4:2380
     # listen on both the official ports and the legacy ports
     # legacy ports can be omitted if your application doesn't depend on them
     listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
-    listen-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
+    listen-peer-urls: http://$private_ipv4:2380
   units:
     - name: etcd2.service
       command: start
diff --git a/running-coreos/platforms/vagrant/index.md b/running-coreos/platforms/vagrant/index.md
index a2094f437..f3c6e4146 100644
--- a/running-coreos/platforms/vagrant/index.md
+++ b/running-coreos/platforms/vagrant/index.md
@@ -53,11 +53,11 @@ coreos:
     # WARNING: replace each time you 'vagrant destroy'
     discovery: https://discovery.etcd.io/
     advertise-client-urls: http://$public_ipv4:2379,http://$public_ipv4:4001
-    initial-advertise-peer-urls: http://$public_ipv4:2380,http://$public_ipv4:7001
+    initial-advertise-peer-urls: http://$public_ipv4:2380
     # listen on both the official ports and the legacy ports
     # legacy ports can be omitted if your application doesn't depend on them
     listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
-    listen-peer-urls: http://$public_ipv4:2380,http://$public_ipv4:7001
+    listen-peer-urls: http://$public_ipv4:2380
   fleet:
       public-ip: $public_ipv4
   units:

From a48de339e1825ebb19f34bf34811f82fcf6824df Mon Sep 17 00:00:00 2001
From: Rob Szumski 
Date: Wed, 24 Jun 2015 14:18:44 -0700
Subject: [PATCH 0500/1291] *: add fork urls

---
 cluster-management/debugging/btrfs-troubleshooting/index.md     | 1 +
 cluster-management/debugging/install-debugging-tools/index.md   | 1 +
 cluster-management/debugging/manual-rollbacks/index.md          | 1 +
 cluster-management/debugging/reading-the-system-log/index.md    | 1 +
 cluster-management/scaling/adding-disk-space/index.md           | 1 +
 cluster-management/scaling/power-management/index.md            | 1 +
 .../setup/adding-certificate-authorities/index.md               | 1 +
 cluster-management/setup/adding-users/index.md                  | 1 +
 cluster-management/setup/cluster-architectures/index.md         | 2 +-
 cluster-management/setup/cluster-discovery/index.md             | 2 +-
 cluster-management/setup/configuring-date-and-timezone/index.md | 1 +
 cluster-management/setup/customizing-sshd/index.md              | 1 +
 cluster-management/setup/flannel-config/index.md                | 1 +
 cluster-management/setup/mounting-storage/index.md              | 1 +
 cluster-management/setup/network-config-with-networkd/index.md  | 1 +
 cluster-management/setup/other-settings/index.md                | 1 +
 cluster-management/setup/switching-channels/index.md            | 1 +
 cluster-management/setup/update-strategies/index.md             | 1 +
 distributed-configuration/customize-etcd-unit/index.md          | 1 +
 distributed-configuration/getting-started-with-etcd/index.md    | 1 +
 enterprise-registry/build-support/index.md                      | 2 +-
 enterprise-registry/configure-machines/index.md                 | 2 +-
 enterprise-registry/github-app/index.md                         | 2 +-
 enterprise-registry/github-auth/index.md                        | 2 +-
 enterprise-registry/github-build/index.md                       | 2 +-
 enterprise-registry/initial-setup/index.md                      | 2 +-
 enterprise-registry/log-debugging/index.md                      | 1 +
 enterprise-registry/mysql-container/index.md                    | 1 +
 launching-containers/building/customizing-docker/index.md       | 1 +
 .../building/getting-started-with-docker/index.md               | 1 +
 launching-containers/building/registry-authentication/index.md  | 1 +
 .../launching/getting-started-with-systemd/index.md             | 1 +
 .../launching/launching-containers-fleet/index.md               | 1 +
 launching-containers/launching/overview-of-systemctl/index.md   | 1 +
 quickstart/index.md                                             | 1 +
 running-coreos/bare-metal/booting-with-ipxe/index.md            | 1 +
 running-coreos/bare-metal/booting-with-pxe/index.md             | 1 +
 running-coreos/bare-metal/installing-to-disk/index.md           | 1 +
 running-coreos/cloud-providers/auro/index.md                    | 1 +
 running-coreos/cloud-providers/azure/index.md                   | 1 +
 running-coreos/cloud-providers/brightbox/index.md               | 1 +
 running-coreos/cloud-providers/digitalocean/index.md            | 1 +
 running-coreos/cloud-providers/ec2/index.md                     | 1 +
 running-coreos/cloud-providers/ecs/index.md                     | 1 +
 running-coreos/cloud-providers/exoscale/index.md                | 1 +
 running-coreos/cloud-providers/google-compute-engine/index.md   | 1 +
 running-coreos/cloud-providers/interoute/index.md               | 1 +
 running-coreos/cloud-providers/niftycloud/index.md              | 1 +
 running-coreos/cloud-providers/rackspace/index.md               | 1 +
 running-coreos/cloud-providers/vexxhost/index.md                | 1 +
 running-coreos/cloud-providers/vultr/index.md                   | 1 +
 running-coreos/platforms/cloudstack/index.md                    | 1 +
 running-coreos/platforms/eucalyptus/index.md                    | 1 +
 running-coreos/platforms/iso/index.md                           | 1 +
 running-coreos/platforms/libvirt/index.md                       | 1 +
 running-coreos/platforms/openstack/index.md                     | 1 +
 running-coreos/platforms/qemu/index.md                          | 1 +
 running-coreos/platforms/vagrant/index.md                       | 1 +
 running-coreos/platforms/virtualbox/index.md                    | 1 +
 running-coreos/platforms/vmware/index.md                        | 1 +
 sdk-distributors/distributors/notes-for-distributors/index.md   | 1 +
 sdk-distributors/sdk/building-development-images/index.md       | 1 +
 sdk-distributors/sdk/building-production-images/index.md        | 1 +
 sdk-distributors/sdk/disk-partitions/index.md                   | 1 +
 sdk-distributors/sdk/mantle/index.md                            | 1 +
 sdk-distributors/sdk/modifying-coreos/index.md                  | 1 +
 sdk-distributors/sdk/tips-and-tricks/index.md                   | 1 +
 67 files changed, 67 insertions(+), 8 deletions(-)

diff --git a/cluster-management/debugging/btrfs-troubleshooting/index.md b/cluster-management/debugging/btrfs-troubleshooting/index.md
index 917b448da..393483b5f 100644
--- a/cluster-management/debugging/btrfs-troubleshooting/index.md
+++ b/cluster-management/debugging/btrfs-troubleshooting/index.md
@@ -4,6 +4,7 @@ slug: guides
 title: Working with btrfs
 category: cluster_management
 sub_category: debugging
+fork_url: https://github.com/coreos/docs/blob/master/cluster-management/debugging/btrfs-troubleshooting/index.md
 weight: 5
 ---
 
diff --git a/cluster-management/debugging/install-debugging-tools/index.md b/cluster-management/debugging/install-debugging-tools/index.md
index 5e37f47b2..a43321798 100644
--- a/cluster-management/debugging/install-debugging-tools/index.md
+++ b/cluster-management/debugging/install-debugging-tools/index.md
@@ -4,6 +4,7 @@ slug: guides
 title: Install Debugging Tools
 category: cluster_management
 sub_category: debugging
+fork_url: https://github.com/coreos/docs/blob/master/cluster-management/debugging/install-debugging-tools/index.md
 weight: 7
 ---
 
diff --git a/cluster-management/debugging/manual-rollbacks/index.md b/cluster-management/debugging/manual-rollbacks/index.md
index c4bb4cbaf..cc4735729 100644
--- a/cluster-management/debugging/manual-rollbacks/index.md
+++ b/cluster-management/debugging/manual-rollbacks/index.md
@@ -4,6 +4,7 @@ slug: guides
 title: Manual CoreOS Rollbacks
 category: cluster_management
 sub_category: debugging
+fork_url: https://github.com/coreos/docs/blob/master/cluster-management/debugging/manual-rollbacks/index.md
 weight: 5
 ---
 
diff --git a/cluster-management/debugging/reading-the-system-log/index.md b/cluster-management/debugging/reading-the-system-log/index.md
index d858a12fe..18c4cdac8 100644
--- a/cluster-management/debugging/reading-the-system-log/index.md
+++ b/cluster-management/debugging/reading-the-system-log/index.md
@@ -4,6 +4,7 @@ slug: guides
 title: Reading the System Log
 category: cluster_management
 sub_category: debugging
+fork_url: https://github.com/coreos/docs/blob/master/cluster-management/debugging/reading-the-system-log/index.md
 weight: 5
 ---
 
diff --git a/cluster-management/scaling/adding-disk-space/index.md b/cluster-management/scaling/adding-disk-space/index.md
index 390a044b2..fc8a348c6 100644
--- a/cluster-management/scaling/adding-disk-space/index.md
+++ b/cluster-management/scaling/adding-disk-space/index.md
@@ -4,6 +4,7 @@ slug: guides/resize
 title: Adding Disk Space
 category: cluster_management
 sub_category: scaling
+fork_url: https://github.com/coreos/docs/blob/master/cluster-management/scaling/adding-disk-space/index.md
 weight: 5
 ---
 
diff --git a/cluster-management/scaling/power-management/index.md b/cluster-management/scaling/power-management/index.md
index 2d61b8084..b5a07e48d 100644
--- a/cluster-management/scaling/power-management/index.md
+++ b/cluster-management/scaling/power-management/index.md
@@ -4,6 +4,7 @@ slug: guides/power
 title: Power Management
 category: cluster_management
 sub_category: scaling
+fork_url: https://github.com/coreos/docs/blob/master/cluster-management/scaling/power-management/index.md
 weight: 5
 ---
 
diff --git a/cluster-management/setup/adding-certificate-authorities/index.md b/cluster-management/setup/adding-certificate-authorities/index.md
index bc453d240..499853967 100644
--- a/cluster-management/setup/adding-certificate-authorities/index.md
+++ b/cluster-management/setup/adding-certificate-authorities/index.md
@@ -3,6 +3,7 @@ layout: docs
 title: Adding Certificate Authorities
 category: cluster_management
 sub_category: setting_up
+fork_url: https://github.com/coreos/docs/blob/master/cluster-management/setup/adding-certificate-authorities/index.md
 weight: 7
 ---
 
diff --git a/cluster-management/setup/adding-users/index.md b/cluster-management/setup/adding-users/index.md
index 39c6a3dfd..66e556f3a 100644
--- a/cluster-management/setup/adding-users/index.md
+++ b/cluster-management/setup/adding-users/index.md
@@ -3,6 +3,7 @@ layout: docs
 title: Adding Users
 category: cluster_management
 sub_category: setting_up
+fork_url: https://github.com/coreos/docs/blob/master/cluster-management/setup/adding-users/index.md
 weight: 7
 ---
 
diff --git a/cluster-management/setup/cluster-architectures/index.md b/cluster-management/setup/cluster-architectures/index.md
index 10ce7cedc..8735e97c0 100644
--- a/cluster-management/setup/cluster-architectures/index.md
+++ b/cluster-management/setup/cluster-architectures/index.md
@@ -3,7 +3,7 @@ layout: docs
 title: Cluster Architectures
 category: cluster_management
 sub_category: planning
-forkurl: https://github.com/coreos/docs/blob/master/cluster-management/setup/cluster-architectures/index.md
+fork_url: https://github.com/coreos/docs/blob/master/cluster-management/setup/cluster-architectures/index.md
 weight: 5
 ---
 
diff --git a/cluster-management/setup/cluster-discovery/index.md b/cluster-management/setup/cluster-discovery/index.md
index 6761b153c..ae259d35a 100644
--- a/cluster-management/setup/cluster-discovery/index.md
+++ b/cluster-management/setup/cluster-discovery/index.md
@@ -3,7 +3,7 @@ layout: docs
 title: Clustering Machines
 category: cluster_management
 sub_category: setting_up
-forkurl: https://github.com/coreos/docs/blob/master/cluster-management/setup/cluster-discovery/index.md
+fork_url: https://github.com/coreos/docs/blob/master/cluster-management/setup/cluster-discovery/index.md
 weight: 4
 ---
 
diff --git a/cluster-management/setup/configuring-date-and-timezone/index.md b/cluster-management/setup/configuring-date-and-timezone/index.md
index 2415aada8..59d1f07d5 100644
--- a/cluster-management/setup/configuring-date-and-timezone/index.md
+++ b/cluster-management/setup/configuring-date-and-timezone/index.md
@@ -3,6 +3,7 @@ layout: docs
 title: Configuring Date & Timezone (NTP)
 category: cluster_management
 sub_category: setting_up
+fork_url: https://github.com/coreos/docs/blob/master/cluster-management/setup/configuring-date-and-timezone/index.md
 weight: 7
 ---
 
diff --git a/cluster-management/setup/customizing-sshd/index.md b/cluster-management/setup/customizing-sshd/index.md
index ad0b20d81..76240c7c2 100644
--- a/cluster-management/setup/customizing-sshd/index.md
+++ b/cluster-management/setup/customizing-sshd/index.md
@@ -3,6 +3,7 @@ layout: docs
 title: Customizing the SSH Daemon
 category: cluster_management
 sub_category: setting_up
+fork_url: https://github.com/coreos/docs/blob/master/cluster-management/setup/customizing-ssh/index.md
 weight: 7
 ---
 
diff --git a/cluster-management/setup/flannel-config/index.md b/cluster-management/setup/flannel-config/index.md
index ca91eece1..2b35ffaf7 100644
--- a/cluster-management/setup/flannel-config/index.md
+++ b/cluster-management/setup/flannel-config/index.md
@@ -3,6 +3,7 @@ layout: docs
 title: Configuring flannel Networking
 category: cluster_management
 sub_category: setting_up
+fork_url: https://github.com/coreos/docs/blob/master/cluster-management/setup/flannel-config/index.md
 weight: 10
 ---
 
diff --git a/cluster-management/setup/mounting-storage/index.md b/cluster-management/setup/mounting-storage/index.md
index 18437f6bd..5783885d0 100644
--- a/cluster-management/setup/mounting-storage/index.md
+++ b/cluster-management/setup/mounting-storage/index.md
@@ -3,6 +3,7 @@ layout: docs
 title: Mounting Storage
 category: cluster_management
 sub_category: setting_up
+fork_url: https://github.com/coreos/docs/blob/master/cluster-management/setup/mounting-storage/index.md
 weight: 7
 ---
 
diff --git a/cluster-management/setup/network-config-with-networkd/index.md b/cluster-management/setup/network-config-with-networkd/index.md
index f1ecb24e7..3ee0bcaab 100644
--- a/cluster-management/setup/network-config-with-networkd/index.md
+++ b/cluster-management/setup/network-config-with-networkd/index.md
@@ -3,6 +3,7 @@ layout: docs
 title: Network Configuration
 category: cluster_management
 sub_category: setting_up
+fork_url: https://github.com/coreos/docs/blob/master/cluster-management/setup/network-config-with-networkd/index.md
 weight: 7
 ---
 
diff --git a/cluster-management/setup/other-settings/index.md b/cluster-management/setup/other-settings/index.md
index 38e56934e..3a455cdc5 100644
--- a/cluster-management/setup/other-settings/index.md
+++ b/cluster-management/setup/other-settings/index.md
@@ -3,6 +3,7 @@ layout: docs
 title: Tips and Other Settings
 category: cluster_management
 sub_category: setting_up
+fork_url: https://github.com/coreos/docs/blob/master/cluster-management/setup/other-settings/index.md
 weight: 8
 ---
 
diff --git a/cluster-management/setup/switching-channels/index.md b/cluster-management/setup/switching-channels/index.md
index c078a92ab..180e57fc5 100644
--- a/cluster-management/setup/switching-channels/index.md
+++ b/cluster-management/setup/switching-channels/index.md
@@ -3,6 +3,7 @@ layout: docs
 title: Switching Release Channels
 category: cluster_management
 sub_category: setting_up
+fork_url: https://github.com/coreos/docs/blob/master/cluster-management/setup/switching-channels/index.md
 weight: 5
 ---
 
diff --git a/cluster-management/setup/update-strategies/index.md b/cluster-management/setup/update-strategies/index.md
index c48d7ebf5..e489d28e7 100644
--- a/cluster-management/setup/update-strategies/index.md
+++ b/cluster-management/setup/update-strategies/index.md
@@ -3,6 +3,7 @@ layout: docs
 title: Update Strategies
 category: cluster_management
 sub_category: planning
+fork_url: https://github.com/coreos/docs/blob/master/cluster-management/setup/update-strategies/index.md
 weight: 7
 ---
 
diff --git a/distributed-configuration/customize-etcd-unit/index.md b/distributed-configuration/customize-etcd-unit/index.md
index e7a9da1e4..ba4f7702c 100644
--- a/distributed-configuration/customize-etcd-unit/index.md
+++ b/distributed-configuration/customize-etcd-unit/index.md
@@ -3,6 +3,7 @@ layout: docs
 title: Customizing the etcd Unit
 category: distributed_configuration
 sub_category: configuration
+fork_url: https://github.com/coreos/docs/blob/master/distributed-configuration/customize-etcd-unit/index.md
 weight: 5
 ---
 
diff --git a/distributed-configuration/getting-started-with-etcd/index.md b/distributed-configuration/getting-started-with-etcd/index.md
index 13a7d8aa2..e52178067 100644
--- a/distributed-configuration/getting-started-with-etcd/index.md
+++ b/distributed-configuration/getting-started-with-etcd/index.md
@@ -4,6 +4,7 @@ slug: guides/etcd
 title: Getting Started with etcd
 category: distributed_configuration
 sub_category: reading_writing
+fork_url: https://github.com/coreos/docs/blob/master/distributed-configuration/getting-started-with-etcd/index.md
 weight: 5
 ---
 
diff --git a/enterprise-registry/build-support/index.md b/enterprise-registry/build-support/index.md
index 71b803d8e..0a1843c69 100644
--- a/enterprise-registry/build-support/index.md
+++ b/enterprise-registry/build-support/index.md
@@ -3,7 +3,7 @@ layout: docs
 title: Automatically Build Dockerfiles
 category: registry
 sub_category: setup
-forkurl: https://github.com/coreos/docs/blob/master/enterprise-registry/build-support/index.md
+fork_url: https://github.com/coreos/docs/blob/master/enterprise-registry/build-support/index.md
 weight: 5
 ---
 
diff --git a/enterprise-registry/configure-machines/index.md b/enterprise-registry/configure-machines/index.md
index 9a36097a3..69b67e3c7 100644
--- a/enterprise-registry/configure-machines/index.md
+++ b/enterprise-registry/configure-machines/index.md
@@ -3,7 +3,7 @@ layout: docs
 title: Configure Machines for Enterprise Registry
 category: registry
 sub_category: usage
-forkurl: https://github.com/coreos/docs/blob/master/enterprise-registry/configure-machines/index.md
+fork_url: https://github.com/coreos/docs/blob/master/enterprise-registry/configure-machines/index.md
 weight: 5
 ---
 
diff --git a/enterprise-registry/github-app/index.md b/enterprise-registry/github-app/index.md
index a6464fd49..f095cb871 100644
--- a/enterprise-registry/github-app/index.md
+++ b/enterprise-registry/github-app/index.md
@@ -3,7 +3,7 @@ layout: docs
 title: Register GitHub Application
 category: registry
 sub_category: none
-forkurl: https://github.com/coreos/docs/blob/master/enterprise-registry/github-app/index.md
+fork_url: https://github.com/coreos/docs/blob/master/enterprise-registry/github-app/index.md
 weight: 5
 ---
 
diff --git a/enterprise-registry/github-auth/index.md b/enterprise-registry/github-auth/index.md
index 3bc40cb31..ddcb009d3 100644
--- a/enterprise-registry/github-auth/index.md
+++ b/enterprise-registry/github-auth/index.md
@@ -3,7 +3,7 @@ layout: docs
 title: Configure GitHub Authentication
 category: registry
 sub_category: setup
-forkurl: https://github.com/coreos/docs/blob/master/enterprise-registry/github-auth/index.md
+fork_url: https://github.com/coreos/docs/blob/master/enterprise-registry/github-auth/index.md
 weight: 5
 ---
 
diff --git a/enterprise-registry/github-build/index.md b/enterprise-registry/github-build/index.md
index d5d6f80f6..48fce2798 100644
--- a/enterprise-registry/github-build/index.md
+++ b/enterprise-registry/github-build/index.md
@@ -3,7 +3,7 @@ layout: docs
 title: Setup GitHub Build Triggers
 category: registry
 sub_category: setup
-forkurl: https://github.com/coreos/docs/blob/master/enterprise-registry/github-build/index.md
+fork_url: https://github.com/coreos/docs/blob/master/enterprise-registry/github-build/index.md
 weight: 5
 ---
 
diff --git a/enterprise-registry/initial-setup/index.md b/enterprise-registry/initial-setup/index.md
index 24a911f76..c302c3e47 100644
--- a/enterprise-registry/initial-setup/index.md
+++ b/enterprise-registry/initial-setup/index.md
@@ -3,7 +3,7 @@ layout: docs
 title: On-Premise Installation
 category: registry
 sub_category: setup
-forkurl: https://github.com/coreos/docs/blob/master/enterprise-registry/initial-setup/index.md
+fork_url: https://github.com/coreos/docs/blob/master/enterprise-registry/initial-setup/index.md
 weight: 5
 ---
 
diff --git a/enterprise-registry/log-debugging/index.md b/enterprise-registry/log-debugging/index.md
index 24a9ec93d..7eced5a98 100644
--- a/enterprise-registry/log-debugging/index.md
+++ b/enterprise-registry/log-debugging/index.md
@@ -3,6 +3,7 @@ layout: docs
 title: Enterprise Registry Log Debugging
 category: registry
 sub_category: setup
+fork_url: https://github.com/coreos/docs/blob/master/enterprise-registry/log-debugging/index.md
 weight: 5
 ---
 
diff --git a/enterprise-registry/mysql-container/index.md b/enterprise-registry/mysql-container/index.md
index 926a54d5b..13bcba0b8 100644
--- a/enterprise-registry/mysql-container/index.md
+++ b/enterprise-registry/mysql-container/index.md
@@ -2,6 +2,7 @@
 layout: docs
 title: Setting Up a MySQL Docker Container
 category: registry
+fork_url: https://github.com/coreos/docs/blob/master/enterprise-registry/mysql-container/index.md
 weight: 5
 ---
 
diff --git a/launching-containers/building/customizing-docker/index.md b/launching-containers/building/customizing-docker/index.md
index 1834f8abd..883b09d40 100644
--- a/launching-containers/building/customizing-docker/index.md
+++ b/launching-containers/building/customizing-docker/index.md
@@ -3,6 +3,7 @@ layout: docs
 title: Customizing docker
 category: launching_containers
 sub_category: building
+fork_url: https://github.com/coreos/docs/blob/master/launching-containers/building/customizing-docker/index.md
 weight: 7
 ---
 
diff --git a/launching-containers/building/getting-started-with-docker/index.md b/launching-containers/building/getting-started-with-docker/index.md
index 8bb3c9d00..960ed4773 100644
--- a/launching-containers/building/getting-started-with-docker/index.md
+++ b/launching-containers/building/getting-started-with-docker/index.md
@@ -4,6 +4,7 @@ slug: guides/docker
 title: Getting Started with docker
 category: launching_containers
 sub_category: building
+fork_url: https://github.com/coreos/docs/blob/master/launching-containers/building/getting-started-with-docker/index.md
 weight: 5
 ---
 
diff --git a/launching-containers/building/registry-authentication/index.md b/launching-containers/building/registry-authentication/index.md
index bfe452d3d..d55d3265d 100644
--- a/launching-containers/building/registry-authentication/index.md
+++ b/launching-containers/building/registry-authentication/index.md
@@ -3,6 +3,7 @@ layout: docs
 title: Using Authentication for a Registry
 category: launching_containers
 sub_category: building
+fork_url: https://github.com/coreos/docs/blob/master/launching-containers/building/registry-authentication/index.md
 weight: 7
 ---
 
diff --git a/launching-containers/launching/getting-started-with-systemd/index.md b/launching-containers/launching/getting-started-with-systemd/index.md
index 03f3dae47..d521758d4 100644
--- a/launching-containers/launching/getting-started-with-systemd/index.md
+++ b/launching-containers/launching/getting-started-with-systemd/index.md
@@ -4,6 +4,7 @@ slug: guides
 title: Getting Started with systemd
 category: launching_containers
 sub_category: launching
+fork_url: https://github.com/coreos/docs/blob/master/launching-containers/building/getting-started-with-systemd/index.md
 weight: 5
 ---
 
diff --git a/launching-containers/launching/launching-containers-fleet/index.md b/launching-containers/launching/launching-containers-fleet/index.md
index b4d665ffb..51f7fac49 100644
--- a/launching-containers/launching/launching-containers-fleet/index.md
+++ b/launching-containers/launching/launching-containers-fleet/index.md
@@ -4,6 +4,7 @@ slug: guides
 title: Launching Containers with fleet
 category: launching_containers
 sub_category: launching
+fork_url: https://github.com/coreos/docs/blob/master/launching-containers/building/launching-containers-fleet/index.md
 weight: 2
 ---
 
diff --git a/launching-containers/launching/overview-of-systemctl/index.md b/launching-containers/launching/overview-of-systemctl/index.md
index 7f07923ad..36689a599 100644
--- a/launching-containers/launching/overview-of-systemctl/index.md
+++ b/launching-containers/launching/overview-of-systemctl/index.md
@@ -4,6 +4,7 @@ slug: guides
 title: Overview of systemctl
 category: launching_containers
 sub_category: launching
+fork_url: https://github.com/coreos/docs/blob/master/launching-containers/building/overview-of-systemctl/index.md
 weight: 5
 ---
 
diff --git a/quickstart/index.md b/quickstart/index.md
index b9c40794f..00ab52841 100644
--- a/quickstart/index.md
+++ b/quickstart/index.md
@@ -2,6 +2,7 @@
 layout: docs
 title: CoreOS Quick Start
 #redirect handled in alias_generator.rb
+fork_url: https://github.com/coreos/docs/blob/master/quickstart/index.md
 ---
 
 # Quick Start
diff --git a/running-coreos/bare-metal/booting-with-ipxe/index.md b/running-coreos/bare-metal/booting-with-ipxe/index.md
index 10a2b82ea..6107a4bca 100644
--- a/running-coreos/bare-metal/booting-with-ipxe/index.md
+++ b/running-coreos/bare-metal/booting-with-ipxe/index.md
@@ -5,6 +5,7 @@ title: Booting with iPXE
 category: running_coreos
 sub_category: bare_metal
 supported: true
+fork_url: https://github.com/coreos/docs/blob/master/running-coreos/bare-metal/booting-with-ipxe/index.md
 weight: 5
 ---
 
diff --git a/running-coreos/bare-metal/booting-with-pxe/index.md b/running-coreos/bare-metal/booting-with-pxe/index.md
index 604f39c89..efe7f9588 100644
--- a/running-coreos/bare-metal/booting-with-pxe/index.md
+++ b/running-coreos/bare-metal/booting-with-pxe/index.md
@@ -5,6 +5,7 @@ title: Booting with PXE
 category: running_coreos
 sub_category: bare_metal
 supported: true
+fork_url: https://github.com/coreos/docs/blob/master/running-coreos/bare-metal/booting-with-pxe/index.md
 weight: 5
 ---
 
diff --git a/running-coreos/bare-metal/installing-to-disk/index.md b/running-coreos/bare-metal/installing-to-disk/index.md
index 5ea7b90d3..f17f5e2a6 100644
--- a/running-coreos/bare-metal/installing-to-disk/index.md
+++ b/running-coreos/bare-metal/installing-to-disk/index.md
@@ -5,6 +5,7 @@ title: Installing to Disk
 category: running_coreos
 sub_category: bare_metal
 supported: true
+fork_url: https://github.com/coreos/docs/blob/master/running-coreos/bare-metal/installing-to-disk/index.md
 weight: 7
 ---
 
diff --git a/running-coreos/cloud-providers/auro/index.md b/running-coreos/cloud-providers/auro/index.md
index ab604b58c..933ccaa7e 100644
--- a/running-coreos/cloud-providers/auro/index.md
+++ b/running-coreos/cloud-providers/auro/index.md
@@ -3,6 +3,7 @@ layout: docs
 title: AURO Cloud
 category: running_coreos
 sub_category: cloud_provider
+fork_url: https://github.com/coreos/docs/blob/master/running-coreos/cloud-providers/auro/index.md
 weight: 5
 ---
 
diff --git a/running-coreos/cloud-providers/azure/index.md b/running-coreos/cloud-providers/azure/index.md
index 1c7fed32d..a55058981 100644
--- a/running-coreos/cloud-providers/azure/index.md
+++ b/running-coreos/cloud-providers/azure/index.md
@@ -4,6 +4,7 @@ title: Azure
 category: running_coreos
 sub_category: cloud_provider
 supported: true
+fork_url: https://github.com/coreos/docs/blob/master/running-coreos/cloud-providers/azure/index.md
 weight: 1
 ---
 
diff --git a/running-coreos/cloud-providers/brightbox/index.md b/running-coreos/cloud-providers/brightbox/index.md
index a2425a3bc..b281c9d94 100644
--- a/running-coreos/cloud-providers/brightbox/index.md
+++ b/running-coreos/cloud-providers/brightbox/index.md
@@ -3,6 +3,7 @@ layout: docs
 title: Brightbox Cloud
 category: running_coreos
 sub_category: cloud_provider
+fork_url: https://github.com/coreos/docs/blob/master/running-coreos/cloud-providers/brightbox/index.md
 weight: 10
 ---
 
diff --git a/running-coreos/cloud-providers/digitalocean/index.md b/running-coreos/cloud-providers/digitalocean/index.md
index 5de359d57..e2dc6f3bf 100644
--- a/running-coreos/cloud-providers/digitalocean/index.md
+++ b/running-coreos/cloud-providers/digitalocean/index.md
@@ -4,6 +4,7 @@ title: DigitalOcean
 category: running_coreos
 sub_category: cloud_provider
 supported: true
+fork_url: https://github.com/coreos/docs/blob/master/running-coreos/cloud-providers/digitalocean/index.md
 weight: 1
 ---
 
diff --git a/running-coreos/cloud-providers/ec2/index.md b/running-coreos/cloud-providers/ec2/index.md
index 3af645975..1ee5fb3f2 100644
--- a/running-coreos/cloud-providers/ec2/index.md
+++ b/running-coreos/cloud-providers/ec2/index.md
@@ -6,6 +6,7 @@ sub_category: cloud_provider
 supported: true
 weight: 1
 cloud-formation-launch-logo: https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png
+fork_url: https://github.com/coreos/docs/blob/master/running-coreos/cloud-providers/ec2/index.md
 ---
 {% capture cf_alpha_pv_template %}{{ site.https-s3 }}/dist/aws/coreos-alpha-pv.template{% endcapture %}
 {% capture cf_alpha_hvm_template %}{{ site.https-s3 }}/dist/aws/coreos-alpha-hvm.template{% endcapture %}
diff --git a/running-coreos/cloud-providers/ecs/index.md b/running-coreos/cloud-providers/ecs/index.md
index 6a657fbf9..b30f10e28 100644
--- a/running-coreos/cloud-providers/ecs/index.md
+++ b/running-coreos/cloud-providers/ecs/index.md
@@ -4,6 +4,7 @@ title: Amazon EC2 Container Service
 category: running_coreos
 sub_category: cloud_provider
 supported: true
+fork_url: https://github.com/coreos/docs/blob/master/running-coreos/cloud-providers/ecs/index.md
 weight: 1
 ---
 
diff --git a/running-coreos/cloud-providers/exoscale/index.md b/running-coreos/cloud-providers/exoscale/index.md
index 459d77c9f..8a7a36948 100644
--- a/running-coreos/cloud-providers/exoscale/index.md
+++ b/running-coreos/cloud-providers/exoscale/index.md
@@ -3,6 +3,7 @@ layout: docs
 title: Exoscale
 category: running_coreos
 sub_category: cloud_provider
+fork_url: https://github.com/coreos/docs/blob/master/running-coreos/cloud-providers/exoscale/index.md
 weight: 9
 ---
 
diff --git a/running-coreos/cloud-providers/google-compute-engine/index.md b/running-coreos/cloud-providers/google-compute-engine/index.md
index d38162b05..2f6b4192f 100644
--- a/running-coreos/cloud-providers/google-compute-engine/index.md
+++ b/running-coreos/cloud-providers/google-compute-engine/index.md
@@ -3,6 +3,7 @@ layout: docs
 category: running_coreos
 sub_category: cloud_provider
 supported: true
+fork_url: https://github.com/coreos/docs/blob/master/running-coreos/cloud-providers/google-compute-engine/index.md
 weight: 3
 title: Google Compute Engine
 ---
diff --git a/running-coreos/cloud-providers/interoute/index.md b/running-coreos/cloud-providers/interoute/index.md
index 9b3aa052c..5737676fe 100644
--- a/running-coreos/cloud-providers/interoute/index.md
+++ b/running-coreos/cloud-providers/interoute/index.md
@@ -3,6 +3,7 @@ layout: docs
 title: Interoute VDC
 category: running_coreos
 sub_category: cloud_provider
+fork_url: https://github.com/coreos/docs/blob/master/running-coreos/cloud-providers/interoute/index.md
 weight: 9
 ---
 
diff --git a/running-coreos/cloud-providers/niftycloud/index.md b/running-coreos/cloud-providers/niftycloud/index.md
index ed2ec17ee..8294c45f3 100644
--- a/running-coreos/cloud-providers/niftycloud/index.md
+++ b/running-coreos/cloud-providers/niftycloud/index.md
@@ -3,6 +3,7 @@ layout: docs
 category: running_coreos
 sub_category: none
 weight: 6
+fork_url: https://github.com/coreos/docs/blob/master/running-coreos/cloud-providers/niftycloud/index.md
 title: NIFTY Cloud
 ---
 
diff --git a/running-coreos/cloud-providers/rackspace/index.md b/running-coreos/cloud-providers/rackspace/index.md
index e726e0d01..3228f5b83 100644
--- a/running-coreos/cloud-providers/rackspace/index.md
+++ b/running-coreos/cloud-providers/rackspace/index.md
@@ -4,6 +4,7 @@ title: Rackspace Cloud
 category: running_coreos
 sub_category: cloud_provider
 supported: true
+fork_url: https://github.com/coreos/docs/blob/master/running-coreos/cloud-providers/rackspace/index.md
 weight: 5
 ---
 
diff --git a/running-coreos/cloud-providers/vexxhost/index.md b/running-coreos/cloud-providers/vexxhost/index.md
index d4ac47937..360789916 100644
--- a/running-coreos/cloud-providers/vexxhost/index.md
+++ b/running-coreos/cloud-providers/vexxhost/index.md
@@ -3,6 +3,7 @@ layout: docs
 title: VEXXHOST Cloud
 category: running_coreos
 sub_category: cloud_provider
+fork_url: https://github.com/coreos/docs/blob/master/running-coreos/cloud-providers/vexxhost/index.md
 weight: 5
 ---
 
diff --git a/running-coreos/cloud-providers/vultr/index.md b/running-coreos/cloud-providers/vultr/index.md
index 0fcea54f0..1cc3429ef 100755
--- a/running-coreos/cloud-providers/vultr/index.md
+++ b/running-coreos/cloud-providers/vultr/index.md
@@ -3,6 +3,7 @@ layout: docs
 title: Vultr VPS
 category: running_coreos
 sub_category: cloud_provider
+fork_url: https://github.com/coreos/docs/blob/master/running-coreos/cloud-providers/vultr/index.md
 weight: 10
 ---
 
diff --git a/running-coreos/platforms/cloudstack/index.md b/running-coreos/platforms/cloudstack/index.md
index 8b15bafe5..ced8f5f30 100644
--- a/running-coreos/platforms/cloudstack/index.md
+++ b/running-coreos/platforms/cloudstack/index.md
@@ -3,6 +3,7 @@ layout: docs
 title: CloudStack
 category: running_coreos
 sub_category: platforms
+fork_url: https://github.com/coreos/docs/blob/master/running-coreos/cloud-providers/cloudstack/index.md
 weight: 5
 ---
 
diff --git a/running-coreos/platforms/eucalyptus/index.md b/running-coreos/platforms/eucalyptus/index.md
index f313174be..94c4a3add 100644
--- a/running-coreos/platforms/eucalyptus/index.md
+++ b/running-coreos/platforms/eucalyptus/index.md
@@ -3,6 +3,7 @@ layout: docs
 title: Eucalyptus
 category: running_coreos
 sub_category: platforms
+fork_url: https://github.com/coreos/docs/blob/master/running-coreos/cloud-providers/eucalyptus/index.md
 weight: 5
 ---
 
diff --git a/running-coreos/platforms/iso/index.md b/running-coreos/platforms/iso/index.md
index aa8c1a84d..572bc144d 100644
--- a/running-coreos/platforms/iso/index.md
+++ b/running-coreos/platforms/iso/index.md
@@ -4,6 +4,7 @@ title: ISO
 category: running_coreos
 sub_category: platforms
 supported: true
+fork_url: https://github.com/coreos/docs/blob/master/running-coreos/platforms/iso/index.md
 weight: 10
 ---
 
diff --git a/running-coreos/platforms/libvirt/index.md b/running-coreos/platforms/libvirt/index.md
index b7d76ba3c..d21a6d11c 100644
--- a/running-coreos/platforms/libvirt/index.md
+++ b/running-coreos/platforms/libvirt/index.md
@@ -3,6 +3,7 @@ layout: docs
 title: Libvirt
 category: running_coreos
 sub_category: platforms
+fork_url: https://github.com/coreos/docs/blob/master/running-coreos/platforms/libvirt/index.md
 weight: 5
 ---
 
diff --git a/running-coreos/platforms/openstack/index.md b/running-coreos/platforms/openstack/index.md
index b1a03fb12..b42633d85 100644
--- a/running-coreos/platforms/openstack/index.md
+++ b/running-coreos/platforms/openstack/index.md
@@ -4,6 +4,7 @@ title: OpenStack
 category: running_coreos
 sub_category: platforms
 supported: true
+fork_url: https://github.com/coreos/docs/blob/master/running-coreos/platforms/openstack/index.md
 weight: 5
 ---
 
diff --git a/running-coreos/platforms/qemu/index.md b/running-coreos/platforms/qemu/index.md
index 8c6710be9..9843bc319 100644
--- a/running-coreos/platforms/qemu/index.md
+++ b/running-coreos/platforms/qemu/index.md
@@ -4,6 +4,7 @@ slug: qemu
 title: QEMU
 category: running_coreos
 sub_category: platforms
+fork_url: https://github.com/coreos/docs/blob/master/running-coreos/platforms/qemu/index.md
 weight: 5
 ---
 
diff --git a/running-coreos/platforms/vagrant/index.md b/running-coreos/platforms/vagrant/index.md
index f3c6e4146..fbf4423b4 100644
--- a/running-coreos/platforms/vagrant/index.md
+++ b/running-coreos/platforms/vagrant/index.md
@@ -5,6 +5,7 @@ title: Vagrant
 category: running_coreos
 sub_category: platforms
 supported: true
+fork_url: https://github.com/coreos/docs/blob/master/running-coreos/platforms/vagrant/index.md
 weight: 5
 ---
 
diff --git a/running-coreos/platforms/virtualbox/index.md b/running-coreos/platforms/virtualbox/index.md
index 96fc01fb2..2a35c3297 100644
--- a/running-coreos/platforms/virtualbox/index.md
+++ b/running-coreos/platforms/virtualbox/index.md
@@ -4,6 +4,7 @@ slug: virtualbox
 title: VirtualBox
 category: running_coreos
 sub_category: platforms
+fork_url: https://github.com/coreos/docs/blob/master/running-coreos/platforms/virtualbox/index.md
 weight: 7
 ---
 
diff --git a/running-coreos/platforms/vmware/index.md b/running-coreos/platforms/vmware/index.md
index 30bea267d..7e444c2f7 100644
--- a/running-coreos/platforms/vmware/index.md
+++ b/running-coreos/platforms/vmware/index.md
@@ -4,6 +4,7 @@ slug: vmware
 title: VMware
 category: running_coreos
 sub_category: platforms
+fork_url: https://github.com/coreos/docs/blob/master/running-coreos/platforms/vmware/index.md
 weight: 5
 ---
 
diff --git a/sdk-distributors/distributors/notes-for-distributors/index.md b/sdk-distributors/distributors/notes-for-distributors/index.md
index 834307087..3b4f7fc6c 100644
--- a/sdk-distributors/distributors/notes-for-distributors/index.md
+++ b/sdk-distributors/distributors/notes-for-distributors/index.md
@@ -3,6 +3,7 @@ layout: docs
 title: Notes for Distributors
 category: sdk_distributors
 sub_category: distributors
+fork_url: https://github.com/coreos/docs/blob/master/sdk-distributors/distributors/notes-for-distributors/index.md
 weight: 5
 ---
 
diff --git a/sdk-distributors/sdk/building-development-images/index.md b/sdk-distributors/sdk/building-development-images/index.md
index e59f2c8f2..d13e7acfa 100644
--- a/sdk-distributors/sdk/building-development-images/index.md
+++ b/sdk-distributors/sdk/building-development-images/index.md
@@ -3,6 +3,7 @@ layout: docs
 title: Building Development Images
 category: sdk_distributors
 sub_category: sdk
+fork_url: https://github.com/coreos/docs/blob/master/sdk-distributors/sdk/building-development-images/index.md
 weight: 5
 ---
 
diff --git a/sdk-distributors/sdk/building-production-images/index.md b/sdk-distributors/sdk/building-production-images/index.md
index 0487da302..6388b37c3 100644
--- a/sdk-distributors/sdk/building-production-images/index.md
+++ b/sdk-distributors/sdk/building-production-images/index.md
@@ -3,6 +3,7 @@ layout: docs
 title: Building Production Images
 category: sdk_distributors
 sub_category: sdk
+fork_url: https://github.com/coreos/docs/blob/master/sdk-distributors/sdk/building-production-images/index.md
 weight: 5
 ---
 
diff --git a/sdk-distributors/sdk/disk-partitions/index.md b/sdk-distributors/sdk/disk-partitions/index.md
index 2f2675d87..fc129aea0 100644
--- a/sdk-distributors/sdk/disk-partitions/index.md
+++ b/sdk-distributors/sdk/disk-partitions/index.md
@@ -3,6 +3,7 @@ layout: docs
 title: Disk Layout
 category: sdk_distributors
 sub_category: sdk
+fork_url: https://github.com/coreos/docs/blob/master/sdk-distributors/sdk/disk-partitions/index.md
 weight: 9
 ---
 
diff --git a/sdk-distributors/sdk/mantle/index.md b/sdk-distributors/sdk/mantle/index.md
index b887e2605..c8644a28c 100644
--- a/sdk-distributors/sdk/mantle/index.md
+++ b/sdk-distributors/sdk/mantle/index.md
@@ -3,6 +3,7 @@ layout: docs
 title: "Mantle: Gluing CoreOS together"
 category: sdk_distributors
 sub_category: sdk
+fork_url: https://github.com/coreos/docs/blob/master/sdk-distributors/sdk/mantle/index.md
 weight: 10 
 ---
 
diff --git a/sdk-distributors/sdk/modifying-coreos/index.md b/sdk-distributors/sdk/modifying-coreos/index.md
index bcc4d548c..ea19de939 100644
--- a/sdk-distributors/sdk/modifying-coreos/index.md
+++ b/sdk-distributors/sdk/modifying-coreos/index.md
@@ -3,6 +3,7 @@ layout: docs
 title: Modifying CoreOS
 category: sdk_distributors
 sub_category: sdk
+fork_url: https://github.com/coreos/docs/blob/master/sdk-distributors/sdk/modifying-coreos/index.md
 weight: 3
 ---
 
diff --git a/sdk-distributors/sdk/tips-and-tricks/index.md b/sdk-distributors/sdk/tips-and-tricks/index.md
index 40c28e84a..cf1ae2471 100644
--- a/sdk-distributors/sdk/tips-and-tricks/index.md
+++ b/sdk-distributors/sdk/tips-and-tricks/index.md
@@ -3,6 +3,7 @@ layout: docs
 title: SDK Tips and Tricks
 category: sdk_distributors
 sub_category: sdk
+fork_url: https://github.com/coreos/docs/blob/master/sdk-distributors/sdk/tips-and-tricks/index.md
 weight: 7
 ---
 

From 94c9e52103feacd0f4c5c57dac906cfe4177389d Mon Sep 17 00:00:00 2001
From: kayrus 
Date: Thu, 2 Jul 2015 08:07:05 +0200
Subject: [PATCH 0501/1291] Fixed CoreOS release channels typos

---
 cluster-management/setup/switching-channels/index.md  | 4 ++--
 running-coreos/bare-metal/booting-with-ipxe/index.md  | 4 ++--
 running-coreos/bare-metal/installing-to-disk/index.md | 2 +-
 running-coreos/cloud-providers/vexxhost/index.md      | 4 ++--
 running-coreos/platforms/eucalyptus/index.md          | 2 +-
 running-coreos/platforms/libvirt/index.md             | 2 +-
 running-coreos/platforms/vmware/index.md              | 2 +-
 7 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/cluster-management/setup/switching-channels/index.md b/cluster-management/setup/switching-channels/index.md
index 180e57fc5..80252df4e 100644
--- a/cluster-management/setup/switching-channels/index.md
+++ b/cluster-management/setup/switching-channels/index.md
@@ -9,7 +9,7 @@ weight: 5
 
 # Switching Release Channels
 
-CoreOS is released into beta and stable channels. New features and bug fixes are tested in the alpha channel and are promoted bit-for-bit to the beta channel if no additional bugs are found.
+CoreOS is released into stable, alpha and beta channels. New features and bug fixes are tested in the alpha channel and are promoted bit-for-bit to the beta channel if no additional bugs are found.
 
 By design, the CoreOS update engine does not execute downgrades. If you're switching from a channel with a higher CoreOS version than the new channel, your machine won't be updated again until the new channel contains a higher version number.
 
@@ -47,4 +47,4 @@ cat /etc/os-release
 
 ## Release Information
 
-You can read more about the current releases and channels on the [releases page]({{site.baseurl}}/releases).
\ No newline at end of file
+You can read more about the current releases and channels on the [releases page]({{site.baseurl}}/releases).
diff --git a/running-coreos/bare-metal/booting-with-ipxe/index.md b/running-coreos/bare-metal/booting-with-ipxe/index.md
index 6107a4bca..48b0993de 100644
--- a/running-coreos/bare-metal/booting-with-ipxe/index.md
+++ b/running-coreos/bare-metal/booting-with-ipxe/index.md
@@ -18,11 +18,11 @@ CoreOS is currently in heavy development and actively being tested. These instru
 iPXE can be used on any platform that can boot an ISO image.
 This includes many cloud providers and physical hardware.
 
-To illustrate iPXE in action we will qemu-kvm in this guide.
+To illustrate iPXE in action we will use qemu-kvm in this guide.
 
 ### Choose a Channel
 
-CoreOS is released into alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel.
+CoreOS is released into stable, alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel.
 
 ### Setting up the Boot Script
 
diff --git a/running-coreos/bare-metal/installing-to-disk/index.md b/running-coreos/bare-metal/installing-to-disk/index.md
index f17f5e2a6..e41eca240 100644
--- a/running-coreos/bare-metal/installing-to-disk/index.md
+++ b/running-coreos/bare-metal/installing-to-disk/index.md
@@ -39,7 +39,7 @@ coreos-install -d /dev/sda -c cloud-config.yml
 
 ## Choose a Channel
 
-CoreOS is released into alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel.
+CoreOS is released into stable, alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel.
 
 
      
   
        
diff --git a/running-coreos/cloud-providers/vexxhost/index.md b/running-coreos/cloud-providers/vexxhost/index.md
index 360789916..85eae0ebd 100644
--- a/running-coreos/cloud-providers/vexxhost/index.md
+++ b/running-coreos/cloud-providers/vexxhost/index.md
@@ -21,8 +21,8 @@ CLI tools.
 
 ## Choosing a Channel
 
-CoreOS is released into alpha and beta channels. Releases to each channel serve
-as a release-candidate for the next channel. For example, a bug-free alpha
+CoreOS is released into stable, alpha and beta channels. Releases to each channel
+serve as a release-candidate for the next channel. For example, a bug-free alpha
 release is promoted bit-for-bit to the beta channel.
 
 CoreOS releases are automatically built and deployed on the VEXXHOST cloud,
diff --git a/running-coreos/platforms/eucalyptus/index.md b/running-coreos/platforms/eucalyptus/index.md
index 94c4a3add..411a54945 100644
--- a/running-coreos/platforms/eucalyptus/index.md
+++ b/running-coreos/platforms/eucalyptus/index.md
@@ -19,7 +19,7 @@ In order to convert the image you will need to install ```qemu-img``` with your
 
 ### Choosing a Channel
 
-CoreOS is released into alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel.
+CoreOS is released into stable, alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel.
 
 The channel is selected based on the URL below. Simply replace `alpha` with `beta`. Read the [release notes]({{site.baseurl}}/releases) for specific features and bug fixes in each channel.
 
diff --git a/running-coreos/platforms/libvirt/index.md b/running-coreos/platforms/libvirt/index.md
index d21a6d11c..2a59d6da8 100644
--- a/running-coreos/platforms/libvirt/index.md
+++ b/running-coreos/platforms/libvirt/index.md
@@ -25,7 +25,7 @@ to substitute that path if you use another one.
 
 ### Choosing a Channel
 
-CoreOS is released into alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel.
+CoreOS is released into stable, alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel.
 
 Read the [release notes]({{site.baseurl}}/releases) for specific features and bug fixes in each channel.
 
diff --git a/running-coreos/platforms/vmware/index.md b/running-coreos/platforms/vmware/index.md
index 7e444c2f7..a127e4319 100644
--- a/running-coreos/platforms/vmware/index.md
+++ b/running-coreos/platforms/vmware/index.md
@@ -21,7 +21,7 @@ you will need to launch the `coreos_developer_vmware_insecure.vmx` file to creat
 
 ### Choosing a Channel
 
-CoreOS is released into alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel.
+CoreOS is released into stable, alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel.
 
 The channel is selected based on the URL below. Simply replace `alpha` with `beta`. Read the [release notes]({{site.baseurl}}/releases) for specific features and bug fixes in each channel.
 

From 58067b940ed680d0c92d7557aeda5f9c09abc625 Mon Sep 17 00:00:00 2001
From: kayrus 
Date: Thu, 2 Jul 2015 18:00:23 +0200
Subject: [PATCH 0502/1291] Removed long ssh-rsa keys, updated iPXE and PXE
 docs, fixed links to "config_drive" docs

---
 .../setup/adding-users/index.md               |  2 +-
 .../bare-metal/booting-with-ipxe/index.md     | 21 +++++++++++++++----
 .../bare-metal/booting-with-pxe/index.md      | 11 +++-------
 .../bare-metal/installing-to-disk/index.md    |  2 +-
 running-coreos/platforms/iso/index.md         |  2 +-
 running-coreos/platforms/openstack/index.md   |  2 +-
 .../notes-for-distributors/index.md           |  2 +-
 7 files changed, 25 insertions(+), 17 deletions(-)

diff --git a/cluster-management/setup/adding-users/index.md b/cluster-management/setup/adding-users/index.md
index 66e556f3a..c184c9754 100644
--- a/cluster-management/setup/adding-users/index.md
+++ b/cluster-management/setup/adding-users/index.md
@@ -25,7 +25,7 @@ users:
       - sudo
       - docker
     ssh-authorized-keys:
-      - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC0g+ZTxC7weoIJLUafOgrm+h...
+      - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGdByTgSVHq.......
 ```
 
 Check out the entire [Customize with Cloud-Config]({{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config/) guide for the full details.
diff --git a/running-coreos/bare-metal/booting-with-ipxe/index.md b/running-coreos/bare-metal/booting-with-ipxe/index.md
index 6107a4bca..5c66d5f97 100644
--- a/running-coreos/bare-metal/booting-with-ipxe/index.md
+++ b/running-coreos/bare-metal/booting-with-ipxe/index.md
@@ -13,13 +13,26 @@ weight: 5
 
 CoreOS is currently in heavy development and actively being tested. These instructions will walk you through booting CoreOS via iPXE on real or virtual hardware. By default, this will run CoreOS completely out of RAM. CoreOS can also be [installed to disk]({{site.baseurl}}/docs/running-coreos/bare-metal/installing-to-disk).
 
-## Configuring pxelinux
+## Configuring iPXE
 
 iPXE can be used on any platform that can boot an ISO image.
 This includes many cloud providers and physical hardware.
 
 To illustrate iPXE in action we will qemu-kvm in this guide.
 
+### Setting up iPXE boot script
+
+When configuring the CoreOS iPXE boot script there are a few kernel options that may be useful but all are optional.
+
+- **rootfstype=tmpfs**: Use tmpfs for the writable root filesystem. This is the default behavior.
+- **root**: Use a local filesystem for root instead of one of two in-ram options above. The filesystem must be formatted in advance but may be completely blank, it will be initialized on boot. The filesystem may be specified by any of the usual ways including device, label, or UUID; e.g: `root=/dev/sda1`, `root=LABEL=ROOT` or `root=UUID=2c618316-d17a-4688-b43b-aa19d97ea821`.
+- **sshkey**: Add the given SSH public key to the `core` user's authorized_keys file. Replace the example key below with your own (it is usually in `~/.ssh/id_rsa.pub`)
+- **console**: Enable kernel output and a login prompt on a given tty. The default, `tty0`, generally maps to VGA. Can be used multiple times, e.g. `console=tty0 console=ttyS0`
+- **coreos.autologin**: Drop directly to a shell on a given console without prompting for a password. Useful for troubleshooting but use with caution. For any console that doesn't normally get a login prompt by default be sure to combine with the `console` option, e.g. `console=tty0 console=ttyS0 coreos.autologin=tty1 coreos.autologin=ttyS0`. Without any argument it enables access on all consoles. Note that for the VGA console the login prompts are on virtual terminals (`tty1`, `tty2`, etc), not the VGA console itself (`tty0`).
+- **cloud-config-url**: CoreOS will attempt to download a cloud-config document and use it to provision your booted system. See the [coreos-cloudinit-project][cloudinit] for more information.
+
+[cloudinit]: https://github.com/coreos/coreos-cloudinit
+
 ### Choose a Channel
 
 CoreOS is released into alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel.
@@ -39,7 +52,7 @@ CoreOS is released into alpha and beta channels. Releases to each channel serve
 #!ipxe
 
 set base-url http://alpha.release.core-os.net/amd64-usr/current
-kernel ${base-url}/coreos_production_pxe.vmlinuz sshkey="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAYQC2PxAKTLdczK9+RNsGGPsz0eC2pBlydBEcrbI7LSfiN7Bo5hQQVjki+Xpnp8EEYKpzu6eakL8MJj3E28wT/vNklT1KyMZrXnVhtsmOtBKKG/++odpaavdW2/AU0l7RZiE= coreos pxe demo"
+kernel ${base-url}/coreos_production_pxe.vmlinuz cloud-config-url=http://example.com/pxe-cloud-config.yml
 initrd ${base-url}/coreos_production_pxe_image.cpio.gz
 boot
      @@ -49,7 +62,7 @@ boot #!ipxe set base-url http://beta.release.core-os.net/amd64-usr/current -kernel ${base-url}/coreos_production_pxe.vmlinuz sshkey="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAYQC2PxAKTLdczK9+RNsGGPsz0eC2pBlydBEcrbI7LSfiN7Bo5hQQVjki+Xpnp8EEYKpzu6eakL8MJj3E28wT/vNklT1KyMZrXnVhtsmOtBKKG/++odpaavdW2/AU0l7RZiE= coreos pxe demo" +kernel ${base-url}/coreos_production_pxe.vmlinuz cloud-config-url=http://example.com/pxe-cloud-config.yml initrd ${base-url}/coreos_production_pxe_image.cpio.gz boot
      @@ -59,7 +72,7 @@ boot #!ipxe set base-url http://stable.release.core-os.net/amd64-usr/current -kernel ${base-url}/coreos_production_pxe.vmlinuz sshkey="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAYQC2PxAKTLdczK9+RNsGGPsz0eC2pBlydBEcrbI7LSfiN7Bo5hQQVjki+Xpnp8EEYKpzu6eakL8MJj3E28wT/vNklT1KyMZrXnVhtsmOtBKKG/++odpaavdW2/AU0l7RZiE= coreos pxe demo" +kernel ${base-url}/coreos_production_pxe.vmlinuz cloud-config-url=http://example.com/pxe-cloud-config.yml initrd ${base-url}/coreos_production_pxe_image.cpio.gz boot
      diff --git a/running-coreos/bare-metal/booting-with-pxe/index.md b/running-coreos/bare-metal/booting-with-pxe/index.md index efe7f9588..2f474cebf 100644 --- a/running-coreos/bare-metal/booting-with-pxe/index.md +++ b/running-coreos/bare-metal/booting-with-pxe/index.md @@ -27,10 +27,7 @@ If you need suggestions on how to set a server up, check out guides for [Debian] When configuring the CoreOS pxelinux.cfg there are a few kernel options that may be useful but all are optional. -If you plan to use docker, `/var/lib/docker` must have a btrfs filesystem. This is most easily accomplished by using btrfs for the entire root filesystem via `rootfstype=btrfs`. - - **rootfstype=tmpfs**: Use tmpfs for the writable root filesystem. This is the default behavior. -- **rootfstype=btrfs**: Use btrfs in RAM for the writable root filesystem. The filesystem will consume more RAM as it grows, up to a max of 50%. The limit isn't currently configurable. - **root**: Use a local filesystem for root instead of one of two in-ram options above. The filesystem must be formatted in advance but may be completely blank, it will be initialized on boot. The filesystem may be specified by any of the usual ways including device, label, or UUID; e.g: `root=/dev/sda1`, `root=LABEL=ROOT` or `root=UUID=2c618316-d17a-4688-b43b-aa19d97ea821`. - **sshkey**: Add the given SSH public key to the `core` user's authorized_keys file. Replace the example key below with your own (it is usually in `~/.ssh/id_rsa.pub`) - **console**: Enable kernel output and a login prompt on a given tty. The default, `tty0`, generally maps to VGA. Can be used multiple times, e.g. `console=tty0 console=ttyS0` @@ -66,7 +63,7 @@ coreos: - name: fleet.service command: start ssh_authorized_keys: - - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAYQC2PxAKTLdczK9+RNsGGPsz0eC2pBlydBEcrbI7LSfiN7Bo5hQQVjki+Xpnp8EEYKpzu6eakL8MJj3E28wT/vNklT1KyMZrXnVhtsmOtBKKG/++odpaavdW2/AU0l7RZiE= + - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGdByTgSVHq....... ``` You can view all of the [cloud-config options here]({{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config/). @@ -159,13 +156,11 @@ Since our upgrade process requires a disk, this image does not have the option t ## Installation Once booted it is possible to [install CoreOS on a local disk][install-to-disk] or to just use local storage for the writable root filesystem while continuing to boot CoreOS itself via PXE. -If you plan on using Docker we recommend using a local btrfs filesystem but ext4 is also available if supporting Docker is not required. -For example, to setup a btrfs root filesystem on `/dev/sda`: +For example, to setup a ext4 root filesystem on `/dev/sda`: ```sh cfdisk -z /dev/sda -touch "/usr.squashfs (deleted)" # work around a bug in mkfs.btrfs 3.12 -mkfs.btrfs -L ROOT /dev/sda1 +mkfs.ext4 -L ROOT /dev/sda1 ``` And add `root=/dev/sda1` or `root=LABEL=ROOT` to the kernel options as documented above. diff --git a/running-coreos/bare-metal/installing-to-disk/index.md b/running-coreos/bare-metal/installing-to-disk/index.md index f17f5e2a6..6bcee3514 100644 --- a/running-coreos/bare-metal/installing-to-disk/index.md +++ b/running-coreos/bare-metal/installing-to-disk/index.md @@ -93,7 +93,7 @@ A cloud-config that specifies an SSH key for the `core` user but doesn't use any #cloud-config ssh_authorized_keys: - - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC0g+ZTxC7weoIJLUafOgrm+h... + - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGdByTgSVHq....... ``` Note: The `$private_ipv4` and `$public_ipv4` substitution variables referenced in other documents are *not* supported when installing via the `coreos-install` script. diff --git a/running-coreos/platforms/iso/index.md b/running-coreos/platforms/iso/index.md index 572bc144d..19d2397e7 100644 --- a/running-coreos/platforms/iso/index.md +++ b/running-coreos/platforms/iso/index.md @@ -51,7 +51,7 @@ The latest CoreOS ISOs can be downloaded from the image storage site: ## Known Limitations -1. The best strategy for providing [cloud-config]({{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config) is via [config-drive](https://github.com/coreos/coreos-cloudinit/blob/master/Documentation/config-drive.md). +1. The best strategy for providing [cloud-config]({{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config) is via [config-drive]({{site.baseurl}}/docs/cluster-management/setup/cloudinit-config-drive). ## Install to Disk diff --git a/running-coreos/platforms/openstack/index.md b/running-coreos/platforms/openstack/index.md index b42633d85..6c16b2a12 100644 --- a/running-coreos/platforms/openstack/index.md +++ b/running-coreos/platforms/openstack/index.md @@ -117,7 +117,7 @@ coreos: command: start ssh_authorized_keys: # include one or more SSH public keys - - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC0g+ZTxC7weoIJLUafOgrm+h... + - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGdByTgSVHq....... ``` The `$private_ipv4` and `$public_ipv4` substitution variables are fully supported in cloud-config on most OpenStack deployments. Unfortunately some systems relying on config drive may leave these values undefined. diff --git a/sdk-distributors/distributors/notes-for-distributors/index.md b/sdk-distributors/distributors/notes-for-distributors/index.md index 3b4f7fc6c..6e4e563d1 100644 --- a/sdk-distributors/distributors/notes-for-distributors/index.md +++ b/sdk-distributors/distributors/notes-for-distributors/index.md @@ -35,7 +35,7 @@ Use cloud-config to handle platform specific configuration such as custom networ End-users should be able to provide a cloud-config file to your platform while specifying their VM's parameters. This file should be made available to CoreOS at a known network address, injected directly onto disk or contained within a [config-drive][config-drive-docs]. Below are a few examples of how this process works on a few different providers. -[config-drive-docs]: http://docs.openstack.org/grizzly/openstack-compute/admin/content/config-drive.html +[config-drive-docs]: http://docs.openstack.org/user-guide/cli_config_drive.html ### Amazon EC2 Example From 2561a046b444864d920c5e3b172e60dea46074ec Mon Sep 17 00:00:00 2001 From: kayrus Date: Fri, 3 Jul 2015 11:57:13 +0200 Subject: [PATCH 0503/1291] Added nginx configuration example for "cloud-config" hosting --- .../bare-metal/booting-with-ipxe/index.md | 22 ++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/running-coreos/bare-metal/booting-with-ipxe/index.md b/running-coreos/bare-metal/booting-with-ipxe/index.md index 5c66d5f97..3bc13faef 100644 --- a/running-coreos/bare-metal/booting-with-ipxe/index.md +++ b/running-coreos/bare-metal/booting-with-ipxe/index.md @@ -24,7 +24,6 @@ To illustrate iPXE in action we will qemu-kvm in this guide. When configuring the CoreOS iPXE boot script there are a few kernel options that may be useful but all are optional. -- **rootfstype=tmpfs**: Use tmpfs for the writable root filesystem. This is the default behavior. - **root**: Use a local filesystem for root instead of one of two in-ram options above. The filesystem must be formatted in advance but may be completely blank, it will be initialized on boot. The filesystem may be specified by any of the usual ways including device, label, or UUID; e.g: `root=/dev/sda1`, `root=LABEL=ROOT` or `root=UUID=2c618316-d17a-4688-b43b-aa19d97ea821`. - **sshkey**: Add the given SSH public key to the `core` user's authorized_keys file. Replace the example key below with your own (it is usually in `~/.ssh/id_rsa.pub`) - **console**: Enable kernel output and a login prompt on a given tty. The default, `tty0`, generally maps to VGA. Can be used multiple times, e.g. `console=tty0 console=ttyS0` @@ -125,6 +124,27 @@ Similar to the [OEM partition][oem] in CoreOS disk images, iPXE images can be cu [oem]: {{site.baseurl}}/docs/sdk-distributors/distributors/notes-for-distributors/#image-customization [cloud-config]: {{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config/ +## Hosting `cloud-config` + +One of the way to host your `cloud-config` files is to use [nginx][nginx]. You can also use [http_sub_module][http_sub_module] which will allow you to use `$private_ipv4` and `$public_ipv4` substitution variables referenced in other documents. By default this module is enabled in official nginx packages and in most of Linux distributions. + +Here is an example nginx configuration which will substitude `$public_ipv4` and `$private_ipv4` (depends on your nginx server location and NAT configuration) vairables: + +``` +location ~ ^/user_data { + sub_filter $public_ipv4 '$remote_addr'; +# sub_filter $private_ipv4 '$http_x_forwarded_for'; +# sub_filter $private_ipv4 '$http_x_real_ip'; + sub_filter_once off; + sub_filter_types '*'; +} +``` + +Example configuration is valid for all `/user_data*` URIs (i.e. `/user_data_host1`, `/user_data_host2`, etc.). `$private_ipv4` substitution will work only if your local hosts use transparent http proxy which adds `HTTP_X_FORWARDED_FOR` or `HTTP_X_REAL_IP` HTTP request headers and your nginx server is hosted remotely. + +[nginx]: http://nginx.org/en/ +[http_sub_module]: http://nginx.org/en/docs/http/ngx_http_sub_module.html + ## Using CoreOS Now that you have a machine booted it is time to play around. From bda9ff258c982598c2a25e3f8e24846e7944e5fc Mon Sep 17 00:00:00 2001 From: kayrus Date: Fri, 3 Jul 2015 12:03:12 +0200 Subject: [PATCH 0504/1291] Added root directive for nginx example --- running-coreos/bare-metal/booting-with-ipxe/index.md | 1 + 1 file changed, 1 insertion(+) diff --git a/running-coreos/bare-metal/booting-with-ipxe/index.md b/running-coreos/bare-metal/booting-with-ipxe/index.md index 3bc13faef..f46b9ed59 100644 --- a/running-coreos/bare-metal/booting-with-ipxe/index.md +++ b/running-coreos/bare-metal/booting-with-ipxe/index.md @@ -132,6 +132,7 @@ Here is an example nginx configuration which will substitude `$public_ipv4` and ``` location ~ ^/user_data { + root /path/to/cloud/config/files; sub_filter $public_ipv4 '$remote_addr'; # sub_filter $private_ipv4 '$http_x_forwarded_for'; # sub_filter $private_ipv4 '$http_x_real_ip'; From 2dee68daa6a28eaf46fcd32ba8499369b79cbe8f Mon Sep 17 00:00:00 2001 From: kayrus Date: Fri, 3 Jul 2015 13:25:33 +0200 Subject: [PATCH 0505/1291] Spelling fixes --- running-coreos/bare-metal/booting-with-ipxe/index.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/running-coreos/bare-metal/booting-with-ipxe/index.md b/running-coreos/bare-metal/booting-with-ipxe/index.md index f46b9ed59..b21eff73f 100644 --- a/running-coreos/bare-metal/booting-with-ipxe/index.md +++ b/running-coreos/bare-metal/booting-with-ipxe/index.md @@ -126,9 +126,9 @@ Similar to the [OEM partition][oem] in CoreOS disk images, iPXE images can be cu ## Hosting `cloud-config` -One of the way to host your `cloud-config` files is to use [nginx][nginx]. You can also use [http_sub_module][http_sub_module] which will allow you to use `$private_ipv4` and `$public_ipv4` substitution variables referenced in other documents. By default this module is enabled in official nginx packages and in most of Linux distributions. +One of the ways to host your `cloud-config` files is to use [nginx][nginx]. You can also use [http_sub_module][http_sub_module] which will allow you to use `$private_ipv4` and `$public_ipv4` substitution variables referenced in other documents. By default this module is enabled in official nginx packages and in most Linux distributions. -Here is an example nginx configuration which will substitude `$public_ipv4` and `$private_ipv4` (depends on your nginx server location and NAT configuration) vairables: +Here is an example nginx configuration which will substitute `$public_ipv4` and `$private_ipv4` (depends on your nginx server location and NAT configuration) variables: ``` location ~ ^/user_data { @@ -141,7 +141,7 @@ location ~ ^/user_data { } ``` -Example configuration is valid for all `/user_data*` URIs (i.e. `/user_data_host1`, `/user_data_host2`, etc.). `$private_ipv4` substitution will work only if your local hosts use transparent http proxy which adds `HTTP_X_FORWARDED_FOR` or `HTTP_X_REAL_IP` HTTP request headers and your nginx server is hosted remotely. +This example configuration is valid for all `/user_data*` URIs (i.e. `/user_data_host1`, `/user_data_host2`, etc.). `$private_ipv4` substitution will work only if your local hosts use a transparent http proxy which adds `HTTP_X_FORWARDED_FOR` or `HTTP_X_REAL_IP` HTTP request headers and your nginx server is hosted remotely. [nginx]: http://nginx.org/en/ [http_sub_module]: http://nginx.org/en/docs/http/ngx_http_sub_module.html From 2dfb2463dd96715bf13d34c612b8587fa159efe5 Mon Sep 17 00:00:00 2001 From: kayrus Date: Fri, 3 Jul 2015 15:10:10 +0200 Subject: [PATCH 0506/1291] Updated "getting-started-with-etcd" doc --- .../getting-started-with-etcd/index.md | 32 +++++++++++++++++-- 1 file changed, 30 insertions(+), 2 deletions(-) diff --git a/distributed-configuration/getting-started-with-etcd/index.md b/distributed-configuration/getting-started-with-etcd/index.md index e52178067..0116b4367 100644 --- a/distributed-configuration/getting-started-with-etcd/index.md +++ b/distributed-configuration/getting-started-with-etcd/index.md @@ -112,7 +112,7 @@ $ curl -L http://127.0.0.1:4001/v2/keys/foo-service Now let's try watching the `foo-service` directory for changes, just like our proxy would have to. First, open up another shell on a CoreOS host in the cluster. In one window, start watching the directory and in the other window, add another key `container2` with the value `localhost:2222` into the directory. This command shouldn't output anything until the key has changed. Many events can trigger a change, including a new, updated, deleted or expired key. ```sh -$ etcdctl watch /foo-service --recursive +$ etcdctl watch --recursive /foo-service ``` @@ -136,7 +136,7 @@ $ curl -L -X PUT http://127.0.0.1:4001/v2/keys/foo-service/container2 -d value=" In the first window, you should get the notification that the key has changed. In a real application, this would trigger reconfiguration. ```sh -$ etcdctl watch /foo-service --recursive +$ etcdctl watch --recursive /foo-service localhost:2222 ``` @@ -145,6 +145,34 @@ $ curl -L http://127.0.0.1:4001/v2/keys/foo-service?wait=true\&recursive=true {"action":"set","node":{"key":"/foo-service/container2","value":"localhost:2222","modifiedIndex":23,"createdIndex":23}} ``` +### Watching the Directory and triggering an executable + +Now let's try watching the `foo-service` directory for changes and if there are any run the command. In one window, start watching the directory and in the other window, add another key `container3` with the value `localhost:2222` into the directory. This command shouldn't trigger anything until the key has changed. The same events as in previous example can trigger a change. `exec-watch` command considers `etcdctl` to run continuously (for `watch` command you can use `--forever` option) + +```sh +$ etcdctl exec-watch --recursive /foo-service -- sh -c 'echo "\"$ETCD_WATCH_KEY\" key was updated to \"$ETCD_WATCH_VALUE\" value by \"$ETCD_WATCH_ACTION\" action"' + +``` + +In the other window, let's pretend a new container has started and announced itself to the proxy by running: + +```sh +$ etcdctl set /foo-service/container3 localhost:2222 +localhost:2222 +``` + +```sh +$ curl -L -X PUT http://127.0.0.1:4001/v2/keys/foo-service/container3 -d value="localhost:2222" +{"action":"set","node":{"key":"/foo-service/container3","value":"localhost:2222","modifiedIndex":23,"createdIndex":23}} +``` + +In the first window, you should get the notification that the key has changed. We have used `$ETCD_WATCH_*` environment variables which were set by `etcdctl`. + +```sh +$ etcdctl exec-watch --recursive /foo-service -- sh -c 'echo "\"$ETCD_WATCH_KEY\" key was updated to \"$ETCD_WATCH_VALUE\" value by \"$ETCD_WATCH_ACTION\" action"' +"/foo-service/container3" key was updated to "localhost:2222" value by "set" action +``` + ## Test and Set etcd can be used as a centralized coordination service and provides `TestAndSet` functionality as the building block of such a service. You must provide the previous value along with your new value. If the previous value matches the current value the operation will succeed. From 50233f46b685ae95134f1f61386b2960597e0bc1 Mon Sep 17 00:00:00 2001 From: kayrus Date: Fri, 3 Jul 2015 15:30:37 +0200 Subject: [PATCH 0507/1291] Fixed spelling --- distributed-configuration/getting-started-with-etcd/index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/distributed-configuration/getting-started-with-etcd/index.md b/distributed-configuration/getting-started-with-etcd/index.md index 0116b4367..140d4f00a 100644 --- a/distributed-configuration/getting-started-with-etcd/index.md +++ b/distributed-configuration/getting-started-with-etcd/index.md @@ -147,14 +147,14 @@ $ curl -L http://127.0.0.1:4001/v2/keys/foo-service?wait=true\&recursive=true ### Watching the Directory and triggering an executable -Now let's try watching the `foo-service` directory for changes and if there are any run the command. In one window, start watching the directory and in the other window, add another key `container3` with the value `localhost:2222` into the directory. This command shouldn't trigger anything until the key has changed. The same events as in previous example can trigger a change. `exec-watch` command considers `etcdctl` to run continuously (for `watch` command you can use `--forever` option) +Now let's try watching the `foo-service` directory for changes and - if there are any - run the command. In one window, start watching the directory and in the other window, add another key `container3` with the value `localhost:2222` into the directory. This command shouldn't trigger anything until the key has changed. The same events as in the previous example can trigger a change. The `exec-watch` command expects `etcdctl` to run continuously (for `watch` command you can use `--forever` option) ```sh $ etcdctl exec-watch --recursive /foo-service -- sh -c 'echo "\"$ETCD_WATCH_KEY\" key was updated to \"$ETCD_WATCH_VALUE\" value by \"$ETCD_WATCH_ACTION\" action"' ``` -In the other window, let's pretend a new container has started and announced itself to the proxy by running: +In the other window, let's imagine a new container has started and announced itself to the proxy by running: ```sh $ etcdctl set /foo-service/container3 localhost:2222 From f17f9fa8499ede9cfdcbb52f2d280eda208b673f Mon Sep 17 00:00:00 2001 From: kayrus Date: Wed, 1 Jul 2015 15:00:47 +0200 Subject: [PATCH 0508/1291] Updated libvirt configuration --- .../libvirt/deploy_coreos_cluster.sh | 52 +++++ running-coreos/platforms/libvirt/index.md | 178 ++++++++++-------- 2 files changed, 153 insertions(+), 77 deletions(-) create mode 100644 running-coreos/platforms/libvirt/deploy_coreos_cluster.sh diff --git a/running-coreos/platforms/libvirt/deploy_coreos_cluster.sh b/running-coreos/platforms/libvirt/deploy_coreos_cluster.sh new file mode 100644 index 000000000..467f0bbe3 --- /dev/null +++ b/running-coreos/platforms/libvirt/deploy_coreos_cluster.sh @@ -0,0 +1,52 @@ +#!/bin/bash -e + +usage() { + echo "Usage: $0 number_of_coreos_nodes" +} + +if [ "$1" == "" ]; then + echo "Cluster size is empty" + usage + exit 1 +fi + +if ! [[ $1 =~ ^[0-9]+$ ]]; then + echo "'$1' is not a number" + usage + exit 1 +fi + +LIBVIRT_PATH=/var/lib/libvirt/images/coreos +USER_DATA_TEMPLATE=$LIBVIRT_PATH/user_data +ETCD_DISCOVERY=$(curl -s "https://discovery.etcd.io/new?size=$1") +RAM=1024 +CPUs=1 + +if [ ! -d $LIBVIRT_PATH ]; then + mkdir -p $LIBVIRT_PATH || (echo "Can not create $LIBVIRT_PATH directory" && exit 1) +fi + +if [ ! -f $USER_DATA_TEMPLATE ]; then + echo "$USER_DATA_TEMPLATE template doesn't exist" + exit 1 +fi + +for SEQ in $(seq 1 $1); do + COREOS_HOSTNAME="coreos$SEQ" + + if [ ! -d $LIBVIRT_PATH/$COREOS_HOSTNAME/openstack/latest ]; then + mkdir -p $LIBVIRT_PATH/$COREOS_HOSTNAME/openstack/latest || (echo "Can not create $LIBVIRT_PATH/$COREOS_HOSTNAME/openstack/latest directory" && exit 1) + fi + + if [ ! -f $LIBVIRT_PATH/coreos_production_qemu_image.img ]; then + wget http://stable.release.core-os.net/amd64-usr/current/coreos_production_qemu_image.img.bz2 -O - | bzcat > $LIBVIRT_PATH/coreos_production_qemu_image.img + fi + + if [ ! -f $LIBVIRT_PATH/$COREOS_HOSTNAME.qcow2 ]; then + qemu-img create -f qcow2 -b $LIBVIRT_PATH/coreos_production_qemu_image.img $LIBVIRT_PATH/$COREOS_HOSTNAME.qcow2 + fi + + sed "s#%HOSTNAME%#$COREOS_HOSTNAME#g;s#%DISCOVERY%#$ETCD_DISCOVERY#g" $LIBVIRT_PATH/user_data > $LIBVIRT_PATH/$COREOS_HOSTNAME/openstack/latest/user_data + + virt-install --connect qemu:///system --import --name $COREOS_HOSTNAME --ram $RAM --vcpus $CPUs --os-type=linux --os-variant=virtio26 --disk path=$LIBVIRT_PATH/$COREOS_HOSTNAME.qcow2,format=qcow2,bus=virtio --filesystem $LIBVIRT_PATH/$COREOS_HOSTNAME/,config-2,type=mount,mode=squash --vnc --noautoconsole +done diff --git a/running-coreos/platforms/libvirt/index.md b/running-coreos/platforms/libvirt/index.md index d21a6d11c..93e7bb541 100644 --- a/running-coreos/platforms/libvirt/index.md +++ b/running-coreos/platforms/libvirt/index.md @@ -11,16 +11,16 @@ weight: 5 This guide explains how to run CoreOS with libvirt. The libvirt configuration file can be used (for example) with virsh or virt-manager. The guide assumes -that you already have a running libvirt setup. If you don’t have that, other -solutions are most likely easier. +that you already have a running libvirt setup and virt-install tool. If you +don’t have that, other solutions are most likely easier. You can direct questions to the [IRC channel][irc] or [mailing list][coreos-dev]. ## Download the CoreOS image -In this guide, the example virtual machine we are creating is called coreos0 and -all files are stored in /var/lib/libvirt/images/coreos0. This is not a requirement — feel free +In this guide, the example virtual machine we are creating is called coreos1 and +all files are stored in /var/lib/libvirt/images/coreos. This is not a requirement — feel free to substitute that path if you use another one. ### Choosing a Channel @@ -39,22 +39,22 @@ Read the [release notes]({{site.baseurl}}/releases) for specific features and bu

      We start by downloading the most recent disk image:

      -mkdir -p /var/lib/libvirt/images/coreos0
-cd /var/lib/libvirt/images/coreos0
+mkdir -p /var/lib/libvirt/images/coreos
+cd /var/lib/libvirt/images/coreos
 wget http://alpha.release.core-os.net/amd64-usr/current/coreos_production_qemu_image.img.bz2 -O - | bzcat > coreos_production_qemu_image.img

      We start by downloading the most recent disk image:

      -mkdir -p /var/lib/libvirt/images/coreos0
-cd /var/lib/libvirt/images/coreos0
+mkdir -p /var/lib/libvirt/images/coreos
+cd /var/lib/libvirt/images/coreos
 wget http://beta.release.core-os.net/amd64-usr/current/coreos_production_qemu_image.img.bz2 -O - | bzcat > coreos_production_qemu_image.img

      We start by downloading the most recent disk image:

      -mkdir -p /var/lib/libvirt/images/coreos0
-cd /var/lib/libvirt/images/coreos0
+mkdir -p /var/lib/libvirt/images/coreos
+cd /var/lib/libvirt/images/coreos
 wget http://stable.release.core-os.net/amd64-usr/current/coreos_production_qemu_image.img.bz2 -O - | bzcat > coreos_production_qemu_image.img
      @@ -62,75 +62,22 @@ wget http://stable.release.core-os.net/amd64-usr/current/coreos_production_qemu_ ## Virtual machine configuration -Now create /tmp/coreos0.xml with the following contents: - -```xml - - coreos0 - 1048576 - 1048576 - 1 - - hvm - - - - - - - - - destroy - restart - restart - - /usr/bin/qemu-kvm - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +Now create a qcow2 image snapshot using the command below: + +```sh +cd /var/lib/libvirt/images/coreos +qemu-img create -f qcow2 -b coreos_production_qemu_image.img coreos1.qcow2 ``` -You can change any of these parameters later. +It will create coreos1.qcow2 snapshot image. Any changes to coreos1.qcow2 will not be reflected in coreos_production_qemu_image.img. Making any changes to a base image (coreos_production_qemu_image.img in our example) will corrupt its snapshots. ### Config drive Now create a config drive file system to configure CoreOS itself: ```sh -mkdir -p /var/lib/libvirt/images/coreos0/configdrive/openstack/latest -touch /var/lib/libvirt/images/coreos0/configdrive/openstack/latest/user_data +mkdir -p /var/lib/libvirt/images/coreos/coreos1/openstack/latest +touch /var/lib/libvirt/images/coreos/coreos1/openstack/latest/user_data ``` The `user_data` file may contain a script for a [cloud config][cloud-config] @@ -142,7 +89,7 @@ contents of `user_data` should look something like this: ssh_authorized_keys: - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGdByTgSVHq....... - ``` +``` Note: The `$private_ipv4` and `$public_ipv4` substitution variables referenced in other documents are *not* supported on libvirt. @@ -152,7 +99,7 @@ Note: The `$private_ipv4` and `$public_ipv4` substitution variables referenced i By default, CoreOS uses DHCP to get its network configuration. In this example the VM will be attached directly to the local network via a bridge -on the host's eth0 and the local network. To configure a static address +on the host's virbr0 and the local network. To configure a static address add a [networkd unit][systemd-network] to `user_data`: ```yaml @@ -161,6 +108,8 @@ add a [networkd unit][systemd-network] to `user_data`: ssh_authorized_keys: - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGdByTgSVHq....... +hostname: coreos1 + coreos: units: - name: 10-ens3.network @@ -179,10 +128,10 @@ coreos: ## Virtual machine startup -Now import the XML as new VM into your libvirt instance and start it: +Now start new libvirt instance with 1024Mb of RAM and 1 CPU: ```sh -virsh create /tmp/coreos0.xml +virt-install --connect qemu:///system --import --name coreos1 --ram 1024 --vcpus 1 --os-type=linux --os-variant=virtio26 --disk path=/var/lib/libvirt/images/coreos/coreos1.qcow2,format=qcow2,bus=virtio --filesystem /var/lib/libvirt/images/coreos/coreos1/,config-2,type=mount,mode=squash --network bridge=virbr0,mac=52:54:00:fe:b3:c0,type=bridge --vnc --noautoconsole ``` Once the virtual machine has started you can log in via SSH: @@ -197,7 +146,7 @@ To simplify this and avoid potential host key errors in the future add the following to `~/.ssh/config`: ```ini -Host coreos0 +Host coreos1 HostName 203.0.113.2 User core StrictHostKeyChecking no @@ -207,7 +156,7 @@ UserKnownHostsFile /dev/null Now you can log in to the virtual machine with: ```sh -ssh coreos0 +ssh coreos1 ``` @@ -215,3 +164,78 @@ ssh coreos0 Now that you have a machine booted it is time to play around. Check out the [CoreOS Quickstart]({{site.baseurl}}/docs/quickstart) guide or dig into [more specific topics]({{site.baseurl}}/docs). + +# Running CoreOS cluster demo on libvirt + +This guide explains how to run three-nodes demo CoreOS cluster with libvirt. + +## Bash Script + +Save following `deploy_coreos_cluster.sh` script into your host filesystem: + +```sh +wget https://raw.githubusercontent.com/coreos/docs/master/running-coreos/platforms/libvirt/deploy_coreos_cluster.sh +chmod +x deploy_coreos_cluster.sh +``` + +Each libvirt instance will have 1024Mb of RAM and 1 CPU (RAM and CPUs variables). +You can change these parameters to meet your needs. + +## Cloud config template + +Save the following template into `/var/lib/libvirt/images/coreos/user_data`: + +```yaml +#cloud-config +ssh_authorized_keys: + - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGdByTgSVHq....... +hostname: %HOSTNAME% +coreos: + units: + - name: etcd2.service + command: start + - name: fleet.service + command: start + - name: systemd-networkd.service + command: restart + - name: flanneld.service + drop-ins: + - name: 50-network-config.conf + content: | + [Service] + ExecStartPre=/usr/bin/etcdctl set /coreos.com/network/config '{ "Network": "10.1.0.0/16" }' + command: start + etcd2: + advertise-client-urls: http://%HOSTNAME%:2379 + initial-advertise-peer-urls: http://%HOSTNAME%:2380 + listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001 + listen-peer-urls: http://0.0.0.0:2380 + discovery: %DISCOVERY% + fleet: + public-ip: %HOSTNAME% +``` + +## Virtual machines startup + +Run the script: + +```sh +./deploy_coreos_cluster.sh 3 +``` + +Script will deploy three-nodes CoreOS cluster (`coreos{1..3}` hostnames) with +ready-to-use etcd2, fleet and flannel. + +If your host configuration uses libvirt's dnsmasq as a resolver, you can +simply log in into your new CoreOS instance: + +```sh +ssh core@coreos1 +``` + +Otherwise you can get IP addresses from leases file (for "default" libvirt +network): + +```sh +cat /var/lib/libvirt/dnsmasq/default.leases +``` From 9b001c7dca86f1de8957e8aa3fa3b4a02e981dfe Mon Sep 17 00:00:00 2001 From: pez Date: Fri, 3 Jul 2015 16:29:23 -0700 Subject: [PATCH 0509/1291] Updated documents to reflect switch over from btrfs to ext4 --- .../debugging/btrfs-troubleshooting/index.md | 2 +- running-coreos/bare-metal/booting-with-pxe/index.md | 13 +++++++++++-- .../bare-metal/installing-to-disk/index.md | 4 ++-- 3 files changed, 14 insertions(+), 5 deletions(-) diff --git a/cluster-management/debugging/btrfs-troubleshooting/index.md b/cluster-management/debugging/btrfs-troubleshooting/index.md index 393483b5f..a7e75cc3a 100644 --- a/cluster-management/debugging/btrfs-troubleshooting/index.md +++ b/cluster-management/debugging/btrfs-troubleshooting/index.md @@ -10,7 +10,7 @@ weight: 5 # Working with btrfs and Common Troubleshooting -btrfs is a copy-on-write filesystem with full support in the upstream Linux kernel, which is important since CoreOS frequently ships [updated versions]({{site.baseurl}}/releases) of the kernel. Docker has a storage driver for btrfs and it is set up on CoreOS out of the box. +btrfs is a copy-on-write filesystem with full support in the upstream Linux kernel and several desirable features. In the past, CoreOS shipped with a btrfs root filesystem to support Docker filesystem requirements at the time. As of version 561.0.0, CoreOS ships with ext4 as the default root filesystem by default while still supporting Docker. Btrfs is still supported and works with the latest CoreOS releases and Docker, but we recommend using ext4. btrfs was marked as experimental for a long time, but it's now fully production-ready and supported by a number of Linux distributions. diff --git a/running-coreos/bare-metal/booting-with-pxe/index.md b/running-coreos/bare-metal/booting-with-pxe/index.md index 2f474cebf..3ee52a865 100644 --- a/running-coreos/bare-metal/booting-with-pxe/index.md +++ b/running-coreos/bare-metal/booting-with-pxe/index.md @@ -27,7 +27,6 @@ If you need suggestions on how to set a server up, check out guides for [Debian] When configuring the CoreOS pxelinux.cfg there are a few kernel options that may be useful but all are optional. -- **rootfstype=tmpfs**: Use tmpfs for the writable root filesystem. This is the default behavior. - **root**: Use a local filesystem for root instead of one of two in-ram options above. The filesystem must be formatted in advance but may be completely blank, it will be initialized on boot. The filesystem may be specified by any of the usual ways including device, label, or UUID; e.g: `root=/dev/sda1`, `root=LABEL=ROOT` or `root=UUID=2c618316-d17a-4688-b43b-aa19d97ea821`. - **sshkey**: Add the given SSH public key to the `core` user's authorized_keys file. Replace the example key below with your own (it is usually in `~/.ssh/id_rsa.pub`) - **console**: Enable kernel output and a login prompt on a given tty. The default, `tty0`, generally maps to VGA. Can be used multiple times, e.g. `console=tty0 console=ttyS0` @@ -156,7 +155,10 @@ Since our upgrade process requires a disk, this image does not have the option t ## Installation Once booted it is possible to [install CoreOS on a local disk][install-to-disk] or to just use local storage for the writable root filesystem while continuing to boot CoreOS itself via PXE. -For example, to setup a ext4 root filesystem on `/dev/sda`: + +If you plan on using Docker we recommend using a local ext4 filesystem with overlayfs, however, btrfs is also available to use if needed. + +For example, to setup an ext4 root filesystem on '/dev/sda': ```sh cfdisk -z /dev/sda @@ -165,6 +167,13 @@ mkfs.ext4 -L ROOT /dev/sda1 And add `root=/dev/sda1` or `root=LABEL=ROOT` to the kernel options as documented above. +Similarly, to setup a btrfs root filesystem on `/dev/sda`: + +```sh +cfdisk -z /dev/sda +mkfs.btrfs -L ROOT /dev/sda1 +``` + [install-to-disk]: {{site.baseurl}}/docs/running-coreos/bare-metal/installing-to-disk ## Adding a Custom OEM diff --git a/running-coreos/bare-metal/installing-to-disk/index.md b/running-coreos/bare-metal/installing-to-disk/index.md index 3f548bc0b..174dae8e0 100644 --- a/running-coreos/bare-metal/installing-to-disk/index.md +++ b/running-coreos/bare-metal/installing-to-disk/index.md @@ -108,10 +108,10 @@ coreos-install -d /dev/sda -C beta -c ~/cloud-config.yaml ## Manual Tweaks -If cloud config doesn't handle something you need to do or you just want to take a look at the root btrfs filesystem before booting your new install just mount the ninth partition: +If cloud config doesn't handle something you need to do or you just want to take a look at the root filesystem before booting your new install just mount the ninth partition. For example, with an ext4 root filesystem: ```sh -mount -o subvol=root /dev/sda9 /mnt/ +mount /dev/sda9 /mnt/ ``` ## Using CoreOS From 3fa5a5f868248bf2f292a560cbe2eaefad5ca155 Mon Sep 17 00:00:00 2001 From: kayrus Date: Wed, 8 Jul 2015 13:45:31 +0200 Subject: [PATCH 0510/1291] Added instruction about how to verify CoreOS images --- .../setup/verify-images/index.md | 51 +++++++++++++++++++ 1 file changed, 51 insertions(+) create mode 100644 cluster-management/setup/verify-images/index.md diff --git a/cluster-management/setup/verify-images/index.md b/cluster-management/setup/verify-images/index.md new file mode 100644 index 000000000..2c3807398 --- /dev/null +++ b/cluster-management/setup/verify-images/index.md @@ -0,0 +1,51 @@ +--- +layout: docs +title: Verify CoreOS Images with GPG +category: cluster_management +sub_category: setting_up +fork_url: https://github.com/coreos/docs/blob/master/cluster-management/setup/verify-images/index.md +weight: 7 +--- + +# Verify CoreOS Images with GPG + +CoreOS publishes new images for each release across a variety of platforms and hosting providers. Each channel has it's own set of images ([stable], [beta], [alpha]) that are posted to our storage site. Along with each image, a signature is generated from the [CoreOS Image Signing Key][signing-key] and posted. + +[signing-key]: {{site.baseurl}}/security/image-signing-key +[stable]: http://stable.release.core-os.net/amd64-usr/current/ +[beta]: http://beta.release.core-os.net/amd64-usr/current/ +[alpha]: http://alpha.release.core-os.net/amd64-usr/current/ + +After downloading your image, you should verify it with `gpg` tool. First, download the image signing key: + +```sh +curl -O https://coreos.com/security/image-signing-key/CoreOS_Image_Signing_Key.asc +``` + +Next, import the public key and verify that the ID matches the website: {{site.baseurl}}/security/image-signing-key + +```sh +gpg --import --keyid-format LONG CoreOS_Image_Signing_Key.asc +gpg: key 50E0885593D2DCB4: public key "CoreOS Buildbot (Offical Builds) " imported +gpg: Total number processed: 1 +gpg: imported: 1 (RSA: 1) +gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model +gpg: depth: 0 valid: 2 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 2u +``` + +Now we're ready to download an image and it's signature, ending in .sig. We're using the QEMU image in this example: + +```sh +curl -O http://stable.release.core-os.net/amd64-usr/current/coreos_production_qemu_image.img.bz2 +curl -O http://stable.release.core-os.net/amd64-usr/current/coreos_production_qemu_image.img.bz2.sig +``` + +Verify image with `gpg` tool: + +```sh +gpg --verify coreos_production_qemu_image.img.bz2.sig +gpg: Signature made Tue Jun 23 09:39:04 2015 CEST using RSA key ID E5676EFC +gpg: Good signature from "CoreOS Buildbot (Offical Builds) " +``` + +The `Good signature` message indicates that the file signature is valid. Go launch some machines now that we've successfully verified that this CoreOS image isn't corrupt, that it was authored by CoreOS, and wasn't tampered with in transit. From 8d16c11ffb0d283c906265cbc911254a29183201 Mon Sep 17 00:00:00 2001 From: kayrus Date: Tue, 7 Jul 2015 19:21:23 +0200 Subject: [PATCH 0511/1291] Updated etcd2 port in examples, added NFS share mount example Added etcdctl description into quickstart guide Renamed etcd unit into etcd2 --- .../setup/mounting-storage/index.md | 30 +++++++++++++++++++ quickstart/index.md | 24 +++++++++++---- 2 files changed, 49 insertions(+), 5 deletions(-) diff --git a/cluster-management/setup/mounting-storage/index.md b/cluster-management/setup/mounting-storage/index.md index e3d8c4c92..dafe53b89 100644 --- a/cluster-management/setup/mounting-storage/index.md +++ b/cluster-management/setup/mounting-storage/index.md @@ -108,6 +108,36 @@ coreos: Note the declaration of `ConditionPathExists=!/var/lib/docker.btrfs`. Without this line, systemd would reformat the btrfs filesystem every time the machine starts. +## Mounting NFS shares + +This example will show how you can mount NFS share. First of all we will enable rpc-statd for NFS host monitoring. Then we will mount `/var/www` share into local `/var/www` path. Please pay attention on the unit name `var-www.mount` it should correspend to mount path `/var/www`. + +```yaml +#cloud-config +coreos: + units: + - name: rpc-statd.service + command: start + enable: true + - name: var-www.mount + command: start + content: | + [Mount] + What=nfs.example.com:/var/www + Where=/var/www + Type=nfs +``` + +If you would like to add NFS mount as dependency for certain unit you have to use these options: + +```yaml +[Unit] +After=var-www.mount +Requires=var-www.mount +``` + +If the mount point can't be mounted correctly, the dependent unit will not start. + ## Further Reading Read the [full docs](http://www.freedesktop.org/software/systemd/man/systemd.mount.html) to learn about the available options. Examples specific to [EC2]({{site.baseurl}}/docs/running-coreos/cloud-providers/ec2/#instance-storage), [Google Compute Engine]({{site.baseurl}}/docs/running-coreos/cloud-providers/google-compute-engine/#additional-storage) and [Rackspace Cloud]({{site.baseurl}}/docs/running-coreos/cloud-providers/rackspace/#mount-data-disk) can be used as a starting point. diff --git a/quickstart/index.md b/quickstart/index.md index 00ab52841..a8796b3c6 100644 --- a/quickstart/index.md +++ b/quickstart/index.md @@ -57,11 +57,11 @@ ssh_authorized_keys: - ssh-rsa AAAA... coreos: units: - - name: etcd.service + - name: etcd2.service command: start - name: fleet.service command: start - etcd: + etcd2: # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 # specify the initial size of your cluster with ?size=X discovery: https://discovery.etcd.io/ @@ -69,18 +69,32 @@ coreos: In order to get the discovery token, visit [https://discovery.etcd.io/new](https://discovery.etcd.io/new) and you will receive a URL including your token. Paste the whole thing into your cloud-config file. -The API is easy to use. From a CoreOS machine, you can simply use curl to set and retrieve a key from etcd: +`etcdctl` is a command line interface to etcd that is preinstalled on CoreOS. To set and retrieve a key from etcd you can use the following examples: Set a key `message` with value `Hello world`: ```sh -curl -L http://127.0.0.1:4001/v2/keys/message -XPUT -d value="Hello world" +etcdctl set /message "Hello world" ``` Read the value of `message` back: ```sh -curl -L http://127.0.0.1:4001/v2/keys/message +etcdctl get /message +``` + +You can also use simple `curl`. These examples correspond to previous ones: + +Set the value: + +```sh +curl -L http://127.0.0.1:2379/v2/keys/message -XPUT -d value="Hello world" +``` + +Read the value: + +```sh +curl -L http://127.0.0.1:2379/v2/keys/message ``` If you followed a guide to set up more than one CoreOS machine, you can SSH into another machine and can retrieve this same value. From b6bb2b24fad62df8cc01e96aa6a1e0f21b775bdd Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Fri, 10 Jul 2015 13:14:24 -0600 Subject: [PATCH 0512/1291] cluster-management: fix broken link --- cluster-management/setup/verify-images/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster-management/setup/verify-images/index.md b/cluster-management/setup/verify-images/index.md index 2c3807398..115f376f6 100644 --- a/cluster-management/setup/verify-images/index.md +++ b/cluster-management/setup/verify-images/index.md @@ -22,7 +22,7 @@ After downloading your image, you should verify it with `gpg` tool. First, downl curl -O https://coreos.com/security/image-signing-key/CoreOS_Image_Signing_Key.asc ``` -Next, import the public key and verify that the ID matches the website: {{site.baseurl}}/security/image-signing-key +Next, import the public key and verify that the ID matches the website: [CoreOS Image Signing Key][signing-key] ```sh gpg --import --keyid-format LONG CoreOS_Image_Signing_Key.asc From 6bc261ea57dc25480f9ef9d37c821855951addd7 Mon Sep 17 00:00:00 2001 From: kayrus Date: Mon, 13 Jul 2015 12:42:41 +0200 Subject: [PATCH 0513/1291] Updated etcd doc, fixed etcd examples --- .../network-config-with-networkd/index.md | 14 +++--- .../customize-etcd-unit/index.md | 4 +- .../getting-started-with-etcd/index.md | 5 --- .../getting-started-with-systemd/index.md | 2 +- running-coreos/cloud-providers/ec2/index.md | 44 ++++++++++++------- .../google-compute-engine/index.md | 20 ++++++--- .../cloud-providers/niftycloud/JA_JP/index.md | 2 +- .../cloud-providers/niftycloud/index.md | 2 +- .../cloud-providers/rackspace/index.md | 2 +- .../cloud-providers/vexxhost/index.md | 4 +- running-coreos/platforms/vagrant/index.md | 24 +++++++--- 11 files changed, 76 insertions(+), 47 deletions(-) diff --git a/cluster-management/setup/network-config-with-networkd/index.md b/cluster-management/setup/network-config-with-networkd/index.md index 3ee0bcaab..dcabd3553 100644 --- a/cluster-management/setup/network-config-with-networkd/index.md +++ b/cluster-management/setup/network-config-with-networkd/index.md @@ -42,15 +42,19 @@ Setting up static networking in your cloud-config can be done by writing out the #cloud-config coreos: - etcd: + etcd2: # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 # specify the initial size of your cluster with ?size=X discovery: https://discovery.etcd.io/ # multi-region and multi-cloud deployments need to use $public_ipv4 - addr: 10.0.0.101:4001 - peer-addr: 10.0.0.101:7001 + advertise-client-urls: http://$private_ipv4:2379,http://$private_ipv4:4001 + initial-advertise-peer-urls: http://$private_ipv4:2380 + # listen on both the official ports and the legacy ports + # legacy ports can be omitted if your application doesn't depend on them + listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001 + listen-peer-urls: http://$private_ipv4:2380 units: - - name: etcd.service + - name: etcd2.service command: start - name: fleet.service command: start @@ -97,4 +101,4 @@ To apply the configuration, run `sudo systemctl restart systemd-networkd`. Check ## Further Reading -If you're interested in more general networkd features, check out the [full documentation](http://www.freedesktop.org/software/systemd/man/systemd-networkd.service.html). \ No newline at end of file +If you're interested in more general networkd features, check out the [full documentation](http://www.freedesktop.org/software/systemd/man/systemd-networkd.service.html). diff --git a/distributed-configuration/customize-etcd-unit/index.md b/distributed-configuration/customize-etcd-unit/index.md index ba4f7702c..9f6abb4b2 100644 --- a/distributed-configuration/customize-etcd-unit/index.md +++ b/distributed-configuration/customize-etcd-unit/index.md @@ -17,7 +17,7 @@ etcd supports client certificates as a way to provide secure communication betwe This site has a [good reference for how to generate self-signed key pairs](http://www.g-loaded.eu/2005/11/10/be-your-own-ca/) or you could use [etcd-ca](https://github.com/coreos/etcd-ca) to generate certs and keys. -We need to create our drop-in unit in `/etc/systemd/system/etcd.service.d/`. If you run `systemctl status etcd` you can see that CoreOS is already generating a few drop-in units for etcd as part of the OEM and cloudinit processes. To ensure that our drop-in runs after these, we name it `30-certificates.conf` and place them in `/etc/systemd/system/etcd.service.d/`. +We need to create our drop-in unit in `/etc/systemd/system/etcd.service.d/`. If you run `systemctl status etcd2` you can see that CoreOS is already generating a few drop-in units for etcd as part of the OEM and cloudinit processes. To ensure that our drop-in runs after these, we name it `30-certificates.conf` and place them in `/etc/systemd/system/etcd2.service.d/`. #### 30-certificates.conf @@ -43,7 +43,7 @@ Cloud-config has a parameter that will place the contents of a file on disk. We' #cloud-config write_files: - - path: /etc/systemd/system/etcd.service.d/30-certificates.conf + - path: /etc/systemd/system/etcd2.service.d/30-certificates.conf permissions: 0644 content: | [Service] diff --git a/distributed-configuration/getting-started-with-etcd/index.md b/distributed-configuration/getting-started-with-etcd/index.md index 140d4f00a..8bd27720c 100644 --- a/distributed-configuration/getting-started-with-etcd/index.md +++ b/distributed-configuration/getting-started-with-etcd/index.md @@ -161,11 +161,6 @@ $ etcdctl set /foo-service/container3 localhost:2222 localhost:2222 ``` -```sh -$ curl -L -X PUT http://127.0.0.1:4001/v2/keys/foo-service/container3 -d value="localhost:2222" -{"action":"set","node":{"key":"/foo-service/container3","value":"localhost:2222","modifiedIndex":23,"createdIndex":23}} -``` - In the first window, you should get the notification that the key has changed. We have used `$ETCD_WATCH_*` environment variables which were set by `etcdctl`. ```sh diff --git a/launching-containers/launching/getting-started-with-systemd/index.md b/launching-containers/launching/getting-started-with-systemd/index.md index d521758d4..da2d08226 100644 --- a/launching-containers/launching/getting-started-with-systemd/index.md +++ b/launching-containers/launching/getting-started-with-systemd/index.md @@ -101,7 +101,7 @@ When the service is told to stop, we need to stop the docker container using its ```ini [Unit] Description=My Advanced Service -After=etcd.service +After=etcd2.service After=docker.service [Service] diff --git a/running-coreos/cloud-providers/ec2/index.md b/running-coreos/cloud-providers/ec2/index.md index 1ee5fb3f2..8793bc5f7 100644 --- a/running-coreos/cloud-providers/ec2/index.md +++ b/running-coreos/cloud-providers/ec2/index.md @@ -150,7 +150,7 @@ coreos: # listen on both the official ports and the legacy ports # legacy ports can be omitted if your application doesn't depend on them listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001 - listen-peer-urls: http://$private_ipv4:2380 + listen-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001 units: - name: etcd2.service command: start @@ -286,15 +286,19 @@ First we need to create a security group to allow CoreOS instances to communicat #cloud-config coreos: - etcd: + etcd2: # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 # specify the initial size of your cluster with ?size=X - discovery: https://discovery.etcd.io/<token> + discovery: https://discovery.etcd.io/ # multi-region and multi-cloud deployments need to use $public_ipv4 - addr: $private_ipv4:4001 - peer-addr: $private_ipv4:7001 + advertise-client-urls: http://$private_ipv4:2379,http://$private_ipv4:4001 + initial-advertise-peer-urls: http://$private_ipv4:2380 + # listen on both the official ports and the legacy ports + # legacy ports can be omitted if your application doesn't depend on them + listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001 + listen-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001 units: - - name: etcd.service + - name: etcd2.service command: start - name: fleet.service command: start @@ -361,15 +365,19 @@ coreos: #cloud-config coreos: - etcd: + etcd2: # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 # specify the initial size of your cluster with ?size=X - discovery: https://discovery.etcd.io/<token> + discovery: https://discovery.etcd.io/ # multi-region and multi-cloud deployments need to use $public_ipv4 - addr: $private_ipv4:4001 - peer-addr: $private_ipv4:7001 + advertise-client-urls: http://$private_ipv4:2379,http://$private_ipv4:4001 + initial-advertise-peer-urls: http://$private_ipv4:2380 + # listen on both the official ports and the legacy ports + # legacy ports can be omitted if your application doesn't depend on them + listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001 + listen-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001 units: - - name: etcd.service + - name: etcd2.service command: start - name: fleet.service command: start @@ -436,15 +444,19 @@ coreos: #cloud-config coreos: - etcd: + etcd2: # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 # specify the initial size of your cluster with ?size=X - discovery: https://discovery.etcd.io/<token> + discovery: https://discovery.etcd.io/ # multi-region and multi-cloud deployments need to use $public_ipv4 - addr: $private_ipv4:4001 - peer-addr: $private_ipv4:7001 + advertise-client-urls: http://$private_ipv4:2379,http://$private_ipv4:4001 + initial-advertise-peer-urls: http://$private_ipv4:2380 + # listen on both the official ports and the legacy ports + # legacy ports can be omitted if your application doesn't depend on them + listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001 + listen-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001 units: - - name: etcd.service + - name: etcd2.service command: start - name: fleet.service command: start diff --git a/running-coreos/cloud-providers/google-compute-engine/index.md b/running-coreos/cloud-providers/google-compute-engine/index.md index 2f6b4192f..b477dabe3 100644 --- a/running-coreos/cloud-providers/google-compute-engine/index.md +++ b/running-coreos/cloud-providers/google-compute-engine/index.md @@ -140,11 +140,19 @@ metadata: fingerprint: Gi4UKHu-LKk= items: - key: user-data - value: "#cloud-config\n\ncoreos:\n etcd:\n # generate a new token for each\ - \ unique cluster from https://discovery.etcd.io/new\n discovery: https://discovery.etcd.io/8905e11767c1c7f4ee2b8b30c4b471b2\n\ - \ # multi-region and multi-cloud deployments need to use $public_ipv4\n \ - \ addr: $private_ipv4:4001\n peer-addr: $private_ipv4:7001\n units:\n\ - \ - name: etcd.service\n command: start\n - name: fleet.service\n\ + value: "#cloud-config\n\ncoreos:\n etcd2:\n\ + \ # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3\n\ + \ # specify the initial size of your cluster with ?size=X\n\ + \ discovery: https://discovery.etcd.io/\n\ + \ # multi-region and multi-cloud deployments need to use $public_ipv4\n\ + \ advertise-client-urls: http://$private_ipv4:2379,http://$private_ipv4:4001\n\ + \ initial-advertise-peer-urls: http://$private_ipv4:2380\n\ + \ # listen on both the official ports and the legacy ports\n\ + \ # legacy ports can be omitted if your application doesn't depend on them\n\ + \ listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001\n\ + \ listen-peer-urls: http://$private_ipv4:2380\n\ + \ units:\n\ + \ - name: etcd2.service\n command: start\n - name: fleet.service\n\ \ command: start\n" kind: compute#metadata name: rob1 @@ -174,4 +182,4 @@ zone: us-central1-a ## Using CoreOS Now that you have a machine booted it is time to play around. -Check out the [CoreOS Quickstart]({{site.baseurl}}/docs/quickstart) guide or dig into [more specific topics]({{site.baseurl}}/docs). \ No newline at end of file +Check out the [CoreOS Quickstart]({{site.baseurl}}/docs/quickstart) guide or dig into [more specific topics]({{site.baseurl}}/docs). diff --git a/running-coreos/cloud-providers/niftycloud/JA_JP/index.md b/running-coreos/cloud-providers/niftycloud/JA_JP/index.md index 640172954..c5262148a 100644 --- a/running-coreos/cloud-providers/niftycloud/JA_JP/index.md +++ b/running-coreos/cloud-providers/niftycloud/JA_JP/index.md @@ -36,7 +36,7 @@ coreos: listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001 listen-peer-urls: http://$private_ipv4:2380 units: - - name: etcd.service + - name: etcd2.service command: start - name: fleet.service command: start diff --git a/running-coreos/cloud-providers/niftycloud/index.md b/running-coreos/cloud-providers/niftycloud/index.md index 8294c45f3..d31b6df0e 100644 --- a/running-coreos/cloud-providers/niftycloud/index.md +++ b/running-coreos/cloud-providers/niftycloud/index.md @@ -37,7 +37,7 @@ coreos: listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001 listen-peer-urls: http://$private_ipv4:2380 units: - - name: etcd.service + - name: etcd2.service command: start - name: fleet.service command: start diff --git a/running-coreos/cloud-providers/rackspace/index.md b/running-coreos/cloud-providers/rackspace/index.md index 3228f5b83..840388f77 100644 --- a/running-coreos/cloud-providers/rackspace/index.md +++ b/running-coreos/cloud-providers/rackspace/index.md @@ -147,7 +147,7 @@ coreos: listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001 listen-peer-urls: http://$private_ipv4:2380 units: - - name: etcd.service + - name: etcd2.service command: start - name: fleet.service command: start diff --git a/running-coreos/cloud-providers/vexxhost/index.md b/running-coreos/cloud-providers/vexxhost/index.md index 85eae0ebd..b6d2a672b 100644 --- a/running-coreos/cloud-providers/vexxhost/index.md +++ b/running-coreos/cloud-providers/vexxhost/index.md @@ -59,9 +59,9 @@ coreos: # listen on both the official ports and the legacy ports # legacy ports can be omitted if your application doesn't depend on them listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001 - listen-peer-urls: http://$private_ipv4:2380 + listen-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001 units: - - name: etcd.service + - name: etcd2.service command: start - name: fleet.service command: start diff --git a/running-coreos/platforms/vagrant/index.md b/running-coreos/platforms/vagrant/index.md index fbf4423b4..6f4f95ef1 100644 --- a/running-coreos/platforms/vagrant/index.md +++ b/running-coreos/platforms/vagrant/index.md @@ -53,12 +53,13 @@ coreos: # specify the initial size of your cluster with ?size=X # WARNING: replace each time you 'vagrant destroy' discovery: https://discovery.etcd.io/ - advertise-client-urls: http://$public_ipv4:2379,http://$public_ipv4:4001 - initial-advertise-peer-urls: http://$public_ipv4:2380 + # multi-region and multi-cloud deployments need to use $public_ipv4 + advertise-client-urls: http://$private_ipv4:2379,http://$private_ipv4:4001 + initial-advertise-peer-urls: http://$private_ipv4:2380 # listen on both the official ports and the legacy ports # legacy ports can be omitted if your application doesn't depend on them listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001 - listen-peer-urls: http://$public_ipv4:2380 + listen-peer-urls: http://$private_ipv4:2380 fleet: public-ip: $public_ipv4 units: @@ -170,13 +171,22 @@ This cloud-config starts etcd and fleet when the machine is booted: #cloud-config coreos: - etcd: - addr: $public_ipv4:4001 - peer-addr: $public_ipv4:7001 + etcd2: + # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 + # specify the initial size of your cluster with ?size=X + # WARNING: replace each time you 'vagrant destroy' + discovery: https://discovery.etcd.io/ + # multi-region and multi-cloud deployments need to use $public_ipv4 + advertise-client-urls: http://$private_ipv4:2379,http://$private_ipv4:4001 + initial-advertise-peer-urls: http://$private_ipv4:2380 + # listen on both the official ports and the legacy ports + # legacy ports can be omitted if your application doesn't depend on them + listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001 + listen-peer-urls: http://$private_ipv4:2380 fleet: public-ip: $public_ipv4 units: - - name: etcd.service + - name: etcd2.service command: start - name: fleet.service command: start From 94455d7e7fbff9d5e09d86548066c725e1653cb4 Mon Sep 17 00:00:00 2001 From: kayrus Date: Mon, 13 Jul 2015 17:55:51 +0200 Subject: [PATCH 0514/1291] Added systemd-networkd hack --- .../network-config-with-networkd/index.md | 34 ++++++++++++++++++- 1 file changed, 33 insertions(+), 1 deletion(-) diff --git a/cluster-management/setup/network-config-with-networkd/index.md b/cluster-management/setup/network-config-with-networkd/index.md index dcabd3553..d73eb4fe6 100644 --- a/cluster-management/setup/network-config-with-networkd/index.md +++ b/cluster-management/setup/network-config-with-networkd/index.md @@ -70,7 +70,39 @@ coreos: Gateway=10.0.0.1 ``` -## Turn Off DHCP +### networkd and DHCP behavior + +By default, even if you've already set a static IP address and you have a working DHCP server in your network, systemd-networkd will nevertheless assign IP address using DHCP. If you would like to remove this address, you have to use the following cloud-config example: + +```yaml +#cloud-config + +coreos: + units: + - name: systemd-networkd.service + command: stop + - name: 00-eth0.network + runtime: true + content: | + [Match] + Name=eth0 + + [Network] + DNS=1.2.3.4 + Address=10.0.0.101/24 + Gateway=10.0.0.1 + - name: down-interfaces.service + command: start + content: | + [Service] + Type=oneshot + ExecStart=/usr/bin/ip link set eth0 down + ExecStart=/usr/bin/ip addr flush dev eth0 + - name: systemd-networkd.service + command: start +``` + +## Turn Off DHCP on specific interface If you'd like to use DHCP on all interfaces except `enp2s0`, create two files. They'll be checked in lexical order, as described in the [full network docs](http://www.freedesktop.org/software/systemd/man/systemd-networkd.service.html). Any interfaces matching during earlier files will be ignored during later files. From ef5b039de057f32543048edf339399de0ab57824 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Mon, 13 Jul 2015 11:32:28 -0700 Subject: [PATCH 0515/1291] *: shuffle locations ddsq --- coreupdate/configure-machines.md | 105 +++++++ coreupdate/getting-started.md | 193 +++++++++++++ coreupdate/img/Relationships.png | Bin 0 -> 40366 bytes coreupdate/img/coreupdate-group-default.png | Bin 0 -> 14193 bytes coreupdate/img/coreupdate-group.png | Bin 0 -> 55012 bytes coreupdate/on-premise-deployment.md | 210 ++++++++++++++ coreupdate/update-protocol.md | 112 ++++++++ coreupdate/updatectl-client.md | 270 ++++++++++++++++++ .../index.md => build-support.md} | 15 +- .../index.md => configure-machines.md} | 9 - .../{github-app/index.md => github-app.md} | 13 +- .../{github-auth/index.md => github-auth.md} | 13 +- .../index.md => github-build.md} | 15 +- .../{log-debugging => }/gzip-registry-logs.sh | 0 .../container-restart.png | Bin .../{initial-setup => img}/db-setup-full.png | Bin .../{initial-setup => img}/db-setup.png | Bin .../{github-auth => img}/enable-auth.png | Bin .../{build-support => img}/enable-build.png | Bin .../{github-build => img}/enable-trigger.png | Bin .../{build-support => img}/gear.png | Bin .../{github-build => img}/new-tag.png | Bin .../{github-app => img}/register-app.png | Bin .../{build-support => img}/superuser.png | Bin .../{github-app => img}/view-app.png | Bin .../{build-support => img}/workers.png | Bin .../index.md => initial-setup.md} | 13 +- .../index.md => log-debugging.md} | 11 +- .../index.md => mysql-container.md} | 8 - .../{mysql-container => }/provision_mysql.sh | 0 .../{log-debugging => }/tail-gunicorn-logs.sh | 0 .../getting-started-with-etcd.md | 0 .../index.md => flannel/flannel-config.md | 0 .../launching-containers-fleet.md | 0 .../adding-certificate-authorities.md | 9 - .../index.md => os/adding-disk-space.md | 10 - .../index.md => os/adding-users.md | 9 - .../auro/index.md => os/booting-on-auro.md | 9 - .../azure/index.md => os/booting-on-azure.md | 10 - .../index.md => os/booting-on-brightbox.md | 9 - .../index.md => os/booting-on-cloudstack.md | 9 - .../index.md => os/booting-on-digitalocean.md | 16 +- .../ec2/index.md => os/booting-on-ec2.md | 11 +- .../ecs/index.md => os/booting-on-ecs.md | 10 - .../index.md => os/booting-on-eucalyptus.md | 9 - .../index.md => os/booting-on-exoscale.md | 15 +- .../booting-on-google-compute-engine.md | 10 - .../index.md => os/booting-on-interoute.md | 9 - .../booting-on-niftycloud-JA_JP.md | 8 - .../index.md => os/booting-on-niftycloud.md | 9 - .../index.md => os/booting-on-openstack.md | 10 - .../index.md => os/booting-on-rackspace.md | 10 - .../index.md => os/booting-on-vagrant.md | 11 - .../index.md => os/booting-on-vexxhost.md | 9 - .../index.md => os/booting-on-virtualbox.md | 10 - .../index.md => os/booting-on-vmware.md | 12 +- .../vultr/index.md => os/booting-on-vultr.md | 9 - .../index.md => os/booting-with-ipxe.md | 11 - .../iso/index.md => os/booting-with-iso.md | 10 - .../index.md => os/booting-with-libvirt.md | 9 - .../index.md => os/booting-with-pxe.md | 11 - .../qemu/index.md => os/booting-with-qemu.md | 10 - .../index.md => os/btrfs-troubleshooting.md | 10 - .../index.md => os/cluster-architectures.md | 17 +- .../index.md => os/cluster-discovery.md | 9 - .../configuring-date-and-timezone.md | 9 - .../index.md => os/customize-etcd-unit.md | 9 - .../index.md => os/customizing-docker.md | 9 - .../index.md => os/customizing-sshd.md | 9 - .../deploy_coreos_libvirt.sh | 0 .../getting-started-with-docker.md | 10 - .../getting-started-with-systemd.md | 10 - .../cluster-architectures => os/img}/dev.png | Bin .../size.png => os/img/exoscale-size.png | Bin .../digitalocean => os/img}/image.png | Bin .../img}/laptop.png | Bin .../cluster-architectures => os/img}/prod.png | Bin .../digitalocean => os/img}/settings.png | Bin .../digitalocean => os/img}/size.png | Bin .../img}/small.png | Bin .../exoscale => os/img}/template.png | Bin .../img}/update-timeline.png | Bin .../exoscale => os/img}/userdata.png | Bin .../platforms/vmware => os/img}/vmware-ip.png | Bin .../index.md => os/install-debugging-tools.md | 10 - .../index.md => os/installing-to-disk.md | 11 - .../index.md => os/manual-rollbacks.md | 10 - .../index.md => os/mounting-storage.md | 9 - .../network-config-with-networkd.md | 9 - .../index.md => os/notes-for-distributors.md | 9 - .../index.md => os/other-settings.md | 9 - .../index.md => os/overview-of-systemctl.md | 10 - .../index.md => os/power-management.md | 10 - quickstart/index.md => os/quickstart.md | 7 - .../index.md => os/reading-the-system-log.md | 10 - .../index.md => os/registry-authentication.md | 9 - .../sdk-building-development-images.md | 9 - .../sdk-building-production-images.md | 9 - .../index.md => os/sdk-disk-partitions.md | 9 - .../index.md => os/sdk-modifying-coreos.md | 9 - .../index.md => os/sdk-testing-with-mantle.md | 9 - .../index.md => os/sdk-tips-and-tricks.md | 9 - .../index.md => os/switching-channels.md | 11 +- .../index.md => os/update-strategies.md | 9 - .../index.md => os/verify-images.md | 9 - 105 files changed, 916 insertions(+), 643 deletions(-) create mode 100644 coreupdate/configure-machines.md create mode 100644 coreupdate/getting-started.md create mode 100644 coreupdate/img/Relationships.png create mode 100644 coreupdate/img/coreupdate-group-default.png create mode 100644 coreupdate/img/coreupdate-group.png create mode 100644 coreupdate/on-premise-deployment.md create mode 100644 coreupdate/update-protocol.md create mode 100644 coreupdate/updatectl-client.md rename enterprise-registry/{build-support/index.md => build-support.md} (86%) rename enterprise-registry/{configure-machines/index.md => configure-machines.md} (93%) rename enterprise-registry/{github-app/index.md => github-app.md} (58%) rename enterprise-registry/{github-auth/index.md => github-auth.md} (69%) rename enterprise-registry/{github-build/index.md => github-build.md} (78%) rename enterprise-registry/{log-debugging => }/gzip-registry-logs.sh (100%) rename enterprise-registry/{initial-setup => img}/container-restart.png (100%) rename enterprise-registry/{initial-setup => img}/db-setup-full.png (100%) rename enterprise-registry/{initial-setup => img}/db-setup.png (100%) rename enterprise-registry/{github-auth => img}/enable-auth.png (100%) rename enterprise-registry/{build-support => img}/enable-build.png (100%) rename enterprise-registry/{github-build => img}/enable-trigger.png (100%) rename enterprise-registry/{build-support => img}/gear.png (100%) rename enterprise-registry/{github-build => img}/new-tag.png (100%) rename enterprise-registry/{github-app => img}/register-app.png (100%) rename enterprise-registry/{build-support => img}/superuser.png (100%) rename enterprise-registry/{github-app => img}/view-app.png (100%) rename enterprise-registry/{build-support => img}/workers.png (100%) rename enterprise-registry/{initial-setup/index.md => initial-setup.md} (86%) rename enterprise-registry/{log-debugging/index.md => log-debugging.md} (77%) rename enterprise-registry/{mysql-container/index.md => mysql-container.md} (89%) rename enterprise-registry/{mysql-container => }/provision_mysql.sh (100%) rename enterprise-registry/{log-debugging => }/tail-gunicorn-logs.sh (100%) rename distributed-configuration/getting-started-with-etcd/index.md => etcd/getting-started-with-etcd.md (100%) rename cluster-management/setup/flannel-config/index.md => flannel/flannel-config.md (100%) rename launching-containers/launching/launching-containers-fleet/index.md => fleet/launching-containers-fleet.md (100%) rename cluster-management/setup/adding-certificate-authorities/index.md => os/adding-certificate-authorities.md (67%) rename cluster-management/scaling/adding-disk-space/index.md => os/adding-disk-space.md (91%) rename cluster-management/setup/adding-users/index.md => os/adding-users.md (89%) rename running-coreos/cloud-providers/auro/index.md => os/booting-on-auro.md (97%) rename running-coreos/cloud-providers/azure/index.md => os/booting-on-azure.md (97%) rename running-coreos/cloud-providers/brightbox/index.md => os/booting-on-brightbox.md (96%) rename running-coreos/platforms/cloudstack/index.md => os/booting-on-cloudstack.md (94%) rename running-coreos/cloud-providers/digitalocean/index.md => os/booting-on-digitalocean.md (96%) rename running-coreos/cloud-providers/ec2/index.md => os/booting-on-ec2.md (98%) rename running-coreos/cloud-providers/ecs/index.md => os/booting-on-ecs.md (94%) rename running-coreos/platforms/eucalyptus/index.md => os/booting-on-eucalyptus.md (94%) rename running-coreos/cloud-providers/exoscale/index.md => os/booting-on-exoscale.md (95%) rename running-coreos/cloud-providers/google-compute-engine/index.md => os/booting-on-google-compute-engine.md (97%) rename running-coreos/cloud-providers/interoute/index.md => os/booting-on-interoute.md (97%) rename running-coreos/cloud-providers/niftycloud/JA_JP/index.md => os/booting-on-niftycloud-JA_JP.md (98%) rename running-coreos/cloud-providers/niftycloud/index.md => os/booting-on-niftycloud.md (96%) rename running-coreos/platforms/openstack/index.md => os/booting-on-openstack.md (97%) rename running-coreos/cloud-providers/rackspace/index.md => os/booting-on-rackspace.md (98%) rename running-coreos/platforms/vagrant/index.md => os/booting-on-vagrant.md (98%) rename running-coreos/cloud-providers/vexxhost/index.md => os/booting-on-vexxhost.md (97%) rename running-coreos/platforms/virtualbox/index.md => os/booting-on-virtualbox.md (96%) rename running-coreos/platforms/vmware/index.md => os/booting-on-vmware.md (95%) rename running-coreos/cloud-providers/vultr/index.md => os/booting-on-vultr.md (96%) rename running-coreos/bare-metal/booting-with-ipxe/index.md => os/booting-with-ipxe.md (97%) rename running-coreos/platforms/iso/index.md => os/booting-with-iso.md (94%) rename running-coreos/platforms/libvirt/index.md => os/booting-with-libvirt.md (97%) rename running-coreos/bare-metal/booting-with-pxe/index.md => os/booting-with-pxe.md (97%) rename running-coreos/platforms/qemu/index.md => os/booting-with-qemu.md (96%) rename cluster-management/debugging/btrfs-troubleshooting/index.md => os/btrfs-troubleshooting.md (96%) rename cluster-management/setup/cluster-architectures/index.md => os/cluster-architectures.md (94%) rename cluster-management/setup/cluster-discovery/index.md => os/cluster-discovery.md (98%) rename cluster-management/setup/configuring-date-and-timezone/index.md => os/configuring-date-and-timezone.md (95%) rename distributed-configuration/customize-etcd-unit/index.md => os/customize-etcd-unit.md (94%) rename launching-containers/building/customizing-docker/index.md => os/customizing-docker.md (96%) rename cluster-management/setup/customizing-sshd/index.md => os/customizing-sshd.md (87%) rename running-coreos/platforms/libvirt/deploy_coreos_cluster.sh => os/deploy_coreos_libvirt.sh (100%) rename launching-containers/building/getting-started-with-docker/index.md => os/getting-started-with-docker.md (96%) rename launching-containers/launching/getting-started-with-systemd/index.md => os/getting-started-with-systemd.md (97%) rename {cluster-management/setup/cluster-architectures => os/img}/dev.png (100%) rename running-coreos/cloud-providers/exoscale/size.png => os/img/exoscale-size.png (100%) rename {running-coreos/cloud-providers/digitalocean => os/img}/image.png (100%) rename {cluster-management/setup/cluster-architectures => os/img}/laptop.png (100%) rename {cluster-management/setup/cluster-architectures => os/img}/prod.png (100%) rename {running-coreos/cloud-providers/digitalocean => os/img}/settings.png (100%) rename {running-coreos/cloud-providers/digitalocean => os/img}/size.png (100%) rename {cluster-management/setup/cluster-architectures => os/img}/small.png (100%) rename {running-coreos/cloud-providers/exoscale => os/img}/template.png (100%) rename {cluster-management/setup/switching-channels => os/img}/update-timeline.png (100%) rename {running-coreos/cloud-providers/exoscale => os/img}/userdata.png (100%) rename {running-coreos/platforms/vmware => os/img}/vmware-ip.png (100%) rename cluster-management/debugging/install-debugging-tools/index.md => os/install-debugging-tools.md (88%) rename running-coreos/bare-metal/installing-to-disk/index.md => os/installing-to-disk.md (95%) rename cluster-management/debugging/manual-rollbacks/index.md => os/manual-rollbacks.md (96%) rename cluster-management/setup/mounting-storage/index.md => os/mounting-storage.md (96%) rename cluster-management/setup/network-config-with-networkd/index.md => os/network-config-with-networkd.md (93%) rename sdk-distributors/distributors/notes-for-distributors/index.md => os/notes-for-distributors.md (94%) rename cluster-management/setup/other-settings/index.md => os/other-settings.md (94%) rename launching-containers/launching/overview-of-systemctl/index.md => os/overview-of-systemctl.md (93%) rename cluster-management/scaling/power-management/index.md => os/power-management.md (88%) rename quickstart/index.md => os/quickstart.md (98%) rename cluster-management/debugging/reading-the-system-log/index.md => os/reading-the-system-log.md (92%) rename launching-containers/building/registry-authentication/index.md => os/registry-authentication.md (90%) rename sdk-distributors/sdk/building-development-images/index.md => os/sdk-building-development-images.md (91%) rename sdk-distributors/sdk/building-production-images/index.md => os/sdk-building-production-images.md (96%) rename sdk-distributors/sdk/disk-partitions/index.md => os/sdk-disk-partitions.md (94%) rename sdk-distributors/sdk/modifying-coreos/index.md => os/sdk-modifying-coreos.md (96%) rename sdk-distributors/sdk/mantle/index.md => os/sdk-testing-with-mantle.md (89%) rename sdk-distributors/sdk/tips-and-tricks/index.md => os/sdk-tips-and-tricks.md (96%) rename cluster-management/setup/switching-channels/index.md => os/switching-channels.md (82%) rename cluster-management/setup/update-strategies/index.md => os/update-strategies.md (97%) rename cluster-management/setup/verify-images/index.md => os/verify-images.md (90%) diff --git a/coreupdate/configure-machines.md b/coreupdate/configure-machines.md new file mode 100644 index 000000000..2dff51454 --- /dev/null +++ b/coreupdate/configure-machines.md @@ -0,0 +1,105 @@ +# Configure Machines to Use CoreUpdate + +Configuring new or existing CoreOS machines to communicate with a [CoreUpdate](https://coreos.com/products/coreupdate) instance is a simple change to a configuration file. + +## New Machines + +New servers can be configured to communicate with your CoreUpdate installation by using [cloud-config](https://coreos.com/docs/cluster-management/setup/cloudinit-cloud-config). + +By default, your installation has a single application, CoreOS, with the identifier `e96281a6-d1af-4bde-9a0a-97b76e56dc57`. This ID is universal and all CoreOS machines are configured to use it. Within the CoreOS application, there are several application groups which have been created to match CoreOS channels with the indentifiers `alpha`, `beta`, and `stable`. + +In addition to the default groups, you may choose to create your own group that is configured to use a specific channel, rate-limit and other settings. Groups that you create will have a unique identifier that is a generated UUID or you may provide a custom string. + +To place a CoreOS machine in one of these groups, you must configure the update settings via cloud-config or a file on disk. + +### Join Preconfigured Group + +Set the value of `server` to the custom address of your installation and `group` to one of the default application groups: `alpha`, `beta`, or `stable`. + +For example, here is what the Alpha group looks like in CoreUpdate: + +![CoreUpdate Group](img/coreupdate-group-default.png) + +Here's the cloud-config to use: + +``` +#cloud-config + +coreos: + update: + group: alpha + server: https://customer.update.core-os.net/v1/update/ +``` + +### Join Custom Group + +Set the value of `server` to the custom address of your installation and `group` to the unique identifier of your application group. + +For example, here is what "NYC Production" looks like in CoreUpdate: + +![CoreUpdate Group](img/coreupdate-group.png) + +Here's the cloud-config to use: + +``` +#cloud-config + +coreos: + update: + group: 0a809ab1-c01c-4a6b-8ac8-6b17cb9bae09 + server: https://customer.update.core-os.net/v1/update/ +``` + +More information can be found in the [cloud-config guide](http://coreos.com/docs/cluster-management/setup/cloudinit-cloud-config/#coreos). + +## Existing Machines + +To change the update of existing machines, edit `/etc/coreos/update.conf` with your favorite editor and provide the `SERVER=` and `GROUP=` values: + +``` +GROUP=0a809ab1-c01c-4a6b-8ac8-6b17cb9bae09 +SERVER=https://customer.update.core-os.net/v1/update/ +``` + +To apply the changes, run: + +``` +sudo systemctl restart update-engine +``` + +In addition to `GROUP=` and `SERVER=`, a few other internal values exist, but are set to defaults. You shouldn't have to modify these. + +`COREOS_RELEASE_APPID`: the CoreOS app ID, `e96281a6-d1af-4bde-9a0a-97b76e56dc57` + +`COREOS_RELEASE_VERSION`: defaults to the version of CoreOS you're running + +`COREOS_RELEASE_BOARD`: defaults to `amd64-usr` + +## Viewing Machines in CoreUpdate + +Each machine should check in about 10 minutes after boot and roughly every hour after that. If you'd like to see it sooner, you can force an update check, which will skip any rate-limiting settings that are configured. + +### Force Update in Background + +``` +$ update_engine_client -check_for_update +[0123/220706:INFO:update_engine_client.cc(245)] Initiating update check and install. +``` + +### Force Update in Foreground + +If you want to see what's going on behind the scenes, you can watch the ouput in the foreground: + +``` +$ update_engine_client -update +[0123/222449:INFO:update_engine_client.cc(245)] Initiating update check and install. +[0123/222449:INFO:update_engine_client.cc(250)] Waiting for update to complete. +LAST_CHECKED_TIME=0 +PROGRESS=0.000000 +CURRENT_OP=UPDATE_STATUS_IDLE +NEW_VERSION=0.0.0.0 +NEW_SIZE=0 +[0123/222454:ERROR:update_engine_client.cc(189)] Update failed. +``` + +Be aware that the "failed update" means that there isn't a newer version to install. diff --git a/coreupdate/getting-started.md b/coreupdate/getting-started.md new file mode 100644 index 000000000..dc6172daa --- /dev/null +++ b/coreupdate/getting-started.md @@ -0,0 +1,193 @@ +# Getting Started with the Update Service + +The update service is a tool that helps you manage large-scale rolling upgrades of software. The service consists of three main parts: + +1. A distributed web application that runs on top of fleet and docker. +2. [updateservicectl](https://github.com/coreos/updateservicectl/releases) a CLI interface to the service +3. Communication specification for your applications to report their current status and receive notifications of an available update. + +The update service is based on an open protocol from Google. This protocol powers updates for the Chrome browser, ChromeOS, Google Earth and more. + +## Accessing the Update Service + +The update service is an optional hosted service provided by CoreOS and is not included in a standard CoreOS cluster. Head over to the [Update Service](https://coreos.com/products) page for more details. + +Authentication for `updateservicectl` is done with a username and API key combination. Additional users and API keys can be provisioned by an existing user. Substitute the server address you were given during the activation process: + +``` +updateservicectl -user user@example.com -key d3b07384d113edec49eaa6238ad5ff00 -server https://example.update.core-os.net +``` + +Since you'll have to provide these flags each time, it's recommended that you set up an alias in your bash profile. We'll assume that you've done this for the rest of this document: + +``` +alias updateservicectl="/bin/updateservicectl -user user@example.com -key d3b07384d113edec49eaa6238ad5ff00 -server https://example.update.core-os.net" +``` +You may also specify these via the `UPDATECTL_USER`, `UPDATECTL_KEY`, +and `UPDATECTL_SERVER` environment variables. + + +## Anatomy of an Update + +Let's walk through the different parts of an update then use `updateservicectl` to simulate the release of an update. + +### Application + +You can use the update service to facilitate the roll-out of a new version of any application. An application is made up of group of instances. Each instance reports a unique identifier, version, group ID and status to the application via an updater. + +You can view the current list of applications with `updateservicectl app list`: + +``` +$ updateservicectl app list +``` + +### Group + +Applications contain groups of instances that are related. Groups are designed to be flexible and can reflect your company's preferred organizational scheme. Common examples include groups by business unit, team, location, or environment. Each group has separate settings such as the ability to roll-out updates at a specific rate, be paused or unpaused and track a specific channel of the application. + +For example, if multiple teams have deployed a distributed database, each team can control how +quickly a new version is rolled out based on their specific needs. Updates can also be paused per group +if a team doesn't want any updates. + +``` +updateservicectl group list --app-id= +``` + +### Channel + +Each application can specify channels, such as alpha or beta, that can be updated to refer to different packages. Channels allow you to upload a new beta package and have it rolled out to all groups that track the beta channel, with one command. + +``` +updateservicectl channel list --app-id= +``` + +### Updater + +The updater is a small application that implements the update protocol. This code normally runs inside a separate container running "beside" the container of the application that is being updated. The updater is responsible for periodically reporting information about the instance. If an update is available, the response will contain a location to fetch the update package from plus information required to validate the package. + +All of the logic that controls how the release is rolled-out lives in the update service in order for the updaters to be as simple as possible. The updater's job is fairly straightforward: + +| Action | Description | +|--------|-------------| +| Send Request | Send current information about the instance to the update service. | +| Parse Response | Parse the response from the update service and determine any action that needs to take place. | +| Download and Verify Package | Download the package from the specified location and verify its signatures. | +| Send Progress | As a package is being downloaded or installed, send download progress and status to the update service. | +| Execute Update | Install the package and verify that it installed correctly. | +| Execute Healthcheck | Carry out a health check on the application to make sure it was installed and initialized correctly. | +| Send Update Complete | Once a package is successfully installed, tell the update service that everything was successful. | +| Send Update Error | If an error occurs during the package download or verification, or during update execution or health check, report an error. | + +### Package + +A package is a pointer to a signed blob of data that is stored somewhere accessible by your application instances. Each package is tied to an application ID and a semantic version number. + +When an out-of-date app instance is notified of an update, it is told where to find the data and how to validate that data. Each application's updater can contain customized logic to download and apply the update. + +For example, a webapp container could be stored in a private docker registry and the update response contains the full address to the registry and a specific tag to pull: `index.example.com/webapp:1.2.1`. The updater would be programmed to `docker pull` the image. If everything goes well, the updater sends the update complete event to the update service informing it that the new version is running. + +### Relationship Diagram + +![Relationship Diagram](img/Relationships.png) + +## Test Update with Fake Clients + +The easiest way to illustrate how these concepts work together is to trigger an example with some simulated clients. You can do this with either the UI or via `updateservicectl`, which is what we're going to use. + +### Create an Application, Channel and Group + +First set up a new application with a unique identifier, label, and description: + +``` +updateservicectl app create --app-id=e96281a6-d1af-4bde-9a0a-97b76e56dc57 \ + --label="FakeApp" --description="Fake app for testing" +``` + +You should now see it in the list of apps: + +``` +$updateservicectl app list +Id Label Description +e96281a6-d1af-4bde-9a0a-97b76e56dc56 FakeApp Fake app for testing +f217d8ba-76e6-4b07-8136-049c54b30f21 CoreOS Linux for Servers +``` + +Next, create a channel that our group of fake clients will track. Let's call it `master` and start it out on version `1.0.0`: + +``` +updateservicectl channel create --app-id=e96281a6-d1af-4bde-9a0a-97b76e56dc57 \ + --channel=master --version=1.0.0 +``` + +Next, create a group that we'll associate our fake clients with. Be +sure to include the app id, the `master` channel, an ID and a friendly label. + +``` +$ updateservicectl group create --app-id=e96281a6-d1af-4bde-9a0a-97b76e56dc57 + --channel=master --group-id=fake1 --label="Fake Clients" +``` + +### Uploading and Signing a Package + +Now that we have our application, group and channel set up, we can almost test an upgrade. The last step is to load in a new package. In this example, the new package will be fake, with an incremented version. + +Start by preparing a fake `update.gz`: + +``` +touch update-1.1.0.gz +``` + +You can now use the `new-package` command to publish this fake package as version `1.1.0` (with a fake URL): + +``` +updateservicectl package create --app-id=e96281a6-d1af-4bde-9a0a-97b76e56dc57 \ + --version=1.1.0 \ + --file=update-1.1.0.gz \ + --url=https://fakepackage.local/update-1.1.0.gz +``` + +### Start Fake Clients + +`updateservicectl` contains a tool to help you simulate many fake clients running your application. We're going to start 10 fake clients that are checking for updates every 30-60 seconds. This is much much faster than usual but it will allow us to see our changes take place quickly. + +When we start the fake clients, we don't expect them to do anything since we're already on version `1.0.0`. In another terminal window, start the clients: + +``` +$ updateservicectl instance fake --clients-per-app=10 --min-sleep=30 \ + --max-sleep=60 --app-id=e96281a6-d1af-4bde-9a0a-97b76e56dc57 \ + --group-id=fake1 --version=1.0.0 +{fake-client-000}: noupdate +{fake-client-002}: noupdate +{fake-client-001}: noupdate +... +``` + +### Roll-out the Update + +Now let's see how the fake clients react when we promote the new package `1.1.0` to the master channel. First, let's set the rate limit of the group to slow down the roll-out. This will make it easier to see what's going on. Since we only have 10 clients, 2 updates per 60 seconds should be slow enough: + +``` +$ updateservicectl group update --app-id=e96281a6-d1af-4bde-9a0a-97b76e56dc57 \ +--group-id=fake1 --channel=master --update-count=2 --update-interval=60 +Fake Clients e96281a6-d1af-4bde-9a0a-97b76e56dc57 master fake1 false 2 60 +``` + +Next, promote our `1.1.0` release on the `master` channel: + +``` +$ updateservicectl channel update --app-id=e96281a6-d1af-4bde-9a0a-97b76e56dc57 --channel=master --version=1.1.0 +``` + +In the terminal window running the fake clients, you should see a few of them start to upgrade. The output looks like: + +``` +{fake-client-000}: updated from 1.0.0 to 1.1.0 +``` + +In the UI, navigate to the app and group, then click on "View All Graphs". You should see the instances slowly start to converge on version `1.1.0`: + +[screenshot] + +## Further Reading + +If you're ready to start writing a custom update client for your application, the [Omaha protocol spec](https://github.com/coreos/updateservicectl/blob/master/Documentation/protocol.md) is a good place to start. The complete list of update service docs can be [found here](https://github.com/coreos/updateservicectl/tree/master/Documentation). diff --git a/coreupdate/img/Relationships.png b/coreupdate/img/Relationships.png new file mode 100644 index 0000000000000000000000000000000000000000..3d99ec34315b468a98d15f4089f46fad4a320233 GIT binary patch literal 40366 zcmdSB1yoi2`!9GDl@tjH2?+(129YiSQ2{}^L6DN}4wY63NofHADUoiFjssEx(p}Qs zaG%5b`~T*5XYS0pv*ym4HG8f1RpG!nd++b}c|P^*z!$Plu49p5ArOe`&z?#sAP{H{ z2*l+(7?xfXV6SpVWz0iKQ`M8_h~*0UCOz{z4mO%69Qg^GNSW?{-|03D zcM3v{RE+4m2xMY9WUyZMXpOu!=G#-eSEDnyU$N(%xQTp_`^vH@_j!_|$_BycJL9$A z_s|Airki*riJ!d>U;cyF#?97Dy5j93AhvjxAE&5n^>mtA@Az0MxUl?+)PH5r{^g|DXJMlWNFtEsuqj6)UeP_ZH%(DK+NH z$5!vTi6>tZhZ{Z7`qUUL7QSFxuEjbyJx!}2ig4cQ9?+uw)YybNo~8AcQ zsmP?#8N5jQk!{R!zaDjnnVM!TI$TDm`OYsakPs73&&;S++<})OUdWp{N|5NeFWHt8 z6B9cpl2nT!5ZQzl`zh=yzTCu!Z{HpYq8c90yje;J<&e z{y@Q5@aaF_;+iK+x6K<3>TbS_ASyO`Vvip@hmBnrs7a1^qx^x}wP)$6C^j8zEV{PpF&za#!3P6ZIE;vH$0Prex;j4KDB2 z>#3?npP4;;_>en}CBnYz@@e|--@g}kT?>a+_G>6wmOQK}7BnM<%+rY$|Nh;oNFB4h zp>zp>$iHHWb3cz*xva79`i^<3$@0R`7hi>Ust*OFH%7)U`(SL+1$ZyGd}!k2o1<&Z(2MY7>MazC#u;sxs+(=n)Z8eaByIN_~uQMVvW?Er+Hfyc{22=bRi#6 zNB1CSOh@*;Ajwx;WFOwYANa1Vsi`^A-972j;&Hrpn2SKX3Ap^wuTl4d)JgH%M2p|# zR#lHM?z6CH7x)yL4Z@p+GsyKacbS?L55IeNS?npCt92fHEmkJ|oBQ33*?UH6!o%ngoRkz!ouS5-NH&HZeD6W@2Ju zVOd>X#I z0gp{^JTyy0EvRW4&ABz1iSt+`CkQk&G%#qm%Cy2%vK@FS;L`|pJvp+R%=9}TXsol* zQdb}Pl^}pglPHHjwCY$nX2}`D8$43&wjZ|iR;$)ih=GA&=lB|%RPqaFI$Ru_ZW6&R za-3_43qt6T2!u+&M00nkA@=WU1Y#d0@6a^r=R4CMMRkviAPbl~AI8Yghqo0*DtZOo zCd2XD+Oqx7q@bnsv89{lGAR{0ez#=1etvgd?7)CZq}1cWb|ey$#{SQ+-KgLTSL$20 zZi!)#wtFa4=xIJ3wv>pcM$?R|SYO&OCd&FAa*Vp&)QRx%Ih_njVRzofH$(_g2~SP#3GVLYTZxJpvV0V{!`H4czI7klfxE|#sX$#+P0@lc z#zpr0`SYML%hDlp;t!8W)zC5Ur=`_chvP9%z3gw&Pq*frn00n`>Zp^j=`i2B_eJii zp@BhnW9!<;*x2(AS-H6^OibGXYvRVKPxe@$6%l@YylaZKR2X?VQmUz7MPR*Z<{|xz zx|p0?*WT)gFF`Ps2&)!rQFVWRzfb6^mf+_yG7-_y@CA=lxok@*VIy7^!;OxKiFqb1EiEf+L~1m5c7iI6O21<%dy>!pZ?`>tzXg}d zF;>eMik3r`@Nwk&011>%YStAIT#lbMS`H2m$4&>PtVwbF@SFm1bkb!r!rKh6eCy#$ zL6Um9V}5>q+Y4O_v$If$%!dlnGBaNft)r^%WvIR!U;37^va)Izz1Qv-lZ#6WHDUSX2sjO?f&S|TkFr^;jfA{ zlo^R=B$8iXEK#&j^4ZSrEcNY#8miYC%F4)elSX8HLmljKoyEn)V`F3W0fO+m0&q{G z@hsBP(iXas_MaP*8ohie%1d$U)+P?mRon8DpKsADZl6RA4G(K5C`>z`$|kaag@py_ zg}SSF7}L@LCB3~0F)}KOisGuNMI)=O)rojw{y$!)v>DJ|nxCc+aLg$wQTco-uG`JI zRQTBkuW-mbUk#U%UjidDGc!4@#|^ent(+I2&o^r9!nhpWV`JL7y1H6gG8mtbbH=~o zX?&EFlw@ROqaq?U1a;NaoTuuq)(&PVWx!Hms7{hN&uh6o-^nD;f_T$!WME)m zWJC{V$Hy0=N7{w%-t=$O(r^Gj4Oa_uW(I+fySYC|OhV#2nE(CePelm=(VS%>VfT|RkH{X&UeU$(di8{ii(rk1IZIcN8c_CM@mKy4K3RS|v0g-6By}gZ% zjlH?K3B?idriFC19A5B6+T)TaPLJ0|xdlAFX=%h8h8BQp)6#F0>j60>$m*2|4)h0R zWh{?fMhFfqZb!o}S3!$L&e`)Xg?G!1pmqQ2-D-o{La|2Vmla4l< zbZB!{BI?5?i@V=?FesUB>eXOtcLyHYw$We4neP5 z!e|UD*`}342mk3_)bBm_t<6E;kidLr${kO)629zIEE$4cb zxmp;Q`kDe`kS;*&gK=|i?E9`au3x{N{ME_9!6j-bvVPlLT-;j+no!;X@2_=_CCr-A z4aRoMQh;N9TF}$i)pT{KzDgmGJ_nq`^YPzfb$5NqwGDKX`WrRzh#c1;kuBQwSOy{znyem+1jxBa#1&1Q1X zbxkFuul=Sx7Q?gFyxbPU66@2-5uHX%Y;3ijrxhyMLSAR?Ha7Wq`ur5QADZ+_N6?fp zU&i3+N{(dSKo_SX-hap|?D4muuJt=nY?xu!%7hIB!KjEeH zn_j;r4uGo7V47F96)WPlk8H*(^^(fUk(caT4<7;$JFd2R{W`PmB|9mO58hEqQPJ=0 zZ%*Sb{)R&(CEVV1-Fz! zD6kk%reBiILwS5F8~6D$29x&BZNaW>05`!aH8qbZd96jC-iNE=yqRLHrmntZ&CAY= z%XDSaQ0cVf{QIDSgw9#gn804`Uj6b&fp>gECktxXZjf&Z>cZO_cO^bGy@em%_EjZ& ze|2QPncT{REB3{ij2BtQuU{plrMgwlHbzE9kF5+iW8Q!G0N`9FZ~t@y8rkyhr@6~- ze(LA9&e@7RefBJ{Ngu!W0uus^INo13CY8)ox+ZtSz}fjTp2CY4c+(!y%#3&Lh(B#> zZQWS0{~RCx4^YEN<9cHai!|%|^8UM7`sS822D+1>yrZ)mweomd3>r#G%4^=qd3kK3 zWRlJ1+&nxy`#U>D#l>)QlKAZWxP3)E4(Fm5ekB~whRbPvk92i()Yne|cxGA*OASg- zo>qdas=E5?VhzB`4S>1p4!0LDY3Re3#;e^ZS}>=ecflp(A;r0R^(qOg7T&KL5w|g} zqkB~Hp^fq6q_}^0NQxuam5NQMa(STkW0u^SAWqnEYKk$N*Tcg)l2_-0A=uH1xHMn$ z^Yg2#t4m8uv$K)=$rNG%8oAstGH@*xcx73m;p^D=dRA8JuuLd${k2$Yt*0&n8wmaW z{rjCK!QH=DQhOGa(|b&y)$hoN1uRS~CP$~MWLH*JW@l$t%i>1-+CE7XayvRYBK6~Q zKlm|GdMoDa>?~U~Z%c69v9gH~7^+UW?c4{pnm_rkTEaX?A8~PUSyMReEXuon>oEzY z6i8Rd{QLK>i4@2P0D2ebc1q=;OVWHzNvSvC>ZNkMSB{|ma;^rQ-`JSp`O@Ozmvcv- zCp6Vpq;B|}^_f{%C}%1qkHR(il_a98ws?w6D=FEVtn+3@`sqA-^MV@gqQDI!@7Xiu zq2_bbLt9V1&8eL2U5laG!@-``_T(FHkaJrF1qD%2QKD~EU%k2$)c<#R*@2(Z<0uZV zx3_oe?0EeFPU_&YTs$w$6;^1d@{Ez(ah)&O)pAvmDahzuOZ*b+8FMQthS%FX`(Ed1 zDk>6oZPU@w2{^6YygaIGW@-vFp=zgBnyvQ4)_`thyjnB0r~4r6?2E5l;!GL9cmO8= z#=4~W1q6h=Tz)W*3=Q2svBgSUHnV20Uow=t7AUc`*pvDsYf@*aa6?=aU1QBeCp$EHBnR>c|Bb{&}c;zT6xKgv)x7^ZN$1 zOWbi5mX^VeIP5rz%F0CTR688e@$n~HNH(j{GLC72SzEpacJ8?6X$qJkCV!!*0Fs(0 zFhl~W6Jm>rkKbWzd_d>?Juicgfb73R+LAf7#)(^@ryTnEYJ$h-j;q5&U*BpM+?(Q% z>Jk~mq$#2laM`*`d2_hZ$?DasR|flOECzOVg>435$T_Zo9ii2YsRp=MpQ`cSh(eW) zBEG!l%FmLny( zKYp;&(CEb&0?q2-$ZKwH2EKv01Y{2mZEbB>Ibv2^C?M(_IT=GBNP@T`c7s+~UjEUm zM|lW&Jl6`VfThF1f!&?4$i-x7klv&7!bRB`DbYX|836$ z(secVF~}HVx+_D449+6cqoeT~!*;4%b(xA8A0<=SG4pF`62A`+tG`Zuk*UNPBlBm% zTshZe={^U?=I)>_8xs>DQ`ub~cAPumZL+XWae_z8xu;UUP~E@I3j1#{yv(*dJ{`EJ zYncJi!Ha98yp&$-*|#)#;C(A2wAcM`U~d5pSMeI7KVI*jKhU@CQ}nj%n#`)IsU6J6 zSz)Q$lW-PmRKqe$Pfw@rk3!DDK^Bx=R`wZhTA=Sm8ld=eD4O4(A!)EgBhjAkW2P11 zX_r|~K~3KYrVkIKcdc&uEDeZt^6)L)>Tq#(ak28}^REh-um?`>fo`*O?{?R=hldA` z)%abXBB;(qMc?}WLS@?9+oQ7s+!iHHP>02A2g|syu&=L=qQzpo%7rd#_p2*c?U$px z^SpI}<-zmP!L!4@PZfJW;8U+p92V;C9^!sN8g7=<9?4|}B3(;>v6YsTuo@>*yvgWn z?_A%EeOMgNO}zTx=imGj$ydIy3HN?(N6SaXl3F=Gc3E-asqW=DU9a61;;UTKJt5Y2 zeq7!$iK4bI=U%!C4v)JyoE~*V1hDBQ#cch`re(%!D9Bl;(SsKt^dGt3vM9Lnx-SGf z{MPF$gY*x2)2T?>324g)q+w5_+aM4U{$rLIn(_gf=@UV;LL^q`0Yo^3%|D~!i_SM0 zCOns^zW>_LTairYczWKF+;~Y4>0};2{@RQAtSwvj8V& zSa|rIoZrnh@v<4nwl*3cUJBgswwnf7bU)vVx!)qsyD7N6tS#^_AlrVp{6I0*Q!4<@ zXp%#p8@NrJo2%<$5l-b;&B#AOm>OP$trDsJX4j-?^=>JFSc z%-fzVpB+-Id97Y8XI6_~i*8!?TJ>E^I;VLDoTKGKkBOke-w5^vRkZ@|nKIzc#TwdL zTFlIOk{I&Y{q}Rb6@0h4w(DQlUv2=s$!_L5RC)lBWY4kU)(FIYM6omyAF;i97DYXF zKJ0gHxUgNjT07!!I?mv9d)$S6S;Jm>=5E*bXRb>_JH5}%YAYQmjXt0u1RYH}7My%E zGWuYH|bNAe{-E#4B$JJ&EaHkOq1o8SZ;4;u?>(JW2DWoNM`F)^{N ztqm?^&p3|gXAmAiBN46`c@J{Y5q;*ncke!Z!k@B!`SRzw8fars!uD3ZziOVrR_YZ` zTmbo|+%98~51KikERux;gwKuBXjrXG(;#X=`}`cMsH+Q-hKb43jNJ`EuZ_t%P!x}J zvK2C6Ie2&o3Ehk;f}5&jVZkCa>!Op<2O`-6oCceC$y9tH47-$##}oPl;JspF`6fx1R6^!> z$e4bwNL)Gs;tds12E}y$M}MlFbMB=l^uel{>h1PF-4`ME2RLO zC9h^Lo|TSYB7kWk!rC{ou?k>6Q?sI#W6PG?%4kl!3I;C4`|2R)i-akKB z;u$~d%N3E1XxCSkgP(fSt>-Ri^j*#~`Fz)jT;w!O)p}_TU!?zFiEX#`Y;CuVEk%U~ z^|}DSD?uSoyw3Z)GOexm@VcC=_ma+}n_5z9b=#y+=MaF{G{n(LI+^aOG&3SGs;@A0 z)SHLDcYi?H5ZM&dNRv3H&edaUxw1OChn4Jw>kUHN-}!pXP-Yc1abtAP-u|f<$(;DJb2Q7}+MMMpp3oBVJ_dFKHf+}y;=8t`@?7a+eKjpbs$ zHTvN7hN*2`op#6$2w20N!RnSM{V*+Ob1G?db)6@D;dK49B;*d7+ zI(e$u{Xnz#pAZAaKu~MJdHsc3{K(cnV?F+CCptsqbWZoID{1}Mx@%K);zJIF*i$Ga zU}nJKSEb#FbLPeeR)Pl#5w?OeB8dz8 zD?@#QgDvbGQw{zgv+lZ9H%w9ce3nTEsX9$zsK4I5$?>XPVGIi??Z z!O+ULnn-k4{^U1o+hMDUi=(yJ0RB$%CkvVfD#I8F>Um%~1+Vp&s;bd#g5VkF#Jq3c zs8L!Q2(iI4K5UX3TCiL(zMOMr`B7c>wbe-B+DxkHb6q>iqh)>Kd{zKBA}8nLHB>Bc}pv5JXaSRki~D?DSR!*vtKrrZx7g8B1ZtDL|F6PS648uQM>u5F4Ims1HS zv{fk$U>!sm`ie&x3J3^@cU%CrBUsoyl;+M#_jS+ntgiPCQk-v)4Ach0jc;xGK$53h zD~kb$oSBi4*5{9TNqIRRSWXyvr0Jk3r>1)EX}F|R!^bx^Fu)UAaje910^#&Z`OM}_ z%j=t9qWL1|UcB~{+l#xcUra>;V-Lk0EZUjjue*uDv(9 z&p>ka$BHj`q6j49!oqFPg~7ex8o=~fZ~?^zJPUNSAjwo?u;OqUK6lRJRo?K9CZ+|v zX;7>xlBQ4&6rreyOI|8FD~s{|{Y^>=kicr)4{e>CN(T>N4|ydzgTnex7GS%<8*8$RmbN!7w_v4J;*#h`+M&^dsp)3N)SLC^XgSOVp@vsI&-t znOi~4-@miEf}93j@bZ{zTdx@Yx8aZvjg5_ix?a^eIWjquVR-fIA7$tTY^Hq{Cd(!! zVL|)J4uI&q^W-IW+|pE7ITSd2@pD6^>ahL4SC6g4_zG?N{&>Z1t2; zUV*am<0S7Y>#2H>5`LRLr1=Wl;@6|^+1a2TfE#MSnW>Zo=39_t1A7NxX`u{{7mShZ z2Ar!CwMnuA(7|tTjrouBJHMvc(p&|LooB+mFe8JZfHRdIaL>bs$~*c_tHV$pd`)`I zx%-}p>?qRufP(_dwx*^gj>igaD5r2~j|bS0Ig#M3eOh2pyfTp}MbFepy-T_Q~{g z%7$3-iyzE!VPU-!6JBeh42g}KyaYgs)4}xy5TNZ%| zL(qYamui(dSbeH#92DHQ;NJiqR8sU22%2e^arkkHV9ioXunqCWz+JE!tB3@Un2_*X z)tQots@83vmBs-0I9PRDbHl}EH>iX^hJ;X2Ql6e{clGu5Cc3ThMH#9`T{oO$>poKk zD$bRblao_i+`ml#9|MnYvG(KJ=kKjfa?|hM7v{^!4x0`?SLrKywi!f}1+L~jFy4gE zPqyWR4`)H40Rt+-Bh<#m2B$&h`E!rGA!G2nd!Tdcx^FfO>bR{I!~Zs$NUSDmPJ5nE zp2_3aiX(tBoPa>+G<*yLTk+>QL?bnKIDjK`iM^`oNiT>V4A`qG@+@fDM&m-BO}AY!lI+2BO~d;+n`?^9UlYj z+}?^(8{%m_Q_cYU-|Oroibd0LZFI>6b1(050A^z}M|0v=tu=TmIWJ8+vz-ux*U9y9o=Rf*s(XTc0}%Vvw1K=?udYjN)E$@KLNVo!Qbq>#WEL1#}b9i z_@tzasaH^G^!2BKEJ{Mxl$7l4>x1RuQaVC8B;{FitU6>~0sx7B$$w2EO^Fec1}b4o z2o;IrH*hjHhHDw0vLcuX!L3555eG_um-X~+7-UM4lWF|)5?$tFSTsxU#J+1+I-Z|- z@MExkdb)UWJ5YjPbG2$OPa#u@_=B&d4qY_zwd)3D7VUT~7DDVI-6e4+Qfleteu99L zf`Y>02e@X#nqcZhc|jBgt0E=zjj;Pt3^a~@)3m%fTNi+mi{*$P?kM^p>JIgXtNZJ# zMZ|_u-N|j>65eo$E61{HWe@>0jlj_G{C@vdijmqXzPH*CRQ>0RR{!B-Cj$I^P-Bz-YlY=(h-Fx~|7=KNK5);^0rZBvO%)y$=b= z5Q=>??}uF-31`cUoS&QHzltnK+r}x$`Xq9AH$JGOW&Ssl#Tg!pqi7 z685NoEvn+QpX=9VU}|YO?~-T;Wx2~Wm$3;I4k&Jz3ZN!we76a*3ID4IcaKoOr}DA_wK#O_Glf~`ywJD4<2j-Orr8S z$?rD>tAh^t`PyuG>=9v3X6AjrPoYivfy#rK6Q(jUGCMmvYPka`DYOZ)3l6ce8QD2G zMH;za@K4RZQ^V73PCV}UZH^QX`sQLLQ*C%xz{0>{>#5`LXIG?mY^jmvS=;Ho$pJ`- z<!+s{HJ1PCiM;$Lv1C$m za&iiaD%-jC#l>$UtAI9fJhpFN zNY7xs+fHuW#@Q-1u|cThaP&hC)}lqI_T(UsI%K8{l-ujRcX&q^)U7S+PwJfjg!I`qAa zla(&T^J(os=KGTUR}dHh*J23*4b08W?d`ds8Um4oj|GcQNGJghM6U-tJWjBTU|lUO zy{@Q~E7PNE+IEMy7QjR;)(j3QND%4dLBg#5pbTzSR+g!$>9h;x)0Ax-z zJvBA8pn&sTy^x4?Emi7-nTJ<f=IUd|pJ)i7h3wB12KK~RqbNh6<^&s185=xYOHaYM~K{qZ?rst5+Ef)uy zZjB6j-JQkUoez$LAO;;7^;r8f$Ko_l2)mc%=gYSWSx>&%s35x)oU9e~cb+j>t!N=nL)thxf=Y-v4=$O18nB~6~Z zQWvmCTq9Mof%xur6bzXsmJ*8<1u%(Y%T)*}$`cXxJ_R8$~i;;ixvoQwVmFl|@^FlJ^rP&b26B-6S}#@`{*&B%3{ zfvD@GL_iN&LX<@cp_Rq-*&W}2ruI2oJ>FvYh}k5CU%tFFFp%KgdH?jvMOu&lvNQ(% zH8p7|DR3Gg5BUE5dsuQ9G_aF_gm#CC!&36>6VLI}efyV~HcykSkkbb*u9N9|Uk5GIE4Z!t3cf&7W=Sm=M68?-V9_t@A}y`F<f~5>yBJYQi=$)jvmwaRA~SJlX1C^$ ziTG-8dKdNaSaC1MPbv*8xgDS8W=VdLwrxTaD=P>%fHDqIBG@<5^Yv1p5=&3nnSw0RJl8 zjzL`JhUfmrk2uME0bhI!-=9%V1@b_`_rZg3r~&cu9qclT-XFcay=y*vL(gv?RE3lj zs<)7ml2TB(Z%kf#4t}b=U)e@{THn%Wnav%VStMJn%+se|0$HO!utq_xTznU8HjtxU z>*?|6(IWtdjnXgQKZXnT(iaaL1)%opqpKP1j6-b3kxF+iHDhcIn z#2vRY<>B18aRUbjbuKyn%ya~8u@B9F$i8^-A~Y_JX$>tFe}?y$ow=*6EoWm*1H&KF zkrMRVcTmD-4U*s<(`jR7OyP6I^HmHQgTJ+uE<4DXwZn2zhAt=dca72f36`)M?7uwv z+`e#lu-(oP2WYAjl`FJj1|T1S&h(Eo3G~?=ViKw*O7eKK3ry~G9Y%$+8QWTyt=qKT zh~6c51|dQnopGkTDo#+mNf=UuV&4jGcRV16PYUTvs?#2-o*|KJh%Mx0W%ZhH*^6za zKaW!}Vc2YGT^p-Z6(_He%DSYdu6qnH!Y?kH75DISmGsqlBx` za=Rq=tw7|QhLJpEloH7`Ot{F7I${(uaeng!jWNGWgGqq2jEwa^`7^nt<403ByuPVq z59Vqz_=Es2Tpq|(%#ZJMUX`8V5jt2S!(UuquXWvJ?Apc`OrQwp zTS7r95?yylYy{8Q--Vlr3M@>xa}jIVD!yDXx+H(+(^K1v1I4t#f&_{n)(RnygL-VX zoL_GU5Gokc$VIGCk7DbYqto?h!=f|(<6n*Soowq~`yz)P2exhC|3cw|atyIgfMbxe z6c@CYOk6m_<67jioqp9EdOJW731qpsIE z39~ItO+9Twhz)yi1+^7khjxdapQiN)`mVU0yL6tr7>z}Xzn$Md(d2t{Ke8Pazu>or zq-y`~-`&3Ngn(Y19`6HzPgs-3Z{67VVQd`t1Km5cz-`}h%Hd0zpEpK6*`q6Yy{6&+ z?y_box11Pe?m&D7jn&~fEY*usa(xTZde$5&%o4`YK>3#bTrcnmiVEu|y8w7hq{I~ z8`^wt{aLHfxMIov%3SN*7UWB+PWMLa6}V}9aD&|}ZSW1eFnq=2wX^_Q4Sv^V`j`b% zGc||vaXZBmLZnyhlRHsSCBj)-mr&f2R@kR=rBaCw!O8!YDw$a<0(UnW3d{z-10U8K zCZv%#u<5)06vMF)1o}U9XF~Es2IsepT9|I-*3$cwS@KQm{^7MNS(?&48?~aLS(`vZ zOkB+<>@_wuNOVI8wp>1VtwH? z5jVG_vh1>r2kD-RebL%K(b|~g^gPAR^x9m*`i%|ps3-*#)#tR*8g}!lVY3lWzdx5% zhrbf2hoL|R@LlX_B+!;d5IA^#NP!!p7ta>Bb?OA&fS+wui%bjDdUS`3xv$3!6i2xsP( zXU@#e44%FAa-nwE*X=k>e^rC5-`92+D}SuT3d}6YBl!M_qyFodm0hZrC8#8?pd^ai zL6^$LMm@%b(NBWB0eD@=)>{8 ze_rzimOnl^0&xoXw=U!|U)*b~F8&uKt^s8LMjM!-XUag*^>3)VkS^!WZQ6n-L1wun zh;obZZTS;${b#&y2=f9A_ww?RlEOk3VEO9X*nCt+w_YianM4 z#@mJ|YyJdep7(z`S)pJ;=Mmapc`>@8{4mR}M-A{lEFC=*-Li}UYt}CAzMp7EsrN>K?li$viK{e_X z50bQ7`NI(@MYp4V`~TdDl5IzwHpf5mNpf;Bs0?FeHm`t18W~B_e!6@2E{v^#1_9KV zn>#8r6!tIZBc&E2k|^Z~P#!2SOZN11beJ|@p*MJ)pRKH{0H6f&58B4|*4DcTSNN4= zL4M8Af?akL848(#a?pJ?-sAo!Z~J;_4jh4heU58!oqLeK0$LJfxG+BtrpnrQH3%py zkx~yhIl-J6%u%1Q=NCC%Da_C35PJ%cN=GMAArsJ8-NwcSOcfyKq@F!%Ln0xk5Y}b@ z;_2z>>C)1YbaOP=>w2Vdoe(Virw3HY@&c=ZB$1#Zh~Cw|Hf1mqvB8)?tuDP#sWeaz zArFkxU|?tn1(Q`oWMauaJtL#5t7~L+4?qgUPNnV=WGYFaxF9Gx${=hxI_{NNj1UkK zQVF|%4h>}obOVAsH+S>4V9;~%a<~7!&VM#mfy)S_S2ZMkU5mCW;^KyMtY1RB*?5|! zz~3PxDCiDqp>#AWu=-6wP+(GD+=EaeaC(@5K|%sw3kFa?$z@`aPJRKB|At^vM1(zP zk`T4Ty>Ww3jMOjrlgT|O>#RCeivqkly1HJ6TZU6TGH)-&rs|U$rn*gwY347ZvQL*0 zqCPNpc+1bGatxHk#pUJY)l~>MSVFEA6c-SGVC%vG!(}>3N)a(JE^vRrNCj^Ie7UkQ zOFzBonTFfquSg~7!xMOI>g}xKuSLU9M56HkG{-i6+wxI!ZbGpRqX$A-oFs^-i`@SY zW`aPUU+bTq-i5sn8y}|uh2}I%%xQeIfQX!(9^2!=3?(}bAqfe?r>C?vW56XK{e|~D zw$tcClNc&2!`1YXT}fFPAkA2ni(;Arz+P2VRq`OoD8rGF5lkAvF7&pmZ{{xUZ3;-o z_CJn6s40klTLp=O_0M!CDAzLd5bz?( z_RAMDE^dLuboOOG7ML>|1sCUvYMVhpE34Lgaoya)!ULSbA3v=3*R(4NT(8K_*VkXx zHas0NPSP&5)Q0!>P}|NQ7#$rQ8Y&l)vxBR;GF*%_bLjd8$@JvpI;X>oj6yOzEYzlE zGCMum)k_fh??uQ|M~eW6#GZq0o~vES4LeapBx&Ig_W!|w^Kj}d1Iw~*&0ADdT?OVk zI=36xK}m<(T?4Y{c9+O`r8ha)MMvY>@M|XRC7CqSUiOI zpq<@=u5C!V)URz{4xR!3nGzQrSpWgs%xxBuj^&MRMhQJq|djo#Fc;M; zpxF=9U!N3HojFR)A>l}+!LoE8%)6bP?#Bp_v#MmlGz0+>#)=9G6f*jJBe5ZZhT7>s znLwnnEOoQD-)WCz0=fqqAImr8+c%SzU`l2rCk_;x1X+d#c4p+-pZrvqN=kkKx%cb1 zxDa7Bgi`>SpPt^Y#^nah*X(R*RFdZ}gu=uEbn;5onCZix!5oxm`2QC0lBwjrU#!t- zqXkm|I(Zp$zz;N(R8>iYS}aRZ3Zsr(-%<=P|EpNWu333`8Reiji|KEec5C)+Ev+t^ zO$i+hJa_gky5brsnF@U*TeyZuN7m5fEo8z!5wW^Yf^;N0=z1Daos|qp2Vo>Yr=8th zmw~7m-o%BaFlAWjIyagijft=4P63_t3EJ~O2~Kcb`1xa@b;2cvcLYM1m%TN_OE zRD#3@{b*;${=#O!;mP?5xdxc^TU&#`BbOxPw;*K?;wmZC;F3KQIk4LVyTAv(cN0s` zp#y^4iHWz9iyj#Nx`!I#GGZq+kyCSVaRJP$kO|XGAWo*rDfF(fCjSJ3pto4?ezgv$ zY&7;?Vc?EgJqV>RHch?0yZ=wNqR_5tF6!|Ce<^XMSj3z{UQvebHW2A^nv9k?{9`_5I3!WdT40WFh{b zk-JABON4`igBmXNhvk!)n#84*YR(-enTnbe!ArUyDdnfPs51*>?8lE#JctRoBo2Dz zLdvu-6g(`A>>pYAcPA=*f0-7$j=LU4CewBAlUh#I8_(^(!m+pbl2q{G`lEk(+@Np)wmNg&XpHn?29lmay?Zz#wS7wJ8kTsj?Y8dQ{ii8eqLh{^`ZPH9iiqAg*d~ zpCQ};-0<7C0O6?&m26m{Xe@jYadFE$LXD;eMBglFwkmcxQ6lP)dHpy0Mql(JlvIY& zlCCNL)A;nrU7_*qo^-=lgG%;w4wPUFr5(fj|3ejzfV%8!(i@atI9GI~a7gAxbjQ^m z)CAZY_PY!WEm>+YG6REyPmGB{otwzGB&DrA2IJt15jVwJeX&Vg-Q4<3A0`A&JN@<3 zVr64v8#Lhp{_2CLSO3JtrToYY@Ru+(4EOm0zUz^oA%!W1N|$YVnprUJ2lI3x>;>vv z2;`UPMrk81E@PdGN+yhQ6c&cdw%;ZtRg*Qupn;9B_wgq!>nQ5J=1wFP7(WDArb&N_ zSN1>;61QD)UtpjlE$uNxh>MCKqwMA(TvPso;4c13C7$oD+a-ib+^0{UptitwXJ-vy zJXru`=QL>ggQElNl zDB1S;GB9sMQl(XB)CmeBSSx^uXmu_tGQ+sUA^}XMN~ZQWt?elqMy^B`N@d}{r4Ew( zEfqj?0rB+$LPEMw(o?6$T%@X>zdy`&S&o+B4~R#BiP9PS5QL-r1x_+YAVkzG%CQT4hnooM*k2?xjlYyBI}(~Ozde6DWNArQ>c@Bjy}xxv>e z0lx$=Dlf0|@t#G6TgL4ImO!b*nn(j64sn>s61nsl$W@*y(zxhFpni#YJ zs}?2p$H&78fc(mMtydD>)-(t((4@0-OF@6Rd4XiqwX`S_M$r&*3@4AE2SObC{iE}= zV>4*B^~;N@Xe#8-5Hvc$>qG~|9qTZgCqX^DnYOV!fdZW0fdomQiFyt7jm=I^Pk&W- zJv#W*Bn~;{cC{wzy!tZaJQ}HM>?_9r0l@*&sPZ)eg2exRs)hKvas574)XlnmcvcE6 zq4z;Az%ORz4MD0o&4!tGp5pan?T!EOg4F|C8ykEZ#FYh98_rt{d!Pek z(jaB5wRd3_4_y=wHqerNZ_7P#cUOW5CN+gC6HE~Llrf){9`1f}IIvOnMd*{>)l2{J zv-)_tSRw6?FTVFFh5eFXg!D%BJG#dk|D44n&0W1u^@|f^x3PDY@hwFNYgF;H3@(1F zXvefP*Ct-T!r+}88e8`~>VVc7RRA@YWK#ae6P%CTJRE>ilL5q;D6{d#E6{8310_OD z6&;a+g}VI#U}Odd2g9QXaIRku3JD<;6F%MP1D6d#%fPFAe00&I^`5C%Brd`j1gtnl_DRvkB@G@Ufwx zA)ruqeIRTzQSBCuR{%pX9UU^UwlMzyQ`uCR_l}6oG)H^}b{WOgbUW8$9DulalfdPvIi2&KFF`f8TrIzqk!4WN|gwv8G3M~l7|2mUN}%mP;eQvF911H=h>yn!Lrn_( z>)oj%rNBOiHzM_e->h*_RBHN`WaQ+Ml9EbCRza2doRARt^sYi?1Rl(5)gJwYu*_Fj zejpLj(bEgNAD~8*TwPsFOyGeY9~WH6;{0s)fn9=t7Ae*L=Z`Z4W9ho~6QpM^CX{IX z4uw$50Pc~0`TyF$j5q}agAY821QsC$q-And$n_z6hJ)H368D6K6ZJ?-M@}KJ1e*dF zDx@2M!ve>%n5YqgD1(TI7hq0!#0E4Zpf+G9!E;H#R(?COYD7veEWE%BIRwwx zh@zm#gNgcZ2e8M{vhJyLpBR$1Cl67H3doPiYO+L|Q|^vXUGm=^NE%kFRAcGuONfMB39qcY_0 zAhOY80_e25Isp%L1EX$irX9fJQo!V-r>AFRVpmw*DzLQ@wXbV&lrseXQHqaEEanC(7*@AcI$fmmXB9 z^?hyvyy|+h_oe-&yZruoq%`uZ(byA*FKjQpJY*MUEdY-Y{D*%(iN?{v0bdL?obgHs za3mmRI1?xp+YiZtdQ2b-tWoI*2?GmANI%br#%RLwPkanuo)iZp9^zdm%pSjWB0)z` z8(!z!s-xyb2(E2(>BxYjq@VwLV4$})_xd$&V^$#;yuEO9hhDPVJ2==-FqoU9D=|K& z@2gy|shs6+5R->lE7;BOJPY4({G4l0-Lt0Qw^;7mUMoY3ys!Tjfv34xds9(b8k^>B zM6t^f0VxdAK_4US`&v6Da^P$IS0J@PsrU(xAcMK}a@ez(Dr`QwX98$3Xtzc(5(ov% zHq6-a!uMwzuP6Me9=42pSTZ<5Pmh+vVIimgyS~i9pa0R@W-ab30IXTSvrF*GQhRJshoJMX#yz@f)iI7Tramx=Yq5t+@W<>qvztS`? zs<>JDjvatc>ZiR|u2vv@-SL50(l|U@p#SA&x!~Ee9*7ac=y^UQ(4!1tc$(o4`I{d; z%UJdAB~yohLEH%u1lQY;^A-yi3As;HBn%H^_X}^e-VtzI33%hn(3K#dDleZeQwLMY z;=HE5hC>bhH~jzhH?UmCxN_7IEe$doNTsHxj3UMFEJ2AVE{@z&f`$6)bl}Ep2y?=n zHg*{p@}#0lx%55z2XHnzXBl5HeEUCX6w65vT<4HKN5fK4yZ14iSG}m-0X1)N!oPdE z@5?y>3^bpJQd==2Rg{!qCO22bZEs~r-Awjy0$c2n$NjH>89}2Bo+0&nZDIl!5IF0} zxS!uOxKiw-tdIz)t%7XY!2+R}N$O4QF&?mm@#@zL)R@O>(d-zc#jZ3s5S?*bj^2C8 zRXHXMN*^CzTfqu^KGl^!i0bpRW1mn+SOD>bge#N+;8<{SzG9o8ynr#-%<{+` z$}T)rLWl;krfcO3iEtI5B!NG3{l*Q*xbYL-TYN1_{K3%D7vDup;5LMwDf#X1`CxWD zZ|Hi)2Au#PES#1is9g#QFmp+Epo52X)Z#1gq%|@k0&qAyE@_?iP4AMuMs7((h3ncj z&?d-0!YtxxO@?nhh&qsiij9kVPOk`$OnP5)3xmAuJ2lR;y9Ds)r%h+r;KHy+pw`sY zJqnV9&L>{^3j{(Ko%8qBBOS&}3=fB4V?gqi6&0vgzI}TsqybYF5 z!*Wo$OgUpfw!2V8eDI#H8GjXUf6!uEWoFFG~kaG#fl=j?hf#?Ci*D3519#`vgDbQsR{ zr{}N9B&^TS_76FJIj!Ur3i4b}kmb?+@DN!*(b6O04XYvM;k|)#9X!0h(r+Qe4^Q!d z!L(aAC|owv64K>b55xCuW4M%JPobPfKfpAi5Vb%q+qaCLq%fbdbCVKo^**9Y)(}($Sz=K3VS+S5{JjJjhlp zE{v*yj}CkPyfminC9mg+Gwcozk7|e;b?x9fgR7~&tM&TzQg?Ugkh!IW#cqvnMG_b8 zZNaA#@A^$4Ng?EQCg`yuRAp;vIS%paMX0CqFga4V2Y`K>Eg?L-aOc0Z_8#zDzJK2^ zEi{ElWQ8(960#E|GYu=dgfgB}>&e>zB`DGR`DfqcY| z8c3YM{BrlU4f4eNav1(WU}91!7Q<*xcK3FTEYZkc;Qj7V!Xgn z>WdU1$3M;c)NAy*(E&dXz<@|Ca`vUr)~ajz_AS@Eo+a+2pJm0~k_g7TuB)@H-8Tt4 zyhiVU)|;qLxaYupI#9k%L}_fUaM)3zPz3sXO#1^HVW<)l6`dkK9-O0>K4awK7Ya5( zFKtuAU9D6k_a)uF2q_{G;O37-JZn!Y{e@fI{1Sl?=1))O3iKI8nM81LpQJnzsfr{J zedQZ*tOq<@ruR$E^G{nYh)GBcn+Fn0*w}IbmivTS?1zMvq_RDI+CU(j&5VoP&ml~X&L(D3KzUD&rR>e;1VXtd{51f?1G-72lB+%h1`7spEQsH$@bTNGJ&CK=x7 z{vT&FF$hFuBY8#BTi0L$l+)0CnCF?|*`1r8pO&rDet3gf8-in4s;jtK0m+X7QiYTg ziwH=BTneAAx5lMRN=b={iybV+`((a`U-G$HGDGti@}qa}rc0VmP{fU2jvoI}VE$8b z2N9!IA}iu%o=rCI>(k(cPBO4uW4qB}CVy?yoZ>hKHy>Z1?ZC@^ZtIy|@i7qW8O2kd zJH(xfV!Z!I8#Z7rLyQq* zEuIG)wLNo{*fOwvK`uslCD<*Eer(>~F;FGmoh4JB?Xqu8mK>RO=Ta>EfCVlQeBDpn zcm>AMc(>{0%P03}y*TUW=-3chi4J}H;j?hDI*zs-1KfI=0v4;R^mMh1)`5WmH1x~G zlQ@p>ddkMkr%fwKL-G)9n@=|tA&X8N!inz+X3OhtL(a3{%SBX?TC03~a21OjC z{=C z;k@_#htapvnfITQFfL<%g?KQA_*AjDTbY{r3aBew5*Yxp6NLl7t}#1V#hRSs{o$T+ zA}`=Agu2n*&&kgI{j7yn8YKY3&I;NJ&K){WEHVV~%D0a;y7ru^QTwj-aC3e2{TN{r zqeD^NwefyB{J`Zyq^6Y6WR;i8X=_7r^KP(B+Ho8n1BkvzV*v1&JN>DQ3HuM-4}Gno zs!cwMR2kkf0u%^-oS)Mzb{MF`#7nt+A4EcziwxxrZ8n{-ypFt?%q_Ryy9@N4qq(iC z6Bd*Afw{^qr>;%E%lspgxASjz-}+4+hP>okSMF@cVlFeIj#c2$ymoE)Wr)lY>KJMC z`DfNYV7q7V=lQ{xAuv_kb+Dr%+i-tkP9>PIeM<#q{(++K0Jgyk;^W@4Hf_0&Urt9uI~fJVE34Z6tGsnSm)DOn(FITBF6ck=b08hu#ex9jdK^y$9T7 z5nhBGw8GE(x^JUQu~2n0Mq?A_a@uycBp-iC*4`bpE{#hb3|;i9R_`f=RBUVn%6{16 z1tEPCXr{YX5j`6c2ZyBF63i8g%~f&xZEwZx9)F<%^iQPJFk>KOik1}CsA5{0{MF?> zwNaTF`c*EDg3>nGt>C-_6i|Pd!W4Ge4x7VbsOUHgj4~`!>9P* z6ag>ls?=hqOZSc|n(z0On}Q`Xk5Jv*3lbRKH!)4RKaFgrBPwlG z2=&wO#z0~T$5jI@o8FJKuGqM^@y_FKT1W6aFwD>t@je|!ZoqGGs2Ct3Xg25j&HwK! zzl^yP9RmYJz7&)75?Tcn4~8o>aVNil{f6gbW~dogyF&IE1TAKowc{viWJZM6W)>e5 z|2PUMLNnG0KK0VFqNJp&HZoE{rs_3cMXGWNi%98# zMb(UV8?WU#e%MiE*F_L!ysLSL?x1?~^B9PJ{`|25*jQf|X{%U{KDh1hV33)v#2XvU zba5nMp|(W(bRvVhqU(YdyRg0`c z6Uq`Zqkjn#v@;;WS710T2_a<&q1bk@cA4z0ghNWA+qu*!_@Bx`!sS`_tFwmyn_q4eZ;cl0^<6l~qLEo8r>=yd|D zVSsRE+&lqDxVkRl30pAO7j$)Oh~OHRy}6#!pjj@Xm2}dWv~mC8e>E1OqoeEV@82!I z;LZmw2C)#01zkBUn(+mVrjDAeK5^Z`0DNz9gjD7HxctX?8B1?pA7^bgniYer%P%2R zJ^`@AQy(qm`SUri_7tEZ@$_81RyJ}O*e_mI4-XHd`Bn(s5+NfL`flEAXF$cmF1Nt6 zjha!bF>e2RMXTlhYag@ITz35iL*M;@gotPADg0T9{SH+N5-}JMkSwx~q~2*UP5uTD zFYOqTL&#p-SrRVZl>eyFL#UDof0p053ZVerQ_gRwH%MP+LN-DggK`#p%?Zk%#jZK} z0=t|f$TH*4lIn3|=ABho+u>YAcG<*)5IbVlWX>SV70B|LGY@O7yilhm(*kOOIlg>w z&;lki)B%WS(^+YKuU)bJK~V=y8cE($Q}aUQ3T5>=Z1T9K&w<<+Ju5FSZm)at)b+&PnDI(aSJ*{a4tF?>`>IXvJnu?_iKdS zUJ|fB4|53qXDr$XFP1m!9Vn&2LIU6p0jMxsCL~`iWK=16?iIz*Ya8Hgn7NXsZdv_RKSAw`(ax<phI}0oqY+ry zdqdpR)O10jspke1bMSJyp%90L9Oo}B-APm#Z+{1gpHE9Tb5#~U5=2Ldp-D;H<4i9s z^N^~dKst(6@tJ^z++w{6USwj}b+SU@z`}Dp^1T-V4q1V^F z_{}+Z8fJ4UiH2m9`$$iX&L#*Y#KnJfch?K40*v}wIsyvOOOK6=1Ykiz&|_oan}no^ z8UbXbK+q#1A^>bru-udr2oDJff$0#x8kjWBFPLCqy{|eIEeDb+@z}!1w**nR-o&EA z0FA5dWEttQNf3IbI1cFSFh4u%i8k4Lg}{2*)Kokef!+|f<8VMgSwgBv^qfFQ6)h9f zv*_rwMhg^?;=zFd0gD7y;sVNO{P=E?BJ8OJWAq)+dVg~P*g!D|8WhqQ4~VlTAl(uH zJFw;CG{xs$T!#o0=M3NVYJ; zV$#CIhhdar*;OHQZYX}aVedb4yiTS=F(hp2EpSf&Pw@-=r&%L64rq|wiI`6gngDo8 zA1a9m36T=Fg}#6k87m`t$ycLqfi3)`)MIu*mH}Xu-bkB&;`?Qn&*IDq;i~ zwfx_%6JV|U3p7?xORDg1m1YTP9*T~P#6pK2_0{&15KZiIq9-#UpCz%szW@7BER=2G zJPW=$VbUH8H(nV^cQpCP8S8Av!8RBOO5^3ijB?-rqNTdJ48g!`QczYLa82kn73u9jmMPuqa2cmzx|nCIdLH`#AtP~9 zH3`}#0BIwZ|2?p}OuCp2u$T%7A?-nSWugM>3Q1{p-~a*6f2d$R0+ZTDlj@PE;&DAu zJ=uNYJq5I#h{Jcs?6pgF1*tLcpoDU%ZUol4p(H1BZm!+-UM3CZmRo68%N|*NIn3w! zUna{Fht>zZk&`AsUts>G6hy?Z)@x#Z|Mlznsh4<8UlN>RV!D9uvf6*odmOq$Fy0ysisD|1;z=m~gfK zs8~-T=gEy&;I=SC6U#ll9sqe7;jdRancV!f)%0sNf0do%X42~OWgp#$w;&}YX@#Vg z`UiD<54<@)KOb*N5^&_i#1v9)GblpX=5d>$kA?6;S^2(t@+B+XGj`0{C|R4D;(?b0 zH8nJx1wyN@|3#Y#LyKaW4VP1RA5>iU$he9N`scT5^$q zoW(44GxSa1nP)`{K6w4(ue+WDYztN0%mivO$UZhVLu$)rz#OY(j~GYft!A_$#cnzX zLak{nBp8OkfhTR(`|-ued&TqXz$2*Z@K{xJa_C#A-``1_Ms35TD40Dexn~hswvhN z;#euyM{A&Pb6$y{yF>1Hx)#uMqtkU?ty|iqyjH}eU*jgEr+;;4h}rnDOvEUDbIf-3 zkH{qfdB*b|H+3x}#+?M-G5xc;kPv9xMw-JS1_G^6cf+<^+fS2_#);%Y@B*g7kuz>3 zE-t(oIXO^cKP4VP312k-IPCfbP=ydoUC$`_)M}272jND7_AeXr9R}3x=d~Uux2IOZ_wtiUk~3vlFM>pc@+ zUB?3L<9 z8`bf9f$_DtWk1;P0xM!85077HAcNrBygcNBO3+pgeB1F<*-U8f)~#Eorlu&_{~b-F z{y#+%JE8x5a)pvz`;GqOn{wZsGV?%Xb>hrjwe~p*7Px=D>bU{&z^~HNzmLq~n(@8P z4MBbiO=_2Uq*Gw>2a&^HO9~>b48C)yvAbLL*fG#^tV~R`LaJ;A$MfG9pE#kf?R%Q? zYy>d~4LjyZw0)Q=@k%zO3z!4>SWD@IS#7pFd8a zV#k_~$I@ZI<}?r_Qg#{aWb8q|(&A+$eJd8$tE`j@QE*_w;PB&e2$&X7m|butXx`>m zJByCudd(sPlntdOBvqF~q(zY* z1FPWSsA*k5i#WhLo6aSuh?{@P_MH4zQ_?_HiRorqZ6tsN>VR$cdIC%yZQ)mb(h~kS zxTf35Xyx+wxNM0-UVY2RT>eLnGf~2x?NOs4iQcOLJGkt!^Un@YrutNgnh@0psyP88 z3qQU$tHCMrP^rb%*x5_XP$%K0+dCyj)?sGyu$cc1KoaknVuk0IjSSou4I&cA18JOQ z`ybS<*~YD{FvP`W+0k~jcd}^LE4b7v%q!N~c3CZZmwI-q5c5aP3KVv~mSX?n`ltCV zYh1+2qJ~tC)+2`k{g#ZRbR#vRR}A}IkB#+@A1ZT~OYo=Cj3VQMry&uAV^UIK=NL&t zR^V`t8q8G~WCnLGUFRa>PaS+Mm=WUTH8H=Oo>ob0w(9seq~SHQrX5sO<|VA+(0xB) zOKJe2%{!!ICO&5*iJ0uF(=wM~`-7=VMSME=&l-gmx0ufjHu}J!J{B^6bWbvyr_FUKiu;d^MlY$W^v^cdhx731I5D@bx%XXimpcDAP~!8^W5=h`rGu{% zOH_3c80Po%)hj`B{khv^-DN*|A4NH4ma6UFR4 zq!{9ulS4-+`KusL+N@+>cSKZ-p;-Mi8Z!K@) zY5Zwg+Inh0cJc@J@Alelz4B4xe>T~*+`xu1nR|bH&LJk*&7D(lIU{DymFN6pZ8oT}jCl16QHV3oxuaC9 zQ(8h|K9VIYkC=2M>CdI<5*VsbW31e{BC-z%Dues`P3t2>$uTujD?7K=Ro_)w6MH^x z#b0JEX0~@SBhKTOw{5gwaNN=(QWCv7AKAZ-5W8|~`96mN7kk5cm*u7%*8w1z+s=SN+- z+fI`~wShErK4&?~yjPkfwKsbF4$2bT96(r2|6-?)U{u45`r6v-Ha6UTPr|~Yu)R~` ztJV?AgT|<3pkPLf#>ni<@h-4%x-U+$Xc&zYP;}dzCi= zC{gh8{AoV2qtDVlU?p6mrOahD<~d=4fV^WqfcAs)j-V6N)q{UpmBI@IU+eMU>lPO9 z`CuYJLI82Ati$gIKdnUf1%c%0I%4@W6g~I!9;Cb0$I04?K0CJWYXGfxjCk)+J!F#9 zA6)K`5wj+aOYh5fD;#J)=Jkts#h%q*dZhb)-?r|F8Vv+MLOkK*G>h=1#d@iUZAl2W z`HNZe@j*d$#pZ@=@*dJ#KzV3tMCDyozj=mw-eeiEbOis^uJjK0g?b+&mc6fp<)_eb z2(m4Jt7yX$oaEM7-Q<|x+bgi~4v5`4Y1sJACO1#+(C#|Q1hLafaW5%JaL*-u{SH(g zvQeb-Wif8ktU5Nn`B$;sYTZ%AY%5RYdZnhgHU1V0-@ucUJpBA=85sxt0FylpTVe@0 z(#<0S_*wcX1cd}~8?E%;|BN)b;@W~rmQruBNN%P}tB<2P4ZiBddr{`OF5 z<;mTSxHa+6H<}&%BNXEX-UCIFyVfcyZI>R*=jkHtvn1SP?_Cp^GY0)aHZO+Ivy~W@Vce9my>8boJtYqO@Lpxz zShg0DAiJu2ak?VwwReP|I-4NWl95Nv!APZz-ikJDvp;@aIh5FZpKk{l*(SQhRYH4< zl~Ip4e=R~jZMsW6q4Y!;B}{#elHIo=P`}MHwT*hmY&)l|Ehg5c;l0!h6^_?%1)d!= zv;*!#n_q4=EzNz&oHKo$T&8)A)hV08dDHHDZ=}k-e?jOVx?{`D_Ytbzkv*l}#I*wJ z``cpwj>i*>2dfIv&8MEfcBw@y$8g22YVuca17j(eSvaT;gFWQu=k(LZMiCYk{x->} zduinV2MgTY)%6A*{VgW}e?pT&+Ww<%t4g@62O&tzg8HfQv2M=o^3}eL8~Top{)5%N z-~51V>O=gZbK*>}aER0=;@(RI-czIJPkaQjaXOfpWIi7}s6qK6hCprzff2W$phiY3 z6nB#)!(HZI2Q2%0*577-DVBQE5SR%6y)Nt7xJg1(91F(5eN!Gt2(+z|9q*j1UkMq# zZ7n+{KISly_$YvAV0k^7--eO)PSL;9!EzW36~o%*xXI=Zrc4$zEzIS|6tLX4vB z9e%4U)+yTS^AN%hoSYE!A5os5B-bgD;;xAn85%ZBoHjQt9q7xKf)E-$x={T_>d?5<#c=gRFC zS3+SNo1LIHMI}j&SzJ91aD9dFHaw5lpyA&2i-q1DbJ;hB%C9A^jFAt0QkzBy&W}}w z@TQ<=Pr9Wux4V+B?0Bd|H%v!n{MKT*^1=P3a{`*o#HE_OmR8hNpOh|#c&{etXHOLV zq@Gl`AK`a&+~4%JWet7hC$4DM(+U2&rTBab5D}-tyvMtX{6pm6o3jULHZ)FA971)X zv9-(4DuD4o(CV4@?YdFRVWeW=%DimoLTzDXSVa7f{EtR0HDlh!k=Yv%A#^lL=fM&U zTOYQ7!=6KRG)JeZjHX!BUHcd`T2M52@m;6tThx0xhSfAa-%mHfVDWmFEhCBs^VY9& zv4WlXJUw3|4+)r^RAhuv3ih&OXMnn^!z)yeLB!E$I zmW!QJ#lfgTtc&E$92wy}5-0(Ltj%X#$_%csmg)h$j-I%hG z=IFPS^jy?+RP6Qvrrp8bYxmNLRpW(%YgzO2aa{#%<|9t-`lb&#)gnu+zs^-Pm92fe zOY?=Ef{5W?@ID^jF>kPJyALZW7PB|8Hof+{0~E5oHsTeY`oK}yTy*3Tv)0~G#&G4t z?G^d@0`mSBc+phkvLF5SlUzZ(%^p6ZMVj;6k0;e4UewtrDjIm6sjTUBHV+%C<2P7H zA)BVDZ~VdLY}~Rsp><#%2>-Nn$jfBdIT;S@1uk`Gb~%tcQD;`wLcMvhr+s5;zXR z;{V21YUdlbPm@KMIj!o-;jq-fqzCzdY$KVbnxpnBT3wNqNyH8b&Wzw`!P)rR1F_(E znD&Y0{Jvo@Ex&C4>w`9TQ|g8K4zjTQL_yU6g@c6-9~arO}4QG6@{7>B>nQvkA*yZJ(z02#5#-tbyQ zN_c7^-V(iXS3;6Z=TvV0Io_vJTuG|jgl9r0V>&rVQV&W&kBxW#Uw6&lYURguJyT)u zsShsjDv}0K<-@KLu*xmrx&2LqN&J}q%`Pq|ek)0hAvM{*-8Qyt(rp`SezRTg`kObs zkJf*M*i4|G*GmW-N`KN+a>2~=Y{}-?H zzxtY{fsv)Q#8!}=XQ5+lQ)QEQu?jW<$M7Su694{nGCc6So?an5v!EB3#QFF}z*y!u z1FnEa5t}4}-2u}Qqdt$_BLEV(RsouX*^ZjD$s};J%(OHs6r&!@aVAvkT@QEdmw@sD z`h$`RQ4x_ZZu``Xb!BOFB=og$LT4Jh3dG@Pg(Jb+N;s0AzBbJOh~3}h6l$ngDcK=S zfENf|tybzW)MEMh;s+1jV?pNa^769x#BJ7_Wq$P_d5|{PSPg)?US^rUQ-zYJG>}DD zjGWRT{|yR_N6%O7&*bWjqAIf-*@+k{@nHA)P8WP{Ex-%61V4W+$>(aRRe@|mQp{#b ziis`~xW6(08^YcK->(gw8ejCmd34Dxsgh|ikWN1H^$Q#o@F4IW7>3L4crBCo&n~8c z=B_SvO2F^n4U*Mkrf9)O1rtCwyfgly$VJve)e7b!?b<8B@GFjvxvyUjLs!;CB6q0R zQOzQ_oEV-}b0ywdC3m1v;|KV6c_joKcCf7@xPWxM@^Z>)eI_7(hX4B5w{R7dM3r_O zX-S9;Z$T;YRQaNT!Pk(R&qlP%miDlJv=G_3V+T?e>^eM5Kyp#BBNV{lHr<{*NP5Nx z+>M|pIprnNNEy${d-C|8ph5}*sJ8JSFtUJ;{iw&caN4dgcmu6m^|iIKiWcOz4vycU zlruPHy7#Ikm0UyxX-DK#x?vUa1}@{lC+%}{&TZ}%fFi3*p*O96Iar<#I0XI`pj%Is zoghqD{6HfQYc>2mjTRVwfGR6nh3N$YmB~IZzu^N_l_=z`zc-_7%?)r1JEx>%5!yNo z6?4^*?T~99?H0a;TLwOUCFC!E5-G@EaETtf`N*PF*3pO z*6&JvlQ-$zA9UKpAw)Mi`iibINy_TXuMmLkouG7tNf>z6RX^mHGcxNdIp z*;7&fW!lhUyK&`nZ#a(s{dM`zuh0MGKXdMI+Hj(6HSpO9*7k)_HGk%*>K;p;aTlJj zaen^FYhUmXd?0TFe}l{wB@%=1-+fJW@~ZcU?S81^R(AD9Q&vXSrSeSWf<7g$&n z@6|f=mf5`1v-UmB?f1=a|8ZiC|JjGG$vzHQV}-rxGu_geez zAMy0O_Nm`b9dHl`3351ih*MsX+fRt5QN`$zJ5GAr-pAD0?6-D{vf;879#LAA>D$!U zWv6az{_sgZpeu5sBbSW%VkjcZN)^cJQIIk zHTq^gBP2t6TSte|C4a$7R_*6aF;wIvI_-l3(%!J2&3qWPEv1!*cBTYqB{kRP#zReT z96UWI;5u~ux>2d|9?>-GPk9+x?(>2+WA$ov&AgifYLpZNWuIKxPryA>x^yb8`(d?` zg72nr#(_F-;ijW?CElJZw*{-_2e_$d=&^gwA)tvM-&;Nb<9dftO2?}=`u(BZvVG#`OSixr`jmqvaV5gh&g!+$bCzqP=C)ZgISV`8 z>3ifR2VH38)knMJmNOUw28Rw)l`YCgOom6-I;=h3y<{|stvjk0HBO0#pAP+nC*`@? z3*~|YEB9VOBL7O1GN$%ukT^C!v+oc|aoG<71GkyTP{(jwTjAb-+1aN|tD$^rP`r zD&2wIPi>n2H1QDoO~Oo@VE4zhrmEt1BP#v`-6MveK~C47b+sa8r@5uHU!% zTxP+333nDrqN8M-mmP9I=j=qVtdlSCnrDD|89q$rVlp6S8S{SYUSztN2hRKT&ZWdcx{) zoQ3;o$Gl2Y^F?GL=DZ&g;&Fw`RVOvC)CxCU!SMS-lgenm@5l9H<2=Rbh85OKjV_C^ z_pLb{xi@`&#IV`}lgHM3jPqEw*&dW_^1p(oEA)&)|BkS;2Zfo+K7W6>@^d~LDw^** zXSw7)x;bep`zGmO?{VfIXB19cD7>GtSRwaAlzJ|kxyxm2eWF1ZL}&iE^d52)n_(yTNB*!>>-Gd6FR6Z9l+l`NA7-gj97{$T2{oMYao%(S8&BeBhcE+&B{)92TQ(xi z-q(Nc5hZ&G|7r6qzmIOmPKJkdB%ZI+J1^}gb~*QJ{v7f3@(r)gS@DjAce=`uj81r= zOvNVUN}}OUvfd=diOnDH+Oa9e`*Cr>C$W=d zPdb$g{2U4^u9R^4G(=sJS?X~v8nEH?z7()@;aN_MtFi^HABhDqG7O2HvNraZ)ZUrS02zx}ArL9U7FiIQSu~MBAY~`g#>wY!n)(mPGg> zRq1JIU!F@r1A*AnK7rD~nXxNI%5SO3wXS;>Jn1o88$WZqnva%|j4k`?wby;yl-q7p zXa8A`9La4SdZNUMgTvyMu9cyi17F#bzz?7)Ac=yULrh&m14hPs^f9nt*}Quu`W&Iv zpzYco3>(4x9C_;!)>8$LqCd@2J5 zSV(Ze;K=X|^a?KHzRgOsoO20kBBAde^B9yM1g_$9v0jgwRY}m*k z4wWk{Ej(ep?ZPKx1kKtGOvD}aYMZQKFqI-Xz~tYPNx80Ew^lGC{l zrZo&6QsN8r($!T|AQ=KOSVtl6;yUA>yJTMym9oCDU@aipj1@V%>xE{LRxKAIfhyl? zc3P6=UGhgOrBJLMM@+Pblf;z=#4}HP{jBWk^K$}=UT542?+=+3co+N# zblO4A*4EJb$TkQ0FA!^B*zi95)pG50^5r{>zraY|xRHtd$8j%EXCmkK+#x!TkmK*C z{%Eqr538KwkXZb(MQ`UVCX zK5du8w1B67)+*H!^{46_=Kr|9a~OK3GGu1nU9zN~GWMmaV%&(;n^(p2&4tt5lw@*G zo>y|o*4abx^zI!}ZEU)VBja|^#z63j5A;I#i{l7Ji;aDwm5MizeG}JJ5$byq~)QnJ8~ zY8vWKA?l6@o)n3%*f#*_mKl?bzdD;tX79gRvNzZJV-{##66NZ3x>tCQ1OS9shmrU?eE@O~DfyV~Srlo~4$ zwV34)PVMO8l3`FZ_u?MQBjp3HZEpl5oEw6#E%)lzeeg+0NGOl*RnUI6%jsI?1CH0F z7leB&7E`c9Q?ZXrx$LsOPA6QdFHgCvZFjLCP@wEEJZ{SIXuIO!9nYXlQ&EV~8!v4eJEG3L`{thsftYg>OG7p8-*ef1>&FfU zN^5lSU13)`t%`eG#M=~Eh8>L=6)$+YPJM1b{a&l2;1{}Da3=iD8>equQ+^$B*9{)8@^%Y! z8{0JcJYD-}?nz<_f1W-E&0C&uv=dg*%PIWFJohjSd|FZkcn~OG?=c4cIGS?7_xo@@hf<~DF zs~6F8Z(F+yuI=t_d(C2{N}=tCKOZSO*ozB0LkYQO*vl8eG&j_oY|+WM9RFZgBz^eL zwI?#&rPiOgjMcW2W!`Vt8t}FPsSNNB4?p-2(`myHpy1fpaCTrrEnoZ+Ecs+w+YQ+D zkrSNQbc_6!`xlNTNV`#AdjtT(B3(lXt&P9bI3JJ_KT~ znYY%@kdrww0?j(`)k#QbF{45u^Xfcp7d+Bq|ftnDG5y%CxZSsO6Z2|htOwTO?zc8 z_mLx{bY}cWYN6Ja_vyZ=jHoC~*Y|Z*qr}w6i2sv?1zTo|mUtGNOF^;;>4Vno@xwsp zB2Rn!rmH#Fzb)q{G*r+XV^g#BQjA05y@|~FvnCILa0b+pQ02^!P(f_AgWm?FFpdp6 z1cyfhS-*L~HJpH|>&+ z0G>BR*gUnO2jK@Y&r?4(N1)SZXFrkL3~!y1pl` zfArTMpyb$c6#-IsTtn9{0AIDP6UF8Bes1P1n>FtJerqU>)C}oYr*tx1wO$MlEP2bQ zt@LQpnOGQMD;<%4?D(fo1(HiiUL9`F99;1{frzG>enx z5&h*6vjR-4ClrFW%X&z>4DVmiIKT`fiE63WXy?fHFOTP6%P!bQ+jd*$waGt29m{_Y zP!-VOAdxjOfg@9H$8w~(K26vhWbZ?(jrn<3;m7D_v3l$;9ujd44v7*=I-%9yFiTft z~BN7R{=_C$Q&)w-gk3-iS7})iE$3Q$oXY_h;iVzX!T-8{!Fzr zf!XM6Y_V|evE$W}j0>tE#I6#ntQt-Z@&mN;q+#lI%D(+L_}7OzhU3R~icuVRpfEFa z@(ih)m2rBj$IkAzz0Fs)v(_YBou|5N39ro;MWtmkB`YOktLXBLZBOiL=AJ}s40)5f zSmEPi(wZ81Q263q7s-LTMIDYv1t00S9VzR6o=axtYylot&|Kl(hK;d{z?{Q+n?gsNIIt&{fOvx z6Phf4Ibze1^~{}n^Y-P6vf4wonUs4&=ii4Dv?-E+r`&W?@%>df@>9|-05WO?Eld~>VdPRxqf%r+FTHRR7-!!=2SJx8vxXW4-u%ue-qz?H`j;hHAm3&zZ2LMO}z4P!X~+*pDOMQ2^OH6385gMpO>O zZZX_HX}I@APn*ThIfX=hnw{Gm027}*Yb4MnyeE7kzhcNA0cX8G1a!uq#jU;#+CE8%?{XQq&!o z%9<~JF~7ZG*MLr1Eqyx<^U!~RX|AC==?0Sl-Vqf#s@cSP8s*T!Yc`>PF`Iu&yvN(% zHP_S7G{Cm(O;FJ#c9{3!1{6CT9}LappUV9_Ty-9xm+Z1dwJ1R^Ra>fNAp#raHU*M6reX}-J+%^`Jl(EiEQOVy3eZpN%wOzIChzOC>&^tQ9512MzXw?Zvc5IYLXW zke!*{^Fj0oR>E})1b*mW4y%Ok5^Il)_$VG~TVBCM`d=VvaPeVZUpW7Nd`)ke4Z#1; zaS?JT*x1qTB2@&gHJz~ZSFa*wqp>L!=0NQCeVPxM7vTvn8xN8ii&%3l6+-de@lG|!Wx8_?AUTrUA=CX*TijXPzG@=_H2@` zh6Id~9muR7^&R;WlrXa!>$VsRW%8?pNRU{z1Y}oU%fqkPEf2FjQcqy%tq}5~4koB_ z(^d$vnV4#5KI%)I?$S+3~>^sfwM;}h+OL{}ds81o93lb?Po52%lrN$gnZfeJ< zF1~))`txT^YdGXI9itZ!z$Vs-4K5M!jPPnoc8J~~+QIFC3urkM-Z>dW*(UEo4294* zbv)U6DKSmoq6w455hp93zatSpWo?loZsc8{cfZ#2yU zl_V+IzI?+CrUYIiBcxhxo3CTjGxp@b+MbDBJfZ*JzUB7!Ycb=;Vb|fW#kM-$33&%% zs1%ThQoKA?+6I32l}he;A2UQd)(w5sf@76tF2H>k-F+ z5YIzq5gu

      X(f_z-bom6Su4vxBg&dZH=ca{q<`EOu!=n=jp&Mv5sRdJJfv^|63{0 zf0bxIAPzmId&8%5mb&%nuib1Putg@aPjY@DiewzYSZ9-SBs>sC0c;7|Q_*crp?fUH zLI1yExz=mY{|^@IU;objN>Gub@pIXsv~#zN4kIk+Mn1Nz4!da4hQEhYA?f@ClnT@o zy@kGun>-C5Lp4pG2|u#BEI=QqNm1^xuB6euz~l3m9|ZCFUU%qHZ8L}5f6~W5w!jxn z<+rC)4gjEf@_CMj{*}GuD&+dwznW<>z;RO6DYu6A+3@-PSD{PERE?ZCb%4UmBW(P! z^$v#s=@T5b;T8pAGjb^HaawZJT7{(v(h>hz!yul1LztS|V%y^jy!|TVk*c4>j%}tP zZ{71HZ-&Gf`_lTZ*|o+0n!KsNvHS1_ivzTU!Y}D%9Up~lfR151wmICGvGIn%dwrEM z5_vAp&g6})w9+@?fK`MO`>DSctB?ajoLNx8byx?G*z8RQMP|8R_hDe)n3)MEQU#vRiu!=n8Dy<-W;NovCI&#fm!Og{!?Hi?-ac_pIJ4&UWsDm-s&rT}~*Qe)y1EM;KP6Ap5L<&gnT@pa*K1($b7KI%qxK?U~fEsQoY z7LKeI)teEVXIZ2n^Wpd+t(3!$oc4>_xy@kc!_3mP0?(&Prc^*;Cyjn1;234XUs@1tY2I`DhUaeSvvYgMq>MdUZ=M2v5e~K z?A&~!VaSo>Dh*ugXJdv{xjO2!0_ z6e{yb6SIe#G7bJ-(n!_e+9ulyAy~%Zt5q^DLc?uCBs2?r;n3-Tqo&dH|E@=L)|p6IXu~+3oR%9*tiw!~RjRrxF-u zZj3Sq`!1gA-VjkgU>S8)H_R+j)q0ChiHUQU(RQp_M8gtZj=s zaZ?J}1Eg&H(K)vgqt1DJwxt?hjQETQr z^N2HmpkwHO9Er(i!1b@?y%vxa3?@L7vG`0x?Gh8G#)!_DY^fWHQ;GU4so#0;$0HD; zB2h&6ohBFAij;#3y{pgLj^)S4GNpb|$Kl8Y&r=Y}kVGRUcI=s2WWk_#@QTXICrepW zmbzgzzgRZi+CHgCcjn@=D>cE9JYPx2zJgkqxberqf&#~-t~gch%Nrz0 zEv!SITYgfLPWZi3RX1$t@!2}L;|+Y-4u>ng?z8`T;dtm+%JyD+wujo>etm->LN626 z&N>WJ*3jgcE;dQ25yV@}%k-t%U(t~9nw@Ql#hz(^Cs6i`)7BD*4pw^H&9IygZ_}rCcIb_Au}^m8GqAj|}>%F&q4!{?O7cm7L<*lEfI&k;u*{sw=#aH}?I10NCI>nE(I) literal 0 HcmV?d00001 diff --git a/coreupdate/img/coreupdate-group-default.png b/coreupdate/img/coreupdate-group-default.png new file mode 100644 index 0000000000000000000000000000000000000000..8c998f12b5078435f02db4fb519ac82c4040a7a8 GIT binary patch literal 14193 zcmXwA1z1$y(_TWlyG!X7B&16aDUohOx|R@-?)(9YfJ!$A(y(+asURhiOLuqYcQ5|G zeI8@u?wvC;XXbt1IUA*+rihD0g$02?a9=9PYeFE%ZNUFKG0=d&W2`>-0so-7$-dOW z03N;=?;?Tcm{28sHwXlq2>gTeXV(7)c#+0kLC^h-vz5E2xvM2a=AH9fONJM=u9lw8 zuJ&#Wa&Lq-nydZ;K1T|EPR`ZR+}+mMi9yTO(Gnua%P+vo|Ewfb;THtL0C_1dqve&h zJNx0I(dq}DgZ1k{(OC(J+;1blZEF4-#v`fYtB!=L68s0O>PSiKi zf2vuxrL)u}tbG{U@8V1B>r8_nMaSVuNW`6#MwMmAeuNqS1UuVLp`RPPt3?Ap+WS7mGRtMR0o8U z9+PRc#zg{;q8C2uEg|=3&H-V`wxvZetRMel=1Y79cXhzvE$4uATo)vI>hV%Lmpqzp z7oAfq8s=mI9y$Cu5O!3Y*}zS`3R*E=qeNd~7d@G{RTS+j>4*1Y@*!RCaHyVC=?s>x zjBEbjX39qGc~XIOkN@xTT!@VdA`O1oGULp54YuFo3Fg?>RqUQ{!$WxAOjoIf z!KUTvKl>FM-rFrILsyc5aQX5kZnjSqFM5lg=zqE|oPJCQK4QydA!Ry0#|pcMnOmB| zQj0q3Uhg*<+Do&e_rc6rh(5aR2*o}IS6E!ylm*kln626U-@d_nP40 zYr-Qh2J@Nb%4vd6wFcdJN!SENvu{wmNG9D{pP0^K7GU}s&N^s+#9A0ZFpKMID*AfAq?NAnnG zFXfH3X7GPM=LIh}HZZ|Jdtri^ES-RzG-I6yi7|}?(b<4q}97iokT*~xz%NP8%5o(%sb%jNmEC-Bmv29N;FA6J`5O*Hk z{vjFA30gWGkrrNF^?ZImR2)j5p>FR<$m6~m;|Mc5uho=h$_S*3$yOUxR?GuUA{ZQ>wMdjSF|OJ44WMjQPhnQPwkEOy_S?g(mXlp@N?uv9WE8JD7gz z>1V+0i09uVe}^laU3~OvrY~kr#^N1HB)FhRj+ntOVT4vm<5{HW7PD<+W7O1rGf#a< z4Qau5ZMZP+@e|KDN#=NUG4XVQEVWAOW@_f&E|LrmzXF$Fp`O@WESON|%B;u1+*dGT zS4z;0Jw18&khm751pK)|RwXpSF)#1UzC{{tj(=h$25mDY8k2?ElGgJj$VA-)eF`;8 z_6Du7@f{ON5H7Z@tHI*xL`TY(?~cOFHWaviNGg$%mIH$pQdwRaobt5e;&u~L=f8^I zmuLq0R30o*xuC30rb8@UTAF(^GJctY)w7{0&LSv(9skSSz{aBgD4%ud%8)&$;Yf;{ z^E;m@HR9|kZf`Gr^r zM_ZyyrUx}_GwaMSbh2j!w0<@G`vNl@rUFf5SxBR%<<$pHA?z=dG+cU@%>S;lN-{;- zT$@w&!~rtRFEbPW2SmsJVa-3j`=;*NJgv~(d0!`7_Q4^P<2b1e9lH(uQo$Z%&fi%) zPA4I4@nI$#UTh{8WVa(>Zn-88Zj60KxFHH;RMujLt7_ikwz>od+gFNa#&QfB5zA; ztK`mH3$@SL4t%QG`c)i09^MkC=_MAO*8)=W#ZnCUDP?+k`o#*XRFt~k)*BJ`jbR)5 zZ(wFJMfonvnQfsIYX|3+v^SC)wxA^G{wAfz(G6vNv)qaAe}HncV=Wazfb2Q@p1k$` zcK=J71qE6t!ADJ#zt&z8FPw>FK@VHVd?w{rJuZ3 zyRy|~mnQXap#JqU(m?V=^J>>QAO-~;&usHgzFxBzzgnhbtRn(8=3eTE`1$VX-8MEk zkJ$uhVk&y)dKWy!Bkd_aKD6>-RT-!_mw;65yVI33@OG%Db!bd#cd_ z)#D*uNQS_%i%iBMJxg=bcxtd2@6IhEdiK2!6oF}w4 zVMX7G#4(qgg;KkdxeW>8dn-M54SpCk5WRo@-fO$G4tjTUSv-M{gR`(RRejOT>mSs1 z)87_aw!N{jA+4^CZ{oel?7K`oA84C$cPWd}^_Jgv+i<>PZ6NiN(vy$3>>{aT8B1+WLW^eP~% zYH96pv|`03<=fAf4n^FJdoAK6!a=V*nD4XSLLMcLoGR?xGng(WHvu@#Y_TKEYblEL zpx^Y4=zP|b9;dVY(__UOb^>6VwUf79C_Jp`ct|RqHPe?!>hhQR@c4K*94_N9Sz&JU zKQ~JuDYC!&LF3MDuH+}b3vqz|AmL6`5wlY%D;K@S&Cldr=aRhx9QCz zr{=>KHMO;2)0|oh_XKqQ7v|zu8@XSfzvr0qzjjQM^rMQ6jfD_2FvNqK7K>U>FYeJO z?BlQnfo!O&j`n46naLdkgm8?1@sZi8pO~#)a@atsa4wK)EiElxN55FJ6Fb7N$%iK= zBaNFpvYVQy9UUFD_nGtMIg*Zq%WUlJJ8Nu5p?fo;ZGIi82Mqb4<`j3exVX4qpITyt zM?}cIVHivk4Jpj<#^P;0K*pmH33PuRdv@m0wd`_odK$Z09t_yE5uI4;#^;XWG9ca4 zH|B3HnV=A1s-924g;h%M*>bQGh^))Sfw`cdpjm%1x7T7AIRtWgdTQh7*!@kwy25Q; zZN~3>R(n4`5$kq7bXf#SgDxBSv(gIYcs;K;a3}HM=!xX@)KCtvpWW7e!{zWLLf>zX zFCO;N_re?zS+>*Ncaz}O&=pTAzc;w-c6J#Ev^A_qT3#{G+ARy3`WiC@U8gGL1zV5|GlO7^-lH1{(f&bE;SU$nTQVCLl$yncAFHk>9UKH z%~6qnJ8?nPPHkP|)l72cty^+aUqYYrz3wW@{)0~XI|5x(zh{tz&BDxZOa0tyIM|xX zpm!XCkKQ>FhZj6H@8V1AU#WY_BY3QX1#k3p)#kXboGUC&2qEsP;%Yvdwg(n%KT*~V zBsbY}Cxj4KaxEsxj47z7WSKr;7*oHaKx=Gltgszr`C-~d2ZZ-x&$BHiC1y z1_lNdF3T^J*t55v)AUmAn}YD?brfL9mBriYDXx^1lnOI=aFqWK0>X4pEhL}5Bdq7yO5B+QW-4IQ1|dXR?8w6%HVBAS#FxE%RwK@={v zkhF4Cyx)!mWG2i8PP@R>-|<7gy25IJs`>T|0rVEst?li@pO51gwoUIF12WD7lu`=9 z3|R9LnGIP3Rvy#CL+~Xr5U`P{si-fe{*(bHiUFZRetT{}i`oHUOwOyfy>YaYRhBWP zS=1C1(#FQ=_s{tFAP}W|O|Q-TFE^E?pQ8z&SsyE_hC{=@T4}X(y(+0az0s+U(s=vy zovHXiJ4*feoX=}r-H7DmscfdR10eN-#F6$;_?UBuR_bD{+{Ex-LZ*ZmCOVW3}$ z-(4(&wgc%tJU18D;I*L-u-PavCBTRRpI0F=v%v2y=My)HMuh=5u;e>v!R zFf519n51mJ_4m8~qf0nCy}X=U=hu5RundVSvpdW-j`3cco}cH|){(ujKzSP!Nhc9wrJWLcR)F@;;9^jCgzQ|UUTa8+|Zop`)(hxdZiUm@$WtSS`A z3%CVP@a($Xa%2yI-K0E6EX$BOfD9qyH8DE#uhhd4upZ?4Fpq$V^!dykXC$0k4P_Xg z34oULbY#m#RJ`BTdGh%s1|t-xG2qP)y=LyI9oU&cIQ8M!YNIg@D82#Zp)i<`ps=v| zf%t0V_$jg4bFK8r0QBP8U}WP< z31r>Ks>5`REm$%EI3TDh$3=D=|6x0^8KzoJJ4$`~96({iBtN1a%ZlM(Ltx7c_D#7% zRdL@;<5%h8r@sz3YtfG2QCiZkA58!|bi1qx4}dLPltC|mo$20S=j7Bw>p4T{t zL{5(@d~MB2iQPPIj5XiGdRFmEWQVRkDSZ!?|%6UtcWZxdf8&79TBVvs9%irp{iP>3&!M zf=aF;I9OOs&zKRox2DvCf1IFD0F~F} zP!`aH8p}EbRl$m@^n?fi9_^)dbI*hHzt6lC3QBW?epKKv%Y&fquGtsLn2YwM7Tb{@Sq5gTYl=X5E^Tf^T{7dd(JjpWTdssI_%RBf06!SbyqxXl0NA>@ zJO*n!B&=;VV7GRn!g*d2*lZ`j&Tng*FW-9}7t+}H+{o{A?6VnzwALP%pE~5{Gz-pv zv}}B5Up~PMwOTSYtw%H6Mn25*D*Lj$kezH`9%*1<&aDZYgh~QOCIrtX}dS)X45+ExO%$iK@o?G?( zpv@H)mS)M6-OY&7ZKQ9wIF1cpCGT!PSpT=h$_P5%<*DbM(GR^!!s*eaJA*#ID5P%HZ zo7U;*k)UH>yq?DQ6+O95-qohdJqA$%%VX71==E-$oN|;FM;OAnjTR`uLlWmSadZ;V zKpg<8K@z9#(pswX3jm)BIn6|VI9^)}r*`_f(aVeBA>zf|*b%TuPeM>ZL#^L0ZzN!b zMGSL|CT||Qit7H%m}AJqk~%o3wlmW}On=di&Icf<==C!IxnHhlg3*-|%LEC&@t{-F zE^K%k=o#;xQnt-zH#AT}hNq{aulL&mkTamDec@*1oN$>zA;M92puuWdoxSaFUL3{3 zUJAa?X!iE@9-f_zHR91dodFOcP_na1OLvLH9|~ueUOki%2zg%ON6nnvT#Fof+ZAP5 zsJURd*cDeqD4n8_Th@ASj`0&={fG#3b-eFdSPe#as;a8~h+yHhP9K2mNx>|D;?h`_ z3phNm>1u=z2S{>=bU=XA*4Ea|M0e)sP4k#t?b@YtCQDl6l`VC3_=a-VrWVQgb(cQka^u@6!M6&93E zKIqZPOJD!Ea5HCM^#H2|D(4nB9=rwt8Cv)is z=PJg(MZg?CtpofaO~eIEy$RC*i9}5RIA9NEO6|vAi+JwQ09b?{NX|4dPdw+AQ!>Z` z0Q14uomwxg0BA!4G+;PD+T^N_!9HoTbICc#!7X+iA%g)SDp-a|T}ZUaUWj$Zwy$g- z8&_N5Ci9xc-QD>Eas;qk9DIC~$hibjfX>L#UlCAIQv>AhppUbB;o@*vufhxoC`4pD zMv?dd7o8wx1`32(3Jb*S@@N$VbO6=>t55(;+FH~;jPnsH1b+f)9oqXW1x-@@4NE&0uVZ4yu>A=V7H(&+Sn0V@SnCw zscbkY0ld%I{5CE1>#VyGyMj7wt72J%PnG!4i^ka4*k7t#x0F=2-Gzom)D?BKP(31% zXv%@CyzTCJN^0uixS=!SCndAF<`2LXam%5y&J~#xRa`*Y0>#q;p!&d?I{{+BdpQKw zuM;2h&?d}l?B(bqJ2Ri3$W$f>8jAk+f;)P&MU0fAIUhkrj$DDo9i950=stk%yMiBK1EHOsp3X`< z;)H?h3q-m7RUcJY%u`qZLewjH#?O`yJRKPxhCseb`aP%nutF#$A}lPt42U5$ZC@P$ z*#=Y>fOZXVO@`1wOZ}Z|P(-8h>}ITahYbDodOtpgc254T{8C|xU`HpA^*pB@K)5M! zmeu-sqqcv?#xAob9_Pz5eL673W|S>Q@)T=dxG_UB1&j0{k@hOBKE{jsbzxs(=k28> z0;3Id9%EFG27MqGtp?LJ>z;yDVdP1^tPjOw8rPPy*@d>;%~f@_P_w$-Y!wW&EShJS zbxlQ1r(0vhw-{gt*WwIVlGFNGT8i~Um!6Vv2c74ZK^O&FI_hN|4nIH&m3EpSZ@g`-FBawX2I9K z^^El-rC#Xom~U>`-5F=1OEFFrACz5HI^_Ig>cE=}5^3ApXL?9vfzny)b$o}}7aq0Z zXb;AA9fbLM4+O3p4Y|rX#o*n%9;NA)Mz5LYg;#1`{1h~@_4R? zBWDp!Fr_bO^G3qY!g+%$k{bdVk=N1?tdB*u%AHCGM$ov(9u3Jjj>ux|g@t#K9XTTB z)B%6>9T7AF5Kx~Tk?-Gs7BnqaA$F!BqZ^cr&I{3XvR;UD0wd%eb@{T+>s*NRQ0-*Z zX~?M8rh`aS6aX3(`gR z|0uS@;E`Yo=|(6|3Au0Qd?HMuiv|~DBOWFP)vzViW0Ku{{P@N3SMUn?+T#2TgKVs{ z`3YIxIt3TU$B*S5eFi|+62=DCH7MjuM0J+upcI=p#w^)Aehg_x;)H|O3AQ$KM<4SR zXY67P9%v8S-&QDR68jFl#^ShFczB;m7K1HcdAorlQ>KK>Rbhjq#l|P57@q(SuF!4G z$Ok}U&d)L&UrM}r9|EPk^`8hp5N{=C7xswe!kx#SQwF<3g3_n$<{KwtTNE<$NPxy- z{&y^!|5MQ|JGh`oCJYQfidNifUSplWY9dA-Ee!;cfTLPpVHXIS{k}>5`I85SHkg(D zNYvmAGh=)72#H<3A+9%2`%Mq2cP8ZAWsc9fI+Me3(rwKV$oYjIEd=d%jNTx)rw z|Ap!q=|%Kpv}(4u>?v}^-k=(1=v;Jc2jk^8doHwxMDoHCI=OO2ZPR_W>z57L=zcZE z!-D#61i;yLwEawg1l{aB&yG<~@msf3ZRo;*h``yy`y*b2L9^4rqkS*Pf=}(zo04Rq zjuIW9>*aGoC9-Rvz%=g1$N zF$XSa4;Y_{zIONJYyX+@Ygx}W(q|s~Ix&BDkRJHVp%w;QIxGmAxpK^})7huUJEY3f zV&P$|^6EP*c1pIeu~1HzgT_peBsd8Ys{5wQJOr3v4Qk>+)UiducU8^s%zB^eW1VYvdo(0frAEG{Gdt3M6c8F?~tyLc?aJz&@^)+7{CB+Xi~gh<0>WFR>s6wRG8{RkbQy4p~4ibkp4wT z?(jLR$d9LZRvHrMD%|jMUneNqk0@wD`MWP9Bh3+CnH_*50GDL^rV@v+h6EPz9RZ^W zCHC86w+5q)8$GTy`Vx0~&=pv0(^d5=Em-7RBdogk@HyDe&)n4jx1|848psRbLm&_a zbVwP1as%3bB%shR0K{*emjyPRFs(fn6kTNNm=UIQ&paHd`@X-=PBW;iO$DYB0(D!+ zV`mmrMFHf_*pl*ADpvK3E`T14%+293h6Wg61Obfw2~kvn^|;`GbL_)lR#Q{yFQv@$Qq)k>PGmXwkd#!`Bm82WW|M@86a{155dnT$xGbW+QLd2 zjHeX?)hdv7fa;F}BD}!1f(siMwnzgK6Tm`TKtX-a5g`QN;*pV&Ab`-&0xy|vNJSHX z1ZRCP9c3YWb9{U}flm!AQ~5N#GJU^u27gP77)V;j<{cUQEN|58OP|s>p015-uzj}M z$lnT(5S&g7ZPyS$rD$)5JQowYePq?y*_nMDPcIb*xaTrvWiUe`CN2)|{tjSoJwpL^ zZUA8_%hP5|9au`SFN1@FiH%`KU;=a53($IwBw1@~R*3KoFsMvk1kZ*Py+~eecXv>F zEe_2Zzu62oZaLt7(QM%Kj$WkoZ6yU@g39QB;!XfUMj%`!j6E;+-+Ovm0D*waBu4Trp=y zw7Uew5pgyz=5@e8#-#_+fMsAy!qYwHqCDsQgaylRAY~0}RDgm5=m7#%u3~^x42~fU z>zr`4llse4P$!SUhM@KM_1PnD}r5Q#*j9508u>u`{csKYzr| z?0`5cHw0KG@GQ(h2)n%$3q5|`_jq7qcUQsGH1pmB(6Sa5%r^Rc!WS3Kad2_X0rC%! zWagolfN>|+D%r3_EI5G?&(fAgj&GB5(le)S&fUML&R(G6HRFH13)*+KKOYZBD&yli zH8nL^g@x#VV4i)9+bR9(753HD6*%()Nc!-heR&HRu;*=@ofU!U+`Ye>o4|OfVFYkz zh_pBzKCSu_BCq-Dxd@=kKXYh={Ofg^-kO(E zEl7m^Z;F5JPm@ir*6aPMpU)8#uN)nerJ|x@xgu27!h+$nfSZcE@J}*n$F+dzUeaO+ zGS=mbMOQ!4ApeD5{OdtrC-Ij`e3_Y(+-fG=wH5ZZ0*h7yy02mT4pr-Qmk#Mabi2Xi z1s|u@)k$XSdd=HOmSF2YSk6&{`ncFy=KIZIr25gkt40wjIr>|$U*x<#K)AN-h1$8i zA$h;G*7gQ+A{!s-sYuxP2fI7$k$zb2-PGrziMo{I5Xw9^Aufc>)3RKC^DIfa7ET&) zy{b%bm*%-`j%f9tY$mzoCcaMDNIAY3XV*cqsN%M} zQeuH^KDJW+E$cX%qS)cU85L$h_AJbxyTquBY_7BPy1$Wt z6^R?V@!|}xA~Q(f|4C)N!D8_o_}-gi`-sDX_&Ru1x{JT&!wSD4bHHdZE>iX7t==pS zU6zss#>hbr{p4%m#9w~fqYo|HtG7Lp`&=YYLx^uejBMi=xjZ#ncsLMny<0DyyZhhH zcM^zo=){8{sNZ~Qy(d@|9X272!4oQTPEGlo6Uv~>i24Qb$l@&ubRSA)`eBP(FHTnW zOKytDi~)VGx`|YDp(jmS(RM^N+104duWLm7+2ZH>bM9t0tD-d@iHQ$*0XMm7X`4eP zf2$wv!j2j|i=JaACZFxGy{3gp@+Hh36W+0p$wME?+mh)d8U5Heq$qydGV`Yg$sbYb z%`{v^b`fQGO?tv{7=$RiOUg++60Tw!S(?Xdxl|c&OG|e(;_R{|%i{h+%5t%;7oCqU z*vA8R?Evu^MQL@1Py!vutdXSOh|-*7f}K;`{v#ho-SQ=lqG$>D7tH{U2-Z4!#iwKv z)w&Rh-(QFG+Q&u<7g8wSm`!8Ba)%TDQ;_t2TCnW7f3|!%Tc~)#<(y8@zV`-2WaM*? zJ-UxvuOPby`DoU!>5`RjmXE{CIF36U+kocM3k0C*Oew|JG3w4I@m;6ASZ>YGY#%&t%vY@z3~woh?niWK8_{# zj}!q?Q-3>h82z5iQ6_uzb>=IoZXgpMiYxW z&GzAoU>4Y}yh|DXIYdK8*W>JeObtxh?r(v~-?J-ma1;EJ{odiG{NY@4(sLc58M|c*5eFiuN)-*hRrR~NH*tmN?F@I zMH9<$dtUZxM@lR*s3xkX@sFAD56{W2IE&kh&Qz?>}D=2D)nv*N0N~ zx3s@Ale?PyD4$qRsTu!V2Yj5C>iRqqR9#3N+UcFTG-bRVjpb2uSSB* z`)soLpY^cU{O!$p88k}%=i=t7;bK&5E$K!L5YlwYO=5vL@Iu3SMrX_UTnsp6wFW6> z3Rg32RLQRW>&bKqh_YM-jeaf6RjQ&`$p0-(3nEjtK@GXz<$$%0Th{1{mv^tr%z1!G zC#!$`qj-tR(S1)CE$QV-3X6-mNKC6%S;4y3u^xRRdbM6#9_hr8W3Xm>$^J>Agy|P# z%F&*`d2#f9R*&vhKP7oB6nyi79dnu77?VTJg`X!@jwJlIsF%F}t%D$PzmlzOvsrQmJU#Y22&6l2^ zt=USEgQ? z9;&=S}2S1Mut z=`GO~HbGpsp*rzy#ac|6ky2QL-m`N-V_H^)_)^0@$DS>wq)?sR$26Y=rxez0B_Sue zKdsi~hgjI*Z1X^w5RPy*<^5302$ z#v+;_yu+Tvj>YsKloBSBW&E?nIAl}F2SAes@L^FjfR&j8%w_1Hf{nZ9%I*VWT9 zc@+q!$Vf|LwF%@@=!Z!=CM_hqcuRQm6PWR5yI;SBe3WHKum0FK6}d^IdWz->LqWVQ zirM@+PEhV;s)&S(NqZU;23_3|8IP~NrTo!shh?yZD>$}UzgNuu(*RG1cB9nG5qc#z z?)tHBnmI`9V!rcw?j!Q|v{+}!YI?xyox)P?&-~9WwY_%YK2ZFg{B-{em~NZ+9xAN3 ziq3pkPX~m3ng6#LQyT$&#LE=Z{zWWPg`r?GG6Q>Ue_~B1*nX%c$upW-eL}@K)bfiz zjOCGcMAf8UF}|BYg4c>)%)x;=Y)O_QLaODKs%=Z`>oarF;uY4P--N7w+sNC?*_Vv2fD!AUQY;n2d_uKUs*M81SewAUlZnS$|h5yL!G_=X2m>O7_Ys zxm?Ky$9QQ*nk-^4|KQvCK+kOdGz8M?^T)E}ys^yUaH$(Sao6nSGByPAnG~EGBZK}1 zjLedkQO_mNj924}65hHj`Xo6gu;IbG1%mDODd~LnjsJ$fGYZK~q~=2rWIwp*38}x9 z5P;s}>SpIQ;7N3f`ffDp--+HI&#ii$bl|0Jy<#jQ7i#UF!gKm6_UyzYk+{XSxv`Df zv(?&wZBiL&Mz9?7{;0>6X8+~m0&D=%n9R+`b_;A}V+Pgp9O$+^4;A|YlVxA9HdJ4p z*2ldVj`n~A+KN&1HKw|HRV9Zk{=h}(*hJcYO&C7Ny!IX*C+HQkjyNz{|9~OyobNz^ z2B1>moO$qs^@zM%9T(n8GsjDjufa49Y}6^VC=S%(cOsdrYF)uM{mO4vN9>rUufQ~{RRr`7iIx!=xDH&gLfgh z{wtZGb9&zNu|Q$G^F?8w#tM%St()DDSNzX5<8)F-65CTA4P@hrlc|*S;vQ3FXYn~I z)0nncGol6t`0qX$JheVdY9coq=&(|GnaIBPz85RrisNr0Dvf^RMAMW zyS)hVblnzQo-C3?$K1LSY$^Yh_)6Ei=9re%qUMTo9LZC4!(lD*7#auh#99L3Cu?=j zq_KiR*3mxo=>yg3@!LkAb+8BMR6vGP`xYN_K0nAE`awCm{#zeUQxtvRB`x*b9$Ytb zI)b&W0!vrDyw|Kp)~)JFe34DRAFk2Efw%`@o4e?=9{|bymI87uy{SVBWI_$_Z={qt z;mR@?LE&DsG>YaTUxJ)$489f2Z8X#=6s|}q!3hIj-|&5zG=62h(8(!wK;NX6?Wio? zER7@WXB45?4tERDfDko?fB!|HW~v1LrTd{}A+^$>X1w=seqaCj+7RU^^V>@yEJdW` zQoh96td}k$aB`^dN~FLAa9VhT^ruYLtL!ul%gJ4(qEQ?SrM%J_F-Z@;&!yAF8r*}$ zzN?-LpM!{PsO$gckz63q%X$y@%x})#(Hl^|Wp1Nq3=Acl>kuK^SSN*Y7E$)YrS2xQ z^`2I{7-i~z1`O;N<~Sz-19K}mnjgyYOo_dO+>jKqsN+Z6i1ca-LV}|jvd1PJxpWH6 zpCAt)mn^$^+kdD;W;^;VfVXy8Xr} zZRs=Yl*5%wqxiV*V}&n4jCd>gCsaP2Q1MTsoSi|p!}^$Sk}IpY5+g&BY|AG|XrN@U zsMXzvktPoHg)=9Gwc7FJc{)G()|0<#H^s+-f{d@}M;ZEe18^8Drj=G5xE!3@=Y4&d z$9Z{->xJkN_;HUBIl^sV*E-Ahl z+4~oP;Qfmv4tS7gJBF@5YfR5`6e({TT>t8IvJ5HYpgl@8Vp0KN*i{ z#-lr>ghY(zT}#z_9gSk-0Flqo)v+5K!E!6PKDYL*X6fES*Pl;q04RB zcbo6l8=#KbI78xWOEZB>krKCP#M0J8ofQg6?At%k5vtR{g!iQjh>JG*aW*-52$ZGH zijTxU{G8(Pv*54nVbZ_>f@w09rs2H>W_^7GZhzkLaAfT-{eK7X`;A=QI8!Pk@pGf8 zD&-9rtqh}4`s;5x<&!IBb`m@&^%h)Gd2qzvQjt#_Y#W+#MiZYZRVMp>we9aNE&RC+ zBEU*g430{0*7$=5pLx)pm)R&RV>p{IXCWjXD_t+$6b_>>cJ>&uv{qFGa-=dqYPz9` zF+@%b0e*rZx5Xz&OUe1gbcHPGjeCzYo7+X}lp}IVEc;5BzE+{h8`%@;ChQRnGdx zBl7QI>LfqW7ks7oGz>6#Ud|aEfM>Mim!&UaW`mb|Nb){LZlkFnLRak+tnkI&2=gda|jk|cr($l}MYG)2~dc*cnQBR=W@7u_8rq6oz z6m?4erv|4$5w2lU+wk3?vApnlCkFd(&?D`sqYr;^f8Wz@%`nYsK|YZIKYN3`R8W&I IlQj$eKlSYY*Z=?k literal 0 HcmV?d00001 diff --git a/coreupdate/img/coreupdate-group.png b/coreupdate/img/coreupdate-group.png new file mode 100644 index 0000000000000000000000000000000000000000..6fc0cfd4083ecc2dfa993fed9f68e3a134b7f5d7 GIT binary patch literal 55012 zcmZsC2Urtnx4*mVD%hz?mrz1gdM}CzB{TyBNNCbaC{iLIZBqfPujw+2o!`an&6 z9(dVX`#5{J-!^h~vp*+sSNg8Fbi2ItJK#F|*>yt?2OnQ+FZ*-%?L2JkZ>u|d+538U zp}lWEFqHY;P!WCZ-0gE(ko!h{8LOEAReVs)>267p%GO_V@~`P=S=rAseWQ!H%yG>9 z;?0G&i*Q~cZ3yIX9evIPtU$-3`OwhwFK*2W(D9zfzPjvxEBg)oJyTG@8-WV;8`dv7 zr|RSTig7(De#3z}xGsR)hXFYxNMI_hM z5~9d3?5;jNF&guQK$;fGB)_;kG5}|tN&HCSaf@8Gi+NNeF^ zNYyK=u4FeCc$FXh9Et_JsZmeus5>yZUJv2pNDweitxO+5YP$z7*j4WMCL(PV`dl;9 zwPY3Jt)rL~HU~BOG9JBjXcSp;k}<9*>93dJQ0)P=cMHt9wcH8L8R!GmCH2RMsu$)u zXyJ9J=F7wV$eJfP&us;@62)bn39R+y^vvJJL!&_VI!FR)lvFi*ynQ!4|Bngx@jT-x zfrRDQ-Jdjt$h*=UIrPFvmo-AB8%B}dFOFluSlOY&8Qyj@SB>!*hDR9mC@3blJppYw zz@ubE;h7L{Bo0TYWy?4;W$m1j^F1_d-eob??lWjrU`U^+S{bGbPze?>Xg6VCE;Vv@ z%5AeO{JHQX%?d526Bf=yXFp&+AW;by8cGXKsViY-ZVxvksfc@s#<&n`G&i%&iv9R# z9}0cei{o}J%oTDNXIsmp1t zGnOeCIXQ~|YB|uz|7qoExle}2b*D-4%UByBkliCA+E~{hI*AWp+x9?O_M7|Nh;}z< zN^CRLVF0xVG5FA#wl5dG2)i~ zu@y6%c9m%t&wxTTXKvB$cbbiAu2{N(T|!;es#5eB=KVRC1T~N|GW{I_q7dVXQ3u^s zm-X_g%JBT{N1vRdhV`gRYp(MNbRv;hjOdT@KYWIejGbUG<_%MN1QR`x1a~-EQ#ouH zWOSPyP*PiNqRA$0bStc76hN6lI$GOJyI}_ueE7b7gXp9~W`7$!lW)7O2FnIx``9_9Ojvmq2w=p$VCxxFpMpi&CKX7z25K?IN$NAgd^f_Jj1GfR9>TrN^_Ym zUh|20ZTKC@NJ(Jev3ucR*QWDQR|5@tGG8y_O-VCj{85t-Aoep9t9f!)UD4lMF@4YO zd{iXomHtNNlY89D%<0fMm8Fg+Zy1stQZaf7GCfY&eH_zcBJ-8162`3)g-CFZSOP;b z)qY4c(97oX3Yzm&P)G0+TTr04vc417maTd)J*cNGPsTgmF*I6YTeN3E|F0zGu|Pw> zi%6`n3(B}g%QTwsv<(Z+-TpjfsrVwu%cpsd(~e)`4yLeqKxbKlRy+JL3)nVLm}~5# zC7%~!OF*W!?yW%11roiy?EPHbjH$z+M{XwE{T0(}^*g@~r70fga~%tjAlKs^6=(-XbTMRZ!Oy zc?|(F!Sqq{V4liS#+pLTH83&q0qOXzm{ z0i*#9u8x%F}5SF)$6zl$TmIUD#UiUk@*G zFFO=slER~hp}B|$Q6G7DnP%j~t?ubei)`zsYgSp$(;Y&Va>AKoqF#HJRQsc)g>x9` z@@3X0jGO{Jrv(6GzRbF{)pS{9H=(pzS4vHf`xD#cYyyX-zbW2-Rk<5a&=|p?FT_nYUO~ugI=OmRqE7O zF0?HNfg%|S=bDOpQ(av~KoRT(2@_xLZ55vj6a4dOP8=rcozRzn=dXR-#uc=6(r|Z$ zU0vw33X+(0XW*ur`%oKVmCf|7i$`BI3v#>lepy}Plb3sTce7qQ8Kay*dKMFyLLQTv zivbTrH3K{)j;;}%CcncdMbsH3=VVrx{k8YU>~eJ2@ia;L<7Ko-m}%v*Q%=eY2k7sW zw75%!*iK*GLK5U1ZaGDZXdzY1dsC8W?Y+Rbr~A7^nA}|n-FA7|4(XLXh9t+PMFdgG z=TRanH6{$&a-To@!DVNyp%<4QVIAxf$uN1kQ^#JoXyjYEhLS3$P!A2XqkBO5#-#5@ z0d*i)d+<`wemwhj(Oq2M6T+bPGZO=N4uuIAnM$$(I#C?uOx`XXpv%zH6wDOJAwAJE zC@0rVG%3Wbi4264d3`^}gV%IanF1xxT44=(oN`RV_U$q?<&1Ot>SMbZ<>E_pj~_07 zx3lB?qLC#K#MpwD*whJsZ4HMCyCoVELV3LhBGA*8s_M)t)C8f@x;bUBA8BTWxxV=v zuMNYO5@MReoXP5f{irVFBEg%TTXkk8AbrR7t8R z(qSVn$BvbySVbIh)5Sx&BKEWtbA9mi?M2gjAnH+oO}O4V5in{Ff#Mp5gfoK$h-3;)^oY`1DI8d8{A zNk)MT2n_Bu5?+WXVJB0)w^dH}BpoHQH5|rt|FzoXFHoJvu)KP~2 zW2=h?W^?Wm{jEGzk^=&dQF~9Ws0vHuP4(U>GY`;+LQ{HxjUwJ+lH2uDZ zm6bdH)5P`S2aVB3m_#j{uont^g4A#9;%dd`1y4?ac`{_MG7IQLFF&Pl8+h<5=8OP7 z(A$R=yohdWQxq+{R0yeAk4&qJ4rMHk5a!u+cBb2K!m$#+9i8-qhg+=&J8`+pJ$s-~ zn0ZyI`O-u5+Wv#rvM@pl7blo#dfI8(V^ui$+dkREgZ;z7qhqw6hsNP>6z$m2d zhS1)dPrXsa5VqV+M-6(Ci3dD1!Cy$NpB67Tq6g!aTJ~G zE9O6UB*e8|H#4D7QXgv;{A>ro=`m9(q7y8vh@PG(v6zQAogq-j-gg1fOUt}Apm-bN zo%Y1N=5c2)i<0PyjyoNF9JY+Y;5+?>+B(#ODm95xQqU_>LGHB79N~qLx zwsOwR*#pw;)oI~f$4f^K28osG&ZoP=30{|0o28-Ob7+`xSVy%`*IN&&3^)>;atXDg z_WL$n)}lD`n;LyqK8WtMN?OaD1IjO_!W4xGU_oV}HuT-yq>i$J!r7O{1(NPEFJ=yp1-oR<3W1@s> z73+J)95`7;;QTF=o1>ztopFR7BU)GnLo#`gHT9xJFze_JX!RP=7?5ypLvVuZRUw?D zB=55cA4?DkNfn`G$)z{mr_y-$Lfut(^B=P3D|wAO0Qm_-n3#&L?)(N;e=g-0`&7Q5Q{Jg)uy`Q%lR+dE5SpduHX6A#Tb2ZIJLOalWfMhJx zbDk2Oq2@B8Ltqf^*~5W~OJhf&4nuo1U)~9&MgYk{A`PZeYE4=DFSSY2wi+67RXs|a z1H8;&E`hNiCeS0AnaIi|N|K1g(O}$?P>O;{FTWUk_i4Vm)cN(k4(P;c8ZNVQ!u>fZ zocUXh^zGe=_t|eBS-3KXIl<#x+wIAhBCJP-XfMkyyU^ih8mKflapKrMQ>sCF?npNC z1Kfx*Ln!DQA>@C)1EGW~-TF0%4!TP_*tslEh3 z=dco@&BtIpn1XbQr3V4@%yVUzauH@rVZM@ zRpJC5lo6O-&vgd>!lmT%&g%*ZuK zOk#U&0=tVNn>PT<@C-yL21gsB>3FYn`Hjw{mamL)%~4LCCgfWBx}x7a)&y~qpJ$dP zmOeOc2@$GHV)61-!;?xg(9thLd5mE}&H$s5Y=-4DygUCo>L&>h7AV!s$ z)(6(k@D%dTpSQT*w+nEN-a>TeLb+KBIqSj`0G9YISUj%>lbl^77c*?WaV>H@!DP)p zOhah!(V|y2nKIPnr|q(@ybmcDA9(uWMda%nPy4TOIY_J-ASdw`M13j4A`J9IpUzwS zvCeS6j6~2T#oume!U!U@WiVnre~=p1{s>N#lP?!SmP-(%g;xk%LAE>ZURPRH%ZgDo zqK@FAmzo#*7W6ea>sY}re8gl9pn%mHn^QBGOu$L%RZgp8)nalFUtAQA*bA}MKq|*P zf-{;myj-*l*p(c$Tp-4?kKxa)IUuPO5<3!}t*;kyW_fWiMW$j1Um6Jm)EPpC4H9Gw z(H=WZC>7(aJ^g2_-($k`VT7((DItZ8!5;elyqp;Qs8?o`$pTE0BbSjm)3)i*1eGkC@XY76^s8;%$50$+}LE?vvl$IJdSG!lvu zw0h@}xi&%Ym%HkwRT}sEVOk1r+pNpplZ;1ewrVfnN~ppN;?;1W7A*0un)=V~uPkkH zDl9;hmtQeS6zjQ_`+Mm?f`yha&Plh=*mc}tzH>dir6tGeJDXz5S_XLn1sHw+wwZK^ z4q8^wBH*njQJzXl!&xUdag5_7CjM;Gng``S%IwYP&p^PO0VmM!b&2lzqu0=w1sX1tdd8|&3FnD7a>#tRFpE_}g+a#mqzaBD*8B-C&TbAeSpq{FX~{ z4eLN*L)ne)2N!b!l%8iLEdVo^gIdN{3J{VdlkErSutOaJBVykV75A5xCkv4`?Yr)H z8-kAZy0{)}6`0i=FNg>=Nmn5Z8Ut1zW=GR+v9)P|y$MzfjiW{$X9&IRh`P!Pf zC9N1X?qAH?Vf{%yX@wMmg+xHC`N0YU^7$!OD;=b3;}TV2De7HmL%iP+ zi7&DP-5GbwD2hykr$uCHx)7OUYX?moBPI0(_I)`o4b!f`YbE_u@@m+) z4Sa~y* z!#hsXCPpKR*$_agyq9TLb(Rx5n9M}%W=L1kGE_OjKkdofxJVypcWFlQ~6n7xue0fi9uR>V-{mEUs9O>wgxX z4wXJ!%qX*IPV~-c?K+=r4rF;RRPw?TjwWNY-KcH4+kFC_!!?n=SA{2xtha1l;=x-Q zH<2R8KeRqXz8Y)FDv)E5vStQhWSGDZ6r0rrX&e2wG>GmnD7So=l+|U^XqkwTMv2X` zr%}A8btLNe*EcBoo<;o*Uq%K@vwm9!93$W<``Q5aaS>#VOJbt$FJsq+03KLPUpTYU$Dz>3r z=k#gf_QPIQhlWoe_#6l9=TmU-2`39bk6H#XvTyYzq3!_U+Lg_!w*Ds_Po%1(rq`MXNV|^Bv%u7&T|{*R=fw-%8=4 z2dCEB#veIr51>vP-v%2+7~$Aix1!Luo8sd=f;yk>W!ud|z-c%d`#U5( zREGg~Y@%+~_XKt@=lSd3oB^mB)r8$e08(iw3wG+%YXeyS-B&-HN>Adx^l$^d0(&dNT4iy8a z^7%Fa3tM}Nb>?b<4r8Dy@|b_p@-Q$yoM9RcJM@qpNcJRec7JMGm=WlGUry8;+}sy}rQpMouU3DTo`7-MX&F+b^*~aL}tF2Y-&9Qk|djnsj{*B#91CMsGX`6#I$u z8d(6ryHFf|yp1UDA*=u;RS9=}*7Yai4m6GNHx{{=@cVnNs!Bq{OTV6#{WKs65cr72 z@l2Ht#1zRDgY<7JSD|GBM^l&RUR`WCnj&wPBsFnN=y56vu?gh}`G(5GYZb2}RpZ4W9S69lQAP)fXjG zN*Bh>rCq|?CK{B*6ZH-m%1+eFXl}Nl#%eKozR&o0WX4Dj258AO%_To^bFmm9NeILF z-dsGGr#$aC`pz6S>rL(hgm}ZlsP84t#@@m>(er#KkUQx%Q7?49_<2JcwBPJZB<4i5 zjv{%N<|z1}5P8co!px-NSxf@ZW{9@tq3 z=Q#y4y%Ed3=kaSpR2?BP7LlNK65D<-M$cF{`Ug)Y_`) z(HFbXt@-~8%f}VJr5P=|E*q@424%0dCw!IDk`VnSu6sF~J!n_Div0El{I2jUsvZ5+ zx}dM;m60l)KSx?fSETe4(r|=0&u-y>QE1=SZz$7IQ2L|Hm5JyG+;Ao{fWFa*Pwh(o z*rF#UZtf@a2%6}qqjRL_?C)r2W-6r`b>{xQNUI%JoN99uBE6Yh%k4BO;D)EsynGe&qR2c;X9Q{ z$7#_MeI)2Mh+?`OhqJY57aHOh$-m*C%@Bps&}@fQ?x2x&?PCcO9ZBs5IQFHi>IUjd z^m}2iLg-83ILuliYM-}KqUZb619PfthN(~+T}5|7BQ`1o{x9eiX~#7tK+uH)(;c?UJQDP|ZLA63q9>zdk?enk1OYqW%# z9iO%Zxd$w-Hw%SrFy;_W^}LRv%lDj^-nCp5xWV?apr#S5J!?YAm|Mx{dXaQ=5Z(qFp(c9&UkuwjDZH=F-@8ytlyhARxw(kZ?jMX3gw z0si&ws~VZzZn+2YAJ`6UgS*ZNmsZn>u#V}im?xdKm#m{D7nybAUfYgET1oT@8mOnn z>hadfh$_*L%L?pWrC`23YP{sSK8N=3Ys1xxP5HTCk;i>^>+j&9Eed@34>j2KE%82h z=|h&M>GD{o@lxn0!WA7M@nMHB(%u{B+Q=5*44 zgeN}6=0~GKp-?I`{KzrJq;=wZX!sF>Azz$pV-WAKZ09|XcS@`}6}cr;liys3${{q{ z-SVZdC!qaG_7v&#ffOY#NL1jFM?UC|_kcparn8L7%JiPtHptEo;kDjbtI*a!Hdlq0tje>h2wM+fbs^jGN2j3>DPu_IVz|%Ox zxIX7Vh}g06oS3q7dcwzmHU-1bB?KzNrz~hCtb$Qe?46v|3OQm0CA^Q)lU4xlZZF+o zQqVWe+Rri}4S(H02xx3}f4H46`1a33N@5UWajbX*Sr2GYfq9G%Q4r>Rm-hle$}=lZ zJtaQWWcmKeY?jZSIcs%^}ROks;OSM_DwU#b;H!?z|Qms z$@eDRyQmKQg+}N0+!DekofN-<($27isa(IrqCjcyC-VmBm%3|}Z^9|N*e5#wRd&)u zbUzbsrr+0SySHM_kECW;u^>&d%4F4eV(y;dSs5cRxisP(PR6y$Am;kW2XNi+#5p%x zf&F}YR+(79w7D;Bt2=PVj=X50#U9x`_o?0TAL&=GreQ$s-4@2DZjg?RTtFuN%u zPZD**u|Y$t%p{rhZDx%64^0dsxCqFb?**E7qvGTTsFu8bGIkT zbv{vJb@v|$mkn_QoWZ*YL7*8&=+b)_F6(uM;LmEv{msAWmOx61Zuoz@-QOtxQ%rhN z3EDjhKiB2ZCHF(8Mqv&T^w1|{ae3g}<&<+7ipQ4?CqtE>;r_U&}8vh~2#S?;PueVn%g1_w&+ zS3^inC{^kTefVhrM-GnjGk86R)*`u6AS6T><=hGrUdtfOX8}|SIjzF$5EB?h=NtEw!TSc}g;Tvt0!dxbVZvvnsL*hlv0_MxQ>vZ^(cV&(B4#x3NY*vv zl-CXF!FY}cq}#Y9A-ZPd)v)SHC|wP zC?dR<&?{l`3$u33c~u8arG@@a@mQd;NA3Px?k9nq90Ocm8;3o8Zjifh?|5&CH#^{@ zziqAE4^nQQ4dspZxL94Os&~ODx`;B2|GLMl{l`{Ud50o4T4h@;enJG31d$S6@F?o= zF>oG|vj=8F80?iFOPmJ|Qmx_cYEZ8-pJX5_Pc2!GG58B#`-}>9#5qd`j($SlecP=FDnvmr~!14-u zcko4&Pbpl|n;Mk@rcq7T2Kh}Igqxd()sKYc2FP38cm&+WxlyL3VS@R>MVFtq`RPvY zK28+96ZLVyZaw(r1p3`myLFEZ5!PI_VUjadg3f>d5 zLaSHJ^YO#`V&AP8a2J^xl|E227iv%o4UZ7e;fayRyT{elC@$8OxF9tJPE8>haM&gq z0CAXbJuD6#r3O@??4E1jhHihT;b{+ypUClh&dfX(C&VN5FE}fgBO;d0-U4ofwt}Zs z)7uX&=>jtnh6>I{(k8-sK6oa@MTzu?u3F_>CCQQ2Ctp9aOimoIT0d^v=(ePI5Y-?X zBAfbR1B7jyvAVtmi+mH*9>UHA_QuRhBqJBE01d7jBP)@Zc*94hMCWUw%k2p*hr(k+ z?Z-IXAZGN_j4RPXW_Ad#GN`@PpO%^V)XU3GOD63TyFEbbl&ZBb)1 z`FJ~4s^@IJX3MSpSm!VGasgOh_EfK0e0?9*kf6XnMCj-=0Gu>I6XS#5+E8?srg*aQ zQ8l8EprdXM?PbvRnwMfR)C6|+tu47F6Lme}7{*w=LhQsLUlO40G8((;`SJh;#5q@4|YrjlAygm~Re z8rE1d`v`eSk}X;pFAdBvV+1F84dOkUcs&CZ4HR23Lq>cWD8AH9<3GP)7h-%_l$L;5 zCjyN#HC6`tSNbQdc9s%z$JB0toD_%?InM&UGVP&r)$5rGGUuxJ1akd<>QPY$+*JSY zsJ$KpO+*TgxlBRJoxC!5LHM(AM-p!&&KTu+I%Xc(#gL_Yt&*?CDPDBH1|s;QRH3M$ z87Aqt(xGL<7x%LxI9*CNjJ0B2;LQh}^_L<-_&Ifdz1o<|iW$~{wOM%+!ykH3E1vbFJgEk- z^S_G8MAx@HsgC$FuqzU1z^cCI3F{l}mk>@352;8tzUs(qYnoW|%Ec*d_NqerM464j zm#QQLjT-T zz_#5wt>Qa1CzlawP|#5X>jXWBwE#A7YN_N7vvu}vgx9@Smxx{8Zc(_^3&Ew6_}I$NN4E%uln(yW)Pi1lHR|%Cge5I zOIKMM!{zSi(Q8o&-bvx~%_^(m$~hE9&}Ruzsv!%4e)@fLg~aAbk@}grVvFJ**ao+C zaTN;H^^^QG*}h$SDLsU$>3C>6(>r4P za?twa?QR=c7^WckSntkRkNRB&Ek%WAEoNDQcZ&4;&rf7exw*h%&KOH-vA@^-f) zXx45^vNW|@0nL~Gg!O{xr5!Ei`A?i8O&9mw2{~@U*kTm_Sn34&gW2Krkr`(2Fe%kL znE&Bn*?4fCnoVCSqvVy=)aRDyAd6cgq0!z1mUej}j7+#9+^*Uooe8)w|3uwr7@W459ye2;HNw)0W;6;haxV^+k+#NQi- zI%|MDUr&IP%9F2&Syr|7u!CH!7Kl?_7>l%%!3;Q`^(6crWqT#YC`Lno>F(lqoIxbX z1}CrhM4Hmgx*Sv2@x7%1Vf4U%E#xHUltlhvNP4X9S+bZimc1gN<)@dQ2~FEJuvOrv z^GqMELXRZX*m~Oz-OKw>_TyG#n-644Cv9ND$Hn38ga%Q%M-XtX)v@H>cs|G|>5FTU z0#>1p9z?539LZErb9*BOwGl@$+GdcaF%c5l3LMZW(voW$(ksq4DsO43BUNDNb`o`@ zevVE;J+o`RLSU+x$D%!4vl12WLr*p~cd10CljF=d+>+AxbVe~q*%fm1Pg{|qq0gVJ z+4-_YUEHQexLo12sxM8g6Jb6T5b!`ZA$`r^3%<;$5B(B1)NPO{hwXn-jjj~zw28do zKTis|7o(T75_`kfLY7p>gM3Yn9sbIO7jRS|lU#>Pd9SXIT?GTX(U~Gmm*{fTO})7V zd7q?PpB>TuduMl+uqb~N=!#EXL5?f@7yO-PS`AF{uC#W{=B~*SL3d>rY7lERzUJV( zeTY@vqMNMyDn1*4VT@uPsX4rD28><8l2Y2_LptN{M0QD1ZL5Yka6UR38R_NIqffv= z329s8mlvMLN@({RfMAEES)$T@(R8$xJs}G{7D9$oT^>SfvEoUP@X(AK-K5U!c;8qG z_lukZe&BP5|2dSfEP9P6-*VS)gSg@516_LK-C7O_iw$*Yr4B+aO6fwhSQ_~3tjcZQ zEB|v3@Sh<;!_r0o%vjqP8;lB$_pHR$5k3j$UeI8_dEWod!y4j z(HF@8j@?X~ViwNu=ihJAH(zz7666*k?>zZ7Q;H}XxGrK* zyjFM{7NZIJ<8LcJC@lcEhnKfa7yY^u!KYsYaW}z<#AZ~+%M``f~ETNflJr5IK+ zn3(AVC2QPPuv+0R#-MQmjM;?D6IJ`C0{ri*e?p*|kjOt{>OQ?GqSWKMVv6JKt@Y^s zzC_8I4y*&^tg|vR;gcaAs^+;=O3RrFL2SZ{afP%;Ls6;F+n6aRw?JRltq zh?kPVgZ)`#*WO1N?|NPKlmbIYU_%bL{{G0n_IUMcyy-&csuRuw_A3~)*hBiQqWQqTYA)o?2wyg%RO zBgEz?jPjw#&gh@?9xVt5{ULKB_VWsq6O2vlE9PvTQUchilk5G3)Q9L~2 z9|GDMyvOGSt-~O^T49u@|CV z>Hu=XtxEsL2CNHABBrcxN+kL^9XSTiXrSk+#`h2P5INT`gbmp4k|NTl7UYW;#YZ3? zM*fp}?JXF^988EeCqnW}0o*wEiMvCHJ31JIMh3YVT63ozlaM}OWBm$%l z^tnwUGK#B;VCw%t!TEUY_b^IJ5v35e}`dDr~Ay7bp)7dhn?GrZkv=Uy@i8?y)f8oC>@--|Q2 zJT35VipoCEDarOi%nR=(-H_h)&DsoCF#-)LrptQFR5=?a*`rp7)e|mD!?~BI@$JvU zkG@`1tzF7X?-5OxaYKFBk+L7j)Aa~kVB_-p`rGNsE0tewFLDL`)b)5e^0E5tlfM5t zM1pxsd6+@;U;>X3-*_?P&N8;$u_F5%t_#3lssNSMUmVy@S5{Y7-_IWZ@I+2rn+sDt-5*T8Yo!N~l#~ouBaLGyfbM*`LxcbAJxn<(+x!H1Kx#x?78i&+4H>EsfNbY3mA_A6wC zU3U?pIO||E|D-$ns5@5ihv{k8<=zVWUgmn*wYv4D!=5V@i}fodiU;3wNaV|7XCEd0 z*YUIV1AuKtPt!{QW19{wqKM|x@6WyBYMPG}E;4&E8?>7ftKdQz0HpKPKH0+fq~2w$ z=#T44uTv{U4kyN&jNR9L6wu=()4_*puj0OD9DeRp+3B@9shHZl8M1M+m4$MZO@?4r z^P{M^g!M~w_VKD?e%90F+0*0MY=3I%V93c(cq1*^txSrd?oAq+Fx_xJ8Uj z#q)IJhId<&s2I#@9K5mV_>6u8>+H@Q$K226U>f|pP9~q8Qdo-j77YFQ6lNf zKUF#ID`&9`tYl)y$m`0#9%g3t+RXwx`!P=0_IW=I5OB)jAF8h0jNenvZVgI@~+iO@09JCQ-~@K;>{%O84Ru2JGcKwQuUbjgP95DIg-_hp7Ldr831>Q4Hb=ReAp!pcwoY9~-%F))K>Sh;@?=)uoz(XF` zmC8nheq#4*44dps;8uUgj$?@N^y2l9y;huwCGw<*6x_--^Kjbw_+We8uT$~m^(H{) zlN(p3=^iU6?+15JH}CGw1gsx;_^+X@0)Esj zCLzDBls2Da1^n>uG0d6|nQrjky4k$fzI@Wj8Q_YEcwu!kf78S&2!nZL;XAzzxL4D9 zpQR5MmG`^#o4(_t0OMNc@cDFqJ6-mJZJe@9!_3C!x8B(!s_d-qY|u?hKkK@Ui>iAq zZ(nhuWVQjnl$x5lp?VkaFMu%k@FKlu&N$t@-g%4KKj~W8?+tJ=Xm{H8(QmKL$RnG1 zG#>tV@95~Lm^rXKR-C;N?YLS!=`NkkQ{z06m+sNDzccAETkE+H&!=r%YI!`hsN(yr z2R9fnvsKc#GvT@Z^!wXaJs4<;KXA5{%fvA|9&jF0PbS@(kG|bK^U-u)tY2|tZ4(^V z8h2-UlSH=^P0_&nMx=rOz3%bFyq^XLaRk(TXVDzpxDcy&kX*Ewkm@_-*-5)ZWnO%2 z7eY5Q?K^wi%60PdPk-qzW(Bw(S55TbgsryH#uJM<&CsQ_^N|etN<*hlSBNz# zKR^8OZ2)-w7l2Q_Rv43~QZPyS~EGyX6rYkLKf@pq(%IeXcWJy`o(ET^c`{4u8zW znUP$^G*mXR#{i$z5+IZ_^#t6L_|fqDne7r@t&T=dKy-jVDdr0L1wTdSkJJHf{sO0+ zi6hq_z|q5vxR9eXbP3Boay?-7&=PR)Lb-bK-xBBERg95vL>te*r}d;H?kikQ5i)wJkO_G_zKCBBX5kJqN%cbiXEnwO>i zmNklq{DJFo8)dp|{HYDdJvjlyv8k4kS(h`pCX^eida~!$+Y!Td7jUcx8jq;5jZ3;? zqKnxfP2uML-*96wom?SDAB0$ZXZ#(v$H$6I)~iPJuBLG^W$)cNGxrYBIy8~PkN!5D zGZBbKCLtMH1BxDB$IhH9I6H7N`*c71x@+^9e>MFW;eF{)j#H0lE>0 zUwZkHWyizXcSXk^{tZ|}B}tTO(-p;U!R#dK>HQzF5h5DCAwUf9nn{cIPu9-3lZ0t; z%<`w+zsOMqM4vIGkA~R?qa^frQsLlP6z^d3I9fJoM*S!ow+v8Tlpic?f`FapKHWXdBlEAnUvE0w>qyp4m3z(Mrw7;FD*I)SNkPAIxQIU% zO#FkXlG$32Gv#BO`S}uX?$v2809{fI{Dw10LbE#}cRWsaJpSOSa-Xi32xznJHzz(LuP;uWx&3D`fQ5ZDo7rTZy$|G`X3YRQ&sciW=cux9GgfX5kc;A46%cDy z5v5NNbv+t@|M)emonE3(AAGHIV<;}zXKjLnS`q0TP*@?HrR(3c&oq(4cS_tJ=kjlZ zDEpc?*tnJ3jv0q!RT*yrN&{fz%RzZ~9*~(E2|>CA{rdC(aQ8E4tHX(9b>jAK7um)3W6o?UnHP7wgt0~f31?nEwfLL7K;^Kr)taVzjqRAW)vQWhU~ox zDPX>R*Q)6Vcpa+JLD!9eZEJz+)bA1BJYajuogBXAUtaV9!M1ttmFm$P5bKKHI}2~sS1D{96&7MVH11n|15A(aklUTzzgpIeZscB?}vWzOZ1il zK8eaC0Sgf|07uVbI{z)tIK>{|`xw|~p>B*Y_Ek}QwkfU)nM5}PWEZDYkCVJ9C*pA% zSY<9MafKZshykK;OyE-K$#UsSVFM@yFbCI3%FbCT(JWAVdUE*6_cOY*@htA?sC1nn zDgXdpaqX*E1xPA(_wPqrN;dFckmL&9n;R1a@~ya_JWB|WJI5|-p8+EjS+RS3+P)=1ovuJXK_H-n%=$XFK=0ZYN!S(DFN5^IBMgwLC7hdKYm`_(Z)vfI9ei~XtKbCO;cy#{X`q>9&4>dQWY}7V0@G}Jz9h$bDU2ab!6d7aAK+)~AT?*Rb`;gRh z-zwU;otWz?#QajvbBl~|VePH*(D`QC2*K0hdOW|slMCx-3W!8(_`$*EhH!`+L}c$2 z54p|FDlfBsjhzxVfzR>=aJQ2ar!chzMPF&$p(C+?Wl0Efb&2xz<<>6#0-)X4H~~k{ z;?*v;gx?@SO_?N4usM$xzj#YjXI>jtR5W1XL*%oP432|pEp2TVhtq^5p8Z_6yGK(a zacdd%1lH4{M)xM0GJK;RADqJ;$_zbCl5gc`*@@q%NZTpupVzaiqYh%Yrnc{DanM2# zN!-Fj5Bptm^LK!_0m`_;<8B{9)&)ud1lpJ>y7!$B`|>x7&zIOtWAXCAY;XRNOJ{|x zzc`h5^HgD~x@L|s6Q)*wb7P_{9(9J;`MZ}}m;GNqudVoQsv2X-8}z!LX@c&kh-#Cz z8w)?hJOJbz_rbYl{dTGS9R!-$FI|I7Dd%|Dm=P*^Nx`&$W8x44>?6%}0L{b8wFmhx z{zl5w-_0P+L6TdT%Zb{ORdiEYOF{7eLtLj8xztPR-)q%&zL-cIwY=W=|JTU4Cb|*V zgH{{ol9vloil}(f!$|dSq>WQ(*q`;L(eM^Jf=)-0NZABr%gvoBDX9^jNPVv@q^OzZ z@q45+JM2TAZH*s(bo8nHXd51?#p*Jn{oM`T)At!Ps7VzoZD;X&%YQr#aQ)DI0}WSM zg;Y)B{Sit4hSROL#@VDq1q8a@9FI@kvha5}@iR2OeSuCwk4LLEWyte`qm0w_L(YxV z2rl&(A&qlRj5cH6mrziR-5x4ynj?c{o|Fy z)0J;XbC7_R5Zrn<0piL!f>5nRr(gN(khknCM^;ymI&HjGVl1-p#>0O}L4d5@owo_G zs0IE6DK#RhwJfUFa5k#W8r5FAfKP>UPoW}^x~p3sU~~rn!{Zx`ut&rOD7puM>{+PZ z-?K~L4}Sa0)BlRPYYd0fOUSCP@MBOkxfalZK>?>sI=-~5K^iJi;VgrxDfW*K%rUJA{5O?dHDSL31k&#oJICF#}?thiJB|@)$UR+ zfb7`W7f5Mt#DnwIfi(2*uZSVp4uEjM2mK9TS|HVxmDM7Q06_I^CdYx?_+c#-AQTQL_Q zI0|<^7}q{M4z-E;#f2&0iZJEXtlqI5 z#gzC&@!JuWtZWHqRanaXLoH{HYW+<;Gx*SQP{;P`yF>ckyK9kpZf1^Sq_sJu6tc6K zaVj^7wX26)9&{*rjF;wEEAiegK?(rJF{pg(CZkLkY~TJSMd}E78dePu3M05w)+*Fb z=lJOkQio-1djN#m1=6Y*O4lAu#;7QS>4I%iT(JCECKEjT< zt(hCNz_uC@b}Ao)9T4Y5nyF%XaZ%R|xlY@6WE15GpW$=j%JdUnj}d?#D3rRM>qKXY zT$-2Lu;|ZN|2ZEI;pUkDa~mF@1bO*F+1#VcW_y1#E^FSUyr6cisEN6zg$nd)f1qiy z0AVr=1V<@KtbOXKm=s(i=0gd(w<5K_a{t45_jrK032w9L2hZY)h_Hj6Hmq}`#pc8N zlUsVM#1Jbm6U`$`pS&9ZNo-VLWapf|z+RnjV^v*%6U*=O1y7pIw1Mhwxd)+*hIt5m zivR`?3-Qcnm0PONGsGQePjE%e#CU0ZKp^zp%O5rC1HTXomLF@)<~>yHLtp z8aW>i<@ZulyNB`CTo(X;gnDAyC?pI)Hrbm>pAz^=Cp63Z;~pN=H39jQT{fFx{#(Kn zJX?km?=^J_{MKYl^-_?H<(&^KM^yB&G3jdEhym<>1jZK?s+ ztCh&}*x@cV_Rly3@;UasZOQSN;DR$c>s+-GH`ce(3D^u4SZr%N%!0xGC8Yj3UWd+b z;HDvjLzrP*^!|A5kSe&-?er9RQ0#m-y0Jg;4n+(rC2gz!Cto^KWG zQ3(?r3vKL1j{~IP$}Sy!de(XqiLNs#k)#GStHa?DjjG49WW1V0_rrOM2UNC&eW@5J zz>(kETF~1v36VtqH0iNb(+<4f{@|k5#@AZ%9F4qDfJwcsfYTtTxMoWR*8rW4aHBv$ zTLG02BEH-h7QdRzCbiY1+(UNJb#vs|B49pXh;};8?RG$nQqR#tI3FR>DpXl@)t(TG z0ju=`ZLOt^+y@XY)m?&z@PE=`a>xdL)t$3_FOZLCXeD=MaKCQy zv0#9p&iebLo=oqhYJ^V2G+xkr0pD05C_%bP&Y}`2MX#(IzvB~Yz9dx3jMDjiww^UE zpGl26w!x?E5WOvJ}%?H#_Jt{5f**cp66Qt{Ip6hjs|Ud!)GSmljoVWs~s zhT7L2)%*Gg0D!dA7lc%Vpbg)7biJX(zmbX8iO^ADRKM&JVMv+${3nPwaKPS&fTT#^ zE@j^vSi?5p^;!yGVz7N@s^O=T#);3N6xEX8KUMG}4!}1pvkm6xPL^)ikL=8mgR!M`Z%g<7TQ&(!MWEACruNVkR=&1GspHHGeW(2M$>F8frR0 zt_X7Prm=tf+aVIOAB_X={v3Ygh&aNJhI>A-Z}%TtkALdepK6o#+}Ksc1{si>*HOqNpv#h;QTEQ zb|UpX&ZJW>KTLg*jqVQm{zUk86qRT@J~WEzTV?h3IjxwJ<(* z!qr9w$#5EX5=rKGX*!~dti^U5t>{o}qumsm^@p}}UD_o;&qL5nfU+7@ow7J-6V zqQOo&Y#ocSjn+2IuIF9HKdIzD|L$D4jT(tPhNl;Iv8@lJ#g~ZM4qv4RaVeV-lDJ>E zRM#P$Wtw?|EKK9`tK)l-AG6sfI2%-hJN%MmC*>KrjBtO5P9~=OauM-cD^rSbR~*M1 zv08IxV${RhCkiczw}mndoLKUQ2N0ZjPu^xdg9>lM$;llP*jUc4Ha51N0KF; zkrB;yDssZGVR1^FohL3w&^b7=Hyr-&EWh3UFy0i#rWnu7SpU+XA$WeMa=TTS*it$X zz*|*%zs{e6Njh2TQ)eeq>svn4$i4e6SvE{Mm`)SEvaHD?UMbO~h6of(u%<^Sh-7CD zCd)?eg*J9v!B8kQF@HB|9QzZu)`(@Af~=#b7jNeSAG8acUSF|QOc7gBcKyq;vN8xA zPL7U79%_z`YcS}ORsQ8y$v5W%9t#fX;ED(W@kNOd=;_C5Wx{N9On%}YVX?1&OTCv~ z(lta0S`dK5;g_6s9g2qUaoXz2%F4RBo~zRxFJ7E7kPoJhe;uZ7NX6!7Sw|vl61q4? zOyhE`ONdN~Sw$Ju%$N?Prf=cx63rDcv5haiVeV(!SE8e%;m*4U24c$}aWnRp*eotA zT+}=COes0LU(q6KDR7Zi>LqRO9feKP%Mn@jtk{SmHPnrjx+U#z@5X+`Vje0!@6q>u zj0*)xNn>@V^|?n+JPV|z{==8ab)3#BBw;nsr0z} z>O2@Vx3M8Ysy#pNF;*XBWo6}4xI%fDtMMKKzFH+ePsl8^{tQm#pK^41xYZ~N_9*(h zUE!)7qDGgMxjlE%)76#m*!+5}&(#kV*0`k9q?TplLEO|bQy0sI3A?i6J3m(MwvHca z6m-kmH*VBjb)tN1rL3Z><^6ls$LCu>Cr(0U7eKCZ6q^^=DGTlZuiYR_~O&IXfGd&*}}KL8?8L`1~9kghbSZP)u7g6YMazI+BECFG1C=U9Qcg#|BU z4G4Zc1i}!&8Y(u0V+3_IHALza6cl8c-F?*@k5ahBlGYYzS#~SL#uFEwIe0#EFa~uh zEdHslFM2N=PT%7XQ2qhPi4n3M_}teA ztVU->M#i;8JG1v_Mmhako8c>gfQk*EC+4J@m|iK#sDN% zsd?hlS#aT`+H=)~Bg^Ty&tFft$1hP{qt~=7Ats^l?^y4Ny%NvoLvwUFr&Vu+rKYmt ziujDbe9o)Os4grja*bzWOp*y{t89NM14n0JdirndNbNInLt{IO`C_Yng;8OYcb&|)9umr%gCvEtI6K~sotPI zki$;#=~V{V@nh+R1~?lJoCEA)=F)yW8%oi>Q}L(;3m=`8+aYRpmY;L)!QSu4{{WHY z6t~8u=blxYqX8g5_%GNmk2m$`*xzz>b-gEJV`&K#!08Zru~XUU+1XWKsi@V|T}}+g z(6NyWcBX^`1uOSRb27nneD(5iR|H>vs3={&!o)JIXu3Ary}hwW&Uqi!xO&6ATHRLS zlh$_4QQj}T1#AXEyB)Ic8z>rI5l0mLXA0@m`>2sqM(l*2)-N zX0BJg>*DEMb6VdETk`+fH)5Z_#_NJ@rWOyXRLY`!I`s?Gi7B*NaRYNvXWtzyQ7sMw z7D2y(NSTZ55d$%(6N`A~dUq&roEL}U@|Pi~TUuFF0wy`~`8D4pFfuou;{wc0OrP=lI>|MTqMluolp>0=DAIYwN1E@(EoDM{} znV+5Y&!*$M|NicwNrj_itk|TDfr9uY9Z=0EuiVS(_AD9w@cD$PQ^19@sf@k(MskHi z*qh8X6NBZ>HbWKo2cFs5B^R@zMS}$#XFq+dS@V?A683XlHRQ*Gc=h!{k7H6w2~?-W zg@q?SwtF}_I)XaGrDaD&fpfIu_1QE@zPx*w)<6%oM|i{&`VU&=Ko6LzUN$m*8s1*@ zFu?m(ymbS8MV`Ow?jPQl8m+#v-V?b68gZOvf*Eon4>lgcvCT`n!o}H0IgqO`p(?0g z<7p9E#YTX0YbtC{iGQoIyv^=siNj@P9`&w(ZI*T`MonLTADG@hdFO$HiWV?YAbF7S z@bKvB>c&s0s;NP25}N2ZpT)@tyAIL&ZcA%I_5bkTA=Ee|i))|w_BwiU^v|i~rz$4w zf#Q4{MS%a6+(qgxfWoAsErab2&&bayu!b2K8PN)>p;Ho82M)K=K}LRb<<6?DYaF(Q z6t+}qSFyAFVdmavOH9ZPWY^kGb4F|_TqB!8>}Pn^P=ELI^ziCcxR6$7de>vO>5QmW zqFd%vQATIGYl6=Tx**RwO3Hf=GErv&!`_Y8Sy^Aes--|YzZdZ$DS@ndV|&ove{-q~ zhnwGA8e>$_)s4ek@2B)g{Wmr}&_nzELEZOzSR>lcCNM|5eVV_4S_VLCEUwi;VO&7M zZ=kR5%)m1=%DCkvMYumOY(fwrfCBPs^rK>nj)|%5RXua|EUX6c^JkhtSx8T7J^JV3 z%viYnZ$>k4m+U$f#rJ)${dbB;~x?}c3jB9%q%@UU6yFyVjq61#ezRa zouW}9!D}4PmpzJKgW-Yns=I zhYdm*F%UVPeGo8i`75$^xf%3!2B7r9%>#TL932t8)eDIKN9S-wBe`^<80G=)tW;Wq zN5@CcNo0LcQCFAwpju$udW5{pdw;KjMBAz5?C5AUP|C;Rg9kNrdZYDV_FP#u3{`eH zf)Iid!1Zvf2~zZeM+dw}F+H?RnNs+Wm~A|v4=B5f8Vbymy@@$|GF5vW2ou3QDkXe&GRa{)mqh0(5a{V`>u%eR@rwS5WD>qj93dUWt5#|Fh zUAWSAo@rn8wK;|C;*Q^!d?}a`+dbil z`}q8_8aZAugh^c)q5Gj#Chu3J*f7EPP-25U<1@0X<>lpRTwdahps&Tc;4JEg7|V#& z0Bhxw(|YWThfdJBEH|s5BAWY zQAN-97MOrfuETBmQ@S#!`Q)jJwLAyKWcYHLHggy!-_%Q4OJC<#!xt46KJFM4wVy;W zwUFtU?XC;tYiM_ib@k6Q!{?44 zQ&}F25%0CjkvKy{u>x(Obg7|46IjOyw)U08h=AsQzrH%@Jw!3u0mOy4{?vl?R`g}N z(f4Fk_yPBBzAUe@yP&~lyr26$EWQIUK+Bt`_xmkNUlhsO-mm`l1MZG%Mf+5Hex|jH8doOaPmY&G&jR#Xc!WyRZ75 zu6whg)%0dPX9=(=&w6UXCG&9l`j(!V9Vx2EU5ZHI>za*FE?*sabjvP7S=Trbsb6J7 zta|m4*xAVsD|wCdAI>>I8_Umzu^|(ch@mS8{z97+q3=Q|dYyC2GaPlIj+>LL`-SKB zx)rgi5<C0(t4(UYb4cM>g{ znX*HZ3<}HJdU^~VkrhNui!OM;U}xZSJ894oD{B8}+lXwkEiPtT^>m6Qy|4X%rKhCF zrmdWuT&{6P;*Dz^0(6bfQ!am$wpGev#xSIhCoh&0{3&T~GHe-IZ6ixEcT#I^ z+CtQB6y?BA_z2|u?CfmKZ9Qp1ALu%l8wY?I$jmM??=QBxN1d9PIfpoS!2f35kcL^Cir9<5!0JcG6Wi9FIr6o!vT2#rnPiLYBWs(wY6r=eQ{!VYMe_=H^E}WXyymi0&pi*34ZDE7sQ+qPr8+srsW5c0HL-d!qVd5>V?8?gsl?-hg0}Z& zlFQ4>Gc&n%w45(XpKklIg#d8?bUHaj@t5xX15q1oXSlsSf2~`d!w~_d^kVA+_U%?? zX0Ax&;&FF#gM~cBqZQuMQA8*Kb$)5Aft*47^WdParlzPTX%#jX*n)JPzqIJ1Kk!p>L+AfkS4Bp zh=P%H1fJTXpcPJsNlBUdmzzDw@2k8<1I_gsT0gH)hNxB}EPI;uH1gs0} z!I6?Uy`*z!U;on0|M2C3^F9?}jk`TqU9LowTmQqvb*;{g{yt3xLId%1u2S=wDABr3)mx@r2R)^M{5kNO`!;cnpSJm z;QICJ^;@<_X~Mj2bY=Ah$KB6fsb;mD=`1l37jL8aQau z6cZRKEAO3WKTcl%J*{)^Gh?dL$A_3Ph4fcBd;MoU7ibw!FJ`*Zo-K6(KzzayVmf1s z@H4PyvAOI8fabnF)tb>i$ji%1eoDz-2asLPn>W73Y-8snJ`N7jFX*6vBC0)k&&X)v z&7Gv>Sre6J=XS(_VY>||f1tZ;)zk#?J$#W~P_fGYrQZkS)MQIk*xrCg1G9qnzlR5+ z#>LX%N8v&A4Q8gMe@$W>=}e%)BJ@E%fEZ9uw*{ro6OKLP8LcqT7}Oj-)Oj?{uI)}S zHpKf@eKoR4cE*h7wuXaLh44wuBY*TxOiXYH#K=|fabzXf4Q+2Ni0PeAFKJ3qDb~O_2>wn}mz)e4U5(o)m zn4s73NCBL~xw-aJZKmP8!>)R{w(xMFMzGxlQIG!VZ&ZFLJ(<&3*gpH2p=z z-5oKV)?ySjvi%{U1MUH4?hp5&0+V*oq-&oc7c~6>wgNppeOz4Jy{#r1dw2}N!NGS& zAJGAVKSlTi70&v2nBt!@;*bsD-S$Dg6(I8Y^(Kfkw7yAAHQs`!uHXnV*poZWkU#6F z)w%VnDiRYJ_ZoXXeR`ZX0Luqet$>CXw2#!}TCEEHIhv5<07W=t`Zgrf3;9T>x$3qz z8RkR4kg-{*?7Y7&Fo_(o2B{w9H0Y$rbKh8)9)cPIT!l@SGQ?@VpSh$8OoOJ@;XWPN z@!yg|6s`2mktYR8~=l)Se4~9d~#4(ra#itD=f6dzJL{7hUxYZO zoEPB!9!-E(ezC8}qB)!ciNs!f`-uS;o9Cw2U<_czvj4w~7odG8@jC9SLEQojV(d`Z zz^**t*Wld#*ZKMRuQDHkGgO?!`8#ka`+JM~4BSKzOlVh!1#%bsLR)35IDl7 zEqVb!L)AjLANc-@V#}EExfqpuaa{fL)g<~Y7P%K$T1A{1ULa6D5{m)ui(4ZpT&vXf z9;sk7HYspaKWs_=M(iD)FQpuR+GH(P#zUyA5s(CmY*q2;@7aZ3+nS%qvxv4j-v7TZT(dRPJSf%c|_7d`t`Qcd|X&J#Wet4*$pj262~59to#*zaKfnI)7h|e;9h7 zx*Eob`NfJx&=p9m4BFNnpP8wE4whknw1L@RQI`zmmzjdl0=gx|NwILH?72VZz?+GI zJ)GK8%*n}_U9sE@mBNJkD%>y;Xvi6X$H9=O4bE+AG?O-Wj{y*~sd;?3Ly$>2uoQSq zW$T9#+mimfLv!4pC&3s6Kh|r`E+oK_KCX{x5umJ=;tPq%L6H54l{3gb0GAo}gbp*M z9|FS{2JkZt{;t9Keh_-RsqLf%b2k17ZX>VPpthBGrr5MT0Dt*HWVdCmGNC7)rJZXX zp>9D>B&9XH z-AL$ZJO_2`OQqtnvMVg_qpgP#XdAVdIqj@6R(%@7zNB&db_*AevD8@g#>$|5)l^wZ zN(v6ws->-`rw3PJr8bx7{f(-4L+-hsWK_#FaPKhNi2o^E(VJJPu{Osy4KuSzBPB-` z?-;79WzksR_$1kO1m6G8=+pZ0%7c_eDG-|0-@Hc_XsCVxdDk;5fX{=i)g64gE{f04r5*l_SH{fplUJNAEQ zQx7hLiuuu*sqU!ctD$?t98Eb&Tc3Yd3l4;bI><(MN#pGpzDmS$`EC zuB3+I$UCUOBGzmdkr_TK>=zsQi`tjQVS%H}Q&V|~zR2#E6@e*YLId0gZDi}uJ;AeE z{BH^bUQX!>i{F5DN4HS>v3$yikB8O8?$;G~>B)`{sg0)mSkjd6P*iXsV_sOJ7KeMGIKu{RQBF-R-BhYvs*rAOK;W)`^5HDQfdHPp!;S}F}E z+>NGk6S7MvWY6%Li8D!~3YE~0`U)Z#lS3yAfB9fnW~|~ZmH^)*&{l&x>$SkV5Iv+B z>T`9usn{ib`~p4KxAhR28&5!;&_))by#7qPOZ-|2?`sc!AVva0(F~n=--P=I1qu&k z4O7B9jTHU?4(V~h1ru4u)4UPl;n%-+@0%plgf`x1c}>rPe$TpV*y+-N4;5g;rqIC0 zon`y}aa?Pv4l8nuY_X4%bW>D1H>=i|>{&KqPz)NJu7AmVZ!2y4hoE(*(is;Jg>nja zDhm4;Y$8r{iC_pjD#8@Alywq9Z z7l&$-iV$}=_~R0j!r&%IFRX%9@{?eT`6OC*ZUhO=^p8iPf{TBMZ^MP5@brsk(hVt8 zCrg7dDA`UIY5Dp>%r)6@7uWx}8zTiq6Iqt>KD+Rw2sBBy-DQuX;KFGpKknVuP;r&o z?@l(8G&@b~D44-QJY=9LJ(D&K@m` ztc2CdKw3bu`KxN~MaRyEa7QUMUFSo6d$H}he-w(4*bHk~n3vkHk@fk1Rf?&TXB6vGO}xR;z8NpbVb5YB$0*Z3n*4LipJemIDrnYRBu$6DyD@tch0Xf`_a0Del9=K_|! z&Ku<*5+79jt~4G%b7f5%-(YHZP}h zj6Dvs4Oc^N)e8{DUkZyxqk|(*7r8^eciFJ>xX&&(8RjL?%b3ZO$1jOnh>w}Ho==;M zG+@K7#Ibz$Xy4Z2w9@pWrkG%#H&@SE!!7L?R@08>wlev}+Wb5_T0&O6{=S)Uj}?4< zDf-7)JoD`M8v(0~rT$#1hzovMD3-!G_6CiZRS5&DmSf8gLL2RVh@uZVo1decipES~ zhA%E*HB3$3A$wdy){u)oR~$3>Go}?PL4X0do^Ij{NCS)7RB>FQYLvZNnU69G-i-eG zfzj}GPK8YOg9NMA82cX=pjRW|QE28}(;oQc?G$7gEmEkijIcM9u$qZ?o!xI$>1mBe zOGd$VX5|0+zpq4g?J0_O7g^$*O}t-A`nYl^1RQ^?%r_ zbWUQe@=HKrgkxQ+8G7i&&s?G4Qho)ILXYn$VGm%*|W#J^3S}1*WxDN&&f>bl@VVd0&|c_9a{fS(aN9%v=gp~KbINv z@r*?{I|UQtHA+_?^HON2;k{qId1Uixsh=CZZ9@esq0^HSR_o5>T`BF+HK!B>@mvk< zN1YOWyzl-m8zQO5AZrQ7M=<7I{Pi5e^GYmG%+M02{bKmG3BZ_}$1tnc#>Xrxtc(wcd!Aj0WPDcTwO^J&ELNryvQ zXq9^pHNl@+T?}1F-48)-SbX{KAj)qa6^jeM`5aX&lr@Krmo;R`Xt~8qr;ZXItGmT` z`jXu8^W#+CUl@^91o)wEG6rrM-)t8?Mk{4jQ7SwBJ48kirEjmYJ#|E&amETDk5Y3- zu&+j56`w0Bc14zjeB|ag)C8ik0i|dTBm##hv&VKbmFd5SHeQ=ERrkwJ4E5qSs~FC9(?l@R!`9Fr;WY12Xk#|yQM*Eez(wt`v-Zt8 zO*69NzvK!Q;~OYVt|fs+w3#}b`5?h~IQ7bt=r$~p$bZD!`}Z_^>Tj`F+yT_!M`Ix& zWmYGBuBaH?HzPj}i(kqM$8A}7(P81&C{1i~g1nYgmr!14<5t>_fXnhCFRNc0-})S- zAaYpUEG67VoJgWAX@bZd{VN2F;5O3jk3mba7-bcWvCo_K2UFwFNNcNa ziH0^3(BqR%>2-t3N==$!jR$YC9Q}b%*(Hc)@}#v5a0yI)9%v3>b-cP?QJ)r9;%MPd zaOE(`j&tKGyB`F;fl24ebVGVJKe{F+Imz#~oL3Ibv8bpq^OPIOHjGE9g`N}vnqB#2 z&1L*Bg=bYBfT#(@z!Vk%c|Z2<1(xj2?6BumNTB16&;iD)^T?0u6QQSp>7T(E%03Ae zKk)}D7zo=pxqi8{;eaKa9eqQ0b`m`Rn+4q5WEkqjLl&(4FEFWVj74J158{|sxS>4b zRFn(>?N^i-exxt)m+)**N2)KmU(|WHp&JcAt093!Q=7}v(U8OG=jpgY&>{jbXB=fu zYmxoKY&6StoCa0{cm7%W_`?Zo?ayrO5DtO5om91^+i+`DSO62Nf`QBsD)ZvENvzxz zq3=PDa5S_|mNyCjNuU}yMAljvC^B!!v6#p+o@R^CA^r9vT4~yDh}{{bZ7-2VQ7V9o z3`)Ra70l$nPo3r5_n}cDnVJ?6O7B`4Wu<1c^|>N!by(2%S+QM8O}nhvqlzr#9qd11 zDd(H>8{JsX_KhM)kvj8eN!f8z2=byl5%NFww1Uh%GEI&NT4D)7BMBvn7DG?Pp^DX( zA(&478+9#Xe?;Arw-~un9z|h;iVin87G*}fc&ES!d5$6D-jAD5E_`H(E4p7^xo|%4 z%k1OXe%74g2S~;GYg$QBf(@%hjAoEZ4;Mj>vW9BezwGd@B}t0Pa~}d^b zy}o+peD;~8FzB$Lh7xj>BV;`iO-Ky)eQcHYi&yg1dwy1|kJuL$&vt*+#O8s=ry`1P zdBgH)hpX`a*tzU^fz;zeQP?_GPer(qNW9T~0hL(DE6PBhIlXoKQJ2pcW}fFt@fh1C zYAfCKHjv5Kjo_AFQ*Lf`Mo-;I$E zlxDf+)>HkuGHYd}%(C*-D1+zN*<>)HrYS_`Whm6YEz1KXG}oMQJZ-OUMa(SB-IMoRHWoD_#R|I4`vFMv3Idi~$DlN5mo z@3Nuq<=L!vCG>sjmJX-9{@-S5yIQr#7A8w^2OSX^dD^ptQAtlPyOHj<1D9U%D+s{z zTTcxQtC}*G31p`0(Hi42$l}0IincJxt^aqXPQKMDhuJ0|kkf%Y_huX8HWiBv%D#I69xrZ#3A0;Wzg3j%z}?(Bo&`<_h(OfIiX6saS_8lMvt$1WZKVD7 zOdq@+bBzZD7ZY1y;_U4FHRlndvBIG?t!-pf4LGd+rf9HZfX+DZMI3ib%LkUMxpc@; zx5rU#AnKtUGv&K~R8_n0eo;gDUO0H*(r1z!V}fN6zl0Y?qvnnpOYGx>FKucvPB;zf zmM0g;Cb0$oaTej7;NNut$(8H_(kKPgVW`2_!9ynoV9>_9WkqjN7v6sAgxmh;%)){f z=wCiY#El-DwsYSpEO6Ib(4Bs{KMB}n-9pn2YIPku=!^&J*^7LGgU-Ovzg~b-$NsVD zidC`}mu7QW6<_=!8(qVlvX)y8?h>?fjaq(`d1!v>H%HC?Gj!f%=hiBG0}e9{y>ch3 zg&<+8zLVVH5fMQQ5^lEcFUUct7BBJ*gs#26#KL06L_`^^tgWF-EDf1ug6L8(YT=(I zH>lg&Fs{@No)+SBuJxsTb`fLdY$lXjh76)6W>@sKtJ2SdrtG<~FxU`sPPqOUOhp3G z1!P%2>)Yz;!k{34VjHMP#M`I&#)8{th8&ClX?VOVP|dwnqNSi2gZ4rzV4N&9?h2mQ z!Rd~qq>xj&o{EZ!_18ma_!#@926B+me`z70&G6`y+JYIC5jy5G+M%Pe!|V?*6C*RZ za>e08LD&q>j@*@HrbN2r^!Fz8og5qnzy^nO3Etjde?fNilqs(ET|{pdz8j+10|i*uPPf>BDJ-%mwG&?e5-nx9tdZN=;N~Rn83nmJ_BE>_%XL zqLXFZC_Wg+qDeycn&dxy`ZO)UtB;0i=S`8djg6GUG$IQ_!#n|0YyU=Y@`DAe8Z@pz zG6EQy;9~ILMXB_)40J^}f7-c=&{4ZO1(L4`+#EU`)Jj$LG(8e{&R`H&1`c;Tpyr8H z!hBHztl+%_`)X-ek65*EC1hgH*BBr}wLLv|TcQL6tX=;TiSBMe7im-68=gvNDyo7Z z2-gP##Np}h!c-~GRdqY!2I37s#-CJ^x^o^0B9j*4;pv0+bYYh1z}0mjXD^$zs`ZQe z{+da9Bx=H`sy!wtP#4UfYW?uF#z7Zzc5v|Z9TRzP5KyzRI~@`{CZ8a=E2mHD1bW;H{EdD$VUwAd zu-z~`KqJDntjN0{MVQ!dne^7tu&>L?3ge%*TG;8$JjD4SmS5eI6m6#O?$NXN;vz-5 zRHy5nXsx}to#_+a+kVG*oh2RDK3NKOfZ7}rWB=IW?Af!3@zgHV|DlZ( zcv9e82`rpKphV;A;$kN_aL_&U!dD#TP9eU<`m1lj&_c;AAAK40WZ9Xs8W!Y0_)mYl zU||J{*W<%f&`3d5Kn^k?xONd@A3RG))6uuJh_ffi z&c&e(>niMaPuWU@ZG{Q-lN_w#hE97I8K^7I2C4R6sf=_ktf)wuAc-1O+m7MWT$_0J z<~+UUD!1d<{Se9r2;#NEj>8QUc2vQ{G53s(1!qX4z^x@jK`!wilJhstgc$2YMH=$E z4!?Z}|5g`pI!CK$7OYBbYN&W{u?M~wyX7$%S8zJ7gyq|;z0iA)fHe#VjA1Ip`o(~iVv z3~uZbk=p|^k!?;?;o*7{3=&QI6@P#}xwHbm4jK2RrWEwmBSTx1Q{|iHin8=7Nnm|C`eJ_p z21!BFmY<|K4w;d)2XkPA$~x_0kq%Xm(HbkKJlbcV)qg$6#^X8)gjE>MmmaPJ;x00P zVW_W)VQoK)n&|{hlvJOi2eO)0whvv}(Y4Ld)UL*ID+#>qi&SFz zV&rj~E&J|bDZkH|Q|qp@5GE^I*}OIn*(8rA<>{7+!}1?4qw#XnH62V^>!JcsExWm!ToW=hYkEx!q}*kv(Ngux!14Jpw(p<_;4zPmbOgM}|f0?`?M_jBf8CGa%rRPpemxRO_#< z`cb93zM+$_G&e7U=c$I%T0_RgaYQV=K`9*_}h= z498AEqye*Yyj1~R5*t}uWPN@8zXJ<;vRhqBk%m2FNCPs`Y2?Z2dXEdx+wm7yBjUmV zA3;(Gv>h_EH2lj68i)2T^rvREfN6vk4x?dyHMCo~LO+Xi< zpxZyVA{Z%X^JoI3_*Hw|QHTWhBt=ZVj5*#?d#~ZT7Dt$qx+LTo;{$DO!5eK&wyj_I z7%_`$Q$xjfJ>1iToiPzfid~}-dHKdBat^IrV%k!9mdnGArFbS<-1!h3+QV|@{lw`{ zfpn9sp4;{DN&Bmvd-cT(6tsE^@u^8qmB|3oi(_IBvx<+ModZ3LzCpu6UUBnH@%;_`t=*1!ET^H+;_R3?oy2N?VcPFS!Te zM!_%Wq;U{wo&h@$@=)ZXItK>mc$oHj6Lxz;Am_pPw*_5!1hFWLR$Mk{nS!xxrbSB- zc&eZcUmdjXY)uIFaCBn$uiJfs#(k-0YwrLywL}Zffk)!VIbE34*cK-?=D-?^G?jJh z@2cjCgWrEO=I*onp!kz+dU}w7P06;v0l6Jey%~TEbr`w5T?PHY8;67~W_rN#f(!}0 zi_gfIg;{?7FC2pS;KOYSA9(;ALdFIK$46Qo5laJm+%dL4Wpi|FKIdL2^8nZ7bkgA9 zAmVV!jpg%DZia{c&Nxn4G=ralySgxmWlV_I%I5HF;zYLICENzpW`$ktq$0gtpW5>q zhWhp<%I+b)@(j9s#he!ygRBPEWXk@Wu~i%Yz~%gudYsERXm5gTipXE>G=51PMHyUn zpD?|@VY0H<@I+9cUUhGfeu`X4__j_5bG~mxBX<*C+u&B`hNnfLDG(73o2Jke1450c zPgo=P5b9rs^Io4I3=Z-za#Xv6vGXh;#bYi5#dT#h1cw=LOcqWegE=$>a~*8g#O*$1QrupkT6Ue@6#Jocvpw0_Xs~ zy9ML)LiR`-V7L?C-&uLL3(nNOUPU)8ShmYI7*PNkzonQ1R+ZqUf4&_ z;(iWg3dX$;&CQ72eAsym&Jz;zyHeK_Wbx3B2w4M}#RXYJv2$@gwgZ`^0yez6u27XA z!;RWO?;mcsJNXQb{je$+y-Cn;-z5rNLSgt%b#he6t;L65ya!X7%%1RRXPa=;pmYCXw(4v zT{9ssQUAgL{|_DJ9jmk5Hs>g?xI7ZS@g%hQAPE)9N8N#GBLT zv5%V$$Y+-hd?AX!&NZS|q?;>xAX%*8^6xn(yGF`H%IK+UzQ?vW+yaRkrSIEnal zPG{aIwaQCF7ZglDddK=(FF=c*gi-jMxs2H1hPBH0yPg%ISo_w9ohmfrA@2bONe`Eu zG#K6jrS>g8VMuu;e8x~8zRM8-AYi9k^7{3=l?u!5e&`XK|D2bUmuCmXq-fQi+S_$n zcQ2R~_UTh>Rl)B-a-9!``K;pLbaysGhE3Ew1K3+LJ_*w)YSx+zm(T5uoO?8ZjL$i$ zzxmJV(QWuZWJb+~pQ6V zRwC^6Dj2Twtek|5X*nN7K_lh0!xSQpfw2#NuF(8DqXZa=e6m;s66JXB&W+d%qtgKa zxx+}%cj2wbKLa8Q>!~P#vnHxkvNF}aFSS3l4~6!{4F&#Sy?0Y7iHV~ymJOVYM$I0q zT64%iCzw)u*uMsbEK4si<`=Dt5w{dX1ivEVjJ~!XcnHS(%0*9JkHa0+RKAVSS-7{; zzAuiwiAZXS(ETOxz|pA zu(duayX@5@mvDlTqo?8EyM!vYtEfr&EK);ATibeKV1&9;vA-`R-l2Z_AWoOp(t-jD z|KhQn!Qn&kYHxzH@rVpJ&Q)TVecpsBc*-O@O30?!cYo_EA(^O6>0#B=k?T7!G$FBC zvv<0fUKT$y$m`wZGPl#$t|!LRFWH`cal4+XTr7;$V|8kdn8`5dHP?33xLeKmOK0w5 z>$%mc)pKI&g3eF55_&s#ynBRpKAiJB@2f83IX6?;ZYesEDK4eIuUB(tgF9gvOExvm zcPcHakQsCPL&PgVHI?;8*(QNSdjFJbnaSV}TZPtBQRr#_&yBv_F3IBKQO}A!=&E`L z7!fH5@hggs@5oNKyu^+uUWU|s8~sH8X{S~KjL?gpg5ubuzglS)rcYC1!68>i6J}NL zdvW{cmFDIan|~nk$6kXhPDx;_eQ9z&>%6+E>J5XJ(7|Z__m%_Q6wHrtAcf~3hBE#m z5Z@tewYd!J!vqIslJl3)rlBo%9}nwmyf;yX&|5bWcpO0xg?%(Mg65x)2~l_PNl6CK zkV3nGwCI_7UV2ruH%Qzayem36aK^P4dQ3CG@hctF4|^*RCmZ z;Vmbpy*7$pSM8E}FZYKZ!3;|cS?*-+yRm7+D=FWJ|M>2jKGFViS?}J9?6JYh1R?Dc zbSsLumrqMJ%kO$*kB?@jQsElH7?m_9Te5IEBA&^a5x#UYHy0!aqQ?B5ECmj_Ve!ZvH{uYT>YF(l5 z5uNGcs^r>N0*NU~CJE2vx)DP3S9@N&=DkCF#p9B5 z7Isz|FK!K59M5n|ZGR~kIc7}gv%UZLtW5g~tTx`5i>^^5($>u;f&`blon^Zjc1 zR-GO6H+z(}!)Pi;7;61wtrx? zTFDt?#s}SsOf`@m$VT&-2=V-4fD9AvEIFL{7NTd5zPD%aiR815qH%DK8umHR#o2Rc z|1VB1F6{~zyGsbZLJH}xroaMkI<^3cH54B`uL~)>t-~B1X|JQu7YoI7@~Q#hJIgny zGM`SwO8$e=Qgk8D8le4h)o&orbVpH2awB2iwk_7LGC?Y5;mR5L;1P4`Y@O;7p0Y4? zqS^md_0@4vZSU9Is~D&#At5D0w;-Jt9Y9*TK_n%WZWKjk2w{d)N=fMkfuTgYL~^JB zX@>3`-aYsGQ{Q|3;PV0I%$(V0pJzXNJ!`G!hVOS5N$T#7TbtoGvcexjx_bL``U8A+ zW}dJyBpAm&A6!!Mw06vd=_7`W?qi~#+yxoI>U!RfscQCS44s9~3t#2OvMGjITPMn_ z+)281yQry#Yw~RQ`u7Ts!$eX}A{mnX4>HM`wfCYMq$YeIBjNk8G}NI{sU&uIZQU)*m^I1#(a1FYBv|Chmv7h{c?pT?;(wIJ%ji zz+aK|04h)H>fA1Up>>(hU(GTxvqw~~^futyNX>@DKDV~4a_$WSr7b|)kZz7{2eQtN zL+k@$^g0w#9{{EpkPml*^*Cw!JCMNvI3~@PO?JqO%1G~ zxZW$;)&h2~U~d8}CDma7wCe-d<)UaW-pd@=eRIqf$O?q+KL^$v=z19upeO+59hXI7 zuKoPHd@22JQ2>R39kNWO-tZVe6~Ve5=zF@=CT9ua9^Q8s0Q0HVDh<}Ob!kcQKrRm) z7$m_1(Zunn{|EBONgFVzfm#=5c8(1slo5aD3glv$=Urb7Yr*d4$Y!0izy<*O5{1V;!E7c}UtL~CSG(HW>XZilB#-wBb8|bX zK2X?wYowkZLt6wr-TJh@o@F6rUiU-9!}Xza_2vrN;&`&}AhqbGMVHLc>`fJ#fsuzOrT>0XD+sx59>q2V@Evb>io?&{I1jz zCttCvuqu>3Ps&%cw6IdeNcN8Gy89jx3XRi5c1?HNY6NE7|14m~0=gXUOvcdC7Wi4< zx5Ns8HV--<#`jWH?4mRZ*pOx?oB72=k~U9=(w3RP{?HL@w+&9zusu6=1D+D*mPeie z=U>N2>gZ~%0@kwWr)qY-UnLRyK2|YXH`~7qePGxzA}xviL0zY_n#cS3XeZV2s!}Em zcAR2QE(7CJCBjn}>$j0!_PRmP*x$Toh;sP!z)01V^&J^Vq{HDo%hgNL8MUHH{2ZASs z;7jXuY5`_x>68O%QNP1`e31Bk`x0cYilXnPoCbR0(FaxQtB6x^#C;j5^H@m zBBO#~P<5CE`LfG;wz=S)qt_ss(;In+UfGoD>FS!5n*$00fE&s|p@V~io0To#)#(pD zQQfz`j&TLaJ@}OgUExYC6M#~;pCM?B9LV@I)5O_iOCbl}PjWO&uX z%aVlN5o-uhcc(!w_nL7)Hn=K+WA0ymCKbclH(b7BO0mx)YHcl7SC##hQz?FL!L{O2 zyp>i%PO>gjOofNOFl~-|p#fh?(lqMrC!LrqD|vCfsOtEDpHFWO^efiHEKQeo$wN4E zT(_2!b$L(?ZslhcRQ-WdLaX(jkw$Wgkg?|(3)I>3I9lmTchea8KbXIM;KhhjDZmCg z(tXLdy~&;83#p}{^I>)bBrhxZ}tMfdq-{AY~doZ2-h>SWpR2obvL)#CxShCwP>gu>zW@*`ZwL z56X)ut0tg4J&b#Q-^OPN`vHLOK5hqTMryY&VaFJNzvWDRGB~^=>?^= zdGJwlDeb&+^75n_Ko5G>3J_w6-I0a4EOx_!;gRzVFgxgk9jMNQfgQ=T@_ENO1E^wH zLOR>qrzJL7Ig!lZgvgD1_QTwZL81iLMfZDH=7ujq%kxHuA!0o8WI1b$O!|+V?1M=P zHF{}g4{2^A46U9*Z;>dH3RM`v*oC!w$SO$tUuhZ*d`esKNH<_kOO%JUz0HL$skqlp zFdf>yFG$u{k9vOdKHBf=aM#y*LIsD<;&AnsOIWSF6tl1*?NF{jvfS87obKt&gRZd) zIt;6M<>xyy^_|KQ@{2oH!s+`w&#-j8-MTr&N)73or8U?UogQ98jqyHJigc|Gso1Q5PKK2?QLr=0FC@mx-3Xq>~ zUCjKbEv_4Nrp^-P7gNh@7A!GH(;CUp06@WqA;ebJ*5c<6-nTsE;Nfw9!xXQ6A9T{0Dr9qXVm!~fbpgel-~IjPVhA^0Aetu0sUcBW#!wD z5Kym8mWfSG-Pqjul=LPU^dbT_{UekzQmkxjGQi2VE1pm0`E(=LGP3iPR)Iq6;GlM& zm8vf_b;|I&cx?E3oGLa@Dbr=*%Zt;66CaB+Uo)tNA6Qc7omzn62p}*46nE})HpDP@ z?EHAXk7WQh=f@yfm@6p9x6}dJ*3QKlUb9LaJKD;VZw&{6+}sWT4m(XpfY>uPH@7KJ zWmvEfCcolVgGUN64XL?XaG=S(OP~mq)#j@Q5z!4SrvdpWUIv2eZdH-+`5ubOhpD;Tkf zgSS`f6Ua{kYk5H%=x(OGg=1dFlhU|B>Qb@?+-Yu~KE0Mnj9(X~aJ-#)X2P;e0-b`NJ58mKQT<)?`evK0!MVv)7 zcP7!TA1Fr7vS{^<3%@DEP^8b4JPpnZBwM3Ah&C`uw$nyBxgpmrGgDx8hAQd-nzZR! zJq$FS&V^y0_g>DLk)p+79ZK~dHIb`K`|~7mwbw-})z^r0IRiKml-_jn_6F2t9G@)@ zLz2(MN7pB7eN}Eq+>+Y@iBmX#{E&_8Elo|$)mpfBf{~^ssTpr`Vq}lh#)f~uw~>s0 z>5HdS8QIx81o<77;(<6n3kxQ7``n=wP`@7A=%A{dc}sIR3lbi0{bxMSWo2c7%fl$x zXaJmz&)K*kpl)&co`nM_U7WrE%AeZ83J^hD5>0M$z1zL7h(xK3iEp0xgYsQmUM3!Y z1i1fM-ljCj|A7S%9>qV5_o)j23m5VI?w+3c$gt4RiM>xA9GeH)x88sNw%vA$qm}fE zg1sfC>uesB)PD#C0Wu>aqof2uIo#abY*MIsh2R2syswyUld*`qlmx?8##Q_@BwqFB z=YOW}yQ^R?2OnN90>OD0*QanfZyw^J*AnaHY6;1;74S%qgMa>*9}62)V&s4%hV zaAhqwwJ)5cu2NJ&WKBsJCF>k;e$r`VCUN>zkL6X;QQO@p=F&5E5(8+M4k^6dgtXe1 z^TwIISST(#bu|GsVvskW`Up=#_=N%fe|+pS<@^cE#Ws%`7i#UI zk&VgP1AOUnY7x|RU1-euW`=P9JYW+cooP|sI6A0r_Yb{I6pT^M;5Mmo!<`;MW0I0k zK&6OND*z3-KuLmL$Swwzm?YYd-BXC92X=h9J2?{tB4mfYoaZ+OK`|Lj6fd$(ptbCH zH4l`T+m}J69%ujk=;-K5CxP+(ayv!|S{I(5E8=lW!!VpxpJk5ts@cvYi$>{u z%uSQx`LK|-5HHvlCu!4>S#6dy9yS^;M2(&$+e*yeWiTYPJiYi;c5d~P*n72k7x_qn z?X@pOhh>pT^S2{ZaZD&ptTbfPeQngMY zl^H2lohA7^x*f`V zZqZ1h3hNOYjd$!--|bNE-jO}`^VU}RczgbkkPwM)ag%GyTHo=RDZw!Y_-c8R9D&9* z;~!-!=ly{UbmP?C4!E{O!r?PwJ)i|uRj-(0b=jZXmp>xT{JukprX$8Cq0V>G4!qB@^wm^4rZccQAnwIvoohfpYf(*oO@C1Wm zPDzoMA$J_eLki6r0)Ru?RJJIKB5)K0>^*-Wo8BbgaV{Xd-+3-BEFyx3c1~ZYsHjBB zNrg}Y#@1_4dge8I{0?SkX9q5bRbctaGeZ*&_J41@X-unqtKyS>Z)Q&3U>^nlG} zNn9P@c96Sn9!P!)!YFu<2l(6tK=wao-DiLPT*V-!r>F6?WdgcNm8E``eC2tmmNnktznjbo0EYZz*JF`+Zh=@A7x=w&=mI~_txFQG> zQ-u6%6yw7=I>9?Vz*M!$8DpxYRpz~8?K0F$NN}kJ72ZB1(aD`QIOW<^px4Z%ct zyLI|S8#bhh-x8SP-4vt13<^ZHhqprv2sJhZ;Hy@gM|Tt<7 zlHN!&e_-!;+KAW3hlEg4QZ@j)4j1=5uoXG5?zwqFt*fowoh%Vwr7P;XaJ}fJ3&;tR zBs>e_@2}owjeZ6!VfOhx74~jbA>G9%LHe=LW*8WN;@jHVI&HoH!Ot_W&Mo$(Vy32W zTWt)rtG0{X)em1dITadn<5`#B+Q3#y2^wAkoX7S2BuMC_d<11=0=Is)XlUTs3^6BO zUOOwNUh32q_?_!1-PGVyrb*$ul_LB+NmXvQSbQve-^b4kLQ{rA%9rvYRLOBVYC^)+WBa|}ZyQd*bT9I!>dP|xj zJe4+gMsWp9vbSy6w>MlS!-j6kD#_xY0-D&vnmLscWllm@HMu~)Vx@Imzn%7f&ILq1 z$c4PU{danZ6D{zGwt+noyVup0WI}2Hk&R+jyyZoQ?vpIlDJ7EDjVcOv`8hi2RpCsD zzuS#_@AwxUZvuCt!dmgHyH@}{S968~MGP;{#Ub#Z7E@qStIK*%#^B?;ix z6RK74qyWc@v*Z z4XIEPWAt5m+Lc;q{CsrAG84yel1D3?1tnCl)q#SCe!*aN=Bl0{{UY(zMLij>Pr)Lt zRH=8?ouqX&#?0)npgF~)`!(X=MtRTM?+)SwJA$>ntt3N`d9`c3<#y)gPLhG#O1s#= zq$!Z9&hULRX^C)m#JLFyCCpiEJ~9=KGFw9P_0oxAR%b@7U(XjwbgkKxVpV2qE)1Q% z2v-wgnRN8MY>T^P)U^-@Ow^q;jL?gD~3}$t=s9-S)Y8|d`S0SM-9FO5g6KM1FRu7Am)P3V$_S7qmoHlIoiN#GY`1v_TV>@MOCb+Yk&-v zaNp)#S1(n{q9W8K@5Y9NP)Kla&XAoaSFq*3hf0bhK22CpE0XFB-I?|8=<6G?6;ziw zD?i&MCu&KLl&%46HGmJ}O*dH604o@M`SbkI7h_UMX=xmo9XL=HgF-0$eDx0rK4MfDDE5X6m0g6QNG63jhj$qF>ATd&{VV$|5inb9&f8{6 z!*wbVb}`N`S(&a1=FLaP#E?7m3}21tT~WFA4ZO4)R!uE$b1iCoZn$bqia>eUod-O} z?mV5VRUes>6nH!GVO*ksjdP4O<1L9sZO8r#Yx|J-I;q>r*(^H`Dr?tx&&JE=zUJ-+ zZRy4bke zNx~>9{1KrA&AZ`Mu9DcwwyZbA-%Tmz_~8yR$8icNmB)Rrh7gYF>~Ix`M!Ax8Ugm)9 z+C6&j<=8y`|MlSVYsD6<`$!wh07snMygYBu$>QSTZ{NNV)LsV^U4RlA*ZaMP#VA=l zco6h(*2HWG{Ap;2Izqm}knRwDi70i7GOWb~L}-9_WNK3X3x=)u%h;cT*8xtmA~HiW z2jq5i!?9Zno7hb$!k3MT(1z1#w`X+)x7FY19&PcpiR%$~ratpCx8NWNzQ`eb>XURv z9NUxJ;B}sX_CIv{5w$5ZHCZqa>?aH%r2@8v8ae%Uj?j8l#-lE|vH|;HnDCn#wYZ2- zOrXy8B$^cx+MhEl9Wz__9Bob!xIL1N`XS}&HCVPY0RQ|Y>kLs5yq%F+W7Y1MZXxM# zFx{e>iJ=hjnX(B`o0vVy*^Z}Q&t7fz$3skR-omj#TQt(rLaRfm#Gazrm%~_DB;71Z z&nWutdmouCR#BQ(Hbg;pLEwHDS5Z?7jnW(~ermi?X|k?fg~GiQXV$0A*Z!;%PNH=M zI`>$%GNN*-ZE*JUsyOSkxWNAj?na^#5)!5y>GJw*-(IJF+OTBs5^NK};fr;+5Ujot zrU?X3OVY{6Is!}#b_YL%{Ap;kh6{=JcGQ)4Le(Qzj>Vr(G@;)qBg4;U8+tdSM&=&> zAR1xcNKAU(2W@LeZoN(%-Sts}G4~tHi6)tK}%%d=gNjWe(@n^C#4=*@>0v57aA`9Uvzm+EgzgJ$Y_t-#8ueM z^ou<^GMQ9HCBZAP3tfEzX?lU;rzfte_VszwlaE#-6p8(3db?j4$+8wjx7TMPvkP!# zYpZ{;BIMu*W<$A-r?UT(x?JM@SDsdAWS!?$qiNP}DQF;P67|#z#Va(HM|fPA)=X(+ zZzw*bBrJ6QN4?>iQ?1Rhn!RGdE6l6AnNfENI@GRQ&G5WPLf!Lo3Yis0tQ@6DCCtt| za5m<@|Ndv6UO3rBkEI97I@VJ$p~L{=QLPep$g3Ffbh#hiaeNpi}eXEgeo<)X1#f*dbMthY^&*8`MuOi->hqz zyT^1_bgzn7NwkLeGAm`=Ep?Wgq)dCLJs?n2vGkHbagJWABgj#z-pS&nKhGm1>`Fu) ze*OR7aU2UJq=j{KB@3ZdI+=)*?lZYnQTnM2u*WR#%i+9b`J^?dmAl5tC>n=Ij{{ z7(hD1X(@7vnbNLqRl{q(QNOkcCfswReE#baz$(Y2CLzHU3PVC(>x5#{QKOf=Sf=8( zVqsVR8b+|RCj27!&`VoF#%es$B zl8ZyII@S7@{+Hn1^Xu?_$@_d~c70D9u}YBf`Y2}7zYCd8VxX1thz=djBXLDY6`;9j z@Ae6`VYc@g(9;OYnH<^)Hr+Fcx^h*gwK=8em7TFFZe)c4Ar7>tjaV|x(W8^7m zb!oxRc%%42F`Vwp+m?ls`DU)C1!hhrhG<=qL-en~As`TKV=gthU1h&37R!CF6;?D% z**IG8&aVdu)A=YTtG2RT5@)Ae3YS;?X#x%Xsy}fKTINv}(2*5vmVAQZQzQO!9t|I|ojAu5{B&{r0NazNe{Z6! zI9Jr`kNa95>+c^+xnBUK`!gklqX#aAfwO($+KFyj z(J#9Z0)mU};0x*HSe`Ho?3r?UH?kp)lzh&-HhzYzqX~oVpgNZ;;9Ug$V8s0 zLvGp@B=e~IpXf8}$$Df@<_E5fw;4(p9q*+1Lm|gmOWVT(H^#5=8Ob>}(40#A@=PHh zu>6Y|F`0#obwajpKZ2STd}oVe8}I&4TnVo1GO?oNRN!dameP=(A~Okp->iEq)M?G(=(BA>k%FpP zLaE^5On1AvVQif9Gm#22hw4rA`#rN%%-or`G^e322F7A8J5#ULXpq;xJyW0S&!QT! zW?j!BpG}{7#{)C>?eMw#^y0xknYS*sLKPv9;O|um|L*bdqw?}Km!jo@8L2@pQ?!Vp zWvW((U}JPUmT2U7to`S~0PdcMKYh9rpM)g4B%70i+QjIIJonLjT;`>)rbMlZ#JxIF z`6(|HE@F+6F7#-KCpl4l&{G0T6ibVAeDL+3CcjNCzh@f%E zHM0=wOnTJ0RLNGF*x#k?A~O*zt%26vnu1sPi_g91=$lND#?%KnAh`D>EEOV8x7Uki z%U`1;XMEYFh@S`7tp&%MZJ5gHa@6RAdr}DD#?O=7mL!ZdZAPDGcr+u%ZXW1da&iB^ zn-6NPW2<@%=>!U?U=j{t?eD=+d4AdICv3~eMXQM>24&{8qKT9Bttz#lR4NiF7uf}M zCpw=*wcAQi-Hu$5iX*{@)Cj-E?Dy^5X}ib!VW<2|hLU14^)#eH__8KQ^6P3(G+$4t zKsgD?-Z*VU8$PpVB+00;_Ei)V5;_BWCxBNH1^=|``#ozvZis5TIo5@pu)$SKhV1)t z=A`Q{__vNgw$;lhaxUHuM9p+(N3I_Zt13oVUj zw;I!b{P@u)eFBhVKfsPmV>ew}{yk8;be`@e+ZMa`;j4_XDi?%-0XSOovFEq!hhr)Q zY0N|__w=u0iDcZS%+Vvbi=o$6-j#b)9#)}D6XZGWk+Ot-=X9o}m`63w9zBa(%ocNq zfraLdAI&ZhyM`Dz+&6@=bL&%2NF^8>PX?@N+FR73ElJ?Ey1H(?(~ocNXj}=0^$y<& z5XDT4I_YwZwnHZ)n$u5D=&L83rd%s?R$W4vHH;H{46QAdw2R~0=*8V&f$jYh6Q{uV zb_%ov3Q+w$yQkaw+)2^E*8?fz;!VNVR;XS2=z=7CRRJerNXB&U6)fm>Q;zww`2wpt z(f5S!aoS>hSXI=>3;Pf`%rp34uH**BvY6ZFB%!5HX1m(3871P-vRlIO>Ad1z7>qd$ z%r7TV&GD&c6*7LaTgMuTH9FVIXvcV6!!@2I&s6g%^9sAQ(}>XK+!l_NPD%ARNzmUg zi`R(>I5?_)O=-9)f^$@t(|yp64J$PmQ@^ISgPb%s+e9+4Bhf|J%2mkibiardqD zjq^H*n_`;7mVf*(H#pqq4V zdi+g@MsX4Q$p`~lr)ch_DQ3teV+9sVG&zv9Ce|;DsB%j^OKyu&JOFO*RBc{=|7q;}iIX%l7s?r0-UDn+0 zQ(m^5lJ;hiHLLS z?AEWZ2fkfJp)$R^+{%Q}vXX}=DA=rpBH5KF!fZ=Ux3m1t&1Q#+OXk8p?AxUh^BaoC zsPHo~#%~2lmBbVe2BX7lGN%Tg@uxV7&mLHkJ|LyEoLX*s6|Uit=7i0;gv*4wl|DG{ zyP!jPNBnJD$eT-C$p@()sKqS2w2!Q2tHm#n%oAS?#JvlrZcewhl8aRNL84KtbVY-! zcd-0?hOIfSk5&?*K}nh0OH1x@@a?cKa&Vid0?pam8M?3tGORx0k-kfthn* z9x*1hM2doHcQ*&$?AQadI9QO**MzypA?Z~8bhAGpHFsV(NK9@PMOVh}j3y15^(evn zbKGS^IhINI#rJSOtRbAW4k+ITs2^cj6rg;~!^v5y@4)gbQ&S8W6w9pN2ZLtZ94^m9 z@=WkUo)li!OF)oXAhj9%Ad_5MNtW>*>n)~MFX_Q^$c z2**!%>mp=|HzK)f?N2|RoA5h1C{+pV#{AvI@QjN#UgS>lO$%rdUnhM$sddAaUYX{l z;GCmbP}RvV%d602;$BUu*>Rz#I;#vvcQ^(2%qmR&a`uxVeaN;!N}3smVLRVv*pXiE z>v#?(A`L_GCf0!CQxnn2T8q%yP5h6Ep4=yfen z_1}2NbU3S<-i6$|9kI4>sqQ`OqI^S2?9WYZraO}$zjMCtEw+O%*jE4YeIsaWBwxDY zwO{d+Me!SzBE3Sb&Z%T1l$pQ&n<+y*jv)uLj`M{0Kn^g@)GkKhth!SvbW+>1gftZX z?w;rB%j;KPuczFzbynQL9O#Z-jsgp-$A=cm_3quhH>_d1MbUdk>O-k{LKl%@eTr94 zw)N>qID+ZxwZg6Qm=&SSO1tQpvAeN%(G?TA9B)dy3SSScCxMC{3T2GbyhUq2@oW4D zF6ik6>Gx8Wfsm#YVK}559sLN&tigyxr)hF@$2sdi>?9z#eSqfzn2I?D-pPn45*obd zg&ZNSJ0AO_7a#8TyrVs}&GzYG>u!6ul~@->0#|vk*a6$D{)+7#42R`Vli1kbDDv~i zJ$+p;S5uU61eHsii2S0E1`QlFuF3mS;&~kFc00&Of;;|B#6ycoVOrFnZA^M6P2>on z7kYSj7^wQ&%`RQOJYH4#`>LsyYDmBB8<;t7H>Jp1MLig@AVnu?momed!Dh06l!Kch z`0Iv?4)sDjhUtiKYaj3Lsh)Ey8x-0f!_pV0;P&CFGL!UK#7vL^&N(~v5ZDr>2sVa*Yg-4Aae96iJ<0{mwAZ))E(=9AE=^um zSPmkm_t;+rPR2vny~-{D4eplx(qgcCY%Op zkTC1KArLQpYdg`AZN;Bw2;CL@r0hIal9H_?jHRuLsa9^dn+I5hvVB`TenCF+QKW6j z*ptH?`p}}nMQ)Uav>#DQfjeA4@PicOSdcnz>E|1>REOzEpDH&e^8FH~wnjHBV4NuzK(-?=ylf|sv zv>6S9diw335k;rZ7VMod+amFOtjkEP<{#jh)yh-1Q5$4A7N=eh3##$ONbdvw8gFU^ z3~5aAu0O|QeYSX%j!7x3WRLsZHFwE5rL572dl425Fo5pu>|MegzTLeN`_)4%k6o;7 zB;7st&2yuMFd>YIfYF)y7Ys0)08hPDcu%T~jDWz8jh){YeQGPlhDg@z*snv@-61^D z**~Q*8Opw#@t&j1f9xEGkZAyL6;zNv;K#nNr_8+-%xY?K(!Ke~@hLr`N>aP6`84U| z@HI}MwZNmSa2VjpogJMgaThvO1y&B(de5Z>vxconeMlJQfjF+@_N5ew=(lifq_cyJ zr(nSdGtBe#6zoA7R^3br7MRm0MdHe-3%27r7kaa0cou9Zsdzrb+?C0^mGI<*B0K8t zxW5GyV4hoTJalm&jMJ^O$B*}HtnXL;YkrPbDoaaGB_{t)=q}NQFqfY6hk%UECZTp^ z02i)ie|ke3?0;r|vU*|q)0%%UDy0Q+z}N*uSNgA>+bk!9*pJ(fsW_I5jY3UGu{AUm zZ$HG}Jk371PfaPp$jv@6azv&Pr3v;%%8eilaN!K7(zUFJiNJctE9jO~IM|gr+$}qn zSem{T*%Nvb?Vp8!-Pv6*J3SjrQ@q;NX_R;)PG;&pw|utK_e8iYcKPk4y5-9LlH01S zs%_Xq`93w>m5tM`{;N6WOwn$XD-!iGBg}o~y)Y^j9~{+DWiI?^43o}xs^NR&<4E_>N+pAY3YOuD;sCi6m?&8u{^u+bRF z6|A7&n3*uM{7w^}ybMkQVLavdJ&|U&hq$&SB+tw&X07-IZuHB+f$nC~cBcGno)PaY zL?cL_a6PIyV6fUfB{YXSv6aTfO7}jPl=HqglzuK63X^AD0m&EaEbdByW@fQYV}ryv z^S%AmQ#Z&{Xx>H_ZayTNPtffag1w)T(A|uD5Y13qcDUVq|58^n|L>VxsE+4QQs;!E zw7aYsAm_vdkEDo~m<5hZ>n632hq~Rp@tfe%`4YKO+I;DI8w005TX9QPO)PIN7nn)! z_lxCh&F~u1=aH{wlg*Au$B?a-rzOj?ph~>n>?nB_(8cAyi301In9M>1^~@d?hTDaEvyxq{+-A~F!3>whYbTtf z^~R^ZTMPe-OxorPGpUWwYP9iHfNl0;4*jRl?;wW@o)q`J%vTPW2s%WJVgj}fN(l!# z<3CsSk>anRF;pai9?z>>#YK(mMRlj{kY-TDl7F~Ex4Nyph`k{nMwLO1$0kYL+35i_ z=${Qxpoc*6zx|8-TN{V*J+>Av#Rm~ls&^0jkgXco4mjq|C%y?)cXkgcfc-;@D#~> z9=^mOWEZT|aZ&zni~2YpIIR!l+PdCS*%{-uEA7XxL0>5&znt5d_;0~ZG-Q8yT@nzS zi|#`AJuM6IbX)H#qU~&%?SI?>CPGc}{w#1Z9M(N$XZbsR5R7~(#5GIrK|T0Agp{nI zbBu6WTTbt3qH9FwMd-YTF^p&4{kN>zYpd!psd~RWWeHx|hZ}#Y$XmMfL1|qKu7b-# zUM|o0KIeH{m2uKru#t}Vy`v|%`1O<8I2XXUqT44mJ51kQFwu3}??h1^FB)>~n6`)Z zuBY1nzMRI2POA!CV8eS3)a3mIbaR7bVAv1)#(3z`+uCboKz(+njJVcL{2tflrVD$9!(ly%!IAI zi=ap_KwvtaAHF+pQS$kH()Tcw*+B1!cIiLgYH$~8)KWoHnLA_@q1+LYQlQ~U+d0QFznLFjK4qHxQdpnt$SQsz=Bzk)S}y4d;7Y}0Rm>cvDWhlCGEd9 zjDWL)Z(zg3aENZd44^%a*p2)jdUQErP^e?pFmk~a8bgAh{(~cfWwO8e4>))H;o-3U z&-A(ZB{|Y+PpyuT*To+t)`w7!h+?pkJvKNgYre;tk41o_Ys zo`kw={P%N?YL4mlM2Yrq&x2d}FS`)D6^JC~M3#FJE@DLMxm~Zak!QZ}fB*dNk7>Sh zY>g=k!dK$AxghxaS&m+fs$1S|E*3ZyQ=f%i>6bP{P2|5Pd=CVo;KKcXz2XWv5D0{x zFHt>MB`bKjsz8Bfk`>|0^q;qai4~bpE-mShqOsZnjQ=a6Ja@m*j>3nZ#>j30933Bg z5yk>RK6=W05p|sGsc0GapZgR^wPD*0gY9XO8a%K1nX=el%PI8lwfy^IH+@}kuCPr7 zdCU)ARi^**^bs5*v`F8ZpnuxLTgpVYPyMky2ZP8^tp*v7lm?@r0`ZOi|L07=90z>W zhVwle!eH9l5}?|DK59upiVfkf#scWRibyI8B>7`{w9bE~0HR9Kl0g%|M4&vQus-zL z+Yr3RE)xcc4@*1Y@BRM_UZ?J-Jtp|7aO^5C+|P>n zw}&Hmze^Y8kqwHLo;j8`6)ne?Jpc2}W1%XA1IMY*^*DUcbQoblSN-Q&xQs~OGehL} z-A&HhQli@f{xiYM+*uIbdKRs79}3RBEx|ko!}L3B5_~jsSB6A0qgUD|u{Hkhq5B;F zy<%{q12S+*5Qz*V{I@$lxZW=-6Rh}3R1Tm%?YmpX|7T$Jq*xGZ+wFe4tnhBVrE~&p zJMVAbJ#g;#B9syYJcYVS0HYtL`iIbfT&^{N9hsy={~f4Z;}R06C@I;T#k{vObn{fz z)jg-sPfKV)Hw}=U<RJdJGODBYT1OW8cWT9dP_ZF@(@RU#r6?~e>+^MGLm2y5fx<8m5VM9VrXUA+52*HF+o z5$(LZ^{3GCkMlM!eAU{`nO%nkb;~X5GBy@R-iL>g)>GPr+@3B207qU_NGWBA`tw(`wozm zr6oWNPaGUb{$W=^EN7`f?zuK*Rie*Lp$z&^cO9LG8$ohEe;zHh3S$r5P6EzlKr0#v z8X5wv|C^AIE*lS#A^c@iB79MQqQv*ERb>0$2xi1xFEfRGR`^7$!ah^%L@bnIo=5M% zlu+%{V^IeL^D{t00lrAjr=t0-8v<2TZxp41t|C65k5kZH{Q`X7jWtX|Lq-O(xVShQ zn?ia&xAB+9ypYR;gliMkWu>Ltpo2zeWTZ%94>UuY(_K8dd7js##c0v6$v zAL<$|@Miz71rV4q1h{ML@Ky21RnSa~Id*~vE*X{Hz7ALqF>!G<4j0WgK!-di;GBW> zRigEBpB`HRt*fQw>O{4c^hEuN64bCD4hH7Pg9i^JlTe^ZQg%4d{e#J}>g#kUVpN7k zS+oJxiImT742Ra-8lbg#PP}LXm}PWy^qTU}oe257p>1>xAjIOY<=^9_Y0KY_AX<8= zUyMi%q8>pYRq19qbN1lr=9ZE&x%CG45$PA`_W5on6}jeU=V;>_FZa$o-FV-Fckcsi zj)@6l2q!o9b-zl$?kh7akbJ#*x(Yu2(oOnRtmMi1pDFm#7nMfyh!ic1ERa_D8?;Z5 zdKa*(RBz{*)5pxh0y=!WSIJ@sIBeQUK{<^Bf(OimrpOr&E^B|x zPrrM5{`rgvSJMl8jp71VIb}bQqv&pjN2+8lnUfc`KuVbvIb%85*g}d77R~zrOTDeN zRS8)RJnKM%7|?)pzw;uPf4~*2+|UsUy+~qZV-tPyj>5FJvanE%Tn_L{&jdlQD|q{l zl`q6#wag-9-f{_Cm_8Z0d8w*0G~H7I080MK%NJT-#VIcQ|vrEx8?Ymm|pX_ig;~4 z$<#E^&@eC2k5S4DESvXdljNIU1X3e#G@8!>Ym4TAw$l19e;&pkF@?Ms?e?Ir2U|>j1PL|4-DA2{CY>F^{!u@8u9I05N zc4=v|!#*E;HA*Qix*gf_v{FA`?d(P&OGihCqM{<`EDl;ceUS7n4UvjfvI4zhOiibN zISuIQIWat38E|$Cbm8CH+D?2l>P#_%gW$;rzH8p;=D`n|uwPqRT9%iWaXoQt2tLq9 z(Yl+8&jyJ=FjAKK4u<`I)4}H_h)M;@rOr8)O}3R(Jqx{!t;A#us>u|}A!s1n5${>Z z^DjFd1}2S!vZ613zG-^0X?+fy;DGi)ke?p`t3TT}k}1^J)@BY(LpuPclmlQJ2_(&B zz$Nv^4^0S=`U$*O!Sx7>i;s=WeQ~{P>3lKZ&)oRP1{UZu-~^opB}M2!;E$L&iV<)m zv|HG8Epey{#EQcY?!Zb=J8#I89yH4`t}rYZ!Qzc0>z*nqUbR>S28-3>y#N^0($oYK zn1f@>x$;iLTYgixGe$yMr9@GwCK)1(_ zLw0$&xk}2)b=P-@f^OZp!>NcYGM@qjZb18QZ*K=P(^i6ngamXFVod`x6-2EFc``aW x#|lHB=|7I8=$XfNb+v)RwYOp~4h^{_qzXkswD$1!r3m-fQ`hRmL4kQ2o literal 0 HcmV?d00001 diff --git a/coreupdate/on-premise-deployment.md b/coreupdate/on-premise-deployment.md new file mode 100644 index 000000000..8c4a9197f --- /dev/null +++ b/coreupdate/on-premise-deployment.md @@ -0,0 +1,210 @@ +# On-Premise Deployment + +An on-premise deployment of CoreUpdate is a self-administered instance that can be run behind a firewall. + +## Accessing the CoreUpdate Container + +After signing up you will receive a `.dockercfg` file containing your credentials to the `quay.io/coreos/coreupdate` repository. +Save this file to your CoreOS machine in `/home/core/.dockercfg` and `/root/.dockercfg`. +You should now be able to execute `docker pull quay.io/coreos/coreupdate` to download the container. + +## Database Server + +CoreUpdate requires an instance of a Postres database server. +You can use an existing instance if you have one, or use [the official Postgres docker image](https://registry.hub.docker.com/_/postgres/). + +Postgres can be run on CoreOS with a systemd unit file similar to this one: + +```ini +[Service] +User=core +ExecStartPre=-/usr/bin/docker kill postgres +ExecStartPre=-/usr/bin/docker rm postgres +ExecStart=/usr/bin/docker run --rm --name postgres \ + -v /opt/coreupdate/postgres/data:/var/lib/postgresql/data \ + --net="host" \ + postgres:9.4 +ExecStop=/usr/bin/docker kill postgres + +[Install] +WantedBy=multi-user.target +``` + +It is recommended to mount a volume from your host machine for data storage. +The above example uses `/opt/coreupdate/postgres/data`. + +Start the Postgres service by running: + +```bash +sudo cp postgres.service /etc/systemd/system +sudo systemctl start postgres.service +``` + +View the logs and verify it is running: + +```bash +sudo journalctl -u postgres.service -f +``` + +CoreUpdate needs a database and user for the connection, so you may need to initialize these on the Postgres server. +You can do this manually, or execute similar commands using another instance of the Postgres container: + +```bash +docker run --net="host" postgres:9.4 psql -h localhost -U postgres --command "CREATE USER coreos WITH SUPERUSER;" +docker run --net="host" postgres:9.4 psql -h localhost -U postgres --command "CREATE DATABASE coreupdate OWNER coreos;" +``` + +The username, password, and database name can be anything you choose as long as they match the `DB_URL` field in the config file. + +## Web Service + +Once your database server is configured and running properly you can configure the web service. + +### Configuration File + +All CoreUpdate configuration options can be stored in a `.yaml` file. +You will need to save this somewhere on your host machine such as `/etc/coreupdate/config.yaml`. + +Below is a configuration file template. Customize the values as needed: + +```yaml +# Published base URL of the web service. +# Required if using DNS, Load Balancer, or http->https redirections. +BASE_URL: http://localhost:8000 + +# (required) Unique secret session string. +# You can generate a UUID from the command line using the `uuidgen` command +SESSION_SECRET: "a-long-unique-string" + +# Set this to 'false' if using Google authentication. +DISABLE_AUTH: true + +# Enables Google OAuth, otherwise set DISABLE_AUTH to 'true' +# Configure at https://console.developers.google.com +#GOOGLE_OAUTH_CLIENT_ID: +#GOOGLE_OAUTH_CLIENT_SECRET: +# The redirect URL follows this format, substituting the BASE_URL: http://localhost:8000/admin/v1/oauth/login +#GOOGLE_OAUTH_REDIRECT_URL: + +# Address and port to listen on. +LISTEN_ADDRESS: ":8000" + +# Postgres database settings. +# Format: postgres://username:password@host:port/database-name +DB_URL: "postgres://coreos:coreos@localhost:5432/coreupdate?sslmode=disable" +DBTIMEOUT: 0 +DBMAXIDLE: 0 +DBMAXACTIVE: 100 + +# (Optional) sets a path to enable CoreUpdate's static package serving feature. +# Comment out to disable. +#STATIC_PACKAGES_DIR: /packages + +# (Optional) enables uploading of package payloads to the server. +#ENABLE_PACKAGE_UPLOADS: true + +# (Optional) Enable if syncing with upstream CoreUpdate instances. +# Zero value is disabled. +# This should be disabled if you plan to synchronize packages manually. +UPSTREAM_SYNC_INTERVAL: 0 + +# (Optional) enables TLS +#TLS_CERT_FILE: +#TLS_KEY_FILE: +``` + +#### Package Payload Hosting + +By default the CoreUpdate database only stores meta-data about application packages. +This enables you to host the package payloads using the file storage technology of your choice. + +If you prefer you can store and serve package payloads from the same machine the CoreUpdate web service is running on. +To do so ensure the following settings exist in your configuration file: + +```bash +STATIC_PACKAGES_DIR: /packages +ENABLE-PACKAGE-UPLOADS: true +``` + +And add the volume flag to the `coreupdate@.service` file below: + +``` +-v /opt/packages:/packages +``` + +### Initializing the Application + +The CoreUpdate web service can be run with a systemd unit file such as: + +``` +[Unit] +Description=Core Update + +[Service] +User=core +ExecStartPre=-/usr/bin/docker kill coreupdate-%i +ExecStartPre=-/usr/bin/docker rm coreupdate-%i +ExecStart=/usr/bin/docker run --rm --name coreupdate-%i \ + # mount the location of the config file + -v /etc/coreupdate:/etc/coreupdate \ + # (optional) mount the location of the package payload directory + #-v /opt/packages:/packages \ + --net="host" \ + # container to run + # working directory to locate dashboard + -w /opt/coreupdate \ + quay.io/coreos/coreupdate:latest \ + # binary inside the container to execute + /opt/coreupdate/bin/coreupdate \ + # path to configuration file + --yaml=/etc/coreupdate/config.yaml +ExecStop=/usr/bin/docker kill coreupdate-%i + +[Install] +WantedBy=multi-user.target + +[X-Fleet] +X-Conflicts=coreupdate@* +``` + +Start the service by running: + +```bash +sudo cp coreupdate@.service /etc/systemd/system +sudo systemctl start coreupdate@.service +``` + +View the logs and verify it is running: + +```bash +sudo journalctl -u coreupdate@.service -f +``` + +#### Create Admin Users + +Now that the server is running the first user must be initialization. +Do this using the `updateservicectl` tool. + +This will generate an `admin` user and an api `key`, make note of the key for subsequent use of `updateservicectl`. + +```bash +updateservicectl --server=http://localhost:8000 database init +``` + +Create the first control panel user: + +```bash +updateservicectl --server=http://localhost:8000 --user=admin --key= admin-user create google.apps.email@example.com +``` + +#### Create the "CoreOS" Application + +To sync the "CoreOS" application it must exist and have the same application id as the public CoreUpdate instance. +NOTE: the application id must match exactly what is listed here: + +```bash +updateservicectl --server=http://localhost:8000 --user=admin --key= app create --label=CoreOS --app-id=e96281a6-d1af-4bde-9a0a-97b76e56dc57 +``` + +You can now point your browser to `http://localhost:8000` to view the control panel. + diff --git a/coreupdate/update-protocol.md b/coreupdate/update-protocol.md new file mode 100644 index 000000000..c08ad3ba9 --- /dev/null +++ b/coreupdate/update-protocol.md @@ -0,0 +1,112 @@ +# Omaha + +The Omaha protocol is the specification that the update service uses to communicate with updaters running in a CoreOS cluster. The protocol is a fairly simple — it specifies sending HTTP POSTs with XML data bodies for various events that happen during the execution of an update. + +## Update Request + +The update request sends machine metadata and a list of applications that it is responsible for. In most cases, each updater is responsible for a single package. Here's what a typical request looks like: + +``` + + + + + + +``` + +### Application Section + +The app section is where the action happens. You can submit multiple applications or application instances in one request, but this isn't standard. + +| Parameter | Description | +|-----------|-------------| +| appid | Matches the id of the group that that this instance belongs to in the update service. | +| version | The current semantic version number of the application code. | +| track | The channel that the application is requesting. | +| bootid | The unique identifier assigned to this instance. | + +## Already Up to Date + +If the application instance is already running the latest version, the response will be short: + +``` + + + + + + + +``` + +As you can see, the response indicated that no update was required for the provided group id and version. + +## Update Required + +If the application is not up to date, the response returned contains all of the information needed to execute the update: + +``` + + + + + + + + + + + + + + + + + + + +``` + +The most important parts of the response are the `codebase`, which points to the location of the package, and the `sha256` which should be checked to make sure the package hasn't been tampered with. + +## Report Progress, Errors and Completion + +Events are submitted to the update service as the updater passes certain milestones such as starting the download, installing the update and confirming that the update was complete and successful. Events are specified in numerical codes corresponding to the event initiated and the resulting state. You can find a [full list of the event codes](https://code.google.com/p/omaha/wiki/ServerProtocol#event_Element) in Google's documentation. The CoreOS update service implements a subset of these events: + +| Event Description | Event Type | Event Result | +|-------------------|------------|--------------| +| Downloading latest version. | `13` | `1` | +| Update package arrived successfully. | `14` | `1` | +| Updater has processed and applied package. | `3` | `1` | +| Install success. Update completion prevented by instance. | `800` | `1` | +| Instances upgraded to current channel version. | `3` | `2` | +| Instance reported an error during an update step. | `3` | `0` | + +For example, a `3:2` represents a successful update and a successful reboot. Here's the request and response: + +### Request + +``` + + + + + + +``` + +### Response + +The protocol dictates that each event should be acknowledged even if no data needs to be returned: + +``` + + + + +``` + +## Further Reading + +You can read more about the [Omaha tech specs](https://code.google.com/p/omaha/wiki/ServerProtocol) or visit the [project homepage](https://code.google.com/p/omaha/). diff --git a/coreupdate/updatectl-client.md b/coreupdate/updatectl-client.md new file mode 100644 index 000000000..292abc509 --- /dev/null +++ b/coreupdate/updatectl-client.md @@ -0,0 +1,270 @@ +# Using the Client + +`updateservicectl` lets you control and test the CoreOS update service. Subcommands +let you manage applications, users, groups, packages and write a very simple client that gets +its state via environment variables. + +## Administrative Flags + +There are a few flags that you must provide to the administrative commands below. + +- `--user` is your username, usually this is an email address or `admin` +- `--key` is your API key +- `--server` is the URL to your update service instance + +The commands below will all have a prefix like this: + +``` +updateservicectl + --user=admin \ + --key=d3b07384d113edec49eaa6238ad5ff00 \ + --server=https://example.update.core-os.net +``` + +If you do not wish to specify these every time, they +can also be exported as environment variables like this: + +``` +export UPDATECTL_USER=admin +export UPDATECTL_KEY=d3b07384d113edec49eaa6238ad5ff00 +export UPDATECTL_SERVER=http://localhost:8000 +``` + +## Update Clients + +There are two tools to test out the update service: `instance fake` and `watch`. +`instance fake` simulates a number of clients from a single +command. `watch` is +used to quickly implement a simple update client with a minimal amount of code. + +### Fake Instances + +This example will start 132 fake instances pinging the update service every 1 to +50 seconds against the CoreOS application's UUID and put them in the beta group +starting at version 1.0.0. + +``` +updateservicectl instance fake \ + --clients-per-app=132 \ + --min-sleep=1 \ + --max-sleep=50 \ + --app-id=e96281a6-d1af-4bde-9a0a-97b76e56dc57 \ + --group-id=beta \ + --version=1.0.0 +``` + +### Update Watcher + +Real clients should implement the Omaha protocol but if you want a fast way to +create your own client you can use `watch`. This will exec a program of your +choosing every time a new update is available. + +First, create a simple application that dumps the environment variables that +the watcher will pass in. Call the script `updater.sh`. + +``` +#!/bin/sh +env | grep UPDATE_SERVICE +``` + +Next we will generate a random client UUID and start watching for changes to the given app: + +``` +updateservicectl watch \ + --app-id=e96281a6-d1af-4bde-9a0a-97b76e56dc57 \ + --group-id=beta \ + ./updater.sh +``` + +If you change the version of the beta group's channel then your script will be +re-executed and you will see the UPDATE_SERVICE environment variables change. + +## Application Management + +Applications have three pieces of data: a universal unique identifier +(UUID), a label and a description. During a request to the update +service, the UUID is submitted in order to retrieve the details of the +currently available version. + +### Add an Application + +Create an application called CoreOS using its UUID along with a nice description. + +``` +updateservicectl app create \ + --app-id=e96281a6-d1af-4bde-9a0a-97b76e56dc57 \ + --label="CoreOS" \ + --description="Linux for Servers" +``` + +### List Applications + +``` +updateservicectl app list +``` + +## Package Management + +Packages represent an individual version of an application and the URL +associated with it. + +### Add an Application Version + +This will create a new package with version 1.0.5 from the file `update.gz`. + +``` +updateservicectl package create \ + --app-id=e96281a6-d1af-4bde-9a0a-97b76e56dc57 \ + --version=1.0.5 \ + --file=update.gz \ + --url="http://my-s3-bucket-or-fileserver.com/my-app/0.0.1/update.gz" +``` + +The `--meta` option allows you to specify a cryptographic signature +and file size for verification purposes. It should look like this: + +``` +{"metadata_size":"1024", "metadata_signature_rsa":""} +``` + +### List Application Versions + +``` +updateservicectl package list \ + --app-id=e96281a6-d1af-4bde-9a0a-97b76e56dc57 +``` + +## Channel Management + +A channel gives a nice symbolic name to packages. A group tracks a specific +channel. Think of channels as a DNS name for a package. + +### Update a channel + +A channel has a version of individual applications. To change the version of an +application specify the app id, channel and the version that channel +should present. Additionally you can publish a channel by setting the `--publish` flag, if not specified publish will always be set to `false`. + +``` +updateservicectl channel update \ + --app-id=e96281a6-d1af-4bde-9a0a-97b76e56dc57 \ + --channel=master \ + --version=1.0.1 \ + --publish=true +``` + +## Group Management + +Instances get their updates by giving the service a combination of their group +and application id. Groups are usually some division of data centers, +environments or customers. + +### Creating a Group + +Create a group for the CoreOS application pointing at the master channel called +testing. This group might be used in your test environment. + +``` +updateservicectl group create \ + --app-id=e96281a6-d1af-4bde-9a0a-97b76e56dc57 \ + --channel=master \ + --group-id=testing \ + --label="Testing Group" +``` + +### Pausing Updates on a Group + +``` +updateservicectl group pause \ + --app-id=e96281a6-d1af-4bde-9a0a-97b76e56dc57 \ + --group-id=testing +``` + +### List Groups + +``` +updateservicectl group list +Label Token UpdatesPaused +Default Group default false +``` + +## Instance Management + +The service keeps track of instances and gives you a number of tools to see their +state. Most of these endpoints are more nicely consumed via the control panel +but you can use them from `updateservicectl` too. + +### List Instances + +This will list all instances that have been seen since the given timestamp. + +``` +updateservicectl instance list-updates \ + --start=1392401442 +``` + +This will list the instances grouped by AppId and Version + +``` +updateservicectl instance list-app-versions \ + --start=1392401442 +``` + +## User management + +### Create a new user + +```bash +updateservicectl admin-user create user@coreos.net +``` + +### List users + +```bash +updateservicectl admin-user list +``` + +### Delete a user + +```bash +updateservicectl admin-user delete user@coreos.net +``` + +## Upstream management + +CoreUpdate supports synchronizing certain data with other "upstream" CoreUpdate instances. + +By default hosted instances of CoreUpdate periodically synchronize with the public instance of CoreUpdate over the internet. +This automatically updates your instance's CoreOS application packages and channel versions. + +Since on-premise instances of CoreUpdate cannot access the internet [synchronization must be done manually](https://github.com/coreos/updateservicectl/blob/master/Documentation/sync-packages.md). +If you decide to enable internet access for your on-premise instance, you can manage upstreams using these commands. + +### List upstreams + +``` +updateservicectl upstream list +``` + +### Create upstream + +``` +updateservicectl upstream create \ + --label="Public CoreOS" \ + --url="https://public.update.core-os.net" +``` + +### Delete upstream + +``` +updateservicectl upstream delete \ + --id=2 +``` + +### Sync upstream + +Synchronizes data of all upstreams and blocks until complete. + +``` +updateservicectl upstream sync +``` diff --git a/enterprise-registry/build-support/index.md b/enterprise-registry/build-support.md similarity index 86% rename from enterprise-registry/build-support/index.md rename to enterprise-registry/build-support.md index 0a1843c69..7e7764a65 100644 --- a/enterprise-registry/build-support/index.md +++ b/enterprise-registry/build-support.md @@ -1,12 +1,3 @@ ---- -layout: docs -title: Automatically Build Dockerfiles -category: registry -sub_category: setup -fork_url: https://github.com/coreos/docs/blob/master/enterprise-registry/build-support/index.md -weight: 5 ---- - # Automatically build Dockerfiles with Build Workers CoreOS Enterprise Registry supports building Dockerfiles using a set of worker nodes. Build triggers, such as GitHub webhooks ([Setup Instructions]({{site.baseurl}}/docs/enterprise-registry/github-build)), can be configured to automatically build new versions of your repositories when new code is committed. This document will walk you through enabling the feature flag and setting up multiple build workers to enable this feature. @@ -18,11 +9,11 @@ any issues encountered to support so we can fix it ASAP. Sign in to a super user account and visit `http://yourregister/superuser` to view the management panel: -Enterprise Registry Management Panel +Enterprise Registry Management Panel ## Enable Building -Enable Dockerfile Build +Enable Dockerfile Build - Click the configuration tab () and scroll down to the section entitled Dockerfile Build Support. - Check the "Enable Dockerfile Build" box @@ -31,7 +22,7 @@ Sign in to a super user account and visit `http://yourregister/superuser` to vie ## Setup the Build Workers -Enterprise Registry Build Workers +Enterprise Registry Build Workers One or more build workers will communicate with the main registry container to build new containers when triggered. The machines must have Docker installed and must not be used for any other work. The following procedure needs to be done every time a new worker needs to be added, but it can be automated fairly easily. diff --git a/enterprise-registry/configure-machines/index.md b/enterprise-registry/configure-machines.md similarity index 93% rename from enterprise-registry/configure-machines/index.md rename to enterprise-registry/configure-machines.md index 69b67e3c7..1ca314f4c 100644 --- a/enterprise-registry/configure-machines/index.md +++ b/enterprise-registry/configure-machines.md @@ -1,12 +1,3 @@ ---- -layout: docs -title: Configure Machines for Enterprise Registry -category: registry -sub_category: usage -fork_url: https://github.com/coreos/docs/blob/master/enterprise-registry/configure-machines/index.md -weight: 5 ---- - # Configure Machines for Enterprise Registry The Enterprise Registry allows you to create teams and user accounts that match your existing business unit organization. A special type of user, a robot account, is designed to be used programatically by deployment systems and other pieces of software. Robot accounts are commonly configured with read-only access to an organizations repositories. diff --git a/enterprise-registry/github-app/index.md b/enterprise-registry/github-app.md similarity index 58% rename from enterprise-registry/github-app/index.md rename to enterprise-registry/github-app.md index f095cb871..750baa2c5 100644 --- a/enterprise-registry/github-app/index.md +++ b/enterprise-registry/github-app.md @@ -1,18 +1,9 @@ ---- -layout: docs -title: Register GitHub Application -category: registry -sub_category: none -fork_url: https://github.com/coreos/docs/blob/master/enterprise-registry/github-app/index.md -weight: 5 ---- - # Creating an OAuth Application in GitHub - Log into GitHub (Enterprise) - Visit the applications page under your organization's settings and click "Register New Application". - + - Enter your registry's URL as the application URL @@ -21,6 +12,6 @@ Note: If using public GitHub, the URL entered must be accessible by *your users* - Enter `https://{REGISTRY URL HERE}/oauth2/github/callback` as the Authorization callback URL. - Create the application - + - Note down the `Client ID` and `Client Secret`. diff --git a/enterprise-registry/github-auth/index.md b/enterprise-registry/github-auth.md similarity index 69% rename from enterprise-registry/github-auth/index.md rename to enterprise-registry/github-auth.md index ddcb009d3..9b74b9e38 100644 --- a/enterprise-registry/github-auth/index.md +++ b/enterprise-registry/github-auth.md @@ -1,12 +1,3 @@ ---- -layout: docs -title: Configure GitHub Authentication -category: registry -sub_category: setup -fork_url: https://github.com/coreos/docs/blob/master/enterprise-registry/github-auth/index.md -weight: 5 ---- - # GitHub Authentication CoreOS Enterprise Registry supports using GitHub or GitHub Enterprise as an authentication system. @@ -21,11 +12,11 @@ Following the instructions at +Enterprise Registry Management Panel ## Enable GitHub Authentication -Enable GitHub Authentication +Enable GitHub Authentication - Click the configuration tab () and scroll down to the section entitled GitHub (Enterprise) Authentication. - Check the "Enable GitHub Authentication" box diff --git a/enterprise-registry/github-build/index.md b/enterprise-registry/github-build.md similarity index 78% rename from enterprise-registry/github-build/index.md rename to enterprise-registry/github-build.md index 48fce2798..6d8f752ec 100644 --- a/enterprise-registry/github-build/index.md +++ b/enterprise-registry/github-build.md @@ -1,12 +1,3 @@ ---- -layout: docs -title: Setup GitHub Build Triggers -category: registry -sub_category: setup -fork_url: https://github.com/coreos/docs/blob/master/enterprise-registry/github-build/index.md -weight: 5 ---- - # Setup GitHub Build Triggers CoreOS Enterprise Registry supports using GitHub or GitHub Enterprise as a trigger to building @@ -26,11 +17,11 @@ Following the instructions at +Enterprise Registry Management Panel ## Enable GitHub Triggers -Enable GitHub Trigger +Enable GitHub Trigger - Click the configuration tab () and scroll down to the section entitled GitHub (Enterprise) Build Triggers. - Check the "Enable GitHub Triggers" box @@ -43,6 +34,6 @@ Sign in to a super user account and visit `http://yourregister/superuser` to vie After getting automated builds working, it may be desired to tag a specific build with a name. By default, the last image pushed to a repository will be tagged as `latest`. Because tagging is [usually done client side](https://docs.docker.com/userguide/dockerimages/#setting-tags-on-an-image) before an image is pushed, it may not be clear how to tag an image that was built and pushed by GitHub. Luckily, there is a interface for doing so on the repository page. After clicking to select a given build on the build graph, the right side of the page displays tag information which when clicked provides a drop-down menu with the option of creating a new tag. -Create a new tag +Create a new tag There is currently no ability to automatically tag GitHub triggered builds. diff --git a/enterprise-registry/log-debugging/gzip-registry-logs.sh b/enterprise-registry/gzip-registry-logs.sh similarity index 100% rename from enterprise-registry/log-debugging/gzip-registry-logs.sh rename to enterprise-registry/gzip-registry-logs.sh diff --git a/enterprise-registry/initial-setup/container-restart.png b/enterprise-registry/img/container-restart.png similarity index 100% rename from enterprise-registry/initial-setup/container-restart.png rename to enterprise-registry/img/container-restart.png diff --git a/enterprise-registry/initial-setup/db-setup-full.png b/enterprise-registry/img/db-setup-full.png similarity index 100% rename from enterprise-registry/initial-setup/db-setup-full.png rename to enterprise-registry/img/db-setup-full.png diff --git a/enterprise-registry/initial-setup/db-setup.png b/enterprise-registry/img/db-setup.png similarity index 100% rename from enterprise-registry/initial-setup/db-setup.png rename to enterprise-registry/img/db-setup.png diff --git a/enterprise-registry/github-auth/enable-auth.png b/enterprise-registry/img/enable-auth.png similarity index 100% rename from enterprise-registry/github-auth/enable-auth.png rename to enterprise-registry/img/enable-auth.png diff --git a/enterprise-registry/build-support/enable-build.png b/enterprise-registry/img/enable-build.png similarity index 100% rename from enterprise-registry/build-support/enable-build.png rename to enterprise-registry/img/enable-build.png diff --git a/enterprise-registry/github-build/enable-trigger.png b/enterprise-registry/img/enable-trigger.png similarity index 100% rename from enterprise-registry/github-build/enable-trigger.png rename to enterprise-registry/img/enable-trigger.png diff --git a/enterprise-registry/build-support/gear.png b/enterprise-registry/img/gear.png similarity index 100% rename from enterprise-registry/build-support/gear.png rename to enterprise-registry/img/gear.png diff --git a/enterprise-registry/github-build/new-tag.png b/enterprise-registry/img/new-tag.png similarity index 100% rename from enterprise-registry/github-build/new-tag.png rename to enterprise-registry/img/new-tag.png diff --git a/enterprise-registry/github-app/register-app.png b/enterprise-registry/img/register-app.png similarity index 100% rename from enterprise-registry/github-app/register-app.png rename to enterprise-registry/img/register-app.png diff --git a/enterprise-registry/build-support/superuser.png b/enterprise-registry/img/superuser.png similarity index 100% rename from enterprise-registry/build-support/superuser.png rename to enterprise-registry/img/superuser.png diff --git a/enterprise-registry/github-app/view-app.png b/enterprise-registry/img/view-app.png similarity index 100% rename from enterprise-registry/github-app/view-app.png rename to enterprise-registry/img/view-app.png diff --git a/enterprise-registry/build-support/workers.png b/enterprise-registry/img/workers.png similarity index 100% rename from enterprise-registry/build-support/workers.png rename to enterprise-registry/img/workers.png diff --git a/enterprise-registry/initial-setup/index.md b/enterprise-registry/initial-setup.md similarity index 86% rename from enterprise-registry/initial-setup/index.md rename to enterprise-registry/initial-setup.md index c302c3e47..7abe2ac3d 100644 --- a/enterprise-registry/initial-setup/index.md +++ b/enterprise-registry/initial-setup.md @@ -1,12 +1,3 @@ ---- -layout: docs -title: On-Premise Installation -category: registry -sub_category: setup -fork_url: https://github.com/coreos/docs/blob/master/enterprise-registry/initial-setup/index.md -weight: 5 ---- - # On-Premise Installation CoreOS Enterprise Registry requires three components to be running to begin the setup process: @@ -59,14 +50,14 @@ paths to the directories created above: sudo docker run --restart=always -p 443:443 -p 80:80 --privileged=true -v /local/path/to/the/config/directory:/conf/stack -v /local/path/to/the/storage/directory:/datastorage -d quay.io/coreos/registry ``` -Enterprise Registry Setup Screen +Enterprise Registry Setup Screen Once started, visit: http://yourhost/setup, wait for the page to load (it may take a minute or two) and follow instructions there to setup the enterprise registry. **NOTE**: The Enterprise Registry will restart itself a few times during this setup process. If the container does not automatically come back up, simply run the command above again. -Enterprise Registry Restart +Enterprise Registry Restart ## Verifying the Registry status diff --git a/enterprise-registry/log-debugging/index.md b/enterprise-registry/log-debugging.md similarity index 77% rename from enterprise-registry/log-debugging/index.md rename to enterprise-registry/log-debugging.md index 7eced5a98..32291e568 100644 --- a/enterprise-registry/log-debugging/index.md +++ b/enterprise-registry/log-debugging.md @@ -1,12 +1,3 @@ ---- -layout: docs -title: Enterprise Registry Log Debugging -category: registry -sub_category: setup -fork_url: https://github.com/coreos/docs/blob/master/enterprise-registry/log-debugging/index.md -weight: 5 ---- - # Enterprise Registry Log Debugging ## Personal debugging @@ -17,7 +8,7 @@ When attempting to debug an issue, one should first consult the logs of the web Sign in to a super user account and visit `http://yourregister/superuser` to view the management panel: -Enterprise Registry Management Panel +Enterprise Registry Management Panel ## View the logs for each service diff --git a/enterprise-registry/mysql-container/index.md b/enterprise-registry/mysql-container.md similarity index 89% rename from enterprise-registry/mysql-container/index.md rename to enterprise-registry/mysql-container.md index 13bcba0b8..a9f0ef1da 100644 --- a/enterprise-registry/mysql-container/index.md +++ b/enterprise-registry/mysql-container.md @@ -1,11 +1,3 @@ ---- -layout: docs -title: Setting Up a MySQL Docker Container -category: registry -fork_url: https://github.com/coreos/docs/blob/master/enterprise-registry/mysql-container/index.md -weight: 5 ---- - # Setting Up a MySQL Docker Container If you don't have an existing MySQL system to host the Enterprise Registry database on then you can run the steps below to create a dedicated MySQL container using the Oracle MySQL verified Docker image from https://registry.hub.docker.com/_/mysql/ diff --git a/enterprise-registry/mysql-container/provision_mysql.sh b/enterprise-registry/provision_mysql.sh similarity index 100% rename from enterprise-registry/mysql-container/provision_mysql.sh rename to enterprise-registry/provision_mysql.sh diff --git a/enterprise-registry/log-debugging/tail-gunicorn-logs.sh b/enterprise-registry/tail-gunicorn-logs.sh similarity index 100% rename from enterprise-registry/log-debugging/tail-gunicorn-logs.sh rename to enterprise-registry/tail-gunicorn-logs.sh diff --git a/distributed-configuration/getting-started-with-etcd/index.md b/etcd/getting-started-with-etcd.md similarity index 100% rename from distributed-configuration/getting-started-with-etcd/index.md rename to etcd/getting-started-with-etcd.md diff --git a/cluster-management/setup/flannel-config/index.md b/flannel/flannel-config.md similarity index 100% rename from cluster-management/setup/flannel-config/index.md rename to flannel/flannel-config.md diff --git a/launching-containers/launching/launching-containers-fleet/index.md b/fleet/launching-containers-fleet.md similarity index 100% rename from launching-containers/launching/launching-containers-fleet/index.md rename to fleet/launching-containers-fleet.md diff --git a/cluster-management/setup/adding-certificate-authorities/index.md b/os/adding-certificate-authorities.md similarity index 67% rename from cluster-management/setup/adding-certificate-authorities/index.md rename to os/adding-certificate-authorities.md index 499853967..7de52b804 100644 --- a/cluster-management/setup/adding-certificate-authorities/index.md +++ b/os/adding-certificate-authorities.md @@ -1,12 +1,3 @@ ---- -layout: docs -title: Adding Certificate Authorities -category: cluster_management -sub_category: setting_up -fork_url: https://github.com/coreos/docs/blob/master/cluster-management/setup/adding-certificate-authorities/index.md -weight: 7 ---- - # Custom Certificate Authorities CoreOS supports custom Certificate Authorities (CAs) in addition to the default list of trusted CAs. Adding your own CA allows you to: diff --git a/cluster-management/scaling/adding-disk-space/index.md b/os/adding-disk-space.md similarity index 91% rename from cluster-management/scaling/adding-disk-space/index.md rename to os/adding-disk-space.md index fc8a348c6..ab5094f4b 100644 --- a/cluster-management/scaling/adding-disk-space/index.md +++ b/os/adding-disk-space.md @@ -1,13 +1,3 @@ ---- -layout: docs -slug: guides/resize -title: Adding Disk Space -category: cluster_management -sub_category: scaling -fork_url: https://github.com/coreos/docs/blob/master/cluster-management/scaling/adding-disk-space/index.md -weight: 5 ---- - # Adding Disk Space to Your CoreOS Machine On a CoreOS machine, the operating system itself is mounted as a read-only partition at `/usr`. The root partition provides read-write storage by default and on a fresh install is mostly blank. The default size of this partition depends on the platform but it is usually between 3GB and 16GB. If more space is required simply extend the virtual machine's disk image and CoreOS will fix the partition table and resize the root partition to fill the disk on the next boot. diff --git a/cluster-management/setup/adding-users/index.md b/os/adding-users.md similarity index 89% rename from cluster-management/setup/adding-users/index.md rename to os/adding-users.md index c184c9754..a4e1ef6a5 100644 --- a/cluster-management/setup/adding-users/index.md +++ b/os/adding-users.md @@ -1,12 +1,3 @@ ---- -layout: docs -title: Adding Users -category: cluster_management -sub_category: setting_up -fork_url: https://github.com/coreos/docs/blob/master/cluster-management/setup/adding-users/index.md -weight: 7 ---- - # Adding Users You can create user accounts on a CoreOS machine manually with `useradd` or via cloud-config when the machine is created. diff --git a/running-coreos/cloud-providers/auro/index.md b/os/booting-on-auro.md similarity index 97% rename from running-coreos/cloud-providers/auro/index.md rename to os/booting-on-auro.md index 933ccaa7e..dd78f57d3 100644 --- a/running-coreos/cloud-providers/auro/index.md +++ b/os/booting-on-auro.md @@ -1,12 +1,3 @@ ---- -layout: docs -title: AURO Cloud -category: running_coreos -sub_category: cloud_provider -fork_url: https://github.com/coreos/docs/blob/master/running-coreos/cloud-providers/auro/index.md -weight: 5 ---- - # Running CoreOS on AURO AURO is a Canadian OpenStack cloud computing provider based in Canada. In diff --git a/running-coreos/cloud-providers/azure/index.md b/os/booting-on-azure.md similarity index 97% rename from running-coreos/cloud-providers/azure/index.md rename to os/booting-on-azure.md index a55058981..8163e4292 100644 --- a/running-coreos/cloud-providers/azure/index.md +++ b/os/booting-on-azure.md @@ -1,13 +1,3 @@ ---- -layout: docs -title: Azure -category: running_coreos -sub_category: cloud_provider -supported: true -fork_url: https://github.com/coreos/docs/blob/master/running-coreos/cloud-providers/azure/index.md -weight: 1 ---- - # Running CoreOS on Azure ## Choosing a Channel diff --git a/running-coreos/cloud-providers/brightbox/index.md b/os/booting-on-brightbox.md similarity index 96% rename from running-coreos/cloud-providers/brightbox/index.md rename to os/booting-on-brightbox.md index b281c9d94..b14980580 100644 --- a/running-coreos/cloud-providers/brightbox/index.md +++ b/os/booting-on-brightbox.md @@ -1,12 +1,3 @@ ---- -layout: docs -title: Brightbox Cloud -category: running_coreos -sub_category: cloud_provider -fork_url: https://github.com/coreos/docs/blob/master/running-coreos/cloud-providers/brightbox/index.md -weight: 10 ---- - # Running CoreOS {{site.brightbox-version}} on Brightbox Cloud CoreOS is currently in heavy development and actively being tested. These diff --git a/running-coreos/platforms/cloudstack/index.md b/os/booting-on-cloudstack.md similarity index 94% rename from running-coreos/platforms/cloudstack/index.md rename to os/booting-on-cloudstack.md index ced8f5f30..bbeb4ad86 100644 --- a/running-coreos/platforms/cloudstack/index.md +++ b/os/booting-on-cloudstack.md @@ -1,12 +1,3 @@ ---- -layout: docs -title: CloudStack -category: running_coreos -sub_category: platforms -fork_url: https://github.com/coreos/docs/blob/master/running-coreos/cloud-providers/cloudstack/index.md -weight: 5 ---- - # Running CoreOS on CloudStack This guide explains how to deploy CoreOS with CloudStack. These instructions will walk you through downloading CoreOS image and running an instance from it. diff --git a/running-coreos/cloud-providers/digitalocean/index.md b/os/booting-on-digitalocean.md similarity index 96% rename from running-coreos/cloud-providers/digitalocean/index.md rename to os/booting-on-digitalocean.md index e2dc6f3bf..f1bdbae77 100644 --- a/running-coreos/cloud-providers/digitalocean/index.md +++ b/os/booting-on-digitalocean.md @@ -1,13 +1,3 @@ ---- -layout: docs -title: DigitalOcean -category: running_coreos -sub_category: cloud_provider -supported: true -fork_url: https://github.com/coreos/docs/blob/master/running-coreos/cloud-providers/digitalocean/index.md -weight: 1 ---- - # Running CoreOS on DigitalOcean ## Choosing a Channel @@ -204,7 +194,7 @@ For more details, check out [DigitalOcean's API documentation][do-api-docs].

      - +
      Choosing a CoreOS channel
      @@ -213,7 +203,7 @@ For more details, check out [DigitalOcean's API documentation][do-api-docs].
      - +
      Droplet settings for networking and cloud-config
      @@ -221,7 +211,7 @@ For more details, check out [DigitalOcean's API documentation][do-api-docs]. 4. Choose your preferred channel of CoreOS.

      - +
      Choosing a CoreOS channel
      diff --git a/running-coreos/cloud-providers/ec2/index.md b/os/booting-on-ec2.md similarity index 98% rename from running-coreos/cloud-providers/ec2/index.md rename to os/booting-on-ec2.md index 1ee5fb3f2..13d5cca00 100644 --- a/running-coreos/cloud-providers/ec2/index.md +++ b/os/booting-on-ec2.md @@ -1,13 +1,4 @@ ---- -layout: docs -title: Amazon EC2 -category: running_coreos -sub_category: cloud_provider -supported: true -weight: 1 -cloud-formation-launch-logo: https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png -fork_url: https://github.com/coreos/docs/blob/master/running-coreos/cloud-providers/ec2/index.md ---- + {% capture cf_alpha_pv_template %}{{ site.https-s3 }}/dist/aws/coreos-alpha-pv.template{% endcapture %} {% capture cf_alpha_hvm_template %}{{ site.https-s3 }}/dist/aws/coreos-alpha-hvm.template{% endcapture %} {% capture cf_beta_pv_template %}{{ site.https-s3 }}/dist/aws/coreos-beta-pv.template{% endcapture %} diff --git a/running-coreos/cloud-providers/ecs/index.md b/os/booting-on-ecs.md similarity index 94% rename from running-coreos/cloud-providers/ecs/index.md rename to os/booting-on-ecs.md index b30f10e28..2ad7c56cd 100644 --- a/running-coreos/cloud-providers/ecs/index.md +++ b/os/booting-on-ecs.md @@ -1,13 +1,3 @@ ---- -layout: docs -title: Amazon EC2 Container Service -category: running_coreos -sub_category: cloud_provider -supported: true -fork_url: https://github.com/coreos/docs/blob/master/running-coreos/cloud-providers/ecs/index.md -weight: 1 ---- - # Running CoreOS with AWS EC2 Container Service [Amazon EC2 Container Service (ECS)](http://aws.amazon.com/ecs/) is a container management service which provides a set of APIs for scheduling container workloads across EC2 clusters. It supports CoreOS with Docker containers. diff --git a/running-coreos/platforms/eucalyptus/index.md b/os/booting-on-eucalyptus.md similarity index 94% rename from running-coreos/platforms/eucalyptus/index.md rename to os/booting-on-eucalyptus.md index 411a54945..6bfdd69ca 100644 --- a/running-coreos/platforms/eucalyptus/index.md +++ b/os/booting-on-eucalyptus.md @@ -1,12 +1,3 @@ ---- -layout: docs -title: Eucalyptus -category: running_coreos -sub_category: platforms -fork_url: https://github.com/coreos/docs/blob/master/running-coreos/cloud-providers/eucalyptus/index.md -weight: 5 ---- - # Running CoreOS on Eucalyptus 3.4 CoreOS is currently in heavy development and actively being tested. diff --git a/running-coreos/cloud-providers/exoscale/index.md b/os/booting-on-exoscale.md similarity index 95% rename from running-coreos/cloud-providers/exoscale/index.md rename to os/booting-on-exoscale.md index 8a7a36948..53a555e0b 100644 --- a/running-coreos/cloud-providers/exoscale/index.md +++ b/os/booting-on-exoscale.md @@ -1,12 +1,3 @@ ---- -layout: docs -title: Exoscale -category: running_coreos -sub_category: cloud_provider -fork_url: https://github.com/coreos/docs/blob/master/running-coreos/cloud-providers/exoscale/index.md -weight: 9 ---- - # Running CoreOS on Exoscale ## Choosing a Channel @@ -163,14 +154,14 @@ For more details, check out [Exoscale's API documentation][exo-api-docs]. 3. Choose the CoreOS template
      - +
      Choosing Exoscale template
      4. Choose the instance size
      - +
      Choosing Exoscale instance size
      @@ -178,7 +169,7 @@ For more details, check out [Exoscale's API documentation][exo-api-docs]. 6. Add your your optional cloud-config.

      - +
      Exoscale cloud-config
      diff --git a/running-coreos/cloud-providers/google-compute-engine/index.md b/os/booting-on-google-compute-engine.md similarity index 97% rename from running-coreos/cloud-providers/google-compute-engine/index.md rename to os/booting-on-google-compute-engine.md index 2f6b4192f..3ee4a9001 100644 --- a/running-coreos/cloud-providers/google-compute-engine/index.md +++ b/os/booting-on-google-compute-engine.md @@ -1,13 +1,3 @@ ---- -layout: docs -category: running_coreos -sub_category: cloud_provider -supported: true -fork_url: https://github.com/coreos/docs/blob/master/running-coreos/cloud-providers/google-compute-engine/index.md -weight: 3 -title: Google Compute Engine ---- - # Running CoreOS on Google Compute Engine Before proceeding, you will need to [install gcloud][gcloud-documentation] and check that your GCE account/project has billing enabled (Settings → Billing). In each command below, be sure to insert your project name in place of ``. diff --git a/running-coreos/cloud-providers/interoute/index.md b/os/booting-on-interoute.md similarity index 97% rename from running-coreos/cloud-providers/interoute/index.md rename to os/booting-on-interoute.md index 5737676fe..f71a2b7d5 100644 --- a/running-coreos/cloud-providers/interoute/index.md +++ b/os/booting-on-interoute.md @@ -1,12 +1,3 @@ ---- -layout: docs -title: Interoute VDC -category: running_coreos -sub_category: cloud_provider -fork_url: https://github.com/coreos/docs/blob/master/running-coreos/cloud-providers/interoute/index.md -weight: 9 ---- - # Running CoreOS on Interoute VDC Interoute VDC is Europe's largest cloud services platform, which is powered by Apache Cloudstack. diff --git a/running-coreos/cloud-providers/niftycloud/JA_JP/index.md b/os/booting-on-niftycloud-JA_JP.md similarity index 98% rename from running-coreos/cloud-providers/niftycloud/JA_JP/index.md rename to os/booting-on-niftycloud-JA_JP.md index 640172954..cdf66dc0d 100644 --- a/running-coreos/cloud-providers/niftycloud/JA_JP/index.md +++ b/os/booting-on-niftycloud-JA_JP.md @@ -1,11 +1,3 @@ ---- -layout: docs -category: running_coreos -sub_category: cloud_provider -weight: 6 -title: NIFTY Cloud ---- - # ニフティクラウド上でのCoreOSの起動 事前に[ニフティクラウド CLI][cli-documentation]をインストールする必要があります。These instructions are also [available in English](../). diff --git a/running-coreos/cloud-providers/niftycloud/index.md b/os/booting-on-niftycloud.md similarity index 96% rename from running-coreos/cloud-providers/niftycloud/index.md rename to os/booting-on-niftycloud.md index 8294c45f3..ac0a3c245 100644 --- a/running-coreos/cloud-providers/niftycloud/index.md +++ b/os/booting-on-niftycloud.md @@ -1,12 +1,3 @@ ---- -layout: docs -category: running_coreos -sub_category: none -weight: 6 -fork_url: https://github.com/coreos/docs/blob/master/running-coreos/cloud-providers/niftycloud/index.md -title: NIFTY Cloud ---- - # Running CoreOS on NIFTY Cloud NIFTY Cloud is a Japanese cloud computing provider. These instructions are also [available in Japanese](JA_JP/). Before proceeding, you will need to [install NIFTY Cloud CLI][cli-documentation]. diff --git a/running-coreos/platforms/openstack/index.md b/os/booting-on-openstack.md similarity index 97% rename from running-coreos/platforms/openstack/index.md rename to os/booting-on-openstack.md index 6c16b2a12..cc64e9937 100644 --- a/running-coreos/platforms/openstack/index.md +++ b/os/booting-on-openstack.md @@ -1,13 +1,3 @@ ---- -layout: docs -title: OpenStack -category: running_coreos -sub_category: platforms -supported: true -fork_url: https://github.com/coreos/docs/blob/master/running-coreos/platforms/openstack/index.md -weight: 5 ---- - # Running CoreOS on OpenStack CoreOS is currently in heavy development and actively being tested. These diff --git a/running-coreos/cloud-providers/rackspace/index.md b/os/booting-on-rackspace.md similarity index 98% rename from running-coreos/cloud-providers/rackspace/index.md rename to os/booting-on-rackspace.md index 3228f5b83..9f681cc43 100644 --- a/running-coreos/cloud-providers/rackspace/index.md +++ b/os/booting-on-rackspace.md @@ -1,13 +1,3 @@ ---- -layout: docs -title: Rackspace Cloud -category: running_coreos -sub_category: cloud_provider -supported: true -fork_url: https://github.com/coreos/docs/blob/master/running-coreos/cloud-providers/rackspace/index.md -weight: 5 ---- - # Running CoreOS on Rackspace CoreOS is currently in heavy development and actively being tested. These instructions will walk you through running CoreOS on the Rackspace OpenStack cloud, which differs slightly from the generic OpenStack instructions. There are two ways to launch a CoreOS cluster: launch an entire cluster with Heat or launch machines with Nova. diff --git a/running-coreos/platforms/vagrant/index.md b/os/booting-on-vagrant.md similarity index 98% rename from running-coreos/platforms/vagrant/index.md rename to os/booting-on-vagrant.md index fbf4423b4..b56a226cf 100644 --- a/running-coreos/platforms/vagrant/index.md +++ b/os/booting-on-vagrant.md @@ -1,14 +1,3 @@ ---- -layout: docs -slug: vagrant -title: Vagrant -category: running_coreos -sub_category: platforms -supported: true -fork_url: https://github.com/coreos/docs/blob/master/running-coreos/platforms/vagrant/index.md -weight: 5 ---- - # Running CoreOS on Vagrant Running CoreOS with Vagrant is the easiest way to bring up a single machine or virtualize an entire cluster on your laptop. Since the true power of CoreOS can be seen with a cluster, we're going to concentrate on that. Instructions for a single machine can be found [towards the end](#single-machine) of the guide. diff --git a/running-coreos/cloud-providers/vexxhost/index.md b/os/booting-on-vexxhost.md similarity index 97% rename from running-coreos/cloud-providers/vexxhost/index.md rename to os/booting-on-vexxhost.md index 85eae0ebd..a8a49ef4b 100644 --- a/running-coreos/cloud-providers/vexxhost/index.md +++ b/os/booting-on-vexxhost.md @@ -1,12 +1,3 @@ ---- -layout: docs -title: VEXXHOST Cloud -category: running_coreos -sub_category: cloud_provider -fork_url: https://github.com/coreos/docs/blob/master/running-coreos/cloud-providers/vexxhost/index.md -weight: 5 ---- - # Running CoreOS on VEXXHOST VEXXHOST is a Canadian OpenStack cloud computing provider based in Canada. In diff --git a/running-coreos/platforms/virtualbox/index.md b/os/booting-on-virtualbox.md similarity index 96% rename from running-coreos/platforms/virtualbox/index.md rename to os/booting-on-virtualbox.md index 2a35c3297..7cce13f3b 100644 --- a/running-coreos/platforms/virtualbox/index.md +++ b/os/booting-on-virtualbox.md @@ -1,13 +1,3 @@ ---- -layout: docs -slug: virtualbox -title: VirtualBox -category: running_coreos -sub_category: platforms -fork_url: https://github.com/coreos/docs/blob/master/running-coreos/platforms/virtualbox/index.md -weight: 7 ---- - # Running CoreOS on VirtualBox These instructions will walk you through running CoreOS on Oracle VM VirtualBox. diff --git a/running-coreos/platforms/vmware/index.md b/os/booting-on-vmware.md similarity index 95% rename from running-coreos/platforms/vmware/index.md rename to os/booting-on-vmware.md index a127e4319..2c55be921 100644 --- a/running-coreos/platforms/vmware/index.md +++ b/os/booting-on-vmware.md @@ -1,13 +1,3 @@ ---- -layout: docs -slug: vmware -title: VMware -category: running_coreos -sub_category: platforms -fork_url: https://github.com/coreos/docs/blob/master/running-coreos/platforms/vmware/index.md -weight: 5 ---- - # Running CoreOS on VMware CoreOS is currently in heavy development and actively being tested. @@ -83,7 +73,7 @@ Networking can take a bit of time to come up under VMware and you will need to know the IP in order to SSH in. Press enter a few times at the login prompt and you should see an IP address pop up: -![VMware IP Address](vmware-ip.png) +![VMware IP Address](img/vmware-ip.png) In this case the IP is `10.0.1.81`. diff --git a/running-coreos/cloud-providers/vultr/index.md b/os/booting-on-vultr.md similarity index 96% rename from running-coreos/cloud-providers/vultr/index.md rename to os/booting-on-vultr.md index 1cc3429ef..5225f58e8 100755 --- a/running-coreos/cloud-providers/vultr/index.md +++ b/os/booting-on-vultr.md @@ -1,12 +1,3 @@ ---- -layout: docs -title: Vultr VPS -category: running_coreos -sub_category: cloud_provider -fork_url: https://github.com/coreos/docs/blob/master/running-coreos/cloud-providers/vultr/index.md -weight: 10 ---- - # Running CoreOS on a Vultr VPS These instructions will walk you through running a single CoreOS node. This guide assumes: diff --git a/running-coreos/bare-metal/booting-with-ipxe/index.md b/os/booting-with-ipxe.md similarity index 97% rename from running-coreos/bare-metal/booting-with-ipxe/index.md rename to os/booting-with-ipxe.md index b057adb8c..a496c21f4 100644 --- a/running-coreos/bare-metal/booting-with-ipxe/index.md +++ b/os/booting-with-ipxe.md @@ -1,14 +1,3 @@ ---- -layout: docs -slug: ipxe -title: Booting with iPXE -category: running_coreos -sub_category: bare_metal -supported: true -fork_url: https://github.com/coreos/docs/blob/master/running-coreos/bare-metal/booting-with-ipxe/index.md -weight: 5 ---- - # Booting CoreOS via iPXE CoreOS is currently in heavy development and actively being tested. These instructions will walk you through booting CoreOS via iPXE on real or virtual hardware. By default, this will run CoreOS completely out of RAM. CoreOS can also be [installed to disk]({{site.baseurl}}/docs/running-coreos/bare-metal/installing-to-disk). diff --git a/running-coreos/platforms/iso/index.md b/os/booting-with-iso.md similarity index 94% rename from running-coreos/platforms/iso/index.md rename to os/booting-with-iso.md index 19d2397e7..f5603f8ad 100644 --- a/running-coreos/platforms/iso/index.md +++ b/os/booting-with-iso.md @@ -1,13 +1,3 @@ ---- -layout: docs -title: ISO -category: running_coreos -sub_category: platforms -supported: true -fork_url: https://github.com/coreos/docs/blob/master/running-coreos/platforms/iso/index.md -weight: 10 ---- - # Booting CoreOS from an ISO The latest CoreOS ISOs can be downloaded from the image storage site: diff --git a/running-coreos/platforms/libvirt/index.md b/os/booting-with-libvirt.md similarity index 97% rename from running-coreos/platforms/libvirt/index.md rename to os/booting-with-libvirt.md index 756c38ec6..fca0272b0 100644 --- a/running-coreos/platforms/libvirt/index.md +++ b/os/booting-with-libvirt.md @@ -1,12 +1,3 @@ ---- -layout: docs -title: Libvirt -category: running_coreos -sub_category: platforms -fork_url: https://github.com/coreos/docs/blob/master/running-coreos/platforms/libvirt/index.md -weight: 5 ---- - # Running CoreOS on libvirt This guide explains how to run CoreOS with libvirt. The libvirt configuration diff --git a/running-coreos/bare-metal/booting-with-pxe/index.md b/os/booting-with-pxe.md similarity index 97% rename from running-coreos/bare-metal/booting-with-pxe/index.md rename to os/booting-with-pxe.md index 3ee52a865..e6db8a73b 100644 --- a/running-coreos/bare-metal/booting-with-pxe/index.md +++ b/os/booting-with-pxe.md @@ -1,14 +1,3 @@ ---- -layout: docs -slug: pxe -title: Booting with PXE -category: running_coreos -sub_category: bare_metal -supported: true -fork_url: https://github.com/coreos/docs/blob/master/running-coreos/bare-metal/booting-with-pxe/index.md -weight: 5 ---- - # Booting CoreOS via PXE These instructions will walk you through booting CoreOS via PXE on real or virtual hardware. By default, this will run CoreOS completely out of RAM. CoreOS can also be [installed to disk]({{site.baseurl}}/docs/running-coreos/bare-metal/installing-to-disk). diff --git a/running-coreos/platforms/qemu/index.md b/os/booting-with-qemu.md similarity index 96% rename from running-coreos/platforms/qemu/index.md rename to os/booting-with-qemu.md index 9843bc319..b9a32c348 100644 --- a/running-coreos/platforms/qemu/index.md +++ b/os/booting-with-qemu.md @@ -1,13 +1,3 @@ ---- -layout: docs -slug: qemu -title: QEMU -category: running_coreos -sub_category: platforms -fork_url: https://github.com/coreos/docs/blob/master/running-coreos/platforms/qemu/index.md -weight: 5 ---- - # Running CoreOS on QEMU CoreOS is currently in heavy development and actively being tested. diff --git a/cluster-management/debugging/btrfs-troubleshooting/index.md b/os/btrfs-troubleshooting.md similarity index 96% rename from cluster-management/debugging/btrfs-troubleshooting/index.md rename to os/btrfs-troubleshooting.md index a7e75cc3a..a7701a338 100644 --- a/cluster-management/debugging/btrfs-troubleshooting/index.md +++ b/os/btrfs-troubleshooting.md @@ -1,13 +1,3 @@ ---- -layout: docs -slug: guides -title: Working with btrfs -category: cluster_management -sub_category: debugging -fork_url: https://github.com/coreos/docs/blob/master/cluster-management/debugging/btrfs-troubleshooting/index.md -weight: 5 ---- - # Working with btrfs and Common Troubleshooting btrfs is a copy-on-write filesystem with full support in the upstream Linux kernel and several desirable features. In the past, CoreOS shipped with a btrfs root filesystem to support Docker filesystem requirements at the time. As of version 561.0.0, CoreOS ships with ext4 as the default root filesystem by default while still supporting Docker. Btrfs is still supported and works with the latest CoreOS releases and Docker, but we recommend using ext4. diff --git a/cluster-management/setup/cluster-architectures/index.md b/os/cluster-architectures.md similarity index 94% rename from cluster-management/setup/cluster-architectures/index.md rename to os/cluster-architectures.md index 8735e97c0..76df5a401 100644 --- a/cluster-management/setup/cluster-architectures/index.md +++ b/os/cluster-architectures.md @@ -1,12 +1,3 @@ ---- -layout: docs -title: Cluster Architectures -category: cluster_management -sub_category: planning -fork_url: https://github.com/coreos/docs/blob/master/cluster-management/setup/cluster-architectures/index.md -weight: 5 ---- - # CoreOS Cluster Architectures ## Overview @@ -19,7 +10,7 @@ The cloud-config files provided with each section are valid, but you will need t ## Docker Dev Environment on Laptop -Laptop Environment Diagram +Laptop Environment Diagram
      Laptop development environment with CoreOS VM
      | Cost | Great For | Set Up Time | Production | @@ -71,7 +62,7 @@ coreos: ## Small Cluster -Small CoreOS Cluster Diagram +Small CoreOS Cluster Diagram
      Small CoreOS cluster running etcd on all machines
      | Cost | Great For | Set Up Time | Production | @@ -88,7 +79,7 @@ Following the guide for each of the [supported platforms]({{site.baseurl}}/docs# ## Easy Development/Testing Cluster -CoreOS cluster optimized for development and testing +CoreOS cluster optimized for development and testing
      CoreOS cluster optimized for development and testing
      | Cost | Great For | Set Up Time | Production | @@ -160,7 +151,7 @@ coreos: ## Production Cluster with Central Services -CoreOS cluster optimized for production environments +CoreOS cluster optimized for production environments
      CoreOS cluster separated into central services and workers.
      | Cost | Great For | Set Up Time | Production | diff --git a/cluster-management/setup/cluster-discovery/index.md b/os/cluster-discovery.md similarity index 98% rename from cluster-management/setup/cluster-discovery/index.md rename to os/cluster-discovery.md index ae259d35a..c596f6dae 100644 --- a/cluster-management/setup/cluster-discovery/index.md +++ b/os/cluster-discovery.md @@ -1,12 +1,3 @@ ---- -layout: docs -title: Clustering Machines -category: cluster_management -sub_category: setting_up -fork_url: https://github.com/coreos/docs/blob/master/cluster-management/setup/cluster-discovery/index.md -weight: 4 ---- - # CoreOS Cluster Discovery ## Overview diff --git a/cluster-management/setup/configuring-date-and-timezone/index.md b/os/configuring-date-and-timezone.md similarity index 95% rename from cluster-management/setup/configuring-date-and-timezone/index.md rename to os/configuring-date-and-timezone.md index 59d1f07d5..ae8cd661b 100644 --- a/cluster-management/setup/configuring-date-and-timezone/index.md +++ b/os/configuring-date-and-timezone.md @@ -1,12 +1,3 @@ ---- -layout: docs -title: Configuring Date & Timezone (NTP) -category: cluster_management -sub_category: setting_up -fork_url: https://github.com/coreos/docs/blob/master/cluster-management/setup/configuring-date-and-timezone/index.md -weight: 7 ---- - # Configuring Date and Timezone NTP is used to to keep clocks in sync across machines in a CoreOS cluster. diff --git a/distributed-configuration/customize-etcd-unit/index.md b/os/customize-etcd-unit.md similarity index 94% rename from distributed-configuration/customize-etcd-unit/index.md rename to os/customize-etcd-unit.md index ba4f7702c..bb859dfea 100644 --- a/distributed-configuration/customize-etcd-unit/index.md +++ b/os/customize-etcd-unit.md @@ -1,12 +1,3 @@ ---- -layout: docs -title: Customizing the etcd Unit -category: distributed_configuration -sub_category: configuration -fork_url: https://github.com/coreos/docs/blob/master/distributed-configuration/customize-etcd-unit/index.md -weight: 5 ---- - # Customizing the etcd Unit The etcd systemd unit can be customized by overriding the unit that ships with the default CoreOS settings. Common use-cases for doing this are covered below. diff --git a/launching-containers/building/customizing-docker/index.md b/os/customizing-docker.md similarity index 96% rename from launching-containers/building/customizing-docker/index.md rename to os/customizing-docker.md index 883b09d40..cdc903c2b 100644 --- a/launching-containers/building/customizing-docker/index.md +++ b/os/customizing-docker.md @@ -1,12 +1,3 @@ ---- -layout: docs -title: Customizing docker -category: launching_containers -sub_category: building -fork_url: https://github.com/coreos/docs/blob/master/launching-containers/building/customizing-docker/index.md -weight: 7 ---- - # Customizing docker The docker systemd unit can be customized by overriding the unit that ships with the default CoreOS settings. Common use-cases for doing this are covered below. diff --git a/cluster-management/setup/customizing-sshd/index.md b/os/customizing-sshd.md similarity index 87% rename from cluster-management/setup/customizing-sshd/index.md rename to os/customizing-sshd.md index 76240c7c2..df7ee1010 100644 --- a/cluster-management/setup/customizing-sshd/index.md +++ b/os/customizing-sshd.md @@ -1,12 +1,3 @@ ---- -layout: docs -title: Customizing the SSH Daemon -category: cluster_management -sub_category: setting_up -fork_url: https://github.com/coreos/docs/blob/master/cluster-management/setup/customizing-ssh/index.md -weight: 7 ---- - # Customizing the SSH Daemon CoreOS defaults to running an OpenSSH daemon. In some cases you may want to customize this daemon's authentication methods or other configuration. This guide will show you how to customize using `cloud-config`. diff --git a/running-coreos/platforms/libvirt/deploy_coreos_cluster.sh b/os/deploy_coreos_libvirt.sh similarity index 100% rename from running-coreos/platforms/libvirt/deploy_coreos_cluster.sh rename to os/deploy_coreos_libvirt.sh diff --git a/launching-containers/building/getting-started-with-docker/index.md b/os/getting-started-with-docker.md similarity index 96% rename from launching-containers/building/getting-started-with-docker/index.md rename to os/getting-started-with-docker.md index 960ed4773..d6faf9cf2 100644 --- a/launching-containers/building/getting-started-with-docker/index.md +++ b/os/getting-started-with-docker.md @@ -1,13 +1,3 @@ ---- -layout: docs -slug: guides/docker -title: Getting Started with docker -category: launching_containers -sub_category: building -fork_url: https://github.com/coreos/docs/blob/master/launching-containers/building/getting-started-with-docker/index.md -weight: 5 ---- - # Getting Started with Docker Docker is an open-source project that makes creating and managing Linux containers really easy. Containers are like extremely lightweight VMs – they allow code to run in isolation from other containers but safely share the machine’s resources, all without the overhead of a hypervisor. diff --git a/launching-containers/launching/getting-started-with-systemd/index.md b/os/getting-started-with-systemd.md similarity index 97% rename from launching-containers/launching/getting-started-with-systemd/index.md rename to os/getting-started-with-systemd.md index d521758d4..c4b8ffb00 100644 --- a/launching-containers/launching/getting-started-with-systemd/index.md +++ b/os/getting-started-with-systemd.md @@ -1,13 +1,3 @@ ---- -layout: docs -slug: guides -title: Getting Started with systemd -category: launching_containers -sub_category: launching -fork_url: https://github.com/coreos/docs/blob/master/launching-containers/building/getting-started-with-systemd/index.md -weight: 5 ---- - # Getting Started with systemd systemd is an init system that provides many powerful features for starting, stopping and managing processes. Within the CoreOS world, you will almost exclusively use systemd to manage the lifecycle of your Docker containers. diff --git a/cluster-management/setup/cluster-architectures/dev.png b/os/img/dev.png similarity index 100% rename from cluster-management/setup/cluster-architectures/dev.png rename to os/img/dev.png diff --git a/running-coreos/cloud-providers/exoscale/size.png b/os/img/exoscale-size.png similarity index 100% rename from running-coreos/cloud-providers/exoscale/size.png rename to os/img/exoscale-size.png diff --git a/running-coreos/cloud-providers/digitalocean/image.png b/os/img/image.png similarity index 100% rename from running-coreos/cloud-providers/digitalocean/image.png rename to os/img/image.png diff --git a/cluster-management/setup/cluster-architectures/laptop.png b/os/img/laptop.png similarity index 100% rename from cluster-management/setup/cluster-architectures/laptop.png rename to os/img/laptop.png diff --git a/cluster-management/setup/cluster-architectures/prod.png b/os/img/prod.png similarity index 100% rename from cluster-management/setup/cluster-architectures/prod.png rename to os/img/prod.png diff --git a/running-coreos/cloud-providers/digitalocean/settings.png b/os/img/settings.png similarity index 100% rename from running-coreos/cloud-providers/digitalocean/settings.png rename to os/img/settings.png diff --git a/running-coreos/cloud-providers/digitalocean/size.png b/os/img/size.png similarity index 100% rename from running-coreos/cloud-providers/digitalocean/size.png rename to os/img/size.png diff --git a/cluster-management/setup/cluster-architectures/small.png b/os/img/small.png similarity index 100% rename from cluster-management/setup/cluster-architectures/small.png rename to os/img/small.png diff --git a/running-coreos/cloud-providers/exoscale/template.png b/os/img/template.png similarity index 100% rename from running-coreos/cloud-providers/exoscale/template.png rename to os/img/template.png diff --git a/cluster-management/setup/switching-channels/update-timeline.png b/os/img/update-timeline.png similarity index 100% rename from cluster-management/setup/switching-channels/update-timeline.png rename to os/img/update-timeline.png diff --git a/running-coreos/cloud-providers/exoscale/userdata.png b/os/img/userdata.png similarity index 100% rename from running-coreos/cloud-providers/exoscale/userdata.png rename to os/img/userdata.png diff --git a/running-coreos/platforms/vmware/vmware-ip.png b/os/img/vmware-ip.png similarity index 100% rename from running-coreos/platforms/vmware/vmware-ip.png rename to os/img/vmware-ip.png diff --git a/cluster-management/debugging/install-debugging-tools/index.md b/os/install-debugging-tools.md similarity index 88% rename from cluster-management/debugging/install-debugging-tools/index.md rename to os/install-debugging-tools.md index a43321798..bf346054c 100644 --- a/cluster-management/debugging/install-debugging-tools/index.md +++ b/os/install-debugging-tools.md @@ -1,13 +1,3 @@ ---- -layout: docs -slug: guides -title: Install Debugging Tools -category: cluster_management -sub_category: debugging -fork_url: https://github.com/coreos/docs/blob/master/cluster-management/debugging/install-debugging-tools/index.md -weight: 7 ---- - # Install Debugging Tools You can use common debugging tools like tcpdump or strace with Toolbox. Using the filesystem of a specified docker container Toolbox will launch a container with full system privileges including access to system PIDs, network interfaces and other global information. Inside of the toolbox, the machine's filesystem is mounted to `/media/root`. diff --git a/running-coreos/bare-metal/installing-to-disk/index.md b/os/installing-to-disk.md similarity index 95% rename from running-coreos/bare-metal/installing-to-disk/index.md rename to os/installing-to-disk.md index 174dae8e0..1a57b5fee 100644 --- a/running-coreos/bare-metal/installing-to-disk/index.md +++ b/os/installing-to-disk.md @@ -1,14 +1,3 @@ ---- -layout: docs -slug: pxe -title: Installing to Disk -category: running_coreos -sub_category: bare_metal -supported: true -fork_url: https://github.com/coreos/docs/blob/master/running-coreos/bare-metal/installing-to-disk/index.md -weight: 7 ---- - # Installing CoreOS to Disk ## Install Script diff --git a/cluster-management/debugging/manual-rollbacks/index.md b/os/manual-rollbacks.md similarity index 96% rename from cluster-management/debugging/manual-rollbacks/index.md rename to os/manual-rollbacks.md index cc4735729..d6d97b549 100644 --- a/cluster-management/debugging/manual-rollbacks/index.md +++ b/os/manual-rollbacks.md @@ -1,13 +1,3 @@ ---- -layout: docs -slug: guides -title: Manual CoreOS Rollbacks -category: cluster_management -sub_category: debugging -fork_url: https://github.com/coreos/docs/blob/master/cluster-management/debugging/manual-rollbacks/index.md -weight: 5 ---- - # Performing Manual CoreOS Rollbacks As much as we all love flawless, automatic updates, there may be occasions when diff --git a/cluster-management/setup/mounting-storage/index.md b/os/mounting-storage.md similarity index 96% rename from cluster-management/setup/mounting-storage/index.md rename to os/mounting-storage.md index dafe53b89..943702c45 100644 --- a/cluster-management/setup/mounting-storage/index.md +++ b/os/mounting-storage.md @@ -1,12 +1,3 @@ ---- -layout: docs -title: Mounting Storage -category: cluster_management -sub_category: setting_up -fork_url: https://github.com/coreos/docs/blob/master/cluster-management/setup/mounting-storage/index.md -weight: 7 ---- - # Mounting Storage Many platforms provide attached storage, but it must be mounted for you to take advantage of it. You can easily do this via [cloud-config]({{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config) with a `.mount` unit. Here's an example that mounts an [EC2 ephemeral disk]({{site.baseurl}}/docs/running-coreos/cloud-providers/ec2/#instance-storage): diff --git a/cluster-management/setup/network-config-with-networkd/index.md b/os/network-config-with-networkd.md similarity index 93% rename from cluster-management/setup/network-config-with-networkd/index.md rename to os/network-config-with-networkd.md index 3ee0bcaab..c9ff1e997 100644 --- a/cluster-management/setup/network-config-with-networkd/index.md +++ b/os/network-config-with-networkd.md @@ -1,12 +1,3 @@ ---- -layout: docs -title: Network Configuration -category: cluster_management -sub_category: setting_up -fork_url: https://github.com/coreos/docs/blob/master/cluster-management/setup/network-config-with-networkd/index.md -weight: 7 ---- - # Network Configuration with networkd CoreOS machines are preconfigured with [networking customized]({{site.baseurl}}/docs/sdk-distributors/distributors/notes-for-distributors) for each platform. You can write your own networkd units to replace or override the units created for each platform. This article covers a subset of networkd functionality. You can view the [full docs here](http://www.freedesktop.org/software/systemd/man/systemd-networkd.service.html). diff --git a/sdk-distributors/distributors/notes-for-distributors/index.md b/os/notes-for-distributors.md similarity index 94% rename from sdk-distributors/distributors/notes-for-distributors/index.md rename to os/notes-for-distributors.md index 6e4e563d1..05dcda2d6 100644 --- a/sdk-distributors/distributors/notes-for-distributors/index.md +++ b/os/notes-for-distributors.md @@ -1,12 +1,3 @@ ---- -layout: docs -title: Notes for Distributors -category: sdk_distributors -sub_category: distributors -fork_url: https://github.com/coreos/docs/blob/master/sdk-distributors/distributors/notes-for-distributors/index.md -weight: 5 ---- - # Notes for Distributors ## Importing Images diff --git a/cluster-management/setup/other-settings/index.md b/os/other-settings.md similarity index 94% rename from cluster-management/setup/other-settings/index.md rename to os/other-settings.md index 3a455cdc5..5c3419db3 100644 --- a/cluster-management/setup/other-settings/index.md +++ b/os/other-settings.md @@ -1,12 +1,3 @@ ---- -layout: docs -title: Tips and Other Settings -category: cluster_management -sub_category: setting_up -fork_url: https://github.com/coreos/docs/blob/master/cluster-management/setup/other-settings/index.md -weight: 8 ---- - # Tips and Other Settings ## Loading Kernel Modules diff --git a/launching-containers/launching/overview-of-systemctl/index.md b/os/overview-of-systemctl.md similarity index 93% rename from launching-containers/launching/overview-of-systemctl/index.md rename to os/overview-of-systemctl.md index 36689a599..6c67ecea2 100644 --- a/launching-containers/launching/overview-of-systemctl/index.md +++ b/os/overview-of-systemctl.md @@ -1,13 +1,3 @@ ---- -layout: docs -slug: guides -title: Overview of systemctl -category: launching_containers -sub_category: launching -fork_url: https://github.com/coreos/docs/blob/master/launching-containers/building/overview-of-systemctl/index.md -weight: 5 ---- - # Overview of systemctl `systemctl` is your interface to systemd, the init system used in CoreOS. All processes on a single machine are started and managed by systemd, including your docker containers. You can learn more in our [Getting Started with systemd]({{site.baseurl}}/docs/launching-containers/launching/getting-started-with-systemd) guide. Let's explore a few helpful `systemctl` commands. You must run all of these commands locally on the CoreOS machine: diff --git a/cluster-management/scaling/power-management/index.md b/os/power-management.md similarity index 88% rename from cluster-management/scaling/power-management/index.md rename to os/power-management.md index b5a07e48d..5fc8516cf 100644 --- a/cluster-management/scaling/power-management/index.md +++ b/os/power-management.md @@ -1,13 +1,3 @@ ---- -layout: docs -slug: guides/power -title: Power Management -category: cluster_management -sub_category: scaling -fork_url: https://github.com/coreos/docs/blob/master/cluster-management/scaling/power-management/index.md -weight: 5 ---- - # Tuning CoreOS Power Management ## CPU Governor diff --git a/quickstart/index.md b/os/quickstart.md similarity index 98% rename from quickstart/index.md rename to os/quickstart.md index a8796b3c6..a599f04bd 100644 --- a/quickstart/index.md +++ b/os/quickstart.md @@ -1,10 +1,3 @@ ---- -layout: docs -title: CoreOS Quick Start -#redirect handled in alias_generator.rb -fork_url: https://github.com/coreos/docs/blob/master/quickstart/index.md ---- - # Quick Start If you don't have a CoreOS machine running, check out the guides on [running CoreOS]({{site.baseurl}}/docs/#running-coreos) on most cloud providers ([EC2]({{site.baseurl}}/docs/running-coreos/cloud-providers/ec2), [Rackspace]({{site.baseurl}}/docs/running-coreos/cloud-providers/rackspace), [GCE]({{site.baseurl}}/docs/running-coreos/cloud-providers/google-compute-engine)), virtualization platforms ([Vagrant]({{site.baseurl}}/docs/running-coreos/platforms/vagrant), [VMware]({{site.baseurl}}/docs/running-coreos/platforms/vmware), [OpenStack]({{site.baseurl}}/docs/running-coreos/platforms/openstack), [QEMU/KVM]({{site.baseurl}}/docs/running-coreos/platforms/qemu)) and bare metal servers ([PXE]({{site.baseurl}}/docs/running-coreos/bare-metal/booting-with-pxe), [iPXE]({{site.baseurl}}/docs/running-coreos/bare-metal/booting-with-ipxe), [ISO]({{site.baseurl}}/docs/running-coreos/platforms/iso), [Installer]({{site.baseurl}}/docs/running-coreos/bare-metal/installing-to-disk)). With any of these guides you will have machines up and running in a few minutes. diff --git a/cluster-management/debugging/reading-the-system-log/index.md b/os/reading-the-system-log.md similarity index 92% rename from cluster-management/debugging/reading-the-system-log/index.md rename to os/reading-the-system-log.md index 18c4cdac8..e4a19d4f3 100644 --- a/cluster-management/debugging/reading-the-system-log/index.md +++ b/os/reading-the-system-log.md @@ -1,13 +1,3 @@ ---- -layout: docs -slug: guides -title: Reading the System Log -category: cluster_management -sub_category: debugging -fork_url: https://github.com/coreos/docs/blob/master/cluster-management/debugging/reading-the-system-log/index.md -weight: 5 ---- - # Reading the System Log `journalctl` is your interface into a single machine's journal/logging and `fleetctl journal` will fetch the journal for containers started with [fleet]({{site.baseurl}}/using-coreos/clustering/). All service files and docker containers insert data into the systemd journal. There are a few helpful commands to read the journal: diff --git a/launching-containers/building/registry-authentication/index.md b/os/registry-authentication.md similarity index 90% rename from launching-containers/building/registry-authentication/index.md rename to os/registry-authentication.md index d55d3265d..014f0a467 100644 --- a/launching-containers/building/registry-authentication/index.md +++ b/os/registry-authentication.md @@ -1,12 +1,3 @@ ---- -layout: docs -title: Using Authentication for a Registry -category: launching_containers -sub_category: building -fork_url: https://github.com/coreos/docs/blob/master/launching-containers/building/registry-authentication/index.md -weight: 7 ---- - # Using Authentication for a Registry A json file `.dockercfg` is generated in your home directory on `docker login`. It holds authentication information for a public or private docker registry. This `.dockercfg` can be reused in other home directories to authenticate. One way to do this is using Cloud-Config which is discussed more below. If you want to populate these values without running docker login, the auth token is a base64 encoded string: base64(:). diff --git a/sdk-distributors/sdk/building-development-images/index.md b/os/sdk-building-development-images.md similarity index 91% rename from sdk-distributors/sdk/building-development-images/index.md rename to os/sdk-building-development-images.md index d13e7acfa..9ba7d7089 100644 --- a/sdk-distributors/sdk/building-development-images/index.md +++ b/os/sdk-building-development-images.md @@ -1,12 +1,3 @@ ---- -layout: docs -title: Building Development Images -category: sdk_distributors -sub_category: sdk -fork_url: https://github.com/coreos/docs/blob/master/sdk-distributors/sdk/building-development-images/index.md -weight: 5 ---- - # Building Development Images ## Updating Packages on an Image diff --git a/sdk-distributors/sdk/building-production-images/index.md b/os/sdk-building-production-images.md similarity index 96% rename from sdk-distributors/sdk/building-production-images/index.md rename to os/sdk-building-production-images.md index 6388b37c3..a03b5fdb3 100644 --- a/sdk-distributors/sdk/building-production-images/index.md +++ b/os/sdk-building-production-images.md @@ -1,12 +1,3 @@ ---- -layout: docs -title: Building Production Images -category: sdk_distributors -sub_category: sdk -fork_url: https://github.com/coreos/docs/blob/master/sdk-distributors/sdk/building-production-images/index.md -weight: 5 ---- - # Building Production Images In general the automated process should always be used but in a pinch diff --git a/sdk-distributors/sdk/disk-partitions/index.md b/os/sdk-disk-partitions.md similarity index 94% rename from sdk-distributors/sdk/disk-partitions/index.md rename to os/sdk-disk-partitions.md index fc129aea0..2c6ef9073 100644 --- a/sdk-distributors/sdk/disk-partitions/index.md +++ b/os/sdk-disk-partitions.md @@ -1,12 +1,3 @@ ---- -layout: docs -title: Disk Layout -category: sdk_distributors -sub_category: sdk -fork_url: https://github.com/coreos/docs/blob/master/sdk-distributors/sdk/disk-partitions/index.md -weight: 9 ---- - # CoreOS Disk Layout CoreOS is designed to be reliably updated via a [continuous stream of updates]({{site.baseurl}}/using-coreos/updates). The operating system has 9 different disk partitions, utilizing a subset of those to make each update safe and enable a roll-back to a previous version if anything goes wrong. diff --git a/sdk-distributors/sdk/modifying-coreos/index.md b/os/sdk-modifying-coreos.md similarity index 96% rename from sdk-distributors/sdk/modifying-coreos/index.md rename to os/sdk-modifying-coreos.md index ea19de939..8a70233b7 100644 --- a/sdk-distributors/sdk/modifying-coreos/index.md +++ b/os/sdk-modifying-coreos.md @@ -1,12 +1,3 @@ ---- -layout: docs -title: Modifying CoreOS -category: sdk_distributors -sub_category: sdk -fork_url: https://github.com/coreos/docs/blob/master/sdk-distributors/sdk/modifying-coreos/index.md -weight: 3 ---- - # CoreOS Developer SDK Guide These are the instructions for building CoreOS itself. By the end of diff --git a/sdk-distributors/sdk/mantle/index.md b/os/sdk-testing-with-mantle.md similarity index 89% rename from sdk-distributors/sdk/mantle/index.md rename to os/sdk-testing-with-mantle.md index c8644a28c..3a9ca581d 100644 --- a/sdk-distributors/sdk/mantle/index.md +++ b/os/sdk-testing-with-mantle.md @@ -1,12 +1,3 @@ ---- -layout: docs -title: "Mantle: Gluing CoreOS together" -category: sdk_distributors -sub_category: sdk -fork_url: https://github.com/coreos/docs/blob/master/sdk-distributors/sdk/mantle/index.md -weight: 10 ---- - # Mantle: Gluing CoreOS together Mantle is a collection of utilities for the CoreOS SDK. diff --git a/sdk-distributors/sdk/tips-and-tricks/index.md b/os/sdk-tips-and-tricks.md similarity index 96% rename from sdk-distributors/sdk/tips-and-tricks/index.md rename to os/sdk-tips-and-tricks.md index cf1ae2471..9c0f9420b 100644 --- a/sdk-distributors/sdk/tips-and-tricks/index.md +++ b/os/sdk-tips-and-tricks.md @@ -1,12 +1,3 @@ ---- -layout: docs -title: SDK Tips and Tricks -category: sdk_distributors -sub_category: sdk -fork_url: https://github.com/coreos/docs/blob/master/sdk-distributors/sdk/tips-and-tricks/index.md -weight: 7 ---- - # Tips and Tricks ## Finding all open pull requests and issues diff --git a/cluster-management/setup/switching-channels/index.md b/os/switching-channels.md similarity index 82% rename from cluster-management/setup/switching-channels/index.md rename to os/switching-channels.md index 80252df4e..c04ca457a 100644 --- a/cluster-management/setup/switching-channels/index.md +++ b/os/switching-channels.md @@ -1,19 +1,10 @@ ---- -layout: docs -title: Switching Release Channels -category: cluster_management -sub_category: setting_up -fork_url: https://github.com/coreos/docs/blob/master/cluster-management/setup/switching-channels/index.md -weight: 5 ---- - # Switching Release Channels CoreOS is released into stable, alpha and beta channels. New features and bug fixes are tested in the alpha channel and are promoted bit-for-bit to the beta channel if no additional bugs are found. By design, the CoreOS update engine does not execute downgrades. If you're switching from a channel with a higher CoreOS version than the new channel, your machine won't be updated again until the new channel contains a higher version number. -![Update Timeline](update-timeline.png) +![Update Timeline](img/update-timeline.png) ## Create Update Config File diff --git a/cluster-management/setup/update-strategies/index.md b/os/update-strategies.md similarity index 97% rename from cluster-management/setup/update-strategies/index.md rename to os/update-strategies.md index e489d28e7..b8678ef9e 100644 --- a/cluster-management/setup/update-strategies/index.md +++ b/os/update-strategies.md @@ -1,12 +1,3 @@ ---- -layout: docs -title: Update Strategies -category: cluster_management -sub_category: planning -fork_url: https://github.com/coreos/docs/blob/master/cluster-management/setup/update-strategies/index.md -weight: 7 ---- - # Update Strategies The overarching goal of CoreOS is to secure the Internet's backend infrastructure. We believe that [automatically updating]({{site.baseurl}}/using-coreos/updates) the operating system is one of the best tools to achieve this goal. diff --git a/cluster-management/setup/verify-images/index.md b/os/verify-images.md similarity index 90% rename from cluster-management/setup/verify-images/index.md rename to os/verify-images.md index 115f376f6..77e1ae868 100644 --- a/cluster-management/setup/verify-images/index.md +++ b/os/verify-images.md @@ -1,12 +1,3 @@ ---- -layout: docs -title: Verify CoreOS Images with GPG -category: cluster_management -sub_category: setting_up -fork_url: https://github.com/coreos/docs/blob/master/cluster-management/setup/verify-images/index.md -weight: 7 ---- - # Verify CoreOS Images with GPG CoreOS publishes new images for each release across a variety of platforms and hosting providers. Each channel has it's own set of images ([stable], [beta], [alpha]) that are posted to our storage site. Along with each image, a signature is generated from the [CoreOS Image Signing Key][signing-key] and posted. From 72f2f7150cfc3891a7d8b82d295e5b2509fc3fb8 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Wed, 15 Jul 2015 12:06:15 -0700 Subject: [PATCH 0516/1291] flannel: remove front matter --- flannel/flannel-config.md | 9 --------- 1 file changed, 9 deletions(-) diff --git a/flannel/flannel-config.md b/flannel/flannel-config.md index 2b35ffaf7..67827ed1e 100644 --- a/flannel/flannel-config.md +++ b/flannel/flannel-config.md @@ -1,12 +1,3 @@ ---- -layout: docs -title: Configuring flannel Networking -category: cluster_management -sub_category: setting_up -fork_url: https://github.com/coreos/docs/blob/master/cluster-management/setup/flannel-config/index.md -weight: 10 ---- - # Configuring flannel for Container Networking *Note*: flannel is only available in [CoreOS versions 554]({{site.baseurl}}/releases/#554.0.0) and later. From 6e05352a650ae5a2e3f3ff0329c9e5fe51235d40 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Fri, 17 Jul 2015 13:58:58 -0700 Subject: [PATCH 0517/1291] os: update wget url --- os/booting-with-libvirt.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/os/booting-with-libvirt.md b/os/booting-with-libvirt.md index fca0272b0..64a1fcd7d 100644 --- a/os/booting-with-libvirt.md +++ b/os/booting-with-libvirt.md @@ -165,7 +165,7 @@ This guide explains how to run three-nodes demo CoreOS cluster with libvirt. Save following `deploy_coreos_cluster.sh` script into your host filesystem: ```sh -wget https://raw.githubusercontent.com/coreos/docs/master/running-coreos/platforms/libvirt/deploy_coreos_cluster.sh +wget https://raw.githubusercontent.com/coreos/docs/master/os/deploy_coreos_libvirt.sh chmod +x deploy_coreos_cluster.sh ``` From b2b631560442cae93c95f78eb8ce7f6b1df65dd5 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Fri, 17 Jul 2015 15:34:58 -0700 Subject: [PATCH 0518/1291] kubernetes: add gettig started guide --- kubernetes/getting-started.md | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 kubernetes/getting-started.md diff --git a/kubernetes/getting-started.md b/kubernetes/getting-started.md new file mode 100644 index 000000000..b1bc046ef --- /dev/null +++ b/kubernetes/getting-started.md @@ -0,0 +1,23 @@ +[k8s]: http://kubernetes.io/ +[k8s-coreos-guide]: https://github.com/GoogleCloudPlatform/kubernetes/blob/v1.0.0/docs/getting-started-guides/coreos/coreos_multinode_cluster.md +[k8s-user-guide]: https://github.com/GoogleCloudPlatform/kubernetes/blob/v1.0.0/docs/user-guide.md + +# Getting Started with CoreOS and Kubernetes + +[Kubernetes][k8s] is a distributed container platform originally developed by Google. CoreOS has developed a number of technologies that are complimentary or required by Kubernetes, including etcd, flannel, and fleet. + +## Differences between fleet and Kubernetes + +Fleet is a low level distributed init system. Fleet is useful for "booting" a distributed system, such as Kubernetes. Fleet is great for tools that are building products that are platforms themselves. Kubernetes is intended a complete distributed platform that includes service discovery, overlay networking, and robust APIs. + +Fleet should be used if you are building your own platform that orchestrates containers or the host system. + +Kubernetes is recommended for most operations teams that are looking to deploy containers against a distributed platform. + +## Deploy Kubernetes on CoreOS + +Please refer to the [CoreOS Multinode Cluster][k8s-coreos-guide] guide for the latest instructions for running Kubernetes on CoreOS. + +## Getting started with Kubernetes + +Refer to the [Kubernetes User Guide][k8s-user-guide] for detailed instructions on how to use Kubernetes. From 061b6026c869491d154f8276ae38e1d44aa37a5f Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Sun, 19 Jul 2015 17:58:09 -0700 Subject: [PATCH 0519/1291] etcd: remove front matter and fix links --- etcd/getting-started-with-etcd.md | 14 ++------------ 1 file changed, 2 insertions(+), 12 deletions(-) diff --git a/etcd/getting-started-with-etcd.md b/etcd/getting-started-with-etcd.md index 8bd27720c..e845f9019 100644 --- a/etcd/getting-started-with-etcd.md +++ b/etcd/getting-started-with-etcd.md @@ -1,20 +1,10 @@ ---- -layout: docs -slug: guides/etcd -title: Getting Started with etcd -category: distributed_configuration -sub_category: reading_writing -fork_url: https://github.com/coreos/docs/blob/master/distributed-configuration/getting-started-with-etcd/index.md -weight: 5 ---- - # Getting Started with etcd etcd is an open-source distributed key value store that provides shared configuration and service discovery for CoreOS clusters. etcd runs on each machine in a cluster and gracefully handles master election during network partitions and the loss of the current master. Application containers running on your cluster can read and write data into etcd. Common examples are storing database connection details, cache settings, feature flags, and more. This guide will walk you through a basic example of reading and writing to etcd then proceed to other features like TTLs, directories and watching a prefix. This guide is way more fun when you've got at least one CoreOS machine up and running — try it on [Amazon EC2]({{site.baseurl}}/docs/running-coreos/cloud-providers/ec2) or locally with [Vagrant]({{site.baseurl}}/docs/running-coreos/platforms/vagrant). -Complete etcd API Docs +Complete etcd API Docs ## Reading and Writing to etcd @@ -77,7 +67,7 @@ ETCD_ENDPOINT="$(ifconfig docker0 | awk '/\/ { print $2}'):4001" ## Proxy Example -Let's pretend we're setting up a service that consists of a few containers that are behind a proxy container. We can use etcd to announce these containers when they start by creating a directory, having each container write a key within that directory and have the proxy watch the entire directory. We're going to skip creating the containers here but the [docker guide]({{site.baseurl}}/docs/launching-containers/building/getting-started-with-docker) is a good place to start for that. +Let's pretend we're setting up a service that consists of a few containers that are behind a proxy container. We can use etcd to announce these containers when they start by creating a directory, having each container write a key within that directory and have the proxy watch the entire directory. We're going to skip creating the containers here but the [docker guide]({{site.baseurl}}/os/docs/latest/getting-started-with-docker.html) is a good place to start for that. ### Create the directory From ef01bc93202d388f22cf1ab0a0eb8ccf1afb7bb6 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Mon, 20 Jul 2015 09:47:37 -0700 Subject: [PATCH 0520/1291] os: match script name fixes #540 --- os/booting-with-libvirt.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/os/booting-with-libvirt.md b/os/booting-with-libvirt.md index 64a1fcd7d..f0f92d587 100644 --- a/os/booting-with-libvirt.md +++ b/os/booting-with-libvirt.md @@ -162,11 +162,11 @@ This guide explains how to run three-nodes demo CoreOS cluster with libvirt. ## Bash Script -Save following `deploy_coreos_cluster.sh` script into your host filesystem: +Save following `deploy_coreos_libvirt.sh` script into your host filesystem: ```sh wget https://raw.githubusercontent.com/coreos/docs/master/os/deploy_coreos_libvirt.sh -chmod +x deploy_coreos_cluster.sh +chmod +x deploy_coreos_libvirt.sh ``` Each libvirt instance will have 1024Mb of RAM and 1 CPU (RAM and CPUs variables). From 966dc4fa154c07e2c749f588bc3594e270b218d0 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Mon, 20 Jul 2015 09:51:06 -0700 Subject: [PATCH 0521/1291] fleet: remove front matter --- fleet/launching-containers-fleet.md | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/fleet/launching-containers-fleet.md b/fleet/launching-containers-fleet.md index 51f7fac49..fe7250962 100644 --- a/fleet/launching-containers-fleet.md +++ b/fleet/launching-containers-fleet.md @@ -1,13 +1,3 @@ ---- -layout: docs -slug: guides -title: Launching Containers with fleet -category: launching_containers -sub_category: launching -fork_url: https://github.com/coreos/docs/blob/master/launching-containers/building/launching-containers-fleet/index.md -weight: 2 ---- - # Launching Containers with fleet `fleet` is a cluster manager that controls `systemd` at the cluster level. To run your services in the cluster, you must submit regular systemd units combined with a few [fleet-specific properties]({{site.baseurl}}/docs/launching-containers/launching/fleet-unit-files/). From 4e257fc8848fd9d98a1587731f40d323430203ac Mon Sep 17 00:00:00 2001 From: Joshua Wood Date: Wed, 22 Jul 2015 14:26:52 -0500 Subject: [PATCH 0522/1291] Refactor date and time configuration document in reference to upstream #533. Reorder topics from most to least common case. Clarify. Cleanup typing. --- os/configuring-date-and-timezone.md | 290 ++++++++++++++++------------ 1 file changed, 165 insertions(+), 125 deletions(-) diff --git a/os/configuring-date-and-timezone.md b/os/configuring-date-and-timezone.md index ae8cd661b..4a2817333 100644 --- a/os/configuring-date-and-timezone.md +++ b/os/configuring-date-and-timezone.md @@ -1,102 +1,20 @@ # Configuring Date and Timezone -NTP is used to to keep clocks in sync across machines in a CoreOS cluster. -CoreOS [681.0.0][681.0.0] uses [systemd-timesyncd][systemd-timesyncd] as the -default NTP client, prior to that [ntpd][ntp.org] was used. Depending on the -your version of CoreOS one of the two services will automatically start. To -check which service is running, run the follow command: +By default, CoreOS machines keep time in the UTC timezone and synchronize +their clocks with NTP. This page contains information about customizing +those defaults to meet site requirements, explains the change in NTP client +daemons in recent CoreOS versions, and offers advice on best practices for +timekeeping in a CoreOS cluster. -``` -sudo systemctl status systemd-timesyncd ntpd -● systemd-timesyncd.service - Network Time Synchronization - Loaded: loaded (/usr/lib64/systemd/system/systemd-timesyncd.service; disabled; vendor preset: disabled) - Active: active (running) since Thu 2015-05-14 05:43:20 UTC; 5 days ago - Docs: man:systemd-timesyncd.service(8) - Main PID: 480 (systemd-timesyn) - Status: "Using Time Server 169.254.169.254:123 (169.254.169.254)." - Memory: 448.0K - CGroup: /system.slice/systemd-timesyncd.service - └─480 /usr/lib/systemd/systemd-timesyncd +## Viewing and changing date and time settings with *timedatectl* -● ntpd.service - Network Time Service - Loaded: loaded (/usr/lib64/systemd/system/ntpd.service; disabled; vendor preset: disabled) - Active: inactive (dead) -``` - -[681.0.0]: https://coreos.com/releases/#681.0.0 -[ntp.org]: http://ntp.org/ -[systemd-timesyncd]: http://www.freedesktop.org/software/systemd/man/systemd-timesyncd.service.html - -## Switching between systemd-timesyncd and ntpd +The [*timedatectl*(1)][timedatectl] command displays and sets the timezone +and current time. -If you are on CoreOS 681.0.0 or later you can switch back to the classic ntpd -with the following commands or cloud config: +### Show the date, time, and zone: ``` -sudo systemctl stop systemd-timesyncd -sudo systemctl mask systemd-timesyncd -sudo systemctl enable ntpd -sudo systemctl start ntpd -``` - -```yaml -#cloud-config - -coreos: - units: - - name: systemd-timesyncd.service - command: stop - mask: true - - name: ntpd.service - command: start - enable: true -``` - -It important to mask the service you do not want to start. The -`systemctl disable` command will not override the system default to start. - -## Changing NTP time servers - -When using systemd-timesyncd NTP servers can be provided via DHCP, individual -[network][systemd.network] configs, [timesyncd.conf][timesyncd.conf], or the -built in default `*.coreos.pool.ntp.org` pool. For example, to disable the -default behavior of using NTP servers from DHCP write the following to -`/etc/systemd/network/50-dhcp-no-ntp.conf`: - -```ini -[Network] -DHCP=v4 -NTP=0.pool.example.com 1.pool.example.com - -[DHCP] -UseMTU=true -UseDomains=true -UseNTP=false -``` - -[systemd.network]: http://www.freedesktop.org/software/systemd/man/systemd.network.html -[timesyncd.conf]: http://www.freedesktop.org/software/systemd/man/timesyncd.conf.html - -The ntpd service can be configured via the /etc/ntp.conf configuration file. It -does not use DHCP or other configuration sources. If you would like to use a -different set of NTP servers edit replace the `/etc/ntp.conf` symlink with -something like the following: - -``` -server 0.pool.example.com -server 1.pool.example.com - -restrict default nomodify nopeer noquery limited kod -restrict 127.0.0.1 -restrict [::1] -``` - -## Viewing the date and timezone settings with timedatectl - -The timedatectl command can be use to view and change timezone settings as well as report the current time. - -``` -timedatectl status +$ timedatectl status Local time: Tue 2014-08-26 19:29:12 UTC Universal time: Tue 2014-08-26 19:29:12 UTC RTC time: Tue 2014-08-26 19:29:12 @@ -107,12 +25,12 @@ NTP synchronized: yes DST active: n/a ``` -## Changing the system timezone +### Changing the timezone Start by listing the available time zones: ``` -timedatectl list-timezones +$ timedatectl list-timezones Africa/Abidjan Africa/Accra Africa/Addis_Ababa @@ -122,13 +40,13 @@ Africa/Addis_Ababa Pick a timezone from the list and set it: ``` -sudo timedatectl set-timezone America/New_York +$ sudo timedatectl set-timezone America/New_York ``` -Check the timezone status to view the changes: +Check the changes: ``` -timedatectl +$ timedatectl Local time: Tue 2014-08-26 15:44:07 EDT Universal time: Tue 2014-08-26 19:44:07 UTC RTC time: Tue 2014-08-26 19:44:07 @@ -145,49 +63,150 @@ NTP synchronized: yes Sun 2014-11-02 01:00:00 EST ``` -## CoreOS Recommendations +Timezone may instead be set in cloud-config, with something like the following +excerpt: + +```yaml +#cloud-config +coreos: + units: + - name: settimezone.service + command: start + content: | + [Unit] + Description=Set the timezone + + [Service] + ExecStart=/usr/bin/timedatectl set-timezone America/New_York + RemainAfterExit=yes + Type=oneshot +``` -### What time should I use? +[timedatectl]: http://www.freedesktop.org/software/systemd/man/timedatectl.html -To avoid time zone confusion and the complexities of adjusting clocks for -daylight saving time it’s recommended that all machines in a CoreOS cluster use -Coordinated Universal Time (UTC). This is the default. + +## Time synchronization + +CoreOS clusters use NTP to synchronize the clocks of member nodes, and all +machines start an NTP client at boot. CoreOS versions later than +[681.0.0][681.0.0] use [*systemd-timesyncd*(8)][systemd-timesyncd] as the +default NTP client. Earlier versions used [*ntpd*(8)][ntp.org]. To check which +service is active, run the follow command: ``` -sudo timedatectl set-timezone UTC +$ sudo systemctl status systemd-timesyncd ntpd +● systemd-timesyncd.service - Network Time Synchronization + Loaded: loaded (/usr/lib64/systemd/system/systemd-timesyncd.service; disabled; vendor preset: disabled) + Active: active (running) since Thu 2015-05-14 05:43:20 UTC; 5 days ago + Docs: man:systemd-timesyncd.service(8) + Main PID: 480 (systemd-timesyn) + Status: "Using Time Server 169.254.169.254:123 (169.254.169.254)." + Memory: 448.0K + CGroup: /system.slice/systemd-timesyncd.service + └─480 /usr/lib/systemd/systemd-timesyncd + +● ntpd.service - Network Time Service + Loaded: loaded (/usr/lib64/systemd/system/ntpd.service; disabled; vendor preset: disabled) + Active: inactive (dead) ``` -### Which NTP servers should I sync against? +[681.0.0]: https://coreos.com/releases/#681.0.0 +[ntp.org]: http://ntp.org/ +[systemd-timesyncd]: http://www.freedesktop.org/software/systemd/man/systemd-timesyncd.service.html -Unless you have a highly reliable and precise time server pool you should stick to the default NTP servers from the ntp.org server pool. +## Changing NTP time sources +*Systemd-timesyncd* can discover NTP servers from DHCP, individual +[network][systemd.network] configs, [timesyncd.conf][timesyncd.conf], or use +the built-in `*.coreos.pool.ntp.org` pool. + +For example, to disable the default behavior of using NTP servers from DHCP, +write the following to `/etc/systemd/network/50-dhcp-no-ntp.conf`: + +```ini +[Network] +DHCP=v4 +NTP=0.pool.example.com 1.pool.example.com + +[DHCP] +UseMTU=true +UseDomains=true +UseNTP=false ``` -server 0.coreos.pool.ntp.org -server 1.coreos.pool.ntp.org -server 2.coreos.pool.ntp.org -server 3.coreos.pool.ntp.org + +The same can be accomplished with a snippet in cloud-config like: + +```yaml +#cloud-config +coreos: + write_files: + - path: /etc/systemd/timesyncd.conf + content: | + [Time] + NTP=0.pool.example.com 1.pool.example.com + + [DHCP] + UseMTU=true + UseDomains=true + UseNTP=false ``` -## Automating with cloud-config +[systemd.network]: http://www.freedesktop.org/software/systemd/man/systemd.network.html +[timesyncd.conf]: http://www.freedesktop.org/software/systemd/man/timesyncd.conf.html + + +## Switching between systemd-timesyncd and ntpd + +On CoreOS 681.0.0 or later, you can switch from *timesyncd* back +to *ntpd* with the following commands: + +``` +$ sudo systemctl stop systemd-timesyncd +$ sudo systemctl mask systemd-timesyncd +$ sudo systemctl enable ntpd +$ sudo systemctl start ntpd +``` -The following cloud-config snippet can be used setup and configure NTP and timezone settings: +or with this cloud-config snippet: ```yaml #cloud-config - coreos: units: - - name: settimezone.service + - name: systemd-timesyncd.service + command: stop + mask: true + - name: ntpd.service command: start - content: | - [Unit] - Description=Set the timezone + enable: true +``` - [Service] - ExecStart=/usr/bin/timedatectl set-timezone America/New_York - RemainAfterExit=yes - Type=oneshot -write_files: +Because timesyncd and ntpd are mutually exclusive, it's important to `mask` +the `stop`ped service. `Systemctl disable` or `stop` alone will not prevent a +default service from starting again. + +### Configuring *ntpd* + +The *ntpd* service reads all configuration from the file `/etc/ntp.conf`. It +does not use DHCP or other configuration sources. To use a +different set of NTP servers, replace the `/etc/ntp.conf` symlink with +something like the following: + +``` +server 0.pool.example.com +server 1.pool.example.com + +restrict default nomodify nopeer noquery limited kod +restrict 127.0.0.1 +restrict [::1] +``` + +Or, in cloud-config: + +```yaml +#cloud-config +coreos: + write_files: - path: /etc/ntp.conf content: | server 0.pool.example.com @@ -198,8 +217,29 @@ write_files: restrict default nomodify nopeer noquery limited kod restrict 127.0.0.1 restrict [::1] - - path: /etc/systemd/timesyncd.conf - content: | - [Time] - NTP=0.pool.example.com 1.pool.example.com +``` + + +## CoreOS Recommendations + +### What time zone should I use? + +To avoid time zone confusion and the complexities of adjusting clocks for +daylight saving time, we recommend that all machines in a CoreOS cluster use +Coordinated Universal Time (UTC). This is the default. + +``` +$ sudo timedatectl set-timezone UTC +``` + +### Which NTP servers should I sync against? + +Unless you have a highly reliable and precise time server pool, +you should stick with the default NTP servers from the ntp.org server pool. + +``` +server 0.coreos.pool.ntp.org +server 1.coreos.pool.ntp.org +server 2.coreos.pool.ntp.org +server 3.coreos.pool.ntp.org ``` From 52d23a73dbb40d1d1e1793a6ce1a4221ecfb4209 Mon Sep 17 00:00:00 2001 From: Joshua Wood Date: Wed, 22 Jul 2015 15:57:31 -0500 Subject: [PATCH 0523/1291] Correct erroneous duplication of a [DHCP] block in example timesyncd.conf. You don't set DHCP systemd/network/ options in timesyncd.conf. --- os/configuring-date-and-timezone.md | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) diff --git a/os/configuring-date-and-timezone.md b/os/configuring-date-and-timezone.md index 4a2817333..740ec506e 100644 --- a/os/configuring-date-and-timezone.md +++ b/os/configuring-date-and-timezone.md @@ -117,11 +117,12 @@ $ sudo systemctl status systemd-timesyncd ntpd ## Changing NTP time sources *Systemd-timesyncd* can discover NTP servers from DHCP, individual -[network][systemd.network] configs, [timesyncd.conf][timesyncd.conf], or use -the built-in `*.coreos.pool.ntp.org` pool. +[network][systemd.network] configs, the file [timesyncd.conf][timesyncd.conf], +or the default `*.coreos.pool.ntp.org` pool. -For example, to disable the default behavior of using NTP servers from DHCP, -write the following to `/etc/systemd/network/50-dhcp-no-ntp.conf`: +The default behavior uses NTP servers provided by DHCP. To disable this, write +a configuration listing your preferred NTP servers into the file +`/etc/systemd/network/50-dhcp-no-ntp.conf`: ```ini [Network] @@ -134,7 +135,7 @@ UseDomains=true UseNTP=false ``` -The same can be accomplished with a snippet in cloud-config like: +NTP time sources can be set with a snippet in cloud-config like: ```yaml #cloud-config @@ -144,11 +145,6 @@ coreos: content: | [Time] NTP=0.pool.example.com 1.pool.example.com - - [DHCP] - UseMTU=true - UseDomains=true - UseNTP=false ``` [systemd.network]: http://www.freedesktop.org/software/systemd/man/systemd.network.html From b92903267f895297fe684829d2557b5a0f1368a4 Mon Sep 17 00:00:00 2001 From: Joshua Wood Date: Wed, 22 Jul 2015 16:10:36 -0500 Subject: [PATCH 0524/1291] Correct typo with clearer sentence. --- os/configuring-date-and-timezone.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/os/configuring-date-and-timezone.md b/os/configuring-date-and-timezone.md index 740ec506e..ae09b1859 100644 --- a/os/configuring-date-and-timezone.md +++ b/os/configuring-date-and-timezone.md @@ -91,7 +91,7 @@ CoreOS clusters use NTP to synchronize the clocks of member nodes, and all machines start an NTP client at boot. CoreOS versions later than [681.0.0][681.0.0] use [*systemd-timesyncd*(8)][systemd-timesyncd] as the default NTP client. Earlier versions used [*ntpd*(8)][ntp.org]. To check which -service is active, run the follow command: +service is active, use *systemctl* to check the status of both: ``` $ sudo systemctl status systemd-timesyncd ntpd From 9dec6e6db599e4036b1df0e220af14216bfb93c7 Mon Sep 17 00:00:00 2001 From: Joshua Wood Date: Wed, 22 Jul 2015 16:17:19 -0500 Subject: [PATCH 0525/1291] Tune sentence again. --- os/configuring-date-and-timezone.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/os/configuring-date-and-timezone.md b/os/configuring-date-and-timezone.md index ae09b1859..098c0d479 100644 --- a/os/configuring-date-and-timezone.md +++ b/os/configuring-date-and-timezone.md @@ -90,11 +90,11 @@ coreos: CoreOS clusters use NTP to synchronize the clocks of member nodes, and all machines start an NTP client at boot. CoreOS versions later than [681.0.0][681.0.0] use [*systemd-timesyncd*(8)][systemd-timesyncd] as the -default NTP client. Earlier versions used [*ntpd*(8)][ntp.org]. To check which -service is active, use *systemctl* to check the status of both: +default NTP client. Earlier versions used [*ntpd*(8)][ntp.org]. Use *systemctl* +to check which service is running: ``` -$ sudo systemctl status systemd-timesyncd ntpd +$ systemctl status systemd-timesyncd ntpd ● systemd-timesyncd.service - Network Time Synchronization Loaded: loaded (/usr/lib64/systemd/system/systemd-timesyncd.service; disabled; vendor preset: disabled) Active: active (running) since Thu 2015-05-14 05:43:20 UTC; 5 days ago From 74f39e458880761442ff7b9ac3629b07925727f7 Mon Sep 17 00:00:00 2001 From: Joshua Wood Date: Wed, 22 Jul 2015 16:20:18 -0500 Subject: [PATCH 0526/1291] Convention in this file is timezone, no space. TODO: Determine existing/desired docs-wide convention for this and other compound words. --- os/configuring-date-and-timezone.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/os/configuring-date-and-timezone.md b/os/configuring-date-and-timezone.md index 098c0d479..239c8c7b9 100644 --- a/os/configuring-date-and-timezone.md +++ b/os/configuring-date-and-timezone.md @@ -27,7 +27,7 @@ NTP synchronized: yes ### Changing the timezone -Start by listing the available time zones: +Start by listing the available timezones: ``` $ timedatectl list-timezones From 67f853759c9cb1f9dce1cee1312e433c36511562 Mon Sep 17 00:00:00 2001 From: Joshua Wood Date: Wed, 22 Jul 2015 17:11:04 -0500 Subject: [PATCH 0527/1291] Less idiomatic sentence x2. --- os/configuring-date-and-timezone.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/os/configuring-date-and-timezone.md b/os/configuring-date-and-timezone.md index 239c8c7b9..39ab88c82 100644 --- a/os/configuring-date-and-timezone.md +++ b/os/configuring-date-and-timezone.md @@ -135,7 +135,7 @@ UseDomains=true UseNTP=false ``` -NTP time sources can be set with a snippet in cloud-config like: +NTP time sources can be set in `timesyncd.conf` with a cloud-config snippet like: ```yaml #cloud-config @@ -230,8 +230,8 @@ $ sudo timedatectl set-timezone UTC ### Which NTP servers should I sync against? -Unless you have a highly reliable and precise time server pool, -you should stick with the default NTP servers from the ntp.org server pool. +Unless you have a highly reliable and precise time server pool, use the default +CoreOS NTP servers: ``` server 0.coreos.pool.ntp.org From d3b0d1cfc1a27fdd83738413eaae1b29ca053cd2 Mon Sep 17 00:00:00 2001 From: Joshua Wood Date: Wed, 22 Jul 2015 17:18:05 -0500 Subject: [PATCH 0528/1291] Timezone for commands, time zone for English. (Consistency. Forked rev had both forms.) --- os/configuring-date-and-timezone.md | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/os/configuring-date-and-timezone.md b/os/configuring-date-and-timezone.md index 39ab88c82..942ef95e4 100644 --- a/os/configuring-date-and-timezone.md +++ b/os/configuring-date-and-timezone.md @@ -1,6 +1,6 @@ -# Configuring Date and Timezone +# Configuring Date and Time Zone -By default, CoreOS machines keep time in the UTC timezone and synchronize +By default, CoreOS machines keep time in the UTC time zone and synchronize their clocks with NTP. This page contains information about customizing those defaults to meet site requirements, explains the change in NTP client daemons in recent CoreOS versions, and offers advice on best practices for @@ -8,7 +8,7 @@ timekeeping in a CoreOS cluster. ## Viewing and changing date and time settings with *timedatectl* -The [*timedatectl*(1)][timedatectl] command displays and sets the timezone +The [*timedatectl*(1)][timedatectl] command displays and sets the time zone and current time. ### Show the date, time, and zone: @@ -25,9 +25,9 @@ NTP synchronized: yes DST active: n/a ``` -### Changing the timezone +### Changing the time zone -Start by listing the available timezones: +Start by listing the available time zones: ``` $ timedatectl list-timezones @@ -37,7 +37,7 @@ Africa/Addis_Ababa … ``` -Pick a timezone from the list and set it: +Pick a time zone from the list and set it: ``` $ sudo timedatectl set-timezone America/New_York @@ -63,7 +63,7 @@ NTP synchronized: yes Sun 2014-11-02 01:00:00 EST ``` -Timezone may instead be set in cloud-config, with something like the following +Time zone may instead be set in cloud-config, with something like the following excerpt: ```yaml @@ -74,7 +74,7 @@ coreos: command: start content: | [Unit] - Description=Set the timezone + Description=Set the time zone [Service] ExecStart=/usr/bin/timedatectl set-timezone America/New_York @@ -218,7 +218,7 @@ coreos: ## CoreOS Recommendations -### What time zone should I use? +### Time zone simplicity To avoid time zone confusion and the complexities of adjusting clocks for daylight saving time, we recommend that all machines in a CoreOS cluster use @@ -228,7 +228,7 @@ Coordinated Universal Time (UTC). This is the default. $ sudo timedatectl set-timezone UTC ``` -### Which NTP servers should I sync against? +### Which NTP servers should I synchronize with? Unless you have a highly reliable and precise time server pool, use the default CoreOS NTP servers: From 4e85338cad6182bb34a37d4c85d8e33f81239bfe Mon Sep 17 00:00:00 2001 From: Joshua Wood Date: Wed, 22 Jul 2015 17:28:10 -0500 Subject: [PATCH 0529/1291] Expand acronyms on first appearance rather than later (UTC, NTP). --- os/configuring-date-and-timezone.md | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/os/configuring-date-and-timezone.md b/os/configuring-date-and-timezone.md index 942ef95e4..334d70eb8 100644 --- a/os/configuring-date-and-timezone.md +++ b/os/configuring-date-and-timezone.md @@ -1,10 +1,11 @@ # Configuring Date and Time Zone -By default, CoreOS machines keep time in the UTC time zone and synchronize -their clocks with NTP. This page contains information about customizing -those defaults to meet site requirements, explains the change in NTP client -daemons in recent CoreOS versions, and offers advice on best practices for -timekeeping in a CoreOS cluster. +By default, CoreOS machines keep time in the Coordinated Universal Time (UTC) +zone and synchronize their clocks with the Network Time Protocol (NTP). +This page contains information about customizing those defaults to meet site +requirements, explains the change in NTP client daemons in recent CoreOS +versions, and offers advice on best practices for timekeeping in CoreOS +clusters. ## Viewing and changing date and time settings with *timedatectl* @@ -221,8 +222,8 @@ coreos: ### Time zone simplicity To avoid time zone confusion and the complexities of adjusting clocks for -daylight saving time, we recommend that all machines in a CoreOS cluster use -Coordinated Universal Time (UTC). This is the default. +daylight saving time (or not) in accordance with regional custom, we recommend +that all machines in CoreOS clusters use UTC. This is the default time zone. ``` $ sudo timedatectl set-timezone UTC From bdbfe4ea27ff4db772e8679960bd2083ddb4f755 Mon Sep 17 00:00:00 2001 From: Joshua Wood Date: Wed, 22 Jul 2015 17:43:32 -0500 Subject: [PATCH 0530/1291] Move Recommendations from EOF to be local to their topics. --- os/configuring-date-and-timezone.md | 54 ++++++++++++++--------------- 1 file changed, 26 insertions(+), 28 deletions(-) diff --git a/os/configuring-date-and-timezone.md b/os/configuring-date-and-timezone.md index 334d70eb8..b1ca0d2ec 100644 --- a/os/configuring-date-and-timezone.md +++ b/os/configuring-date-and-timezone.md @@ -12,7 +12,7 @@ clusters. The [*timedatectl*(1)][timedatectl] command displays and sets the time zone and current time. -### Show the date, time, and zone: +### Show the date, time, and time zone: ``` $ timedatectl status @@ -26,9 +26,20 @@ NTP synchronized: yes DST active: n/a ``` +### *CoreOS Recommends: UTC time* +To avoid time zone confusion and the complexities of adjusting clocks for +daylight saving time (or not) in accordance with regional custom, we recommend +that all machines in CoreOS clusters use UTC. This is the default time zone. To +reset a machine to this default: + +``` +$ sudo timedatectl set-timezone UTC +``` + ### Changing the time zone -Start by listing the available time zones: +If your site or application requires a different system time zone, start by +listing the available time zones: ``` $ timedatectl list-timezones @@ -115,7 +126,19 @@ $ systemctl status systemd-timesyncd ntpd [ntp.org]: http://ntp.org/ [systemd-timesyncd]: http://www.freedesktop.org/software/systemd/man/systemd-timesyncd.service.html -## Changing NTP time sources +### CoreOS Recommends: CoreOS NTP pool + +Unless you have a highly reliable and precise time server pool, use the default +CoreOS NTP servers: + +``` +server 0.coreos.pool.ntp.org +server 1.coreos.pool.ntp.org +server 2.coreos.pool.ntp.org +server 3.coreos.pool.ntp.org +``` + +### Changing NTP time sources *Systemd-timesyncd* can discover NTP servers from DHCP, individual [network][systemd.network] configs, the file [timesyncd.conf][timesyncd.conf], @@ -215,28 +238,3 @@ coreos: restrict 127.0.0.1 restrict [::1] ``` - - -## CoreOS Recommendations - -### Time zone simplicity - -To avoid time zone confusion and the complexities of adjusting clocks for -daylight saving time (or not) in accordance with regional custom, we recommend -that all machines in CoreOS clusters use UTC. This is the default time zone. - -``` -$ sudo timedatectl set-timezone UTC -``` - -### Which NTP servers should I synchronize with? - -Unless you have a highly reliable and precise time server pool, use the default -CoreOS NTP servers: - -``` -server 0.coreos.pool.ntp.org -server 1.coreos.pool.ntp.org -server 2.coreos.pool.ntp.org -server 3.coreos.pool.ntp.org -``` From e6010387629c859c27c4484ea03a0773199a3c42 Mon Sep 17 00:00:00 2001 From: Joshua Wood Date: Wed, 22 Jul 2015 17:46:18 -0500 Subject: [PATCH 0531/1291] Excise repetitive phrase. --- os/configuring-date-and-timezone.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/os/configuring-date-and-timezone.md b/os/configuring-date-and-timezone.md index b1ca0d2ec..cb37a7d19 100644 --- a/os/configuring-date-and-timezone.md +++ b/os/configuring-date-and-timezone.md @@ -39,7 +39,7 @@ $ sudo timedatectl set-timezone UTC ### Changing the time zone If your site or application requires a different system time zone, start by -listing the available time zones: +listing the available options: ``` $ timedatectl list-timezones From 563bacc587bc7b5af64de1e23e64f89de6fd59ec Mon Sep 17 00:00:00 2001 From: Joshua Wood Date: Wed, 22 Jul 2015 17:48:03 -0500 Subject: [PATCH 0532/1291] Italicize consistently. --- os/configuring-date-and-timezone.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/os/configuring-date-and-timezone.md b/os/configuring-date-and-timezone.md index cb37a7d19..d984f65eb 100644 --- a/os/configuring-date-and-timezone.md +++ b/os/configuring-date-and-timezone.md @@ -126,7 +126,7 @@ $ systemctl status systemd-timesyncd ntpd [ntp.org]: http://ntp.org/ [systemd-timesyncd]: http://www.freedesktop.org/software/systemd/man/systemd-timesyncd.service.html -### CoreOS Recommends: CoreOS NTP pool +### *CoreOS Recommends: CoreOS NTP pool* Unless you have a highly reliable and precise time server pool, use the default CoreOS NTP servers: From 5619301cae2168a148940a7e2f1e2a3506086586 Mon Sep 17 00:00:00 2001 From: Joshua Wood Date: Wed, 22 Jul 2015 18:40:56 -0500 Subject: [PATCH 0533/1291] Make NTP recommend'n more complete for the common cloud provider case. --- os/configuring-date-and-timezone.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/os/configuring-date-and-timezone.md b/os/configuring-date-and-timezone.md index d984f65eb..857c25765 100644 --- a/os/configuring-date-and-timezone.md +++ b/os/configuring-date-and-timezone.md @@ -126,10 +126,10 @@ $ systemctl status systemd-timesyncd ntpd [ntp.org]: http://ntp.org/ [systemd-timesyncd]: http://www.freedesktop.org/software/systemd/man/systemd-timesyncd.service.html -### *CoreOS Recommends: CoreOS NTP pool* +### *CoreOS Recommends: NTP sources* -Unless you have a highly reliable and precise time server pool, use the default -CoreOS NTP servers: +Unless you have a highly reliable and precise time server pool, use your cloud +provider's NTP source, or, on bare metal, the default CoreOS NTP servers: ``` server 0.coreos.pool.ntp.org From 738ebdd445626b688353de5629c5c5c1d1ec5bf2 Mon Sep 17 00:00:00 2001 From: Joshua Wood Date: Wed, 22 Jul 2015 18:44:07 -0500 Subject: [PATCH 0534/1291] Simplify language of Recommendations headings. --- os/configuring-date-and-timezone.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/os/configuring-date-and-timezone.md b/os/configuring-date-and-timezone.md index 857c25765..ba96f3269 100644 --- a/os/configuring-date-and-timezone.md +++ b/os/configuring-date-and-timezone.md @@ -26,7 +26,7 @@ NTP synchronized: yes DST active: n/a ``` -### *CoreOS Recommends: UTC time* +### Recommended: UTC time To avoid time zone confusion and the complexities of adjusting clocks for daylight saving time (or not) in accordance with regional custom, we recommend that all machines in CoreOS clusters use UTC. This is the default time zone. To @@ -126,7 +126,7 @@ $ systemctl status systemd-timesyncd ntpd [ntp.org]: http://ntp.org/ [systemd-timesyncd]: http://www.freedesktop.org/software/systemd/man/systemd-timesyncd.service.html -### *CoreOS Recommends: NTP sources* +### Recommended NTP sources Unless you have a highly reliable and precise time server pool, use your cloud provider's NTP source, or, on bare metal, the default CoreOS NTP servers: From 5a399254ecae45d43daa022b38667f76bfb5089b Mon Sep 17 00:00:00 2001 From: Joshua Wood Date: Wed, 22 Jul 2015 20:23:49 -0500 Subject: [PATCH 0535/1291] Apply mono style to verbatim strings AND cmds. After Go lang docs style. --- os/configuring-date-and-timezone.md | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/os/configuring-date-and-timezone.md b/os/configuring-date-and-timezone.md index ba96f3269..edec32fdc 100644 --- a/os/configuring-date-and-timezone.md +++ b/os/configuring-date-and-timezone.md @@ -7,9 +7,9 @@ requirements, explains the change in NTP client daemons in recent CoreOS versions, and offers advice on best practices for timekeeping in CoreOS clusters. -## Viewing and changing date and time settings with *timedatectl* +## Viewing and changing date and time settings with `timedatectl` -The [*timedatectl*(1)][timedatectl] command displays and sets the time zone +The [`timedatectl`(1)][timedatectl] command displays and sets the time zone and current time. ### Show the date, time, and time zone: @@ -101,8 +101,8 @@ coreos: CoreOS clusters use NTP to synchronize the clocks of member nodes, and all machines start an NTP client at boot. CoreOS versions later than -[681.0.0][681.0.0] use [*systemd-timesyncd*(8)][systemd-timesyncd] as the -default NTP client. Earlier versions used [*ntpd*(8)][ntp.org]. Use *systemctl* +[681.0.0][681.0.0] use [`systemd-timesyncd`(8)][systemd-timesyncd] as the +default NTP client. Earlier versions used [`ntpd`(8)][ntp.org]. Use `systemctl` to check which service is running: ``` @@ -140,8 +140,8 @@ server 3.coreos.pool.ntp.org ### Changing NTP time sources -*Systemd-timesyncd* can discover NTP servers from DHCP, individual -[network][systemd.network] configs, the file [timesyncd.conf][timesyncd.conf], +`Systemd-timesyncd` can discover NTP servers from DHCP, individual +[network][systemd.network] configs, the file [`timesyncd.conf`][timesyncd.conf], or the default `*.coreos.pool.ntp.org` pool. The default behavior uses NTP servers provided by DHCP. To disable this, write @@ -175,10 +175,10 @@ coreos: [timesyncd.conf]: http://www.freedesktop.org/software/systemd/man/timesyncd.conf.html -## Switching between systemd-timesyncd and ntpd +## Switching between `systemd-timesyncd` and `ntpd` -On CoreOS 681.0.0 or later, you can switch from *timesyncd* back -to *ntpd* with the following commands: +On CoreOS 681.0.0 or later, you can switch from `timesyncd` back +to `ntpd` with the following commands: ``` $ sudo systemctl stop systemd-timesyncd @@ -201,13 +201,13 @@ coreos: enable: true ``` -Because timesyncd and ntpd are mutually exclusive, it's important to `mask` +Because `timesyncd` and `ntpd` are mutually exclusive, it's important to `mask` the `stop`ped service. `Systemctl disable` or `stop` alone will not prevent a default service from starting again. -### Configuring *ntpd* +### Configuring `ntpd` -The *ntpd* service reads all configuration from the file `/etc/ntp.conf`. It +The `ntpd` service reads all configuration from the file `/etc/ntp.conf`. It does not use DHCP or other configuration sources. To use a different set of NTP servers, replace the `/etc/ntp.conf` symlink with something like the following: From 0034a3e7858716f8da72b81b8d0bf373f10b4d15 Mon Sep 17 00:00:00 2001 From: Joshua Wood Date: Wed, 22 Jul 2015 20:27:29 -0500 Subject: [PATCH 0536/1291] Man(1) reference () part is verbatim text. --- os/configuring-date-and-timezone.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/os/configuring-date-and-timezone.md b/os/configuring-date-and-timezone.md index edec32fdc..50cc8814f 100644 --- a/os/configuring-date-and-timezone.md +++ b/os/configuring-date-and-timezone.md @@ -9,7 +9,7 @@ clusters. ## Viewing and changing date and time settings with `timedatectl` -The [`timedatectl`(1)][timedatectl] command displays and sets the time zone +The [`timedatectl(1)`][timedatectl] command displays and sets the time zone and current time. ### Show the date, time, and time zone: @@ -101,8 +101,8 @@ coreos: CoreOS clusters use NTP to synchronize the clocks of member nodes, and all machines start an NTP client at boot. CoreOS versions later than -[681.0.0][681.0.0] use [`systemd-timesyncd`(8)][systemd-timesyncd] as the -default NTP client. Earlier versions used [`ntpd`(8)][ntp.org]. Use `systemctl` +[681.0.0][681.0.0] use [`systemd-timesyncd(8)`][systemd-timesyncd] as the +default NTP client. Earlier versions used [`ntpd(8)`][ntp.org]. Use `systemctl` to check which service is running: ``` From 441be5099c35b02955104d841b2a931a091d8a8c Mon Sep 17 00:00:00 2001 From: Joshua Wood Date: Wed, 22 Jul 2015 20:30:25 -0500 Subject: [PATCH 0537/1291] Shorten heading. --- os/configuring-date-and-timezone.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/os/configuring-date-and-timezone.md b/os/configuring-date-and-timezone.md index 50cc8814f..b74c2ca63 100644 --- a/os/configuring-date-and-timezone.md +++ b/os/configuring-date-and-timezone.md @@ -7,7 +7,7 @@ requirements, explains the change in NTP client daemons in recent CoreOS versions, and offers advice on best practices for timekeeping in CoreOS clusters. -## Viewing and changing date and time settings with `timedatectl` +## Viewing and changing time and date with `timedatectl` The [`timedatectl(1)`][timedatectl] command displays and sets the time zone and current time. From 99a500237d4e0a8927531a6adf346a1a5b1911d4 Mon Sep 17 00:00:00 2001 From: Joshua Wood Date: Wed, 22 Jul 2015 20:49:12 -0500 Subject: [PATCH 0538/1291] Tune prose. --- os/configuring-date-and-timezone.md | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/os/configuring-date-and-timezone.md b/os/configuring-date-and-timezone.md index b74c2ca63..3bab65d60 100644 --- a/os/configuring-date-and-timezone.md +++ b/os/configuring-date-and-timezone.md @@ -2,17 +2,14 @@ By default, CoreOS machines keep time in the Coordinated Universal Time (UTC) zone and synchronize their clocks with the Network Time Protocol (NTP). -This page contains information about customizing those defaults to meet site -requirements, explains the change in NTP client daemons in recent CoreOS -versions, and offers advice on best practices for timekeeping in CoreOS -clusters. +This page contains information about customizing those defaults, explains +the change in NTP client daemons in recent CoreOS versions, and offers advice +on best practices for timekeeping in CoreOS clusters. ## Viewing and changing time and date with `timedatectl` -The [`timedatectl(1)`][timedatectl] command displays and sets the time zone -and current time. - -### Show the date, time, and time zone: +The [`timedatectl(1)`][timedatectl] command displays and sets the date, time, +and time zone. ``` $ timedatectl status From 768bf843b8b3ccd604dc53f97c2d11a1d3b75940 Mon Sep 17 00:00:00 2001 From: Joshua Wood Date: Wed, 22 Jul 2015 20:56:59 -0500 Subject: [PATCH 0539/1291] Move markdown footnote links definitions to one group before EOF. If link definitions should be close to their reference, perhaps the inline markdown form []() used in other docs/*.md would work? Should probably establish an arbitrary preference for one or the other in the docs/ repo. This file's markdown used reference style links, so adopted for this PR. --- os/configuring-date-and-timezone.md | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/os/configuring-date-and-timezone.md b/os/configuring-date-and-timezone.md index 3bab65d60..ee27af790 100644 --- a/os/configuring-date-and-timezone.md +++ b/os/configuring-date-and-timezone.md @@ -91,8 +91,6 @@ coreos: Type=oneshot ``` -[timedatectl]: http://www.freedesktop.org/software/systemd/man/timedatectl.html - ## Time synchronization @@ -119,10 +117,6 @@ $ systemctl status systemd-timesyncd ntpd Active: inactive (dead) ``` -[681.0.0]: https://coreos.com/releases/#681.0.0 -[ntp.org]: http://ntp.org/ -[systemd-timesyncd]: http://www.freedesktop.org/software/systemd/man/systemd-timesyncd.service.html - ### Recommended NTP sources Unless you have a highly reliable and precise time server pool, use your cloud @@ -168,9 +162,6 @@ coreos: NTP=0.pool.example.com 1.pool.example.com ``` -[systemd.network]: http://www.freedesktop.org/software/systemd/man/systemd.network.html -[timesyncd.conf]: http://www.freedesktop.org/software/systemd/man/timesyncd.conf.html - ## Switching between `systemd-timesyncd` and `ntpd` @@ -235,3 +226,10 @@ coreos: restrict 127.0.0.1 restrict [::1] ``` + +[timedatectl]: http://www.freedesktop.org/software/systemd/man/timedatectl.html +[681.0.0]: https://coreos.com/releases/#681.0.0 +[ntp.org]: http://ntp.org/ +[systemd-timesyncd]: http://www.freedesktop.org/software/systemd/man/systemd-timesyncd.service.html +[systemd.network]: http://www.freedesktop.org/software/systemd/man/systemd.network.html +[timesyncd.conf]: http://www.freedesktop.org/software/systemd/man/timesyncd.conf.html From d3b2fc9065bb124de80e33f03a2a4aa8a39278bb Mon Sep 17 00:00:00 2001 From: Joshua Wood Date: Wed, 22 Jul 2015 21:54:07 -0500 Subject: [PATCH 0540/1291] Add reload to ntp config example. (RE: 533 bullet 2) --- os/configuring-date-and-timezone.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/os/configuring-date-and-timezone.md b/os/configuring-date-and-timezone.md index ee27af790..4082a6839 100644 --- a/os/configuring-date-and-timezone.md +++ b/os/configuring-date-and-timezone.md @@ -209,6 +209,12 @@ restrict 127.0.0.1 restrict [::1] ``` +Then reload the `ntpd` configuration: + +``` +$ sudo systemctl reload ntpd +``` + Or, in cloud-config: ```yaml From 05226fc532905f48055fbd2498d1863d21d47dfb Mon Sep 17 00:00:00 2001 From: Joshua Wood Date: Wed, 22 Jul 2015 21:58:33 -0500 Subject: [PATCH 0541/1291] Add networkd restart to timesyncd no-DHCP example. (RE: 533 bullet 2) --- os/configuring-date-and-timezone.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/os/configuring-date-and-timezone.md b/os/configuring-date-and-timezone.md index 4082a6839..c3d65e724 100644 --- a/os/configuring-date-and-timezone.md +++ b/os/configuring-date-and-timezone.md @@ -150,6 +150,12 @@ UseDomains=true UseNTP=false ``` +Then restart the network daemon: + +``` +$ sudo systemctl restart systemd-networkd +``` + NTP time sources can be set in `timesyncd.conf` with a cloud-config snippet like: ```yaml From 625aaa4e1019f8d247a4514c73dadf9bfcb32557 Mon Sep 17 00:00:00 2001 From: Joshua Wood Date: Wed, 22 Jul 2015 21:59:54 -0500 Subject: [PATCH 0542/1291] Tweak. --- os/configuring-date-and-timezone.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/os/configuring-date-and-timezone.md b/os/configuring-date-and-timezone.md index c3d65e724..a5607a0fb 100644 --- a/os/configuring-date-and-timezone.md +++ b/os/configuring-date-and-timezone.md @@ -215,7 +215,7 @@ restrict 127.0.0.1 restrict [::1] ``` -Then reload the `ntpd` configuration: +Then ask `ntpd` to reload its configuration: ``` $ sudo systemctl reload ntpd From 69fb94e1f065525b76f599daa9378ad2cda86eda Mon Sep 17 00:00:00 2001 From: Joshua Wood Date: Wed, 22 Jul 2015 22:05:30 -0500 Subject: [PATCH 0543/1291] Remove ntp.conf-specific keyword. List of coreos ntp srvs applies to both ntp clients. --- os/configuring-date-and-timezone.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/os/configuring-date-and-timezone.md b/os/configuring-date-and-timezone.md index a5607a0fb..9376e5e1b 100644 --- a/os/configuring-date-and-timezone.md +++ b/os/configuring-date-and-timezone.md @@ -123,10 +123,10 @@ Unless you have a highly reliable and precise time server pool, use your cloud provider's NTP source, or, on bare metal, the default CoreOS NTP servers: ``` -server 0.coreos.pool.ntp.org -server 1.coreos.pool.ntp.org -server 2.coreos.pool.ntp.org -server 3.coreos.pool.ntp.org +0.coreos.pool.ntp.org +1.coreos.pool.ntp.org +2.coreos.pool.ntp.org +3.coreos.pool.ntp.org ``` ### Changing NTP time sources From 820d20011a4a3a8fceb2c0e9fee29a0ddaf5750f Mon Sep 17 00:00:00 2001 From: Joshua Wood Date: Wed, 22 Jul 2015 22:13:10 -0500 Subject: [PATCH 0544/1291] Shorter heading, specifics move to graph1 line1. --- os/configuring-date-and-timezone.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/os/configuring-date-and-timezone.md b/os/configuring-date-and-timezone.md index 9376e5e1b..62fb08251 100644 --- a/os/configuring-date-and-timezone.md +++ b/os/configuring-date-and-timezone.md @@ -169,9 +169,9 @@ coreos: ``` -## Switching between `systemd-timesyncd` and `ntpd` +## Switching between `timesyncd` and `ntpd` -On CoreOS 681.0.0 or later, you can switch from `timesyncd` back +On CoreOS 681.0.0 or later, you can switch from `systemd-timesyncd` back to `ntpd` with the following commands: ``` From 50ec92152415cd5cd888e892edb48ae0dcb88846 Mon Sep 17 00:00:00 2001 From: Joshua Wood Date: Wed, 22 Jul 2015 22:53:48 -0500 Subject: [PATCH 0545/1291] Title Case --- os/configuring-date-and-timezone.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/os/configuring-date-and-timezone.md b/os/configuring-date-and-timezone.md index 62fb08251..013bdc032 100644 --- a/os/configuring-date-and-timezone.md +++ b/os/configuring-date-and-timezone.md @@ -6,7 +6,7 @@ This page contains information about customizing those defaults, explains the change in NTP client daemons in recent CoreOS versions, and offers advice on best practices for timekeeping in CoreOS clusters. -## Viewing and changing time and date with `timedatectl` +## Viewing and Changing Time and Date The [`timedatectl(1)`][timedatectl] command displays and sets the date, time, and time zone. @@ -23,7 +23,7 @@ NTP synchronized: yes DST active: n/a ``` -### Recommended: UTC time +### Recommended: UTC Time To avoid time zone confusion and the complexities of adjusting clocks for daylight saving time (or not) in accordance with regional custom, we recommend that all machines in CoreOS clusters use UTC. This is the default time zone. To @@ -33,7 +33,7 @@ reset a machine to this default: $ sudo timedatectl set-timezone UTC ``` -### Changing the time zone +### Changing the Time Zone If your site or application requires a different system time zone, start by listing the available options: @@ -92,7 +92,7 @@ coreos: ``` -## Time synchronization +## Time Synchronization CoreOS clusters use NTP to synchronize the clocks of member nodes, and all machines start an NTP client at boot. CoreOS versions later than @@ -117,7 +117,7 @@ $ systemctl status systemd-timesyncd ntpd Active: inactive (dead) ``` -### Recommended NTP sources +### Recommended NTP Sources Unless you have a highly reliable and precise time server pool, use your cloud provider's NTP source, or, on bare metal, the default CoreOS NTP servers: @@ -129,7 +129,7 @@ provider's NTP source, or, on bare metal, the default CoreOS NTP servers: 3.coreos.pool.ntp.org ``` -### Changing NTP time sources +### Changing NTP Time Sources `Systemd-timesyncd` can discover NTP servers from DHCP, individual [network][systemd.network] configs, the file [`timesyncd.conf`][timesyncd.conf], @@ -169,7 +169,7 @@ coreos: ``` -## Switching between `timesyncd` and `ntpd` +## Switching from `timesyncd` to `ntpd` On CoreOS 681.0.0 or later, you can switch from `systemd-timesyncd` back to `ntpd` with the following commands: From 6968803296328820ab3a592b543f7ba1836f4d0c Mon Sep 17 00:00:00 2001 From: kayrus Date: Fri, 17 Jul 2015 16:25:55 +0200 Subject: [PATCH 0546/1291] Added systemd timers doc --- os/scheduling-tasks-with-systemd-timers.md | 71 ++++++++++++++++++++++ 1 file changed, 71 insertions(+) create mode 100644 os/scheduling-tasks-with-systemd-timers.md diff --git a/os/scheduling-tasks-with-systemd-timers.md b/os/scheduling-tasks-with-systemd-timers.md new file mode 100644 index 000000000..24033c431 --- /dev/null +++ b/os/scheduling-tasks-with-systemd-timers.md @@ -0,0 +1,71 @@ +# Scheduling Tasks with systemd Timers + +CoreOS uses systemd timers (`cron` replacement) to schedule tasks. Here we will show you how you can schedule a periodic job. + +Let's create an alternative for this `crontab` job: + +``` +*/10 * * * * /usr/bin/date >> /tmp/date +``` + +Timers work directly with services' units. So we have to create `/etc/systemd/system/date.service` first: + +``` +[Unit] +Description=Prints date into /tmp/date file + +[Service] +Type=oneshot +ExecStart=/usr/bin/sh -c '/usr/bin/date >> /tmp/date' +``` + +Then we have to create timer unit with the same name but with `*.timer` suffix `/etc/systemd/system/date.timer`: + +``` +[Unit] +Description=Run date.service every 10 minutes + +[Timer] +OnCalendar=*:0/10 +``` + + + +This config will run `date.service` every 10 minutes. You can also list all timers enabled in your system using `systemctl list-timers` command or `systemctl list-timers --all` to list all timers. Run `systemctl start date.timer` to enable timer. + +You can also create timer with different name, i.e. `task.timer`. In this case you have specify service unit name: + +``` +Unit=date.service +``` + +## Cloud-Config + +Here you can find an example how to install systemd timers using `cloud-config`: + +```yaml +#cloud-config + +coreos: + units: + - name: date.service + content: | + [Unit] + Description=Prints date into /tmp/date file + + [Service] + Type=oneshot + ExecStart=/usr/bin/sh -c '/usr/bin/date >> /tmp/date' + - name: date.timer + command: start + content: | + [Unit] + Description=Run date.service every 10 minutes + + [Timer] + OnCalendar=*:0/10 +``` + +## Further Reading + +If you're interested in more general systemd timers feature, check out the [full documentation](http://www.freedesktop.org/software/systemd/man/systemd.timer.html). From ef30457cfbca9d7e38ec24543814e46b07190573 Mon Sep 17 00:00:00 2001 From: kayrus Date: Fri, 17 Jul 2015 17:12:46 +0200 Subject: [PATCH 0547/1291] Added systemd drop-ins doc --- os/using-systemd-drop-in-units.md | 137 ++++++++++++++++++++++++++++++ 1 file changed, 137 insertions(+) create mode 100644 os/using-systemd-drop-in-units.md diff --git a/os/using-systemd-drop-in-units.md b/os/using-systemd-drop-in-units.md new file mode 100644 index 000000000..d490e10ed --- /dev/null +++ b/os/using-systemd-drop-in-units.md @@ -0,0 +1,137 @@ +# Using systemd Drop-In Units + +There are two methods of overriding default CoreOS settings in unit files: copying the unit file from `/usr/lib64/systemd/system` to `/etc/systemd/system` and modifying the chosen settings. Alternatively, one can create a directory named `unit.d` within `/etc/systemd/system` and place a drop-in file `name.conf` there that only changes the specific settings one is interested in. Note that multiple such drop-in files are read if present. + +The advantage of the first method is that one easily overrides the complete unit, the default CoreOS unit is not parsed at all anymore. It has the disadvantage that improvements to the unit file supplied by CoreOS are not automatically incorporated on updates. + +The advantage of the second method is that one only overrides the settings one specifically wants, where updates to the original CoreOS unit automatically apply. This has the disadvantage that some future CoreOS updates might be incompatible with the local changes, but the risk is much lower. + +Note that for drop-in files, if one wants to remove entries from a setting that is parsed as a list (and is not a dependency), such as `ConditionPathExists=` (or e.g. `ExecStart=` in service units), one needs to first clear the list before re-adding all entries except the one that is to be removed. See below for an example. + +This also applies for user instances of systemd, but with different locations for the unit files. See the section on unit load paths in [official systemd doc](http://www.freedesktop.org/software/systemd/man/systemd.unit.html) for further details. + +## Example: Customizing fleet.service + +Let's review `/usr/lib64/systemd/system/fleet.service` unit (you can find it using this command: `systemctl list-units | grep fleet`) with the following contents: + +``` +[Unit] +Description=fleet daemon + +After=etcd.service +After=etcd2.service + +Wants=fleet.socket +After=fleet.socket + +[Service] +ExecStart=/usr/bin/fleetd +Restart=always +RestartSec=10s +``` + +Let's walk through increasing the `RestartSec` parameter via both methods: + +### Override Only Specific Option + +You can create a drop-in file `/etc/systemd/system/fleet.service.d/10-restart_60s.conf` with the following contents: + +``` +[Service] +RestartSec=60s +``` + +Then reload systemd, scanning for new or changed units: + +```sh +systemctl daemon-reload + +``` + +And restart modified service if necessary (in our example we have changed only `RestartSec` option, but if you want to change environment variables, `ExecStart` or other run options you have to restart service): + +```sh +systemctl restart fleet.service +``` + +Here is how that could be implemented within `cloud-config`: + +```yaml +#cloud-config +coreos: + units: + - name: fleet.service + drop-ins: + - name: 10-restart_60s.conf + content: | + [Service] + RestartSec=60s + command: start +``` + +This change is small and targeted. It is the easiest way to tweak unit's parameters. + +### Override the Whole Unit File + +Another way is to override whole systemd unit. Copy default unit file `/usr/lib64/systemd/system/fleet.service` to `/etc/systemd/system/fleet.service` and change the chosen settings: + +``` +[Unit] +Description=fleet daemon + +After=etcd.service +After=etcd2.service + +Wants=fleet.socket +After=fleet.socket + +[Service] +ExecStart=/usr/bin/fleetd +Restart=always +RestartSec=60s +``` + +`cloud-config` example: + +```yaml +#cloud-config + +coreos: + units: + - name: fleet.service + command: start + content: | + [Unit] + Description=fleet daemon + + After=etcd.service + After=etcd2.service + + Wants=fleet.socket + After=fleet.socket + + [Service] + ExecStart=/usr/bin/fleetd + Restart=always + RestartSec=60s +``` + +### List Drop-Ins + +To see all runtime drop-in changes for system units run the command below: + +```sh +systemd-delta --type=extended +``` + +## Another Examples + +For another real examples, check out these documents: + +[Customizing Docker]({{site.baseurl}}/os/docs/latest/customizing-docker.html#using-a-dockercfg-file-for-authentication) +[Customizing the SSH Daemon]({{site.baseurl}}/os/docs/latest/customizing-sshd.html#changing-the-sshd-port) + +## More Information +systemd.service Docs +systemd.unit Docs +systemd.target Docs From bd76fc3eb31ea700025b7c888323486170775b44 Mon Sep 17 00:00:00 2001 From: kayrus Date: Tue, 28 Jul 2015 09:46:34 +0200 Subject: [PATCH 0548/1291] Fixed etcd2 ports in security group rules for ec2 --- os/booting-on-ec2.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/os/booting-on-ec2.md b/os/booting-on-ec2.md index 419bc287e..bca5a2ece 100644 --- a/os/booting-on-ec2.md +++ b/os/booting-on-ec2.md @@ -211,13 +211,13 @@ If you would like to create multiple clusters you will need to change the "Stack {% for region in site.data.alpha-channel.amis %} {% if region.name == 'us-east-1' %} -**TL;DR:** launch three instances of [{{region.pv}}](https://console.aws.amazon.com/ec2/home?region={{region.name}}#launchAmi={{region.pv}}) in **{{region.name}}** with a security group that has open port 22, 4001, and 7001 and the same "User Data" of each host. SSH uses the `core` user and you have [etcd][etcd-docs] and [docker][docker-docs] to play with. +**TL;DR:** launch three instances of [{{region.pv}}](https://console.aws.amazon.com/ec2/home?region={{region.name}}#launchAmi={{region.pv}}) in **{{region.name}}** with a security group that has open port 22, 2379, 2380, 4001, and 7001 and the same "User Data" of each host. SSH uses the `core` user and you have [etcd][etcd-docs] and [docker][docker-docs] to play with. {% endif %} {% endfor %} ### Creating the security group -You need open port 7001 and 4001 between servers in the `etcd` cluster. Step by step instructions below. +You need open port 2379, 2380, 7001 and 4001 between servers in the `etcd` cluster. Step by step instructions below. _This step is only needed once_ @@ -236,10 +236,10 @@ First we need to create a security group to allow CoreOS instances to communicat * Click: "Add Rule" 5. Add two security group rules for etcd communication * Create a new rule: `Custom TCP rule` - * Port range: 4001 + * Port range: 2379 * Source: type "coreos-testing" until your security group auto-completes. Should be something like "sg-8d4feabc" * Click: "Add Rule" - * Repeat this process for port range 7001 as well + * Repeat this process for port range 2380, 4001 and 7001 as well 6. Click "Apply Rule Changes" [sg]: https://console.aws.amazon.com/ec2/home?region=us-east-1#s=SecurityGroups From e7abdbaf39445a1432e0607ab67864e7934a2dac Mon Sep 17 00:00:00 2001 From: kayrus Date: Tue, 28 Jul 2015 18:19:33 +0200 Subject: [PATCH 0549/1291] Fixed links, formatting --- os/booting-with-ipxe.md | 10 +++++----- os/booting-with-libvirt.md | 8 ++++---- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/os/booting-with-ipxe.md b/os/booting-with-ipxe.md index a496c21f4..451caaa29 100644 --- a/os/booting-with-ipxe.md +++ b/os/booting-with-ipxe.md @@ -104,16 +104,16 @@ Since our upgrade process requires a disk, this image does not have the option t ## Installation -CoreOS can be completely installed on disk or run from RAM but store user data on disk. Read more in our [Installing CoreOS guide]({{site.baseurl}}/docs/running-coreos/bare-metal/booting-with-pxe/#installation). +CoreOS can be completely installed on disk or run from RAM but store user data on disk. Read more in our [Installing CoreOS guide]({{site.baseurl}}/os/docs/latest/booting-with-pxe.html#installation). ## Adding a Custom OEM -Similar to the [OEM partition][oem] in CoreOS disk images, iPXE images can be customized with a [cloud config][cloud-config] bundled in the initramfs. You can view the [instructions on the PXE docs]({{site.baseurl}}/docs/running-coreos/bare-metal/booting-with-pxe/#adding-a-custom-oem). +Similar to the [OEM partition][oem] in CoreOS disk images, iPXE images can be customized with a [cloud config][cloud-config] bundled in the initramfs. You can view the [instructions on the PXE docs]({{site.baseurl}}/os/docs/latest/booting-with-pxe.html#adding-a-custom-oem). -[oem]: {{site.baseurl}}/docs/sdk-distributors/distributors/notes-for-distributors/#image-customization -[cloud-config]: {{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config/ +[oem]: {{site.baseurl}}/os/docs/latest/notes-for-distributors.html#image-customization +[cloud-config]: {{site.baseurl}}/os/docs/latest/cloud-config.html -## Hosting `cloud-config` +## Hosting Cloud-Config One of the ways to host your `cloud-config` files is to use [nginx][nginx]. You can also use [http_sub_module][http_sub_module] which will allow you to use `$private_ipv4` and `$public_ipv4` substitution variables referenced in other documents. By default this module is enabled in official nginx packages and in most Linux distributions. diff --git a/os/booting-with-libvirt.md b/os/booting-with-libvirt.md index f0f92d587..b005d72de 100644 --- a/os/booting-with-libvirt.md +++ b/os/booting-with-libvirt.md @@ -1,8 +1,8 @@ # Running CoreOS on libvirt This guide explains how to run CoreOS with libvirt. The libvirt configuration -file can be used (for example) with virsh or virt-manager. The guide assumes -that you already have a running libvirt setup and virt-install tool. If you +file can be used (for example) with `virsh` or `virt-manager`. The guide assumes +that you already have a running libvirt setup and `virt-install` tool. If you don’t have that, other solutions are most likely easier. You can direct questions to the [IRC channel][irc] or [mailing @@ -11,7 +11,7 @@ list][coreos-dev]. ## Download the CoreOS image In this guide, the example virtual machine we are creating is called coreos1 and -all files are stored in /var/lib/libvirt/images/coreos. This is not a requirement — feel free +all files are stored in `/var/lib/libvirt/images/coreos`. This is not a requirement — feel free to substitute that path if you use another one. ### Choosing a Channel @@ -60,7 +60,7 @@ cd /var/lib/libvirt/images/coreos qemu-img create -f qcow2 -b coreos_production_qemu_image.img coreos1.qcow2 ``` -It will create coreos1.qcow2 snapshot image. Any changes to coreos1.qcow2 will not be reflected in coreos_production_qemu_image.img. Making any changes to a base image (coreos_production_qemu_image.img in our example) will corrupt its snapshots. +It will create `coreos1.qcow2` snapshot image. Any changes to `coreos1.qcow2` will not be reflected in `coreos_production_qemu_image.img`. Making any changes to a base image (`coreos_production_qemu_image.img` in our example) will corrupt its snapshots. ### Config drive From d7e5719ae143c79bb8568863cdf358d46c82ea18 Mon Sep 17 00:00:00 2001 From: Alex Crawford Date: Tue, 28 Jul 2015 17:16:01 -0700 Subject: [PATCH 0550/1291] os: update vmware guide Users should be using the standard VMware images. This suggests that they use the OVA image so it can be directly imported into ESXi. --- os/booting-on-vmware.md | 107 ++++++++++++++++++---------------------- 1 file changed, 49 insertions(+), 58 deletions(-) diff --git a/os/booting-on-vmware.md b/os/booting-on-vmware.md index 2c55be921..e94c13f81 100644 --- a/os/booting-on-vmware.md +++ b/os/booting-on-vmware.md @@ -1,71 +1,68 @@ # Running CoreOS on VMware -CoreOS is currently in heavy development and actively being tested. -These instructions will walk you through running CoreOS on VMware Fusion or ESXi. -If you are familiar with another VMware product you can use these instructions as a starting point. +These instructions will walk you through running CoreOS on VMware Fusion or +ESXi. If you are familiar with another VMware product you can use these +instructions as a starting point. ## Running the VM -These steps will download the VMware image and extract the zip file. After that -you will need to launch the `coreos_developer_vmware_insecure.vmx` file to create a VM. - ### Choosing a Channel -CoreOS is released into stable, alpha and beta channels. Releases to each channel serve as a release-candidate for the next channel. For example, a bug-free alpha release is promoted bit-for-bit to the beta channel. - -The channel is selected based on the URL below. Simply replace `alpha` with `beta`. Read the [release notes]({{site.baseurl}}/releases) for specific features and bug fixes in each channel. +CoreOS is released into alpha, beta, and stable channels. Releases to each +channel serve as a release-candidate for the next channel. For example, a +bug-free alpha release is promoted bit-for-bit to the beta channel. -This is a rough sketch that should work on OS X and Linux: +The channel is selected based on the URLs below. Simply replace `stable` with +`alpha` or `beta`. Read the [release notes][release notes] for specific +features and bug fixes in each channel. ```sh -curl -LO http://alpha.release.core-os.net/amd64-usr/current/coreos_production_vmware_insecure.zip -unzip coreos_production_vmware_insecure.zip -d coreos_production_vmware_insecure -cd coreos_production_vmware_insecure -open coreos_production_vmware_insecure.vmx +curl -LO http://stable.release.core-os.net/amd64-usr/current/coreos_production_vmware_ova.ova ``` -### To deploy on an ESXi/vSphere host, convert the VM to OVF -* follow the steps above to download and extract the coreos_production_vmware_insecure.zip -* download and run the [OVF Tool installer](https://developercenter.vmware.com/tool/ovf/) Requires VMware account login but the download is free. Available for Linux, OS X & Windows for both 32 & 64 bit architectures. -* convert VM to OVF from the extract dir +[release notes]: {{site.baseurl}}/releases -```sh -cd coreos_developer_vmware_insecure -mkdir coreos -ovftool coreos_production_vmware_insecure.vmx coreos/coreos.insecure.ovf -``` +### Booting with VMware Fusion -NOTE: This uses defaults and creates a single core, 1024MB type 4 VM when deployed. To change before deployment, see ovftool --help or manually edit the coreos.insecure.ovf If you do manually edit the OVF file, you will also need to recalculate the SHA1 and update the coreos.insecure.mf accordingly +After downloading the proper VMware image, you will need to launch the +`coreos_production_vmware_ova.ova` file to create a VM. -The above step creates the following files in ../coreos/: +### Booting with VMware ESXi -```sh - coreos.insecure-disk1.vmdk - coreos.insecure.ovf - coreos.insecure.mf -``` +Use the vSphere Client to deploy the VM as follows: -* use the vSphere Client to deploy the VM as follows: - * menu "File"..."Deploy OVF Template..." - * in the wizard, specify the location of the /coresos/ coreos.insecure.ovf created earlier - * name your VM - * choose "thin provision" for the disk format - * choose your network settings - * confirm the settings then click "Finish" +1. in the menu, click "File > Deploy OVF Template..." +2. in the wizard, specify the location of the OVA downloaded earlier +3. name your VM +4. choose "thin provision" for the disk format +5. choose your network settings +6. confirm the settings then click "Finish" - NOTE: unselect "Power on after deployment" so you have a chance to edit VM settings before powering it up for the first time. +NOTE: Unselect "Power on after deployment" so you have a chance to edit VM +settings before powering it up for the first time. -The last step uploads the files to your ESXi datastore and registers your VM. You can now tweak the VM settings, like memory and virtual cores, then power it on. These instructions were tested to deploy to an ESXi 5.5 host. +The last step uploads the files to your ESXi datastore and registers your VM. +You can now tweak the VM settings, like memory and virtual cores, then power it +on. These instructions were tested to deploy to an ESXi 5.5 host. ## Cloud-Config -Cloud-config can be specified by attaching a [config-drive]({{site.baseurl}}/docs/cluster-management/setup/cloudinit-config-drive/) with the label `config-2`. This is commonly done through whatever interface allows for attaching CD-ROMs or new drives. +Cloud-config can be specified by attaching a [config-drive][config-drive] with +the filesystem label `config-2`. This is commonly done through whatever +interface allows for attaching CD-ROMs or new drives. -Note that the config-drive standard was originally an OpenStack feature, which is why you'll see strings containing `openstack`. This filepath needs to be retained, although CoreOS supports config-drive on all platforms. +Note that the config-drive standard was originally an OpenStack feature, which +is why you'll see strings containing `openstack`. This filepath needs to be +retained, although CoreOS supports config-drive on all platforms. -For more information on customization that can be done with cloud-config, head on over to the [cloud-config guide]({{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config/). +For more information on customization that can be done with cloud-config, head +on over to the [cloud-config guide][cloud-config guide]. -Note: The `$private_ipv4` and `$public_ipv4` substitution variables referenced in other documents are *not* supported on VMware. +Note: The `$private_ipv4` and `$public_ipv4` substitution variables referenced +in other documents are *not* supported on VMware. + +[config-drive]: {{site.baseurl}}/docs/cluster-management/setup/cloudinit-config-drive/ +[cloud-config guide]: {{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config/ ## Logging in @@ -77,25 +74,19 @@ you should see an IP address pop up: In this case the IP is `10.0.1.81`. -Now you can login using the shared and insecure private SSH key. +Now you can login using your SSH key or password set in your cloud-config. ```sh -cd coreos_developer_vmware_insecure -ssh -i insecure_ssh_key core@10.0.1.81 +ssh core@10.0.1.81 ``` -## Replacing the key - -We highly recommend that you disable the original insecure OEM SSH key and -replace it with your own. This is a simple two step process: first, add your -public key, and then remove the original OEM one. - -```sh -cat ~/.ssh/id_rsa.pub | ssh core@10.0.1.81 -i insecure_ssh_key update-ssh-keys -a user -ssh core@10.0.1.81 update-ssh-keys -D oem -``` +Alternatively, if you append `coreos.autologin` to the kernel parameters on +boot, the console won't prompt for a password. This is handy for debugging. ## Using CoreOS -Now that you have a machine booted it is time to play around. -Check out the [CoreOS Quickstart]({{site.baseurl}}/docs/quickstart) guide or dig into [more specific topics]({{site.baseurl}}/docs). +Now that you have a machine booted it is time to play around. Check out the +[CoreOS Quickstart][quickstart] guide or dig into [more specific topics][docs]. + +[quickstart]: {{site.baseurl}}/docs/quickstart +[docs]: {{site.baseurl}}/docs From 01620f264aac5a085913b70dbbbfcf99695e30ce Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Wed, 29 Jul 2015 10:12:30 -0700 Subject: [PATCH 0551/1291] fleet: fix deprecated docker flag --- fleet/launching-containers-fleet.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fleet/launching-containers-fleet.md b/fleet/launching-containers-fleet.md index fe7250962..029ebbc50 100644 --- a/fleet/launching-containers-fleet.md +++ b/fleet/launching-containers-fleet.md @@ -102,7 +102,7 @@ TimeoutStartSec=0 ExecStartPre=-/usr/bin/docker kill apache1 ExecStartPre=-/usr/bin/docker rm apache1 ExecStartPre=/usr/bin/docker pull coreos/apache -ExecStart=/usr/bin/docker run -rm --name apache1 -p 80:80 coreos/apache /usr/sbin/apache2ctl -D FOREGROUND +ExecStart=/usr/bin/docker run --rm --name apache1 -p 80:80 coreos/apache /usr/sbin/apache2ctl -D FOREGROUND ExecStop=/usr/bin/docker stop apache1 [X-Fleet] From 2e4384d8e2d343dfd0c6d71fda9deabdc4ba44a2 Mon Sep 17 00:00:00 2001 From: Nick Owens Date: Wed, 29 Jul 2015 11:15:24 -0700 Subject: [PATCH 0552/1291] os: remove executable bit from booting-on-vultr.md --- os/booting-on-vultr.md | 0 1 file changed, 0 insertions(+), 0 deletions(-) mode change 100755 => 100644 os/booting-on-vultr.md diff --git a/os/booting-on-vultr.md b/os/booting-on-vultr.md old mode 100755 new mode 100644 From d21cec8de75d7113cbb2328c6e1217cf8e5d3f15 Mon Sep 17 00:00:00 2001 From: Nick Owens Date: Wed, 29 Jul 2015 11:13:44 -0700 Subject: [PATCH 0553/1291] os: add configuring dns document --- os/configuring-dns.md | 51 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) create mode 100644 os/configuring-dns.md diff --git a/os/configuring-dns.md b/os/configuring-dns.md new file mode 100644 index 000000000..95f1dc1a5 --- /dev/null +++ b/os/configuring-dns.md @@ -0,0 +1,51 @@ +# DNS Configuration + +By default, DNS resolution on CoreOS is handled through `/etc/resolv.conf`, which is a symlink to `/run/systemd/resolve/resolv.conf`. +This file is managed by [systemd-resolved][systemd-resolved]. +Normally, `systemd-resolved` gets DNS IP addresses from [systemd-networkd][systemd-networkd], either via DHCP or static configuration. +DNS IP addresses can also be set via `systemd-resolved`'s [resolved.conf][resolved.conf]. +See [Network configuration with networkd](network-config-with-networkd.md) for more information on `systemd-networkd`. + +## Using a local DNS cache + +`systemd-resolved` includes a caching DNS resolver. +To use it for DNS resolution and caching, you must enable it via [nsswitch.conf][nsswitch.conf] by adding `resolv` to the `hosts` section. + +Here is an example cloud-config snippet to do that: + +```yaml +#cloud-config +write_files: + - path: /etc/nsswitch.conf + permissions: 0644 + owner: root + content: | + # /etc/nsswitch.conf: + + passwd: files usrfiles + shadow: files usrfiles + group: files usrfiles + + hosts: files usrfiles resolv dns + networks: files usrfiles dns + + services: files usrfiles + protocols: files usrfiles + rpc: files usrfiles + + ethers: files + netmasks: files + netgroup: files + bootparams: files + automount: files + aliases: files +``` + +Only nss-aware applications can take advantage of the `systemd-resolved` cache. +Notably, this means that statically linked Go programs and programs running within Docker/rkt will use `/etc/resolv.conf` only, and will not use the `systemd-resolve` cache. + +[systemd-resolved]: http://www.freedesktop.org/software/systemd/man/systemd-resolved.service.html +[systemd-networkd]: http://www.freedesktop.org/software/systemd/man/systemd-networkd.service.html +[resolved.conf]: http://www.freedesktop.org/software/systemd/man/resolved.conf.html +[nsswitch.conf]: http://man7.org/linux/man-pages/man5/nsswitch.conf.5.html + From 3d947f7b3faef97e1ede3b110b61cf9126c2847f Mon Sep 17 00:00:00 2001 From: kayrus Date: Tue, 4 Aug 2015 15:46:35 +0200 Subject: [PATCH 0554/1291] Added udev exmaple --- os/using-systemd-and-udev-rules.md | 74 ++++++++++++++++++++++++++++++ 1 file changed, 74 insertions(+) create mode 100644 os/using-systemd-and-udev-rules.md diff --git a/os/using-systemd-and-udev-rules.md b/os/using-systemd-and-udev-rules.md new file mode 100644 index 000000000..e35a9a979 --- /dev/null +++ b/os/using-systemd-and-udev-rules.md @@ -0,0 +1,74 @@ +# Using systemd and udev Rules + +In our example we will use libvirt VM. First of all we have to create systemd unit file `/etc/systemd/system/test.service`: + +``` +[Service] +Type=oneshot +ExecStart=/usr/bin/echo 'device has been attached' +``` + +Then we have to start `udevadm monitor --environment` to monitor kernel events. + +Once you've attached virtio libvirt device (i.e. `virsh attach-disk coreos /dev/VG/test vdc`) you'll see similar udev output: + +``` +UDEV [545.954641] add /devices/pci0000:00/0000:00:18.0/virtio4/block/vdb (block) +.ID_FS_TYPE_NEW= +ACTION=add +DEVNAME=/dev/vdb +DEVPATH=/devices/pci0000:00/0000:00:18.0/virtio4/block/vdb +DEVTYPE=disk +ID_FS_TYPE= +MAJOR=254 +MINOR=16 +SEQNUM=1327 +SUBSYSTEM=block +SYSTEMD_WANTS=test.service +TAGS=:systemd: +USEC_INITIALIZED=545954447 +``` + +Accoring to text beyond udev rule should look this way: + +``` +ACTION=="add", SUBSYSTEM=="block", TAG+="systemd", ENV{SYSTEMD_WANTS}="test.service" +``` + +Now when we use this command `virsh attach-disk coreos /dev/VG/test vdc` on host machine, we should see `device has been attached` message inside CoreOS node. + +## Cloud-Config example + +Cloud-Config example should look this way: + +```yaml +#cloud-config +write_files: + - path: /etc/udev/rules.d/01-block.rules + permissions: 0644 + owner: root + content: | + ACTION=="add", SUBSYSTEM=="block", TAG+="systemd", ENV{SYSTEMD_WANTS}="test.service" +coreos: + units: + - name: test.service + content: | + [Unit] + Description=Notify about attached device + + [Service] + Type=oneshot + ExecStart=/usr/bin/echo 'device has been attached' +``` + +## Another Examples + +For another real examples, check out these documents: + +[Customizing Docker]({{site.baseurl}}/os/docs/latest/customizing-docker.html#using-a-dockercfg-file-for-authentication) +[Customizing the SSH Daemon]({{site.baseurl}}/os/docs/latest/customizing-sshd.html#changing-the-sshd-port) + +## More Information +systemd.service Docs +systemd.unit Docs +systemd.target Docs From 64feea2813ffd0b2985b88a22b10093b6178083d Mon Sep 17 00:00:00 2001 From: kayrus Date: Fri, 31 Jul 2015 12:17:00 +0200 Subject: [PATCH 0555/1291] Added CHANNEL variable in deploy_coreos_libvirt.sh --- os/deploy_coreos_libvirt.sh | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/os/deploy_coreos_libvirt.sh b/os/deploy_coreos_libvirt.sh index 467f0bbe3..3247ddcfb 100644 --- a/os/deploy_coreos_libvirt.sh +++ b/os/deploy_coreos_libvirt.sh @@ -1,7 +1,7 @@ #!/bin/bash -e usage() { - echo "Usage: $0 number_of_coreos_nodes" + echo "Usage: $0 %number_of_coreos_nodes%" } if [ "$1" == "" ]; then @@ -19,6 +19,7 @@ fi LIBVIRT_PATH=/var/lib/libvirt/images/coreos USER_DATA_TEMPLATE=$LIBVIRT_PATH/user_data ETCD_DISCOVERY=$(curl -s "https://discovery.etcd.io/new?size=$1") +CHANNEL=stable RAM=1024 CPUs=1 @@ -38,15 +39,15 @@ for SEQ in $(seq 1 $1); do mkdir -p $LIBVIRT_PATH/$COREOS_HOSTNAME/openstack/latest || (echo "Can not create $LIBVIRT_PATH/$COREOS_HOSTNAME/openstack/latest directory" && exit 1) fi - if [ ! -f $LIBVIRT_PATH/coreos_production_qemu_image.img ]; then - wget http://stable.release.core-os.net/amd64-usr/current/coreos_production_qemu_image.img.bz2 -O - | bzcat > $LIBVIRT_PATH/coreos_production_qemu_image.img + if [ ! -f $LIBVIRT_PATH/coreos_${CHANNEL}_qemu_image.img ]; then + wget http://${CHANNEL}.release.core-os.net/amd64-usr/current/coreos_production_qemu_image.img.bz2 -O - | bzcat > $LIBVIRT_PATH/coreos_${CHANNEL}_qemu_image.img fi if [ ! -f $LIBVIRT_PATH/$COREOS_HOSTNAME.qcow2 ]; then - qemu-img create -f qcow2 -b $LIBVIRT_PATH/coreos_production_qemu_image.img $LIBVIRT_PATH/$COREOS_HOSTNAME.qcow2 + qemu-img create -f qcow2 -b $LIBVIRT_PATH/coreos_${CHANNEL}_qemu_image.img $LIBVIRT_PATH/$COREOS_HOSTNAME.qcow2 fi - sed "s#%HOSTNAME%#$COREOS_HOSTNAME#g;s#%DISCOVERY%#$ETCD_DISCOVERY#g" $LIBVIRT_PATH/user_data > $LIBVIRT_PATH/$COREOS_HOSTNAME/openstack/latest/user_data + sed "s#%HOSTNAME%#$COREOS_HOSTNAME#g;s#%DISCOVERY%#$ETCD_DISCOVERY#g" $USER_DATA_TEMPLATE > $LIBVIRT_PATH/$COREOS_HOSTNAME/openstack/latest/user_data virt-install --connect qemu:///system --import --name $COREOS_HOSTNAME --ram $RAM --vcpus $CPUs --os-type=linux --os-variant=virtio26 --disk path=$LIBVIRT_PATH/$COREOS_HOSTNAME.qcow2,format=qcow2,bus=virtio --filesystem $LIBVIRT_PATH/$COREOS_HOSTNAME/,config-2,type=mount,mode=squash --vnc --noautoconsole done From d17bbd9f378a8cf92c004dafc06adfc2fbda88ad Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Wed, 29 Jul 2015 18:02:11 -0700 Subject: [PATCH 0556/1291] kubernetes: add overview documents --- kubernetes/img/controller.svg | 86 +++++++++++ kubernetes/img/rolling-deploy.svg | 188 ++++++++++++++++++++++++ kubernetes/img/service.svg | 123 ++++++++++++++++ kubernetes/img/traffic-shift.svg | 210 +++++++++++++++++++++++++++ kubernetes/pods.md | 53 +++++++ kubernetes/replication-controller.md | 107 ++++++++++++++ kubernetes/services.md | 148 +++++++++++++++++++ 7 files changed, 915 insertions(+) create mode 100644 kubernetes/img/controller.svg create mode 100644 kubernetes/img/rolling-deploy.svg create mode 100644 kubernetes/img/service.svg create mode 100644 kubernetes/img/traffic-shift.svg create mode 100644 kubernetes/pods.md create mode 100644 kubernetes/replication-controller.md create mode 100644 kubernetes/services.md diff --git a/kubernetes/img/controller.svg b/kubernetes/img/controller.svg new file mode 100644 index 000000000..485e143ba --- /dev/null +++ b/kubernetes/img/controller.svg @@ -0,0 +1,86 @@ + + + + controller + Created with Sketch. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + P + + + + + + + P + + + + + + + P + + + + + + + \ No newline at end of file diff --git a/kubernetes/img/rolling-deploy.svg b/kubernetes/img/rolling-deploy.svg new file mode 100644 index 000000000..ed67d204e --- /dev/null +++ b/kubernetes/img/rolling-deploy.svg @@ -0,0 +1,188 @@ + + + + rolling-deploy + Created with Sketch. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + app=webapp + + + + role=frontend + + + + + + + + + + + + + + + + + + + + + P + + + + + + + P + + + + + + + P + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + P + + + + + + + P + + + + + + + P + + + + + + + P + + + + + + + \ No newline at end of file diff --git a/kubernetes/img/service.svg b/kubernetes/img/service.svg new file mode 100644 index 000000000..7e55d704f --- /dev/null +++ b/kubernetes/img/service.svg @@ -0,0 +1,123 @@ + + + + service + Created with Sketch. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + app=webapp + + + + role=frontend + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + P + + + + + + + P + + + + + + + P + + + + + + + \ No newline at end of file diff --git a/kubernetes/img/traffic-shift.svg b/kubernetes/img/traffic-shift.svg new file mode 100644 index 000000000..6eee5fe5b --- /dev/null +++ b/kubernetes/img/traffic-shift.svg @@ -0,0 +1,210 @@ + + + + traffic-shift + Created with Sketch. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + app=webapp + + + + role=frontend + + + + + + + + app=webapp + + + + role=frontend + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + New traffic pattern + via label query + + + + + + + + + + + P + + + + + + + + P + + + + + + + P + + + + + + + P + + + + + + + P + + + + + + + P + + + + + + + + + \ No newline at end of file diff --git a/kubernetes/pods.md b/kubernetes/pods.md new file mode 100644 index 000000000..6620912c5 --- /dev/null +++ b/kubernetes/pods.md @@ -0,0 +1,53 @@ +# Overview of a Pod + +A Kubernetes pod is a group of containers that are deployed together on the same host. If you frequently deploy single containers, you can generally replace the word "pod" with "container" and accurately understand the concept. + +Pods operate at one level higher than individual containers because it's very common to have a group of containers work together to produce an artifact or process a set of work. + +For example, consider this pair of containers: a caching server and a cache "warmer". You could build these two functions into a single container, but now they can each be tailored to the specific task and shared between different projects/teams. + +Another example is an app server pod that contains three separate containers: the app server itself, a monitoring adapter, and a logging adapter. The logging and monitoring containers could be shared across all projects in your organization. These adapters could provide an abstraction between different cloud monitoring vendors or other destinations. + +Any project requiring logging or monitoring can include these containers in their pods, but not have to worry about the specific logic. All they need to do is send logs from the app server to a known location within the pod. How does that work? Let's walk through it. + +## Shared Namespaces, Volumes and Secrets + +By design, all of the containers in a pod are connected to facilitate intra-pod communication, ease of management and flexibility for application architectures. If you've ever fought with connecting two raw containers together, the concept of a pod will save you time and is much more powerful. + +### Shared Network + +All containers share the same network namespace & port space. Communication over localhost is encouraged. Each container can also communicate with any other pod or service within the cluster. + +### Shared Volumes + +Volumes attached to the pod may be mounted inside of one or more containers. In the logging example above, a volume named `logs` is attached to the pod. The app server would log output to `logs` mounted at `/volumes/logs` and the logging adapter would have a read-only mount to the same volume. If either of these containers needed to restarted, the log data is preserved instead of being lost. + +There are many types of volumes supported by Kubernetes, including native support for mounting Github repos, network disks (EBS, NFS, etc), local machine disks, and a few special volume types, like secrets. + +Here's an example pod: + +``` +INSERT THE EXAMPLE +``` + +### Resources + +Resource limits such as CPU and RAM are shared between all containers in the pod. + +## Creating Pods + +Pods are considered ephemeral "cattle" and won't survive a machine failure and may be terminated for machine maintenance. For high resiliency, pods are managed by a [replication controller][controller-overview], which creates and destroys replicas of pods as needed. Individual pods can also be created outside of a replication controller, but this isn't a common practice. + +[Kubernetes services][service-overview] should always be used to expose pod(s) to the rest of the cluster in order to provide the proper level of abstraction since individual pods will come and go. + +Replication controllers and services use the *pod labels* to select a group of pods that they interact with. Your pods will typically have labels for the application name, role, environment, version, etc. Each of these can be combined in order to select all pods with a certain role, a certain application, or a more complex query. The label system is extremely flexible by design and experimentation is encouraged to estabilish the practices that work best for your company or team. + +
      +

      Are you familiar with replication controllers and services?

      + Replication Controller overview + Services overview + Back to Listing +
      + +[controller-overview]: replication-controller.md +[service-overview]: services.md \ No newline at end of file diff --git a/kubernetes/replication-controller.md b/kubernetes/replication-controller.md new file mode 100644 index 000000000..ad90f7b20 --- /dev/null +++ b/kubernetes/replication-controller.md @@ -0,0 +1,107 @@ +# Overview of a Replication Controller + +A replication controller is one of the features of Kubernetes that you'll interact with on a regular basis to launch one or more instances of your applications. Replication controllers are "cheap" and you can have many of them configured in your cluster. + +The logic of a replication controller is simple by design, but enables powerful, flexible deployment topologies for your development teams. + +Each replication controller has a **desired state** that is managed by the application deployer. When a change is made to the desired state, a reconciliation loop detects this and attempts to mutate the existing state in order to match the desired state. For example, if you increase the desired instance count from 3 to 4, the replication controller would see that one new instance needs to be created and launch it somewhere on the cluster. This reconciliation process applies to any modified property of the **pod template**. + +## Defining a Pod Template + +In Kubernetes, the base unit of deployment is a **pod** ([intro to pods][pod-overview]), which is a group of containers that work together and therefore are logically grouped. The replication controller stores a **pod template** in order to create new pods if needed. + +Like all Kubernetes features, the replication controller makes use of label queries to inspect only the pods that it is responsible for. For example, a "frontend webapp" replication controller might be responsible for all pods matching the labels `app=myapp` and `role=frontend`. The pod template should contain these labels in order for the replication controller to manage the pods that it creates. + +Kubernetes Replication Controller and Labels + +Here's an example replication controller definition: + +```yaml +apiVersion: v1 +kind: ReplicationController +metadata: + name: nginx-controller +spec: + replicas: 2 + selector: + role: load-balancer + template: + metadata: + labels: + role: load-balancer + spec: + containers: + - name: nginx + image: coreos/nginx + ports: + - containerPort: 80 +``` + +## Examples + +A common pattern for deploying a new version of an application is to create a new replication controller per deployment. Creation can be done manually by a developer or automated via the API as part of a CI/CD pipeline. Different deployment models are possible depending on your treatment of the labels on the pods created. + +Both of the examples below reference another Kubernetes feature: services. Be sure to read the [intro to services][service-overview] to understand the routing and load balancing built in to Kubernetes. + +### Rolling Deployment + + + Kubernetes Rolling Deployment + + +To execute a rolling deployment without downtime you need three Kubernetes objects: a service and two replication controllers, one for version A and one for version B. + +The service should be configured with a fairly broad label query that will match pods created by both replication controllers, such as `app=webapp, env=prod`. Each replication controller could optionally set additional labels such as `version=X`. + +The rate of the deployment is controlled by the speed at which the desired count of the version A replication controller is turned down, and version B is turned up. This process could be executed manually, or more sophisticated software could be written to monitor error rates and other metrics to influence the process or halt it altogether. + +### Traffic Shift + + + Kubernetes Traffic Shift Deployment + + +If your application requires all traffic to shift to the new version at the same time, a similar method can be used as above. The same three Kubernetes objects are used, but the sequence of events is different. + +First, the service has a more specific label query that includes the version of the software running, such as `app=webapp, env=prod, version=A`. Instead of modifying the desired count of each replication controller, the version B controller is configured to support the same amount of load as version A. + +After all of the pods are started (and warmed if needed), the label query of the service is modifed to include version B instead of version A. All traffic has now been shifted towards the new version. + +An advantage of this strategy is that failing back to the old version is a simple label query modification. The elegance and flexibility of Kubernetes labels shows here. Once version B is confirmed to be stable, the old replication controller and pods can be terminated. + +## The Reconciliation Loop in Detail + +The design of the replication controller epitomizes the best practices baked into Kubernetes from Google's decade of container experience. The elegant combination of a simple infinite loop and user-provided desired state leverages the strengths of all parties involved. Developers on your team can describe what they want and let the software figure out how to best make that desire a reality. + +Substantial efficiency gains are experienced as the software logic gets smarter while the humans in the loop don't even have to change their workflow. Compare this to writing an instruction set of how to turn a vanilla group of Linux machines into a working installation by executing a long set of steps in order and hoping nothing goes wrong or an important assumption hasn't changed. + +### Pod Logic + +The pod handling rules in the replication controller act a little differently than other cluster software. A few common scenarios are covered below: + +1. When the pod template of a replication controller is updated but the replica count isn't modified, new pods will use the latest template, but existing pods won't be updated. This prevents unnecessary churn for your application. If this functionality is desired, pods can programatically be terminated via API and new pods will be started based on the updated template. + +2. When a replication controller is deleted, the pods matching its label query aren't terminated. There are two reasons for this: First, the pods may still be in active rotation for a service. Second, another replication controller may have an overlapping label query and will continue to utilize the pods. + +### Handling Errors + +The replication controller is constantly trying to converge the existing state into the desired state. If the desired state isn't possible because of a misconfiguration, the controller will keep trying and failure events, such as invalid pull credentials, etc., will be generated. + +To debug a single pod, you can change its configured labels to prevent it from matching the replication controller's label query, thus allowing you manual control to inspect or terminate it when you desire. + +If the replica controller's label query doesn't overlap with the labels applied to your pods, Kubernetes will prevent the template from being saved, which will spare you from many orphaned pods from being created. + +If you run out of available machines to run new pods, the pods will sit in a "pending" status until more capacity is added to the cluster. + +For more information on replication controllers, the [Kubernetes documentation][upstream-rc] is the best source. + +
      +

      Are you familiar with pods and services?

      + Services overview + Pods overview + Back to Listing +
      + +[upstream-rc]: http://kubernetes.io/v1.0/docs/user-guide/replication-controller.html +[pod-overview]: pods.md +[service-overview]: services.md \ No newline at end of file diff --git a/kubernetes/services.md b/kubernetes/services.md new file mode 100644 index 000000000..5f88ca411 --- /dev/null +++ b/kubernetes/services.md @@ -0,0 +1,148 @@ +# Overview of a Service + +A service is a grouping of [pods][pod-overview] that are running on the cluster. Services are "cheap" and you can have many services within the cluster. Kubernetes services can efficiently power a microservice architecture. + +Services provide important features that are standardized across the cluster: load-balancing, service discovery between applications, and features to support zero-downtime application deployments. + +Each service has a **pod label query** which defines the pods which will process data for the service. This label query frequently matches pods created by one or more [replication controllers][controller-overview]. Powerful routing scenarios are possible by updating a service's label query via the Kubernetes API with deployment software. + +### IP Address and Routing + +When creating a service, one or more **ports** can be configured. A common example would be listening on port 80 for HTTP and port 443 for HTTPS. + +A core design feature of Kubernetes is a routable IP address for every service and pod in the cluster. Assigning IPs this way eliminates port conflicts between applications across the cluster. This allows any application team to bind to any port they require instead of reconfiguring databases or web servers to listen on non-standard ports. + +Google learned this lession the hard way over their decade of experience deploying this type of infrastructure and Kubernetes empowers you to avoid these mistakes before years of cruft, complexity and technical debt build up. + +While this design decision complicates the networking configuraton slightly, your operations team can set up and configure [flannel][flannel], which is an open-source project designed by CoreOS to enable this type of routing for Kubernetes. + + + Kubernetes Service + + +Here's the YAML representation of the frontend service: + +```yaml +{ + "kind": "Service", + "apiVersion": "v1", + "metadata": { + "name": "Frontend Service" + }, + "spec": { + "selector": { + "app": "webapp", + "role": "frontend" + }, + "ports": [ + { + "name": "https" + "protocol": "TCP", + "port": 443, + "targetPort": 443 + } + ] + } +} +``` + + +Let's take a closer look at some of the built-in service functionality: + +## Service Discovery + +Kubernetes services are designed to be a stable abstraction point between the different components of your applications. Contrast this with pods which are being created and destroyed with each software deployment or any time a service requires more capacity. + +Each service has a unique IP address and a DNS hostname. Applications that consume this service can be manually configured to use either the IP address or the hostname and the traffic will be load-balanced to the correct pods. SRV-based discovery is also configured by default for all ports the service is listening on. + +Keep in mind that DNS libraries used in many programming languages don't properly respect TTLs and will cache DNS lookups longer than expected. For this reason, round robin DNS isn't used unless specifically enabled. Utilizing the service's IP address will completely avoid this issue. + +To do automatic service discovery, environment variables containing the IP address of each service in the cluster are injected into all containers. For example, a service named "redis-master" could be accessed from a pod by using information stored in these variables: + +```sh +REDIS_MASTER_SERVICE_HOST=10.0.0.11 +REDIS_MASTER_SERVICE_PORT=6379 +REDIS_MASTER_PORT=tcp://10.0.0.11:6379 +REDIS_MASTER_PORT_6379_TCP=tcp://10.0.0.11:6379 +REDIS_MASTER_PORT_6379_TCP_PROTO=tcp +REDIS_MASTER_PORT_6379_TCP_PORT=6379 +REDIS_MASTER_PORT_6379_TCP_ADDR=10.0.0.11 +``` + +### Discovery of Resources Outside the Cluster + +A service can also point to an external resource such as a cloud database or microservice that doesn't run on the Kubernetes cluster. Using a Kubernetes service to point outside the cluster allows you to execute service discovery from your pods just like a service running in the cluster. See the [upstream Kubernetes documentation][serv-without-selector] for more details. + +Each application development team can choose which method (IP, DNS, etc) best matches their workflow. The important takeaway is that service discovery is standardized across the cluster and can be depended on by all users. + +## Load Balancing + +Services are automatically configured to load balance traffic to pods matching the label query. A random algorithm is used and is currently the only option. Session affinity can be configured to send traffic to pods by client IP. + +### Health Checking Pods + +Services respect the health checking parameters built into [pods][pod-overview] and traffic is only sent to pods that are healthy and started correctly. + +### Disable Load Balancing via Headless Services + +If your application doesn't require load-balancing or a fixed service IP, a "headless" service can be created. No load-balancing or proxying will be done for this service. + +A DNS query for this service will return a list of A records that can be used by your application or custom logic to select which IP to use. + +## Zero Downtime Deployments + +During a deployment, new pods will be launched, running the updated version of your software. While this deployment is in progress, inbound traffic is being routed to the pods maching the service's pod label query. + +Modifying this label query to be broad or specific is a flexible mechanism to point traffic towards a specific version of your application, either old or new, or send traffic to both at the same time. + +Using a label query to select the pods that receive traffic is another Google design choice that comes their container deployment experience. Maintaining a query to select pods prevents a brittle registration and removal process. Instead, pods matching the query can be constantly updated safely in an infinite loop. + +Mentally compare the experience of updating a label query versus obtaining a static list of all application instances, sub-selecting the ones you care about, inspecting them to figure out if they are still valid and finally updating the load balancer with that list. + +[Replication controllers][controller-overview] are used to create the pods used in your deployments. Check out the examples below for each type of deployment: + +
      + +
      +
      + + Kubernetes Rolling Deployment + +
      +
      +

      Rolling Deployment

      +

      Perfect for applications tolerant of running mixed version side by side.

      + View Rolling Deployment docs +
      +
      + +
      + +
      +
      + + Kubernetes Traffic Shift Deployment + +
      +
      +

      Traffic Shift Deployment

      +

      Applications that need to shift all traffic at once can use this pattern.

      + View Traffic Shift docs +
      +
      + +
      + +Using Kubernetes services to expose different microservices or tiers of an application to other in your organization will accelerate your workflow and standardize important cluster-level practices: service discovery, load balancing and deployment practices. + +
      +

      Are you familiar with pods and replication controllers?

      + Replication Controller overview + Pods overview + Back to Listing +
      + +[flannel]: https://coreos.com/flannel +[pod-overview]: pods.md +[controller-overview]: replication-controller.md +[serv-without-selector]: https://github.com/GoogleCloudPlatform/kubernetes/blob/master/docs/user-guide/services.md#services-without-selectors \ No newline at end of file From 18f1ab0041ff97a6d9577fd0f25e85f4b082f23b Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Thu, 6 Aug 2015 17:40:21 -0700 Subject: [PATCH 0557/1291] kubernetes: add pod example --- kubernetes/pods.md | 29 ++++++++++++++++++++++++++++- 1 file changed, 28 insertions(+), 1 deletion(-) diff --git a/kubernetes/pods.md b/kubernetes/pods.md index 6620912c5..bcada6628 100644 --- a/kubernetes/pods.md +++ b/kubernetes/pods.md @@ -27,7 +27,34 @@ There are many types of volumes supported by Kubernetes, including native suppor Here's an example pod: ``` -INSERT THE EXAMPLE +apiVersion: v1 +kind: Pod +metadata: + name: example-app + labels: + app: example-app + version: v1 + role=backend +spec: + containers: + - name: java + image: companyname/java + ports: + - containerPort: 443 + volumeMounts: + - mountPath: /volumes/logs + name: logs + - name: logger + image: companyname/logger:v1.2.3 + ports: + - containerPort: 9999 + volumeMounts: + - mountPath: /logs + name: logs + - name: monitoring + image: companyname/monitoring:v4.5.6 + ports: + - containerPort: 1234 ``` ### Resources From b51e151798ab43a158368c5a596e9361c20d0a05 Mon Sep 17 00:00:00 2001 From: kayrus Date: Tue, 4 Aug 2015 21:19:30 +0200 Subject: [PATCH 0558/1291] Updated systemd-udev doc --- os/using-systemd-and-udev-rules.md | 37 +++++++++++++++++++----------- 1 file changed, 23 insertions(+), 14 deletions(-) diff --git a/os/using-systemd-and-udev-rules.md b/os/using-systemd-and-udev-rules.md index e35a9a979..051e294ec 100644 --- a/os/using-systemd-and-udev-rules.md +++ b/os/using-systemd-and-udev-rules.md @@ -1,6 +1,6 @@ # Using systemd and udev Rules -In our example we will use libvirt VM. First of all we have to create systemd unit file `/etc/systemd/system/test.service`: +In our example we will use libvirt VM with CoreOS and run systemd unit on disk attach event. First of all we have to create systemd unit file `/etc/systemd/system/device-attach.service`: ``` [Service] @@ -8,9 +8,11 @@ Type=oneshot ExecStart=/usr/bin/echo 'device has been attached' ``` +This unit file will be triggered by our udev rule. + Then we have to start `udevadm monitor --environment` to monitor kernel events. -Once you've attached virtio libvirt device (i.e. `virsh attach-disk coreos /dev/VG/test vdc`) you'll see similar udev output: +Once you've attached virtio libvirt device (i.e. `virsh attach-disk coreos /dev/VG/test vdc`) you'll see similar `udevadm` output: ``` UDEV [545.954641] add /devices/pci0000:00/0000:00:18.0/virtio4/block/vdb (block) @@ -24,22 +26,20 @@ MAJOR=254 MINOR=16 SEQNUM=1327 SUBSYSTEM=block -SYSTEMD_WANTS=test.service -TAGS=:systemd: USEC_INITIALIZED=545954447 ``` -Accoring to text beyond udev rule should look this way: +According to text above udev generates event which contains directives (ACTION=add and SUBSYSTEM=block) we will use in our rule. It should look this way: ``` -ACTION=="add", SUBSYSTEM=="block", TAG+="systemd", ENV{SYSTEMD_WANTS}="test.service" +ACTION=="add", SUBSYSTEM=="block", TAG+="systemd", ENV{SYSTEMD_WANTS}="device-attach.service" ``` -Now when we use this command `virsh attach-disk coreos /dev/VG/test vdc` on host machine, we should see `device has been attached` message inside CoreOS node. +That rule means that udev will trigger `device-attach.service` systemd unit on any block device attachment. Now when we use this command `virsh attach-disk coreos /dev/VG/test vdc` on host machine, we should see `device has been attached` message in CoreOS node's journal. This example should be similar to USB/SAS/SATA device attach. ## Cloud-Config example -Cloud-Config example should look this way: +To use the unit and udev rule with cloud-config, modify this example as needed: ```yaml #cloud-config @@ -48,10 +48,10 @@ write_files: permissions: 0644 owner: root content: | - ACTION=="add", SUBSYSTEM=="block", TAG+="systemd", ENV{SYSTEMD_WANTS}="test.service" + ACTION=="add", SUBSYSTEM=="block", TAG+="systemd", ENV{SYSTEMD_WANTS}="device-attach.service" coreos: units: - - name: test.service + - name: device-attach.service content: | [Unit] Description=Notify about attached device @@ -61,14 +61,23 @@ coreos: ExecStart=/usr/bin/echo 'device has been attached' ``` -## Another Examples +## More systemd Examples + +For more systemd examples, check out these documents: -For another real examples, check out these documents: +[Customizing Docker][customizing-docker] +[Customizing the SSH Daemon][customizing-sshd] +[Using systemd Drop-In Units][drop-in] -[Customizing Docker]({{site.baseurl}}/os/docs/latest/customizing-docker.html#using-a-dockercfg-file-for-authentication) -[Customizing the SSH Daemon]({{site.baseurl}}/os/docs/latest/customizing-sshd.html#changing-the-sshd-port) +[drop-in]: using-systemd-drop-in-units.html +[customizing-sshd]: customizing-sshd.html#changing-the-sshd-port +[customizing-docker]: customizing-docker.html#using-a-dockercfg-file-for-authentication +[cloud-config]: cloud-config.html +[etcd-discovery]: cluster-discovery.html +[systemd-udev]: using-systemd-and-udev-rules.html ## More Information systemd.service Docs systemd.unit Docs systemd.target Docs +udev Docs From 8ad0c22a1b27922d7af0982df2b0a0292f681a4f Mon Sep 17 00:00:00 2001 From: kayrus Date: Thu, 16 Jul 2015 15:45:49 +0200 Subject: [PATCH 0559/1291] Added networkd debug mode instruction. https://github.com/coreos/docs/issues/519 --- os/network-config-with-networkd.md | 49 +++++++++++++++++++++++++++++- 1 file changed, 48 insertions(+), 1 deletion(-) diff --git a/os/network-config-with-networkd.md b/os/network-config-with-networkd.md index c9ff1e997..47f5a96a5 100644 --- a/os/network-config-with-networkd.md +++ b/os/network-config-with-networkd.md @@ -86,6 +86,53 @@ DHCP=yes To apply the configuration, run `sudo systemctl restart systemd-networkd`. Check the status with `systemctl status systemd-networkd` and read the full log with `journalctl -u systemd-networkd`. +## Debugging networkd + +If you've faced some problems with networkd you can enable debug mode following the instructions below. + +### Enable debugging manually + +```sh +mkdir -p /etc/systemd/system/systemd-networkd.service.d/ +``` + +Create [Drop-In][drop-ins] `/etc/systemd/system/systemd-networkd.service.d/10-debug.conf` with following content: + +```sh +[Service] +Environment=SYSTEMD_LOG_LEVEL=debug +``` + +And restart systemd-networkd service: + +```sh +systemctl daemon-reload +systemctl restart systemd-networkd +journalctl -b -u systemd-networkd +``` + +### Enable debugging through Cloud-Config + +Define [Drop-In][drop-ins] in [Cloud-Config][cloud-config]: + +```yaml +#cloud-config +coreos: + units: + - name: systemd-networkd.service + drop-ins: + - name: 10-debug.conf + content: | + [Service] + Environment=SYSTEMD_LOG_LEVEL=debug + command: start +``` + +And run `coreos-cloudinit` or reboot your CoreOS host to apply the changes. + +[drop-ins]: using-systemd-drop-in-units.html +[cloud-config]: cloud-config.html + ## Further Reading -If you're interested in more general networkd features, check out the [full documentation](http://www.freedesktop.org/software/systemd/man/systemd-networkd.service.html). \ No newline at end of file +If you're interested in more general networkd features, check out the [full documentation](http://www.freedesktop.org/software/systemd/man/systemd-networkd.service.html). From bd7f3d3e1fd0cdd3573f593a29a1c206d8e0304f Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Mon, 10 Aug 2015 12:08:13 -0700 Subject: [PATCH 0560/1291] os: mention DHCP/variable substitution as option --- os/cluster-architectures.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/os/cluster-architectures.md b/os/cluster-architectures.md index 76df5a401..76cec499e 100644 --- a/os/cluster-architectures.md +++ b/os/cluster-architectures.md @@ -96,6 +96,8 @@ This environment is now set up to take a beating. Pull the plug on a machine and Since we're only using a single etcd node, there is no need to include a discovery token. There isn't any high availability for etcd in this configuration, but that's assumed to be OK for development and testing. Boot this machine first so you can configure the rest with its IP address, which is specified with the network unit. +The network unit is typically used for bare metal installations that require static networking. If you're using a cloud-provider, you can omit the network unit and use DHCP and the `$private_ipv4` and `$public_ipv4` variables on platforms that support this. Check the documentation for your specific provider for examples. + Here's the cloud-config for the etcd machine: ```yaml @@ -166,6 +168,8 @@ fleet will be used to bootstrap both the central services and jobs on the worker Our Central Services machines will run services that support the rest of the cluster. etcd is configured with static networking and a peers list. +If you're using a cloud-provider, you can omit the network unit and use DHCP and the `$private_ipv4` and `$public_ipv4` variables on platforms that support this. Check the documentation for your specific provider for examples. + fleet will be started with metadata indicating the role of these machines, which allows us to schedule global units that will only run on these machines with `Global=true` and `MachineMetadata=role=services`. Optionally, set additional machine metadata for availability zones, cabinet number, location, etc. to ensure that each central service machine is distributed correctly across your infrastructure. [Managed Linux]({{site.baseurl}}/products/managed-linux) customers can also specify a [CoreUpdate]({{site.baseurl}}/products/coreupdate) group ID which will allow you to attach these machines to a different channel and control updates separately from the worker machines. From 9b4f00a4a9e9441045ed4f197242f683165a954a Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Mon, 10 Aug 2015 15:57:18 -0700 Subject: [PATCH 0561/1291] fleet: explain fleet machine failure scenario --- fleet/launching-containers-fleet.md | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/fleet/launching-containers-fleet.md b/fleet/launching-containers-fleet.md index 029ebbc50..d521216a1 100644 --- a/fleet/launching-containers-fleet.md +++ b/fleet/launching-containers-fleet.md @@ -87,7 +87,7 @@ c9de9451-6a6f-1d80-b7e6-46e996bfc4d1 10.10.1.3 - ## Run a High Availability Service -The main benefit of using CoreOS is to have your services run in a highly available manner. Let's walk through deploying a service that consists of two identical containers running the Apache web server. +The main benefit of using CoreOS is to have your services run in a highly available manner. Let's walk through deploying a service that consists of two identical containers running the Apache web server. Afterwards, we'll walk through the failure of a machine and the steps fleet takes to relaunch our tasks on another machine. First, let's write a unit file that we'll run two copies of. To do that, we'll use a template unit, named `apache@.service`. The template stays on disk and is used as a base to generate two instances, named `apache@1.service` and `apache@2.service`: @@ -127,6 +127,14 @@ As you can see, the Apache units are now running on two different machines in ou How do we route requests to these containers? The best strategy is to run a "sidekick" container that performs other duties that are related to our main container but shouldn't be directly built into that application. Examples of common sidekick containers are for service discovery and controlling external services such as cloud load balancers or DNS. ++### Recovering from Machine Failure ++ ++Machines in your fleet cluster are constantly in communication with the rest of cluster and elect a leader to make scheduling decisions. The leader is responsible for parsing newly submitted/started units, finding a qualified machine to run them (via X-Fleet parameters), and then informing the machine(s) to start the unit. ++ ++When a machine fails to heartbeat back to the fleet leader, all units running on that machine are marked for rescheduling. During that process, qualified machines are found for each unit and they are started on the new machine. Units that can't be rescheduled will remain stopped until a qualified machine can be found. If the failed machine recovers, the fleet leader will tell it to cease operations of the old units, which have been rescheduled, and then the machine will be available for new work. ++ ++You can test out this process by stopping fleet (`sudo systemctl stop fleet`) on one of the machines running our Apache unit. The fleet logs (`sudo journalctl -u fleet`) will provide more clarity on what's going on under the hood. + ## Run a Simple Sidekick The simplest sidekick example is for [service discovery](https://github.com/coreos/fleet/blob/master/Documentation/examples/service-discovery.md). This unit blindly announces that our container has been started. We'll run one of these for each Apache unit that's already running. Again, we'll use a template unit with two instances. Make a template unit called `apache-discovery@.service`. From b80dd3c9b8616d08737424e5a1b26ffbd74b2050 Mon Sep 17 00:00:00 2001 From: Sam Tresler Date: Wed, 12 Aug 2015 13:50:41 -0400 Subject: [PATCH 0562/1291] os: Adding booting-on-packet --- os/booting-on-packet.md | 59 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 59 insertions(+) create mode 100644 os/booting-on-packet.md diff --git a/os/booting-on-packet.md b/os/booting-on-packet.md new file mode 100644 index 000000000..b837e4cb5 --- /dev/null +++ b/os/booting-on-packet.md @@ -0,0 +1,59 @@ +# Running CoreOS on Packet + +Packet is a bare metal cloud hosting provider. CoreOS is installable as one of the default operating system options. You can deploy CoreOS servers via the Packet portal or API. + +## Channels +Currently the Packet OEM is making it's way through the 3 CoreOS channels. As it becomes available to a new channel it will become available on Packet. There are no seperate instructions per channel that are outside of the normal CoreOS instructions. + +## Deployment Instructions +The first step in deploying any devices on Packet is to first create an account and decide if you'd like to deploy via our portal or API. The portal is appropriate for small clusters of machines that won't change frequently. If you'll be deploying a lot of machines, or expect your workload to change frequently it is much more efficient to use the API. You can generate an API token through the portal once you've set up an account and payment method. [Packet Account Registration](https://app.packet.net/#/registration) + +### Projects +Packet has a concept of 'projects' that represent a grouping of machines that defines several other aspects of the service. A project defines who on the team has access to manage the machines in your account. Projects also define your private network; all machines in a given project will automatically share backend network connectivity. The SSH keys of all team members associated with a project will be installed to all newly provisioned machines in a project. All servers need to be in a project, even if there is only one server in that project. + +### Portal Instructions +Once logged into the portal you will be able to click the 'Deploy' button and choose CoreOS from the menu of operating systems, and choose which project you want the server to be deployed in. If you choose to enter custom cloud-config, you can click the 'manage' link and add that as well. The SSH key that you associate with your account and any other team member's keys that are on the project will be added to your CoreOS machine once it is provisioned. + +### API instructions +If you elect to use the API to provision machines on Packet you should consider using [one of our language libraries](https://www.packet.net/dev/) to code against. As an example, this is how you would launch a single Type 1 machine in a curl command. [Packet API Documentation](https://www.packet.net/dev/api/) + +```bash +curl -X POST https://api.packet.net/projects//devices \ +-H 'Content-Type: application/json' \ +-H 'Accept: application/json' \ +-H "X-Auth-Token: " \ +-d "{\"hostname\": \"", \"plan\": \"baremetal_1\", \"facility\": \"ewr1\", \"operating_system\": \"coreos_alpha\"}" +``` + +### Cloud-Config + +CoreOS allows you to configure machine parameters, launch systemd units on startup and more via cloud-config. Jump over to the [docs to learn about the supported features]({{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config). Cloud-config is intended to bring up a cluster of machines into a minimal useful state and ideally shouldn't be used to configure anything that isn't standard across many hosts. Once a machine is created on Packet, the cloud-config cannot be modified. This example can be used to spin up a minimal cluster. + +```yaml +#cloud-config + +coreos: + etcd2: + # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3 + # specify the initial size of your cluster with ?size=X + discovery: https://discovery.etcd.io/ + # multi-region and multi-cloud deployments need to use $public_ipv4 + advertise-client-urls: http://$private_ipv4:2379 + initial-advertise-peer-urls: http://$private_ipv4:2380 + listen-client-urls: http://0.0.0.0:2379 + listen-peer-urls: http://$private_ipv4:2380 + units: + - name: etcd2.service + command: start + - name: fleet.service + command: start +``` + +## IP Addresses + +The `$private_ipv4`, `$public_ipv4`, and `$public_ipv6` variables are fully supported in cloud-config on Packet. Packet is fully IPv6 compliant and we encourage you to utilize IPv6 for public connectivity with your running containers. Make sure to read up on [IPv6 and Docker](https://docs.docker.com/articles/networking/#ipv6) if you choose to take advantage of this functionality. + +## Using CoreOS + +Now that you have a machine booted it is time to play around. +Check out the [CoreOS Quickstart]({{site.baseurl}}/docs/quickstart) guide or dig into [more specific topics]({{site.baseurl}}/docs). From 1e9f2298666ece30a4d1e051a4851a9c256df2f0 Mon Sep 17 00:00:00 2001 From: Jake Bell Date: Thu, 13 Aug 2015 13:48:07 -0500 Subject: [PATCH 0563/1291] Better formatting of Packet curl command --- os/booting-on-packet.md | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/os/booting-on-packet.md b/os/booting-on-packet.md index b837e4cb5..39692a3bc 100644 --- a/os/booting-on-packet.md +++ b/os/booting-on-packet.md @@ -18,11 +18,14 @@ Once logged into the portal you will be able to click the 'Deploy' button and ch If you elect to use the API to provision machines on Packet you should consider using [one of our language libraries](https://www.packet.net/dev/) to code against. As an example, this is how you would launch a single Type 1 machine in a curl command. [Packet API Documentation](https://www.packet.net/dev/api/) ```bash -curl -X POST https://api.packet.net/projects//devices \ +# Replace items in brackets () with the appropriate values. + +curl -X POST \ -H 'Content-Type: application/json' \ -H 'Accept: application/json' \ --H "X-Auth-Token: " \ --d "{\"hostname\": \"", \"plan\": \"baremetal_1\", \"facility\": \"ewr1\", \"operating_system\": \"coreos_alpha\"}" +-H 'X-Auth-Token: ' \ +-d '{"hostname": "", "plan": "baremetal_1", "facility": "ewr1", "operating_system": "coreos_alpha"}' \ +https://api.packet.net/projects//devices ``` ### Cloud-Config From 2a5180783e320d0fa8f918d913ce90f5cd40b45e Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Sun, 16 Aug 2015 13:34:52 -0700 Subject: [PATCH 0564/1291] os: fix DO images --- os/booting-on-digitalocean.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/os/booting-on-digitalocean.md b/os/booting-on-digitalocean.md index f1bdbae77..45c820f79 100644 --- a/os/booting-on-digitalocean.md +++ b/os/booting-on-digitalocean.md @@ -196,7 +196,7 @@ For more details, check out [DigitalOcean's API documentation][do-api-docs]. -
      Choosing a CoreOS channel
      +
      Choosing a size and hostname
      3. Enable User Data and add your cloud-config in the text box.

      @@ -212,7 +212,7 @@ For more details, check out [DigitalOcean's API documentation][do-api-docs].
      - +
      Choosing a CoreOS channel
      From 4d49ba6b14309a50a476597bc4781acfdb3417fb Mon Sep 17 00:00:00 2001 From: Jake Bell Date: Mon, 17 Aug 2015 10:56:47 -0500 Subject: [PATCH 0565/1291] Adding docs for Packet userdata --- os/booting-on-packet.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/os/booting-on-packet.md b/os/booting-on-packet.md index 39692a3bc..b2768aca0 100644 --- a/os/booting-on-packet.md +++ b/os/booting-on-packet.md @@ -24,10 +24,12 @@ curl -X POST \ -H 'Content-Type: application/json' \ -H 'Accept: application/json' \ -H 'X-Auth-Token: ' \ --d '{"hostname": "", "plan": "baremetal_1", "facility": "ewr1", "operating_system": "coreos_alpha"}' \ +-d '{"hostname": "", "plan": "baremetal_1", "facility": "ewr1", "operating_system": "coreos_alpha", "userdata": ""}' \ https://api.packet.net/projects//devices ``` +Double quotes in the `` value must be escaped such that the request body is valid JSON. See the Cloud-Config section below for more information about accepted forms of userdata. + ### Cloud-Config CoreOS allows you to configure machine parameters, launch systemd units on startup and more via cloud-config. Jump over to the [docs to learn about the supported features]({{site.baseurl}}/docs/cluster-management/setup/cloudinit-cloud-config). Cloud-config is intended to bring up a cluster of machines into a minimal useful state and ideally shouldn't be used to configure anything that isn't standard across many hosts. Once a machine is created on Packet, the cloud-config cannot be modified. This example can be used to spin up a minimal cluster. From 5899a0d603b1557028452161233a31fe17b19f57 Mon Sep 17 00:00:00 2001 From: kayrus Date: Fri, 31 Jul 2015 18:04:10 +0200 Subject: [PATCH 0566/1291] Added systemd environment configuration examples --- ...-environment-variables-in-systemd-units.md | 154 ++++++++++++++++++ os/using-systemd-drop-in-units.md | 5 +- 2 files changed, 157 insertions(+), 2 deletions(-) create mode 100644 os/using-environment-variables-in-systemd-units.md diff --git a/os/using-environment-variables-in-systemd-units.md b/os/using-environment-variables-in-systemd-units.md new file mode 100644 index 000000000..c86f85d6c --- /dev/null +++ b/os/using-environment-variables-in-systemd-units.md @@ -0,0 +1,154 @@ +# Using Environment Variables In systemd Units + +## Environment directive + +Systemd has Environment directive which sets environment variables for executed processes. It takes a space-separated list of variable assignments. This option may be specified more than once in which case all listed variables will be set. If the same variable is set twice, the later setting will override the earlier setting. If the empty string is assigned to this option, the list of environment variables is reset, all prior assignments have no effect. Environments directives are used in built-in CoreOS systemd units, for example in etcd2 and flannel. + +With example below you can configure your etcd2 daemon to use encryption. Just create `run/systemd/system/etcd2.service.d/30-certificates.conf` [drop-in] for etcd2.service: + +``` +[Service] +# Client Env Vars +Environment=ETCD_CA_FILE=/path/to/CA.pem +Environment=ETCD_CERT_FILE=/path/to/server.crt +Environment=ETCD_KEY_FILE=/path/to/server.key +# Peer Env Vars +Environment=ETCD_PEER_CA_FILE=/path/to/CA.pem +Environment=ETCD_PEER_CERT_FILE=/path/to/peers.crt +Environment=ETCD_PEER_KEY_FILE=/path/to/peers.key +``` + +Then run `sudo systemctl daemon-reload` and `sudo systemct restart etcd2.service` to apply new environments to etcd2 daemon. You can read more about etcd2 certificates [here](customize-etcd-unit.html). + +## EnvironmentFile directive + +EnvironmentFile similar to Environment directive but reads the environment variables from a text file. The text file should contain new-line-separated variable assignments. + +It is impossible to use scripts in Environment directive. So you can not dynamically define Environment, i.e. this doesn't work `Environment=/usr/bin/curl http://example.com/something`. When you need to update your environment values dynamically you can combine systemd service unit and EnvironmentFile directive. + +For example in CoreOS `flanneld.service` unit file creates `/run/flannel_docker_opts.env` environment file which is used by `docker.service` unit to configure Docker use flannel interface. You can use similar example in your containers' unit files: + +``` +cat fleet_machines.service +[Unit] +Description=Generates /etc/fleet_machines.env file +After=etcd2.service +Requires=etcd2.service +After=fleet.service +Requires=fleet.service + +[Service] +Type=oneshot +ExecStart=/usr/bin/sh -c "/usr/bin/echo -n FLEET_MACHINES= > /etc/fleet_machines.env" +ExecStart=/usr/bin/sh -c "/usr/bin/fleetctl list-machines -fields='ip,machine' -no-legend=true -full=true | tr '\t' '=' | tr '\n' ',' >> /etc/fleet_machines.env" +``` + +``` +cat container.service +[Unit] +Description=My test docker container +After=docker.service +Requires=docker.service +After=fleet_machines.service +Requires=fleet_machines.service + +[Service] +EnvironmentFile=/etc/fleet_machines.env +ExecStartPre=-/usr/bin/docker kill %p +ExecStartPre=-/usr/bin/docker rm %p +ExecStartPre=/usr/bin/docker pull ubuntu:latest +ExecStart=/usr/bin/docker run --rm --name %p -e FLEET_MACHINES ubuntu:latest bash -c 'while true; do echo "$FLEET_MACHINES"; sleep 1; done' +``` + +## Another Examples + +### Use host IP addresses and EnvironmentFile + +You can also write your host IP addresses into `/etc/network-environment` file using [this](https://github.com/kelseyhightower/setup-network-environment) utility. Then you can run your Docker containers following way: + +``` +[Unit] +Description=Nginx service +Requires=etcd2.service +After=etcd2.service +[Service] +# Get network environmental variables +EnvironmentFile=/etc/network-environment +ExecStartPre=-/usr/bin/docker kill nginx +ExecStartPre=-/usr/bin/docker rm nginx +ExecStartPre=/usr/bin/docker pull nginx +ExecStartPre=/usr/bin/etcdctl set /services/nginx '{"host": "%H", "ipv4_addr": ${DEFAULT_IPV4}, "port": 80}' +ExecStart=/usr/bin/docker run --rm --name nginx -p ${DEFAULT_IPV4}:80:80 nginx +ExecStop=/usr/bin/docker stop nginx +ExecStopPost=/usr/bin/etcdctl rm /services/nginx +``` + +This unit file will run nginx docker container and bind it to specific IP address and port. + +### etcd2.service Unit Advanced Example + +Let's review another etcd2.service [drop-in] unit example. [Cloud-config][cloud-config] compiles special `/run/systemd/system/etcd2.service.d/20-cloudinit.conf` [drop-in] unit file using options defined in "etcd2:" yaml section: + +``` +[Service] +Environment="ETCD_ADVERTISE_CLIENT_URLS=http://10.0.1.10:2379" +Environment="ETCD_DISCOVERY=https://discovery.etcd.io/" +Environment="ETCD_INITIAL_ADVERTISE_PEER_URLS=http://10.0.1.10:2380" +Environment="ETCD_LISTEN_CLIENT_URLS=http://0.0.0.0:2379,http://0.0.0.0:4001" +Environment="ETCD_LISTEN_PEER_URLS=http://0.0.0.0:2380" +``` + +For example you have created five-nodes CoreOS cluster but have forgot to set cluster size in [discovery][etcd-discovery] URL and its cluster size is three by default. Your rest two nodes became proxy and you would like to convert them to etcd2 member. + +You can solve this problem without new cluster bootstrapping. Run `etcdctl member add node4 http://10.0.1.13:2380` and remember its output (we will use it later): + +``` +added member 9bf1b35fc7761a23 to cluster + +ETCD_NAME="node4" +ETCD_INITIAL_CLUSTER="node1=http://10.0.1.10:2380,node2=http://10.0.1.11:2380,node3=http://10.0.1.12:2380,node4=http://10.0.1.13:2380" +ETCD_INITIAL_CLUSTER_STATE=existing +``` + +Already defined in `20-cloudinit.conf` `ETCD_DISCOVERY` conflicts with `ETCD_INITIAL_CLUSTER` environment variable, so we have to clean it. We can do that overriding `20-cloudinit.conf` by `99-restore.conf` drop-in with the `Environment="ETCD_DISCOVERY="` string. + +The complete example will look this way. On `node4` CoreOS host create temporarily systemd drop-in unit `/run/systemd/system/etcd2.service.d/99-restore.conf` with the content below (we use variables from `etcdctl member add` output): + +``` +[Service] +# remove previously created proxy directory +ExecStartPre=/usr/bin/rm -rf /var/lib/etcd2/proxy +# here we clean previously defined ETCD_DISCOVERY environment variable, we don't need it as we've already bootstrapped etcd cluster and ETCD_DISCOVERY conflicts with ETCD_INITIAL_CLUSTER environment variable +Environment="ETCD_DISCOVERY=" +Environment="ETCD_NAME=node4" +Environment="ETCD_INITIAL_CLUSTER=node1=http://10.0.1.10:2380,node2=http://10.0.1.11:2380,node3=http://10.0.1.12:2380,node4=http://10.0.1.13:2380" +Environment="ETCD_INITIAL_CLUSTER_STATE=existing" +``` + +Run `sudo systemctl daemon-reload` and `sudo systemctl restart etcd2` to apply your changes. You will see that your proxy node became cluster member: + +``` +etcdserver: start member 9bf1b35fc7761a23 in cluster 36cce781cb4f1292 +``` + +Once your proxy node became member node and `etcdctl cluster-health` shows healthy cluster, you can remove your temporarily drop-in `sudo rm /run/systemd/system/etcd2.service.d/99-restore.conf && sudo systemctl daemon-reload`. + +## More systemd Examples + +For more systemd examples, check out these documents: + +[Customizing Docker][customizing-docker] +[Customizing the SSH Daemon][customizing-sshd] +[Using systemd Drop-In Units][drop-in] + +[drop-in]: using-systemd-drop-in-units.html +[customizing-sshd]: customizing-sshd.html#changing-the-sshd-port +[customizing-docker]: customizing-docker.html#using-a-dockercfg-file-for-authentication +[cloud-config]: cloud-config.html +[etcd-discovery]: cluster-discovery.html +[systemd-udev]: using-systemd-and-udev-rules.html + +## More Information +systemd.exec Docs +systemd.service Docs +systemd.unit Docs diff --git a/os/using-systemd-drop-in-units.md b/os/using-systemd-drop-in-units.md index d490e10ed..ecd47cf57 100644 --- a/os/using-systemd-drop-in-units.md +++ b/os/using-systemd-drop-in-units.md @@ -124,12 +124,13 @@ To see all runtime drop-in changes for system units run the command below: systemd-delta --type=extended ``` -## Another Examples +## Another systemd Examples -For another real examples, check out these documents: +For another real systemd examples, check out these documents: [Customizing Docker]({{site.baseurl}}/os/docs/latest/customizing-docker.html#using-a-dockercfg-file-for-authentication) [Customizing the SSH Daemon]({{site.baseurl}}/os/docs/latest/customizing-sshd.html#changing-the-sshd-port) +[Using Environment Variables In systemd Units]({{site.baseurl}}/os/docs/latest/using-environment-variables-in-systemd-units.html) ## More Information systemd.service Docs From 43ff0b3cbb689de14aa01c8e683569144acfc5c4 Mon Sep 17 00:00:00 2001 From: Charlie Holbech Date: Wed, 19 Aug 2015 12:25:01 -0400 Subject: [PATCH 0567/1291] Changed promotional URL Changed promotional URL to send to: https://www.packet.net/promo/coreos/ --- os/booting-on-packet.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/os/booting-on-packet.md b/os/booting-on-packet.md index b2768aca0..82e14f30f 100644 --- a/os/booting-on-packet.md +++ b/os/booting-on-packet.md @@ -6,7 +6,7 @@ Packet is a bare metal cloud hosting provider. CoreOS is installable as one of t Currently the Packet OEM is making it's way through the 3 CoreOS channels. As it becomes available to a new channel it will become available on Packet. There are no seperate instructions per channel that are outside of the normal CoreOS instructions. ## Deployment Instructions -The first step in deploying any devices on Packet is to first create an account and decide if you'd like to deploy via our portal or API. The portal is appropriate for small clusters of machines that won't change frequently. If you'll be deploying a lot of machines, or expect your workload to change frequently it is much more efficient to use the API. You can generate an API token through the portal once you've set up an account and payment method. [Packet Account Registration](https://app.packet.net/#/registration) +The first step in deploying any devices on Packet is to first create an account and decide if you'd like to deploy via our portal or API. The portal is appropriate for small clusters of machines that won't change frequently. If you'll be deploying a lot of machines, or expect your workload to change frequently it is much more efficient to use the API. You can generate an API token through the portal once you've set up an account and payment method. Create an account here: [Packet Account Registration](https://www.packet.net/promo/coreos/) ### Projects Packet has a concept of 'projects' that represent a grouping of machines that defines several other aspects of the service. A project defines who on the team has access to manage the machines in your account. Projects also define your private network; all machines in a given project will automatically share backend network connectivity. The SSH keys of all team members associated with a project will be installed to all newly provisioned machines in a project. All servers need to be in a project, even if there is only one server in that project. From 62a0d2f9bce5f20376c2d32d37c37948b4c90118 Mon Sep 17 00:00:00 2001 From: Jimmy Zelinskie Date: Wed, 19 Aug 2015 15:32:05 -0400 Subject: [PATCH 0568/1291] ER: fix broken URL to download logs script --- enterprise-registry/log-debugging.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/enterprise-registry/log-debugging.md b/enterprise-registry/log-debugging.md index 32291e568..e907feabb 100644 --- a/enterprise-registry/log-debugging.md +++ b/enterprise-registry/log-debugging.md @@ -23,4 +23,4 @@ To download logs, click the " Download All Local L ## Shell script to download logs -The aforementioned operations are also available in script form at https://github.com/coreos/docs/blob/master/enterprise-registry/log-debugging/gzip-registry-logs.sh \ No newline at end of file +The aforementioned operations are also available in script form on [GitHub](https://github.com/coreos/docs/blob/master/enterprise-registry/gzip-registry-logs.sh). From 587f14cd5c4a1f47b1b6f47d032a52c5c630b780 Mon Sep 17 00:00:00 2001 From: Michiel De Mey Date: Thu, 20 Aug 2015 00:14:29 +0200 Subject: [PATCH 0569/1291] fleet: Fixed failure scenario documentation Removed extra '+' signs in the new documentation section, possibly due to a merge conflict. --- fleet/launching-containers-fleet.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/fleet/launching-containers-fleet.md b/fleet/launching-containers-fleet.md index d521216a1..47c5a4f25 100644 --- a/fleet/launching-containers-fleet.md +++ b/fleet/launching-containers-fleet.md @@ -127,13 +127,13 @@ As you can see, the Apache units are now running on two different machines in ou How do we route requests to these containers? The best strategy is to run a "sidekick" container that performs other duties that are related to our main container but shouldn't be directly built into that application. Examples of common sidekick containers are for service discovery and controlling external services such as cloud load balancers or DNS. -+### Recovering from Machine Failure -+ -+Machines in your fleet cluster are constantly in communication with the rest of cluster and elect a leader to make scheduling decisions. The leader is responsible for parsing newly submitted/started units, finding a qualified machine to run them (via X-Fleet parameters), and then informing the machine(s) to start the unit. -+ -+When a machine fails to heartbeat back to the fleet leader, all units running on that machine are marked for rescheduling. During that process, qualified machines are found for each unit and they are started on the new machine. Units that can't be rescheduled will remain stopped until a qualified machine can be found. If the failed machine recovers, the fleet leader will tell it to cease operations of the old units, which have been rescheduled, and then the machine will be available for new work. -+ -+You can test out this process by stopping fleet (`sudo systemctl stop fleet`) on one of the machines running our Apache unit. The fleet logs (`sudo journalctl -u fleet`) will provide more clarity on what's going on under the hood. +### Recovering from Machine Failure + +Machines in your fleet cluster are constantly in communication with the rest of cluster and elect a leader to make scheduling decisions. The leader is responsible for parsing newly submitted/started units, finding a qualified machine to run them (via X-Fleet parameters), and then informing the machine(s) to start the unit. + +When a machine fails to heartbeat back to the fleet leader, all units running on that machine are marked for rescheduling. During that process, qualified machines are found for each unit and they are started on the new machine. Units that can't be rescheduled will remain stopped until a qualified machine can be found. If the failed machine recovers, the fleet leader will tell it to cease operations of the old units, which have been rescheduled, and then the machine will be available for new work. + +You can test out this process by stopping fleet (`sudo systemctl stop fleet`) on one of the machines running our Apache unit. The fleet logs (`sudo journalctl -u fleet`) will provide more clarity on what's going on under the hood. ## Run a Simple Sidekick From 6a171d343e380fcb2a00e23539d69d7161c1f963 Mon Sep 17 00:00:00 2001 From: Nick Owens Date: Tue, 25 Aug 2015 07:54:01 -0700 Subject: [PATCH 0570/1291] os/sdk-modifying-coreos.md: fix repo reference url --- os/sdk-modifying-coreos.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/os/sdk-modifying-coreos.md b/os/sdk-modifying-coreos.md index 8a70233b7..64d9fc4e0 100644 --- a/os/sdk-modifying-coreos.md +++ b/os/sdk-modifying-coreos.md @@ -137,9 +137,9 @@ managing a large number of git repos easier, from the announcement blog: [repo-blog]: http://google-opensource.blogspot.com/2008/11/gerrit-and-repo-android-source.html -You can find the full manual for repo by visiting [Version Control with Repo and Git][vc-repo-git]. +You can find the full manual for repo by visiting [android.com - Developing][android-repo-git]. -[vc-repo-git]: http://source.android.com/source/version-control.html +[android-repo-git]: https://source.android.com/source/developing.html ### Updating repo manifests From e5833bbf92c35b0f73dad3fb0a4f7d291e1f4767 Mon Sep 17 00:00:00 2001 From: kayrus Date: Thu, 20 Aug 2015 14:37:35 +0200 Subject: [PATCH 0571/1291] Fixed race condition issue in static network configuration --- os/network-config-with-networkd.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/os/network-config-with-networkd.md b/os/network-config-with-networkd.md index 58cc87849..2201468db 100644 --- a/os/network-config-with-networkd.md +++ b/os/network-config-with-networkd.md @@ -90,7 +90,7 @@ coreos: ExecStart=/usr/bin/ip link set eth0 down ExecStart=/usr/bin/ip addr flush dev eth0 - name: systemd-networkd.service - command: start + command: restart ``` ## Turn Off DHCP on specific interface From 319d45f878189f9798e8f31f72fa3fba3808cfd9 Mon Sep 17 00:00:00 2001 From: Alex Crawford Date: Fri, 21 Aug 2015 14:45:08 -0700 Subject: [PATCH 0572/1291] ignition: add initial docs --- ignition/examples.md | 212 ++++++++++++++++++++++++++++++ ignition/network-configuration.md | 68 ++++++++++ ignition/supported-platforms.md | 10 ++ ignition/what-is-ignition.md | 83 ++++++++++++ 4 files changed, 373 insertions(+) create mode 100644 ignition/examples.md create mode 100644 ignition/network-configuration.md create mode 100644 ignition/supported-platforms.md create mode 100644 ignition/what-is-ignition.md diff --git a/ignition/examples.md b/ignition/examples.md new file mode 100644 index 000000000..a28cde8ef --- /dev/null +++ b/ignition/examples.md @@ -0,0 +1,212 @@ +# Example Configs # + +Each of these examples is written in version 1 of the config. Always double +check to make sure that your config matches the version that Ignition is +expecting. + +## Reformat the Root Filesystem ## + +In many scenarios, it may be preferable to use btrfs for the root filesystem. +This config will find the device with the filesystem label "ROOT" (the root +filesystem) and reformat it to btrfs, maintaining the filesystem label. The +force flag is needed here because CoreOS currently ships with an ext4 root +filesystem. Without this flag, Ignition would recognize that there is existing +data and refuse to overwrite it. + +```json +{ + "ignitionVersion": 1, + "storage": { + "filesystems": [ + { + "device": "/dev/disk/by-label/ROOT", + "format": "btrfs", + "create": { + "force": true, + "options": [ + "--label=ROOT" + ] + } + } + ] + } +} +``` + +## Create a RAID-enabled Data Volume ## + +In many scenarios, it may be useful to have an external data volume. This +config will set up a RAID0 btrfs volume, data, between two seperate disks. It +also writes a mount unit (shown below) which will automatically mount the +volume to /var/lib/data on boot. + +```json +{ + "ignitionVersion": 1, + "storage": { + "disks": [ + { + "device": "/dev/sdb", + "wipe-table": true, + "partitions": [ + { + "label": "raid.1.1", + "number": 1, + "size": 20480, + "start": 0 + } + ] + }, + { + "device": "/dev/sdc", + "wipe-table": true, + "partitions": [ + { + "label": "raid.1.2", + "number": 1, + "size": 20480, + "start": 0 + } + ] + } + ], + "raid": [ + { + "devices": [ + "/dev/disk/by-partlabel/raid.1.1", + "/dev/disk/by-partlabel/raid.1.2" + ], + "level": "stripe", + "name": "data" + } + ], + "filesystems": [ + { + "device": "/dev/md/data", + "format": "btrfs", + "create": { + "options": [ + "--label=DATA" + ] + } + } + ] + }, + "systemd": { + "units": [ + { + "name": "var-lib-data.mount", + "enable": true, + "contents": "[Mount]\nWhat=/dev/md/data\nWhere=/var/lib/data\nType=btrfs\n\n[Install]\nWantedBy=local-fs.target" + } + ] + } +} +``` + +### var-lib-data.mount ### + +``` +[Mount] +What=/dev/data +Where=/var/lib/data +Type=btrfs + +[Install] +WantedBy=local-fs.target +``` + +## etcd2 With coreos-metadata ## + +This config will write a systemd drop-in (shown below) for etcd2.service. The +drop-in modifies the ExecStart option, adding a few flags to etcd2's +invocation. These flags use variables defined by coreos-metadata.service to +change the interfaces on which etcd2 listens. coreos-metadata is provided by +CoreOS and will read the appropriate metadata for the cloud environment and +write the results to /run/metadata/coreos. For more information on the +supported platforms and environment variables, refer to the [coreos-metadata +README][coreos-metadata] + +```json +{ + "ignitionVersion": 1, + "systemd": { + "units": [ + { + "name": "etcd2.service", + "enable": true, + "dropins": [ + { + "name": "metadata.conf", + "contents": "[Unit]\nRequires=coreos-metadata.service\nAfter=coreos-metadata.service\n\n[Service]\nEnvironmentFile=/run/metadata/coreos\nExecStart=\nExecStart=/usr/bin/etcd2 --advertise-client-urls=http://${COREOS_IPV4_PUBLIC}:2379 --initial-advertise-peer-urls=http://${COREOS_IPV4_LOCAL}:2380 --listen-client-urls=http://0.0.0.0:2379 --listen-peer-urls=http://${COREOS_IPV4_LOCAL}:2380 --initial-cluster=${ETCD_NAME}=http://${COREOS_IPV4_LOCAL}:2380" + } + ] + } + ] + } +} +``` + +[coreos-metadata]: https://github.com/coreos/coreos-metadata/blob/master/README.md + +### metadata.conf ### + +``` +[Unit] +Requires=coreos-metadata.service +After=coreos-metadata.service + +[Service] +EnvironmentFile=/run/metadata/coreos +ExecStart= +ExecStart=/usr/bin/etcd2 \ + --advertise-client-urls=http://${COREOS_IPV4_PUBLIC}:2379 \ + --initial-advertise-peer-urls=http://${COREOS_IPV4_LOCAL}:2380 \ + --listen-client-urls=http://0.0.0.0:2379 \ + --listen-peer-urls=http://${COREOS_IPV4_LOCAL}:2380 \ + --initial-cluster=${ETCD_NAME}=http://${COREOS_IPV4_LOCAL}:2380 +``` + +## Custom Metadata Agent ## + +In the event that CoreOS is being used outside of a supported cloud environment +(e.g. PXE booted, bare-metal installation, Mom and Pop Compute), +coreos-metadata won't work. However, it is possible to write a custom metadata +service if needed. + + +This config will write a single service unit with the contents of a metadata +agent service (shown below). This unit will not start on its own because it is +not enabled and it is not a dependency of any other units. This metadata agent +will fetch instance metadata from EC2 and save it to an ephemeral file. + +```json +{ + "ignitionVersion": 1, + "systemd": { + "units": [ + { + "name": "metadata.service", + "contents": "[Unit]\nDescription=EC2 metadata agent\n\n[Service]\nType=oneshot\nEnvironment=OUTPUT=/run/metadata/ec2\nExecStart=/usr/bin/mkdir --parent /run/metadata\nExecStart=/usr/bin/bash -c 'echo \"COREOS_IPV4_PUBLIC=$(curl --url http://169.254.169.254/2009-04-04/meta-data/public-ipv4 --retry 10)\\nCOREOS_IPV4_LOCAL=$(curl --url http://169.254.169.254/2009-04-04/meta-data/local-ipv4 --retry 10)\" > ${OUTPUT}'\n" + } + ] + } +} +``` + +### metadata.service ### + +``` +[Unit] +Description=EC2 metadata agent + +[Service] +Type=oneshot +Environment=OUTPUT=/run/metadata/ec2 +ExecStart=/usr/bin/mkdir --parent /run/metadata +ExecStart=/usr/bin/bash -c 'echo "COREOS_IPV4_PUBLIC=$(curl\ + --url http://169.254.169.254/2009-04-04/meta-data/public-ipv4\ + --retry 10)\nCOREOS_IPV4_LOCAL=$(curl\ + --url http://169.254.169.254/2009-04-04/meta-data/local-ipv4\ + --retry 10)" > ${OUTPUT}' +``` diff --git a/ignition/network-configuration.md b/ignition/network-configuration.md new file mode 100644 index 000000000..93d92d0f9 --- /dev/null +++ b/ignition/network-configuration.md @@ -0,0 +1,68 @@ +# Network Configuration # + +Configuring networkd with Ignition is a very straightforward task. Because +Ignition runs before networkd starts, configuration is just a matter of writing +the desired config to disk. The Ignition config has a specific section +dedicated to this. + +## Static Networking ## + +In this example, the network interface with the name "eth0" will be given the +IP address 10.0.1.7. A typical interface will need more configuration and can +use all of the options of a [network unit][network]. + +```json +{ + "networkd": { + "units": [ + { + "name": "00-eth0.network", + "contents": "[Match]\nName=eth0\n\n[Network]\nAddress=10.0.1.7" + } + ] + } +} +``` + +This configuration will instruct Ignition to create a single network unit named +"00-eth0.network" with the contents: + +``` +[Match] +Name=eth0 + +[Network] +Address=10.0.1.7 +``` + +When the system boots, networkd will read this config and assign the IP address +to eth0. + +[network]: http://www.freedesktop.org/software/systemd/man/systemd.network.html + +## Bonded NICs ## + +In this example, all of the network interfaces whose names begin with "eth" +will be bonded together to form "bond0". This new interface will then be +configured to use DHCP. + +```json +{ + "networkd": { + "units": [ + { + "name": "00-eth.network", + "contents": "[Match]\nName=eth*\n\n[Network]\nBond=bond0" + }, + { + "name": "10-bond0.netdev", + "contents": "[NetDev]\nName=bond0\nKind=bond" + }, + { + "name": "20-bond0.network", + "contents": "[Match]\nName=bond0\n\n[Network]\nDHCP=true" + }, + ] + } +} +``` diff --git a/ignition/supported-platforms.md b/ignition/supported-platforms.md new file mode 100644 index 000000000..f9202cf35 --- /dev/null +++ b/ignition/supported-platforms.md @@ -0,0 +1,10 @@ +# Supported Platforms # + +Ignition is currently only supported for the following images: + +- Bare Metal +- PXE +- Amazon EC2 + +Ignition is under active development so expect this list to expand in the +coming months. diff --git a/ignition/what-is-ignition.md b/ignition/what-is-ignition.md new file mode 100644 index 000000000..a83dd1c81 --- /dev/null +++ b/ignition/what-is-ignition.md @@ -0,0 +1,83 @@ +# What is Ignition? # + +Ignition is a new provisioning utility designed specifically for CoreOS. At the +the most basic level, it is a tool for manipulating disks during early boot. +This includes partitioning disks, formatting partitions, writing files (regular +files, systemd units, networkd units, etc.), and configuring users. On first +boot, Ignition reads its configuration from a source-of-truth (remote URL, +network metadata service, hypervisor bridge, etc.) and applies the configuration. + +A [series of example configs][examples] are provided for reference. + +[examples]: examples.md + +## Ignition vs coreos-cloudinit ## + +Ignition solves many of the same problems as [coreos-cloudinit][cloudinit] but +in a simpler, more predictable, and more flexible manner. This is achieved with +two major changes: Ignition only runs once and Ignition does not handle +variable substitution. Ignition has also fixed a number of the pain points with +regard to configuration. Instead of YAML, Ignition uses JSON for its +configuration format. JSON's typing immediately eliminates problems like "off" +being rewritten as "false", the "#cloud-config" header being stripped because +comments *shouldn't* have meaning, and confusion around whether those file +permissions were written in octal or decimal. Ignition's configuration is also +versioned which allows it to be improved in the future without having to worry +as much about maintaining backward compatibility. + +[cloudinit]: https://github.com/coreos/coreos-cloudinit + +### Ignition Only Runs Once ## + +Even though Ignition only runs once, it packs a powerful punch. Because +Ignition runs so early in the boot process (the initramfs, to be exact), it is +able to repartition disks, format filesystems, create users, and write files +all before the userspace has begun booting. This means, for example, that the +issue of [configuring the network][network config] falls away; the network +config is written early enough for networkd to read when it first starts. It +also means systemd services are already written to disk by the time systemd +starts. This results in a simple startup, a faster startup, and the ability to +accurately inspect the unit dependency graphs. + +[network config]: network-configuration.md + +### No Variable Substitution ## + +Given that Ignition only runs once, it wouldn't make much sense for it to +incorporate dynamic data (e.g. floating IP addresses, compute region, etc.). +This is partly why there is no support for variable substition. Instead, the +proper approach is to use Ignition to write static files and leverage systemd's +environment variable expansion to insert dynamic data. The Ignition config +should install a service which fetches the necessary runtime data and then any +services which need this data (e.g. etcd, fleet) can depend on that +aforementioned service and source in its output. The result is that the data is +only collected if and when it is needed. For supported platforms, CoreOS +provides a small utility (`coreos-metadata.service`) to help fetch this data. + +The lack of variable substitution in Ignition has an added benifit of leveling +the playing field when it comes to compute providers. No longer is the user's +experince crippled because the metadata for their platform isn't supported. It +is possible to write a [custom metadata agent][custom agent] to fetch the +necessary data. + +[custom agent]: examples.md#custom-metadata-agent + +## Providing Ignition a Config ## + +Ignition can read its config from a number of different locations, although, +only one can be used at a time. When running CoreOS on the supported cloud- +providers, Ignition will read its config from the instance's userdata. This +means that if Ignition is being used, it will not be possible to use other +tools which also use this userdata (e.g. coreos-cloudinit). Bare metal +installations and PXE boots can use the kernel boot parameters to point +Ignition at the config. + +## Where is Ignition Supported? ## + +The [full list of supported platforms][supported platforms] is provided and +will be kept up-to-date as development progresses. + +Ignition is under active development. Expect to see support for more images in +the coming months. + +[supported platforms]: supported-platforms.md From f772b5fe77725d7376bc58cc0fee93d62ac1ffbf Mon Sep 17 00:00:00 2001 From: Joshua Wood Date: Sun, 30 Aug 2015 16:59:40 -0500 Subject: [PATCH 0573/1291] os/config-datetime: timedatectl output sync Update quoted `timedatectl` output to match that of recent systemd versions: `s/Ntp enabled/Network time on/`. Update dates in quoted `timedatectl` output for freshness. --- os/configuring-date-and-timezone.md | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/os/configuring-date-and-timezone.md b/os/configuring-date-and-timezone.md index 013bdc032..e4545a24a 100644 --- a/os/configuring-date-and-timezone.md +++ b/os/configuring-date-and-timezone.md @@ -13,11 +13,11 @@ and time zone. ``` $ timedatectl status - Local time: Tue 2014-08-26 19:29:12 UTC - Universal time: Tue 2014-08-26 19:29:12 UTC - RTC time: Tue 2014-08-26 19:29:12 + Local time: Wed 2015-08-26 19:29:12 UTC + Universal time: Wed 2015-08-26 19:29:12 UTC + RTC time: Wed 2015-08-26 19:29:12 Time zone: UTC (UTC, +0000) - NTP enabled: no + Network time on: no NTP synchronized: yes RTC in local TZ: no DST active: n/a @@ -56,20 +56,20 @@ Check the changes: ``` $ timedatectl - Local time: Tue 2014-08-26 15:44:07 EDT - Universal time: Tue 2014-08-26 19:44:07 UTC - RTC time: Tue 2014-08-26 19:44:07 + Local time: Wed 2015-08-26 15:44:07 EDT + Universal time: Wed 2015-08-26 19:44:07 UTC + RTC time: Wed 2015-08-26 19:44:07 Time zone: America/New_York (EDT, -0400) - NTP enabled: no + Network time on: no NTP synchronized: yes RTC in local TZ: no DST active: yes Last DST change: DST began at - Sun 2014-03-09 01:59:59 EST - Sun 2014-03-09 03:00:00 EDT + Sun 2015-03-08 01:59:59 EST + Sun 2015-03-08 03:00:00 EDT Next DST change: DST ends (the clock jumps one hour backwards) at - Sun 2014-11-02 01:59:59 EDT - Sun 2014-11-02 01:00:00 EST + Sun 2015-11-01 01:59:59 EDT + Sun 2015-11-01 01:00:00 EST ``` Time zone may instead be set in cloud-config, with something like the following From c560e9c57dc99a9c154e0ec80b89c11b8a9df0cb Mon Sep 17 00:00:00 2001 From: Joshua Wood Date: Sun, 30 Aug 2015 19:51:53 -0500 Subject: [PATCH 0574/1291] os/mounting-storage: NFS: Clarify, add references. Clarify language. Adopt and apply NFS convention of "export" rather than "share". Add refs to external docs (see rpc.statd). --- os/mounting-storage.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/os/mounting-storage.md b/os/mounting-storage.md index 943702c45..2f6b1022b 100644 --- a/os/mounting-storage.md +++ b/os/mounting-storage.md @@ -99,9 +99,9 @@ coreos: Note the declaration of `ConditionPathExists=!/var/lib/docker.btrfs`. Without this line, systemd would reformat the btrfs filesystem every time the machine starts. -## Mounting NFS shares +## Mounting NFS Exports -This example will show how you can mount NFS share. First of all we will enable rpc-statd for NFS host monitoring. Then we will mount `/var/www` share into local `/var/www` path. Please pay attention on the unit name `var-www.mount` it should correspend to mount path `/var/www`. +This cloud-config excerpt enables the NFS host monitor [`rpc.statd(8)`](http://linux.die.net/man/8/rpc.statd), then mounts an NFS export onto the CoreOS system's `/var/www`. Mount unit names match the target mount point, with interior slashes replaced by dashes. A unit mounting onto `/var/www` is thus named `var-www.mount`. ```yaml #cloud-config @@ -119,7 +119,7 @@ coreos: Type=nfs ``` -If you would like to add NFS mount as dependency for certain unit you have to use these options: +To declare that another service depends on this mount, name the mount unit in the dependent unit's `After` and `Requires` properties: ```yaml [Unit] @@ -127,8 +127,8 @@ After=var-www.mount Requires=var-www.mount ``` -If the mount point can't be mounted correctly, the dependent unit will not start. +If the mount fails, dependent units will not start. ## Further Reading -Read the [full docs](http://www.freedesktop.org/software/systemd/man/systemd.mount.html) to learn about the available options. Examples specific to [EC2]({{site.baseurl}}/docs/running-coreos/cloud-providers/ec2/#instance-storage), [Google Compute Engine]({{site.baseurl}}/docs/running-coreos/cloud-providers/google-compute-engine/#additional-storage) and [Rackspace Cloud]({{site.baseurl}}/docs/running-coreos/cloud-providers/rackspace/#mount-data-disk) can be used as a starting point. +Check the [`systemd mount` docs](http://www.freedesktop.org/software/systemd/man/systemd.mount.html) to learn about the available options. Examples specific to [EC2]({{site.baseurl}}/docs/running-coreos/cloud-providers/ec2/#instance-storage), [Google Compute Engine]({{site.baseurl}}/docs/running-coreos/cloud-providers/google-compute-engine/#additional-storage) and [Rackspace Cloud]({{site.baseurl}}/docs/running-coreos/cloud-providers/rackspace/#mount-data-disk) can be used as a starting point. From cc4f9916722eeff08c1633303da80923da8abb9c Mon Sep 17 00:00:00 2001 From: Alex Crawford Date: Mon, 31 Aug 2015 16:11:38 -0700 Subject: [PATCH 0575/1291] ignition: change RAID example to use ext4 --- ignition/examples.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/ignition/examples.md b/ignition/examples.md index a28cde8ef..27408df1b 100644 --- a/ignition/examples.md +++ b/ignition/examples.md @@ -36,7 +36,7 @@ data and refuse to overwrite it. ## Create a RAID-enabled Data Volume ## In many scenarios, it may be useful to have an external data volume. This -config will set up a RAID0 btrfs volume, data, between two seperate disks. It +config will set up a RAID0 ext4 volume, data, between two seperate disks. It also writes a mount unit (shown below) which will automatically mount the volume to /var/lib/data on boot. @@ -83,7 +83,7 @@ volume to /var/lib/data on boot. "filesystems": [ { "device": "/dev/md/data", - "format": "btrfs", + "format": "ext4", "create": { "options": [ "--label=DATA" @@ -97,7 +97,7 @@ volume to /var/lib/data on boot. { "name": "var-lib-data.mount", "enable": true, - "contents": "[Mount]\nWhat=/dev/md/data\nWhere=/var/lib/data\nType=btrfs\n\n[Install]\nWantedBy=local-fs.target" + "contents": "[Mount]\nWhat=/dev/md/data\nWhere=/var/lib/data\nType=ext4\n\n[Install]\nWantedBy=local-fs.target" } ] } @@ -110,7 +110,7 @@ volume to /var/lib/data on boot. [Mount] What=/dev/data Where=/var/lib/data -Type=btrfs +Type=ext4 [Install] WantedBy=local-fs.target From 104fe6ae710e88e7460a8c2eb2428d3892cd2a2a Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Tue, 1 Sep 2015 12:40:14 -0700 Subject: [PATCH 0576/1291] enterprise-registry: fix script url --- enterprise-registry/mysql-container.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/enterprise-registry/mysql-container.md b/enterprise-registry/mysql-container.md index a9f0ef1da..5de35f0e7 100644 --- a/enterprise-registry/mysql-container.md +++ b/enterprise-registry/mysql-container.md @@ -42,7 +42,7 @@ Wait about 30 seconds for the new DB to be created before testing the connection Alternatively you can download a simple shell script to perform the steps above: ```sh -curl --location https://raw.githubusercontent.com/coreos/docs/master/enterprise-registry/mysql-container/provision_mysql.sh -o /tmp/provision_mysql.sh -# +curl --location https://raw.githubusercontent.com/coreos/docs/master/enterprise-registry/provision_mysql.sh -o /tmp/provision_mysql.sh -# ``` Then run: From e81d05b725429702bac9c3e115e14979e54da0f4 Mon Sep 17 00:00:00 2001 From: Alex Crawford Date: Tue, 1 Sep 2015 15:38:56 -0700 Subject: [PATCH 0577/1291] ignition: ec2 isn't supported yet --- ignition/supported-platforms.md | 1 - 1 file changed, 1 deletion(-) diff --git a/ignition/supported-platforms.md b/ignition/supported-platforms.md index f9202cf35..0617f2296 100644 --- a/ignition/supported-platforms.md +++ b/ignition/supported-platforms.md @@ -4,7 +4,6 @@ Ignition is currently only supported for the following images: - Bare Metal - PXE -- Amazon EC2 Ignition is under active development so expect this list to expand in the coming months. From 1edc9a4f6f7cffec378b6f9f77f2d30625344b35 Mon Sep 17 00:00:00 2001 From: Alex Crawford Date: Tue, 1 Sep 2015 17:46:37 -0700 Subject: [PATCH 0578/1291] ignition: minor cleanup --- ignition/supported-platforms.md | 4 +-- ignition/what-is-ignition.md | 52 ++++++++++++++++++--------------- 2 files changed, 31 insertions(+), 25 deletions(-) diff --git a/ignition/supported-platforms.md b/ignition/supported-platforms.md index 0617f2296..f55959620 100644 --- a/ignition/supported-platforms.md +++ b/ignition/supported-platforms.md @@ -2,8 +2,8 @@ Ignition is currently only supported for the following images: -- Bare Metal -- PXE +- [Bare Metal](https://coreos.com/os/docs/latest/installing-to-disk.html) +- [PXE](https://coreos.com/os/docs/latest/booting-with-pxe.html) Ignition is under active development so expect this list to expand in the coming months. diff --git a/ignition/what-is-ignition.md b/ignition/what-is-ignition.md index a83dd1c81..76d4daad6 100644 --- a/ignition/what-is-ignition.md +++ b/ignition/what-is-ignition.md @@ -17,27 +17,31 @@ Ignition solves many of the same problems as [coreos-cloudinit][cloudinit] but in a simpler, more predictable, and more flexible manner. This is achieved with two major changes: Ignition only runs once and Ignition does not handle variable substitution. Ignition has also fixed a number of the pain points with -regard to configuration. Instead of YAML, Ignition uses JSON for its -configuration format. JSON's typing immediately eliminates problems like "off" -being rewritten as "false", the "#cloud-config" header being stripped because -comments *shouldn't* have meaning, and confusion around whether those file -permissions were written in octal or decimal. Ignition's configuration is also -versioned which allows it to be improved in the future without having to worry -as much about maintaining backward compatibility. +regard to configuration. + +Instead of YAML, Ignition uses JSON for its configuration format. JSON's typing +immediately eliminates problems like "off" being rewritten as "false", the +"#cloud-config" header being stripped because comments *shouldn't* have +meaning, and confusion around whether those file permissions were written in +octal or decimal. Ignition's configuration is also versioned which allows it to +be improved in the future without having to worry as much about maintaining +backward compatibility. [cloudinit]: https://github.com/coreos/coreos-cloudinit ### Ignition Only Runs Once ## Even though Ignition only runs once, it packs a powerful punch. Because -Ignition runs so early in the boot process (the initramfs, to be exact), it is -able to repartition disks, format filesystems, create users, and write files -all before the userspace has begun booting. This means, for example, that the -issue of [configuring the network][network config] falls away; the network -config is written early enough for networkd to read when it first starts. It -also means systemd services are already written to disk by the time systemd -starts. This results in a simple startup, a faster startup, and the ability to -accurately inspect the unit dependency graphs. +Ignition runs so early in the boot process (in the initramfs, to be exact), it +is able to repartition disks, format filesystems, create users, and write files +all before the userspace has begun booting. + +A result of Ignition running so early is that the issue of +[configuring the network][network config] falls away; the network config is +written early enough for networkd to read when it first starts. It also means +systemd services are already written to disk by the time systemd starts. This +results in a simple startup, a faster startup, and the ability to accurately +inspect the unit dependency graphs. [network config]: network-configuration.md @@ -45,14 +49,16 @@ accurately inspect the unit dependency graphs. Given that Ignition only runs once, it wouldn't make much sense for it to incorporate dynamic data (e.g. floating IP addresses, compute region, etc.). -This is partly why there is no support for variable substition. Instead, the -proper approach is to use Ignition to write static files and leverage systemd's -environment variable expansion to insert dynamic data. The Ignition config -should install a service which fetches the necessary runtime data and then any -services which need this data (e.g. etcd, fleet) can depend on that -aforementioned service and source in its output. The result is that the data is -only collected if and when it is needed. For supported platforms, CoreOS -provides a small utility (`coreos-metadata.service`) to help fetch this data. +This is partly why there is no support for variable substition. + +Instead of dynamic data, the proper approach is to use Ignition to write static +files and leverage systemd's environment variable expansion to insert dynamic +data. The Ignition config should install a service which fetches the necessary +runtime data and then any services which need this data (e.g. etcd, fleet) can +depend on that aforementioned service and source in its output. The result is +that the data is only collected if and when it is needed. For supported +platforms, CoreOS provides a small utility (`coreos-metadata.service`) to help +fetch this data. The lack of variable substitution in Ignition has an added benifit of leveling the playing field when it comes to compute providers. No longer is the user's From b60272181ae822345323a8dd0edc17085221c2f0 Mon Sep 17 00:00:00 2001 From: Alex Crawford Date: Thu, 3 Sep 2015 17:23:07 -0700 Subject: [PATCH 0579/1291] ignition: add example and remove support platforms --- ignition/examples.md | 32 ++++++++++++++++++++++++++++++++ ignition/supported-platforms.md | 9 --------- ignition/what-is-ignition.md | 2 +- 3 files changed, 33 insertions(+), 10 deletions(-) delete mode 100644 ignition/supported-platforms.md diff --git a/ignition/examples.md b/ignition/examples.md index 27408df1b..efe953427 100644 --- a/ignition/examples.md +++ b/ignition/examples.md @@ -4,6 +4,38 @@ Each of these examples is written in version 1 of the config. Always double check to make sure that your config matches the version that Ignition is expecting. +## Starting Services ## + +This config will write a single service unit (shown below) with the contents of +an example service. This unit will be enabled as a dependency of +multi-user.target and therefore start on boot. + +```json +{ + "ignitionVersion": 1, + "systemd": { + "units": [ + { + "name": "example.service", + "enable": true, + "contents": "[Service]\nType=oneshot\nExecStart=/usr/bin/echo Hello World\n\n[Install]\nWantedBy=multi-user.target" + } + ] + } +} +``` + +### example.service ### + +``` +[Service] +Type=oneshot +ExecStart=/usr/bin/echo Hello World + +[Install] +WantedBy=multi-user.target +``` + ## Reformat the Root Filesystem ## In many scenarios, it may be preferable to use btrfs for the root filesystem. diff --git a/ignition/supported-platforms.md b/ignition/supported-platforms.md deleted file mode 100644 index f55959620..000000000 --- a/ignition/supported-platforms.md +++ /dev/null @@ -1,9 +0,0 @@ -# Supported Platforms # - -Ignition is currently only supported for the following images: - -- [Bare Metal](https://coreos.com/os/docs/latest/installing-to-disk.html) -- [PXE](https://coreos.com/os/docs/latest/booting-with-pxe.html) - -Ignition is under active development so expect this list to expand in the -coming months. diff --git a/ignition/what-is-ignition.md b/ignition/what-is-ignition.md index 76d4daad6..68eed92f4 100644 --- a/ignition/what-is-ignition.md +++ b/ignition/what-is-ignition.md @@ -86,4 +86,4 @@ will be kept up-to-date as development progresses. Ignition is under active development. Expect to see support for more images in the coming months. -[supported platforms]: supported-platforms.md +[supported platforms]: https://github.com/coreos/ignition/blob/master/doc/supported-platforms.md From 5bb56b9593af78e671a1c96e20f825922067deb2 Mon Sep 17 00:00:00 2001 From: Rob Szumski Date: Wed, 9 Sep 2015 16:41:07 -0700 Subject: [PATCH 0580/1291] os: add EC2 json feed --- os/booting-on-ec2.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/os/booting-on-ec2.md b/os/booting-on-ec2.md index bca5a2ece..12bb7e589 100644 --- a/os/booting-on-ec2.md +++ b/os/booting-on-ec2.md @@ -24,6 +24,7 @@ CoreOS is designed to be [updated automatically]({{site.baseurl}}/using-coreos/u

      The alpha channel closely tracks master and is released to frequently. The newest versions of docker, etcd and fleet will be available for testing. Current version is CoreOS {{site.alpha-channel}}.

      + View as json feed
      @@ -55,6 +56,7 @@ CoreOS is designed to be [updated automatically]({{site.baseurl}}/using-coreos/u

      The beta channel consists of promoted alpha releases. Current version is CoreOS {{site.beta-channel}}.

      + View as json feed
      @@ -86,6 +88,7 @@ CoreOS is designed to be [updated automatically]({{site.baseurl}}/using-coreos/u

      The Stable channel should be used by production clusters. Versions of CoreOS are battle-tested within the Beta and Alpha channels before being promoted. Current version is CoreOS {{site.stable-channel}}.

      + View as json feed
      From 5db08cd82030c11e844e467a7aff08d8511cffad Mon Sep 17 00:00:00 2001 From: Ikoula Date: Wed, 26 Aug 2015 15:51:17 +0000 Subject: [PATCH 0581/1291] Ikoula Cloud docs for CoreOS --- os/booting-on-ikoula.md | 261 +++++++++++++++++++++++++ os/img/ikoula-deploy-instance-menu.png | Bin 0 -> 112266 bytes os/img/ikoula-instance-deployed.png | Bin 0 -> 16585 bytes os/img/ikoula-login.png | Bin 0 -> 7780 bytes os/img/ikoula-public-cloud.png | Bin 0 -> 49314 bytes os/img/ikoula-subscriptions.png | Bin 0 -> 50802 bytes 6 files changed, 261 insertions(+) create mode 100644 os/booting-on-ikoula.md create mode 100755 os/img/ikoula-deploy-instance-menu.png create mode 100755 os/img/ikoula-instance-deployed.png create mode 100755 os/img/ikoula-login.png create mode 100755 os/img/ikoula-public-cloud.png create mode 100755 os/img/ikoula-subscriptions.png diff --git a/os/booting-on-ikoula.md b/os/booting-on-ikoula.md new file mode 100644 index 000000000..1c2bb3240 --- /dev/null +++ b/os/booting-on-ikoula.md @@ -0,0 +1,261 @@ +# Running CoreOS on Ikoula Cloud + +Ikoula is a French cloud hosting company. +Its CloudStack 4.5 based cloud is deployed on its own datacenters worldwide on +several Basic and Advanced networking zones. Currently zones are available on +France, Germany, Netherlands, USA East, Singapore. + +### Networking Zones on Ikoula Cloud + +On Basic networking zones, you have the support of security groups and a directly +assigned public IP address as in many other cloud providers. + +On Advanced networking zones, you have a virtual router deployed which protects +your own private VLAN network. Instances deployed on this private VLAN +receive a private IP address from a range you can choose, and they have external +access through the virtual router. On Advanced networking zones, you have access +to VPC which can be connected to your own office network by means of using site-to-site VPNs. + +### CoreOS images on Ikoula Cloud + +You can deploy and boot officially-built CoreOS images on Ikoula Cloud! + +You will need: + +- a valid account +- a valid cloud public subscription + +Please note that images deployed on Ikoula Cloud update themselves automatically. +The reboot strategy is "best effort", which means that if the deployed CoreOS is +standalone then it will reboot automatically. You can, however, [disable this behaviour][reboot-after-update]. +We also provide a FAQ on how to [achieve][coreos-update-manually] this. + +[reboot-after-update]: update-strategies.md +[coreos-update-manually]: https://Ikoula.wiki/help/Mettre_a_jour_CoreOS_manuellement/fr + +### Creating your account and subscribing to Ikoula Cloud + +Go make them both at Public Cloud Ikoula. +Choose any type of virtual machine and then proceed to create your account and subscription. + +You will soon receive access to your own Extranet. + +### Deploying Instances using Extranet portal a.k.a "One Click deployment" on Basic zones + +Open your browser and point it to https://extranet.Ikoula.com. +If needed, change the language by using flag icons on the right near "Choose your language". + +Click on "Click here" to connect. + +To login fill in your credentials (email address and password of your account): +
      +
      +
      + +
      Login to Extranet Ikoula Portal
      +
      +
      +
      +
      + +Then click on public cloud: + +
      +
      +
      + +
      Link to public cloud subscriptions on Extranet Ikoula Portal
      +
      +
      +
      +
      + +Your public cloud subscription appear: + +
      +
      +
      + +
      Cloud subscriptions on Extranet Ikoula portal
      +
      +
      +
      +
      + +If you click on it, you'll have access to a menu that quickly permits you to deploy +and configure an instance of CoreOS on a Basic networking zone of your choice: + +
      +
      +
      + +
      The "One Click deployment" on Extranet Ikoula portal
      +
      +
      +
      +
      + +To create your instance: + +1. Fill The VM Name, + +2. Choose "CoreOS Stable 64bits SSH KEYPAIR with core user" on Template section. + +3. Choose your service offering, that will represent the power of your instance, the resources that it will get. + +4. Choose the incoming firewall rules that will be accepted (we recommend to open at least SSH, by default all ports are closed). + +5. Choose the authentication type. On CoreOS this is a sshkeypair, choose to create on, or use an already existent one. + +6. Choose the Basic zone in which you will want your instance to be deployed. + +Click on CREATE MY INSTANCE, then, thanks to SSD backed Ikoula Cloud hosts, you will rapidly get information +about your instance: + +
      +
      +
      + +
      Instance CoreOS deployed on Extranet Ikoula portal
      +
      +
      +
      +
      + +Finally with the IP address the sshkey, and the firewall rule, you will be able to connect to your instance. + +### Deploying instances using CloudMonkey on either Basic or Advanced networking zones + +The Ikoula Cloud offers a template "CoreOS Stable" which is available on every all of the different geographic zones +(France, USA East, Singapore, Germany, Netherlands). + +Consistent with the normal use of CoreOS, the SSH connection to an instance deployed with this template is only +possible with the user “core” and through SSH key authentication. You can then rely on official FAQs CoreOS +without encountering unexpected behavior. + +In the following procedure, we will use the tool Apache CloudMonkey to deploy a CoreOS instance: +To be able to use CloudMonkey, you must have valid API and secret keys. You have received them both on +subscription to Ikoula Cloud service. If you don't have them, please follow this FAQ +to generate them. + +## Prepare CloudMonkey environment + +Install CloudMonkey by issuing (Debian based Linux only) these commands: + +```sh +sudo apt-get install python-pip +pip install cloudmonkey +``` + +Configure CloudMonkey by issuing these commands, replacing API and secret keys with your own: + +```sh +$ cloudmonkey +Apache CloudStack CloudMonkey 5.0.0. Type help or ? to list commands. + +> set host cloudStack.ikoula.com +> set path /client/api +> set protocol https +> set port 443 +> set apikey +> set secretkey +``` +## Generate your keys + +Create your CloudStack SSH key pair: + +```sh +$ cloudmonkey +Apache CloudStack CloudMonkey 5.0.0. Type help or ? to list commands. + +> create sshkeypair name=MySSHkey +keypair: +name = MySSHkey +fingerprint = 15:51:8a:8e:04:d3:78:5e:dd:5c:7f:50:f8:e8:81:89 +privatekey = -----BEGIN RSA PRIVATE KEY----- +MIICXQIBAAKBgQC+aaZOBbsJxSfrUrgIB29gncJeZ5leAH+b4d1+ARRPZgiYM50K +b0X6FUBk+qDKTjsqQHZuYiyXbpt/JXq1WUukaY6Xv0L13ydLcOUpxekXxHeELNg/ +QXyP+gKzr6rGgGZwFSwJoZGmi3U9QM661/pKzfie6cOxyZ7zHNhdMZqW5QIDAQAB +AoGBAI8/vDWGaif3gwiuunSP42K0TL3pAqCNj3MegRuChF0XTe/zJHntLJ/vzPoq +8zw/jpNC29Y/VXy3YZROBfrYquY/KjnfbaQWEBXNNYjBXJcL00MCVOhQTqHxQoJo +HVsA+1zriXpAA1a7hBw/GzTbhB/tC7w2V2eYTfIF4exdL10hAkEA+bjspo7KAzwF +ysVoRZfGWdGl4cDC4zR290URXplVJJ3t2MZKD0zW04ajNOLMG5ve5fwGbTYfhJ3/ +CICQ41WTewJBAMMzCnWrOOyjJEQo3QFZX9QEtMSCJGeiGW04u/lB8XiT5AXIdGEk +QIAsSYdgQrDw02nQ7rWGUBnGdJ7PlSXKwR8CQQCwpISRlLOE8jJOqrEFeUTPSCME +u6uft/7nDi4pMmEt06DpE+pTRFE5syVDRaKHbQyQtmN9YSmOT4yVYQwcIu5[...] +-----END RSA PRIVATE KEY----- +``` + +Paste this SSH key pair in a restricted file (MySSHkey in our example) with permissions to owner read only (400): + +```sh +$ cat MySSHkey +-----BEGIN RSA PRIVATE KEY----- +MIICXQIBAAKBgQC+aaZOBbsJxSfrUrgIB29gncJeZ5leAH+b4d1+ARRPZgiYM50K +b0X6FUBk+qDKTjsqQHZuYiyXbpt/JXq1WUukaY6Xv0L13ydLcOUpxekXxHeELNg/ +QXyP+gKzr6rGgGZwFSwJoZGmi3U9QM661/pKzfie6cOxyZ7zHNhdMZqW5QIDAQAB +AoGBAI8/vDWGaif3gwiuunSP42K0TL3pAqCNj3MegRuChF0XTe/zJHntLJ/vzPoq +8zw/jpNC29Y/VXy3YZROBfrYquY/KjnfbaQWEBXNNYjBXJcL00MCVOhQTqHxQoJo +HVsA+1zriXpAA1a7hBw/GzTbhB/tC7w2V2eYTfIF4exdL10hAkEA+bjspo7KAzwF +ysVoRZfGWdGl4cDC4zR290URXplVJJ3t2MZKD0zW04ajNOLMG5ve5fwGbTYfhJ3/ +CICQ41WTewJBAMMzCnWrOOyjJEQo3QFZX9QEtMSCJGeiGW04u/lB8XiT5AXIdGEk +QIAsSYdgQrDw02nQ7rWGUBnGdJ7PlSXKwR8CQQCwpISRlLOE8jJOqrEFeUTPSCME +u6uft/7nDi4pMmEt06DpE+pTRFE5syVDRaKHbQyQtmN9YSmOT4yVYQwcIu [...] +-----END RSA PRIVATE KEY----- + +$ chmod 400 MySSHkey +``` + +## Deploy CoreOS on an Advanced zone + +### Deploy your CoreOS instance with your SSH Key pair + +This example is made in Advanced networking zone, so we assume that you have already created your VPC or network: + +```sh +$ cloudmonkey +Apache CloudStack CloudMonkey 5.0.0. Type help or ? to list commands. + +> deploy virtualmachine zoneid= networkids= serviceofferingid= templateid=