From 1499c5306600f14abb8e943b2d8275827c418cd6 Mon Sep 17 00:00:00 2001 From: trantzas Date: Mon, 18 Dec 2023 17:16:45 +0000 Subject: [PATCH 01/23] test develop documentation branch --- mkdocs.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mkdocs.yml b/mkdocs.yml index c0a5595..b8aedab 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -1,6 +1,6 @@ # Project information site_name: Openslice -site_description: Openslice - Open source OSS +site_description: Openslice - Open source OSS - develop site_author: Openslice.io site_url: http://openslice.io -- GitLab From f79ff6ae8b2d76c41c168832b9a1f563b0224105 Mon Sep 17 00:00:00 2001 From: Kostis Trantzas Date: Wed, 20 Dec 2023 19:00:01 +0200 Subject: [PATCH 02/23] mike plugin initial try at develop branch --- .gitlab-ci.yml | 23 ++++++++++++++++++----- 1 file changed, 18 insertions(+), 5 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 6c38ff2..4722538 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,11 +1,24 @@ pages: stage: deploy image: python:latest - script: - - pip install mkdocs-material - - mkdocs build --site-dir public + variables: + PIP_CACHE_DIR: "$CI_PROJECT_DIR/.cache/pip" + PAGES_BRANCH: develop + HTTPS_REMOTE: https://gitlab-ci-token:${ACCESS_TOKEN}@${CI_SERVER_HOST}/${CI_PROJECT_PATH}.git + before_script: + - pip install mkdocs-material mike + - git config user.name $GITLAB_USER_NAME + - git config user.email $GITLAB_USER_EMAIL + - git fetch origin $PAGES_BRANCH && git -b checkout $PAGES_BRANCH origin/$PAGES_BRANCH || git checkout $PAGES_BRANCH || echo "Pages branch not deployed yet." + - git checkout $CI_COMMIT_SHA + script: + - mike deploy --rebase --prefix public -r $HTTPS_REMOTE -p -b $PAGES_BRANCH -u $CI_COMMIT_TAG latest + - mike set-default --rebase --prefix public -r $HTTPS_REMOTE -p -b $PAGES_BRANCH latest + - git checkout $PAGES_BRANCH -- public/ artifacts: paths: - - public + - public/ + only: + - tags rules: - - if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH' + - if: '$CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH' -- GitLab From 222c15bd6b38c69ef0e2a4b0ea4b55a94db9ee4e Mon Sep 17 00:00:00 2001 From: trantzas Date: Wed, 20 Dec 2023 17:03:19 +0000 Subject: [PATCH 03/23] removed conflicting only and rules from ci.yml --- .gitlab-ci.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 4722538..8bdc526 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -18,7 +18,5 @@ pages: artifacts: paths: - public/ - only: - - tags rules: - - if: '$CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH' + - if: '$CI_COMMIT_REF_NAME == "develop" && $CI_COMMIT_TAG' -- GitLab From b1aac4dcecf7e4461095eff8a5bea5ff328584b3 Mon Sep 17 00:00:00 2001 From: trantzas Date: Wed, 20 Dec 2023 17:21:56 +0000 Subject: [PATCH 04/23] rule is triggered by tag commit --- .gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 8bdc526..c8a9bec 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -19,4 +19,4 @@ pages: paths: - public/ rules: - - if: '$CI_COMMIT_REF_NAME == "develop" && $CI_COMMIT_TAG' + - if: '$CI_COMMIT_TAG' -- GitLab From efd409aef8ad511869edbb50b47cbb3e531efdb8 Mon Sep 17 00:00:00 2001 From: trantzas Date: Wed, 20 Dec 2023 17:23:46 +0000 Subject: [PATCH 05/23] changing python version --- .gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index c8a9bec..75550dd 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,6 +1,6 @@ pages: stage: deploy - image: python:latest + image: python:3.9.18-slim-bullseye variables: PIP_CACHE_DIR: "$CI_PROJECT_DIR/.cache/pip" PAGES_BRANCH: develop -- GitLab From 699814d52e652900e07167f2a5f798d0f613c850 Mon Sep 17 00:00:00 2001 From: trantzas Date: Wed, 20 Dec 2023 18:09:00 +0000 Subject: [PATCH 06/23] installed git dependancy at ci.yml --- .gitlab-ci.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 75550dd..9008bf6 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -7,6 +7,7 @@ pages: HTTPS_REMOTE: https://gitlab-ci-token:${ACCESS_TOKEN}@${CI_SERVER_HOST}/${CI_PROJECT_PATH}.git before_script: - pip install mkdocs-material mike + - apt-get install -y git - git config user.name $GITLAB_USER_NAME - git config user.email $GITLAB_USER_EMAIL - git fetch origin $PAGES_BRANCH && git -b checkout $PAGES_BRANCH origin/$PAGES_BRANCH || git checkout $PAGES_BRANCH || echo "Pages branch not deployed yet." -- GitLab From 17a68fc491079ef192923a5df5906f9f21957f3a Mon Sep 17 00:00:00 2001 From: trantzas Date: Wed, 20 Dec 2023 18:14:18 +0000 Subject: [PATCH 07/23] adding git dep to ci.yml --- .gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 9008bf6..c75cc3b 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -7,7 +7,7 @@ pages: HTTPS_REMOTE: https://gitlab-ci-token:${ACCESS_TOKEN}@${CI_SERVER_HOST}/${CI_PROJECT_PATH}.git before_script: - pip install mkdocs-material mike - - apt-get install -y git + - apt-get update && apt-get install -y git - git config user.name $GITLAB_USER_NAME - git config user.email $GITLAB_USER_EMAIL - git fetch origin $PAGES_BRANCH && git -b checkout $PAGES_BRANCH origin/$PAGES_BRANCH || git checkout $PAGES_BRANCH || echo "Pages branch not deployed yet." -- GitLab From 4eac58a5a22ed11702f5645946f2139ccb4d7494 Mon Sep 17 00:00:00 2001 From: trantzas Date: Wed, 20 Dec 2023 18:21:16 +0000 Subject: [PATCH 08/23] updated mike 2.0.0 arguments --- .gitlab-ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index c75cc3b..f837c7d 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -13,8 +13,8 @@ pages: - git fetch origin $PAGES_BRANCH && git -b checkout $PAGES_BRANCH origin/$PAGES_BRANCH || git checkout $PAGES_BRANCH || echo "Pages branch not deployed yet." - git checkout $CI_COMMIT_SHA script: - - mike deploy --rebase --prefix public -r $HTTPS_REMOTE -p -b $PAGES_BRANCH -u $CI_COMMIT_TAG latest - - mike set-default --rebase --prefix public -r $HTTPS_REMOTE -p -b $PAGES_BRANCH latest + - mike deploy --deploy-prefix public -r $HTTPS_REMOTE -p -b $PAGES_BRANCH -u $CI_COMMIT_TAG latest + - mike set-default --deploy-prefix public -r $HTTPS_REMOTE -p -b $PAGES_BRANCH latest - git checkout $PAGES_BRANCH -- public/ artifacts: paths: -- GitLab From c7b9ff111d0f9b604457ecbe3f6c944227d0c516 Mon Sep 17 00:00:00 2001 From: trantzas Date: Wed, 20 Dec 2023 18:26:16 +0000 Subject: [PATCH 09/23] updated repository path --- .gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index f837c7d..737ae5e 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -4,7 +4,7 @@ pages: variables: PIP_CACHE_DIR: "$CI_PROJECT_DIR/.cache/pip" PAGES_BRANCH: develop - HTTPS_REMOTE: https://gitlab-ci-token:${ACCESS_TOKEN}@${CI_SERVER_HOST}/${CI_PROJECT_PATH}.git + HTTPS_REMOTE: https://gitlab-ci-token:${ACCESS_TOKEN}@${CI_SERVER_HOST}/rep/${CI_PROJECT_PATH}.git before_script: - pip install mkdocs-material mike - apt-get update && apt-get install -y git -- GitLab From 9d29af87b74170cc71aefb8cca4f1fc19f6646a4 Mon Sep 17 00:00:00 2001 From: Dimitrios Giannopoulos Date: Tue, 23 Jan 2024 10:15:10 +0000 Subject: [PATCH 10/23] used mike for multi version docs --- .gitlab-ci.yml | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 737ae5e..76c5858 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -3,21 +3,29 @@ pages: image: python:3.9.18-slim-bullseye variables: PIP_CACHE_DIR: "$CI_PROJECT_DIR/.cache/pip" - PAGES_BRANCH: develop + PAGES_BRANCH: gitlab-pages HTTPS_REMOTE: https://gitlab-ci-token:${ACCESS_TOKEN}@${CI_SERVER_HOST}/rep/${CI_PROJECT_PATH}.git before_script: - - pip install mkdocs-material mike - - apt-get update && apt-get install -y git + - pip install -q mkdocs-material mike + - apt-get update -qq && apt-get -qq install -y git > /dev/null - git config user.name $GITLAB_USER_NAME - git config user.email $GITLAB_USER_EMAIL - - git fetch origin $PAGES_BRANCH && git -b checkout $PAGES_BRANCH origin/$PAGES_BRANCH || git checkout $PAGES_BRANCH || echo "Pages branch not deployed yet." + - git fetch origin $PAGES_BRANCH && git checkout $PAGES_BRANCH || git checkout -b $PAGES_BRANCH origin/$PAGES_BRANCH || echo "Pages branch not deployed yet." - git checkout $CI_COMMIT_SHA - script: - - mike deploy --deploy-prefix public -r $HTTPS_REMOTE -p -b $PAGES_BRANCH -u $CI_COMMIT_TAG latest - - mike set-default --deploy-prefix public -r $HTTPS_REMOTE -p -b $PAGES_BRANCH latest - - git checkout $PAGES_BRANCH -- public/ + script: + - | + if [ -n "$CI_COMMIT_TAG" ]; then + mike deploy --deploy-prefix public -r $HTTPS_REMOTE -p -b $PAGES_BRANCH -u $CI_COMMIT_TAG latest + mike set-default --deploy-prefix public -r $HTTPS_REMOTE -p -b $PAGES_BRANCH latest + elif [ "$CI_COMMIT_REF_PROTECTED" == "true" ]; then + mike deploy --deploy-prefix public -r $HTTPS_REMOTE -p -b $PAGES_BRANCH -u $CI_COMMIT_BRANCH $CI_COMMIT_BRANCH + fi + git checkout $PAGES_BRANCH -- public/ artifacts: paths: - public/ rules: - if: '$CI_COMMIT_TAG' + - if: '$CI_COMMIT_REF_PROTECTED == "true"' + when: always + - when: never \ No newline at end of file -- GitLab From ff4b353d8c933fae8fa39a33e1a67ced116fab9d Mon Sep 17 00:00:00 2001 From: Dimitrios Giannopoulos Date: Tue, 23 Jan 2024 10:23:42 +0000 Subject: [PATCH 11/23] use single user always --- .gitlab-ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 76c5858..e4843cd 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -8,8 +8,8 @@ pages: before_script: - pip install -q mkdocs-material mike - apt-get update -qq && apt-get -qq install -y git > /dev/null - - git config user.name $GITLAB_USER_NAME - - git config user.email $GITLAB_USER_EMAIL + - git config --global --replace-all user.name $GITLAB_USER_NAME + - git config --global --replace-all user.email $GITLAB_USER_EMAIL - git fetch origin $PAGES_BRANCH && git checkout $PAGES_BRANCH || git checkout -b $PAGES_BRANCH origin/$PAGES_BRANCH || echo "Pages branch not deployed yet." - git checkout $CI_COMMIT_SHA script: -- GitLab From b85150ee3b4ca7dbfb82da947a01c0b1ee12dc98 Mon Sep 17 00:00:00 2001 From: Dimitrios Giannopoulos Date: Tue, 23 Jan 2024 10:28:25 +0000 Subject: [PATCH 12/23] removed duplicate alias --- .gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index e4843cd..5ff47f1 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -18,7 +18,7 @@ pages: mike deploy --deploy-prefix public -r $HTTPS_REMOTE -p -b $PAGES_BRANCH -u $CI_COMMIT_TAG latest mike set-default --deploy-prefix public -r $HTTPS_REMOTE -p -b $PAGES_BRANCH latest elif [ "$CI_COMMIT_REF_PROTECTED" == "true" ]; then - mike deploy --deploy-prefix public -r $HTTPS_REMOTE -p -b $PAGES_BRANCH -u $CI_COMMIT_BRANCH $CI_COMMIT_BRANCH + mike deploy --deploy-prefix public -r $HTTPS_REMOTE -p -b $PAGES_BRANCH -u $CI_COMMIT_BRANCH fi git checkout $PAGES_BRANCH -- public/ artifacts: -- GitLab From c8c3ce270be9282e5807509e146f84e2170c9375 Mon Sep 17 00:00:00 2001 From: Dimitrios Giannopoulos Date: Tue, 23 Jan 2024 10:46:12 +0000 Subject: [PATCH 13/23] fixes to git and mike --- .gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 5ff47f1..5c02018 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -20,7 +20,7 @@ pages: elif [ "$CI_COMMIT_REF_PROTECTED" == "true" ]; then mike deploy --deploy-prefix public -r $HTTPS_REMOTE -p -b $PAGES_BRANCH -u $CI_COMMIT_BRANCH fi - git checkout $PAGES_BRANCH -- public/ + - git checkout $PAGES_BRANCH -- public/ artifacts: paths: - public/ -- GitLab From b52ddc44b5c481d1522e0b2b45f81e120d7a3a5b Mon Sep 17 00:00:00 2001 From: Dimitrios Giannopoulos Date: Tue, 23 Jan 2024 10:53:15 +0000 Subject: [PATCH 14/23] changed publish branch --- .gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 5c02018..48220cc 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -3,7 +3,7 @@ pages: image: python:3.9.18-slim-bullseye variables: PIP_CACHE_DIR: "$CI_PROJECT_DIR/.cache/pip" - PAGES_BRANCH: gitlab-pages + PAGES_BRANCH: gl-pages HTTPS_REMOTE: https://gitlab-ci-token:${ACCESS_TOKEN}@${CI_SERVER_HOST}/rep/${CI_PROJECT_PATH}.git before_script: - pip install -q mkdocs-material mike -- GitLab From aeac7fb7db3ae5b781b71ef1968fa2d0bc8df43f Mon Sep 17 00:00:00 2001 From: Dimitrios Giannopoulos Date: Tue, 23 Jan 2024 14:50:41 +0000 Subject: [PATCH 15/23] trigger if branch is develop --- .gitlab-ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 48220cc..20f28f1 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -17,7 +17,7 @@ pages: if [ -n "$CI_COMMIT_TAG" ]; then mike deploy --deploy-prefix public -r $HTTPS_REMOTE -p -b $PAGES_BRANCH -u $CI_COMMIT_TAG latest mike set-default --deploy-prefix public -r $HTTPS_REMOTE -p -b $PAGES_BRANCH latest - elif [ "$CI_COMMIT_REF_PROTECTED" == "true" ]; then + elif [ "$CI_COMMIT_REF_NAME" == "develop" ]; then mike deploy --deploy-prefix public -r $HTTPS_REMOTE -p -b $PAGES_BRANCH -u $CI_COMMIT_BRANCH fi - git checkout $PAGES_BRANCH -- public/ @@ -26,6 +26,6 @@ pages: - public/ rules: - if: '$CI_COMMIT_TAG' - - if: '$CI_COMMIT_REF_PROTECTED == "true"' + - if: '$CI_COMMIT_REF_NAME == "develop"' when: always - when: never \ No newline at end of file -- GitLab From 377eccb73fd0e4ab160fe4f120a0ba27300480ca Mon Sep 17 00:00:00 2001 From: Kostis Trantzas Date: Fri, 9 Feb 2024 21:05:19 +0200 Subject: [PATCH 16/23] Develop branded documentation changes --- doc/deployment.md | 8 ++------ doc/index.md | 2 +- 2 files changed, 3 insertions(+), 7 deletions(-) diff --git a/doc/deployment.md b/doc/deployment.md index 48aa495..bd28d3d 100644 --- a/doc/deployment.md +++ b/doc/deployment.md @@ -63,7 +63,7 @@ cd openslice Download the deployment / environment preparation script ```bash -wget https://labs.etsi.org/rep/osl/code/org.etsi.osl.main/-/raw/main/compose/deploy.sh +wget https://labs.etsi.org/rep/osl/code/org.etsi.osl.main/-/raw/develop/compose/deploy.sh ``` Make it executable ```bash @@ -84,7 +84,7 @@ We recommend: * develop branch for an experience with the latest features (for develop branch installation, it is strongly advisable that you may as well follow the [develop documentation](https://osl.etsi.org/documentation/develop/deployment/)) ```bash -sudo ./deploy.sh main #[or replace main with other branch name] +sudo ./deploy.sh develop #[or replace main with other branch name] ``` > **We recommend running the deploy.sh script with root permissions! In other case, some directories may not be accessible by the project building tools and hinder the smooth installation.** @@ -500,10 +500,6 @@ See [NFV Orchestrator Configuration](./nfvoconfig.md). Openslice can be installed in a Kubernetes cluster. -**This is a work in progress, and should be used for stable deployments!**. - -Please reference "develop" tagged documentation for any latest progress. - The related scripts are inside the kubernetes folder. Follow these steps along the lines. You need to configure the ingress properly depending on how you want to expose Openslice. 1 - Create an openslice namespace diff --git a/doc/index.md b/doc/index.md index e8c0cbc..0fabaa1 100644 --- a/doc/index.md +++ b/doc/index.md @@ -1,6 +1,6 @@ drawing -version: 2023Q4 - Release 0 +version: 2024Q2 - SNAPSHOT The ETSI Software Development Group for OpenSlice (SDG OSL) is developing an open source service based Operations Support System (OSS) to deliver Network Slice as a Service (NSaaS) following specifications from major SDOs including ETSI, TM Forum and GSMA. See more details [here](https://osl.etsi.org/about/). -- GitLab From 68bbb052aee0856d7e84a8571a95146800d3b15b Mon Sep 17 00:00:00 2001 From: trantzas Date: Fri, 9 Feb 2024 21:35:16 +0000 Subject: [PATCH 17/23] Corrections in Configure TMF Web UI section --- doc/deployment.md | 43 ++++++++++++++++++++++++++++++++++--------- 1 file changed, 34 insertions(+), 9 deletions(-) diff --git a/doc/deployment.md b/doc/deployment.md index bd28d3d..8dd2dae 100644 --- a/doc/deployment.md +++ b/doc/deployment.md @@ -266,27 +266,52 @@ In the folder `org.etsi.osl.tmf.web/src/assets/config` there are 3 files availab The first 2 files above (i.e. config.prod.json, theming.scss) are essential for the successful deployment of OpenSlice, thus created automatically during the initial deployment at `org.etsi.osl.tmf.web/src/assets/config` directory as a copy of the default ones from the remote repository. -Ensure that you check the `config.prod.json` file and readjust to your deployment if needed. +Ensure that you check the `config.prod.json` and `theming.scss` files and readjust to your deployment if needed. ```bash # Starting from the root project directory cd org.etsi.osl.tmf.web/src/assets/config ``` -```bash -sudo cp config.theming.default.json config.theming.json -``` -E.g. Edit "TITLE" or "WIKI" property with your domain title +E.g. Edit "TITLE", "WIKI", etc properties with your domain title. Also configure TMF's API and Keycloak's location for the web application. + ``` -{ - TITLE: "OpenSlice by ETSI", - WIKI: "https://osl.etsi.org/documentation/latest/deployment/", +{ + "TITLE": "OpenSlice by ETSI", + "PORTALVERSION":"2024-Q2 1.0.0-SNAPSHOT", + "WIKI": "https://osl.etsi.org/documentation", + "BUGZILLA": "{BASEURL}/bugzilla/", + "STATUS": "http://status.localhost/", + "WEBURL": "{BASEURL}", + "PORTAL_REPO_APIURL": "{BASEURL}/osapi", + "ASSURANCE_SERVICE_MGMT_APIURL": "{BASEURL}/oas-api", + "APITMFURL": "{BASEURL}/tmf-api", + "OAUTH_CONFIG" : { + "issuer": "{BASEURL}/auth/realms/openslice", + "loginUrl": "{BASEURL}/auth/realms/openslice/protocol/openid-connect/auth", + "tokenEndpoint": "{BASEURL}/auth/realms/openslice/protocol/openid-connect/token", + "userinfoEndpoint": "{BASEURL}/auth/realms/openslice/protocol/openid-connect/userinfo", + "redirectUri": "{BASEURL}/redirect", + "logoutUrl": "{BASEURL}/auth/realms/openslice/protocol/openid-connect/logout", + "postLogoutRedirectUri": "{BASEURL}", + + "responseType": "code", + "oidc": false, + "clientId": "osapiWebClientId", + "dummyClientSecret": "secret", + + "requireHttps": false, + "useHttpBasicAuth": true, + "clearHashAfterLogin": false, + + "showDebugInformation": true + } } ``` > The {BASEURL} placeholder in the file automatically detects the Origin (Protocol://Domain:Port) of the deployment and applies it to every respective property. E.g. If you are attempting a local deployment of Openslice, then {BASEURL} is automatically translated to "http://localhost". Similarly, you may use {BASEURL} to translate to a public deployment configuration, e.g. "https://portal.openslice.io". -If further customization, apart from the default provided, is needed for branding (Logo, Footer) then config.theming.json needs to be created in io.openslice.tmf.web/src/assets/config directory, as follows: +If further customization, apart from the default provided, is needed for branding (Logo, Footer) then `config.theming.json` needs to be created in io.openslice.tmf.web/src/assets/config directory, as follows: ```bash # Starting from the root project directory -- GitLab From 002f65320e4f9924c87430094ef71bb7a2c8586a Mon Sep 17 00:00:00 2001 From: trantzas Date: Fri, 9 Feb 2024 21:38:02 +0000 Subject: [PATCH 18/23] typo --- doc/deployment.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/deployment.md b/doc/deployment.md index 8dd2dae..a567d08 100644 --- a/doc/deployment.md +++ b/doc/deployment.md @@ -273,7 +273,7 @@ Ensure that you check the `config.prod.json` and `theming.scss` files and readju cd org.etsi.osl.tmf.web/src/assets/config ``` -E.g. Edit "TITLE", "WIKI", etc properties with your domain title. Also configure TMF's API and Keycloak's location for the web application. +E.g. Edit "TITLE", "WIKI", etc properties with your domain title. Also configure TMF's API and Keycloak's location for the web application, if needed. ``` { -- GitLab From 3e5443c33a86dae7121ff3a6215b53ce994c71f2 Mon Sep 17 00:00:00 2001 From: trantzas Date: Tue, 25 Jun 2024 14:00:31 +0000 Subject: [PATCH 19/23] fixing typos for localhost installation --- doc/deployment.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/doc/deployment.md b/doc/deployment.md index a567d08..9738d23 100644 --- a/doc/deployment.md +++ b/doc/deployment.md @@ -467,7 +467,7 @@ After editing it should look like the example bellow: "requireHttps": false, "useHttpBasicAuth": true, - clearHashAfterLogin": false, + "clearHashAfterLogin": false, "showDebugInformation": true } @@ -503,13 +503,13 @@ appConfig.factory('APIEndPointService', function() { STATUS: "ROOTURL/status/", APIURL: "http://localost:13000", WEBURL: "ROOTURL/nfvportal", - APIOAUTHURL: "ROOTURL/auth/realms/openslice", + APIOAUTHURL: "http://keycloak:8080/auth/realms/openslice", APITMFURL: "ROOTURL/tmf-api/serviceCatalogManagement/v4" }; }); ``` -> Note the difference in "APIOAUTHURL" property +> Note the difference in "APIOAUTHURL" property, changing ROOTURL -> http://keycloak:8080 ### NFV Orchestrator Configuration -- GitLab From 82e5c05cf4fe6c19abab5bbf19168f5df33960be Mon Sep 17 00:00:00 2001 From: Kostis Trantzas Date: Wed, 26 Jun 2024 15:12:33 +0300 Subject: [PATCH 20/23] fix for #2 --- doc/deployment.md | 70 ++++++++++++++++------------------------------- doc/nfvoconfig.md | 19 +++++++------ 2 files changed, 34 insertions(+), 55 deletions(-) diff --git a/doc/deployment.md b/doc/deployment.md index 9738d23..add7b1d 100644 --- a/doc/deployment.md +++ b/doc/deployment.md @@ -7,7 +7,7 @@ | --------------------------------- | ------------------------------------ | | 4 CPU cores | 8 CPU cores | | 8 GB RAM | 16 GB RAM | -| 20 GB storage | 40 GB storage | +| 30 GB storage | 50 GB storage | ### Software Requirements: @@ -17,7 +17,7 @@ ## Preparing the environment -> See the [Kubernetes section](#Kubernetes-installation), if you would like to deploy OpenSlice in a Kubernetes cluster. +> See the [Kubernetes section](#kubernetes-installation), if you would like to deploy OpenSlice in a Kubernetes cluster. ### 1. Backup your previous database if necessary: @@ -239,16 +239,15 @@ cd org.etsi.osl.portal.web/src/js sudo cp config.js.default config.js ``` -Edit the `config.js` file with the information of your domain +Edit the `config.js` file with the information of your domain. `ROOTURL` will automatically extract the the Origin (Protocol://Domain:Port) of the deployment, but you must change `APIURL` property, if you are not aiming for a localhost installation, e.g. "https://portal.openslice.io". +Example file: ``` { - TITLE: "OpenSlice by ETSI", - WIKI: "https://openslice.readthedocs.io/en/stable/", BUGZILLA: "ROOTURL/bugzilla/", STATUS: "ROOTURL/status/", - APIURL: "http://localost:13000", + APIURL: "http://localhost", WEBURL: "ROOTURL/nfvportal", APIOAUTHURL: "ROOTURL/auth/realms/openslice", APITMFURL: "ROOTURL/tmf-api/serviceCatalogManagement/v4" @@ -273,15 +272,17 @@ Ensure that you check the `config.prod.json` and `theming.scss` files and readju cd org.etsi.osl.tmf.web/src/assets/config ``` -E.g. Edit "TITLE", "WIKI", etc properties with your domain title. Also configure TMF's API and Keycloak's location for the web application, if needed. +E.g. You may edit "TITLE", "WIKI", etc properties with your domain title. Also configure TMF's API and Keycloak's location for the web application, if needed. + +Example file: ``` { "TITLE": "OpenSlice by ETSI", - "PORTALVERSION":"2024-Q2 1.0.0-SNAPSHOT", + "PORTALVERSION":"2024Q2", "WIKI": "https://osl.etsi.org/documentation", "BUGZILLA": "{BASEURL}/bugzilla/", - "STATUS": "http://status.localhost/", + "STATUS": "{BASEURL}/status/", "WEBURL": "{BASEURL}", "PORTAL_REPO_APIURL": "{BASEURL}/osapi", "ASSURANCE_SERVICE_MGMT_APIURL": "{BASEURL}/oas-api", @@ -309,7 +310,7 @@ E.g. Edit "TITLE", "WIKI", etc properties with your domain title. Also configure } ``` -> The {BASEURL} placeholder in the file automatically detects the Origin (Protocol://Domain:Port) of the deployment and applies it to every respective property. E.g. If you are attempting a local deployment of Openslice, then {BASEURL} is automatically translated to "http://localhost". Similarly, you may use {BASEURL} to translate to a public deployment configuration, e.g. "https://portal.openslice.io". +> The {BASEURL} placeholder in the file automatically detects the Origin (Protocol://Domain:Port) of the deployment and applies it to every respective property. E.g. If you are attempting a local deployment of OpenSlice, then {BASEURL} is automatically translated to "http://localhost". Similarly, you may use {BASEURL} to translate to a public deployment configuration, e.g. "https://portal.openslice.io". If further customization, apart from the default provided, is needed for branding (Logo, Footer) then `config.theming.json` needs to be created in io.openslice.tmf.web/src/assets/config directory, as follows: @@ -364,7 +365,7 @@ The Keycloack server is managing authentication and running on a container at po - Login with the credentials from section [Configure keycloak container](#3-configure-keycloak-container-optional). Default values are: - user: admin and - - password: KEYCLOAK_PASSWORD + - password: Pa55w0rd > if you are running in HTTP you will get a message: HTTPS required. @@ -379,7 +380,7 @@ To resolve this issue when running in HTTP: #### 1. Configure redirects -Navigate to realm Openslice > client > osapiWebClientId and change the Root URL to your domain. +Navigate to realm Openslice > Clients > osapiWebClientId and change the Root URL to your domain. Also, insert your domain, e.g. http://example.org/*, at: * Valid Redirect URIs @@ -389,18 +390,22 @@ Also, insert your domain, e.g. http://example.org/*, at: Keycloak allows new users to register. Subsequently, this will also allow new users to register to the OpenSlice portal. -On Tab Login > check User registration, Verify email, Forgot password etc. +Navigate to realm Openslice > Realm Settings > Login Tab > check User registration, Verify email, Forgot password etc. + +Finally, enter the details of the mail server at the Email Tab. + +> Email configuration is optional for test runs, but if not provided the above functionalities (e.g. external user registration) will not be possible. -Also, enter the details on Realm > Email > Enable Authentication. #### 3. Add an OpenSlice admin user This step is mandatory so as to access the OpenSlice Web UI. To add an OpenSlice admin user you must: -- Navigate to manage/users and add an OpenSlice admin user, e.g. username=admin. + +- Navigate to realm Openslice > Users > Add user - Set a password -- Navigate to Role Mappings and add ADMIN and MENTOR to Assigned Roles. +- Upon creation, navigate to Role Mappings and add ADMIN to Assigned Roles list -> That user is different from the Keycloak admin user. It is required to login and browse the OpenSlice Web UI. The Roles ADMIN and MENTOR guarantee full access through the Openslice UI, thus such a user is always required. +> That user is different from the Keycloak admin user. It is required to login and browse the OpenSlice Web UI. The Role ADMIN guarantee full access through the OpenSlice UI, thus such a user is always required. ### Keycloak at localhost @@ -438,19 +443,10 @@ cd org.etsi.osl.tmf.web/src/assets/config nano config.prod.json ``` -After editing it should look like the example bellow: +After editing, the displayed properties should look like the example below: ```yaml { - "TITLE": "OpenSlice by ETSI", - "PORTALVERSION":"2023-Q3 1.2.0-SNAPSHOT", - "WIKI": "https://openslice.readthedocs.io/en/stable/", - "BUGZILLA": "{BASEURL}/bugzilla/", - "STATUS": "http://status.localhost/", - "WEBURL": "{BASEURL}", - "PORTAL_REPO_APIURL": "{BASEURL}/osapi", - "ASSURANCE_SERVICE_MGMT_APIURL": "{BASEURL}/oas-api", - "APITMFURL": "{BASEURL}/tmf-api", "OAUTH_CONFIG" : { "issuer": "http://keycloak:8080/auth/realms/openslice", "loginUrl": "http://keycloak:8080/auth/realms/openslice/protocol/openid-connect/auth", @@ -459,17 +455,6 @@ After editing it should look like the example bellow: "redirectUri": "{BASEURL}/redirect", "logoutUrl": "http://keycloak:8080/auth/realms/openslice/protocol/openid-connect/logout", "postLogoutRedirectUri": "{BASEURL}", - - "responseType": "code", - "oidc": false, - "clientId": "osapiWebClientId", - "dummyClientSecret": "secret", - - "requireHttps": false, - "useHttpBasicAuth": true, - "clearHashAfterLogin": false, - - "showDebugInformation": true } } ``` @@ -489,7 +474,7 @@ cd org.etsi.osl.portal.web/src/js nano config.js ``` -after editing it should look like the example bellow: +After editing, the displayed properties should look like the example below: ``` var appConfig = angular.module('portalwebapp.config',[]); @@ -497,14 +482,7 @@ var appConfig = angular.module('portalwebapp.config',[]); appConfig.factory('APIEndPointService', function() { return { - TITLE: "OpenSlice by ETSI", - WIKI: "https://openslice.readthedocs.io/en/stable/", - BUGZILLA: "ROOTURL/bugzilla/", - STATUS: "ROOTURL/status/", - APIURL: "http://localost:13000", - WEBURL: "ROOTURL/nfvportal", APIOAUTHURL: "http://keycloak:8080/auth/realms/openslice", - APITMFURL: "ROOTURL/tmf-api/serviceCatalogManagement/v4" }; }); ``` diff --git a/doc/nfvoconfig.md b/doc/nfvoconfig.md index 91efd36..2247a7c 100644 --- a/doc/nfvoconfig.md +++ b/doc/nfvoconfig.md @@ -1,19 +1,20 @@ # NFV Orchestrator configuration -NOTE: Currently we support Open Source MANO version SEVEN/EIGHT/TEN/ELEVEN. Later versions of OSM may also be supported by the existing configuration, as from OSM 9+ the project converged to the SOL005 interface, regarding the NBI, and SOL006 (YANG model), regarding the NFV/NSD packaging. Also an implementation of a generic SOL005 interface is supported, but not extensively tested. +> Currently we support Open Source MANO version EIGHT/NINE/TEN/ELEVEN/THIRTEEN. Later versions of OSM may also be supported by the existing configuration, as from OSM 9+ the project converged to the SOL005 interface, regarding the NBI, and SOL006 (YANG model), regarding the NFV/NS packaging. Also an implementation of a generic SOL005 interface is supported, but not extensively tested. Configuration of your target(s) NFVOs/MANO services with Openslice is performed through the NFV portal. -Login to http://yourdomain/nfvportal/ +1. Login to {{yourdomain}}/nfvportal/ -Navigate to Admin->Manage MANO Platforms and pick one of the supported MANO platform(s), e.g. Name=OSMvTEN, Version=OSMvTEN and save +2. Navigate to Admin > Manage MANO Platforms > Add New MANO Platform, pick one of the supported MANO platform(s), e.g. Name=OSMvTHIRTEEN, Version=OSMvTHIRTEEN and save. You may edit the saved MANO platforms after this. -Navigate to Admin->Manage MANO providers and enter a New MANO Provider: +3. Navigate to Admin > Manage MANO providers > Add New MANO Provider and enter its details: -* Name whatever you wish -* API URL Endpoint, eg: https://10.10.10.10:9999 (This is the SOL005 NBI endpoint) -* Username, password and Project of your OSM tenant. +* Name and description of your choice. The selected name will supplement the NFV artifacts of this provider. +* One of the already defined MANO platforms +* API URL Endpoint, eg: https://10.10.10.10:9999 (This is the SOL005 NBI endpoint - *Note the port 9999*) +* Username, Password and Project of your OSM tenant. -Check EnabledForONBOARDING, so when users onboard VNFs/NSDs they will be automatically ONBOARDED to this MANO. If left unchecked, the onboarding must be performed manually after the VNF/NSD is uploaded to the portal. +Check EnabledForONBOARDING, if you want VNF/NS packages uploaded through the UI by the user, to also be automatically ONBOARDED to this MANO (1 step process). If left unchecked, the onboarding process must be performed manually after the VNF/NS package is uploaded to the portal, by the designated UI (2 step process). -Check EnabledForSYNC, if you want to support MANO->Openslice auto synchronization. When enabled, the existing VNFs/NSDs and VIMs (and any updates on them) of the registered MANO are also reflected to the portal. \ No newline at end of file +Check EnabledForSYNC, if you want to support the automatic synchronization of this MANO with OpenSlice. When enabled, the existing VNF/NS packages and VIMs (and any updates on them) of the registered MANO are also reflected to the portal to the respective UIs (Registered VNFs/NSDs and Manage Infrastructures). The synchronization is a continuous process that will confirm that the artifacts are still present in the MANO, updating the status field of the respective artifacts to `OSM_PRESENT`. If during this process, an artifact is deleted from the MANO, the respective status field will be updated to `OSM_MISSING`. \ No newline at end of file -- GitLab From f50bffff8f1cba4b6ddac15790daca7d2051be36 Mon Sep 17 00:00:00 2001 From: Kostis Trantzas Date: Wed, 26 Jun 2024 15:34:20 +0300 Subject: [PATCH 21/23] fix for #2 --- doc/deploymentCompose.md | 1 + doc/deploymentK8s.md | 1 + doc/nfvoconfig.md | 12 +++++++----- mkdocs.yml | 5 ++++- 4 files changed, 13 insertions(+), 6 deletions(-) create mode 100644 doc/deploymentCompose.md create mode 100644 doc/deploymentK8s.md diff --git a/doc/deploymentCompose.md b/doc/deploymentCompose.md new file mode 100644 index 0000000..052db73 --- /dev/null +++ b/doc/deploymentCompose.md @@ -0,0 +1 @@ +Docker Compose WIP \ No newline at end of file diff --git a/doc/deploymentK8s.md b/doc/deploymentK8s.md new file mode 100644 index 0000000..537b5ab --- /dev/null +++ b/doc/deploymentK8s.md @@ -0,0 +1 @@ +Kubernetes WIP \ No newline at end of file diff --git a/doc/nfvoconfig.md b/doc/nfvoconfig.md index 2247a7c..ed437de 100644 --- a/doc/nfvoconfig.md +++ b/doc/nfvoconfig.md @@ -10,11 +10,13 @@ Configuration of your target(s) NFVOs/MANO services with Openslice is performed 3. Navigate to Admin > Manage MANO providers > Add New MANO Provider and enter its details: -* Name and description of your choice. The selected name will supplement the NFV artifacts of this provider. -* One of the already defined MANO platforms -* API URL Endpoint, eg: https://10.10.10.10:9999 (This is the SOL005 NBI endpoint - *Note the port 9999*) -* Username, Password and Project of your OSM tenant. + - Name and description of your choice. The selected name will supplement the NFV artifacts of this provider. + - One of the already defined MANO platformssynchronization + - API URL Endpoint, eg: https://10.10.10.10:9999 (This is the SOL005 NBI endpoint - *Note the port 9999*) + - Username, Password and Project of your OSM tenant. Check EnabledForONBOARDING, if you want VNF/NS packages uploaded through the UI by the user, to also be automatically ONBOARDED to this MANO (1 step process). If left unchecked, the onboarding process must be performed manually after the VNF/NS package is uploaded to the portal, by the designated UI (2 step process). -Check EnabledForSYNC, if you want to support the automatic synchronization of this MANO with OpenSlice. When enabled, the existing VNF/NS packages and VIMs (and any updates on them) of the registered MANO are also reflected to the portal to the respective UIs (Registered VNFs/NSDs and Manage Infrastructures). The synchronization is a continuous process that will confirm that the artifacts are still present in the MANO, updating the status field of the respective artifacts to `OSM_PRESENT`. If during this process, an artifact is deleted from the MANO, the respective status field will be updated to `OSM_MISSING`. \ No newline at end of file +Check EnabledForSYNC, if you want to support the automatic synchronization of this MANO with OpenSlice. When enabled, the existing VNF/NS packages and VIMs (and any updates on them) of the registered MANO are also reflected to the portal to the respective UIs (Registered VNFs/NSDs and Manage Infrastructures). + +The synchronization is a continuous process that will confirm that the artifacts are still present in the MANO, updating the status field of the respective artifacts to `OSM_PRESENT`. If during this process, an artifact is deleted from the MANO, the respective status field will be updated to `OSM_MISSING`. \ No newline at end of file diff --git a/mkdocs.yml b/mkdocs.yml index 2236d6a..daabd12 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -72,7 +72,10 @@ nav: - Overview: - Introduction: index.md - Getting Started: - - Deployment/Installation: deployment.md + - Deployment/Installation: + - deployment.md + - Docker Compose: deploymentCompose.md + - Kubernetes: deploymentK8s.md - NFV Orchestrator Configuration: nfvoconfig.md - Service Catalogs: catalogs.md - NFV Catalogs: nfvcatalogs.md -- GitLab From ebfa2f70ead571e5a96c8cd1e0aaf1d172791202 Mon Sep 17 00:00:00 2001 From: Kostis Trantzas Date: Wed, 26 Jun 2024 17:24:25 +0300 Subject: [PATCH 22/23] fix for #2 --- doc/deployment.md | 619 +-------------------------------------- doc/deploymentCompose.md | 495 ++++++++++++++++++++++++++++++- doc/deploymentK8s.md | 6 +- mkdocs.yml | 4 +- 4 files changed, 506 insertions(+), 618 deletions(-) diff --git a/doc/deployment.md b/doc/deployment.md index add7b1d..7a0f6d5 100644 --- a/doc/deployment.md +++ b/doc/deployment.md @@ -1,618 +1,9 @@ -## Requirements +# OpenSlice Deployment -### Hardware requirements: +This section is meant to guide the user through the installation of OpenSlice. +Following, you may thorough guides depending on the installation type of your choice: -| **Minimum Hardware Requirements** | **Recomended Hardware Requirements** | -| --------------------------------- | ------------------------------------ | -| 4 CPU cores | 8 CPU cores | -| 8 GB RAM | 16 GB RAM | -| 30 GB storage | 50 GB storage | +- [Installing via Docker Compose guide](./deploymentCompose.md) +- [Installing via Kubernetes guide](./deploymentK8s.md) -### Software Requirements: - -* Docker (Docker Compose installation) -* Kubernetes (Kubernetes installation - experimental) - - -## Preparing the environment - -> See the [Kubernetes section](#kubernetes-installation), if you would like to deploy OpenSlice in a Kubernetes cluster. - - -### 1. Backup your previous database if necessary: -```bash -sudo docker exec amysql /usr/bin/mysqldump -u root --password=letmein ostmfdb > backup_ostmfdb.sql -``` -### 2. Install docker - -> Since July 2023 Docker Compose V1 stopped receiving updates. OpenSlice fully reverted to Compose V2, which is integrated in the Docker installation. - -### 3. Configure containers to properly resolve the DNS of your domain (optional) - -``` -sudo nano /etc/docker/daemon.json -``` - -and add: - -``` -{ - "dns": ["8.8.8.8", "8.8.4.4"] -} -``` -After editing daemon.json restart docker daemon for the changes to take place - -```bash -sudo systemctl restart docker -``` - -## Downloading the project - -### 1. Create a new folder to download the project - -```bash -mkdir openslice -``` -```bash -cd openslice -``` - -### 2. Download the deployment script - -Download the deployment / environment preparation script - -```bash -wget https://labs.etsi.org/rep/osl/code/org.etsi.osl.main/-/raw/develop/compose/deploy.sh -``` -Make it executable -```bash -sudo chmod +x deploy.sh -``` - -### 3. Run the deployment script - -OpenSlice is a multi repo project. This script selects the same branch for all repositories of the project to pull from. - -After that it builds the respective jar files locally and installs all the npm packages needed for the UI. - -If you run the script without selecting a branch the the main branch is going to be selected. - -We recommend: - -* main branch for the most stable experience and -* develop branch for an experience with the latest features (for develop branch installation, it is strongly advisable that you may as well follow the [develop documentation](https://osl.etsi.org/documentation/develop/deployment/)) - -```bash -sudo ./deploy.sh develop #[or replace main with other branch name] -``` - -> **We recommend running the deploy.sh script with root permissions! In other case, some directories may not be accessible by the project building tools and hinder the smooth installation.** - - -## Configure docker-compose services - -### 1. Create configuration specific Docker Compose file from the template - -```bash -cd org.etsi.osl.main/compose/ -``` -```bash -sudo cp docker-compose.yaml.configure docker-compose.yaml -``` -### 2. Configure mysql-portal container *(optional)* - -1. In folder `org.etsi.osl.main/compose/mysql-init` edit the file `01-databases.sql`. -2. In the `org.etsi.osl.main/compose/docker-compose.yaml` edit the credentials of the users that services use to connect to the databases, if you wish. - * portaluser (default is 12345) and - * keycloak (default is password) - - -### 3. Configure keycloak container *(optional)* - -1. If you made changes to keycloak's mysql credentials: - - In folder `org.etsi.osl.main/compose/` edit the file `docker-compose.yaml`. - -``` -DB_DATABASE: keycloak -DB_USER: keycloak -DB_PASSWORD: password -``` - -2. If you want to change the keycloak admin password: - - In folder `org.etsi.osl.main/compose/` edit the file `docker-compose.yaml` - -``` -KEYCLOAK_PASSWORD: Pa55w0rd -``` - -### 4. Configure bugzilla container *(optional)* - -If you want to utilise the Bugzilla connector: - -In folder `org.etsi.osl.main/compose/` edit the file `docker-compose.yaml` - -``` -SPRING_APPLICATION_JSON: '{ - "spring.activemq.brokerUrl": "tcp://anartemis:61616?jms.watchTopicAdvisories=false", - "spring.activemq.user": "artemis", - "spring.activemq.password": "artemis", - "bugzillaurl":"", - "bugzillakey":"", - "main_operations_product":"" -}' -``` - -And add the provided Bugzilla installation information: - -``` -"bugzillaurl":"bugzillaurl.xx:443/bugzilla/", -"bugzillakey":"exampleKeyeqNNwxBlgxZgMEIne0Oeq0Bz", -"main_operations_product":"Main Site Operations" // this is the default product to issue tickets -``` - -Bugzilla should have the following components under the specified product: - -* NSD Deployment Request: Component used to schedule deployment req -* Onboarding: Issues related to VNF/NSD Onboarding -* Operations Support: Default component for operations support -* Validation: Use to track validation processes of VNFs and NSDs -* VPN Credentials/Access: Used for requesting VPN Credentials/Access - -Also in the 'Main Site Operations' product, a version named 'unspecified' must be created. - -### 5. Configure osportalapi container (NFV services) *(conditional)* - -Change the respective fields: - -- If you made changes to mysql and keycloak credentials. -- If you want to change logging level (TRACE / DEBUG / INFO / WARN / ERROR). - -> ***If you are using a non-local domain, replace everywhere the http://keycloak:8080 with the respective {{protocol://domain.name}}, as well as "spring.portal.main.domain" property.*** - -In folder `org.etsi.osl.main/compose/` edit the file `docker-compose.yaml` - -``` -SPRING_APPLICATION_JSON: '{ - "spring.datasource.username":"root", - "spring.datasource.password":"letmein", - "spring-addons.issuers[0].uri": "http://keycloak:8080/auth/realms/openslice", - "spring.security.oauth2.resourceserver.jwt.issuer-uri": "http://keycloak:8080/auth/realms/openslice", - "springdoc.oAuthFlow.authorizationUrl": "http://keycloak:8080/auth/realms/openslice/protocol/openid-connect/auth", - "springdoc.oAuthFlow.tokenUrl": "http://keycloak:8080/auth/realms/openslice/protocol/openid-connect/token", - "spring.portal.main.domain": "http://localhost", - "logging.level.org.springframework" : "INFO" -}' -``` - -### 6. osscapi container (TMF API service) *(conditional)* - -Change the respective fields: - -- If you made changes to mysql and keycloak credentials. -- If you want to change logging level (TRACE / DEBUG / INFO / WARN / ERROR). - -> **If you are using a non-local domain, replace everywhere the http://keycloak:8080 with the respective {{protocol://domain.name}}.** - -In folder `org.etsi.osl.main/compose/` edit the file `docker-compose.yaml` - -``` -SPRING_APPLICATION_JSON: '{ - "spring.datasource.username":"root", - "spring.datasource.password":"letmein", - "spring-addons.issuers[0].uri": "http://keycloak:8080/auth/realms/openslice", - "spring.security.oauth2.resourceserver.jwt.issuer-uri": "http://keycloak:8080/auth/realms/openslice", - "springdoc.oAuthFlow.authorizationUrl": "http://keycloak:8080/auth/realms/openslice/protocol/openid-connect/auth", - "springdoc.oAuthFlow.tokenUrl": "http://keycloak:8080/auth/realms/openslice/protocol/openid-connect/token", - "logging.level.org.springframework" : "INFO" -}' -``` - -## Configure nginx - -In folder `org.etsi.osl.main/compose/nginx` create a configuration specific `nginx.conf` file. - - -```bash -cd org.etsi.osl.main/compose/nginx/ -``` - -```bash -sudo cp nginx.conf.default nginx.conf -``` - -If needed, in the nginx.conf file, edit the server_name for an non-local deployment. - - - -## Configure Web UI - -In folder `org.etsi.osl.portal.web/src/js/` create a configuration specific `config.js` file. - -```bash -cd org.etsi.osl.portal.web/src/js -``` - -```bash -sudo cp config.js.default config.js -``` - -Edit the `config.js` file with the information of your domain. `ROOTURL` will automatically extract the the Origin (Protocol://Domain:Port) of the deployment, but you must change `APIURL` property, if you are not aiming for a localhost installation, e.g. "https://portal.openslice.io". - -Example file: - -``` -{ - BUGZILLA: "ROOTURL/bugzilla/", - STATUS: "ROOTURL/status/", - APIURL: "http://localhost", - WEBURL: "ROOTURL/nfvportal", - APIOAUTHURL: "ROOTURL/auth/realms/openslice", - APITMFURL: "ROOTURL/tmf-api/serviceCatalogManagement/v4" -} -``` - -## Configure TMF Web UI - -In the folder `org.etsi.osl.tmf.web/src/assets/config` there are 3 files available for configuration: - -* config.prod.json (Basic information + API configuration) -* theming.scss (CSS color palette theming) -* config.theming.json (HTML configuration - Logo, Favicon, Footer) - - -The first 2 files above (i.e. config.prod.json, theming.scss) are essential for the successful deployment of OpenSlice, thus created automatically during the initial deployment at `org.etsi.osl.tmf.web/src/assets/config` directory as a copy of the default ones from the remote repository. - -Ensure that you check the `config.prod.json` and `theming.scss` files and readjust to your deployment if needed. - -```bash -# Starting from the root project directory -cd org.etsi.osl.tmf.web/src/assets/config -``` - -E.g. You may edit "TITLE", "WIKI", etc properties with your domain title. Also configure TMF's API and Keycloak's location for the web application, if needed. - -Example file: - -``` -{ - "TITLE": "OpenSlice by ETSI", - "PORTALVERSION":"2024Q2", - "WIKI": "https://osl.etsi.org/documentation", - "BUGZILLA": "{BASEURL}/bugzilla/", - "STATUS": "{BASEURL}/status/", - "WEBURL": "{BASEURL}", - "PORTAL_REPO_APIURL": "{BASEURL}/osapi", - "ASSURANCE_SERVICE_MGMT_APIURL": "{BASEURL}/oas-api", - "APITMFURL": "{BASEURL}/tmf-api", - "OAUTH_CONFIG" : { - "issuer": "{BASEURL}/auth/realms/openslice", - "loginUrl": "{BASEURL}/auth/realms/openslice/protocol/openid-connect/auth", - "tokenEndpoint": "{BASEURL}/auth/realms/openslice/protocol/openid-connect/token", - "userinfoEndpoint": "{BASEURL}/auth/realms/openslice/protocol/openid-connect/userinfo", - "redirectUri": "{BASEURL}/redirect", - "logoutUrl": "{BASEURL}/auth/realms/openslice/protocol/openid-connect/logout", - "postLogoutRedirectUri": "{BASEURL}", - - "responseType": "code", - "oidc": false, - "clientId": "osapiWebClientId", - "dummyClientSecret": "secret", - - "requireHttps": false, - "useHttpBasicAuth": true, - "clearHashAfterLogin": false, - - "showDebugInformation": true - } -} -``` - -> The {BASEURL} placeholder in the file automatically detects the Origin (Protocol://Domain:Port) of the deployment and applies it to every respective property. E.g. If you are attempting a local deployment of OpenSlice, then {BASEURL} is automatically translated to "http://localhost". Similarly, you may use {BASEURL} to translate to a public deployment configuration, e.g. "https://portal.openslice.io". - -If further customization, apart from the default provided, is needed for branding (Logo, Footer) then `config.theming.json` needs to be created in io.openslice.tmf.web/src/assets/config directory, as follows: - -```bash -# Starting from the root project directory -cd org.etsi.osl.tmf.web/src/assets/config -``` - -```bash -sudo cp config.theming.default.json config.theming.json -``` - -> ***IMPORTANT NOTE:*** -If you want to apply changes to the JSON configuration files without the need to rebuild the application, you have to apply the changes at the `org.etsi.osl.tmf.web/dist/io-openslice-portal-web/assets/config` directory. Although, it is mandatory to also apply these changes to the `org.etsi.osl.tmf.web/src/assets/config` for persistancy, as after any future rebuild of OpenSlice the `/dist` directory is being overwritten along with its contents. The OpenSlice team strongly recommends to always apply your changes to the TMF web UI configuration files at `org.etsi.osl.tmf.web/src/assets/config` and rebuild the application. - -## Deploy OpenSlice via Docker Compose - -After configuring the services, and editing the docker compose file accordingly, the docker compose instantiation command can be performed. - -```bash -# Starting from the root project directory -cd org.etsi.osl.main/compose/ -``` - -```bash -sudo docker compose --profile prod down;sudo docker compose --profile prod up -d --build -``` - -> Depending on your machine, this process might take time. if for any reason the deployment fails during first time, please rerun the above before any further measures. - - -## Validating deployments and container monitoring - -You can monitor containers' status with portainer at port 9000 (http://your-ip:9000). - -Initially, you may monitor the local machine at portainer. - -Please check that all containers are in running state. - - -## Post installation steps - -After the successful deployment of OpenSlice, to ensure the E2E user experience, **this section is mandatory**. It contains crucial configuration in regard of authentication and user creation. - -### Configure Keycloak server - -The Keycloack server is managing authentication and running on a container at port 8080. It is also proxied to your host via nginx under http://localhost/auth. - -- Navigate to http://domain.com/auth/ or https://domain.com/auth/, (http://ipaddress:8080/auth/ or https://ipaddress:8443/auth/ which are directly accessible without proxy) - -- Navigate to Administration Console - -- Login with the credentials from section [Configure keycloak container](#3-configure-keycloak-container-optional). Default values are: - - user: admin and - - password: Pa55w0rd - -> if you are running in HTTP you will get a message: HTTPS required. - -To resolve this issue when running in HTTP: - -- Select the master realm from top left corner -- Go to login Tab and select "Require SSL": None -- Repeat for realm Openslice - - -> If you are running in HTTPS, then "Require SSL" can be left unchanged to external requests. - -#### 1. Configure redirects - -Navigate to realm Openslice > Clients > osapiWebClientId and change the Root URL to your domain. - -Also, insert your domain, e.g. http://example.org/*, at: -* Valid Redirect URIs -* Web Origins - -#### 2. Configure email - -Keycloak allows new users to register. Subsequently, this will also allow new users to register to the OpenSlice portal. - -Navigate to realm Openslice > Realm Settings > Login Tab > check User registration, Verify email, Forgot password etc. - -Finally, enter the details of the mail server at the Email Tab. - -> Email configuration is optional for test runs, but if not provided the above functionalities (e.g. external user registration) will not be possible. - - -#### 3. Add an OpenSlice admin user - -This step is mandatory so as to access the OpenSlice Web UI. To add an OpenSlice admin user you must: - -- Navigate to realm Openslice > Users > Add user -- Set a password -- Upon creation, navigate to Role Mappings and add ADMIN to Assigned Roles list - -> That user is different from the Keycloak admin user. It is required to login and browse the OpenSlice Web UI. The Role ADMIN guarantee full access through the OpenSlice UI, thus such a user is always required. - -### Keycloak at localhost - -> **This is an important step if you run Keycloak on localhost!** - -1 - Edit your Hosts File, adding the line below - -```127.0.0.1 keycloak``` - -Hosts File Location: - - - In Linux/Unix, the file's location is at /etc/hosts - - - In Windows, its location is at c:\Windows\System32\Drivers\etc\hosts - -2 - Replace http://localhost/auth/ with http://keycloak:8080/auth/ in your Keycloak config for AngularJS and Angular (see examples below). - - -> Explanation - -Nginx uses the http://keycloak:8080 URL, which is accessible via the internal docker system's network. -The Front-end (TS/Angular) shall also use the http://keycloak:8080. -This way, you will not get the invalid token error, as the API is acquiring the token from http://keycloak:8080 (internally) and the Front-end is getting verified by an issuer at the same URL, as well. - - - -2.1 - For the Angular configuration (TMF portal UI), navigate to org.etsi.osl.tmf.web/src/assets/config and edit config.prod.json - -```bash -# Starting from the root project directory -cd org.etsi.osl.tmf.web/src/assets/config -``` - -```bash -nano config.prod.json -``` - -After editing, the displayed properties should look like the example below: - -```yaml -{ - "OAUTH_CONFIG" : { - "issuer": "http://keycloak:8080/auth/realms/openslice", - "loginUrl": "http://keycloak:8080/auth/realms/openslice/protocol/openid-connect/auth", - "tokenEndpoint": "http://keycloak:8080/auth/realms/openslice/protocol/openid-connect/token", - "userinfoEndpoint": "http://keycloak:8080/auth/realms/openslice/protocol/openid-connect/userinfo", - "redirectUri": "{BASEURL}/redirect", - "logoutUrl": "http://keycloak:8080/auth/realms/openslice/protocol/openid-connect/logout", - "postLogoutRedirectUri": "{BASEURL}", - } -} -``` - -> Note the difference in changing {BASEURL} -> http://keycloak:8080 - -> If you want the changes to take place immediately without rebuilding the project, then repeat the process for org.etsi.osl.tmf.web/dist/org.etsi.osl.tmf.web/assets/config/config.prod.json - -2.2 - For the AngularJS configuration (NVF portal UI), navigate to org.etsi.osl.portal.web/src/js and edit config.js - -```bash -# Starting from the root project directory -cd org.etsi.osl.portal.web/src/js -``` - -```bash -nano config.js -``` - -After editing, the displayed properties should look like the example below: - -``` -var appConfig = angular.module('portalwebapp.config',[]); - - -appConfig.factory('APIEndPointService', function() { - return { - APIOAUTHURL: "http://keycloak:8080/auth/realms/openslice", - }; -}); -``` - -> Note the difference in "APIOAUTHURL" property, changing ROOTURL -> http://keycloak:8080 - - -### NFV Orchestrator Configuration - -After successfully deploying and configuring OpenSlice, you may configure its environment (e.g. the NFVO) that will facilitate the deployment of NFV artifacts. - -See [NFV Orchestrator Configuration](./nfvoconfig.md). - - -
- -## Kubernetes installation - -Openslice can be installed in a Kubernetes cluster. - -The related scripts are inside the kubernetes folder. Follow these steps along the lines. You need to configure the ingress properly depending on how you want to expose Openslice. - -1 - Create an openslice namespace - -```bash -kubectl create namespace openslice -``` - -2 - Apply or create an ingress. Ingress exposes HTTP and HTTPS routes from outside the cluster to services within the cluster. Traffic routing is controlled by rules defined on the Ingress resource. -An Ingress may be configured to give Services externally-reachable URLs, load balance traffic, terminate SSL / TLS, and offer name-based virtual hosting. An Ingress controller is responsible for fulfilling the Ingress, usually with a load balancer, though it may also configure your edge router or additional frontends to help handle the traffic. You must have an Ingress controller to satisfy an Ingress. -You may need to deploy an Ingress controller such as ingress-nginx. - -You can also adapt it to connect to public cloud load balancers depending on your needs. - -The following will expose an ingress resource from one of your a k8s nodes on port 80. - -```bash - kubectl apply -f openslice-ingress.yaml -``` - - -Finding the ingress IP: - - -```bash - -kubectl describe -f openslice-ingress.yaml - - -Name: openslice-ingress -Namespace: openslice -Address: 10.10.10.35 -Default backend: default-http-backend:80 () -Rules: - Host Path Backends - ---- ---- -------- - * - /services tmfweb:80 () - /tmf-api osscapi:13082 () - /auth keycloak:8080 () - /osapi osportalapi:13000 () - / portalweb:80 () -Annotations: kubernetes.io/ingress.class: nginx -Events: - Type Reason Age From Message - ---- ------ ---- ---- ------- - Normal Sync 9m29s (x2 over 9m58s) nginx-ingress-controller Scheduled for sync - -``` - -From the above example, our exposed ingress is at Address: 10.10.10.35 - -3 - We need to configure the expose address and deploy openslice (IP or URL e.g. http://myopenslice.xxx) - -```bash -./k8sdeploy.sh 10.10.10.35 -``` - - -4 - Check the status of Openslice in the cluster. Should be similar to the following: - -```bash - -kubectl get pods --namespace=openslice -o wide - -NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES -activemq-59d4bfdb4b-bvjqr 1/1 Running 0 109s 192.168.43.97 kc-2 -bugzilla-client-7dd7cb47cb-8qb8m 1/1 Running 0 100s 192.168.12.114 kc-3 -centrallog-95bbf7867-k8fpt 1/1 Running 0 100s 192.168.12.107 kc-3 -consul-b5dd76b76-64dzk 1/1 Running 0 107s 192.168.43.90 kc-2 -keycloak-7c5b6bbc95-k2qfl 1/1 Running 0 105s 192.168.12.106 kc-3 -manoclient-95f68f4c9-c9t6r 1/1 Running 0 104s 192.168.12.113 kc-3 -mysql-portal-0 1/1 Running 0 107s 192.168.43.99 kc-2 -osom-6d548cf555-q8ptj 1/1 Running 0 104s 192.168.43.93 kc-2 -osportalapi-5fff744db8-5g4zs 1/1 Running 0 103s 192.168.43.98 kc-2 -osscapi-6d68b54d97-jn8tz 0/1 Running 0 102s 192.168.12.104 kc-3 -portalweb-8469d57df4-94tfj 1/1 Running 0 101s 192.168.48.44 kc-nfs -tmfweb-868f7bb9c5-x4lfh 1/1 Running 0 102s 192.168.48.43 kc-nfs -``` -```bash -kubectl get deployments --namespace=openslice -o wide - -NAME READY UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR -activemq 1/1 1 1 2m15s anactivemq webcenter/activemq:5.14.3 org.etsi.osl.service=activemq -bugzilla-client 1/1 1 1 2m6s bugzilla-client openslice/org.etsi.osl.bugzilla:latest org.etsi.osl.service=bugzilla-client -centrallog 1/1 1 1 2m6s centrallog openslice/org.etsi.osl.centrallog.service org.etsi.osl.service=centrallog -consul 1/1 1 1 2m13s aconsul consul org.etsi.osl.service=consul -keycloak 1/1 1 1 2m11s keycloak quay.io/keycloak/keycloak:11.0.3 org.etsi.osl.service=keycloak -manoclient 1/1 1 1 2m10s manoclient openslice/org.etsi.osl.mano:latest org.etsi.osl.service=manoclient -osom 1/1 1 1 2m10s openslice-osom openslice/org.etsi.osl.osom:latest org.etsi.osl.service=osom -osportalapi 1/1 1 1 2m9s openslice-portalapi openslice/org.etsi.osl.portal.api:latest org.etsi.osl.service=osportalapi -osscapi 1/1 1 1 2m8s openslice-scapi openslice/org.etsi.osl.tmf.api:latest org.etsi.osl.service=osscapi -portalweb 1/1 1 1 2m7s openslice-portalweb openslice/org.etsi.osl.portal.web:latest org.etsi.osl.service=portalweb -tmfweb 1/1 1 1 2m8s openslice-tmfweb openslice/org.etsi.osl.tmf.web:latest org.etsi.osl.service=tmfweb -``` -```bash -kubectl get services --namespace=openslice -o wide - -NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR -activemq ClusterIP 10.111.160.120 8161/TCP,61616/TCP 2m22s org.etsi.osl.service=activemq -bugzilla-client ClusterIP 10.101.43.28 13010/TCP 2m14s org.etsi.osl.service=bugzilla-client -centrallog ClusterIP 10.109.15.151 13013/TCP 2m14s org.etsi.osl.service=centrallog -consul ClusterIP 10.101.103.240 8500/TCP,8600/TCP 2m21s org.etsi.osl.service=consul -keycloak ClusterIP 10.110.216.62 8080/TCP,8443/TCP 2m19s org.etsi.osl.service=keycloak -manoclient ClusterIP 10.108.112.84 13011/TCP 2m18s org.etsi.osl.service=manoclient -mysql-portal ClusterIP None 3306/TCP 2m19s org.etsi.osl.service=mysql-portal -osom ClusterIP 10.105.173.85 13100/TCP 2m18s org.etsi.osl.service=osom -osportalapi ClusterIP 10.104.121.164 13000/TCP 2m17s org.etsi.osl.service=osportalapi -osscapi ClusterIP 10.108.6.161 13082/TCP 2m16s org.etsi.osl.service=osscapi -portalweb ClusterIP 10.97.126.98 80/TCP 2m15s org.etsi.osl.service=portalweb -tmfweb ClusterIP 10.98.56.82 80/TCP 2m15s org.etsi.osl.service=tmfweb - -``` \ No newline at end of file diff --git a/doc/deploymentCompose.md b/doc/deploymentCompose.md index 052db73..4dc5686 100644 --- a/doc/deploymentCompose.md +++ b/doc/deploymentCompose.md @@ -1 +1,494 @@ -Docker Compose WIP \ No newline at end of file +# OpenSlice Deployment Guide with Docker Compose + +## Requirements + +### Hardware requirements: + + +| **Minimum Hardware Requirements** | **Recomended Hardware Requirements** | +| --------------------------------- | ------------------------------------ | +| 4 CPU cores | 8 CPU cores | +| 8 GB RAM | 16 GB RAM | +| 30 GB storage | 50 GB storage | + +### Software Requirements: + +* **Docker:** A running environment for Docker Compose services + +## Preparing the environment + +### 1. Backup your previous database if necessary: +```bash +sudo docker exec amysql /usr/bin/mysqldump -u root --password=letmein ostmfdb > backup_ostmfdb.sql +``` +### 2. Install docker + +> Since July 2023 Docker Compose V1 stopped receiving updates. OpenSlice fully reverted to Compose V2, which is integrated in the Docker installation. + +### 3. Configure containers to properly resolve the DNS of your domain (optional) + +``` +sudo nano /etc/docker/daemon.json +``` + +and add: + +``` +{ + "dns": ["8.8.8.8", "8.8.4.4"] +} +``` +After editing daemon.json restart docker daemon for the changes to take place + +```bash +sudo systemctl restart docker +``` + +## Downloading the project + +### 1. Create a new folder to download the project + +```bash +mkdir openslice +``` +```bash +cd openslice +``` + +### 2. Download the deployment script + +Download the deployment / environment preparation script + +```bash +wget https://labs.etsi.org/rep/osl/code/org.etsi.osl.main/-/raw/develop/compose/deploy.sh +``` +Make it executable +```bash +sudo chmod +x deploy.sh +``` + +### 3. Run the deployment script + +OpenSlice is a multi repo project. This script selects the same branch for all repositories of the project to pull from. + +After that it builds the respective jar files locally and installs all the npm packages needed for the UI. + +If you run the script without selecting a branch the the main branch is going to be selected. + +We recommend: + +* main branch for the most stable experience and +* develop branch for an experience with the latest features (for develop branch installation, it is strongly advisable that you may as well follow the [develop documentation](https://osl.etsi.org/documentation/develop/deployment/)) + +```bash +sudo ./deploy.sh develop #[or replace main with other branch name] +``` + +> **We recommend running the deploy.sh script with root permissions! In other case, some directories may not be accessible by the project building tools and hinder the smooth installation.** + + +## Configure Docker Compose services + +### 1. Create configuration specific Docker Compose file from the template + +```bash +cd org.etsi.osl.main/compose/ +``` +```bash +sudo cp docker-compose.yaml.configure docker-compose.yaml +``` +### 2. Configure mysql-portal container *(optional)* + +1. In folder `org.etsi.osl.main/compose/mysql-init` edit the file `01-databases.sql`. +2. In the `org.etsi.osl.main/compose/docker-compose.yaml` edit the credentials of the users that services use to connect to the databases, if you wish. + * portaluser (default is 12345) and + * keycloak (default is password) + + +### 3. Configure keycloak container *(optional)* + +1. If you made changes to keycloak's mysql credentials: + + In folder `org.etsi.osl.main/compose/` edit the file `docker-compose.yaml`. + +``` +DB_DATABASE: keycloak +DB_USER: keycloak +DB_PASSWORD: password +``` + +2. If you want to change the keycloak admin password: + + In folder `org.etsi.osl.main/compose/` edit the file `docker-compose.yaml` + +``` +KEYCLOAK_PASSWORD: Pa55w0rd +``` + +### 4. Configure bugzilla container *(optional)* + +If you want to utilise the Bugzilla connector: + +In folder `org.etsi.osl.main/compose/` edit the file `docker-compose.yaml` + +``` +SPRING_APPLICATION_JSON: '{ + "spring.activemq.brokerUrl": "tcp://anartemis:61616?jms.watchTopicAdvisories=false", + "spring.activemq.user": "artemis", + "spring.activemq.password": "artemis", + "bugzillaurl":"", + "bugzillakey":"", + "main_operations_product":"" +}' +``` + +And add the provided Bugzilla installation information: + +``` +"bugzillaurl":"bugzillaurl.xx:443/bugzilla/", +"bugzillakey":"exampleKeyeqNNwxBlgxZgMEIne0Oeq0Bz", +"main_operations_product":"Main Site Operations" // this is the default product to issue tickets +``` + +Bugzilla should have the following components under the specified product: + +* NSD Deployment Request: Component used to schedule deployment req +* Onboarding: Issues related to VNF/NSD Onboarding +* Operations Support: Default component for operations support +* Validation: Use to track validation processes of VNFs and NSDs +* VPN Credentials/Access: Used for requesting VPN Credentials/Access + +Also in the 'Main Site Operations' product, a version named 'unspecified' must be created. + +### 5. Configure osportalapi container (NFV services) *(conditional)* + +Change the respective fields: + +- If you made changes to mysql and keycloak credentials. +- If you want to change logging level (TRACE / DEBUG / INFO / WARN / ERROR). + +> ***If you are using a non-local domain, replace everywhere the http://keycloak:8080 with the respective {{protocol://domain.name}}, as well as "spring.portal.main.domain" property.*** + +In folder `org.etsi.osl.main/compose/` edit the file `docker-compose.yaml` + +``` +SPRING_APPLICATION_JSON: '{ + "spring.datasource.username":"root", + "spring.datasource.password":"letmein", + "spring-addons.issuers[0].uri": "http://keycloak:8080/auth/realms/openslice", + "spring.security.oauth2.resourceserver.jwt.issuer-uri": "http://keycloak:8080/auth/realms/openslice", + "springdoc.oAuthFlow.authorizationUrl": "http://keycloak:8080/auth/realms/openslice/protocol/openid-connect/auth", + "springdoc.oAuthFlow.tokenUrl": "http://keycloak:8080/auth/realms/openslice/protocol/openid-connect/token", + "spring.portal.main.domain": "http://localhost", + "logging.level.org.springframework" : "INFO" +}' +``` + +### 6. osscapi container (TMF API service) *(conditional)* + +Change the respective fields: + +- If you made changes to mysql and keycloak credentials. +- If you want to change logging level (TRACE / DEBUG / INFO / WARN / ERROR). + +> **If you are using a non-local domain, replace everywhere the http://keycloak:8080 with the respective {{protocol://domain.name}}.** + +In folder `org.etsi.osl.main/compose/` edit the file `docker-compose.yaml` + +``` +SPRING_APPLICATION_JSON: '{ + "spring.datasource.username":"root", + "spring.datasource.password":"letmein", + "spring-addons.issuers[0].uri": "http://keycloak:8080/auth/realms/openslice", + "spring.security.oauth2.resourceserver.jwt.issuer-uri": "http://keycloak:8080/auth/realms/openslice", + "springdoc.oAuthFlow.authorizationUrl": "http://keycloak:8080/auth/realms/openslice/protocol/openid-connect/auth", + "springdoc.oAuthFlow.tokenUrl": "http://keycloak:8080/auth/realms/openslice/protocol/openid-connect/token", + "logging.level.org.springframework" : "INFO" +}' +``` + +## Configure nginx + +In folder `org.etsi.osl.main/compose/nginx` create a configuration specific `nginx.conf` file. + + +```bash +cd org.etsi.osl.main/compose/nginx/ +``` + +```bash +sudo cp nginx.conf.default nginx.conf +``` + +If needed, in the nginx.conf file, edit the server_name for an non-local deployment. + + + +## Configure Web UI + +In folder `org.etsi.osl.portal.web/src/js/` create a configuration specific `config.js` file. + +```bash +cd org.etsi.osl.portal.web/src/js +``` + +```bash +sudo cp config.js.default config.js +``` + +Edit the `config.js` file with the information of your domain. `ROOTURL` will automatically extract the the Origin (Protocol://Domain:Port) of the deployment, but you must change `APIURL` property, if you are not aiming for a localhost installation, e.g. "https://portal.openslice.io". + +Example file: + +``` +{ + BUGZILLA: "ROOTURL/bugzilla/", + STATUS: "ROOTURL/status/", + APIURL: "http://localhost", + WEBURL: "ROOTURL/nfvportal", + APIOAUTHURL: "ROOTURL/auth/realms/openslice", + APITMFURL: "ROOTURL/tmf-api/serviceCatalogManagement/v4" +} +``` + +## Configure TMF Web UI + +In the folder `org.etsi.osl.tmf.web/src/assets/config` there are 3 files available for configuration: + +* config.prod.json (Basic information + API configuration) +* theming.scss (CSS color palette theming) +* config.theming.json (HTML configuration - Logo, Favicon, Footer) + + +The first 2 files above (i.e. config.prod.json, theming.scss) are essential for the successful deployment of OpenSlice, thus created automatically during the initial deployment at `org.etsi.osl.tmf.web/src/assets/config` directory as a copy of the default ones from the remote repository. + +Ensure that you check the `config.prod.json` and `theming.scss` files and readjust to your deployment if needed. + +```bash +# Starting from the root project directory +cd org.etsi.osl.tmf.web/src/assets/config +``` + +E.g. You may edit "TITLE", "WIKI", etc properties with your domain title. Also configure TMF's API and Keycloak's location for the web application, if needed. + +Example file: + +``` +{ + "TITLE": "OpenSlice by ETSI", + "PORTALVERSION":"2024Q2", + "WIKI": "https://osl.etsi.org/documentation", + "BUGZILLA": "{BASEURL}/bugzilla/", + "STATUS": "{BASEURL}/status/", + "WEBURL": "{BASEURL}", + "PORTAL_REPO_APIURL": "{BASEURL}/osapi", + "ASSURANCE_SERVICE_MGMT_APIURL": "{BASEURL}/oas-api", + "APITMFURL": "{BASEURL}/tmf-api", + "OAUTH_CONFIG" : { + "issuer": "{BASEURL}/auth/realms/openslice", + "loginUrl": "{BASEURL}/auth/realms/openslice/protocol/openid-connect/auth", + "tokenEndpoint": "{BASEURL}/auth/realms/openslice/protocol/openid-connect/token", + "userinfoEndpoint": "{BASEURL}/auth/realms/openslice/protocol/openid-connect/userinfo", + "redirectUri": "{BASEURL}/redirect", + "logoutUrl": "{BASEURL}/auth/realms/openslice/protocol/openid-connect/logout", + "postLogoutRedirectUri": "{BASEURL}", + + "responseType": "code", + "oidc": false, + "clientId": "osapiWebClientId", + "dummyClientSecret": "secret", + + "requireHttps": false, + "useHttpBasicAuth": true, + "clearHashAfterLogin": false, + + "showDebugInformation": true + } +} +``` + +> The {BASEURL} placeholder in the file automatically detects the Origin (Protocol://Domain:Port) of the deployment and applies it to every respective property. E.g. If you are attempting a local deployment of OpenSlice, then {BASEURL} is automatically translated to "http://localhost". Similarly, you may use {BASEURL} to translate to a public deployment configuration, e.g. "https://portal.openslice.io". + +If further customization, apart from the default provided, is needed for branding (Logo, Footer) then `config.theming.json` needs to be created in io.openslice.tmf.web/src/assets/config directory, as follows: + +```bash +# Starting from the root project directory +cd org.etsi.osl.tmf.web/src/assets/config +``` + +```bash +sudo cp config.theming.default.json config.theming.json +``` + +> ***IMPORTANT NOTE:*** +If you want to apply changes to the JSON configuration files without the need to rebuild the application, you have to apply the changes at the `org.etsi.osl.tmf.web/dist/io-openslice-portal-web/assets/config` directory. Although, it is mandatory to also apply these changes to the `org.etsi.osl.tmf.web/src/assets/config` for persistancy, as after any future rebuild of OpenSlice the `/dist` directory is being overwritten along with its contents. The OpenSlice team strongly recommends to always apply your changes to the TMF web UI configuration files at `org.etsi.osl.tmf.web/src/assets/config` and rebuild the application. + +## Deploy OpenSlice via Docker Compose + +After configuring the services, and editing the docker compose file accordingly, the docker compose instantiation command can be performed. + +```bash +# Starting from the root project directory +cd org.etsi.osl.main/compose/ +``` + +```bash +sudo docker compose --profile prod down;sudo docker compose --profile prod up -d --build +``` + +> Depending on your machine, this process might take time. if for any reason the deployment fails during first time, please rerun the above before any further measures. + + +## Validating deployments and container monitoring + +You can monitor containers' status with portainer at port 9000 (http://your-ip:9000). + +Initially, you may monitor the local machine at portainer. + +Please check that all containers are in running state. + + +## Post installation steps + +After the successful deployment of OpenSlice, to ensure the E2E user experience, **this section is mandatory**. It contains crucial configuration in regard of authentication and user creation. + +### Configure Keycloak server + +The Keycloack server is managing authentication and running on a container at port 8080. It is also proxied to your host via nginx under http://localhost/auth. + +- Navigate to http://domain.com/auth/ or https://domain.com/auth/, (http://ipaddress:8080/auth/ or https://ipaddress:8443/auth/ which are directly accessible without proxy) + +- Navigate to Administration Console + +- Login with the credentials from section [Configure keycloak container](#3-configure-keycloak-container-optional). Default values are: + - user: admin and + - password: Pa55w0rd + +> if you are running in HTTP you will get a message: HTTPS required. + +To resolve this issue when running in HTTP: + +- Select the master realm from top left corner +- Go to login Tab and select "Require SSL": None +- Repeat for realm Openslice + + +> If you are running in HTTPS, then "Require SSL" can be left unchanged to external requests. + +#### 1. Configure redirects + +Navigate to realm Openslice > Clients > osapiWebClientId and change the Root URL to your domain. + +Also, insert your domain, e.g. http://example.org/*, at: +* Valid Redirect URIs +* Web Origins + +#### 2. Configure email + +Keycloak allows new users to register. Subsequently, this will also allow new users to register to the OpenSlice portal. + +Navigate to realm Openslice > Realm Settings > Login Tab > check User registration, Verify email, Forgot password etc. + +Finally, enter the details of the mail server at the Email Tab. + +> Email configuration is optional for test runs, but if not provided the above functionalities (e.g. external user registration) will not be possible. + + +#### 3. Add an OpenSlice admin user + +This step is mandatory so as to access the OpenSlice Web UI. To add an OpenSlice admin user you must: + +- Navigate to realm Openslice > Users > Add user +- Set a password +- Upon creation, navigate to Role Mappings and add ADMIN to Assigned Roles list + +> That user is different from the Keycloak admin user. It is required to login and browse the OpenSlice Web UI. The Role ADMIN guarantee full access through the OpenSlice UI, thus such a user is always required. + +### Keycloak at localhost + +> **This is an important step if you run Keycloak on localhost!** + +1 - Edit your Hosts File, adding the line below + +```127.0.0.1 keycloak``` + +Hosts File Location: + + - In Linux/Unix, the file's location is at /etc/hosts + + - In Windows, its location is at c:\Windows\System32\Drivers\etc\hosts + +2 - Replace http://localhost/auth/ with http://keycloak:8080/auth/ in your Keycloak config for AngularJS and Angular (see examples below). + + +> Explanation + +Nginx uses the http://keycloak:8080 URL, which is accessible via the internal docker system's network. +The Front-end (TS/Angular) shall also use the http://keycloak:8080. +This way, you will not get the invalid token error, as the API is acquiring the token from http://keycloak:8080 (internally) and the Front-end is getting verified by an issuer at the same URL, as well. + + + +2.1 - For the Angular configuration (TMF portal UI), navigate to org.etsi.osl.tmf.web/src/assets/config and edit config.prod.json + +```bash +# Starting from the root project directory +cd org.etsi.osl.tmf.web/src/assets/config +``` + +```bash +nano config.prod.json +``` + +After editing, the displayed properties should look like the example below: + +```yaml +{ + "OAUTH_CONFIG" : { + "issuer": "http://keycloak:8080/auth/realms/openslice", + "loginUrl": "http://keycloak:8080/auth/realms/openslice/protocol/openid-connect/auth", + "tokenEndpoint": "http://keycloak:8080/auth/realms/openslice/protocol/openid-connect/token", + "userinfoEndpoint": "http://keycloak:8080/auth/realms/openslice/protocol/openid-connect/userinfo", + "redirectUri": "{BASEURL}/redirect", + "logoutUrl": "http://keycloak:8080/auth/realms/openslice/protocol/openid-connect/logout", + "postLogoutRedirectUri": "{BASEURL}", + } +} +``` + +> Note the difference in changing {BASEURL} -> http://keycloak:8080 + +> If you want the changes to take place immediately without rebuilding the project, then repeat the process for org.etsi.osl.tmf.web/dist/org.etsi.osl.tmf.web/assets/config/config.prod.json + +2.2 - For the AngularJS configuration (NVF portal UI), navigate to org.etsi.osl.portal.web/src/js and edit config.js + +```bash +# Starting from the root project directory +cd org.etsi.osl.portal.web/src/js +``` + +```bash +nano config.js +``` + +After editing, the displayed properties should look like the example below: + +``` +var appConfig = angular.module('portalwebapp.config',[]); + + +appConfig.factory('APIEndPointService', function() { + return { + APIOAUTHURL: "http://keycloak:8080/auth/realms/openslice", + }; +}); +``` + +> Note the difference in "APIOAUTHURL" property, changing ROOTURL -> http://keycloak:8080 + + +### NFV Orchestrator Configuration + +After successfully deploying and configuring OpenSlice, you may configure its environment (e.g. the NFVO) that will facilitate the deployment of NFV artifacts. + +See [NFV Orchestrator Configuration](./nfvoconfig.md). diff --git a/doc/deploymentK8s.md b/doc/deploymentK8s.md index 537b5ab..2a0e963 100644 --- a/doc/deploymentK8s.md +++ b/doc/deploymentK8s.md @@ -1 +1,5 @@ -Kubernetes WIP \ No newline at end of file +# OpenSlice Deployment Guide with Kubernetes + +This is WIP. + +Please refer to this [guide](https://labs.etsi.org/rep/osl/code/org.etsi.osl.main/-/blob/2024Q2_RC/kubernetes/helm/README.md). \ No newline at end of file diff --git a/mkdocs.yml b/mkdocs.yml index daabd12..19f5665 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -72,8 +72,8 @@ nav: - Overview: - Introduction: index.md - Getting Started: - - Deployment/Installation: - - deployment.md + - Deployment: + - Introduction: deployment.md - Docker Compose: deploymentCompose.md - Kubernetes: deploymentK8s.md - NFV Orchestrator Configuration: nfvoconfig.md -- GitLab From 5681850a2a0ff9105ebacd1247a1e95fcfffd565 Mon Sep 17 00:00:00 2001 From: Eduardo Santos Date: Sun, 30 Jun 2024 12:20:00 +0100 Subject: [PATCH 23/23] Added documentation on primitives support feature and NSLCM status --- doc/catalogs.md | 37 +++++++++++++++--- .../catalogs/execute_mano_primitives.png | Bin 0 -> 35992 bytes doc/images/catalogs/mano_nslcm.png | Bin 0 -> 81367 bytes doc/images/catalogs/mano_primitives_list.png | Bin 0 -> 37951 bytes 4 files changed, 31 insertions(+), 6 deletions(-) create mode 100644 doc/images/catalogs/execute_mano_primitives.png create mode 100644 doc/images/catalogs/mano_nslcm.png create mode 100644 doc/images/catalogs/mano_primitives_list.png diff --git a/doc/catalogs.md b/doc/catalogs.md index 3b3538d..f1c07b4 100644 --- a/doc/catalogs.md +++ b/doc/catalogs.md @@ -37,16 +37,41 @@ You can leave the Alias and Unit of Measure as is. Check also the is Default. +### OSM NS LCM Status + +When a Service is deployed, OpenSlice provides the ability to see the status messages from the NFVO. This status can be regarding NS instantiation, primitive execution, etc. + +Going to `ResourceFacingService (RFS)` -> `Contextual Features` -> `MANO NSLCM`, you will be able to see a beautified view of the status messages retrieved by OSM. + +MANO NSLCM Section + ### Day 2 Primitive Actions -NFVOs like OSM allow to perform actions while a service is running, for example change attributes or make actions on a specific VNF. To design this do something similar to the following example: +NFVOs like OSM allow to perform actions while a service is running, for example change attributes or make actions on a specific VNF. +OpenSlice supports the invocation of day 2 primitives using Open Source MANO (OSM). This feature allows users to perform various actions while a service is running, such as changing attributes or executing specific actions on a Network Service's (NSD) Virtual Network Function (VNF). This capability enhances the flexibility and control over network services, making it easier to manage them in real-time. + +#### Invoking Primitives in OpenSlice + +To design and invoke primitives in OpenSlice, do the following steps: + +1. When a service is instantiated, go to its `ResourceFacingService (RFS)` -> `Contextual Features` -> `MANO Primitives List`; + MANO Primitives List Section + +2. There, you will find that VNF available primitives; +3. Click on the `Execute Primitive` button of the chosen VNF; +4. On the `Execute MANO Primitives` window: + 1. Select the desired primitive on the `Primitive Parameter Name`; + 2. Provide the `Primitive Parameter Value`; + + Execute MANO Primitives Window + +5. Click on the `Submit` button. + +After the previous steps, after a while, you should be able to see the status of the primitive execution above on the same page, on the `MANO NSLCM` section. -- Go to the RFS related to the NSD that contains VNFs with primitives -- create a characteristic named Primitive:: , e.g. Primitive::touch -- select Value Type: ARRAY -- add Service Characteristic Value: i) alias=primitive, value= (e.g. touch), ii) alias=member_vnf_index, value= (e.g. 1), iii) add the params that the user will change in alias the name of param and in value an initial value (e.g. alias=filename, value=myfile.txt) +> ***IMPORTANT NOTE:*** +As of now, OpenSlice still only supports the invoking of VNF-level primitives. We expect to have VDU-level primitives in the future. -In the above example, when the service is running and the user goes to service inventory to MODIFY it, changes the value of the alias=filename, value=myfile.txt, to value =secondfile.txt. Then inside the VNF a file will be created called secondfile.txt diff --git a/doc/images/catalogs/execute_mano_primitives.png b/doc/images/catalogs/execute_mano_primitives.png new file mode 100644 index 0000000000000000000000000000000000000000..e8b6713dcad1b2ec1bdddcbcadfb3252558944c3 GIT binary patch literal 35992 zcmeEuc{r4B`?pq6At_0g77;N;B)e3y?>i%Vma%VR3`J2SvQ5a4eV09ZizS4@SY|9m zlPp7)nZX#|YkHpF^OfiQ^Zny}kK=V54!61IzOVbfuJbyt&-pn&=k-)uQ~4<4X+}Ca zx}z$0Z|Ty}?aQX4+mn3gAozqFi)RP_XgMk=X{#tH@oIaz**m(}(a{OK@QIPVd((<7 zjHjPf^kxB{yL-g`NYQL@AC}jO#aD18M*VjQp5hxOW+`T-$=J|$Rn?@7tm5LUhs--& zr~6ffrQDlVelL4Aq4w=#>b|1Nly07%lyBTpj~@9gmB#U*M_@|bF#vOjpS8>SJA!1i z!kv;_Bj#lE6K^v!)5Fej>SLAv?DK6R8RITuiLq-^qxgI*dI&R>EHe^gTRg1wl2vuh z*yHs_hlmQUCKrUEp3Zkps~YHl=ZB+JVz^B9fVbvYOtWa->iP9fY(!tS?EXWnFRpjX zT)nyN9}07e=Q_f4Wh6u4#cAk=j8pNS4!7s0i$z*WzI%l&cHN}-TEHkQHV&$S(nJifZcYs(RjU9Wv_H zGA)5_N~Z4l1bW!e&RE4>LxWBb93P_F6Yfa29~|ugzo)@37>w93I(qPz75v^x-}^sj z_hqN=`=8@I$+Ryj>M5zHfWLY+o_2PwUiaO+%VgB+!L0@z^^LuaHPoeS++ZSBwrko5r^^)?JJ@@AuQs9{OG2|TYpRag3%bqjV(B@Tg^R(lY z5V<09<(wQNFE6i*r>(t|?yWojz8w4~d+xrsx4RSs;^*fl;wL8J=IH>rdgI0o$Q4nD zsHiabhOigh)!WKn*wyR&zi#qB_qk=~W#j4S?(OL2%1gVim9?9Xx9qudw1)ok^RMT$ z^LPBGC0DP1zZQ5w2<;5ys>l_{f9?$~m7#qqrS0f%=VEfp5eB*kv>|ux>J^zk-~X>O z|FpQ{O5=a7ydfsG^U57(c3)}WW#_5n1_Moc%l$Jl|Gs$V$$wuc1EIb7j-L2eH~;w* z^s^kJ4CFs!CdU{`!KcvCDbT6hQq=d~GoMQTQvdc~7_$lkW5$Ds*aQ2{owNS%z)Df) zeUZ>hpQFwjN1q%sH?;7A4i&v@eN_5Qvc%337+bHf=7k)5# z2Ax!cp4P+^OZgPc66O}DdG5~fSs}-G>Gm8_pxevxfNuZ44-fEaSJ1)wF8t5`|2f6W zq7c8#`}dbw9w@v&#H)HZ3>|iM_nmY)#dd$R_rUoF0>Y;PPKW)cxqsjO)}`LvA01+Q zMwd}}@0a7LosUQRK1;UDzW+SdzaL)v%HAh^A+K|-cD)Ymp^yCkhyJGr{`WntKnSU7 zh(C&okH2geHPP)nkXNQo%-g@)IE2s&IuU*9d#@#-8lrU)_-}OyMIvK%kLJS@TIqSW z94}u>AR(e3pEtwmv}W}8N64mj^sGGDZ71p03~Y}D625E_hb&<&PmT>{sT`jhEKX@8 zVVxyhN8c8myLK}7xl49}VYx2>J3_*_x%tcvFx(tC;Mkok-v2=#UXaFCu)xpZ;3QPt zfzdJ#_g*?Cu;};mx=7PRB)8%}#;t#JuedH`va8xeEPBd_T~nHHjZ-er|Mv#Dd0X~L zzfH7kwZ2fTZxxb4@*VRT8mXHr;e3?4-!V|--Y@9cl;OM82@T}ud~^JZVyb$zx9*@sEat0mu7@Wp42w;FqFVC$ z0^avtRBt@m>LK;@mZ?mK(dAQ<-sPGG4SsjzB$|64hvEuKa0v87p*kEt)@AQ_b2O|k z2*Tqb<*GOHgW6Y_R0tal%8~Nm5lwLDGK;muculC;q!i08?;Mht!w)k|n&v|EQ@8La zOI6~SWsIzd!OOa*E7a@_Ld`^VM;t%S)VbKM%6Uk{r{hkDK5=v$*^?$eu>kt3Qj1LR zpl%QeF-lAfKMUrF1`Fq|$61msKMl9X6f?^uy5N(RQ-`GHifj<`Wy+V1yFo~lh5AJ- zr(1)SEP_;74a3=2rd_cLk)_O6_)b3M4+~asKTpo3SbYpj!j9Ufz#87FZ!Wd-;2hGB z_K1aAhkQ}87z}%j0tOLg8MK~_+@_KTD;@RB+!~2Rev9MP8?%MEa~Fagno()~E;Ec> zFV+@=x1E_~S7R(ZT2ENbj~mslRwrg#L=oMBDJe(KNPaP`ystC6?%V97)a3B_xLUO6G4aJ(8Oo#5U5K~tDOgW ze@CzU_L*BHw@OLHBBqrB=H+^_k0sI9-JmS{(*l>DBB{h7Qup_CoY>gf%_ zI(MNk!#xI>UcDj-ecxVL@=N<4X~A3Tymx9wJ-e<{hVujsSC0ocbKdZ@-7tAd$*T*x zk^A!Lbgf2?WJ==(c_udv8>c15fi@d+C@5`M?u_-Z75XatS{}KvdaZP^iPF>dj6-j> znSMkyzOHy-s#=C%qiv?f*s-;SH1Az0Z!Hsc{KsEEEV!MXE|wjzhnSAcnh2u6{1pf1 za~?eiY0e6edY;g8QeP{?`+dlP_oxN&!psr%=rKPTT&B!pu^!3upUW>=b{brKUnEuT z6WnQpwyf)AYv6(YB+QIczQge&b&W2g<8$?Htx(?%KGbm45R{WCWLc(0PqufZvb{`W zzIUY&Z6A{sFnfuzlD7Sd#K*b5G#3eJdh<0?IlMq*wV?^ulO)!T_Mc?HITaSqe^ur= zy7#L7-OZ(d=~O?oN_s(*r2n>E?u53YBffdHPtEuHV|J|gkhx7`0FiOsH8aRD$Gmy_ z%WEYV7;$EwKzoZa5$5p{a{Edg8O=jhgL@z`Gef0mT<-7oSlLfd*oHI)J%U}Q$|#t| zP1nk=cSxYg1I=3#gVKu)Hd^x3N?6nS&xbFDM(%|kou`r~n8P2#c>-m|(bhF&i7Cly zvYdbIP@D$bw>%m)g&^NP@{cpuUT0v_k7rD4e!0-Ry`?DQB+(BEwu&Oi6dRwdUYDH? zhLoEgysR@T5%4}C{R>*R(WU;2b`!3p%w=_Nsqs2A$G4$m**xoQaDvc;WnLUv#A(X2 zMrU3T?_^fdAY~%Sp?{H+9G9DRaYHwpMfHACD-Ev>;#bj5yvX*3=$+Z^Y^V=6SWa(}2KQBvMfLd!Aj% zay@w*kqe9ea%v!Kvw#asx|Lq}>s;yC+3#l~J4ZF~b=US427i(K`O@aYcQYr;^`2I$ zP@*NqZ@WBBOV&oU{XJ|_rp9k#{CS{2i%-0vc2Z)NkUzQx4?{G$G<;6-M<>>_H;2|_ z8&@ym;p6hrc%}DUagJjMBt)+$ee0L5#etET@pd-R?X}}LxET~ueg5cOj?;tzX-c-(HXQnIHc8TyEo6rDZ~)yhl-x>PsgHo%NuO9>_Xc7Ew(k z;I6OLt@KF4z+)diLPVqnE_b}PEVCS01dD~$NQHfAm5XsjnKGA;{(Ysin|)%Fu={5= zEGl1_)B6$1yF|XjwWYT=hMI43bt^b;=O%K^y}Obyv#wL$qez(bOA~iCG`1JEDoOI{ zj-RdRZ!(KgB6Qw?M~K@LOq+`h3&zPu;V8LwJrqKXhky~HR2d|A#_-J0i{g#ij*BTTp>;%7!w>@>@qSzbd?luIOLg<Emvt|@}(Z~`h z{!DM{hkR2*T<7_J;PN4TuDu7?vjg5gv-Bi-&Kh0(T#m{9=F!))!e_cV*?d89mQf05WHEYGSeb;7VBR^;+EMBYc_H6cuaLE)D%@j>H{ ztFi{&qAGMwIqHhmN+J6E*{b{fW1hsbBx(g;GD>T(L{G~kK+K3kj~`$M@lyu1*m?kD zLfs=M7vC3;++0lA?9APk7}uOvo7AZYWR+p{VT3AA>K56Ss=*?QLl*E_2o=7&oDwdl zIun{^3kpMi^}A$*V9C|Ud3JMm#oyGmsp#+#xy3?kjGOGfg530v(Z1vGXkQQd&^+82$r7@AWfEsBKmX?A%_jNw1tWf*xujS+qFxM! zKA}EpXvA*<8TuQeUeNaKGM}N(gG8Q-*_eG>uhfnR{aWw$;+9u)Qod;s4t2a}pa?G~ zV5^+p8sWCggh&#pjq|cxg1_ni2@ul(8p{*FsAWS%PQ(x5A?aJfI{b6KNegjyTjd2P z=f)rHC>Lt0JPGeJib_1;WUop_^CJk?WhS4TzlpZr5@}r3mEQdQ@uN$!<}_wL9{Tpg zg|HufATCk7S5m)F=XfAOePnqWx$FU-IMI$j-RxqQ z%d+C$Y#Maw>ZLtD3Hi_MgBsmB{U(}thFaq(hN-S&bq8K&E;)7NhRix1oG-2!XY7)k zl7k1^p7+S&YfUD^Yput*4=o!qT<#`q49k#~)YP5Z)+Zw&OyQ(o>6b_RYirJ1Sz9wX;C>MCgbT5XQr?ml#&z;s;?_61uI_{=ih60bafNT&P^1Ro*>P)KC za2kZdXH(E#Wka!6n5Aj+55tu6@&SoIrobY8c-=`U!=U#unqsRR?33^MSz$^S-Faw- z_cRDsP`sUQvx-u0d@!5c|2P^YL_!TnYB`Re*f;TJzCrND)QEuM@z0#^#=7NtTU|TDDu9 zBJ&M4$@jrK?#%d`&pz8OSaN=OlmA~xe->Ddc(_}Wz1=Ua!%)`PQ%4Qji#qiH?X#}e6y(so zzrOc}S4oq9aPY=Vu5NEFsnUs~9*yj7nXR;w|Me;OaA_eT+XrrXbcfX~A4NvecPBd~WkFX@3}}jyWY&LoQO=v;RqnN*mVfBMp~~mfDQAhohQfNpy0ah< zTTF2w*86KCI^#+ue_a6>VI}Q-sr{GATqCh`EN3BU3|dCM-Bh`12xk>ybj@AeTwnQk zT@A7N>otx=pWAXal5~l*I3XW6t%tZg){HgaWR*1yDCUsg7RjHzATdfv$6I&IU}NLB*20Smy+<#9Ru zASUojlS?POe}8*##ZjH;IG0jss#`>DW=$^duP98?6Q+;?7L>N)*=sUK%u_EHnYgDK z7YBd-GV^Ieu4q#*Prh!op;oJPT&s2ej`*-sBmG;3{@NtFdbZCD-!&%J%zkBY%Fi_a zuWF^uw)GGU247)b#*#cE@rf zGj96aeEIVJ?9H|1hT$~Ou>*d0_*i^Iixwe16RxF*^)GVfT<)2TPnH+)=mkun(b{Tc zOPyvJants)r4-S)`6<)auZk+=OKL%UqCPCz%|X;64W}?Ey%-(>AEqd6zoDpqy+@NA zJY!-Er(3jyT*srno46Z7uiKxM7wlyl9jDetP0z_CX>LT!2^M!z;^xCqLeG(N@ctuB zTV=2Hay1oYwy2B2TJrtnn2N0Iq2-w%n_wrs^{pe}2X%w5trP^ie-SI3a9I8I^?OZR zqsR#V-1@0e`m6u&y$X0fZPWD=?q>ql^?#$Zo3(sZCSHOmD2I8?evd)&X~CLqlL+DJ zz_P;AJE^w{VrJ|{EMLXJ)*H!u&l3{w_Dx@2jk?Qlrcqyw&GC*($X6WJe=6#ugVcZ< z9v(DWl51C}cOMgcpx5XOy~h_(6=p${rSR)`g}%nax|Y6$_{8$3q5H$+&So^hIU}f^ zW{?#`w9UoN{>H>Mr=%jyNX&PM4G{+!*V01cw7Xx6%w*2zSN~{7&ZPj~fB->vAAI4w zqtL@ly9Oy^l`|&-FGq+^4b}O~xqFr;9zeiB#I8K?Jb{^@hnb&<4cT;>DBOB|!BveS z&}vAzdZOWS64T>+dAXmGzI$@(MsD`WHT4=QZ+XX-LU4(xv+((um=_!85yIVrxmK$a zv57b*5-!-Nb;)bN#vrJCu>;|jshKMEzLcqPd1J)7RB2b#9VKw0bM3Yz3gyYRcjpVl``NpK#iVuLI22SUMZo2q415I8<`1>^ zHW*Bk2~zcLmq}HyG2s`_{!K68GS0;~>t@je1RCcr8#S~NIPWp<>pDeV(4wB?r|t_& z?3smbD|`zY>zSK_X6SVliYpb2xQ!H`Ew^4prpZqiqy;9fPQ+~?2B7wsgeayBT{LNY z!@+7GheE2f-n+xzG3T_|y8LXimbxlP+m09YAvuh!i~+|I72;BxzqApjy!(tU-$9<# zftRHYkr$$pF0<`jeQQ&Ie!bixJ{f5OQ8 zSfY0)Dg?Srw9sPT7r}SetrnliD^<1GAIcQ|;*`Oc+&kV8MJ zyzzQ!@Uih5orBc-KQ)kjHTtq|8y94SUzdE$x>k{EGC3TM6Cg=kvnf7~OkhU|ja?Kk zES|WT0i|e(i_OA1YG!AD3r2l>jJ&dzDZkKflh6?z=%kfRPc^hYo%XFzigB4hlr==R z;qgwmP~6-&vZWf$jw>`LvP}--;@0{*Y62uq#Fqvi@-U-Lg-j#3xct2Vi~e|IQTr72 zMfZa}`#v10Z8AD7U%%uf(!9}5hnz4{te9oZ+^{IA{dw99Fd<4!+ldiV-U2_EcMML# zS?%-0a&rBoQ0&=!=>U!)mpD?Q3Y%lKc9#HP!B%-&Dl0`7d|y2ee~q#|(D+L2tz-2Y zfUsxO_Ucw72dI$PH{T)|G>9J`KdqU9P?k$&N{=75D4l|=jI$G!r;?=oTqQsA!PC`T zN-JHeKI@0*S?j_*EHTygudbcs%9%pyNRMB~=$I;2=(BQ32@g^qg$(eF-2LJ-s738# zC>!S)ne{Y`z$@eB3>~s1?T?XFVENDK$!VV>yJQJA?zpw_6>Bp$BdXq)#=|0u_14{| z=PHCv&lS0~UsM{^G}m%m>XVnbYd#ml4|@7?lOXxq%nyGm6kiv3#;KpO=(rw1$v~7Y zI<|6;4$dLw@!ZZA_0+y%f*I~FhIWnxU$hh)TAV-Ym_oQgE_3qLuh?9E?bbEh-1?SF z)~%d4-IFFeR#^NJMSi#=jh4QAOu$s9fZd?6(&^ysil6{TjGP*mZl+!32=q;y{6lED zPhIY#&_^luKQ5>z4DubzKv`HYE(|?3xLh(?(|m-|RX=-oZ4FO$EggnU$&4VHtSy!a zq~+r%p$Qz*o#4$S(xmZik+#wBWf=mX971tj(IN*%=3-gyLd%$W>iyRNu?BH#r?60r z&^0qbW13~CdW|!PT3lBts*rhB>x?x*t57D%m&YS%vZaBtsU}f zjxaDPqpX(IY2k&6g9@8Ow8B+`H=iO~W`^755c09)f@yfcbdU^z>^j}l_z>``qn+xO{_Xg|EUBQOD-8^(%Y;a}FKm$>R&&;?i#1 zq^OlaZBJ}IHgs(KZkoycf4dquV{Gl3MG~p*ckDG(SwggoS)V zv+y%)6tyfPphaSYLY~L@3a&_b6jjnw$!rvLIp?zC*|$8|jW9ePBthscvTu;1l{hM= z|JOXr=GTtT7_d~Zpu2CcmuB$w{bi{q?WI4Sy@JM5TTPmuQNA9oqUb`azu86DEjIla z3SHj3J<{(wP53pwqTfpmK({aScb#Z=1l%ZrIu2_H0&ogdNe<{3rhXd7Ez5vu62y%_ z*PKOouwu0*xk5Jjs9C<<|S?wHb!%%JPu+m}=y4_KNLZx*my3XiRz z3==L*poRq}AdQD8U2itm4i`hdCP47D!O@KxfD!iPw#}6RQ!;u1{5vI+-569ZLz;GM zbuF#qZYaUob)uqB2rRW@yo(J1?~7iT5-nZ4Y$JkBjOqhi3xayl13KRivqnJ3V5X2< z3x`1m)|azw_248M4~r{0^VAg9Xj#cWLZtj@!0 zr)%9t+8iBnWthiHB_SrgFxf;NX6S^?x=JGDtv>&P)@aV`oF{HL4F^YWw!nTt-y?;5 zakds?(z%kPjrYfbcO?G>WgljY>IoJEyujc;=uy;sX2xwGUS`o$KBJ&jYoV*@YV`TP z`s8$*FBm3Fhba26jiRjASLVol6Wg6N&3A>ACF-K5hR6FCgsO?~&kMT#gjt7a7%7-P)q!u!3Udu2q7pG6$e!rODD^31Rb(bEi z*AOL00Q03R4|B8x1-6Y(ttELNf}8XqnuSs7Q~E*W+np=l2#ERhBx~|{Gp+hmFYTgl zWfY>+c>7!ED_=zKO27zK4U4D;y)m6T48agLxa(#Ag1G0ky+Nv}W8iQ>v;XV?==+t; zR{eE3#4JV4?)c%o|AmnXHWN$KBoNZ|u}>51l|rcSiRw^sk&~ z-?A~wwn2;tzHLNpqbZ0c6ud~3%+Y?jIRv*}@r_*OmTj=`dD2*J6FOu2#Vy~HT#I=9$M)S(+Jrl47OK9RH%?+|tr;%xIo^@~Z z)Z3E2q!8?CdR_OvaOK1ynsBw-!);v+jgr2InzK732YI9W zBV5-@rdHYY*^{~JSun`J4!Ne$=;qI=*Vgcp`eoC#sY816TQa?rEW`+<@sAU}T z2t*@sKIJ2|jhzPV1R0WN>w?(xF-?!0=_@6<4(dL#z_8Pn*+xrIt?>8XqU8ns%9ysY=9}YN^dcUo=ws*jsQH(Byrl66ZK%uCx>`gWQFPsxXJoVRxqPH5B|8AB z?6LU@-b5iuCZ)|sFT_be{cg97GglRNEqcMk*eNbHYR|93)0}zUg#IJe5rFQ!Ev)*u z+w%Si{(khdhYQbnGHPbodc+~%J5j!$MdB>xNT@n#!ZejV9@Ic<7L(;^uH%Z=EFtT68Y+=$elD2|Y4v?&jcX6EbX}`Tnu?e?8ofB=B;*3Lf;ko31^cr<<_~Qk-R%^m2a4ZFpYxA`(0J(}rK&@akN; zb!_*IY|m?FUN}*H!q9u`==ITiMixE>bt4Clo*s6sC)iUKo11;+28C18gwNL3dQD@! zdSy}F7p6C}N^eJ=9GM@fC{~HP=*V;U=Z~2tr_{B#{sOiN~ zuimQ6=TZeS$2)iRADi$)Z0kTpYb1O4!l*|(7m)YdqyWtlp+|bLl9uHL$rSFn@kT`L zm@IKXk1(AUEHZR)=tEX1NP-OYfRrmuYk|EDL<94H@2?iIsLNVePP#wdP)h~61oisB z-|y*Rqi;QY0Wp-jBIW%nMl)`Q?a>akM-H(i2>AHR2CV+hf>m@&&{AHsq`6pxuEy$M zp3eDUh)QK!^~}NY3$ab(0dvLA66v|Twc9oWZAT@ijIKNK68_G zmsts(eV8$!hiyV4a6o+E0@8ka7D2Z1^sNHYbF?qkaj?WfdTy-VPoVzyhr=3OCbBY1 zEysQPRQN~KAdPIZpL{`5v`Q!Q&Pb6-#eBS;W*MMN9?un3^pwL_e!>kRkrp5tBt-{r zer#HsjQpm24!o=-Q#DYPl+h$9l{Nb7PC^_^@|*6QGXCyTW_!)LLUGkFXFRteLD;AH$AT;9Tp4*HkvJ-u)UMpAk+w7ahA*f{imaq@_?p z-eIWG@>};!tvTrvnwL9;27yV&$a??MuKyNtxCmIJFUa7g*egZLZQMt!bYGuxx{=FQ z8B8HuuixIHs9|2*O;jNHVxpTj@esvP=k2+75BI_5hs&ygG=RRTpa|c;@8FR`YT0~m z=#QReJH-|7>osZ2Zz5s2_vqi#=3yX8Dn|PU?u|uj)h(hpuS$jzIkY(@~8vc``|MQzumt5)z)rv9l zG`-lTv*C|qwss_MX@{TKA7;F|ghA^HU&S23(~=&yM&Hx(m^*z=ZtS`pQ=r=*UkMz- z`{+mZXDa=CHdbdm26b~OBm(E`+Dx-l85txwYW6Wn@*YyO3@JJuSoO$wsIaujNh3w# zXhovh*f*XN4HoS0oQ%{W$XI8H^Y9xhZ1Mh_!@72^K%n#bGld9*JC7++KC@YrTn-}) z90=5uICg?>nh*IA_bxVm2 zuT|V_@GXbS?rxjx>0?KFe+%vJyjt-!zlD_6alTJRDUU(V( zvrq0qNR_Q05SoyHt%?%53d2_FlIxPL+T5vwh^&eu>ak9R31xiy{$4^9 zni$yd%VUAeqC8uMrjFUX-!{z(MgljuH5qOZ;Fv8P_Es)w-y@hnxSIq|S8Ovr(af|f zQ8@GpCf2Gdg>6A<_%6LH{L6P`DG%dZPNDl9l_7~Ij_-2V`ul0tQT*f~1jY#_ZxD++ zP)nr2nyDnKv}{t?#n8l-S?z40lDFsBW(F*olaT{Z##@>H`tXjyJX4RGF`#;HGqjv0-+ zWJIcQp?|1ZH_C6E`3%g|4J;ylYiA-`GMk>B?!8wB6V)VLH7N;=Vyp8doNjuUe0gX- z|51M8skv)548MTy6Fa0gGFWOUzp6GRGyTfz16hmj4Uhk~hp%cc;(l=N8V>k=r}(U! z@PqLQ7t`I+R261hM){t$^oe(k&*0Kbt#NrenWAd2E>p;jX)r$+L)L+SM=f}7yK@x` zH`pUNbwv96qvI|;uWp<*BiJ7{%_-`C!l&O=(Pfwxxa;L>S?;a7io~De+}^q$U-emq z0T&nsypQZ0}&7Ld=CUHpdklJN|Ve|t0|yQQsfxC zfYT1Qt39xAvU^9+|Hn5x1(1VZz12CZ-z)qmr~Oe*i6iuEGjB506~o!=q+VW%6Nc}a z5P}hO2vwnoYlK~H=79po-rGJKu1VuB_Ur~Q0OMus#&|T4q~HNi*h%uD(&BEbbOb0& zkh&r&xvOVdHRyCqN1K@&ccCinYyheXS9`m@?Ya}&bpQZ8w&hlLz{@{PCjdNG+$RqS z-F>G~fahANlrOu%=l|K4Nd8WSe|tzz!wwv(hU$aQIK<}LINi*z_UJ+J!SIh6wS2XV6 z^fYg@wncHGM5KWlFa%lSI(E6KM}B*=QbY8r{pXiONEPhQsjYUN;7WGOz^jEqQME8! zb#=D{?$OmJ7@%%-Ep6Ix8kB;*x%YlAP4?;1m!*QPQZIWs|90y6Ox;HJz@p>@*re!A zsTj>(M2`tD>X;T93gZxqjRfG2y9bmJz_DmZ03Xw&lHQYYy|?^nCxD6coPJr9`o$(( z+jB0n+0&x7Pg2;BMOWRxqDBJ!@#ty;kk3^EHSCCEZmK;5$Wv;mrADRDZ-P4YGKwKv zPx;Yz>(}Nhdgrmur5Y1LFDfq?eA>OVAE9+ufhCYj=gMyU%H*iK|HmPdCW5!UO-iAS z^WXt0a?t^TsYa=+tiOPCx+>LY&_p6|?KdA&qf$7NVTJwAG}DmlDD7NLF6W^V3+%Oi zb)UYAF!jBE4a@_DlY5gAR8LNwNE!nI@iz`SV(uWv_cfe5;1B4N#ECSmSxW;~<1$!e zlD%xy5@l~s>th;Pe0fyAzNy(0(rtDNTOhM;P^m1O2SEFXof8>AgrhSwtvW!Ct^i@ZC4i2s zrm6B0CACr{gg@Wq@fpy09UVbS<9HA0yS;m`=ld2KvA{4-tbg)Ugz!EJ=J{Qhd&v9a zg}_m<;YN5W4>ofa3=^N`Y-)Z+irHUzr-l?Vj# z`Xd4wO!cAA`ea^p&QmMPjth#ektStXnU|MH#F>8g_Qd@ z1v8r{@ekw1T-bpcw}~Re{jRxa6cR)?zBJJ~6hXk7NO=AHeC05kaG@&hh^d@;y)QxAs7$1aoxXc8 zvE5F^+{Q9%XZ%n1us|){_v%p%1kc=1DNo`H*SeXUi;Cp5?alTcAbor`7O&9oBUbH$ zN~LKvHeE6FnJ-w}^NT@zl-=pA>K2&nlKVweR5qLm#$OQ|}j=i~@yj zH!!5yO8>#n-xcY(*d8U@U&d8B9^apTE0ex^Q>5F$p)Hz+r{zt{Dv1AFlQ|N!6W*of;^?(Wx`f(1lCg6=X`DNq7rQO*bUdCbuTJ-G;5jo<4-*d<=*cW_3q-uHv7=PFOT-o@hcnOIw^L7p9Ye0Z2bY7oN zrpiITBC{hs6v;*!ap2Lj=>FxTviOl%{*~MVkd75sO381M!^Ap&IjckyTuQ#lGpVrW zND`1orE~PzewlaB9Z)M0(GrMO6ER2S!e;+wCK5v5E$2T!apewIawcC^G8d+!d_(_p zYzWggP^w_jc_yqfD`0!AU0&S?Zq+S5bcB8nac&4wm?Zaj8O+--rEoUC`QfYc(gu$~ z#`)2RI)UE;{pF3763+eO(Jr5}RwnANWkhP-g>%Zju>aL1_gYy53S_fSPXez9OO^Ix z>hksZ^nxTIa_Ro10!_5+)H5+vg0h8fqj@LaeoGK-dTQ_;tTH#MC^4<$TzrU$HSVr- zy5woVh*he~x|-0=$6jLal-=gxUo?v7aRDiv0@vB!+(3RTb_IJqS?$Yw!TxVxvc*Nh zdnABQs{xf4*wv>f$zR7W159ZqrG^}Itd{atNi$t~0|cEoASyg9XO(%}MfP)&Snf?Z zhbaPHdJt{=6t+E}F0noG_D839isfG=I>2-lX`no9Yn8vBp-k$v1jjX{+}?Iu#?XUD z87b$c;_g+9*cU9q3#N$PzhgCPiHpHBiPe*y<}G6B>u9Jl{ec<1t5T!A)`gkzi2XEZE=PH0hPxEH!3%yRl`qdq{)pLn!&2vRezUPUIB$Vg+NX&NtHN> z?3ye*HTxMYD;>DcAg$hHFowCL3oAkV+u43#1pp~gzIYdI%NyJ;S{hnBc=wdd-%;$I zL;7q0@Z5fp^Y;`1kVilXK&OKY9Dg}H8eO6T0MCir$-aNJ3?N+k5pXAt3%36S^ll$h zh&N<&#Qtp!0DX#rJK4p={1^T^aT_$PljXQWs7k|Nbo)C&d19jC&4d5{CH@ds|0hSn z3Dt2n^Cm+Bm4qXG7V90ZbnGvpRrUdnU>ML&E{(*&!&HAjt`NW~UJWXJhMfj~Ot1*9 zw!gmmw<~#kT!1m5;{Mlja|8Ktpg!!%)C1a7cE(i~Q|BzV%PoVc;#u`RbM~NkPuOOA zbEP+Y`G(ieN1`=G)E|7oNgn_SsoiOaBe^4F3T6UoLt*p2j z>*NcZqDe1WRzsZ)xI0@QqJNVB3NpQU6Ur} zg@Vo#U7}00Ea?qBxBojDlE49|tLo#s_WQe{f@6-JwW?K=_~4t@O5s?5{Ak`>#4c?n z$EN)`jj6O3>`WfYRF3u@k-)joiml24I=r4KknjzFhCA5t<0H!kTVOqVU{@+T->|RtzjuF)qnCS4UF#p&j0W_f;6vPf-eKI{D+SDMfQPwzCMl}3&J&{)_^d! z#cJiWpe%zp60uGU6)olVsOjz$REKx|il#i(n>b*dAv;D%0jO($t3lVfu0KaSUfZd6Su&P$=OqBN2J==O3K zqDBO>}tMI3?bYp`9?i7)G*qr?a_{9HvUfDM?1yDj%hN(v;rE@c%>U0`000#uJf47( z)i1gs`UvO*u<$E-vmyFn7Iofb5-_ZB;9l2D$~VS8)$Csc5%7m>Cjh7#U zXg-_tdPCQ$w2;G07}BG>2FUTylqd+ZZ` zq8I!ofY2YyEs$~!w-0c6UU*Shy|WU5)(M6e9%kJ5^@%=T_J!%sf{&5jPriazpSf*f z!=Th%zXVM_A( ze|z^Zhhx&K=Z1r$xz*vnDW`i$huFrJEuwC!`Io+(jBw9z1rethlR8B!PLXmsoSDZJ zu)abSHP>*^{w(G(NNI6Xe!;%z3##EvT&I)2aQ8c);TIbluA51#IU#5(<-~Q&(~se2 zJn#N4mQPmfHXK@!O>DGR6rY;SWdQmsLMCR~&)RHcH@jMN2$bBbNvIhx$@DGh3LE!&*trrpQap>=N;8g_qL%I*bf4MZ^-Sp2qEO)*qR01;% z`P<#mJ#^9pIIEk7E{yr_TcyVUVD>mm3%6?y6x;v^Pdu3J)NUH_CJlDR%E5NS&Y$2u zn9V)+)^^>9Q3W)7ccXGgAt=ocrzZn`&v1qQ!S`J^61V^wK0DJd@%PL9-}nM~7AM-b zK`Ih^7}9VLAe<^1I{`$$^#zjZZM!yzNbftI=P8y=TOA`s>OPT1y|knO9)i(4rhFfb z(gUkY84zb0Z168VGOyj-4P7f8JF#SfV)-Jw@ zZa<@1dS6d`Vtl;q1v03D#(~L;7BOq^FC&2YQVntf*l+Jci)n&T(cNiGUTtGwo|7UK zb%pPO932UJ=+E5q8}$eW<;HpXU97PHOo(>-3Vwch^1S(&H+(iSdI>XK0IB zW;a?EcksxmdjNbeeW-Bk&$06LMp^ilGnQ8 ztIZ~sUFC!+2fH3%pBy`{suS}i5KtP$pqmxrnK(pSnl_i!z#bKEX>ifE^HT1xjxv`W zn7S2UDaL_RmMxV+t^p`x3>~Qkl;9M%A91X>pOrJ{w3P&<>hZN~wQ&yjqb}^p>v(&Hj zH}i(`0PeCS&ijJWjHq&ueV?i1pB>1bQrVppVac=IA8{u>!VFMY1W*%tCG};Y>}%G1 z+JM>Koe}waHi4v?Ds3N;4)EDuR81 zNCta8TE-fbR!93RjyH}ze-$vBPXe1Wpq%5Jt@?(5KXwMVA_p+tqJ#`+V}LJEYnXv; zZu;OC{;M6oy|?*P8*%>|4NG5aEGsRvdt(`UKMK}=)K=vJ5n=4M6n}^!_v&;fn1(t|emy z2+!C?0RLV;cLBK@OHOg8c;F7ZDsLI7J@WaJAaNUS@E#i;0*P;D8jU#*XoN#S7h-Ag z$UR)H77qgWZ4HE4LTPpE_un6xYe2n!ZUx^P5HxSUQ8%#z)YU>k z)%9JlT}`&Q%kY&aUqM?FVMjSnVq>%oo*-d><+f_`{qTrE@kfEVwaIr{T(Z}Q40e~v zlm!`U|M}IaSUO_#wbhmIIFo89@015tVE)2p32{;#FTvFS1Aq-UgpXqFfqLKYc#@#PTb3?sh zM>tqJ@mdw{{KkCPGp=dG{oR?`7KbjId_D2t5h)(zoy8ho8J=4JtceIFj`e{|p#Z`mlV2>f0 zw;-)jr4$Gh8VOjxiyB3#?-VS2q?Aws z0+N_wtu}vSSQSPcVdb;eEkyzr!b6b8Oxs>CM<$ixj_-oYd9(W?oN~M!69??e6W*+t zbnsE#J2pBfSrBBXH_()brv50@YHFcB!H4to$p07@i?D>e{kB&c3>*RME>#T#Ph%HM zi5dems%|C>u?x!>pcSHG_4Af9KTpvSYuOp@roK#JD_6sP2HXI(EQ;GHNSl|}YlE7*NPAqZ^MxAO5AWLNOQ`{oD; zYr5#71b3f^;rUxb&l4ft#o#HAO<>dd zR~kmsa05mGfE=~5Zrr_k;%9hj2CNSQlKSJ|T7+czTAclZv6^;`SVKoO?|Qjj8y<#w zJe0Lr&0>DALscD3-rS8a(OGTB_QmwJyK)PTA4Q&wRVhOOEHl{6(>w)Ig!XuI3DoY` z^_q_l^WgyY0U=di^k*k*hfY}&WMYXyYCtw|u49uJHo#!5aG8(_@;o-KD6^jI>lzaiW1|=X9oCkY` zr(VSs0rx^=N4DXsBKohiQtJSSIL!X;K2SL^xpI=7Az6AwhPW!7n0-LI47d%kqQLC2 zvP(THGiveguLg09@I0%C2cQhaW`4E$u0-4!0j|!5Ov7d$R`yTNA}H>#+5_{}c~JzZ zvIQ>aTlv}RfR0%m0jPBaEUY7PYJ~Uo*iUJuA4M&5)PfAM92h`O1c+X1Sy(?jqyg@f-m(n1rXe0GWjA##2IYC-voZkmbIz-{k`G%&dTr$1Y1ep`z@oVGpF5IOBPZ9|px` z9ZNB7T)qM=FP<6yqr6wRn}*-Q2q@z@#C;mNU?j(4 z?hq}Y%-5KJ5&_9w8{nQ1yC6*FzJ&}q1G=%RJTanw1aNPS*^*xR<7oz2W{{z8zAXIt zM*uPSTO^OxrbOzRW5&~vf*0K}Ef3EfI{|eowTC?*6g2@xCL!x_5}wJX_D}%D&6?0= zgAc?{2Lc9w@Q>FF05^!CsLY(%spAQFD$QK2^QmbMR(;MHh0yU%d z8-PihliwL@CWxjDlENKhQ6WOpGO?VW1^YzSMIkSuH6QBo6@h#K8Q%)WXp0K)=ickP zFGOeiaOM^=hu*)Ld2kX-(71>%UyG$m{u&o7zV~^d02(jd-1A`MUO()D;U&l`R$>k= zYyE@`K#h5pD(>A?c(aA-9I^32mf6`kq?%>Wh`uX)7%^IG$T4GIQQ-n0i|t9Lf~+>0 z)N`*QEO>!#Ar=EM@g>NQsa;FxdKfABDFvZ>UM9p>n?z917fxjJeH z7$k$$2|9S{_|P7>xGdsU#sB&)gD-OjCP>TqykFFa*(BnVlV-P=Jh^w!WSrG1?kx^k=#rt z-6l#_zcP-D+x3=N7rQpO<>Kxr%AlP2^=r=rnb3aJexaRyiJn$-) z?infQeTWQ6b*8=*quIUg5k1Eqhh}?@Q^`r=QIW9e0X4pi7j(s6E^vW0G^1CGo+zfh zpS_EmC^2q}$}vtEjnH>-s4P3P2z>W?xE!amDo z=~?)un{7o%m8XD=fvmapQ#`{%0kFkHL$uk5JJ?V$_Y6X5xsuUCfqb>9^%Q=cyZ|kk zw8#jF7^iZOaG3vIV*c!c{urC`a8DL9#r`2yz=S@~O~)ZgndStdaa)Nn`e9VIl6xg= zB|k>ER!{||ka@8tD7KuN+<-UIq1RH0H8Hvu^OdvR#_;5LHI39y zQ8kL(@xwWCc(En5n?lZY_SbJ9#T`SOZ%6H#0)eXJTfPhpJi+EKDZqD8rGSAcy$H%y9rMV#(NcJK`L4~`=^hF&?AvUX!35eI zUR(hs{>FILsJtp(?dVQyv7om%JU;DEUmbC~%7U*1sxtm!!%2!P_~0sG3hIlJky2e`@4jzard-@frv zOP!KUJ>ta0*FYbZq2|3`CbTgQZ`TPw!B;x?#q#is>_OC1ePlg9poZe1kM9}gTwL87 zaAQ$H>t%|6QeT@@DV6xc7S0mG`eUt0W&pUi24L$Eq?d0 z2s4RF?Yl#>B5R8N%4pUKz1QwKbU952*U!XFd|$c-<}O_!XBpwh(V5n?lE#E;zZ1Ze z^87~j!e&=i@u7D`Ge2XKgC#lb?@p8?lkXXh=-WLrC7XXh$OMG#l4)v4cCNE3JHILI z{EIHJr3_L6zS(a7Rn0_)FDW|n?)sm8>U=8js&NXNf20-&2p<4|fAKsC--%9vhkTa+ z!2EIiUzbnpY7o~sumErSGUcCHG^TK0yo=1&&ir4GmH~ZbzWw9R7>Nl7ob3bi57Phj z=ue=p(kgNPg-jmfYrFa=!~V-VX9j%@P2>H8z)RqFgs<&NWoP&!UXf&y27RTIGCuof zjB&sQ1}C8|`X_QC84CLPz`ymvpR@753-SB1hX3zE;IYAfozef%6CoLWIV+etb__W# zv2-7aGy@#p?~6ScfqJPt7V1O?dX;}4?C+=j03bPuSH+!5!ABY}Ty-=K_qlfLj;r)b zm6wFT?=1xx8mb0HC%mmRIAcXU^fHhv(V}|hxJkgGBm#g^H}m!DV^C%C@{`V^BO}?0 z84mTrK1UZs_NGRW-*n$(!d!5Z?q=u-REzI3n8PxdoabPj6m`S z28ueYtP3@daf?8ibqR_qte*sUSeYIiNX16s;oRLN3EYGIPXvXZ4jESf{b4U5yh5kw zET2XScntt>`kX;AV8$0I@8z-54BM)4vk~B}UJ&5W9s#VPR{J|e2Nyw(zY<@AcRvw%%q;vWxC0 zEV!eKvtaXJ+qXQwh{inDpiVzt@N0Qyrh?$#oIjF>X)I_784$=sq5ymUvv*MG=3K`l z@Vza}lU_Z&WH~Mj7M)gPB{LG=rI|+0J(z_5aZDAXkX;g<_bWx|VK(?}dz&iw5vUGB z#hHW>a|@6j0olMY?>)FVzOWRy#p~;553GvQu`<{2s43Lf%|3iDTf}wE#=aTr@>CVk zH^g0!jM#JeJKfD>c;wPoE1Ce;m8^^5ph3NaWL z3~ID8o{u{7Sd|&qu+?KydoK7iNJ`6H&Q;F|wJmMGDs@RIj`#CasijsWVD;+Qvg|kz z0|IV!02yu%_qp7>k6WF~QvDlK-*o}??kJEBGzXJX1-M{rebcc>ZfzI&-JSY&z@~E$ z(61Jv2BkG`)YT(rIarwKI@@ zX2>OjbgALdEOU zpFIWW^ZHn#y^nQ%u>sFZ#88etw6p;|veUolx$bQaNLqQQMpsP91q>*HEtPsR&C69R zHv9I|=hS2oAw{lA_#OVl!j!$0f^q}Jo&?vb{9=aKgeP&A&5C)N+#o#MSIDpR_b46X zcGu3xR_^uX`qxthv{CKfL~){+(NdpNUM-wGRtV(Qe?#tE=<)Y<*xr?lSDT z*XX*wH1hdi6mI7=6mSt`+TI@I`C`V?z7TVVt1?TzT6cT#T~onQ^5`V`hqm_v)ycjH z5)DIJU&)30uL%fsc>1C0Y@nn!v3LpGMN_v^8tqVT3)j}yTooD(5vn%8)yHh1?D09> zRQuzj1D|D(w6?Zgo2osI3vfySTU5LRUvL9oA3|rRRL-^q*3Zx<-y8+%vEAhBULamn z+>7Tk4`tLU__+a;M7KJkq)%-F`E4XX16+K~*KictLLMMLN4MfT z*4uDCkR^;ppbOh1gTib8cpn(2a_R z48B@+yr;i5L+XhHc+$?ofXc)gyuN;h{86DV?pQqRILEjIQR)NWEgOLKk7UVH)AE^p zWbDc_A=!YvDKIWMyu$FI-f2b6Pzk+O1!xFL!YeF>=JEJ4ayzSjj`eJZyg*1}wp>ur zHX9tr;Cu9nF|K>Jyia`FP)iTI>7d0Dr`}{`KCFFpHq*eB%CU^Ac|5+iMR@AWrT5I?m!(!BSRu@g?DBHE6B%JXNWxq@JDK%o zLKm|8wXKKq=&L-?p)yp__FYk7;OHGrz@X-sgJ22FxJ^BJB%ZtGM>Vb8wfQDLuBxRJ z$X`q8$D3g$*vdM)?ie+ku2cwNhjE**G}#Q<)@>QoNMR+0sP-FrdH18JCuUd7&TiEK z1cRr11~Mn@5*JR_1zl-gBb*iksE#9?C-;e<&(Yma)>c4qqRe)U+B9EAi%3@jyCS>x zOrG%wz@-?UX9yzdolSQ@rr;D3+SSLbxngQ(%N{lQc|>)0Z^Nsz1NT1Bf5ubMA3i z9F6xWZ8dRf$Bcaqvd7%$N1%qo=Yx5C#(mKFpTt!z_Y%5$-sj86W4vJn{l3Zoo;g(7U`7Vx)-Y^W<*j&DQPKFyqLcN&%{2nvoZvaP0y)YVTi=ef^z){22bQ&32ih0h&TN}UaH)SKoCG4snVmUF;%q4 zPAe(Tj^7+$oGiSl-)M}MmdYZ0LL}Ki@2dB50^2nCf@U{AMUg8ZlR)_t{9q|{y$>&@ zUV5F+ERJwUBf>uwKz2{K2R23l)cnKy?!?F_F5W!lRWpVI9$UhO5ha-dT8FZzPzGVLiwl zj$#>R*4`*Yn}Eu#<6{ydDt@0Ok(tdVpn3fgr{xYiS3=TX43y>Y$_McGIo8+>_)k~E zvQ;O?o=q4v(aiogp(Ekuj_ZctpiM(bq| zReTGrB2Gbgo+(_0sj`^!3Owsn7(nDn_E2kQ_d-l#zpGae3@Qqdxja(+;I*FR-{vNJ z3Kp%s>o_xiwZ>4AXcuL_=Pc%BcsLC^#!h190DmetMJ|B5%9( z#@!Y3VuJ1=o`|g$q-0NbzNERAnE~C?5UZfMSja+37Ob^i)WvTk=}GP8`f7$jnw;x! z)VC0EeK_I5qW~udNAHQ62Vy9%^;{$sEdK&2wOy#FnppnaH~NLXm9zkje72o->evI( zEe)dr2@m=T{jyd6b4k8F_Io{!=X~{5Qh(|-q#{10NcctqO;`Pfq2oBjbhSOi{xboj zPvsJWQsu#&VeQGl?iTAa!0(ncY+X@Kk77Rs^{A%&2=HzpH7X)4#3qbamna~}gN{nl z@;J?-Z%4XO2QjN|pBL~75$7RG)z1EuR)K>%;PFbnXiFdmsT}EnB#YSXOaE*%bM@#yX7J(8jg-f^MyGMOy}_x$*Tf zXY6OO<|a~^&Ad@Wvq;O(1vOGU735Lb+R-+uxu@HvJj@I=XfM*w_qeMWNNZ1r>)x}yZ>~k%^v>jGTy3dl= zq2^Eyye8D6 zkbooULvXOS$~6NcX}^#ys5GCKD1LPXjx<`rJgD9nC=5%91F8;;LGsePSewklWlY+xwmjtNtYK|m+7%eGoCxjlSKJ8AQC~n zlX0uXU`4}6=8ND@^Mrd~i!$9HW4b}Xk zr^!zCu(oSIL^M^XA$CLxh|kFa)**?skiR_c2G3nI*Sy4#NLgd0ROmr2pjYX-E@-!J zFKc?5saxw(2&kzY$J%xWpk3ua_p7O;m+y32 zj<79|RpX^pI`kAa_^A^~Amo+0VNE2-QS8rv?&5f@QJlYM$zi!%8c_RfH#^Uquc6C+ zKgFYv;VE4Cg_hX!?n2|bx}3!aRy>MC!J7f)-^$fCpefyWy#HJ}iMZyP(Rn+Sm@)Ib zJBSx#IUDQZMB{S0`a*)5)#o)iM%(k1k>xuEj_(9u+EUOXs`U;VvwA&wcF7`dR7J{4IKJ=f_6lVqobVQ7XFWZ;$6ql~cLu%4JL zPomO8irLSBO3Et}8bzdf>K?DVy-<~>r}R>_r>aObaYiIXqy2OB>&Jnqr}H0trBN!F zo{Kds(xv14uAP`#X^WW<4Ys}{`BT!5iC2^0Gn8&6iSqr~M-o?}`RLBGb~*BfSsVVq z>j(7>XuPB`*q0V-Ops5oNgW>BvWl~GzNmX&){#X(n}7N9aK9@E zs$mGk_XlS#eOL0EaJ_7n({ZX&?UIHrjjyU7Q@Q^`A|}$SHf7p|*jBEhmu@e+$jOeE zGnU;`K1DjaeWrTLQ(pjTGKLE)eyWvaM!Qx{6fEjl`dEiMHP_uDi$;x=zJtX0Kn5Z2 z6xD0FS3<6ss)YM)_dLQrl%2h!ds#xjKExHWgW$Bu(Il zB_vT85@UiJPVBg65j=ZjkuOg|LgnQ%yXa`OTy%AUIKrQ~C#Y~eQ`1#ClfoQ>KgKK_9+b7TCv4M9uWPh(y-Y#cd^oHt$@zTL0@y+YU9SM>jF3dgF*31nnk*bRD`(oh*dSs z=C%(vbk{bSf93v+Rtvf`m6)Eqh(;X^bgy1=f-CKB>}+(5`&r9=U`i=xpxA~q*j764W6w&d2-XIfittL~D|Z3%(S{Kg#k` z0X;xAunUdxJHlVud4veoA+OGjn48e)M~}2B2MZS&IKD%}GBxd}SS%Od8WG2x84Qn! zIuT;F?=$Q2sD;Mr*p4pHk8TfJ(^{*-oo78^9jg=jmJCpF($Zk@_LwE35$4_T25^u3 zpklh+GgXx_4<1AS9Q%L$C;5$(H-~>NF`VT0zY-9}bApp!Yb)Ie%shyQ|NWoeM{3Z> z{;kY^e*bq%l8YplqRi|jRUQ8MCjK`}b42Im_?n2JzaEGG6kbbsCM$l@C5rA>!{F0* zw^ROuAMGD<{MI}0b<-kAEb@7BEjs7l9p_K@0uqr^7JZB0J*?onwOpVwUMQ1H(jZHI zMJ3@fbBb)>bCt9Bp7_yG#y!~ni>^RG^XcECU=llXttpWKCCUDu5&hi-za&bT#FW7# zSkB;o=H*}G3MK7VPncsQ$O}6$1paISDN7T?w#~`mc7WkJ9-Wp%pPaLAluWm66}(eI zPP8#!1KJ4nCCC*&F_-;uU~)pBedQI{wg>$HlyXm`OAZG_K( zHXacG~}T7I*q?WfkJd@Ln@p<&du0e?xlMe}PF{V31C9?7j+ zJTH+Ob!^!5n_=lyY2(AqddRHM7haD^nva$ZO5=~z4KDlj#LVc|jAe;hta8n*$P}UG z-gh1|WaF&EdPcivg`z~?P)J#x6}bB3$$vKBB^ka`i{ZEI!-Z)yb+b_UMn!fG%h(6^ zdV*l6Wl6q%> z{M?c*?}eC|0w`*-WFRKhJ4i&!JzPF&|CM4G($@XS6SMjzxg_?U-rEG&?c91~MXzCX zBNfJLC4ri9d`V%LUXibGa#Hr+p@NWLAV-3D0$6jVZ?*)GxVT5#EIng<%(^@DEEXWu2O>+=R+e1SNl{v- zEX6br(q?emPxH9V1%BFMpRqO!+?P0lU#i#4hpA^CX{=I5o{_aV9r^*V0F0bGNjSQ!hloo<=-tZ0_vq4oY)% z%aPjMVDk+kS*t>_mo^v0>97snazD^A&{0K+ZEbH^O${Ba9UiFeSB*hRs)bF! zsQ%epOk8Jl>4e7k1D%EigtQe2ROq3q;y-v*mu8i?4e+2r0rfQ&fV!hmXJHzP4U=z1x8@q0GoGZF zIsq<#x`V79B;yjccV@3VLO{@FLO}IJca_i`rzl%4IqzR5YtSHV0m=p$uS2U!nKV4q z_NtuRy@Q$3^0IE=q8FSH#O>~lEPjwLK*uvPkCRSRR&wvnEcA*Q%ZEv{jZEDi=RdP= zO+H26Ig|+$2#LZ3XB{tRQgss)}=o0{w8Kk z65f1pXezRjWnCBuaaxHVTK`z5)R-Y(Ra_zN%dm8M`V)`uOr0_|JH*ZXA&X&E6R^!A zFwzm23N%&FHQ2#JO41PStpSqOq ziZh1zN(_JSa0#1V-id@1cy((@Xw>Y?y*u7tb0@V~|B&Y%lWbQ%?$UI32sa?>8z!Mp zDL4mzE`L3V+jEtz%573E(Q(>$66wfTSze#4w>mLjf1`f1XTDSzxQY0O1JllP< zxOt+wg9GkczZ;!ku+GjCoYXx+eI{#sq6|j*>+pmSO(peGQfqN7k4-0#GZwebrtvc(z$JnUF1eAEMN3revukBoY0~fwH*Z zH%Js*fF2u=Wh`{hNw!Nh?Fkk8wnai(=v7WCGf8JvFY(dfnt5^JBO0Y>yD|Iw>@`!^ zzOc5yo5hK{s5wK|CQQ}$(x30H>URb3+jrj+*+WALEF&K#`YifR6gc{r*rtkdX62!# ztA*^28y7Ih^VK*@-aV)GUbN}~e-4^+boIJY=VEQZ_F}8G|Dc}53&i_>j9R!Bp<&NK z4wa#J@10JL8hEPLS8}+%^8&hRZ=0&=BAmf<`Ac2R=f>fzu0geCYQ$Pt`Wqenj3=Ld zpaKuZ-E)s)EE{*t@rk-=1{y;`K& zA?uVTte8K+d0yInrjJLvm zPrO{*F8cD``?bj4_czsLesg;78K&(-wpZB=Di^@f+6O4zDY^SvItF$Jiopd=0~8Pe zAAehSB)jXem9=M&TeoA!Ug3<4O_cKYCbQS2StwG;%z>CbyJr^THWbgs#L$t2925|#(PAYL%6l@JVeL%MgC|l_VJ@&M2&lnu2{8A zk8u8ND2;<|tU1R%Os>gOyI`xu64?kGALn2Wsv3s^G$!F&N^uWHobg9)&x>OkBIm#( zpPf@J28#B%*e4hUj~W#8w&P@}*HvPElVa^AgTiLB?flLR>n*rdy>6p6q@LeYt$3}} zHngOj6_kD1TahX)=%k=({<0_2Y4B(ilCo@caNzr=$9{SgxqWH;iEtXe+dXEZkDa?K z(xM(@1?fiML4$veEciqQVwj1aUq%1%ZT}TGGkpTV-p%WwCj*}I{P-B~&6RC}f1dRB z@$-8O;4DsKeD2Ojb-HMpK|Btiu_s=BX06$sq{$284 z@%wjOKmS`gkV=pIXY?TzOJ-8yz0eBjZ1>Ai*@JcSzx;7YCg9r{;rc}kzFn~p-xzZX zR2LR3Flmn3TJl)DB5XFY6p_Y1Dp3mi6)~ob5Ypc=u-EEH`JyW!dYb!(qagh)rCdkZ zbr6|QEmFe{#A{!ke$dGo3B3PXl~-T-(QhX3S0mF+(;n|y8@I4k36F5VRLa(!*?(cD?)1GlOE7=IN$ zc1Lk3U{6e!AOBUR+lq7FK3kkvIms$8TV|f5>JlfGf++-q2}3onZquA-JRAj9Vtl$4 zM*i!%1fOI~K)B0qNB1G%#KM`@gH^7o=0!g`u`33jfw((_HZc9hi5)bKkAnZV+rJ&F e{|9FKm^^WrOwvnvOoIUYlYOG}xagsg|NjA<*UirW literal 0 HcmV?d00001 diff --git a/doc/images/catalogs/mano_nslcm.png b/doc/images/catalogs/mano_nslcm.png new file mode 100644 index 0000000000000000000000000000000000000000..28f3e3ad5d8a92fca70462d989dad2e5924644af GIT binary patch literal 81367 zcmeFZcT`l*)-6h~Q9+D^pCG|3S#nMyg5;c|*pg{-&MGQMlALqSp~+ED1SHdhZlXwR za)t)_73ZAqJLfz08RL!j{7|4Oy^=lbjky&R5AR91Q<$*yGh?yhB5x}GLp^b}RBIV8Pi&wZ?|o1m)`k9^w#ui8(~EGlBZq}OG$I3&X& zVB55_xozJRLr8eF=c&xqRK2{oJgxTnpUlabyCW_=zS;e1)?;6Dhc+R; zn$tpaVcukUxtH?xUu|&Ll@RRS0m7Em5CLtH#W=MU`dRDnm1%O4ZICF&-jq4ivP)|- z4XmJPvhvVSRi33bt~MC9|4ItyL}gIA*XSV;%^bPA_m8@efrDAX7cSil=j{<`~MyHaOu+ z!v6t!SOco{@{PPa9wYdC2@n5+Io<{E2_O7Wfge0P!Y=`M7s20~;OBWN!GE2FFsBm! z*Jpx<=NF2rO1yjt{;HbTL!mYfW-!N>9vcvFt5I_`Ek`YRIRO)xHLLM!*efWjtF`TU z6FebT0r1fp>S#>wYHelXAmA!|?{8NKfY0ZL+3wN*?Gi^z;d@&0O7s#idni2*>r>XJ z_e6;4>FI^+U%wGhdH&)b&B6bK@0mF|+6u6-xwyEnx^S|>>`mF&`T63U%{Llh40-v|Dyl?_xI<7x|;v< zn`|8Z@mk;o+0M_fv9ms9`|o>$rb6dO1(eKPp;p?@&8pKMh|?_*5L}}7#ryNu%!Nx@+Y&e$ zf}8mbz3}y&H{W4gy7Xtm^P62S{mqN(rr=mkFdlyQ(1LpZ4V;fPSk*Gy_CY@7HyJ^6 z=fIo}&Wobl{M-MO_}_q^%g(EDkroCs@ccq z8RA|tsv2e(Sb1yfg&NKmnjyRN#DMoz`z75R6e{nLvIC+R^)4AoBYCUgT;(b+jI&SU zOmHwYuTF}HSE0+sR28^{FXv!&+@wzw+ki3Cg$`xQ@AnFBXq_JK6*;dVHQ*NN)O@z7 zEZXJm5b4K?$yV0L%CaoknD6FHwojF~Afv`~xXi>)l_j<1w-lY%YZ40P($(<_-72f`iK>u?56$9?S~xb1 zO?%?!Ij9Ij8SL}vvwGh%cKMzx=cG&=9qlaY=Bg<{@H;-=HUW(;Bi>|6Fr6i^@9vOIpQE9x0q^@Pp3PYg$0;vF%mrC8pqv@W~{g1&QH!F^#YA(Zp)FGM<(2+QcsPJtnkWD`n_V3lM&f?PSX&QY(}OXV3}~eTKihY zmFm$D|44&ydC=~Z$3nty!h9&(P5to2pR@kD*i7ZkP5-Ds2L`P?G3a|@ay>fu>4+|@ z_PKCyi^i)IO4ZN1*Kcq#lV>vN)s$LF`Ef(9k(h-(+?@$V3LtY>b}Ayj8J z;w_8IVhr3n-}EJ~1&CZEIvL)F#^?i^<#vd$V{EzYI%O%_RzQBCP`x0Ugv-5ECTY}* z+}CO#{e6AM`ec1$_b)FddYuMWJ8EI~O7mD(TVj6-vHwikLVYaJH%^S6U>I4|E8^ZPTwcS1gWvb!I}bV6CE zb`kEi)5Dw4YyR85CbL87+AVgYydWxGo7Dixg4sRvXuUJpbG7R#JAzeGz84ROcV6p08F$03p7R z5>k=EX{x|m{bqSEYptaDY`gD9KC@zvPaeMzHILO_i&W0IJot4!nhUH=hpz+=CLHvQ zRPLv|4f^E`OrT4QJ%UFb=eyc0yc&M=dm z)@#7;xD?itBsfZ@r#7RY{f=t85HGuUClIMoWeg0zNH&JmCXI$v_?p3l)SCHJr{~dj zZEm4U<3Z6+Dab{*nZhRAfX0g{-J=yk$(MUg^rT-nNJW!S_Uz7uIpamc75NQ;rW?3s zEMF8sU?)R%PRr|>bmbpOf-WHzzspBowEJc;GUn#~Y?EcJZD&c%cyG?-sq3J{_$;4& z#qXQ0l~h~+RfdS;k`ganhJSb+E8k|0@nF|iwd`zyPx-h0k{)hD(-JR0Xss3S%hc>im7EOjTZgG4OQ^S|_Gn@U3H1BMuPjpgg^ET(3npB<6FAwKj z8KkSN#yMi-YhQgM=B>@vm^|C=X44lAw$^;~+E#f#vwA6n;=6L`5L0}GN~<8L)aae? zR>@ZJBvmE#@zijcJe90Mla3G`uVcp;L>|4dt@2FS^G`R66<3 zR3W-ds(66x_v(sa+vpQJJw2G#_f?Ba^>c7?-#fzTGw6j$p3{`78Objv#RqMN2(FjD zjCfRw_hvKw>C`JhD#l{D*7@$3`cREV?>&U3{z&>l#x6zd<#t5Bt^D_+X6$Jn*@NA{ z^|Y2Od~i_uigL?b{R;Ql=styypY%v z+`PB9ce2x0{pr@@I`YAcIIKz#+UzH`exnH;kWv7nVx(oz<=Skrx{nKPgwbAjb#v!B zgoL8feQ%}KD6xsW<;vB3h9PAKb?2r2R<&s+;+q;J29pr7sJvXOA2aC!#1oV5=pr7g zv8Pyb*bmo?7r}+F=_Z?SS|~ju+OE|fV)IvRfSsjXs#(QNa;=7y{DO&RV$`^}skQa18{W>LvRA|j-staNe!ysy=k|cxG>agVxEMn8 z;C;5+gT|xB>WV=V7br-}G#0W5;_F1zlv5S_#7Tp%G7}%}Ee~}-wv#=#J6lw&mt0Xz;eV^5`j*~^W-Ra&a z>g_d=CI6&&LRF>|5DL5PR-WYMA8`@}`8TyR2cIyzNI? zH6Mn5@c~HY64YUq1%nK5eaN6dC>>>A$XD2oBm3l7TuE`BuDIkUN9BoU7;e!Uxpghovg1xHFOXa>y+VOIS;4=c5C?Kg)faui zIPrrRy%v3|q>DdOMJNu)7*qc2HAr&h zh-hQ(;R-yyVqL_U?k(kSvY4~4L2x-kaO~rQuzUxtXomRl_)&iEAbC{iczlo4{k;!6 zxH59%3;Q4s1YWZmB&Bs!{Pw>~{UIbeO`bFf4p9!`lhvjwdaEi zTYbG7H0i^Ph@wiQGl@a)B_sH~dT%7`kIt$!Kjy_TdsI}70C=wg*#lqo$KYUik#4ol z?AP~20QTASmc13zA(xK2J4>um)hzVge(~pTmw~DfH+(tlWgc8ccasdHxkaK{+5q7f zsO5c8FV-6eh#nfp0ks$J2HDTUF`~yeq?rivz8L2j&t!SEwZ07sS)Ry@%Zu1@RiBJ? z-GMR=sicTf(7l9Xh(sS_{_GbqnaiuF>OLNuiKTc!bYaD>E7;y7!D^HtNaRU$ID~|< zhRqk%h%;qcRPbMVDeU*Jb~fLs`UTtas=uhnRy zgTZ7eIe+;21(_IDYmljx19W#JD&^(()GOo;|1azv5zn#R0neOp|1eaQH7Dd5H!PpR zONDoZH-Y<>y*#$y&Fsya71TmQhZ3}*Qj^B@9P8R zmZegky(b0$=`IT7#s1f_7zoK`*qeI>w28+_KcYg2n4gmJLf4q_ngi)i=44CjGjHlc7Z+67XT(hQOawd)TymX_Q z5E>!Zr@dRl6EDNBbbk;q4IPz&jh%cN*lA+Kt{sM&w;j-3O#aJ`erj*v&c}r&7SEuQ z%w4aHWooBCt`X+%SRdzwzG}R!r7Fppg#k?{R%|jF7_V)G~-``&z%1-oeh(Vyz zj3k_C>9fDOvWH!42VhF#vPBAXe3Wl&8zYg5;l9vl>^9fwr_M7{%1}oyC+%+h4yUJn zatpc18)}oh`Mt`Q|D5E~*}fEm;|*>V%~8PEYmJ+Aw50s*lTJ^TLxTiM+%88+N_Ex{ z@H;H*UStu5oGL_W=cPiQN#ehRY6UO>qKGy1HiInZ#NH?VYWoM+VJaU|l zk1DT`J=5}hFr0M7^`NSZx+;>W@P!n$ zN$DNKd={3L2yROaCXl*1s}^NSw{RfbW7-3{$$G4MxXC6od8|dh3q`+l{LS%)Tj%2@ zm_287-gJKXw!c1!7Rcr&;l3i2R!gGTbIW#Al_6EV4Sp%Koaw&&t<>pwf|>k+UtWM= z(T7^T&@rFjj&Ao+;WiqdIr*!;@cWir$Ff66VkCLnKV4Wro~6gwJBdQFjE0jb;G zmz|=2x+*=3N!~+mT%oM<#^%DMiAwW`Ztox-T~_{s-#Ql*DE-tfYbl(~my)x^G8k;y zt}SF_JLIX8g$*yNU6E8QGELY2qnCfg5)kWH_}%i4y1jF1`a35iB_x)BN-8uy_-MWK z+q&QaOdchWjmwMS`TZccz;vHl`Tpr;@IG0wuMX%c%BJb6ihIfhxUJD+oll0&1UywJ z4*75QeHH$5?f{GaAx)4+QA+kJ-uLbdG8;G0#Ur?UIn$y=g?HqhAP#5xx9CYv<);?c z#t~1gdhySB^0z>AiGtqfHuF~z++jbF!%vOwrgvBJXKEa{!CWl$jHb*yHOBFVU&Ldv zfcegf1%*Go(YeFDF7E3Ky+E&k<1U~@Y8OApvFuXlCV6#cpz`&wqtS*DFrrgkgMn1ne&xQGoJ& z!)e-E2|TdQNTIfVOSw|oGv_t<=nE_Rju4tEAMDx3y?g3f<*z>_dF_vf=O+#BxN8vq zhk>xV>);)p}#BXAB{rmo)u2=h6^u3i56 z2@$1&DHyBDBZ1J-}L)8Ko!M#K$3ENbGB^_ zaKynw1~VZ9u`Ie(j-w1_M_V0qsO|agwZe*C;=+Y06B85bu1E&wqxl$J@Mu<;{k7sV z!1kL0qQOC8YEN#|(5KN-(QhnN)HuFoKxtUkYLED&`QLOI#+P0swMjqBI=10IqH*_bNSR?-l zA@@^3)$u6erYf_6ul9?*YwH6IZVoO#^;<-7njL*uYX>Hf}io|}H% ztZL4`06j}n6d>vW1(2@FZtjJTSf3y*c<$TeCvp}8dsHID%!+&Br&l!_@Csa-%m&h{ z92OO-3!0b;I7=g0^^p*3Co2F`SpoYlQaW8{;Aa30BBJQID1*BL{pJW>Qr)Een1h!Z zpsWc1`uAY!#Q;^yL-<00T0pvHWqdV(Z|g%9{T}Vx7QLM_&d=7Eb{y7_@M0JhvM4o; z*XMQaaaa5m&8sv5uUi+%ebumPT*HDM`>S@Wni@I0qFKF`Q{6M_J@fye5D6Zj^QxA6 z7}a)BYH}b!1aUval-b>hu=zehyqy>;FhCRDc;AOkXMZ)+`sitH3uf5baFeWpB0-pEcPN|m{vY4)C^lJ z`bqYsrq2{;a32J6NHm%bDLIoi=HPs`uqnuwNRSjEh)3psgttMilE)4QPK@fiB<&2^ zZVEW9jD5Uuf5Hti$E6990vi2C>5Og?S@#hLVkEKFRa&939?`s?z!O>4?e_`o$aw(n zZc=6vq;vb#Mf(o(UGo8k=!WAwjOA4s2tgZpiQ?2zi&u|SUg~@TtZDf;%~Yf6_rn;y zU-_2s%@@H`wY5UfG_luUA}0lnPLc9X7y(|?J}#Cxm+?{_Pv!N{h3z|>Z$3|Y9ZcG^ zCYPCX)Jb}Az0)fQvb;ghGAM!5^Z=*)dK+>pRPpOyzZlTdH!M?x>mIkq&3ym`nECQY zJBxiA*Tjf4_c;g~jmKLT2@ill?5As7Iw*haw03ri(XTSC*^kP~HG*!QMED)ZuT~}N zig(&NSgte>WXD%s1>>4hJdU+vz#^0nd*Ec>^x-;#HZK2}z1IdKQM3zq@+L16qJ zFo8nSIrm}OmxMFuiqT60;B);_J#KeoyK>=P@y#aC^{S(S>!1HjP0y{=Tr1T+9Yf1* zq+Ri*=Q(c|1oypseH*D0%q|4HdmR6n1ShH#qlW`=L3T9r+J7KV(jk|$9{vAl4PaQr z5=AXNqhFqC4l!_F(4A2)%kxuc+p+MrwiDSbFVe0i3UrNI{ST zZLtTQI9kxfrW=IHJDC{(diRop!0O|PJv*&(-?JEU0R(;_sI;6pQ1jYU{`wY#IcT%C znr@mr1AfS*xg6T9Q><6J3W8{raT^hndVVAcV?Z6~Yq&*fv_hxVk1PJ@FM zG5XGN`rb$LTPq;!cTunzSS=;siRokX7q zrqF45@SC7@iqBbXBdD35dBHMXcYZnZg@RX-OCh{?bquHu8W}xt0`{;+7ru~}su3Ax zu0DgDktxYpDR0^>{EXA6wwVlz0VU>92oq)x9g}I?M|_phXbdoCVW+Ai*&LKPiYc@l zMn{t_)3rNy1u17!2}(G^<&E5cqg<<=_IAJ@f1KjUu^EY?eQM;pJVy>!%~N@Z9?pw! z`GM63RqzBsmtvn3Qk-sN&|j>aAo`rJsb8;ST6F+0aV&B^HZuK)vLloZ)@ATBhRv|y zk@Nb*GC{!0q>QbMP?7Qw8o_`o8t%M9w%fo>BeUfbCTtxxYW%Z+k9`8#&Mu_MY)mz- z0YO9cWW9@St}k?xJHA9kQad#*kmCgo@&!!d%!huji*6Pl-2)~}z3&Dp%f}B)??wZd zz*@I-&jZ9siK-H#SJ`rLR=Z0BfbdBRbNWg%>={${!r}QNwc)1YRI9F*^t2@)a%rmf znb|U{_Q9UI6lj&bYFIH%@p4XY;BssNh*cx)*?U*(bAk_|PHvTjJEm!z57w{*C|!NC z@s|a;LJ_F&c1eu90C*C7fP~ZxZqa6geqg(WT%v5pr! z>EWGzz~G>UFVmw~3j`dLp7Kj>{u^`+C3n{V@U8?*sqXqj?OVnAQ_z`65a^*RB^nx| z{m!`4tekqWzzfWKVFoX<%I|TzKxLwV@2aCu33&Bbtt*Dm!w2b z6gQYEKF6qGCqD;uqAJyTXKSFPh$Ydm_{-B?1`w#vt`3Zpy0C0=f`a+z$;r{qai8GqN^bfvI^2WL#qi4c>MaefgO^(hI(K71+xxd6AQ(P-bN z2-U80%sW?%u|5INn&T=rSA)mF`q?A$O7wJdvyUOQPEx&YwM}t~u={Q)$n?g*v)Ta5 zc9Ll4o;Ys3NcY(x*qLk93s}x41FOdd5>130gPzeko{yi_)O#M;^ZrEDzbNoUJ1i!- z9Ahf&=Vi{NPHW*(w3q8;YLj*S#*~=CJ*;Ihj?_tv4++NtPZ|Kgp=Do&DNr{b&UZ zvURI-ec40V=vWQ`)p9-ecUlD*T z$s;8ndU0aAurdI6-V`464B?*cI-sm2RAhK92?sZMU5wrYAitkl8woj*xN1=|m4G{Q z(`lv^_<*yYzTc!biYuGqRSd#)y2YI3x`WO^NN-kb3m{OezP`I$<+!X;ppq4+@396~ zh8Lle-B%cxR5Cy6pN|Vjlyi$SZsP33mpAC!I2bJM7N5IKCs03VkNfdKqgc-zxKK{7 z91S3L`8?^+CtPJSDbSt3TY}}OFzw^n6W-kEpz}HGGwq7(w4d*S8hUQMhg*#gg6tSA z+ChZ#s~A|q9&s@9!ltYwgDB*eO%(_BhdY*savtZ&L)m*{+1qxLbmqI+nk#`I1KFP@ zF*orGh!;u~MNheU%cx-u0~RBN%OU5<70~qDtzU?@EVP^ZUS-ruz@%U2n0UO3JBFzc zA>c9Zbh&C(dD9Fs-maE6PK>3*e4N zTA{cZs0UK?@>ed4y6@(m>tEKJFg7utViPZhEa*VykN4Nm1fE$kQTB14-d?;`1)TOF z+d+UG+7qPslM`W6ouIU$9Yn!W2=Yt~fKaFbT5&>;^uTlEq)MJh=UFx?Zia0tiX62I zIIo(~`J9v?igZU;MoU2Uo)md=>>yKbL*L=0(7NZ@m$pQ+u#F=@%SqFtar+YEy`1c&D4k;~0vg+K>y`4nNV*#~d(NG1lPRzNI zwdhT6qB*d6`_{%{{rWn33xHeZoFvA>0pn-ip{_`Rwi+-0cJ&V5Ovrq15-Oe-WH>=I7ef7dIgt5|WXV!?$8#4n z?jtQnDohoJlul*_a}?GpPO*Bp3w854&EQGvd`n-<--pS8H*%T0=GR$pA|t1V{`qtXLh;i70}OV&R8I?y4Xm`r&!5>uTS0A@6S7nYpl zG@?Caj9aoN&F;q)2Pl?teV57k0IQrAGpk^xJ2IIV+I=JE@jh`qk6M$qHZWRg7_C%M z>KZxQ)8#d^AV}Au8B`y+NKYd*2NDwpq5-$6B_}sgV_!MS)RM2>iol*D764ptZdFlH z6yIcgB49fs2F5A=^bE7X+Q$9L1h>?iKAgau(J1brECsqh?QJ6vG1+`{zL&zivI3BW zL)_Ohoc1R*A~ZTq2m%+G!21b8*OB`$0Z z#dz(x49(Vor75G9p*w~R=GQjq6dt1=ADgynXY>6kP6w)dDf5#r6y&fh!|6QALWW=R z&BCc5TLLcYtHmWiuzSufYZPkD?sM~IQJgGKHP)ZIWE$0l*+T7#i7MVJ6Kf|2p&@P^ zjWDRKLL%RQ;o5gTJkLBZkFBI+~ z`=8oFONp-89hARpTvaI%na15~nPQKoE&8`&-kxn--P`yGzb)~LZTQO<8onfy3Q>Cb zO?bb2Zu-nLAiCtlg^EhO1Y+1tzSkgnqi(wcXj0EFhA?bA1A_WG#7Gb&+d793VTy!A zEBs4sz+0vr6{ai?2Rowwq*gQX%WS9QRBN#xE!JOPVZ8Nuac$aV+G`|Ro*Krh?^U8- zKT`RsCLl>Fp)B8btlMx?{czY_v5I`@nd%ieh{IB|>^Jp(u$k^Y?<=Yag5-I_gb&_ck%ar<{CkHzp4YW7#p z{S~=Exd3xG7itX>;L9Vjy`5}lv9B&(r71l~ebJSyR<4k!PSB-&fs z>CjYG#)&m08D%NkcPc5X*PWnP^sGsmPtZWF&O7`{><#Ds053!^_p-13)ISaN5}Lb( zF&|(q&?;>3a>bOoI;mhjaP_{JnD;E@tFFx?$&_bqp_y;8@&L-o^B9e+}B++@_uVOyTQAeHTM%+ z)xWM|n@$vU%gogqcG$IFt;QoY6Q(+$q1C0{*6Z*BRx_#+0~xwQ>v6jMf{hA?4OYPt zJ#N$ZhYl1j)O&lB)6+v!gdS^MJJj_%eh1Avr`U>DM}f%uqf?ZwW6d<^dWB|;&j@qn z+Yi^`&xqJ^ZIht@=ou~o6t#~qoUWTTDm#%(%sEqd7Nz75lqOh2qFm~ZjYm7Cmo{yzh|bOkWk`weyS2|VM#H{BcNKmpN(e2R#0zPm)g z6}!FT-DMLX+yCSm%qW+58U=ShBhow=TUuM!ZH;j*nfP7x7OTzu+91(){(DkF;Wy4v z-D)D5wUI}Yg)+-BtugN=Q+TkC>yLT_eT|gCw_aU)cJmPPEI+D zZ{#x1RcBEhuUbXEsc!a2Vas)TAKZ*J>5hL`&|DOWytHS4*uQ6}RQs)B&FbiT6sv8v z*b0H+%r@Mn?|c2;T#ASZn>TxV<28s;T2220ugsXKU*}bPz7Ae|8luHJlLLc`w zv4x$rq;CrXCNwvXqu8cDx)jT$sjwR5;Y}$9d6)InSG5;J3|`!AN;y1n!(x0~cW+gl z^+>Xo3a=&{6pjiW=u9QL6`D2O+i&SO)%SJQ!MQ|TA<;^*MnAeeN;tIp`{wZ3h8Xd7%J^XeuEwW~fU|y(sKi z3Y~uGb|WgFPV8Wc5L5WPL}q{YFec-wR+Hx({ZI!}7qZ($RU19dH-DDhP<8A047$9* zs&ypSaklSMwC=1vugwP&ul928A@d8aL`WP!|-xK6qA4-$>;0pgoR#>5uB~vQ^mYD==J|6Z1P+A)>GZT+3N0vDDX=yN#2!V`%Zk;QL zY!|D}0BH8lT-uoFC7SXZLsBToYrM|lyfju%XBewX=wmdAf;~F(Ctb>*D@y%c`^5|X z8B`iH)&oy%Co`5+N9$y5+|V}F(`Sf;Q~4){2Mfaot0xy%>M^-zp(LiqeU=hVWM+kk zlC)+vHcxgwg`{`RRGKg&?A6l_+WK{TrpQHCddAWwjmfOQOlRz2j}a#eL+>^~U0f1|;d0cm8R{ zSxZF#OAL#ifWpv+&^yj?C4DZmW{Z)53GCF?)OJ)?kji43S?=SE>$(!H+@Fv8XC-V5 zv7fQ0va0>^;?iC^LPNbVm+QuSL|o^F48PY)B&`_IEe=npV-L#>6Y378R+p=)+`HrX z7Vob;KPJ6~J-Z)+aP{dHJe6lCU4r&lX%kna!8|fZM`uAUZgOMeI0#kKtj*TO72m804-bps5RVEj zI!NgxCV!{;_c;+x%E@Uj1%SchG}Cx|xg zX9Oe=ST$A7*~@o-N@=6*!!^`-p^=1=wK6Bg8wn^V)AN;cvC+S1S#>INN$>FWdsWip zJ>itQtyALcA)un}f&CC(9I`;P8yFD34+9}5dtZG$tZL7Ef#iql`~lPl$r4;Yt~RY? z*z+*gxQoV9qW-Py9tN#5?_q(GhfUZJe{_@dNzr5OOZ0@;b)XAqRF*&Qr1@5TL z4bjT>3mQ%(@1_bCuBa=ElHod5jGz5(Hq*n+^EP zrd8Uq0CWO52KFwMwjUNkJa>^8`JEpR)zn-zBdZHNGFZ>9h$BP`+HbGVLH?3pu}Ysw z)#Tz$QQ%fy^)4`?k z^*pH0ei5e|4_x;3no_3#RFIc)Q$oFWB3L_(UNN zkB40nH<+hAKe|6AmhMs$Uucnh+n^w2Au(QhxzGi((6msNF zt}vS@d!p`mp`YaKfUaK%*j-nH7c@f+1!)wo20dICM@IEjiN7#DDX!~c4jER2zI<^^ zT7o<&A*r&MO{I--v1{e)Y0Sl|E@vPN@;(rruIq*@xf|XPwJqUS+)F4hJbERFS=ZrN z$x$rYK)4(x)NC)KCnhokHeX|;^cJ$K8ds4)_QJT3EK@xoQ4jmF*ZWgClV0#y;>sAL^`0cUoHUXk@9D~yh$kaa^jT&$? zFT->jk6oQ-_-IJ(9VF4WrGp>jAlaUh9tqtM$|q4mP$@9kc4$cJndK zi$%#B3!AHaH6O5Ao8MbQd23f|-c4EV7miOriK!Zqd$+6g9~j=P$7XcMwFUOE=px*& zHTN|}*al5Mx5yAHKG8S}xz#*9<847Zc=ITz)+lSLkz<`}SSzUHNxh9x{fCK%U4tG! zcrRv9yiuVaW%7%wm||xm9P8fS3qcD$t-%d{J@I|Pa9&Vf@tS`WazFc;R+Zg*=Tqp&E!D}e zeZ@Dy)l%Pu%(F~Wqzb>q-zHijS(=IGPeMag3Mw%NU#^wjWh5M~$9c(LlwQVzqp+Vb)j zs++~>wNDzqfTg%F&en~wF)iJSH^BuJfT6oU7!5mGaQI0Pfe;`S5gA63M8nKuJpV>S4L4dgV+XdDE5NmM`5gNxAl$&2Be#e*d`TiflezayqDo*qvM?;E9}# zjZH5U@QQ@jjZ}Xe7@9M1E`Tj|$BlAl9Ni}7q!UDAuCBZEsvdh$ zY(zsn{e)P;I2Xt1=8}f+dp_k^wMcKkL6W$B-10uC!KEmztII}JOx{oUltQi2zgh&T zNo11AQz_$Fap0m+ZnX9B^z#C*UY*g)YWr#q zJ@xW$uN|}lTU%d1yDYp%?GC)|Y{OpexVlSjaGH)JI*(P;s~8R32|s=!b~GtEq_0tY zKzCE5!6bHahD3)ErRHO~@?k2@+wv2`Y{T&PiaA3&@hx7DhS$VK3wx*Xh}F@S5L#i1 zMG9aL=0sdQe&sJb^z9<*UwEnWEN6;lC+2qDrcYvEnQJMcSkWtLgBfA7)CPa;F8j-_p#O7x)0dv@0O(Vz}xS|-kYaok_ zampbdg^L9RRv!jY=dY27xiRV2M>P4oVLj`CRKpKL2#R&~bROza6DPWphtwmEL^{7;2Hju2&Gq1H13{vvG=T0ag-umpsgG(%4y&3<-@EYj z9=P}@x;O+`;6FYU?n>92<*-}1ux{pb@DLqp`WL!}BY;~EMO{AWrA2p8uVB@}kr=a{ zR;Ub-hFRMSjpZKcKvR@1ujcS-f(6+lP6oci3Dn$aReb+m;1aWkC_KOS1*IZTf4=g) z>2qcV*aC#-;I)B9W`ONzfo2~ddrV3iwgZ9Qrw{B?U_C&@49`CVH7Lrc5yGPNK-CT7 z>3-cF^Z`hq>_RM|#!*UsO?>1Mt9m+F#e(?|X@L=#Wy*0tnMGM}OM30isM@?E?3o_> zC=|Br$uun#IY0*ac+6G*4Wu6fl)iyw=e$wSx6fFwFNl1tw#eF?8N-e2$;s=h6@e+n z`mB~PVq1%WP;naCpaq`dUd^VT5|9k8YdPhQxz!BDBdMMhtle%(RVSJDOz7Gk`uYSW zM`J^*VD4HHNKviqLpC#LG1H}|u8dW$<6boj^*R0wKPVzAx{F$jDp>E1#-QM*+re-3 zlBBWEcMM8|n#NJ zUk-cR`9CSj|q>nm*>h=OlN}!oEV68>j#ZEO?xHmd+Zd zYDbItO2Wy1snS>eu0!YBtNBSalKAdz{ppo?2^;SzGCX;?mp^2iH(+OHt-Ev-mH9^| zCUa-3_xDsK&i3doP8}~07I?jpAM&wvwHv%XD$J(J#qO2G`tKC!CvxcttgM0++Puaa zY&~M#mwZe6C8fS&xJSJBTOw^h#akV2&W?aZQI_M|u0(q0JGTH;N8WKe*k~nWw8`Ir zn23QdOH88XSJ8_*o=u+NAp9flx0@q2qVf5l7T*m-$rm38L7 z+h9CuAkxgcjaZB6scT35L49fs5<#FY%+@?G`D#Cqf88S=W}xcTkUmpLp|28Nwot03 zgay2mZ3pnv8nYV8JjKXs%*Xl{SXCZeWXb+b4z>!gFix@cDH(8O2s`VGhiJ@US)HnD zv+Q_v(H@}&pN1711&dgVv7~0FCtLh>)>iUNyN9 zNx(~t+t4mnwqB~&`SfPwBuu%7t0H0E&!Jq|FT(37l$AvZ-uiy3)s(4Bn<<&nd_odu z;dh5LSivgWXvSfwIt`-+IA6#`!am6gke?OuT&3e*rEmrOfReP|KqeXFM8isFe#&E} z)Ew@#^y4n7)C8cD+9~b0ux66eq;JOo!)SihAMhoF_JF1RJ+`e(hualrq;+ihBr`x-~WS(;(-A@1Ag}v?gx4W?gvW)_r=FS z;{Mn*8F%fQKFpoqHmJt2=<@JlU$58=a{T*@{CgDw)X2{mSv$>xEpZnu{$H%d1&ejH z75_i4<^A8f_3kWKk?~Wf%E}xFX5@&VgKP*dAgZF=I1`vEHI~4d0v+7T=1w2Ye{*)+s-!7DYr^6U~8D3cYWf9r?51BX&$iZ?x=D0#t4l;}xd$8|@7XKqR3J zb{bg)#m7&z%m(_CJ|F?#S_kWGmCwZod#mF^=bBX@b_#Z}es%4^o_0p9A_&cEQJMyy zvMt607zSR9eQ!(ri{CzTZ)19TH%Te3%r+YCG5-iHQW&bg?@GdiK;J>LuPUJ6FqdaB zcDNKp^fw6DKjq3I=>32s;sVV}q)il~x)u1EE!Okpzuad1El}U@f^Jl_d_b#8Bkazl zEiC(q=O)SzbXASf)<}_VM%`|oX}0bsf^Ta+&ECfP0aF(I74xO7yuy?SxZ1P-Sz`Fx z5;bWpdWkn$-@kuH3Li|EfG;cug>e*E)k33a4z%{H70OOvYc8P}znsj%r@cPMByq(*`S(&m|g@656r(be?n&2A~65!#;pYyFWWs6HRy1K*;8v ztB223H>O#p=7X7^PCyAO&J}6zHn-{WT49Y*yd5<-NoyyqHMH*{h=O(+jlDa;ycIjlX&HB9f zZ~yy;G0?0MYd)OXnizM`1~k$*jplykUDc^7mU_htf>NiuaY@eNVssczi#4BfFec*5N2S%5FtYcQXR9G5r&+e3XnVZb}Ztu}&$|#qUa- z@zIz`=y)uzS8h-^3^6X$A6AbKnzF&Tf0%tAOxF0t{Up-RD#)njH6rQjM<< zzJn?kl}iy!n6}VFGz^}>Ui)+>b0?5C9vyDjj(nLen)NLxatmg%+SPAc%aLr>+L-k! z0u`%~Qj614uh|QK`ckkT4u@Wg%Iyze`9?VqE}(!mXJaaj<1tv-=7hzlU6*frcP>!| zE3q9rz%mi2#D}YJu+aM%V|!Gr?x9C`fi_GszTVFyWf4brzFKxFen7c6Wa-JJmH2{@?O>i`9e9vGdK zZ+Sk;Suu592vN*xg+9@nMB=6-umlWqE$;?{19hHVm&JUNcw~Wo ziXBFFgsoz$qIoyPV|!<@2$aEiX3xTlgFzh^j?f($yEydXM(Hk7ncpA9`(<_dHVAX$ z=LV1w9!{IjR9$7&tLaZttunG5sLfX|AfgMYF8M45eQ+*?fZlW`C-@-l(edT@|KaN` zz^dHVw$UY_bP5P4T>?sXH%N-ojig8mOj<%(LK5cngJAqD2cCxIOkvl6Gpf0WV z^l1Yw7IDKO7!c%Ar+v5hzuN`wY~b=9y3mU z;%iX<&Pt(jb`2L-U6K?>B;3iqxPIqD>sPX^ey4qTvL3`Lr&7m5fBs^|be`yQnSbHd zcBt#UI7*$%=|g5eBPGIqsOlew38MdpdfxkXI2_uP{?!qPOZm9;GW^8-84@a$jnDVy z5Ai>}B`b2jKD$dz-msC|c^vJpgP% zx%;CS)CT(5e)CAen0LhdkfPqt<2I)@)HzBuvBL4%g|BxK{{h-;ml+%(7!!ZBD(flVa2z`@LyRsf zanLuPEJ)G{kV0LdV^abSP9EZjEKks$EfsS)IXbl!T8Em=vg2=4C{EcDOi%YB zhARCuEI1qhgKnrl2#;YdXt8;cF8mi`AKAu zR&lQV4pFRUm}p9vZ7YMSRN>Wz0oIRk)jX-FU~(#VmE!*d z1M`3cz?x6gV6kXbTW=m__9KntfnApdF*Hmao~4`kDAWt;p93k!5AwW(C_bnWc%h8*rya~O-Z9Jo2gf+KE+gNDNm~bf}kR;m)c_6jo>(h z1YetNIs>xO-1W$9^yTmI`TA;pv3aJKoi&)-A3&eFEUu5`OzfUXTYtnN+kM_54>b0t zj&b!$k4b-7TVKJ&z!&VB_PZTxK8}&Y_tceV8a=Mz&HvQZKUnMh%0h6esb|r)VE%5; z-7B{A0lqqrXv;Mi1dT)!*2m$-Umu%%g zyhWZ%!fn&^iX!v;_h1gaE9TBI`nImAF=}k_^Lt}GnhGXOU+7}KMUu*vH}x&*B~`_X zKMzQfvfq%sJZwjMQN*vp6m3?up{$0fL&g%b5RU63xBE`>FhR%!+znl(UF1wi6d{_aw z^&V&#dEJZo@&Efn2Gb|L{qp7Ke*V9KA%5z8rE^PA1lL_}L%^PMn*yu=scJpbl23se zkJGs4DPXuy?f{ug8JI0E0O5P=jw{$9Vi*@KIDXu1-1l9YD)ReXKY4wcvVYo?4uSH3 zb^h~>8ySK3+)!D#GzX+=xGyq+3NR6%gB~D>j>=mM-xK=K5dt}9f(@;oF*muK?U(~D zVg-y7zAae8Jyr^HBDAX6q9Nw^7zHTfGeF*Jv|oR&o9Ozptu#xV*p?Ts9cJ5^4=fS( z0RJzBu0UEh`g?onZ0eK2A}!w7lKfeW%Z2F(2)bikR#k4KkYY%_W~tDEGsb_8z`##W zs6j?UDdc9Ca@!Sg(flj3Oamw_00hyglLdvDB_J=`5T+g~WDR)%y7;ii-K8lY%K37b zkF=Hl?i&DGP^+-I`SWS~rgf z-Eim>y7`=8IU7-@@6<(XgZ1BxMd?;JLe^GRPR@zFYA6ZJCThG;Z?WO-Y8z5$^Y5rC z4T>HKGsMgXbW%>hLwA~o+35lW@Mbjl4y-pfClK{D=c@VqZFmU)Sa)G?UjttupT4t{ zaG3yR6BF~wVuSU{X`+a^8l_pY@`0w`vc3TUVxLvrp=2TIo|Xr=O^2kT;TJ#!QFESl zJ_0();aN4^^8=p2GFoy2`&VI@C+* z8cRGl#UCxskXq&F{O|V+4790`jJnWzJ4syo5L=#>^(FF@)*rN>+HL|>=sH{oOgjj8 z(sRbdA3ZujEj4H?16`_2)VS6agCE&qpW-cKVJw*(h= z)d2n}9f5Mt{$}EGTE|u7H*h^`OW7Y<)DQRuDst+GWEH|h7e9XzmoAr+&1JYeuS(@2 z&gwxTd19D?6_odg3o~~YtC+P*-l%gd#-?Y$JW`|KVkLM_%ieNtp`LGmqnVFLRmf(k zX{nX`oWsp^-VdI0sU2@(lq=J9zaiu7F78xyeMfsDP2Se2ztQ4+HtQ8FD+kwgg~QHf z@rRgc)~}ypeg5-<1bbSCQH`p;`~-q2wGW`6+6740Nx3J{4d^m&KLV`J-tWW>XyZVE zn9i5Xp!S*=$X{Wyb5$UWI|tH>Y`)1V+YhJ%3$-gj405D}V?gd8czg2h8n|!VJd#Df zv|6aEhDmLo7Rh}AeM14YOw)Rx9n>+&@bmQqu9vF71_X#;Q_9UpJD&Rf>nV{QZ1BAI zfMzy07ob#RNml1unAa9M@l2i&EPg6BXLGuMkIAtWnt5m|=OzzdhKpIyj^Ow>cEEsO zwY}8x6?MKEW>u@#IXeVH4lcC@jpf1vU?gFRORG=@yoj&2Uox=%e3R+nA~MzlMV(U> zdK%>hG!8ozvsR_RoUK~IX|L{B0j9)2)s`Hcj6BRk*{cA2?PO325}ee78?_5lS*)~& znF{)CLjj7KyGi6NB!>d}IFj19=gmm4;#iLA%gR@J?Lk`}&mXXF^LmfpW%H;P&~W%h zz_xa6&e3V0|CUql|CIa;@GJ@GpXAWXJwS;*U$g;Z=!5#z-Tp<^oRNRTRW(qlO^*8} zkGtXv6vDY&(Lr)P4Lu=s8)7vM;_u@rPgWTuQ1?S4G*r`Zh?WPsy?)Z)JmMToFnJ_= zZu_*VWd6qG`?vZW315sG>S*s6-Pj&eaSN^A!M{8gT>YH*AEP_ir;N-8#i&ZcsqCN7 zo;v5_n?g4rZoIR!G!u!18QB4qwjAmZf(M+BXOF^rWR9>EU_6o!iglR$f%I0R<(kjtv3S4#Nl{Z?(ZKyE7XSU|kTLd^7XF~@ zBrxqAVNdyWepi;NC`!$|L{ybD#DSdDo5T?OO3$5Q)ox;Eh_F-w<%Qmo>3j#g!4C#q z_S}5MCATS5p8v*~NSPmCNNY@#OFn_!b~^HYa6v;@L&e>|ZFHVmXC&>5G(D1Z?3bua zx+AHm$08Bmu@ExF%&|p;m6e5sx4wVh+q2s6Y`o=;JzuEfIyQ;JHrbf9s0VC^8tC1C zYr%Twf+>@3ojS16pa3Pa-Si63qU5Uk`EnygHrOnC>()B$?~O147kQVkW2T5^qCm%x zWo=oih~~>EApNZbEa_JEX|;g#gF7~ZKfs)I)OC!H`1}1+Ms=l*&=(BgqcdrmCQ#&X zbyN^n3ar^n%tvYD?~Z|X{UeeCK>G*=Qyt0YIxLF9_D|`Qgh>$#$AB^1$G942&H{jd z$FW>(BnhAEZ;kK_B#aSbdXmjhu#=MN)qfC>`=EyBCeXlG#OhNxZ6l9+wDbqqCI`|G zj&wvVuPS!`ZY)4y4X@R@RF+x$b1KDZ*z$6^+hJ<0;Cp2Sx`rj#H;jBG)s1QRGbvTgYJ z)3gnPs#*qIO!mIHJ$=0J_-jy0j4^*2qkK+$j@0g02|NS-Bmia8OCTE>HPM?OoT>$a zA`RH)Dqr#rG)>LtYs%NUBE%MZozVxc3*s13d6wEyOuGIF6&IKJP89*n3TDW+4iJ)9 zKKR)UL^H$|6oM9P&xCW*;JeTh_N#gA7xvYDZIxzGZw%W*DA2Vu0>3{djSTu3X~s3l z5*h(tQ%@g=BOXnYe=gIHnc{qsz!AgvT`56py379-^5!GwEOq1SD*Xfq^?zR;@EtEC zS+eic2$x~V9zhw9+}RSVHa4c(14-nCZ``9;P+6B!P|KhUh=_OD<*66fIUH+Z7Is4p zSE?ZlF1t6+(Y^B7Qk~k>{?Qo5u1E$=0xwe&8%C;yaUxJQziM>t6E2;Lb?l4i}UXge=srQxWAAO13k5w<~)z4HG$y}QvO^94cr z!7s8K>{NZiyR#^3@rVBz@Xs5>{DaubT(c|HI>@(emeKYE~?2wq3^-5Bv-B`x97@cuHIE|*DrEh z?`AYa{_d!&yq4$ zYg&{8p39@Q(X*V=f!=6~JH-Bfo|H!X6Gr%DyI)@m*WT<@h?G&Kdmsv0BGLsC#A{~IQO2-}>a7qVvHdBDaojjeWmF-~R zSr}#ysK29ua&G=Jc3uwfW9z{hGy`LdL_zl%t8-Q9a5As95W;sW9pAR|gD3W<>}7-A zFVMd;NglP>5Z(TH-2`YU<`6F4@;yhT1`?aGWawJFt8(28=XAq%BevM?lhVI@_NkVl zg?&$oeDz_aFJ8Z9rPV9Yw$DXz0eK^n$K)d0;Q9a;RSfg#lAoEfu?oO%g&vD#Fp1B! zb*|JjEKjri4I&4U4KTNl2BnzUH842&{0Tgz#=uwX2sF9PxzB+`0F~3;oM69~0v0Cl zp<=?K0jfiKAmK0T6lM4QmB4LlhzDP&T}^>SKz;wp%UizgmIFUy{6)9XVS^Ig*a1dK*c_69NZez}Ui)Ztf+Zuoa5j zE)LRAAmAOv0Dwe)0WQQFV4efaTBwg;^QcdfU=U~w0xVuT3~&K7HX_cAg`9*AM~#-Q z3({?V0-aleu<1;h`ADIj5VT;$90Tb$bASgHai!%f4fmiekcgkD_qlJ4P{#vNseV!s zkO$@ZQ`U)ssy}Zb^4C2$npM=l(*7z1_9u$KhK~X3@uK^=jwSuubYFV{LLrYjcT5qS zmR%5gMB#B;(gHNmQ98V&Q#2x>89{L2SwSDS~Z4exjiW0eB zcN|KXu4aVe59Tg?9s~hD4m{W`O>Q^g-{O$(AuV(IIW)83P|(-W0bfOO@XT@byL^=n z3b*sM`yhbDU;rM+VFuCpq_0W=jRTIr3!@&^D6Cfqh-MB*dPLZ!4EaX!e1X6<_kay^ zOj~2MD`Iu9W!0T8R;onV!k;!Pu z!F$Ke*Teja&LNdNa-{V!2?@ zh?aa4$;<;VKe-sW@SU67CNDqt4-Sj0bh?2SU)ps5H8|X!ciZSAF>tjo?j`kBNkIhA zkbQBe?c_hMdKA7$x&ti-B>^7np#9grybh(ohpPhDZ?pzdCe&-Y^_G+Ia1<#2c0^Po z@xOD@EpYfc^U;Qc8qJj5q$^ycckq~2Ia8X%Uu??9l%kGs_(|HP^p20xXQyLM|E*YH zc=Yabb<3(PFv0lF?`(&T=w$x6rkQV5PS%ZV41-iqyPj&b-QK9quSp#=Qf@!*FX(&~ zq3ZKe52g}35R|B2UfAej;7==pg zmUDNEw&7Z8GKq8v$$?wC)_d=$f@xgO7FjFnzW?Qv^~Lf+BEZ2YluCpKFn@rcfzP9I zYh}drjK*hI-3H*VsFqf!m?G#BY6L!zpWpcE`A3P|_{L48OQ7Q6Gig_)ss#jhnDoV^ zB}bcyar5FJHech!R~mpiT;&iazU3`U^*;d;_&`PM5*7jl+g2>lE9ad5R2961S5)zJ z_XI!Z5*#q!3FT+uLej@?@&Jv!^oO#+GU$ zzJ4>EQO8|EQh|Hj!RS&supINsYTEf-tV z-U?(b&gyX3tR9q!gn^cFcEpj@Gi2<^?$Y$Q&wZGyUC*uXF366W$)>7P#0V3sGsFYa zTY>!-CDN(YVnh8Hpa&+S#J7JV&m=aLB5HMx!?MVbus7=UdqOAP4;q5HwQb*s)k@=k z@EoA^g*kn(36R_DIw3U;QTg}^1>(UtGNgLQ#jL_vckNMF)>0`HXM;)rF9mT!kwO+=U-TEKO+I{br z&eYZeRgRtCC2-!@GZ0@Ekt%jKy`{|@&E8rY%`)F{#Q$5F=`97ybajE=rWH=9L)A*- z`2cRK@?|K#DFX#ECe9$0Y>b>(rP$RjXx=bzdt!HgGz4y5Bcrp&&F>CD+w(hx1d6Ar z&dQt|)rw3UbDGDFhyo%TNpf_uxMqc(@+kJ;j;fnuiG}%k&AG8%Wd6Y7SP! zS4fQRBsUHKwlVKI2c0(rk{|330|7Fx02wlFZ)0CH%py2V^%c$+THYQ0c*e-P;Q^x+>gTo^*#BzDuXJ#bY2 zw@WWgh6bzfA9H<^rTNRw11kJCpzemuYcvr2Wg$@Ei@+-Ur7YX-zirD@Sh}#fyO6K< z{QpwnOM{i3&9T3Z|4WStDtrc5h3{Z`sr&bp9>Z4h`O!iB_X;0EE!@mnx5u~`{P&f} zynY$j^pn@DfuWrYfd84`e0(%83(PG7pYxOenl*KkN7{6i&8%|u{XxSR<9iiS`Ca}lol*@ypf6;e(R#_wuDoC{+PGR=TV#9kQz7C!Q@;Jay3Dnf$8I_9lR!!9Pac!9 zIOU(h&au36H}-~Ma$4uPH|3r_MsmrzSsuI-dMQH%RgTv+d8NtsZ(7!lB(vPkR+BFT ziXoPfFFGB&+keDnO2>E~sh&~bP->#p4pv(beBSjRAdP^qtje^z?Z5Fe+S)lAqO01^ zb?z9SoitkC<0v^l@sJ^63VaW#59utQt8vo8-&eP)w?=U%Wg}73gW8a+>Mpq3r7&Kb z{xp)m{2kSETG1AY-CG|#dHqVNqIVdz^R`^-8;;5XgSti$t@ZgYI-TE@k#8=0uC@tA z@P1%gN6Jq?uabzrbLqS`CZe``>W(&1Gkhg5U+pQ?Q?IHyo0M{YnK|&C--Gq?x8xJ( z$6B{pBLDr{U^M{hEvBX$HmJUmK_prltXRe@G_BE+#nNnho@WVdklt45$WDkFwS23&p_rU{jD7J3VT#KQ&|~9s;F>6|eSK zWf2MI(6pK59y1ZWGG-fK`JvOz0-_uw(G zw|f^e<&wYe=?E-{)!p5l58usf)39I%p8?p3C|8k-isPRZq|x3WfMByZ#lFV2%Yl& zo+b;#6UdVNQOKp3rDuDHZ%_IpY_LB2toP3z>QC`d!@d4Ak4F7j96ScT_jht07avL* zq0|8{^c+1ab?tt37g!z$_AQ*rZ+!}UcR=P-&NwUQGIk~Ul_)?AOK4X9QaNT%`(^ZT z?5H65Y3FQ%;a$Z9n*mmGaqQG6o7$jx(lIHdK{U^IXv3;uU|Dcru5hMQwY?|so;XMJ zJn7nLJsMx*=VBeXAZm;l(J7u=NV5f#$7tD+?N&$DAE9b1{xXU7p1adpS?F)ellY~0 zDqV_KrZVvwF^)<3x)BEfzD|?~9s!f^f}2~TM9amlE+>LA(VKX?nEOysz32#o;LbnK zXG8bi7vqp52rTZW>n69?#u6Z9=Qijr9fgEn)Yr&ue#V{R9mZRE-8Mnl>hwzq6Js~q zgPIt_Dq>|Cb+)vAbFr=->wyEm1UaQfv&@uZ~*>C5mfhf__oP1`4fFYqCf?(cs`%v<&(=&kiL z$>whQ_239FYzc_J{@@P9h|zw5BAZzgNM+fpO&>~;H=`!@j63;lg(CWk5jSn(`a-r7 zF;|oT&kr$*QIouQlhD-r8PCbtUAk0E-wrsPH!~KOR?9ZAf{*5-26RLfLgy&;CU>X; zS9yKupmzsoY=+c-aNA|*zLq=za*~l2ti2B#cr~Rdx zD~4(eAyed{A29U#XB$XrA);b+*JE2IsDnsa3O}gId&j~^gp>y-z0h4`&fXW0l!80X znl_7$prgK5#&Z&+WaIl*$n8XF|IlWc<3bZZJTsL^`R zt3{~uTz#R?*kQ5vJeQjGb&{Pq<_=BK{=tQcP!2F!rcarDC!)@-TZ-hs^rJHBRTt$A z3B^I0z0}Sf-52D#ghQ=nC&Kgs7KjN^F^)r_X;+4Q+&+QmwgJaN9z_JD#KivM_1D~O z>j_BQ)sZVm^gZ;ZrK>A0CRL~PusE)K-N9VmG!du(E!2y0BRrmQ)0Iup>J)U_nR3VSjTSs z{Ly8{Fh*dCOd(fYfH$*iRn3PV@yQbP&FF9n3IfXqtPy6@Tsu;W@%x2arG24S*AZLk z$sg~D7ZvJDO)BEezOK`Zm!d8kn|*5XP8+%L=lnjx8*Hm^oinm}%Vcz#?2yGX#4z!Q zsi$dYr~KIa7zO+8o0G&vO{oZy?)m45{wz@oCI?@Ni^tt*!V5EdzcB=dKg+St-#Ld)oQNde8%|p&U3<=9T#; zeWY2YaSA$oVy%_Lbt z@I|SdxRCJkM$Au9^zeUx-On6ts-6Dga(zs|x#L+nQ5JeKH`j4&BNUQ^1LbTXKKa&n zseL7!`n3wF@SS?jg37IPgXmhD(DSl{sjaPHgmImXFY4xu-^E8L8X}qXJPJ1nu$U4F zgFX<_+*(I5?(nzbl$M(Px>|g~Y4FSPQGRLl`lH~*jzZ#%KRnew_@QG;E~`3Qz19mJ zSf~%wa9HASZ+)hO=03w>0w$f}ffas*d@{cV8GQ_sp03@R4J6+A#Zwe?={c`b%G&Ww zI&P`gWMYfUvYj%ePDC>#-kbM-7~)SpAV?|(%9CLbwNCpUAo&0Ro|~|CATe9$0IDKi z07>NCjfRPJ0#m2oeMWM~!TYwlgBtJXE)BWJZ*e@!(c{b6RwGs70)&^#PMSJDg%M>I zZdC9P$)8cgV-4JhQKVeH$o`QwQnvO)(@zNk^)hAZh*KSTp4Y6l&EfiGeRqp{w&eX@ zrOGo064XOF(`!-3@d=MyjxBV04{aWa*K<{L+b*vv&Z!harec0^y^k!O^Slr)m_OV} zLa{|LHGN!BXj;H6+DIIFBd)2w!c<2j_3HlZrB%^@SX;7iIKsPtz5yAZzI6B>@C$ha zaNJz1=5=jX0-E|s8tNsc#&`wHTm!*|nSt<|~7I4lOF z9ydmD3WyO;)48u&O1X<1T4Y(lUU3*qtMW-=B{l2~$9onGQzp?RKdzsp%dYo_RTK0> z(ltc(@k7U;O9J_oY!1b1Mq28YJ)sR5@ zxzUE-;t*A=mF`3?Q={7FlaB3v;Gj8-IM7M31bH0LZ*hM+Ypht8k9+K?yNr8E;vh)r z1pVSr(P^yT=-emrKs&^12`8Y)+gKQ;k)(h5E(;t}w>VVNWFVOf#VlYD#+Zo&-!}6! zqEn0;svUaFL{H_hrJXOIdc4{v0Pz)3LiwFPRjx_4vdi5d3uRulUaZYX$7@kN^dc|4 z2su^B+#51EDy1HKR``akV-(L28?9UNz?KujB3g7p^NYxuol1o8ypsx==1555x@Y>& z%r_F0+iizf#~9N!R)%=F*ewB-L~pJHmH;d6U@TqdjF@keSf`$kZ>XI|)}wT2&p%e? zSuQZo?`{|1x}Ks9UbPC9Y|o)$X6Y#HSA99-kSyEeMN1zZ>bNaWWcM)Kx)`1GE?VI? zw|~=n_~Nr-9d#q}r%>NwTStV z;Au*SJbr1k^2huRLDp?DMl-%{@>F}}dlgDBed5p5plG@utMC{pLP1)yoF}>kk`Y|jeVFG2d zCconQQR$FAc<=Fv$%4_#{&Q*bcR>wJ!Um&6zq@-rNU7{p?Xer<0|-u78jQcTyw-r5 zITc{PzkX%A(q>zYx!1otTe%L5T6k}Oi~@kf)x6{98B*V9NYR{pHHnM!uAE5K(`GGy z4&@GtvnAdJ?6kF)2pprG7=Ocx|A=Nq$K8r)P_MxlCKvEhz|=iAP?x{|Esv*jz9jxf zy`6^jTV%186sK313Z}u9&a^Eg`~n0lR((|i{f^aI{hfybx05PkIcM5G`w?)$^-6n%(&7T}nW%zTj@7$iuYDI=e_YsxC@`v$k{L znBU0xeo0Oa0uMF-nN{lH!-2ryK3&T9gbS8fV`Mwawf~4cwsy0@#O!F=5RQRZZ@0M} zoDf%^Jb4PZ018ka?wZx9*Mzl(-(7yTd?@SQj8P3ZG2ZU-zH>35Y^&{AoH#t6e^g1T zCO@3$}{wTNh}?r9rIDnTqdwLOgt;iO>N|MddUt==HT$*Le?IAt8h zS;)G`H+V6{<~HeVxBxK-wT8MEreDN`Jw`?7gG^Y{d&c4bo_IS$> zl{ul!n#=MvX0s#r{0859)1AfsYodik4n~G2Mg4$O5)EiXU7(Xity>34urZx{&7fsp z^O?luNj?gNKMS-Z$G*Wsxh4=V*}cC&RCSdS8fNZ|XKH|n{084rkLH$fu(@fYjMi0C zy}~})Ma5$>wKC}aFGKV{KFw! zM0;XABtp*V@0PViDb;xgza8ku$-qUjIdIAc_&A+YMP1<}lT0;adHiwk580L;f@AB} zV}C!3lPZ^GVOe&UCsd@-Zb`N1wG@;$$!u*e%*_$_zAVFE$UoTyL-O0rju0-^4jI-; zNKY?Up;;WqfPJ3UScHxFVdy%Ei5(Tx>j`rx;(-w;y(@CbgIboRp}oAGvt`Uf`^=$i z!ry7Bq+0mMs65UC-RbEQp1?30@BN$@;^If^_w3`ZC!=d8H>cC3mwXo~)iY(kcl-=H zMlY!)<=;MFmK5Ok!!EECt@!cnR<3bU1dp-)u!U`j1I6nkk`<#E8(Qw|F1%5vV6XZc zJCtPrDRbk~*q04M;s=^U{7hb^Z`zIrp89nx);P#wC0OnNY2BYwAfz&qiKdT!U!bi4 znk>}7P&yn44SL!FapfnW02n=je|*8NnEg9n=gQsu>%xk5BfvGaW0a-LeUU@Zk>S>U zEuJ8=S2*EgOuDir8U}gN70aKv8L*RoaNk>B4||TeqVB5X+tazTAc?0$TfYX_pakL9 zFXd7t6?uF%>t2eN;fD@hP?EOB7~>!2NN2e(S!G%)w~-JOsBSm4&MovvGTdX-ll`$W zY%pl+XtC)rt>5?#rPmGMpKYPHAnJ8eyf z%3~5RIgRC2%`)@-1eK4SJ&Kvlx5qReQ@chu>x^}Ob*^dN8)=*F;y@D;DJ-eJ5Zb*; zTiViWpR=@a_u>mJY26cffw(8^Qu-F+e5{$Px3za8y(qWV1%ZAx_!RtnK!s47~&L@P9W?)1;${dLD6j>&DAV-~Dq6{gvw5rdnzvrZ}aoDNIa z$MDf%%eia&-nh4?y0GeTp=pf=6TB9!=-pu${Hm&4jCcGo>Rq$JP&#%E|LRMksPYn~ z2c92S5ifMPH?%bw0UfnzSIHIQgGIj`CAzQO$OTQM=R~-^dI@tQZS9SI$elYCKMuy+0_9)p0u6W!=N{4t)nPO*Q4>`(J<>a1dd+@<~A z9ryn}Y9D1&S$@TR;G;{wM6UhJuk;mpczmhUTmK@9fY!x{eFM*IB}}$O7AmceJPq{| z%RI7q;jR$1E5imie{yxPXP-FIGJ;m(2#|jZz8;q*Ek51EsDE8Kz|r3MtWAST$J>i# zpvdwdfUvKDAAP4&p@^DE8y7$3WMJ4POW z$N#`ML&`;KPX2#wQA?A(M?#P)aw}#TNb~lJ{O^wE|Cx&Ws=ylbe+F#lAAnr{VkBT; zz}n{iKYG;u-k>jnjRMr?c?y2~^=E1!hc)PJ-d(==`%0>?m2&wy9Uds}{xvQX=B5G- z`sY^kdVzmmi5{$E-~g?%`mbK#|IRXy{9zN5R{3>?h`)>>!-dshqkz1<=acgPRbu=v zRbx3Eu&HdSa@?r@zEUm%MVlp@GlnuEsaRPS41rk z;b4Bu038GepbxKn+@E{?y1P*Vfd*Y86Sjyn>!6Uro$HLjJsiTQ^XVtYLk~O{fS9$! zgDmboaA@Fh0W9J(0net{B@A#bx&W6Z{ljFT9upuCVIJ`VQhYRsx#$5IVAMd+D?&o5 z3=bIkR8pbOBLGv{Iq3)pDNBH%eKW_e3E=$>ykoxi76ER|;~(|C;!I0fAVgRhSa5?9 z>)T|u5GGS$V^HfQTmwxHSx5=KCE4&jL1!eBH^3 z?(N0lhy8E&2B;I*Q<^~SOAdzf$P>TsK#JW9ko?9Y6G8D6Xr`#ukLwtHNcbUS2Sw;z z$^L4>$1WDF2_bPIC5n!=ja@!`6zh%H-74eRb{`%%zMgM!N|Ko>j zro}Q4YaxFPq66fGfS=!ql+9v;`$&VkYd6RMFzQcG0jBEfig{W<84Z{sVju@_jfv3> z#9e#a*qgSpnSuee3NYiTeV?cP7Fgovo&yc;#5E{#crmdd`oJh$61YfGV_k#hhE=8K z)mHWuT3(^Y?G?;JU1xi#*=JV}I82T^iIch!v73=S!6Yf01&pA=L5W{yfWB28;(-2w zcWe(nVx*`AFKuAY5jybV5{RP^lKoBcMUXG=PABzFUx4*M&MK4coXJ;H119Fi(%q?I zu}KSYs6QrY4SSb*M^HNOjxBJi)*eF+#ib;kpIp!rNx?QvT(?{RnIEK*fn z3V0~;14*R_&wI&yD*zSh_xqgmbMVdaYmj)z3aBu~I+(^)@4_6C^)miq3*h@?5QReJ9D%i>51}N>p3W zhYKxY)F|1!F`54be4Z8&uETlkP3C%lKxiGLVaAU9ltqpEf{9?f>JT8P4olk`@3p_V zI2=h6dm_T!SPa<9zki_`5H3DKYP(2&<|BR5Jh~9jCHVa7R zUg6)M9~9wnzx;ol*hiW;!5YZ2;eGE~hhM32bh;O-4*DhCb{^G~{b6ut_+Hr1RV_df zx!^jnCu=V9B!bdHJV+faS5wsG?1-W=(Zl+QT0mdr1oo>KX_;K>H`{W3{gL8lj0eV! zXAd$Zk-`ud!`KQ{cSf~zXIo^&0E6rnrW!fojUj{jyY$Wu{9L#+0aTqCDA;H{CN3j2 zlK~xT-WYI{Jz}~{7Bj+W6-k6-mFxkXF=VV*6{%2Gz$)*UrM&;>`50$u0aL?;=>98% zfk7PB@{m)Q7#h?4tuDxcpQybrZsW16^wo@|k@Y>!)vd3QO}hR@?eS*{@IkBDHCi$! z!axGX&jlP0ojuzR$Y~xRIOs$TQ&;^QFcixBdH0p~0r{!$Jcc>v+>d1e*X%gwpANCd-3(p7Kho(n)`>B?K9jecZ5p;!Q`#9(Mb?XmNKIx$=${JNb%YAKy zWSh$N#qw-+tc4mI;%{$4A$JW`{H9hGQj4@<+P`lVG+h07&Y0};JLk_4Z*TkvPW7xm zO2!-BO zR$uVEcR%f6v!`T(0Ber%Yb+86=_;QCixAY8V%%&kkr|Q>pKvFP1C#AeHs4-j|MDSk zegii3oraEFtmRno{3+>0C2{KomiKlAowl@ z&{Kb_Q9o;S#Y;|(>H2-UJRjt`6UYK7ZV4Ykay(j-sc(TFolcxIN3JLGKp%YHXNsm9 zcJLbw`Pf+RFcD1Zr^8xn$zCc8n*>77rc=2?$qYodL%N~Go+iP0L}Yg7zwy#`KkGsT zdPko@L6LkgG{^te$VM=N9Z?*G6T4geW?I@eM96s!iN{m57v}*`5-yBDgY{YBrFWBP zg>ml(rPgBG0iy=D%N?apiRJ+Z#=en1O3BHC$i)evbS|a9RK(fhNImQhi#+L-NUd z#cM)WItsqkIhq;rdSy=Bt>I<_$AnRAh3FZpL95sxgmpzu#xzV|*XWi7E@{j3k8OMW z_k#-`(5^r5yIk(y3U1E8N~a$%6fa2xE+pf*u_WKiwCg`Qk07=dDa0+~guHYk@@8W< zkXDCpE&=MZGj51cOX6U^uM(<{6HT9uy+U{fy5ju}$myt&0?f-;aMa3x?Rux)Y0sav zO$lnmzqk8nUTD9;DD3&Ts0CG@9?`@Wp$ba28YU$++e z+X4eq)pHk%cUuu}t4fQ?(J(@1Vyl z5vSE0w+ID+(dwBID96S>Qu#C=gHNY{lUNnoM9|Kn890`IR9q4{Cez3h;cXS^`l=4b zvq>%S{OKm!AfK&p$jYMGu~iWNe0gL{ASnGD!Q+=dxe-ZnmNc3V+8nq~Z?U?aLPXFI zhy&crqzFkuL|A;e)qW|7L=JxmmQnZRS@OC7fjPfoL6YD*W3U*fJuV!^zO2zlsWVHX zc|SEqoM$2szj&-qNa<#+$zPIa#nMTQR6AYC#TPX~FhVAe_j0pOQ!z9K59`}Id7VbJ zxEBAE#@e6EvM=D!p9eASP_4*^hotn7ix-f7pze*gZeJ?&JPYB;7e9N2BeKcG&$vI2 z6}Vqk(bAt^aZE8v%s0dI;;9DTd!zXEahV4u1&?q7!V%IX+baF&{250&!jYeo`cjFN z`AAWgh*Pezqn)az4FL=!i_=E`>#1yJPF+RqJNs$##Y>KjyDC0E9 zWdxO+Fh}}<)kVfG^2tXe&NtQ1#ZABK}Mt!UbVfp|ec*Yt+nafqj2Es%#En06n$n=R|PJbiztbLCn#sZqn z;KZElJ!s27!1g;}MwGXbj_un2%xD~_e9AuW&1vKoS*zMnty^6+;o_%_tN+l@17SX8 zgm6qHc|IHqFRs5b?)ufo!>chjYj4yKbtYyLJ}XS!V@QS$JaS0;*j>US+H`*Vy2L5% zCz95EPM5am+ChqX$h{P0ILsAr6 zd7gArtP*QedZC&jOhZj4OVJOOVcysQ;6g7fRR53Y#+NcDxKePrnnc%+n*b|0dJit8 zaR1vezJYWfuC^H53kXMx&uht$XClduwa^CTeIR3 z6#dDB+3>-6MVHUm*ssU1eME@w!XZ{so0_54$EAqvAy|)-s8}Xr&H*Z@Ba-j z!`_ap7h67rWs|1W=tPW_1QFVGD3whukbf`G0>#E4g+F}ggg+6Qy`nfTMp|b;_%pQewMr|SFmzCkxv%OTt-{$DE{Cz(24qhx1aC zm%imOu$ofI^UWp`7kSp!i-3%SV9_u{1Y_1UL;K>td}V>~H2`1*NAiNtF$(05y#Zfts`mtNijNvn|hyYOx zwXGq53#^cxWx{8u%|(XoK_%eiwPf>D;&MJR5>e;9T6PAEaUfQxw}*zh0oyT99$+VB zYggNqfV|4uK~SQu0fVoJLv;%v^;U5!yMx+*a1bWIX; z*PK0o0;@HZLGgfObz1JexMiXZz>HymIma}>SCR65?jo^90hgxuJQMgNWN8*oVICw1 zxK`*EhXU14u4(QT64N9g7Sp2!MvUHP? zwlE4_2)e2J1HqYcArhg~rW;74MsxrtdJMSp-M~2^YZqz1gJ`+^64ZdbfcKu$LN4C= z^rbS=z*QSh8rD;gu$;Y}!fyUO)Zq>ua}Y>4dI5MwG*}*Zyo{e$^LdK`$cZCB@!k#M zvuI%|K+xeaQw#A?3My|8#FdIqedKK+d zU!_~*+ZGoSYxzi4ID|;dsFR7J*EP7!wH*bX3CbH=St~nH`=O7aT7n+4NVn;z<;HZP zbis*HaR_-l?=mC!=|_{mp9B(TeFPeFDw$VBrnl-3_h-GBrO8@QVvKv#7c6wq45t8= zPUyQ)kYjZ}?5)WL^XgB8ifWE00$n;dkP~WUPPo#BT zZb6(bGmn%@5!3-WbD0Z2L8{HI`o{`en|#~Ym9)B{_-lMF4>23S1ghJL@+ zbD@B^A}g!Zw@>4UZ>Ap@J<+L-(aUz^Dw`^3M$LDmQp8`|%Tm)tOEH~7X9(^lMZpsa1IlOiIWfBRu{2T1KKaM-FvXl5x(NooKCpFZ|& zQm?Wxa0ZX^xE9vx5+brIV3+C&+NowKk=o=!iJ#kYx+$4=aOFh!{FxEXcqS(~CB zOzhV~WUv9;qR)*3&IQl&Zg2Yy{n=h)b6PRdnW~6p-pu3ZKr8TNctxq~Wg^n=OB*1z zFG`bUcdHZ%%uPHU1sX)!5+g42VjhHdK*r1ly6G;{zp*JLr9rT#5%5zWO8>@enJ9w% z7Q<8-Krh?RDUWqSu}FdUl2&&tQwkY87eD4Vr_3!^v%!D`b4!6hlkB4w<^edwdni65fjha~4wDqkft)p8 zODj2};Azll3Bu$bGyETecNHbv8q4$ks)3)LF_f6sN!RXDn7MvJUPt1x*8lpWR_lA; z9>?E=_skMxc5#}!o>l5ddPp1{@!{NDIA@^Uw$1S_OYVhlwyxLL2C_TDmWI^*amnCG7(bF8P+CQUlv5GJUSQxN zF(}iz%goqxl5NHD%!Qa~jje z3(uDKC~f@(@8==rL*OVQ8@WxU#kIfz_GT}6a+r1z^If7Xa+q>J(4IGVkje9iAICuS zc978mUENq9QlUf~Z?0QcaiLaMhBPj)@*YU~w zjtd0McumfQ4lHts*!>4j6E*deSd`8hW#y*gj~-Tw1@8W%D*r$KBxL$)3ZS5)^z_OK zv9zcQjn!nkEYgsEgcpQcz{G`Mj&1xXO%P1^dkqY&vnw0IPfOnA|?!0F7RqhIU( zIa+Rgy&{TvUHl=Iz706SZeD?LQa2S=2yp~-{&(+rN%MZIf7$LBpLS{ewJlw*E6hoq zWaoiWy25E=KH0Ou8_%il$)+B2Xd#|reNb#&R=Q|_I`99wDTq2xNy(GaFYlY^D>Nkc z=2nce_PERT-Rjfnpmfi8>*UA$+p*6PLGs!=z=~MVoe)(-M4?a}0l58qp|f$6EkyO} z+-KL!e$K1YP3<(jTk1W`ZcsKaw<$2UdSru$9ZB7J5M& zi*Vz~GENof#yyz8Mr>Y6c)fN?^I&RJhGEN*N~(}58;j~gLZ>^g*;jJWVu`MzjzNfl zea>Wwj65d4^r~sG80ZR! zD;^!YY|j*YyDTS3dmB+EQ2ER;2~~YFRB*Z|MHF>ZnDDF4_%-I40lKNAPw`F7JNC4g z|00<%IUC9UQZw%%U5Y3Jo~PEWkFgwPt|;4E4z|ipB)x|;bW@b=-wVMCu4uP5nyE1s zB9E1jv@wI{r)82O(@>dcy!GvVHs0hpMEJ8cq^a~q(y#l_TY|K(=8Sv6pw}S0*1a_h zOTIK8Bt2#gl(b9w3jDu5TmdBE3#-rkA~kJO8cd71S)kRPU;O$Te;SQPWc2HBA*AfD z=3oEm;yAF-J#4eM#pT~UC4Bt~Jm!S_e|O{m_=H%lyd zfspn>8?42##nFr6;=74(w7&@_tk88{l7lqTVav-xeL14-Xh|sj4L^%sL=N}9=1XswR;8}j0XizWyttnMCsCg zfK*udPN)V~=enS*P6c;Oh0oO2w{0^mVLDZN8=~!A`Fs2?hZltNRT1v_sfv+H4#<>g zFI#GW;3?%LBwi)(uz=Q5m~_qe(zWON9{F$iq6j1##$E!4>Hz@CbeN;qfW(oCJJ&e8 z`A%I9a0Iglo73#B7!`}d#aR;TvH{Ii8%M}G#m~_B{>awgalQtZR=emuc(1oMo2i${ zx8^!nU=_8;RA6i0E!(mY+3WmOn`| zolP!CYzx6{);{VOuTX!E_xyUu5>qI6Yg(}yBuYlOnCGI(Cj~T)*PYm=Yr4$e8C?2q z309fi!zk*+H>YN}RWyO8V5@w0Y`Usc{ZS=v==@B7^~kVMXW9kLaU&;{YK|W{*(kN2 zYv*~qbUo3b|nCc4@k4We&az3Au`Y&9OpDt z^)wUEV=7$Wj(h08%?Yh$4&4~!z<(xa{0tZA=R+sAO%C9U*}39*z5XlF%>>wBTZ)(EX?KpE6S{$lfti$`3*y=r zD(BlGRnk2OMPPY>Uc2W`pPe4xECk?!#>nIiY!8xCnioLR(N0rIe1+SM>c?|d+MEY{ncU=^R_T6E%=Zs_StITih1(97npI65eL_5Y3l<5U^|n0NGlq`W9^poy|22>MDjY z{N-FAIw7&6hK$^kU)LId*1}6mNu?~qz<*7q%{7`*Y<2Xl-VC=5?9kPI;j#ns9xzfN*nV*-ders`e}b-P`lbbp7Dulnm z()<#eZ?gs3A-$8)y=s|8I9SX&h2=oHC#(Ab);RK{Op?01H&9CU(A9j#dp0L zr`2sB^8DsaL29Iv_cavEslsY;R||~3oFqA+80S9xviL%Bz@%GjWgaA9#Uq=*9XfJK-h$je6u0>^y123n0@J9Y- zx5aiarvnLjTRgun-l6OJ1UWLWao+&v4?|F*(#@Sb#>ZQcYF!OZGG+=ZS8JHfgl*RR zY>FkDe~unU;<(Le2&`4C9cvA}jbcKJtc6ShaTT-*%!++t*1>o43gtQ%?R<>7=AmZv zq-1$UcQv%QgW{}WO}Ib}tb-$ZVl2Ph3e@vMWk|Kx#h_*h;RkEvHy$uld;6Ipm3r&8 z2`+YhgA@^yp_4ktFwmuOl{(p8;Uv0)&(l?Fznqk%`|9b=bJl*P8-q6d#z7AoIPwkIJEteRg@LyV^T@YO(NnBS z$U>3W?S$J1@9&H4B(#f&^Y#KOkpf%njy_4b&U`u1HMnbe{=t7jxRP!6- zH%DT2=A{%~_g@2-Hg{FNVl%Ks)A63pixq7o!TG_U zu$uSo*M+ry;w|JARygTCiGUhF2Ec#O)v<)dPk;dRW5cwP7I6Uy8NK`CF*I0HlvQj4 z*&6g{@K75oWLOlf6Q$uxVNhMIVx^4$pw#VkuOqC4kAl|3s3`fU^IBlwZ8n_^&&M+7+r>S`4%vcHUoWRQamVe0;*MVoHgSAA6F=V6atav{G@plkfE1r$+N51dSYIW28oY6hA#in+j zGO(FFAsB5?2Ve9J+qeDS&*om-an29&&bUwc)Bm;cvmXu$E|jwiB`@Z0?tVJSy>0H; zN6exR#%3Gdiqk+UwhBS!X|4{ThsHhDd=E8gR}mM|e|`44V-OwvA;|F1gVyv?ecs*v z=MGr>raz=Dm}X(iQcQ*YGOo)2ZzbzKY@hJ!WIx6Nchv01l>kf9O$)mjsD3VB+rxA_ zDIuDvNHDbi){M00RZ(h;QAj>84DBh8IhS)@@>-)>ToHEH9fr(09#OKRYl0TH=9`^p zr^vm0nMCnA4rApPyqv?@)1aEZi6?mrxiFlgC2;KxkAT#0K8Ii!@tmm};=O$EdEK&l zr83dM-jpJa@(IJu0i~IFUD#q z3}*_dXBWJut-zzHVSpW;Z_{5M+8HslB|7T-yjBSur+bM)*TLNTeQu}a$0xO^6SlV( zk|ullPj8;iyRD1%&RaFjEPh^peb}&bqL|&H{$%|~^-}ZtGT2H@uGqwh_@{^@uxhok zZY}$i7p^3RtEwOAi?~!Nv>a*XZo58wDFSk7-H;n`zib@|#j&ML2o#aH^baB73P~>Y zhZO(ItK1q557!~!qlaKg>BlwWAdz|QqbO&?A=wB^LPHFUZdjd@ zLHw0$S)mXvvHvs9i_x_qr^7pS)m+=6B&si#EM=}WN+G>S*)$);w#SSfgN9ZwY{>-# zro(waIkV%Y5$*Crnn=qF;VmCe`cl8Az?1}W1C~$r5*mRO(Lr6LY8{l7ES8Z}D5 z%h_5w?L4>4U|ylE`HtZo{e?IY@+$;X62a^}&Udn~uN9L;f01)Lh&NOT|5{$j>ztlM zL*bAd@~(XhU5yk_6A&?cBs;jxu?U8ZmLF-a-z`3_%yL2FB+8YhY^F``dh5DM1%JUZ zesKx75&(H%WR_d)zF$+tQW!~~&iROBbwayS`LUK+J>_=p+~(<$D_i2-6^7ZP{@zcC z636$KE@x%>yQ{iZ---!5ZGR=@>tima_}XahH!=VhLO(o|Kk($PhOu;i-03tEsoQ&7`xeuQo{CtUr5_pWkbNSJj8;I`UATXOR~-Jx>kgRc5y zu4d=;YG#CruYAD%1(tap$@s+c1V5mk#w|>%OsriTU6%>Bj9{o@(Kq#SRHffLUHCd3 z%I?2A=1e|(N{5<1YdE&r8+N=*J?7o|0VYQ&@}prl@3+!0(%`i63`YKHXh36#jVY%W z@SQ56X2N$P0@Rp#6;3N&(!zvH=eb4cKZwikVQ}%3T@3ja*G4uf@iAp}V*?22XW69-J=0JJR5io~LYM6feOvnrHObzwy zmVv*W;Sk;iK|}xzMaRJJpDF(q+V?QXnEN~U=}>=~o;e8oIpR)-AKR&HrMM@Cmg_AOsPI1IfA-G!$Zdz9wU*$NLxRmq1!^ z12SMT#rEMonF@A=CBA3|1!A;-odK39+{T@h3JId+dw{z_PIw9B>yrQWldh7-;HdUZ zO-xKgU$wcN_f`m}(PD(li&k^(WD9YD6ao>jc)%Q9m$7?2hyYQ2d>c3Sv-a!Y7K?;e z(*_OkYqpK`x8-QFH;w-8a;_aDIEZA8=q-?RYXi0e-kNppkE&cg27YJ!N(Q zIe)J4?J3c3fZ+r@E1H4|!enyx1eoBN0>2Fe9iw^@56^LQU&JSuhq>CW>pgcUpU~h} z(CKT_e54a~1!>1Kzpeq8O*yZ;b(|Cov8;PjNC#l&O2rNYNHhk{oX%sb$^8{z4!Fv&teKBcJkklF`PiIF- zQ?O&$LOHLa*ZHZiydoAVJbw(u&f^_e3wX81@F_m;&7cM2#ipR#t?-{G+d=%bM@w1f zY{PhrJHNrlJX1WNyFEa#j$4E9_;poCo=r;?ycCSs#0(be zTci7kye2GcQxN1$T8cYJ12a==WTLptX7PdhDH_NN!7!m9&Ouv689@eVM~w(P+@2p; z8O>mYu!^xc#dF3MQ(inbX#F5LcWjx{Aye`yw9%OWcWTtDwMRM1!RJAL`R1eV^r$n8Y5>-giR=xvL`^L_8lMX9a#rLlNJ%giyi9(7 zp6QVw!l)ty*EgX$Cn%JAD&Jsx00| z%E1zbnGb4U5o~8Jda!kp#|@4 z0#SZf1=$(yD1qO;AVNv>J7NT#EAP3^U|K0j>1=5SURK^}UWt8$+c@-^e0^fsk0=rR~ffVNxZSDdj%VajWy`nT^GJ5VFW$WTY;R#V2|@yp9Dpmc1&*D zS^WN_Kw^4KEWFjPZ{TK_sLHmcu?(`_N|?yC-k7M{YGKZ~{MP9|EP%vsa9T0~MP6KG zyI;#(0S-zAP&yxNI?{;zdg%-ohFjOsH-DUadX4W9Vj$tGbo1PD3HaA$>&wp}k!``) zC4qMmMMGrAHO6X%97%o%1v&6qe*#LyNQT|LOfFZPGoWH+07}hU4~4oCb4e zo%3Yl)1xB$ouhT?FE@U1BzTSPm&5aRhSkHG-%q!JCM z-EWEP=ZNJ+q39tAVl)0N(-9s+1LX=fX4BelPxD(C{%ExORKaZfe|Zcx+NbI9Wib9% z)iB(K(52ia6j(~4C2_x}I?B^{K;bx;IF?5oCENxm-oFjc=?j*<7V zaQv&0q-%v%^Uq(hys!SyTm4hNC0MxnGy^xX-tcVLd$0ONFUzT4ibBZnXlqiBoZ*^; zgrdBKUoXeDpW)reuK*vfwLhhI*GMcP?NZ3BVocRt947wrDnoa!$)VZ2M4?^RMIpB{ zq7q`)&lb<=R_46?!{k&+t1~2_jwY;TU$z^Pk=6y{u8=nwmXYaOac8I)nyU z9aUN^8;)gtEWy<&Rh@e+} zkjtFkhoJP;lNoBoeAW+rr^fhU_BD(2GFE?vzKvMes$#q%G=D4or|XD{_<>t6PV`WZ zad^VG3yrVD7}NE{8VlJ^RiyM*Q&g_{+s;ana_f1iv$w5%+P;@3r%11Tw3-^dvB)`z zuejkN{j63%}Gx^`BWg(Oln&(^Z#jD6oFsV6-N!%*~8nAK2|M zb$;iSeyPoCeW0{4n(e`a+4I2hz^i%Hv4Or}c3|Hvc%Kz*{xqtG-$&#%KGQZ@0)*sik`M8FxR)5}n zV5IhLO+ts$zYc;zOx8S_MAhPk3yCjZ_|e{jmVN-DH)AsdSyf~Ppr#<+B@-~%f&hfC z;Xtt-0E+xn{3~!S4hz)0i{M;w0!6M4?iE(QqO4i2g*zimrESEwwMjXA&GdRT=pw{k zHPm$Eeq#x7GIv}okHLGn8alVA6A_$ZJ3_GD>#V3<)GUa*;Clui$>Xf#uncjL;Ma#7W)$F(A>QfiNE-k+u2vB^qt7MMmQo`vk4bB>xV zNZ)rguK4+KU8qK7nbchOna@#`=Etf%ol^VcF7X6>b+uW0>hAHB!^%35ig3G?70c5~ z&aTg*%C^+zZl@9tjr8=$_hTsJdI|qA)sJ9uG1JeS8;iEPLYii# ze%D5DwrWlcthzg1euKUy6)K?N2p(f)wCtHxr=oYw%NFv|^uQa-3LkW8gyqi>bFKtE z5V802MX;zTbJjpp%Kfwv;s54M;rxbiUO$1}0EDIK#A9v4wzDbWJk>i$qPx=Tr3P`l zGti&dRZ4h6u_<5lti$FEzPSaqo~L9?Nl8g)NHmzq*Epv%+`GcJCrM|*_|G#K75*t~ zzciD{U_Gp~XT8?(P}|e%Y22Hz3(OBW1bFFQj8Ionk|m9;b=l|X64l_C-%xK1m#=>J zbJc8@+_^~KxVo9NYCgc2Az^)oQ(7LNOS70L`=+%P)i0M~n|KJhFNu)Y_1lD0Gw&(( z=yxep%x}w=M81`eR9IK1N<4EO8Y206e?h=3*fO?@62O?6l7N(4Ew1 z=E)VSbhBSJY_G@m91kn-UhjNAekLIIJRV{O&jrgjr(= z*@O2m&SUImc%pxFs z1{hC_8Qhh~es>x-UV1{ycg)-Cwt#DHfHbF&`nIPP=G-Ed7vAmo#jR$R4ZAIry(m`A zbn#?=(HwPX|NXFS?dS#4EAPxcC!*j=c3+~<$)Q$*sAUex>e-3UbWB5{d+Y|~zw6a6 zd>9Jc3@%Wkqje_*RrIr71meLEcp(pgy)#`BKOb=uo}h^cP^pu&72VGx#0E*Nd!V)` zBT{slj8F)2qgfRrSi6mHJ!+3&i+x80nQd>PV2FeuPh-Z^v zWJ~lX%MrL&U}G{Pr|1Ig;~14RbYE>rdtdxq}vT1K}u*L!EGdyHpq3g`Vo>{SjBJ&O_;OY}EMvSj__uhdDioR*E27 z;{4o^T7PW>L0I=o-*43YWMRpq0j14MDSs6FP=DPR*X(DH?~&^m&TLCf=t&WtmuLLw zqxm#W&>|rsw>rjdz{1MUmhdv}d|9(_^G=Mqx#OqSNX4`Tu8RjE>te329pm%{&Zj>; zOFlOx<|dcthU%EJotU|OnaHxAuD-k0#rAVTj__*GI-ko38S1QguXZMBpJL(ow9M9B zAyN2|d%7SK?bp6-bvA-$9yCX9ii4Wl`g#nmez`JVPTnxi=JxPmgv!AFV0J4>nnFV6 z-h1257i@MVvg>Xk)@A;Ws`rN!m{V3P z)l`ukWpkAehgmn38bavlp4Qu-1sv59Rx^I=o9GRa1f-`pM6R$fxWG_R*cUsfq_eX3 z7!*r&3ELp-vDYwuIJ{qjgN=<{Dt(u9&zQBQTGKNlcNv1)c%*io`Xg%xd87xD72v<&B#C<8TnnIh3z+FEb`(vPpeq_;g zzomNYSwe-2Pe1)RvBU5bTa1^Y+#^H zy>!=vYl)~nz?hzrjCM1kG;W}4vPaIA+7;WJMcrm$8w zW*ZK&Jv;lp*SFrY!vFA=gTOH1+A6PNRG*V#`{yho$-o*W21@-OK8f>}lUf|8j@AXM z6y2u}Tw@IIvXQcTRh^!Wx!X}*6{j)R&8&OR9Z@7)|5+|JXM#y-Ji%*B-AlTntvTSu z2N;8*ES;uq`~#iC!h<=#W%G`4+o>UxTSErAvite6Ui)81(E$f>8I>!Sf|I&rmbZYu zyu4p)2}FSYScagT-eaPn8aA%`)#qSTnAxJ600Gh?JP$;U4{g`0xh5N6S{(`(JzUA; zz&ZnBR0!g$+eRJMg`^*8wTmRcVYt0wN{LN*I(eAeNA?1TGf=Nj*;E7^{9lq4KB(pl2|R3G8>rtKFRbF(wkuQfIT3u& z&^+m{R&6iV62;`@a-!|-|9Q>XbwH15b^OuU$rBH8x}iQ>)`ZbLumwGpHZDKZkkaD!`$o=G#C!1Kj(iBGS{r=f~Y+3w|b@e!o zRjV07q%TI?)VNvgX5e^}F8WfaD6Ocf&nE{o{Cfc&qa|OirNFiI2YQ6b1viR zup}3*j1Xite;lj3f6FT4saiD&QL6-q%naMU*RF87H{ecoMBHNi_WshkoIz(YN&iWu zu9#WJeXIoohmQf{Y}v}0zPrzB;#}{QPI-ARZJvz18G0K3^F}%MTrfXDG4I%EMU#M> zw!7I`E>Es^qX7CE_jMPq?wKrlV~>HtWK|$wx)Ycjy{6NM6_9)apwNtwU8#sxe1K?Q>-<^`+eW- z=1GtAFU2ilX%#!?;M@m5nk*HImfAAAjP8%3;}Xiz+@$a2+%trRVzLKZWzCU%`1%SG2%l>n=YD3bT& zbe@W*-DZ!kw0N#6+PZBxC}P;Q6Qi@y=8aNXhjktyT_WXCwy5^j?dZK>(tcrF9Hb!9 zTT9nU7;h+*mVNidXopg=nrH)cTL^7zm+ey*+T~~tm*MWGSLwO}92C-dpRSU4C5BL` z*xctgxfQV}cc<^Yah5-bxPhTz7}d2s@|2!5EU0p+!?rAyKISzeVKJSmOi(Z z&wXI=zQ!1Vdv&Q8yPKHqzM)}Cf`P_|TOR7Ju8(KhNW=cX zG`0a7a9BY_bh$;Y@!83tLGkg!5Xb~uEwP-I^+;z}fdHU>GZ($HH+nMGSAJxcTpKox zry!%hGIb(%wbOm)nXE&Rq;WN$88HQmK^czz!V_sZgh^BIAl5|=@whR+qH~e2P9HX> z-AQ;r^8LkVsmujvx35Yy&Y*$9DXwr4LQ$ zAwy$ueslT2h2?A>t(+oStkR=f-cs#G-q$PdVsEZaEH>CxY9&((5Gvorpw}B4>3ePv zFW}hps;RQD{tH`Dj-Tx-6Y|R!6ld5!>82*@UCnmK64WB`u|L-^l$M{^&-TNbXt!ze zf(L2Iv#yJdy}~?1B`za4)l+SWwjTkQNoz>KRk=E-jKQHuul}l#c>C5pexI|AZ(lW1 z&(znHgo-IpQayJ9KL=RL#`}zakWgiiqg{6CS01*F-gWklHoUcQ(Z^&kcW+xWXj^wv z%R;kd^sCX{`1YgTot+qI2}DW0H-%eR3E$~4!POJ7HNh&qW}S647i)*J9Gxyo=D*rS=C-!6n6oq9?&Ojyqb`TUd(qzOS@ysJ^(z&qPV45lTzg zS6Uy|lOmr(7Szm2nWvy0e2wzrx`2a=q=gi}g<+|Wt<#QCbxCITgRmUlp9hYM+IjJ_ z#rAo#eWmw#I0?+gRE`_>FOTbHkp{IWz2lsV=!gL?>2xa>~#c{80 zE+*qbQqz2Wmm(HRH{px@0x{L85Aj?3x$Zk|EpxNv7}}_<3@>AC7oU8W^vP>abI-9k z5A|^jJg1kJ^)jYc+#Px7v@F8a5=ygFlGmduwTx@Tl3^y}z$2M(Tzrtogz(Hbo!s|g zaQ$@e(7IXgCTf^qqiAFIhdEy_m9^{70m{?U02lq>_~@F>Qv$PVZqx_WG&e{Z2ka?o zCkIGqBNlDwtT&IGjzXV>!zqWf$2+^?k-&RjSGb#oZEbIr=I&S_ZB8mQTJm=M}$s&o7EE z?+5JjnRHt0KF!h2sQMyB6#bdDaVq12I~!ct4z=Ez$Ez#4)J{T0xIWJ0zTf8d&wW5} z3Zl_AYJQjU4cUN;{hbk>F45`2!q+2hx3{jc92d6<=RH`?4t`EbJoe#IBD55h*+on` z5w}c(xL$T9L5E@@r_+>j0|jqt4GkgP`*402Dg|2KSY5-EIN}A9Px3mshd+P<_XrxiB26$mS6p z8(!|qnlI#zF-wGRtIz4+v}C#}Id#o~_vN6-nt2+n&?VwU8V@Y-$3NA8^X4VZDvvZ6 zwveg6s@R(!`Q3c(Ua8&AZ8}1R`&`ek@8`-L@s}LaZU%%ej_@w`2~&K3)l4a0;W5L- z$>3m_OSG!a9Qxs^l-1Q<5efN;X54$PRT>SID0FLqfnk!_8# zgir>gB4tBGCj19!TD@m=uvt zN0;!NZE>B;D91q*i(6NxJ&xVMUGgg&LC!kvW}TR-2eDT-dju;9j;7Xe{aphzh6;34 zuQ-;9M;zpK$WIu|38ek>9%%ElHW<5o~`r|Yv$NeKE6^@zfI)x7RhNcz$40LSK9Dp^3kBFPFCK0 z!+GnxUEPVX#g?(EA{ULVgPBz`-G>CK`u*nD-6N{R-9-?aat;!1dNolohb}skjdZ*QW)I!$nng+p!%CRk4MNAa+>l6uJYVg*noa-Fp5w80s)F+)eKRNS7W34Ms zWhavY__RNVo;Z{oIwcspx>z4*C85nmR6RNjx0-7fyCf7GnTSnysQ3 z=N(Y`=WXkM&UO299?L|m=hr=5E&c!Ji~s(M0upwi3|k+|@BVY9{6G4wG74A-R#Bjc z2Yw%g{r}@1gE@{58Zm_lRT2aNK_uE42F}kLfJBZ2yz7rV#ur0{G63{s0zG;dfH3ZW zL+g~hS^3`|#ou4yLPtJRA2PNlO6WnVaQyYkLzvnab;b!DK?~y#1eP236Rer<;&c~) z5XfrbJFP-2f6mB{&IBF-7P z3B84ygE|$Q;P5?D%(MbWoI*MoP=cHJ7)| zCpasYn2%E#CsLTMfW@-2)^1f34Z>A|FdAT>*wQ~lbsNy~&cVRApWJzODb*Ij!b?GY zBoDPaJ?Pwm`Zyq=QPcOk)xQVRe=q-E|HNE#s3X?$P~Qj1=O^Dukl>t*#|I^ZgoL0e zp*JA^8ek>T=zWUu<(M^~u7$xWrVV6jH#c5MCxS;42PtJh_z|*_UUr=$T8AA-nns>F z%bZ5>^Khrx+4ks%OF(PYZ(87VIk4EBk`n9x0m^Y9`?WYRIj}j}oPdjP7GMRv+;eDv z=!!TnZr{V^WD)CBjIE}6s$HfX`}S3}6rQdpLDJUSQRa z`4Q2l=+(NB`F z27^2g_(81W2nd_M)&l6w5h(Fi?f#rd^>w7lzW_t}XkXBH^*Mc(x+>$q)v1U?AT~F{ z)pT!%kxN&=frukn0RD+jMx*rD0R@1pT#5oMRV#E~uRg7sxj0ulY<|ow06*jwR4R+w zURZF^?@VY+&WCi@9IlUJFe76C>`yD&#_wrif+!<=9$#YG!$ijU93;Bshm&t!y&G|@KKI(miKhwpMW1QC z=Y^%sB`<{kJ`e@?E=OA$dZg3xQu^2{{SuW27w3({FFKBY&`Q&|fbxR=E?87I$UHXc z8`K>%>S@>~1LP4t&>587C76mLqP0||l~!~ZxQ&z+pS{^%?aJ%{HlK;eDUV0*b^Z+0#=p7(Rq?XVrpbM06j}L50l2+Dr zY0qvWy=g`E(4ZcT+~WEpPiCenPGCVlmq-U*^)Q|XA+^Cq0%WmQWP`UDFuCTRc5%3_ zPD0GO@DUFd=3_*X0|&_b?ssp1SdJ7iJ(S(I@ z9S`N6a8X6s91LL(E*C3ZFNXB?VxG!xaO%EKBgSBByzRjCkwf|}z3|g& zCQ&L@n%w%h$<=2GSX2&QsEn5^c8%YGc6K=!2C0fbdRRqDH1YH!JU3*$o3Hl=a9XEr z`q=mJXulHH5rb6PRq0Q!jM{fk|?lV45o5fq#n=VkOZBFRhaG=uS#+r15xr4-%OBX1Zqx3Cx3;46A zfk)9h-VYnSl{unVE(6(X1OyKZ5SzY}ClBVGW&K3z$1PpXRY{uu?k;&oRF);mO8bDe z08g?YPc9oX6h5*WWb=n_1ht5sbsF|kESrISJRt#dhYPp=@|MI@S*zf+l9 z#=yXcE7jD6+o{ty?eY%Xjk2u;6Xz-axZM|9`mrde)Jk%1>19=|EzmRqahwIawqfe? z*j&=#iW84H>vs-XYlql@URqJAd6)W1V!CB8>du16J8dYB1;vaxv%5S{xhr?A-C^)! z0R10NWZTiNX1+6CGaK%TnNz={FoN*v3jv0Gps!I!3}0W?4?hdHl@2pf2Ld|(P7qC@ zGwm_*L>=nuM5Rh6`4F2p`V+7=CypCJboT~0PX`J-`m;eJ48iE*YY5K->T*`y#MNwG z+QBGNjhxAxMYbaTrU{oO&|o31-U@Cw*?5YaEZ^W1wOx9Tq6Ys`9<2Na#Lw0qW9iJ3 zmeE#S^M7t}X&y2=h(&ukqRzLxow)JFnkQtIQql%AfjgpYNOr{JL;_W56fVXL;9gTv z@4@!ilRZyZ5RVFXh-l$n+xc;KfqXFWpY6rp^+qV2N2O#wl9UelHP#66QWjwjTVLBd ze(nfrpN$z_Q4&vTyvcg7U*KN4q?*)xpaYrz47Rzy*AbZC=>@*?2G7#SEEA04`SUk_+h{)Sj{N#9s=1&#WySIY(p zEp8Hf*dtWF*|}pU{kn*{?RQ7$8YV_|3WIo2=%eMUOl`7F48oSwd*fwZ0yLpXw?u6c z{L5Spt#;=c9sLlSz!Y{EaO6Q!(0d6YS7 z0_i&rf=*0X3g38M*}MbIm07=qL)4UY^+of$eu;!d;4Y=ftKN$ld9-2jbsb|qQ@F^B zp65uBqnd$GB}8G=VZ8!>4*y?s&%eqW1|oD{p=*t$L>C-4vLn~)i6Dz4#P;Zn&TkT` zl`x7^i3T3Gdj;wqwfmlv6hZz)a1Wfyrk70$1yf?{p9nlh7mJ_?H*K;ouV?Pe-VrS& z?rJcu3O`M#*nmY5x8ppta;gYb|A)&i(GA zg|GVq{L|=Z$ZXYrc?>oaXf5l$3H~js{Nfw)vg zkBx3o(v;(Gf=l(z`(2Ru-vJUJ8(LQZ7elnJf)Pw1{#)52VvCFUJX<4asfCAM_|c2G z-W!h};uvw5aF~su0=JGMBp5h3?>&#mU}v-iABK3RDv+O$)ZzPa_H%pU_XVR@*FsypS-z#6*P1z9q;Bc994THO zP^=9H=|`C7(3YaKA<`ypBkg2k?vbhb+WkYTmOsh1rsYi^ELujRj6UxDe7b4qIK8}| z^1|cT$oA(~&3zdAINgoq4vZtH{V*H(T#Olp^Q?8Z>p)n0(-c&eg_awMx)<6&Mru}h z$;L%r91)@35Z5Omq&fOl%jb*{G;?pQ-x+DCEr`dPz0lg$ARDg8gQZlzt0d~5Tf4uH z!Y_A0TfD_ouauohM@PpXEG*o)nCQF)Vy9;#(LBbFvXO)PXi53Kd%C1I zSO?6Xc0@G@G0))=5DeUWKV4{|_W3jA=EoGpaMgD^<4i-6MXli(EZp1c)V71O-`ak- zNeY-gs;O}qUuAJ+4%&Iiy4q|XcF|~g@L`wwp;ufn=4}TRWexGMT>C3dqTMn_Fw>(av8eaU-g06jxTn>vmV+#gAC-n_(6)EeY5bZ80K}$&E11(|+2{3%BM9;=R5T7Z6BCU<*1gqLyPWd%{N2wTBWim)8mY}BI>n|P zwaeAE<*T-tVd}cReZ4Yw==Mx*qR=ee4n$ z&$9rVmBIU92{Zkv33HUJ?OTKZLn@^COm6*=ijEO^9}x`>?QjT>$h?QJ{DIU&qhPuM z8hI?98HO=&)vE!^5hma(EO}LQAaf0dxx>&d%v*IibgMGV>T3wC+<^K)ChCy?CuA~^ z^S{XOWSaxHZ=%iW@Z+1R+1Fu}EkWVl@0jfDt;XCq47{jM_n@u2;ejA0C;zm}eY{)s ztR++X|Sz>;%X=u!x@>Oz#QP zs!Ae}lL6n*0UhWO!Q}&hH>F@ObVeYeiIbWQwzl84P%VI^quHJhpgr6GRh(pwcL_%k!=NgX$>wV?v3^%*mALCikI(Q*QxmIss|XS-2_np$-fw<3VRI9@7I@wwm?-d@m$mmlDDuMqDftzl~^vv`m{DeXj9$kJ*+&kA4l|+=5K#pPvYq>6c zjx`Gr&YCG0Bux9lGp<)+50&V5o;h;QhJKP^F}2$O75(bt{J6?z9^u~3fhna`99g7! zbUG9^`J!B|c^z&ak~s?+uI3r53s*F1DSe|9Y#@nf#Uc8Q!SL2oBEOtghW@a%V8;%j z_Zyu&KGv7?1=qVx1&_b0Z_TKEWz7nTHh|JUlve6uk4#>|eufS7teqQIUW}CF_&7D- zLV%a2r!|8w9vQK@=QSQV7quc~_dOgAWrGdX9i^@FDvH*sb1==!!FH%}42uzp8;C7X zLw-U-kD!cMiqmXEwCo!Rz9li%tEa(iW>lYRi<3LP_L&<=YK3$)OWh6U)49Ty02@0{ z=MQZCKfQfrRFz%Z?IVJuumKTC>6S*iyCkGjTBJegkOt`%#0??{NDD}Jw{&-Rcb&DL zH_kWC3-9@J#_<>KvB!>e?|ZH5nsZ)rCKeXEiu({d%iD#?tIECjhGf%&K@PFJz|M>5YDI6!Uq+7za!0R8Mi%*j^^XKQ0x&WRwX$|IZ z-^_jiqp*qFkxMjPgN$A`SJuyw+@Mb(kU33Qd#6+&LlG_vN6>8qogc^Zq3gAk%c3*} zN0wuSPEpb?vk1&hz8JJ~t<|0}`sfGq4E;a>Te<&;lboteD@%3Wc$dL#Q@dvDp%(vi z=fQSQq#~jztL67QZl$g$EQ>fDY`bcXWuYP4eZs?Qcel(Q5`$ANTb=KJGSN1mQh9-CIZ2I7v7k#CTo z*?U^z0f&EMmmnEum3699%G%FC_?iVNx_xchXyX!$08+VRIjhPiAD$QJcMSEW$R=K8 zz>6&1)^1a;xpA|KxGFp+iHQA4dtSVByo!muQS5xkI_}_}GWmG|9rOKixT>MZfIM{x zHAe9Mqn97-bUk_uS{cTxb@t9%Wyt)F-G>bl7?VIrJD4Rsc&8qQK`+P;!C-VY$n;p`naaw_0i+emPj*1(0= zPQHDMMmmPnbAncIQVPle^==lAi}xm`TyOZL;NP=thp0=gS41;~Z(Ay8pWaxQMfSQc zT9|Vc`m1=JVp_pY`NT2L(CJZiQX1y=JX#?`x9KGGA9;&@obquV{9L9X+Z-rGLxboZ zm8y|1ramWjO?}C6X#*wJ^+fn~x?bEeN_>1vji(CcXvzMaku0F=5+SmD&1EYkou%*f=#HVL8V{*6%Fj#@bPKbX0fiZ|0H-0RMFB+a8o8=2 zsx$!JUuu5q^enlNVtRkv`|*8k=cqVI2j%pBAXapFz0m;P%yu8w-RWHaVE4*d;G`#- z25>76mb+jR^&T9>_c)=#b}W)8q(4opQT6|=efIXl21Ajyri8-xGLsaMQm~E|OXHR7 ze|e5AY$&ofl>E+}^B)gl1%vKP46e)kzs+&J0*!iOq8xCgpt=7yw(~@}BdVHo8<2E506OHl0RyM;FsuJL%tki|1S)$#38i=B(kz&f-`zAx7k z%x8iXhK%KH)!NRBz+4K_rDG%*b;?sC7=bs#2>)LFLrxD`K%c|_12X5YPJjc0r6i75 zITiT%`8jX^*;GFbyo+H5>DwklWI7$W z#x^wUQUAmJa1+FP&jfI(H6Y~_q}PzN3?C+N!nxt1}oOqKBf-*2GM zK$P2gFZKFq06GyJpqWZ`Nu!T}qXA%2sX-`76fov2KTZKXRf+ZXPDP*qD8CNf(5t?y zBB7u}11F&lSQ`T7>El78Z+-}3A2Wbmel%>93V;YOJCEcAvT7nyvLpeGg3MGTg;!h8 zQ$U5x^_(79hr<{{**eeblAEG7;=xNG#h=NWEi`D_;s&$vb0Yx+NFjiwQ&gJ^kK6}* z@A!4?0TpzCO8v@?y?2 zc%n#^SN!TmcB?n{zF3*^7x2->QfGjwGX_X29gQi-BbjkoCGxj{F99YZoxoan8C0Jq zvfgHkpt0P#1a-Rk8GB>81IYUXZyN=8-k-P>JVgAi>}t*&e3V_Ww2P;Nj*^lO=KGK^ z6+n(S(CkXUxGUhM5(8YD)(=S-KpmzPni}Lli>Y?AQ?=WvZBvs$oP>x@XxmML|LVGv zzMvgYc80-z5M0p1(SfTK1J+g=ur?H2TpGanbp53y0MIi4+6ea>3H7uD7#pJay$OoP z#KeU2#@+-9mTE_S&#Q6w-&!Cys=aU-hwA2N4S;5nnw?57(@6{J-vo9k!qaE0z-1LEW<3E2PPg%lAGg1&X z5@3yyuuqHuO3&t#r*02-#NJCWnwJ8Qu{V2IM{QWFZ2%oX5Fs8xXOeanZJawsrq`=3 z*V|VG9+mQ;4$GZ5dA`i3IlzpvqdTQi-HyI%{ zcLJ&|;&`fV0@C5uWRuscE*y)B5s{{2VA=&1f}{0PAA0(Ocy#kCNRheu!)&{%L!%E| zQ8(>sGgz>HhB+``R)*y+v|l~$lT4Q6wp$S6x4OE~G?CM-QS=9o8#%RsX{XQ&;Y0~gP|iAfv`c^rmAqbL*tK{#CP+dV;k{CN0f zaut$7@8PNutK#lNsq8K`YvB6k<|kV#zK0G3+As|Q6A#~TQT_LO_qH>1Nq1)nUIL$?}(W^XB zUljdA#bXP`d)<(v*x`0|EQ3!z^O_ktlf%*wYsjN$sK5}2>&kZrf5;h$C7BzSNDM3x zsmI>xf@BLH8p0)u1@{J!yd0WntiI$1Xz&Wy_Th&VAip(lysF1p=Q^=zd{!He*q;mc z0L%{l$(`hy#UfpovNS?7QwAy=H9$f$8K^BJ0>0clnk2J~JQ}$nrr(&DQ^X3~I#zwX zz#M2TR!VIsT^d_{>)|VAXT^mp*=N5pjTqSw{j~jD$XOuOJW;7g&~Gr|L@}L`7x|-` z8?A%3FP#~|ixl?D_FeqP(S8xnXdckMmX>Nky!z^MeP0oSl_(UA&Cq~t#!ZG7#*GSc zr7C{`u>t20%!38U4K~JOrKleE_xrtXnuPd#!DQ$WI%0zc?Ny7JZUIfiS|+eBqVvIz z5b|1K_UIYrYttb;5f&2rVehQa2=k{V`?(H_^y&F+wL`Cxm1-ss;OF<5PMFHt`5k_a zMp4?+D7$K~5?YMfzjIy9MLxE$k@Atn@K^#0(Z`tY6`RA=K^K#2>xx;5#}8yDaJpnn zgHt7K({`taHZ7?ldHctXYXPlx9fQ(jnatVeZ&=pya7C=!)F~nGRNRt_o8s+ucUP*B zYk(fJHA^VS{0BYu<7C)febi_Y;2)|OBF!)^tLS_m)UX*XG*@C!L0bm{>c^ z{M`4Trx5UAQ=#Tui1&OFAuN(e3Iy4NE=riA96QjM0kn&Dxic;Xm|;&85DL7PQBO0s+?>* zJb^iXI@sRq_vVDFrqxN=*;N1`LmEs9ZzvC3+7bZ%-vN3fj~ArE$72Nl?W#ex6f$qM zQb2bGOFvrzIxieQ57A^^kls+!1G9t!CG0ZD`5C7IlxB?J&Er5NrUL|5)@6bhYu`@@0dqK5xC8SW?S&Hl4^rZEUk#u- zfo1RVWZUuLTiw`cXxgC|hBN|W`Xbw4b+8BtFR2j}{s4nDs`or6cT?=3_w<1`%#oG; zs}UrVzfWMQ-t%##Q_EIvu^NSSpmPrm4gm_FT;*t0<~SAlTyQ4emn4{Z8~m zH4Z7Eh^1`M3*AZ;(N4@AG!|Gq1Nb_wy5+Xtxcn87QeRDiU3JEBeL%d;2t6o{Iq0h$ zUbC`aI+%baRpVr1!Uti*ln{J_J$pYPWN*wzN|4wydWpi8A2bVrCcsOF{fQf>J6wM(0nKg(2*t#Y-o_B4$S?dWs3O;AltxWH0N)EOg zSvk&)GrF%(*>Q)HRxWI|fDJ&+S<1LyobED_ON1&iNv~>#0A5fJyALGWi;sLQ`2oet!cja?|0rpZcpnJ|utOcX2={=zJiwC7*wqmdY9p=+; zx!G4a02~j$yt&*(SXB`?88e!&6#0coCIB#EoX5NXV7Gt~&$)Uv6E9+?xHAP!G6QKY z$Q#i8S^?OUBNbc;@B-u!?{q#SR89+#FDw+hFrWog-jc;BO>S6?6pgi{GdwkX^V!G& zpE0iOeq;D`*iIg9dp7Hppl4NXjPR38lhD))!@Ou z3QFmR_0k2`UP|yS2NSgblOE{W8-KdEZnK!f6OuiL{#h(hve*im0S>g2X1E zV$AF?g8-&$@6*vy=+V~VZVlV|D|aJz`O8{b4 zU(SA;M2~zQc&B&w-&?8^Jx~)lZGJf{+5w~^vVc=GP$X=>(n224AMZ})Ni+9@V zs(@zr2LyBiy$1|y_+>LIApF~2W2V}L(qX0hmsuY%HxL|-kjlD(z+4lc_~UsLhk*Jt z_Go>u3z+{bgLZqO07L>uGwSkqpZ@3&2^Zs$A}RT>sV4mNJ*e|qC{%x{z)(|d_8Q<^ zL;;KnCVH9f{<_2&n)7!&f>m+wsZ@3{Y0WKU~o20Z;a0ZrBY_B4sYB}gY}eZeo<0dao#Z6`iP>)v%9h&Ynpe-JrlPX z$59x7X-`Mb4}B_!ZV6Ji_xCH=mr;?QbL#8~z$vFcnevsc+#h6^=l#;#aOZvLef!kA z{&vLCddE7Ap$IXhnO*;|?x2$%Hpp~c?|}6ZFuhgzpp>-kas^}nyk25iC)gRN=i}QZ zL9M>%VZ6j7n4^(ct;B}&7e69J!L6UMMs@2pc5K;4*Lj4M?!0L*?0;N!J=L0dyYEDl zkgG@D*Vd6yAb{)q+EvRo@e>x06*N7iN@d`-P(xf*{Y)G=g==Kzr;lmma;at&RCkr3 zx$KqMY@q;u^#RgzZjCB`&(oNE^5q=e;U?yT0>R{_YdY!`z1Mt)J|7(}66>TcQf^iD zIp4LZ1s96x8W~*QX14sHb)b0PDk6P5_&oZcCH#lx!Xi%WEwS{VS)sAUQCV%mP>leV zvylj4#+_K|6(=%1IZpfW%f`MW&pCfMV-ccxw`+gwE~DrIZH^9+1RO>-mrU!QD1M#y>&5%b((FKvbm*M#Td4Xmt;L~ijQKg z&VvHHLl#!KVR&@9x!us~phBd(0@!*hx zc`Z7?QA7iBq!Zv#CZLQk#pkv_)&*c?9B9F0K(C8nFjX$e?E!sfyVbj)oyP`83i$<0x7VH3ULs1#?##@~7|ROa&wItkq<2PXa({gN1) ziK*F@$FcR@nxzqf)g_C=1#6-sv)RkXxn?0e1R8gm-=6hBkZ$_6C>{{7%=rJ^u_C*o z*hszg#qjF^JiqMr1Pff~Atq4Pf*jF*OfE(JvteBpTiGcG&~{J&vl$H_dMZ?_#XJC0 zGSyos_Ej(*xOz0Kg08vV<|D5}MaRu4zGeYnW6A9){xehj$MThc0$NKDC^ zxCq07X!X3Nv4;3g3|Hhza^kjD06RiQ=PGNu*ym7SIsP`-NRndM!lvp&9iP(=SB@X+ zPCc(j@|uRf91=kX*>LT?EM%*(5PQz>=$TEokUp3B80SoLj@?6PZ{F=@`wB;;Fj8l{ zQaVk6@U?+L-%SaRSPCCZrFyQm&2ce?$$h%Op)giLUKd#(n)u!dLSuj{cuqs58UCSm z*`%xZiMwcKul$)y^2qFn|7oSP(66QFG*#`dU+#v#Zuw#TT&{Wn6xLe)RLi6LurZ`m z1o1KWm|*#*R`2}Z!ZLdh7G5<8##t%BpwQH>KZ{WN(wy`(g}!LVPiD#&Br--@nYXA37D)eqIF zQ6`ILh%S+mTUdYwU-8l zn3mn!Rw<`7x~fXEj;o~Oxz!)fDVcVaZ1$vK{+U>UaB+d9ck-Q|Ic|_vCxwCB# zIK^(j&kH}Dwm60T@?GN)2lx`^n-QZk*Z%c%iL9qdh*S!&qOf$nJ*G{Xj@6O z`tI$4N(@D$;kvZ^WNDWWdTlFUFm&=FI?cr*WhM}6#J5ZSRO4G~Jab}ok=xVbR3CqY z@%FHa+&>O{sAf{FF5!kHvN~-Mi3XhR@}`tg$a0%fD#pmQNcw@9hHri_oLqTV9E=(C zDY@O2iVgclr*#ZE@}ijGj}C;6Z#0Y*7fd@&p1dpaG00;!J`2ztFOrWQw#r)0s;N50 z|4d3{sbjNn4y%ZcXXK8xoTN{re4Sm3?=;e$v!;gOpA?zi%)!k(NMXPQrW!fwc*1;- zFPYsu+SM?g_O%3?p&5|<(y9JTp9Z42jKo$z%;ZShBpY470P%E^RUpDoD~a7ajdTR^ z`nps!5PiKOQ7Zl+TZivJ<|$JmDr*pkkLiv^@; z6Ixm2xsfi(JxIF^AK!n&Qf3UGT&Z}^F&=JaYIBI@wNlRKArl&CI{wM@v!3s6js6}> zK;&MK{~<-X1d;T)h+7^ysQp0Y7dywg+=7E?P}&!_wg^gA2c|CuY9|N$`0?&0*Z6rM zIu$x;x!sEm8J+Lq?NnMzdyS9rkp)`Gyl%xAEp_N=p&m-BLi~P{LCYbO>F-@|ZW|wY zrIOBf$8gUSmQTA36N@AsMt8E{PM2xa`IoU=nbk6-+CPHn}djpDK=|BA96pcK* z?B#FmkfjLd66&tCPSZ#iC+My9Kv|7CgDN)m@ekSte~7_@_%&IDuAIMI?x6C$Z=ZQn z&}xvS6KGb1sb(n(vl%sgA24s;SRD|a)bCJd{GwKtc zKh9gL>zM^EdmI3b?_H%TVd+LOf4RcrtkjrmIgLc#dLHr^PNDPo+l5$5DGZ9&p9RG3-rkIiEKOpF*Bk`u~>X&Z$noHZRB@q|UQkeO}4W zCf>FBqM@WjHxOQOl~<6-z+-lpC%GlDa+eud$^|enjC$%X^9Jpds+_LsYS=Jre#+dQ zO{U9FC~GOgKZsL>;KV&gVf<+M&^IdxHH3#`4(&Tx7IW%C5W_;_$;XdmK0$Cz;Z0OX z4?|PygHUe%2ur*aA1|}koG|V^O+U23O_89onKly@HdUVmngKNLv1-s2vacB;S_iO;P%Y zaICiUHfWOOUxX8mz!mB4EB|yJ%e#0*h^u7Opb`hg;0^ftpJ+6Agfc=%>8M3{-5^+f z_dQR~RgCyGEtd+8F?o7bmW7VoA!H|9A^Rm|x%k0eb)*g?$+|%4@=D-k{qBTrj_l$q)kfouET%GgfNO>tK&kzGwF$7f%F%J}qRHcQO24y&UXi-e?-?zreU3 z9cqE4CoG)ymK)u*$^T7P(i8zwFn&zE%lFRq=5Nv6KDkiCud^DqozM4RTOZ+N7yv>- zc`|(P=FT;RJ*apEm@)>>-B8{;>qi*6>Ww7}5VrqMOC#jIKgsH33E=`TmpgDOkQlrQ z4+)6@xp$M6xT7JkoF>p6ES*f+BmiPcoKFHY0m~ph3B5AH1yrGNKtzQAg2Ka+wAtahU;t>{*&uPGmKNW{;;t#2Jab?ru( zFZYRp{r0O%pN3S5*)VIz_4&uKoY5ze#cEgyNv2cb7u$WELw)VzHL}f{QGQfClsA)(PMUweoY4bkkjI|;Wt)LAy7Z%cyfF0Jd*pQZW5nzrPP z3uAAR4S8LW5m2t%kLo%}r#s+x`PyW?0l~$RkAv(4bLZI_efgWE58hj<|~%^@7!|S-u}}r zG$NBv-)m#qT8?j?*fHr-M1P^*=X@FaYjGCURc{A69ewj&Vc*O&XnO!^*tv^?Dl(TelaVi?Ed^rwIh3bvGfx=4@7woy>Zd$*3ze0_D%sB+GIxl3rX$T1A`sN1 z=3AI3(lGGJZ}dMeUrRFBY~b|XdNZNLA8*p9LH;>%0L z`Xw-i*$I4U(j<*(`{BwrBPy2xBv~8}~aQk4h4qc1fV&SbF zebiuon!IA2;B~0bTi=hFEq&EhzkkWl6eDFrgcSsj+&Z9p0kj&fqxl1d8O5U1`?*(K zZ*{*%olkUKuv(oc7pYc=RIpvZLq7#j3JkoCzC=fJ{(NyA&3|oW=fS1QCo}Y+yc-K>~tJ-?#aF}HaM*PcL>=(q9v2PNuPc-(euXWtoH@<8r7_M4JA2kj-F`k%zu2~t@vgDY!x?^wkj+Urb8$f^3<#HwS z%w_efQ##;p0Y{4CO#*XiaiFVSo*OR%W*I=}5mGDR1_r!VKEs^cfyA}v90a%}0FU&~ zr&aIQ(^ju9HVasR$Du==K;b%>z`9%*W=rhg z&VUO!kpL;w2(@5-1nC4}SG38Ho1PC*A7oGVAY1SO4h%;78zEm?Ig5IpFDD!TdTHYt z$U#S*;D68ac49Rjptwd$#&!=e9McX&Cpt0%pHx`(BaujpT>ywy($E9W?jHP(TN(~J zB_2r+MHvSM1}Ioql;)=Kdz52w4L7>Qg+7q`{A2tS4(s%>pTmC^%>RU)osksum6zBX7HIO)sPNC9n8Mkq zqK0>L2oLtRUz^u0?c9`69PgN+c8A}hlf9QUWO3zYR`09g zlF+zSy7@`oUq}+gWz<*XroMO(LT`s^u)k+`l!DGjZd|^!a~-inJVxIeuG_5*@n0;c z=skM>ekKoI-UM2Dj$r1X+%C?pSDupEI31?=;RR!k$Hf!LyDX4mso*le$R#+jSS`nx zUo4P5xd1}W10Z|&vRebNah~Qgz@iRb_wk=5*Q%GkQ+4PDT82_)^)hQ+n1>ZY8g6q3 zVE#8*AZ=6DWhZdei{ZRWfGPWPeZ2AY@%8j?t1pDSj@>$kXZwpjU?BM=lh#v_qbOt>xg)Eqol!UP?OtqtrP7tXxVnHaSP=nhfe zu^RO^E)QF3)@%$C4vDza`N?X&aLR;ZVSGJ>_iTG+i9_5Z|I+{W6e0IvTmAy?RZcHa z;*`G2XRW3RRrKB|4?#MG{^^AaDgRjdD0CM_Uk0Yx^nNp>BnjU5-6;>ZAx-p8ZtEgM z6Wf+fHe=?GP$j>d80>2EdIVx6jNre1`K~L?|w$w=%7UCrG8fFoD68ZY`vJ z>BC^mmFY}q%x`V1@I5YGV{Jm9bx8PbdY zjArn}0%xSLhJF*DMgku5SsJC7F;X&wf%IjQ=x=7T(tNkt{OK+gPbrh$OCFqa%zT96 zhr~%?)`C?5bOJHo8pFPx3dAyHE{_Y7Y1)Kg?V8>G(cN2-+u?0@t*W;`iY?6Dw}D4# z&zg$eQI(~<&fbZBX;wkIB>Y7DbD4n&buH6xS;k>`w`mJigKzQ+)8((+o;MC+irc^O zOpsl6l^Yr@x@vHUlEscc`}6&QP3xcFPa$qCSkmQr=Z$5kn?c_X9+<|XhWuffa1(IrDTl&5Wpw)Z=gqnRdkVS7K zpH<5kv5@0ZRI}Q>a-YjX_FXm20yh#}iL9aKLo!xA`p2RgXXk~iF3`7gNwKjM`*cTm z0g8JXCwS%xkV4GX8(@JZfv=qIIhw}Jvo+~ya!l4Us#>nPY`%?`UG4a|3;I$Mw?g{D zLGU~MmQ!L~buK@1j4OY(NcE|7>)hTsUehZ_uJ>i%O|+%)1SFyn(W9Cfr{gl0Njt`m zzj7mRa}KV6QF2V9IL`UU(KDHWODod~TSthx4AhIu5A1&$(Q^;x6hGBx;nr!fcj#xv z&1S=u9WVQ_=^mGV{(L9sJ+uVN3S!VTheFlSTT;rv^_$> z(&W>PI%KQp`%C!SSNpD;?9=Te-q*A_{+BkW(1i0=$k#6=-8qZhbjxcB#Cz(}#7Cbf zuCoi$doHTDb}Td6giF%z=&*#ONg;|BGM(mzd~G1vGe6&0B7?ux@jx3Soz!1P} z?MEoOC&nn}{0IyMDFQMcJJyRezBJcpuE(4s5X&9xr|CJd1-eygflPHL6Ba&vQRTQf zq;+WqjyTq+#VZ}`JN}mv{Ul>RGL`{25Mfb~$#V0@E}W0rDj(Sk;Xh*8cmHhXnQK+^ zC_>{D&srahGLFcBy)wNRk{PwB!Xor5^MKx0?VbvENGLP>kr!GredUbmM1q!CkrQ zJnY&Vy3f}n^txmcHY0SA<1=}GKP{tMh{>&{kD6t*nxS4$f+o_8_tn6;e7J8t$-szHyX~&%Z>inQp}&m!;=4$m4f@gmyR`v2yvUQr{iuhzZ`5YO!)K={cPJ0x(~9yImW9hu-=(HTgNBHf&DpPW9dGNJh^McA z#d_JiLe2hkx8Kla&ExkS-FGS%7EPQFrQVRLx-MnAd@zQXkTYeYEEefhKm+|g5EX$w zQsV4`gak|p){GV$zNCq0(61HRrX!|HvNfLMh9zR0Wgv(&--?LfHfM#b(8;@7&GvrH z=A9&uMHoKEQDqjH9zVqu@6^M^SVio2MY-NANJN~LK@?*?t-_1E19rn#`S%VSF=>LoLFe&S(bR(+yeamh`crLb=N z+sYl8OIzuotE4pOqM&PYrC%>z;$_om<$zQ9-aBUY#$t!lU7Rfz%nEUGjoz}^HD0@A z#$aYLuQH31OK+65>qptAz>n!;B=I8N?=Cw3DTA0hkc3Z6utNzj$m*yu?Z=-J6KTPa z@zBDz;U1UHh5LT3ec(tKn*Gl29a9U-zN>%2Gr_L$dh!H+S?4^9HfB*L_4i){cOQe#v)_3#qTpqdvB?u9-3%FpW1b}u9*q0fTk zx~t)GZzl%OynpAX6kpR*5)xxS=OZ7k3S51T2KA!RdUyy*|B%Su@UI^xFA(FZ^1vbJ zcTy=f_7d$|KlkMCHNJ>Ft|I^_>&kU1wp;QGkx{nRdER&qU;sm^iHS8FcWx z=d*drhZci~055O!O%CU&)#uwc@o%0Z?Ml3o(dca7kDe(DJow};UA9R0s^0}KCi=sq z*Fm`uL#ft66MyVqPBG)lYS16RYtXBm;2fcnq-`cO;HgS+CgSa+-(NxQNk3?9RQe8D zwB9^c@0m>bN;w|W8Wb&F+VGvlq>=rF-v&Bmd?i3SQmRR{j2R9Gq`qg@p)SM~JGi}} zRYl-)7&~0yKse;j*mXXF>xBNDV$<+$a8Sx6}g~G!FCNi^(?P!#V zoPw-Nv1b)D{TO-)8-c_nXw5>in8yU_Y1u@laT@r>oxa$_S#~n+kEy91g@p|%*3o)A zjq}2Cqxn=HI2E^-Uy=>6QCaUb``K8o;GftuIjENLwy(X+^ey5{@Xy*EK?f}o0NSH?UP?9&(4=yF!sd h>;SF*fAVqm^f7YKqr>$eA%B5?(&Deg@qBKZLN~eG{(%m3Ai9P1M z*0a`gZ0EhdykFj9@8xlzILCF3d0ivV^LPHw@mfRe2@d8xOe7>E97Tmknn*}!97ssW z0qA$YClO1}u)u%RZRF%M6y@aTG+Z1lZR{+NkXYl~V5hBBbTOR zR8-sn9wpoygTmB8o$n1g2|LV0Bb9-|3(}~OIr$v)8%)Pw`YOg0;uFX%pkENbMsC2I5{J!1lO(k`co$m{+ zr;C&(H800p+Hk(|&wM2FsWq7X+06IpH^W8m^qY}92?#o2oX~(cuk5W?h`r-GYHVDd zsSna|_g=PrAb;15)m50oA891qk}+NEa0T-)w1?r#J~?_`@x>y+X)(?#x@66@)tt11 zI?VDfDYCB*secZHN{1V|lZ%%ZO$Z445BroA)zn*j9c;Zp*B(&UD|vY(oQd2GTKI*9 zj-sWiD$)b+J310_xD65n{DusE?tvd9B-HpYq`Tl>Lh$n_2jyR-XdF4H|N0#{0Dhs2 zmYkv@_*cu!#lphD)!Na`4Ej+CR5fAqOvg<}RYlay(Vol1+|ks6%gf#gehZSgmnitv z-onj<&dc7;!Bx~t;{M-Ph=SkYA9LTQ`}-0%TZ#KRsv2~1jxH8-f?PaYJohCr>FDUh zUCb>-H6O|U=k4Hs68Ej$+?+(Yxjj8Sxjgx~99^uqc|}A-xOw=v`S>`&6`Zc#4sIr1 zoDQxG|53@m>Um`0YUX0&t^Zc^zu)@Y)xt&2(H?xKo8*6Y&41qf?}h()qc}JG)&H$2{-d4${uDH{B&Im` ze|4H9re^Pv4ib_ylHwzoXI{uVb9YlHJEmF=oslWcRQAc!fB6c1JHySt8;*-X9~;Y! z0shdhFhG&$W0Br_j{5F@6B@M-vFFJr*S4E&g5k}x`c}BH%w_tGY)TEeCOLeyIIU^= zvDdKQ?~(RHBls~g8nK4-pMQNqfet>`xcen12nCZB!C#M%QIl?-Ai7gS8v2=l$5{7a zc-tF9cY@E5m2dG77fJs_Cod~XlQVgY@ToLfg7R+fA}-2Nh2*Pc-aEHZYIM2>QdJ$&x7_@sl*~ zj+O7rcdwjfFKryLzNi$pLsBPps3wL$wmQF)|nT_Rc`vLTu<uIQv#Sib|wn>Zj|hGyCt`ys6MknLme;MovBiUFD_!$I*!Ho!}GDS~0imvBWd-e&6SGaSDC(;3I+vSC@Q(80{+x2`eNVuIqJ zx6rg@coK+*S+f230@O4rjhX{YetEBF+T5f&)U#Qt?13KOB~O(?-S#=`AZxE%&!W6J zN^X8-=sEY$ZU2|VV09l?!z)$6DaH)HqaKq~izJMO-D>?5`|7D9ZGyn{$`D*pR)-Mm zp+4?raZ5YGC<9|CnyHX0ii_JEjijH~#?LR>8*>ew*yHZI(+}M?N0=hN@x-kTRxzPrOCPhfxvsgM(sNlHbVj>bXROrr%flXdw+h1Rb zNu~O306_Hv*-_3cKRLt?sX-zZE&P-|G^>(e{xH9Cj zpMMCOy`gzgkUn(~A;5fUsV?m7eQvGp9o8T&EIt zGR_Dum%ask)0uPh`Af;YJ+S1H_vdYk7|!rA+E!{L*?u-+E44eGwk?gGJKkhg6Ua0c zNPRaJX)k`%&F~|xUpYVdo(#7IZ15w35k7o_Lg`Rza=!8LEece@M{=FaRF4rUeoW!R z%fh^=ASS~=43EPgN|YqXMMNy2xbIr3RU59@4nC?Tq)?Nd;q8uOa3qAaXE=9B+$ju+ zX0C{>D4jzY#Xp?NMWJ7wG35z9hrSLi^5c3FvaLZCo~VA+dKaOGG)%3{U9^GXWs`nSVNtKu}Juy^x!hhC5k!+p)>9^9uM-;^+}FC&n%gP{H_SS zrqk&4*z8m-Be}b#8Y)fOH%gLqQV|$+rYK}vVUU{aPoJ4oE>ehEO2u;O8cOma0xB1r zGx;Mi+w2Ev=yIpzQ!<*^?@jr1tkrHfRns1{*V|Wo}j8P>311*aF992OQ%*e-r7##6pmyZhYG6HSC4cz zd;NYs*Y5DHkdgGrvd72nQyX$fXrVZMI$^pxuJ4G`Mdhl}ADr7KFmt~prC2J?s6J9i z8@)GgN4Z+DB^JpX^HaVJL<8d>QNR0{f#bK6wlAek_d*IGWqHIx+dA9>+lc({=t2b+VrQ`R$?I3=5GIi7H9OvQJ! z;h-i@Zg`6)qR{C<-oV=E41J|)=MJ}o(a zf{eQE6J@Nf5Nxf^JjNWQ*mvRdKOP6n*w@%^{$;3!z+RAsYPhuUp$(H~$K{aC1yOj$ zmy=a8N!W$&jWl1aa=R`I#Xs+9H{ohLXd_R_rSu9gxfkMmR7QzuW~DiKXIY$YkAcD; zvZU$3Fcm4j61Jn7MXpv>@&c1t)xu~bFRSD?*!%r=)>QH1oyB{W%ncNRJNzl@*GJvO zEj-rt#Zq(4ElSEe@0BYH;|n`iJkr&IB^o^m)J9}u z(qX)#DljfPO=Az{4nWH;pN3jx~4<*I9O=qtxWL0 zznyrCWs})az3Ya+&_PD)#nd5eH0@VHc?;pHL{?;_XpiN6fT5Xpx7GYLMn#;rqIAM4 zSQl-Skm z{dBEo#azh}>o~7mj-t{9m~lO5<~tE&C`HIJJvvu_L%qi&G7^w9z(&6cdtuE5KcTIb~@qWX(W70Ipd=qGBZ80UT2@V;t{(%I;m;z6tg^on* zr`4*)d}4Uv;WlGj|D0ev6 zx3{PNp%@$ZrWVE`Ul1;pn9p8-C$sQ3Y(QN6j^4PX0-M9?AKb@YOyHjumD(bl`O;86 z2)0fVbhQX!v$AUFf+tHnao_!i;;IMX$;<54 z8TbRP&Yb}J3WGZierI!@_Il}?qXl=zrQEm1UKD#ySJ}Y*Gw2BkdtSemoo)f51?t%g zi&D22>QO`l>`M}(pUbOkTU_S-&v1lho#ayZER-116%&|4mAStOPaA{Ba-&tPR191kE-LTOPoAwDJ+Bow6L3N*b^c< zJx!gx#c*0&-<|R&UdIDM?NJo`rpE4LpPtqs*}nJItKdw2iokBP_Jz{Rg}qYds$;yv zuB~tXwQTG2m(DYlFP%9S4R<);yy{>?nR|d(fl9*1En{#Ui>uaHTEI$jp?pUMVBw_gF!#&WfAS1O`Z)xyHm^WUgf z;p2vhI@k5GF-_$Tdv0J_J4@tZXS(A&QUSwV!W{;S?lFM*J3jt^9fokVgsMZl^i zO(Q!*HPM1wcb0)WOL-QD#0^zLNh}IqZ34VD1xM-kHGr9s53PLC3ao~*oaf99HA{&Z znd!tmb|!gD+FtSe3wL2Z9p?q$xUBnr`Ah#DYEgd03Ad`JB^GE-y1-U zt`T9-JR<)`wTbv6NG|1H!AC5z0^?dgt3GXS_@-%h95?dn#O zc#qVa;*9AH58p~&ZnS9SmNeg79z+^l-QSa%S*k62$!C!oF3k*6^{)u2aWN^+qjquggx)h$9vsL=_mzY2wJF?S8Y|{6fS016Es_&*3f7N$u2{cy&$cKION~I7u`j-y7~?wuhaX^_E_nVu zWQ-e+o!BKlg-yufo%I-T-Fos}chlsG9fA18y#|g^cM%H`LUSgaF4VwoW=2!ssUvYf zMe0L@zKSC^XkxWWWihJJ9o95o+xH7HE(=5-_V~cjXv%cM(i`?puJNf)-qW};3;w55 zEO!ihjG2u41q^!X87FHyNcF#)wKf@NV|E33V+a&*t(*IdkVxonST^-Ar@taI^5gYc zXmiek3B7bnwleB|mIssEUP_eaf%T+dntSj`-Lho6D`)7hZ@y&M zFY=ibB+at^dax@R#)SMZI2OXPc}I= z&z!er#*UV|-r`|#R%v*AeLO$!vt10O#e{XCNb4iBu zq~&jq#0}9fmS``{cs@22~zn4w__2r=+^(}2mxHG%ZoZILmQ%26J5eTI? zf%pX++!szQk6VY{Afk&JS}40TWsFV=!&?=7Tv$?J`LnZg;J)zvp98K>LTZ3THlJ-xFY!lwKz0AM*E8s3%BURAXHgO&Zm_N8mW|*rH8Kw8zh_zUMUm0b*P3hpp@qzNdCCpbqW6 zyI-}b#44szl~d@&H3< zaE5>Cqbg^1ef0VZgB4Xhqqw(LQ|4QJA@P%EV1ZDodx}*W|g4FA(vKVP}ZwL-Wq-Gv49d zS|jlm%bm&c@&+eC)()=(@#yrupW^RDDHoKp<2s&@nO9uubbWtKWG46$Gxp(EeGq(k ztzNwLP#?YahkNRRo{#Ct@OwG4Fxry^7BLzIbz+v$SbIKPGr^Y0v7?>#?l=as8tZy# ztFyP4xtDReDKtq5#Vq?Qs%ga0P9Fygb2lMKh1-Bwq2OJbNVxsTCwA$28zq05xxky> zpKKW8zq%+=lpLjVL%BNCE)bkJ7P6cmb;CSE4+9&GcoeS^Da*FHlpBSWiiTtjqL96t z9rQDXj)$G)8A6hajHX0jea6e7T$p=|=ym`m{NWM*x63;(5rPX1A^;|Amw0p)|J=`k z5xoV+O#W0>XPSth2s91OM2NzBln~cV3+mop7H&vJp+aQ#Oa0tbWn~;dOZb^9EUCtidh}K}@ zPZ)qQJ#OOJKm{UgB9e>G!?og#- zW=CB2|8(`A9@PJI^`Fz{|J7Mt@9}OfL)85*a;X5n6ss)nX}@H+V^jv*iBPpn(Zt3* zIO4z{V(u4^I)QC{DQyD*X_7Ty@c{4BS`vtZc;L>G0A8P~-J~|=v1+#Dw;z6RMb7VTwG2UfJvawhVw^op1Gqfk3xs6_hRS}68pks7xyDMMmCy<;F6}S zfXmG?VAh8vzR+XCXJpt&?gc1`>hkwyLV$h3gh_i?Xa|{5<72Mn&S)$Up;r|KG7hWH zSlj+9aZlQSnxbvWDw`T^dcp~aK-xYWQ)T;~>SALbwE|C%_Qgx@RrzC$nrOl4Pd@~L zYj1DPnm-aiH{Q#Ihgl>W3htD(L#!SCC*&|HA?FB!?Ua$R*HZpG~VV8disst z;KFvmP=-GQF}1dq7&hEN@ixD2i6yf{oWqEE42-!*nGT>85);$^cxJA*2YNa>p9GfY zINxLfNWmLgvtu~B0&)U+DuApyNNqeW0mY+8G77km9%slKKD6;*V(M=R$gk%Yo63NE z=B`_bCtpydC}1k;)%}xPK~);eZE~J#C4{mg4&zhDS>ydA<;znOe3SBi5-R#7Bj(QGS)6E=dvM1DWk6?caY1{O6i*AgIZCI=%wuOTWMewN0A0 z>tzzbmgc1SvS-f0&SP=?vc14jq5@-@0Pe^h04~(YwHC=$Z#@Z6-;&#!2?fembDa3a ziRQrD;Ra7f$v1yT??FKR1@=34pm2&^RLrMkhLCHW&SSC{;Y+c<%d7{z*&!M`mx5{d zZE7D#)+G(0J3eYB4ilJW=_a?ogn=(1N=cURUV3 zO(5C{-O)fP8M6f*GB!Yrnmd?kp7tooJ9xNm-d#M+3q6A9?=*!i%@vXoY|_VHUt6Zz zlh%Y%w%XMkvlVA9aMHkw(bS)n5~Cd{oI2 z7n$`t9^max4z>mQLq}}8y{b_)UXAZwVUVJYQx(BQvHeD(lG>#=PHh-00-`r=Kbgrp zT?+9zKKgo!gwjzgi&|n)yn(P{yr2Qvxw^OLwH1Lt6zB;jA!c+A3oX#ayHe*e8R60# ztzs3pqvx;dLMea64k#wCGsFnrpCC!KYyMJF|G;CESwrz4u3s(KYQ~|#-sA8*t7IS$ zHZyNp#)T$;vGn7sSTwt03yxg9ywoOq23rkQFWg~mEGD%SM zJ-(b5;|`djiHkt&661b9s7HMB7Nv_nS}L`9+0ApEf2ZDkn-mD5V#p8R5%-%SrrW_= zdX(<-vZk-&dh9g%FIt9?qJG*SfUaA*Irevb?d~cD+l$vSN5d45B64)AIjSd3p&T-N z%jYJIkAmM7;*T-f#u+n(sz?UEVR#awQu%%2`3qepOAhRz#n<749Tkgzo$YiX*yaY;Uxqz%i9{G821VpEj z;w{w#fTjX>*r&MWCWWTV6Ar-QZTaQLj&IE2@>?mI3H4J}s9uE@fX646$@YJRp^+Kz z#BBD6>sU1m9ZRCUO4kd|M!L9?p?BBeHCG>B_U|(#OYE z8AGSpORRD?-I)jDods=LySVsyXbbgR2*!&Nut`AonnE#K3y2}B$EL?5dV;EyeC7%} zO9Sm*n)C{NayBC=@tY6*f6cNRZX8$27V7tEaE>vhE-=a{o%#Z2iPu_5X!}YwYypVO z2rKm>-EoG}%KXads0RVqb{7{km*+dRz*MQEf@L;y@u|TCqx?bGKd^o*S*v?(#fyK> zyxI?lU8jut0@Pas(bzBqjDQ>IjE;)3b#bfS_p%NP(cUDTvxb^vzDcn29>yJ7@>AR^ zJcnvoLK741J9<%Gf8$jSS>JG8EFkNiFgv2*ecu#su13h3(2!hgJp-{cc;q8Pe!;g|QB^&g{nHV(1gmCIbMd;qJ zn^3+oZz)6w!@~mA$?Yy&4pN6F)+hP>XgLFM`M$|Zge%N<+U{1!889|9nl8MQu|)H=lI z;J&ny=Z&3o5}nDGrqPzA7dlZ_YEf4;CY=j5Ig0@7otFVca1bqx&Z7y>Fq$$1-E;Cl zW7JHCP*@*~WGhh*NFaIyG(UsZBnna>*u+^+OZ=yq4g0;%@lKQt zH%DV3HZ&EY7{;1jNO*W!A9yn9kyzQvr~(gZ|8$jdP%+2c!kE-UxW<^$qaLBeNAW5y z77jwn(FF+^@6VJ3-rm%;E7lm%Tphg)ykbap@6oDF&5jRNut5%v0R5*e3}lU?xv4Kl zEBO5nZiyP4WzT}PVy}=>pp(|l)b_lJ0qHzYe zRiqgcz^lgI06o6~aS&$9`$x~*QDVhkHx{;eWr+vn4->Uu{WJrh4(}@W+V-zG`;)0V zly>;Em#*WwR%o5fOt$Y>f{!H=HMc9_#woB6c|9DhnlYG1RsFvdS1Wz#{kB$`V7wek z_L4kg2m+;`eOGURx=KY| zuIoLQ|I?xWWCB&gq0r}-BCQYeWNqFuCnT)8U#3_VZ%ivy7^|qbu=nX>%p0H%o12^^ zs@Z&SwGe`LCpayU)qLzJUaZ zE#n{9m34(Gpm^p%P`&Sazc1Msux}n4igfQAjOo+asvq%#G+}biKSecyz>a9o6F7SP zEeyqj3J62Z3^%;2ZfPs7iHmY^sZUa#w@tYJfi9$XF~**^RD2Cz9}t?4GW4WScLHKb z>)kDbmw&byJlcE&5%o(xXuLi_5EFqrU!P2&X#q-JBn^5G{~W6D3#_4lR*>e@MIZzU zn9t#oD2xG!$2%^7Kit^Y5t0>YC?*!bA3SAW5GwK3AByWiGmaEzX#GP&aDXRkYbp7MUQ{9jys19X^^frY z|K=R&P`JK_eDWuv@Hr^n1gJ~7#zhTr2Y)I9Plk!wfGDE{JS?jr=)wO}i-RXKG1e~q z`$_)zD-Sd&$6T)n!micGX#-Ejj=i(>55;cKlDwhmYS+OOUbB1>(lo(Q6*UAB3V7#` zVu9=pn|uo_)pVPDU4i$8K>o~p9BBFDrk(=vdt2kvDWnD<6(;4Za^UIYORrYhjJCy^ zFkBBI0@DEA?6Q_U+kY&Z%w=eb^O@dys*pZN*mZsf6Q#Tkh#JBjo390b?@Uz&>%06! zJO+j{TFwub+o@dp2}C{j3`lg7c8`XsgOjuh)a(a)hyI}v+EBi4S~{zlCHRgxAou+x zYpvOhhw##k7I5Wfwigpz$bGneesljcp+j51`@YbsswQ#ZLWHn$q{9h6CDqP>t2{n^ z+!#c#A;SkidUP=Ktajm!25s*s0iMhvx?#fP}m-_=FZ& z&)|nALcOr=jG{1E`u-X^0aBM<4Q56w*X+l+Y$NKTJWRLApjG%R2ho{!;Et260f;bM zs8x{B1E+FU+5V)c-XNld4G4<`ob$B-a+IC^)_5MQaqvV$YEoVEIP!B!F%P?QP=pF? zv!mCk1-VyYC5E?sscTFr3N5iMCZ#XGq0ID+Gc{ys&TG|hH=W;~1-|+sc=njcT>!0| zjo^@F_?zz;Kz7`(oR>R80TmJK=k21(D-j)hg6{@w=kg|a)c71Apf|FAd|7T*X7ji0bfW`WyKR$`7gvLiaFtUtH=J%q=>md*sf_ z`gY9o2X-lQetmWY8!)!KNz&H>%9 ze9U!yc*+=f&X{#m)dBsDO3mp@%{8{FJ=koD7crS8>$I9`m4yLPJ$!UPN{Jci zI$WDkliK_XF10BF4u0`;_Lci(0}8cjP&!iRO&GAIGrhE+l$w;-n3y<+AYI(s1)Iuzf7YoheG^Wn zxyXAj0U!3;n87zUG=0rv>W{%uQqlY1FgI!S4GCZ2c?Nc=EX%KsB(uvK*gh?%NclA& z%uT#$mcqauW6-DgePeWkd2#~wq7>RiGCQXT^*E?FFhp6akepvmZH)*n}z{f;Pk1>+$UX>LZ_yOQ0D&|QK?ivT`k^fbF4PO^jb zSPvU7`m6#Ac+EvlUt1L7LGdbdK~}?X6;dF-xl3tT8)o?zL6(OZ=8XV|9(H2bkDB3l zy0Xn47>nyoGf&^)iic4ZIka21kQ%$3Ztarmm43;4Rc`(6dP4cY#$>Mc(^8Qe$Qa~SP&C0YRpTK_e?Ty#3zPjBP`t~HvzG?M2oYnh~ zE$g$*f%ZB!t$IB}^Tzh!R{ zVwtO=P^qH$PM!ro^Q1?P^b!7RO^zpFOj7TV zQSW?ry#>m-hXLyNo(r?}lP8k)0*2ip>jkRIR9UXxnCm-mrJDh*GxD_PG|SrJRkkh4 zR{u%;V`vQBunB5XhLf{qdk-^}&xB=G-b(nAedELx zh`z_t08uHtdt!EP?om(73M4Uz7U%v+Er9vUJ^0bMQ&I5n61Gm6lz_ol+?jwv<2qx# z&U=}a?`d`lD5N{w(Ufy4n@#U_?-!8gp(JngP_T4&yb6#95xms17jBgqt~a5KYzge{2V<W2M`=u;HOan?T- z4&#mvj=XRkjldcea1cgT#)R@sn@w9d1pJ6O&TPBj{1#gKUWIayM;?N*De;IWp(voq z6+KAMvni>0zkf*ZJj(=TPBRChWQPW6^siV$?KF83DV_YXHLSSW&Oqk74qg(2jr8%l@0MOrmy(KTEQWh5@t zRBmZaEv}vbVS;IO`;9{FO$UJRne9 z%CeP(gYdo{+`!4J_pTpW=k(OZg?SZaP}WvgA`|G;%&nz`-*Y?@-dw@uz(EUjcjD{r zvGnlw>r}+S!NQ?nNfr2O6CyCsSL-(WkVRN#`H5WnoF&TVjNFk8rw{VW-96mL4r?^!Og_7a=c0|*)Y+Pv0akIkMXmn85yZ^qnSMoVhP*2Ymyx!4eiqq`paajWUJ#EZcYNejAyd=x?nj*Ddg9JK2g~8kIFp`GRtk3W zJST>*AciT)3}FjLg)(ZcAe&ojJR7N6;oO&n2SNkU=xV{jCifQ<1#t{b$ODrFKNIdM zPB)dp_c340VF#D@y%*T)A&?1l9(a-{CfR$)p0LozSi=+}a$i0P{J2&01Lu?^PLEktMO!{ zw-k*NupFASbOPUFP3NCx?vqwfX)QJ;yQ)`b<4ms2@JNkn(r-kd!3KOW*DK8n2<< zIUhH)I;lD>eP)$({E2jo>+@-=U^@^Gi`u?F+;hPqlqM`?hOIW}JcSF^{B{x6nIUe~ zU9ojv2y5NOnpn_+Nqu>TRpH8v#@#gw5w41h#Shsf(ZA>0_zgMZ z_Ftxnm3A;U<3sERUs-$#JZ+@nj#&kfc+vz~VJQ}!^d_t0n&o|f+h8bF53%1rn&~;= zE3J}X#CB$gFsF8?ck)+*Jr;Ye#R5EUJFq*A|A!X=; z^b>-OVPs`o!f144rFvkcRyKnDT}bpWidNvNy@yg)DMKO8uJgC9&+5{*vGBd&S}K=r z`a>>}eGv*}9CVh*&0G#uGs=wL1m@jY!i1Te2ZN zh9BHM=rR>7D{@{u6QaJTgMEEjQbt zBtOa~?ru%hxw1NEb?L-#U zo_yy8K^o~U!klj(?U!eh89!V-VwzSQjJ63snu*k8>aF`_MHxD6mmilH0KC91=?4-@ z6xqo%$W=c$te)mDpu3$1F$EU+Q|=}4-C<-=&0zhp8zSX$FVfEB9#p7443A2fC+2;7 z1t(_)mCM~QF^154X|mgSO%Ngsh>J^yBGJjpO2S!&baH)3Re)OU6!$&u3P=TusZCZ= zqf0?1@}&2I+Npz^^7twr=2!?);7rxssmSiXW*xbPF?9IW?(O1x2HS`gdV<0Kms^<{ zXxu;)$b0n5yq)e-;%+JRf$`7<;F5sN#fs0Cyhoj3!@RnE`s#F}G=6&auNsRP=?f6KTzsbv zXci&cXvM7Sk?f2U$fJ7p7Res@wVF6f@CwZ|C8q8)_P)Hna!#zRZADkA+Ki5x&6jQe zlFhn8S^Pw7Wtx#rxux3I9bfDIwrm!ULoej=zhINiyP+-O)fS3<$nc6)8t8fMOMFji zFV>YTSxgLqrudj;Il-T`M#el4J=V#zLsXdTlIQ9I5;V%im2uZ!|mG>%20T=$1yihu)jiVLN!Zv-ovD;<)U zDkBc(M$W;0a5P_F?|dBTusH_JPD;{j3di&xBA{cPcqQukOT~l9-Rc`e(tEWFD6y&4 zgKW*}16=1a2g=qRvu&bC`o*hiW`*x7q=YppEFX{j8n$$b8NeZ)J{%*xKTbLU%V=KO|a6->zcIINa^dZAl&xg|)SII<&ILThsX3sYQd-!U<4#=m!Dkl6M z&b;y=;Apx!>Z4R;?t5n(y51D6bM+VsY*J>l_O2gm&dZX%X2E9$$MHWD_z3WRuR={3 z55&ivMkCtR#Z?kcUsdnLD|5Xb#RK9Ud5X7r2Kx!DV+Qm(snKM^r-!kIFF7&Yh(UCY zMJgKhSlesJ8od^)1p_HHu<~=P;`dBkwJd8!O_O`s&PNGc-51zNJA9jJ7_G8vtGM!7 zp(lb5xwlzZU*Ba(nYt5q;xh5-kUu4yNb_FHn8a%fO)}@xa3W@Knn?S8#>SDzaa>&L zxN0&@=TZ)`%ACz)@^9~H+BGwp)3_m#mt!H?m@{USp<9{biy$0zr5)7Fb`xg({vBLhDhiKnnO{Sr`o={+E;SA>P-IR7P4OJJ}- zcw&i)%Qvgn`~JG=tX)C$T1KjekeIs1%ovM4i=-K4QHX1^+po@guWZh|9kCM=2|rH_ zqk2l0m)+{82E5HQMd>dkcG%Z*ckaTJs8ec&1CHlH+&{C=tcks`=jEhM&uw`{Yz=)z&BhSHxDl+5-o%ZOiu>8gWAmA1#s1-32A%y{lMw%;PVC{qVjBvsB; z1XV05EX(ox5WWSGnu6#>-(Xi)C9Mfqm1mXMl&kAjqJ4o*mbdlCNy*k{)rr&H&m4_N zSf2#l4sF6}?%i=ht{_7CYmyxYBc{3|uV_Mh!rX|S+#H~f`;7OcuJIB|zV zW&}DE69Kayc1fZQ5Yn+g@xUmpKs9y$BjRH`j)l)bC1tZ!H1A{?X?L4%6=s!x{sMYQ z3}!-h*W9-k|9hMUdP|nVy9~qb`U@#_7O8a#27xrRUXgyySe6a1o(6jVta zKX^n7jx>751p1tV%j(aU^&!^r-Sln~2`{FRkIAA^`xc-fydUu}&Enj$?VZyUgIqi3 zkpJ{f;~-d^Z%N9O&jUFveS|>ntA*ODSA& zyr<0p&dy7KNx;H($=Kn^%3k0Iymok2D6?7yxmCKPzt2Z^GX3#Q(1+6cSVccP_lE1} zNnFb>>ce?)pxv6i;;w_FF>?W%JXUh@`M_FJB0J#D$M^zrZ+VIU>s*AV=4O1?6sCv4 zvpa!KEz1d{z;)UD2aJqti6CH*ohUJE2LT~*<rT|Mw})Cq9K@7GJ6M6iYtCH7Ew zdaO90my3YA;{xru=Q%hzZdt|`9K5wuw-4+Gia@x+to^~4B0|&#@Ye2hK^ML3rLRD` zWO(JED0}V&`jsR|6mw4fJ5PPv==RO_E-3tXi~WS!{aNkFxV{_+y}OKZgTv>X;1XfD zoUsT94$B?jp_B7n$3RM;8LvE$x;>U!Bx^o@tmFRkxoh9wYNAh7(#m2Up4s1&C!H=X z+S(nXKD&_^Hlt9(BgI7FNASZb1HsvJt}N;q)`s8^uEq1^w|H>mN2Gii2iE;zNfZNe zcv^KOhw+r8@8%1zoI|V0ynq0-4IJo53m4+ox}Z2xm*YpQhNtVp^ExNpMpfJKz?odB z9w!kDG2N=LE~y&=xVE|saM9I#f^!3_O!qe0+w-p3s^phGY*!%ZHwJlV_Ip2Ng;0+v z)38oatb}(bh1GYujcB1?Ok$hw4*;b2d-NOsGYRWpb zr5I4V^UA zxpwOCcfl!@!Y5-|W`Zi8wcl$`FM+&h?(y&)xp8nNsdAU#1sG@;?csQM@CYjq#HoYu zfyB~-Zl}w$=38p+3V6itydJJv1B!0G43B9WUZM!>_wXKodZZuq8Qt*NfhZs}%DY-l zY_LP%)Ietl2=blhM<1VqM7p-@o8SMdy046?YHQn;ElLVVBP}4364DLQdFT#l>274B zfJ%3lN{UEHcQ*(M(jYA@-S1qS^PT6M=Wxb&$9R8z{&0x8*Iw(MYt1$1bzhOQ4Or)` z=enSwbu&?@>&^ae`na<{2negB=t$?B%TbA)|X~a=jF?hW8Q3o-G zn1>%sf=*NMM@nLQV1^NHqvG3VnT%5FP}s?aMCNXo5`S!AXJMu33;Zrv*X%FP4>9@H zi^O#0={DqeHt-p;`l=ubDgOP9S;)T?l5(_fm|h+OZuAeHM_TW2OMZdveaAZEM^DA% zqm#8y1bRqZ=O|IX&dY#C952OgFhc}x_;BVH;)BwFMw62Z9Y7NlOBeL{aVSyjVj8~> z(WVCRVf@z1-zaCw?A4h12CV0nbmidp2v&*^WEIRRmAt{U@*~wa42K{Jk%j2R3eUNG0R zfC)Oe=7w=^;a0tsw|Shc3nDQcV(ZF@dO>RUgdF#*-_0Kh`j8Yqqeh?pia#ER%B5|A z1T``Uix%ESmX}m{dV?8m4)nW&jgK!DA3cA)uQ(qe52*0E;L=!=18-2-Fzo))E?^Ow zLQ^^IPB1YUw4akJik_t>$kYTx9M&%{&YO0C02KAg0wKN`h-_}b;?@a7B$#8;J%8p^ z>W|x_+VJjv*^jioKQhq9(*e_|7Q(imxDhNKP9`7$Lc2EW`KmA)gp0(>)F@b z?S{+K2G)n&zHHXWQ?zu>mfisAhBXOU3!n6p!5)+68aGG|<&=r%;WuxiE6W#WAl4Zj@-CrZ9i6V#4s3nvQ(cf>4 zc|NGCP@I~%0n|Nw^M|)>tbHlb(sw6Sk>5JrGy}p8G%#K3CQbg(sQ#8iED@kCI_fk& zfTO@oISEulRn{ZxwZJj+`w|jE>F)bOAQW(#y&Z?pL;d3qULUDs#*R%-SgC=7BB9$# z7~f{+1|F^Oq>F-E3Xs8ExWfltQxS~!4z%380uy!6BEIzClq_EcO|RrB)h~yLT0}u1At|bt&Qv)%6}DHLW@|C6CLmxZxEaz$CfD9a2@BCJ z%61vNjU#7L`?!RrYBqaN{c;ZT`K!bo2hkQG?kItQdiy!W5k7)3-2yhK^Z!~z^neeq z8ok7~8!{Alfns9oIM*BckS()wB@?Sm7ff(Y>b>dh2EptA>2njWrZ9ir)vbu2%OmO>iCAUntA) zsVLO6$y3-izb}t=4MrFDPdg4+-><);b(Uuh3SaESjnE49v3xqq(=F?tewy6A&*Qgi zK5kVq`g~?kHZM=KrZbd;O%)BVe-wozNAy(Y!0Kd9LWzDI?bPHC-2yy}cKaMpw`1Z{ zrR1cDSqNE)8+YP@0y9BU9$;*6uG)AnzNaOgwcg8YfY@3eu?*KA`FkzKWslQUKaD<@ z(gJ3`_e|BYH_(aLsBiaH(nT|wAndT*B1;<7o%@lpp7At*mAy28Sj<@?0Mq6v-%>oU7lO%W`_ft|H3uU?3WH)yrWfOZAwPCJsFY=6e~gw=DRoJX)0S z^ROOMF$m)M1B1#M$og6aoVb&Si-tu=maGfSdUm|7f4r^G7l zP{#HUY8ENFa^EHC`A23I@&xOmV_cSL)&j`mkz<+#_F}n8nX)dNSe?8?l2JR;sCdi= zT@U;4VG(21xZ?v$%=uk@-ErAVfCA8AeAo%Oq}&!=O-oPrNH5tdU0V=io+^moaK= zj6>Qb5xfOjzZBQ-P4%KY<$>il};Dz{BCkB7>>a-^^Zm5NA~E6zsmL?l;hwR;ji`pUW#oeTO~ zgVQiYj1xBgPwX5F z2`CH0wQ)0o_ikeHM||Lg^QWauC5cKqLF#zl>`EwWbG|pH?)JUl zg?o>^(c_o3>&3d)Nb-!rqFr!-?1-#7Ii?q-Siq(SdQej+aeK)EY#%beWuC9C^0as8 zze&^?C#Uxnh4+{0)Ki*<>9J$TCMOUy!g-*D6&ziu-Iot6`{u>IxZB^tymh}PDo6qt zk}-$2ll2$U*4aJNu}s_Ru9fc#zXZfBvW^4qjnAXa1K`P-t=AFOb+ra>9?K}!3aT$7ZTu8%$lB;taHy$l&w&7#Tio{W8I)vGZ+Po z-3?mdnr_9a4KxlIpl%13SM;c5^y4_`Cq0;X?{;*SEIrpWDj5(QruCs~ z@pXNQ=Xu8Vcbz^Vmh~GbMOA{_MS1y9kBwH#FOy_c@cb(-C^IozMP4G=^hP zHx^Nv`0qa6j+>6Lw8OCd6?sRo(Xo$X)Ozb@rOy@lZSgka*nWR1Uw|(|FS)C(*Br|z zNgH3WFY7^#{h@4nfX40TDp3gtJy8iMd3ONtlw>p(c$umj`xlIG5rt(zVr#n2N$f>T zh4blv{0I%Er4Dd3n`mGg0YC(AjIb;$E*1vR9y+a29l4BgSX^7nW!pg`gaQ1CaVeF; z+S0J~8Tg)<ftq?5Vha9OtTd3n(FE0=$5ce?{U2QuB-B&<%qZ z{1nfx(bPip=M%`6wxMHM;9C7h#!pa8^(o3?(Z7z(pQH5k69Ax31P(TdKBr7~!@g&4G0v0|t7eQN_7)YCQ$6+h z$J1sQhlW*9dpxE%L8IB#k4;^7Ja%_3Dk!l3myg>ERMli~!O!^aj{x4%e|^-f>PBMh zJT2h&PW0JEY+!nuxw}Sf;pNIg&y&aZsei)cov3A!T-)mh!>1@4gQNmB6B@Vj#UW^# z1ZC}CbSq6DHwWdvzW9$HGoC?1)t6ax|JtE?XxKP(dGq>zQsRK=eaL>GevPsVXvzYX zHu2l#Qm{Q;x9-L1W=KYJq;mR5xSJnces-gsbqqbc*)hW?MJ>86^6C{$+)D}>tKh6$ zf%5WvsW;j(A7m_D>|DOIkBl7TrVh5(f66M?zW?fhe=BnwB4zQDi^J2ChWSb3CEG+V z^UdBvpEQ%DG@jkGL+}2{!~WycnbS14mJX+7j;gdr^cjr=;EwVA(n|Bs%Mhl58{H&8 zd(LAoSH^X%594WHyS()#~q+FVuzbkEo?oE!<58}3nN2iH)tnPzUzR)R^I~d zpoK>QTfp258DiZZ?SwxkaRmT;(M~&YP$IkeZJ7IKB`7G!{_Ag&0U+kYz@edXyY&Kt zjGx=y=mN5ag%lFa(2g)$E)m1Q&wu2VjZo*z@WgMn?9sX0z@#;GKlY&N` zUR+;J@N$X3<1J6p4TgaCY}2hF*dXl)_8Cx=g8+pZcN%gEwFlM_FJE8^Ru=VM9f{@^ zH><8`tQs$)p;niV%LH_Eo?8!q)mQz=w@-m-0$%OUP-?$DrNrtHVz$)-oeHC2d9FK1 zB=(I2t}dV>5nu|w%~R9n^S9>m30oaaiCHJGJHc!KpGNH=13aCpv?xDwBcmmhv1F5C zYzs!U&a^WKRDY3S+!1yMa-20%D>3w_vl=bj;X8pi2{%*q?v}~K87)I-aLE;Y4(l2l@J}BrWv~a}noA;P${GB?_eN>1F4ZY51 zpD}5K9!K#4{EQnH5G^h}+#wT}!}`OzqV{`Mt&fby3~AC+fVs+`k*~`o1GOKl4~+$J zGlab#8R$&h`HO#$nk3naycEm<;Yk59P)rqzVWZy__MGPnVb9aOUW$AhWtF6C%E0b5 z`8(zic}dEgFM1ahalm>K#9gnCrF)e042gl2Is!+XjXp0tB+0p1nvbV=`AL~#y5JnR zzeC1Y^7PusR)g)TSF^v9m0;$10c(t6MZx71r)JE)SVVt&M@7UM%_#j0ynsT5%Cwd#) z7mv=CxEfG^nXKI80F*QoaU5Nc8-8HVb`I1IknImw+DZ;OxkC0Ocyd|`D9Rg}Q5jkp zsV~}ryKIK%treuz_*EQ;Y5ILM;!Y({H?-E%%{ZQz!R)*>76fLF+PQvI7f3!AGiW)@ z0Xb@=7>B?&2WnEZJ<}c}cWIUj z;mO71wZPKGxG}2t-bwe;_ztk!2m}ZKOaJ026tGk-)F*ZTwv~aPCVXbYScdQIO!dfQ z@kY$ujeZ&=Mu(u^Q%C`Bin@!`xWQr=Jk*{=LflsYMo_lWkBDX-r=`|jw}W5`D%x%^ z>UIV3f+?cu{hsJP)XA?-czBjI4STjFVRsM>iy@&<3uxBhDZW2Wb^z#dAmqGqn@Pn7 zh;5*j6Zuo6m~)eHtUyI&!l9$ao0y3H9VV8n%i}MV8Oax2YdglSJUjdinTbm)8{%fa$yuwp|kkh8_o#?JiZz z&#FO#e3reGi(Rm-MF(OfJ<4Q`8bJg_SoyJ`scY)qnU%q*_AKlQe}4D-Lhduw;8BU` z#=6EN&Jt-gP^h7LwGmLjLRR1GLTwiArsZHN+VO&czPsAWN7y|m+dxn8HR_ulSaSW; z^((MtE7x&^#bqU>`@Zp1jtI~6G086Sfw`J^U2HwS?6J*XaPlwc6_b!qc=o(Hq7({e zdlxRqdyuIryu^brs_azf;PC1O6>UKt#)+Z->s~8~a%$R1+>@V>b12-pSJj@{E6r!F zHNDqep@c`vbWEfES1cj5NrQ?}C&j+XN-4^Nh^nsF>`p#WDB=>B0U3)$MlGo71?fu$ z!3>YjI%eKDi}qhQz9`3S%=*~tmJ%2f<mhH|cgf^dW}?&=~+w=wQ71PdMBP0T;3BqkG|KB6&rR)}sL) zd9`4CrZ`*5UO5h-(7GaKVE~0bV(W_4Rd}p220;7a;iJy@G;6=oFTsiAx#5qpbtAL& zL4*I{V9E`r=XWQqY%KHBpFZRq3y-0R*Dd)?-E_Pkv;xU*n(4-L;g|STCc?PnEeh=& z69B-n;vEvHpl#G2~q&4hzptvD> zU|LNl?y1O`OvkhfHo?4~Zurm=*d=t|#{)i7Z8@SvY&t84E9A`&T^6JR#wOKBCAxlUJ{Usz;kf)(wo{--n|(sJbOlbU39Y?9CMcaSLv}4*PcBm^ zCq>-o1j%bMdX+{}0GpOd-OKDfR4=eEQIxPO$MWkf&-(7m>831yTebZ0=L;ZHBz+_S zv`DtBSTf}ng1dsItLAG9JaDb0?0Htxwd}mokv&O_JJ8uH-AnbR?W+$$HxZr>VK})uId$+(uoL1{X`@63_=;+Qq zQqFealJ?_^3ojGouKLjg z1^Ll%8PC3q{IP8nRm(9cwPoP@vQG7*N>e=-pHjX(;gmglr$jHb=Kd1$B9=GK9u5anHUakbdOs{ z=S%mwho#H1dKHDDXUGU#ERYa{vr8=sS?=6^?v`Lzs+lRswp}`w(Kfr2c zL3gv{yQihry?gyBEn^u}6SUi1-ktJ#jPJ;@j||hV)>jBaoz?Ii3f_yZ%%-oPQy!S6Yv+DD{qLsw*zv- zW>=I2hvoHSIuk@}UAX{jVFkG=2RVA{psKHsKN|tZD8^Fk8CWo5mm;Z<+W1g&%Xn4N z$=5?n7yB0!{z-ZEhdXC1JA2w*{Em*jMGmMNgg~nNfwScfMZzvS9_*&&bah#;B*4%n zVPb*kDCqJ_VH0D`EbDPG#~bFqCJY6oPV(0$qqEpnj`dUOUd5K|siaP>hwz2v1an$? z$dV-{M<>6Hd>D}pv)uGSzjFz7?(JIRMize%a*6SQy$kW3JIgL?GNl2*b~o9a9L)@N zp)Jhd7uY~8F9Tz7r>IeoQ4jvP+vMhlfME&DI}PV%yDDrh&J$BOAC-ewpm+P|_Z1 zd;;39?2T2s)~@I4PSf#QIm&vgkp;3pX+DG}*F|JDZ}Vrj%r@U~(sK0o1g&y>w*F)* zq;oPAqX?$Nz+4>Xg~IAAnfj@*eZV9T3V{5Fb%AIZAlFO2ryv@U#O_V|S>q(`D@Iw{ zd&R)?gfq#DTSw7z`fK?R?`ot=vNrkUZ|@}9ssuX1$w7Em3pxH0io6T1mz;~E#x8(> z1TUtV-cbI4C^OL$jOytj z-A={TnR(eCSBvrq0M`K!a6Pgt0f1{8qvsZwyV}3b_-2k3w3+lNegwKgO}7kX*g)NZ zFJa}nxe9IFb~}>Mr$?W#M%FLK+P0K!l17Ts!2FU#urg$yRkD-Sy)?saU}fJH%g~s@ z5}$-*UC%k24DoIh9yEs5uDnSmJ{cLBdYf*VK;mQV%FRynVz1$tc>BGl&JczIVb@za zHOc%BG~s0d)@0+-sbkHdB$Ze(25EXZb!qdGHI^=`n}ISy)&spRSmjvPJgLA zVG#Q+o$f*7oyH>_W$XHxGQqK6+7x@yxooRFfLpJQ_UyX>+?pi(?BlE*Y;0?c=T(;@ zjbwRuByJYei!=?c@}_AGD`F_0D?k?z5C)zcxSIGJ~o0sp}BOhi9kc^;{us za)Z%#frhc#u4?b!;Erha7_Em0{qPbL@5N~a*)?{A1@<;8e_v$&1tFq_3vg*s?rr`y=7m%0Gj8-7 z$d3TP<0)<9`9CmEIE&{Rg3&^IPk@Z6c9a&6*cyl)A3e|69CV$ys~ z0}3?pKPkEpT;c=u9k%ATrmrO~E2)7}eE4bqo$#;s@SkQwKXpKveaN5x3wJsn86rueD&1+_iwp&03zG>Ih*pjb~y57z;OJ3HPn}nwjrlo5Peye z+W~mRO3qbi6U^IPwCOQ>w$dLz)t@|r@`;+kwo}`AA0*@CuKemR+XhT4==Ka6(EggH9KIEULeq=>7hfGbk0YKF; za0vc(^w}`LH?E9mAZ9irIBFW1X4#sNAfp;x!Ng1z{TV z#^S_k;>28rTH;78*?)iXq$x}%v8dNi`@yMpyIjZh0FXqeNDq_> z1=717K*CQ5)D3I;3?+5nZbUW&<`LU~9~=ZFBdr6*T`|l*9$4@^U72Zk9?U@fssT#x z^89624Y0l+TRp(mnf!$a$pri+Qu_@v-zn{*#Cm^0e_eaa3 zVJIjP6`yEnx4fB749i7SW*{x2&gd%^ z)C{^pV3V5teOOV56mr)fG}JLmG`*rID>_2VNn!h0i2vdBL}D25z)8SOS%1WF7>&>eqGmzobi%x?~5_tmWUW+)^I!qv_ClJGh$hD{vhO|8%XeO#sIXhdR30(U zdJ*T%8H7%R{Qxk0g*q(V-Lt|Cvcgry>j61(?hkP4kC|7=6oxok4!mZz0TCaUjge?b z$}ozu2XQH(B|L<~9|mfQ0njmRLXKyulhF`Jh~WjrxuH*{fY!#&%X5Iah7xH)4n?}* z8K(7E)DYa*a#xb%F87z5>8o@*AXi{b7*!>{vdXyak9Q0df}dK&kw~4D(4Sy)n}+eh z@<8C7qmd>xkuhR%{a)6iHtUD5QYeoOT@H%OVb$#Nj@Hn15J%UH%zF&{uIxdhpe=LH zM3D(ZvmN(wojTpCm*K=uL-Z~+1%q$<#oK@EFlPSvW5x8nqfu3Wo7=!H^XstA`Z4Ao zJd}@MFhCx`F`4u^oSK&f0qaJyPL0JxtWTfJI@N;2rN^GcBK_7=wVL@CU}Nx7$T`r^ zG^>A|&gShvUZ7kLZkZfW$!#Vfp{LW%%T8$jWl5~|2x>05H_I1AiHhA`(wZ0@AhgWogI@77jCp5Fli=+JxA3ZYR4^O#Ai`lt2m_c zA?pY;mXa2c4Ra76U}s!AUa0{(_y4RH23HZe6Bjo-(LZEGm`bs*#;%7_BmZIqhEE_e ze0?4a<;%z#_hmhvQ{T;5q zoQa2W!iNYsWf;1NCwA=ubvk8J?J^|wT-z}a)KqiNyro!qj3H728FCl)@dqEzQWF*S zZ5W_&e#=%mP{tfLK*ES`1?BSH!X9=#O3e7p$wo>m zYSrgha;fz_25J)x8#RhMlqTrV$wa&) zMAl@fJ^QMn$n;e>j>gH@46W&Di8h1UFOi;p{DRg{VSJI+m^v9HZsJxmQdr1wBUO6x z8J5pTAHM(IF}lLffr0QupYQ>^TzvS_N&hoTbIGz6$~n@^bU*pi?bBbj|WKJR$ z-F}R2q?qVB$^G!oYif6Cd&l6wW7IKD5jxaF)82S3>&izH(p!(L3tDktnK`Mh+T1{l z)WEVu!*%P&Z4ulMXw#UGsP;A=Lo3BUX0=$1Q@cGhg5v;aq41wANXP?IHs-Tl9RD`& zgDy_lfO+8Woy>s#k!Clpc?)G1?-$XBSWzW3G20?B%C&@h7%I|Xi>R};l;Fj=4f_4dwa^hRc3Ow1gB zq8uRVFZ#MYRTOxQ3EV#F6s4MABi}ZPM&$fO#CIk)YYzPASdX~DOFzLTXB*FpIu_HsXUW z#4IesSrB%WT{*D_?AY*vFmXCttpHaZ9nkc3tPep(RA|;H$sGVB>;R z8TJq%yx6#-os$Igk`0ib;ZJ{sD=KH3BH5N$C;xEj9rO~siI|M?AiKuXoT~(+U9{D- z;Gk30#4}0@667riO<3}%kU&lTov_`rO>6LVJM7W=p8_NgQZr1ewb0;t{(G?`qAC7y zx-WABjYhJ<*w1CFR~0@ZG7LMs@4L+)#OJ7Y?`k`m9Y#VWcym>g%Xfb_eMqlO$BPlgIa)xMzUcTEKmU+uH(wd~iDS@-H|2X3 zo2J5b?>G`2=G=v#v*p8g?|dI74DQ>~wdkL5woEYphgw5LGaUPGgSUEOoNbIxJFMMqYD`OLr6w+2m($@CBK2klvZN zE+;QT7zvF#$Q0>C4bR^;8h@@?SNLJm&N;gz3_92Q&-OuE^<%MhjBA}p2R#sLR~43d z)XP=>j!R_p!pu_~BoeI((tcLn?a2%x(-yc>0ug_N(Qbi{pk?Y_D@z7k?(J;8&+e*I zwAY{S!(cxr&A5OsGJl)E|NL^$vjzd`nHHpfo6r8lca-qKUe?s84EtXW4#j~vKGX)l z;a}eNf4=u)Aa<7);m2!uRuDST4Z&R`Z$|!w`(+A=>hUEQuHD}Y!yN(A#u)V0<+?8h zRnr3Ou>Zql!!dw^@aj+& zk=a9^DKUp!IQgyPo2(r|J0wQX@cV(k93?7iW#QA8GCVfg3p z|K(4EzOds25*_;Tf^+Rb=RUlyBI|1D`fHycKNyHih^%=z%20lKEw<(dlSexvpYy1D U-`${IcLV&A7FT#uC~D~cKMso+zyJUM literal 0 HcmV?d00001 -- GitLab